What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory

Details What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory

2001-09-24

arxiv.org/abs/cs/0109089v1

Computer Science

Cryptography and Security

TPRC. Email: pswire@law.gwu.edu web: http://www.osu.edu/units/law/swire.htm

Scientific paper

"What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory" Peter P. Swire, George Washington University. Imagine a military base. It is defended against possible attack. Do we expect the base to reveal the location of booby traps and other defenses? No. But for many computer applications,a software developer will need to reveal a great deal about the code to get other system owners to trust the code and know how to operate with it. This article examines these conflicting intuitions and develops a theory about what should be open and hidden in computer security. Part I of the paper shows how substantial openness is typical for major computer security topics, such as firewalls, packaged software, and encryption. Part II shows what factors will lead to openness or hiddenness in computer security. Part III presents an economic analysis of the issue of what should be open in computer security. The owner who does not reveal the booby traps is like a monopolist, while the open-source software supplier is in a competitive market. This economic approach allows us to identify possible market failures in how much openness occurs for computer security. Part IV examines the contrasting approaches of Sun Tzu and Clausewitz to the role of hiddenness and deception in military strategy. The computer security, economic, and military strategy approaches thus each show factors relevant to what should be kept hidden in computer security. Part V then applies the theory to a range of current legal and technical issues.

Affiliated with

Also associated with

No associations

Rating

What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and What Should be Hidden and Open in Computer Security: Lessons from Deception, the Art of War, Law, and Economic Theory will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-516426