Organizational responses to technological discontinuities: the case of the American College of Radiology (ACR)

A long history of organizational research has shown that organizations are affected significantly by changes in technology. Scholars have given particular attention to the effects of so-called disruptive or discontinuous technological changes. Studies have repeatedly shown that established, incumbent organizations tend to suffer deep performance declines (and even complete demise) in the face of such changes, and researchers have devoted much attention to identifying the organizational conditions and processes that are responsible for this persistent and widespread pattern of adaptation failure. This dissertation, which examines the response of the American College of Radiology (ACR) to the emergence of nuclear magnetic resonance imaging technology (NMR), aims to contribute to this well-established research tradition in three distinct and important ways. First, it focuses on a fundamentally different type of organization, a professional association, rather than the technology producers examined in most prior research. Although technologies are well known to be embedded in “communities” that include technology producers, suppliers, customers, governmental entities, professional societies, and other entities, most prior research has focused on the responses and ultimate fate of producers alone. Little if any research has explored the responses of professional organizations in particular. Second, the study employs a sophisticated process methodology that identifies the individual events that make up the organization’s response to technological change, as well as the overall sequence through which these events unfold. This process approach contrasts sharply with the variance models used in most previous studies and offers the promise of developing knowledge about how adaptation ultimately unfolds (or fails to). Finally, the project also contributes significantly through its exploration of an apparently successful case of adaptation to technological change. Though nuclear magnetic resonance imaging posed a serious threat to the ACR and its members, this threat appears to have been successfully managed and overcome. Although the unique nature of the organization and the technology under study place some important limits on the generalizablity of this research, its findings nonetheless provide some important basic insights about the process through which social organizations can successfully adapt to discontinuous technological changes. These insights, which may also be of substantial relevance to technology producer organizations, will also be elaborated.

Preventing encrypted traffic analysis

Many existing encrypted Internet protocols leak information through packet sizes and timing. Though seemingly innocuous, prior work has shown that such leakage can be used to recover part or all of the plaintext being encrypted. The prevalence of encrypted protocols as the underpinning of such critical services as e-commerce, remote login, and anonymity networks and the increasing feasibility of attacks on these services represent a considerable risk to communications security. Existing mechanisms for preventing traffic analysis focus on re-routing and padding. These prevention techniques have considerable resource and overhead requirements. Furthermore, padding is easily detectable and, in some cases, can introduce its own vulnerabilities. To address these shortcomings, we propose embedding real traffic in synthetically generated encrypted cover traffic. Novel to our approach is our use of realistic network protocol behavior models to generate cover traffic. The observable traffic we generate also has the benefit of being indistinguishable from other real encrypted traffic further thwarting an adversary's ability to target attacks. In this dissertation, we introduce the design of a proxy system called TrafficMimic that implements realistic cover traffic tunneling and can be used alone or integrated with the Tor anonymity system. We describe the cover traffic generation process including the subtleties of implementing a secure traffic generator. We show that TrafficMimic cover traffic can fool a complex protocol classification attack with 91% of the accuracy of real traffic. TrafficMimic cover traffic is also not detected by a binary classification attack specifically designed to detect TrafficMimic. We evaluate the performance of tunneling with independent cover traffic models and find that they are comparable, and, in some cases, more efficient than generic constant-rate defenses. We then use simulation and analytic modeling to understand the performance of cover traffic tunneling more deeply. We find that we can take measurements from real or simulated traffic with no tunneling and use them to estimate parameters for an accurate analytic model of the performance impact of cover traffic tunneling. Once validated, we use this model to better understand how delay, bandwidth, tunnel slowdown, and stability affect cover traffic tunneling. Finally, we take the insights from our simulation study and develop several biasing techniques that we can use to match the cover traffic to the real traffic while simultaneously bounding external information leakage. We study these bias methods using simulation and evaluate their security using a Bayesian inference attack. We find that we can safely improve performance with biasing while preventing both traffic analysis and defense detection attacks. We then apply these biasing methods to the real TrafficMimic implementation and evaluate it on the Internet. We find that biasing can provide 3-5x improvement in bandwidth for bulk transfers and 2.5-9.5x speedup for Web browsing over tunneling without biasing.