StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

The Disclosing of Vulnerable Information - Essay Example

Cite this document
Summary
The paper "The Disclosing of Vulnerable Information" highlights that whether information regarding vulnerabilities should be made public is an often talked about issue when you look at the benefits of disclosure and weigh them against the disadvantages of doing so…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER97% of users find it useful
The Disclosing of Vulnerable Information
Read Text Preview

Extract of sample "The Disclosing of Vulnerable Information"

Keeping in mind the situation described above publication of a patch and providing technical information about vulnerability during disclosure can enable users to take protective and preventive action. CERT, a federally funded quasi-government organization, is a key player in the domain of vulnerability disclosure and prioritizes in the publication of preventive measures, such as a patch, in their disclosures.

Certain issues revolve around the disclosing of vulnerable information. These are regarding the timing of the release of patches which is made critical once a vulnerability is disclosed. However, the development of these patches takes time. This component clashes with that of the instant disclosure, which leaves users defenseless against attackers who can exploit the disclosed vulnerability in the time that it takes for a patch to be released. These are the two critical dimensions that an optimal disclosure policy addresses.

For the development of an optimal patch notification policy, it is important to estimate the attacker’s and vendor’s behavior. If the vendors do not act quickly to instant disclosure then the formulation of a policy that incorporates this behavior will be strongly discouraged and socially unfavorable. But even if vendors develop a patch quickly there lays a need to know how the attacker’s probability of attack changes with the disclosure, and with the patching. Other critical elements that the policy incorporates are a thorough investigation of vulnerabilities that are more likely to be exploited by attackers and hence require immediate attention. These are the ones that the vendors need to concentrate on developing patches for.

Keeping in mind all these areas of concern we develop an optimal patch notification policy that balances the issues mentioned above. Simply because a vendor releases a patch more quickly due to an early disclosure does not necessarily make this action optimal. Using a game theoretic model Arora, Telang, and Xu (2003) show that neither instantaneous disclosure nor secrecy policy is optimal. An optimal patch publication policy depends upon underlying factors like how quickly a vendor’s response is in releasing patches, and how likely attackers are to find and exploit unpatched vulnerabilities.

Q2: Here we consider the incentives of the attackers as well as the parties listed previously. What are the incentives of attackers?

When we look at the internet we see how it has developed into a global system of interlinked computer networks which have made possible the exchange of information between millions of organizations. It has made possible new forms of social interactions as well as means to probe them. The internet is a unique tool for studying the development and organization of a complex system. This is why numerous attackers are attracted to the use of methods to hack into and manipulate various online systems.

There are many classifications of hackers based on the incentives behind their attacks. There are the early gentle hackers, who break into systems to demonstrate their skills. Then there are the ‘black hats’, which might have been gentle hackers at some point but then are motivated to make money as part of an explosively booming business based on ever-present internet insecurity. Moving towards a much larger scale, most electronic attackers nowadays extract valuable data and still manage to remain anonymous much like an electronic form of massive parasitism.

If looking through a monetary value and volume perspective a key target by attackers is personal identity information (ID). This can be credit card numbers, social security numbers, banking accounts, and medical files. Since each ID theft falls in the category of a ‘loss of control’ of an individual's private data and it can be considered as a damaging event that leads to potential realized financial losses, which is the main aim behind the attack. The incentive behind ID theft is a non-destructive internet attack that focuses on profit from botnets to highly specific attacks. Furthermore, these attacks can be uncontrolled as attackers can impersonate their victims and hence raise an important social issue of people’s identity resilience in the technology era. Due to the implications and the gain in terms of monetary value ID theft is one of the main incentives for attackers today. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Computer Security Essay Example | Topics and Well Written Essays - 750 words - 4”, n.d.)
Retrieved from https://studentshare.org/environmental-studies/1409825-computer-security
(Computer Security Essay Example | Topics and Well Written Essays - 750 Words - 4)
https://studentshare.org/environmental-studies/1409825-computer-security.
“Computer Security Essay Example | Topics and Well Written Essays - 750 Words - 4”, n.d. https://studentshare.org/environmental-studies/1409825-computer-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF The Disclosing of Vulnerable Information

U.S. Vulnerable Population and Health Policies

After completing the learning activity, Public Health information and Data Tutorial, locate data and describes trends associated with the physical, psychological, and/or social health of the populations selected.... This paper is based upon the observation of the physical, psychological and social health of people vulnerable to alcohol, tobacco, marijuana and other drugs abuse who agreed to participate in the survey of public health information.... vulnerable Population and Health Policies ...
10 Pages (2500 words) Essay

Vulnerable Population and Self-Awareness Paper

vulnerable Population and Self-Awareness Name: Institution: vulnerable POPULATION AND SELF-AWARENESS Losing a spouse can be a life changing and challenging event.... This paper applies criteria in selecting a vulnerable population, studying the population's demographics and reflecting on personal attitudes and values towards that population....
3 Pages (750 words) Essay

Preventative Services for Vulnerable Children

avies (2000:125-132) opines that the changing pattern of family, marriage, divorce, etc also affects the emotional well-being of vulnerable children.... o children and families, this means easy access to information and advice, easy means of support, and assurance of well being of children at risk.... The essay "Preventative Services for vulnerable Children" focuses on the critical analysis of the major issues on the preventative services for vulnerable children....
12 Pages (3000 words) Essay

Self Disclosure

Self disclosure is all about disclosing information about oneself.... The self disclosure become pertinent when one discloses confidential information, particularly personal information that not many people are aware of.... The strategy of disclosing crucial information about oneself can broadly be defined as discretionary.... The sharing of information, especially personal information is considered to be a serious issue as it significantly impacts inter personal relationship and often changes the very format of the relations between individuals....
3 Pages (750 words) Essay

Analysis of Sex Offences

uestion 2The reporter can only be required to leave if the case at hand is very sensitive, for example a case dealing with serious matters such as, national security, rights of vulnerable children or crime victims.... uestion 3The order to abolish the publication of any information that would disclose the identity of victim is only valid if it was a sexual or criminal offence perpetrated against the victim, who is still alive (Banks and Hanna).... This would be so because, by disclosing the names of the victim of sexual harassment, one would be violating the rights of the vulnerable children (Banks and Hanna)....
2 Pages (500 words) Coursework

Safeguarding Vulnerable Adults brochure

espond appropriately to incidences of abuse reported to them in a manner that will facilitate acquisition of relevant information.... A nurse or doctor must listen carefully and actively to what the client is reporting and record vital information.... Professionals are required to be sensitive in dealing with vulnerable clients to avoid further oppression through ignorance and negligence. ... It is out of this that policies and legal provisions It is the sole responsibility of the gov- ernment through the docket of health to protect vulnerable adults by enacting laws and policies in favour of the physi- cal, financial, and emotional well-being and security....
10 Pages (2500 words) Essay

Nursing: Caring for the Vulnerable

"Nursing: Caring for the vulnerable" paper states that modern nursing theories emphasize the appreciation and value of holistic care including personal values without compromising the strictures of professional conduct.... In old age especially, patients are more vulnerable due to their age and experience, which makes up their confidence, morale, and strength for living.... K, one can understand that nursing practice is not restricted to medical expertise or care but manifest beyond these boundaries stemming from patient and nurse's vulnerable situations, and how these can affect effective nursing care delivery....
8 Pages (2000 words) Case Study

Self-Disclosure and Gender

The paper defines self-disclosure as 'sharing information with others that would have otherwise been unknown to them'.... Sharing such personal information obviously is risky for the person disclosing the information and puts them into a vulnerable position in front of the person that the information is disclosed to (Stokes, Childs, & Fuehrer, 1981, pp.... This paper will aim to criticize the information available regarding variations in self-disclosure between males and females in romantic relationships and compare/contrast the various explanations offered regarding the differences in behavior....
14 Pages (3500 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us