When information improves information security

Jens Grossklags; Benjamin Johnson; Nicolas Christin

doi:10.1007/978-3-642-14577-3_37

When information improves information security

Jens Grossklags, Benjamin Johnson, Nicolas Christin

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

11 Scopus citations

Abstract

This paper presents a formal, quantitative evaluation of the impact of bounded-rational security decision-making subject to limited information and externalities. We investigate a mixed economy of an individual rational expert and several naïve near-sighted agents. We further model three canonical types of negative externalities (weakest-link, best shot and total effort), and study the impact of two information regimes on the threat level agents are facing.

Original language	English
Title of host publication	Financial Cryptography and Data Security - 14th International Conference, FC 2010, Revised Selected Papers
Pages	416-423
Number of pages	8
DOIs	https://doi.org/10.1007/978-3-642-14577-3_37
State	Published - 2010
Externally published	Yes
Event	14th International Conference on Financial Cryptography and Data Security, FC 2010 - Tenerife, Canary Islands, Spain Duration: 25 Jan 2010 → 28 Jan 2010

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	6052 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	14th International Conference on Financial Cryptography and Data Security, FC 2010
Country/Territory	Spain
City	Tenerife, Canary Islands
Period	25/01/10 → 28/01/10

Keywords

Bounded Rationality
Game Theory
Limited Information
Security Economics

Access to Document

10.1007/978-3-642-14577-3_37

Cite this

Grossklags, J., Johnson, B., & Christin, N. (2010). When information improves information security. In Financial Cryptography and Data Security - 14th International Conference, FC 2010, Revised Selected Papers (pp. 416-423). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6052 LNCS). https://doi.org/10.1007/978-3-642-14577-3_37

@inproceedings{87874fe4346348ea8f4fbd33b7f0cdcc,

title = "When information improves information security",

abstract = "This paper presents a formal, quantitative evaluation of the impact of bounded-rational security decision-making subject to limited information and externalities. We investigate a mixed economy of an individual rational expert and several na{\"i}ve near-sighted agents. We further model three canonical types of negative externalities (weakest-link, best shot and total effort), and study the impact of two information regimes on the threat level agents are facing.",

keywords = "Bounded Rationality, Game Theory, Limited Information, Security Economics",

author = "Jens Grossklags and Benjamin Johnson and Nicolas Christin",

note = "Funding Information: We thank John Chuang for his helpful comments to an earlier version of this paper. This work is supported in part by CyLab at Carnegie Mellon under grant DAAD19-02-1-0389 from the Army Research Office, by the National Science Foundation under ITR awards ANI-0331659 (100x100) and CCF-0424422 (Team for Research in Ubiquitous Secure Technology), and by a University of California MICRO project grant in collaboration with DoCoMo USA Labs.; 14th International Conference on Financial Cryptography and Data Security, FC 2010 ; Conference date: 25-01-2010 Through 28-01-2010",

year = "2010",

doi = "10.1007/978-3-642-14577-3_37",

language = "English",

isbn = "3642145760",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "416--423",

booktitle = "Financial Cryptography and Data Security - 14th International Conference, FC 2010, Revised Selected Papers",

}

Grossklags, J, Johnson, B & Christin, N 2010, When information improves information security. in Financial Cryptography and Data Security - 14th International Conference, FC 2010, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6052 LNCS, pp. 416-423, 14th International Conference on Financial Cryptography and Data Security, FC 2010, Tenerife, Canary Islands, Spain, 25/01/10. https://doi.org/10.1007/978-3-642-14577-3_37

When information improves information security. / Grossklags, Jens; Johnson, Benjamin; Christin, Nicolas.
Financial Cryptography and Data Security - 14th International Conference, FC 2010, Revised Selected Papers. 2010. p. 416-423 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6052 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - When information improves information security

AU - Grossklags, Jens

AU - Johnson, Benjamin

AU - Christin, Nicolas

N1 - Funding Information: We thank John Chuang for his helpful comments to an earlier version of this paper. This work is supported in part by CyLab at Carnegie Mellon under grant DAAD19-02-1-0389 from the Army Research Office, by the National Science Foundation under ITR awards ANI-0331659 (100x100) and CCF-0424422 (Team for Research in Ubiquitous Secure Technology), and by a University of California MICRO project grant in collaboration with DoCoMo USA Labs.

PY - 2010

Y1 - 2010

N2 - This paper presents a formal, quantitative evaluation of the impact of bounded-rational security decision-making subject to limited information and externalities. We investigate a mixed economy of an individual rational expert and several naïve near-sighted agents. We further model three canonical types of negative externalities (weakest-link, best shot and total effort), and study the impact of two information regimes on the threat level agents are facing.

AB - This paper presents a formal, quantitative evaluation of the impact of bounded-rational security decision-making subject to limited information and externalities. We investigate a mixed economy of an individual rational expert and several naïve near-sighted agents. We further model three canonical types of negative externalities (weakest-link, best shot and total effort), and study the impact of two information regimes on the threat level agents are facing.

KW - Bounded Rationality

KW - Game Theory

KW - Limited Information

KW - Security Economics

UR - http://www.scopus.com/inward/record.url?scp=77955321664&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-14577-3_37

DO - 10.1007/978-3-642-14577-3_37

M3 - Conference contribution

AN - SCOPUS:77955321664

SN - 3642145760

SN - 9783642145766

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 416

EP - 423

BT - Financial Cryptography and Data Security - 14th International Conference, FC 2010, Revised Selected Papers

T2 - 14th International Conference on Financial Cryptography and Data Security, FC 2010

Y2 - 25 January 2010 through 28 January 2010

ER -

Grossklags J, Johnson B, Christin N. When information improves information security. In Financial Cryptography and Data Security - 14th International Conference, FC 2010, Revised Selected Papers. 2010. p. 416-423. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-14577-3_37

When information improves information security

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this