Options
Information Security and Open Source Dual Use Security Software: Trust Paradox
ISSN
1868-4238
ISBN
978-3-642-38927-6
Type
conference paper
Date Issued
2013-06-26
Author(s)
Editor(s)
Petrinja, Etiel
Succi, Giancarlo
Ioini, Nabil el
Sillitti, Alberto
Research Team
IWI3
Abstract
Nmap, free open source utility for network exploration or security auditing, today counts for thirteen million lines of code representing four thousand years of programming effort1. Hackers can use it to conduct illegal activities, and information security professionals can use it to safeguard their network. In this dual-use context, question of trust is raised. Can we trust programmers developing open source dual use security software? Motivated by this research question, we conducted interviews among hackers and information security professionals, and explored ohloh.net database. Our results show that contributors behind open source security software (OSSS) are hackers, OSSS have important dual-use dimension, information security professionals generally trust OSSS, and large organizations will avoid adopting and using OSSS.
Language
English
Keywords
information security
open source security software
Nmap
dual-use technology
HSG Classification
contribution to scientific community
HSG Profile Area
SoM - Business Innovation
Refereed
Yes
Book title
Open Source Software: Quality Verification
Publisher
Springer
Publisher place
Heidelberg
Volume
IFIP Advances in Information and Communication Technology, Vol. 404
Start page
194
End page
206
Pages
13
Event Title
9th IFIP WG 2.13 International Conference, OSS 2013
Event Location
Koper-Capodistria, Slovenia
Event Date
25.-28.06.2013
Subject(s)
Division(s)
Eprints ID
224203