The Impact of Ethical Regulation and Developer Reputation Scoring on Information Security Professionalism Practice

Journal Title
Journal ISSN
Volume Title
We consider the forces of ethical regulation and developer licensing in a software liability attribution regime as two factors that may influence the information security discipline. We conduct investigations that serve to provide insight into how these forces may play out in a regulatory environment of the future. Our first investigation entails a broad survey of ethical policies governing information security courses, and thus, the student trainee experience. We demonstrate the feasibility of fusing current divergent ethical policies into a standard policy on information security. Accordingly, we derive an ethical policy prototype that is based on the common elements of 329 different ethical policies. In our second investigation, we demonstrate a model for determining security reputation scores for individual software developers based on historical introduction of security bugs into source code. We employ information on 1,119 security bugs to compute developer reputation scores across 9 open source software development projects.
Computer Science
Chukuka, B. (2016). The Impact of Ethical Regulation and Developer Reputation Scoring on Information Security Professionalism Practice (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from doi:10.11575/PRISM/28180