摘要
相互依赖性是现阶段信息安全风险所具备的一个重要特征,网络中企业的信息安全决策会相互影响。本文以企业间的病毒传染为例,依据相互依赖性和威胁侵入类型的多样性,提出了企业间信息安全的投资博弈模型。通过外部性对企业间的依赖程度进行度量,说明了投资风险与企业间的病毒传染的概率和网络中企业数量之间的关系,并根据该关系,确定了多个企业进行信息安全投资的纳什均衡解。
Based on the interdependence, which is an important characteristic of information security and the diversity of invasions, an investment game model is presented in this paper. The paper investigates the investment risk exerted by the contagion between firms in the network. With externality representing the risk, the relationship between investment risks and the interdependent extension and the amount of firms in the network is illustrated. By use of the model, the investment risk and decision are analyzed quantitatively and then several Nash equilibrium solutions are provided further.
出处
《中国管理科学》
CSSCI
2006年第3期7-12,共6页
Chinese Journal of Management Science
基金
国家自然科学基金项目(70372011)
国家信息安全战略研究与标准制定工作专项项目(TC260-WG1-2005-Y010)
关键词
信息安全
相互依赖性
单次侵入
多次侵入
外部性
information security
interdependence
single invasion
repetitious invasion
externality