Information Security and Open Source Dual Use Security Software: Trust Paradox

Abstract : Nmap, free open source utility for network exploration or security auditing, today counts for thirteen million lines of code representing four thousand years of programming effort. Hackers can use it to conduct illegal activities, and information security professionals can use it to safeguard their network. In this dual-use context, question of trust is raised. Can we trust programmers developing open source dual use security software? Motivated by this research question, we conducted interviews among hackers and information security professionals, and explored ohloh.net database. Our results show that contributors behind open source security software (OSSS) are hackers, OSSS have important dual-use dimension, information security professionals generally trust OSSS, and large organizations will avoid adopting and using OSSS.
Type de document :
Communication dans un congrès
Etiel Petrinja; Giancarlo Succi; Nabil Ioini; Alberto Sillitti. 9th Open Source Software (OSS), Jun 2013, Koper-Capodistria, Slovenia. Springer, IFIP Advances in Information and Communication Technology, AICT-404, pp.194-206, 2013, Open Source Software: Quality Verification. 〈10.1007/978-3-642-38928-3_14〉
Liste complète des métadonnées

Littérature citée [37 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01467570
Contributeur : Hal Ifip <>
Soumis le : mardi 14 février 2017 - 15:28:16
Dernière modification le : mardi 14 février 2017 - 15:32:34
Document(s) archivé(s) le : lundi 15 mai 2017 - 15:17:47

Fichier

978-3-642-38928-3_14_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Mario Silic, Andrea Back. Information Security and Open Source Dual Use Security Software: Trust Paradox. Etiel Petrinja; Giancarlo Succi; Nabil Ioini; Alberto Sillitti. 9th Open Source Software (OSS), Jun 2013, Koper-Capodistria, Slovenia. Springer, IFIP Advances in Information and Communication Technology, AICT-404, pp.194-206, 2013, Open Source Software: Quality Verification. 〈10.1007/978-3-642-38928-3_14〉. 〈hal-01467570〉

Partager

Métriques

Consultations de la notice

84

Téléchargements de fichiers

78