Opportunities and threats: A security assessment of state e-government websites

被引:72
作者
Zhao, Jensen J. [1 ]
Zhao, Sherry Y. [2 ]
机构
[1] Ball State Univ, Miller Coll Business ISOM, Muncie, IN 47306 USA
[2] Int Comp Sci Inst, Berkeley, CA 94704 USA
关键词
E-government; Computer network systems; IP address; NAT; PAT; Port; 80/tcp; 443/tcp; Security; Vulnerability; Cyber intrusion; Hacker attack;
D O I
10.1016/j.giq.2009.07.004
中图分类号
G25 [图书馆学、图书馆事业]; G35 [情报学、情报工作];
学科分类号
1205 ; 120501 ;
摘要
This study assessed the security of the U.S. state e-government sites to identify opportunities for and threats to the sites and their users. The study used a combination of three methods - web content analysis, information security auditing, and computer network security mapping - for data collection and analysis. The findings indicate that most state e-government sites posted privacy and security policy statements; however, only less than half stated clearly what security measures were in action. Second, the information security audit revealed that 98% of the sites secured users' accounts with SSL encryption for data transmission, and the sites' search tools enable public users to search for public information only. Third, although the sites had most of their internet ports filtered or behind firewalls, all of them had their main IP addresses detected and their port 80/tcp open. The study discussed the threats and opportunities and suggested possible solutions for improving e-government security. (C) 2009 Elsevier Inc. All rights reserved.
引用
收藏
页码:49 / 56
页数:8
相关论文
共 50 条
  • [41] The Web Service Security in Coordination Working Platform of E-Government
    Ye, Liang
    Wu, Qing
    Zhang, Xiaoyong
    2011 AASRI CONFERENCE ON INFORMATION TECHNOLOGY AND ECONOMIC DEVELOPMENT (AASRI-ITED 2011), VOL 1, 2011, : 314 - 317
  • [42] Security Engineering for E-Government Web Services: A Trust Model
    Al-Shargabi, Bassam
    2016 INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS ENGINEERING (ICISE), 2016, : 8 - 11
  • [43] Does Agency Size Affect IS Security Compliance for e-Government?
    Smith, Stephen
    Bunker, Deborah
    Pang, Vincent
    PACIFIC ASIA CONFERENCE ON INFORMATION SYSTEMS 2006, SECTIONS 1-8, 2006, : 658 - 672
  • [44] A review of effectiveness of Saudi E-government data security management
    Alharbi A.S.
    Halikias G.
    Rajarajan M.
    Yamin M.
    International Journal of Information Technology, 2021, 13 (2) : 573 - 579
  • [45] The Web Service Security in Coordination Working Platform of E-Government
    Ye, Liang
    Wu, Qing
    Zhang, Xiaoyong
    2011 INTERNATIONAL CONFERENCE ON FUZZY SYSTEMS AND NEURAL COMPUTING (FSNC 2011), VOL IV, 2011, : 314 - 317
  • [46] On Security Risk Management in the Construction of E-Government
    Li, Bing
    EIGHTH WUHAN INTERNATIONAL CONFERENCE ON E-BUSINESS, VOLS I-III, 2009, : 100 - 104
  • [47] Study on the E-government Security Risk Management
    Zhou, Zhitian
    Hu, Congyang
    INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2008, 8 (05): : 208 - 213
  • [48] ON HOW TO STRENGTHEN THE INFORMATION SECURITY OF E-GOVERNMENT
    Liu Wei
    Hu Changlong
    FOURTH INTERNATIONAL CONFERENCE ON COMPUTER AND ELECTRICAL ENGINEERING (ICCEE 2011), 2011, : 341 - 345
  • [49] Information Security in E-Government: Legal Aspects
    Politanskyi, Viacheslav
    Lukianov, Dmytro
    Ponomarova, Hanna
    Gyliaka, Oleh
    CUESTIONES POLITICAS, 2021, 39 (69): : 361 - 372
  • [50] Research of E-government Security Risk Assessment Method Using Bayesian Network
    Xia, Aiyue
    WISM: 2009 INTERNATIONAL CONFERENCE ON WEB INFORMATION SYSTEMS AND MINING, PROCEEDINGS, 2009, : 605 - 608