\u27Code\u27 and the Slow Erosion of Privacy

The notion of software code replacing legal code as a mechanism to control human behavior-- code as law --is often illustrated with examples in intellectual property and freedom of speech. This Article examines the neglected issue of the impact of code as law on privacy. To what extent is privacy-related code being used, either to undermine or to enhance privacy? On the basis of cases in the domains of law enforcement, national security, E-government, and commerce, it is concluded that technology rarely incorporates specific privacy-related norms. At the same time, however, technology very often does have clear effects on privacy, as it affects the reasonable expectation of privacy. Technology usually makes privacy violations easier. Particularly information technology is much more a technology of control than it is a technology of freedom. Privacy-enhancing technologies (PETs) have yet to be implemented on any serious scale. The consequent eroding effect of technology on privacy is a slow, hardly perceptible process. If one is to stop this almost natural process, a concerted effort is called for, possibly in the form of privacy impact assessments, enhanced control mechanisms, and awareness-raising

\u27Code\u27 and the Slow Erosion of Privacy

The notion of software code replacing legal code as a mechanism to control human behavior-- code as law --is often illustrated with examples in intellectual property and freedom of speech. This Article examines the neglected issue of the impact of code as law on privacy. To what extent is privacy-related code being used, either to undermine or to enhance privacy? On the basis of cases in the domains of law enforcement, national security, E-government, and commerce, it is concluded that technology rarely incorporates specific privacy-related norms. At the same time, however, technology very often does have clear effects on privacy, as it affects the reasonable expectation of privacy. Technology usually makes privacy violations easier. Particularly information technology is much more a technology of control than it is a technology of freedom. Privacy-enhancing technologies (PETs) have yet to be implemented on any serious scale. The consequent eroding effect of technology on privacy is a slow, hardly perceptible process. If one is to stop this almost natural process, a concerted effort is called for, possibly in the form of privacy impact assessments, enhanced control mechanisms, and awareness-raising

A Self-Adaptive Database Buffer Replacement Scheme.

The overall performance of a database system is very sensitive to the buffer replacement algorithm used. However, the performance evaluation of database buffer replacement algorithms commonly assumes that database accesses are independent and the probability for each individual database record to be accessed is fixed. Due to these rigid assumptions, the results of performance evaluation are not always reliable. In this dissertation, we apply Simon\u27s model of information accessing to model database accessing frequencies. This approach relaxes the independent assumption, and since it also allows certain dynamic behavior in accessing frequencies; thus, it is more robust and preferable over the traditional artificial data approach. Furthermore, taking advantage of the conceptual similarity between the self-organizing linear search heuristics and the traditional buffer replacement algorithms, we propose a self-adaptive buffer replacement scheme that outperforms conventional database buffer replacement algorithms. The findings of our study can be further applied to many other computer applications, e.g. the more complex problem of archival storage design in larger database systems

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Foundations of secure computation

Issued as Workshop proceedings and Final report, Project no. G-36-61

Non-parametric quantile estimation through stochastic approximation.

http://archive.org/details/nonparametricqua00rob

US export controls on encryption technology

Includes bibliographical references (p. 111-118).Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Political Science, 2004.(cont.) effort that eventually paid off in 1999. Interest group politics also factors into the actions of the national security establishment as they also lobby the Presidency and Congress to maintain restrictive encryption regulations. The study uses organizational culture to explain the motivations and some of the actions of the NSA, particularly with regard to its preference for secrecy, its placement of national security above other values, and its efforts to maintain control over all cryptology, whether government or civilian.This thesis seeks to explain why the U.S. government export controls on encryption technologies instituted during the 1970s remained in place until 1999 even though the widespread availability of similar products internationally had rendered the regulations largely without national security benefit by the late 1980s and early 1990s. The second part of the thesis explores the processes and reasons behind the eventual liberalization of encryption policies in 1999. Underlying the study is a values tradeoff between national security, economic interests, and civil liberties for which the relative gains and losses to each value shift through the three decades of the study as a result of technological advances in commercial and civilian cryptography, the growing popularity of electronic communications, the rise of the computer software industry, and the end of the Cold War. The explanation rests upon a combination of political science and organization theories. Structural obstacles to adaptation within the legislative process and interest group politics help account for some of the inertia in the policy adaptation process. In particular, regulatory capture of the Presidency and critical Congressional committees by the National Security Agency helped lock in the NSA's preferred policies even after technological advancements in the commercial sector began to cut into the national security benefits resulting from export controls. Interest group politics also helps explain the rise and eventual success of the lobby for liberalization of encryption regulations. A combination of the software industry and civil liberties activists intent on preserving the right to privacy and First Amendment allied to lobby Congress to change encryption regulations, anby Shirley K. Hung.S.M

Message-driven dynamics

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1997.Includes bibliographical references (p. 251-260).by Richard Anton Lethin.Ph.D

A framework for cascading payment and content exchange within P2P systems

Advances in computing technology and the proliferation of broadband in the home have opened up the Internet to wider use. People like the idea of easy access to information at their fingertips, via their personal networked devices. This has been established by the increased popularity of Peer-to-Peer (P2P) file-sharing networks. P2P is a viable and cost effective model for content distribution. Content producers require modest resources by today's standards to act as distributors of their content and P2P technology can assist in further reducing this cost, thus enabling the development of new business models for content distribution to realise market and user needs. However, many other consequences and challenges are introduced; more notably, the issues of copyright violation, free-riding, the lack of participation incentives and the difficulties associated with the provision of payment services within a decentralised heterogeneous and ad hoc environment. Further issues directly relevant to content exchange also arise such as transaction atomicity, non-repudiation and data persistence. We have developed a framework to address these challenges. The novel Cascading Payment Content Exchange (CasPaCE) framework was designed and developed to incorporate the use of cascading payments to overcome the problem of copyright violation and prevent free-riding in P2P file-sharing networks. By incorporating the use of unique identification, copyright mobility and fair compensation for both producers and distributors in the content distribution value chain, the cascading payments model empowers content producers and enables the creation of new business models. The system allows users to manage their content distribution as well as purchasing activities by mobilising payments and automatically gathering royalties on behalf of the producer. The methodology used to conduct this research involved the use of advances in service-oriented architecture development as well as the use of object-oriented analysis and design techniques. These assisted in the development of an open and flexible framework which facilitates equitable digital content exchange without detracting from the advantages of the P2P domain. A prototype of the CasPaCE framework (developed in Java) demonstrates how peer devices can be connected to form a content exchange environment where both producers and distributors benefit from participating in the system. This prototype was successfully evaluated within the bounds of an E-learning Content Exchange (EIConE) case study, which allows students within a large UK university to exchange digital content for compensation enabling the better use of redundant resources in the university

Foresight and flexibility in cryptography and voice over IP policy

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Political Science, 2008."February 2008."Includes bibliographical references (p. 235-248).This main question in this dissertation is under what conditions government agencies show foresight in formulating strategies for managing emerging technologies. A secondary question is when they are capable of adaptation. Conventional wisdom and most organization theory literature suggest that organizations are reactive rather than proactive, reluctant to change, and responsive only to threats to their core mission or autonomy. The technological, economic, social, political, and sometimes security uncertainties that often accompany emerging technologies further complicate decision-making. More generally, organizations must often make decisions under conditions of limited information while guarding against lock-in effects that can constrain future choices. The two cases examined in this dissertation suggest that contrary to conventional wisdom, organizations can show foresight and flexibility in the management of emerging technologies. Key factors that promote foresight are: an organizational focus on technology, with the emerging technology in question being highly relevant to the organization's mission; technical expertise and a recognition of the limits of that knowledge; and experience dealing with other emerging technologies. The NSA recognized the inevitability of mass market encryption early on and adopted a sophisticated strategy of weakening the strength of, reducing the use of, and slowing down the deployment of mass market encryption in order to preserve its ability to easily monitor communications. The Agency showed considerable tactical adaptation in pursuit of this goal. The FCC adopted a rather unusual policy of forbearance toward VoIP. The Commission deliberately refrained from regulating VoIP in order to allow the technology to mature, innovation to occur, uncertainties to resolve, and to avoid potential market distortions due to too early or suboptimally formulated regulation. Eventually, however, pressure from outside interests such as law enforcement forced the Commission to act.by Shirley K. Hung.Ph.D