Abstract
Several research studies have applied information systems acceptance theories in order to examine issues related to the acceptance of e-services by users. Their application in the e-government systems has revealed that trust is a prerequisite for their usage. Moreover, it has been proved that privacy concerns are a main antecedent of trust in e-government systems intention of use. Therefore, information systems that are not privacy aware are not trusted and thus not accepted by users. Currently there are many different attacks that can be realized by malicious users for compromising the confidentiality of private data and thus putting at stake the trustworthiness of the systems. The conventional way for preventing such attacks is mainly the employment of Privacy Enhancing Technologies (PETs). However, PETs are employed as ad hoc technical solutions that are independent from the organizational context in which the system will operate. We argue that we need privacy requirements engineering methods for capturing the context dependent privacy requirements and for selecting the appropriate technical, organizational and procedural countermeasures which will help building privacy aware systems that can offer electronic services which users can trust.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Halchin, L.E.: Electronic government: Government capability and terrorist resource. Government Information Quarterly 21, 406–419 (2004)
Devadoss, P.R., Pan, S.L., Huang, J.C.: Structurational analysis of e-government initiatives: a case study of SCO. Decision Support Systems 34(3), 253–269 (2003)
ASPA: United Nations & American Society for Public Administration (ASPA). Benchmarking e-government: A global perspective. U.N. Publications, New York (2002)
Means, G., Schneider, D.: Meta-capitalism: The e-business revolution and the design of 21st century companies and markets. John Wiley & Sons Inc., New York (2000)
Holden, S.H., Norris, D.F., Fletcher, P.D.: Electronic Government at the Local Level: Progress to Date and Future Issues. Public Performance & Management Review 26(4), 325–344 (2003)
Gil-GarcÃa, R.J., Pardo, T.A.: E-government success factors: Mapping practical tools to theoretical foundations. Government Information Quarterly 22(2), 187–216 (2005)
Lee, J.K., Rao, H.R.: Task Complexity and Different Decision Criteria for Online Service Acceptance: A Comparison of Two e-Government Compliance Service Domains. Decision Support Systems 47(4), 424–435 (2009)
Fishbein, M., Ajzen, I.: Belief, attitude, intention and behaviour: An introduction to theory and research Reading. Addision-Wesley, Massachusetts (1975)
Ajzen, I.: The theory of planned behavior. Organizational Behavior and Human Decision Processes 50(2), 179–211 (1991)
Deci, E.L.: Intrinsic motivation. Plenum Press, New York (1975)
Rogers, E.M.: Diffusion of innovations, 4th edn. The Free Press, New York (1995)
Davis, F.D.: Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Quarterly 13(3), 319–339 (1989)
Harris, L.C., Goode, M.H.: The four levels of loyalty and the pivotal role of trust: a study of online service dynamics. Journal of Retailing 80(2), 139–158 (2004)
Chang, I.-C., Chang, Y., Hung, W., Hwang, H.: An empirical study on the impact of quality antecedents on tax payers’ acceptance of Internet tax-filing systems. Government Information Quarterly 22(3), 389–410 (2005)
Belanger, A., Carter, L.: Trust and risk in e-government adoption. Journal of Strategic Information Systems 17, 165–176 (2008)
Horst, M., Kuttschreuter, M.T., Gutteling, J.M.: Perceived usefulness, personal experiences, risk perception and trust as determinants of adoption of e-Government services in The Netherlands. Computers in Human Behavior 23, 1838–1852 (2007)
Lean, O.K., Zailani, S., Ramayah, T., Fernando, Y.: Factors influencing intention to use e-government services among citizens in Malaysia. International Journal of Information Management 29(6), 458–475 (2009)
GAO (General Accounting Office), Electronic government challenges must be addressed with effective leadership and management (2001), http://www.gao.gov/new.items/d01959t.pdf
Mayer, R.C., Davis, J.H., Schoorman, F.D.: An integration model of organizational trust. Academy of Management Review 20(3), 709–734 (2003)
Warkentin, M., Gefen, D., Pavlou, P.A., Rose, M.G.: Encouraging citizen adoption of e-government by building trust. Electronic Markets 12(3), 157–162 (2002)
Felix, B.T., Paul, S.: Online consumer trust: A multiple-dimensional model. Journal of Electronic Commerce in Organizations 40 (2004)
Gundlach, G.T., Murphy, P.E.: Ethical and legal foundations of relational marketing exchanges. Journal of Marketing 57, 35–46 (1993)
Tanase, M.: IP spoofing: an introduction. In: Security Focus, vol. 11 (2003)
Heberlein, L., Bishop, M.: Attack class: Address spoofing. In: National Information Systems Security Conference, Baltimore, pp. 371–377 (1996)
Ping, Z., Zhuosheng, J.: Sniffer and Interruption of TCP/IP Communication. Computer Engineering 31, 119–120
Bellovin, S.: Security problems in the TCP/IP protocol suite. ACM SIGCOMM Computer Communication Review 19, 48 (1989)
Postel, J.: RFC 791: IP: Internet Protocol (September 1981)
Postel, J.: RFC 793: TCP: Transmission Control Protocol (1980)
Anley, C.: Advanced SQL Injection In SQL Server Applications (2002), http://www.nextgenss.com/papers/advanced_sql_injection.pdf
Geneiatakis, D., Kambourakis, G., Dagiuklas, T., Lambrinoudakis, C., Gritzalis, S.: SIP message tampering: The SQL code injection attack. In: Proceedings of 13th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2005), Split, Croatia (2005)
Geneiatakis, D., et al.: Survey of security vulnerabilities in Session Initiation Protocol. IEEE Communications Surveys and Tutorials 8, 68–81 (2006)
Cerrudo, C.: Manipulating microsoft sql server using sql injection. Application Security Inc., http://www.appsecinc.com/presentations/Manipulating_SQL_Server_Using_SQL_Injection.pdf
Klein, A.: BIND 9 DNS cache poisoning (2007), http://www.trusteer.com/docs/bind9dns.html
Franks, J., et al.: RFC 2617: HTTP authentication: basic and digest access authentication (1999)
Cavoukia, A.: Privacy by Design, www.privacybydesign.ca
Fischer-Hübner, S.: IT-Security and Privacy, Design and Use of Privacy Enhancing Security Mechanisms. In: Fischer-Hübner, S. (ed.) IT-Security and Privacy. LNCS, vol. 1958, p. 35. Springer, Heidelberg (2001)
Cannon, J.: Privacy, What Developers and IT Professionals Should Know. Addison-Wesley, Reading (2004)
Koorn, R., van Gils, H., ter Hart, J., Overbeek, P., Tellegen, R.: Privacy Enhancing Technologies, White paper for Decision Makers. Ministry of the Interior and Kingdom Relations, The Netherlands (December 2004)
Kalloniatis, C., Kavakli, E., Gritzalis, S.: Methods for Designing Privacy Aware Information Systems: A review. In: Alexandris, N., Chryssikopoulos, V., Douligeris, C., Kanellopoulos, N. (eds.) Proceedings of the PCI 2009 13th Pan-Hellenic Conference on Informatics (with international participation), Corfu, Greece, September 2009. IEEE CPS Conference Publishing Services, Los Alamitos (2009)
Mouratidis, H., Giorgini, P., Manson, G.: Integrating security and systems engineering: Towards the modelling of secure information systems. In: Eder, J., Missikoff, M. (eds.) CAiSE 2003. LNCS, vol. 2681, pp. 63–78. Springer, Heidelberg (2003a)
Kalloniatis, C., Kavakli, E., Gritzalis, S.: Addressing privacy requirements in system design: The PriS method. Requirements Eng. 13(3), 241–255 (2008)
Perini, P., Bresciani, P., Giorgini, P., Giunchiglia, F., Mylopoulos, J.: Towards an agent-oriented approach to software engineering, Modena-Italy (2001)
Mouratidis, H., Giorgini, P., Manson, G.: An ontology for modelling security:The tropos project. In: Palade, V., Howlett, R.J., Jain, L. (eds.) KES 2003. LNCS (LNAI), vol. 2773, pp. 1387–1394. Springer, Heidelberg (2003b)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vrakas, N., Kalloniatis, C., Tsohou, A., Lambrinoudakis, C. (2010). Privacy Requirements Engineering for Trustworthy e-Government Services. In: Acquisti, A., Smith, S.W., Sadeghi, AR. (eds) Trust and Trustworthy Computing. Trust 2010. Lecture Notes in Computer Science, vol 6101. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13869-0_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-13869-0_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13868-3
Online ISBN: 978-3-642-13869-0
eBook Packages: Computer ScienceComputer Science (R0)