Web assessment of Libyan government e-Government services

Mohd. Zamri Murah, Abdullah Ahmed Ali

Research output: Contribution to journalArticle

Abstract

Libya has started transferring traditional government services into e-government services. The e-government initiative involves the use of websites to offer various services such as civil registration, financial transaction and private information handling. Currently, there has not been many studies about the security assessment of the Libyan government websites. Therefore, in this paper, we did a web security assessment of 16 Libyan government websites. The main purpose of this study is to determine the security level of these websites. The web security assessment was done in four phases: Reconnaissance, Enumeration and Scanning, Vulnerability assessment (web vulnerabilities and SSL encryption evaluation) and Content Analysis(security and privacy policies). The results showed that 9 websites have high and medium level vulnerabilities. Only 3 websites have A SSL rating. Also, only 3 websites have published security and privacy policies. We found 1 highly unsafe website, 6 unsafe websites, 8 somewhat safe websites and, 1 safe website. Overall, the study indicated the Libyan government websites are adequately secured without major security issues. Since these Libyan government websites deal with sensitive data, adequate security measures should be implemented to reduce the vulnerabilities and to mitigate future cyber security attacks.

Original languageEnglish
Pages (from-to)583-590
Number of pages8
JournalInternational Journal of Advanced Computer Science and Applications
Volume9
Issue number12
DOIs
Publication statusPublished - 1 Jan 2018

Fingerprint

Websites
World Wide Web
Security of data
Cryptography
Scanning

Keywords

  • E-Government
  • Information security
  • Libya
  • Penetration testing
  • Web security assessment
  • Website vulnerability

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Web assessment of Libyan government e-Government services. / Murah, Mohd. Zamri; Ali, Abdullah Ahmed.

In: International Journal of Advanced Computer Science and Applications, Vol. 9, No. 12, 01.01.2018, p. 583-590.

Research output: Contribution to journalArticle

@article{8a006a2dadaa45b79613e6382cb8e339,
title = "Web assessment of Libyan government e-Government services",
abstract = "Libya has started transferring traditional government services into e-government services. The e-government initiative involves the use of websites to offer various services such as civil registration, financial transaction and private information handling. Currently, there has not been many studies about the security assessment of the Libyan government websites. Therefore, in this paper, we did a web security assessment of 16 Libyan government websites. The main purpose of this study is to determine the security level of these websites. The web security assessment was done in four phases: Reconnaissance, Enumeration and Scanning, Vulnerability assessment (web vulnerabilities and SSL encryption evaluation) and Content Analysis(security and privacy policies). The results showed that 9 websites have high and medium level vulnerabilities. Only 3 websites have A SSL rating. Also, only 3 websites have published security and privacy policies. We found 1 highly unsafe website, 6 unsafe websites, 8 somewhat safe websites and, 1 safe website. Overall, the study indicated the Libyan government websites are adequately secured without major security issues. Since these Libyan government websites deal with sensitive data, adequate security measures should be implemented to reduce the vulnerabilities and to mitigate future cyber security attacks.",
keywords = "E-Government, Information security, Libya, Penetration testing, Web security assessment, Website vulnerability",
author = "Murah, {Mohd. Zamri} and Ali, {Abdullah Ahmed}",
year = "2018",
month = "1",
day = "1",
doi = "10.14569/IJACSA.2018.091282",
language = "English",
volume = "9",
pages = "583--590",
journal = "International Journal of Advanced Computer Science and Applications",
issn = "2158-107X",
publisher = "Science and Information Organization",
number = "12",

}

TY - JOUR

T1 - Web assessment of Libyan government e-Government services

AU - Murah, Mohd. Zamri

AU - Ali, Abdullah Ahmed

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Libya has started transferring traditional government services into e-government services. The e-government initiative involves the use of websites to offer various services such as civil registration, financial transaction and private information handling. Currently, there has not been many studies about the security assessment of the Libyan government websites. Therefore, in this paper, we did a web security assessment of 16 Libyan government websites. The main purpose of this study is to determine the security level of these websites. The web security assessment was done in four phases: Reconnaissance, Enumeration and Scanning, Vulnerability assessment (web vulnerabilities and SSL encryption evaluation) and Content Analysis(security and privacy policies). The results showed that 9 websites have high and medium level vulnerabilities. Only 3 websites have A SSL rating. Also, only 3 websites have published security and privacy policies. We found 1 highly unsafe website, 6 unsafe websites, 8 somewhat safe websites and, 1 safe website. Overall, the study indicated the Libyan government websites are adequately secured without major security issues. Since these Libyan government websites deal with sensitive data, adequate security measures should be implemented to reduce the vulnerabilities and to mitigate future cyber security attacks.

AB - Libya has started transferring traditional government services into e-government services. The e-government initiative involves the use of websites to offer various services such as civil registration, financial transaction and private information handling. Currently, there has not been many studies about the security assessment of the Libyan government websites. Therefore, in this paper, we did a web security assessment of 16 Libyan government websites. The main purpose of this study is to determine the security level of these websites. The web security assessment was done in four phases: Reconnaissance, Enumeration and Scanning, Vulnerability assessment (web vulnerabilities and SSL encryption evaluation) and Content Analysis(security and privacy policies). The results showed that 9 websites have high and medium level vulnerabilities. Only 3 websites have A SSL rating. Also, only 3 websites have published security and privacy policies. We found 1 highly unsafe website, 6 unsafe websites, 8 somewhat safe websites and, 1 safe website. Overall, the study indicated the Libyan government websites are adequately secured without major security issues. Since these Libyan government websites deal with sensitive data, adequate security measures should be implemented to reduce the vulnerabilities and to mitigate future cyber security attacks.

KW - E-Government

KW - Information security

KW - Libya

KW - Penetration testing

KW - Web security assessment

KW - Website vulnerability

UR - http://www.scopus.com/inward/record.url?scp=85059507583&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85059507583&partnerID=8YFLogxK

U2 - 10.14569/IJACSA.2018.091282

DO - 10.14569/IJACSA.2018.091282

M3 - Article

VL - 9

SP - 583

EP - 590

JO - International Journal of Advanced Computer Science and Applications

JF - International Journal of Advanced Computer Science and Applications

SN - 2158-107X

IS - 12

ER -