An Economic Approach to Security

Description | People | Sample Publications | Posters

Description

Internet security is universally seen as an extremely important problem. Moreover, technical solutions developed over the last three decades represent deep and elegant intellectual contributions. Yet few of these solutions are in widespread use. Clearly something is amiss. It has recently been argued, by Anderson and others, that the missing link is economics: Only through understanding the incentives inherent in various security proposals can one decide which, if any, would actually lead to greater security. This research project is a three-year, multi-institutional, multi-disciplinary investigation of the economics of security in networked environments. Specific research topics include security of interdomain routing, adoptability of trusted platforms, and markets for private information. The intellectual merit and broader impact of the project are intertwined, both based on the potential not only to solve technical problems but also to develop general analytical techniques for evaluating candidate solutions to real security problems in a manner that gives adoption incentives their just due. If successful, it will lead to greater actual security, rather than simply to more available security technology.

This project is supported by NSF grant CNS-0428422 (Sep 1, 2004 - Aug 31, 2008).

People

Joan Feigenbaum (PI, Yale Univ., Computer Science Dept.)
Scott Shenker (co-PI, ICSI and UC Berkeley, EECS Dept.)
Dirk Bergemann (co-PI, Yale Univ., Economics Dept.)
Rahul Deb (Yale Univ., Economics Dept.)
Aaron Johnson (Yale Univ., Computer Science Dept.)
Xianwen Shi (Yale Univ., Economics Dept.)
Richard van Weelden (Yale Univ., Economics Dept.)

Sample Publications

Dirk Bergemann, Thomas Eisenbach, Joan Feigenbaum, and Scott Shenker. Flexibility as an Instrument in DRM Systems. In 4th Workshop on Economics of Information Security (WEIS), 2005.
Joan Feigenbaum, David Karger, Vahab Mirrokni, and Rahul Sami. Subjective Cost Policy Routing. In Theoretical Computer Science, 2007. Special issue of selected papers from WINE'05.
Michal Feldman, John Chuang, Ion Stoica, and Scott Shenker. Hidden-Action in Multi-Hop Routing. In 6th ACM Conference on Electronic Commerce (EC), 2005.
Dirk Bergemann and Stephen Morris. Robust Mechanism Design. In Econometrica, 2005.
Jian Zhang and Joan Feigenbaum. Finding Highly Correlated Pairs Efficiently with Powerful Pruning. In 15th ACM Conference on Information and Knowledge Management (CIKM), 2006.
Joan Feigenbaum, Vijay Ramachandran, and Michael Schapira. Incentive-Compatible Interdomain Routing. In 7th ACM Conference on Electronic Commerce (EC), 2006.
Dirk Bergemann and Deran Ozmen. Optimal Pricing with Recommender Systems. In 7th ACM Conference on Electronic Commerce (EC), 2006.
Dirk Bergemann and Deran Ozmen. Efficient Recommender Systems. In 8th IEEE International Conference on E-Commerce Technology, 2006.
M. Casado, T. Garfinkel, A. Akella, M. J. Freedman, D. Boneh, N. McKeown, and S. Shenker. SANE: A Protection Architecture for Enterprise Networks. In 15th USENIX Security Symposium, 2006.
Dirk Bergemann and Juuso Valimaki. Dynamic Pricing of New Experience Goods. In Journal of Political Economy, 2006.
Dirk Bergemann and Juuso Valimaki. Information in Mechanism Design. In 9th World Congress of the Econometric Society, 2006.
Joan Feigenbaum, Aaron Johnson, and Paul Syverson. A Model of Onion Routing with Provable Anonymity. In 11th Financial Crypto Conference (FC), 2007.
Joan Feigenbaum, Aaron Johnson, and Paul Syverson. Probabilistic Analysis of Onion Routing in a Black-Box Model. In 6th ACM Workshop on Privacy in the Electronic Society (WPES), 2007.
Felipe Saint-Jean, Aaron Johnson, Dan Boneh, and Joan Feigenbaum. Private Web Search. In 6th ACM Workshop on Privacy in the Electronic Society (WPES), 2007.
Chieng-Tien Ee, Byung-Gon Chun, Vijay Ramachandran, Kaushik Lakshminarayanan, and Scott Shenker. Resolving Inter-Domain Policy Disputes. In ACM Sigcomm Conference, 2007.
Byung-Gon Chun, Petros Maniatis, Scott Shenker, and John Kubiatowicz. Attested Append-Only Memory: Making Adversaries Stick to their Word. In ACM Symposium on Operating System Principles (SOSP), 2007.
David G. Anderson, Hari Balakrishnan, Nick Feamster, Teema Koponen, Daekyeong Moon, and Scott Shenker. Accountable Internet Protocol (AIP). In ACM Sigcomm Conference, 2008.
Daniel J. Weitzner, Hal Abelson, Tim Berners-Lee, Joan Feigenbaum, James Hendler, and Gerald Sussman. Information Accountability. In Communications of the ACM, 2008.
Dirk Bergemann and Stephen Morris. Ex-Post Implementation. In Games and Economic Behavior, 2008.
Dirk Bergeman and Karl Schlag. Pricing Without Priors. In Journal of the European Economic Association, 2008.

Posters

Contact: feigenbaum AT cs DOT yale DOT edu