A field study of the software design process for large systems
Communications of the ACM
Communications of the ACM
Algorithmic mechanism design (extended abstract)
STOC '99 Proceedings of the thirty-first annual ACM symposium on Theory of computing
Analyzing the economic efficiency of eBay-like online reputation reporting mechanisms
Proceedings of the 3rd ACM conference on Electronic Commerce
Journal of the ACM (JACM)
A BGP-based mechanism for lowest-cost routing
Proceedings of the twenty-first annual symposium on Principles of distributed computing
Selfish behavior and stability of the internet:: a game-theoretic analysis of TCP
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Pricing via Processing or Combatting Junk Mail
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Near-optimal network design with selfish agents
Proceedings of the thirty-fifth annual ACM symposium on Theory of computing
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Why Information Security is Hard-An Economic Perspective
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Journal of Computer Security - IFIP 2000
Privacy, economics, and price discrimination on the Internet
ICEC '03 Proceedings of the 5th international conference on Electronic commerce
Robust incentive techniques for peer-to-peer networks
EC '04 Proceedings of the 5th ACM conference on Electronic commerce
Proceedings of the twenty-third annual ACM symposium on Principles of distributed computing
A first-principles approach to understanding the internet's router-level topology
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Faithfulness in internet algorithms
Proceedings of the ACM SIGCOMM workshop on Practice and theory of incentives in networked systems
The Price of Stability for Network Design with Fair Cost Allocation
FOCS '04 Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science
The Demographics of the Do-Not-Call List
IEEE Security and Privacy
The Economics of Resisting Censorship
IEEE Security and Privacy
Timing the Application of Security Patches for Optimal Uptime
LISA '02 Proceedings of the 16th USENIX conference on System administration
Inoculation strategies for victims of viruses and the sum-of-squares partition problem
SODA '05 Proceedings of the sixteenth annual ACM-SIAM symposium on Discrete algorithms
The Economic Incentives for Sharing Security Information
Information Systems Research
Security and Usability
Conditioning Prices on Purchase History
Marketing Science
Milk or wine: does software security improve with age?
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
STACS'99 Proceedings of the 16th annual conference on Theoretical aspects of computer science
A comparison of market approaches to software vulnerability disclosure
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Risks and Benefits of Signaling Information System Characteristics to Strategic Attackers
Journal of Management Information Systems
Scalable byzantine computation
ACM SIGACT News
Mapping between classical risk management and game theoretical approaches
CMS'11 Proceedings of the 12th IFIP TC 6/TC 11 international conference on Communications and multimedia security
Intended actions: risk is conflicting incentives
ISC'12 Proceedings of the 15th international conference on Information Security
| Hi-index | 0.00 |
The economics of information security has recently become a thriving and fast-moving discipline. As distributed systems are assembled from machines belonging to principals with divergent interests, incentives are becoming as important to dependability as technical design. The new field provides valuable insights not just into 'security' topics such as privacy, bugs, spam, and phishing, but into more general areas such as system dependability (the design of peer-to-peer systems and the optimal balance of effort by programmers and testers), and policy (particularly digital rights management). This research program has been starting to spill over into more general security questions (such as law-enforcement strategy), and into the interface between security and sociology. Most recently it has started to interact with psychology, both through the psychology-and-economics tradition and in response to phishing. The promise of this research program is a novel framework for analyzing information security problems - one that is both principled and effective.