Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
CHALLENGES IN SECURITY AUDITS IN OPEN SOURCE SYSTEMS
University of Skövde, School of Informatics.
2019 (English)Independent thesis Basic level (degree of Bachelor), 15 credits / 22,5 HE creditsStudent thesisAlternative title
UTMANINGAR I SÄKERHETSREVISIONER I SYSTEM MED ÖPPEN KÄLLKOD (Swedish)
Abstract [en]

Today there is a heavy integration of information technology in almost every aspect of our lives and there is an increase in computer security that goes with it. To ensure this security, and that policies and procedures within an organisations related to this security are enforced; security audits are conducted.

At the same time, use of open source software is also becoming increasingly common, becoming more a fact of life rather than an option. With these two trends in mind, this study analyses a selection of scientific literature on the topic and identifies the unique challenges a security audit in an open source environment faces, and aims to contribute on how to help alleviate the challenges.

The study was performed in the form of a literature review, where the comparison and analysis revealed interesting information regarding the open source specific challenges, including both technical issues as well as challenges stemming from people’s perception and handling of open source software today.

The answer to the question “What are the challenges when conducting security audits for open source systems and how can they be alleviated?” shows the main challenges to be too much trust is put in unverified binaries. The report offers suggestions and ideas on how to implement solutions in order to help diminish this challenge through the use and integration of Reproducible Builds, answering the second part of the question.

Place, publisher, year, edition, pages
2019. , p. 25
Keywords [en]
Security Audit, Open Source Software, Reproducible Builds
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:his:diva-17637OAI: oai:DiVA.org:his-17637DiVA, id: diva2:1348210
Subject / course
Informationsteknologi
Educational program
Network and Systems Administration
Supervisors
Examiners
Available from: 2019-09-04 Created: 2019-09-03 Last updated: 2019-09-04Bibliographically approved

Open Access in DiVA

fulltext(973 kB)67 downloads
File information
File name FULLTEXT01.pdfFile size 973 kBChecksum SHA-512
f8ca087a6d96608a8c2d4d7715d7134f2a65d0078c828f9db266f1315cf4febf9ee69057b20fbfac4929e9a6a9351ffe70adfe4997522ef77cc8063dec886139
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Nordberg, Pontus
By organisation
School of Informatics
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 67 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 215 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf