Issue No. 04 - July-Aug. (2011 vol. 9)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.199
David Dittrich , University of Washington
Michael Bailey , University of Michigan
Sven Dietrich , Stevens Institute of Technology
The Declaration of Helsinki and Belmont Report motivated the growth of bioethics alongside traditional biomedical research. Unfortunately, no equivalently active ethics discipline has paralleled the growth of computer security research, where serious ethical challenges are regularly raised by studies of increasingly sophisticated security threats (such as worms, botnets, and phishing). In this absence, program committees and funding agencies routinely must judge the acceptability of research studies. Such judgments are often difficult because of a lack of community consensus on ethical standards, disagreement about who should enforce standards and how, and limited experience applying ethical decision-making methods. This article motivates the need for such a community, touching on the extensive field of ethical decision making, examining existing ethical guidelines and enforcement mechanisms used by the computer security research community, and calling the community to joint action to address this broad challenge.
ethics, computer security, computer network security, professional societies, computer crime, technology social factors
D. Dittrich, M. Bailey and S. Dietrich, "Building an Active Computer Security Ethics Community," in IEEE Security & Privacy, vol. 9, no. , pp. 32-40, 2011.