I525: Economics of Information Security
L Jean Camp
Scheduled for Fall 2009
Detailed Listing of Readings
Informatics Building 200
The course will use the tools of economics to better understand
computer security. This is not a course in economics research in that
no new tools will be discovered and no new ground will be broken in
economic theory. The understanding of economics required for this
course is modest, and a strong mathematical background with no
economics will certainly suffice. There is no textbook. The course will
be based on a series of research papers, primarily drawn for the series
of Workshops on Economics of Information Security.
The basic issue we will explore is how to answer human, organizational or social questions about security and privacy behaviors of people, groups, firms or even nations. The fundamental pedagogical approach in this class is that of a research seminar, with after an introductory period the class is based on shared learning. Students are expected to come prepared to answer the basic questions. For each paper we answer a set of questions in class. First, what is the big cosmic question? That is, where in the world of open questions, does this paper fit? Second, what is the smaller question? Obviously no paper, monograph, or person can answer the big questions about life, the universe, privacy, and everything. So questions are broken down into smaller elements. Some of these papers are position papers, and argue that questions should be broken down in a particular manner. Third, what is the method of the paper? Essentially this is a definition of the method the authors have chosen to answer the small question and may be an experimental approach, mathematical modeling, simulation, and often combinations of different methods. Fourth, how does this method (or methodology) match and fail to match both the larger question and the immediate issue at hand? Clearly these last two apply less to position papers and course sessions where the topic is tutorial. Fifth, what are the findings of the papers? Finally, with those five questions answered, we respectfully argue about the implications of those findings. Concurrence with class opinion is not a requirement!
|| class participation
||in class discussions of the readings.
||due every Friday, approximately 750 words that summarizes the
reading or identifies an open research question that arises from the
||Required For Those Earning Doctoral Degree Credit in Security, Optional for Others
|| class participation
||in class discussions of the readings
||topic selection and abstract
||The topic should be selected and the abstract should be drafted by the fourth week of the semester
||The bibliography should be roughly complete by the middle of the
semester, but of course there will be other material added as the
semester progresses. This bibliography will serve as the foundation for
your research paper.
||In the class we ask five questions. What is the big idea? What is the researchable question? What is the method? Why? What conclusion is expected?
||The research paper is the culmination of the semester.
The language of computer security
suggest the range of analogies. A virus is a medical problem, while an
invasive worm brings to mind the problems of ecosystems. Computer crime
and intrusion detection argue that the problem is one of criminal
behavior. Firewalls suggest that the network itself is a hostile force,
that must be segregated into the conflagration beyond and the safety
within. The construction of demilitarized zones (DMZs) between trusty
local area networks and the wider network beyond argues that it is war,
not flames, on the network. Yet for all that is involved in computer
security, and all that is lost, there is a single potential measure:
Economics of information security is not an exercise in analogy. It is
the application of the tools of economics to computer security. The
class has a set of basic topics, and each topic will be explored and
examined according to the interest of the students.
Students with successful, accepted submissions to these conferences will receive an
A, even if this requires a change from my initial grade.
- Financial Cryptography has an early submission date, in October.
- NDSS has a late October deadline, and authors will be informed in December.
- Oakland Security and Privacy is extremely competitive, usually due in November.
- If you choose to continue working and successfully submit at USENIX security (due in late January) grade changes are possible.
Topics and Sessions
The first two weeks of the class will cover some fundamental examples, very early works in economics of security. These are chosen to bring the topics of both computer security and economics together for students who lack familiarity in either.
Economics in computer security focuses to no small degree on behavior. Individuals do not act as self-optimizing rational beings. The limits of the applicability of the model of homo economicus will be used to discuss both decision-making by firms in network security and individuals with respect to privacy. Concepts of risk aversion and risk perception will be introduced. By beginning with the framework of behavioral economics, it may be easier to understand the framework that underlies rational economics.
The vocabulary and mental model of rational
economics. Why should items be sold at marginal cost? When there are
two lemonade stands on the beach, why are they right next to each
other? Concepts of utility and
optimization are introduced, as are lemons markets.
Economic of Vulnerabilities
Among the most carefully explored issues in security economics is the
disclosure of vulnerabilities. Should there be a market for disclosure? How might the market fail the public interest or common good? What form of market is optimal?
Economics of Privacy
Privacy, identity and security are all tightly intertwined. Privacy, like security, is the control of information. Identification for security purposes often requires decreases in privacy. Yet mandatory disclosure of information weaken security and privacy. This section considers privacy in its own right, as well as interactions with identification.
Spam is an economic problem with technical symptoms. How
charging for spam is possible in the technical sense, and why it won't
work in the real world.
As the flagship ACM security conference is in Chicago this year, students will be asked to attend the conference. Financial assistance is being sought from multiple sources. Those who cannot attend will be asked to select sessions that would be attended, and write summaries of the papers.
Trust in Social Networks
One domain where the interaction of security and privacy behaviors are of particular importance is in the power of social networks. Social networks can be used to enhance security or undermine it. One day the readings will focus on the value of social networks and information sharing to empower individuals as opposed to stakeholders with perverse incentives. The second day will address the risks of social networking.
A brief update on an area which is ripe for investigation using the tools of modeling: health information online.
DRM research has been as conclusive as the market itself for mass-produced consumer content: purposefully breaking your content is not a market advantage. However, the applications in code, and embedded devices are not as clear.
Wireless security was initially seen as not a topic of particular interest in economics of security because it initially appeared that this is a domain where the risks are born by the decision-maker: the homeowner. However, research at Indiana University has shown that this is not always the case. (Note that repeating this experiment is a clear option for those who would like a well-defined project with an early start.)
Final Presentations and Topics
For those students obtaining doctoral credit, there is a required presentation. All students are required to attend and complete an evaluation.