On the security of open source software

被引:44
|
作者
Payne, C [1 ]
机构
[1] Murdoch Univ, Sch Informat Technol, Perth, WA 6150, Australia
来源
INFORMATION SYSTEMS JOURNAL | 2002年 / 12卷 / 01期
关键词
open source software; proprietary software; computer security; security vulnerabilities; code review;
D O I
10.1046/j.1365-2575.2002.00118.x
中图分类号
G25 [图书馆学、图书馆事业]; G35 [情报学、情报工作];
学科分类号
1205 ; 120501 ;
摘要
With the rising popularity of so-called 'open source' software there has been increasing interest in both its various benefits and disadvantages. In particular, despite its prominent use in providing many aspects of the Internet's basic infrastructure, many still question the suitability of such software for the commerce-oriented Internet of the future. This paper evaluates the suitability of open source software with respect to one of the key attributes that tomorrow's Internet will require, namely security. It seeks to present a variety of arguments that have been made, both for and against open source security and analyses in relation to empirical evidence of system security from a previous study. The results represent preliminary quantitative evidence concerning the security issues surrounding the use and development of open source software, in particular relative to traditional proprietary software.
引用
收藏
页码:61 / 78
页数:18
相关论文
共 50 条
  • [1] Trusting strangers - Open source software and security
    Landwehr, CE
    [J]. BUILDING THE INFORMATION SOCIETY, 2004, 156 : 679 - 683
  • [2] Open Source or Closed Source? A Competitive Analysis with Software Security
    Gao, Xing
    [J]. DECISION ANALYSIS, 2020, 17 (01) : 56 - 73
  • [3] VoIP Security regarding the Open Source Software Asterisk
    Detken, Kai-Oliver
    Eren, Evren
    [J]. IMETI 2008: INTERNATIONAL MULTI-CONFERENCE ON ENGINEERING AND TECHNOLOGICAL INNOVATION, VOL I, PROCEEDINGS, 2008, : 93 - +
  • [4] The Use of Security Tactics in Open Source Software Projects
    Ryoo, Jungwoo
    Malone, Bryan
    Laplante, Phillip A.
    Anand, Priya
    [J]. IEEE TRANSACTIONS ON RELIABILITY, 2016, 65 (03) : 1195 - 1204
  • [5] Learning Software Security in Context An Evaluation in Open Source Software Development Environment
    Wen, Shao-Fang
    Katt, Basel
    [J]. 14TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES 2019), 2019,
  • [6] Security Risk Indicator for Open Source Software to Measure Software Development Status
    Kuzuno, Hiroki
    Yano, Tomohiko
    Omo, Kazuki
    van der Ham, Jeroen
    Yamauchi, Toshihiro
    [J]. INFORMATION SECURITY APPLICATIONS, WISA 2023, 2024, 14402 : 143 - 156
  • [7] Survey on Open-source Software Supply Chain Security
    Ji, Shou-Ling
    Wang, Qin-Ying
    Chen, An-Ying
    Zhao, Bin-Bin
    Ye, Tong
    Zhang, Xu-Hong
    Wu, Jing-Zheng
    Li, Yun
    Yin, Jian-Wei
    Wu, Yan-Jun
    [J]. Ruan Jian Xue Bao/Journal of Software, 2023, 34 (03): : 1330 - 1364
  • [8] Data on security requirements in open-source software projects
    Wang, Wentao
    Mahakala, Kavya Reddy
    Gupta, Arushi
    Hussein, Nesrin
    Wang, Yinglin
    [J]. DATA IN BRIEF, 2019, 25
  • [9] Software Security in Open Source Development: A Systematic Literature Review
    Wen, Shao-Fang
    [J]. PROCEEDINGS OF THE 2017 21ST CONFERENCE OF OPEN INNOVATIONS ASSOCIATION (FRUCT), 2017, : 364 - 373
  • [10] The Prisoner's Dilemma of Open-Source Software Security
    Koch, Christian
    [J]. COMPUTER, 2024, 57 (10) : 82 - 85
12345