Papers by Yudhistira Nugraha
Proceedings of the 16th International Conference on Theory and Practice of Electronic Governance
As more governments around the world seek to harness the power of digital technologies to approac... more As more governments around the world seek to harness the power of digital technologies to approach policy and governance, there is growing recognition of the importance of local context in shaping the success of such initiatives. Place-based innovation policy offers a framework for tailoring government strategies to the unique needs and capabilities of different regions by acknowledging a different need of each city and region. Using Jakarta as a case study, this paper explores the challenges and opportunities of implementing digital government for place-based innovation policy in a populated metropolitan city with complex administrative structures. Drawing from empirical study and literature reviews, this paper analyzes the ways in which Jakarta's government has sought to leverage digital technologies as a tool to influence place-based innovation policy and its impact to the wider population, especially in times of crisis during the COVID-19 pandemic. This paper suggests the mainstreaming of mission-oriented approach to catalyze place-based innovation policy across government agencies, private sectors, and civil society. • government technology policy; • empirical studies;
Many governments are increasingly reliant on external service providers to process, store or tran... more Many governments are increasingly reliant on external service providers to process, store or transmit sensitive data on behalf of the government. This study is motivated by the problem of preserving the confidentiality of sensitive government data, particularly following Edward Snowden's revelations of alleged pervasive surveillance; a problem posed by foreign intelligence services to the Indonesian government in 2013. In this paper, we discuss the idea of proposing Trustworthy Service Level Agreements (TSLA) as a means of incorporating security considerations (considering confidentiality) into a Service Level Agreement (SLA) between a service provider and the customer (e.g. government). In particular, we classify confidentiality requirements and capabilities according to a typical threat profile for government data classification, by describing five discrete levels of security precautions that can be negotiated between the government and service providers to ensure the confidentiality of sensitive data handled by the providers. It further provides an evaluation framework for assessing and clarifying security considerations in SLAs. The levels of assurance should serve as a foundation for expressing security considerations (including threats, requirements, and capabilities) in SLAs as well as for designing information system services regarding security. The contribution of this paper is in developing five distinctive levels of increasing assurance that can be applied to the formulation of security-related SLAs, as well as in discussing the discrete levels, using the context of a government cloud.
International Conference on Emerging Security Information, Systems and Technologies, Sep 10, 2017
Many governments consider the use of remote computing, communications and storage services provid... more Many governments consider the use of remote computing, communications and storage services provided by external service providers to process, store or transmit sensitive government data to increase scalability and decrease costs of maintaining services. The use of assurance approaches based on service level agreement (SLAs) is becoming increasingly important in procuring a wide range of such services from external service providers. However, such existing SLAs are not well-suited to a dynamic cyber threat environment because SLA security requirements (considering data confidentiality) have not been deeply studied by the academic computer security community. Such an understanding of the real needs of government is essential to the formulation of security-related SLAs. This paper seeks to provide such insights, by investigating 35 government participants using Indonesia as case study via a grounded adaptive Delphi study. We found that undeveloped SLA confidentiality requirements can illuminate other administrations to include government's security requirements and security capabilities of the service providers in SLAs when using such external services. Based on our findings, we make recommendations to the government agencies, service providers and researchers for improvement to existing SLA definition and future lines of research.
2020 International Conference on ICT for Smart Society (ICISS), 2020
The chaotic world situation caused by the SARS-CoV-2 virus (COVID-19 pandemic) has hampered many ... more The chaotic world situation caused by the SARS-CoV-2 virus (COVID-19 pandemic) has hampered many sectors of human activity, especially in activities that require physical interactions. Thus, requiring social restrictions for those sectors that are affected. This paper reports the analysis of the proposed system for monitoring and supporting public activities in order to carry out social restrictions, specifically in the DKI Jakarta province. The proposed systems are YOLO and MobileNet SSD as its main weight to help this detection system with 30% and 40% confidence, respectively. The results of object counting and physical distancing are expected to be a guideline for public complaints in the future by using several CCTV locations points with better image quality and better angles.
2020 International Conference on ICT for Smart Society (ICISS), 2020
COVID-19, as a newly discovered disease, has suddenly become a major challenging problem for many... more COVID-19, as a newly discovered disease, has suddenly become a major challenging problem for many cities in the world, including Jakarta. This crisis affects all segments in day to day life. Jakarta citizens can report any problems related to COVID-19 through Citizen Relations Management, later known as CRM. This CRM system consists of 14 official complaint platforms that can be used by the citizens to report their complaints to the government and its working units. As a bridge between people and the government, this system is a form of problemsolving innovation. In this study, Exploratory Data Analysis (EDA) was carried out to analyze the pattern of complaint reports concerning COVID-19. The dataset used is CRM report data and daily COVID-19 positive case data. Through the analysis, a linkage is found between the cumulative number of reports related to COVID-19 and the cumulative number of COVID-19 positive cases. During the crisis period like the unfolding COVID-19 pandemic, transparency of information and citizen feedback can make invaluable contributions to an effective national response. This study is expected to encourage CRM to deal with the impact of COVID-19 effectively through the official platforms managed by Jakarta Smart City.
2020 International Conference on ICT for Smart Society (ICISS), 2020
Almost all countries obtain significant and multidimensional challenges of COVID-19. Various coun... more Almost all countries obtain significant and multidimensional challenges of COVID-19. Various countries possess varied responses and policies regarding COVID-19. Since the Indonesian government affirmed COVID-19 a national emergency on March 2, 2020, it is necessary to have official information that can be accessed by the public, which at that time did not yet have the Central Government Website. Moreover, the importance of the availability of public information/data contained in official online pages can be used by governments to formulate data-based policies. Jakarta is a pioneer in developing a government website related to COVID-19. This paper provides lessons learned from developing an official COVID-19 website of the Provincial Government of Jakarta. This paper outlines different aspects of developing an official COVID-19 website and an ideal solution to the challenges involved in developing one. This paper uses agile development methods as an evidence base to develop a website. The most interesting finding is that the corona website has been successful in attaining 27,569,404 visitors, 120 collaborators who donate 151,567 pcs of social aid. This finding confirms that this study provides a better understanding of common elements in building an official COVID-19 website. The no-nonsense method of developing an official COVID-19 website can be easily replicated and followed by other cities to consider the model in developing a similar website. Keywords-COVID-19, smart governance, website, agile development, lessons learned, Jakarta Nowadays, the world is facing a pandemic because the coronavirus disease 2019 (COVID-19) has spread across the globe with formidable speed, infecting millions, and causing economic disruption on an unprecedented scale . COVID-19 is distributed throughout all regions in Indonesia, including Jakarta, with the highest prevalence experienced challenges . There are various information and regulations that have been issued by the government for preventing COVID-19 transmission, and it is expected that the public can comply. There is increasing concern that some medical misinformation and unverifiable content of the global COVID-19 pandemic are being propagated at an alarming rate on social media accounts and websites [3] [4]. Based on
2020 International Conference on ICT for Smart Society (ICISS), 2020
Since its first case appeared in Depok, West Java, COVID-19 had sent people into panic and anxiou... more Since its first case appeared in Depok, West Java, COVID-19 had sent people into panic and anxious apprehension. This paper aims to perceive the anxiety level of people related to the deaths caused by the COVID-19 in Jabodetabek (Jakarta, Bogor, Depok, Tangerang, Bekasi). Factors such as socioeconomic vulnerability and human cognitive level (regarding COVID-19) are also perceived to play important roles in causing such anxiety. A total of 554 respondents have participated in this study. Results showed that respondents had a low level of death anxiety, remembering, and understanding cognitive levels, but had a high level of concern regarding their ability to fulfil their food needs and adequate healthcare access.
2020 IEEE International Smart Cities Conference (ISC2), 2020
The coronavirus diseases 2019 or COVID-19 has spread and infected millions of people around the w... more The coronavirus diseases 2019 or COVID-19 has spread and infected millions of people around the world. The ongoing COVID-19 pandemic has taken an unprecedented toll on residents, business, commerce, and activity in many cities, including Jakarta, where there have been more than twelve thousand confirmed cases as of July 2020. The details of how COVID-19 spreads in Jakarta are still complicated and not completely understood because the number of infections is large and continues to climb. This paper conducts a quantitative analysis of the COVID-19 pandemic spreading using Jakarta as a case study for the evaluation and decision-making process. In this paper, time series models such as the Holt's exponential smoothing and Auto-Regressive Integrated Moving Average (ARIMA) were used to forecast the number of COVID-19 cases in Jakarta between March 1 and July 6. Recently, data exploration and comparative analysis of time series models have been conducted to determine the optimal models for forecasting COVID-19 confirmed cases. The result shows that ARIMA has the highest R-Squared (R 2 ), and lowest (Mean Squared Error) MSE and Root Mean Squared Error (RMSE) is the best model to forecast the upcoming number of infected cases of COVID-19 in Jakarta. Such a model shows promising results and fitting predictions in supporting data-driven policy in public health and epidemiology.
Jurnal Sistem Cerdas, 2020
Data dan informasi merupakan bagian penting dalam pertimbangan mengambil keputusan terkait penang... more Data dan informasi merupakan bagian penting dalam pertimbangan mengambil keputusan terkait penanganan COVID-19. Data COVID-19 baik demografi maupun agregat di Provinsi DKI Jakarta diolah dan dianalisis untuk memberikan informasi mengenai situasi dan kondisi terkini terkait pandemi COVID-19 di Provinsi DKI Jakarta. Data COVID-19 tersebut juga dimanfaatkan untuk analisis prediktif untuk mengetahui perkiraan jumlah kasus COVID-19 di masa depan. Analisis prediktif yang digunakan dalam artikel ini adalah metode Autoregressive Integrated Moving Average (ARIMA). Model ARIMA merupakan salah satu metode forecasting hasil dari perluasan model Autoregressive Moving Average (ARMA) untuk data yang tidakstasioner. Analisis dan visualisasi data dilakukan menggunakan program Python dan Tableau dimana hasil analisis prediktif memperlihatkan tren kasus positif harian yang cenderung naik di kurun waktu 14 hari ke depan dari data yang digunakan. Hasil analisis ini dapat digunakan sebagai pertimbangan b...
2015 IEEE 23rd International Requirements Engineering Conference (RE), 2015
With the development of trustworthy services, security requirements are of paramount importance f... more With the development of trustworthy services, security requirements are of paramount importance for any service (X-as-a-Service). This work-in-progress paper motivates the need for a new approach to requirements engineering for trustworthy services, which helps organisations to systematically define a set of security requirements and describe these in a service level agreement (SLA). This proposed research aims to provide adequate assurances to users by introducing the concept of the Trustworthy Service Level Agreement (TSLA). The proposed research design involves three stages: The first is to develop an initial method of Security Assurance Requirements Engineering (STARE) by refining the nine Security Quality Requirements Engineering (SQUARE) activities. The key activities of STARE include: eliciting security requirements, classification of security requirements, and developing the novel concept of the TSLA. In the second stage, the effectiveness of STARE is evaluated using two real-world case studies: state cyber defence and lawful interception as a service. Finally, the process of implementing the STARE activities will be evaluated using selected service providers that deliver such services to defence and law enforcement agencies. Given the current state of requirements engineering for services, it is anticipated that this research will have a significant impact in terms of guaranteeing secure and trustworthy services in various domains.
IEEE Transactions on Emerging Topics in Computing, 2016
Edward Snowden's revelations of the extensive global communications surveillance activities of fo... more Edward Snowden's revelations of the extensive global communications surveillance activities of foreign intelligence services have led countries such as Indonesia to take concrete steps to enhance protective information security for classified data and communications. This paper develops the wideband Delphi method to study the Indonesian Government's requirements for cyber-defence in response to reported secret intelligence collection by the Australian Signals Directorate. It provides a clearer understanding of the issues that influence Indonesian policymakers' views on the mitigation of foreign surveillance. We developed and conducted an adaptive wideband Delphi study with senior Indonesian officials, with group discussions and individual sessions to explore how to mitigate the surveillance activities of the Five Eyes (the U.S.-U.K.-Canada-Australia-New Zealand) intelligence alliance. We used the U.S. National Security Agency framework of the three elements of defence in depth (people, operations, and technology), in combination with governance and legal remedies, as an analytical framework. We identified twenty-five mitigation controls to deal with the priority concerns of policymakers, which were divided into a five-defence in depth elements. We discuss the key requirements for protecting against foreign surveillance to be taken into account in state cyber-defence frameworks and suggest effective mitigation controls for safeguarding and protecting states' national interests.
to provide strategies for the Indonesian government to address the issue of convergence as well a... more to provide strategies for the Indonesian government to address the issue of convergence as well as to provide a clearer understanding of the issues that will influence policy-makers in their deliberations. Convergence refers to a trend in regulation that seeks to define a single regulatory structure for telecommunications, broadcasting and information technology (infoDev & ITU, 2006). The three selected countries namely Malaysia, The UK, and South Africa has been chosen because they were among the first to restructure their regulatory agencies towards a converged regulator in different ways Key members of the MCIT (the Ministry of Communication and Information Technology), the BRTI (the Indonesian Telecommunication Regulatory Body), and the KPI (the Indonesian Broadcasting Commission) provided the possibilities of the creation of converged regulator
Record of the Communications Policy & …, 2009
to provide strategies for the Indonesian government to address the issue of convergence as well a... more to provide strategies for the Indonesian government to address the issue of convergence as well as to provide a clearer understanding of the issues that will influence policy-makers in their deliberations. Convergence refers to a trend in regulation that seeks to define a single regulatory structure for telecommunications, broadcasting and information technology (infoDev & ITU, 2006). The three selected countries namely Malaysia, The UK, and South Africa has been chosen because they were among the first to restructure their regulatory agencies towards a converged regulator in different ways Key members of the MCIT (the Ministry of Communication and Information Technology), the BRTI (the Indonesian Telecommunication Regulatory Body), and the KPI (the Indonesian Broadcasting Commission) provided the possibilities of the creation of converged regulator
HAL (Le Centre pour la Communication Scientifique Directe), 2017
Security has been considered for decades as a possible attribute in service level agreements (SLA... more Security has been considered for decades as a possible attribute in service level agreements (SLAs). However, the formulation of security properties has not been expressed in such concrete terms in SLA contexts because security is a process, not a product. Consequently, security properties, such as data confidentiality, integrity and availability have been overlooked in SLA contexts. This paper aims to identify open problems and existing solutions in the context of incorporating security properties into SLA contexts. First, we provide an overview of system assurance of which trustworthy SLAs can be considered as alternative assurance technique in the context of service provisioning. Then, we describe the notion of trustworthy SLAs and discuss possible security properties that can be potentially used in SLA contexts. Finally, we present some open research problems for the incorporation of security capabilities into SLA contexts to establish trust between the customer and service provider. This study identifies needs for developing a trustworthy SLA capability framework to formulate discrete levels of assurance which are believed to be capable of preserving data confidentiality, integrity and availability in SLAs as trust-enhancing instruments.
2020 International Conference on ICT for Smart Society (ICISS), 2020
This paper presents an overview of a smart city 4.0 framework in accelerating digital transformat... more This paper presents an overview of a smart city 4.0 framework in accelerating digital transformation, especially during the COVID-19 pandemic, using Jakarta as a case study. The findings of this study provide new insights how to translate a vision into a reality in the form of smart city 4.0 framework that offers a significant opportunity to advance the understanding of building a smart city ecosystem with technologies, innovations and collaborations. This paper applies four principles of the framework, namely mobile-first, system-and-data driven, digital experience, and smart collaboration in building a smart city 4.0 ecosystem platform. Part of the aim of this paper is to examine Jakarta’s super-app called JAKI that is compatible with such principles as a use case in the time of the pandemic. It provides a better understanding of common elements in building a new concept of a smart city. The results will inspire and give a contribution to other cities to consider the framework in building a smart city 4.0 ecosystem platform to foster quality of life, economic growth and sustainability.
2020 International Conference on ICT for Smart Society (ICISS), 2020
Covid-19 pandemic has driven many governments to discover solutions for various problems faced du... more Covid-19 pandemic has driven many governments to discover solutions for various problems faced during the pandemic, including the Regional Government of Jakarta (GOJ). In light of such crisis and pandemic situation, there have been a group of people that need additional primary food supply. In contrast, wealthy people are keen to help the vulnerable. Several attempts have been made to distribute social aids to residents with financial difficulties. However, the nature of social welfare services remains unclear and unscheduled. In this paper, we present a framework for a collaborative digital platform as a hub for the people in need and potential contributors. Such a framework calls as Large-scale Social Collaboration (KSBB) for better aid distribution management. The KSBB framework serves as a basis for: (1) analyzing need assessment of individuals/communities in need; (2) mapping of targeted individuals/communities in need; and (3) facilitating coordination with local communities. This paper shows that strong policy mandate, binding institution, and professional information technology support in government is crucial for the deliverable. The program can be implemented with the role of the government as platform providers rather than executors of social donation programs. The real applicability of the framework is demonstrated in the paper through the case of Jakarta during the first Large-scale Social Restrictions (PSBB). The use of such a framework can also inspire other initiatives to consider the model in developing similar and related programs.
Buku putih ini diterbitkan salah satunya adalah agar menjadi milestone dan outlook pembangunan ko... more Buku putih ini diterbitkan salah satunya adalah agar menjadi milestone dan outlook pembangunan kominfo di Indonesia. Sehingga bagi yang sudah lewat bisa dijadikan pelajaran untuk lebih ditingkatkan sedangkan bagi yang berada pada kondisi saat ini, buku putih ini dapat dijadikan acuan untuk melangkah ke depan yang lebih baik. Isinya meliputi tiga bagian besar yaitu tren TIK global saat ini khususnya untuk melihat pengaruh kemajuan teknologi TIK yang sangat cepat, Kondisi TIK Indonesia saat ini dan Gambaran kedepan pembangunan TIK Indonesia Diharapkan dengan keluarnya buku putih ini, seluruh stakeholders pembangunan TIK dapat memahami dan ikut serta mendukung disamping ikut juga mengawasi dan memperbaiki kekurangan kekurangan yang mungkin ada. Semoga TIK Indonesia maju, Indonesia jaya dan masyarakat pun sejahtera.
Trust Management XI, 2017
Many government agencies (GAs) increasingly rely on external computing, communications and storag... more Many government agencies (GAs) increasingly rely on external computing, communications and storage services supplied by service providers (SPs) to process, store or transmit sensitive data to increase scalability and decrease the costs of maintaining services. The relationships with external SPs are usually established through service level agreements (SLAs) as trust-enhancing instruments. However, there is a concern that existing SLAs are mainly focused on the system availability and performance aspects, but overlook security in SLAs. In this paper, we investigated 'real world' SLAs in terms of security guarantees between GAs and external SPs, using Indonesia as a case study. This paper develops a grounded adaptive Delphi method to clarify the current and potential attributes of security-related SLAs that are common among external service offerings. To this end, we conducted a longitudinal study of the Indonesian government auctions of 59 e-procurement services from 2010-2016 to find 'auction winners'. Further, we contacted five selected major SPs (n = 15 participants) to participate in a three-round Delphi study. Using a grounded theory analysis, we examined the Delphi study data to categorise and generalise the extracted statements in the process of developing propositions. We observed that most of the GAs placed significant importance on service availability, but security capabilities of the SPs were not explicitly expressed in SLAs. Additionally, the GAs often use the provision of service availability to demand additional security capabilities supplied by the SPs. We also observed that most of the SPs found difficulties in addressing data confidentiality and integrity in SLAs. Overall, our findings call for a proposition-driven analysis of the Delphi study data to establish the foundation for incorporating security capabilities into security-related SLAs.
SSRN Electronic Journal, 2015
From a national security perspective, cyberspace is a shared domain which requires a shared respo... more From a national security perspective, cyberspace is a shared domain which requires a shared responsibility between stakeholders at national and global level. Many countries have taken concrete steps to safeguard and protect their sensitive national data in cyberspace against cyber threat such as foreign intelligence services. Data sovereignty is of paramount importance to a nation-state such as Indonesia against the domination of foreign Internet service providers. Data sovereignty requirements can be viewed as reasonable efforts by nation-states to subject national sensitive data flows to and across national borders. Such data sovereignty requirements aim to safeguard and protect basic interests of nation-states in relation to data confidentiality, data integrity, and data availability. This study examines the Indonesian Government's requirements for data sovereignty and proposes initial technical proposals for data sovereignty requirements such as an encryption, national email services, data center localisation, national routing of Internet traffic, and national backbone communications infrastructure. As a new domain, we believe that data sovereignty raises many questions for related future research.
IEEE Transactions on Computational Social Systems
Uploads
Papers by Yudhistira Nugraha