{"id":"https://openalex.org/W3214080331","doi":"https://doi.org/10.1109/access.2021.3126401","title":"Automated Responsible Disclosure of Security Vulnerabilities","display_name":"Automated Responsible Disclosure of Security Vulnerabilities","publication_year":2021,"publication_date":"2021-11-08","ids":{"openalex":"https://openalex.org/W3214080331","doi":"https://doi.org/10.1109/access.2021.3126401","mag":"3214080331"},"language":"en","primary_location":{"id":"doi:10.1109/access.2021.3126401","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2021.3126401","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2021.3126401","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5021082744","display_name":"Andrea Lisi","orcid":"https://orcid.org/0000-0002-4713-989X"},"institutions":[{"id":"https://openalex.org/I108290504","display_name":"University of Pisa","ror":"https://ror.org/03ad39j10","country_code":"IT","type":"education","lineage":["https://openalex.org/I108290504"]},{"id":"https://openalex.org/I4210107558","display_name":"Consorzio Pisa Ricerche","ror":"https://ror.org/01t0n3b84","country_code":"IT","type":"facility","lineage":["https://openalex.org/I4210107558"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Andrea Lisi","raw_affiliation_strings":["Department of Computer Science, University of Pisa, Largo B. Pontecorvo 3, 56127, Pisa, Italy and Consiglio Nazionale delle Ricerche-IIT, Via G. Moruzzi 1, 56124, Pisa, Italy. (e-mail: andrea.lisi@phd.unipi.it)","of , University of , , - ,"],"raw_orcid":"https://orcid.org/0000-0002-4713-989X","affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Pisa, Largo B. Pontecorvo 3, 56127, Pisa, Italy and Consiglio Nazionale delle Ricerche-IIT, Via G. Moruzzi 1, 56124, Pisa, Italy. (e-mail: andrea.lisi@phd.unipi.it)","institution_ids":["https://openalex.org/I4210107558","https://openalex.org/I108290504"]},{"raw_affiliation_string":"of , University of , , - ,","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071890587","display_name":"Prateeti Mukherjee","orcid":"https://orcid.org/0000-0002-2129-4744"},"institutions":[{"id":"https://openalex.org/I9927081","display_name":"Aalto University","ror":"https://ror.org/020hwjq30","country_code":"FI","type":"education","lineage":["https://openalex.org/I9927081"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Prateeti Mukherjee","raw_affiliation_strings":["Department of Communications and Networking, School of Electrical Engineering, Aalto University, PL 15600, 00076 Aalto, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Communications and Networking, School of Electrical Engineering, Aalto University, PL 15600, 00076 Aalto, Finland","institution_ids":["https://openalex.org/I9927081"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102783100","display_name":"Laura De Santis","orcid":"https://orcid.org/0009-0008-7403-2765"},"institutions":[{"id":"https://openalex.org/I131729948","display_name":"University of Salerno","ror":"https://ror.org/0192m2k53","country_code":"IT","type":"education","lineage":["https://openalex.org/I131729948"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Laura De Santis","raw_affiliation_strings":["Department of industrial engineering, University of Salerno, Via Giovanni Paolo II 132, 84084, Fisciano (SA), Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of industrial engineering, University of Salerno, Via Giovanni Paolo II 132, 84084, Fisciano (SA), Italy","institution_ids":["https://openalex.org/I131729948"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101437624","display_name":"Lei Wu","orcid":"https://orcid.org/0000-0002-9649-613X"},"institutions":[{"id":"https://openalex.org/I9927081","display_name":"Aalto University","ror":"https://ror.org/020hwjq30","country_code":"FI","type":"education","lineage":["https://openalex.org/I9927081"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Lei Wu","raw_affiliation_strings":["Department of Communications and Networking, School of Electrical Engineering, Aalto University, PL 15600, 00076 Aalto, Finland"],"raw_orcid":"https://orcid.org/0000-0002-9649-613X","affiliations":[{"raw_affiliation_string":"Department of Communications and Networking, School of Electrical Engineering, Aalto University, PL 15600, 00076 Aalto, Finland","institution_ids":["https://openalex.org/I9927081"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031508978","display_name":"Dmitrij Lagutin","orcid":"https://orcid.org/0000-0002-5695-3201"},"institutions":[{"id":"https://openalex.org/I9927081","display_name":"Aalto University","ror":"https://ror.org/020hwjq30","country_code":"FI","type":"education","lineage":["https://openalex.org/I9927081"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Dmitrij Lagutin","raw_affiliation_strings":["Department of Communications and Networking, School of Electrical Engineering, Aalto University, PL 15600, 00076 Aalto, Finland"],"raw_orcid":"https://orcid.org/0000-0002-5695-3201","affiliations":[{"raw_affiliation_string":"Department of Communications and Networking, School of Electrical Engineering, Aalto University, PL 15600, 00076 Aalto, Finland","institution_ids":["https://openalex.org/I9927081"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5022080206","display_name":"Yki Kortesniemi","orcid":"https://orcid.org/0000-0003-2812-3435"},"institutions":[{"id":"https://openalex.org/I9927081","display_name":"Aalto University","ror":"https://ror.org/020hwjq30","country_code":"FI","type":"education","lineage":["https://openalex.org/I9927081"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Yki Kortesniemi","raw_affiliation_strings":["Department of Communications and Networking, School of Electrical Engineering, Aalto University, PL 15600, 00076 Aalto, Finland"],"raw_orcid":"https://orcid.org/0000-0003-2812-3435","affiliations":[{"raw_affiliation_string":"Department of Communications and Networking, School of Electrical Engineering, Aalto University, PL 15600, 00076 Aalto, Finland","institution_ids":["https://openalex.org/I9927081"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5021082744"],"corresponding_institution_ids":["https://openalex.org/I108290504","https://openalex.org/I4210107558"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1483,"currency":"EUR","value_usd":1599},"fwci":0.8532,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.80417203,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"10","issue":null,"first_page":"10472","last_page":"10489"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9853000044822693,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7380725145339966},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7211464047431946},{"id":"https://openalex.org/keywords/transparency","display_name":"Transparency (behavior)","score":0.6523787975311279},{"id":"https://openalex.org/keywords/intimidation","display_name":"Intimidation","score":0.6325249075889587},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5359474420547485},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.5090567469596863},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.5020425319671631},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.48779112100601196},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.46581530570983887},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4502408802509308},{"id":"https://openalex.org/keywords/public-disclosure","display_name":"Public disclosure","score":0.43230587244033813},{"id":"https://openalex.org/keywords/forcing","display_name":"Forcing (mathematics)","score":0.4235360324382782},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.35446274280548096},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.3171250820159912},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.19804677367210388},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.15092116594314575}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7380725145339966},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7211464047431946},{"id":"https://openalex.org/C2780233690","wikidata":"https://www.wikidata.org/wiki/Q535347","display_name":"Transparency (behavior)","level":2,"score":0.6523787975311279},{"id":"https://openalex.org/C2781164112","wikidata":"https://www.wikidata.org/wiki/Q3858303","display_name":"Intimidation","level":2,"score":0.6325249075889587},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5359474420547485},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5090567469596863},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.5020425319671631},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.48779112100601196},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.46581530570983887},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4502408802509308},{"id":"https://openalex.org/C2776305056","wikidata":"https://www.wikidata.org/wiki/Q7257723","display_name":"Public disclosure","level":2,"score":0.43230587244033813},{"id":"https://openalex.org/C197115733","wikidata":"https://www.wikidata.org/wiki/Q1003136","display_name":"Forcing (mathematics)","level":2,"score":0.4235360324382782},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.35446274280548096},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.3171250820159912},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.19804677367210388},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.15092116594314575},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C49204034","wikidata":"https://www.wikidata.org/wiki/Q52139","display_name":"Climatology","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/access.2021.3126401","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2021.3126401","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:aaltodoc.aalto.fi:123456789/113196","is_oa":true,"landing_page_url":"https://research.aalto.fi/en/publications/89ac8855-1feb-4cb1-8baf-6946964d7ee9","pdf_url":null,"source":{"id":"https://openalex.org/S4306401662","display_name":"Aaltodoc (Aalto University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I9927081","host_organization_name":"Aalto University","host_organization_lineage":["https://openalex.org/I9927081"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"publishedVersion"},{"id":"pmh:oai:doaj.org/article:7c372615b8584074925c63eb326e2578","is_oa":true,"landing_page_url":"https://doaj.org/article/7c372615b8584074925c63eb326e2578","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 10, Pp 10472-10489 (2022)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2021.3126401","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2021.3126401","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7799999713897705,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G1789401168","display_name":null,"funder_award_id":"779984","funder_id":"https://openalex.org/F4320332999","funder_display_name":"Horizon 2020 Framework Programme"}],"funders":[{"id":"https://openalex.org/F4320332999","display_name":"Horizon 2020 Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":39,"referenced_works":["https://openalex.org/W196938591","https://openalex.org/W1988699025","https://openalex.org/W2004164516","https://openalex.org/W2030307969","https://openalex.org/W2040968496","https://openalex.org/W2047651869","https://openalex.org/W2120197657","https://openalex.org/W2162373348","https://openalex.org/W2413088062","https://openalex.org/W2537494900","https://openalex.org/W2604844934","https://openalex.org/W2620904645","https://openalex.org/W2623796653","https://openalex.org/W2765923635","https://openalex.org/W2766800499","https://openalex.org/W2772409456","https://openalex.org/W2895400994","https://openalex.org/W2920932783","https://openalex.org/W2941724816","https://openalex.org/W2958290437","https://openalex.org/W2959089217","https://openalex.org/W2962718239","https://openalex.org/W2963264685","https://openalex.org/W2967244362","https://openalex.org/W3012523068","https://openalex.org/W3015392158","https://openalex.org/W3031945519","https://openalex.org/W3034459010","https://openalex.org/W3040244795","https://openalex.org/W3065831858","https://openalex.org/W3131435556","https://openalex.org/W3211157102","https://openalex.org/W4248175462","https://openalex.org/W4248837119","https://openalex.org/W4249025681","https://openalex.org/W4300127641","https://openalex.org/W4389139897","https://openalex.org/W6743909895","https://openalex.org/W6784197138"],"related_works":["https://openalex.org/W2511770387","https://openalex.org/W3120811337","https://openalex.org/W2047479118","https://openalex.org/W2120675930","https://openalex.org/W2062583373","https://openalex.org/W2123016006","https://openalex.org/W114061091","https://openalex.org/W3183415891","https://openalex.org/W2135162953","https://openalex.org/W2091957527"],"abstract_inverted_index":{"The":[0],"disclosure":[1,23,53,111,153],"of":[2,43,88,132,140],"security":[3,44],"vulnerabilities":[4],"plays":[5],"an":[6,85],"important":[7],"role":[8],"in":[9,17,51,71,145],"notifying":[10],"vendors":[11,70],"and":[12,55,76,105,118,129,148],"the":[13,21,25,46,52,57,72,89,110,130,133,142],"public":[14],"about":[15],"flaws":[16],"digital":[18],"systems.":[19],"Among":[20],"proposed":[22],"approaches,":[24],"most":[26],"utilized":[27],"is":[28,138],"Responsible":[29,90,95],"Disclosure,":[30],"which":[31,65],"unfortunately":[32],"suffers":[33],"from":[34],"several":[35],"disadvantages":[36],"such":[37],"as":[38,126],"fostering":[39,149],"a":[40,60,99],"false":[41],"sense":[42],"among":[45],"end-users,":[47],"allowing":[48],"arbitrary":[49],"delays":[50],"process,":[54],"forcing":[56],"party":[58],"reporting":[59],"vulnerability":[61,152],"to":[62,108],"identify":[63],"themselves,":[64],"has":[66,123],"been":[67,124],"exploited":[68],"by":[69],"past":[73],"through":[74],"intimidation":[75],"malpractice.":[77],"To":[78],"address":[79],"these":[80],"issues,":[81],"this":[82],"paper":[83],"presents":[84],"improved":[86],"version":[87],"Disclosure":[91,96],"approach":[92],"called":[93],"Automated":[94],"(ARD)":[97],"-":[98],"solution":[100,134],"that":[101,136],"leverages":[102],"distributed":[103],"ledgers":[104],"interledger":[106],"technologies":[107],"automate":[109],"process":[112],"while":[113],"offering":[114],"increased":[115],"security,":[116],"privacy,":[117],"transparency.":[119],"A":[120],"prototype":[121],"implementation":[122],"released":[125],"open-source":[127],"software,":[128],"evaluation":[131],"shows":[135],"ARD":[137],"capable":[139],"addressing":[141],"key":[143],"shortcomings":[144],"existing":[146],"solutions":[147],"more":[150],"transparent":[151],"practices.":[154]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}