{"id":"https://openalex.org/W2151515785","doi":"https://doi.org/10.1109/iceei.2011.6021795","title":"Web Vulnerability Assessment: Outsource dilemmas","display_name":"Web Vulnerability Assessment: Outsource dilemmas","publication_year":2011,"publication_date":"2011-07-01","ids":{"openalex":"https://openalex.org/W2151515785","doi":"https://doi.org/10.1109/iceei.2011.6021795","mag":"2151515785"},"language":"en","primary_location":{"id":"doi:10.1109/iceei.2011.6021795","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iceei.2011.6021795","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2011 International Conference on Electrical Engineering and Informatics","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5104172269","display_name":"Arniyati Ahmad","orcid":null},"institutions":[{"id":"https://openalex.org/I55141112","display_name":"National Defence University of Malaysia","ror":"https://ror.org/00t53pv34","country_code":"MY","type":"education","lineage":["https://openalex.org/I55141112"]}],"countries":["MY"],"is_corresponding":true,"raw_author_name":"Arniyati Ahmad","raw_affiliation_strings":["Computer Science Department, National Defence University of Malaysia, Kuala Lumpur, Malaysia"],"affiliations":[{"raw_affiliation_string":"Computer Science Department, National Defence University of Malaysia, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I55141112"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017113695","display_name":"Siti Rohaidah Ahmad","orcid":"https://orcid.org/0000-0001-5045-9803"},"institutions":[{"id":"https://openalex.org/I55141112","display_name":"National Defence University of Malaysia","ror":"https://ror.org/00t53pv34","country_code":"MY","type":"education","lineage":["https://openalex.org/I55141112"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Siti Rohaidah Ahmad","raw_affiliation_strings":["Computer Science Department, National Defence University of Malaysia, Kuala Lumpur, Malaysia"],"affiliations":[{"raw_affiliation_string":"Computer Science Department, National Defence University of Malaysia, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I55141112"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077205653","display_name":"Nor Fatimah Awang","orcid":"https://orcid.org/0000-0003-3598-4065"},"institutions":[{"id":"https://openalex.org/I55141112","display_name":"National Defence University of Malaysia","ror":"https://ror.org/00t53pv34","country_code":"MY","type":"education","lineage":["https://openalex.org/I55141112"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Nor Fatimah Awang","raw_affiliation_strings":["Computer Science Department, National Defence University of Malaysia, Kuala Lumpur, Malaysia"],"affiliations":[{"raw_affiliation_string":"Computer Science Department, National Defence University of Malaysia, Kuala Lumpur, Malaysia","institution_ids":["https://openalex.org/I55141112"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5112999189","display_name":"Zulkarnain Md Ali","orcid":null},"institutions":[{"id":"https://openalex.org/I885383172","display_name":"National University of Malaysia","ror":"https://ror.org/00bw8d226","country_code":"MY","type":"education","lineage":["https://openalex.org/I885383172"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Zulkarnain Md. Ali","raw_affiliation_strings":["Computer Science Department, The National University of Malaysia, Bangi, Selangor, Malaysia"],"affiliations":[{"raw_affiliation_string":"Computer Science Department, The National University of Malaysia, Bangi, Selangor, Malaysia","institution_ids":["https://openalex.org/I885383172"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5104172269"],"corresponding_institution_ids":["https://openalex.org/I55141112"],"apc_list":null,"apc_paid":null,"fwci":0.7389,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.83635069,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9753000140190125,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9703999757766724,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/outsourcing","display_name":"Outsourcing","score":0.6896880269050598},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.6702858805656433},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6689507961273193},{"id":"https://openalex.org/keywords/compromise","display_name":"Compromise","score":0.6512359380722046},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6249390840530396},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6189001202583313},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5500213503837585},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.4989173412322998},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.4917304813861847},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.43417567014694214},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3744013011455536},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.33981412649154663},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.14797526597976685},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.09939685463905334},{"id":"https://openalex.org/keywords/marketing","display_name":"Marketing","score":0.09364306926727295}],"concepts":[{"id":"https://openalex.org/C46934059","wikidata":"https://www.wikidata.org/wiki/Q61515","display_name":"Outsourcing","level":2,"score":0.6896880269050598},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.6702858805656433},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6689507961273193},{"id":"https://openalex.org/C46355384","wikidata":"https://www.wikidata.org/wiki/Q726686","display_name":"Compromise","level":2,"score":0.6512359380722046},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6249390840530396},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6189001202583313},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5500213503837585},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.4989173412322998},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4917304813861847},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.43417567014694214},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3744013011455536},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.33981412649154663},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.14797526597976685},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.09939685463905334},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.09364306926727295},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/iceei.2011.6021795","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iceei.2011.6021795","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2011 International Conference on Electrical Engineering and Informatics","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6100000143051147,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W618763205","https://openalex.org/W1544279955","https://openalex.org/W2478098398","https://openalex.org/W2518048193"],"related_works":["https://openalex.org/W1883246888","https://openalex.org/W2370114625","https://openalex.org/W2947584067","https://openalex.org/W3118510577","https://openalex.org/W2280562859","https://openalex.org/W3157230915","https://openalex.org/W1496728123","https://openalex.org/W2062873522","https://openalex.org/W1756374135","https://openalex.org/W2789975780"],"abstract_inverted_index":{"Vulnerability":[0],"Assessment":[1],"(VAS)":[2],"is":[3,22,108,145],"a":[4,14,64,97,165,219],"process":[5,151],"to":[6,18,24,30,63,106,118,163,175,193,222],"search":[7],"for":[8,96,142,184],"any":[9,42,228],"potential":[10],"loopholes":[11],"contain":[12],"in":[13,113,179,218],"system":[15,29,123,226],"that":[16,33,45,89,121,144],"lead":[17],"compromise":[19],"it.":[20],"It":[21,79,188],"important":[23],"do":[25,68],"VAS":[26,55,111,143,158],"on":[27,73,83,147],"the":[28,53,74,84,87,110,122,126,148,150,154,186,191,224],"make":[31,119],"sure":[32,120],"it":[34,62,69,95,206],"will":[35,160],"be":[36,57],"safely":[37],"release":[38],"and":[39,50,76,115,139,156,170,204,230],"not":[40],"offer":[41],"illegitimate":[43],"access":[44],"can":[46,56,80,124],"affect":[47],"availability,":[48],"confidentiality":[49,85],"integrity":[51],"of":[52,86,152,167],"system.":[54],"done":[58,217],"by":[59],"out":[60],"sourcing":[61],"third":[65,98],"party":[66,99],"or":[67],"yourself":[70],"(DIY)":[71],"depending":[72],"budget":[75],"time":[77,169],"allocated.":[78],"sometimes":[81],"depend":[82],"project":[88],"might":[90],"pretend":[91],"you":[92,162],"from":[93,197,227],"open":[94],"assessment.":[100],"By":[101],"choosing":[102],"DIY,":[103],"another":[104],"thing":[105],"consider":[107],"implementing":[109],"as":[112],"standard":[114,195],"common":[116,140],"practices":[117,141],"pass":[125],"security":[127],"requirements":[128],"needed.":[129],"Even":[130],"though":[131],"there":[132],"are":[133],"so":[134],"many":[135],"standards,":[136],"testing":[137],"guidelines":[138],"available":[146],"net,":[149],"selecting":[153],"best":[155],"suitable":[157],"approach":[159],"need":[161],"sacrifice":[164],"lot":[166],"your":[168],"effort.":[171],"This":[172],"paper":[173],"tries":[174],"share":[176],"some":[177,182],"experiences":[178],"setting":[180],"up":[181],"criteria":[183],"outsourcing":[185],"task.":[187],"also":[189],"shares":[190],"way":[192],"simplify":[194],"practise":[196],"Open":[198],"Web":[199],"Application":[200],"Security":[201],"Project":[202],"(OWASP)":[203],"turning":[205],"into":[207],"simple":[208],"practice":[209],"yet":[210],"thorough":[211],"assessment":[212,215],"process.":[213],"The":[214],"was":[216],"clone":[220],"environment":[221],"protect":[223],"real":[225],"disruptions":[229],"conflict.":[231]},"counts_by_year":[{"year":2013,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}