Web site security maturity of the European Union and its member states : A survey study on the compliance with best practices of DNSSEC, HSTS, HTTPS, TLS-version, and certificate validation types

Rapp, Axel

his.sePublications

Simple search

Advanced search -
Research publications Advanced search -
Student theses Statistics

English Svenska Norsk

Change search

Cite ExportLink to record

Permanent link

https://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-20127

Direct link

http://his.diva-portal.org/smash/record.jsf?pid=diva2:1576599

Cite

Citation style

apa
apa-cv
ieee
modern-language-association-8th-edition
vancouver
Other style

More styles

Language

de-DE
en-GB
en-US
fi-FI
nn-NO
nn-NB
sv-SE
Other locale

More languages

Output format

html
text
asciidoc
rtf

Web site security maturity of the European Union and its member states: A survey study on the compliance with best practices of DNSSEC, HSTS, HTTPS, TLS-version, and certificate validation types

Rapp, Axel

University of Skövde, School of Informatics.

2021 (English)Independent thesis Basic level (degree of Bachelor), 15 credits / 22,5 HE creditsStudent thesis

Abstract [en]

With e-governance steadily growing, citizen-to-state communication via Web sites is as well, placing enormous trust in the protocols designed to handle this communication in a secure manner. Since breaching any of the protocols enabling Web site communication could yield benefits to a malicious attacker and bring harm to end-users, the battle between hackers and information security professionals is ongoing and never-ending. This phenomenon is the main reason why it is of importance to adhere to the latest best practices established by specialized independent organizations. Best practice compliance is important for any organization, but maybe most of all for our governing authorities, which we should hold to the highest standard possible due to the nature of their societal responsibility to protect the public. This report aims to, by conducting a quantitative survey, study the Web sites of the governments and government agencies of the member states of the European Union, as well as Web sites controlled by the European Union to assess to what degree their domains comply with the current best practices of DNSSEC, HSTS, HTTPS, SSL/TLS, and certificate validation types.

The findings presented in this paper show that there are significant differences in compliance level between the different parameters measured, where HTTPS best practice deployment was the highest (96%) and HSTS best practice deployment was the lowest (3%). Further, when comparing the average best practice compliance by country, Denmark and the Netherlands performed the best, while Cyprus had the lowest average.

Place, publisher, year, edition, pages

2021. , p. iii, 66

Keywords [en]

Web site security, information security, e-governance, best practice, DNSSEC, HSTS, HTTPS, SSL, TLS, certificate validation

National Category

Information Systems, Social aspects

Identifiers

URN: urn:nbn:se:his:diva-20127OAI: oai:DiVA.org:his-20127DiVA, id: diva2:1576599

Subject / course

Informationsteknologi

Educational program

Network and Systems Administration

Supervisors

Zaxmy, Johan

Examiners

Ding, Jianguo

Available from: 2021-07-01 Created: 2021-07-01 Last updated: 2021-07-01Bibliographically approved

Open Access in DiVA

fulltext(2674 kB)

209 downloads

File information

File name FULLTEXT01.pdfFile size 2674 kBChecksum SHA-512

d046a65d932fdf848e31136e60f0562935c8978d923c79ed39078bd622c6a0e8fffda7955e0099ceaeb379e88a172ff9de909e691777e7b9e02be871c75f8a7b

Type fulltextMimetype application/pdf

Total: 209 downloads

The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Total: 1328 hits