Web application vulnerability assessment and policy direction towards a secure smart government

Web application vulnerability assessment and policy direction towards a secure smart government

This paper carried out technological analysis of e-government platforms with a view of assessing possible application flaws that can inhibit smooth running of the available web services provided. Two sets of data were collected with an interval of two years on 64 Nigerian government websites. Five w...

Full description

Saved in:
Bibliographic Details
Published in:Government information quarterly Vol. 31; pp. S118 - S125
Main Authors: Awoleye, Olusesan M., Ojuloge, Blessing, Ilori, Mathew O.
Format: Journal Article
Language:English
Published: Elsevier Inc 01-06-2014
Subjects:
Cookie manipulation
Cross site injection
E-government
Policy
Smart government
SQL injection
Web vulnerability
Policy
Cross site injection
Cookie manipulation
Web vulnerability
SQL injection
Smart government
E-government
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper carried out technological analysis of e-government platforms with a view of assessing possible application flaws that can inhibit smooth running of the available web services provided. Two sets of data were collected with an interval of two years on 64 Nigerian government websites. Five web vulnerability variables known to be notorious for web attacks were purposively investigated. In the overall assessment for the two datasets, the average result showed that about 67% are affected by broken links (BL), 43.8% by unencrypted password (UP), 35% by cross site scripting (XSS) and about one out of every four are affected by each of Structured Query Language Injection (SQLi) and cookie manipulation (CM). An independent t test statistic showed that there is a significant difference between the groups for three of the variables investigated, these are: XSS, SQLi and CM at 95% confidence interval. The motivation for this study is premised on the risk that these results pose to the smooth running of the e-government services and the possibility of financial loss. The research thus suggests some useful policy directions to enhance the provision of a secure smarter government. •We identified loopholes due to poor design of web platforms for e-government services.•Assessment of vulnerability propensity revealed XSS and SQLi as possible high attack.•All categories of government sector portals were found to be susceptible which could hinder quality service delivery.•Suggestions were advanced for a smarter e-government of the future.•Policies were advanced to alleviate the challenges.
ISSN:0740-624X
1872-9517
DOI:10.1016/j.giq.2014.01.012