A novel e-government framework using blockchain

The e-Government system leverages Information and Communication Technology (ICT) to transform the relationship between government bodies and citizens, businesses and other government ministries, departments, and agencies. The primary aim is to make government services more seamless, efficient and timely for every citizen and organisation. However, eGovernment systems are now faced with security threats and cyber attacks, and these challenges have raised concerns about users' privacy as well as the confidentiality and integrity of user data. Therefore, this paper assesses the degree of risk and vulnerability associated with websites used for e-Government function. This paper considers one such website, the Saudi's e-government website Yesser, by using three penetration test tools namely Zap, Rapid7, and Nessus. The results show that the Yesser website does not have critical vulnerabilities; however, it has severe and medium-level vulnerabilities. The paper proposes a new framework which can integrate blockchain based scheme into the Saudi eGovernment system. The framework represents a hierarchical model and involves the use of blockchain between the De Militarized Zone (DMZ) and the Secured Intranet zone

Vulnerabilities of Government Websites in a Developing Country – The Case of Burkina Faso

Slowly, but consistently, the digital gap between developing and developed countries is being closed. Everyday, there are initiatives towards relying on ICT to simplify the interaction between citizens and their governments in developing countries. E-government is thus becoming a reality: in Burkina Faso, all government bodies are taking part in this movement with web portals dedicated to serving the public. Unfortunately, in this rush to promote government actions within this trend of digitization, little regards is given to the security of such web sites. In many cases, government highly critical web sites are simply produced in a product line fashion using Content Management Systems which the webmasters do not quite master. We discuss in this study our findings on empirically assessing the security of govern- ment websites in Burkina Faso. By systematically scanning these websites for simple and well-known vulnerabilities, we were able to discover issues that deserved urgent attention. As an example, we were able to crawl from temporary backup files in a government web site all information (hostname, login and password in clear) to read and write directly in the database and for impersonating the administrator of the website. We also found that around 50% of the government websites are built on top of platforms suffering from 14 publicly known vulnerabilities, and thus can be readily attacked by any hacker