Why information security is hard - an economic perspective | IEEE Conference Publication | IEEE Xplore

Why information security is hard - an economic perspective


Abstract:

According to one common view, information security comes down to technical measures. Given better access control policy models, formal proofs of cryptographic protocols, ...Show More

Abstract:

According to one common view, information security comes down to technical measures. Given better access control policy models, formal proofs of cryptographic protocols, approved firewalls, better ways of detecting intrusions and malicious code, and better tools for system evaluation and assurance, the problems can be solved. The author puts forward a contrary view: information insecurity is at least as much due to perverse incentives. Many of the problems can be explained more clearly and convincingly using the language of microeconomics: network externalities, asymmetric information, moral hazard, adverse selection, liability dumping and the tragedy of the commons.
Date of Conference: 10-14 December 2001
Date Added to IEEE Xplore: 07 August 2002
Print ISBN:0-7695-1405-7
Conference Location: New Orleans, LA, USA

Contact IEEE to Subscribe

References

References is not available for this document.