Team for Research in
Ubiquitous Secure Technology

Legal Issues in Network Security Research
Aaron Burstein

Citation
Aaron Burstein. "Legal Issues in Network Security Research". Talk or presentation, 30, November, 2006.

Abstract
Increasingly sophisticated and wily attackers aren't the only challenges that network security researchers face. A number of legal considerations also raise considerable challenges for security researchers, particularly for those working in the area of experimental network defense. My goal is to bring some clarity to the body of law that governs a variety of experimental activities that researchers pursue, and to suggest ways that law and policy might better accommodate this important area of research. In addition, I will highlight some of the broader public policy concerns, such as individual privacy, that researchers should weigh when designing experiments. To illustrate the kinds of legal and policy challenges that researchers face, I will discuss the issues as they relate to collecting, distributing, and storing network traffic datasets; running honeynets; and running testbed experiments that contain instances of malicious code. Through these examples, I will point to some possible legal reforms that would facilitate network research, while still protecting the public policy interests that current laws are intended to embody.

Electronic downloads


(No downloads are available for this publication.)
Citation formats  
  • HTML
    Aaron Burstein. <a
    href="http://www.truststc.org/pubs/154.html"
    ><i>Legal Issues in Network Security
    Research</i></a>, Talk or presentation,  30,
    November, 2006.
  • Plain text
    Aaron Burstein. "Legal Issues in Network Security
    Research". Talk or presentation,  30, November, 2006.
  • BibTeX
    @presentation{Burstein06_LegalIssuesInNetworkSecurityResearch,
        author = {Aaron Burstein},
        title = {Legal Issues in Network Security Research},
        day = {30},
        month = {November},
        year = {2006},
        abstract = {Increasingly sophisticated and wily attackers
                  aren't the only challenges that network security
                  researchers face. A number of legal considerations
                  also raise considerable challenges for security
                  researchers, particularly for those working in the
                  area of experimental network defense. My goal is
                  to bring some clarity to the body of law that
                  governs a variety of experimental activities that
                  researchers pursue, and to suggest ways that law
                  and policy might better accommodate this important
                  area of research. In addition, I will highlight
                  some of the broader public policy concerns, such
                  as individual privacy, that researchers should
                  weigh when designing experiments. To illustrate
                  the kinds of legal and policy challenges that
                  researchers face, I will discuss the issues as
                  they relate to collecting, distributing, and
                  storing network traffic datasets; running
                  honeynets; and running testbed experiments that
                  contain instances of malicious code. Through these
                  examples, I will point to some possible legal
                  reforms that would facilitate network research,
                  while still protecting the public policy interests
                  that current laws are intended to embody.},
        URL = {http://www.truststc.org/pubs/154.html}
    }
    

Posted by Alvaro Cardenas on 11 Dec 2006.
Groups: trustseminar
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.