In order to assist digital governance and service delivery, the Government of India created the Meghraj Cloud (GI Cloud) initiative. But the growing complexity of cyberthreats need more robust security measures that follow global best practices. This study compares Meghraj Cloud against well-known security frameworks in the UK (NCSC Cloud Security Principles) and the US (FedRAMP, NIST Zero Trust). The report finds significant gaps in supply-chain security, adoption of Zero Trust, centralised authorisation, and ongoing monitoring. Through a methodical approach to research, we suggest an improved Meghraj security framework that includes supply-chain assurance, resilience planning, encryption and key management, Zero Trust architecture, centralised authorisation, and compliance automation. This study adds to the body of knowledge in the fields of e-governance cloud security theory and practicality by providing policymakers with useful recommendations. Limitations are noted, and future research directions are described, including cost-benefit assessments of sophisticated security measures, quantitative security maturity models, and empirical case studies.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Enhancing Security in Meghraj Cloud: A Comparative Framework Based on US FedRAMP and UK NCSC Standards

  • Chaudhari Arefaben Taherali,
  • Ahesanali Shabbirali Dadavala,
  • Sirajbhai Abbasbhai Nagalpara

摘要

In order to assist digital governance and service delivery, the Government of India created the Meghraj Cloud (GI Cloud) initiative. But the growing complexity of cyberthreats need more robust security measures that follow global best practices. This study compares Meghraj Cloud against well-known security frameworks in the UK (NCSC Cloud Security Principles) and the US (FedRAMP, NIST Zero Trust). The report finds significant gaps in supply-chain security, adoption of Zero Trust, centralised authorisation, and ongoing monitoring. Through a methodical approach to research, we suggest an improved Meghraj security framework that includes supply-chain assurance, resilience planning, encryption and key management, Zero Trust architecture, centralised authorisation, and compliance automation. This study adds to the body of knowledge in the fields of e-governance cloud security theory and practicality by providing policymakers with useful recommendations. Limitations are noted, and future research directions are described, including cost-benefit assessments of sophisticated security measures, quantitative security maturity models, and empirical case studies.