Web application vulnerability assessment and policy direction towards a secure smart government

• We identified loopholes due to poor design of web platforms for e-government services.
• Assessment of vulnerability propensity revealed XSS and SQLi as possible high attack.
• All categories of government sector portals were found to be susceptible which could hinder quality service delivery.
• Suggestions were advanced for a smarter e-government of the future.
• Policies were advanced to alleviate the challenges.

This paper carried out technological analysis of e-government platforms with a view of assessing possible application flaws that can inhibit smooth running of the available web services provided. Two sets of data were collected with an interval of two years on 64 Nigerian government websites. Five web vulnerability variables known to be notorious for web attacks were purposively investigated. In the overall assessment for the two datasets, the average result showed that about 67% are affected by broken links (BL), 43.8% by unencrypted password (UP), 35% by cross site scripting (XSS) and about one out of every four are affected by each of Structured Query Language Injection (SQLi) and cookie manipulation (CM). An independent t test statistic showed that there is a significant difference between the groups for three of the variables investigated, these are: XSS, SQLi and CM at 95% confidence interval. The motivation for this study is premised on the risk that these results pose to the smooth running of the e-government services and the possibility of financial loss. The research thus suggests some useful policy directions to enhance the provision of a secure smarter government.