Open security

Quality 0.50 · 0 views · Updated 2 months ago

Open source approach to computer security

title: "Open security" type: doc version: 1 created: 2026-02-28 author: "Wikipedia contributors" status: active scope: public tags: ["free-software-culture-and-documents", "free-culture-movement", "cybersecurity-engineering"] description: "Open source approach to computer security" topic_path: "engineering" source: "https://en.wikipedia.org/wiki/Open_security" license: "CC BY-SA 4.0" wikipedia_page_id: 0 wikipedia_revision_id: 0

::summary Open source approach to computer security ::

Open security is the use of open source philosophies and methodologies to approach computer security and other information security challenges. Traditional application security is based on the premise that any application or service (whether it is malware or desirable) relies on security through obscurity.

Open source approaches have created technology such as Linux and Bitcoin. Additionally, open source approaches applied to documents have inspired wikis and their largest example, Wikipedia. Open security suggests that security breaches and vulnerabilities can be better prevented or ameliorated when users facing these problems collaborate using open source philosophies.

This approach requires that users be legally allowed to collaborate, so relevant software would need to be released under a license that is widely accepted to be open source; examples include the Massachusetts Institute of Technology (MIT) license, the Apache 2.0 license, the GNU Lesser General Public License (LGPL), and the GNU General Public License (GPL). Relevant documents would need to be under a generally accepted "open content" license; these include Creative Commons Attribution (CC-BY) and Attribution Share Alike (CC-BY-SA) licenses, but not Creative Commons "non-commercial" licenses or "no-derivative" licenses.

On the developer side, legitimate software and service providers can have independent verification and testing of their source code. On the information technology side, companies can aggregate common threats, patterns, and security solutions to a variety of security issues.

References

References

  1. Wheeler, David A. (2013-08-21). "What is open security?". Defence Technical Information Center.
  2. Raymond, Eric S. (2004-05-17). "If Cisco ignored Kerckhoffs's Law, users will pay the price". LWN.net.
  3. "Open Security Foundation". [[Open Security Foundation]].
  4. "Open Web Application Security Project".
  5. "Why have OSA?". OSA.

::callout[type=info title="Wikipedia Source"] This article was imported from Wikipedia and is available under the Creative Commons Attribution-ShareAlike 4.0 License. Content has been adapted to SurfDoc format. Original contributors can be found on the article history page. ::

free-software-culture-and-documentsfree-culture-movementcybersecurity-engineering