University of Worcester Worcester Research and Publications

Web Vulnerability Study of Online Pharmacy Sites

Kuzma, Joanne (2011) Web Vulnerability Study of Online Pharmacy Sites. Informatics for Health and Social Care, 36 (1). pp. 20-34. ISSN 1753-8165

[img] Text
informaticsjan2011forwrap.doc - Published Version

Download (352kB)
informaticsjan2011forwrap.pdf - Published Version

Download (279kB) | Preview


Consumers are increasingly using online pharmacies, but these sites may not provide an adequate level of security with the consumers’ personal data. There is a gap in this research addressing the problems of security vulnerabilities in this industry. The objective is to identify the level of web application security vulnerabilities in online pharmacies and the common types of flaws, thus expanding on prior studies. Technical, managerial and legal recommendations on how to mitigate security issues are presented. The proposed four-step method first consists of choosing an online testing tool. The next steps involve choosing a list of 60 online pharmacy sites to test, and then running the software analysis to compile a list of flaws. Finally, an in-depth analysis is performed on the types of web application vulnerabilities. The majority of sites had serious vulnerabilities, with the majority of flaws being cross-site scripting or old versions of software that have not been updated. A method is proposed for the securing of web pharmacy sites, using a multi-phased approach of technical and managerial techniques together with a thorough understanding of national legal requirements for securing systems.

Item Type: Article
Uncontrolled Discrete Keywords: Security, web applications, online pharmacies, N-Stalker
Subjects: T Technology > T Technology (General)
Divisions: College of Business, Psychology and Sport > Worcester Business School
Related URLs:
Depositing User: Joanne Kuzma
Date Deposited: 07 Jan 2011 11:48
Last Modified: 17 Jun 2020 16:54

Actions (login required)

View Item View Item
Worcester Research and Publications is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.