Economies of software vulnerability disclosure

Journal Article (Review;Journal)

A theoritical framework identifying the key data elements which needs to develop a sensible way of handling vulnerability is discussed. Two data sets to identify the vendor response to attack data fom honeypot is also presented. Bugtraq contains details of the vulnerabilities as well as links to exploit codes is also discussed. The outcome of any policy depends on three major sets of participants such as software vendors, software users and white and blackhat hackers.

Full Text

Duke Authors

Cited Authors

  • Arora, A; Rahul, T

Published Date

  • January 1, 2005

Published In

Volume / Issue

  • 3 / 1

Start / End Page

  • 20 - 25

International Standard Serial Number (ISSN)

  • 1540-7993

Digital Object Identifier (DOI)

  • 10.1109/MSP.2005.12

Citation Source

  • Scopus