The aim of this paper is to define the terms ‘Information and Communication Technologies’ (hereinafter ‘ICT’ without emphasis), ‘ICT Security’ and ‘Open Source Software’ (hereinafter ‘OSS’ without emphasis). This paper will focus on discussing the concept of ‘ICT Security in OSS’ suggested in well-known sources (The UNESCO 2007; Bakari 2007; Open Source Software Work Group 2010; Australian Government Information Management Office 2011).
In literature and research multiple definitions of ICT can be found in the fields of science and technology by looking at various fields of technological aspects. UNESCO Bangkok defines ICT as the representative of all forms of devices that can manipulate information with the use of electronic means (2007, 1). The manipulation of information concerns many vulnerabilities and threats. These threats can cause major damage in system functionality. The process of detecting and eliminating these threats or vulnerabilities to ensure the reliability and confidentiality of data in any ICT system are known as ICT security (Bakari 2007, 4-5).
OSS is a kind of software where the source code is freely available. Source code is the backbone of any particular software program. OSS software can be distributed freely with or without modification. The development process of OSS is public. Any kinds of OSS solution can be reviewed, re-modified and re-distributed by various developers from various OSS communities (Australian Government Information Management Office 2011, 4.)
OSS is gaining popularities in the world of ICT because of its stability and rich security features. In this paper Chapter 2 focuses on discussing the security benefits and security vulnerabilities of adopting OSS. Based on the discussion the conclusion is drawn in chapter 3.
2 THE SECURITY PERSPECTIVE OF ADOPTING OSS
The infrastructure of modern economy heavily relies on ICT systems. ICT system development and implementation process have many stages. System security is one of the major phases in the ICT software development process. OSS is best known for strong security. Many organisations are adopting OSS because of its powerful features and effective solutions for security weaknesses.
It has been discussed earlier that Source code is publicly available in OSS software solutions, but in proprietary software the source code availability is restricted. On the contrary, proprietary software solutions are likely to have more security flaws because of the unavailability of source code. For this reason, OSS solutions are considered to be more reliable than proprietary software solutions (Australian Government Information Management Office 2011, 18.).
Every kind of software solutions contains bugs and security. For OSS these security vulnerabilities are discovered at the early stage of development because the source code is reviewed by many OSS developers. Security patches and updates are implemented quickly and efficiently.