{"title":"面向云企业的开源软件安全挑战与策略","authors":"Sagar Gupta, S. Vadlamudi","doi":"10.1109/ICCT56969.2023.10076194","DOIUrl":null,"url":null,"abstract":"Cloud computing stimulated the development of agile software. The new oil is software. More than 70-90% of the software is open-source, and its usage is inevitable. Open source encourages innovation through collaboration, reduces Time-To-Market, and fuels breakthrough technologies from the past few decades. In a way, open source is eating software or driving the Software world. Open source communities involve more contributors /developers, sometimes posing substantial security challenges. Recently, we have witnessed SolarWinds compromising the entire supply chain, Log4j allowing access to execute code with critical zero-day vulnerability remotely. The digital universe paused because these zero-day vulnerabilities exploded as an outcome. In this work, we will highlight challenges and propose an approach to help organisations protect the code base by safely consuming the Open Source.","PeriodicalId":128100,"journal":{"name":"2023 3rd International Conference on Intelligent Communication and Computational Techniques (ICCT)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-01-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Open-Source Software Security Challenges and Policies for Cloud Enterprises\",\"authors\":\"Sagar Gupta, S. Vadlamudi\",\"doi\":\"10.1109/ICCT56969.2023.10076194\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing stimulated the development of agile software. The new oil is software. More than 70-90% of the software is open-source, and its usage is inevitable. Open source encourages innovation through collaboration, reduces Time-To-Market, and fuels breakthrough technologies from the past few decades. In a way, open source is eating software or driving the Software world. Open source communities involve more contributors /developers, sometimes posing substantial security challenges. Recently, we have witnessed SolarWinds compromising the entire supply chain, Log4j allowing access to execute code with critical zero-day vulnerability remotely. The digital universe paused because these zero-day vulnerabilities exploded as an outcome. In this work, we will highlight challenges and propose an approach to help organisations protect the code base by safely consuming the Open Source.\",\"PeriodicalId\":128100,\"journal\":{\"name\":\"2023 3rd International Conference on Intelligent Communication and Computational Techniques (ICCT)\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-01-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 3rd International Conference on Intelligent Communication and Computational Techniques (ICCT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCT56969.2023.10076194\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 3rd International Conference on Intelligent Communication and Computational Techniques (ICCT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCT56969.2023.10076194","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Open-Source Software Security Challenges and Policies for Cloud Enterprises
Cloud computing stimulated the development of agile software. The new oil is software. More than 70-90% of the software is open-source, and its usage is inevitable. Open source encourages innovation through collaboration, reduces Time-To-Market, and fuels breakthrough technologies from the past few decades. In a way, open source is eating software or driving the Software world. Open source communities involve more contributors /developers, sometimes posing substantial security challenges. Recently, we have witnessed SolarWinds compromising the entire supply chain, Log4j allowing access to execute code with critical zero-day vulnerability remotely. The digital universe paused because these zero-day vulnerabilities exploded as an outcome. In this work, we will highlight challenges and propose an approach to help organisations protect the code base by safely consuming the Open Source.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
