Proposed model for data protection in information systems of government institutions

Abstract

Information systems and data exchange between government institutions are growing rapidly around the world, and with it, the threats to information within government departments are growing. In recent years, research into the development and construction of secure information systems in government institutions seems to be very effective. Based on information system principles, this study proposes a model for providing and evaluating security for all of the departments of government institutions. The requirements of any information system begin with the organization's surroundings and objectives. Most prior techniques did not take into account the organizational component on which the information system runs, despite the relevance of this feature in the application of access and control methods in terms of security. Based on this, we propose a model for improving security for all departments of government institutions by addressing security issues early in the system's life cycle, integrating them with functional elements throughout the life cycle, and focusing on the system's organizational aspects. The main security aspects covered are system administration, organizational factors, enterprise policy, and awareness and cultural aspects.