This page is no longer maintained. Please go to current publications, research, or overview.
Selections from Security Research
Economics of Information Security
The Economics of Information Security by Kluwer Academic Press.
An edited collection of reviewed papers by Camp, Varian, Anderson and Schneier.
Selected papers from the Economics of Information Security Workshop Series
- The First
and Second Workshops.
Embedding Trust Information Into Browsing
The working prototype of Net Trust integrates peer sharing of browsing history information, also
called social browsing, with an explicit reputation system to embed context
in browsing.
An overview, the code, the papers, and presentations are all available at Net Trust.
Privacy in Ubiquitous Computing
Privacy in Home-Based ubicomp is an emerging issue. When our homes are aware,
networked and responsive, the result can be enhanced autonomy or forced intimacy. In a major project, Indiana University is investing in
developing privacy-enhanced user-centered home-based ubicomp.
Vote and Vote Counting
The Annotated
Best Practices - A Symposium Summary
A descriptive document providing the viewpoints expressed at the symposium,
expanding upon the original best practices. The critical need for investment
in the human poll workers, auditing, and transparency are discussed in this
report. A final report will include a research agenda, and a description of
the event itself. Sign up to receive the final report at the event site, The
NSF/Harvard Symposium.
Privacy and Identity
L. Jean Camp, Identity Theft: Causes, Consequences, Possible Cures Springer-Verlag 2007
Identity in Digital Government:
A Research Agenda
Trust & Risk in Internet Commerce,
MIT Press, Winter (Cambridge, MA) 2000. The most significant material to be
found here is the full text of Trust and Risk in Internet Commerce. This version
is unedited and has sections deleted. For the full text purchase the bound
volume.
Co-authored by J. D. Tygar, "Providing
auditing and protecting privacy", The Information Society, March
1994, Vol. 10, No. 1, 59-72.
Co-authored by, Michael Harkavy, J.D. Tygar and Bennet Yee, "Anonymous
atomic transactions," 2nd Annual USENIX Workshop on Electronic Commerce
Proceedings, November 1996, Oakland, CA, pp. 123-134.
Co-authored by, M. Sirbu & J. D. Tygar, "Token
and notational money in electronic commerce", Usenix Workshop on
Electronic Commerce, July 1995, New York, NY, 1-12. A previous version presented
at the Telecommunications Policy Research Conference, October 1994, Solomons
Island, MA, pp. 1-12.
Telecommunications
Written with research assistant Serena Chan, "Towards
Coherent Regulation of Law Enforcement Surveillance in the Network Society",
Ethicomp: The Social and Ethical Impacts of Information and Communications
Technologies, Technical University of G'dansk,,Gdansk, Poland, 18-20 June
2001, Vol. 2 pp. 86-101.
"Democratic
Implications of Internet Protocols" The Information Society, Vol.
15, 249 -256, 1999. Previous version presented at DIMACS Workshop on Design
for Values: Ethical, Social and Political Dimensions of Information Technology,
February 28 - March 1, 1998; Princeton University, Department of Computer
Science, Princeton NJ. Initial version presented as Privacy on the Web",The
Internet Society 1997 Symposium on Network & Distributed System Security,
10-11 February 1997, San Diego, CA.
Pricing Security, with Catherine
Wolfram, first presented at the CERT Information Survivability Workshop, Boston,
MA Oct. 24-26, 2000, pp. 31-39. This paper argues for a system of trading
credits for system vulnerabilities. We argue first that security is an externality
and secondly that a model for harnessing the market to increase security can
be found in the trading system for pollution externalities. Finally we propose
that vulnerabilities can be quantified and offer an excellent possibility
as the good to be traded.
Serena Chan & L. Jean Camp, "Towards
Coherent Regulation of Law Enforcement Surveillance in the Network Society",
argues on historical and technical bases that there is a greater need for
protection of digital privacy.
Co-authored by J. D. Tygar, "Providing
auditing and protecting privacy", The Information Society, March
1994, Vol. 10, No. 1, 59-72.
co-authored by D. Evensky, A. Gentile & R. Armstrong, "Lilith:
Scalable Execution of User Code for Distributed Computing", Proceedings
of The 6th IEEE International Symposium on High Performance Distributed Computing,
HPDC-6, August 1997, Portland, OR, pp. 123-145. Discusses a project on which
I was lead trust infrastructure designer.
In Trust: A Collision of
Paradigms we survey the findings in social psychology and philosophy with
respect to trust. We introduce three hypothesis that remain unanswered with
respect to the manner in which humans react to computers. Then we conclude
by noting that research which empowers users in order to be their own security
manager may be based on a fundamentally flawed view of human-computer interaction.
We close by encouraging designers of computer security systems to examine
the humans, which these systems are intended to empower, and recommend that
any security system be built on the basis of understanding of human trust
provided by the social sciences.
Survivability &
Trust with D. Evensky, first presented at, Research Directions for the
Next Generation Internet, 12-14 May 1997, Washington, DC. We describe how
privacy can been seen as another paradigm for trust -- one which offers a
distributed scalable approach to security which is more scalable than centralized
key mechanisms (including PKI using CAs).
Trust & Risk in Internet Commerce,
MIT Press, Winter (Cambridge, MA) 2000.
L. Jean Camp Peer to Peer Systems,
The Internet Encyclopedia ed. Hossein Bidgoli, John Wiley & Sons (Hoboken,
New Jersey) 2003.
Trust is the core problem with peer to peer technologies. After understanding
their fundamental purposes, it is clear that P2P systems fulfill critical
knowledge management needs for professional environments.
L. Jean Camp, "Design
for Trust", Trust, Reputation and Security: Theories and Practice,
ed. Rino Falcone, Springer-Verlang (Berlin) 2003.
Here trust is defined from various disciplinary perspectives, and I argue
that all are necessary.