Top

Journal of Network and Systems Management

Published in:

01-03-2013

On Game-Theoretic Network Security Provisioning

Author: Stefan Rass

Published in: Journal of Network and Systems Management | Issue 1/2013

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Service level agreements occasionally come as qualitative claims rather than quantitative statements. Motivated by the well-known fact that different (security) service goals can be conflicting, we present an axiomatic approach to finding an optimal balance between interdependent service quality criteria with distinct performance indicators. As a by-product, we obtain network provisioning strategies that ensure the promised service level at optimized performance. Our results generally apply to any security infrastructure for which attack and provisioning strategy identification is feasible. Standard security audits can thus be exploited twice, because, apart from forming a convincing sales argument, they directly support security service level agreements.

previous article Deploying Circuit Emulation Services (CES) Over EPON Using Preemptive Priority Medium Access Controller

next article Service Control Layer (SCL): Enabling Rule-based Control and Enrichment in Next-Generation Telecom Service Delivery

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Alpcan, T., Başar, T.: Network Security: A Decision and Game Theoretic Approach. Cambridge University Press, Cambridge (2010)CrossRef

Stinson, D.R.: Cryptography: Theory and Practice. Chapman & Hall/CRC, London (2006)MATH

Elliott, C.: The DARPA quantum network (2007). arXiv:quant-ph/0412029v1

Poppe, A., Peev, M., Maurhart, O.: Outline of the SECOQC quantum-key-distribution network in Vienna. Int. J. Quantum Inf. 6(2), 209–218 (2008)CrossRef

Wang, Y., Desmedt, Y.: Perfectly secure message transmission revisited. IEEE Trans. Inf. Theory 54(6), 2582–2595 (2008)MathSciNetCrossRef

Fitzi, M., Franklin, M.K., Garay, J., Vardhan, S.H.: Towards optimal and efficient perfectly secure message transmission. In: 4th Theory of Cryptography Conference, pp. 311–322. Springer, Berlin/Heidelberg, Germany (2007)

Fudenberg, D., Tirole, J.: Game Theory. MIT Press, London (1991)

Grunske, L., Joyce, D.: Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles. J. Syst. Softw. 81(8), 1327–1345 (2008)CrossRef

Clark, K., Lee, C., Tyree, S., Hale, J.: Guiding threat analysis with threat source models. In: Information Assurance and Security Workshop IAW ’07 IEEE SMC, pp. 262–269 (2007)

10.

Ghose, D.: A necessary and sufficient condition for pareto-optimal security strategies in multicriteria matrix games. J. Optim. Theory Appl. 68, 463–481 (1991)MathSciNetCrossRefMATH

11.

Lozovanu, D., Solomon, D., Zelikovsky, A.: Multiobjective games and determining pareto-nash equilibria. Buletinul Academiei de Stiinte a Republicii Moldova Matematica 3(49), 115–122 (2005) ISSN 1024-7696MathSciNet

12.

McKelvey, R.D., McLennan, A.M., Turocy, T.L.: Gambit: software tools for game theory, version 0.2007.12.04. URL: http://gambit.sourceforge.net (2007)

13.

Ghose, D., Prasad, U.R.: Solution concepts in two-person multicriteria games. J. Optim. Theory Appl. 63, 167–189 (1989)MathSciNetCrossRefMATH

14.

Voorneveld, M.: Pareto-optimal security strategies as minimax strategies of a standard matrix game. J. Optim. Theory Appl. 102(1), 203–210 (1999)MathSciNetCrossRefMATH

15.

Ying, Z., Hanping, H., Wenxuan, G.: Network security transmission based on bimatrix game theory. Wuhan Univ. J. Nat. Sci. 11(3), 617–620 (2006)CrossRef

16.

Sela, A.: Fictitious play in ‘one-against-all’ multi-player games. Econ. Theory 14, 635–651 (1999)MathSciNetCrossRefMATH

17.

Henning, R.R.: Security service level agreements: quantifiable security for the enterprise? In: Proceedings of the 1999 Workshop on New Security Paradigms, pp. 54–60, ACM (1999)

18.

Righi, R.R., Pelissari, F., Westphall, C.: Sec-SLA: specification and validation of metrics to security service level agreements. In: IV Workshop on Computer System Security, pp. 199–210. SBC Press, Porto Alegre, Brazil (2004)

19.

Moroni, S., Figueroa, N., Jofre, A., Sahai, A., Chen, Y., Iyer, S.: A game-theoretic framework for creating optimal SLA/contract. Technical Report HPL-2007-126. HP Laboratories, Palo Alto (2007)

20.

Figueroa, C., Figueroa, N., Jofre, A., Sahai, A., Chen, Y., Iyer, S.: A game theoretic framework for SLA negotiation. Technical Report HPL-2008-5. HP Laboratories, Palo Alto (2008)

21.

Zheng, X., Martin, P., Powley, W., Brohman, K.: Applying bargaining game theory to web services negotiation. In: IEEE Interantional Conference on Services Computing (SCC), pp. 218–225 (2010)

22.

Pouyllau, H., Douville, R.: End-to-end QoS negotiation in network federations. In: Network Operations and Management Symposium Workshops (NOMS) IEEE/IFIP, pp. 173–176 (2010)

23.

Hasselmeyer, P., Mersch, H., Koller, B., Quyen, H., Schubert, L., Wieder, P.: Implementing an SLA negotiation framework. In Proceedings of the eChallenges Conference (e-2007), vol. 4, pp. 154–161. IOS Press, The Hague, The Netherlands (2007)

24.

Hudert, S., Ludwig, H., Wirtz, G.: Negotiating SLAs—an approach for a generic negotiation framework for WS-agreement. J. Grid Comput. 7, 225–246 (2009)CrossRef

25.

Sommers, J., Barford, P., Duffield, N., Ron, A.: Multiobjective monitoring for SLA compliance. IEEE/ACM Trans. Netw. 18, 652–665 (2010)CrossRef

26.

Aparecida de Chaves, S., Becker Westphall, C., Rodrigo Lamin, F.: SLA perspective in security management for cloud computing. In: International Conference on Networking and Services, pp. 212–217 (2010)

27.

Kaminski, H., Perry, M.: A framework for automatic SLA creation. Technical Report. The University of Western Ontario, Computer Science Faculty Publications (2008)

Title: On Game-Theoretic Network Security Provisioning
Author: Stefan Rass
Publication date: 01-03-2013
Publisher: Springer US
Published in: Journal of Network and Systems Management / Issue 1/2013
Print ISSN: 1064-7570
Electronic ISSN: 1573-7705
DOI: https://doi.org/10.1007/s10922-012-9229-1

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2013

A Framework for Internet Media Services Delivery to the Home Environment

RepCIDN: A Reputation-based Collaborative Intrusion Detection Network to Lessen the Impact of Malicious Alarms

Service Control Layer (SCL): Enabling Rule-based Control and Enrichment in Next-Generation Telecom Service Delivery

A New Link Failure Resilient Priority Based Fair Mutual Exclusion Algorithm for Distributed Systems

Deploying Circuit Emulation Services (CES) Over EPON Using Preemptive Priority Medium Access Controller

Premium Partner