An analysis of ethics as foundation of information security in distributed systems

Leiwo, Jussipekka; Heikkuri, S.

doi:10.1109/hicss.1998.654776

Cited by 19 publications

(31 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The socio-anthropological illusion: let's embed technology in a social, moral and legal human context In the area of information systems a perspective is already developing aimed at embedding the information system in a complex socio-cultural environment where there are -on the top of the technical and security layerother layers relative to legal aspects, social interaction, trust, and morality [Har95;Lei96]. For sure this is a correct view.…”

Section: The Illusion Of Control: Security Vs Moralitymentioning

confidence: 99%

Engineering Social Order

Castelfranchi

2000

Lecture Notes in Computer Science

106

View full text Add to dashboard Cite

Abstract. Social Order becomes a major problem in MAS and in computer mediated human interaction. After explaining the notions of Social Order and Social Control, I claim that there are multiple and complementary approaches to Social Order and to its engineering: all of them must be exploited. In computer science one try to solve this problem by rigid formalisation and rules, constraining infrastructures, security devices, etc. I think that a more socially oriented approach is also needed. My point is that Social Control -and in particular decentralised and autonomous Social Control -will be one of the most effective approaches. The framework: Social Order Vs Social ControlThis is an introductory paper. I mean that I will not propose any solution to the problem of social order in engineering cybersocieties: neither theoretical solutions and even less practical solutions. I want just to contribute to circumscribe and clarify the problem, identify relevant issues and discuss some notions for a possible ontology in this domain. I take a cognitive and social perspective, however I claim that this is relevant not only for the new born computational social sciences, but for networked society and MAS. There is a dialectic relationship: on the one hand, in MAS and cybersocieties we should be inspired by human social phenomena, on the other hand, by computationally modelling social phenomena we should provide a better understanding of them. In particular I try to understand what Social Order 2 is, and to describe different approaches to and strategies for Social Order, with special attention to Social Control and its means. Since the agents (either human or artificial) are relatively autonomous, act in an open world, on the basis of their subjective and limited points of view and for their own interests or goals, Social Order is a problem. There is no possibility of application for a predetermined, "hardwired" or designed social order. Social order has to be continuously restored and adjusted, dynamically produced by and through the action of the agents themselves; this is why Social Control is necessary. There are multiple and complementary approaches to Social Order and to its engineering: all of them must be exploited. In computer science one try to solve this problem by rigid formalisation and rules, constraining infrastructures, security devices, etc. I think that a more socially oriented approach is also needed. My point is that Social Control -and in particular decentralised and autonomous Social Control -will be one of the most effective approaches. The Big Problem: Apocalypse nowI feel that the main trouble of infosocieties, distributed computing, Agent-based paradigm, etc. will be -quite soon-that of the "social order" in the virtual or in artificial society, in the net, in MASs. Currently the problem is mainly perceived in terms of "security", and in terms of crisis, breakdowns, and traffic, but it is more general. The problem is how to obtaining from local design and programming, and from local actions, inter...

show abstract

Section: The Illusion Of Control: Security Vs Moralitymentioning

confidence: 99%

Engineering Social Order

Castelfranchi

2000

Lecture Notes in Computer Science

106

View full text Add to dashboard Cite

show abstract

“…It may also be useful to describe the process that employees should follow if they foresee that the same deviation of guidelines will become a regular occurrence or when they believe that the same ethical decision may have to be made by other employees as well. This is similar to what Leiwo and Heikkuri (1998) have called ethics negotiation in their paper on security of distributed systems. Ethical decision making is not possible if the acceptable use policy does not clearly state its security objectives.…”

Section: Encouraging Ethical Decision Makingmentioning

confidence: 72%

“…According to Leiwo and Heikkuri (1998), the use of ethics in information systems and information security has two purposes: to identify criteria between good and bad and to promote good desires over bad ones.…”

Section: Ethics and Security Policiesmentioning

confidence: 99%

Ethical decision making: Improving the quality of acceptable use policies

Ruighaver

Maynard

Warren

2010

Computers & Security

View full text Add to dashboard Cite

“…Both grey hats and white hats have the intention to find the vulnerabilities before a black hat (a malicious hacker) finds them. Despite grey hats undertaking their endeavours in the absence of consent, they argue that their actions are warranted as they contribute to a safer cyber environment for all by making it more difficult for black hats to successfully attack businesses for financial, political or other malicious purposes (Leiwo and Heikkuri 1998). A discussion in the ethical literature questions whether grey hats actions are ethical (Leiwo and Heikkuri 1998;Brey 2007;McReynolds 2015).…”

Section: Gaps In the Literature On Ethics And Cybersecuritymentioning

confidence: 99%

“…They tend to use their skills for malicious and illegal purposes (Radziwill et al 2015). Black hats also believe in the more traditional hacker ethic that all information should be free and unlimited (Leiwo and Heikkuri 1998). This notion goes against the very idea of intellectual property as it suggests that individuals could and should not be able to benefit from information considered valuable (Brey 2007).…”

Section: Competitorsmentioning

confidence: 99%

A Care-Based Stakeholder Approach to Ethics of Cybersecurity in Business

Morgan

Gordijn

2020

The International Library of Ethics, Law and Technology

View full text Add to dashboard Cite

This chapter focuses on ethical issues in cybersecurity in business. It first sketches the main ethical issues discussed in the academic literature thus far. Next, it identifies some important topics that have not yet received the attention they deserve. The chapter then focuses on one of those topics, ransomware attacks, one of the most prevalent cybersecurity threats to businesses today. It provides a brief overview of the main types of ransomware attacks and discusses businesses' responsibilities to their stakeholders to respond to them. Daniel Engster's care-based stakeholder approach is used to assess the responsibilities that businesses have to their stakeholders. The analysis involves establishing who counts as a stakeholder when a ransomware attack occurs and what the stakeholders' interests might be. Based on stakeholders' interests, the analysis concludes on whether businesses have an ethical responsibility to their stakeholders to (1) respond to grey hat demands by patching identified vulnerabilities within the given timeframe and (2) respond to black hat demands by paying the ransom.Due to the uptake of information and communication technology (ICT) in the business sector, the value of information has increased. Information is now considered the new oil and as oil brought both prosperity and problems, so too does information. Prosperity emanates from the fact that businesses can utilise ICT to reduce costs and increase efficiency by providing round-the-clock availability of both information and services to customers. In providing that availability, problems arise. If information is constantly available, this means that it is constantly vulnerable to an attack. This trade-off between providing availability and securing

show abstract

An analysis of ethics as foundation of information security in distributed systems

Cited by 19 publications

References 8 publications

Engineering Social Order

Engineering Social Order

Ethical decision making: Improving the quality of acceptable use policies

A Care-Based Stakeholder Approach to Ethics of Cybersecurity in Business

Contact Info

Product

Resources

About