Open security

Open security is the use of open source philosophies and methodologies to approach computer security and other information security challenges.[1] Traditional application security is based on the premise that any application or service (whether it is malware or desirable) relies on security through obscurity.[2]

Open source approaches have created technology such as Linux and Bitcoin. Additionally, open source approaches applied to documents have inspired wikis and their largest example, Wikipedia.[1] Open security suggests that security breaches and vulnerabilities can be better prevented or ameliorated when users facing these problems collaborate using open source philosophies.[1]

This approach requires that users be legally allowed to collaborate, so relevant software would need to be released under a license that is widely accepted to be open source; examples include the Massachusetts Institute of Technology (MIT) license, the Apache 2.0 license, the GNU Lesser General Public License (LGPL), and the GNU General Public License (GPL).[1] Relevant documents would need to be under a generally accepted "open content" license; these include Creative Commons Attribution (CC-BY) and Attribution Share Alike (CC-BY-SA) licenses, but not Creative Commons "non-commercial" licenses or "no-derivative" licenses.[1]

On the developer side, legitimate software and service providers can have independent verification and testing of their source code.[3] On the information technology side, companies can aggregate common threats, patterns, and security solutions to a variety of security issues.[4][5]

See also

References

  1. ^ a b c d e Wheeler, David A (2013-08-21). "What is open security?" (PDF). Institute for Defense Analyses. Defence Technical Information Center. Archived from the original on May 6, 2021. Retrieved 2018-01-08.
  2. ^ Raymond, Eric S (2004-05-17). "If Cisco ignored Kerckhoffs's Law, users will pay the price". LWN.net. Retrieved 2011-06-21.
  3. ^ "Open Security Foundation". Open Security Foundation. Archived from the original on 2011-07-19. Retrieved 2011-06-21.
  4. ^ "Open Web Application Security Project". Archived from the original on 2014-05-27. Retrieved 2011-06-21.
  5. ^ "Why have OSA?". OSA. Archived from the original on 2011-06-23. Retrieved 2011-06-21.

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.