A Unified Framework of Information Assurance for the Design and Analysis fo Security Algorithms
Cardenas, Alvaro A
Date: November 27 - November 30, 2006
Most information security algorithms cannot achieve perfect security without incurring severe operational costs such as false alarms, network congestion, capital investment etc. Operating or designing an algorithm with perfect security is therefore not an economically rational alternative and thus the question arises of how to find the appropriate tradeoff between security and its costs. Although several other researchers have recognized that there is a tradeoff, there is very little work in formally characterizing it. This paper provides the first steps towards a more systematic and general approach for cost-effective security management.