Documente Academic
Documente Profesional
Documente Cultură
Huma Naz
Sobia Sheraz
References:
Mr. Sohail Khan
Branch Manager
Soneri Bank G-9 Islamabad
www.Soneri bank.com
Acknowledgement
All praise to Almighty ALLAH, the most merciful and compassionate, who enabled us to
complete this Project.
We express our gratitude to our kind course coordinator Miss Tahira Hasan who kept our moral
high by her suggestions and appreciation. She was available to us whenever and for whatever we
consulted her. Without her precious guidance and help we could never be able to complete this
task.
At last but not the least, we would like to acknowledge the support of our family members. We
would like to admit that we owe all our achievements to our truly, sincere and most loving
family members who mean the most to us, and whose prayers are source of determination for us.
2
PREFACE
3
Chapter # 1
INTRODUCTION
4
INTRODUCTION
After few decades the war is not occur but electrical war decide who win and
who loss.
E-governance is an emerging trend in the globalize world. Different
developed and developing countries make efforts for successful e-
governance. Europeans and Americas region get the lead in e-governance
whereas Asia, Africa and Oceania still trying to get huge success in e-
governance. E-governance provides unlimited benefits but e-governance
also contains the issue of digital bridge and design- reality gap. Developing
and developed countries faces the problem of digital divide and design-
reality gap.
5
E-governance in Pakistan
RESEARCH OBJECTIVE
6
Importance of Government websites:
Making government sites usable can help citizens understand
how their government works
how to access services
how to change the laws and policies under which they live.
• Information-oriented:
– Includes institutional policies, politics, and procedures.
– Organized around citizens’ lives, not government bureaucracies.
• Action-oriented:
– Online services.
• Accessible:
– The site has to work for everyone.
• Navigable:
– Understandable navigation, search, index with synonyms, site
map.
• Private and Secure:
– What information is used for. How information is protected.
– People don’t want hackers getting their ID numbers and data
from government sites, or data from one government site
showing up on another.
• Easily maintained and added to
– There are no million-ruble budgets for maintaining government
sites.
7
LIFE CYCLE:
8
processes have to be redesigned to provide good service. Government
needs new laws and legislation to enable paperless transactions.
4. The fourth stage is the when all information systems are integrated
and the public can get G2C & G2B services at one (virtual) counter.
One single point of contact for all services is the ultimate goal. The
complex aspect in reaching this goal is mainly on the internal side, e.g.
the necessity to drastically change culture, processes and
responsibilities within the government institution (G2G). Government
employees in different departments have to work together in a smooth
and seamless way. In this phase cost savings, efficiency and customer
satisfaction are reaching highest possible levels.
In
9
Chapter # 2
SWORT ANALYSIS
10
SWOT ANALYSIS
Economic Aspects
Strength Weaknesses
Opportunities Threats
11
Political aspects related to e-governance include strategies and policies, laws
and legislation, leadership, decision making processes, funding issues,
international affairs, and political stability.
Political Aspects
Strength Weaknesses
Combination with Budget
democratization reforms Lack of cyber laws
Internet as pull factor No problem owner within
Modern image government
Slow decision making process
Hierarchical structures
Short term approach due to
elections
Integration and reform
Opportunities Threats
Bureaucracy
Raise external funding Piracy, misuse
Show competitive edge Corruption
Transparency causes natural Maintaining disorder, no
change of processes transparency
Reinvent government Political instability
Resistance
12
Social aspects related to e-governance are people, (level of) education,
employment, income, digital divide, rural areas vs. cities, rich vs. poor,
literacy, IT skills.
Social Aspects
Strength Weaknesses
People eager to learn IT skills Basic education poor
Skilled people possible export Low literacy
product IT literacy
Different languages
Public acceptance of self-service
models
Skill shortage: competition with
private sector
Opportunities Threats
13
Technological aspects involve software, hardware, infrastructure, telecom,
IT skilled people, and maintenance, safety and security issues.
Technological Aspects
Strength Weaknesses
Shortage IT skills
High cost of internet
Heterogeneous data
Lack of IT
standards?
Software licenses
Opportunities Threats
14
Chapter # 3
E-Business Model and Internet Marketing
15
E-Business Model Used by Ministry of Education for their
Website:
Domain Name:
http://www.moe.gov.pk/
Its domain name is short and easy to remember. It is the short form of
Ministry of Education.
It is not used for internet marketing research and not keep record of their
visitors.
Web Design:
16
2. Multimedia such as streaming video and audio are not use in this
website because it is essential to know that there are few who have
access to ICTs, to digital information and knowledge, and to the
benefits of reform in governance.
17
Use Site map
18
Explain who does what
19
E_Business Public Relation:
20
3. Provide curriculum and forms on the website
21
22
Chapter # 4
Computer and Network Security
Policy scope
23
encompass all components and related services. A web site / web application
security policy should be referenced in the primary corporate information
security policy and mandated by the Chief Information Officer (CIO), or
equivalent.
An ideal Cyber Security Policy will ensure the existence of a sound and
secure e-governance and critical infrastructure base in Pakistan. The security
and safety of various ICT platforms and critical infrastructures in Pakistan
must be considered on a priority basis before any e-governance base is
24
made fully functional. With the introduction of computers, the need for
automated tools for protecting files and other information stored on
computers became evident. The information security is essential for a shared
system, such as a time sharing system, and the need is even more acute for
systems that can be accessed over public telephone or data network. The
second major change that affected security is the introduction of distributed
systems and the use of networks and communication facilities for carrying
data between terminal user and computer and between computer and
computer. Network security measures are needed to protect data during
their transmission because virtually all business, Government and academic
organizations are interconnected their systems with a collection of networks
referred as Internet. A new approach to the standards based e-Governance
that simultaneously provides for the security and availability of network
resources is the need of the hour. This approach keeps information safe, yet
available whenever, wherever and to whomever the needs dictate. The
Network and Information security standards need to be put in place for
prevention of intrusions, detecting and removing malicious code, managing
the organizations security systems, ensuring the service continuity with
proper disaster management, data protection with data backup and recovery
procedures and many more.
The unregulated and accessible structure of the Internet has prompted many
to question the privacy and security of government websites. Public opinion
surveys place these areas near the top of the list of citizen concerns about e-
government. Having visible statements outlining what the site is doing on
privacy and security are valuable assets for reassuring a fearful population
and encouraging citizens to make use of e-government services and
information. However, few global e-government sites offer policy statements
dealing with these topics. Only 14 percent of examined sites have some form
of privacy policy on their site, and 8 percent have a visible security policy.
Both of these are areas that government officials need to take much more
seriously. Unless ordinary citizens feel safe and secure in their online
information and service activities, e-government is not going to grow very
rapidly.
25
o Data protection and Retention
o Backup and Recovery (Including Disaster Recovery and Service
o Continuity)
o Security Appliances (Firewalls, VPN Gateways, Content filtering,
Wi-Fi and more)
o Electronic Mail
o SPAM Prevention
o Anti Virus
o Password Selection
o Early Warning Systems (Intrusion Prevention)
o Computer Emergency Response Teams (CERT)
o Digital Signature
o Electronic Commerce
26
Non-personal Information they Record:
27
They use this information for statistical analysis, to help them make their
site more useful to visitors. This tracking system does not record information
about individuals.
For security purposes and to make sure website remains available to all
users, MOE site use special software programs for monitoring network traffic
to identify unauthorized attempts to upload or change information, or
otherwise to cause damage to this government computer system. These
programs collect no information that would directly identify individuals, but
they do collect information that could help them to identify someone
attempting to tamper with this website. If visitors use website, visitors
should understand that all activities may be monitored and recorded. Anyone
using this system expressly consents to such monitoring.
WARNING
Number of visitors
28
Cookies:
A cookie is a small piece of information that is sent to visitors browser when
they access a website. The use of cookies is an industry standard and they
are found at most major websites. There are two kinds of cookies. A session
cookie is a line of text that is stored temporarily in your computer's RAM. It
is never written to a computer's drive and it is destroyed as soon as you
close your browser. A persistent cookie is a more permanent line of text that
gets saved by your browser to a file on visitor’s hard drive. Depending on
visitor’s browser settings, you may receive notification that a site is
requesting cookie information, possibly with an expiration date. Persistent
cookies have a future expiration date. Session cookies have no date
associated with them.
On those pages where MOE uses "cookies" to facilitate visitors use of site, do
not collect personal information about visitors and the cookie is destroyed
when visitors exit browser. There is no information stored on visitors
computer and no unauthorized files are written onto visitors disk drives.
These cookies are called "session cookies." They help visitors use website
interactively and are destroyed when visitors close their browser. These
"session cookies" do not collect information about visitors, but only about
their browser "session." The cookie makes it easier for visitors to use the
dynamic features of these web pages, without having to provide the same
29
information as visitors move from one page to another. visitors will find the
use of these "session cookies" on several of website data access tools.
30
Voluntary Submission of Information
On some of their web pages they provide forms that let you voluntarily
submit personal information (such as e-mail address or name). For example,
this occurs when visitors are registering for various conferences or training
sessions or when visitors sign up for our "Newsflash" subscription service. In
those cases, all submitted information is used only for the expressed
purposes for which it is intended and is not made available to any third
party.
31
processes such as a search warrant, subpoena, or court order. Disclosures
may also be necessary to protect the Government's legal rights or during
emergencies if physical safety is believed to be at risk.
Security Measures
MOE take very seriously the integrity of the information and systems that
they maintain. Hence, appropriate safeguards have been employed to
ensure that any personal information is secure from destruction, corruption,
unauthorized access and breach of confidentiality.
Several steps have been taken to safeguard the integrity of their computer
systems and networks. These steps include, but are not limited to individual
authentication, the security of transmitted data, security monitoring,
auditing and encryption of your information.
The Government of Pakistan may at any time revise or update this policy
without notice. They may inform their users about policy changes through
notices on this page containing a version number and date. Any information
collected under the current policy will remain subject to these terms.
Information collected after any changes take effect will be subject to the
revised privacy policy.
32
Security Issues in e-Government Applications
The main issues from the security point of view are the verification of the
identity of the server computer (Authentication), the integrity of the
message, confidentiality, and the privacy associated with the transmission of
the information. Although the authentication of the user is also desirable,
simple user authentication mechanisms such as passwords are cost-effective
for most of these applications.. Protecting the integrity of data, guaranteeing
the privacy of the citizens, and controlling the access to data only to the
authorized agents are undoubtedly the most relevant security issues in this
kind of applications. The integration of databases calls for a clear definition
of information ownership and access. Finally, for transactions and services
among government agencies and private corporations such as procurement,
authentication and non-repudiation becomes important issues.
Modern cryptography offers a series of technologies that can be used to
satisfy several security concerns. Although cryptographic techniques were
used initially to facilitate confidentiality and integrity of communications,
recent uses (public key infrastructure, digital certificates, and digital
signatures) include authentication and non-repudiation. In a very simple
way, encryption is a process that consists in scrambling the original message
in an undecipherable form. Each encryption scheme has its own capabilities
and limitations, and none of them is 100% secure. Finally, the human
element involved in the implementation of any security system makes all of
them vulnerable. Human error is identified as one of the main security
threats and vulnerabilities in the form of imperfect designs, bad
programming practices or user decisions.
Disability Access
33
Chapter # 5
34
Ethical Problems for e-Government:
Most (75 percent) medium and large companies use technology to monitor
employees’ email and Internet activities (George and Jones, 2003).
Conversely, only 57 percent of employees think employers should have the
right to monitor their email at work (Muhl, 2003). Despite employee
concerns, sales of email monitoring software are expected to grow
significantly, from $139 million in 2001, to an estimated $662 million in
2006 (Wakefield, 2004). Reasons cited for monitoring include: potential legal
liability (68%), security concerns (60%), and employee productivity
concerns (45%).
The ease of use, and the speed at which information can be sent and
received, causes difficulty for managers and technology professionals. Email,
for example, sometimes lacks the formality a phone call or traditional letter
has. The lack of formality can cause the sender to pay less attention to the
content, which may include items of a personal nature, sensitive
information, or information that could be considered offensive. Add to that
the possibility that a message sent in confidence may be viewed by others,
or the risk of uncontrolled distribution, and serious problems could occur for
both employer and employee (Adams, Scheuing, and Feeley, 2000).
35
1. Introduction:
In this Privacy Policy you will find a description of the policies and
procedures that make this Privacy Policy work for customers. They have
included in their Privacy Policy an explanation of their information practices,
such as:
36
3. Consent to Use Information:
A visitor who browses the Web site is not required to reveal any Personally
Identifiable Information, such as name, address, or telephone number,
unless subscribing to a product. Nor is such information collected passively
by electronic means. Web servers collect other information such as the make
of a visitor's browser software and the Internet domain name of the location
from which the visitor enters. This information helps them diagnose technical
problems and manage our sites by tracking user interests.
The primary reason that they collect and maintain Customer Information and
other Personally Identifiable Information is to serve Users and administer
customer relationships. They may collect Customer Information and other
Personally Identifiable Information from a variety of sources, such as the
following:
37
o Information about transactions by Users as part of the Products
or other User experiences with Internet companies or ISP’s, such
as the information they receive when a User submits a question
through a search box in a Product. They collect Customer
Information and other Personally Identifiable Information in a
number of ways, such as the following:
o Registration Process:
In order to use their Products, each User may be asked to
complete a registration process, which requires providing
certain registration information to Internet companies or
ISP’s.
o Credit Cards:
They collect credit card information for billing purposes.
For convenience of customers, they do not store, use, or
share credit card information for any other purpose
o Log Files:
They track information about each User's usage of the
Products in log files. They use this information as follows:
To analyze trends
To administer the Products
To track statistical information about how Users use
the Products
To gather broad demographic information for
aggregate use
Internet companies or ISP’s does link information
regarding a User's usage of the Products to the User's
Personally Identifiable Information
From time to time websites may request information from Users via
voluntary participation in promotional or market research activities.
The information that they request may include contact information (such as
name and business address), and demographic information (such as zip
code and age level).
They may use and share the Customer Information and other Personally
Identifiable Information that they collect among various departments within
websites and its subsidiaries that perform functions such as servicing User
38
accounts, preparing reports regarding Product use, market research, and
promotional activities. The reasons that they share this Customer
Information and other Personally Identifiable Information include the
following:
o To protect Users.
They use the Customer Information and other Personally
Identifiable Information they maintain about Users and
their use of the Products, including registration
information, as follows:
To help them identify Users.
To help them prevent unauthorized persons from
accessing Customer Information and other Personally
Identifiable Information and the Product features
that they make available to specific Users for their
use.
o To provide superior service.
They use Customer Information and other Personally
Identifiable Information to respond quickly and efficiently
to User needs.
o To tell you about new or enhanced services and/or
products.
o By understanding more about Users and their use of the
Products, they can better meet User needs and determine
how other Product features could be of value to Users.
o E-mail Updates:
Once a User completes the registration process, websites
may keep the User updated by e-mail on important news
and events concerning Internet companies or ISP’s,
Product features, and other information that a website
deems relevant.
By accepting the License Agreement and this Privacy Policy
and by using any Product, each User agrees that website
may contact the User by e-mail with respect to website
and any aspect of the Products whatsoever.
o To improve and develop their information, products and
services.
o Every Product feature that they offer is designed to
reflect the ways Users actually use the Products.
They collect and analyze information about Product use so
that they can tailor new types of information, products and
services to meet User needs.
When it comes to sharing Customer Information and other
Personally Identifiable Information outside Internet
39
companies or ISP’s, they do so only for specific purposes.
They share Customer Information and other Personally
Identifiable Information with third parties as follows:
o General
They reserve the right to share with website’s subsidiaries
and/or other reputable organizations the following
information, for purposes of permitting those organizations
to sell their products and services to our Customers:
With respect to each Customer, the following current
information: company name, industry, business mailing
address, and primary contact information (name, e-mail
address, street address, mailing address, and telephone
number).
With respect to each User, the following current
information: name, industry, job title, business e-mail
address, office name (branch and main office), and mailing
address.
They reserve the right to share Customer Information and
other Personally Identifiable Information with third parties
that provide hot links to the Web page at
http://www.bna.com/ to promote the Products, such as
web portals, or otherwise sell Subscriptions on our behalf
through their own marketing channels. In certain
instances, these parties will co-own certain Customer
Information and other Personally Identifiable Information
about Product revenue generating activity that originates
from that third party. Such Customer Information and
other Personally Identifiable Information may include,
without limitation, the following information: company
name, street address, e-mail address, contact name, lead
date, first sale date, and services accessed.
They reserve the right to share Customer Information and
other Personally Identifiable Information with other third
parties that perform services on our behalf, such as
companies that help us market Products, renew
subscriptions, or assist new customers.
They reserve the right to share all Customer Information
and Personally Identifiable Information with third parties
who act as independent contractors to help us administer
the Products, such as data centers that host our servers
and technical system consultants who program our
hardware and Software.
They reserve the right to share Customer Information and
Non-Identifying Information in the form of aggregated
40
demographic information that is not linked to Personally
Identifiable Information with our subsidiaries, advertisers,
and other third parties.
They reserve the right to disclose certain Customer
Information and Personally Identifiable Information to
government agencies and consumer reporting agencies as
permitted or required by applicable law. Websites may
make these disclosures for specific, limited purposes, such
as verifying individuals' identities (reducing fraud and
identity theft).
Website will also disclose a User's Customer Information
and Personally Identifiable Information when and to the
extent they believe, in good faith, that they are legally
compelled to do so pursuant to an order of a court of
competent jurisdiction or other governmental body
(including, without limitation, such disclosures required by
applicable securities laws as are necessary to comply
therewith or with the rules and regulations of any
applicable stock exchange). In such an event, websites will
use reasonable efforts to do the following:
Give the User reasonably prompt written notice of such
requirement so that the User has an opportunity to
comment thereon or object thereto and to preserve the
confidential nature of the Customer Information and
Personally Identifiable Information that website is required
to disclose.
At the User's expense, use commercially reasonable efforts
to cooperate with any of the User's efforts to preserve the
confidential nature of the Customer Information and
Personally Identifiable Information that a website is
required to disclose.
o User Information
They reserve the right to share a User's Customer
Information and Personally Identifiable Information with
the Customer who purchased the User's Subscription.
They also reserve the right to share a User's Customer
Information and other Personally Identifiable Information
in the manner described in Privacy Policy.
o Customer Information
They also reserve the right to share the aggregate
Customer Information and other Personally Identifiable
Information for any Customer with respect to all Users for
which that Customer purchased a Subscription in the
manner described in Section 6 of this Privacy Policy.
41
b) Policies Regarding the Use and Disclosure of
Information about Former Customers:
42
a) Security Programs:
43
Chapter # 6
Recommendations
44
Recommendations for Web Design:
Provide live and online forums where visitors can share ideas and
information about government education polices. Through online
forum and live discussion it is east to check people response about
government polices about education whether their response is positive
or negative.
Accept proposals from citizens.
Let people to do things like submit their forms and application online
45
Few city government websites have bi-language features that allow access
to non-native speaking individuals. By bi-language feature, we mean any
accommodation to the non-native speakers, such as text translation into a
different language.
Oracle is known to offer the most secured computing environment, and has
been certified against 14 standards of security requirements in the
government, defenses and financial services industries. Ministry may takes
help from oracle for security in following areas
o Selective Encryption
o Evaluated Security
o Proxy authentication
o Three tier security
o Label base access control
RECOMMENDATIONS:
• To keep track of their visitor, the site should use
– A tailored web experience but at the same time its a violation of the
privacy
• The site should follow the stated policy regarding the collection and
use of visitor’s personal information by using Privacy policy services and
software i.e.
– PrivacyBot.com
– TRUSTe
47