Vulnerabilities in e-governments

International Journal of Electronic Security and Digital Forensics

Volumn 1, Issue 1, 2007, Pages 89-100

  Moen, Vebjørn ^a   Klingsheim, André N ^a   Simonsen, Kent Inge Fagerland ^a   Hole, Kjell Jørgen ^a  

^a UNIVERSITY OF BERGEN   (Norway)

Author keywords

Cross Site Scripting; e government; privacy; SQL injection; Vulnerabilities; web application

Indexed keywords

EID: 84923041636     PISSN: 1751911X     EISSN: 17519128     Source Type: Journal    
DOI: 10.1504/IJESDF.2007.013595     Document Type: Article

References (16)

1. Anley, C. (2002) ‘Advanced SQL injection in SQL server applications’, A NGSSoftware Insight Security Research (NISR) Publication, Available at: http://www.nextgenss.com/papers/advanced_sql_injection.pdf. Accessed on 26 October 2005.
2. Anzinger, G. (2005) ‘List over governments on the WWW’, Available at: http://www.gksoft.com/govt/en/. Accessed on 26 October 2005.
3. Berners-Lee, T., Masinter, L. and McCahill, M. (1994) ‘RFC 1738 – uniform resource locators (URL)’, Available at: http://www.faqs.org/rfcs/rfc1738.html. Accessed on 26 October 2005.
4. CERT (2002) ‘Cert Advisory CA-2000-02 Malicious HTML tags embedded in client web requests’, Available at: http://www.cert.org/advisories/CA-2000-02.html. Accessed on 26 October 2005.
5. European Commission (2005) ‘E-Government services yield real benfits for EU citizens and businesses’, Available at: http://europa.eu.int/rapid/pressReleasesAction.do?reference=IP/05/41&format=HTML&aged=0&language= EN&guiLanguage=en. Visited on 26 October 2005.
6. Google (2005) ‘Directory over countries’, Available at: http://directory.google.com/Top/Regional/Countries/. Accessed on 26 October 2005.
7. Hoglund, G. and McGraw, G. (2004) Exploiting Software: How to Break Code, Addison-Wesley.
8. Hole, K.J., Moen, V. and Tjøstheim, T. (2006) ‘Case study: online banking security’, IEEE Security and Privacy, March/April.
9. Hoofnagle, C.J. and Mierzwinski, E. (2004) ‘US PIRG answers to chairman shaw’s questions on social security number privacy’, Available at: http://www.epic.org/privacy/ssn/ssnanswers7.2.04.html. Accessed on 26 October 2005.
10. Huang, Y-W., Yu, F., Hang, C., Tsai, C-H., Lee, D-T. and Kuo, S-Y. (2004) ‘Securing web application code by static analysis and runtime protection’, Proceedings of the 13th Conference on World Wide Web, New York, NY, May, pp.40–52.
11. Huseby, S.H. (2004) Innocent Code: A Security Wake-up Call for Web Programmers, Wiley.
12. ISO (2005) ‘ISO 3166 country code lists’, Available at: http://www.iso.org/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/index.html. Accessed on 26 October 2005.
13. Modsecurity (2005) ‘Open source web application firewall’, Available at: http://www.modsecurity.org/. Accessed on 26 October 2005.
14. Nationsonline.org (2005) ‘First, second and third world’, Available at: http://www.nationsonline.org/oneworld/third_world_countries.htm. Accessed on 26 October 2005.
15. Selmer, E. (1964) ‘Personnummerering i Norge: Litt anvendt tallteori og psykologi’, Nordisk matematisk tidskrift.
16. The Digital Task Force (2004) ‘The Danish eGovernment Strategy 2004–2006’, Available at: http://e.gov.dk/uploads/media/strategy_pixi.pdf. Accessed 26 October 2005.