{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,5]],"date-time":"2026-01-05T22:10:03Z","timestamp":1767651003005,"version":"3.41.2"},"reference-count":30,"publisher":"Emerald","issue":"3","license":[{"start":{"date-parts":[[2010,9,7]],"date-time":"2010-09-07T00:00:00Z","timestamp":1283817600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010,9,7]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-heading\">Purpose<\/jats:title><jats:p>The purpose of this paper is to investigate the web vulnerability challenges at European library web sites and how these issues can affect the data protection of their patrons.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Design\/methodology\/approach<\/jats:title><jats:p>A web vulnerability testing tool was used to analyze 80 European library sites in four countries to determine how many security vulnerabilities each had and what were the most common types of problems.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Findings<\/jats:title><jats:p>Analysis results from surveying the libraries show the majority have serious security flaws in their web applications. The research shows that despite country\u2010specific laws mandating secure sites, system librarians have not implemented appropriate measures to secure their online information systems.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Research limitations\/implications<\/jats:title><jats:p>Further research on library vulnerability throughout the world can be taken to educate librarians in other countries of the serious nature of protecting their systems.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Practical implications<\/jats:title><jats:p>The findings serve to remind librarians of the complexity in providing a secure online environment for their patrons and that a disregard or lack of awareness of securing systems could lead to serious vulnerabilities of the patrons' personal data and systems. Lack of consumer trust may result in a decreased use of online commerce and have serious repercussions for the municipal libraries. Several concrete examples of methods to improve security are provided.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Originality\/value<\/jats:title><jats:p>The paper serves as a current paper on data security issues at Western European municipal library web sites. It serves as a useful summary regarding technical and managerial measures librarians can take to mitigate inadequacies in their security implementation.<\/jats:p><\/jats:sec>","DOI":"10.1108\/07378831011076657","type":"journal-article","created":{"date-parts":[[2010,9,11]],"date-time":"2010-09-11T07:00:20Z","timestamp":1284188420000},"page":"402-413","source":"Crossref","is-referenced-by-count":11,"title":["European digital libraries: web security vulnerabilities"],"prefix":"10.1108","volume":"28","author":[{"given":"Joanne","family":"Kuzma","sequence":"first","affiliation":[]}],"member":"140","reference":[{"key":"key2022021220040976000_b1","unstructured":"Balas, J. (2005), \u201cClose the gates, lock the windows, bolt the doors: securing library computers\u201d, Computers in Libraries, Vol. 25 No. 3, pp. 28\u201030."},{"key":"key2022021220040976000_b2","unstructured":"Breeding, M. (2005), \u201cBuilding trust through secure web sites\u201d, Computers in Libraries, Vol. 25 No. 6, pp. 24\u20106."},{"key":"key2022021220040976000_b3","doi-asserted-by":"crossref","unstructured":"Castro\u2010Edwards, J. (2008), \u201cData protection: where are we now?\u201d, Journal of Database Marketing and Customer Strategy Management, Vol. 15 No. 4, pp. 285\u201092.","DOI":"10.1057\/dbm.2008.18"},{"key":"key2022021220040976000_b4","unstructured":"Cenzic (2009), \u201cWeb application security trends report Q3\u2010Q4, 2008\u201d, available at: www.cenzic.com\/downloads\/Cenzic_AppSecTrends_Q3\u2010Q4\u20102008.pdf (accessed 17 October 2009)."},{"key":"key2022021220040976000_b5","doi-asserted-by":"crossref","unstructured":"Chen, S., Choo, C. and Chow, R. (2006), \u201cInternet security: a novel role\/object\u2010based access control for digital libraries\u201d, Journal of Organizational Computing and Electronic Commerce, Vol. 16 No. 2, pp. 87\u2010103.","DOI":"10.1207\/s15327744joce1602_1"},{"key":"key2022021220040976000_b6","unstructured":"Cheng, K. (2005), \u201cSurviving hacker attacks proves that every cloud has a silver lining\u201d, Computers in Libraries, Vol. 25 No. 3, pp. 6\u20108, 52\u20106."},{"key":"key2022021220040976000_b7","doi-asserted-by":"crossref","unstructured":"Chowdhury, G., Poulter, A. and McMenemy, D. (2006), \u201cPublic library 2.0: towards a new mission for public libraries as a \u2018network of community knowledge\u2019\u201d, Online Information Review, Vol. 30 No. 4, pp. 454\u201060.","DOI":"10.1108\/14684520610686328"},{"key":"key2022021220040976000_b9","unstructured":"Cox, M. (2002), \u201cApache security secrets: revealed\u201d, Proceedings of ApacheCon 2002, Los Angeles, CA, available at: www.cgisecurity.com\/webservers\/apache\/tu04\u2010handout.pdf (accessed 11 November 2009)."},{"key":"key2022021220040976000_b10","unstructured":"Dowling, T. (2009), \u201cLibraries on the web: European libraries\u201d, Libweb, available at: http:\/\/lists.webjunction.org\/libweb\/Europe_main.html (accessed 6 November 2009)."},{"key":"key2022021220040976000_b12","doi-asserted-by":"crossref","unstructured":"Fox, R. (2006), \u201cDigital libraries: the systems analysis perspective, Vandals at the gates\u201d, OCLC Systems & Services, Vol. 22 No. 4, pp. 249\u201055.","DOI":"10.1108\/10650750610706961"},{"key":"key2022021220040976000_b13","unstructured":"France, E. (2001), \u201cData protection audit manual\u201d, Information Commissioner's Office, available at: www.ico.gov.uk\/upload\/documents\/library\/data_protection\/detailed_specialist_guides\/data_protection_complete_audit_guide.pdf (accessed 11 November 2009)."},{"key":"key2022021220040976000_b14","doi-asserted-by":"crossref","unstructured":"Gernand, B. (2006), \u201cGovernment libraries: administering change in and uncertain future\u201d, Journal of Library Administration, Vol. 44 Nos 3\u20104, pp. 113\u201025.","DOI":"10.1300\/J111v44n03_10"},{"key":"key2022021220040976000_b15","unstructured":"Harden, S. and Harden, R. (2008), \u201cUK public libraries\u201d, available at: http:\/\/dspace.dial.pipex.com\/town\/square\/ac940\/weblibs.html (accessed 6 November 2009)."},{"key":"key2022021220040976000_b16","unstructured":"Huwe, T. (2005), \u201cNew technology's surprising security threats. Building digital libraries\u201d, Computers in Libraries, Vol. 25 No. 2, pp. 30\u20102."},{"key":"key2022021220040976000_b17","doi-asserted-by":"crossref","unstructured":"Lampson, B. (2004), \u201cComputer security in the real world\u201d, Computer, Vol. 37 No. 6, pp. 37\u201046.","DOI":"10.1109\/MC.2004.17"},{"key":"key2022021220040976000_b18","unstructured":"Linklaters Technology, Media & Telecommunications Group (2009a), \u201cItaly Data Protection Directive\u201d, available at: https:\/\/clientsites.linklaters.com\/Clients\/dataprotected\/Pages\/Italy.aspx (accessed 9 November 2009)."},{"key":"key2022021220040976000_b19","unstructured":"Linklaters Technology, Media & Telecommunications Group (2009b), \u201cSpain Data Protection Directive\u201d, available at: https:\/\/clientsites.linklaters.com\/Clients\/dataprotected\/Pages\/Spain.aspx (accessed 9 November 2009)."},{"key":"key2022021220040976000_b20","doi-asserted-by":"crossref","unstructured":"Mercuri, R. (2003), \u201cAnalyzing security costs\u201d, Communications of the ACM, Vol. 46 No. 6, pp. 15\u201018.","DOI":"10.1145\/777313.777327"},{"key":"key2022021220040976000_b21","unstructured":"N\u2010Stalker (2009), \u201cN\u2010Stalker security checks\u201d, available at: http:\/\/nstalker.com\/products\/security\u2010checks (accessed 15 October 2009)."},{"key":"key2022021220040976000_b22","unstructured":"Privacy & Data Protection (2009), \u201cPrivacy and data protection news\u201d, available at: www.privacydataprotection.co.uk\/news\/ (accessed 11 November 2009)."},{"key":"key2022021220040976000_b23","unstructured":"Privacy in Research, Ethics & Law (PRIVIREAL) (2005), \u201cFrance \u2013 data protection\u201d, available at: www.privireal.org\/content\/dp\/france.php (accessed 12 November 2009)."},{"key":"key2022021220040976000_b24","unstructured":"Raitt, D. (2000), \u201cDigital library initiatives across Europe\u201d, Computers in Libraries, Vol. 20 No. 10, pp. 26\u201035."},{"key":"key2022021220040976000_b25","doi-asserted-by":"crossref","unstructured":"Richardson, R. (2008), \u201c2008 CSI computer crime & security survey\u201d, Computer Security Institute, available at: www.gocsi.com\/forms\/csi_survey.jhtml (accessed 2 November 2009).","DOI":"10.1016\/S1361-3723(08)70089-7"},{"key":"key2022021220040976000_b26","unstructured":"SANS Institute (2009), \u201cSANS top\u201020 2007 security risks (2007 annual update)\u201d, available at: www.sans.org\/top20\/#s1 (accessed 28 November 2009)."},{"key":"key2022021220040976000_b27","unstructured":"The European Library (2009), \u201cThe European library \u2013 about us\u201d, available at: www.theeuropeanlibrary.org\/portal\/organisation\/about_us\/aboutus_en.html (accessed 11 November 2009)."},{"key":"key2022021220040976000_b28","doi-asserted-by":"crossref","unstructured":"Thompson, S. (2006), \u201cHelping the hacker? Library information, security and social engineering\u201d, Information Technology and Libraries, Vol. 25 No. 4, pp. 222\u20105.","DOI":"10.6017\/ital.v25i4.3355"},{"key":"key2022021220040976000_b29","doi-asserted-by":"crossref","unstructured":"Vaughn, J. (2005), \u201cLied library @ four years: technology never stands still\u201d, Library Hi Tech, Vol. 23 No. 1, pp. 34\u201049.","DOI":"10.1108\/07378830510586685"},{"key":"key2022021220040976000_b30","unstructured":"Viega, J. and McGraw, G. (2001), Building Secure Software, How to Avoid Security Problems the Right Way, 1st ed., Addison\u2010Wesley Professional Computing Series, New York, NY."},{"key":"key2022021220040976000_frd1","doi-asserted-by":"crossref","unstructured":"Collier, M. (2004), \u201cDevelopment of a business plan for an international co\u2010operative digital library \u2013 The European Library (TEL)\u201d, Electronic Library and Information Systems, Vol. 38 No. 4, pp. 225\u201031.","DOI":"10.1108\/00330330410566060"},{"key":"key2022021220040976000_frd2","doi-asserted-by":"crossref","unstructured":"Etsebeth, V. (2007), \u201cMalware: the new legal risk\u201d, The Electronic Library, Vol. 25 No. 5, pp. 534\u201042.","DOI":"10.1108\/02640470710829523"}],"container-title":["Library Hi Tech"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/07378831011076657","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/07378831011076657\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/07378831011076657\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T23:33:45Z","timestamp":1753400025000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/lht\/article\/28\/3\/402-413\/271113"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,9,7]]},"references-count":30,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2010,9,7]]}},"alternative-id":["10.1108\/07378831011076657"],"URL":"https:\/\/doi.org\/10.1108\/07378831011076657","relation":{},"ISSN":["0737-8831"],"issn-type":[{"type":"print","value":"0737-8831"}],"subject":[],"published":{"date-parts":[[2010,9,7]]}}}