情报杂志2025,Vol.44Issue(7):77-84,94,9.DOI:10.3969/j.issn.1002-1965.2025.07.011
美国漏洞披露机制化协同:动因、策略与镜鉴
U.S.Vulnerability Disclosure Mechanization Collaboration:Motivation,Strategy and Mirror
摘要
Abstract
[Research purpose]The disclosure of cybersecurity vulnerabilities is an important means to effectively alleviate the imbalance between attack and defense and reduce risks.The United States has a well-established mechanism for managing the disclosure of cyberse-curity vulnerabilities.Focusing on the evolution of the U.S.vulnerability disclosure model and its management of cybersecurity vulnerabil-ity disclosure is significant for improving China's vulnerability disclosure mechanism.[Research method]Through analysis,case stud-ies,and comparative research,we have delved into the motivations and strategies behind the mechanization of vulnerability disclosure co-ordination in the United States.[Research result/conclusion]The motivation for the mechanization of vulnerability disclosure coordina-tion in the United States is to overcome the drawbacks of responsible disclosure and loose coordination disclosure,as well as the reality of changes in the landscape of vulnerability disclosure,and the politicization and weaponization of vulnerabilities.Its strategy includes enhan-cing regulations,facilitating channels,unifying standards,combining rewards and punishments,and seeking a comprehensive balance.These strategies can provide a reference for improving China's vulnerability disclosure systems.关键词
漏洞披露/负责任披露/松散化协同/机制化协同/网络攻击/国家安全Key words
vulnerability disclosure/responsible disclosure/loose coordination/mechanized coordination/cyber attack/national security分类
信息技术与安全科学引用本文复制引用
常宇豪..美国漏洞披露机制化协同:动因、策略与镜鉴[J].情报杂志,2025,44(7):77-84,94,9.基金项目
教育部人文社会科学研究青年基金项目"公共安全治理视域下的个人信息保护研究"(编号:23XJCZH001) (编号:23XJCZH001)
重庆市社会科学规划青年项目"重庆智慧城市建设中的物联网安全风险治理研究"(编号:2024NDQN057)研究成果. (编号:2024NDQN057)
