skip to main content
10.1145/2536146.2536190acmotherconferencesArticle/Chapter ViewAbstractPublication PagesmedesConference Proceedingsconference-collections
research-article

Information security aspects of public software

Published: 28 October 2013 Publication History

Abstract

Public Software can be defined as any software that is endorsed by a Public Agent and distributed for wide use by the society. The concept of Public Software is an outspread of the idea that "software" is an important asset for the welfare of society, and therefore providing citizens with proper software tools is a task of public interest, which in some cases should be performed by the government itself. When a Public Agent endorses a software and gives it the "seal" of Public Software, he is -- explicitly or implicitly -- declaring that such software complies with minimum technical requirements, and stimulates its wide use by the society In the present paper, we discuss the importance that such requirements encompasses Information Security and we propose a validation model that is strongly based on security evaluation. In a world where cyber-crime is a reality and cyber-war becomes more and more relevant, it is fundamental that the Public Agent verify the Information Security aspects of a software before declaring it a Public Software, for otherwise, this Public Agent can be stimulating that security flaws and vulnerabilities are spread in the society, possibly in critical applications. We additionally discuss the importance of a strong validation procedure to assure the appropriate behavior of software regarding its functionalities and Information Security aspects. We conclude describing the Brazilian experience with the "Brazilian Public Software Portal" Public Software repository of open-source software.

References

[1]
Clarke, Richard. 2012. Cyber War: The Next Threat to National Security and What to Do About It. Ecco Publisher.
[2]
GNU General Public License. Website http://www.gnu.org/licenses/gpl.html. Last visited Aug 20th 2013.
[3]
Health Insurance Portability and Accountability Act of 1996. United States Congress.
[4]
International Laboratory Accreditation Cooperation. 2011. Why use an Accredited Laboratory. ILAC B1:05/2011
[5]
International Organization for Standardization. ISO 22307: 2008: Financial services - Privacy impact assessment. 2008.
[6]
Sipser, Michael. 2012. Introduction to the Theory of Computation, 3rd ed. Cengage Learning.
[7]
Thompson, Ken. 1984. Reflections on Trusting Trust. Communication of the ACM 27, 8(Aug. 1984), 761--763.
[8]
Interoperability Solutions for European Public Administrations. Website http://ec.europa.eu/isa. Last visited Aug 20th 2013.
[9]
Software in the Public Interest Inc. Website http://www.spiinc.org. Last visited Aug 20th 2013.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
MEDES '13: Proceedings of the Fifth International Conference on Management of Emergent Digital EcoSystems
October 2013
358 pages
ISBN:9781450320047
DOI:10.1145/2536146
  • Conference Chairs:
  • Latif Ladid,
  • Antonio Montes,
  • General Chair:
  • Peter A. Bruck,
  • Program Chairs:
  • Fernando Ferri,
  • Richard Chbeir
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

  • LBBC: Luxembourg Brazil Business Council
  • IPv6 Luxembourg Council: Luxembourg IPv6 Council
  • Luxembourg Green Business Awards 2013: Luxembourg Green Business Awards 2013
  • LUXINNOVATION: Agence Nationale pour la Promotion de l Innovation et de la Recherche
  • Pro Newtech: Pro Newtech
  • CTI: Centro de Tecnologia da Informação Renato Archer

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 October 2013

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. information security
  2. public software
  3. validation

Qualifiers

  • Research-article

Conference

MEDES '13
Sponsor:
  • LBBC
  • IPv6 Luxembourg Council
  • Luxembourg Green Business Awards 2013
  • LUXINNOVATION
  • Pro Newtech
  • CTI

Acceptance Rates

MEDES '13 Paper Acceptance Rate 56 of 122 submissions, 46%;
Overall Acceptance Rate 267 of 682 submissions, 39%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 160
    Total Downloads
  • Downloads (Last 12 months)1
  • Downloads (Last 6 weeks)0
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media