Software vulnerabilities: Open source versus proprietary software security

Association for Information Systems - 11th Americas Conference on Information Systems, AMCIS 2005: A Conference on a Human Scale

Volumn 6, Issue , 2005, Pages 2877-2887

  Sridhar, Sanjay ^a   Altinkemer, Kemal ^a   Rees, Jackie ^a  

^a PURDUE UNIVERSITY   (United States)

Author keywords

Information security; Open source software; Vulnerabilities

Indexed keywords

HOLD UP; INTER-ARRIVAL TIME; OPEN SOURCE SOFTWARE; OPEN SOURCES; PROPRIETARY SOFTWARE; SECURITY MANAGER; SOFTWARE SECURITY; SOFTWARE VULNERABILITIES; VULNERABILITIES;

COMPUTER SOFTWARE; INFORMATION SYSTEMS; OPEN SYSTEMS;

SECURITY OF DATA;

EID: 84870043937     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (26)

1. Arora, A., Nandkumar, A., Krishnan, R. and Telang, R. (2004) Impact of Patches and Software Vulnerability Information on Frequency of Security Attacks - An Empirical Analysis, Working paper, Carnegie Mellon University.
2. Arora, A., Telang, R., and Xu, H. (2004) Optimal Policy for Software Vulnerability Disclosure, Working paper, Carnegie Mellon University.
3. Banker, R. D., Datar, S. M., Kemerer, C. F. and Zweig, D. (2002) Software Errors and Software Maintenance Management, Information Technology and Management. 3, 1-2, 25-41.
4. Beattie, S., Arnold, S., Cowan, C., Wagle, P., Wright, C., and Shostack, A. (2002) Timing the Application of Security Patches for Optimal Uptime, Proceedings of LISA Sixteenth Systems Administration Conference, 101-110.
5. Boehm, B.W., Brown, J.R., and Lipow, M. (1976) Quantitative Evaluation of Software Quality, Proceedings of the Second International Conference on Software Engineering, 592-605.
6. Bulkeley, W. M. (2004) Can Linux Take Over the Desktop? Wall Street Journal, May 24.
7. Cavusoglu, H. and Raghunathan, S. (2004) Optimal Timing Decisions for Application of Security Patches, Working paper, Tulane University.
8. CNET News, Prepared by CNET, Retrieved December, 2004, from http://www.news.com.com
9. Diffie, W. (2003) Is Open-Source Software Better for Security Than Proprietary Software? ZDNet, January 16, Retrieved February 19, 2005 from http://news.zdnet.com/2100-9595_22-980938.html.
10. Greene, W. H. and Greene, W. H. (2002) Econometric Analysis, 5th edition, Prentice Hall, Upper Saddle River, NJ.
11. Hamm, S. (2005) Linuxinc. BusinessWeek, Jan. 31, 60-68.
12. Hann, I., Roberts, J. and Slaughter, S. (2004) Why Developers Participate in Open Source Software Projects: An Empirical Investigation, Proceedings of the Twenty-Fifth International Conference on Information Systems, 821-830.
13. ICAT Metabase, (2004) http://icat.nist.gov/icat.cfm
14. Jelinski, Z. and Moranda, P. B. (1972) Software Reliability Research, in W. Freiberger, Ed. Statistical Computer Performance Evaluation, Academic Press, New York, 465-484.
15. Johnson, J. P. (2001) Economics of Open Source Software, Working paper.
16. Lerner, J. and Tirole, J. (2001) The open source movement: Key research questions, European Economic Review, 45, 819-826.
17. Lerner, J. and Tirole, J. (2002) Some Simple Economics of Open Source, The Journal of Industrial Economics, 50, 2, 197-234.
18. MITRE (2004) Common Vulnerabilities and Exposure, http://www.cve.mitre.org
19. MIZI Research (2004) Linux Vs Windows: Which is more secure? last accessed at http://www.mizi.com/en/index/newsapp/story.32
20. Myers, G. (1976) Software Reliability: Principles and Practices. John Wiley and Sons, New York, NY.
21. Open Source Initiative (2005) The Open Source Definition, last accessed February 14 at http://www.opensource.org/docs/definition.php
22. Rescorla, E. (2002) Security holes. who cares? last accessed at http://www.rtfm.com/upgrade.pdf
23. Shooman, M. (1973) Operational Testing and Software Reliability Estimation During Program Development, Record of the 1973 IEEE Symposium on Computer Software Reliability. IEEE, New York, 51-57.
24. Silver, M. and Pescatore, J. (2004) Security Holes Increase Windows Client TCO, Gartner intraWeb Report ID Number: G00123511, last accessed at http://www.itap.purdue.edu/itresources/gartner/index.html
25. Sliwa, C. (2004) App Tests for Win XPSP2 Burden Users: Most Delay Installing XP Security Update, Computerworld, August 20.
26. Sumita, U. and Shantikumar, G. (1986) A Software Reliability Model with Multiple-Error Introduction & Removal, IEEE Transactions on Reliability, 35, 4, 459-462.