Security and Lock-In

The cases of set-top boxes in the U. S. cable industry, video games and their cartridges, and printers and their cartridges all illustrate ways in which security technology can play an enhanced role in lock-in of customers by their suppliers through creation of substantial switching costs. Openness of technology, normally an inhibitor of lock-in, can be argued against in the case of security on the basis of a presumed increase in security by keeping details of the security system secret and proprietary. Whether open or not, security technology can be used to make permissible reverse engineering equivalent to an infeasible problem of breaking a cryptographically strong algorithm. And what might appear to be permissible reverse engineering may be conflated with an effort to enable illegitimate piracy and rendered illegal. The extra potential for security technology as a locus of lock-in raises its importance in the strategic considerations of both customers and vendors and for legislators and regulators. Customers will want to consider how to reduce the effect of lock-in, particularly on access to innovation; vendors will want to consider how to increase lock-in where possible, and policy makers will want to consider where the public interest motivates efforts to intervene to mitigate lock-in.

[1]  David B. Audretsch,et al.  Innovation and Technological Change: An International Comparison , 1991 .

[2]  S. Redding,et al.  Path Dependence, Endogenous Innovation, and Growth , 2002 .

[3]  W. Arthur,et al.  Increasing Returns and Path Dependence in the Economy , 1996 .

[4]  Indrani Vedula,et al.  Security analysis of selectively encrypted MPEG-2 streams , 2003, SPIE ITCom.

[5]  William E. Burr,et al.  Selecting the Advanced Encryption Standard , 2003, IEEE Secur. Priv..

[6]  Peter G. Neumann,et al.  Robust Nonproprietary Software , 2000, IEEE Symposium on Security and Privacy.

[7]  B. Gladman,et al.  Security Engineering: a Guide to Building Dependable Distributed Systems Physical Tamper Resistance 14.1 Introduction , 2022 .

[8]  Steven B. Lipner Security and source code access: issues and realities , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[9]  Kim B. Clark,et al.  The power of modularity , 2000 .

[10]  Kim B. Clark,et al.  Design Rules: The Power of Modularity , 2000 .

[11]  Ross J. Anderson,et al.  Security in open versus closed systems - the dance of Boltzmann , 2002 .

[12]  Julie E. Cohen Reverse Engineering and the Rise of Electronic Vigilantism: Intellectual Property Implications of "Lock-Out" Programs , 1995 .

[13]  Glenn C. Loury,et al.  Market Structure and Innovation , 1979 .

[14]  Hal R. Varian,et al.  Information rules - a strategic guide to the network economy , 1999 .

[15]  Andrew Bunnie Huang,et al.  Hacking the Xbox: An Introduction to Reverse Engineering , 2003 .

[16]  Fred B. Schneider Open source in security: visiting the bizarre , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[17]  Mark Robichaux Cable Cowboy: John Malone and the Rise of the Modern Cable Business , 2002 .

[18]  Steve Dunphy,et al.  Structure and Innovation , 1995 .