Assessing the importance of open-source software development from a cyber-security perspective

从网络安全角度评估开源软件开发的重要性

基本信息

  • 批准号:
    2888123
  • 负责人:
  • 金额:
    --
  • 依托单位:
  • 依托单位国家:
    英国
  • 项目类别:
    Studentship
  • 财政年份:
    2023
  • 资助国家:
    英国
  • 起止时间:
    2023 至 无数据
  • 项目状态:
    未结题

项目摘要

From a cyber-security perspective, closed-source software development projects are seen assomewhat more concerning than projects that publish their source-code (in other words, open-sourceprojects). This is primarily due to the major advantages that open-source software can provide froma security perspective. Having access to the codebase as a member of the public allows the contentsof the software to be verified. Bugs and vulnerabilities can easily be identified, and patches can besuggested to the developers of the software, thereby preventing their use under maliciouscircumstances. Closed-source software cannot provide the same advantages, as members of thepublic are not able to examine the source-code and suggest changes. Also, if a malicious user were toidentify a vulnerability, they may be able to use it to their advantage for a significant amount of timebefore being detected (and in some cases, may never be detected at all). Weiss and Bailetti [1] arguethis point further, stating that the use and development of open-source solutions can help to ensurethat the knowledge of any vulnerabilities are shared between different organisations, preventingfurther incidents.My project would firstly involve attempting to further prove this concept, by showing that variousclosed-source software solutions and implementations do, in fact, contain features that were notnecessarily advertised by their developers (which in some cases may be vulnerabilities themselves, orlead to the discovery of vulnerabilities). I believe that it would be valuable to show this in manydifferent scenarios, so an attempt would be made to carry out this work on a more modern system toshow that this is still a current issue, as well as an older system to prove that the problem has existedfor quite a while. In short, the project's primary aim would be to determine the main advantages ofopen-source software from a cyber-security perspective.
从网络安全的角度来看,闭源软件开发项目比发布源代码的项目(换句话说,开源项目)更令人担忧。这主要是由于开源软件从安全角度来看可以提供的主要优势。作为公众成员访问代码库可以验证软件的内容。可以轻松识别错误和漏洞,并向软件开发人员建议补丁,从而防止在恶意情况下使用它们。闭源软件无法提供相同的优势,因为公众无法检查源代码并提出更改建议。此外,如果恶意用户要识别漏洞,他们可能会在被检测到之前的很长一段时间内利用它来发挥自己的优势(在某些情况下,可能根本不会被检测到)。 Weiss 和 Bailetti [1] 进一步论证了这一点,指出开源解决方案的使用和开发有助于确保不同组织之间共享任何漏洞的知识,从而防止进一步的事件。我的项目首先将尝试进一步证明这一概念,通过表明各种闭源软件解决方案和实现实际上包含开发人员不一定宣传的功能(在某些情况下可能会) 是漏洞本身,或者导致漏洞的发现)。我相信在许多不同的场景中展示这一点是有价值的,因此将尝试在更现代的系统上进行这项工作,以表明这仍然是一个当前的问题,以及在较旧的系统上证明该问题已经存在相当长一段时间了。简而言之,该项目的主要目标是从网络安全的角度确定开源软件的主要优势。

项目成果

期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

其他文献

Internet-administered, low-intensity cognitive behavioral therapy for parents of children treated for cancer: A feasibility trial (ENGAGE).
针对癌症儿童父母的互联网管理、低强度认知行为疗法:可行性试验 (ENGAGE)。
  • DOI:
    10.1002/cam4.5377
  • 发表时间:
    2023-03
  • 期刊:
  • 影响因子:
    4
  • 作者:
  • 通讯作者:
Differences in child and adolescent exposure to unhealthy food and beverage advertising on television in a self-regulatory environment.
在自我监管的环境中,儿童和青少年在电视上接触不健康食品和饮料广告的情况存在差异。
  • DOI:
    10.1186/s12889-023-15027-w
  • 发表时间:
    2023-03-23
  • 期刊:
  • 影响因子:
    4.5
  • 作者:
  • 通讯作者:
The association between rheumatoid arthritis and reduced estimated cardiorespiratory fitness is mediated by physical symptoms and negative emotions: a cross-sectional study.
类风湿性关节炎与估计心肺健康降低之间的关联是由身体症状和负面情绪介导的:一项横断面研究。
  • DOI:
    10.1007/s10067-023-06584-x
  • 发表时间:
    2023-07
  • 期刊:
  • 影响因子:
    3.4
  • 作者:
  • 通讯作者:
ElasticBLAST: accelerating sequence search via cloud computing.
ElasticBLAST:通过云计算加速序列搜索。
  • DOI:
    10.1186/s12859-023-05245-9
  • 发表时间:
    2023-03-26
  • 期刊:
  • 影响因子:
    3
  • 作者:
  • 通讯作者:
Amplified EQCM-D detection of extracellular vesicles using 2D gold nanostructured arrays fabricated by block copolymer self-assembly.
使用通过嵌段共聚物自组装制造的 2D 金纳米结构阵列放大 EQCM-D 检测细胞外囊泡。
  • DOI:
    10.1039/d2nh00424k
  • 发表时间:
    2023-03-27
  • 期刊:
  • 影响因子:
    9.7
  • 作者:
  • 通讯作者:

的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

{{ truncateString('', 18)}}的其他基金

An implantable biosensor microsystem for real-time measurement of circulating biomarkers
用于实时测量循环生物标志物的植入式生物传感器微系统
  • 批准号:
    2901954
  • 财政年份:
    2028
  • 资助金额:
    --
  • 项目类别:
    Studentship
Exploiting the polysaccharide breakdown capacity of the human gut microbiome to develop environmentally sustainable dishwashing solutions
利用人类肠道微生物群的多糖分解能力来开发环境可持续的洗碗解决方案
  • 批准号:
    2896097
  • 财政年份:
    2027
  • 资助金额:
    --
  • 项目类别:
    Studentship
A Robot that Swims Through Granular Materials
可以在颗粒材料中游动的机器人
  • 批准号:
    2780268
  • 财政年份:
    2027
  • 资助金额:
    --
  • 项目类别:
    Studentship
Likelihood and impact of severe space weather events on the resilience of nuclear power and safeguards monitoring.
严重空间天气事件对核电和保障监督的恢复力的可能性和影响。
  • 批准号:
    2908918
  • 财政年份:
    2027
  • 资助金额:
    --
  • 项目类别:
    Studentship
Proton, alpha and gamma irradiation assisted stress corrosion cracking: understanding the fuel-stainless steel interface
质子、α 和 γ 辐照辅助应力腐蚀开裂:了解燃料-不锈钢界面
  • 批准号:
    2908693
  • 财政年份:
    2027
  • 资助金额:
    --
  • 项目类别:
    Studentship
Field Assisted Sintering of Nuclear Fuel Simulants
核燃料模拟物的现场辅助烧结
  • 批准号:
    2908917
  • 财政年份:
    2027
  • 资助金额:
    --
  • 项目类别:
    Studentship
Assessment of new fatigue capable titanium alloys for aerospace applications
评估用于航空航天应用的新型抗疲劳钛合金
  • 批准号:
    2879438
  • 财政年份:
    2027
  • 资助金额:
    --
  • 项目类别:
    Studentship
CDT year 1 so TBC in Oct 2024
CDT 第 1 年,预计 2024 年 10 月
  • 批准号:
    2879865
  • 财政年份:
    2027
  • 资助金额:
    --
  • 项目类别:
    Studentship
Developing a 3D printed skin model using a Dextran - Collagen hydrogel to analyse the cellular and epigenetic effects of interleukin-17 inhibitors in
使用右旋糖酐-胶原蛋白水凝胶开发 3D 打印皮肤模型,以分析白细胞介素 17 抑制剂的细胞和表观遗传效应
  • 批准号:
    2890513
  • 财政年份:
    2027
  • 资助金额:
    --
  • 项目类别:
    Studentship
Understanding the interplay between the gut microbiome, behavior and urbanisation in wild birds
了解野生鸟类肠道微生物组、行为和城市化之间的相互作用
  • 批准号:
    2876993
  • 财政年份:
    2027
  • 资助金额:
    --
  • 项目类别:
    Studentship

相似国自然基金

体数据表达与绘制的新方法研究
  • 批准号:
    61170206
  • 批准年份:
    2011
  • 资助金额:
    55.0 万元
  • 项目类别:
    面上项目

相似海外基金

Collaborative Research: LTREB: The importance of resource availability, acquisition, and mobilization to the evolution of life history trade-offs in a variable environment.
合作研究:LTREB:资源可用性、获取和动员对于可变环境中生命史权衡演变的重要性。
  • 批准号:
    2338394
  • 财政年份:
    2024
  • 资助金额:
    --
  • 项目类别:
    Continuing Grant
NSF PRFB FY23: Understanding the evolutionary importance and vectoring mechanisms of horizontal gene transfer within a parasitic plant system
NSF PRFB FY23:了解寄生植物系统内水平基因转移的进化重要性和矢量机制
  • 批准号:
    2305877
  • 财政年份:
    2024
  • 资助金额:
    --
  • 项目类别:
    Fellowship Award
Collaborative Research: LTREB: The importance of resource availability, acquisition, and mobilization to the evolution of life history trade-offs in a variable environment.
合作研究:LTREB:资源可用性、获取和动员对于可变环境中生命史权衡演变的重要性。
  • 批准号:
    2338395
  • 财政年份:
    2024
  • 资助金额:
    --
  • 项目类别:
    Continuing Grant
Elucidating molecular mechanisms of the water-induced swallowing reflex under non-thirsty and thirsty conditions: the importance of TRPV4
阐明非口渴和口渴条件下水诱导吞咽反射的分子机制:TRPV4的重要性
  • 批准号:
    24K12880
  • 财政年份:
    2024
  • 资助金额:
    --
  • 项目类别:
    Grant-in-Aid for Scientific Research (C)
The Need for Speed: Understanding the Importance of Different ELF3 Nuclear Localisation Mechanisms
对速度的需求:了解不同 ELF3 核定位机制的重要性
  • 批准号:
    BB/Z514998/1
  • 财政年份:
    2024
  • 资助金额:
    --
  • 项目类别:
    Fellowship
The Importance of Mobilization in the Failure of the Left and the Rise of the Right
动员对于左派失败和右派崛起的重要性
  • 批准号:
    24K04732
  • 财政年份:
    2024
  • 资助金额:
    --
  • 项目类别:
    Grant-in-Aid for Scientific Research (C)
CAREER: Microbial Mineral Oxidation in a Temperate Marine Sediment: Quantifying the importance of extracellular electron transfer to sediment sulfur biogeochemistry
职业:温带海洋沉积物中的微生物矿物氧化:量化细胞外电子转移对沉积物硫生物地球化学的重要性
  • 批准号:
    2239052
  • 财政年份:
    2023
  • 资助金额:
    --
  • 项目类别:
    Continuing Grant
Importance of IL-15 responsive CD8+ cells in protective immunity against AIDS viruses
IL-15 反应性 CD8 细胞在针对艾滋病病毒的保护性免疫中的重要性
  • 批准号:
    23K07949
  • 财政年份:
    2023
  • 资助金额:
    --
  • 项目类别:
    Grant-in-Aid for Scientific Research (C)
RII Track-4: NSF: Building Linkages: Assessing the Importance of Terrestrial Climate in Deglacial Ice Sheet Dynamics through Collaborative Research Capacity Building
RII Track-4:NSF:建立联系:通过合作研究能力建设评估陆地气候在冰消冰盖动力学中的重要性
  • 批准号:
    2229696
  • 财政年份:
    2023
  • 资助金额:
    --
  • 项目类别:
    Standard Grant
The Importance of Nonlinear Physics in Radiation Belt Modelling
非线性物理在辐射带建模中的重要性
  • 批准号:
    NE/V013963/2
  • 财政年份:
    2023
  • 资助金额:
    --
  • 项目类别:
    Fellowship
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了