On Game-Theoretic Network Security Provisioning

Service level agreements occasionally come as qualitative claims rather than quantitative statements. Motivated by the well-known fact that different (security) service goals can be conflicting, we present an axiomatic approach to finding an optimal balance between interdependent service quality criteria with distinct performance indicators. As a by-product, we obtain network provisioning strategies that ensure the promised service level at optimized performance. Our results generally apply to any security infrastructure for which attack and provisioning strategy identification is feasible. Standard security audits can thus be exploited twice, because, apart from forming a convincing sales argument, they directly support security service level agreements.

[1]  Christoph Pacher,et al.  The SECOQC quantum key distribution network in Vienna , 2009, 2009 35th European Conference on Optical Communication.

[2]  Hu Hanping,et al.  Network security transmission based on bimatrix game theory , 2008, Wuhan University Journal of Natural Sciences.

[3]  Debasish Ghose,et al.  A necessary and sufficient condition for Pareto-optimal security strategies in multicriteria matrix games , 1991 .

[4]  K. Clark,et al.  Guiding Threat Analysis with Threat Source Models , 2007, 2007 IEEE SMC Information Assurance and Security Workshop.

[5]  Philipp Wieder,et al.  Implementing an SLA Negotiation Framework , 2007 .

[6]  Matthias Fitzi,et al.  Towards Optimal and Efficient Perfectly Secure Message Transmission , 2007, TCC.

[7]  Tansu Alpcan,et al.  Network Security , 2010 .

[8]  Debasish Ghose,et al.  Solution concepts in two-person multicriteria games , 1989 .

[9]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice,Second Edition , 2002 .

[10]  C. Elliott The DARPA Quantum Network , 2004, quant-ph/0412029.

[11]  Patrick Martin,et al.  Applying Bargaining Game Theory to Web Services Negotiation , 2010, 2010 IEEE International Conference on Services Computing.

[12]  Guido Wirtz,et al.  Negotiating SLAs-An Approach for a Generic Negotiation Framework for WS-Agreement , 2009, Journal of Grid Computing.

[13]  Alexander Zelikovsky,et al.  Multiobjective Games and Determining Pareto-Nash Equilibria , 2005 .

[14]  Drew Fudenberg,et al.  Game theory (3. pr.) , 1991 .

[15]  Paul Barford,et al.  Multiobjective Monitoring for SLA Compliance , 2010, IEEE/ACM Transactions on Networking.

[16]  H Pouyllau,et al.  End-to-end QoS negotiation in network federations , 2010, 2010 IEEE/IFIP Network Operations and Management Symposium Workshops.

[17]  Andrew McLennan,et al.  Gambit: Software Tools for Game Theory , 2006 .

[18]  Mark Perry,et al.  A Framework for Automatic SLA Creation , 2008 .

[19]  Akhil Sahai,et al.  A Game Theoretic Framework for SLA Negotiation , 2008 .

[20]  Ronda R. Henning,et al.  Security service level agreements: quantifiable security for the enterprise? , 1999, NSPW '99.

[21]  Yongge Wang,et al.  Perfectly Secure Message Transmission Revisited , 2008, IEEE Trans. Inf. Theory.

[22]  Lars Grunske,et al.  Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles , 2008, J. Syst. Softw..

[23]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[24]  Aner Sela Fictitious play in ‘one-against-all’ multi-player games , 1999 .

[25]  Carlos Becker Westphall,et al.  SLA Perspective in Security Management for Cloud Computing , 2010, 2010 Sixth International Conference on Networking and Services.

[26]  Mark Voorneveld,et al.  Pareto-Optimal Security Strategies as Minimax Strategies of a Standard Matrix Game , 1999 .

[27]  Akhil Sahai,et al.  A Game-theoretic Framework for Creating Optimal SLA/Contract , 2007 .