论文信息 - Web vulnerability study of online pharmacy sites

Web vulnerability study of online pharmacy sites

Consumers are increasingly using online pharmacies, but these sites may not provide an adequate level of security with the consumers’ personal data. There is a gap in this research addressing the problems of security vulnerabilities in this industry. The objective is to identify the level of web application security vulnerabilities in online pharmacies and the common types of flaws, thus expanding on prior studies. Technical, managerial and legal recommendations on how to mitigate security issues are presented. The proposed four-step method first consists of choosing an online testing tool. The next steps involve choosing a list of 60 online pharmacy sites to test, and then running the software analysis to compile a list of flaws. Finally, an in-depth analysis is performed on the types of web application vulnerabilities. The majority of sites had serious vulnerabilities, with the majority of flaws being cross-site scripting or old versions of software that have not been updated. A method is proposed for the securing of web pharmacy sites, using a multi-phased approach of technical and managerial techniques together with a thorough understanding of national legal requirements for securing systems.

Joanne Kuzma

[1] Buyer beware , 2012, Nature.

[2] Roy T. Fielding,et al. Hypertext Transfer Protocol - HTTP/1.0 , 1996, RFC.

[3] Mike Shema. Cross-Site Scripting , 2010 .

[4] N. Hershey. The legal perspective. , 1977, Trustee : the journal for hospital governing boards.

[5] Jimmie L. Joseph,et al. Quality drivers for e-pharmaceuticals system management: a theoretical framework , 2004, Int. J. Electron. Bus..

[6] 坦克. 网络安全扫描之王——Retina Network Security Scanner , 2003 .

[7] John K. Waters. IT Security: Target: The Web , 2009 .

[8] K. Yap,et al. OncoRx-IQ: a tool for quality assessment of online anticancer drug interactions. , 2010, International journal for quality in health care : journal of the International Society for Quality in Health Care.

[9] B. Quon,et al. A Comparison of Brand-Name Drug Prices between Canadian-Based Internet Pharmacies and Major U.S. Drug Chain Pharmacies , 2005, Annals of Internal Medicine.

[10] Ted Cooper,et al. Case report: Breaching the Security of the Kaiser Permanente Internet Patient Portal: the Organizational Foundations of Information Security , 2007, J. Am. Medical Informatics Assoc..

[11] Myung S. Ko,et al. THE IM P ACT OF INFORM A TION SECURITY BREACHES ON FINANCIAL PERFORMANCE OF THE BREACHED FIRMS: AN EMPIRICAL INVESTIG A TION , 2006 .

[12] Wenhong Luo,et al. Trust-building measures: a review of consumer health portals , 2004, CACM.