Information Security as Strategic (In)effectivity
نویسندگان
چکیده
Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. Even in models where each piece of information is classified as either sensitive or insensitive, the classification is “hardwired” and given as a parameter of the analysis, rather than derived from more fundamental features of the system. In this work, we suggest that information security is not a goal in itself, but rather a means of preventing potential attackers from compromising the correct behavior of the system. To formalize this, we first show how two information flows can be compared by looking at the adversary’s ability to harm the system. Then, we propose that the information flow in a system is effectively information-secure if it does not allow for more harm than its idealized variant based on the classical notion of noninterference.
منابع مشابه
The Hebrew University of Jerusalem תוילנויצרה רקחל זכרמ Center for the Study of Rationality
We model constitutions by effectivity functions. We assume that the constitution is common knowledge among the members of the society. However, the preferences of the citizen are private information. We investigate whether there exist decision schemes (i. e., functions that map profiles of (dichotomous) preferences on the set of outcomes to lotteries on the set of social states), with the follo...
متن کاملCritical Success Factors in implementing information security governance (Case study: Iranian Central Oil Fields Company)
The oil industry, as one of the main industries of the country, has always faced cyber attacks and security threats. Therefore, the integration of information security in corporate governance is essential and a governance challenge. The integration of information security and corporate governance is called information security governance. In this research, we identified "critical success factor...
متن کاملExploring the infrastructures for establishment of electronic municipality (e-municipality) in metropolis city of Tabriz
The purpose of this study is to explore infrastructures for establishment of electronic municipality in metropolis city of Tabriz. Thisis a descriptive survey and it is an applied one in terms of goal .Total sample consisted of total number of 120 employees in Statistics and Information Technology Department of municipality as well as those working in related sections to information technolog...
متن کاملOptimal Strategies of Increasing Business Alignment, in Social Security Organization, with Quality Function Deployment (QFD) Approach
Considering the importance of the concept of strategic alignment of information technology (IT) in today economic organizations, this study attempted to extract the organization's IT strategies in order to increase the degree of strategic alignment and consequently the optimal strategies in the field of marketing and service delivery for social security organization. Using QFD technique and hie...
متن کاملEffectivity and Noncooperative Solution Concepts
Game theory analyzes the strategic aspects of situations of social interaction by representing them as mathematical structures. Any such structure should at least account for the participants’ powers and their preferences. The way powers and preferences are modelled makes a difference as to which strategic concepts are available for mathematical scrutiny. In strategic games the players’ powers ...
متن کامل