Authentication in public open-source repositories

This project focuses on user authentication in public repositories containing open-source projects, which are then used by commercial companies (e.g. Red Hat) as a source for their internally maintained repositories.

The goal of this project is to identify if users take advantage of more secure authentication methods in these projects to mitigate common risks and what key users (contributors) perceive as benefits of more secure authentication. A mapping which methods these platforms provide to their users and which of them are actually used is included as well.

These goals will be achieved via quantitative survey and qualitative interviews with open source contributors.

The main output from the qauntitative survey will be contributors perception of authentication methods, self-reported authentication behavior and its predictors. The main output from qualitative interviews will be a perception model of the importance of better authentication for repositories containing source code in Red Hat.

Results will be described in a technical report published in Red Hat Research Quarterly.


Research Area(s)

Project Resources