The ever-increasing amount of information breaches continues to grow demand for secure software. The Operating System is the foundation of modern computing, while end-users often select the device and are stuck with the Operating System bundled. Lack of security in this foundation will lead to more breaches of trust and privacy. The proposed model will measure the initial security risk via the Operating System's attack surface at release. Two of the most popular closed and open-source releases were tested to validate the model. Through evaluation, the user will be better educated on the security posture of the Operating System of choice, encouraging developers to build in as much security as feasible. In addition, the user gains a better product.

Authors: Fred Rosenberger, Aspen Olmsted

Published in: World Congress on Internet Security (WorldCIS-2021)

• Date of Conference:  7-9 December 2021
• DOI: 10.20533/WorldCIS.2021.0001
• ISBN: 978-1-913572-40-2
• Conference Location: Virtual (London, UK)