I330:Organizational Informatics of Security

Readings and schedule for Organizational Informatics for spring 2008.
11:15 pm Monday and Wednesday.
BH 242
Professor Jean Camp

Course Overview, Themes, Grading, and Goals

Overview: The Course in a Nutshell

Jan 7

Introduction and course overview

The topics the first day are who, when, and why. We will introduce ourselves. I will descibe the course policies. I will provide information about the project, about grade distribution, and answer any of your questions.

This course is about ICTs, organizations and your role in the organization. The course has three primary elements.

First, the readings and lectures contain the minimal critical information for literacy. The readings and lectures will focus primarily on theory, particularly looking at organizations through the lens of economics. There are also, obviously, readings on organizational theory.

Second, the discussion section. There will be some readings during the discussion section, primarily those that apply to the practical training part of the course.

Third is the practical training. The project is an experience in team management. It includes writing a workplan, implementing the work plan, and filling out an evaluation of your peers. Most of you are attending this University to broaden your horizons and increase your employment-relevant skills. This project, properly executed, will do both. At the end of the project you should have a considerably expanded knowledge of your subject, improved presentation skills, and an extremely cursory introduction to project management. Regular deadlines during the semester are intended to force the groups not to wait until the last moment to complete the project.

 

Jan 9 What Governs?

Questions to consider during reading

Technologists understand that code embeds constraints. Law and social norms also determine outcomes.

Readings

Lessig: Code and Other Laws of Cyberspace, Basic Books, 1999, Chapter 7: What Things Regulate PP 85-99

 

Jan 14 Technology as Policy

Questions to consider during reading

Roger Dingledine and Paul Syverson describe the technology and politics of Tor. Tor is a strictly technical system built for political reasons. The code is open, thus fllowing traditional legal practices of transparency. Do any of you use it? Do social norms explain this?

Readings

An Introduction to Tor http://www.torproject.org/overview.html.en

 

Jan 16 Security and Competition

Questions to consider during reading

What are the goals of security in theory? How does this differ from how it is used in practice? Would the security strategies discussed in Anderson work with open code?

Readings

Ross Anderson, Cryptography and Competition Policy:Issues with Trusted Computing, http://www.cl.cam.ac.uk/ftp/users/rja14/tcpa.pdf

Optional Readings

L. Jean Camp Frighteningly Basic Cryptography By Silly Metaphor Chapter 3. You may purchase the book or select the material from the on-line version. However, if you choose Print after going to the on-line version Trust and Risk you will print the entire book. Also note that this is the free and thus not the edited version.

 

Jan 21 MLK Day No Course Meeting

 

Jan 23 Technology as an Organizational Construct

Questions to consider during reading

From where do organizations come? Is it just the cooperation of a many people? Economic forces? Group psychology? Technologies, government and business are presented in media and academy as distinct and clear opposites from government. Yet in fact their interaction is quite deep and profound. Government plays a critical role in creating markets and businesses just as the environment plays a critical role in creating ecosystems and species.

Readings

Deborah Spar Ruling the Waves pp. 1-22, p.124-289
H. Hocheiser "The platform for privacy preference as a social protocol: An examination within the U.S. policy context" ACM Trans. Inter. Tech., Vol 2, No. 4, pp. 1533-5399, http://doi.acm.org/10.1145/604596.604598

Organizations in Informatics Context

Jan 28 Digital Rights Management
Lecture by J Duncan
Do you believe the warnings at the beginning of videos? Not all companies do. A computer-industry trade group has submitted a formal complaint because these warning overstate copyright holders' power to the extent that it violates fair use. http://www.defendfairuse.org/include/ccia-ftc.pdf
National Academy of Science, The Digital Dilemma:Intellectual Property in the Information Age. National Academy Press, Washington, DC (2000); (contents completely available on-line) pp. 1-75.

Optional Reading

Spinello & Tavani:Excerpts from the Digital Millennium Copyright Act (DMCA) of 1998
Spinello & Tavani:James Boyle, A Politics of Intellectual Property: Environmentalism for the Net
Spinello & Tavani:J. W. Snapper,On the Web, Plagiarism Matters More Than Copyright Violations

Optional Readings

Spinello & Tavani:Shelly Warwick, Is Copyright Ethical?
Spinello & Tavani:Note on the DeCSS Trial
Samuleson, Digital Rights Management {and, or, vs.} the Law vol. 46, no. 4, April 2003. http://www.sims.berkeley.edu/~pam/papers.html
Camp, DRM Doesn't Really Mean Copyright, IEEE Internet Computing. May 2003. http://www.ljean.org/files/DRM.pdf 16 Spring Break

 

Jan 30 Security and Usability
Lecture by Tonya Stroman

Organizational Models

An organization can be considered a single entity, a collection of competing subsets, a group of self-optimizing individuals, a machine following a process, or a cultural entity. In the first section of this course we will examine each of those models. I will provide a very short introduction to rational choices, and then examine the limits of rationality. We return to the limits of rationality topic in Economics and Uncertainty.

 

Feb 4 Organizations as Single Rational Beings

Questions to consider during reading

There are three models of organizations:individual rational actors, collections of groups or stakeholders, and as groups of political individuals with their own visions and power struggles.

Reading

Images of Organizations by Gareth Morgan, pp11 - 27, Chapter 1: Mechanization Takes Command: Organizations as Machines (Sage Publications, Inc; 2 edition, December 10, 1996) Tversky and Kahneman, "Rational Choice and the Framing of Decisions" in Rational Choice, Hogarth and Reder, eds., pp. 67-94.

 

Feb 6 Organizations as Compilation of Stakeholders

Questions to consider during reading

Organizations are not always entirely rational. Ironically, the rational organization understands itself as being created by a group of components, and tries to construct mechanisms to create effective interactions between the components. Understanding the components of the organization can prevent the creation of perverse incentives.

Reading

Images of Organization by Gareth Morgan, pp 153-213, Chapter 6, Interests, Conflicts and Power: Organizations as Political Systems (Sage Publications, Inc; 2 edition, December 10, 1996)

 

Feb 11 Organizations as Competing Individuals

Questions to consider during reading

The paper below describes an application of the discussion above at the most fundamental levels of the net.

Reading

Fool us Once Shame on Me - Fool us Twice Shame on You: What we can Learn form the Privatizations of the Internet Backbone Network and the Domain Name System

Optional Readings

Michael Froomkin's discussion of power concentration at a global scale in The Empire Strikes Back and in particular how ICANN is a part of this trend in Of Governance and Governments

 

Feb 13 Organizations as Cultures

Questions to consider during reading

Americans spend most of their waking hours are work. Workplaces are not neutral or free from emotion. Workplaces have their own cultures, some of which are successfully cultured by management.

Readings

Van Mannen, J. (1991) "The Smile Factory:Work at Disneyland." In Frost, P.J., L.E. Moore, M.R. Louis, C.C. Lundberg and J. Martin (eds.):Reframing Organizational Culture.

Recommended Additional Reading


Ullman, Ellen. (1997) Close to the Machine, pp 17-27;95-121

 

The Behavioral Component

A short discussion on how individuals in an organization behave, and how economics alters that behavior. Do you ever consider leaving Informatics? Is there an airline you refuse to use? In Informatics are the people with whom you refuse to work?

 

Feb 18 Games Companies Plays

Questions to consider during reading

What happens when an organization is broken? How do the people that make up organizations choose to function or fail to function in an organization?

Readings


R. Hirschman, Exit, Voice, and Loyalty. Chapters 1, 2, 3, and 8 (pp. 1-20, 21-29, 30-43, 106-119)

 

Feb 20 The Human in the Organization

Questions to consider during reading

How are on-line discussions and organizations distinct from off-line organizations? Does an organization or process change by virtue of replication in an electronic form? How are people and interactions different on email? How did you handle this information overload?

Readings


Davis, J., Farnham, S., Jensen, C. (2002). Decreasing Online Bad Behavior. In Extended Abstracts of CHI 2002, Minneapolis, April 2002.http://research.microsoft.com/scg/papers/Bad Behavior CHI 2002.pdf

Recommended Additional Reading

Connections New Ways of Working in the Networked Organization By Lee Sproull and Sara Kiesler MIT Press, 1991, 212 pages.

The Organization of the ICT Market

The ICT market has distinct sectors. Here, we want to begin to unpack the ICT market.

 

Feb 25 Privacy Markets Basics

Questions to consider during reading

Direct incentives are required to protect privacy. The market by itself will not reach a equilibrium where privacy policies are readable, read and reliable.

Readings

Andrew Odlyzko "Privacy, Economics and Price Discrimination on the Internet", pp. 187-212, Ch. 15, eds. L Jean Camp and Stephen Lewis, Economics of Information Security, Springer, Vol. 12, 2004, New York, NY

Michael Froomkin, The Death of Privacy , University of Miami School of Law, 2000. http://cyber.law.harvard.edu/privacy/Fromkin_DeathOfPrivacy.pdf

 

Feb 27 Information Market Basics

Questions to consider during reading

How is content presentation different on the network?

Readings

Kalakota & Whinston, Electronic Commerce pp 251-282. Addison Wesley (Boston, MA)

Optional Readings

Gupta, Stahl & Whinston, Pricing of Services on the Internet http://cism.bus.utexas.edu/alok/pricing.html

 

Why were they wrong? Why has there not been per-use pricing?

 

Decision - Making Tools in Economics

Economics has developed a series of tools that are widely used in daily business analysis. This section of the course will introduce a few of those tools, and focus on the potential of these tools to enable analytical insights.

 

March 3 Life's a Game

Questions to consider during reading

In classical economics life is never a beach, and joy is not an option. However, life can certainly be modeled as a game. We self-optimize and implement strategies according to our expectations of each other's behavior. For example, do you expect to be able to skip this reading and not be quized? What are your odds, and what is your expectation of my quiz-giving strategy?

Readings

Gardener, Games for Business and Economics pp 1 -22.

 

March 5 NPV and Discounted Cash Flow

Questions to consider during reading

Net present value is a way of deciding if we are better off investing money today or saving money to invest tomorrow. Overview of examples. A simple example of a decision tree in class.

Readings

Luehman, What's It Worth?:A General Manager's Guide to Valuation HBR May - June pp. 133-141

 

March 5 NPV and Discounted Cash Flow

Questions to consider during reading

Net present value is a way of deciding if we are better off investing money today or saving money to invest tomorrow. Overview of examples. A simple example of a decision tree in class.

Readings



Luehman, What's It Worth?:A General Manager's Guide to Valuation HBR May - June pp. 133-141

 

March 10 No Course Meeting

 

March 12 No Course Meeting

 

March 17 Economics and Uncertainty

Questions to consider during reading

Every person experiences uncertainty. Now that uncertainty is merely personal but in the future your uncertainty and decisions may play a role in decision-making. Think about your own decisions and how you have fallen to these habits.

Readings

Tversky and Kahneman, "Judgment Under Uncertainty:Heuristics and Biases" Science, vol. 185, 1974, pp. 1124-1131.
M. G. Morgan , B. Fischhoff , A. Bostrom Risk Communication :A Mental Models Approach pp 1-18, pp 34-62.

 

March 19 Productivity

Questions to consider during reading

Why and how have IT altered organizations? It seems inherently obvious that it is more productive to send an email than write, print and deliver an email. Where and what are the productivity gains?

Readings

Erik Brynjolfsson, The Productivity ParadoxCommunications of the ACM, Volume 36 , Issue 12.
Try the ACM Portal

Information Economics

The session above provided a rudimentary overview of economic tools. In this section the focus is on the unique features of the information market.

 

March 24 Digital is Different

Questions to consider during reading

Fundamental assumptions underlie market economics. How does digital challenge those assumptions?

Readings

Delong and Froomkin (1997) The Next Economy? Internet Publishing and Beyond:The Economics of Digital Information and Intellectual Property. Edited by B Kahin and H Varian. Cambridge, MA MIT Press. http://www.law.miami.edu/~froomkin/articles/newecon.htm

 

March 26 IT in Organizations

The economics of information are different and therefore the markets in information goods also vary widely.

Questions to consider during reading

Why is IT important in an organization? Are ICTS inherently valuable? If not, how do ICTs illustrate their value.

Reading


Carr, Nicholas G., "IT Doesn't Matter", Harvard Business Review, May 2003.

 

Social Engineering Attacks

March 31 Real World Anonymity- What Works?

Questions to consider during class

Why does anonymity matter? Why does it break?

Readings

Richard Clayton, George Danezis, Markus Kuhn, "Real World Patterns of Failure in Anonymity Systems" Information Hiding 2001, LNCS 2137-2152.

Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook Gross and Acquisti www.heinz.cmu.edu/~acquisti/papers/acquisti-gross-facebook-privacy-PET-final.pdf

 

Network Economics

 

April 2 Interconnection and Network Effects

Questions to consider during reading

Feedback is a critical concept in the economics of networks and in network-based competition.

Reading

Noam, Interconnecting the Network of Networks, MIT Press, 2001. pp. 1-25.

Optional Reading

The Economics of Networks, by Nicholas Economides, International Journal of Industrial Organization, Vol. 16, no. 4, pp. 673-699 (October 1996). Available on-line

 

April 7 Lock-in and feedback

Questions to consider during reading

Network economics implies feedback. Feedback can cause lock-in. How easy will it be for you to get a new email? A new phone?

Readings

W. B. Arthur, "Competing Technologies, Increasing returns and Lock-in by Historical Events", The Economic Journal, Vol 99, Issue 394, pp116-131
P. A. David "Clio and the Economics of Qwerty" The American Economic Review, Vol 75, Issue 2, Papers and Proceedings of the 97th Annual Review of the American Economic Association, May 1985, pp. 332-337.

 

April 9 Versioning

Questions to consider during reading

What is versioning? How does digital change versioning? Does beer taste differently from a keg than from a can?
MLS listings on-line http://www.realtor.com and http://www.targetmls.com/
Amazon.com and www.barnes and noble.com and www.reiters.com

Readings

Information Rules, Shapiro, Carl. & Varian, Harvard Business School Press, (Boston, MA) , c1999, pages 53-81

 

Capstone Preview by Dr. Dennis Groth

April 14 The Capstone

Questions to consider during class

The capstone, like this class, is intended to provide a real-life experience. Dr. Groth will introduce and discuss the capstone.

Readings

There are no readings.

 

IT From a Manager's Perspective

April 16 IT in the Real World

Questions to consider during class

What is an ASP? How do you value an ASP? How does versioning work in the world of ASPs? CFO of Cornerstone Software, Shaum McDermott, will speak at this session.

Readings

There are no readings.

 

Information Ownership

 

April 21 Intermediation

Questions to consider during reading

What is disintermediation? Re-intermediation? How does a bookstore inherently bring together certain business lines by virtue of physical location? Think about your favorite sites or consider this sites:
The Hunger Site -- http://www.thehungersite.com -- could this work off line?

Readings

Laudon & Traver, "E-commerce" second edition. pp. 136 - 162
Whinston & Kalakota, "Electronic Commerce" pp. 21 - 23

 

Information is unique because the ownership structure is extremely fluid. Who owns which elements of an information good is a critical question.

 

April 23 Closed Software & Rule of Law in MD, VA and thus IN

Questions to consider during reading

How are markets organized? What were the inherent assumptions about markets in the readings from last week? Where do markets come from? Who participates in defining the rules of a market? What are EULA and UCITA?

Readings

The Uniform Computer Information Transactions Act:A Well Built Fence or Barbed Wire Around the Intellectual Commons? uts.cc.utexas.edu/~lbjjpa/2001/bowman.pdf

 

Exam Period --Student Presentations
Scheduled final exam period will be used as necessary for any overflow presentations that could not be scheduled in the last two weeks of the course. This will not be used for any Make-up presentations. If all team members are hospitalized, as is the requirement for rescheduling presentations, then I will make time for that team on that day.