{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,27]],"date-time":"2025-11-27T10:36:06Z","timestamp":1764239766247,"version":"build-2065373602"},"reference-count":50,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2012,8,9]],"date-time":"2012-08-09T00:00:00Z","timestamp":1344470400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/3.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"In the recent past, the so-called \u201cWeb 2.0\u201d became a powerful tool for decision making processes. Politicians and managers, seeking to improve participation, embraced this technology as if it simply were a new, enhanced version of theWorldWideWeb, better suited to retrieve information, opinions and feedbacks from the general public on subjects like laws, acts and policies. This approach was often naive, neglecting the less-obvious aspects of the technology, and thus bringing on significant security problems. This paper shows how, in the end, the result could easily be the opposite of what was desired. Malicious attackers, in fact, could quite easily exploit the vulnerabilities in these systems to hijack the process and lead to wrong decisions, also causing the public to lose trust in the systems themselves.<\/jats:p>","DOI":"10.3390\/fi4030700","type":"journal-article","created":{"date-parts":[[2012,8,9]],"date-time":"2012-08-09T11:22:32Z","timestamp":1344511352000},"page":"700-718","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Raising Risk Awareness on the Adoption of Web 2.0 Technologies in Decision Making Processes"],"prefix":"10.3390","volume":"4","author":[{"given":"Marco","family":"Prandini","sequence":"first","affiliation":[{"name":"DEIS, Universit\u00e0 di Bologna, Viale del Risorgimento 2, Bologna 40136, Italy"}]},{"given":"Marco","family":"Ramilli","sequence":"additional","affiliation":[{"name":"DEIS, Universit\u00e0 di Bologna, Via Venezia 52, Cesena 47521, Italy"}]}],"member":"1968","published-online":{"date-parts":[[2012,8,9]]},"reference":[{"key":"ref_1","first-page":"221","article-title":"Fragmented future","volume":"32","author":"DiNucci","year":"1999","journal-title":"Print"},{"key":"ref_2","unstructured":"O\u2019Reilly, T. What Is Web 2.0. Available online:http:\/\/oreilly.com\/web2\/archive\/what-is-web-20.html."},{"key":"ref_3","unstructured":"Decrem, B. Introducing Flock Beta 1. Available online:http:\/\/www.flock.com\/node\/4500."},{"key":"ref_4","unstructured":"Lawson, M. (Interview with) Berners-Lee on the read\/write web. Available online:http:\/\/www.readwriteweb.com\/archives\/interview_with_tim_berners-lee_part_1.php."},{"key":"ref_5","unstructured":"Drogkaris, P., Gritzalis, S., and Lambrinoudakis, C. (September, January 31). Transforming the Greek E-Government Environment Towards the E-Gov 2.0 Era. Proceedings of the First International Conference on Electronic Government and the Information Systems Perspective, Bilbao, Spain."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Koffa, A., and Kastania, A.N. (2010, January 8\u201310). Web Applications and Public Diplomacy. Proceedings of the 14th International Conference on Knowledge-Based and Intelligent Information and Engineering Systems, Cardiff, UK.","DOI":"10.1007\/978-3-642-15393-8_7"},{"key":"ref_7","unstructured":"Traunm\u00fcller, R. (September, January 31). Web 2.0 Creates a New Government. Proceedings of the First International Conference on Electronic Government and the Information Systems Perspective, Bilbao, Spain."},{"key":"ref_8","unstructured":"Ostergaard, S.D., and Hvass, M. eGovernment 2.0\u2013How can Government benefit from web 2.0?. Available online:https:\/\/blog.itu.dk\/MEGV-E2011\/files\/2011\/11\/scijournalsdohvassv2.pdf."},{"key":"ref_9","first-page":"29","article-title":"The semantic web: Scientific American","volume":"284","author":"Hendler","year":"2001","journal-title":"Sci. Am."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Cooper, M. Accessibility of Emerging Rich Web Technologies: Web 2.0 and the Semantic Web. Proceedings of the 2007 International Cross-Disciplinary Conference on Web Accessibility (W4A).","DOI":"10.1145\/1243441.1243463"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Laranjeiro, N., Vieira, M., and Madeira, H. (2009, January 6\u201310). Improving Web Services Robustness. Proceedings of IEEE International Conference on Web Services, Los Angeles, CA, USA.","DOI":"10.1109\/ICWS.2009.27"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"293","DOI":"10.1016\/j.jcss.2010.01.008","article-title":"Distributed redundancy and robustness in complex systems","volume":"77","author":"Randles","year":"2011","journal-title":"J. Comput. Syst. Sci."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Tse, E. (1982, January 14\u201316). Planning and Decision Making Processes. Proceedings of the American Control Conference, Arlington, VA, USA.","DOI":"10.23919\/ACC.1982.4787992"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1002\/smj.4250130904","article-title":"Strategic decision making","volume":"13","author":"Eisenhardt","year":"1992","journal-title":"Strateg. Manag. J."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"289","DOI":"10.1017\/S0007123400007225","article-title":"Decision making in political systems: Veto players in presidentialism, parliamentarism, multicameralism and multipartyism","volume":"25","author":"Tsebelis","year":"1995","journal-title":"Br. J. Polit. Sci."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"380","DOI":"10.1037\/h0053870","article-title":"The theory of decision making","volume":"51","author":"Edwards","year":"1954","journal-title":"Psychol. Bull."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"473","DOI":"10.1146\/annurev.ps.12.020161.002353","article-title":"Behavioral decision theory","volume":"12","author":"Edwards","year":"1961","journal-title":"Annu. Rev. Psychol."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Shafer, G. (1976). A Mathematical Theory of Evidence, Princeton University Press.","DOI":"10.1515\/9780691214696"},{"key":"ref_19","first-page":"493","article-title":"Rational decision making in business organizations","volume":"69","author":"Simon","year":"1979","journal-title":"Am. Econ. Rev."},{"key":"ref_20","first-page":"283","article-title":"Judgment and Decision-Making Theory","volume":"1","author":"Stevenson","year":"1990","journal-title":"Handbook of Industrial and Organizational Psychology"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"1021","DOI":"10.1111\/1468-2508.00161","article-title":"Hot cognition or cool consideration? Testing the effects of motivated reasoning on political decision making","volume":"64","author":"Redlawsk","year":"2002","journal-title":"J. Polit."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"636","DOI":"10.1037\/0022-3514.53.4.636","article-title":"Motivated inference: Self-serving generation and evaluation of evidence","volume":"53","author":"Kunda","year":"1987","journal-title":"J. Personal. Soc. Psychol."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"480","DOI":"10.1037\/0033-2909.108.3.480","article-title":"The case for motivated political reasoning","volume":"108","author":"Kunda","year":"1990","journal-title":"Psychol. Bull."},{"key":"ref_24","unstructured":"Lodge, M., and Taber, C. (2000). Elements of Reason: Cognition,Choice,and the Bounds of Rationality, Cambridge University Press."},{"key":"ref_25","first-page":"15","article-title":"eParticipation initiatives: How is Europe progressing?","volume":"7","author":"Panopoulou","year":"2009","journal-title":"Eur. J. ePract."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1177\/095624780401600104","article-title":"Participatory budgeting: A significant contribution to participatory democracy","volume":"16","author":"Cabannes","year":"2004","journal-title":"Environ. Urbanization"},{"key":"ref_27","unstructured":"Haza\u00ebl-Massieux, D. JavaScript Web Apis. Available online:http:\/\/www.w3.org\/standards\/webdesign\/script.html."},{"key":"ref_28","unstructured":"Adobe Systems Incorporated. Adobe Flash Professional CS6. Available online:http:\/\/www.adobe.com\/products\/flash.html."},{"key":"ref_29","unstructured":"Adobe Systems Incorporated. Flex. Available online:http:\/\/www.adobe.com\/products\/flex.html."},{"key":"ref_30","unstructured":"ECMA International. Standard ECMA-262 ECMAScript Language Specification. Available online:http:\/\/www.ecma-international.org\/publications\/files\/ECMA-ST\/ECMA-262.pdf."},{"key":"ref_31","unstructured":"(2010). Learn JavaScript and Ajax with w3Schools."},{"key":"ref_32","first-page":"10","article-title":"At the forge: Beginning Ajax","volume":"151","author":"Lerner","year":"2006","journal-title":"Linux J."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1145\/1035134.1035165","article-title":"How blogging software reshapes the online community","volume":"47","author":"Blood","year":"2004","journal-title":"Commun. ACM"},{"key":"ref_34","unstructured":"Tung, W.F. (2010, January 11\u201313). Analytical Trackback Interconnections for SNS-Based Blog Services. Proceedings of the 4th International Conference on New Trends in Information Science and Service Science, Gyeongju, Korea."},{"key":"ref_35","unstructured":"The Open Web Application Security Project. Available online:https:\/\/www.owasp.org\/."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Liu, J., Xiao, Y., Ghaboosi, K., Deng, H., and Zhang, J. (2009). Botnet: Classification, attacks, detection, tracing, and preventive measures. EURASIP J. Wirel. Commun. Netw., 2009.","DOI":"10.1155\/2009\/692654"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"265","DOI":"10.1145\/1282427.1282411","article-title":"A study of prefix hijacking and interception in the internet","volume":"37","author":"Ballani","year":"2007","journal-title":"SIGCOMM Comput. Commun. Rev."},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Ballani, H., Francis, P., and Zhang, X. (2007, January 27\u201331). A Study of Prefix Hijacking and Interception in the Internet. Proceedings of the 2007 Conference on ApplicationsTechnologiesArchitecturesand Protocols for Computer Communications, Kyoto, Japan.","DOI":"10.1145\/1282380.1282411"},{"key":"ref_39","first-page":"371","article-title":"Content Delivery Networks: Protection or Threat?","volume":"5789","author":"Backes","year":"2007","journal-title":"Proceedings of ESORICS 2009 : 14th European Symposium on Research in Computer Security"},{"key":"ref_40","unstructured":"Halfond, W.G., Viegas, J., and Orso, A. (2006, January 13\u201315). A Classification of SQL-Injection Attacks and Countermeasures. Proceedings of the IEEE International Symposium on Secure Software Engineering, Arlington, VA, USA."},{"key":"ref_41","unstructured":"OWASP Foundation. Top 10 2007-Malicious File Execution. Available online:http:\/\/www.owasp.org\/index.php\/Top_10_2007-A3."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Fogie, S., Grossman, J., Hansen, R., Rager, A., and Petkov, P.D. (2007). XSS Attacks: Cross Site Scripting Exploits and Defense, Syngress Publishing.","DOI":"10.1016\/B978-159749154-9\/50005-6"},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Lin, X., Zavarsky, P., Ruhl, R., and Lindskog, D. (, 2009). Threat Modeling for CSRF Attacks. Proceedings of the 2009 International Conference on Computational Science and Engineering, Washington, DC, USA.","DOI":"10.1109\/CSE.2009.372"},{"key":"ref_44","first-page":"90","article-title":"Web Server Attack Categorization Based on Root Causes and Their Locations","volume":"2","author":"Seo","year":"2004","journal-title":"Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC\u201904)"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Chong, K., Song, H.Y., and Noh, S.H. Traffic Characterization of the Web Server Attacks of Worm Viruses. Proceedings of the 2003 International Conference on Computational Science, PartII.","DOI":"10.1007\/3-540-44862-4_76"},{"key":"ref_46","unstructured":"Apple Inc. QuickTime. Available online:http:\/\/www.apple.com\/quicktime\/."},{"key":"ref_47","unstructured":"Remember Microsoft Bob, an alternative approach to the desktop environment, that offered users to choose a new password if they appeared to have forgotten it"},{"key":"ref_48","unstructured":"Felten, E. \u201cHotel Minibar\u201d Keys Open Diebold Voting Machines. Available online:https:\/\/www.freedom-to-tinker.com\/blog\/felten\/hotel-minibar-keys-open-diebold-voting-machines\/."},{"key":"ref_49","unstructured":"Calandrino, J.A., Feldman, J.A., Halderman, J.A., Wagner, D., Yu, H., and Zeller, W.P. Source Code Review of the Diebold Voting System. Available online:http:\/\/www.sos.ca.gov\/voting-systems\/oversight\/ttbr\/diebold-source-public-jul29.pdf."},{"key":"ref_50","unstructured":"During informal discussion between the authors of this paper and a TTBR auditor it emerged that Diebold told them that most of the issues were already solved, but the certified version was held back 16 revisions behind the latest one for convenience reasons."}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/4\/3\/700\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T21:51:42Z","timestamp":1760219502000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/4\/3\/700"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,8,9]]},"references-count":50,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2012,9]]}},"alternative-id":["fi4030700"],"URL":"https:\/\/doi.org\/10.3390\/fi4030700","relation":{},"ISSN":["1999-5903"],"issn-type":[{"type":"electronic","value":"1999-5903"}],"subject":[],"published":{"date-parts":[[2012,8,9]]}}}