| 软件漏洞产业:现状与发展 |
| |
| 引用本文: | 韦韬,王贵驷,邹维.软件漏洞产业:现状与发展[J].清华大学学报(自然科学版),2009(Z2). |
| |
| 作者姓名: | 韦韬 王贵驷 邹维 |
| |
| 作者单位: | 北京大学计算机科学技术研究所;中国信息产业商会信息安全产业分会; |
| |
| 基金项目: | 国家“八六三”高技术项目(2006AA01Z40、2006AA01Z410) |
| |
| 摘 要: | 软件漏洞与信息安全息息相关。本文阐述了21世纪以来软件漏洞产业现状、技术进展和相关经济学研究成果。并将软件漏洞产业划分成3个环节:上游的漏洞发现,中游的安全信息提供机构(SIP),以及下游的各种行业应用。本文认为软件漏洞的根源来自于技术和经济两方面。本文建议:中国应从SIP的枢纽作用、关键工具和基础设施的研制等方面发展软件漏洞产业。
|
| 关 键 词: | 软件漏洞 信息安全 产业 |
Software vulnerability economy:Current situation and prospects |
| |
| WEI Tao,WANG Guisi,ZOU Wei.Software vulnerability economy:Current situation and prospects[J].Journal of Tsinghua University(Science and Technology),2009(Z2). |
| |
| Authors: | WEI Tao WANG Guisi ZOU Wei |
| |
| Institution: | WEI Tao1,WANG Guisi2,ZOU Wei1(1.Institute of Computer Science and Technology,Peking University,Beijing 100871,China,2.China Information Industry Trade Association Information Security Subcommittee,Beijing 100085,China) |
| |
| Abstract: | Software vulnerability closely relates to information security.This paper discusses the industry,technology and relative economic research since 2000 in detail.Software vulnerabilities are rooted in both technical and economic challenges.The software vulnerability industry can be divided into vulnerability discovering in upstream,security information provider(SIP) in midstream,and various applications in downstream.Both economic and technical approaches must be used to resolve software vulnerability problem... |
| |
| Keywords: | software vulnerability information security economy |
| 本文献已被 CNKI 等数据库收录! |
