MarketNet: protecting access to information systems through financial market controls

https://doi.org/10.1016/S0167-9236(99)00069-XGet rights and content
Under a Creative Commons license
open archive

Abstract

This paper describes novel market-based technologies that uniquely establish quantifiable and adjustable limits on the power of attackers, enable verifiable accountability for malicious attacks, and admit systematic and uniform monitoring and detection of attacks. These technologies, incorporated in the MarketNet system, establish a financial economy to regulate the trade and use of access rights in information systems. Resources are instrumented to use currency for access control and monitoring, establishing accountability in their use. Domains control access to their resources through resource prices and budgets available to clients. Domains control and fine tune their exposure to attacks; adjust this exposure in response to emerging risks; detect intrusion attacks through automated, uniform statistical analysis of currency flows; and tune their exposure to resource unavailability by purchasing protection through financial-like instruments.

Keywords

Information systems protection
Access control through currency
Information economy
Quantifiable exposure to attacks
Financial-like instruments

Cited by (0)

Danilo Florissi is an Associate Research Scientist in the Distributed Computing and Communications (DCC) Lab at Columbia University since February of 1997. He received his PhD in Computer Science from Columbia University in 1995 and his BSc and MSc also in Computer Science from Universidade Federeal de Pernambuco (UFPE) in Brazil. From April 1995 to December of 1995, he was a postdoctoral researcher in the DCC Lab. From January of 1996 to January 1997, he was a Visiting Faculty at UFPE. Danilo is member of the IEEE and ACM. His current research interests are in network management, network security, programmable networks, electronic commerce, and high-speed networks.

Apostolos Dailianas is close to the completion of the PhD degree at Columbia University. He received the BS degree in Electrical Engineering from the National Technical University of Athens (NTUA), Greece, in 1991, the MS degree in Computer Science from Washington University in St. Louis, in 1994, and the Mphil degree in Computer Science from Columbia University, New York, in 1997. His current research interests include network security, electronic commerce, economics of information systems, and application of economic models to resource management and network security (see http://www.cs.columbia.edu/∼apostolo).

Yechiam Yemini is a professor of Computer Science at Columbia University. His research interests include computer networks, network management, high-speed networks, and protocols. He has authored over 140 publications and lectured extensively in these areas. Research at his Distributed Computing and Communications (DCC) laboratory resulted in widely exported network software technologies applied by hundreds of sites and commercialized by several companies; see http://www.cs.columbia.edu/dcc. He was a co-founder of Comverse Technology, a US$3.5 B lead vendor of multi-media message computers for telecom networks — see http://www.comverse.com, and of System Management Arts, a spin-off from the DCC laboratory producing software products to automate event correlation, and fault diagnosis and handling in networked systems; see http://www.smarts.com. He is also a director of several high-tech companies, advises a major venture fund on high-tech investments, and serves on the US–Israel Science and Technology Commission.

Gur Huberman is a Professor of Finance and Economics at the Graduate School of Business of Columbia University. Previously, Mr. Huberman taught at Tel Aviv University and at the University of Chicago. He holds a PhD from Yale University. Mr. Huberman was a Vice President at JP Morgan Investment Management where he developed and implemented quantitative investment strategies in equities and equity derivatives. Mr. Huberman has published 30 articles in professional journals, including the American Economic Review, the Journal of Political Economy, the Journal of Business, the Journal of Finance and Derivatives Quarterly. His primary research interests include Portfolio Theory, Return-Risk tradeoffs and Risk Management. His work was featured recently in the Economist, and Business Week.

The views and conclusions contained in this document are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied of the Defense Advanced Research Projects Agency (DARPA), the Air Force, or the U.S. Government.