An examination of private intermediaries' roles in software vulnerabilities disclosure
نویسندگان
چکیده
منابع مشابه
Network Security: Vulnerabilities and Disclosure Policy
Software security is a major concern for vendors, consumers, and regulators since attackers that exploit vulnerabilities can cause substantial damages. When vulnerabilities are discovered after the software has been sold to consumers, the firms face a dilemma. A policy of disclosing vulnerabilities and issuing updates protects only the consumers who install updates, while the disclosure itself ...
متن کاملVulnerability Disclosure and Software Provision
Internet Security, Vulnerability Disclosure and Software Provision* In this paper, we examine how software vulnerabilities affect firms that license software and consumers that purchase software. In particular, we model three decisions of the firm: (i) an upfront investment in the quality of the software to reduce potential vulnerabilities; (ii) a policy decision whether to announce vulnerabili...
متن کاملAn Empirical Analysis of Software Vendors' Patching Behavior: Impact of Vulnerability Disclosure
One key aspect of better and more secure software is timely and reliable patching of vulnerabilities by software vendors. Recently, software vulnerability disclosure, which refers to the publication of vulnerability information before a patch to fix the vulnerability has been issued by the software vendor, has generated intense interest and debate. In particular, there have been arguments made ...
متن کاملAn Empirical Analysis of Software Vendors' Patch Release Behavior: Impact of Vulnerability Disclosure
A aspect of better and more secure software is timely patch release by software vendors for the vulnerabilities in their products. Software vulnerability disclosure, which refers to the publication of vulnerability information, has generated intense debate. An important consideration in this debate is the behavior of software vendors. How quickly do vendors patch vulnerabilities and how does di...
متن کاملAn Empirical Analysis of Vendor Response to Disclosure Policy
Software vulnerability disclosure has generated intense interest and debate. In particular, there have been arguments made both in opposition to and in favor of alternatives such as full and instant disclosure and limited or no disclosure. An important consideration in this debate is the behavior of the software vendor. Does vulnerability disclosure policy have an effect on patch release behavi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Information Systems Frontiers
دوره 9 شماره
صفحات -
تاریخ انتشار 2007