Skip to content

SOURCES.md

Latest commit

 

History

History
49 lines (30 loc) · 1.57 KB

SOURCES.md

File metadata and controls

49 lines (30 loc) · 1.57 KB

Sources and Informative References

This document lists non-normative sources that inform the principles and requirements of RFC 0001. Inclusion does not imply endorsement by the listed organizations.

Standards and Frameworks

  • National Institute of Standards and Technology (NIST)
    Risk management frameworks, system security plans, incident response, and auditability guidance.

  • ISO/IEC
    Information security management, service management, and data governance standards.

  • Cloud Security Alliance (CSA)
    Shared responsibility models and cloud audit frameworks clarifying operator boundaries.

Professional Ethics and Practice

  • Association for Computing Machinery (ACM)
    Codes of ethics and policy guidance on transparency, accountability, and harm avoidance.

  • IEEE (selected systems and safety literature)
    Empirical work on system failure, safety margins, and human factors.

Civil Society and Governance

  • Electronic Frontier Foundation (EFF)
    Analysis of surveillance, consent failure, portability barriers, and legal compulsion.

  • OECD
    Principles on digital governance, AI accountability, contestability, and democratic oversight.

Research Literature (Indicative)

  • Human–computer interaction research on over-trust induced by anthropomorphic interfaces
  • Systems research on cascading failure, opacity, and postmortem culture
  • Empirical studies on re-identification risk in anonymized datasets

This list may be updated as new evidence or architectures emerge.
Normative requirements are defined only in the RFC.