Security Quantification of Container-Technology-Driven E-Government Systems

• Published in: Electronics (Basel) Vol. 12; no. 5; p. 1238
• Main Authors: Mondal, Subrota Kumar, Tan, Tian, Khanam, Sadia, Kumar, Keshav, Kabir, Hussain Mohammed Dipu, Ni, Kan
• Format: Journal Article
• Language: English
• Published: Basel MDPI AG 01.03.2023
• Subjects: Analysis; Containers; Data security; Defense; Electronic government; Government information technology services; Normal distribution; Overhauling; Privacy; Probabilistic analysis; Risk assessment; Security; Smart cities; Statistical analysis; Success; Technology; Threats; Web portals; China; United Kingdom > UK
• ISSN: 2079-9292; 2079-9292
• DOI: 10.3390/electronics12051238

With the rapidly increasing demands of e-government systems in smart cities, a myriad of challenges and issues are required to be addressed. Among them, security is one of the prime concerns. To this end, we analyze different e-government systems and find that an e-government system built with container-based technology is endowed with many features. In addition, overhauling the architecture of container-technology-driven e-government systems, we observe that securing an e-government system demands quantifying security issues (vulnerabilities, threats, attacks, and risks) and the related countermeasures. Notably, we find that the Attack Tree and Attack–Defense Tree methods are state-of-the-art approaches in these aspects. Consequently, in this paper, we work on quantifying the security attributes, measures, and metrics of an e-government system using Attack Trees and Attack–Defense Trees—in this context, we build a working prototype of an e-government system aligned with the United Kingdom (UK) government portal, which is in line with our research scope. In particular, we propose a novel measure to quantify the probability of attack success using a risk matrix and normal distribution. The probabilistic analysis distinguishes the attack and defense levels more intuitively in e-government systems. Moreover, it infers the importance of enhancing security in e-government systems. In particular, the analysis shows that an e-government system is fairly unsafe with a 99% probability of being subject to attacks, and even with a defense mechanism, the probability of attack lies around 97%, which directs us to pay close attention to e-government security. In sum, our implications can serve as a benchmark for evaluation for governments to determine the next steps in consolidating e-government system security.