An investigation of health sector web applications in Bangladesh: A case study on cross site scripting

Samantha Haque, Touhid Bhuiyan

Research output: Contribution to journalArticlepeer-review

Abstract

Extensive use of technology creates a new dimension in health sector. It contributes to endless opportunity for persuading better and more healthcare practices. Technology never been useful without ensuring the exchange of data between the systems and web application is one of the suitable media to manage that information in different stages e.g. process, store and transmission. In this present world, health sector is also started ensuring its services through online for reaching their target audiences easily. To cope up with the current requirement of business in health sector, Bangladesh also started its journey to digitalize its services by using web applications. Unfortunately, the management of health sector in Bangladesh is focusing on services in the web rather than the quality of the application. Due to lack of monitoring and control in web applications development especially, in input validation area resulting compromise of sensitive data from the medical system. Therefore, much sensitive medical information would be manipulated and redirected by exploiting the vulnerabilities like Cross-site Scripting (XSS) and Session Hijacking that are the cause of inadequate input validation. In this paper we will discuss the reason of Cross-site Scripting (XSS) and Session Hijacking vulnerability and their different exploitation types. Also we have shown the impact of those vulnerabilities in medical sector.
Original languageEnglish
Pages (from-to)34-38
Number of pages5
JournalInternational Journal of Advances in Electronics and Computer Science
Volume4
Issue number5
Publication statusPublished - May 2017
Externally publishedYes

Fingerprint

Dive into the research topics of 'An investigation of health sector web applications in Bangladesh: A case study on cross site scripting'. Together they form a unique fingerprint.

Cite this