Please use this identifier to cite or link to this item:
|Title:||The Impact of Ethical Regulation and Developer Reputation Scoring on Information Security Professionalism Practice|
|Abstract:||We consider the forces of ethical regulation and developer licensing in a software liability attribution regime as two factors that may influence the information security discipline. We conduct investigations that serve to provide insight into how these forces may play out in a regulatory environment of the future. Our first investigation entails a broad survey of ethical policies governing information security courses, and thus, the student trainee experience. We demonstrate the feasibility of fusing current divergent ethical policies into a standard policy on information security. Accordingly, we derive an ethical policy prototype that is based on the common elements of 329 different ethical policies. In our second investigation, we demonstrate a model for determining security reputation scores for individual software developers based on historical introduction of security bugs into source code. We employ information on 1,119 security bugs to compute developer reputation scores across 9 open source software development projects.|
|Appears in Collections:||Electronic Theses|
Files in This Item:
|ucalgary_2015_chukuka_benedict.pdf||Thesis file - main article||951.16 kB||Adobe PDF||View/Open|
Items in The Vault are protected by copyright, with all rights reserved, unless otherwise indicated.