Conceptual engineering is thought to face an ‘implementation challenge’: the challenge of securing uptake of engineered concepts. But is the fact that implementation is challenging really a defect to be overcome? What kind of picture of political life would be implied by making engineering easy to implement? We contend that the ambition to obviate the implementation challenge goes against the very idea of liberal democratic politics. On the picture we draw, the implementation challenge can be overcome by institutionalizing (...) control over conceptual uptake, and there are contexts—such as professions that depend on coordinated conceptual innovation—in which there are good reasons to institutionalize control in this fashion. But the liberal fear of this power to control conceptual uptake ending up in the wrong hands, combined with the democratic demand for freedom of thought as a precondition of genuine consent, yields a liberal democratic rationale for keeping implementation challenging. (shrink)

The public interest should be a central ethical concern of members of the computer profession, and this would also result in the social status and power of software engineers being augmented. One attractive means to encourage and enforce ethical standards on the part of engineers and employers would be a system of licensing by internationally recognised professional bodies whose legitimacy stems from their capacity to act in the public interest. The author is Senior Lecturer in the Department of Computer Science, (...) School of Applied Sciences, Anglia Polytechnic University, East Road, Cambridge CB1 1PT, England; email [email protected] or [email protected]. (shrink)

Laws set requirements that force organizations to assess the security and privacy of their IT systems and impose them to implement minimal precautionary security measures. Several IT solutions (e.g., Privacy Enhancing Technologies, Access Control Infrastructure, etc.) have been proposed to address security and privacy issues. However, understanding why, and when such solutions have to be adopted is often unanswered because the answer comes only from a broader perspective, accounting for legal and organizational issues. Security engineers and (...) legal experts should analyze the business goals of a company and its organizational structure and derive from there the points where security and privacy problems may arise and which solutions best fit such (legal) problems. The paper investigates the methodological support for capturing security and privacy requirements of a concrete health care provider. (shrink)

In Risk Management, security issues arise from complex relations among objects and agents, their capabilities and vulnerabilities, the events they are involved in, and the value and risk they ensue to the stakeholders at hand. Further, there are patterns involving these relations that crosscut many domains, ranging from information security to public safety. Understanding and forming a shared conceptualization and vocabulary about these notions and their relations is fundamental for modeling the corresponding scenarios, so that proper security (...) countermeasures can be devised. Ontologies are instruments developed to address these conceptual clarification and terminological systematization issues. Over the years, several ontologies have been proposed in Risk Management and Security Engineering. However, as shown in recent literature, they fall short in many respects, including generality and expressivity - the latter impacting on their interoperability with related models. We propose a Reference Ontology for Security Engineering (ROSE) from a Risk Treatment perspective. Our proposal leverages on two existing Reference Ontologies: the Common Ontology of Value and Risk and a Reference Ontology of Prevention, both of which are grounded on the Unified Foundational Ontology (UFO). ROSE is employed for modeling and analysing some cases, in particular providing clarification to the semantically overloaded notion of Security Mechanism. (shrink)

The public interest should be a central ethical concern of members of the computer profession, and this would also result in the social status and power of software engineers being augmented. One attractive means to encourage and enforce ethical standards on the part of engineers and employers would be a system of licensing by internationally recognised professional bodies whose legitimacy stems from their capacity to act in the public interest. The author is Senior Lecturer in the Department of Computer Science, (...) School of Applied Sciences, Anglia Polytechnic University, East Road, Cambridge CB1 1PT, England; email [email protected] or [email protected]. (shrink)

Enterprise Risk Management involves the process of identification, evaluation, treatment, and communication regarding risks throughout the enterprise. To support the tasks associated with this process, several frameworks and modeling languages have been proposed, such as the Risk and Security Overlay (RSO) of ArchiMate. An ontological investigation of this artifact would reveal its adequacy, capabilities, and limitations w.r.t. the domain of risk and security. Based on that, a language redesign can be proposed as a refinement. Such analysis and redesign (...) have been executed for the risk elements of the RSO grounded in the Common Ontology of Value and Risk. The next step along this line of research is to address the following research problems: What would be the outcome of an ontological analysis of security-related elements of the RSO? That is, can we identify other semantic deficiencies in the RSO through an ontological analysis? Once such an analysis is provided, can we redesign the security elements of the RSO accordingly, in order to produce an improved artifact? Here, with the aid of the Reference Ontology for Security Engineering (ROSE) and the ontological theory of prevention behind it, we address the remaining gap by proceeding with an ontological analysis of the security-related constructs of the RSO. The outcome of this assessment is an ontology-based redesign of the ArchiMate language regarding security modeling. In a nutshell, we report the following contributions: (1) an ontological analysis of the RSO that identifies six limitations concerning security modeling; (2) because of the key role of the notion of prevention in security modeling, the introduction of the ontological theory of prevention in ArchiMate; (3) a well-founded redesign of security elements of ArchiMate; and (4) ontology-based security modeling patterns that are logical consequences of our proposal of redesign due to its underlying ontology of security. As a form of evaluation, we show that our proposal can describe risk treatment options, according to ISO 31000. Finally, besides presenting multiple examples, we proceed with a real-world illustrative application taken from the cybersecurity domain. (shrink)

Moving away from simple data sharing within the science community towards cross-organizational collaboration scenarios significantly increased challenges related to security and privacy. They need to be addressed in order to make cross-organizational applications such as collaborative working environments a business proposition within communities such as eHealth, construction or manufacturing. Increasingly distributed scenarios where many different types of services need to be combined in order to implement semantically enriched business processes demand new approaches to security within such dynamic Virtual (...) Organizations. The allocation of access rights need to be possible in an easy and controlled way in order to allow inexperienced users to maintain the information and ensure compliance e.g. with legal and privacy related regulations. In this paper the focus is how security concepts originating from the Grid domain have been applied for collaborative working environments. The chosen scenarios are a Virtual Laboratory for Infectious Diseases (ViroLab) and different collaborative environments from the engineering domain as defined within the CoSpaces project. The requirements from these scenarios are analyzed and a security model enabling such dynamic, secure and trustworthy collaborations is presented. (shrink)

Conceptual engineering is the method for assessing and improving our representational devices. On its ‘broad-spectrum’ version, it is expected to be appropriately applicable to any of our representation-involving cognitive activities, with major consequences for our whole cognitive life. This paper is about the theoretical foundations of conceptual engineering thus characterised. With a view to ensuring the actionability of conceptual engineering as a broad-spectrum method, it addresses the issue of how best to construe the subject matter of conceptual (...) engineering and successively defends the theses that conceptual engineering should be: (i) About concepts, (ii) psychologically theorised, (iii) as multiply realised functional kinds. Thereby, I claim to theoretically secure and justify the maximum scope, flexibility, and impact for the method of conceptual engineering on our representational devices in our whole cognitive life—in other words, a broad-spectrum version of conceptual engineering. (shrink)

Conceptual engineering is the method for assessing and improving our representational devices. On its ‘broad‐spectrum’ version, it is expected to be appropriately applicable to any of our representation‐involving cognitive activities, with major consequences for our whole cognitive life. This paper is about the theoretical foundations of conceptual engineering thus characterised. With a view to ensuring the actionability of conceptual engineering as a broad‐spectrum method, it addresses the issue of how best to construe the subject matter of conceptual (...) engineering and successively defends the theses that conceptual engineering should be: (i) About concepts, (ii) psychologically theorised, (iii) as multiply realised functional kinds. Thereby, I claim to theoretically secure and justify the maximum scope, flexibility, and impact for the method of conceptual engineering on our representational devices in our whole cognitive life—in other words, a broad‐spectrum version of conceptual engineering. (shrink)

Public consumption of artificial intelligence (AI) technologies has been rarely investigated from the perspective of data surveillance and security. We show that the technology acceptance model, when properly modified with security and surveillance fears about AI, builds an insight on how individuals begin to use, accept, or evaluate AI and its automated decisions. We conducted two studies, and found positive roles of perceived ease of use (PEOU) and perceived usefulness (PU). AI security concern, however, negatively affected PEOU (...) and PU, resulting in less acceptance of AI—(1) use, (2) preference, and (3) participation. AI surveillance concern also had negative effects on the credibility of AI and its recommendations. We integrated extant literature on socio-demographic differences, providing an insight on how AI acceptance is based on one’s rationality regarding (1) technological risks (security/surveillance) and (2) benefits (PEOU/PU) as well as other contextual factors of socio-demographics. (shrink)

Carnap and Goodman developed methods of conceptual re-engineering known respectively as explication and reflective equilibrium. These methods aim at advancing theories by developing concepts that are simultaneously guided by pre-existing concepts and intended to replace these concepts. This paper shows that Carnap’s and Goodman’s methods are historically closely related, analyses their structural interconnections, and argues that there is great systematic potential in interpreting them as aspects of one method, which ultimately must be conceived as a component of theory development. (...) The main results are: an adequate method of conceptual re-engineering must focus not on individual concepts but on systems of concepts and theories; the linear structure of Carnapian explication must be replaced by a process of mutual adjustments as described by Goodman; Carnap’s condition of similarity can be analysed into two components, one securing a relation to the specific extensions of the pre-existing concepts, one regulating the transition to the new system of concepts; these two criteria of adequacy can be built into Goodman’s account of reflective equilibrium to ensure that the resulting concepts promote theoretical virtues while being sufficiently similar to the concepts we started out with. (shrink)

There is an ongoing debate about genetic engineering (GE) in food production. Supporters argue that it makes crops more resilient to stresses, such as drought or pests, and should be considered by researchers as a technology to address issues of global food security, whereas opponents put forward that GE crops serve only the economic interests of transnational agrifood-firms and have not yet delivered on their promises to address food shortage and nutrient supply. To address discourse failure regarding the (...) GE debate, research needs to understand better what drives the divergent positions and which moral attitudes fuel the mental models of GE supporters and opponents. Hence, this study investigates moral attitudes regarding GE opposition and support in Germany. Results show that GE opponents are significantly more absolutist than supporters and significantly less likely to hold outcome-based views. Furthermore, GE opponents are more willing to donate for preventing GE admission than supporters are willing to donate for promoting GE admission. Our results shed light on why the divide between opponents and supporters in the German GE debate could remain stark and stable for so long. (shrink)

Ensuring that their work has a positive influence on society is a responsibility and a privilege for engineers, but also a considerable challenge. This book addresses the ways in which engineers meet this challenge, working from the assumption that for a project to be truly ethical both the undertaking itself and its implementation must be ethically sound. The contributors discuss varied topics from an international and interdisciplinary perspective, including: · robot ethics; · outer space; · international development; · internet privacy (...) and security; · green branding; · arms conversion; · green employment; and · deliberate misinformation about climate change Important questions are answered, such as: · what is meant by engineering ethics and its practical implications; · how decisions made by engineers in their working lives make an impact at the global as well as the local level; and · what ethics-related questions should be asked before making such decisions. Engineering Ethics, International and Environmental Stability will be a valuable resource for practising and student engineers as well as all who are interested in professional ethics, especially as it relates to engineering. Researchers and policy makers concerned with the effects of engineering decisions on environmental sustainability and international stability will find this book to be of special interest. (shrink)

Conceiving new technologies as social experiments is a means to discuss responsible deployment of technologies that may have unknown and potentially harmful side-effects. Thus far, the uncertain outcomes addressed in the paradigm of new technologies as social experiments have been mostly safety-related, meaning that potential harm is caused by the design plus accidental events in the environment. In some domains, such as cyberspace, adversarial agents may be at least as important when it comes to undesirable effects of deployed technologies. In (...) such cases, conditions for responsible experimentation may need to be implemented differently, as attackers behave strategically rather than probabilistically. In this contribution, we outline how adversarial aspects are already taken into account in technology deployment in the field of cyber security, and what the paradigm of new technologies as social experiments can learn from this. In particular, we show the importance of adversarial roles in social experiments with new technologies. (shrink)

Designing security measures often involves trade-offs between various types of objectives. Multiple stakeholders may have conflicting demands and may have different ideas on how to resolve the resulting design conflicts. This paper reports on an application of value-sensitive design. Based on argumentation theory and social values, the paper develops a structured approach for discussing design conflicts, called value-based argumentation. The application domain examined in the paper is concerned with physical safety and security issues that arise in cross-border shipments. (...) We first identify the kinds of dialogues that take place in this domain, in particular, audit dialogues to determine whether security measures comply with regulations. Based on argumentation theory we develop a formal language and a diagramming approach intended to facilitate parties in identifying, discussing and reaching agreement about security risks and corresponding mitigation measures. Trade-offs can be dealt with by making underlying values explicit. Using a stylized example, the approach was successfully taught to practitioners working with EU customs regulations. Practitioners generally found the approach helpful, in particular to bring out implicit underlying motivations. We conclude by discussing how our approach can be generalized to other kinds of dialogues involving design conflicts. (shrink)

The general idea developed in this paper from a sociological perspective is that some of the foundational categories on which the debate about privacy, security and technology rests are blurring. This process is a consequence of a blurring of physical and digital worlds. In order to define limits for legitimate use of intrusive digital technologies, one has to refer to binary distinctions such as private versus public, human versus technical, security versus insecurity to draw differences determining limits for (...) the use of surveillance technologies. These distinctions developed in the physical world and are rooted in a cultural understanding of pre-digital culture. Attempts to capture the problems emerging with the implementation of security technologies using legal reasoning encounter a number of problems since law is by definition oriented backwards, adapting new developments to existing traditions, whereas the intrusion of new technologies in the physical world produces changes and creates fundamentally new problems. (shrink)

Many of the existing ethical analyses of genetic engineering technologies (GET) focus on how they can be used to enhance individuals—to improve individual well-being, health and cognition. There is a gap in the current literature about the specific ways enhancement technologies could be used to improve our populations and species, viewed as a whole. In this paper, I explore how GET may be used to enhance the species through improvements in the gene pool. I argue one aspect of the (...) species that may be desirable to enhance is ‘persistence’ or long-term viability. I then look at some of the ways in which GET could be used to improve human persistence and argue that the use of GET to secure benefits for individuals may compromise persistence. This suggests conflicts between uses of GET to enhance individuals and uses to promote the persistence of the species may occur. As GET are further developed, the likelihood that these conflicts will actually arise, and how we should resolve them if they do, will need to be considered. (shrink)

This study explores the challenge of cyber security threats that e-commerce technology and business are facing. Technology applications for e-commerce are attracting attention from both academia and industry. It has made what was not possible before for the business community and consumers. But it did not come all alone but has brought some challenges, and cyber security challenge is one of them. Cyber security concerns have many forms, but this study focuses on social engineering, denial of (...) services, malware, and attacks on personal data. Firms worldwide spend a lot on addressing cybersecurity issues, which grow each year. However, it seems complicated to overcome the challenge because the attackers continuously search for new vulnerabilities in humans, organizations, and technology. This paper is based on the conceptual analysis of social engineering, denial of services, malware, and attacks on personal data. We argue that implementing modern technology for e-commerce and cybersecurity issues is a never-ending game of cat and mouse. To reduce risks, reliable technology is needed, training of employees and consumer is necessary for using the technology, and a strong policy and regulation is needed at the firm and governmental level. (shrink)

Over the past 30 years, computer engineering has developed a lot. Currently, computer and software applications have a central role in business, medicine, security, communications, industry, education, and everyday life. Software developers, peoples who manage computer networks, data security analysts can do well, but they also have the potential to cause suffering and harm to the clients or ordinary peoples, willingly or not. For this reason, IT activities must be regulated by specific laws. From the beginning, we (...) argue that the law is not the same thing as ethics, even if both promote the good. Certain ethical principles can be strengthened by law. In the field of computer science and technology, can exists theft, privacy violations, violence and harassment. To combat and punish such actions and behaviors, law is needed. But is software engineering a profession? If so, are there codes of professional ethics whereby specialists in the field can regulate their professional activity, as is the case, for example, in areas such as justice or medicine? In relation with that, Gibbs and Ford have identified 8 components of a professional infrastructure. Some of that is: initial vocational training, professional accreditation, licensing, continuous vocational training, the existence of code of ethics.. With the fact that software engineering is a profession, in this article we present the main principles of behavior. The principles are not legally binding. This are grouped by interest categories depending on who or what is involved in the interaction with software engineering. (shrink)

This paper identifies two conceptions of security in contemporary concerns over the vulnerability of computers and networks to hostile attack. One is derived from individual-focused conceptions of computer security developed in computer science and engineering. The other is informed by the concerns of national security agencies of government as well as those of corporate intellectual property owners. A comparative evaluation of these two conceptions utilizes the theoretical construct of “securitization,”developed by the Copenhagen School of International Relations.

Current approaches to cyber-security are not working. Rather than producing more security, we seem to be facing less and less. The reason for this is a multi-dimensional and multi-faceted security dilemma that extends beyond the state and its interaction with other states. It will be shown how the focus on the state and “its” security crowds out consideration for the security of the individual citizen, with detrimental effects on the security of the whole system. (...) The threat arising from cyberspace to (national) security is presented as possible disruption to a specific way of life, one building on information technologies and critical functions of infrastructures, with relatively little consideration for humans directly. This non-focus on people makes it easier for state actors to militarize cyber-security and (re-)assert their power in cyberspace, thereby overriding the different security needs of human beings in that space. Paradoxically, the use of cyberspace as a tool for national security, both in the dimension of war fighting and the dimension of mass-surveillance, has detrimental effects on the level of cyber-security globally. A solution out of this dilemma is a cyber-security policy that is decidedly anti-vulnerability and at the same time based on strong considerations for privacy and data protection. Such a security would have to be informed by an ethics of the infosphere that is based on the dignity of information related to human beings. (shrink)

Current European innovation and security policies are increasingly channeled into efforts to address the assumed challenges that threaten European societies. A field in which this has become particularly salient is digitized EU border management. Here, the framework of responsible research and innovation (RRI) has recently been used to point to the alleged sensitivity of political actors towards the contingent dimensions of emerging security technologies. RRI, in general, is concerned with societal needs and the engagement and inclusion of various (...) stakeholder groups in the research and innovation processes, aiming to anticipate undesired consequences of and identifying socially acceptable alternatives for emerging technologies. However, RRI has also been criticized as an industry-driven attempt to gain societal legitimacy for new technologies. In this article, we argue that while RRI evokes a space where different actors enter co-creative dialogues, it lays bare the specific challenges of governing security innovation in socially responsible ways. Empirically, we draw on the case study of BODEGA, the first EU funded research project to apply the RRI framework to the field of border security. We show how stakeholders involved in the project represent their work in relation to RRI and the resulting benefits and challenges they face. The paper argues that applying the framework to the field of (border) security lays bare its limitations, namely that RRI itself embodies a political agenda, conceals alternative experiences by those on whom security is enacted upon and that its key propositions of openness and transparency are hardly met in practice due to confidentiality agreements. Our hope is to contribute to work on RRI and emerging debates about how the concept can (or cannot) be contextualized for the field of security—a field that might be more in need than any other to consider the ethical dimension of its activities. (shrink)

Nowadays, web-based applications extend to all businesses due to their advantages and easy usability. The most important issue in web-based applications is security. Due to their advantages, most academic journals are now using these applications, with papers being submitted and published through their websites. As these websites are resources for knowledge, information security is primary for maintaining their integrity. In this opinion piece, we point out vulnerabilities in certain websites and introduce the potential for future threats. We intend (...) to present how some journals are vulnerable and what will happen if a journal can be infected by attackers. This opinion is not a technical manual in information security, it is a short inspection that we did to improve the security of academic journals. (shrink)

Today, social engineering techniques are the most common way of committing cybercrimes through the intrusion and infection of computer systems. Cybersecurity experts use the term “social engineering” to highlight the “human factor” in digitized systems, as social engineering attacks aim at manipulating people to reveal sensitive information. In this paper, we explore how discursive framings of individual versus collective security by cybersecurity experts redefine roles and responsibilities at the digitalized workplace. We will first show how the (...) rhetorical figure of the deficient user is constructed vis-à-vis notions of security in social engineering discourses. Second, we will investigate the normative tensions that these practices create. To do so, we link work in science and technology studies on the politics of deficit construction to recent work in critical security studies on securitization and resilience. Empirically, our analysis builds on a multi-sited conference ethnography during three cybersecurity conferences as well as an extensive document analysis. Our findings suggest a redistribution of institutional responsibility to the individual user through three distinct social engineering story lines—“the oblivious employee,” “speaking code and social,” and “fixing human flaws.” Finally, we propose to open up the discourse on social engineering and its inscribed politics of deficit construction and securitization and advocate for companies and policy makers to establish and foster a culture of collective cyber in/security and corporate responsibility. (shrink)

In this essay, we provide an overview of how production systems can be re-engineered to improve the welfare of the animals involved. At least three potential options exist: engineering their environments to better fit the animals, engineering the animals themselves to better fit their environments, and eliminating the animals from the system by growing meat in vitro rather than on farms. The morality of consuming animal products and the conditions under which agricultural animals are maintained remain highly contentious, (...) and when concerns about animal welfare are coupled with concerns about sustainability and global food security, the problem of welfare in animal agriculture constitutes “a wicked problem,” because it is unlikely that any proposed solution will simultaneously address all the issues of concern. In the final section of this essay, we offer some observations on how debate over reforms in animal agriculture could proceed going forward. (shrink)

Climate engineering (CE), the intentional modification of the climate in order to reduce the effects of increasing greenhouse gas concentrations, is sometimes touted as a potential response to climate change. Increasing interest in the topic has led to proposals for empirical tests of hypothesized CE techniques, which raise serious ethical concerns. We propose three ethical guidelines for CE researchers, derived from the ethics literature on research with human and animal subjects, applicable in the event that CE research progresses beyond (...) computer modeling. The Principle of Respect requires that the scientific community secure the global public's consent, voiced through their governmental representatives, before beginning any empirical research. The Principle of Beneficence and Justice requires that researchers strive for a favorable risk–benefit ratio and a fair distribution of risks and anticipated benefits, all while protecting the basic rights of affected individuals. Finally, the Minimization Principle requires that researchers minimize the extent and intensity of each experiment by ensuring that no experiments last longer, cover a greater geographical extent, or have a greater impact on the climate, ecosystem, or human welfare than is necessary to test the specific hypotheses in question. Field experiments that might affect humans or ecosystems in significant ways should not proceed until a full discussion of the ethics of CE research occurs and appropriate institutions for regulating such experiments are established. (shrink)

Recently there is an increasing technological development in intelligent tutoring systems. This field has become interesting to many researchers. In this paper, we present an intelligent tutoring system for teaching information security. This intelligent tutoring systems target the students enrolled in Advanced Topics in Information Security in the faculty of Engineering and Information Technology at Al-Azhar University in Gaza. Through which the student will be able to study the course and solve related problems. An evaluation of the (...) intelligent tutoring systems was carried out and the results were promising. (shrink)

In 2013, the first gun printed out of plastic by a 3D-printer was successfully fired in the US. This event caused a major media hype about the dangers of being able to print a gun. Law enforcement agencies worldwide were concerned about this development and the potentially huge security implications of these functional plastic guns. As a result, politicians called for a ban of these weapons and a control of 3D-printing technology. This paper reviews the security implications of (...) 3D-printing technology and 3D guns. It argues that current arms control and transfer policies are adequate to cover 3D-printed guns as well. However, while this analysis may hold up currently, progress in printing technology needs to be monitored to deal with future dangers pre-emptively. (shrink)

This article is the result of an international research between law and ethics scholars from Universities in France and Switzerland, who have been closely collaborating with technical experts on the design and use of information and communication technologies in the fields of human health and security. The interdisciplinary approach is a unique feature and guarantees important new insights in the social, ethical and legal implications of these technologies for the individual and society as a whole. Its aim is to (...) shed light on the tension between secrecy and transparency in the digital era. A special focus is put from the perspectives of psychology, medical ethics and European law on the contradiction between individuals’ motivations for consented processing of personal data and their fears about unknown disclosure, transferal and sharing of personal data via information and communication technologies (named the “privacy paradox”). Potential benefits and harms for the individual and society resulting from the use of computers, mobile phones, the Internet and social media are being discussed. Furthermore, the authors point out the ethical and legal limitations inherent to the processing of personal data in a democratic society governed by the rule of law. Finally, they seek to demonstrate that the impact of information and communication technology use on the individuals’ well-being, the latter being closely correlated with a high level of fundamental rights protection in Europe, is a promising feature of the socalled “e-democracy” as a new way to collectively attribute meaning to large-scale online actions, motivations and ideas. (shrink)

Global society is facing formidable current and future problems that threaten the prospects for justice and peace, sustainability, and the well-being of humanity both now and in the future. Many of these problems are related to science and technology and to how they function in the world. If the social responsibility of scientists and engineers implies a duty to safeguard or promote a peaceful, just and sustainable world society, then science and engineering education should empower students to fulfil this (...) responsibility. The contributions to this special issue present European examples of teaching social responsibility to students in science and engineering, and provide examples and discussion of how this teaching can be promoted, and of obstacles that are encountered. Speaking generally, education aimed at preparing future scientists and engineers for social responsibility is presently very limited and seemingly insufficient in view of the enormous ethical and social problems that are associated with current science and technology. Although many social, political and professional organisations have expressed the need for the provision of teaching for social responsibility, important and persistent barriers stand in the way of its sustained development. What is needed are both bottom-up teaching initiatives from individuals or groups of academic teachers, and top-down support to secure appropriate embedding in the university. Often the latter is lacking or inadequate. Educational policies at the national or international level, such as the Bologna agreements in Europe, can be an opportunity for introducing teaching for social responsibility. However, frequently no or only limited positive effect of such policies can be discerned. Existing accreditation and evaluation mechanisms do not guarantee appropriate attention to teaching for social responsibility, because, in their current form, they provide no guarantee that the curricula pay sufficient attention to teaching goals that are desirable for society as a whole. (shrink)

In this opinion piece, we present a synopsis of our findings from the last 2 years concerning cyber-attacks on web-based academia. We also present some of problems that we have faced and try to resolve any misunderstandings about our work. We are academic information security specialists, not hackers. Finally, we present a brief overview of our methods for detecting cyber fraud in an attempt to present general guidelines for researchers who would like to continue our work. We believe that (...) our work is necessary for protecting the integrity of scholarly publishing against emerging cybercrime. (shrink)

There is an increasing awareness of the importance of food security, of which the UN’s Millennium Development Goals are the best measure. Although some progress has been made in some regions, much progress still needs to be made in Sub-Saharan Africa, where agriculture largely remains subsistence and personal savings extremely low, and where population growth outstrips economic growth.Thus, there has been a renewed effort to bring these problems back on the development agenda. Food insecurity is a major manifestation of (...) poverty, and hence agricultural development is the most effective way out of rural poverty.The ethical imperative is to bring about the political will to effect such development. Institutions must be built that focus on smallholder development as an engine of economic growth. Along with classic issues of development , the rural poor, who respond well to market-based development and are thus good micro-credit risks, must be given access to markets and finances.The drive to bring the rural poor into the market is frustrated, however, by the subsidies that the Northern nations use to prop up their own markets and farmers. One of the most pressing ethical questions, then, remains how the North can continue to support its subsidy system, while, at the same time, contributing to development work. (shrink)

Epigenetic research has brought several important technological achievements, including identifying epigenetic clocks and signatures, and developing epigenetic editing. The potential military applications of such technologies we discuss are stratifying soldiers’ health, exposure to trauma using epigenetic testing, information about biological clocks, confirming child soldiers’ minor status using epigenetic clocks, and inducing epigenetic modifications in soldiers. These uses could become a reality. This article presents a comprehensive literature review, and analysis by interdisciplinary experts of the scientific, legal, ethical, and societal issues (...) surrounding epigenetics and the military. Notwithstanding the potential benefit from these applications, our findings indicate that the current lack of scientific validation for epigenetic technologies suggests a careful scientific review and the establishment of a robust governance framework before consideration for use in the military. In this article, we highlight general concerns about the application of epigenetic technologies in the military context, especially discrimination and data privacy issues if soldiers are used as research subjects. We also highlight the potential of epigenetic clocks to support child soldiers’ rights and ethical questions about using epigenetic engineering for soldiers’ enhancement and conclude with considerations for an ethical framework for epigenetic applications in the military, defense, and security contexts. (shrink)

This article proposes a new definition of information security, the ‘Appropriate Access’ definition. Apart from providing the basic criteria for a definition—correct demarcation and meaning concerning the state of security—it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called ‘soft issues’ of information security and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security (...) breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security—the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security. (shrink)

Information security can be of high moral value. It can equally be used for immoral purposes and have undesirable consequences. In this paper we suggest that critical theory can facilitate a better understanding of possible ethical issues and can provide support when finding ways of addressing them. The paper argues that critical theory has intrinsic links to ethics and that it is possible to identify concepts frequently used in critical theory to pinpoint ethical concerns. Using the example of UK (...) electronic medical records the paper demonstrates that a critical lens can highlight issues that traditional ethical theories tend to overlook. These are often linked to collective issues such as social and organisational structures, which philosophical ethics with its typical focus on the individual does not tend to emphasise. The paper suggests that this insight can help in developing ways of researching and innovating responsibly in the area of information security. (shrink)

In recent years, the research of chaos theory has developed from simple cognition and analysis to practical engineering application. In particular, hyperchaotic systems with more complex and changeable chaotic characteristics are more sensitive and unpredictable, so they are widely used in more fields. In this paper, two important engineering applications based on hyperchaos pseudorandom number generator and image encryption are studied. Firstly, the coupling 6D memristive hyperchaotic system and a 2D SF-SIMM discrete hyperchaotic mapping are used as the (...) double entropy source structure. The double entropy source structure can realize a new PRNG that meets the security requirements, which can pass the NIST statistical test when the XOR postprocessing method is used. Secondly, based on the double entropy source structure, a new image encryption algorithm is proposed. The algorithm uses the diffusion-scrambling-diffusion encryption scheme to realize the conversion from the original plaintext image to the ciphertext image. Finally, we analyze the security of the proposed PRNG and image encryption mechanism, respectively. The results show that the proposed PRNG has good statistical output characteristics and the proposed image encryption scheme has high security, so they can be effectively applied in the field of information security and encryption system. (shrink)

Artificial intelligence (AI) technologies in medicine are gradually changing biomedical research and patient care. High expectations and promises from novel AI applications aiming to positively impact society raise new ethical considerations for patients and caregivers who use these technologies. Based on a qualitative content analysis of semi-structured interviews and focus groups with healthcare professionals (HCPs), patients, and family members of patients with Parkinson’s Disease (PD), the present study investigates participant views on the comparative benefits and problems of using human versus (...) AI predictive computer vision health monitoring, as well as participants’ ethical concerns regarding these technologies. Participants presumed that AI monitoring would enhance information sharing and treatment, but voiced concerns about data ownership, data protection, commercialization of patient data, and privacy at home. They highlighted that privacy issues at home and data security issues are often linked and should be investigated together. Findings may help technologists, HCPs, and policymakers determine how to incorporate stakeholders’ intersecting but divergent concerns into developing and implementing AI PD monitoring tools. (shrink)

Academia-intelligence agency collaborations are on the rise for a variety of reasons. These can take many forms, one of which is in the classroom, using students to stand in for intelligence analysts. Classrooms, however, are ethically complex spaces, with students considered vulnerable populations, and become even more complex when layering multiple goals, activities, tools, and stakeholders over those traditionally present. This does not necessarily mean one must shy away from academia-intelligence agency partnerships in classrooms, but that these must be conducted (...) carefully and reflexively. This paper hopes to contribute to this conversation by describing one purposeful classroom encounter that occurred between a professor, students, and intelligence practitioners in the fall of 2015 at North Carolina State University: an experiment conducted as part of a graduate-level political science class that involved students working with a prototype analytic technology, a type of participatory sensing/self-tracking device, developed by the National Security Agency. This experiment opened up the following questions that this paper will explore: What social, ethical, and pedagogical considerations arise with the deployment of a prototype intelligence technology in the college classroom, and how can they be addressed? How can academia-intelligence agency collaboration in the classroom be conducted in ways that provide benefits to all parties, while minimizing disruptions and negative consequences? This paper will discuss the experimental findings in the context of ethical perspectives involved in values in design and participatory/self-tracking data practices, and discuss lessons learned for the ethics of future academia-intelligence agency partnerships in the classroom. (shrink)

There is growing need for hybrid curricula that integrate constructivist methods from Science and Technology Studies (STS) into both engineering and policy courses at the undergraduate and graduate levels. However, institutional and disciplinary barriers have made implementing such curricula difficult at many institutions. While several programs have recently been launched that mix technical training with consideration of “societal” or “ethical issues,” these programs often lack a constructivist element, leaving newly-minted practitioners entering practical fields ill-equipped to unpack the politics of (...) knowledge and technology or engage with skeptical publics. This paper presents a novel format for designing interdisciplinary coursework that combines conceptual content from STS with training in engineering and policy. Courses following this format would ideally be team taught by instructors with advanced training in diverse fields, and hence co-learning between instructors and disciplines is a key element of the format. Several instruments for facilitating both student and instructor collaborative learning are introduced. The format is also designed for versatility: in addition to being adaptable to both technical and policy training environments, topics are modularized around a conceptual core so that issues ranging from biotech to nuclear security can be incorporated to fit programmatic needs and resources. (shrink)