Securing The Root: A Proposal For Distributing Signing Authority

Management of the Domain Name System (DNS) root zone file is a uniquely global policy problem. For the Internet to connect everyone, the root must be coordinated and compatible. While authority over the legacy root zone file has been contentious and divisive at times, everyone agrees that the Internet should be made more secure. A newly standardized protocol, DNS Security Extensions (DNSSEC), would make the Internet's infrastructure more secure. In order to fully implement DNSSEC, the procedures for managing the DNS root must be revised. Therein lies an opportunity. In revising the root zone management procedures, we can develop a new solution that diminishes the impact of the legacy monopoly held by the U.S. government and avoids another contentious debate over unilateral U.S. control. In this paper we describe the outlines of a new system for the management of a DNSSEC-enabled root. Our proposal distributes authority over securing the root, unlike another recently suggested method, while avoiding the risks and pitfalls of an intergovernmental power sharing scheme

European Digital Libraries: Web Security Vulnerabilities

Purpose – The purpose of this paper is to investigate the web vulnerability challenges at European library web sites and how these issues can affect the data protection of their patrons. Design/methodology/approach – A web vulnerability testing tool was used to analyze 80 European library sites in four countries to determine how many security vulnerabilities each had and what were the most common types of problems. Findings – Analysis results from surveying the libraries show the majority have serious security flaws in their web applications. The research shows that despite country-specific laws mandating secure sites, system librarians have not implemented appropriate measures to secure their online information systems. Research limitations/implications – Further research on library vulnerability throughout the world can be taken to educate librarians in other countries of the serious nature of protecting their systems. Practical implications – The findings serve to remind librarians of the complexity in providing a secure online environment for their patrons and that a disregard or lack of awareness of securing systems could lead to serious vulnerabilities of the patrons' personal data and systems. Lack of consumer trust may result in a decreased use of online commerce and have serious repercussions for the municipal libraries. Several concrete examples of methods to improve security are provided. Originality/value – The paper serves as a current paper on data security issues at Western European municipal library web sites. It serves as a useful summary regarding technical and managerial measures librarians can take to mitigate inadequacies in their security implementation

Survival through networks: the 'grip' of the administrative links in the Russian post-Soviet context

© 2014 Taylor & Francis. Based on an analysis of the post-Soviet transformation experience of four defence sector organizations in a Russian region where the defence sector occupies a substantial part of the local economy, this article develops a typology of network relationships: Grooved Inter-relationship Patterns (Gr’ip) networks and Fluid Inter-relationship Patterns (Fl’ip) networks. This typology can be applied to a range of transition/emerging market and low system trust contexts. Gr’ip networks, in this case, represent the persisting legacy of the Soviet command-administrative system. Fl’ip networks are here an attempt by the defence companies to link into the civilian supply chains of a developing market economy. This article argues that Gr’ip networks had and still have a crucial role to play in Russian enterprises’ survival and development

A Framework for M-Commerce Implementation in Nigeria

The Internet has brought about the concept of grobalilation, which has revolutionized the way business is transacted all over the world. The E-comnterce is of particular interest, though widely used but still has some security challenges in terms of transparency and confidentiality of transactiorts. This papei focuses on M-contnrcrce as an extensiott to E-commerce hnplementatiott with the Bankiltg industry proposed as core implementation consideration in ortler to guarantee high level security. We have reviewed some cqses of onlilrc frauds and eliscussed tlte emerging critical issues afficting software development of M-cornmerce applicatiotts. Afranrcworkfor M-commerce implementationis therefore,proposed for countries such as Nigeria, Romania and Indonesia where cases of online scam are alanning

Norms and Law: Putting the Horse Before the Cart

Law and society scholars have long been fascinated with the interplay of formal legal and informal extralegal procedures. Unfortunately, the fascination has been accompanied by imprecision, and scholars have conceptually conflated two very different mechanisms that extralegally resolve disputes. One set of mechanisms might be described as the shadow of the law, made famous by seminal works by Professors Stewart Macaulay and Marc Galanter, in which social coercion and custom have force because formal legal rights are credible and reasonably defined. The other set of mechanisms, recently explored by economic historians and legal institutionalists, might be described as order without law, borrowing from Professor Robert Ellickson\u27s famous work.1 In this second mechanism, extralegal mechanisms—whether organized shunning, violence, or social disdain—replace legal coercion to bring social order and are an alternative to, not an extension of, formal legal sanctions. One victim of conflating these mechanisms has been our understanding of industry-wide systems of private law and private adjudication, or private legal systems. Recent examinations of private legal systems have chiefly understood those systems as efforts to economize on litigation and dispute-resolution costs, but private legal systems are better understood as mechanisms that economize on enforcement costs. This is not a small mischaracterization. Instead, it reveals a deep misunderstanding of when and why private enforcement systems arise in a modern economy. This Essay provides a taxonomy for the various mechanisms of private ordering. These assorted mechanisms, despite their important differences, have been conflated in large part because there has been a poor understanding of the particular institutional efficiencies and costs of the alternative systems. Specifically, enforcement costs have often been inadequately distinguished from procedural or disputeresolution costs, and this imprecision has produced theories that inaccurately predict when private ordering will thrive and when the costs of private ordering overwhelm corresponding efficiencies. The implications for institutional theory are significant, as confusion in the literature has led to overappreciation of private ordering, underappreciation of social institutions, and Panglossian attitudes toward both lawlessness and legal development