Handling and Reporting Security Advisories: A Scorecard Approach

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/MSP.2005.98

July/August 2005 (vol. 3 no. 4) pp. 32-41

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Dimitrios Lekkas Articles by Diomidis Spinellis

	ASCII Text	x
	Dimitrios Lekkas, Diomidis Spinellis, "Handling and Reporting Security Advisories: A Scorecard Approach," IEEE Security and Privacy, vol. 3, no. 4, pp. 32-41, July/August, 2005.

	BibTex	x
	@article{ 10.1109/MSP.2005.98, author = {Dimitrios Lekkas and Diomidis Spinellis}, title = {Handling and Reporting Security Advisories: A Scorecard Approach}, journal ={IEEE Security and Privacy}, volume = {3}, number = {4}, issn = {1540-7993}, year = {2005}, pages = {32-41}, doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2005.98}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Security and Privacy TI - Handling and Reporting Security Advisories: A Scorecard Approach IS - 4 SN - 1540-7993 SP32 EP41 EPD - 32-41 A1 - Dimitrios Lekkas, A1 - Diomidis Spinellis, PY - 2005 KW - security advisory KW - vulnerability disclosure KW - patch VL - 3 JA - IEEE Security and Privacy ER -

Dimitrios Lekkas, University of the Aegean

Diomidis Spinellis, Athens University of Economics and Business

Vendors and independent response centers have vastly different views regarding security advisories--what to publish and how to organize the information. The authors? scorecard approach aims to provide a practical guide for how to publish, read, evaluate, and handle advisories.

Index Terms:

security advisory, vulnerability disclosure, patch

Citation:

Dimitrios Lekkas, Diomidis Spinellis, "Handling and Reporting Security Advisories: A Scorecard Approach," IEEE Security and Privacy, vol. 3, no. 4, pp. 32-41, July/Aug. 2005, doi:10.1109/MSP.2005.98

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.