Skip to main content
Article thumbnail
Location of Repository

Information Security Trade-offs and Optimal Patching Policies

By Christos Ioannidis, David J. Pym and Julian Williams

Abstract

Peer reviewedPostprin

Topics: Information security, Optimal policy, Risk reduction, Stochastic processes, QA75 Electronic computers. Computer science, QA75
Year: 2012
DOI identifier: 10.1016/j.ejor.2011.05.050
OAI identifier: oai:aura.abdn.ac.uk:2164/2151
Journal:

Suggested articles

Citations

  1. (2003). A decision support system for multi-attribute utility evaluation based on imprecise assignments. Decision Support Systems, doi
  2. (2008). Analysing the performance of security solutions to reduce vulnerability exposure window. doi
  3. (2010). Decision support for systems security investment. doi
  4. (1976). Decisions with Multiple Objectives: Preferences and Value Trade-offs. doi
  5. (1976). Decisions with Multiple Objectives: Preferences and Value Trade-os. doi
  6. (2011). Defending against multiple dierent attackers. doi
  7. (2011). Defending against multiple different attackers. doi
  8. (2005). Distributed Systems: Concepts and Design.
  9. (2003). Information security expenditures and real options: A waitand-see approach.
  10. (2009). Investments and trade-offs in the economics of information security. doi
  11. (2006). Large-scale vulnerability analysis. doi
  12. (1986). Lottery equivalents: reduction of the certainty eect problem in utility assessment. doi
  13. (1986). Lottery equivalents: reduction of the certainty effect problem in utility assessment. doi
  14. (2000). Managed security monitoring: Closing the window of exposure. Counterpane Internet Security. Manuscript available at: http://www.counterpane.com/window.pdf,
  15. (2006). Managing Cybersecurity Resources: A Cost-Bene Analysis. doi
  16. (2006). Managing Cybersecurity Resources: A Cost-Benefit Analysis. doi
  17. (2000). Market entry, phased rollout or abandonment? a real option approach. doi
  18. (2006). Network Software Security and User Incentives. doi
  19. (2003). Optimal Discretionary Monetary Policy in a Model of Asymmetric Bank Preferences. doi
  20. (2002). Optimal Interest-Rate Rules I: General Theory. Working Paper Series 9419, doi
  21. (2008). Optimal Policy for Software Vulnerability Disclosure. doi
  22. (1980). Point Processes. Monographs on Statistics and Applied Probability. Chapman and Hall,
  23. (1997). Quantitative model of the security intrusion process based on attacker behaviour. doi
  24. (2007). Security economics and the internal market. Report to the European Network and Information Security Agency (ENISA),
  25. (2010). Semantics for structured systems modelling and simulation. doi
  26. (1989). Some experimental on decision-making under risk and their implications.
  27. (1989). Some experimental findings on decision-making under risk and their implications. doi
  28. (2009). Sources of bias in assessment procedures for utility functions. doi
  29. (2010). Technology choice under several uncertainty sources. doi
  30. (2002). The Economics of Information Security Investment. doi
  31. (2006). The economics of information security. doi
  32. (1997). The Euler Scheme for Levy Driven Stochastic Dierential Equations. The Annals of Probability, doi
  33. (1997). The Euler Scheme for Levy Driven Stochastic Differential Equations. The Annals of Probability, doi
  34. (2002). Timing the application of security patches for optimal uptime.
  35. (2001). Why information security is hard: An economic perspective. doi
  36. (2000). Windows of vulnerability: A case study analysis. doi

To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.