Research On Security Architecture For E-Government

E-Government is an information service and information process system, which based on network and accord with Internet technology standard and face government, enterprise and public. Information security is the key problem in E-Government. Information security of E-Government is complex system engineering, which require using the concept, theory and method of system engineering to research, design and implement the system security of E-Government. The design of security architecture is the key step. The theory of security architecture is to solve the security problem of information system from the whole, it describes the relation of security element to meet the security requirement, but at present the concept, type and construct of the security architecture on E-Government do not been attached importance to, it went against assuring the security of E-Government.This paper construct the E-Government security-engineering management model based on process via adding the security-process and security-parts to E-Government information system engineering, this model comprise four security- process: design, do, check and maintain, include 11 process area and 61 basic practice of SSE-CMM. The realization of the model also accord with Deming cycle. Then E-Government security engineering will be translated to a well-defined mature and measurable work, and meets the information security object via the sustained improvement.The design of security architecture is the key step of E-Government security engineering. It is a detailed explication of the security requirement analysis, and guideline of security-engineering implement. But whether SSE-CMM or Information security engineering-life cycle model only offer the rule to construct a security architecture, but do not offer the refer model and operable measure to design security architecture. So this paper further studies the security architecture. Based on the quality of time and space in information system, three-dimension and multi-view security architecture for E-Government is proposed making use of the study technique of software architecture in software engineering. The definition of security view and security dimension is proposed. The integrity, repulsion and measurability of the model are discussed. The Security authentication protocol among different security element is designed and analyzed.This model comprises 3 dimensions: time, space and security. Space dimension include security-domain view, protocol-layer view and system-resources view, time dimension includes security-cycle view, system lifecycle view and information lifecycle, security dimensionincludes security service view, security technology view and security manage view. This three-dimension and multi-view security architecture expresses the abstract of system from different hierarchy or point of view, offers a method to analyze security model and integrate security system.Finally particular security architecture for E-Government is designed and analyzed by using the theory of security architecture model Based on Space-time and OOA&OOD.