Investment strategy analysis of information systems with different security levels

At present, some firms use a few information systems with different security levels to protect different information assets and some firms use the information system with a single security level to protect all the information assets. Which choice is rational? How to configure the investment if the f...

Full description

Saved in:
Bibliographic Details
Published in2017 IEEE 2nd International Conference on Big Data Analysis (ICBDA) pp. 703 - 708
Main Authors Pan, Chongxia, Zhong, Weijun, Mei, Shu-e
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.03.2017
Subjects
Economics
economics of information security
game theory
Games
Information security
information security investment
Investment
Mathematical model
Security level
Online AccessGet full text

Cover

More Information
Summary:At present, some firms use a few information systems with different security levels to protect different information assets and some firms use the information system with a single security level to protect all the information assets. Which choice is rational? How to configure the investment if the first choice is necessary? This paper gives an optimal investment strategy analysis through modeling the game between the firm and the attacker and gives a numerical simulation finally. Some conclusions include that the firm should use the information systems with a single security level to protect all the information assets instead of using a few sets of information systems with different security levels to protect different assets for more utilities etc. And the conclusions can help decision-making.
ISBN:9781509036189
1509036180
DOI:10.1109/ICBDA.2017.8078727