We develop an ontological account of information security architectures that is inspired by economic models of trade-offs between confidentiality, integrity, and availability. Our approach clarifies the nature of the trade-offs by making a clear distinction between declarative and operational concepts in security. We integrate this approach with a semantically justified mathematical systems modelling technology, thus providing a basis for a systematic methodology to support operational decision-making in information security investments and trade-offs.
|Publication status||Published - 2010|
|Event||9th Workshop on the Economics of Information Security - Cambridge, MA, United States|
Duration: 14 Jun 2011 → 14 Jun 2011
|Conference||9th Workshop on the Economics of Information Security|
|Period||14/06/11 → 14/06/11|
Bibliographical noteAvailable at