Title :
Does open source improve system security?
Author :
Witten, Brian ; Landwehr, Carl ; Caloyannides, Michael
Author_Institution :
DARPA, Arlington, VA, USA
Abstract :
The current climate of functionality and performance-driven markets has created enormous code bases, which have helped drive growth in the US gross domestic product. However, these code bases have also created an information infrastructure whose vulnerabilities are so striking as to endanger national and economic security. Distributed denial of service attacks have demonstrated that such vulnerabilities can degrade the Internet´s aggregate performance, and recurrent virus outbreaks have inflicted substantial repair and recovery costs on businesses worldwide. An attacker could examine public source code to find flaws in a system. So, is source code access a net gain or loss for security? The authors consider this question from several perspectives and tentatively conclude that having source code available should work in favor of system security
Keywords :
computer software; security of data; Internet; code bases; computer virus; distributed denial of service attacks; information infrastructure; open source software; source code access; system security; Aggregates; Computer crime; Cryptography; Degradation; Economic forecasting; Economic indicators; Image reconstruction; Information security; National security; Web and internet services;
Journal_Title :
Software, IEEE
