Web 2.0 services, vulnerability, threats and protection measures (CECIIS 2009)

Jasmin ?osi?

Faculty of Organization and Informatics

University of Zagreb

Pavlinska 2, 42000 Varaždin, Croatia

jcosic@foi.hr

Author(s) Name(s)

Author Affiliation(s)

Department/Institute

Full Address(es)

E-mail(s)

Abstract. Every 15 seconds a new malicious webpage (page with malwares) is discovered in the world,  and up to 85% of those pages are regular and legitimate whose owners have no idea that their page was "hacked" and that the hackers embedded „malwares"into those pages. Studies have shown that the cause of the problems are new web technologies (less is attributed to vulnerability of web servers and browsers; mostly to web applications) also failures of programmers and designers, administrators of sites, where these applications are "hosted", and the web users.

In this article I will attempt to give a cross-sectional view of this field and point at the most vulnerable parts at the web 2.0 services in 2007 and in 2008. I will also try to give certain recommendations and guidelines for what needs to be paid special attention to during the IS development phases; and also how one can protect the final users, what the managers can do, what designers of application can do, as well as the administrators of the system on which the servers spin to make hackers' job harder.

Keywords. Web 2.0,Security,Vulnerability,Web application,Hackers