Software Security Professionals: Expertise Indicators
In crowd-sourcing, selecting the person with suitable expertise is very important; especially since the task requester is not always in direct contact with the worker. Recently, this has become increasingly important particularly when the crowd-sourced tasks are complex and require skillful workers...
Saved in:
| Published in | 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC) pp. 139 - 148 |
|---|---|
| Main Authors | , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.11.2016
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | In crowd-sourcing, selecting the person with suitable expertise is very important; especially since the task requester is not always in direct contact with the worker. Recently, this has become increasingly important particularly when the crowd-sourced tasks are complex and require skillful workers (e.g. software development, software testing, vulnerability discovery, and open innovation). In this paper, we aim to identify indicators to determine the expertise of security professionals in a crowd-sourcing vulnerability discovery platform. We review literature and online contents, conduct interviews with domain experts, and survey security professionals involved in the task of vulnerability discovery. We discuss the indicators we have found, and we provide some recommendations to help improve the process of selecting security professionals to perform crowd tasks related to vulnerability discovery. |
|---|---|
| AbstractList | In crowd-sourcing, selecting the person with suitable expertise is very important; especially since the task requester is not always in direct contact with the worker. Recently, this has become increasingly important particularly when the crowd-sourced tasks are complex and require skillful workers (e.g. software development, software testing, vulnerability discovery, and open innovation). In this paper, we aim to identify indicators to determine the expertise of security professionals in a crowd-sourcing vulnerability discovery platform. We review literature and online contents, conduct interviews with domain experts, and survey security professionals involved in the task of vulnerability discovery. We discuss the indicators we have found, and we provide some recommendations to help improve the process of selecting security professionals to perform crowd tasks related to vulnerability discovery. |
| Author | Barukh, Moshe Chai Benatallah, Boualem Al-Banna, Mortada |
| Author_xml | – sequence: 1 givenname: Mortada surname: Al-Banna fullname: Al-Banna, Mortada email: mortadaa@cse.unsw.edu.au organization: Comput. Sci. & Eng., UNSW Australia, Sydney, QLD, Australia – sequence: 2 givenname: Boualem surname: Benatallah fullname: Benatallah, Boualem email: boualem@cse.unsw.edu.au organization: Comput. Sci. & Eng., UNSW Australia, Sydney, QLD, Australia – sequence: 3 givenname: Moshe Chai surname: Barukh fullname: Barukh, Moshe Chai email: mosheb@cse.unsw.edu.au organization: Comput. Sci. & Eng., UNSW Australia, Sydney, QLD, Australia |
| BookMark | eNp9ybsOgjAUANBrooMPNjeX_oB4C0KpK8HIRoI7afCSNNGWtDXK3-vg7HSGs4K5sYYAthxjzlEeyrqME-R5jCnOIJKi4BlKPOYokiVkrR3CSzliLfVPp8PEGmcH8l5bo-7-xKr3SC5oT6w2N92rYJ3fwGL4JkU_17A7V9fystdE1I1OP5SbOlGgFMjT__sBxaozFA |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/CIC.2016.030 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEL IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEL url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781509046072 1509046070 |
| EndPage | 148 |
| ExternalDocumentID | 7809701 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-ieee_primary_78097013 |
| IEDL.DBID | RIE |
| IngestDate | Thu Jun 29 18:38:25 EDT 2023 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-ieee_primary_78097013 |
| ParticipantIDs | ieee_primary_7809701 |
| PublicationCentury | 2000 |
| PublicationDate | 2016-Nov. |
| PublicationDateYYYYMMDD | 2016-11-01 |
| PublicationDate_xml | – month: 11 year: 2016 text: 2016-Nov. |
| PublicationDecade | 2010 |
| PublicationTitle | 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC) |
| PublicationTitleAbbrev | COLCOM |
| PublicationYear | 2016 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 3.2990572 |
| Snippet | In crowd-sourcing, selecting the person with suitable expertise is very important; especially since the task requester is not always in direct contact with the... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 139 |
| SubjectTerms | Blogs Certification Crowd-sourcing Expertise Interviews Organizations Recruitment Security Security professionals Software Vulnerability discovery |
| Title | Software Security Professionals: Expertise Indicators |
| URI | https://ieeexplore.ieee.org/document/7809701 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1BS8MwFH7MnTzp2ESdkxw82i6uadN4LY5NmAhT2G0kzetF6GS2DPz19iWzA9lBcgkh5IV3yAd53_c9gLu0gWCeFFGgjeWBkIUNTCxE8KAxlVYIa51P9-Ilmb2L51W86sB9q4VBREc-w5CmrpZvN3lNX2VjmXIlSax1IpXyWq2Wy67G2TwjqlYSekrzoVeKg4rpGSx-g3iGyEdYVybMv__4L_73FucwOIjy2GsLNz3oYNmHeNk8ozu9RbbcN6KjPa3Zxtcjc17G1HGZzUuqyVB3nQEMp09v2SygsOtPbzix3keMLqBbbkq8BDaxOpdGcxsJLbDgGi0XmBjVjKiIJ1fQP3bC9fHlIZxS4rzE7ga61bbGUYO1lbl1Sf4BdWaG8g |
| link.rule.ids | 310,311,783,787,792,793,799,27937,55086 |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PS8MwFH6MedCTyibq_JGDR9PFNW1ar8XR6jqETditJM3rRehktgj-9Tbp7EB2kFxCCHnhHfKF5Pu-B3AXNBDM_MKlUmlGuSg0VR7n9EFiIDTnWluf7nTux2_8eeWtenDfaWEQ0ZLP0DFd-5ev13ltnsrGImChMGKtg-ZeHfitWqtjs4fjKIkMWct3WlLzrlqKBYvpMaS_YVqOyLtTV8rJv_84MP53Hycw3MnyyGsHOKfQw3IA3qI5SL_kBsliW4rOzOnsNj4fiXUzNjWXSVKaXxlTX2cIo-nTMoqpCZt9tJYT2Taiewb9cl3iOZCJlrlQkmmXS44Fk6gZR1-FTXMLb3IBg30rXO4fvoXDeJnOslkyfxnBkUliK7i7gn61qfG6Qd5K3diE_wCx_4o9 |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2016+IEEE+2nd+International+Conference+on+Collaboration+and+Internet+Computing+%28CIC%29&rft.atitle=Software+Security+Professionals%3A+Expertise+Indicators&rft.au=Al-Banna%2C+Mortada&rft.au=Benatallah%2C+Boualem&rft.au=Barukh%2C+Moshe+Chai&rft.date=2016-11-01&rft.pub=IEEE&rft.spage=139&rft.epage=148&rft_id=info:doi/10.1109%2FCIC.2016.030&rft.externalDocID=7809701 |