Was the 2006 Debian SSL Debacle a System Accident?

Published: 09/2013

Author(s):

Abstract:

In this paper we examine in detail the Debian OpenSSL Debacle from the perspectives of a system accident, a concept derived from the work of Charles Perrow. This event left users of Debian and its derivatives with seriously compromised cryptographic capabilities. We identify some common failings that might be problematic in other software development projects and offers some suggestions to help develop code more securely.

Citation:

George Markowsky, Was the 2006 Debian SSL Debacle a System Accident?, Proc. 7th IEEE International Conference on Intelligent Data Acquisition and Advanced Computer Systems, pp. 624-629, Sept. 12, 2013.

School of Computing and Information Science

Was the 2006 Debian SSL Debacle a System Accident?

Dr. Wörsdörfer co-authors a policy paper

Dr. Sepideh Ghanavati receives recognition

Dr. Nick Giudice contributes to Award Winning Paper

Dr. Nimesha Ranasinghe published in "The Vergecast"