Get documents about "Design of a Secure Information Sharing System for E-policing in Nigeria
W
Description
Journal of Computer Science and Information Security (IJCSIS ISSN 1947-5500) is an open access, international, peer-reviewed, scholarly journal with a focused aim of promoting and publishing original high quality research dealing with theoretical and scientific aspects in all disciplines of Computing and Information Security. The journal is published monthly, and articles are accepted for review on a continual basis. Papers that can provide both theoretical analysis, along with carefully designed computational experiments, are particularly welcome. IJCSIS editorial board consists of several internationally recognized experts and guest editors. Wide circulation is assured because libraries and individuals, worldwide, subscribe and reference to IJCSIS. The Journal has grown rapidly to its currently level of over 1,100 articles published and indexed; with distribution to librarians, universities, research centers, researchers in computing, and computer scientists. Other field coverage includes: security infrastructures, network security: Internet security, content protection, cryptography, steganography and formal methods in information security; multimedia systems, software, information systems, intelligent systems, web services, data mining, wireless communication, networking and technologies, innovation technology and management. (See monthly Call for Papers) Since 2009, IJCSIS is published using an open access publication model, meaning that all interested readers will be able to freely access the journal online without the need for a subscription. We wish to make IJCSIS a first-tier journal in Computer science field, with strong impact factor. On behalf of the Editorial Board and the IJCSIS members, we would like to express our gratitude to all authors and reviewers for their sustained support. The acceptance rate for this issue is 32%. I am confident that the readers of this journal will explore new avenues of research and academic excellence.
Shared by: ijcsiseditor1
Categories
Tags
IJCSIS, call for paper, journal computer science, research, google scholar, IEEE, Scirus, download, ArXiV, library, information security, internet, peer review, scribd, docstoc, cornell university, archive, Journal of Computing, DOAJ, Open Access, July 2011, Volume 9, No. 7, Impact Factor, engineering, international, proQuest, computing, computer, technology
-
Stats
- views:
- 98
- posted:
- 8/12/2011
- language:
- English
- pages:
- 8
Document Sample
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 7, July 2011
Design of a Secure Information Sharing System for
E-policing in Nigeria
ALESE B.K1 IYARE O1 FALAKI S.O1
1
Computer Science Department
Federal University of Technology, Akure, Nigeria.
ABSTRACT The prevalent application of information technology
Problems of National concerns such as for the delivery of police services is the key next
kidnapping, ritual killings, prevention, detection step in reinventing police, in short in, fostering
and control of crimes, provision of security to
lives and properties and many more necessitate electronic policing. Electronic policing (E-policing)
information sharing, coordination and is termed as the transaction of services and
collaboration with members of the Police Force,
Businesses and Citizens within the country. A information between the police and citizens through
number of daunting challenges exist towards the the internet [9]. In another form, e-policing is the
development of an efficient information sharing
system. The principal challenge would be the use of information technology to provide citizens
development of a system that securely exchanges and organization with more convenient access to
information between members of the police,
businesses and the populace in other to police information and services. E-policing allows
restructure the police services. In this paper, a the public and businesses to file reports for some
means was devised to secure the information
sharing system for confidential sharing of secret incidents and crime related issues through the
information between members of the police internet anytime of the day. The reports when
force. The secure system which enforces access
control and information confidentiality was submitted are filed in the appropriate place to be
based on the principles of Bell LaPadula model accessed and acted upon by those assign to do so. E-
and the Rivest Shamir Adelman (RSA)
algorithm. The system assures secure and policing does not replace telephone or face-to-face
stream-lined information sharing among the contact, rather it expands the channels of
police to avoid intimidating activities.
communication through the internet. E-policing
Key words: Rank, Information, Information opens new ways of carrying out police services by
Sharing, E-policing, Access Control,
Confidentiality. creating a portal for the easy flow of information
between the parties involved, in this case the police,
1.0 Introduction
business and the citizens.
Police is a prime collector and provider of data and
Information in [7] is defined as processed data that
information, contributor of information-based
is useful in any organization. Information sharing
services and user of information technologies [5].
144 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 7, July 2011
on the other hand is a way of providing or passing to move from the traditional way of policing to a
information between members of a given modern way. Making information readily available
organization (for example the police force) or brings about the issue of confidentiality of
various organizations. Information sharing between information. Confidentiality is the assurance that
the police and the masses started with the use of bill information is shared only among authorized
boards through to that of radio and television, now persons or organizations. Confidentiality breach can
it has evolved to the use of a more advanced way occur when data is not handled in a manner
that is, the internet which is in line with the adequate to safeguard the confidentiality of the
technological trend. The use of the Internet is a fast information concerned.
way of getting information across to a large 1.1 Policing
audience within and outside a given geographical Traditionally, policing was the responsibility of all
location. adults in a community [3]. The emergence of the
The Internet (a network of networks) is a vast state as an entity with claim to the monopoly over
collection of computers where information are the means of legitimate violence in society [11]
provided, shared and communicated across the resulted into the creation of specialized agencies
globe. Due to the availability of the internet, the such as the police and the armed forces for
world is fast becoming a global village; individuals controlling the use of violence by other groups.
can now browse with their phones, laptops and at According to [6] Police work involves a variety of
homes. Through the application of Information tasks and responsibilities such as security to lives
Technology (IT) to its operations, police does not and properties, enforcement of law and maintenance
alter its functions or its obligations to remain useful, of order. Also, in a democratic society the police are
legitimate, transparent and accountable instead it more likely to provide services that will enhance
raises society’s expectations about its performance, development and democracy [2].
in all respect, to a higher level. The use of the 1.2 E-policing
internet by way of developing an information E-policing is a powerful web technology that makes
system for the police force will pave way for the available current and relevant information on crime,
increase use of IT facilities. An important aspect of missing items directly into the hands of the police,
government is the provision of security to the lives Businesses and Citizens. As part of efforts to
and properties of the people; this was catered for combat crime and meet up with world's standard of
through the establishment of the police force during policing, Nigeria Police announced its introduction
the colonial era. An easy way of doing this is to of electronic policing, to enable the average
embrace the use of information technology that is, policeman and Nigerians access its database from
145 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 7, July 2011
any part of the country [1]. Electronic policing in User Interface: It is an interactive page that enables
[4] is expected to reduce the crime rate in the the user to navigate through the different pages that
country to the barest minimum amongst other makes up the website.
things. Web Portals: A web portal provides a starting point
2.0 The Existing System or gateway to other resources on the Internet or
The Police Command in the nation has already Intranet. The portal includes:
started electronic policing. What is on ground is an P2C – Police to Citizens - This is aimed at
Information System that provides information on providing information and services to the citizens.
the various activities of the police force. The system P2B – Police to Business – aimed at providing
does not create an avenue for the citizens to report security to the business world.
their complaints. P2P – Police to Police – aimed at keeping officers
2.1 The Proposed System abreast of situations.
In accordance with the Federal Government of Database: That act as the store house.
Nigeria’s vision to be IT compliant in all her 3.0 Design of the Proposed Police Information
sectors, there is need for the NPF to rise up to the System (PIS)
task. The police command at the Federal level The Police Information System (PIS) is a collection
already have a site to their credit, the state of electronic files (database) which can be accessed
command should have a dynamic site that is through computer terminals linked to the central
accessible from the headquarters. This will solve the server. These data are supplied and maintained by
problems associated with the existing system. The member divisions scattered across the state. The
proposed system after implementation will provide system shows information about the police to
the following benefits: businesses, the general public and also act as a
i. Facilitates police services delivery to the reference material for members of the police force.
citizens
ii. Enhances information dissemination 3.1 Design of PIS
iii. Improve citizens access to up-to-date In the design of this system, the portals considered
NPF activities include the police to citizens (P2C), police to police
iv. Provide a platform for citizens” (P2P), and police to business (P2B) amongst others.
interaction with the police. This portal is the platform through which the users
2.2 Elements of the Proposed System interact with the system.
The proposed system will have the following The figure below shows the design of the home
elements: page.
146 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 7, July 2011
P2C
The wanted list menu displays the list of wanted
……
Home Page P2B persons for the notice of the general populace so as
to report such persons when seen.
P2P P2B: In the P2B interface, the user is expected to
sign up before access is granted into the system.
Figure 1: Homepage Design ……
Once access is granted, business registration with
P2C: The P2C is organized in the following way: the police force is done through the Register menu.
The Status menu checks if the request made at the
Missing Properties Register menu have been granted or not.
Missing Persons
Missing Vehicle Sign in Register
P2C P2B
Suggestion/Complains Status
Report Crime/Accident Figure 3: P2B Design To database
Wanted List
To database P2P: When the P2P link is clicked, the officer is
Figure 2: P2C Design presented with an interface that requires the officer
to sign in. The page displayed depends on the
After login, the user is presented with the above six
provided login details.
menus. The missing property, missing person and
S1
missing vehicle provides the user with an interface P2P Sign in
S2
to report their case concerning anything missing. It
also provides a link for the individual to check any S3
of the reported missing items that have been found. S4
The suggestion and complaint menu allow the user
to give suggestions on different issues and present
Database
Figure 4: P2P Design
any complaints that may arise.
Report crime or accident menu gives room to the 3.2 The Access Control Rules
user to report any case of crime or security breaches Access Control: An integral part of security
in form of rioting, robbery, violence attack, and management involves restricting access of specified
accident if any. resources to certain entities or objects [8]. This
entails the classification of such objects into levels
and arranging the Subjects into classes. A subject of
147 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 7, July 2011
a particular class can only view the object that the The different subject category can be grouped
class has been given clearance for. Clearance is together to form a general class given as: S= {S1, S2
given when the password of the subject matches the S3, S4}, and
corresponding subject ID. On the basis of S4> S3> S2> S1. This shows that S4 is the highest
confidentiality of information security, the subject level in the categorization, followed by S3 down to
and the object is grouped into the following classes, S1 which is the least.
from which the overall security class is formed. Object Class: The object which is the information
Subject class: The subject class is based on the to be protected is grouped into the following class:
ranks obtainable in the police force, starting from O= {Ots, Os, Oc, Op} where O stands for object and
the Commissioner of Police (CP) as the head of the the subscripts is information classification level
state command down to the Police Constable who is ranging from top secret down to public.
a trainee in the police college. The subject class is Security Class: The security classes are formed
grouped into four categories. Group 1is in charge of from the subject and the object class, they are of the
the police officers, that is, they act as administrator. form ScpOt, and comprises of the following:
The next group is the one in charge of crime SO = {S1Ot-p, S2Os, S3Oc, S4Op}. Any subject not in
management; they act on the information provided a particular class cannot view objects meant for that
by the citizens and verified with the one given by class. In other words, for a subject to be able to
the intelligent agent, if there is a match the case is view an object, the subject must belong to the class
reported otherwise it is discarded. The third group is that has clearance for that object.
in charge of Business management, they work on Let Sr (where r Є {1,…, 4}) denotes all the subject
the information provided by the Business personnel. class,
The last group has to do with the any missing items Ox (x Є {ts, s, c, p}) denotes all the object class
reported by the citizens. Assuming there is a direct mapping between the
elements of r and x, this implies that every element
3.3 Definition of terms of r takes a corresponding element of x.
Let S1 to S4 represent group 1 to 4 (where S stands Sr combines with Ox to give the following instances:
for subject and the subscripts is the rank obtainable Sr : Ox S1Ots
in the police force) and Sr : Ox S2Os
S1 = {Scp,, Sacp,, Sdcp,, Sc/sp,} Sr : Ox S3Oc
S2= {Sdsp} Sr : Ox S4Op
S3= {Sasp1, Sasp11} while
S4= {Scins, Sins, Ssgt,m, Ssgt, Scpl, Scl}.
148 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 7, July 2011
Therefore, figure 4.2 below. The page opens with various
1 iff S SxOx Є {1ts, 2s,3c,4p} options for the user to make a choice depending on
A= what he/she wants at that particular time.
0 iff S SxOx
Where A = Access
S = Subject
Sx = Subject Class
Ox = Object Class.
4.0 System Implementation
Systems development could be seen as the simple
process of writing programs to solve the needs of
Figure 6: Police to Citizen Interface
the user. The system is implemented using the
P2B: The second link is for the business owners.
apache2triad. Apache2triad is a software
When the link is clicked on, the user is presented
distribution of the most popular open source servers
with a login window requesting for username and
(Apache, MySQL etc) for developing and providing
password for those that have already sign up while
web contents using windows.
those that have not would have to sign up. After
Homepage: this is the index of the page where a
user is provided with options to choose from login, the user is presented with the page shown in
depending on the user’s category. The homepage is
figure 4.3 where the user can register or check the
shown in the figure below:
status of their registration.
Figure 5: Homepage
P2C: From the homepage above, the P2C (i.e. Figure 7: Police to Business Interface
police to citizen) is mainly for the citizens to lodge
P2P: The third link which is for the police produce a
their complaints or to report any form of theft. The
secure login window when clicked. It requires the
P2C link when clicked will open the page shown in
officers to enter their username and password in
149 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 7, July 2011
conjunction with their rank. If the username and clicked the user is taken to a page where inquiries
password corresponds with the rank, a window can be made and information that will be of help to
assign to that rank is displayed for the officer the police is supplied. In the security subsystem,
otherwise the officer will not gain access into the access is restricted and only those with the correct
system. logon details can make use of the subsystem. The
security requirement defined by this subsystem is
seen in the P2P login interface where the user is
required to supply the username and the password
together with the corresponding rank. The system
was tested using some assumed username and
password in conjunction with a rank. It was
observed that for every correct username, password
and rank access was granted but for wrong
username, password and rank access was denied.
Figure 8: Police to Police (S1) This means prevent users that are not police officers
from entering the secured subsystem.
The Figure above opens when the rank of CP
5.0 Conclusion
(Commissioner of Police), DCP (Deputy
For effectiveness and efficiency to be achieved, it
Commissioner of Police), ACP (Assistant
was gathered that without commitment and
Commissioner of Police), CSP (Chief
investment of time, money and human resources we
Superintendent of Police) or SP (Superintendent of
cannot achieve a secure, open and inclusive
Police) is chosen and the corresponding username
information society that will benefit all categories of
and password is entered correctly.
people. The citizens of a nation can be made to
4.1 Discussion
achieve their full potential in promoting sustainable
The police information sharing system is a system
development and improving the quality of life when
of programs designed to work together. The
an information society where everyone can access,
program contains various files that can be assessed
use and share information and knowledge is put in
from any of the three entry point. The system is
place. The development of a secure information
divided into non security and security subsystem. In
sharing portal for e-policing will go a long way in
the non-security subsystem access is not restricted
realizing these goals.
this implies that information can be viewed and
For any nation to move forward, there are always
shared by anybody. The P2C and the P2B falls into
problems and difficulties involved, the success of
this category. When the P2C or the P2B link is
150 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 9, No. 7, July 2011
the nation then depends on the ability of the leaders [6] Martin, S. E. (1990). On the Move: The
to look past the challenges and concentrate on the Status of Women in Policing (Washington,
outcome of the plan why putting in place measures D.C.: Police Foundation).
to tackle the problems. Moving to a reduced paper [7] Mbam B.C.E (2002). Information
society will receive criticism from different classes Technology and Management Information
of people, from highly placed members who will System. Our Saviour Press limited, Enugu,
want to jettison the effort of the government. Nigeria.
Government must be able to look past such [8] Osuagwu, O.E and Uwadia, C. (2002).
criticism for its projects to be successful. Development of Free Space Optical
Technology. A Cost Effective and
References Programmable Solution to Network
[1] Akinsuyi Y. and Agha E (2008). Police Communication in the 21st century. COAN
introduces E-policing. Thisday Newspaper. Conference proceeding 15-25.
[2] Alemika, E. E. O. and Chukwuma I.C. [9] Royal Canadian Mounted Police (2010). E-
(2000). Police-Community Violence in Policing in police services. Source at
Nigeria (Centre for Law Enforcement http://www.rcmp-grc.gc.ca/pubs/ccaps-
Education, Lagos and the National Human spcca/e-policing-police-eng.htm
Rights Commission, Abuja, Nigeria) [10] Schellenberg K (1997). Police Information
[3] Etannibi, E.O.; Alemika, E. E. O. and Systems, Information Practices and
Chukwuma I.C. (2003). Analysis of police Individual Privacy. Canadian Public Policy,
and policing in Nigeria. Cleen foundation, Vol. XX111, No.1.
lagos. [11] Weber, M. (1968). Economy and Society
[4] Fagbohun O.O.E (2007). Improving the University of California Press.
Policing system in Nigeria using electronic
policing. Journal of Engineering and
Applied Sciences, Vol.2: 1223-1228.
[5] Headayetullah M.D and Pradhan G.K
(2009). A Novel Trust-Based Information
Sharing Protocol for Secure Communication
between Government Agencies. European
Journal of Scientific Research, Vol.34, No.3,
page 442-454
151 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
Other docs by ijcsiseditor1
Enhanced Fast and Secure Hybrid Encryption Algorithm for Message Communication
Views: 272 | Downloads: 21
A New Image Compression framework: DWT Optimization using LS-SVM regression under IWP-QPSO based hyper parameter optimization
Views: 171 | Downloads: 5
function of Components of Additive Model of Biometric System Reliability in UML
Views: 128 | Downloads: 4
