The ultimate goal of e-government is to establish a comprehensive platform for government office automation, decision support and public services. As a special application field of information network, it not only runs a lot of data and information, but also has high confidentiality and sensitivity. Therefore, on the one hand, the e-government system needs to consider the security of the government's internal network, on the other hand, it also needs to consider the public-oriented network security. Therefore, e-government network security system has high security requirements. Mainly based on the following basic requirements: 1. The need to maintain the image of the government; 2. Information confidentiality requirements; 3. Identity authentication requirements; 4. Access control requirements; 5. Information storage security requirements; 6. Information transmission security requirements.
2 China e-government in the process of security issues
(1) Information infrastructure construction is facing challenges.
E-commerce and e-government need payment and settlement means, high-quality and efficient financial services and their computerization. At present, the level and electronicization of financial services in China are not high, and the problem of online payment has greatly hindered the development of e-commerce and e-government in China. China's financial industry urgently needs to adapt to the process of global integration, accelerate the pace of reform, change the existing payment methods, and ensure the safety of online payment.
(2) The lack of self-developed e-government software and hardware products has laid a safety hazard for the long-term development of e-government.
The software and hardware products used in China's e-government construction are rarely products developed by China's independent intellectual property rights, and some information networks involving state secrets rely too much on foreign security products and technologies.
(3) Weak e-government management.
1993, the State Council established the national economic informatization joint conference, officially launched the national economic informatization project, and began to implement the "three gold projects", namely Jinqiao Project, Golden Crown Project and Gold Card Project. According to the model of government office automation-management department electronic engineering (three gold projects)-government all-around online engineering, after years of construction, it has been built to a certain scale, but it also brings some difficulties to the security management of e-government. Many government departments ignore its safety precautions and relax their safety awareness, which will bring certain losses to China's e-government.
(4) E-government security legislation lags behind.
Due to the late development of e-government in China, at present, only the administrative organs have issued some restrictive administrative regulations on Internet management, but there are no detailed laws on how to promote electronic transactions, the use of electronic signatures and electronic payments, which hinders the development of e-government security in China to some extent. Establishing network laws and regulations on network security, government information encryption and the public's right to know as soon as possible is the primary factor related to whether "e-government" can be truly implemented in planning. Without the guarantee of legal system, the smooth development of e-government is impossible.
(5) Lack of safety risk assessment mechanism.
Because local governments in China are not very popular in e-government, many established e-government networks have not encountered major security accidents, lack experience in formulating e-government security strategies, and lack scientific and comprehensive understanding of security issues when encountering various security issues, so the security of e-government in China needs to formulate a security risk assessment mechanism.
(6) Lack of comprehensive security system.
E-government involves state secrets, sensitive information and citizens' privacy, so it is very important to build an e-government security system. Measures must be taken from the aspects of laws, standards, management, technical products and security infrastructure to better ensure the reliability, credibility, controllability, availability and accessibility of e-government. To solve the security problem of e-government, on the one hand, government agencies need to strengthen the formulation and implementation of legislation and related policies, on the other hand, advanced technology and application means are needed. At present, China's information security infrastructure is still weak, and the government is improving the supervision of e-government information security domain, including the management of confidential information domain, internal information domain and open information domain. The boundary control of security domain is accomplished by physical isolation or logical isolation.
3 e-government security management countermeasures
(1) Establish the strategic objectives and tasks of information security.
Fully understand the importance and urgency of e-government security, and attach great importance to the development of e-government security strategically. The national strategic goal of information security in China is to ensure the information security of national economic infrastructure, resist the "information war" that may be implemented by relevant countries, regions and groups, and the threats and attacks of high-tech crimes at home and abroad, and ensure national security, social stability and economic development. The strategic defense of information security focuses on the national key infrastructure in the national economy, including finance, banking, taxation, energy production reserve, grain and oil production reserve, water, electricity, automobile supply, transportation, post and telecommunications, radio and television, commerce and trade, etc. The most important thing is the electronic information system that supports the operation of these facilities.
(2) Specific security measures for e-government.
The specific security measures of e-government include three aspects: first, the security protection measures of physical layer. Mainly through formula
Management norms and measures to ensure that computer network equipment, facilities and data information are protected from natural disasters, human errors or mistakes, physical entity damage caused by computer crimes, service interruption and data loss at a reasonable level. The second is technical measures. It is realized by computer network products and technical services, including technical specifications, technical schemes and technical realization. The third is management measures. Including management system, management system and legal guarantee. Among them, the effective combination of management and technology is a necessary means to ensure the security of e-government system.
(3) Strengthen the national information security institutions and functions.
It is necessary to set up a highly authoritative National Information Security Committee to study and decide on major national information security decisions, issue national information security policies, approve national information security plans, and make decisions on major national information security emergencies facing the country. Under the leadership of the National Information Security Committee, the National Information Security Technical Committee will be established, and a high-tech criminal investigation team will be established in the national law enforcement departments to improve the ability to prevent and detect high-tech crimes.
(4) Attach great importance to basic research on information security and personnel training.
The relevant departments of the state should organically integrate the information security research and development institutions basically established by domestic forces, complete the research and trial production of key technologies and equipment urgently needed for information security in China under the unified coordination and guidance of the National Information Security Technical Committee and according to certain progress requirements, and form high-quality mass production. We must ensure that China has its own unique and effective information security technology and equipment system, so that we have enough ability to prevent and combat information wars and high-tech criminal activities that may be launched by relevant countries, regions, groups or other hostile forces against China. At the same time, it is necessary to vigorously cultivate information security professionals and transport the backbone of the safe operation of information infrastructure for various departments. We should also pay attention to taking practical measures to attract overseas personnel engaged in information security and patriotic overseas Chinese to return to China to serve and learn about the new development of international high technology through them.
(5) Promote the development of information security industry.
It is necessary to strengthen the development of independent information and network technology, promote the research and development and production of China's independent computer core hardware and computer software operating platform as soon as possible, and give preferential policies for tax reduction and exemption. It is urgent to carry out in-depth research work from the overall height of the security system, provide overall theoretical guidance and basic component support for solving China's information and network security, lay a solid foundation for the engineering realization of information network security, and promote the development of China's information security industry. At present, key units urgently need to develop the following key technologies: unique identification technology, digital signature technology, information integrity inspection and detection technology, information encryption and decryption protection technology, key management technology, security audit tracking technology, security information system construction integration technology, system security assessment technology, and electronic information system electromagnetic information leakage protection technology.
(6) Accelerate information security legislation.
To solve the security problem of e-government system, we should formulate relevant laws and handle the relationship between technological advancement and autonomy. To develop e-government, legislation should come first. Legislation should be conducive to the development of information technology and e-government, solve the urgent problems in the development of e-government, such as the legality of electronic signature and electronic payment, formulate the information technology norms of e-government, and timely revise the parts of traditional laws that are incompatible with the information technology norms.