Strategic Analysis for Effective Smart Phone Security Management: An Economic Analysis of Security Investment
This research focuses on the impact of innovative changes in smart phone markets on information security management, and analyzes the strategic interactions between smart phone platform providers and online computer hackers. Since the introduction of the iPhone in late 2007 in the US and 2009 in South Korea, the smart phone industry has grown rapidly and is still in the midst of dramatic change. The introduction of and popularity of open platforms and mobile application stores (App stores) are conspicuous phenomena within the smart phone industry. The amazing speed of adoption may also pose a potential information security threat. To understand the dynamics of these changes and relationships among security defense and offence, we formulate and analyze a strategic game between smart phone platform providers and hackers. An extended Stackelberg leadership model is used in the research for this analysis. In this model, at first, a decision leader (the platform provider) decides the level of security investment The follower (the hacker) maximizes profits under given conditions. That is, we assume that platform providers are the first movers and hackers are the second movers in this dynamic game. An optimal level of security investment is derived from equilibrium analysis. A sensitive analysis also shows changes in and the impact on the users utility, platform providers profits, and the success or failure rate of hacking. Based on this model and analysis, strategic implications on effective security management are suggested as well.
Smart phone Information Security Information Privacy Application Store Stackelberg Model Sequential Game Open Platform Open Source Software Optimum Level of Information Security Investment
Beomsoo KIM Chaerhee KIM
Graduate School of Information Yonsei University Seoul, 120-749, Korea (ROK)
国际会议
2011 International Conference on Security Science and Technology(ICSST 2011) (2011年安全科学与技术国际会议)
重庆
英文
200-203
2011-01-21(万方平台首次上网日期,不代表论文的发表时间)