Resilience in Information Stewardship

Christos Ioannidis, David Pym, Julian Williams, Iffat Gheyas

Research output: Contribution to journalArticle

Abstract

Information security is concerned with protecting the confidentiality, integrity, and availability of information systems. System managers deploy their resources with the aim of maintaining target levels of these attributes in the presence of reactive threats. Information stewardship is the challenge of maintaining the sustainability and resilience of the security attributes of (complex, interconnected, multi-agent) information ecosystems. In this paper, we present, in the tradition of public economics, a model of stewardship which addresses directly the question of resilience. We model attacker-target-steward behaviour in a fully endogenous Nash equilibrium setting. We analyse the occurrence of externalities across targets and assess the steward's ability to internalise these externalities under varying informational assumptions. We apply and simulate this model in the case of a critical national infrastructure example.

Original languageEnglish
Pages (from-to)638-653
Number of pages16
JournalEuropean Journal of Operational Research
Volume274
Issue number2
Early online date16 Oct 2018
DOIs
Publication statusPublished - 16 Apr 2019
Externally publishedYes

    Fingerprint

Cite this

Ioannidis, C., Pym, D., Williams, J., & Gheyas, I. (2019). Resilience in Information Stewardship. European Journal of Operational Research, 274(2), 638-653. https://doi.org/10.1016/j.ejor.2018.10.020