Startsida
Hjälp
Sök i LIBRIS databas

     

 

Sökning: onr:htxz8gp0fz59l9xc > Anticipatory Ethics...

Anticipatory Ethics for Vulnerability Disclosure [Elektronisk resurs]

Huskaj, Gazmend (författare)
15th International Conference on Cyber Warfare and Security (ICCWS), 12-13 March, 2020, Old Dominion University, Norfolk, Virginia, USA 
Wilson, Richard L. (författare)
Försvarshögskolan Militärvetenskapliga institutionen (MVI) (utgivare)
Publicerad: Reading, UK : Academic Conferences and Publishing International Limited, 2020
Engelska.
Serie: The proceedings of the international conference on information warfare and security, 2048-9870 2048-9870
Ingår i: Proceedings of the 15th International Conference on Cyber Warfare and Security. - 9781912764532 ; 254-261
Läs hela texten
Läs hela texten
Läs hela texten
  • E-bok
Sammanfattning Ämnesord
Stäng  
  • This article presents the ethical dilemma related to under what circumstances vulnerabilities should be disclosed. Vulnerabilities exist in hardware and software, and can be as a consequence of programming errors or design flaws. Threat actors can exploit these vulnerabilities to gain otherwise unintended access to information systems, resources and/or stored information. In other words, they can be used to impact the confidentiality, integrity and availability of information in information systems. As a result, various types of vulnerabilities are highly sought after since they enable this type of access. The most highly sought are so-called “zero-day”-vulnerabilities. These are vulnerabilities that exist but are unknown, and when exploited, enable one way of entry into a system that is not thought possible. This is also why zero-day vulnerabilities are very popular among criminal organizations, states and state-sponsored advanced persistent threats. The other side of the coin is when a state identifies a zero-day, and ends up in the ethical dilemma of whether to release the news and inform the vendor to patch it, i.e. close the vulnerability, or to use it for offensive or intelligence purposes. This article employs these distinctions to apply anticipatory ethics in the Stuxnet-case. Stuxnet was a computer software that was allegedly developed by the U.S. together with Israel to disrupt Iran’s development of uranium for their nuclear program. More exactly, it was developed to disable the uranium centrifuges used to enrich uranium. To achieve this, Stuxnet exploited four zero-day vulnerabilities and, according to some experts, managed to delay Iran’s nuclear program by one to two-years, forcing them to the negotiation table. Using vulnerabilities like zero-days presents opportunities but also risks. The results of the application of anticipatory ethics to the Stuxnet case are then compared with the “Osirak”-case and the “al-Kibar”-case. Osirak was the nuclear reactor in Iraq and was bombed in 1981; al-Kibar was the nuclear reactor being built up in Syria, also bombed in 2007. 

Ämnesord

Social Sciences  (hsv)
Other Social Sciences  (hsv)
Social Sciences Interdisciplinary  (hsv)
Samhällsvetenskap  (hsv)
Annan samhällsvetenskap  (hsv)
Tvärvetenskapliga studier inom samhällsvetenskap  (hsv)
Natural Sciences  (hsv)
Computer and Information Sciences  (hsv)
Information Systems  (hsv)
Naturvetenskap  (hsv)
Data- och informationsvetenskap  (hsv)
Systemvetenskap, informationssystem och informatik  (hsv)
Social Sciences  (hsv)
Political Science  (hsv)
Political Science (excluding Public Administration Studies and Globalisation Studies)  (hsv)
Samhällsvetenskap  (hsv)
Statsvetenskap  (hsv)
Statsvetenskap (exklusive studier av offentlig förvaltning och globaliseringsstudier)  (hsv)
Försvarssystem  (fhs)
Systems science for defence and security  (fhs)

Genre

government publication  (marcgt)

Indexterm och SAB-rubrik

vulnerabilities
zero-days
information systems
ethical dilemma
Stuxnet
Iran Nuclear Program
anticipatory ethics
Inställningar Hjälp

Titeln finns på 1 bibliotek. 

Övriga bibliotek (1)

Ange som favorit
Om LIBRIS
Sekretess
Blogg
Hjälp
Fel i posten?
Kontakt
Teknik och format
Sök utifrån
Sökrutor
Plug-ins
Bookmarklet
Anpassa
Textstorlek
Kontrast
Vyer
LIBRIS söktjänster
SwePub
Sondera
Uppsök

Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.

Copyright © LIBRIS - Nationella bibliotekssystem

 
pil uppåt Stäng

Kopiera och spara länken för att återkomma till aktuell vy