Skip to main content
SpringerLink
Log in

Privacy Requirements Engineering for Trustworthy e-Government Services

  • Conference paper
Trust and Trustworthy Computing (Trust 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6101))

Included in the following conference series:

Abstract

Several research studies have applied information systems acceptance theories in order to examine issues related to the acceptance of e-services by users. Their application in the e-government systems has revealed that trust is a prerequisite for their usage. Moreover, it has been proved that privacy concerns are a main antecedent of trust in e-government systems intention of use. Therefore, information systems that are not privacy aware are not trusted and thus not accepted by users. Currently there are many different attacks that can be realized by malicious users for compromising the confidentiality of private data and thus putting at stake the trustworthiness of the systems. The conventional way for preventing such attacks is mainly the employment of Privacy Enhancing Technologies (PETs). However, PETs are employed as ad hoc technical solutions that are independent from the organizational context in which the system will operate. We argue that we need privacy requirements engineering methods for capturing the context dependent privacy requirements and for selecting the appropriate technical, organizational and procedural countermeasures which will help building privacy aware systems that can offer electronic services which users can trust.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Halchin, L.E.: Electronic government: Government capability and terrorist resource. Government Information Quarterly 21, 406–419 (2004)

    Article  Google Scholar 

  2. Devadoss, P.R., Pan, S.L., Huang, J.C.: Structurational analysis of e-government initiatives: a case study of SCO. Decision Support Systems 34(3), 253–269 (2003)

    Article  Google Scholar 

  3. ASPA: United Nations & American Society for Public Administration (ASPA). Benchmarking e-government: A global perspective. U.N. Publications, New York (2002)

    Google Scholar 

  4. Means, G., Schneider, D.: Meta-capitalism: The e-business revolution and the design of 21st century companies and markets. John Wiley & Sons Inc., New York (2000)

    Google Scholar 

  5. Holden, S.H., Norris, D.F., Fletcher, P.D.: Electronic Government at the Local Level: Progress to Date and Future Issues. Public Performance & Management Review 26(4), 325–344 (2003)

    Article  Google Scholar 

  6. Gil-García, R.J., Pardo, T.A.: E-government success factors: Mapping practical tools to theoretical foundations. Government Information Quarterly 22(2), 187–216 (2005)

    Article  Google Scholar 

  7. Lee, J.K., Rao, H.R.: Task Complexity and Different Decision Criteria for Online Service Acceptance: A Comparison of Two e-Government Compliance Service Domains. Decision Support Systems 47(4), 424–435 (2009)

    Article  Google Scholar 

  8. Fishbein, M., Ajzen, I.: Belief, attitude, intention and behaviour: An introduction to theory and research Reading. Addision-Wesley, Massachusetts (1975)

    Google Scholar 

  9. Ajzen, I.: The theory of planned behavior. Organizational Behavior and Human Decision Processes 50(2), 179–211 (1991)

    Article  Google Scholar 

  10. Deci, E.L.: Intrinsic motivation. Plenum Press, New York (1975)

    Google Scholar 

  11. Rogers, E.M.: Diffusion of innovations, 4th edn. The Free Press, New York (1995)

    Google Scholar 

  12. Davis, F.D.: Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Quarterly 13(3), 319–339 (1989)

    Article  Google Scholar 

  13. Harris, L.C., Goode, M.H.: The four levels of loyalty and the pivotal role of trust: a study of online service dynamics. Journal of Retailing 80(2), 139–158 (2004)

    Article  Google Scholar 

  14. Chang, I.-C., Chang, Y., Hung, W., Hwang, H.: An empirical study on the impact of quality antecedents on tax payers’ acceptance of Internet tax-filing systems. Government Information Quarterly 22(3), 389–410 (2005)

    Article  Google Scholar 

  15. Belanger, A., Carter, L.: Trust and risk in e-government adoption. Journal of Strategic Information Systems 17, 165–176 (2008)

    Article  Google Scholar 

  16. Horst, M., Kuttschreuter, M.T., Gutteling, J.M.: Perceived usefulness, personal experiences, risk perception and trust as determinants of adoption of e-Government services in The Netherlands. Computers in Human Behavior 23, 1838–1852 (2007)

    Article  Google Scholar 

  17. Lean, O.K., Zailani, S., Ramayah, T., Fernando, Y.: Factors influencing intention to use e-government services among citizens in Malaysia. International Journal of Information Management 29(6), 458–475 (2009)

    Article  Google Scholar 

  18. GAO (General Accounting Office), Electronic government challenges must be addressed with effective leadership and management (2001), http://www.gao.gov/new.items/d01959t.pdf

  19. Mayer, R.C., Davis, J.H., Schoorman, F.D.: An integration model of organizational trust. Academy of Management Review 20(3), 709–734 (2003)

    Article  Google Scholar 

  20. Warkentin, M., Gefen, D., Pavlou, P.A., Rose, M.G.: Encouraging citizen adoption of e-government by building trust. Electronic Markets 12(3), 157–162 (2002)

    Article  Google Scholar 

  21. Felix, B.T., Paul, S.: Online consumer trust: A multiple-dimensional model. Journal of Electronic Commerce in Organizations 40 (2004)

    Google Scholar 

  22. Gundlach, G.T., Murphy, P.E.: Ethical and legal foundations of relational marketing exchanges. Journal of Marketing 57, 35–46 (1993)

    Article  Google Scholar 

  23. Tanase, M.: IP spoofing: an introduction. In: Security Focus, vol. 11 (2003)

    Google Scholar 

  24. Heberlein, L., Bishop, M.: Attack class: Address spoofing. In: National Information Systems Security Conference, Baltimore, pp. 371–377 (1996)

    Google Scholar 

  25. Ping, Z., Zhuosheng, J.: Sniffer and Interruption of TCP/IP Communication. Computer Engineering 31, 119–120

    Google Scholar 

  26. Bellovin, S.: Security problems in the TCP/IP protocol suite. ACM SIGCOMM Computer Communication Review 19, 48 (1989)

    Article  Google Scholar 

  27. Postel, J.: RFC 791: IP: Internet Protocol (September 1981)

    Google Scholar 

  28. Postel, J.: RFC 793: TCP: Transmission Control Protocol (1980)

    Google Scholar 

  29. Anley, C.: Advanced SQL Injection In SQL Server Applications (2002), http://www.nextgenss.com/papers/advanced_sql_injection.pdf

  30. Geneiatakis, D., Kambourakis, G., Dagiuklas, T., Lambrinoudakis, C., Gritzalis, S.: SIP message tampering: The SQL code injection attack. In: Proceedings of 13th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2005), Split, Croatia (2005)

    Google Scholar 

  31. Geneiatakis, D., et al.: Survey of security vulnerabilities in Session Initiation Protocol. IEEE Communications Surveys and Tutorials 8, 68–81 (2006)

    Article  Google Scholar 

  32. Cerrudo, C.: Manipulating microsoft sql server using sql injection. Application Security Inc., http://www.appsecinc.com/presentations/Manipulating_SQL_Server_Using_SQL_Injection.pdf

  33. Klein, A.: BIND 9 DNS cache poisoning (2007), http://www.trusteer.com/docs/bind9dns.html

  34. Franks, J., et al.: RFC 2617: HTTP authentication: basic and digest access authentication (1999)

    Google Scholar 

  35. Cavoukia, A.: Privacy by Design, www.privacybydesign.ca

  36. Fischer-Hübner, S.: IT-Security and Privacy, Design and Use of Privacy Enhancing Security Mechanisms. In: Fischer-Hübner, S. (ed.) IT-Security and Privacy. LNCS, vol. 1958, p. 35. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  37. Cannon, J.: Privacy, What Developers and IT Professionals Should Know. Addison-Wesley, Reading (2004)

    Google Scholar 

  38. Koorn, R., van Gils, H., ter Hart, J., Overbeek, P., Tellegen, R.: Privacy Enhancing Technologies, White paper for Decision Makers. Ministry of the Interior and Kingdom Relations, The Netherlands (December 2004)

    Google Scholar 

  39. Kalloniatis, C., Kavakli, E., Gritzalis, S.: Methods for Designing Privacy Aware Information Systems: A review. In: Alexandris, N., Chryssikopoulos, V., Douligeris, C., Kanellopoulos, N. (eds.) Proceedings of the PCI 2009 13th Pan-Hellenic Conference on Informatics (with international participation), Corfu, Greece, September 2009. IEEE CPS Conference Publishing Services, Los Alamitos (2009)

    Google Scholar 

  40. Mouratidis, H., Giorgini, P., Manson, G.: Integrating security and systems engineering: Towards the modelling of secure information systems. In: Eder, J., Missikoff, M. (eds.) CAiSE 2003. LNCS, vol. 2681, pp. 63–78. Springer, Heidelberg (2003a)

    Chapter  Google Scholar 

  41. Kalloniatis, C., Kavakli, E., Gritzalis, S.: Addressing privacy requirements in system design: The PriS method. Requirements Eng. 13(3), 241–255 (2008)

    Article  Google Scholar 

  42. Perini, P., Bresciani, P., Giorgini, P., Giunchiglia, F., Mylopoulos, J.: Towards an agent-oriented approach to software engineering, Modena-Italy (2001)

    Google Scholar 

  43. Mouratidis, H., Giorgini, P., Manson, G.: An ontology for modelling security:The tropos project. In: Palade, V., Howlett, R.J., Jain, L. (eds.) KES 2003. LNCS (LNAI), vol. 2773, pp. 1387–1394. Springer, Heidelberg (2003b)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Digital Systems, University of Piraeus, Piraeus, GR-18532, Greece

    Nikos Vrakas & Costas Lambrinoudakis

  2. Dept. of Cultural Technology and Communication, University of the Aegean, Lesvos, GR-81100, Greece

    Christos Kalloniatis

  3. Dept. of Information and Communication Systems Engineering, University of the Aegean, Samos, GR-83200, Greece

    Aggeliki Tsohou

Authors
  1. Nikos Vrakas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christos Kalloniatis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aggeliki Tsohou
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Costas Lambrinoudakis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Heinz College, Carnegie Mellon University, 5000 Forbes Avenue, HBH 2105C, 15213, Pittsburgh, PA, USA

    Alessandro Acquisti

  2. Department of Computer Science, 6211 Sudikoff Laboratory, Dartmouth College, 03755-3510, Hanover, NH, USA

    Sean W. Smith

  3. System Security Lab, Ruhr University Bochum, Universitätsstr. 150, 44780, Bochum, Germany

    Ahmad-Reza Sadeghi

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Vrakas, N., Kalloniatis, C., Tsohou, A., Lambrinoudakis, C. (2010). Privacy Requirements Engineering for Trustworthy e-Government Services. In: Acquisti, A., Smith, S.W., Sadeghi, AR. (eds) Trust and Trustworthy Computing. Trust 2010. Lecture Notes in Computer Science, vol 6101. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13869-0_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-13869-0_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-13868-3

  • Online ISBN: 978-3-642-13869-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation