An economic mechanism for better Internet security

Authors:
Xia Zhao;Fang Fang;Andrew B. Whinston
Affiliations:
Tuck School of Business, Dartmouth College, Hanover, NH 03755, United States;College of Business Administration, California State University at San Marcos, San Marcos, CA 92096, United States;Red McCombs School of Business, University of Texas at Austin, Austin, TX 78712, United States
Venue:
Decision Support Systems
Year:
2008

Citing 10
Cited 4

The economics of information security investment

ACM Transactions on Information and System Security (TISSEC)
A model for evaluating IT security investments

Communications of the ACM - Has the Internet become indispensable?
SPV: secure path vector routing for securing BGP

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Market for Software Vulnerabilities? Think Again

Management Science
Modeling adoptability of secure BGP protocols

SIGMETRICS '06/Performance '06 Proceedings of the joint international conference on Measurement and modeling of computer systems
Defeating DDoS attacks by fixing the incentive chain

ACM Transactions on Internet Technology (TOIT)
Network Software Security and User Incentives

Management Science
Reengineering the Internet for Better Security

Computer
A study of prefix hijacking and interception in the internet

Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Secure Border Gateway Protocol (S-BGP)

IEEE Journal on Selected Areas in Communications

Quantitative analysis of information security interdependency between industrial sectors

ESEM '09 Proceedings of the 2009 3rd International Symposium on Empirical Software Engineering and Measurement
Toward user patterns for online security: Observation time and online user identification

Decision Support Systems
ISPs and ad networks against botnet ad fraud

GameSec'10 Proceedings of the First international conference on Decision and game theory for security
Security versus convenience? An experimental study of user misperceptions of wireless internet service quality

Decision Support Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Our paper proposes a certification mechanism to align the incentives for Service Providers (SPs) to safeguard the Internet and protect their customers. The proposed mechanism certifies the capable SPs who are willing to be financially accountable for damage caused by malicious traffic from their networks. Such a certification program provides a channel for certified SPs to signal their commitments to secure network communication to their customers and other certified SPs. We evaluate the efficiency of the mechanism using a game-theoretic model. Our study provides an economic foundation and managerial guidance for improving Internet security.