1 Introduction

1.1 Background

An increasingly important aspect of citizen-government communication is citizen access to computers and connectivity.  Part of this connectivity is the need for unstructured (i.e. non-formatted) communications. Many issues raised by citizens or by the agencies with which they communicate include personal or health information, requiring that these communications need to be secured to protect the privacy and rights of the individual as well as the reputation of the agency.

A potential technical solution has been identified to provide SecureMail that builds on existing infrastructures as deployed for the Secure Electronic Environment.  A number of government agencies have already identified a business need for such a solution and are at various stages of implementation.

1.2 Document purpose

This document notes the business requirements developed by the SecureMail working group. 

2 Scope

2.1 In scope

Specification of secure end-to-end electronic delivery channels, using postal services as a comparative benchmark for behaviour, service levels and risks levels, to meet government requirements.  The end-to-end channel is defined as the point at which a message leaves the sender’s control, until it reaches an area under the receiver’s (or their agent’s) control. 

2.2 Out of scope

• The subject matter of messages.
• The message store at each end.
• The internal business process at either end of the delivery channel.

3 Business requirements

3.1 Sender / Receiver Requirements

The Sender can be highly confident that:

• Only the Receiver can retrieve the message from transit.

The Receiver can be highly confident that:

• The message is from the Sender as claimed.
  

Both parties can be highly confident that:

• No unauthorised party can read the message in transit.
• No unauthorised party can alter the message in transit.
• The message will be delivered.
• The system date/time is authoritative.
• They have full ownership rights of their copy of a message and they can use it as they see fit. 
  

3.2 Citizen Requirements

The level of service must be the same or better than existing channels.

The service must be available using common technology, readily available to most citizens.

The citizen would like the system to be:

• Easy to use
• One solution for Government
• Another channel to choose from

The service will cater for citizens who have special or particular access and usability needs.

3.3 Government Requirements

The system must be:

• Easy to use
• One solution for Government
• Compliant with the government’s legal and treaty obligations.
• Aligned with e-government initiatives such as the authentication project