Cyber-Insurance in Internet Security: A Dig into the Information Asymmetry Problem

Details Cyber-Insurance in Internet Security: A Dig into the Information Asymmetry Problem Cyber-Insurance in Internet Security: A Dig into the Information Asymmetry Problem

2012-02-04

arxiv.org/abs/1202.0884v1

Computer Science

Cryptography and Security

arXiv admin note: substantial text overlap with arXiv:1103.1552

Scientific paper

Internet users such as individuals and organizations are subject to different types of epidemic risks such as worms, viruses, spams, and botnets. To reduce the probability of risk, an Internet user generally invests in traditional security mechanisms like anti-virus and anti-spam software, sometimes also known as \emph{self-defense} mechanisms. However, according to security experts, such software (and their subsequent advancements) will not completely eliminate risk. Recent research efforts have considered the problem of residual risk elimination by proposing the idea of \emph{cyber-insurance}. In this regard, an important research problem is resolving information asymmetry issues associated with cyber-insurance contracts. In this paper we propose \emph{three} mechanisms to resolve information asymmetry in cyber-insurance. Our mechanisms are based on the \emph{Principal-Agent} (PA) model in microeconomic theory. We show that (1) optimal cyber-insurance contracts induced by our mechanisms only provide partial coverage to the insureds. This ensures greater self-defense efforts on the part of the latter to protect their computing systems, which in turn increases overall network security, (2) the level of deductible per network user contract increases in a concave manner with the topological degree of the user, and (3) a market for cyber-insurance can be made to exist in the presence of monopolistic insurers under effective mechanism design. Our methodology is applicable to any distributed network scenario in which a framework for cyber-insurance can be implemented.

Affiliated with

Also associated with

No associations

Rating

Cyber-Insurance in Internet Security: A Dig into the Information Asymmetry Problem does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Cyber-Insurance in Internet Security: A Dig into the Information Asymmetry Problem, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Cyber-Insurance in Internet Security: A Dig into the Information Asymmetry Problem will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-330349