University of Worcester Worcester Research and Publications
 
  USER PANEL:
  ABOUT THE COLLECTION:
  CONTACT DETAILS:

Web Vulnerability Study of Online Pharmacy Sites

Kuzma, Joanne (2011) Web Vulnerability Study of Online Pharmacy Sites. Informatics for Health and Social Care, 36 (1). pp. 20-34. ISSN 1753-8165

[img] Microsoft Word
informaticsjan2011forwrap.doc - Published Version

Download (344Kb)
[img] PDF
informaticsjan2011forwrap.pdf - Published Version

Download (273Kb)

Abstract

Consumers are increasingly using online pharmacies, but these sites may not provide an adequate level of security with the consumers’ personal data. There is a gap in this research addressing the problems of security vulnerabilities in this industry. The objective is to identify the level of web application security vulnerabilities in online pharmacies and the common types of flaws, thus expanding on prior studies. Technical, managerial and legal recommendations on how to mitigate security issues are presented. The proposed four-step method first consists of choosing an online testing tool. The next steps involve choosing a list of 60 online pharmacy sites to test, and then running the software analysis to compile a list of flaws. Finally, an in-depth analysis is performed on the types of web application vulnerabilities. The majority of sites had serious vulnerabilities, with the majority of flaws being cross-site scripting or old versions of software that have not been updated. A method is proposed for the securing of web pharmacy sites, using a multi-phased approach of technical and managerial techniques together with a thorough understanding of national legal requirements for securing systems.

Item Type: Article
Uncontrolled Keywords: Security, web applications, online pharmacies, N-Stalker
Subjects: T Technology > T Technology (General)
Divisions: Academic Departments > Worcester Business School
Related URLs:
Depositing User: Joanne Kuzma
Date Deposited: 07 Jan 2011 11:48
Last Modified: 08 Jan 2011 06:00
URI: https://eprints.worc.ac.uk/id/eprint/1191

Actions (login required)

View Item View Item
 
     
Worcester Research and Publications is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.