Integrated Security System Based On Security Assertion Markup Language Standard

This paper describes an integrated security system for electronic-government services. Many governments are transforming manual government services to electronic government services. This transformation is in most cases done without involving users of the services. This makes users of these services have little trust in the e-government. Security is in most cases not addressed from the early stages of e-government development. Some governments depend on security solutions from private vendors and these governments don’t have full control of security. E-government services have different levels of classification and so they require different types of authentication and authorization methods. Most e-government systems today use one form of authentication in all types of services without considering the different sensitivity levels. All countries have different levels of eliteracy and users with low levels of eliteracy do not understand some of today’s egovernment security systems. This security system provides multiple authentication methods. There are some e-government services that require simple authentication while other highly classified transactions demand strong authentication. This security system provides multiple authorization schemes, information integrity schemes and digital signature schemes. These schemes can be configured to accommodate different eliteracy levels. The system integrates a registration system, a certification system, an authorization system and a smart card system. It is based on the Security Assertion Markup Language (SAML) standard, which is an XML-based framework for exchanging security information. The system can be integrated in existing e-government systems and can be builtin in new e-government systems. Information of different levels of classification can be stored in same websites and can be accessed through multiple authentication and authorization methods. This system enables the society to perform secure e-government transactions and accommodates different eliteracy levels.