Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ETRICS
2006
2006
A Comparison of Market Approaches to Software Vulnerability Disclosure
Abstract. Practical computer (in)security is largely driven by the existence of and knowledge about vulnerabilities, which can be exploited to breach security mechanisms. Although the discussion on details of responsible vulnerability disclosure is controversial, there is a sort of consensus that better information sharing is socially beneficial. In the recent years we observe the emerging of "vulnerability markets" as means to stimulate exchange of information. However, this term subsumes a broad range of different concepts, which are prone to confusion. This paper provides a first attempt to structure the field by (1) proposing a terminology for distinct concepts and (2) defining criteria to allow for a better comparability between different approaches. An application of this framework on four market types shows notable differences between the approaches.
Real-time TrafficBetter Information Sharing | ETRICS 2006 | Responsible Vulnerability Disclosure | Security Privacy | Vulnerability Markets |
| Added | 22 Aug 2010 |
| Updated | 22 Aug 2010 |
| Type | Conference |
| Year | 2006 |
| Where | ETRICS |
| Authors | Rainer Böhme |
Comments (0)
Researcher Info
|
