Marjory S. Blumenthal
David D. Clark
Skip Abstract Section
Abstract
This article looks at the Internet and the changing set of requirements for the Internet as it becomes more commercial, more oriented toward the consumer, and used for a wider set of purposes. We discuss a set of principles that have guided the design of the Internet, called the end-to-end arguments, and we conclude that there is a risk that the range of new requirements now emerging could have the consequence of compromising the Internet's original design principles. Were this to happen, the Internet might lose some of its key features, in particular its ability to support new and unanticipated applications. We link this possible outcome to a number of trends: the rise of new stakeholders in the Internet, in particular Internet service providers; new government interests; the changing motivations of a growing user base; and the tension between the demand for trustworthy overall operation and the inability to trust the behavior of individual users.
- 1 Saltzer, J., Reed, D., and Clark, D.D., 1984. "End-to-end arguments in system design." ACM Trans. Comput. Syst., Vol. 2, No. 4, Nov., pp. 277-288. Google Scholar
Digital Library
- 2 Larson, G. and Jeffrey, C., 1999."Song of the open road: Building a broadband network for the 21st century." The Center for Media Education, Section IV, p 6. ,http://www.cme.org/broadband/openroad-. pdf.Google Scholar
- 3 This trend is signaled by the rise of the application service provider, or ASP, as a part of the landscape.Google Scholar
- 4 A common method for constructing "configuration-free," "plug and play," or "works out of the box" devices is to assume that some other element takes on the role of controlling setup and configuration. Of course, centralization raises other issues, such as a common point of vulnerability. The proper balance between centralization and distribu-tion of security function for consumer networking is not yet clear.Google Scholar
- 5 For example, see Saltzer, J., 1999. "Open access is just the tip of the iceberg." Oct. 22. ,http://web.mit.edu/Saltzer/www/publications/ openaccess.html.; and Lemley, M. A. and Lessig, L., 1999. Filing before the Federal Communications Commission, (In the Matter of Application for Consent to the Transfer of Control of Licenses Media- One Group, Inc. to AT&T Corp. CS Docket No. 99-251). ,http:// cyber.law.harvard.edu/works/lessig/MB.html. Lessig's work can be seen in overview at ,http://cyber.law.harvard.edu. For a lightweight example that speaks directly to end-to-end, see Lessig, L., 1999. "It's the architecture, Mr. Chairman."Google Scholar
- 6 The Electronic Signatures in Global and National Commerce Act is an indicator of the broadening need for tools to support network-mediated transactions, although observers note that it raises its own questions about how to do so-resolving the technology and policy issues will take more work.Google Scholar
- 7 Chaum, D., 1992. "Achieving electronic privacy." Scientific American, Aug., pp. 96-101.Google Scholar
- 8 It may seem that attention to protection of identity, especially as it manifests in low-level information such as addresses, is exaggerated. The telephone system provides an illustration of how attention to identity has grown and added complexity to communications. For most of the history of the telephone system, the called telephone (and thus the person answering the phone) had no idea what the number of the caller was. Then the "caller ID" feature was invented to show the caller's number to the called party. This very shortly led to a demand for a way to prevent this information from being passed across the telephone network. Adding this capability, which reinstituted caller anonymity at the level of the phone number, led in turn to a demand that a receiver have the capability to refuse a call from a person who refused to reveal his phone number. Additional issues have arisen about the treatment of phone numbers used by people who have paid for "unlisted" numbers, which appears to vary by telephone service provider and state regulatory decision. Given the emergence of this rather complex balance of power in conventional telephony, there is no reason to think that users of the Internet will eventually demand any less. Even if the identity of the individual user is not revealed, this low-level information can be used to construct profiles of aggregate behavior, as in Amazon's summer 1999 publicity about book-buying patterns of employees of large organizations based on e-mail ad-dresses; see Amazon.com. 1999. "Amazon.com introduces 'Purchase Circlesy,' featuring thousands of bestseller lists for hometowns, work-places, universities, and more." Press release, Seattle, WA, Aug. 20. ,www.amazon.com.; McCullagh, D., 1999. "Big brother, big 'fun' at Amazon." Wired, Aug. 25. ,www.wired.com/news/news/business/story/ 21417.html.; Reuters, 1999. "Amazon modifies purchase data policy." Zdnet, Aug. 27. ,http://www.zdnet.com/filters/printerfriendly/ 0,6061,2322310-2,00.html. Also Amazon, 1999. "Amazon.com modi-fies 'Purchase Circlesy' feature." Press release, Seattle, WA, Aug. 26. ,www.amazon.com.Google Scholar
- 9 Cookies may be part of a larger class of monitoring software; see, for example, O'Harrow, R., Jr., 1999. "Fearing a plague of 'Web bugs': Invisible fact-gathering code raises privacy concerns." Washington Post, Nov. 13, E1, E8.Google Scholar
- 10 See O'Harrow, R., Jr. and Corcoran, E., 1999. "Intel drops plans for ID numbers." Washington Post, Jan. 26. ,http://www.washingtonpost-. com/wp-srv/washtech/daily/jan99/intel26.htm. Intel backed away from use of the ID as an identifier in e-commerce transactions under consumer pressure; see ,http://www.bigbrotherinside.com.Google Scholar
- 11 Microsoft implemented a scheme to tag all documents produced by Office 97 with a unique ID derived from the network address of the machine. In response to public criticism, Microsoft made it possible to disable this feature. It also discontinued reporting the unique hard-ware ID of each machine during online registration of Windows 98; see ,http://www.microsoft.com/presspass/features/1999/03- 08custletter2.htm.Google Scholar
- 12 See Cha, A. E., 2000. "Your PC is watching: programs that send personal data becoming routine," Washington Post, July 14, A1, A12- 13.Google Scholar
- 13 See Computer Science and Telecommunications Board, 2000. The Digital Dilemma: Intellectual Property in the Information Age. Na-tional Academy Press.Google Scholar
- 14 D'Antoni, H., 2000. "Web surfers beware: Someone's watching." Infor-mationWeek Online, Feb. 7. ,http://www.informationweek.com/bizint/ biz772/72bzweb.htm. Examples of currently available software in-clude ,SurfWatchhttp://www1.surfwatch.com/products/swwork.html. and Internet Resource Manager ,http://www.sequeltech.com.Google Scholar
- 15 The rash of denial of service attacks on major Web sites in early 2000 illustrates the magnitude of this problem.Google Scholar
- 16 For one view of spam and its control, see Dorn, D., 1998. "Postage due on junk e-mail-Spam costs Internet millions every month." Internet Week, May 4, 1998. ,http://www.techweb.com/se/directlink.cgi? INW19980504S0003. For a summary of legislative approaches to control spam, see Ouellette, T., 1999. "Technology quick study: spam." Computerworld, April 5, p.70. The Mail Abuse Prevention System (MAPS.LLC), provides tools for third parties (ISPs) to filter and control spam. Their charter states that their approach to controling spam is "educating and encouraging ISPs to enforce strong terms and conditions prohibiting their customers from engaging in abusive e-mail practices." ,http://www.mail-abuse.org.Google Scholar
- 17 Moss, M., 1999. "Inside the game of e-mail hijacking." The Wall Street Journal, Nov. 9, B1, B4. "Already, the Internet is awash in Web sites that trick people into clicking on by using addresses that vary only slightly from the sites being mimicked: an extra letter here, a dropped hyphen there. Now, in near secrecy, some of these same look-alike Web sites are grabbing e-mail as well."Google Scholar
- 18 A series of publicized problems affecting Microsoft's Internet Explorer, and the generation of associated software fixes, is documented on the Microsoft security site at ,http://www.microsoft.com/windows/ie/secu-rity/ default.asp. A similar list of issues for Netscape Navigator can be found at ,http://home.netscape.com/security/notes.Google Scholar
- 19 Saltzer, J., 1998. Personal communication, Nov 11.Google Scholar
- 20 As opposed to taxing the use of the Internet per se, like taxation of telephone service. This discussion does not address the merits of taxation; it proceeds from the recognition of (multiple) efforts to implement it.Google Scholar
- 21 For example, independently of technology, income tax compliance is promoted by the practice, and risk, of audits.Google Scholar
- 22 Practically, many pornography sites today use possession of a credit card and a self-affirmation of age as an acceptable assurance of adulthood-although some minors have credit cards. Indicating adult-hood has different ramifications from indicating minority, as Lessig has noted; the intent here is to contrast identification of content and users.Google Scholar
- 23 There are other purposes for which a control point "in" the network might be imposed to achieve a supposedly more robust solution than an end-point implementation can provide: including facilitating eaves-dropping/ wiretap, collection of taxes and fees associated with transac-tions using the network, and so on. One question discussed by the Internet Engineering Task Force (IETF) is how, if at all, Internet protocols should be modified to support the Communications Assis-tance for Law Enforcement Act of 1995 (CALEA) wiretap regulations; see Clausing, J., 1999. "Internet engineers reject wiretap proposal." The New York Times, Nov. 11, B10. The current sentiment in the design community is that this is not an appropriate goal for the IETF. However, there appears to be some interest in conforming to CALEA from equipment vendors, given the interest expressed by their custom-ers.Google Scholar
- 24 It is possible that the introduction of the new Internet address space, as part of the next generation Internet protocol, IPv6, with its much larger set of addresses, will alleviate the need for NAT devices. There is much current debate as to whether NAT devices are a temporary fix, or are now a permanent part of the Internet.Google Scholar
- 25 As this article was being completed, news broke about the FBI's "Carnivore" system, characterized as an "Internet wiretapping sys-tem" deployed at an ISP's premises; see King, N., Jr. and Bridis, T., 2000. "FBI's wiretaps to scan e-mail spark concern." The Wall Street Journal, July 11, A3, A6. Also note that users who move from place to place and dial in to different phone numbers do not use the same physical link for successive access, but since they have to authenticate themselves to the ISP to complete the connection, the ISP knows who is dialing, and could institute logging accordingly.Google Scholar
- 26 Some ISPs, in particular AOL, route all their traffic to a central point before sending it on into the Internet. This design makes it easier to control what a user does; it also makes it easier to monitor and track. So the decentralized nature of the Internet need not be mirrored in the systems that run over it.Google Scholar
- 27 Similarly, if an organization has any requirement imposed on it to control the behavior of its users, it will be at the point of egress that the control can best be imposed.Google Scholar
- 28 Of course, this sort of control is not perfect. It is possible for a creative user to purchase a number of ISP accounts and move from one to another in an unpredictable way. This is what is happening today in the battle between spammers and those who would control themanother example of the dynamic tussle between control and avoidance.Google Scholar
- 29 California Assembly Bill 1676, enacted in 1998.Google Scholar
- 30 For a detailed discussion of labels on content and on users, see Lessig, L. and Resnick, P., 1999. "Zoning speech on the Internet: A legal and technical model." Michigan Law Review 98, 2, pp. 395-431.Google ScholarCross Ref
- 31 This is a critical issue for the viability of industry self-regulation, given the looming prospect of government regulation, and is the subject of much debate. Major industry players and scholars partici-pated in a 1999 international conference organized by the Bertels-mann Foundation, which cast labeling approaches as user-empower-ing and urged government support for private filtering based on labeling; see Bertelsmann Foundation, 1999. Self-Regulation of Inter-net Content, Gutersloh, Germany, Sept. ,http://www.stiftung.bertels-mann. de/internetcontent/english/content/c2340.htm.Google Scholar
- 32 See, for example, US Federal Trade Commission, 1998. Advertising and Marketing on the Internet: Rules of the Road, Washington, DC, Aug. ,www.ftc.gov.Google Scholar
- 33 The PICS web site maintained by the World Wide Web Consortium is ,http://www.w3.org/pics.Google Scholar
- 34 There are a number of Web proxy servers that implement PICS filtering; see ,http://www.n2h2.com/pics/proxy_servers.html.Google Scholar
- 35 For a discussion of concerns aroused by PICS, see ,http://libertus.net/ liberty/label.html. For a response to such concerns by one of the PICS developers and proponents, see Resnick, P., Ed. 1999. "PICS, censorship, & intellectual freedom FAQ." ,www.w3.org/PIC/PICS-FAQ- 980126.HTML.Google Scholar
- 36 The Metatdata web site maintained by the World Wide Web Consor-tium is ,http://www.w3.org/Metadata.Google Scholar
- 37 For example, there have been lawsuits to prevent the use of a trademark in the metadata field of a page not associated with the holder of the mark. A summary of some lawsuits related to trade-marks in metadata can be found at ,http://www.searchenginewatch. com/resources/metasuits.html.Google Scholar
- 38 Examples of anonymizing browser services can be found at ,http:// www.anonymizer.com.; ,http://www.idzap.ne.; ,http://www.rewebber. com.; ,http://www.keepitsecret.com.; ,http://www.confidentialonline. com/home.html.; and ,http://www.websperts.net/About_Us/Privacy/ clandestination.shtml. The last of these offers a service where the anonymous intermediate is located in a foreign country to avoid the reach of the US legal system. The quality of some of these services is questioned in Oakes, C., 1999. "Anonymous Web surfing? uh-uh." Wired News, April 13. ,http://www.wired.com/news/technology/0,1282,19091,00.html.Google Scholar
- 39 For one example of a system that tries to provide protection from traffic analysis, see Goldschlag, D. M., Reed, M. G., and Syverson, P. F., 1999. "Onion routing for anonymous and private Internet connec-tions." Communications of the ACM, 42, 2, Feb. For a complete bibliography and discussion, see ,http://onion-router.nrl.navy.mil. Google ScholarDigital Library
- 40 Mazi~res, D. and Kaashoek, M. F., 1998. "The design, implementation and operation of an email pseudonym server." In Proceedings of the 5th ACM Conference on Computer and Communications Security (CCS-5), San Francisco, CA, Nov., pp. 27-36. Google ScholarDigital Library
- 41 The outgoing message is prefaced with a sequence of addresses, each specifying a relay point. Each address is encrypted using the public key of the prior hop, so that the relay point, and only the relay point, using its matching private key, can decrypt the address of the next hop the message should take. Each relay point delays the message for an unpredictable time, so that it is hard to correlate an incoming and an outgoing message. If enough hops are used, it becomes almost impossible to trace the path from destination back to the source.Google Scholar
- 42 For a review of tools currently available to filter spam in mail servers, see ,http://spam.abuse.net/tools/mailblock.html.Google Scholar
- 43 More complex replication/hosting schemes for controlled staging of content provide features to remedy these limitations, in return for which the content provider must usually pay a fee to the service.Google Scholar
- 44 The icap forum ,http://www.i-cap.org. is concerned with standards for content caching. The IETF has a number of activities, including the Midcom working group looking at protocols for communication among end-nodes, firewalls, NAT boxes, and the Open Extensible Proxy Services (OEPS) group.Google Scholar
- 45 This is a topic receiving more analysis in different contexts. For a legal assessment, see, for example, Froomkin, A. M,. 1996. "The essential role of trusted third parties in electronic commerce" Oregon Law Review 75:29. ,www.law.miami.edu/~froomkin/articles/trustedno.htm.Google Scholar
- 46 For example, see the mutual commitment protocol. Zhou, J. and Gollmann, D., 1996. "A fair non-repudiation protocol." In Proceedings of the 1996 Symposium on Security and Privacy, Oakland, CA, May 6-8. Google ScholarDigital Library
- 47 A notary is "{a} responsible person appointed by state government to witness the signing of important documents and administer oaths." See National Notary Association, 1997, "What is a notary public?" ,http://www.nationalnotary.org/actionprograms/WhatisNotaryPub-lic. pdf. Recognition of this role has led to the investigation of a "cyber-notary" as a useful agent within the Internet. This has been a topic studied by the American Bar Association, but there does not appear to be an active interest at this time.Google Scholar
- 48 There is a partial analogy with payment by check, where the bank balance is normally not verified at the moment of purchase. However, the taker of the check may demand other forms of identification, which can assist in imposing a fee for a bad check. If a certificate has been invalidated, the recipient cannot even count on knowing who the other party in the transaction actually is. So there may be fewer options for recourse later.Google Scholar
- 49 From the recognition that technologists often prefer technical solu-tions, we emphasize the broader choice of mechanism. The Internet philosophy acknowledged early in this article argues for the superior-ity of technology over other kinds of mechanisms. See, for example, Goldberg, I., Wagner, D., and Brewer, E., 1997. "Privacy-enhancing technologies for the Internet." ,http://www.cs.berkeley.edu/~daw/privacy-compcon97- 222/privacy-html.html. The authors observe that "{t}he cyperpunks credo can be roughly paraphrased as 'privacy through technology, not through legislation.' If we can guarantee privacy protection through the laws of mathematics rather than the laws of men and whims of bureaucrats, then we will have made an important contribution to society. It is this vision which guides and motivates our approach to Internet privacy."Google Scholar
- 50 There is no technical verification that this number is indeed sent (the fax, like the Internet, is very much an end-to-end design), but the presumption is that the law can be used to keep the level of unwanted faxes to an acceptable level. Note also that this law, which had the goal of controlling receipt of unwanted material, outlaws "anonymous faxes," in contrast to telephone calls, where one can prevent the caller's phone number from being passed to the called party.Google Scholar
- 51 This trend was emphasized by the establishment by executive order in mid-1999 of a federal task force on illegal conduct on the Internet. President's Working Group on Unlawful Conduct on the Internet, 2000. The Electronic Frontier: The Challenge of Unlawful Conduct Involving the Use of the Internet. ,http://www.usdoj.gov/criminal/ cybercrime/unlawful.htm.Google Scholar
- 52 The authors recognize that on the Internet today various labels are associated with voluntary schemes for content rating, etc.; illustra-tions of the complementarity of law or regulation come, at present, from other domains. Note, however, that the Bertelsmann Foundation conference summary cited above specifically cast law enforcement as a complement to voluntary labeling. It observed that "Law enforcement is the basic mechanism employed within any country to prevent, detect, investigate and prosecute illegal and harmful content on the Internet. This state reaction is essential for various reasons: It guar-antees the state monopoly on power and public order, it is democrati-cally legitimized and directly enforceable, and it secures justice, equity, and legal certainty. However, a mere system of legal regulation armed with law enforcement would be ineffective because of the technical, fast-changing, and global nature of the Internet. In a coordinated approach, self-regulatory mechanisms have to be com-bined with law enforcement as a necessary backup." (p.45).Google Scholar
- 53 US Federal Communications Commission, "V-Chip Homepage." ,http://www.fcc.gov/vchip.Google Scholar
- 54 Information on Amazon.com was cited above. On RealNetworks; see Clark, D., 1999. "RealNetworks will issue software patch to block its program's spying on users." The Wall Street Journal, Nov. 2, B8. The article explains that "Unbeknownst to users, the {Real-Jukebox} soft-ware regularly transmitted information over the Internet to the com-pany, including what CDs users played and how many songs were loaded on their disk drives." DoubleClick presented a broader privacy challenge because it tracked consumer movement across sites and products. The controversy precipitated broad reactions, including gov-ernment investigation due to a complaint to the Federal Trade Com-mission; see Tedeschi, B., 2000. "Critics press legal assault on tracking of Web users. " The New York Times, Feb. 7, C1, C10.Google Scholar
- 55 Simpson, G. R., 2000, "E-commerce firms start to rethink opposition to privacy regulation as abuses, anger rise." The Wall Street Journal, Jan. 6, A24.Google Scholar
- 56 What individuals can do for themselves and what industry does depend, of course, on incentives, which are a part of the nontechnical mechanism picture. Recent controversy surrounding the development of UCITA illustrates differing expectations and interpretations of who incurs what costs and benefits. An issue with these evolving frame-works is the reality that consumers, in particular, and businesses often prefer to avoid the costs of litigation.Google Scholar
- 57 The operators of the server are happy to provide what information they have in response to any court order, but the system was carefully designed to make this information useless.Google Scholar
- 58 This tensions among technology, law, and other influences on behavior are at the heart of Lessig's much-discussed writings on the role of "code" (loosely, technology); see his 1999 book, Code and Other Laws of Cyberspace. Basic Books, New York. Critical responses to Code .. note that technology is malleable rather than constant-a premise of this article-and so are government and industry interests and motives; see, for example, Mann, C. C., 1999. "The unacknowledged legislators of the digital world." In Atlantic Unbound, Dec. 15. ,www.theatlantic. com/unbound/digicult/dc991215.htm.Google Scholar
- 59 What is known as a "conflict of laws" provides a set of principles and models for addressing legal problems that span at least two jurisdic-tions. Resolving such problems is hard in the context of real space, and cyberspace adds additional challenges, but progress under the conflict of laws rubric illuminates approaches that include private agreements on which laws will prevail under which circumstances, international harmonization (difficult and slow but already in progress), and indi-rect regulation, which targets the local effects (e.g., behavior of people and equipment) of extraterritorial activity. For an overview, see Goldsmith, J. L., 1998. "Against cyberanarchy." The University of Chicago Law Review, 65:4, Fall, pp. 1199-1250. Among other things, Goldsmith explains that: "Cyberspace presents two related choice-of-law problems. The first is the problem of complexity. This is the problem of how to choose a single governing law for cyberspace activity that has multiple jurisdictional contacts. The second problem concerns situs. This is the problem of how to choose a governing law when the locus of activity cannot easily be pinpointed in geographical space." (p.1234). Case law shows that these issues are being worked out (or at least worked on); see, for example: Fusco, P., 1999. "Judge rules ISP, server location may determine jurisdiction." ISP-Planet, June 11. ,www.isp-planet.com/politics/061199jurisdiction.html.; and Kaplan, C. S., 1999. "Judge in gambling case takes on sticky issue of jurisdiction." The New York Times, Aug. 13, B10. The latter addresses the interplay of state law with federal law, which proscribes gambling via the Wire Act (18 USC 1084), the Travel Act (18 USC 1952), and the Interstate Transportation of Wagering Paraphernalia Act (18 USC 1953). Some of these issues have been attacked by the American Bar Association's Internet Jurisdiction Project. ,http://www.kentlaw.edu/cyberlaw.Google Scholar
- 60 See Computer Science and Telecommunications Board, 1994. Realiz-ing the Information Future: The Internet and Beyond, National Acad-emy Press, and Computer Science and Telecommunications Board, 1999. Funding a Revolution: Government Support for Computing Research, National Academy Press. Google ScholarDigital Library
- 61 Large ISPs such as AOL have attempted to attain control over the end odes by distributing their own browser, which they encourage or require the user to employ. This approach has proved successful to some extent. In the future, we can expect to see ISP interest in extending their control over the end-point to the extent possible-for example by means of added function in Internet set top boxes and other devices they install in the home.Google Scholar
- 62 See, for example, the "Appropriate use policy of Excite@Home ,http:// www.home.com/aup., which specifically prohibits the operation of servers over their residential Internet service.Google Scholar
- 63 For an assessment of possible outcomes, see Saltzer, J., 1999. "'Open access' is just the tip of the iceberg." Essay for the Newton, MA Cable Commission, Oct. 22. ,http://mit.edu/Saltzer/www/publications/ openaccess.html. After succinctly commenting on a number of possi-ble outcomes that he finds undesirable, Saltzer notes that the worst possible outcome of today's open access tussle-that of no open access and stifled competition and innovation- "is looking increasingly un-likely, as customers and cable competitors alike begin to understand better why the Internet works the way it does and the implications of some of the emerging practices."Google Scholar
- 64 See material cited in note 10 above. Note also the concerns raised under the rubric "peering." See, for example, Caruso, D., 2000. "Digital commerce: The Internet relies on networks' passing data to one another. But what happens if one of them refuses?" The New York Times, Feb. 14, C4.Google Scholar
- 65 Common carriage implies certain rights and responsibilities, such as the provider's obligation to serve all comers while protected from liability if those subscribers use the network for unacceptable pur-poses. The fact that the Internet was designed such that (by end-to-end arguments) ISPs cannot easily control the content sent over their networks and that ISPs appear to serve all comers caused some to suggest that ISPs be treated as common carriers; the suggestion is also made by those who perceive the ISPs' ability to control content as greater than their nominal business and technology would suggest.Google Scholar
- 66 Concern about "critical infrastructure," which developed in the late 1990s, intensified the concern and attention about the growing reli-ance on the Internet, with explorations by the government and some industry leaders of new programs and mechanisms for monitoring its use or "abuse" and increasing its robustness against malicious or accidental disruption; see Blumenthal, M. S., 1999. "Reliable and trustworthy: The challenge of cyber-infrastructure protection at the edge of the millennium." iMP Magazine, Sept. ,http://www.cisp.org/ imp/september_99/09_99blumenthal.htm.Google Scholar
- 67 The popular fictional character Harry Potter received some advice that might apply equally to his world and the Internet: "Never trust anything that can think for itself if you can't see where it keeps its brain." Rowling, J.K., 1998. Harry Potter and the Chamber of Secrets, Bloomsbury, p. 242.Google Scholar
- 68 Pomfret, J., 2000. "China puts clamps on Internet; communists seek information curb." The Washington Post, Jan. 27.Google Scholar
- 69 See Computer Science and Telecommunications Board, 1996. Crypto-graphy's Role in Securing the Information Society. National Academy Press. Google ScholarDigital Library
- 70 Today, regulatory agencies (e.g., the Federal Trade Commission) are already doing spot-checks of actual Web sites.Google Scholar
- 71 This approach is similar to the practice in some parts of the world of not always checking that passengers on public transit have the proper ticket in hand. Instead, there are roving inspectors that perform spot-checks. If the fine for failing to have the right ticket is high enough, this scheme can achieve reasonable compliance.Google Scholar
Index Terms
- Rethinking the design of the Internet: the end-to-end arguments vs. the brave new world
Recommendations
How Private Is the Internet?
As concerns about Internet privacy become more public, everyone needs to understand that the need for privacy doesn't have to conflict with technology. Rather, ISPs, those who make and interpret laws and regulations, and the public must recognize that ...
SKIP-securing the Internet
WET-ICE '96: Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)Currently, two different approaches are being pursued for securing the Internet with respect to commercial use on a broad scale. The properties of these two approaches-application-coupled security vs. network-coupled security-are discussed and compared. ...
Cyberentity Security in the Internet of Things
A proposed Internet of Things system architecture offers a solution to the broad array of challenges researchers face in terms of general system security, network security, and application security.
Comments