Myth or Fact: Is Open Source Software More Secure than Closed Source Software?
by Daniel Saffioti, Gene Awyzio and Robert BK Brown
ABSTRACT
This paper examines one aspect of quality that organizations look for when selecting software, namely security. Studies over time have indicated that security; scalability, interoperability and flexibility are important however the major issue has always been support. This has led to the sometimes inflexible concept of Standard Operating Environments (SOEs) within organisations. Whilst SOEs provide many benefits to an organisation they can leave them vulnerable to several large security risks. CERT statistics show that security incidents have increased six fold since 2000 [1].
This paper will examine trends in both open and closed software development for a number of platforms that may be reducing the overall security of software. Whilst SOEs provide a larger target for security vulnerabilities and the heterogeneity of Open Source products may provide a less tempting target recent trends indicate that open source software may be becoming as vulnerable as the better known closed software products.
Daniel Saffioti, Gene Awyzio, Robert BK Brown
School of IT and Computer Science, University of Wollongong
Download complete paper: Myth or Fact: Is Open Source Software More Secure than Closed Source Software? (177K PDF)