• DocumentCode
    1231922
  • Title

    Economics of software vulnerability disclosure

  • Author

    Arora, Ashish ; Telang, Rahul

  • Author_Institution
    Carnegie Mellon Univ., Pittsburgh, PA
  • Volume
    3
  • Issue
    1
  • fYear
    2005
  • Firstpage
    20
  • Lastpage
    25
  • Abstract
    Information security breaches frequently exploit software flaws or vulnerabilities, causing significant economic losses. Considerable debate exists about how to disclose such vulnerabilities. A coherent theoretical framework helps identify the key data elements needed to develop a sensible way of handling vulnerability disclosure
  • Keywords
    economics; security of data; economic losses; information security breaches; software flaws; software vulnerability disclosure; Computer hacking; Computer security; Data security; Delay; HTML; Information analysis; Information security; Protection; Public policy; Software quality; disclosure policy; economic analysis; patching; software vulnerability;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2005.12
  • Filename
    1392695
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1231922