N.A.N.M. van Eijk scite author profile

N.A.N.M. van Eijk

5Publications

46Citation Statements Received

28Citation Statements Given

How they've been cited

How they cite others

Affiliations

University of Amsterdam

Publications

Order By: Most citations

Security Economics in the HTTPS Value Chain

et al. 2013

View full text Add to dashboard Cite

Abstract. Even though we increasingly rely on HTTPS to secure Internet communications, several landmark incidents in recent years have illustrated that its security is deeply flawed. We present an extensive multi-disciplinary analysis that examines how the systemic vulnerabilities of the HTTPS authentication model could be addressed. We conceptualize the security issues from the perspective of the HTTPS value chain. We then discuss the breaches at several Certificate Authorities (CAs). Next, we explore the security incentives of CAs via the empirical analysis of the market for SSL certificates, based on the SSL Observatory dataset. This uncovers a surprising pattern: there is no race to the bottom. Rather, we find a highly concentrated market with very large price differences among suppliers and limited price competition. We explain this pattern and explore what it tells us about the security incentives of CAs, including how market leaders seem to benefit from the status quo. In light of these findings, we look at regulatory and technical proposals to address the systemic vulnerabilities in the HTTPS value chain, in particular the EU eSignatures proposal that seeks to strictly regulate HTTPS communications.

show abstract

Cloud Computing in Higher Education and Research Institutions and the USA Patriot Act

Hoboken

Arnbak

Eijk³

et al. 2012

SSRN Journal

View full text Add to dashboard Cite

Ups and Downs; Economic and Cultural Effects of File Sharing on Music, Film and Games

Huygen¹,

Helberger

Poort

et al. 2009

SSRN Journal

View full text Add to dashboard Cite

Certificate Authority Collapse: Regulating Systemic Vulnerabilities in the HTTPS Value Chain

Arnbak

Eijk²

2012

SSRN Journal

View full text Add to dashboard Cite

Online tracking: questioning the power of informed consent

Eijk

Helberger²,

Kool³

et al. 2012

View full text Add to dashboard Cite

Purpose-The paper aims to report the main findings of a study for the Dutch Regulatory Authority for the Telecommunications sector OPTA to explore how the new European ''cookie rules'' in the ePrivacy Directive impact on behavioral advertising practices via the storing and reading of cookies. The paper identifies the main dilemmas with the implementation of the new European rules. The Dutch case provides a valuable reality check also outside The Netherlands. Even before the amendment of the directive, The Netherlands already had an opt-in system in place. From the Dutch experience important lessons can be learned also for other European countries. Design/methodology/approach-After a brief analysis of the legal situation in Europe and in The Netherlands (section 2), section 3 reports about the findings of a survey among the main providers of targeted advertising in The Netherlands to explore the current use of cookies and targeted advertising practices. Section 4 describes the findings of a qualitative survey among Dutch internet users with the goal to define their level of skills and knowledge, acceptance of and behavior towards the placing and reading of cookies. A concluding section (section 5) summarizes the main findings and identifies implications for the future policy debate. Findings-The results show that the majority of the surveyed parties involved in behavioral advertising do not inform users about the storing of cookies or the purposes of data processing of the subsequently obtained data, neither have they obtained users' consent for the storage of cookies. The authors also found that the majority of users lack the skills and knowledge to handle cookies. Social implications-The findings critically question the wisdom of the ''informed consent regime'' that currently lies at the heart of Europe's ePrivacy Directive. The paper concludes with reflections about the concrete policy implications of the study, and a number of concrete suggestions of how to approach the future debate with regard to the regulation of online tracking and cookies. Originality/value-The approach of the paper is original in that it combines legal analysis with two surveys: one among behavioral advertisers and one among online users. This approach permits us to better understand the efficacy of the new legal rules, to make predictions regarding the level of compliance with the new rules and identify areas in this highly topical debate that require further attention.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

N.A.N.M. van Eijk

Security Economics in the HTTPS Value Chain

Cloud Computing in Higher Education and Research Institutions and the USA Patriot Act

Ups and Downs; Economic and Cultural Effects of File Sharing on Music, Film and Games

Certificate Authority Collapse: Regulating Systemic Vulnerabilities in the HTTPS Value Chain

Online tracking: questioning the power of informed consent

Contact Info

Product

Resources

About