Backwards from zero: how the U.S public evaluates the use of zero-day vulnerabilities in cybersecurity/ (Record no. 43247)
[ view plain ]
000 -LEADER | |
---|---|
fixed length control field | 01700cam a2200157 4500 |
100 1# - MAIN ENTRY--PERSONAL NAME | |
Personal name | LEAL Marcelo M. |
245 ## - TITLE STATEMENT | |
Title | Backwards from zero: how the U.S public evaluates the use of zero-day vulnerabilities in cybersecurity/ |
Statement of responsibility, etc. | Marcelo M. Leal and Paul Musgrave |
260 ## - PUBLICATION, DISTRIBUTION, ETC. | |
Date of publication, distribution, etc. | 2023 |
520 ## - SUMMARY, ETC. | |
Summary, etc. | Zero-day vulnerabilities are software and hardware flaws that are unknown to computer vendors. As powerful means of carrying out cyber intrusions, such vulnerabilities present a dilemma for governments. Actors that develop or procure such vulnerabilities may retain them for future use; alternatively, agencies possessing such vulnerabilities may disclose the flaws to affected vendors so they can be patched, thereby denying vulnerabilities not only to adversaries but also themselves. Previous research has explored the ethics and implications of this dilemma, but no study has investigated public opinion regarding zero-day exploits. We present results from a survey experiment testing whether conditions identified as important in the literature influence respondents' support for disclosing or stockpiling zero-day vulnerabilities. Our results show that respondents overwhelmingly support disclosure, a conclusion only weakly affected by the likelihood that an adversary will independently discover the vulnerability. Our findings suggest a gap between public preferences and current U.S. policy. |
598 ## - BULLETIN HEADING | |
Bulletin Heading | CYBERSEC |
650 ## - SUBJECT ADDED ENTRY--TOPICAL TERM | |
Topical term or geographic name entry element | CYBERSECURITY POLICY |
700 ## - ADDED ENTRY--PERSONAL NAME | |
Personal name | MUSGRAVE Paul M. |
773 ## - HOST ITEM ENTRY | |
Main entry heading | Contemporary Security Policy: |
Related parts | Vol 44, No 3, July 2023, pp437-461 |
856 ## - ELECTRONIC LOCATION AND ACCESS | |
Uniform Resource Identifier | <a href="https://www.tandfonline.com/doi/full/10.1080/13523260.2023.2216112">https://www.tandfonline.com/doi/full/10.1080/13523260.2023.2216112</a> |
Public note | click here for full text |
945 ## - LOCAL PROCESSING INFORMATION (OCLC) | |
i | 70177-1001 |
r | Y |
s | Y |
Withdrawn status | Lost status | Source of classification or shelving scheme | Damaged status | Not for loan | Home library | Current library | Shelving location | Date acquired | Total checkouts | Full call number | Barcode | Date last seen | Copy number | Price effective from | Koha item type |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Dewey Decimal Classification | Mindef Library & Info Centre | Mindef Library & Info Centre | Journals | 27/11/2023 | CYBERSEC | 70177-1001 | 03/01/2024 | 1 | 03/01/2024 | Journal Article |