Pervasively Distributed Copyright Enforcement

In an effort to control flows of unauthorized information, the major copyright industries are pursuing a range of strategies designed to distribute copyright enforcement functions across a wide range of actors and to embed these functions within communications networks, protocols, and devices. Some of these strategies have received considerable academic and public scrutiny, but much less attention has been paid to the ways in which all of them overlap and intersect with one another. This article offers a framework for theorizing this process. The distributed extension of intellectual property enforcement into private spaces and throughout communications networks can be understood as a new, hybrid species of disciplinary regime that locates the justification for its pervasive reach in a permanent state of crisis. This hybrid regime derives its force neither primarily from centralized authority nor primarily from decentralized, internalized norms, but instead from a set of coordinated processes for authorizing flows of information. Although the success of this project is not yet assured, its odds of success are by no means remote as skeptics have suggested. Power to implement crisis management in the decentralized marketplace for digital content arises from a confluence of private and public interests and is amplified by the dynamics of technical standards processes. The emergent regime of pervasively distributed copyright enforcement has profound implications for the production of the networked information society

Advances in the Convergence of Blockchain and Artificial Intelligence

Blockchain (BC) and artificial intelligence (AI) are currently two of the hottest computer science topics and their future seems bright. However, their convergence is not straightforward, and more research is needed in both fields. Thus, this book presents some of the latest advances in the convergence of BC and AI, gives useful guidelines for future researchers on how BC can help AI and how AI can become smarter, thanks to the use of BC. This book specifically analyzes the past of BC through the history of Bitcoin and then looks into the future: from massive internet-of-things (IoT) deployments, to the so-called metaverse, and to the next generation of AI-powered BC-based cyber secured applications

Ethical Issues in Qualitative E-Learning Research

In the mid 1980s education researchers began exploring the use of the Internet within teaching and learning practices, now commonly referred to as e-learning. At the same time, many e-learning researchers were discovering that the application of existing ethical guidelines for qualitative research was resulting in confusion and uncertainty among both researchers and ethics review board members. Two decades later we continue to be plagued by these same ethical issues. On reflection on our research practices and examination of the literature on ethical issues relating to qualitative Internet- and Web-based research, the authors conclude that there are three main areas of confusion and uncertainty among researchers in the field of e-learning: (a) participant consent, (b) public versus private ownership, and (c) confidentiality and anonymity

25th Annual Conference on Legal Issues for Financial Institutions

Materials from the 25th Annual Conference on Legal Issues for Financial Institutions held by UK/CLE in April of 2005

Archives, Ethics and the Law in India: A Guidebook for Archivists in India

The project, Archives, Ethics and the Law in India, anchored by the Archives at NCBS, aims to learn from and train archivists and users of archives in India to respond to questions of archives, copyright, ownership and access, and the public’s rights to information and privacy

Embodied Narratives

As increasing quantities of health and biological information are generated, the need for us all to consider the human impacts of its ubiquity becomes more urgent than ever. This book explains the ethical imperative to take seriously the potential impacts on our identities of encountering bioinformation about ourselves

Securing the software-defined networking control plane by using control and data dependency techniques

Software-defined networking (SDN) fundamentally changes how network and security practitioners design, implement, and manage their networks. SDN decouples the decision-making about traffic forwarding (i.e., the control plane) from the traffic being forwarded (i.e., the data plane). SDN also allows for network applications, or apps, to programmatically control network forwarding behavior and policy through a logically centralized control plane orchestrated by a set of SDN controllers. As a result of logical centralization, SDN controllers act as network operating systems in the coordination of shared data plane resources and comprehensive security policy implementation. SDN can support network security through the provision of security services and the assurances of policy enforcement. However, SDN’s programmability means that a network’s security considerations are different from those of traditional networks. For instance, an adversary who manipulates the programmable control plane can leverage significant control over the data plane’s behavior. In this dissertation, we demonstrate that the security posture of SDN can be enhanced using control and data dependency techniques that track information flow and enable understanding of application composability, control and data plane decoupling, and control plane insight. We support that statement through investigation of the various ways in which an attacker can use control flow and data flow dependencies to influence the SDN control plane under different threat models. We systematically explore and evaluate the SDN security posture through a combination of runtime, pre-runtime, and post-runtime contributions in both attack development and defense designs. We begin with the development a conceptual accountability framework for SDN. We analyze the extent to which various entities within SDN are accountable to each other, what they are accountable for, mechanisms for assurance about accountability, standards by which accountability is judged, and the consequences of breaching accountability. We discover significant research gaps in SDN’s accountability that impact SDN’s security posture. In particular, the results of applying the accountability framework showed that more control plane attribution is necessary at different layers of abstraction, and that insight motivated the remaining work in this dissertation. Next, we explore the influence of apps in the SDN control plane’s secure operation. We find that existing access control protections that limit what apps can do, such as role-based access controls, prove to be insufficient for preventing malicious apps from damaging control plane operations. The reason is SDN’s reliance on shared network state. We analyze SDN’s shared state model to discover that benign apps can be tricked into acting as “confused deputies”; malicious apps can poison the state used by benign apps, and that leads the benign apps to make decisions that negatively affect the network. That violates an implicit (but unenforced) integrity policy that governs the network’s security. Because of the strong interdependencies among apps that result from SDN’s shared state model, we show that apps can be easily co-opted as “gadgets,” and that allows an attacker who minimally controls one app to make changes to the network state beyond his or her originally granted permissions. We use a data provenance approach to track the lineage of the network state objects by assigning attribution to the set of processes and agents responsible for each control plane object. We design the ProvSDN tool to track API requests from apps as they access the shared network state’s objects, and to check requests against a predefined integrity policy to ensure that low-integrity apps cannot poison high-integrity apps. ProvSDN acts as both a reference monitor and an information flow control enforcement mechanism. Motivated by the strong inter-app dependencies, we investigate whether implicit data plane dependencies affect the control plane’s secure operation too. We find that data plane hosts typically have an outsized effect on the generation of the network state in reactive-based control plane designs. We also find that SDN’s event-based design, and the apps that subscribe to events, can induce dependencies that originate in the data plane and that eventually change forwarding behaviors. That combination gives attackers that are residing on data plane hosts significant opportunities to influence control plane decisions without having to compromise the SDN controller or apps. We design the EventScope tool to automatically identify where such vulnerabilities occur. EventScope clusters apps’ event usage to decide in which cases unhandled events should be handled, statically analyzes controller and app code to understand how events affect control plane execution, and identifies valid control flow paths in which a data plane attacker can reach vulnerable code to cause unintended data plane changes. We use EventScope to discover 14 new vulnerabilities, and we develop exploits that show how such vulnerabilities could allow an attacker to bypass an intended network (i.e., data plane) access control policy. This research direction is critical for SDN security evaluation because such vulnerabilities could be induced by host-based malware campaigns. Finally, although there are classes of vulnerabilities that can be removed prior to deployment, it is inevitable that other classes of attacks will occur that cannot be accounted for ahead of time. In those cases, a network or security practitioner would need to have the right amount of after-the-fact insight to diagnose the root causes of such attacks without being inundated with too much informa- tion. Challenges remain in 1) the modeling of apps and objects, which can lead to overestimation or underestimation of causal dependencies; and 2) the omission of a data plane model that causally links control and data plane activities. We design the PicoSDN tool to mitigate causal dependency modeling challenges, to account for a data plane model through the use of the data plane topology to link activities in the provenance graph, and to account for network semantics to appropriately query and summarize the control plane’s history. We show how prior work can hinder investigations and analysis in SDN-based attacks and demonstrate how PicoSDN can track SDN control plane attacks.Ope

Revising Our “Common Intellectual Heritage”: Federal and State Courts in Our Federal System

This Essay pays tribute to Daniel Meltzer\u27s insight that, to the extent lawyers have a common intellectual heritage, the federal courts are its primary source. I do so by analyzing how that heritage is made and remade, as political forces press Congress to deploy federal courts to protect a wide array of interests and state courts absorb the bulk of litigation. The heritage that Meltzer celebrated and to which he contributed was the outcome of twentieth- century social movements that focused on the federal courts as hospitable venues, serving as vivid sources of rights and remedies. A competing heritage has since emerged, as the Supreme Court shaped new doctrines constricting judicial powers and rendering courts unavailable and unavailing. Despite the Court\u27s reluctance to welcome claimants, Congress continues to endow the federal courts with new authority and significant funds. But what the federal government has thus far ignored are the needs of state courts, where 100 million cases are filed annually and states struggle to honor constitutional commitments to open courts and rights to counsel for criminal defendants