Proposed Information Sharing Security Approach for Security Personnels, Vertical Integration, Semantic Interoperability Architecture and Framework for Digital Government

International J ournal of Computer Science & Informa tion Technol ogy ( IJCSIT), V ol 3, No 3, June 2011 DOI : 10.5121/ ijcsit.2011.3309 120 P RO PO S ED IN F OR M AT I O N S HA R IN G S E C U RI TY AP P ROACH F OR S E C UR I TY PE RS O NN E LS , VE RT IC A L I N TE G R AT I ON , S E M AN T I C I NT E ROP E RA B I LI T Y A RCH I T EC T UR E A N D F RA M EWOR K F OR DI G I T AL GOVE RN M E NT Md.Hea dayetullah 1 , G.K. P radhan 2, Sanjay Biswas 3 , B. P uthal 4 1, 2, 3, 4 Department of Computer Science a nd Engineering, SOAU, Bhubaneswar, India Pho ne: +91-973206 2998 1 headayet ullahphd@gmail.c om, 2 gopa_pra dhan@yahoo.c om 3 Drsanjay _Biswas@redi ffmail.com 4 bputhal@ iter.ac.in A BS T RA CT This paper mainly depicts the conceptual overv iew of vertical integration, semantic interope rability architecture s u c h as E ducational Sect or A rchitectural Fr amework (ESAF) for New Z ealand governm ent and differe n t inte roperability frame work solution fo r digital governme nt. In this paper, we try to develop a s ecure information sharing appro a c h for digital governme nt to improve home land security. This approach is a role and cooperation based approac h for security personnel of different governme n t departments. I n order to run any s uccessful digital government of any country in the world, it is necessary to inter act with t heir c itizen a nd to s hare secure i nformation via di fferent net work amon g the citi zen or other government . Co nsequently, in orde r to smoot h t he pr ogress of users to co o perat e with and share information wit hout darkness and flawle ssly transversely different networks and data bases universally, a safe and trusted informatio n-sharing environme nt has been ren owned as a very importan t requireme nt and to press forw ard homela nd security e ndeavor. T he key i ncentive following this researc h is to p ut up a secure and trusted information-sh a rin g approach for gov ernment departmen ts. This paper p resents a proficient function and te amwork based informat ion s haring approach for safe ex change of h ush-hush and privileged informa tion amid security personnel s a nd governm ent departments inside the nation al boundaries by means of public key c ryptography. The expande d appro ach makes use of cryptogr aphic hash function; public key c ryptosystem and a unique and c omplex mapping f unction for sec urely swapping over secret information. Moreover, the project ed approach facilitates privacy preserving information sharing wit h probable re strictions b a sed on the rank of the security personnels. The projected function and collaboration based inform ation s haring approach ensures protecte d and updated information shari ng between security personne ls and gover nment i ntelligence department s to keep away from frightening activitie s. Th e investigati onal results exhibit the useful n ess of the pro posed in formation sharing approach. In a nutshell, this proposed security approach will work in together i ntra- organizational and inter- organizational departme n t such as among security person nel and g overnment intelligence department and t his will make possible vertic al information i ntegration over and above it will progress interope rability appr oach for several recen t digital gove rn ment. K EY W OR DS Digital Government, Vertic al Integrati on, Digit al Gove rnment I nteroperabil ity, Gover nment I ntelligence Departments, Security Person n els, Inform ation Sharing, Se curity, Map ping F unction, M essage Di gest 5 (MD5), Public-Key Cryptosyste m, Role, Cooperati on, Rank International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 121 1 . I NT RO DU CT I ON Governme nt is a user of information tec hnol og ies, donor of information based services and chief coll e ctor and provider of data and infor ma tion [1]. Globally, now many governments facade challenges through usual way of renovation and so demand re-inve ntin g the government systems t hus as to r evea l proficient and gainful services, infor ma tion and knowledge via commun icati on t ec hnologies [2]. A key step i n re-inventing government is throug h nurturing digital government, whi c h is nothing but t he usage o f general applications of information and commun icati on technology that grips each transaction of gov ernment s ervices [3]. Digital government is classically termed as the creation and tr ans mittal of information and se rvices inside government and among government and the public thr o ugh a r a nge of information and commun icati on technologies. Th e impact of d igital government varies lar g ely across the world and is also well-known as e-government or virtual gove rnment [4]. E -g overnment servic es are well-known in multifaceted arch itectural and technological circumstances [5]. Informati on age technologies pay f or enormous prospects for a government to renovation its functions in to the digital arena. M a ny government a gencies have tightly engaged informatio n technologies fo r renewing the go ve rnment’s v astly r a mbling service-centric information infrastructure by increasing in forma tion flow and the executive proce s ses [6]. Info rm ation is a crucial facet of government’s r e sources. So, currently, an urgent need to convince and approve l a rger flow of information is in dema nd along with data sh a ring among publi c agencies [7], [8]. T he particular uprising in infor m ation resulted o n organizations in t he entire world to deeply rely u pon huge numbers of databas es to achieve their daily trade [9]. “Sharing information” i s termed as the gathering and sharing of intelligence between t wo security divisions, or sharing i nnova tive e- crime d a ta, observations on these d ata , surveillance not es, s cientific f acts , commercial transaction data, and oth e r. Information diffe rs in the level of aspect, the q ua ntity or type of data exchanged. Due to lack of standard methods for e-government information sharing, the means of sharing, at pr e sent are not consistently monitored, legitimated and recorded [ 10]. T he information sharing environment is obscure and inn ov ative resolu tions and pa rtnerships are crucial to collect shared benefits [11]. Moreover, the sharing is not constantly assured to be risk- free fr om risks that might grip i lle gal access, malicious alteration, and destruction of information or propaga nda, c omputer intrusions, copyright i nfr ingement, pr ivacy v iolations, human rights viol a tion s and more [1 0]. Since government departments are in need to share information within the s ame government and a lso across governments, the devising of an effective security appraise is essential. Tranquil, a depa rtment cannot a imlessly disclose its database to whi c hever another departments [12, 7 ]. A confi ne d and trust e d informa tio n-s haring environme nt is a p re requisite t o enable users to communicate with and share information lacking diffi c ulty and perfectly across a lo t of di s tinct ne tworks and databases una nimously. This means can considerably pre ss fo rwa rd the wort h of o ve rflowing functions, such as intelligence a ssembly and public wellbeing efforts [13, 14, 15, 16]. Guarantying secu rity f or its information syste ms, together wit h computers and n e tworks, is a fundamental need for a di g ital government to function to the hope of its people. Information security is not hing but defending information and info rmation system s from unauthorized access , use, disclosure, disruption, modification, or d es tructi o n. The ke y ele ments of inf orma tion security encompass integrity, confidentiality, availability, authentication that has to be considered at variou s levels inside the hierarchy [17] . Production of a wide basement fo r information sharing desires trust among all information sharing partners. In s ufficiency of trust leads to fears that shared i nformation will not b e secluded nor ma lly or used properly; and, that sharing will not continuously happen in both directions [18]. By using a safe and sound i nform ation sharing system, or ga nizations can put in with promise i n communities of trust since f or this r eas on they have the controls so as to exactly direct t heir information accessing and usage. Let us d eem a confined l aw enforcement officer at a usual tr affic stop. Ba sic pro tocol utters that the officer r eques t and confirm t he individual’s driving li c ense and vehicle registration. Still, the officer might in addition check a wide range of other computer applications, such a s colonization databases, terrorist watch lists, criminal information and intelligence repositories, and counter-drug i nte lligence databas es that may b e o wne d by exterior organizations, such as the U.S. Federal Bureau of I nves tigation, t h e Drug Enforcement Administration, and the Department of Homeland Security. To execute this, these superficially owned appli ca tions have to be capable t o identify the officer so as t o decide if he or she has th e pr e cise ce rtifi c ate to obtain the information. Subsequently, the information that is prone to be responsive from an intelligence and p riva cy outl ook is ou g ht to be secluded while in shipment. Finally, the device on which the officer coll e cts the information should be able to storin g that inf o rmation st rongly [13] . In our previous works, we h ave anti c ipated International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 122 efficient and secure information sharing pr o tocols for sec ure e xcha nge of confidential information a mongst g overnment intellige nce age ncies [19, 2 0, 42]. This paper is superior version of our prior rese arch paper [42]. In this pap er, we pr ese nt int ang ible outline of vertical integration, semantic int eropera bility architec ture and framework as well as a well-organized and secluded information sharing approac h for security personnels to s hare confidential information am ong them and with government departments which pact with security. This pape r portrays various interoperability framework solutions. The anti c ipated security approach is mainly modified to fit in the following circumstances. D e em, as, a re stricted law e n force ment officer at a normal traffic stop. The customary protocol for traffic control demands the off ice r t o appeal a nd prove the individual’s driving licens e and vehicle registration. Still, the law enforceme nt officer could also wish t o ensure with a wide range of other computer app lications, such as migration databases , criminal information and intelligence repositories, and counter-drug i nte lligence databas es that may be owne d by external or ga nizations, suc h as Cent ral Bureau of Inves tigati on (CBI), t he Drug Enf orce ment Administrati on, and t he Department of Homeland Security. The correctness and the amount of i nform ation shared stuck b e tween security personnel and communicating government intelligence departments is r ooted i n t he predefined grade of the security personnels . T he proposed function and cooperation based information sharing approach attains data in tegrity using a cryptographic hash function, MD5 Algorithm; confidentiality and authentication using Public Key Infr as tructure (PKI) and department confirmation usi ng a unique and com plex mapping function. The vital outline of the paper is as follows: An undersized review of some current r esearc hes allied t o the proposed appro a ch i s given in Section 2. Conce ptual overview of sema ntic interoperability architecture and interoperability frame work solution i s give n i n Sec tio n 3. The proposed role and cooperation base d information sharing approach for security pers onals are prese nted i n Section 4. The experimental results are p resente d i n Section 5. Lastly, the conclusions are summed up in Section 6. 2 . R EV I EW OF R E LA T ED R ES E AR CH Copious researchers h ave offered approaches for secure and effective information sharing between communicating p arties. Among them, a f ew researchers h ave offered approaches fo r securely sharing confidenti a l information among g ov ernment departments. Newly, rising resource ful approaches for firmly sharing secret informatio n among government agencies and departme nts has d ra wn much attention. A concise review of some contemporary r esea rches is prese nted here. To deal with the information sharing concern amid government agencies, P eng L iu et al. [18] have offered an i nv entive interest-based trust model and an information sharing protocol, which is integ rated a group of inf orma tion sharing policies also information exchange and trust cooperation are interleave d and e qu a lly dependent on each other. Additionally, t he up- and-coming technology of XML Web S erv ices was utilized during the accomplishme nt of the proposed protocol. The accomplishment was utterly unfaili ng with the Federal Ent e rprise Architecture reference models and can be unambiguously incorporated within recent electronic government systems. Ji ng Fan et a l. [21] have anticipated a theoretical model for inf orma tion sharing in an elec troni c government road and rail network. They established that the Governme nt-to-Government (G2G) informa tion sharing model will aid in giving knowledge fo r G2G information sharing and help decision makers in formulating decisions concerning the involveme nt in G2G informa tion sharing. The propose d conceptua l model was tar tan to find out the aspects influencing the participation in an electronic government information sharing and undersc ore the conceptual model via case study b eneath Chin ese government sy s tem. Fillia Makedon et al. [ 1 0] have presented a n eg oti a tion-based sh a ring system called SCENS: Sec ure Content Ex change Negotiation System which was being constructed at D a rtmouth College with the aid of plen tiful interdisc iplinary skilled. SCENS was a multilayer s calable system th a t guarantees t ransaction safety via a number of secur i ty mechanis ms. It was based on the metadata d esc ripti on of assorted in formation whi c h is appropriate to various diverse domains. They represented that wi th sen sitive and distribu ted information the government users can accom plish settl em ent on the conditions of sharing throug h negotiation. Xin Lu. [22 ] have established a dispers ed information sharing model as well as inspected the technique standard support of t he model. It was p res umed t hat t he expenditure of dealing with government information ex change and cooperation between agencies will be reduced by a raise International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 123 in the prospective and efficiency of agencies' collaboration d own to the secure e-government information sharing elucidations. Nabil R. Adam et al . [23] have inspected th e demands i n integration, agg regation and secure sharing information to aid situation awa reness and response at the premeditated level. On removal of data from various independent s y stems, the system filters, integrates, and proficiently envisages i nformation crucial to obtain a g e neral operational picture, by utilizing conte xt-se nsitive parameters. One substantial demand was to assist secure information sharing. Sharing of information pr otra cts t o be a major complex ity due t o t he data privacy and own ership c oncerns as well as owing to a widespread range o f security pol icies followed in side various government agencies. N abil Adam et al . [16] have offered a two t ier RBAC approach to facilitate security and discriminative inf orma tion sharing amid virtu a l multi- agency r esp onse team (VMART) as well as when there is requir e , it allows VMART e xp ansion by p ermitting new collabor a tors (government agencies or NGOs). They also presented a coordinator web service for e very member a g ency. T he coordinator web service captures the responsibilities such as, authentication, information broadcasting, inf orma tion acquisition, responsibility creation and enforcement of predefined access contr ol policies. Awareness o f secure, selective and fine-grained information sharing was skilled by t he en cryption of XML docume nts in par with analogous XML schema defin ed R BAC policies. Achille Fokoue et al. [24] have es t ab lished logic for risk opt imiz ed i nformation sharing th rough rich security metadata and semantic knowledge-base t ha t detains domain specific concepts and relationships. They l ong-established t hat the method was: (i) flex ible: e.g., t ac tical in forma tion decom posing sensitivity in agreem ent with space, time and external events, (ii) situation-awa re: for ex ample, encodes need-to-know based access contr ol p o licies, and further outstandingly (iii) supports elucidations for non-sha reability; these elucidations along with rich security metadata and domain ontology allows a sender to intelligently execute transformation of information with the goal of sharing t he transformed information w ith the recipient. Additionally, they ha v e explained a secure information sha ring architecture wi th th e help of a unive rsally acce ssible hybrid semantic reasoner as well as show e d a number of des cripti v e cases that highlights t he benefits of the method while complementary with conventional methodologies. Ravi Sandhu et al. [25] ha ve presented a way t o s hare secure information eas ily through modern T rusted Computing (TC) technologies which is not available with pre-TC t e chnology. They h ave configured the PEI f ramework of policy, enforcement and implementation models, and confirmed its applicability in in s pecting the issue and generating solut ions for it. The stru c ture enables t he profound exploration of prospective TC applications for sa fe info rma tion sharing in the forth c oming e ffort. TC applications exc lusive of inf ormation sharing as well are expected to be scrutinized. A group of policy-based technologies to present improved information sharing among government agencies wi thout waning information sec urity or person`s pr ivacy has been developed by Tryg A ger et al . [ 26]. The method covers: (1) fine-grain ed access contro ls which sustain deny and filter semantics for accomplishment of complex policy conditions; (2) a oppressive poli c y abil ity that facilitates mi x ture of information from various resources conforming to each source ’s innovative ex posé policies; ( 3) a curation organization which permits agencies to use and scheme item-level securit y categorizations and disclosure policies; (4) an auditing system which deals with the curation history of every information item; and (5) a origin auditing method that tr a cks derivations of informa tio n in surfeit of time to pres ent support in assessments of in forma tio n quality. The f inal id e a wa s to facilitate a capacity t o resolve amaz in g information sharing issues in government agencies and proffer ways for th e growth of future government information systems. Gail -Joon Ahn et al . [27] have dealt with the problem of supporting choosy information sharing whi le reducing t he possibility of illegal access . They have proposed system ar c hit e cture by integrating a role-based d e l e gation framework. Additionally by implementing a proof-of-conce pt, t hey have confirmed the practicability of their framew ork. Mudhakar Srivatsa et al. [28] hav e presented a calculus approach f or se cure sharing of strategic information. Three operators: Γ , + and · are support by t he security metadata w hich t hey h ave modele d as a vector half-space (as against a lattice in a M LS- like approach). A metada t a vector is mapped into a time responsive scalar value by th e v a lue operator Γ . On the metadata vector space that are ho mo morphi c , arithmetic is supported by t he + and · operators with the s emantics of information transforms. In order to compute the tightness of values estimates in t he approac h, they have d e veloped r eal r e alizations of their metadata calculus that solves weak homomorphism without getting affected b y m e tadata extension utilizing B-splines (a class of compac t parametric curves). Muntaha Alawneh and Imad M. Abbadi [29] have offered a mecha nism that enables the source or ganization to send content based on organization policy International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 124 and requirements to anot he r collaborating organization in such a manner th a t it could be accessed only b y a ex act a specific group of users perf orming a specific task or by all device membe rs in t he targe t organization. They have con summ ated th is by providing a hardware- based origin of t rust for the m aste r organizer and organization devices m aking use of tru sted computing tec hnology. 3 . C ON CE PT UA L O VE RV I EW O F VE RT I CA L IN T EGR A TI ON , S EM A NT IC IN TE RO PE R AB IL IT Y A ND D I GI TA L G OV ER NM EN T I NT ER OP E RA B IL IT Y FR AM EW O RK 3.1. Conceptual overview of vertical int egrati on and digital governm ent interoperability 3.1.1. Vertical I ntegration The spotlight i s at present moving to renovatio n of government services mo dera tely than automa tin g and digitizing vacant processes. Building government electronic or digital is not merely a matter of putting existing government services on the Internet. What should and will be p he nomenon are everlasting changes i n the gove rnment processes themselves and perhaps the concepts of the gov ernment itself. W hile electronic commerc e is redefin ing personal business and society in terms of p roce sses and pro ducts , electronic o r digita l government proposals should be accompanied by re-conceptualization of the gove rnment service itself. In the long r un, the full advanta ge of electronic or digital governme nt will b e reco g nized only when organizational changes e sc ort technological changes . It is predictable that vertica l integration with in analogous functional walls but across dif fe rent levels of government will happe n first, because the breach between the leve ls of government i s much fewer t hat the difference b etwee n fun ctio ns. Many sta te a ge ncies c ooperate more closely with the ir federal and local counterparts than the other agencies in the identical level of government. In thi s stage level federal, state, and local compleme nt systems are expected to conn e ct or , as a minimum, commun icate t o each other. I n accordance with surv e y of Mo mentum RESEARCH Group, citizens fa v or to access information through their local portal since they ar e mo st well-known with the services offered by the local government [30] . One application o f vertical int e gratio n could be the business li c ense applica tion process. One i nstance of the ve rtical integration can be found on the Washington state website, i n which federal employer identification number (FEIN) can be requested throughout th e same process as s t a te business license. The goal of ve rtical integration is to faultlessly integrate the state’s system with federal a nd local systems for traverse referencing and checking, and it has an effect of linking states to ot her states. An example would be construction of a national crime database, which includes DMV files re g arding vehicle r egistrations and d rive rs’ licenses, a ma ster name index file for serious arrests , and traffi c accidents. Yet, most of these systems ar e now law enforcement a c cessible only and not obta inable to the citizen s. Th e next s ec tion of t his paper describes a role and coope ration b as ed security approach for security personnels of whichever modern digital government to pro v ide homeland security. Communication and integration oriented technologies becomes mor e i m portant in case of vertical integration. To i nteg rate agencies in the state governments with their local governme nt and federal government counterparts, technica lly, a w e b of r emote connections is a requi rement. In thi s far-flung c onnec tion and virtual transac tio ns, s e veral tech nological issues emerge; signal aut he ntication, f orma t compa tibi lity of electronic data intercha nge, contact level of domes tic legacy system to outside, etc. Verti c al integration is not latest concept. State Universities and local s c hool districts have worked together for years by h av ing hi g h s c hool stude nts take uni v ersity levels classes. In shor t, vertical int e gration needs t echnical as well as semantic interoperabil ity amon gst communicating parties. A good exam ple of se mantic interop e rability and vertical integration is New Zealand government education system. Al beit the vertical integration may offer enhanced efficiencies, privacy and confidentiality is sues must fi rst be con sidered. In proportion to a report from intergovernme ntal advisory board, the “ leadin g” issue when developing such systems is ensuring the privacy of the citizen asking for service [31]. Governmen t must provide suitable stability between the privacy of individual information and the ri g ht of indi vidu als to right of entry t he publ ic records. The fol lowing section describes the idea of int e roperability and their architec tural overview. International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 125 3.1.2. Interoper abili ty Casually , and analyzing it s own n ame, “int e r-oper-ability” i s an attribute referring to t h e capability of various systems and organizations for working together (inter-operate). Interoperability can b e p resented as: the capability of infor mation and c omm unication technology (ICT) systems and the business processes they hold up, to switch over data and to permit sharing of info rmation and knowledge [32]. 3.1.3. Digital gover nment interoperability Specifica lly, i nteroperability in digital (or el e ctronic) gov ernment may refer to pub lic and private sector organizations wor king in collaboration f or deli v ering public se rvices; managing networked environments fo r criminal activities prevention, terrorist attack prevention and disaster prevention, as well as, for citizen engagement in government decision-making processes, and so on. Di gita l (or electronic) government interoperability ca n be d efined as: the capability of public authority’s i nformation and communication t e chnology (ICT) systems and business processes to share information and knowledge within and across organizational boundaries to better support th e stipulation of public services as well as compose stronge r support to pub lic policies and dem ocratic processes [32]. 3.1.4. Technic al Interoperabilit y Tec hnical i nteroperability i s mostly addresse d by open standa rd s at different levels such as connectivity, information access , d a ta and appli ca tion int e gration, and content m a nagement [32][33]. Technical interoperability involves connecting computer systems and s ervices through the use of st a ndards for interfaces, connectivity, dat a i nteg ration, middleware, data presentation and a ccess ibilit y functions. T ec hnical interoperability addr e sses p roblems logically located in different layers; from the bottom layer - responsible for the physica l exchange of data, typically addressed by providing a set of sug gested communication protocols and standards for data excha nge; to the upper l e vels - responsible for providing technologies supportin g orga nizational and semantic interoperability issues; through a set of mid-laye rs-responsible for various is sues, such as, the transport mean, an d e ngines for coordinating the execution of processes, among others. Subsequent, an example is introduced for technical i nteroperability. Such as, the interoperability f rame work could deli ne ate that messages underneath these associations should be writt en in XML, and should be switched o ver using the Extensible Message Gateway[34], a software infrastructure compone nt. 3.1.5. Sema ntic interoperability Semantic int eropera bility is branch of the interoperabi l ity dare for networked electronic (or digital) government organizations. Inter-organizational information sys tems c an merely work if they are capable of comm un ica tes and works wi th other suc h systems and interacts with people. This requisite can simply be meeting if communication standards are useful. A standards-based technology p roposal permits partners to perfo rm a conventional business function in a digitally improved method. An essential un ive rsal information systems scheme i s a set of standards t ha t permits n e twork applicants to comm unicate and conduct business procedure ele ctr on ically [35]. Addressing semantic i nterope rability entails consideri ng [3 2]: 1) dev eloping electroni c (or digital) governme nt ontologies – providing a common vocabulary for electronic ( or digita l) government plus for specific areas; 2) defining us e r-friendly m etadata – providing understandab le and s traightforward metada ta fa cilitating search processes in government webs ite s; 3) maintaining semantic definitions – maintaining modern deve loped ontologies reducing t he risk of di verge nce of local ontologies; 4) collecting data once – capturin g information from citizens and businesses once, and r eus ing it for multiple purposes, previous consent of t he data owner; 5) solving semantic obstac les – providing mediations f or solving semantic problem s, suc h as different l abe ls for t he same cont e nt, different formats for the same content, and different abstractions for modeling the ide nti c al area. 3.2. Conceptual Semantic interoperability architecture framew ork Interoperability is n ot straightforward, and has many aspe c ts. A f ac t th a t i s also reflected in the many definitions provided: International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 126 (1) IEEE def ines int e roperability as : the a bility o f two o r more systems or compon ents to exchange information and to use the information t hat has been exchanged. (2) ISO/IEC 2382-01 defines interoperability as: t he capability to comm unicate, execut e programs , or transfer data among vario us functional units in a manner t hat requires t he user to have li ttle or no knowledg e of t he unique characteristics of tho se units. These ex pl a nations spotlight o n the technical side of interoperability. It has also been poi nted out that i nte roperability is often more of an organizational issue, including issues of ownership, people, usability and bu siness processes . (3 ) Paul Millers [36] offers another definition: To b e interoperable o ne should energetica lly be occup ied in the unending progression of ensuring that the systems, pro ce dures and culture of an organization are handled i n such a w a y as to explo it oppo rtuni ties for exchange and re-use o f information, whether internally or ex t e rnally. Interop e rabilit y can be r ealized at vario us levels, including: (a) Level 1: Technical int e roperability: A communication protocol exists f or swapping data among par taking systems. On th is level, a communication infrastructure i s recognize d allowing systems to exchange bits and bytes, and the original networks and protocols are clearly defined. (b ) Level 2: Synta ctic interoperability: A g eneral pr otocol to structure information is added. The f ormat of the information exchange is defin itely defined. For instance, a c omma encl ose d f ile exchange, or the XML synta x . (c) Level 3: Se mantic interoperability: A general information exc hange reference model is added. On thi s level, the meaning of the d a ta is s ha red and clearly defined. Highe r levels of i nteroperability may comprise pragmatic, dynamic, conceptual, legal, international interoperability. 3.2.1. New Ze aland Education Se ctor Architecture Fram ework Education Sec tor Architecture Fr a mework (ESAF) for New Z ealand Government is the example of semantic in teroperabili ty and it covers verti c al integration system. The New Zeala nd Education Se ctor contains various organizations. These organizations sp rint their IT systems autonomously to execute t heir intention, th ey also t eam up and share a significant amount of information to ma ke th e Education Sector f unction all t og ether. F or exa mple: (1) A student moves to a new school. The student’s d ata moves to the IT system of the new school; (2) Schools send their enrolm ent data to the Ministry of Educa tion; ( 3 ) Ne w Zealand Tertiary Education Commission (TEC) shares the cour se register with providers and o the r agencies; (4) The Ministry provides t he latest education provider in forma tion (5 ) New Zealand Qualif ica tion Authority (NZQA) r e ceives assessment tests and returns t es t results. Basically, semantic interoperability is realized, as: (a) date exchange partners have a recognized common tho ug htful of their mutual data, and (b) data exchanges remain to that common understanding. The Sector’s stated idea for semantic interoperability is to create a sector data model that describes shared sector data so that sector participants can offer, manag e access and r ealize t he data. Semantic interoperability is v ital to the Education Sector‘s performa nce. 3.2.2. Need for an open s tandard methodology The t rans formation of any sem a ntic model into XML requires a docume nted and proven methodology in order to: (a) tran sform over and over a ga in a nd traceably; (b) insist on reprocess and fulfillment; (c) d e sign according to a reliable X ML standard and (d) progress with suitable versioning in place. De ve loping a national semantic model, the New Zealand Education Sector Data Model (ESDM), is time-consum ing. The New Zealand Edu cation Sector has analyzed various op tions, and then selected a semantic interoperability solution. The solution amalgamates c ompatible open standards to the greatest extent possible, maximizing e-GIF fulfillment and thus interoperability in a broader sense. Customizations have been kept to a minimum. T his described solution is s uitabl e for any other s ector or industry in a similar situation. The so lution selecte d by the New Z e aland Education Sector comprises several compone nts such as: (1) Custom semantic model; (2) XML architecture; and ( 3) Model dri ven architec ture. The components of New Zealand Education sector is di sc ussed as follows: (1) Custom semantic model: In the a bsence of an a ppropr i ate global se mantic model for Educa tion, the New Zeal a nd Education Sector has decided to develop i ts own semantic model, the New Zea l a nd ESDM. Act appropriate to e- GIF, the Unified Modeling Language (UML) class diagram is the preferred modeling d eta ils for ESDM. ESDM currently defines over 300 class e s, 900 attributes, 3 00 associations and 100 generaliza tio ns, a nd i s rising. T he selected design methodology and standard defines the: (a) Naming standard, this i s based on ISO 111 79- 5; (b) allowable data t yp es, which are based o n UN/CEFACT data types. ESDM could easily be put back with either further sem antic d ata model t hat complies wi th the above standards, making International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 127 this solution very convenient. (2) XM L architecture: The preferred design met hodology and standard defines the XML archit e cture. There are two types o f XML documents: (1) XML Instance Do cume nts: These documents contain actual data; and (2 ) XML Schemas: These schemas de fine allowable XML constructs. Further, the XML Schemas are divided i nto: (a) XML Document Schemas: These docume nts schemas define allowable structure and content of a XML instance document; (b) XML Library Schema: This defin es the pool of reusable XML compone nts. The XML architecture enables reuse of XML co mpone nts. In addition, it allows the methodology to r e strict XML document schemas to be composed of pre-defined and thus approved li brary components only. (3) Model-driven architecture: The UML semant ic data model is the maste r source for shared and agreed understanding of the meaning of data. X ML Schema mod els ar e derived fro m the UML master model, and used to generate XM L run-time s chemas, which are ne v er modified straightforwardly. The model-drive n archi tec ture enables: ( 1) standard compliance checking; (2) naming compliance checking; (3) UML vs. XML consistency checking; (4 ) change logging ; (5) usage re ports; ( 6) Imp act analysis; (7) version control; (8) XML schema code generation. 3.3. Conceptual Ove rview of Digital Government Interoperabil ity Fr am ework The secti on o f this paper in troduce s e xa mples o f int eropera bility frameworks adopted b y electronic (or digital) Government leaders for addressing i nteroperability. In this pape r, w e have prese nted conceptual overview of interoperability frame work . The fo llowing interoperability frameworks are off e red such as: (1) European Interoperability Fra mework (EI F); (2) Ne w Zea l a nd e-Government Interoperability Fra mework (NZ e-GIF); (3) The Hong Kong SARG Interoperability Framework, and (4) e-Government I nteroperability Framework (e-GIF). For each of them, the follo wi ng items are depicted: (a) name; ( b) source i.e. person or or ga nization accountable for i ts publica tion; (c) solution type ; (d) aim; (e) description; (f) proce ss i.e. whether the solution includes a process for managing its co ntent; and (vii) interoperability support – concise e va luation of the support provided by t he soluti on to technical, organizational and semantic interoperabilit y. 3.3.1. Europe an Interoperability Fr amework (EIF ) Name: Europea n Interoperability Framework (EIF) Source : EIF was published by the Interoperable Delivery of European e-Government Services to p ublic Administ rations, Businesses and Citizens [37] [2]. IDABC i s a society pr ogram run by the European Com mission's Directorate-General for Informatics. Solution Type: Interoperability F ramework Aim: EIF focuses on enhancement, rather t ha n substitute, national i nterope rability guidance b y adding together the pan- Europea n di me nsion. It defines a set of recommendations and guidelines for elec tronic (or digital government) governme nt services, in order that public administrations, enterprise s and citizens can cooperate across borders in a pan-European perspective. Description: E IF defines generic standards a nd provides recomme ndations on all three types o f interoperability for European e-Government [38]. The framew ork defi nes thr ee i nterac tion t ype s in the general form of interoperability: (i) direct interaction between citizens or enterprises o f a membe r state with administrations of other membe r states and/or European institutions; (ii) exchange of data between administration s of differe nt member states; and (iii) exchange of data between various European Union (EU) Institutions/Agencies, or b e tween an EU Institution/Age ncy and one o r more administrations of the member states. Tangible of fe rs are provided for dealing with the three phases of interoperability within t he EU. Recommen dations for technical i nteroperability includes: 1) a common guideline to be based on open standards; 2 ) front-office technical int e roperability to include data pr es entation and exchange, multi-channe l access, fil e types, document formats and ch a racter sets; 3) back-office t e chnical interoperability to include EDI- and XML-based standards, Web Services, data integration and mid dlewa re, services for message-sto rage, m essag e transport and se curity, network se rvices, dir ecto ry and domain name services, dist ributed application archit e cture, and ma ilbox a ccess; 4) guidelines for t e chnical multilingualism, including ma c hine tr a nslation software, facilities for citizens and endeavors to submit r e quests in their own language w hen achievable, and a totall y multi-lingual top-level E U portal interface. Recomme ndations for organizational in teroperability com prise: 1) rec ognition a nd prioritization o f services provided at pan-European level to be together indomitable by International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 128 participate administrations via demand-driven approach; 2) ag reement on t he necessary business interoperability i nter faces (B II ) through which business processes of pu blic administrations will be able to int eropera te; 3) f ormalization of the expectations of several public adm inistr a tio n s contributing to the prov iso of a pan-European elec tronic (or digital) gov ernment service . Recommenda tions for sema nti c interoperability include: 1) public ation of information on the data elements to be exchanged at t he n a tion a l level and agreement on the data dictionary and multilateral mapping tabl e s based on cen ter pan-Europea n electronic government data eleme nts; 2) Pan- European sy nchronization of linguis tic traces of specific leg al voc abularies used i n delivering services; and 3) developme nt of common semantics bas e d on XML vocabularies and considering the agreed core electronic government data elements, and the provisio n of specific European sche mas and definitions through common infrastructures. Process: The Framework does not offer progression support. Interoperability Support: 1) Technical – EIF provides support f or technical interoperability. For instance, the technica l recomme ndations depicted above. 2) Organizational – EIF provides support for organiza tio na l interoperability, such as, t he organizational recommendations explained above. 3) Semantic – EIF identifies foremost semantic i nteroperability issues and provides guidelines for addr e ssing them at the Pan-Europea n level. It covers up ar eas such as conformi ty on data dictionaries connected to pan-European services, and approval of common semantics as basis for XML terminology. Additionally, EIF supporting docume nts, s uch a s t he sem antic interopera bility strategy describing semantic assets - such as d ictionaries, mult i-lingua l thesauri, cross- references and mapping tables, ont ologie s and services; p rovide both guidelines and strategies for planning and implementing se mantic interoperability to support pan-European electronic (or digital) governme nt services. 3.3.2. New Ze aland e-Government Interoperability Fr a m ework (NZ e-GIF) Name: New Zeala nd e-Government Interoperability Fram ework (NZ e-GIF) Source : St a te Services Commission, Governme nt of New Zealand Solution Type: Interoperability F ramework Aim: NZ e-GIF offers a t e chnological structure b a sed on a cov e red model for organizing I T standards. The fundamental principle is straightforwardness, ac hieved by separation of fu nct ions into levels . Description: NZ e-GIF [ 39] documentation consists of three documents: (i) Standards -focuses on the standards defined by GIF; (i i) Policy – explain the policies behind electronic (or digital) government interoperability framework and its development; and (iii) Re sources – contains resources related to electronic-GIF. NZ e-GIF encompasses four structural layers such as: network, data i nteg ration , business services, and access and presentation. Applying to all t he se layers , it delineates: security, best practice, electroni c (or digital) gove rnment s e rvices and web services co mponen ts. Additionally , un de rneath all t hese lay e rs i t i ncludes t wo more compone nts s uch as: management and gove rnance. 1) Network – standards for data tr a nsport. For e xample, standards are provided for network protocols, directory protocols, file transfer protocols, mail transfer protocols, and others. A subset of the broadly used Internet protocol suite is used. 2) Data Integr ation – standards f or enabling data excha nge b e tween hete rogeneous s yste ms and data analysis on receiving systems. For instance, standards are provided for character sets, structured data, file c ompression, file archiving, e tc. 3) Business Se r vices – standards for specifying how data is mapped into usable bu sine ss information and hence assigned meaning. For i nstanc e, standards are provided for discove ry of meta-da ta, namespaces, name and address, customer relationship, directory services, digitization, statistica l data and metadata, e-learning, di rec tory services, business reporting, etc. 4)Access and P resentation - principles an d rules casing t he right to use and awarding of business systems. For example, standards are provided for website presentation, web design and mainte nance, forms and authentication. 5) Security – standards at various levels reflecting the i dea t hat se c urity needs to be designed into the sys tem, and not added as a l ay er on top. For example, standards are provided fo r data integration, we b services, business services, public key infr a structure (PKI), among othe rs . 6) Best P ractice – standards publi s hed in this component do n ot ensure i nterope rability; t hey offer an approach for ma naging and understanding the contex t of in forma tion exchange. 7) Electronic (or digital) government Se rvices – infrastructure components provided by the International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 129 vital coordination o ffice for their use by government agencies. 8) We b Services – set of uniform purpo s es to mi x web-based applications. For instance, standards are provided for discovery, description, access , mes s aging, security, and compliance . Process : A proce ss unfolding life-cycle of standards is int eg rated. Interoperability Support: (1) Technical – The framework provides support for technica l interoperability. For instance, t he standards provided at the network and d ata int e gration layer and those included i n the security and web services component. (2) Organizational–No support for organizational i nteroperab ility is provided. (3) Sema ntic – Partial support is provided for seman tic interoperability. 3.3.3. The Hong Kong SARG Interoperability Fram ewor k Name: The HKSARG Interoperability Framework Source : The HKSARG In teroperability Framework w as publi she d by the Interoperability Framework Co ordin a tion Group, Governme nt of Hong Kong SAR. Solution Type: Interoperability F ramework Aim: The H KSAR G Interoperability Fram ework supports the government’s strategy of providing client-centric-joined-up services by making possible tec hnical interoperability for government to gov ernment and government to public interactions [40]. Description: The HKSARG Interoperability Framework off ers a technical specification t o enable conversational interaction amongst government applications i n a message-based, open environme nt. The technical standards proposed by the framework are g rouped into high-level categ ories referred a s int e roperability domains. Under these domains, sev eral interoperability areas are defined. A descr ip tion of the domains and t heir relevant areas are fo l lows: (1) Application Integration – specifications enabling application-to-application int e gration. The following areas are defined such as: simple functional int eg ration in an open environment ; reliable message exchange between application systems in and open environment for business docume nt-oriented collaboration; and secure exchange of messages within web services environme nt. (2) Information Access and exc hange – provision for file exchange , character sets and encoding. Some of t he domain areas incl ude: hypertex t web content; client-s ide scripting; mobile web con tent; e-mail format; e-mail security; audio and video streaming; and document fil e type for content publishing. (3) Security – specifications enablin g t he secure exchange of info rmatio n. Some of the do m ain ar eas include: IP network-level security; transport-leve l security; symmetric a nd as ym metric encryption algorithms; and digital signature algorithms, among ot hers . (4) Interconne ction – spe cifications enabling communication between systems . T he province regions encompass: e-mail transport; mail box access; hypertext transfer pr otocol; di rec tory name service; dom ain name service; file t ransfer; LAN/WAN networking; LAN/WA N tr a nsport protocol; wireless LAN; wir e less LAN security; and mobile device Internet access. Mo re o ve r, the HKSARG Interoperability Framework describes the government networ k architecture (GNA). GNA specifies the orga nization and relationships between components of the government’s IT infrastructure. The infrastructure compone nts include: departme ntal networks (DN s), commons services (CSs ), external access gateways (EAGs), and the government backbone n e twork ( GNE T). GNA is depicted in Figure 1. Process: The Framework does not offer process support Interoperability Support: (1) Technical – The framework pr ovide s sup port for technical interoperability, bas ically ar ound a set of core standards, such as: XML, SOAP and WSDL. (2) Organiza tio na l – The fr am ework does not provide support f or org anizational i nte roperability; yet, it is thought-out to be integ rated in original releases. Examp les of to pics to be added are: homoge ny of i ntra- government workflow and business pro cess ma nagement, a nd two categ ories of business processes su ch as public and priv ate processes. (3) Sem antic – The framework doe s not grant hold up for sema ntic interoperability. Standards for contents and resource description languages are measured f or pr ospec t embracing. In rising f uture semantic interoperability support, the experiences of the U nited Kingdom, Australia, and N ew Zea l a nd Governments will be well thought-out. International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 130 Figure 1 : HKSARG In terop e rability Framework- Governmen t Network Architecture Source: http://www.ogcio.gov. hk/eng/infra/download/s18.pdf 3.3.4. E-Governm ent Interoperability Framework (e-GIF ) Name : Elec troni c Government Interoperability F ramework (e-GIF) Source : e-GIF was published by e-Government Un it, Cabinet Office, Government o f United Kingdom. Elec troni c -GIF first release was published in Septembe r 2001. Solution Type: Interoperability F ramework Aim: The aim of e-GIF i s to allow th e faultless f low o f i nforma tion diagonally go ve rnment or public se rvice organizations. Description: e-GIF is structur e d in two main components [41]: (1) Electronic (or digital) government interoperability fr a mework (e-GIF) covers up- high-level policy statements, technical policies and management, and rules for accomplishme nt and execution. (2) El e ctronic-GIF Registry – covers up the electronic government metadata standards (e-GMS), and gove rnment category l ist (GCL), t he government data standards catalogue (GDSC), XML schemas and the technical standards c atalogue (TSC). Process: e-GIF defines stakeholders’ farm duties and functions for executing and preserves the framework. Additionally, it d e fines governance a nd working structures for running and developing interoperability- related issues. Some exem plar of these struct ure s in c lude: (a) senior information technology for um – responsible f or addressing joi nt issues all ied with possession and implementation of government IT proj ec ts; (b) interoperability working group – responsible for e-GIF definition and maintenance; (c) government schema group –responsible f or setting the spec ifications for and harmonize the production of XML schemas for use across the public sec tor; and others. Interoperability Support: (1)Technical – The framework supports technical interoperability, by defin ing a set of tec hnical policies and specifications governing information f lows across government and t he public sector in ge neral. (2) Organizational – T he framework offers controlled support to orga n iza tional i nteroperability . Such as, it provides plan for multi-cha nnel release of publi c services. (3) Semantic – e-GIF i n some measure suppor ts semantic interoperability. Such as, it offers the electroni c gove rn men t metadata standard (e-GMS) which indicates how p ublic sec t or bodies in the United Kingdom sh ould label content, f or example, web pages and docume nts so that m ake such inf ormation easily manage, discoverable and shared. It also provides guides for semantic specification of electronic data interchange and messaging services. To fi nish, we can able to comprehend that vertical integration desires s emantic and technical interoperability among communica ting entit y. Semantic interoperability also requir e s te c hnical i nteroperability. In a nutshell, semantic interoperability is the capability of s oftware systems (for i nstance, server) to make sure a International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 131 consiste nt (or u pright) understa ndin g of shared infor mation across numerous organizations (government or private). This ou tlin e of interoperability permits systems t o significantly exchange and use information rece ived f rom wide-ranging sources b ased on pre-defined agreeme nts (su ch as, predefined trust or predefined rank) followed by the communica tin g parties (such as, security personnel and government intelligence department). In the fo llowing section, we h ave offered a role and coop era tion based secure informatio n sharing appro a ch for security personnels t o provide homeland security of every modern digital government. The proposed approach i s well-matched to semantic interoperability framework and the security approac h covers up vertical integration method. The det a ils implementation of this security approac h is talked about in the following Section 4. 4 . S E CU RE I NF OR MA T IO N S HA RI N G S E CU RI T Y A PP R OA CH F O R S EC UR IT Y P E RS ON N ELS Governme nts must keep in trust the critical asset, go ve rnment i nformation and manag e it effectively. A greater priority must be given by government organizations at all levels for the exchange of in forma tio n and data between and amidst it s trusted partners. Information must be leverage d and assisted by coordinated and integrated soluti ons so as t o meet the i ncre asing needs and ser v ice requirements. The current “stove piped” environme nt has hindere d t he information sharing or exchanges amo ng t he agencies , the central governme nt and the local jurisdictions. T he lack of common data vo cabula ries for government i ntellige nce d epartments has made information sharing with them bot h co stly a nd complicated. Despite th e f a ct th a t some improvement has been made, to spec ify h ow information s haring res ponsibilities and relationships, including proper central incentives will advance this t a sk, more endeavors are needed [6] . Building secure information sharing mechanisms for security personnels i s not trivial because security personnels worry that their intere sts may be jeopardized when they share information w ith gov ernment de partments that are dealing w ith security [13]. The primary motivation behind t his r e search is th e design of well-org anized and secure inf or mation sharing security approach for securely e xcha nging confidential and top secre t information among security personnels and government int e lligence departments. Although the proposed approach is no n-privac y-preserving, it assures paramount confidentiality and aut hentication in information transfer for both t he security personnel a nd the target government departments. In general, the s ecurity personnels obtain secret information about sus picious persons and their activities fr om the government int e lligence agencies. D uring t he ex change, if the information is hacked by somebody, the security personnel’s further actions wi ll go wr ong , which leads to a critical i ss ue. This d emands an efficient and s e cure approach that offers co nfidential and authenticated in formation sharing without crea tin g any issues and pr oblems to security. Furthermore, there is a chance t hat the target go ve rnment depa rtment may pro vide complete confidential information about a person to all t he security personnels, which would affect the privacy of that person and leads to i nformation leakage . The above case cannot be entirely averted in a non privacy-preserving approach but could be controlled by permitting information transfer based on th e security pers onnel’s rank. In the presented appro a ch, the credibility of information shared is based on the grade or rank of t he security personnel. A master contro l is established in t he proposed security approach to monitor and control the information exchange between the security personnel a nd the g overnment intelligence departments. The pro posed secure information sharing securit y approach r equires the f ollowing: a) The publ ic key of the security personnel, the master control and t he communicating departments b) A unique and complex m ap ping function to u ni quely identi fy the security personnels, t he master control and the communica ting int e lligence department. The security personne ls, the master control and the commun icati ng government intelligence departments attain their public and private keys from a trusted Certificate Authority (CA). The chie f steps involved in t he pro posed information sharing security a pproach are presented in the following sub-sec tions A. Steps in the propos ed security approach at the s ecurity p ersonnel side 4.1. Structuring of the security personnel’s query The sec urit y p e rsonnel sends request for some secret information abou t susceptible persons and their suspicious activities to the go vernment in telligence departments. I t is t h e d uty of the security personnel to transmit the request in an unintelligible possibly encrypted manner such International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 132 that the hacke rs cannot extract any valuable information or alter the i nformation in t he request. The structuring of the s ecurity personnel’s request involves the foll ow ing steps: (1) A random number RV is elected and encrypted using the sec urity personnel’s public key Pub S K . This encrypted random number RV E will be used t o verify if the response corresponds to the a pt security personnel’s reques t. Pub S k RV RV Enc E ] [ = . (2) After that, a set of random values R are chosen and t hey are combined with the encrypted random numb er RV E and the request to obtain the Data SE . The random values set R will be utilized in the valida tio n of the identity of the target gove rnment department. [ ] Query R E SE RV Data + + = (3) With the help of the MD5 Algorithm, the has h valu e v H is computed from the Data SE . [ ] Data v SE MD H 5 = (4) The security personnel’s request is t he n encrypted with the target government department’s public k ey in order to avoid others f rom hacking or altering the r eques t. As the request is encrypted wi th the target department’s public key , it can b e d ecry pted and viewed only by the target departme nt. [ ] Pub R k Query Enc S Query = (5) The hash va lue v H , the set of random va lues R and the enc rypted request Query S are combined and enc r ypted wi th the security personnel‘s pr iva te key i S K Pr to obtain Data SA . The encryption with the sec urity personnel’s private key genuinely authenticates t he security personnel’s reques t. [ ] i S k v Data H Enc SA Pr Query S R + + = (6) The encrypted random number RV E and the obtained Data SA are combined and encrypted with the pu b lic k e y Pub C K of the maste r cont rol to form the s e curity personnel’s request msg S [ ] Pub C k Data RV msg SA E Enc S + = The str uc tured security personnels’ reque st msg S contains the encrypted random number RV E , and t he obtained Data SA , all encrypted with the master control’s public key Pub C K . Now, this structured request msg S is transmitted to the mas ter control. B. Steps in the proposed security app roac h at the Master Control 4.2 Validation of the sec urity per sonnel’s request On receiving the r equest from the security personne l, the master control must authent ica te t he security personnel followed by validating the integrity of the security personn e l’s request. Then, the master control will add its identity to the request and send th e same to the target gove rnment departme nt. The steps invol ve d in the i nteg rity c hecking and authentication of t he security personnel’s request a re as foll ows : 1. The request from the sec urity personnel msg S is first decrypted using the master cont ro l’s private key pri C K . Since t he secu ri ty personnel’s original r e quest is e ncrypted with t he public key of the targe t governme nt department, it couldn’t be vie wed by the master contr ol. As the private key is the secret property of the intended targe t, the target i s assured that no one else can decrypt the reques t. [ ] i C k Msg msg S Dec SC Pr = 2. The msg SC obtained from the above step contains Data SA and RV E . The Data SA is afterward decrypted by means o f the public key Pub S K of the security personne l. The successful } , , , , { 3 2 1 n r r r r R L = International J ournal of Comp uter Science & Information Technol ogy (IJCSIT), V ol 3, No 3, June 20 11 133 decryption confirms that t he request h as started off from the claimed s ecurity personnel. [ ] Pub S k Data msg SA Dec SC = ' ; [ ] v Query RV Data H S R E SA + + + = The ' msg SC , encloses the set of random value s R , th e encrypted random number RV E , t he encrypted req uest Query S as well as the hash value v H . 3. Then, the set of random va lues R , the encrypted reques t Query S and the hash va lue v H are united and encrypted using t he master con trol’s private ke y i C K Pr to obtain Req C . [ ] i C k v Query H S R Enc C Pr Req + + = 4. Consequently, the maste r control forms ' Req C by combining the encrypted random number RV E and the formed Req C and afterward en crypti ng them with the public key of t he t arge t departme nt Pub R K . As a final p oint, the formed ' Req C will b e sent t o the targe t department. [ ] Pub R k RV C E Enc C Req ' Req + = . C. Steps in the pr oposed s ecurity approach at the Target Department 4.3. Validation of the r equest by the Target Department After receiving th e security personnel’s request from t he master cont rol, the target department must authenticate the master control a nd th e s ecurity personnel f ollowed by validating the integrity of the security p ers onnel’s r eque st. The st e ps i nvolve d i n the above pr oc esses ar e a s follows: 1. The request ' Req C received from the master control is first de cry pted wit h the pri vate ke y o f the target department to obtain msg R . The msg R , consists of t he encrypte d r andom number RV E and the Req C . [ ] pri R K q msg C Dec R ' Re = , q RV msg C E R Re + = 2. After that, the Req C is decrypted by means of the public key of the master control to achieve ' msg R . The ' msg R , contains the set of r a ndom values R , the encrypted r equest Query S and the has h value v H . [ ] Pub C K q msg C Dec R Re ' = ; Therefore, V Query msg H S R R + + = ' 3. Then, th e genuine query from the securit y personnel Quer y S is decrypted th rough the target departme nt’s private key, whi le Query S is encrypted wit h the publ ic key of the target departme nt. [ ] i R K Quer y msg S Dec R Pr " = 4. Subsequently, the set of random values R , the gen uine query ' ' msg R and the encrypted r a ndom number RV E are uni ted and their hash v alue v H is worked out with the aid of the MD5 algorithm. ] [ 5 ' msg RV v R R E MD H + + = 5. If the hash v alue v H computed from the above step and the hash value v H prese nt in t he security personnel’s r equest are identical, it guarantees that the r eques t has not been t ampered during the transfer. then H H If v v == , red not tampe is Query , else tampere d is Query , if end International J ou r nal of Computer Scie nce & Information Te chnology (IJCSIT) , Vol 3, No 3, June 20 11 134 4.4. Structuring of re spons e to the Security Personnel’s query After successful valida tion of the security personnel’s request, the target departments will outward appearance r esponse fo r t he security personnel’s query. The steps in volve d i n structuring the res ponse are as follows: 1. Th e target department’s database i s scrutinized on c e to achieve the rank or grade of the security p ers onnel, from whom the request st a rted off. The rank o r grade signifie s the level o f security personnel, and it fixes on the credibility of the in formation th a t must be given to the security personn el. 2. The encrypted random number RV E in the security personnel’ s request will be kept as such in the response. 3. A ma pping function fn M , outstandingly defined between th e c ommunicating parties is retrieved from the target department’s dat abase . For each security personnel, there is a unique mapping fun c tion i n the targe t department’s database. Afterward, the acquired mapping function is applied on the set o f random values R in the security personnel’s request to attain mapping value val M . Afterward, its sine value is computed and represented as val M ' . ) ( R M M fn val = ; ) ( ' val val M Sin M = Where } ,....., { . 3 , 2 , 1 n r r r r R = and /} ,*, , { − + = fn M 4. Later, the t arge t d e part m ent determines t he amount and credibility of confidential information to be shared with the security personnel on t he basis of the security personnel’s rank or grade obtained from Step 1. 5. The response corres ponds to the security personnel’s request; the designed mapping value and the encrypted random number RV E are united to form Data RE . [ ] Answ er M E RE val RV Da ta + + = ' 6. With the aid of the MD5 Algorithm, t he hash value v H is premeditated from the Data RE [ ] Data v RE MD H 5 = 7. The r esponse matches up to t he security personnel’s r e quest is afterward encrypted b y means of the public key of the security personnel Pub S K , in order that i t can o nly be sighted b y the sec urit y pe rsonnel. [ ] Pub S k Answer Enc S Answer = 8. The encrypted response Answer S , the encrypted r an dom number RV E , the mapping v alue val M ' and th e hash value v H are combined and encrypted with the master control’s public key Pub C K to form s R Re . Las tly, the formed s R Re will be se nt to the master c ontrol. [ ] Pub C k v Ans wer val RV s H S M E Enc R + + + = ' Re D. Steps in the pr oposed s ecurity approach at the Master Control 4.5. Validation of Tar get Department’s Response by the M aster Control On re ceiving response from the target department, the master control must ma ke certain the following: 1) integrity of the target department’s response 2) The response originated from the true o r intended target (Au thentica tion). The steps con c erned in the above processes are a s follows: 1. The t a rget department’s response s R Re is fi rst decrypted with the master control’s private key i C K Pr , which reveals the encrypted random number RV E , mapping valu e val M ' , the encrypted response Answer S and t he h as h value v H . [ ] i C k s msg R Dec RC Pr Re = ; v Answer val RV msg H S M E RC + + + = ' 2. The mapping value is recomputed at the master control r e gion and evaluated wit h t he mapping value pre sent in the response t o m a ke sure t ha t the r esponse came fr om the intended target departme nt. then M' M' val v al = If response th e forward and valid is target The , else esponse r the Disc ard if end International J ou r nal of Computer Scie nce & Information Te chnology (IJCSIT) , Vol 3, No 3, June 20 11 135 3. After t he validation of the intended target, t he encrypted response, the encrypted random number, mapping value and the ha sh value are united and encrypted with t he public k e y of the security personnel Pub S K and is sent back to the security personnel. [ ] Pub S k v Answer val RV msg H S M E Enc CS + + + = ' E. Steps in the proposed sec urity approach at the security personnel side 4.6. Validation of Tar get Department’s Response by the Sec urity Personnel On the reception of the response fr om the master c ontr ol, the security personnel mus t m ake sure the follo wing: 1) integrity of t he target dep a rtment’s response 2) The response or iginated from the true o r intended target (Authentication). 3) The response corresponds to the apt r eque st of the sec urit y pe rsonnel. The steps concerned in the above processes are as follows: 1. The received response msg CS is first decrypted by means o f the security pers onnel’s private key i S K Pr . [ ] i S k msg s CS Dec S Pr Re = 2. The response is established f or its integrity by computing the hash value and compares it by means of the has h value from the target department. ] ' [ 5 Answer M E MD H val RV v + + = then H H If v v == tampered not is ormation inf tamp ered is orma tion inf if end 3. The encrypted random n umber in th e target department’s res ponse i s d ecrypted by means of the private key of the security personnel i S K Pr to make certain that the response is valid for the reques t prepared. ) ] D ec[E (RV Pr RV i S K if == , valid is response T he , if end 4. After assessing all the paramete r s in the target departments’ response, the security personnel think about it as a v alid response from the valid target departme nt. The bl ock diagram in Figure 2 shows t he steps in v olved i n the va lid a tion of target departme nt’s response by the security personne l. Figure 2 : Validation of Tar get Department’s response by the Security personnel else International J ou r nal of Computer Scie nce & Information Te chnology (IJCSIT) , Vol 3, No 3, June 20 11 136 All the ab ove steps guara ntee that the proposed role and co operation based approac h is effective in providing con fidential, authent ic ated a nd s ecure information s haring . Further communications bet w een the security personne l a nd the government intelligence departme nts follow the a pproach discussed above. 5 . E XPE RI M EN TA L R E SUL T S The r esults obtained from the experimenta tion on the pr oposed secure informa tion sharing security approach are presented i n this section. T he pr esente d role an d coll a bo ra tio n based information sharing security approach is p rogrammed in J av a (JDK 1.6). The results acquired from t he experiments show that the presented approach provides effective and secure information sharing for sec urity personnels and t he government intelligence departments. The master contr ol i ntroduc ed in the proposed approach improve s t he s ecurity o f infor ma tion sharing by monit oring a nd controlling the information excha n ge d stuck between the sec urity personnel and the government intelligence departments. T he process started wit h a request for confidential i nformation about a person, by utilizing t he te c hniques of has hi ng, a uni que mapping f unction and pu bl ic key cryptography. The master control scrutinized and controlled both the request and re sponse fr om the security pe rsonne l and t he government intelligence departme nt. The target department after a securit y verification responded with the appropriate information on the basis of the grade or rank of the security personnel. T he information shared will be a compartment of the info rma tion obtainable wit h the target department based on the grade or rank of the se curity personnel. Below, Table 1 depicts the r es ults obtained fro m the experime ntati on on the proposed secure information sharing security approach using reproduction data. From the Table 1, it is clear that the ex tent of information s hared between the communicating parties d ep ends on the r ank or grade of the security personne l. In Tabl e 1 t he field Obtainable Information includes the secre t information about th e persons and their suspicious activities, whic h has been c ompose d ove r long peri ods of time a nd the f ield rank o r grade base d shared I nformation comprises th e information shared stuck between t he security personnel and the government intelligenc e departme nts. The anticipated security approach l ucra t ive ly conserved the privacy o f th e person whose informati on is exchanged stuck between the communicating parties. ( See Table 1 ) T ABLE 1: RESULTS OF EXPERIMENTATI ON Security Personnel Govern m ent Intelligence Department Unique Identifier Obtainable Information Grade-based shared infor ma tion SP1 Intelligence Bureau (IB) 1 {23,37,39,43,38, 37,24,38,35,29,40,31, 33,76,48,21,52,67, 52,71,49,26,15,38,24} {37,24,38,35,29,40,31} SP1 Central Bureau of Investigation (CBI) 2 {39,33,46,56,74, 46,49,50,59, 14,6,18,29,43, 67,45,69,58,60} {14,6,18,29,43} SP1 Narcotics Control Bureau (NCB) 3 {39,35,42,57,65, 49,52,64,77,87,90, 78,64,59,73,75,68, 13,17,19,24,29} {49,52,64,77,87,90} SP2 Central Bureau of Investigation (CBI) 1 {19,17,36,14,23, 35,47,34,63,31,22,40, 19,12,26,18,13,17,27, 46,23,25,18,29,30} {19, 12, 26, 18, 13, 17} SP2 Criminal Investigation Department (CID) 3 {62,68.65,54,57, 34,31,30,28,26, 7,16,13,27,29, 44,47,54,52,39} {7,16,13,27,29} SP3 Criminal Investigation Department (CID) 3 {62,68.65,54,57, 34,31,30,28,26, 7,16,13,27,29, 44,47,54,52,39} {44,47,54,52,39} SP3 Intelligence Bureau (IB) 2 {15,9,17,28,30, 85,31,17,49,27,32,46, 26,23,25,28,22,29,30, 12,7,19,13,28,31} {12,7,19,13,28,31} International J ou r nal of Computer Scie nce & Information Te chnology (IJCSIT) , Vol 3, No 3, June 20 11 137 SP3 Narcotics Control Bureau (NCB) 1 {11,26,33,15,17,45, 13,17,18,28,24,.32, 7,48,26,45,76,82, 37,21,28,17,19,25} {13,17,18,28,24,32} SP4 Central Bureau of Investigation (CBI) 2 {39,33,46,56,74, 46,49,50,59, 14,6,18,29,43, 67,45,69,58,60} {39,33,46,56,74,46,49,50,59} SP4 Intelligence Bureau (IB) 1 {23,37,39,43,38, 37,24,38,35,29,40,31, 33,76,48,21,52,67, 52,71,49,26,15,38,24} {37,24,38,35,29,40,31} 6. C ONCLUSI ONS This paper port ra ys the conceptual o ve rview and pre requisite of vertical int eg ration , sema ntic interoperability and technical interoperability. This paper also depicts the d etails conceptua l overview of int e roperability framework architecture for digital government of diverse country in this world. Information giving out and integration are being contemplated as the nearly all ever more acce pted methodolo g ies by governments in the region of the world, for resolving probl e ms in a wide assortment of pro g rams and tactic regions. Vertical information integ ration necess itates semantic interoperability. In ad diti on, se mantic interoperability nee d s technical interoperability f or speaking t o wi nn ing i nteroperab ility among di fferent department of severa l digital governments. Secure inf orma tion giving out and integra tion among dif ferent system is required to improve t he digital governme nt performance. A s a result i nfo rmation giv ing out and integration is the fo remo st i ss ues for flourishing every digital government system. With the intention of share and integrate t he i nformation in protecte d manner, a role and coopera tion based se curity approach for security personnel is offered in this arti c le. Secured informa tio n swap over is a noteworthy attrib ute of ev ery digital government that wants to promise autonomous eth ics. Challenges in construction a computatio nal infrastructure for excha nging furtive inf orma tion is thorny to work out and stipulate n ov el spur schemes. In this paper, we have of fered an e fficient r ole and collabor a tion ba sed loom f or confi de ntial sharing of se cret information amid security p ersonnels and go ve rnment departments. The proj e cted secure information sharing security approach has offered confidentiality, authentication, integrity, and agency confirmation by utilizing MD5 Algorithm, public key infrastructure and a unique and complex mapping function. As well, on the basis of a predefined grade or rank of security personnel, a restricted pr ivacy is maintained between t he security personnel and government intelligence departments. The usefulness of the prop ose d s ecurity approach has been recognized with the aid of expe rimental results. In conclusion, this proposed security a pproach will work in coope ration intra-organizational o r inter-organizational department among security personn el and government i ntellige n c e department to offer homeland security plus to minimize the criminal activities in s ide the country under digital governmen t environment. Finally , the proposed security approach will show t he way to vertical informatio n integration approach and diverse interoperability ap proach for every modern digital gov ernment. A CK N OW LE DG EM E NT S I would li ke to thank Dr. G.K. Pradhan, Dr. Sanjay Biswas, Dr. Puthal, Dr. Mishra, Dr. B.B. Prdhan, Dr. Ashna A njume and my father Md. Idrish as well as mother Ash ma. R E FER E NC ES [1]Digital G overnment, “Direct o ra te f or Compute r and Infor mation Science a nd Engineer ing Division of Experimental and Integrative Activities”, NSF-02-156 , N ovember 7, 2002. [2]Z. Fan g , “E-Govern ment in Digital Era : Concep t, P ractice, a nd Develop ment”, I nternational Journal of the Computer, the I nternet and Ma nagement , Vol. 10, N o.2, pp: 1-22, 2002. [3]Robert D. A tkinson, "Digit al Government: The Next Step t o Ree ngineering the Federal Gover nment", DC: Progressive P o li cy Institute , 2000. [4]Jane E. Fountain, "P reventing Chronic D isease, public health research, Pract ice, and Polic y ", Vol. 1: No. 4, October 2004. International J ou r nal of Computer Scie nce & Information Te chnology (IJCSIT) , Vol 3, No 3, June 20 11 138 [5]F.Arcieri, G .Melide o , E.Nar delli and M.Talamo, "Exp eriences and issues in the realization of e- government services", Proce edings of the 12th Int'l Workshop o n Researc h Issues in Data Engineering: Engine ering e-Commerce/ e-Business Systems , pp: 1066-1395, 2002. [6] James B. D. Joshi, Arif Ghaf oor, Walid G. Aref and Eu g ene H. Spaff ord, " Securit y and Pr ivacy Challenges of a D igital Government", A dvances in Digital Government–Technol og y , 2002. [7]Guido Bertucci, " M anagin g Knowledge To Build Trust In G overnment", U nited Nations Depart ment of Economic and S ocial Affairs, United Nat ions Publication , New York, 2007. [8]Policy Guideline on Information Shar ing, R oyal Government of Bhutan Minist ry of Information & Communications, Se ptember 2006. [9]Athman Bouguetta y a, Mourad Ouzza ni, Brahim Med jahed, Ahmed Elma garmid, "Supportin g Da ta and Services Access i n Digital Governme nt Environments", 20 02. [10]Fillia Makedon, Ca lliope Sudbor ough, Bet h Baiter, Grammati P antziou a nd Mar ialena Conalis - Kontos, "A Safe Informati on Sharing Framew ork for E -Government C o mmu nication”, IT white paper from Bosto n University , 2003. [11]NASCIO, Call f or Acti o n, “A Blueprint f o r Better Government : T he Information S haring Imperative", Ma y 2005. [12]Rakesh A g rawa l, Ale xandre Evfimievski, Ramakrishnan Sr ikant, " Information S h ari ng Acr oss Private D atabases", In SIG MOD '03: Proceedings of the 2003 ACM SIGMOD international conference on M a nage ment of data , pp. 86-9 7, 2003. [13]Thomas Case y , A lan Har bitter, Margare t Leary, a nd Ian Martin, “Sec u re informatio n sharing f or the U.S. Government”, White papers, Norte l Technical Jour nal, 2008. [14]R y an Lay f ield, Mura t Kantarci oglu, Bha v ani Thuraisingha m, "Ince ntive and Trust Issues in As sured Information Sharing", International Confe rence on Collaborative C omputing , 2008. [15]Theresa A. Pardo, “Collaborati on and Information Sharing: Tw o Critical Capabili ties for Government”, Cen ter for Technology in G overnment, University at Albany Annual R eport, 2006. [16]Nabil Ada m, A hm et Kozanoglu, Aabha s Paliwal, Basi t Shafiq, "Secure Information Sharing i n a Virtual Multi-Age ncy Team En v ironm ent", El ectronic Notes in Theo retical Computer S cience , Vol. 179, pp: 97-1 09, 2007. [17]Hui-Fen g Shih a nd Chan g -Tsu n L i (2006): “ In f ormation S ec urity Manageme nt in Digital Government”, Idea G roup Publishing , Vol. 3, pp: 1054 - 1057. [18]Pen g Liu a nd Amit Cheta .l, “Trust-Ba sed Secure Inf ormation S haring Between Fede ral G ov ern ment Agencies”, Jour nal of the American Society for Information Science and Techn ology , Vol. 56, Issue 3, pp: 283 – 298, 2005. [19]Md.Heada y etulla h, G.K. Pr adh an, " A Novel T rust-Ba sed Infor mation Sharing P rotocol f or Sec ure Communication betwee n Governme nt A g encie s", E uropean Journal of Scientific Research, Vol. 34, No. 3, pp: 442- 454, 2009. [20]Md.Heada y etulla h, G.K. P radhan, "Secure Information Sharin g Between Government Intellige nce Agencies: An Innova tive P rotocol Ba sed on Trust", International Jo urnal of Engineering a nd Technology , Vo l. 1, No. 4, pp: 346, 20 09. [21]Jing Fan, P engzhu Zhan g (2007): "A Conce ptual Model for G 2G I nformation Sharing in E- Government En vironment", 6th Wuhan International Confer ence on E-Business , Wuhan (CN). [22]Xin L., "Distrib uted Secur e Information Sharin g Model for E-G overnment i n China," Eighth ACI S International Conference on So ftware Eng ine erin g, Artificial Intelligence, Netwo rking, a nd Parallel/Distributed Computing (SNPD 2007) , Vol. 3, pp: 9 58-962, 2007. [23]Nabil R. Adam , Vija y Atluri, S oon Ae Chun, John E llenberger, Basit Shafiq, Jaideep Vaid y a, H ui Xiong, "Secure informati on sharing and a nalysis f o r ef fectiv e e mergency ma nagement", Proceedings of t he intern ational conf er enc e on D igital g overnment re search, Vol. 289, pp:407- 408 ,2008. [24]Achille Fokoue, Mudhakar Srivatsa, Pa nk aj Rohatgi, Peter Wrobel, J ohn Yesberg, "A decisi o n support s y ste m f or secure information s haring", Proce edings of the 14th A CM symposi um on Access control mo dels and technolo gies , p p:105-114, 2009. [25]Ravi Sandhu, K umar Ran gana tha n, Xi nwen Z hang, "Se cure inf o rmati on sha ring e nabled by Tru sted Computing a nd PE I models", Proceedings of the ACM Symposium on I nformation, computer and communications security , pp: 2 - 1 2 , 2006. International J ou r nal of Computer Scie nce & Information Te chnology (IJCSIT) , Vol 3, No 3, June 20 11 139 [26]Tryg A ger, Chri stopher Johnson, Jer ry K iernan, "Policy-Based Management and Sharing o f Sensitive Information among Government Agencie s," MILCOM 200 6 , pp: 1-9 , 2006. [27]Gai l-Jo on Ahn, Badrinath Mohan, Seng-Phil H ong, "Towards secure information sharing using role- based delegati on", Journal of Network and Computer Applications , Vol. 30, No:1, pp: 42 - 59, January 2007. [28]Mudhakar Sri v atsa, D a k shi Agrawal, Steffen Reidt, " A meta data calculu s for secure information sharing", Procee dings of the 16th ACM co nference on Computer and c ommunication s s ecurity, Chicago, Illinois, USA, pp: 488-499 , 200 9. [29]Muntaha A lawneh, Ima d M. Abbadi, "Pre v enti ng information leakage between c ollaborating organizations", P roceedings of t he 10th inter na tio nal conference on Electronic commerce , Innsbruck, Austria, Ar ticle No.: 38, 200 8. [30]Momentum Research G roup of Canning ham Communicat ion ( 2000): “ Bench marking t he e- Government re volution: Y ear 2000 re port on citizen an d business demand. Available: (http. // egovernmentreport.c om) [31]U.S. General Servi ce s Administrati on, Inter governmental Advisory B oa r d (1999): “Integrated service deliver y , Government using technolog y to serve the ci tizen”, Washington D.C. General Services Administration Office of Intergover nmental Solutions . Available: (http://polic y wor k s.gov/i ntergov/reportsframe.ht ml). [32]eGovernment Unit, European Commission, “ Study on Interoperability at Local and Regional Level . Interoperabi lity Study Versi on 3 ”, Dec ember 2006. [33]United Kin gdom, “ E-Government In teroperability Fra mework” Version 6.1, 18 M arch 2 005, http://www.govtal k.gov.uk/documents/eG IF%20v6_1 (1).p df [34]Elsa Estevez, Vince n t Douwe, an d Tomasz Ja nowski, “ Softw are I nfrastruct ure for e- Gov ernment – Extensible Message Gatewa y, Development Report ”, e-Maca o Program, U NU-IIST-EGOV, March 2008. [35]Papazoglou, M. P., & Ribbers, P . M. A. (2006): “E- business: Or g aniza tional and technical foundations”. U K , We st Sussex: John W iley & Sons. [36]http://www.ari adne.ac.uk/issue2 4 /inter operability/intr o .html [37]IDABC, “ Intero p erabl e Delivery of European e-Governme nt Services to public Administra tions, Businesses and C itiz ens ”, http://europa.e u.int/idabc/ [38]European Commission ( 2004): “Europea n Intero perability Frame work f or P an-European, e- Government Se rvices”, Version 1.0. E uropean Communitie s [39]New Zeland, “ e-G overnment Intero p era bility Fr amework ” (NZ e-GI F), Fe bru ar y 2 008. http://www.e. govt .nz/ standards/e-gif/e-gif- v -3-3/e- gif-v-3-3-c o mplete.p df [40]Hong Kong, “ The HKSARG Inter operability F ra mewor k ”, http://www.ogci o .g ov.hk/eng/infra/download/s 18.pdf [41]E-G ov ernmet Unit, Un ited Kingd om, “ e-Gove rnment Inter operability Fr amework ”, Version 6.1, March 18, 2005. h ttp://www.govtal k .gov. uk /do cuments/eGIF%2 0v6_1 (1).pdf [42] M d. Headayetullah and G. K Pradhan, “Efficient and Secure Information S harin g For Se curity Personnels: A Role and Cooperation Based Approach ”, International Journal on Computer Science and Enginee ring , Vol. 02, N o. 04, pp: 1254-126 5, 2010. Author: Md.Headayetullah re ceived the Diploma in Computer Science & Engineering (DCSE) with 1st Class from Acharya Polytechnic, Ban galore, India and Bachelor of En gineering (B.E) degree with 1 st C la ss from Yeshwantrao Chavan College of Engineering of Nagpur University, Nagpur, India in 2000 and 2003 respectively. He received second prize in s tate leve l f or hi s best p roje ct in B.E degree. He re ceived M.Tech degree with Fir st Class with Honours fr om the Department of Computer Science & Engineering and Information Technology o f Allaha bad Agricult ural Institute-Deemed University, Allahabad, India in 2005. He was the toppe r of the University in his M. T ech Degree. He has submitted h is thesis for t he award of PhD Degree in Computer Sc. & Engineering. He is working closely with Prof. (Dr.) G.K Pradhan and Prof. (Dr.) Sanjay Biswas in the Dep artment of Comp uter Science and Engineering fro m Institute of Technical Educa tio n & Research (Faculty of Engineering) of Siksha ‘O’ Anusandhan University (SOAU), Bhubaneswar, India. H e work s in the field of E-Government, Digital Government, Network ing, Internet Technology, Da ta Pri vacy , Cryptography, Information Security and Mobile Communicati on. He has authored more than Five Research Publication in International Journal. He is cu rre ntly w or king as an Assistant Professor in Computer Science & Engineering and Information Technology a t Dr. B. C. Roy C oll ege of Engin eering, Durgapur, West Bengal University of Technology, Kolkata, India. Pro fess or , Headayetullah is the members of IAENG a nd IACSIT respe ctiv ely. Pro fessor, Headayetullah is a reviewer for so many International Journals.