Agents of responsibility in software vulnerability processes

Ethics and Information Technology 6 (2):93-110 (2004)
Modern software is infested with flaws having information security aspects. Pervasive computing has made us and our society vulnerable. However, software developers do not fully comprehend what is at stake when faulty software is produced and flaws causing security vulnerabilites are discovered. To address this problem, the main actors involved with software vulnerability processes and the relevant roles inside these groups are identified. This categorisation is illustrated through a fictional case study, which is scrutinised in the light of ethical codes of professional software engineers and common principles of responsibility attribution. The focus of our analysis is on the acute handling of discovered vulnerabilities in software, including reporting, correcting and disclosing these vulnerabilities. We recognise a need for guidelines and mechanisms to facilitate further improvement in resolving processes leading to and in handling software vulnerabilities. In the spirit of disclosive ethics we call for further studies of the complex issues involved.
Keywords information security   professional ethics   security evaluation   software development   software testing   software vulnerability
Categories (categorize this paper)
DOI 10.1007/s10676-004-1266-3
 Save to my reading list
Follow the author(s)
My bibliography
Export citation
Find it on Scholar
Edit this record
Mark as duplicate
Revision history
Request removal from index
Download options
Our Archive

Upload a copy of this paper     Check publisher's policy     Papers currently archived: 25,767
Through your library
References found in this work BETA
What is Computer Ethics?James H. Moor - 1985 - Metaphilosophy 16 (4):266-275.

Add more references

Citations of this work BETA
Software Vulnerability Due to Practical Drift.Christian V. Lundestad & Anique Hommels - 2007 - Ethics and Information Technology 9 (2):89-100.
Ethical EU eJustice: Elusive or Illusionary?Juliet Lodge - 2006 - Journal of Information, Communication and Ethics in Society 4 (3):131-144.

Add more citations

Similar books and articles

Monthly downloads

Added to index


Total downloads

19 ( #249,327 of 2,146,925 )

Recent downloads (6 months)

1 ( #385,507 of 2,146,925 )

How can I increase my downloads?

My notes
Sign in to use this feature

There  are no threads in this forum
Nothing in this forum yet.

Other forums