Layered decision model for cost-effective network safeguarding

Network safeguarding practices involve decisions in at least three areas: identification of well-defined security policies, selection of cost-effective defense strategies, and implementation of real-time defense tactics. Although choices made in each of these areas affect the others, many existing decision models handle these three decision areas in isolation. There is no comprehensive model that combines these three factors into a single, efficient model for safeguarding a network. In addition, there is no clear way to determine which particular combinations of defense decisions will result in the most cost-effective solution. To address these problems, this dissertation introduces a layered decision model (LDM) which not only integrates the above three decision areas in a consistent framework but also conducts cost-benefit analyses for selecting cost-effective defense plans. To demonstrate how the model works, we apply it to the design of cost-effective network defense for a real-world e-commerce business case and apply it to the design of a cost-effective language-based security mechanism for a sample government software system.