COSTECH Integrated Repository

Using soft systems methodology and activity theory to exploit security of web applications against heartbleed vulnerability

Show simple item record

dc.creator Mshangi, Maduhu
dc.creator Nfuka, Edephonce Ngemera
dc.creator Sanga, Camilius
dc.date 2017-01-19T16:39:54Z
dc.date 2017-01-19T16:39:54Z
dc.date 2015
dc.date.accessioned 2022-10-25T08:53:37Z
dc.date.available 2022-10-25T08:53:37Z
dc.identifier https://www.suaire.sua.ac.tz/handle/123456789/1183
dc.identifier.uri http://hdl.handle.net/123456789/93945
dc.description International Journal of Computing and ICT Research, Vol. 8, Issue 2, June 2015
dc.description The number of security incidents exploiting security holes in the web applications is increasing. One of the recently identified vulnerability in the web applications is the Heartbleed bug. The Heartbleed bug is a weakness found in OpenSSL, open source cryptographic software. In this study, both quantitative and qualitative research methodologies were employed. Case study and content/documentary analysis research methods were used to collect data for probing the web applications which are vulnerable to the bug. Due to the complexity of the problem, Soft Systems Methodology was adopted for the management of the analysis of data. The evaluation of security of web applications involved 64 selected websites of higher education institutions in Africa. SSM was supported by a theory called Activity Theory. The collected data was analysed using “R statistical computing package”. The study found that 89% of the universities web applications in Africa were vulnerable to the Heartbleed attack; and 11% of the universities web applications in Africa were not vulnerable to Heartbleed on the public announcement of the bug. But about two months later after the public announcement of the bug, 16% of the most universities web applications which were vulnerable were patched for the Heartbleed bug. The study seeks to contribute in application of Soft Systems Methodology and Activity Theory in the body of knowledge of information systems security (ISS).
dc.format application/pdf
dc.language en
dc.publisher International Journal of Computing and ICT Research,
dc.relation International Journal of Computing and ICT Research,;Vol. 8, Issue 2, June 2015
dc.subject Computing Management
dc.subject Heartbleed bug
dc.subject Web application
dc.subject System security
dc.subject Activity theory
dc.subject Information systems security (ISS)
dc.title Using soft systems methodology and activity theory to exploit security of web applications against heartbleed vulnerability
dc.type Article


Files in this item

Files Size Format View
Camilius Sanga.pdf 418.5Kb application/pdf View/Open

This item appears in the following Collection(s)

Show simple item record

Search COSTECH


Advanced Search

Browse

My Account