Making Security Manifest Security and Autonomy for End Users

9 Pages Posted: 22 May 2012

See all articles by Allan A. Friedman

Allan A. Friedman

Harvard University - Harvard Kennedy School (HKS)

L. Jean Camp

Indiana University Bloomington - School of Informatics and Computing

Date Written: September 1, 2003


With the increased concern over national security there has been increased debate over reliability and security of communications and computer systems. (Bush, 2001). One element of this effort has been on the need for reliable data on computer security risks and incidents. Information is necessary for a functioning market, and transparency (requiring information) is necessary for functional governance.

Despite the consensus on the need for better information, there is a significant divergence about the nature and distribution of security information. Security infrastructures can be mechanisms of user control (Anderson, 2003) or mechanisms to empower the user (Clark and Blumenthal, 2000).

End user security is critical. Distributed denial of service attacks illustrate how the capacity to create zombies (machines under the control of a malicious external agent) at many small nodes creates risks for the largest and most hardened targets.

Proposals to address failures in the market for computer security include the establishment of a liability regime for computer security, insurance markets for security risks or even creating tradable permits (Camp & Wolfram, 2000). Yet the solutions assume that the end user will be able to avail themselves of the legal or commercial mechanisms for security with little or no cost.

For security to function at the end points, there must be reliable data for the end user. Such data must be communicated clearly and there must be feasible mechanisms for the end user to respond to security breaches. In this work we illustrate that all the necessary technical components exist. What is needed is a vision and a national commitment to integrate the components. Developing the system that enables Internet users to protect themselves is a more powerful, more democratic and more resilient system for protecting our national information assets.

Suggested Citation

Friedman, Allan A. and Camp, L. Jean, Making Security Manifest Security and Autonomy for End Users (September 1, 2003). TPRC 2003. Available at SSRN:

Allan A. Friedman (Contact Author)

Harvard University - Harvard Kennedy School (HKS) ( email )

79 John F. Kennedy Street
Cambridge, MA 02138
United States

L. Jean Camp

Indiana University Bloomington - School of Informatics and Computing ( email )

901 E 10th St
Bloomington, IN 47401
United States

Register to save articles to
your library


Paper statistics

Abstract Views
PlumX Metrics