The Use of TRAO to Manage Evolution Risks in E-Government By

The use of TRAO to Manage Evolution Risks in E-Government

Onyekachi Chinemerem Onwudike

A Doctoral Thesis Submitted in partial fulfilment of the requirements for the award of Doctor of Philosophy of Loughborough University 2018 © Onyekachi Chinemerem Onwudike

i | P a g e

Dedication

To my loving parents, Ogbonnaya Onwudike and Nwakaku Onwudike whose love, unselfish support and examples over many years have given me the strength to complete this work.

To my husband Chris and my son Daniel, by far the most invaluable assets I acquired during the course of my PhD.

ii | P a g e

Abstract

The need to develop and provide more efficient ways of providing Electronic Government Services to key stakeholders in government has brought about varying degrees of evolution in government. This evolution is seen in different ways like the merging of government departments, the merging of assets or its components with legacy assets etc. This has involved the incorporation of several practices that are geared towards the elimination of processes that are repetitive and manual while attempting to progressively encourage the interaction that exists between the different stakeholders. However, some of these practices have further complicated processes in government thus creating avenues for vulnerabilities which if exploited expose government and government assets to risks and threats.

Focusing on ways to manage the issues accompanied with evolution can better prepare governments for manging the associated vulnerabilities, risks and threats. The basis of a conceptual framework is provided to establish the relationships that exist between the E- Government, asset and security domains. Thus, this thesis presents a design research project used in the management of evolution-related risks. The first part of the project focusses on the development of a generic ontology known as TRAO and a scenario ontology TRAOSc made up of different hypothetical scenarios. The resulting efficiency of the development of these ontologies have facilitated the development of an intelligent tool TRAOSearch that supports high-level semantically enriched queries.

Results from the use of a case study prove that there are existing evolution-related issues which governments may not be fully prepared for. Furthermore, an ontological approach in the management of evolution-related risks showed that government stakeholders were interested in the use of intelligent processes that could improve government effectiveness while analysing the risks associated with doing this. Of more importance to this research was the ability to make inferences from the ontology on existing complex relationships that exist in the form of dependencies and interdependencies between Stakeholders and Assets.

Thus, this thesis presents contributions in the aspect of advancing stakeholders understanding on the types of relationships that exist in government and the effect these relationships may have on service provisioning. Another novel contribution can be seen in the correction of the ambiguity associated with the terms Service, IT Service and E- Government. Furthermore, the feedback obtained from the use of an ontology-based tool

iii | P a g e during the evaluation phase of the project provides insights on whether governments must always be at par with technological evolution.

Keywords: E-Government, E-Government Services, Stakeholders, Asset, Risk, Vulnerability, Threat, Ontology, Evolution.

iv | P a g e

Acknowledgements

This thesis is the peak of my journey of a PhD which can be likened to climbing a flight of stairs accompanied by hard work, hardship, frustration, efforts, tears, commitment, trust, encouragement and sheer belief. The experience of fulfilment and gratitude that I feel today is borne out of the passion to move me to a whole new level and although only my name now appears on the cover of this thesis, I cannot but acknowledge the contributions of the people and organisations that have helped me achieve this great feat.

I am extremely indebted to my Supervisors, Dr Russell Lock and Dr Iain Phillips for all the invaluable guidance during the course of this research and for constantly pointing me to the right path. I am extremely thankful to Russell whose support enabled me to successfully overcome the many difficulties during this research. In his words ‘go forth’. Thank you for your guidance Russell. Thank you for spurring me on to perfection, thank you for your constant involvement in my research, thank you for your sheer belief in me and thank you for always inspiring me to do more. You exposed me to an entirely different aspect of life and it’s amazing how far one can go when someone believes in you. In the words of a writer “Good people are like candles; they burn themselves up to give others light”. It will be foolishness to deny your goodness to me and for that I remain indebted to you.

Without the right materials in place, I would not have been able to successfully complete this research. For this reason, I am grateful to the staff and management of Loughborough University for putting in place adequate resources and infrastructure that enabled me successfully carry out this research.

My sincere thanks go to the members of the Government Digital Service and the Nationwide Building Society who were involved in discussing, supporting and evaluating my research.

I am extremely grateful to my parents Prof and Pharm(Mrs) Onwudike who completely funded my PhD and have constantly defied all odds in training the girl-child. I salute you for your courage, selfless sacrifice and love and I am eternally indebted to you for the seeds you have sown in my life. Thank you for praying for me, cheering me on and for believing in me even when my belief in myself began to dwindle.

v | P a g e

I am thankful to my sisters Oluchi, Chinyere, Nnenna and Chidinma; my brothers in law Austin, Nd, Ifeanyi and Pascal whose constant love, encouragement and assistance contributed to the successful completion of my thesis.

I am thankful to my in-laws for their constant support and encouragement. Some special words of gratitude go to my friends and to the members of Fuyin who were such great support especially Denise who always took my son Daniel, so I could have some time to study.

I am thankful for my Uncle Enyi Onuoha who was always available for me during my research and constantly paid me visits to be sure I was keeping well.

To my mentor of blessed memory Dr (Mrs) Martha Cheo, years ago we discussed what your PhD journey involved. Thoughts of your strength and resilience in your quest for knowledge sustained me. I wish you were here for me to say, “I did it”.

To my mother in-law of blessed memory, you reminded me each time that you were praying for me. Thank you for praying for me and with me. I have the tangible results of your prayers in my hand now.

Last but not the least, I would like to express my sincere gratitude to my husband Chris and my son Daniel. Without question, you both are the most invaluable assets I have acquired in my quest for this PhD. I am thankful for your support, understanding and love throughout this PhD. You’ve both shared in my joys and pain and I can never thank you enough.

Dear God, thank you. Thank you for constantly reminding me that your timing for me is perfect. You are never early or late. You are always right on time and you make everything beautiful at the right time. This journey has taken a lot of patience and a lot of faith, but it’s been worth the wait.

vi | P a g e

Table of Content

Certificate of Originality ...... Error! Bookmark not defined. Dedication ...... ii Abstract ...... iii Acknowledgements ...... v Table of Content ...... vii Table of Figures ...... xv List of Tables ...... xviii PART I: INTRODUCTION AND SCOPE OF RESEARCH ...... xx Chapter 1: Introduction ...... 1 1.1 Research Motivation ...... 2 1.2 Research Aims and Research Questions ...... 6 1.3 Scope of Research ...... 10 1.4 Research Significance ...... 11 1.5 Research Synopsis: Structure of Research ...... 12 PART II: THEORETICAL FOUNDATION ...... 14 Chapter 2: Fundamental Concepts and Review of Literature relevant to E-Government ... 16 2.1 An Introduction to E-Government ...... 16 2.1.1 General Definitions and Views of E-Government ...... 17 2.1.2 Evolutionary Dimensions of E-Government ...... 20 2.1.3 The Role of Technology in the Evolution of E-Government ...... 21 2.1.4 Understanding E-Government from the Aspect of Integrational Technologies 22 2.2 Advancements in the Actualisation of E-Government ...... 24 2.3 Challenges to the Actualisation of E-Government ...... 25 2.3.1 Lack of Reuse in E-Government – A Multidimensional Approach ...... 25 2.3.2 Challenges Associated with Silos ...... 26 2.3.3 Challenges Associated with Frontend and Backend Transformation ...... 27 2.3.4 Challenges Associated with the Growth in Systems of System (SOS) ...... 28 2.3.5 Human-Related Challenges ...... 29 2.3.6 Challenges Associated with Decentralisation...... 30 2.3.7 Complexity-Related Challenges ...... 30 2.4 Advancement in E-Government and its Implications ...... 30

vii | P a g e

2.4.1 Attempts at Redesign and its Effects ...... 31 2.4.1.1 Analysis of the Effects of Redesign ...... 32 2.4.1.2 Analysis of the Effects of Redesign – Integrational and Relational Perspective ...... 32 2.4.2 Attempts at Integration ...... 34 2.4.2.1 Analysis of the Effects of Integration Using Workflows ...... 35 2.4.2.2 Analysis of the Effects of Integration Using Patterns ...... 36 2.4.3 Attempts at Automating Current Processes ...... 37 2.4.4 Attempts at Reuse ...... 38 2.4.4.1 Effects of Reuse – Third-Party Perspective ...... 39 2.4.4.2 Analysis of the Effects of Reuse – Integrational Perspective ...... 40 2.4.5 Attempts at Sharing ...... 41 2.4.5.1 Analysis of the Effects of Sharing Data ...... 42 2.4.6 Attempts at Carrying out Updates ...... 43 2.4.7 Analysis of the Use of Evolutionary Technology in Software Development 43 2.5 Chapter Summary ...... 45 Chapter 3: E-Government Services and the Role of IT Services ...... 48 3.1 Service: Meanings and Contexts ...... 48 3.1.1 IT Governance Frameworks ...... 49 3.1.2 Types of IT Services ...... 49 3.1.3 Types of IT Services based on Service Groups ...... 50 3.1.4 ITIL IT Service Catalogue ...... 51 3.2 E-Government Services ...... 53 3.2.1 E-Government Models and Frameworks ...... 54 3.2.2 EGov Service Categories ...... 56 3.2.3 Life Event ...... 57 3.2.4 Challenges with Life Events ...... 58 3.3 The Role of IT Services in the Provision of EGov Services ...... 58 3.3.1 The Use of Shared Services to Transform E-Government ...... 61 3.3.2 Effect of Shared Services on Stakeholders ...... 63 3.3.3 Service Oriented Architectures (SOAs) in E-Government Shared Services . 63 3.4 The Role of Asset Reuse in EGov Service Delivery ...... 68 3.4.1 Types of E-Government Assets: The Role of Information Assets in E- Government ...... 68

viii | P a g e

3.4.2 Managing the Effects of Reuse of IT Assets in E-Government ...... 69 3.4.3 Understanding Assets from a Systems of Systems Perspective ...... 69 3.4.3.1 Example of Systems of Systems ...... 71 3.5 The Concept of Risk Analysis in E-Government ...... 73 3.5.1 Analysing Risks Associated with Interdependencies in Critical Infrastructures ...... 77 3.5.2 Analysing the Different Critical Infrastructure Risks from a Security Perspective ...... 78 3.5.3 Analysing the Risks of Critical infrastructure of Heterogeneous Systems in Government ...... 79 3.5.4 Protecting Critical Government Infrastructures by Identifying Pathways to Risk ...... 79 3.6 Analysing the Vulnerability of Assets from a Security Perspective ...... 86 3.6.1 Analysing the Vulnerability of Assets (Critical Infrastructures and Systems) ... 87 3.6.2 Vulnerability Assessment ...... 89 3.7 Chapter Summary ...... 89 Chapter 4: Ontologies and Description Logic (DL) ...... 91 4.1 The Use of the Semantic Web in E-Government ...... 91 4.2 The Need for an Ontology in Knowledge Representation ...... 92 4.3 The Use of Ontologies for Knowledge Building ...... 93 4.3.1 Defining an Ontology with the Use of a Terminology Box ...... 94 4.3.2 Defining an Ontology with the Use of the Assertion Box ...... 94 4.3.3 Example of T-Box and A-Box...... 94 4.4 The Need for the Application of Ontologies in E-Government ...... 95 4.5 Ontology Languages ...... 96 4.5.1 RDF ...... 96 4.5.2 Web Ontology Language (OWL) Background ...... 97 4.6 Ontology Reasoning ...... 99 4.7 Methodologies for Creating Ontologies ...... 100 4.7.1 Summary of Ontology Development Methodologies ...... 100 4.8 A Brief Review of Metadata and Ontologies in E-Government ...... 101 4.8.1 E-Government Metadata...... 101 4.9 E-Government-Related Ontologies ...... 102 4.9.1 Domain Specific E-Government Ontologies ...... 102

ix | P a g e

4.10 Generic Problems Associated with Existing E-Government Ontologies ...... 107 4.11 Chapter Summary ...... 107 PART III: RESEARCH METHODOLOGY AND FRAMEWORK ...... 108 Chapter 5: Research Methodologies and Approach ...... 109 5.1 Introduction ...... 109 5.2 The Research Onion ...... 110 5.3 Philosophical Assumptions ...... 111 5.3.1 Ontological Assumptions ...... 112 5.3.2 Epistemological Assumptions ...... 113 5.3.3 Justification of Philosophical Choice and Rationale ...... 114 5.3.4 The Use of Hermeneutic Analysis for the Interpretive Paradigm ...... 115 5.3.5 Choice of Method and Rationale ...... 117 5.4 Research Design Choice ...... 117 5.4.1 Qualitative Research Design Method ...... 118 5.4.2 Quantitative Research Design Method ...... 119 5.4.3 Mixed Methods Research Design ...... 119 5.4.4 Rationale for Research Design Choice ...... 120 5.5 Research Strategy and Data Collection Methods...... 120 5.5.1 Rationale for the Research Strategy and Data Collection Method ...... 124 5.6 Justification of the Need for an IT Artefact in the Research ...... 124 5.7 Research Method ...... 126 5.7.1 Systematic Review of Relevant Literature ...... 127 5.7.2 Formulation of a Conceptual Framework ...... 129 5.7.3 The Design of an Interpretive Case Study ...... 129 5.7.4 The Use of the Design Science Research (DSR) Methodology in Creating Research Artefact ...... 130 5.7.5 Ontology Development Methodology ...... 133 5.8 Ethical Considerations ...... 134 5.9 Conclusion ...... 135 Chapter 6: Conceptual Framework for the Management of Risks in E-Government ...... 137 6.1 Reasons Behind the Development of a Conceptual Framework ...... 137 6.2 Proposed System ...... 138 6.2.1 Development of a Five-Level Model of the E-Government System ...... 138 6.2.2 Unified Conceptual Framework ...... 140

x | P a g e

6.3 Development of a Conceptual Framework ...... 142 6.3.1 Development of Framework based on Theories of E-Government ...... 143 6.3.2 Development of a Framework based on the Existence of E-Government Stakeholders ...... 146 6.3.3 Development of a Framework based on the Composition of Assets ...... 147 6.3.4 Development of a Framework based on an Asset-Based Approach to the Management of Risks ...... 148 6.3.5 Development of a Framework Based on the Risk Structure ...... 150 6.3.6 Development of a Framework based on the Management of Evolution- Related Risks in E-Government ...... 151 6.3.7 Developing a Framework based on the Types of Relationships in E- Government ...... 152 6.4 Development of the TRAO Framework ...... 155 6.4.1 Service Request Workflow ...... 157 6.5 Development of Scenarios Relevant to the Thesis ...... 158 6.5.1 Query Selection ...... 158 6.5.2 Asset Search Use Case Scenario ...... 159 6.5.3 Use Case Scenario for Management of Risk Associated with Assets ...... 160 6.6 Design Process involved in the Analysis of Evolution-Related Risks ...... 160 6.7 Conclusion ...... 161 Chapter 7: Ontology Development and Hypothetical Scenario Modelling ...... 162 7.1 Design of the Threat Risk Asset Ontology (TRAO) ...... 162 7.2 Creating an Ontology Model for E-Government ...... 162 7.3 Building in Natural Language into the Ontology ...... 168 7.4 Development of the TRAO Framework ...... 169 7.5 Development of Generic Modules within the Ontology ...... 170 7.5.1 Developing the E-Government Module of TRAO ...... 171 7.5.2 Modelling the Relationships between IT Services and EGov Services ...... 174 7.5.3 Development of the Asset Module ...... 176 7.5.3.1 Modelling of the Asset Module of the Ontology ...... 178 7.5.3.2 Modelling Generic Relationships between Asset and Asset Component 179 7.5.3.3 Development of the Asset Module – Identifying Reusable Assets ...... 179 7.5.3.4 Development of Asset Module - A focus on Critical Assets ...... 180 7.5.3.5 Development of the Asset Module – Identifying Interactions between IT Infrastructure and Assets ...... 184

xi | P a g e

7.5.3.6 Expressing the State of an Asset with the Use of a Set of Individuals .... 184 7.5.4 Developing the Security Module of the Ontology...... 185 7.5.4.1 Development of the Security module – Modelling the Relationship between Security and Assets ...... 187 7.5.4.2 Development of Security Module: Vulnerability Modelling within the Ontology ...... 188 7.5.4.3 Developing the Security Module of the Ontology: Risk Modelling ...... 190 7.5.5 Risks Associated with Modelling Composite EGov Services ...... 191 7.6 Scenario-based Design of the Ontology ...... 192 7.6.1 Driver’s License Application – Hypothetical Scenario to Show what Assets a Service Requires to Run ...... 192 7.6.2 Hypothetical Scenario- Modelling the Risks of using Outdated/Obsolete Assets 194 7.6.3 Hypothetical Scenario - Modelling the Risks Associated with Moving from an Older Asset to a Newer Asset ...... 196 7.6.4 Hypothetical Scenario to Show the Risks Associated with Complex Assets 197 7.6.5 Hypothetical Modelling of Assets that Act as Dependent and Supporting Systems 201 7.6.6 Hypothetical Network Scenario Describing Reliance on a Network and the Cascading Effects of this Reliance ...... 202 7.6.7 Scenario Modelling of IT Asset Failure ...... 204 7.7 Scenario Modelling of Risks ...... 205 7.7.1 Risks Associated with Combining Individual/Atomic EGov Services ...... 205 7.7.2 Hypothetical Scenario Modelling of the Dependencies/Interdependencies that Exist Among Assets ...... 207 7.7.3 Hypothetical Scenario to Show the Risks Associated with Merging Legacy Assets 208 7.8 Rule Formulation for TRAO ...... 209 7.9 Query Formulation in TRAO ...... 210 7.9.1 TRAO DL Queries ...... 210 7.9.2 SPARQL Query Formulation ...... 213 7.10 Summary ...... 214 Chapter 8: Design and Development of TRAO Web-based Tool ...... 215 8.1 Introduction to TRAO Web-based Tool ...... 215 8.2 Functional Overview of the Prototype Tool ...... 216

xii | P a g e

8.2.1 Design Goals ...... 216 8.2.2 Functional Overview of the Query Aspect of the Tool ...... 217 8.3 Tool Features ...... 220 8.3.1 Ontology Browser ...... 221 8.3.2 TRAO Ontology-Based Search ...... 222 8.3.3 Query Engine of TRAO ...... 225 8.3.4 Development and Generation of Queries ...... 225 8.4 Using Natural Language to Query the Ontology using the TRAO Query Engine 226 8.4.1 Querying the Tool Based on Scenarios in the Ontology ...... 226 8.5 Conclusion ...... 229 Chapter 9: Evaluation of Ontology and Tool ...... 230 9.1 Evaluation of Research ...... 231 9.2 Feasibility Analysis Evaluation Amongst Government Stakeholders ...... 232 9.3 Feasibility Analysis Evaluation using Third-Party Service Provider ...... 235 9.4 TRAO Evaluation ...... 238 9.5 Tool Evaluation ...... 242 9.6 Results of the Evaluation ...... 244 9.7 Conclusion ...... 245 Chapter 10: Research Conclusions, Recommendations and Future Work ...... 246 10.1 Conclusions Reached ...... 246 10.2 Research Questions Revisited ...... 247 10.3 Considerations for Future Work ...... 252 10.4 Research Contributions ...... 253 10.5 Research Limitation ...... 254 10.6 Closure ...... 255 References ...... 256 Appendices ...... 287 Appendix I: Publication ...... 287 Appendix II: Publication ...... 305 Appendix III: Examples of IT Services based on Categories ...... 323 LDAP (Lightweight Directory Access Protocol) ...