: Tyler Moore, David Pym, Christos Ioannidis
: Tyler Moore, David Pym, Christos Ioannidis
: Economics of Information Security and Privacy
: Springer-Verlag
: 9781441969675
: 1
: CHF 193.20
:
: Informatik
: English
: 320
: Wasserzeichen/DRM
: PC/MAC/eReader/Tablet
: PDF
The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary research and scholarship on information security and privacy, combining ideas, techniques, and expertise from the fields of economics, social science, business, law, policy, and computer science. In 2009, WEIS was held in London, at UCL, a constituent college of the University of London. Economics of Information Security and Privacy includes chapters presented at WEIS 2009, having been carefully reviewed by a program committee composed of leading researchers. Topics covered include identity theft, modeling uncertainty`s effects, future directions in the economics of information security, economics of privacy, options, misaligned incentives in systems, cyber-insurance, and modeling security dynamics. Economics of Information Security and Privacy is designed for managers, policy makers, and researchers working in the related fields of economics of information security. Advanced-level students focusing on computer science, business management and economics will find this book valuable as a reference. TOC:Introduction and Overview.- The Iterated Weakest Link - A Model of Adaptive Security Investment.- The Price of Uncertainty in Security Games.- Nobody Sells Gold for the Price of Silver: Dishonesty, Uncertainty and the Underground Economy.- The Policy Maker`s Anguish: regulating personal data behaviour between paradoxes and dilemmas.- The Privacy Jungle: On the Market for Data Protection in Social Networks.- Valuating Privacy with Option Pricing Theory.- Security Economics and Critical National Infrastructure.- Internet Multi-Homing Problems: Explanations from Economics.- The Risk of Risk Analysis-And its relation to the Economics of Insider Threats.- Competitive Cyber-Insurance and Internet Security.- Potential Rating Indicators for Cyberinsurance: An Exploratory Qualitative Study.- Modeling the economic incentives of DDoS attacks: femtocell case study.- Modelling the Security Ecosystem- The Dynamics of (In)Security
Preface5
List of Contributors7
Contents10
Chapter 1 Introduction and Overview17
1.1 Introduction17
1.2 The Economics of Information Security and Privacy18
1.3 Overview of the Book’s Contributions19
Chapter 2 The Price of Uncertainty in Security Games24
2.1 Introduction25
2.2 Decision Theoretic Model27
2.2.1 Basic Model27
2.2.2 Player Behavior28
2.2.3 Information Conditions29
2.2.4 Remarks on Basic Results30
2.2.5 Outlook on Further Analyses31
2.3 Price of Uncertainty Metrics31
2.3.1 The Price of Uncertainty31
2.3.2 Three Metrics for the Price of Uncertainty31
2.3.3 Discussion of the Definitions32
2.3.3.1 The Difference Metric32
2.3.3.2 The Payoff-Ratio Metric32
2.3.3.3 The Cost-Ratio Metric33
2.4 Analysis33
2.4.1 Best Shot Game33
2.4.1.1 The Best Shot Difference Metric:34
Observations.34
2.4.1.2 The Best Shot Payoff-Ratio Metric35
Observations.35
2.4.1.3 The Best Shot Cost-Ratio Metric36
Observations.36
2.4.2 Weakest Link Game36
2.4.2.1 The Weakest Link Difference Metric:37
Observations.38
2.4.2.2 The Weakest Link Payoff-Ratio MetricWPoU2(39
Observations.40
2.4.2.3 The Weakest Link Cost-Ratio MetricWPoU3(40
Observations.40
2.4.3 Total Effort Game41
2.4.3.1 The Total Effort Difference Metric:41
Observations.42
2.4.3.2 The Total Effort Payoff-Ratio Metric:42
Observations.43
2.4.3.3 The Total Effort Cost-Ratio Metric:43
Observations.43
2.5 Conclusions44
References46
Chapter 3 Nobody Sells Gold for the Price of Silver:Dishonesty, Uncertainty and the UndergroundEconomy48
3.1 Introduction49
3.2 Related Work51
3.2.1 Studies of the Underground Economy51
3.2.2 Economics of Security and of the Underground Economy52
3.2.3 Economics Background53
3.2.3.1 Asymmetric Information: The Market for Lemons53
3.2.3.2 The Theory of the Firm54
3.3 The Underground Economy is a Market for Lemons55
3.3.1 The Types of Goods and Services Offered for Sale on the Underground Economy55
3.3.1.1 Goods55
3.3.1.2 Services56
3.3.2 Is this a Market for Lemons?56
3.3.2.1 Asymmetry of Information56
3.3.2.2 No Credible Disclosure57
3.3.2.3 Continuum of Seller Quality or Low Seller Quality57
3.3.2.4 Lack of Quality Assurance or Regulation58
3.3.2.5 Summary59
3.4 Analysis and Implications59
3.4.1 Countermeasures Ought to be Easy: Lemonizing the Market59
3.4.2 The Ripper Tax60
3.4.3 Formation of Firms and Alliances60
3.4.4 A Two-Tier Underground Economy61
3.4.5 What Can We Estimate From Activity on IRC Markets?62
3.4.5.1 What Can We Say about Participants in a Lemon Market?62
3.4.5.2 Activity Does not Imply Dollars63
3.4.5.3 Activity Does Imply Competition64
3.4.5.4 What Can We Say About the Goods Offered in a Lemon Market?64
3.4.6 Who are We Fighting? What are We Trying to Accomplish?64
3.5 Conclusion65
References67
Chapter 4 Security Economics and Critical NationalInfrastructure69
4.1 Introduction70
4.2 Critical Infrastructure: Externalities of Correlated Failure71
4.3 Regulatory Approaches73
4.4 Security or Reliability?74
4.5 Cross-Industry Differences75
4.6 Certification and Lifecycle Management75
4.7 The Roadmap77
4.8 Conclusions78
References79
Chapter 5 Internet Multi-Homing Problems:Explanations from Economics81
5.1 Introduction81
5.2 How Internet RoutingWorks82
5.3 The ‘Global Routing Table’83
5.4 IPv685
5.4.1 SHIM687
5.4.2 The Lack of Incentives for SHIM6 Deployment87
5.4.3 Cooperating ISPs88
5.5 Discouraging Growth in the Global Routing Table89
5.6 Related Work on the Economics of Protocols90
5.7 Conclusions91
References92
Chapter 6 Modeling the Security Ecosystem- The Dynamics of (In)Security93
6.1 Introduction93
<