Software Vulnerability and Application Security Risk

Jianping Peng, Meiwen Guo and Jing Quan
Additional contact information
Jianping Peng: Sun Yat-Sen University, Guang Zhou, China
Meiwen Guo: Xinhua College of Sun Yet-Sen University, Guang Zhou, China
Jing Quan: Salisbury University, Salisbury, USA

Information Resources Management Journal (IRMJ), 2019, vol. 32, issue 1, 48-57

Abstract: This research investigates the software vendor-based relationships between software vulnerability and application security risk. The data is obtained from the China National Vulnerability Database of Information Security (CNNVD). At first, we use the latent class model to classify the software vendors into three categories, and then employ regression models to estimate relationships between software vulnerability and application security risk for each of the three categories of the software vendors. The results show the relationships vary across the software vendors. The findings suggest that an IT vendor should learn specific vulnerability features according to its type to effectively avoid vulnerability generation on their products.

Date: 2019
References: Add references at CitEc
Citations:

Downloads: (external link)
http://services.igi-global.com/resolvedoi/resolve. ... 4018/IRMJ.2019010103 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:igg:rmj000:v:32:y:2019:i:1:p:48-57

Access Statistics for this article

Information Resources Management Journal (IRMJ) is currently edited by George Kelley

More articles in Information Resources Management Journal (IRMJ) from IGI Global
Bibliographic data for series maintained by Journal Editor ().