Abstract | A previous article, “A Model for When Disclosure Helps Security: What is
Different about Computer and Network Security?” proposed a model for
when disclosure helps or hurts security and provided reasons why computer
security is often different in this respect than physical security.
This chapter provides a general approach for describing the incentives of actors to
disclose information about their software or systems. A chief point of this
chapter is that the incentives of disclosure depend on two largely independent
assessments: (i) the degree to which disclosure helps or hurts security
|