policy

Trustworthy systems are achieved through a mix of component parts -- some technical, some procedural, some informed by economics and others by legal obligations. To create secure, private and trustworthy technology and systems requires an understanding of the relationship between the component parts and an active consideration of how one domain interacts with the other. Technology deployment decisions made without an understanding of how the decisions relate to policy, and policy decisions made without an understanding of the existing assumptions of the security architecture, often yield problematic results.

For example, in the absence of a holistic approach to considering how to embed values in technical systems, a wide range of failure modes appear. Policy makers may not appreciate the dependence of the policy model on a particular feature of a given technological system. Similarly, technologists may not understand the way in which the policy framework disparately supports a value based on seemingly innocuous technological design choices. Given the dependencies between technology, markets and policy, interdisciplinary research is essential for the development of meaningful improvements in network and information security.

To that end, TRUST's research agenda includes a robust, interdisciplinary multi-campus policy component. Social scientists, attorneys and economists work together with computer scientists and engineers in projects aimed at contributing to the creation of secure, private and trustworthy systems. This approach has proven to be an effective way of combining problem-solving research and student education, bridging the world of scholarly research and the world of public policy, and in so doing, training the next generation of lawyers, public policy makers, scientists and technologists poised to work at the intersection of these important fields

Mailing lists and discussion forums may be found under the policy link above.

To modify this page, use CVS.

Recent Publications for policy

Aaron Burstein. Conducting Cybersecurity Research Legally and Ethically, Talk or presentation, 15, April, 2008; Accepted for presentation to the first USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '08) on April 15, 2008, San Francisco. Publication forthcoming.
Kenneth A. Bamberger, Deirdre Mulligan. Privacy Decision Making in Administrative Agencies, Chicago Law Review, 75(1):75, January 2008.
Samuelson Law, Technology & Public Policy Clinic. Security Breach Notification Laws: Views from Chief Security Officers, Technical report, University of California, Berkeley, December, 2007.
Chris Jay Hoofnagle, Jennifer King. Consumer Information Sharing: Where the Sun Still Don't Shine, Technical report, Samuelson Law, Technology & Public Policy Clinic, UC Berkeley, December, 2007.
Jeremy Schiff, Marci Meingast, Deirdre Mulligan, S. Shankar Sastry, Ken Goldberg. Respectful cameras: detecting visual markers in real-time to address privacy concerns, Intelligent Robots and Systems, 2007. IROS 2007. IEEE/RSJ International Conference on, 971-978, October, 2007.
Aaron Burstein, Fred Schneider. Network Security and the Need to Consider Provider Coordination in Network Access Policy, 35th Research Conference on Communication, Information, and Internet Policy (TPRC), September, 2007.
Aaron Burstein. Toward a Culture of Cybersecurity Research, Talk or presentation, 10, August, 2007.
Marci Meingast, Jennifer King, Deirdre Mulligan. Embedded RFID and Everyday Things: A Case Study of the Security and Privacy Risks of the U.S. e-Passport, IEEE International Conference on RFID, March, 2007.
Deirdre K. Mulligan. Knowledge Transfer - Policy, Talk or presentation, 19, March, 2007.
Deirdre K. Mulligan. Policy Outbrief, Talk or presentation, 21, March, 2007.

Find all publications for policy

You are not logged in