Discussion on: Trustworthy Computing http://itknowledgeexchange.techtarget.com/customapps/trustworthy-computing/ Thu, 24 Jul 2008 19:08:19 +0000 http://wordpress.org/?v=wordpress-mu-1.2.1 By: Wrobinson http://itknowledgeexchange.techtarget.com/customapps/trustworthy-computing/#comment-47 Wrobinson Sun, 23 Mar 2008 18:34:41 +0000 http://itknowledgeexchange.techtarget.com/customapps/trustworthy-computing/#comment-47 There are definitely some challenges to overcome when it comes to TwC. For all of the news reports on security breaches, we must remember that there are lots of successes that go unreported or under-reported. I read recently, in "A Gift of Fire -- Second Ed." by Sara Baase that this is similar to reports of car accidents made daily on the news. These reports make no mention of the fact that thousands and perhaps millions of trips are made safely; however, these reports do serve a purpose, such as reminding us of the hazards of driving, particularly in bad weather conditions, malfunctioning equipment and inexperience and reckless drivers. Technology is neither inheretly good or bad. It is the application of technology on the part of humans that is ultimately good or ill natured. True security requires appropriate application of people, process and technology. There is a conflict that we face in balancing the trade-offs between quality and efficiency; meeting technical, timeline and financial targets; also the reluctance to walk away from revenue and profits when met with resistance to doing things the right way. The question in my mind is how do we go about achieving this collectively, given some of the challenges such as global cooperation, as you pointed out, are resolved? Perhaps a starting point is to transform the field of information technology into a profession as opposed to a discipline -- at least according to the most strict of definitions. This would at a minimum, enforce a code of ethics and social responsibility among those responsible for the design, implementation and support of computer systems and perhaps mitigate the willingness of some to step in and take on an irresponsible or unethical project. Especially if there are potential ramifications such a suspension and revokation of a license to practice similar to the medical and legal professions. There are definitely some challenges to overcome when it comes to TwC. For all of the news reports on security breaches, we must remember that there are lots of successes that go unreported or under-reported. I read recently, in “A Gift of Fire — Second Ed.” by Sara Baase that this is similar to reports of car accidents made daily on the news. These reports make no mention of the fact that thousands and perhaps millions of trips are made safely; however, these reports do serve a purpose, such as reminding us of the hazards of driving, particularly in bad weather conditions, malfunctioning equipment and inexperience and reckless drivers.

Technology is neither inheretly good or bad. It is the application of technology on the part of humans that is ultimately good or ill natured. True security requires appropriate application of people, process and technology. There is a conflict that we face in balancing the trade-offs between quality and efficiency; meeting technical, timeline and financial targets; also the reluctance to walk away from revenue and profits when met with resistance to doing things the right way.

The question in my mind is how do we go about achieving this collectively, given some of the challenges such as global cooperation, as you pointed out, are resolved?

Perhaps a starting point is to transform the field of information technology into a profession as opposed to a discipline — at least according to the most strict of definitions. This would at a minimum, enforce a code of ethics and social responsibility among those responsible for the design, implementation and support of computer systems and perhaps mitigate the willingness of some to step in and take on an irresponsible or unethical project. Especially if there are potential ramifications such a suspension and revokation of a license to practice similar to the medical and legal professions.

]]> By: Wrobinson http://itknowledgeexchange.techtarget.com/customapps/trustworthy-computing/#comment-46 Wrobinson Sun, 23 Mar 2008 18:14:50 +0000 http://itknowledgeexchange.techtarget.com/customapps/trustworthy-computing/#comment-46 Hi, I thought that you might also be interested in the official memo from Bill Gates that kicked the TwC movement off http://www.wired.com/techbiz/media/news/2002/01/49826. Hi, I thought that you might also be interested in the official memo from Bill Gates that kicked the TwC movement off <a href="http://www.wired.com/techbiz/media/news/2002/01/49826." rel="nofollow">http://www.wired.com/techbiz/media/news/2002/01/49826.</a>

]]>