This page is no longer maintained. Please go to current publications, research, or overview.

Selections from Security Research

Economics of Information Security

The Economics of Information Security by Kluwer Academic Press.

An edited collection of reviewed papers by Camp, Varian, Anderson and Schneier. Selected papers from the Economics of Information Security Workshop Series - The First and Second Workshops.

Embedding Trust Information Into Browsing

The working prototype of Net Trust integrates peer sharing of browsing history information, also called social browsing, with an explicit reputation system to embed context in browsing. An overview, the code, the papers, and presentations are all available at Net Trust.

Privacy in Ubiquitous Computing

Privacy in Home-Based ubicomp is an emerging issue. When our homes are aware, networked and responsive, the result can be enhanced autonomy or forced intimacy. In a major project, Indiana University is investing in developing privacy-enhanced user-centered home-based ubicomp.

Vote and Vote Counting

The Annotated Best Practices - A Symposium Summary

A descriptive document providing the viewpoints expressed at the symposium, expanding upon the original best practices. The critical need for investment in the human poll workers, auditing, and transparency are discussed in this report. A final report will include a research agenda, and a description of the event itself. Sign up to receive the final report at the event site, The NSF/Harvard Symposium.

Privacy and Identity

L. Jean Camp, Identity Theft: Causes, Consequences, Possible Cures Springer-Verlag 2007

Identity in Digital Government: A Research Agenda

Trust & Risk in Internet Commerce, MIT Press, Winter (Cambridge, MA) 2000. The most significant material to be found here is the full text of Trust and Risk in Internet Commerce. This version is unedited and has sections deleted. For the full text purchase the bound volume.

Co-authored by J. D. Tygar, "Providing auditing and protecting privacy", The Information Society, March 1994, Vol. 10, No. 1, 59-72.

Co-authored by, Michael Harkavy, J.D. Tygar and Bennet Yee, "Anonymous atomic transactions," 2nd Annual USENIX Workshop on Electronic Commerce Proceedings, November 1996, Oakland, CA, pp. 123-134.

Co-authored by, M. Sirbu & J. D. Tygar, "Token and notational money in electronic commerce", Usenix Workshop on Electronic Commerce, July 1995, New York, NY, 1-12. A previous version presented at the Telecommunications Policy Research Conference, October 1994, Solomons Island, MA, pp. 1-12.


Written with research assistant Serena Chan, "Towards Coherent Regulation of Law Enforcement Surveillance in the Network Society", Ethicomp: The Social and Ethical Impacts of Information and Communications Technologies, Technical University of G'dansk,,Gdansk, Poland, 18-20 June 2001, Vol. 2 pp. 86-101.

"Democratic Implications of Internet Protocols" The Information Society, Vol. 15, 249 -256, 1999. Previous version presented at DIMACS Workshop on Design for Values: Ethical, Social and Political Dimensions of Information Technology, February 28 - March 1, 1998; Princeton University, Department of Computer Science, Princeton NJ. Initial version presented as Privacy on the Web",The Internet Society 1997 Symposium on Network & Distributed System Security, 10-11 February 1997, San Diego, CA.

Pricing Security, with Catherine Wolfram, first presented at the CERT Information Survivability Workshop, Boston, MA Oct. 24-26, 2000, pp. 31-39. This paper argues for a system of trading credits for system vulnerabilities. We argue first that security is an externality and secondly that a model for harnessing the market to increase security can be found in the trading system for pollution externalities. Finally we propose that vulnerabilities can be quantified and offer an excellent possibility as the good to be traded.

Serena Chan & L. Jean Camp, "Towards Coherent Regulation of Law Enforcement Surveillance in the Network Society", argues on historical and technical bases that there is a greater need for protection of digital privacy.

Co-authored by J. D. Tygar, "Providing auditing and protecting privacy", The Information Society, March 1994, Vol. 10, No. 1, 59-72.

co-authored by D. Evensky, A. Gentile & R. Armstrong, "Lilith: Scalable Execution of User Code for Distributed Computing", Proceedings of The 6th IEEE International Symposium on High Performance Distributed Computing, HPDC-6, August 1997, Portland, OR, pp. 123-145. Discusses a project on which I was lead trust infrastructure designer.

In Trust: A Collision of Paradigms we survey the findings in social psychology and philosophy with respect to trust. We introduce three hypothesis that remain unanswered with respect to the manner in which humans react to computers. Then we conclude by noting that research which empowers users in order to be their own security manager may be based on a fundamentally flawed view of human-computer interaction. We close by encouraging designers of computer security systems to examine the humans, which these systems are intended to empower, and recommend that any security system be built on the basis of understanding of human trust provided by the social sciences.

Survivability & Trust with D. Evensky, first presented at, Research Directions for the Next Generation Internet, 12-14 May 1997, Washington, DC. We describe how privacy can been seen as another paradigm for trust -- one which offers a distributed scalable approach to security which is more scalable than centralized key mechanisms (including PKI using CAs).

Trust & Risk in Internet Commerce, MIT Press, Winter (Cambridge, MA) 2000.

L. Jean Camp Peer to Peer Systems, The Internet Encyclopedia ed. Hossein Bidgoli, John Wiley & Sons (Hoboken, New Jersey) 2003.

Trust is the core problem with peer to peer technologies. After understanding their fundamental purposes, it is clear that P2P systems fulfill critical knowledge management needs for professional environments.

L. Jean Camp, "Design for Trust", Trust, Reputation and Security: Theories and Practice, ed. Rino Falcone, Springer-Verlang (Berlin) 2003.

Here trust is defined from various disciplinary perspectives, and I argue that all are necessary.