Jeffrey K. MacKie-Mason

Security When People Matter: Structuring Incentives for User Behavior (Download full paper)

MacKie-Mason, Jeffrey K. and Wash, Rick

Published on: January, 2007

Abstract: Humans are “smart components” in a system, but cannot be directly programmed to perform; rather, their autonomy must be respected as a design constraint and incentives provided to induce desired behavior. Sometimes these incentives are properly aligned, and the humans don’t represent a vulnerability. But often, a misalignment of incentives causes a weakness in the system that can be exploited by clever attackers. Incentive-centered design tools help us understand these problems, and provide design principles to alleviate them. We describe incentive-centered design and some tools it provides. We provide a number of examples of security problems for which Incentive Centered Design might be helpful. We elaborate with a general screening model that offers strong design principles for a class of security problems.

Using Uncensored Communication Channels to Divert Spam Traffic (Download full paper)

Chiao, Benjamin and MacKie-Mason, Jeffrey K.

Published on: September, 2006

Abstract: We offer a microeconomic model of the market for bulk commercial advertising email (the dominant form of spam). We adopt an incentive-centered design approach to develop a simple, feasible improvement to the current email system: an uncensored communication channel. Such a channel could be an email folder or account, to which properly tagged commercial solicitations are routed. We characterize the circumstances under which spammers would voluntarily move much of their spam into the open channel, leaving the traditional email channel dominated by person-to-person, non-spam mail. Our method follows from observing that there is a real demand for unsolicited commercial email, so that everyone can be made better off if a channel is provided for spammers to meet spam-demanders. As a bonus, the absence of filtering in an open channel restores to advertisers the incentive to make messages truthful, rather than to disguise them to avoid filters. We show show that all email recipients are better off when an open channel is introduced. Only recipients wanting spam will use the open channel enjoying the less disguised messages, and for all recipients the satisfaction associated with desirable mail received increases, and dissatisfaction associated with undesirable received and desirable mail filtered out decreases.

Incentive-Centered Design for Information Security (Download full paper)

Rick Wash and Jeffrey K. MacKie-Mason

Published on: July, 2006

Abstract: Humans are "smart components" in a system, but cannot be directly programmed to perform; rather, their autonomy must be respected as a design constraint and incentives provided to induce desired behavior. Sometimes these incentives are properly aligned, and the humans don't represent a vulnerability. But often, a misalignment of incentives causes a weakness in the system that can be exploited by clever attackers. Incentive-centered design tools help us understand these problems, and provide design principles to alleviate them. We describe incentive-centered design and some tools it provides. We provide a number of examples of security problems for which incentive- centered design might be helpful. We elaborate with a general screening model that offers strong design principles for a class of security problems.

Online Fund-Raising Mechanisms: A Field Experiment (Download full paper)

Yan Chen, Xin Li, and Jeffrey K. MacKie-Mason

Published on: January, 2006

Abstract: We implemented one of the first web-based online field experiments of fund-raising. We embedded our experiment in the Internet Public Library to test comparatively four mechanisms: Voluntary Contribution (VCM), Premium, Seed Money and Matching. The Premium and Matching mechanisms each generate higher contribution rate than VCM, while the gift size is not significantly different across mechanisms. Because this is one of the earliest embedded, web-based field experiments we report our methodology findings in some detail. Using pop-up windows and asking for non-privacy-invasive geographic information were ineffective as participant assignment techniques. Evidence of desire to donate inferred from participant clickstream data is a poor predictor of actual giving.

The Case for Market-based Push Caching (Download full paper)

MacKie-Mason, Jeffrey K. Chan, Yee Man Womer, Jonathan Jamin, Sugih

Published on: November, 1999

Biased Replacement Policies for Web Caches: Differential Quality-of-Service and Aggregate User Value (Download full paper)

MacKie-Mason, Jeffrey K. Kelly, Terence P. Chan, Yee Man Jamin, Sugih

Published on: January, 1999

Abstract: Disk space in shared Web caches can be diverted to serve some system users at the expense of others. Cache hits reduce server loads, and if servers desire load reduction to different degrees, a replacement policy which prioritizes cache space across servers can provide differential quality-of-service (QoS). We present a simple generalization of least-frequently-used (LFU) replacement that is sensitive to varying levels of server valuation for cache hits. Through trace-driven simulation we show that under a particular assumption about server valuations our algorithm delivers a reasonable QoS relationship: higher byte hit rates for servers that value hits more. We furthermore adopt the economic perspective that value received by system users is a more appropriate performance metric than hit rate or byte hit rate, and demonstrate that our algorithm delivers higher "social welfare" (aggregate value to servers) than LRU or LFU.

Evaluating and Selecting Digital Payment Mechanisms (Download full paper)

MacKie-Mason, Jeffrey K. and Kimberly White

Abstract: The Internet is growing rapidly as a marketplace for the exchange of both tangible and information goods and services. Numerous payment mechanisms suitable for use in this marketplace are in various stages of development. Because their development is so recent, it is difficult for potential participants in electronic commerce to evaluate and select payment mechanisms. We propose a systematic method for evaluating and selecting payment mechanisms. Our selection process typically leads to a solution in a few iterations or less; it is generalizable; and it requires relatively little information about each alternative, reducing the cost of evaluating and selecting payment mechanisms. Researchers and payment mechanism designers are guided on further development by the needs of users who desire particular bundles of characteristics. As a by-product of our analysis, we present a detailed matrix characterizing 10 leading payment systems according to 30 criteria.

Name: Video: Incentive-centered design for user-contributed content (Download artifact)

Released on: March, 2008

Description: Video of presentation to Yahoo! Research, Santa Clara, California

Name: Magazine article: Defending the Net (Download artifact)

Released on: March, 2008

Description: Magazine article about social firewall research, published by Metromode, 6 March 2008

Name: STIET podcast Oct 2007 (Download artifact)

Released on: October, 2007

Description: A podcast interview with Jeff MacKie-Mason and Tom Finholt about the STIET ICD project

Name: STIET movie Oct 2007 (Download artifact)

Released on: October, 2007

Description: A short marketing movie about the STIET ICD research program, prepared by the UM News Service

Name: WJR Detroit webcast STIET interview 20oct2007 (Download artifact)

Released on: October, 2007

Description: WJR's "Internet Advisor" program interviewed me and Wayne State STIET leader Prof. Dan Grosu about the STIET program's research and communication technology.