This thesis intends to examine the vulnerability disclosure debate pertaining to the Internet as one of America�s critical national infrastructures. Specifically, it will provide an objective scholarly assessment of the topic and critically dissect the key actors, interests, and influences that have precluded the development of a standardized framework for information-sharing activities regarding Internet vulnerabilities. By ascertaining the effectiveness of both perspectives, this thesis will provide both critical commentary on the topic and, more importantly, serve as a significant contribution to the eventual resolution of this most serious source of contention within the internet and critical infrastructure protection communities, from both practical and policy-based perspectives.
1. How vulnerabilities are analyzed, understood and managed throughout the vulnerability lifecycle process.
2. The ways that the critical infrastructure security community interact to exchange security-related information and the outcome of such interactions to date.
3. The nature of and influences upon collaboration and information-sharing within the critical infrastructure protection community, particularly those handling internet security concerns.
4. The relationship between secrecy and openness in providing and exchanging security-related information.