Securing PHP written medical websites
Journal Title: Applied Medical Informatics - Year 2019, Vol 41, Issue 0
Abstract
Medical websites, as well as patient data, and user data on medical websites, have to be secured, and effort should be put to increase the privacy of the users. PHP is one of the most used scripting languages for website development. But it is highly criticized from the security point of view. Developers should build medical PHP websites with security in mind, beside their efforts to fulfill the website purpose. The most common attacks, and security issues on PHP websites are: SQL injection attack (where an attacker tries to insert malicious code in the SQL queries); cross-site scripting (where external code is injected in the output of the website); cross-site request forgery (where unwanted commands are injected from a user that the website trusts); session hijacking (where the session ID of the user is stolen); broken authentication and access control; sensitive data exposure; error logging; using components with known vulnerabilities. Their description and ways to mitigate are presented.
Authors and Affiliations
Daniel LEUCUŢA
Keywords
Related Articles
- EP ID EP655045
- DOI -
- Views 88
- Downloads 0
Cost Analysis on Imaging Diagnostic Techniques in Cerebral and Abdominal Neonatal Pathology
Background: Improvement of health care quality and cost control are the main aims of the health care reform in Romania. Objective: The aims of the research are to analyse the trend of costs for imaging techniques used as...
An Entropy-Based Computer Model for the Measurement of Phonetic Similarity: Dyslalia Screening in Early School-Age Children
This paper presents a computer model for the assessment of the similarity between two sound patterns, to identify phoneme mispronunciations circumscribed by dyslalic disorders in early school-age children (6-10 year olds...
Are there hard boundaries between teaching and learning biomedical informatics in the twenty-first century?
Introduction: An educational transformation of academic teaching is ongoing, with lecture-basedapproaches being replaced by problem-based or team-based learning, flipped classrooms, oractive and collaborative learning. B...
Informatics in nursing. Current and future trends
The need for knowledge in the medical field and computerization, have increased significantly in this century and from the point of view of nurses. It is essential that future basic training programs for nurses include c...
NUTRIBASE - Data Base for Nutritional Evaluation and Dietetic Treatment in Populational Metabolic Diseases
The nutritional evaluation and diet prescription are laborious and require much time. They need calculations of basic nutritional indices, to precisely diagnose and finally to indicate the proper nutritional recommendati...