• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>12th Americas Conference on Information Systems(AMCIS 2006) vol.2 >Comparative Investigation of Vulnerabilities in Open Source and Proprietary Software: An Exploratory Study
【24h】

Comparative Investigation of Vulnerabilities in Open Source and Proprietary Software: An Exploratory Study

机译:开源软件和专有软件中漏洞的比较研究:一项探索性研究

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The success of products like Apache and Linux has propelled increased awareness and adoption of open source software (OSS). Despite increased adoption of OSS products, questions about their security and reliability remain. Using four popular OSS and proprietary products as an initial sample, we examine the vulnerability patterns in OSS and proprietary products. Our analysis suggests that for both proprietary and open source products, in general, severe vulnerabilities are identified relatively late in the product's life and continue to emerge months after the software release. In particular, contrary to expectations, detection of vulnerabilities is no faster in open source (OS) than proprietary products. However, open source products had lower count of vulnerabilities at all levels of severity compared to proprietary products. We propose a conceptual framework to explain the variations in vulnerabilities between the OS and proprietary products. Our insights from the study have implications for research and practice.
机译:Apache和Linux等产品的成功推动了人们对开源软件(OSS)的认识和采用。尽管越来越多地采用OSS产品,但有关其安全性和可靠性的问题仍然存在。我们以四种流行的OSS和专有产品作为初始样本,来研究OSS和专有产品中的漏洞模式。我们的分析表明,对于专有产品和开放源代码产品,一般而言,在产品生命周期中相对较晚的时间就发现了严重的漏洞,并且在软件发布后的几个月内仍会继续出现。特别是,与预期相反,在开源(OS)中检测漏洞并不比专有产品快。但是,与专有产品相比,开源产品在所有严重性级别上的漏洞数量都更少。我们提出了一个概念框架来解释操作系统与专有产品之间漏洞的变化。我们从研究中得出的见解对研究和实践具有启示意义。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号