Publication Type : Conference Paper
Thematic Areas : Learning-Technologies, Amrita Center for Cybersecurity Systems and Networks
Publisher : 2nd International Conference on Information and Communication Technology (ICoICT).
Source : 2nd International Conference on Information and Communication Technology (ICoICT), 2014 (2014)
Url : https://ieeexplore.ieee.org/document/6914033
Campus : Amritapuri
School : Centre for Cybersecurity Systems and Networks, School of Business
Center : Technologies & Education (AmritaCREATE), Amrita Center For Research in Analytics, Cyber Security
Department : cyber Security
Year : 2014
Abstract : Educational and governmental organizations are heavy users of Free and Open Source Software (FOSS) due to the numerous economic advantages it offers. But because of the lack of formal notification of vulnerabilities in them these users are left with exploitable risks in their systems with known vulnerabilities which could completely offset the economic gains and lead to unrecoverable losses. India is one of the largest consumers of Free and Open Source Software (FOSS) though in the last few years there has been concerted effort to contribute to the movement as well as create its own FOSS to support local languages. This paper compares and analyses the public disclosure of vulnerabilities in Free and Open Source Software (FOSS) to those of non-open source systems. Our case study with (N=218) Information Technology (IT) professionals working in computer systems, networks and application development areas indicates an urgent need to enhance vulnerability handling practices for Free and Open Source Software based applications. This study has interesting implications for Information and Communications Technology (ICT) policy makers in the government as well as private sector who are increasingly advocating the use of FOSS.
Cite this Research Publication : K. Achuthan, S. SudhaRavi, R. Kumar and R. Raman, "Security vulnerabilities in open source projects: An India perspective," 2014 2nd International Conference on Information and Communication Technology (ICoICT), 2014, pp. 18-23, doi: 10.1109/ICoICT.2014.6914033.