An Accountability Architecture for the Internet

In the current Internet, senders are not accountable for the packets they send. As a result, malicious users send unwanted traffic that wastes shared resources and degrades network performance. Stopping such attacks requires identifying the responsible principal and filtering any unwanted traffic it sends. However, senders can obscure their identity: a packet identifies its sender only by the source address, but the Internet Protocol does not enforce that this address be correct. Additionally, affected destinations have no way to prevent the sender from continuing to cause harm. An accountable network binds sender identities to packets they send for the purpose of holding senders responsible for their traffic. In this dissertation, I present an accountable network-level architecture that strongly binds senders to packets and gives receivers control over who can send traffic to them. Holding senders accountable for their actions would prevent many of the attacks that disrupt the Internet today. Previous work in attack prevention proposes methods of binding packets to senders, giving receivers control over who sends what to them, or both. However, they all require trusted elements on the forwarding path, to either assist in identifying the sender or to filter unwanted packets. These elements are often not under the control of the receiver and may become corrupt. This dissertation shows that the Internet architecture can be extended to allow receivers to block traffic from unwanted senders, even in the presence of malicious devices in the forwarding path. This dissertation validates this thesis with three contributions. The first contribution is DNA, a network architecture that strongly binds packets to their sender, allowing routers to reject unaccountable traffic and recipients to block traffic from unwanted senders. Unlike prior work, which trusts on-path devices to behave correctly, the only trusted component in DNA is an identity certification authority. All other entities may misbehave and are either blocked or evicted from the network. The second contribution is NeighborhoodWatch, a secure, distributed, scalable object store that is capable of withstanding misbehavior by its constituent nodes. DNA uses NeighborhoodWatch to store receiver-specific requests block individual senders. The third contribution is VanGuard, an accountable capability architecture. Capabilities are small, receiver-generated tokens that grant the sender permission to send traffic to receiver. Existing capability architectures are not accountable, assume a protected channel for obtaining capabilities, and allow on-path devices to steal capabilities. VanGuard builds a capability architecture on top of DNA, preventing capability theft and protecting the capability request channel by allowing receivers to block senders that flood the channel. Once a sender obtains capabilities, it no longer needs to sign traffic, thus allowing greater efficiency than DNA alone. The DNA architecture demonstrates that it is possible to create an accountable network architecture in which none of the devices on the forwarding path must be trusted. DNA holds senders responsible for their traffic by allowing receivers to block senders; to store this blocking state, DNA relies on the NeighborhoodWatch DHT. VanGuard extends DNA and reduces its overhead by incorporating capabilities, which gives destinations further control over the traffic that sources send to them

On Being Accountable in a Kaleidoscopic World

In this lecture, the author explores the concept of accountability in the changing world in which international law operates, and to draw upon my own recent experience chairing the Inspection Panel at the World Bank. In doing so, I want especially to recognize the concerns of poor people and bring their plight into the discussion of accountability. The world today differs sharply from that when the United Nations was formed, some 65 years ago. In that world, there were only 51 states, few international organizations, a nascent global civil society, only 2 billion people, many of whom lived under colonialism and in poverty, an emerging recognition of human rights, and the glimmerings of globalization. International environmental law, for the most part, did not exist

An Analysis of the Fifth Government Report on the Costs and Benefits of Federal Regulation

This paper critically reviews the draft of the Office of Management and Budget's fifth report on the benefits and costs of federal regulation. The draft report is a significant improvement over previous reports in terms of the responsiveness to the congressional mandate, and the information it provides on recent improvements at OMB. We think the changes that OMB has made to increase transparency and efficiency are significant. These include making greater use of the Internet to communicate information, sending letters to agencies encouraging specific regulations with net benefits, and providing information on turnaround time for reviewing rules. There is still room for substantial improvement, however. We offer six recommendations, one for Congress and five for OMB, that we believe would be helpful in holding regulators and lawmakers more accountable for the regulations they produce. Our recommendations focus on getting the regulatory agencies to produce better analysis, making that analysis more transparent and readily available, and making the regulatory process itself more transparent. We recommend that Congress require agencies to comply with OMB's economic guidelines. We also suggest that OMB improve its report by including a scorecard on the extent to which regulatory analyses comply with their guidelines; providing more information on regulations aimed at reducing terrorism; and making greater use of its in-house expertise to improve estimates of benefits and costs for individual regulations.

Internet Service Provider Liability for Contributory Trademark Infringement After Gucci

[I]f a manufacturer or distributor intentionally induces another to infringe a trademark, or if it continues to supply its product to one whom it knows or has reason to know is engaging in trademark infringement, the manufacturer or distributor is contributorially responsible for any harm done as a result of the deceit

Health Information Technology and Accountable Care Organizations: A Systematic Review and Future Directions

Background: Since the inception of Accountable Care Organizations (ACOs), many have acknowledged the potential synergy between ACOs and health information technology (IT) in meeting quality and cost goals. Objective: We conducted a systematic review of the literature in order to describe what research has been conducted at the intersection of health IT and ACOs and identify directions for future research. Methods: We identified empirical studies discussing the use of health IT via PubMed search with subsequent snowball reference review. The type of health IT, how health IT was included in the study, use of theory, population, and findings were extracted from each study. Results: Our search resulted in 32 studies describing the intersection of health IT and ACOs, mainly in the form of electronic health records and health information exchange. Studies were divided into three streams by purpose; those that considered health IT as a factor for ACO participation, health IT use by current ACOs, and ACO performance as a function of health IT capabilities. Although most studies found a positive association between health IT and ACO participation, studies that address the performance of ACOs in terms of their health IT capabilities show more mixed results. Conclusions: In order to better understand this emerging relationship between health IT and ACO performance, we propose future research should consider more quasi-experimental studies, the use of theory, and merging health, quality, cost, and health IT use data across ACO member organizations

The Media, Accountability and Civic Engagement in Africa

human development, democracy

Social Media Accountability for Terrorist Propaganda

Terrorist organizations have found social media websites to be invaluable for disseminating ideology, recruiting terrorists, and planning operations. National and international leaders have repeatedly pointed out the dangers terrorists pose to ordinary people and state institutions. In the United States, the federal Communications Decency Act’s § 230 provides social networking websites with immunity against civil law suits. Litigants have therefore been unsuccessful in obtaining redress against internet companies who host or disseminate third-party terrorist content. This Article demonstrates that § 230 does not bar private parties from recovery if they can prove that a social media company had received complaints about specific webpages, videos, posts, articles, IP addresses, or accounts of foreign terrorist organizations; the company’s failure to remove the material; a terrorist’s subsequent viewing of or interacting with the material on the website; and that terrorist’s acting upon the propaganda to harm the plaintiff. This Article argues that irrespective of civil immunity, the First Amendment does not limit Congress’s authority to impose criminal liability on those content intermediaries who have been notified that their websites are hosting third-party foreign terrorist incitement, recruitment, or instruction. Neither the First Amendment nor the Communications Decency Act prevents this form of federal criminal prosecution. A social media company can be prosecuted for material support of terrorism if it is knowingly providing a platform to organizations or individuals who advocate the commission of terrorist acts. Mechanisms will also need to be created that can enable administrators to take emergency measures, while simultaneously preserving the due process rights of internet intermediaries to challenge orders to immediately block, temporarily remove, or permanently destroy data