"The secret of business is to know something that nobody else knows."
Fled Hometown of Smyrna
Onassis was born on January 15, 1906, in Smyrna, a thriving, ancient port in Turkey that was later renamed Izmir. The city was home to a large Greek population at the time, including his family, and his father, Socrates, was a well-to-do tobacco merchant. Penelope, his mother, died when Onassis was six, leaving him and an older sister; Socrates then remarried and had several more children. An indifferent student, he was ejected from several schools during his teens, and by 1919 was working in his father's office. That year, Greek forces invaded Smyrna, but in August of 1922 the Turks again seized control, and ethnic tensions between the two sides erupted. Several members of Onassis's extended family died, and his father was jailed on charges of conspiring with previous Greek occupiers. The teen managed to help his family escape to Greece, and arrived there himself with his father's savings taped to his legs.
When Socrates was released and rejoined the family, he treated his son harshly, and Onassis decided to make his fortune elsewhere. He sailed for Argentina in 1923 with some $250 in savings, using a so-called Nansen permit, which allowed a one-way trip for refugees on their way to a country of resettlement. In Buenos Aires, he held a series of menial jobs before finding work as an electrician with the British United River Plate Telephone Company. The boss, he was told, was an Briton who had been stationed in the Greek city of Salonika during World War I, and it was suggested that Onassis say he was from that city to improve his chances of hire. The information made it onto an official application that was used for his Argentine citizenship papers, and would later prove troublesome.
Earned First Fortune in Argentina
Starting out as an electrician at the phone company, Onassis became a night-shift telephone operator for it, and improved his English by listening in on calls made to London and New York. He also overheard information about upcoming business deals, and invested some of his own savings in the ventures. With his first small windfall, Onassis acquired some good suits and joined a posh rowing club to cultivate further contacts in Buenos Aires. He also became romantically involved with Claudia Muzio, an Italian soprano several years his senior. Restoring his relationship with his father, he began a successful tobacco-importing business and earned his first million from it. When a proposed tariff threatened to cut into the business's profits, Onassis brought Greek and Argentine politicians together to hammer out a trade agreement that kept the tax from being imposed. By 1931, his status and influence among the Greek expatriate community in Argentina was so impressive that the Greek government made him its deputy consul in Buenos Aires.
Onassis, however, hoped for greater prestige, and set his sights on the shipping industry. Several Greek names had been dominant over the past century, such as the powerful Livanos clan, but their operations were generally closed to newcomers. After returning to Athens for his father's funeral, he then went to London, where he heard a rumor that several Canadian freighters near Montreal were about to go up for sale. They were owned by the Canadian National Steamship Company, which was in severe financial trouble due to the Great Depression and the worldwide economic repercussions. Onassis struck a deal and bought six of them at the bargain price of $20,000 each. He renamed the first two he put in the water the Onassis Socrates and the Onassis Penelope in honor of his late parents.
2007년 6월 4일 월요일
2007년 5월 6일 일요일
WHYSPOOFING IS SERIOUS INTERNET FRAUD
WHYSPOOFING IS SERIOUS INTERNET FRAUD
The most effective protection for the individual user is to make a rule never to log into a Web site by accessing it from a link residing in an email message or on an untrusted Web site (such as a discussion board or chat room).
The best way to safely login to an e-commerce Web site is to open the browser and type the URL on the address bar (see Table 2). The DNS hijacking spoof is the only type of online fraud that cannot be prevented through this precaution.
However, DNS hijacking is increasingly rare as DNS server robustness and security improve
Do
1)Pay attention to the salutation in the email. It should mention your full name.
2)Open your browser, and type the link to the site on the address bar yourself.
3)If spoofing is suspected, login by typing any characters. Some new spoof versions display “login failed” in any case, so it doesn’t raise suspicions. Thus, your login failure is not an indication that the Web site is authentic. Watch for further clues.
4)Know that financial institutions are very aware of spoofing and will avoid contacting you by email if there are account problems.
5)Know that no bank will ask you to enter your credit/debit,card PIN numbers, or driver’s license number online for authentication purposes. Most will not ask for SSN, though some insurance companies do that. This is a bad practice, even if the connection is secure.
6)Examine the URL on the address bar. If it contains numbers followed by the Web site’s name, it is a spoof. A hijacked URL bar is shifted and blurry. Examine cookies and status bar
The most effective protection for the individual user is to make a rule never to log into a Web site by accessing it from a link residing in an email message or on an untrusted Web site (such as a discussion board or chat room).
The best way to safely login to an e-commerce Web site is to open the browser and type the URL on the address bar (see Table 2). The DNS hijacking spoof is the only type of online fraud that cannot be prevented through this precaution.
However, DNS hijacking is increasingly rare as DNS server robustness and security improve
Do
1)Pay attention to the salutation in the email. It should mention your full name.
2)Open your browser, and type the link to the site on the address bar yourself.
3)If spoofing is suspected, login by typing any characters. Some new spoof versions display “login failed” in any case, so it doesn’t raise suspicions. Thus, your login failure is not an indication that the Web site is authentic. Watch for further clues.
4)Know that financial institutions are very aware of spoofing and will avoid contacting you by email if there are account problems.
5)Know that no bank will ask you to enter your credit/debit,card PIN numbers, or driver’s license number online for authentication purposes. Most will not ask for SSN, though some insurance companies do that. This is a bad practice, even if the connection is secure.
6)Examine the URL on the address bar. If it contains numbers followed by the Web site’s name, it is a spoof. A hijacked URL bar is shifted and blurry. Examine cookies and status bar
What is Spoofing.
The phenomenon of Web spoofing, or creating hoax Web sites that closely mimic
real sites in order to extract personal financial information from unwary Web visitors, is an increasingly popular form of online scam that contributes to identitybased credit and financial fraud and threatens to undermine consumer confidence in Internet shopping and banking
spoof란 단어는 '속이다, 사기치다'는 뜻으로 인터넷 내에서 여러가지 의미를 지닌다.
'스푸핑'이란 외부 악의적 네트워크 침입자가 임의로 웹사이트를 구성해 일반 사용자들의 방문을 유도, 인터넷 프로토콜인 TCP/IP의 구조적 결함을 이용해 사용자의 시스템 권한을 획득한 뒤 정보를 빼가는 해킹 수법이다.
특히 'IP스푸핑'이란 로그인하려는 컴퓨터가 신뢰할 수 있는 다른 컴퓨터의 IP를 이용해 해킹하는 것. 즉, 허가받은 IP를 도용해 로그인을 하는 것을 말한다.
또한 유명 업체의 명의로 스팸메일을 발송, 소비자들이 믿을 수 있는 e메일로 생각하게끔 오도해 e메일의 개봉 빈도를 높이려는 행위를 스푸핑이라 하기도 하며, 이런 e메일을 통해 '가짜 웹사이트'로 유도하여 사용자가 암호와 기타 정보를 입력하도록 속이는 것을 말한다.
real sites in order to extract personal financial information from unwary Web visitors, is an increasingly popular form of online scam that contributes to identitybased credit and financial fraud and threatens to undermine consumer confidence in Internet shopping and banking
spoof란 단어는 '속이다, 사기치다'는 뜻으로 인터넷 내에서 여러가지 의미를 지닌다.
'스푸핑'이란 외부 악의적 네트워크 침입자가 임의로 웹사이트를 구성해 일반 사용자들의 방문을 유도, 인터넷 프로토콜인 TCP/IP의 구조적 결함을 이용해 사용자의 시스템 권한을 획득한 뒤 정보를 빼가는 해킹 수법이다.
특히 'IP스푸핑'이란 로그인하려는 컴퓨터가 신뢰할 수 있는 다른 컴퓨터의 IP를 이용해 해킹하는 것. 즉, 허가받은 IP를 도용해 로그인을 하는 것을 말한다.
또한 유명 업체의 명의로 스팸메일을 발송, 소비자들이 믿을 수 있는 e메일로 생각하게끔 오도해 e메일의 개봉 빈도를 높이려는 행위를 스푸핑이라 하기도 하며, 이런 e메일을 통해 '가짜 웹사이트'로 유도하여 사용자가 암호와 기타 정보를 입력하도록 속이는 것을 말한다.
The Laws of Identity
1. The Internet was bilt without a way to know who and what you are connecting to. This limits what we can do with it and exposes us to growing dangers. If we do nothing, we will face rapidly proliferating episodes of theft and deception which will cumulatively erode public trust in the Internet.
2. This paper is about how we can prevent that loss of trust and go forward to give Internet users a deep sense of safety, privacy and certainty about who they are relating to in cyberspace. Nothing could be more essential if new Web-based services and applications are to continue to move beyond “cyber publication” and encompass all kinds of interaction and services. Our approach has been to develop a formal understanding of the dynamics causing digital identity systems to succeed or fail in various contexts, expressed as the Laws of Identity. Taken together, these laws
define a unifying identity metasystem that can offer the Internet the identity layer it so obviously requires.
3. Why is it so hard to create an identity layer for the Internet?
Mainly because there is little agreement on what it should be and how it should be run. This lack of agreement arises because digital identity is related to context, and the Internet, while being a single technical framework, is experienced through a thousand kinds of content in at least as many different contexts – all of which flourish on top of that underlying framework.
The players involved in any one of these contexts want to control digital identity
as it impacts them, in many cases wanting to prevent spillover from their context to
any other
4. An identity metasystem
Digital identity requires a similar approach.
We need a unifying identity metasystem that can protect applications from the internal complexities of specific implementations and allow digital identity to become loosely coupled. This metasystem is in effect a system of systems that exposes a unified interface much like a device driver or network socket does.
5. What is a digital identity?
We will begin by defining a digital identity as a set of claims made by one digital subject about itself or another digital subject.
So we define a digital subject as:
“…a person or thing represented or existing in the digital realm which is being described or dealt with".
A claim is:
"…an assertion of the truth of something,typically one which is disputed or in doubt".
6. The Laws of Identity
1) User Control and Consent
Technical identity systems must only reveal information identifying a user with the user’s consent.
(Blogosphere discussion starts here...)
2) Minimal Disclosure for a Constrained Use
The solution which discloses the least amount of identifying information and best limits its use is the most stable long term solution. (Starts here...)
We should build systems that employ identifying information on the basis that a breach is always possible.
3) Justifiable Parties
Digital identity systems must be designed so the disclosure of identifying
information is limited to parties having a necessary and justifiable place in a
given identity relationship. (Starts here...)
The identity system must make its useraware of the party or parties with whom she
is interacting while sharing information.
The justification requirements apply both to the subject who is disclosing information and the relying party who depends on it.
4)Directed Identity
A universal identity system must support both “omni-directional” identifiers for use by public entities and “unidirectional” identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles. (Starts here...)
Technical identity is always asserted with respect to some other identity or set of identities.
To make an analogy with the physical world, we can say identity has direction, not
just magnitude. One special "set of identities" is that of all other identities (the public).
5) Pluralism of Operators and Technologies:
A universal identity system must channel and enable the inter-working of multiple identity technologies run by multiple identity providers. (Starts here...)
It would be nice if there were one way to express identity. But the numerous contexts
in which identity is required won’t allow it. One reason there will never be a single, centralized monolithic system (the opposite of a metasystem) is because the characteristics that would make any system ideal
6) Human Integration:
The universal identity metasystem must define the human user to be a component of the distributed system integrated through unambiguous human-machine communication
mechanisms offering protection against identity attacks. (Starts here...)
We have done a pretty good job of securing the channel between web servers and
browsers through the use of cryptography – a channel that might extend for thousands of miles.
7)Consistent Experience Across Contexts
The unifying identity metasystem must guarantee its users a simple,
consistent experience while enabling separation of contexts through multiple operators and technologies.
2. This paper is about how we can prevent that loss of trust and go forward to give Internet users a deep sense of safety, privacy and certainty about who they are relating to in cyberspace. Nothing could be more essential if new Web-based services and applications are to continue to move beyond “cyber publication” and encompass all kinds of interaction and services. Our approach has been to develop a formal understanding of the dynamics causing digital identity systems to succeed or fail in various contexts, expressed as the Laws of Identity. Taken together, these laws
define a unifying identity metasystem that can offer the Internet the identity layer it so obviously requires.
3. Why is it so hard to create an identity layer for the Internet?
Mainly because there is little agreement on what it should be and how it should be run. This lack of agreement arises because digital identity is related to context, and the Internet, while being a single technical framework, is experienced through a thousand kinds of content in at least as many different contexts – all of which flourish on top of that underlying framework.
The players involved in any one of these contexts want to control digital identity
as it impacts them, in many cases wanting to prevent spillover from their context to
any other
4. An identity metasystem
Digital identity requires a similar approach.
We need a unifying identity metasystem that can protect applications from the internal complexities of specific implementations and allow digital identity to become loosely coupled. This metasystem is in effect a system of systems that exposes a unified interface much like a device driver or network socket does.
5. What is a digital identity?
We will begin by defining a digital identity as a set of claims made by one digital subject about itself or another digital subject.
So we define a digital subject as:
“…a person or thing represented or existing in the digital realm which is being described or dealt with".
A claim is:
"…an assertion of the truth of something,typically one which is disputed or in doubt".
6. The Laws of Identity
1) User Control and Consent
Technical identity systems must only reveal information identifying a user with the user’s consent.
(Blogosphere discussion starts here...)
2) Minimal Disclosure for a Constrained Use
The solution which discloses the least amount of identifying information and best limits its use is the most stable long term solution. (Starts here...)
We should build systems that employ identifying information on the basis that a breach is always possible.
3) Justifiable Parties
Digital identity systems must be designed so the disclosure of identifying
information is limited to parties having a necessary and justifiable place in a
given identity relationship. (Starts here...)
The identity system must make its useraware of the party or parties with whom she
is interacting while sharing information.
The justification requirements apply both to the subject who is disclosing information and the relying party who depends on it.
4)Directed Identity
A universal identity system must support both “omni-directional” identifiers for use by public entities and “unidirectional” identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles. (Starts here...)
Technical identity is always asserted with respect to some other identity or set of identities.
To make an analogy with the physical world, we can say identity has direction, not
just magnitude. One special "set of identities" is that of all other identities (the public).
5) Pluralism of Operators and Technologies:
A universal identity system must channel and enable the inter-working of multiple identity technologies run by multiple identity providers. (Starts here...)
It would be nice if there were one way to express identity. But the numerous contexts
in which identity is required won’t allow it. One reason there will never be a single, centralized monolithic system (the opposite of a metasystem) is because the characteristics that would make any system ideal
6) Human Integration:
The universal identity metasystem must define the human user to be a component of the distributed system integrated through unambiguous human-machine communication
mechanisms offering protection against identity attacks. (Starts here...)
We have done a pretty good job of securing the channel between web servers and
browsers through the use of cryptography – a channel that might extend for thousands of miles.
7)Consistent Experience Across Contexts
The unifying identity metasystem must guarantee its users a simple,
consistent experience while enabling separation of contexts through multiple operators and technologies.
The Identity Metasystem: Towards a Privacy-Compliant Solution to the Challenges of Digital Identity
Approach - Open System but MS provides with just Framework.
1. Executive Summary
Just as individual identity is fundamental to our face-to-face interactions, digital identity is fundamental to our interactions in the online world. Unfortunately, many of the challenges associated with the Internet system from the lack of widely deployed, easily understood, and secure identity solutions.
This should come as no surprise. After all, the Internet was designed for sharing information, not for securely identifying users and protecting personal data.
Microsoft believes that no single identity management system will emerge and that efforts should instead be directed toward developing an overarching framework that connects different identity systems and sets out standards and protocols for ensuring the privacy and security of online interactions. Microsoft calls this concept the Identity Metasystem. The Identity Metasystem is not a specific product or solution, but rather an interoperable architecture
2. The Seven Laws of Identity
The Identity Metasystem is based on seven universal design principles developed by Kim Cameron of Microsoft, which he has named the “Laws of Identity.”7 Long experience has proven that these principles are essential to maintaining good online security and privacy.
1. User control and consent
2. Minimal disclosure for a defined use
3. Justifiable parties
4. Directional identity
5. Pluralism of operators and technologies
6. Human integration
7. Consistent experience across contexts
3.Information Card Technology and EU Data Privacy
The Identity Metasystem does not mandate any specific identity system; rather, it presupposes many systems and many different technologies. Microsoft is already building software that will take part in the Identity Metasystem—namely, the Information Card technology. We expect other companies will develop separate technologies and components to meet the various needs of identifying parties, relying
parties, and digital subjects. This final section of the paper will examine ID card schemes within the framework of EU privacy, and then it will address how Information Cards specifically address the problem of managing digital identities in a way that conforms to the EU’s data privacy laws
4.Data Controllers and Their Legal Obligations
The substantive obligations arising under EU data privacy laws apply to data controllers, which determine “the purposes and means of” processing personal data.
Data controllers can be contrasted with “data processors,” which are organizations that act on behalf of or under the instructions of the data controller and are not directly liable under EU data privacy laws.
It is clear that the principal entities in ID card schemes will generally qualify as data controllers.
1. Executive Summary
Just as individual identity is fundamental to our face-to-face interactions, digital identity is fundamental to our interactions in the online world. Unfortunately, many of the challenges associated with the Internet system from the lack of widely deployed, easily understood, and secure identity solutions.
This should come as no surprise. After all, the Internet was designed for sharing information, not for securely identifying users and protecting personal data.
Microsoft believes that no single identity management system will emerge and that efforts should instead be directed toward developing an overarching framework that connects different identity systems and sets out standards and protocols for ensuring the privacy and security of online interactions. Microsoft calls this concept the Identity Metasystem. The Identity Metasystem is not a specific product or solution, but rather an interoperable architecture
2. The Seven Laws of Identity
The Identity Metasystem is based on seven universal design principles developed by Kim Cameron of Microsoft, which he has named the “Laws of Identity.”7 Long experience has proven that these principles are essential to maintaining good online security and privacy.
1. User control and consent
2. Minimal disclosure for a defined use
3. Justifiable parties
4. Directional identity
5. Pluralism of operators and technologies
6. Human integration
7. Consistent experience across contexts
3.Information Card Technology and EU Data Privacy
The Identity Metasystem does not mandate any specific identity system; rather, it presupposes many systems and many different technologies. Microsoft is already building software that will take part in the Identity Metasystem—namely, the Information Card technology. We expect other companies will develop separate technologies and components to meet the various needs of identifying parties, relying
parties, and digital subjects. This final section of the paper will examine ID card schemes within the framework of EU privacy, and then it will address how Information Cards specifically address the problem of managing digital identities in a way that conforms to the EU’s data privacy laws
4.Data Controllers and Their Legal Obligations
The substantive obligations arising under EU data privacy laws apply to data controllers, which determine “the purposes and means of” processing personal data.
Data controllers can be contrasted with “data processors,” which are organizations that act on behalf of or under the instructions of the data controller and are not directly liable under EU data privacy laws.
It is clear that the principal entities in ID card schemes will generally qualify as data controllers.
BUSINESS AND IT PROFESSIONAL ETHICS
1. DEFINING MORALITY
Carroll [3] definesethics as the concept of what is right and fair conduct or behavior. The ability and desire to make moral or ethical judgments implies that
the decision maker is concerned with the “spirit of the law,” rather than just the “letter of the law.”
2. BUSINESS ETHICS: TRADITIONAL THEORIES
The Kantian analysis can be reduced to three simple questions. If the answer to all three questions is yes, a moral duty to act or not to act is imposed.
First, the action should be universally consistent. This first test of the Kantian analysis requires that the actor treat everyone the same; it also requires that the actor would find such treatment acceptable if visited upon himself.
The second prong of this three-part test requires that the action to be undertaken must respect individuals as inherently or innately valuable. This prong of the test
recognizes that the person acted upon is due respect by virtue of his existence as a human member of society.
Finally, the autonomy of all persons is deserving of respect; that is, their freedom to make voluntary and informed choices must be recognized.
3. Conclustion
The seven values or key concepts comprising any code of ethics are: consistency, respect for individuals,autonomy for all, integrity, justice, utility, and competence.
Of these seven, three groups of like principles
First, consistency, respect for individuals and autonomy were grouped.
Second, the principles of integrity and justice were grouped, as reflecting basic principles of good faith, sincerity and fairness,
Finally, utility and competence were grouped: they fit together well from a standpoint of pragmatism, since social utility is served by competence.
After consolidating these principles, the principles promulgated by the various IT professional societies were aligned.
Carroll [3] definesethics as the concept of what is right and fair conduct or behavior. The ability and desire to make moral or ethical judgments implies that
the decision maker is concerned with the “spirit of the law,” rather than just the “letter of the law.”
2. BUSINESS ETHICS: TRADITIONAL THEORIES
The Kantian analysis can be reduced to three simple questions. If the answer to all three questions is yes, a moral duty to act or not to act is imposed.
First, the action should be universally consistent. This first test of the Kantian analysis requires that the actor treat everyone the same; it also requires that the actor would find such treatment acceptable if visited upon himself.
The second prong of this three-part test requires that the action to be undertaken must respect individuals as inherently or innately valuable. This prong of the test
recognizes that the person acted upon is due respect by virtue of his existence as a human member of society.
Finally, the autonomy of all persons is deserving of respect; that is, their freedom to make voluntary and informed choices must be recognized.
3. Conclustion
The seven values or key concepts comprising any code of ethics are: consistency, respect for individuals,autonomy for all, integrity, justice, utility, and competence.
Of these seven, three groups of like principles
First, consistency, respect for individuals and autonomy were grouped.
Second, the principles of integrity and justice were grouped, as reflecting basic principles of good faith, sincerity and fairness,
Finally, utility and competence were grouped: they fit together well from a standpoint of pragmatism, since social utility is served by competence.
After consolidating these principles, the principles promulgated by the various IT professional societies were aligned.
Interim analysis of codes of conduct and codes of ethics September 2006
1. Content of the Codes
The most recurring internal statement is Confidentiality of information, followed by a number of statements which are more equally occurring. These are Maintain/upgrade
professional competence, Avoid and report conflicts of interest, Honesty, Cooperation
with co-workers and Integrity.
The most recurring external statement is Environmental responsibility, closely followed by Public welfare and safety, and further by Respect for human dignity and Social responsibility.
The statement Social responsibility includes statements such as responsibility to future generations, responsible design and implementation of products within IT or engineering,and the avoidance of harmful effects to health and welfare.
2. Nature and Enforcement of the Codes
Ambiguity was found in several codes between the nature of the code and the
enforcements mentioned. For example, the fact that only 56% of the regulatory codes are providing explicit sanctions in case of breach of the code is quite paradoxical. If provisions are meant to be regulatory, a way of enforcement is needed. Similarly, many of the regulatory codes do not mention any disciplinary body for investigation of possible breach of the code and decisions on sanctions.
Concerning the commitment to the code, the majority of the codes of regulatory nature
explicitly demand mandatory compliance whereas the majority of the codes of educational and aspirational nature are of a voluntary character. However, there are
exceptions to this logical connection between the commitment and the nature of the code.
Some of the codes with regulatory nature are voluntary to follow and a few of the
aspirational codes have mandatory compliance, both combinations being considered to
send contradictory signals to the addressees of these codes.
3. Content of the codes
The results of the analysis regarding this criterion comprise two aspects; first, the most recurring statements and second, the distribution of those statements among four main groups of professions.
The latter has a great importance, for a very recurring statement may not be well
distributed among all areas of science and technology. In fact, this second aspect reveals whether or not a consensus is reached (voluntarily or not, with or without consultation)on one or several statement(s) within the scientific community as a whole.
Regarding external statements, it has been observed that the most frequently mentioned statement (Environmental Responsibility) is not the most equally distributed over all professions (Public safety and welfare).
Concerning internal statements, the most frequently mentioned statement (Confidentiality of Information) happens to be the most widely distributed one but closely followed by the second one (Maintain and update competence).
The most recurring internal statement is Confidentiality of information, followed by a number of statements which are more equally occurring. These are Maintain/upgrade
professional competence, Avoid and report conflicts of interest, Honesty, Cooperation
with co-workers and Integrity.
The most recurring external statement is Environmental responsibility, closely followed by Public welfare and safety, and further by Respect for human dignity and Social responsibility.
The statement Social responsibility includes statements such as responsibility to future generations, responsible design and implementation of products within IT or engineering,and the avoidance of harmful effects to health and welfare.
2. Nature and Enforcement of the Codes
Ambiguity was found in several codes between the nature of the code and the
enforcements mentioned. For example, the fact that only 56% of the regulatory codes are providing explicit sanctions in case of breach of the code is quite paradoxical. If provisions are meant to be regulatory, a way of enforcement is needed. Similarly, many of the regulatory codes do not mention any disciplinary body for investigation of possible breach of the code and decisions on sanctions.
Concerning the commitment to the code, the majority of the codes of regulatory nature
explicitly demand mandatory compliance whereas the majority of the codes of educational and aspirational nature are of a voluntary character. However, there are
exceptions to this logical connection between the commitment and the nature of the code.
Some of the codes with regulatory nature are voluntary to follow and a few of the
aspirational codes have mandatory compliance, both combinations being considered to
send contradictory signals to the addressees of these codes.
3. Content of the codes
The results of the analysis regarding this criterion comprise two aspects; first, the most recurring statements and second, the distribution of those statements among four main groups of professions.
The latter has a great importance, for a very recurring statement may not be well
distributed among all areas of science and technology. In fact, this second aspect reveals whether or not a consensus is reached (voluntarily or not, with or without consultation)on one or several statement(s) within the scientific community as a whole.
Regarding external statements, it has been observed that the most frequently mentioned statement (Environmental Responsibility) is not the most equally distributed over all professions (Public safety and welfare).
Concerning internal statements, the most frequently mentioned statement (Confidentiality of Information) happens to be the most widely distributed one but closely followed by the second one (Maintain and update competence).
피드 구독하기:
덧글 (Atom)