TRIDEnT: Building Decentralized Incentives for Collaborative Security

Sophisticated mass attacks, especially when exploiting zero-day vulnerabilities, have the potential to cause destructive damage to organizations and critical infrastructure. To timely detect and contain such attacks, collaboration among the defenders is critical. By correlating real-time detection information (alerts) from multiple sources (collaborative intrusion detection), defenders can detect attacks and take the appropriate defensive measures in time. However, although the technical tools to facilitate collaboration exist, real-world adoption of such collaborative security mechanisms is still underwhelming. This is largely due to a lack of trust and participation incentives for companies and organizations. This paper proposes TRIDEnT, a novel collaborative platform that aims to enable and incentivize parties to exchange network alert data, thus increasing their overall detection capabilities. TRIDEnT allows parties that may be in a competitive relationship, to selectively advertise, sell and acquire security alerts in the form of (near) real-time peer-to-peer streams. To validate the basic principles behind TRIDEnT, we present an intuitive game-theoretic model of alert sharing, that is of independent interest, and show that collaboration is bound to take place infinitely often. Furthermore, to demonstrate the feasibility of our approach, we instantiate our design in a decentralized manner using Ethereum smart contracts and provide a fully functional prototype.Comment: 28 page

Simulating a Sequential Coalition Formation Process for the Climate Change Problem: First Come, but Second Served?

We analyze stability of self-enforcing climate agreements based on a data set generated by the CLIMNEG world simulation model (CWSM), version 1.2. We consider two new aspects which appear important in actual treaty-making. First, we consider a sequential coalition formation process where players can make proposals which are either accepted or countered by other proposals. Second, we analyze whether a moderator, like an international organization, even without enforcement power, can improve upon globally suboptimal outcomes through coordinating actions by making recommendations that must be Pareto-improving to all parties. We discuss the conceptual difficulties of implementing our algorithm.International Climate Agreements, Sequential Coalition Formation, Coordination through Moderator, Integrated Assessment Model, Algorithm for Computations

Public-private collaborations in emergency logistics: A framework based on logistical and game-theoretical concepts

Collaboration in emergency logistics can be beneficial for governmental actors when supply chains need to be set up immediately. In comparison to research on humanitarian-business partnerships, the body of literature on so-called Public–Private Emergency Collaborations (PPEC) remains scarce. Private companies are only rarely considered within research on emergency collaborations, although they serve as an important chain in the efficient supply of goods given their resources and existing communication networks. Based on this research gap, we contribute to the research field by quantitatively evaluating public–private collaboration in emergency logistics. A framework for public–private emergency collaborations is developed based on logistical and game-theoretical concepts. In addition, we characterize both public and private actors’ possible roles in emergency logistics based on literature research and real cases. Furthermore, we provide a structured overview on existing PPECs and the challenges they are confronted with. The game-theoretic PPEC model created in this paper provides more detailed information into the motivation and incentives of the partners involved in emergency collaborations. Inspired by game-theoretic accounts of conventional public–private partnerships, this model sheds light on the partners’ participation constraints (which define the scope of collaboration), the effects on the outcome if the partners’ contributions are strategic substitutes, and on reputational effects. Finally, we illustrate how a mechanism design approach can be used by the state to transform the firm’s incentives into lower levels of undersupply or deprivation

Applications of Negotiation Theory to Water Issues

The purpose of the paper is to review the applications of non-cooperative bargaining theory to water related issues – which fall in the category of formal models of negotiation. The ultimate aim is that to, on the one hand, identify the conditions under which agreements are likely to emerge, and their characteristics; and, on the other hand, to support policy makers in devising the “rules of the game” that could help obtain a desired result. Despite the fact that allocation of natural resources, especially of trans-boundary nature, has all the characteristics of a negotiation problem, there are not many applications of formal negotiation theory to the issue. Therefore, this paper first discusses the non-cooperative bargaining models applied to water allocation problems found in the literature. Particular attention will be given to those directly modelling the process of negotiation, although some attempts at finding strategies to maintain the efficient allocation solution will also be illustrated. In addition, this paper will focus on Negotiation Support Systems (NSS), developed to support the process of negotiation. This field of research is still relatively new, however, and NSS have not yet found much use in real life negotiation. The paper will conclude by highlighting the key remaining gaps in the literature.Negotiation theory, Water, Agreeements, Stochasticity, Stakeholders

Public-Private Collaborations in Emergency Logistics: A Framework based on Logistical and Game-Theoretical Concepts

Collaboration in emergency logistics can be beneficial for governmental actors when supply chains need to be set up immediately. In comparison to research on humanitarian-business partnerships, the body of literature on so-called Public-Private Emergency Collaborations (PPEC) remains scarce. Private companies are only rarely considered within research on emergency collaborations, although they could contribute to a more efficient supply of goods given their resources and existing communication networks. Based on this research gap, this paper develops a logistical and game-theoretical modeling framework for public-private emergency collaborations. We characterize both public and private actors\u27 possible roles in emergency logistics based on literature research and real cases. Furthermore, we provide an overview on existing PPECs and the challenges they are confronted with. The concluding framework contains aspects from humanitarian logistics on the governmental side and from business continuity management (BCM) or corporate social responsibility (CSR) on the commercial side. To address the challenge of evaluating different objectives in a collaboration, we add a game-theoretical approach to highlight the incentive structure of both parties in such a collaboration. In this way, we contribute to the research field by quantitatively evaluating public-private collaboration in emergency logistics while considering the problem-specific challenge of the parties\u27 different objectives

Firms, Courts, and Reputation Mechanisms: Towards a Positive Theory of Private Ordering

This Essay formulates a positive model that predicts when commercial parties will employ private ordering to enforce their agreements. The typical enforcement mechanism associated with private ordering is the reputation mechanism, in which a merchant community punishes parties in breach of contract by denying them future business. The growing private ordering literature argues that these private enforcement mechanisms can be superior to the traditional, less efficient enforcement measures provided by public courts. However, previous comparisons between public and private contractual enforcement have presented a misleading dichotomy by failing to consider a third enforcement mechanim: the vertically integrated firm. This Essay develops a model that comprehensively addresses three distinct types of enforcement mechanisms--firms, courts, and reputation-based private ordering. The model rests on a synthesis of transaction cost economics, which compares the efficiencies of firms versus markets, and the private ordering literature, which compares the efficiencies of public courts versus private ordering. It hypothesizes that private ordering will arise when agreements present enforcement difficulties, high-powered market incentives are important, and the costs of entry barriers are low. The Essay then conducts an illustrative test by comparing the model\u27s predictions to documented instances of private ordering

Duopoly insurers' incentives for data quality under a mandatory cyber data sharing regime

We study the impact of data sharing policies on cyber insurance markets. These policies have been proposed to address the scarcity of data about cyber threats, which is essential to manage cyber risks. We propose a Cournot duopoly competition model in which two insurers choose the number of policies they offer (i.e., their production level) and also the resources they invest to ensure the quality of data regarding the cost of claims (i.e., the data quality of their production cost). We find that enacting mandatory data sharing sometimes creates situations in which at most one of the two insurers invests in data quality, whereas both insurers would invest when information sharing is not mandatory. This raises concerns about the merits of making data sharing mandatory.Comment: 46 pages, 8 figures, to be published at Computers & Securit