EEMCS
Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Sitemap
 Search
 Organisation

EEMCS EPrints Service


16399 Vulnerabilities and responsibilities: dealing with monsters in computer security
 Home Policy Brochure Browse Search User Area Contact Help

Pieters, W. and Consoli, L. (2009) Vulnerabilities and responsibilities: dealing with monsters in computer security. Journal of information, communication and ethics in society, 7 (4). pp. 243-257. ISSN 1477-996X

Full text available as:

PDF
 - Univ. of Twente only - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
93 Kb

Official URL: http://dx.doi.org/10.1108/14779960911004499

Exported to Metis

Abstract

Purpose – The purpose of this paper is to analyze information security assessment in terms of
cultural categories and virtue ethics, in order to explain the cultural origin of certain types of security
vulnerabilities, as well as to enable a proactive attitude towards preventing such vulnerabilities.

Design/methodology/approach – Vulnerabilities in information security are compared to the
concept of “monster? introduced by Martijntje Smits in philosophy of technology. The applicability of
different strategies for dealing with monsters to information security is discussed, and the strategies
are linked to attitudes in virtue ethics.

Findings – It is concluded that the present approach can form the basis for dealing proactively with
unknown future vulnerabilities in information security.

Research limitations/implications – The research presented here does not define a stepwise
approach for implementation of the recommended strategy in practice. This is future work.

Practical implications – The results of this paper enable computer experts to rethink their attitude
towards security threats, thereby reshaping their practices.

Originality/value – This paper provides an alternative anthropological framework for descriptive
and normative analysis of information security problems, which does not rely on the objectivity of risk.

Item Type:Article
Research Group:EWI-DIES: Distributed and Embedded Security, EWI-IS: Information Systems
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:VISPER: The VIrtual Security PERimeter for digital, physical, and organisational security
Uncontrolled Keywords:Data security, Culture, Ethics
ID Code:16399
Status:Published
Deposited On:28 October 2009
Refereed:Yes
International:Yes
More Information:statisticsmetis

Export this item as:

To request a copy of the PDF please email us request copy

To correct this item please ask your editor

Repository Staff Only: edit this item