jump to navigation

Fostering Trust through Ethical and Moral Leadership December 17, 2013

Posted by 8237mcraew in Security.
trackback

In front of an audience, in acceptance of a Turing Award, UNIX creator Ken Thompson preceded to provide a brief tutorial on how to insert a Trojan Horse into a system [1].  Thompson did this to drive home a significant point, “You can’t trust code that you did not totally create yourself.”  This is an extremely valuable point, especially in light of the fact that such an intrusion could be caused just as easily by a compiler bug (i.e. unintentional) as by a deliberate attack.  Unfortunately the typical user will never lay eyes on application code.  If you’re using proprietary software, even as an information technology professional, you will not have access to code.  So, how are we then able to apply Thompson’s message to our organization?

The answer is fostering a software development environment of self and peer regulation based on a comprehensive set of moral guidelines.  The Association of Computing Machinery (ACM) produced a Code of Ethics to act as these guidelines.  The ACM Code of Ethics is comprehensive of a set of general moral imperatives, specific professional responsibilities, organizational imperatives, as well as two directives on compliance with the Code [2].  This discussion will focus specifically on general moral imperatives as well as the specific professional responsibilities of computing professionals. This Code is a reflection of the ACMs commitment to the ethical professionalism of every member, to include voting, associate, and student members.

The General Moral Imperatives of the ACM Code of Ethics details eight principles that encompass more than technical parameters.

1. Contribute to society and human well-being.

2. Avoid harm to others.

3. Be honest and trustworthy.

4. Be fair and take action not to discriminate.

5. Honor property rights including copyrights and patent.

6. Give proper credit for intellectual property.

7. Respect the privacy of others.

8. Honor confidentiality.

In addition the Code of Ethics outlined eight principles of Specific Professional Responsibilities.

1.  Strive to achieve the highest quality, effectiveness and dignity in both the process and products of professional work.

2.  Acquire and maintain professional competence.

3. Know and respect existing laws pertaining to professional work.

4. Accept and provide appropriate professional review.

5. Give comprehensive and thorough evaluations of computer systems and their impacts, including analysis of possible risks.

6. Honor contracts, agreements, and assigned responsibilities.

7.  Improve public understanding of computing and its consequences.

8.  Access computing and communication resources only when authorized to do so.

These principles, as outlined by the ACM, present a framework that governs both the social, moral, legal, and technical aspects of computing.  Conversely, members of the ACM are expected to police non-members in accordance with these same principles.   Adhering to these principles ensures a safe environment for users of computational resources and foster trust in the information technology community.

[1] http://cm.bell-labs.com/who/ken/trust.html

[2] http://www.acm.org/about/code-of-ethics/#sect4

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: