{"language":[{"iso":"eng"}],"ddc":["000"],"file":[{"file_name":"vendors behavior - UPDATED IEEE version.pdf","file_id":"6192","file_size":299380,"creator":"hsiemes","date_created":"2018-12-11T15:23:33Z","date_updated":"2018-12-13T15:20:23Z","relation":"main_file","access_level":"open_access","content_type":"application/pdf"}],"publication":"43rd Annual Hawaii International Conference on System Sciences","date_updated":"2022-01-06T07:02:14Z","type":"conference","extern":"1","abstract":[{"lang":"eng","text":"While many theoretical arguments against or in favor of open source and closed source software development have been presented, the empirical basis for the assessment of arguments and the development of models is still weak. Addressing this research gap, this paper presents the first comprehensive empirical investigation of published vulnerabilities and patches of 17 widely deployed open source and closed source software packages, including operating systems, database systems, web browsers, email clients, and office systems. The empirical analysis uses comprehensive vulnerability data contained in the NIST National Vulnerability Database and a newly compiled data set of vulnerability patches. The results suggest that it is not the particular software development style that determines the severity of vulnerabilities and vendors? patching behavior, but rather the specific application type and the policy of the particular development community, respectively."}],"oa":"1","author":[{"last_name":"Schryen","id":"72850","full_name":"Schryen, Guido","first_name":"Guido"},{"full_name":"Eliot, Rich","last_name":"Eliot","first_name":"Rich"}],"has_accepted_license":"1","status":"public","year":"2010","citation":{"chicago":"Schryen, Guido, and Rich Eliot. “Increasing Software Security through Open Source or Closed Source Development? Empirics Suggest That We Have Asked the Wrong Question.” In <i>43rd Annual Hawaii International Conference on System Sciences</i>, 2010.","short":"G. Schryen, R. Eliot, in: 43rd Annual Hawaii International Conference on System Sciences, 2010.","bibtex":"@inproceedings{Schryen_Eliot_2010, title={Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question}, booktitle={43rd Annual Hawaii International Conference on System Sciences}, author={Schryen, Guido and Eliot, Rich}, year={2010} }","apa":"Schryen, G., &#38; Eliot, R. (2010). Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question. In <i>43rd Annual Hawaii International Conference on System Sciences</i>.","ama":"Schryen G, Eliot R. Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question. In: <i>43rd Annual Hawaii International Conference on System Sciences</i>. ; 2010.","mla":"Schryen, Guido, and Rich Eliot. “Increasing Software Security through Open Source or Closed Source Development? Empirics Suggest That We Have Asked the Wrong Question.” <i>43rd Annual Hawaii International Conference on System Sciences</i>, 2010.","ieee":"G. Schryen and R. Eliot, “Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question,” in <i>43rd Annual Hawaii International Conference on System Sciences</i>, 2010."},"user_id":"61579","date_created":"2018-11-14T14:23:45Z","department":[{"_id":"277"}],"file_date_updated":"2018-12-13T15:20:23Z","_id":"5631","title":"Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question"}