An analysis on the Implementation of Secure Web-related Protocols in Portuguese City Councils

Detalhes bibliográficos
Autor(a) principal: Júnior, Jackson Barreto Costa
Data de Publicação: 2023
Outros Autores: Carneiro, Pedro, Paiva, Sara, Pinto, Pedro
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://u3isjournal.isvouga.pt/index.php/ijmcnm/article/view/752
Resumo: The services supporting the websites, both public and private entities, may support security protocols such as HTTPS or DNSSEC. Public and private entities have a responsibility to ensure the security of their online platforms. Entities in the public domain such as city councils provide their services through their websites. However, each city council has its systems, configurations, and IT teams, and this means they have different standings regarding the security protocols supported. This paper analyzes the status of security protocols on Portuguese city council websites, specifically HTTPS and DNSSEC. The study evaluated 308 city council websites using a script developed for the research, and data was collected from the website of Direção Geral das Autarquias Locais (DGAL) on December 14, 2022, and the websites were scanned on December 22, 2022. The results of this assessment reveal that around 97% of city council websites use RSA as their encryption algorithm and around 84% use 2048-bit length keys for digital certificate signing. Furthermore, about 53% of the city council websites are still supporting outdated and potentially insecure SSL/TLS versions, and around 95% of the councils are not implementing DNSSEC in their domains. These results highlight potential areas for improvement in cybersecurity measures and can serve as a baseline to track progress toward improving cybersecurity maturity in Portuguese city councils.DOI: https://doi.org/10.54663/2182-9306.2023.sn12.59-76 
id RCAP_c9b697ffbd7805207af1dc104084c5a9
oai_identifier_str oai:u3isjournal.isvouga.pt:article/752
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling An analysis on the Implementation of Secure Web-related Protocols in Portuguese City CouncilsCybersecurity, DNSSEC, HTTPS, SSL/TLS, Security headers, Portuguese city councils, Website securityThe services supporting the websites, both public and private entities, may support security protocols such as HTTPS or DNSSEC. Public and private entities have a responsibility to ensure the security of their online platforms. Entities in the public domain such as city councils provide their services through their websites. However, each city council has its systems, configurations, and IT teams, and this means they have different standings regarding the security protocols supported. This paper analyzes the status of security protocols on Portuguese city council websites, specifically HTTPS and DNSSEC. The study evaluated 308 city council websites using a script developed for the research, and data was collected from the website of Direção Geral das Autarquias Locais (DGAL) on December 14, 2022, and the websites were scanned on December 22, 2022. The results of this assessment reveal that around 97% of city council websites use RSA as their encryption algorithm and around 84% use 2048-bit length keys for digital certificate signing. Furthermore, about 53% of the city council websites are still supporting outdated and potentially insecure SSL/TLS versions, and around 95% of the councils are not implementing DNSSEC in their domains. These results highlight potential areas for improvement in cybersecurity measures and can serve as a baseline to track progress toward improving cybersecurity maturity in Portuguese city councils.DOI: https://doi.org/10.54663/2182-9306.2023.sn12.59-76 ISVOUGA - Instituto Superior de Entre Douro e Vouga2023-03-08info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://u3isjournal.isvouga.pt/index.php/ijmcnm/article/view/752International Journal of Marketing, Communication and New Media; No 12 (2023): Special Number CPDP2182-9306reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAPenghttp://u3isjournal.isvouga.pt/index.php/ijmcnm/article/view/752http://u3isjournal.isvouga.pt/index.php/ijmcnm/article/view/752/338Copyright (c) 2023 Jackson Barreto Costa Júnior, Pedro Carneiro, Sara Paiva, Pedro Pintoinfo:eu-repo/semantics/openAccessJúnior, Jackson Barreto CostaCarneiro, PedroPaiva, SaraPinto, Pedro2023-03-10T10:47:23Zoai:u3isjournal.isvouga.pt:article/752Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T17:21:49.353621Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv An analysis on the Implementation of Secure Web-related Protocols in Portuguese City Councils
title An analysis on the Implementation of Secure Web-related Protocols in Portuguese City Councils
spellingShingle An analysis on the Implementation of Secure Web-related Protocols in Portuguese City Councils
Júnior, Jackson Barreto Costa
Cybersecurity, DNSSEC, HTTPS, SSL/TLS, Security headers, Portuguese city councils, Website security
title_short An analysis on the Implementation of Secure Web-related Protocols in Portuguese City Councils
title_full An analysis on the Implementation of Secure Web-related Protocols in Portuguese City Councils
title_fullStr An analysis on the Implementation of Secure Web-related Protocols in Portuguese City Councils
title_full_unstemmed An analysis on the Implementation of Secure Web-related Protocols in Portuguese City Councils
title_sort An analysis on the Implementation of Secure Web-related Protocols in Portuguese City Councils
author Júnior, Jackson Barreto Costa
author_facet Júnior, Jackson Barreto Costa
Carneiro, Pedro
Paiva, Sara
Pinto, Pedro
author_role author
author2 Carneiro, Pedro
Paiva, Sara
Pinto, Pedro
author2_role author
author
author
dc.contributor.author.fl_str_mv Júnior, Jackson Barreto Costa
Carneiro, Pedro
Paiva, Sara
Pinto, Pedro
dc.subject.por.fl_str_mv Cybersecurity, DNSSEC, HTTPS, SSL/TLS, Security headers, Portuguese city councils, Website security
topic Cybersecurity, DNSSEC, HTTPS, SSL/TLS, Security headers, Portuguese city councils, Website security
description The services supporting the websites, both public and private entities, may support security protocols such as HTTPS or DNSSEC. Public and private entities have a responsibility to ensure the security of their online platforms. Entities in the public domain such as city councils provide their services through their websites. However, each city council has its systems, configurations, and IT teams, and this means they have different standings regarding the security protocols supported. This paper analyzes the status of security protocols on Portuguese city council websites, specifically HTTPS and DNSSEC. The study evaluated 308 city council websites using a script developed for the research, and data was collected from the website of Direção Geral das Autarquias Locais (DGAL) on December 14, 2022, and the websites were scanned on December 22, 2022. The results of this assessment reveal that around 97% of city council websites use RSA as their encryption algorithm and around 84% use 2048-bit length keys for digital certificate signing. Furthermore, about 53% of the city council websites are still supporting outdated and potentially insecure SSL/TLS versions, and around 95% of the councils are not implementing DNSSEC in their domains. These results highlight potential areas for improvement in cybersecurity measures and can serve as a baseline to track progress toward improving cybersecurity maturity in Portuguese city councils.DOI: https://doi.org/10.54663/2182-9306.2023.sn12.59-76 
publishDate 2023
dc.date.none.fl_str_mv 2023-03-08
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://u3isjournal.isvouga.pt/index.php/ijmcnm/article/view/752
url http://u3isjournal.isvouga.pt/index.php/ijmcnm/article/view/752
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv http://u3isjournal.isvouga.pt/index.php/ijmcnm/article/view/752
http://u3isjournal.isvouga.pt/index.php/ijmcnm/article/view/752/338
dc.rights.driver.fl_str_mv Copyright (c) 2023 Jackson Barreto Costa Júnior, Pedro Carneiro, Sara Paiva, Pedro Pinto
info:eu-repo/semantics/openAccess
rights_invalid_str_mv Copyright (c) 2023 Jackson Barreto Costa Júnior, Pedro Carneiro, Sara Paiva, Pedro Pinto
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv ISVOUGA - Instituto Superior de Entre Douro e Vouga
publisher.none.fl_str_mv ISVOUGA - Instituto Superior de Entre Douro e Vouga
dc.source.none.fl_str_mv International Journal of Marketing, Communication and New Media; No 12 (2023): Special Number CPDP
2182-9306
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799131312891625472

Registros relacionados