ログイン 新規登録
言語:

WEKO3

  • トップ
  • ランキング
To
lat lon distance
To

Field does not validate



インデックスリンク

インデックスツリー

メールアドレスを入力してください。

WEKO

One fine body…

WEKO

One fine body…

アイテム

  1. 論文誌(ジャーナル)
  2. Vol.65
  3. No.12

Proposal of Open Source Software Security Risk Indicator Based on Vulnerability Management Interview

https://ipsj.ixsq.nii.ac.jp/records/241746
https://ipsj.ixsq.nii.ac.jp/records/241746
8bc110f7-bedc-4b0d-85cb-ef5a223d5593
名前 / ファイル ライセンス アクション
IPSJ-JNL6512006.pdf IPSJ-JNL6512006.pdf (1.1 MB)
 2026年12月15日からダウンロード可能です。
Copyright (c) 2024 by the Information Processing Society of Japan
非会員:¥0, IPSJ:学会員:¥0, 論文誌:会員:¥0, DLIB:会員:¥0
Item type Journal(1)
公開日 2024-12-15
タイトル
タイトル Proposal of Open Source Software Security Risk Indicator Based on Vulnerability Management Interview
タイトル
言語 en
タイトル Proposal of Open Source Software Security Risk Indicator Based on Vulnerability Management Interview
言語
言語 eng
キーワード
主題Scheme Other
主題 [特集:社会的・倫理的なオンライン活動を支援するセキュリティとトラスト] vulnerability risk, open source software, software security
資源タイプ
資源タイプ識別子 http://purl.org/coar/resource_type/c_6501
資源タイプ journal article
著者所属
Graduate School of Engineering, Kobe University
著者所属
Intelligent Systems Laboratory, SECOM CO., LTD.
著者所属
SIOS Technology, Inc.
著者所属
Faculty for Electrical Engineering, Mathematics and Computer Science, University of Twente
著者所属
Faculty of Environmental, Life, Natural Science and Technology, Okayama University
著者所属(英)
en
Graduate School of Engineering, Kobe University
著者所属(英)
en
Intelligent Systems Laboratory, SECOM CO., LTD.
著者所属(英)
en
SIOS Technology, Inc.
著者所属(英)
en
Faculty for Electrical Engineering, Mathematics and Computer Science, University of Twente
著者所属(英)
en
Faculty of Environmental, Life, Natural Science and Technology, Okayama University
著者名 Hiroki, Kuzuno

× Hiroki, Kuzuno

Hiroki, Kuzuno

Search repository
Tomohiko, Yano

× Tomohiko, Yano

Tomohiko, Yano

Search repository
Kazuki, Omo

× Kazuki, Omo

Kazuki, Omo

Search repository
Jeroen, van der Ham

× Jeroen, van der Ham

Jeroen, van der Ham

Search repository
Toshihiro, Yamauchi

× Toshihiro, Yamauchi

Toshihiro, Yamauchi

Search repository
著者名(英) Hiroki, Kuzuno

× Hiroki, Kuzuno

en Hiroki, Kuzuno

Search repository
Tomohiko, Yano

× Tomohiko, Yano

en Tomohiko, Yano

Search repository
Kazuki, Omo

× Kazuki, Omo

en Kazuki, Omo

Search repository
Jeroen, van der Ham

× Jeroen, van der Ham

en Jeroen, van der Ham

Search repository
Toshihiro, Yamauchi

× Toshihiro, Yamauchi

en Toshihiro, Yamauchi

Search repository
論文抄録
内容記述タイプ Other
内容記述 Open source software (OSS) has gained significant prominence in recent years. The security of OSS is a vital concern within information systems relying on OSS. When vulnerabilities are identified in OSS projects, previous security research has suggested approaches such as vulnerability classification, risk estimation, and exploitability analysis. Evaluating whether these vulnerabilities and the associated risks in the OSS development process pose security threats remains a complex challenge. In this study, through an interview survey on existing vulnerability management, we have determined the need for ongoing and automated countermeasures against attacks by comprehending OSS security risks based on the survey findings. We then evaluated the effectiveness of these countermeasures and proposed a security risk indicator for OSS to address these issues. The proposed method measures OSS security risk indicators by integrating vulnerability information with the development status of OSS. The suggested security risk indicator for OSS serves as a benchmark for security measures in the operation of information systems. In our evaluation, we evaluated the effectiveness of the proposed OSS security risk indicator in identifying threats from multiple OSS and assessed the computational cost associated with calculating OSS security risk indicators.
------------------------------
This is a preprint of an article intended for publication Journal of
Information Processing(JIP). This preprint should not be cited. This
article should be cited as: Journal of Information Processing Vol.32(2024) (online)
DOI http://dx.doi.org/10.2197/ipsjjip.32.1090
------------------------------
論文抄録(英)
内容記述タイプ Other
内容記述 Open source software (OSS) has gained significant prominence in recent years. The security of OSS is a vital concern within information systems relying on OSS. When vulnerabilities are identified in OSS projects, previous security research has suggested approaches such as vulnerability classification, risk estimation, and exploitability analysis. Evaluating whether these vulnerabilities and the associated risks in the OSS development process pose security threats remains a complex challenge. In this study, through an interview survey on existing vulnerability management, we have determined the need for ongoing and automated countermeasures against attacks by comprehending OSS security risks based on the survey findings. We then evaluated the effectiveness of these countermeasures and proposed a security risk indicator for OSS to address these issues. The proposed method measures OSS security risk indicators by integrating vulnerability information with the development status of OSS. The suggested security risk indicator for OSS serves as a benchmark for security measures in the operation of information systems. In our evaluation, we evaluated the effectiveness of the proposed OSS security risk indicator in identifying threats from multiple OSS and assessed the computational cost associated with calculating OSS security risk indicators.
------------------------------
This is a preprint of an article intended for publication Journal of
Information Processing(JIP). This preprint should not be cited. This
article should be cited as: Journal of Information Processing Vol.32(2024) (online)
DOI http://dx.doi.org/10.2197/ipsjjip.32.1090
------------------------------
書誌レコードID
収録物識別子タイプ NCID
収録物識別子 AN00116647
書誌情報 情報処理学会論文誌

巻 65, 号 12, 発行日 2024-12-15
ISSN
収録物識別子タイプ ISSN
収録物識別子 1882-7764
公開者
言語 ja
出版者 情報処理学会
戻る
0
views
See details
Views

Versions

Ver.1 2025-01-19 07:33:36.189531
Show All versions

Share

Mendeley Twitter Facebook Print Addthis

Cite as

エクスポート

OAI-PMH
  • OAI-PMH JPCOAR
  • OAI-PMH DublinCore
  • OAI-PMH DDI
Other Formats
  • JSON
  • BIBTEX

Confirm


Powered by WEKO3


Powered by WEKO3