International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248

Volume: 5 Issue: 5 101 –108

_______________________________________________________________________________________________

Comparative Analysis of E-Governance Models

Ms. Vani Jain Dr. Devesh Bandil Sachin Jain

Research Scholar Supervisior JNU, Jaipur
Suresh Gyan Vihar University Suresh Gyan Vihar University

Abstract:- Online working of a government or providing its services online to its citizens at their access is known as E-Governance. E-
Governance is E-Commerce tool means online accessibility of government services. The technology and the methods used in E-Governance plan
provide a roadmap for well-organized delivery of services at the door step. In today’s time the development of any country depends on the uses
of E-Governance and also their dispersion Development of any country can be reviewed by the extent of E-Governance in that country.
Moreover, today’s government has also full confidence in E-Governance and its widespread network across the world proves it.

E-government security is a key problem to confine the structure and development of E-government systems in any country over the world. E-
Government security models are broadly used in the implementation and development of e-government systems. Due to the deference situation
of the countries over the world there are diverse security models applied in each country. . Based on this analysis, the security requirements of
the data and the applications have been formulated in the form of security parameters like confidentiality, integrity and availability as well the
access requirements of the roles.
The overall aim of this research is to review the available existing E-governance security models, find out their merits and demerits and analysis
of the available models with respect of security in E-Governance. This paper discusses about the possible threats and vulnerabilities for different
data locations separately for different models. Here data are considered for four states: data in store, data in process, data in transit and data in
destination.
Keywords: e-governance, ICT, e-government, information, security, etc.

__________________________________________________*****_________________________________________________

I. INTRODUCTION  The Critical Flow Model

Models of e-governance are still evolving in developing  The E-Advocacy/Mobilization Model
countries. A few generic models have shaped up, which are  The Interactive-Service Model
finding greater recognition and are being replicated. These
models are based on the inherent characteristics of ICT such
1. Broadcasting model
as enabling equal access to information to anyone who is
part of the digital network and de-concentration of  Broadcasting model is based on mass
information across the entire digital network, connecting all dissemination of governance-related information
sources of information. In simpler terms, information does which is already available in the public domain into
not reside at any one particular node in the Digital the wider public domain using ICTs.
Governance models but flows equally across all the nodes.  This raises awareness among the citizens about
Hierarchy is inherent in the government departments. ongoing governance processes and government
Therefore, appropriate administrative reforms and some re- services that are available to them and how they
engineering may be required before digital-governance may can benefit from them.
be really implemented. It needs to be noted here that these  The application of this model using appropriate
models of governance are fundamentally different from technologies could reduce the "information failure
those which are popular in developed country due to situations" where citizens are unaware of new and
differences in basic conditions, and perspectives and existing services being provided by the
expectations from good governance. The five important government. It can also provide as alternative
models of e-governance, which can be used as a guide in channel to people to stay updated of governance
designing e-government initiatives depending on the local related information and to validate information
situation and governance activities that are expected to be received from other sources.
performed. These models are:

 The Broadcasting Model

 The Comparative Analysis Model
101
IJFRCSCE | May 2019, Available @ [Link]
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 5 Issue: 5 101 –108
_______________________________________________________________________________________________
Merits
 It enhances 'access' and 'flow' of information to all
segments of the society, which is essential to
bringing good governance.
 Government can use this model to provide greater
governance services to their constituencies, and to
enhance the participation of citizens in governance
processes.
Demerits
 The model can lose its effectiveness in societies,
where the free-flow of information is not possible.
This can happen in countries where freedom of
speech and expression, or political freedom is
Applications
restricted, or there are tight governmental controls
 Putting governmental laws and legislations online
to censor information.
 Making available the names, contact addresses,
 The model also loses its effectiveness in situation
emails, mobile numbers of local/ regional/ national
of optimal ignorance. This happens when citizens
government officials online.
are indifferent / not motivated to act upon
 Make available information such as governmental information available to them, or when
plans, budgets, expenditures, and performance governments and decision-makers take wrong
reports online. decisions, not because of absence of information,
 Putting key judicial decisions which are of value to but complete disregard of available information.
general citizens and create a precedence for future In this model data are for public use. So main security
actions online. viz. key environmental decisions, concern is to maintain the integrity of data. With this data
state vs. citizen decisions etc. must be available. Keeping in mind about the four locations
of data mentioned above, security aspects, threats and
vulnerabilities have been discussed in Table 1.

Table 1. Threats & Vulnerabilities of Broadcasting Model.

DATA LOCATION THREATS VULNERABILITIES

 No Password
 Encryption cracking
 Using the same key for a prolonged period of time
 System failure
Data in Store  Inadequate back up facility
 Corruption / loss or
 Non adherence to back up policy
damage of back up media
 Minimum length of the password has not been
 Brute force attack
enforced

 Loss of decryption keys  Using the wrong algorithm or a key size that is too
 Theft of credentials small
 Cross-site scripting  Password is guessable
Data in Process
 Query string  Using application-only filters for malicious input
manipulation  Using non-validated input used to generate SQL
queries Relying on client side validation
 Encryption cracking  Using the same key for a prolonged period of time
Data in Transit  Brute force attack  Distributing keys in an insecure manner
 Passing sensitive data in clear text over network
 Denial of service attacks
Data in Destination  Lack of monitoring of services and activities
 Misuse of privileges

102
IJFRCSCE | May 2019, Available @ [Link]
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 5 Issue: 5 101 –108
_______________________________________________________________________________________________
2. Comparative Analysis Model  To evaluate the effectiveness of the current policies
Comparative Analysis Model is one of the least-used but a and identify key learnings in terms of strengths and
high potential e-governance model for developing countries. flaws in the policies.
The model can be used to empower people by comparing  To effectively establish conditions of Precedence,
cases of bad governance with those of good governance and especially in the case of Judicial or legal decision-
identifying specific aspects of bad governance, the reasons making (example for resolving patent-related
and people behind them, and how the situation can be disputes, public goods ownership rights), and use it
improved. to influence/ advocate future decision-making.
 To enable informed decision-making at all levels
 The model is based on using immense capacity of by enhancing the background knowledge and also
ICT and social media tools to explore given providing a rationale for action.
information sets with comparable information  To evaluate the performance and track-record of a
available in the public or private domain. particular decision-maker/ decision-making body.

 The model continuously assimilates “best Merits

practices” in different areas of governance and uses
them as benchmark to evaluate other governance  Developing countries could very effectively use
practices. It then uses the result to advocate this comparative model as ICT opens their access
positive changes or to influence 'public' opinion on to the global and local knowledge products at a
existing governance practices. The comparison relatively low -cost.
could be made over a time scale to get a snapshot  The model is very much based on the existing sets
of the past and the present situation or could be of information.
used to compare the effectiveness of an  There is a vast scope of application of this model
intervention by comparing two similar situations. for judicial advocacy as landmark/key judgments
of the past could be used as precedence for
 The strength of this model lies in the infinite influencing future decision- making. Further,
capacity of digital networks to store varied watch-guard organizations and monitor-groups can
information and retrieve and transmit it instantly use this model to continuously track the
across all geographical and hierarchical barriers. governance past record and performance and
compare with different information sets.

Demerits

 The model requires the ability to analyse and bring

out strong arguments which could then be used to
catalyze existing efforts towards self governance.
 The model becomes ineffective in absence of a
strong civil society interest and public memory
which is essential to force decision-makers to
improve existing governance practices.
Applications In this model, data must reach to the targeted domain not to
all. So confidentiality is great concern here. All possible
This model could be applied in the following possible ways: security aspects, threats and vulnerabilities have been
discussed in Table 2.
 To learn from past policies and actions and derive
learning lessons for future policy-making.

103
IJFRCSCE | May 2019, Available @ [Link]
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 5 Issue: 5 101 –108
_______________________________________________________________________________________________
Table2. Threats&Vulnerabilities of Critical Flow Model.

DATA LOCATION THREATS VULNERABILITIES

Data in Store  Loss of decryption keys  Password is guessable
 Encryption cracking  Password sharing among the peer user
 Denial of service attacks  Lack of monitoring of services and activities
 Misuse of privileges
Data in Process  System failure (Unavailability of  Failing to secure encryption keys
information system)  Using the wrong algorithm or a key size that
 Corruption / loss or damage of back is too small
up media  Absence of back up policy
 Brute force attack  Minimum length of the password has not been
 Impersonation enforced
 Form field manipulation  Using non-validated input used to generate
 Cookie manipulation SQL queries Relying on client side validation
 HTTP header manipulation  Failing to validate input from all sources
including cookies, query string parameters,
HTTP headers, databases and network resources
Data in Transit  Loss of decryption keys  Using the same key for a prolonged period of
Data in Destination  Encryption cracking time
• Brute force attack  Distributing keys in an insecure manner
• Impersonation  Using the same key for a prolonged period of
• Network eavesdropping time
• Denial of service attacks  Passing sensitive data in clear text over
network
 Misuse of privileges
 Lack of monitoring of services and activities

3. Critical flow model

 The model is based on broadcasting information of

'critical' value (which by its very nature will not be
disclosed by those involved with bad governance
practices) to targeted audience using ICTs and
other tools.

 Targeted audience may include media, affected Applications

parties, opposition parties, judicial bench,
independent investigators or the general public. This model could be applied in the following possible ways:

 Those who would divulge such information could  Making available corruption related data about a
include upright officials and workers, particular Ministry / Division/ Officials online to its
whistleblowers, affected parties and those who electoral constituency or to the concerned
were themselves involved in bad governance regulatory body.
practices but have now changed their minds or may
 Making available Research studies, Enquiry
wish to trade such information for lenient
reports, Impact studies commissioned by the
punishments.
Government or Independent commissions to the
affected parties.

104
IJFRCSCE | May 2019, Available @ [Link]
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 5 Issue: 5 101 –108
_______________________________________________________________________________________________
 Making Human Rights Violations cases violations interest and opinion of the masses in decision-
freely available to Judiciary, NGOs and concerned making processes.
citizens.
Demerits
Merits

 This model is more directed and evolved.  The model may not work in cases where the
governance mechanism does not allow public
 Different organizations can use it differently debates and opinions, and censures all information
depending on the aspect of governance they of critical nature. This model unlike the
situation they want to address. Broadcasting/ Wider-Dissemination model would
be more effective in situations of Optimal
 The model corrects information failure, raising Ignorance of the Government.
awareness about the bad governance practices. In this model, the analysis is done based
on old records. So existing data
 The model exerts indirect pressure on the validation is the main issue. All possible
concerned governance institution / policy-making security aspects, threats and
body to move away from optimal ignorance vulnerabilities have been discussed in
attitude to reform, and take into cognizance the Table 3.

Table 3. Threats & Vulnerabilities of Comparative Analysis Model.

DATA
THREATS VULNERABILITIES
LOCATION
Data in  Encrypti  Failing to secure encryption keys
Store on  Using the wrong algorithm or a key size that is too small
cracking  Using the same key for a prolonged period of time
 System  Absence of back up policy
failure  No back up copy kept off-site
 Corruption /  Use of weak cipher or
loss or  hash to make password non readable
damage of
back up media
 Theft
of
credent
ials
Data in  Brute force  Inadequate back up facility
Process attack  Non adherence to back up policy
 Form field  Using input file names, URLs or user names for security decisions
manipulation
Data in  Network  Passing sensitive data in clear text to network
Transit Eavesdropping
Data in  Encrypti  Password is guessable
Destinat on  Minimum length of the password has not been enforced
ion cracking
 Brute force
attack

105
IJFRCSCE | May 2019, Available @ [Link]
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 5 Issue: 5 101 –108
_______________________________________________________________________________________________
4. E-Advocacy Model Applications
 E-Advocacy / Mobilization and Lobbying Model is This model could be applied in the following possible
one of the most frequently used Digital Governance ways:
model and has often come to the aid of the global  Fostering public debates on issue of larger
civil society to impact on global decision-making concerns, namely on the themes of upcoming
processes. conferences, treaties etc.
 Formation of pressure groups on key issues to force
 The model is based on setting-up a planned, decision-makers to take their concerns into
directed flow of information to build strong virtual cognizance.
allies to complement actions in the real world.  Making available opinions of suppressed groups
who are not involved in the decision-making
 Virtual communities are formed which share process into wider public domain.
similar values and concerns, and these communities  Catalyzing wider participation in decision-making
in turn link up with or support real-life groups/ processes.
activities for concerted action.  Building up global expertise on a particular theme
in absence of localised information to aid
 The model builds the momentum of real-world decision-making.
processes by adding the opinions and concerns Merits
expressed by virtual communities. The model enhances the scope of participation of
individuals and communities in debates which affect them
 The strength of this model is in its diversity of the and help them build a global alliance.
virtual community, and the ideas, expertise and  A community may no longer find itself isolated but
resources accumulated through this virtual form of may find an ally for mobilizing effective action
networking. through this model. It also creates an effective
deterrent for governments and decision-making
bodies who are responsive to people's opinion to
 The model is able to mobilize and leverage human
provide better governance.
resources and information beyond geographical,
institutional and bureaucratic barriers, and use it for
concerted action.  The model could also be used favorably by the
government in a positive manner to encourage
public debates on issues where the opinion and
expertise of civil society is of great importance and
therefore could become a tool to enhance
democratic practices and improve governance
practices (especially in Developing Countries).
Demerits
 This model require a transition period before being
adopted on a wider scale.
 It require familiarity of ICT among all the citizens
benefited from this model.
E-advocacy model has come to the aid of the global civil
society to impact on global decision making process.
Security aspects, threats and possible vulnerabilities for this
model have been discussed in Table 4.

106
IJFRCSCE | May 2019, Available @ [Link]
_______________________________________________________________________________________
 International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 5 Issue: 5 101 –108
_______________________________________________________________________________________________
DATA
THREATS VULNERABILITIES
LOCATION
Data in  Encryption cracking  Failing to secure encryption keys
Store  System failure  Complexity of the password is not enforced
 Corruption / loss or damage of back up media  Using the wrong algorithm or a key size that is too small
 Brute force attack  Using the same key for a prolonged period of time
 Inability to identify actual user  Absence of back up policy
 No back up copy kept off-site
 Use of weak cipher or
hash to make password non readable

Data in  Http header manipulation  Failing to validate input from all sources including
Process  Cookie manipulation cookies, query string parameters, http headers, database
and network resources
Data in  Information disclosure  Storing secrets when it is not needed
Transition  Network eavesdropping  Storing secrets in clear text
 Passing sensitive data in clear text over network
Data in  Theft of credentials  Distributing keys in an insecure manner
Destination  Inability to identify to actual user  Complexity of the password is not enforced
 Use of weak cipher or hash to make password non
readable

5. Interactive-Service model  To establish an interactive communication

 Interactive-Service model is a consolidation of the channels with key policy-makers and members
other digital governance models and opens of planning commissions.
up possibilities for one-to-one and self-serviced  To conduct electronic ballots for the election
participation of individuals in governance of government officials and other office
processes. bearers.
 The participation is direct and not through
 To conduct public debates / opinion polls on
representatives.
issues of wider concern before formulation of
 It can bring greater objectivity and transparency in
policies and legislative frameworks.
decision-making processes, and give a greater
feeling of involvement and empowerment,  Filing of grievances, feedback and reports by
provided that individuals are willing to engage in citizens with the concerned governmental
the governance processes. body.
 Under this model, the various services offered by  Establishing decentralised forms of
the Government become directly available to its governance.
citizens in an interactive Government to  Performing governance functions online such
Consumer to Government (G2C2G) channel in as revenue collection, filing of taxes,
various aspects of governance. governmental procurement, payment transfer
etc.
Merits
 It brings every individual into a digital network and
enable interactive flow of information among them.
 The government services are directly become
available to all the citizens in an interactive
manner.

Demerits
 The model firmly relies on the interactive
Applications applications of ICT and therefore is a technology
This model could be applied in the following possible ways: and cost - intensive model
107
IJFRCSCE | May 2019, Available @ [Link]
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 5 Issue: 5 101 –108
_______________________________________________________________________________________________
 It would also require elemental familiarity of ICT concern is much higher than all other models. All possible
among the citizens to fully benefit from this model. threats and vulnerabilities for this model have been
discussed in Table 5.
In this model, information flows in two ways. So security

Table 5. Threats & Vulnerabilities of Interactive Service Model.

DATA
LOCATION THREATS VULNERABILITIES
 Failing to secure encryption keys
 Encryption cracking
 Complexity of the password is not enforced
 Loss of decryption keys
 Using the wrong algorithm or a key size that is too
 System failure
small
Data in Store  Corruption / loss or damage of back up media
 Using the same key for a prolonged period of time
 Impersonation
 Absence of back up policy
 Denial of service attack
 No back up copy kept off-site
 Inability to identify actual user
 Distributed keys in an insecure manner
 Theft of credentials  Use of weak cipher or hash to make password non-
Data in Process  Brute force attack readable
 Misuse of privileges  Lack
 Storing secrets when it is not needed
Data in  Information disclosure  Storing secrets in clear text
Transition  Network eavesdropping  Passing sensitive data in clear text over network
 No password
 Theft of credentials  Distributing keys in an insecure manner
Data in
 Inability to identify to actual user  Complexity of the password is not enforced
Destination

Conclusion The never ending process of information security involves

As the usage of Information Technology is growing very ongoing training, assessment, protection, monitoring &
fast, Indian government is making many efforts to provide detection, incident response & repair, documentation, and
services to its citizens through e-Governance. Although review. In this paper, major contribution is the security
Indian government is spending a lot of money on e- requirement analysis of the overall G2C applications
Governance projects but still these projects are not according to the models.
successful in all parts of India. Unawareness in people, local
language of the people of a particular area, privacy for the References
personal data of the people etc. are main challenges which [1] Service excellence in e-governance issues: An Indian case
are responsible for the unsuccessful implementation of e- study. D’Souza, Andrew Gilmore and Clare. 2006, JOAAG
Governance in India. Government must take some actions to Vol. 1. No. 1, pp. 1-14
[2] E-Governance of Universities: A Proposal of Benchmarking
make the people aware about the e-Governance activities so
Methodology. Raposo, Mario, Leit˜ao, Jo˜ao and Paco,
that people may take full advantage of these activities and e-
Arminda. Oct 16, 2006, Munich Personal RePEc Archive.
governance projects can be implemented successfully. The [3] Students as e-Citizens - Deriving Future Needs of e-Services
participation of people can play a vital role in for Students. Staffan Lindell, Mikael Lind and Olov
implementation of e-Governance in India. Forsgren. s.l.: University College of Borås, Sweden, 31
october 2006. international Workshop on E-Services in
In summary, this paper presents a methodology to formulate Public Administration (WESPA2006).
the security architecture of the different G2C applications [4] E-Governance in India: Dream or reality? Shah, Mrinalini.
from their identified models. The methodology and the Issue 2, 2007, International Journal of Education and
resulting security architectures can be used for the Development using Information and Communication
development, upgrade and audit of the G2C applications in a Technology, Vol. Vol. 3, pp. 125-137.
model-driven manner. Information security is the ongoing [5] 10. Vivek Sawant, Aatul Wadegaonkar. Digital University
Framework. eGovernance : case studies. s.l.: CSI SIG on
process of exercising due care and due diligence to protect
eGovernance, 2008, 19. 142
information, and information systems, from unauthorized [6] 11. A Review of E-Government Readiness in India and the
access, use, disclosure, destruction, modification, or UAE. Farooquie, Jamal A. 1, Jan 2001, International Journal
disruption or distribution. So access controls for different of Humanities and Social Science, Vol. 1.
stakeholders for different data locations have been defined.
108
IJFRCSCE | May 2019, Available @ [Link]
_______________________________________________________________________________________