License: Creative Commons Attribution 3.0 Unported license (CC BY 3.0)
When quoting this document, please refer to the following
DOI: 10.4230/OASIcs.Tokenomics.2020.6
URN: urn:nbn:de:0030-drops-135286
URL: https://drops.dagstuhl.de/opus/volltexte/2021/13528/
Go to the corresponding OASIcs Volume Portal


Canidio, Andrea ; Costa, Gabriele ; Galletta, Letterio

VeriOSS: Using the Blockchain to Foster Bug Bounty Programs

pdf-format:
OASIcs-Tokenomics-2020-6.pdf (0.5 MB)


Abstract

Nowadays software is everywhere and this is particularly true for free and open source software (FOSS). Discovering bugs in FOSS projects is of paramount importance and many bug bounty programs attempt to attract skilled analysts by promising rewards. Nevertheless, developing an effective bug bounty program is challenging. As a consequence, many programs fail to support an efficient and fair bug bounty market. In this paper, we present VeriOSS, a novel bug bounty platform. The idea behind VeriOSS is to exploit the blockchain technology to develop a fair and efficient bug bounty market. To this aim, VeriOSS combines formal guarantees and economic incentives to ensure that the bug disclosure is both reliable and convenient for the market actors.

BibTeX - Entry

@InProceedings{canidio_et_al:OASIcs.Tokenomics.2020.6,
  author =	{Andrea Canidio and Gabriele Costa and Letterio Galletta},
  title =	{{VeriOSS: Using the Blockchain to Foster Bug Bounty Programs}},
  booktitle =	{2nd International Conference on Blockchain Economics, Security and Protocols (Tokenomics 2020)},
  pages =	{6:1--6:14},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-95977-157-3},
  ISSN =	{2190-6807},
  year =	{2021},
  volume =	{82},
  editor =	{Emmanuelle Anceaume and Christophe Bisi\`{e}re and Matthieu Bouvard and Quentin Bramas and Catherine Casamatta},
  publisher =	{Schloss Dagstuhl--Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2021/13528},
  URN =		{urn:nbn:de:0030-drops-135286},
  doi =		{10.4230/OASIcs.Tokenomics.2020.6},
  annote =	{Keywords: Bug Bounty, Decentralized platforms, Symbolic-reverse debugging}
}

Keywords: Bug Bounty, Decentralized platforms, Symbolic-reverse debugging
Collection: 2nd International Conference on Blockchain Economics, Security and Protocols (Tokenomics 2020)
Issue Date: 2021
Date of publication: 02.02.2021


DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI