Team for Research in
Ubiquitous Secure Technology

Citation
Aaron Burstein. "Legal Issues in Network Security Research". Talk or presentation, 30, November, 2006.

Abstract
Increasingly sophisticated and wily attackers aren't the only challenges that network security researchers face. A number of legal considerations also raise considerable challenges for security researchers, particularly for those working in the area of experimental network defense. My goal is to bring some clarity to the body of law that governs a variety of experimental activities that researchers pursue, and to suggest ways that law and policy might better accommodate this important area of research. In addition, I will highlight some of the broader public policy concerns, such as individual privacy, that researchers should weigh when designing experiments. To illustrate the kinds of legal and policy challenges that researchers face, I will discuss the issues as they relate to collecting, distributing, and storing network traffic datasets; running honeynets; and running testbed experiments that contain instances of malicious code. Through these examples, I will point to some possible legal reforms that would facilitate network research, while still protecting the public policy interests that current laws are intended to embody.

Electronic downloads

• HTML

  Aaron Burstein. <a
  href="http://www.truststc.org/pubs/154.html"
  ><i>Legal Issues in Network Security
  Research</i></a>, Talk or presentation,  30,
  November, 2006.

• Plain text

  Aaron Burstein. "Legal Issues in Network Security
  Research". Talk or presentation,  30, November, 2006.

• BibTeX

  @presentation{Burstein06_LegalIssuesInNetworkSecurityResearch,
      author = {Aaron Burstein},
      title = {Legal Issues in Network Security Research},
      day = {30},
      month = {November},
      year = {2006},
      abstract = {Increasingly sophisticated and wily attackers
                aren't the only challenges that network security
                researchers face. A number of legal considerations
                also raise considerable challenges for security
                researchers, particularly for those working in the
                area of experimental network defense. My goal is
                to bring some clarity to the body of law that
                governs a variety of experimental activities that
                researchers pursue, and to suggest ways that law
                and policy might better accommodate this important
                area of research. In addition, I will highlight
                some of the broader public policy concerns, such
                as individual privacy, that researchers should
                weigh when designing experiments. To illustrate
                the kinds of legal and policy challenges that
                researchers face, I will discuss the issues as
                they relate to collecting, distributing, and
                storing network traffic datasets; running
                honeynets; and running testbed experiments that
                contain instances of malicious code. Through these
                examples, I will point to some possible legal
                reforms that would facilitate network research,
                while still protecting the public policy interests
                that current laws are intended to embody.},
      URL = {http://www.truststc.org/pubs/154.html}
  }
  

Posted by Alvaro Cardenas on 11 Dec 2006.
Groups: trustseminar
For additional information, see the Publications FAQ or contact webmaster at www truststc org.