Resilience in Information Stewardship

Christos Ioannidis, David Pym, Julian Williams, Iffat Gheyas

Research output: Contribution to journalArticlepeer-review

Abstract

Information security is concerned with protecting the confidentiality, integrity, and availability of information systems. System managers deploy their resources with the aim of maintaining target levels of these attributes in the presence of reactive threats. Information stewardship is the challenge of maintaining the sustainability and resilience of the security attributes of (complex, interconnected, multi-agent) information ecosystems. In this paper, we present, in the tradition public economics, a model of stewardship which addresses directly the question of resilience. We model attacker-target-steward behaviour in a fully endogenous Nash equilibrium setting. We analyse the occurrence of externalities across targets and assess the steward’s ability to internalise these externalities under varying informational assumptions. We apply and simulate this model in the case of a critical national infrastructure example.
Original languageEnglish
Pages (from-to)638-653
Number of pages16
JournalEuropean Journal of Operational Research
Volume274
Issue number2
Early online date16 Oct 2018
DOIs
Publication statusPublished - 16 Apr 2019

Bibliographical note

© 2018, Elsevier. Licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International http://creativecommons.org/licenses/by-nc-nd/4.0/

Fingerprint

Dive into the research topics of 'Resilience in Information Stewardship'. Together they form a unique fingerprint.

Cite this