Issue No. 07 - July (2004 vol. 37)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MC.2004.69
Nancy R. Mead , Software Engineering Institute
Over the past several years, we have seen both the enactment of legislation affecting liability and the appearance of actual liability cases in the courts. <p>Although several software flaws can make systems insecure, an entire industry including software vendors, systems administrators, consultants, network technicians, and clearing houses has developed to try to mitigate security holes after the fact.</p> <p>Nevertheless, the issue of liability lurks just beneath the surface of all their activities. Although the courts may not be the best venue for resolving this, liability cases will take place and an evolution of best practices will occur as well. </p>
N. R. Mead, "Who Is Liable for Insecure Systems?," in Computer, vol. 37, no. , pp. 27-34, 2004.