ScienceDirect® Home Skip Main Navigation Links
You have guest access to ScienceDirect. Find out more.
 
Home
Browse
My Settings
Alerts
Help
 Quick Search
 Search tips (Opens new window)
    Clear all fields    
advertisementadvertisement
Decision Support Systems
Volume 28, Issues 1-2, March 2000, Pages 205-216
 
Font Size: Decrease Font Size  Increase Font Size
 Abstract - selected
Article
Purchase PDF (439 K)

  E-mail Article   
  Add to my Quick Links   
Bookmark and share in 2collab (opens in new window)
Request permission to reuse this article
  Cited By in Scopus (1)
 
 
 
Related Articles in ScienceDirect
View More Related Articles
 
View Record in Scopus
 
doi:10.1016/S0167-9236(99)00069-X    How to Cite or Link Using DOI (Opens New Window)
Copyright © 2000 Elsevier Science B.V. All rights reserved.

MarketNet: protecting access to information systems through financial market controls*1

Y. YeminiE-mail The Corresponding Author, a, A. DailianasE-mail The Corresponding Author, a, D. FlorissiCorresponding Author Contact Information, E-mail The Corresponding Author, a and G. HubermanE-mail The Corresponding Author, b

a Department of Computer Science, Columbia University, 450 Computer Science Bldg., New York, NY 10027, USA b School of Business, Columbia University, 411 Uris Hall, New York, NY 10027, USA

Available online 5 April 2000.

Purchase the full-text article



References and further reading may be available for this article. To view references and further reading you must purchase this article.

Abstract

This paper describes novel market-based technologies that uniquely establish quantifiable and adjustable limits on the power of attackers, enable verifiable accountability for malicious attacks, and admit systematic and uniform monitoring and detection of attacks. These technologies, incorporated in the MarketNet system, establish a financial economy to regulate the trade and use of access rights in information systems. Resources are instrumented to use currency for access control and monitoring, establishing accountability in their use. Domains control access to their resources through resource prices and budgets available to clients. Domains control and fine tune their exposure to attacks; adjust this exposure in response to emerging risks; detect intrusion attacks through automated, uniform statistical analysis of currency flows; and tune their exposure to resource unavailability by purchasing protection through financial-like instruments.

Author Keywords: Information systems protection; Access control through currency; Information economy; Quantifiable exposure to attacks; Financial-like instruments

Article Outline

1. Introduction
2. Use of currency for access control
2.1. Resources and clients are organized in currency domains
2.2. Domains control allocation of budget and prices of resources
2.3. A sample transaction
3. The resource access layer (RAL) — a market-based protection kernel
3.1. The architecture and components of the RAL
3.2. The banking infrastructure
4. Prices/budgets establish dynamically tunable access control
5. Domains set quantifiable limits on power of attackers
6. Attacks are detected and isolated by monitoring currency usage
7. Financial instruments provide QoS guarantees
8. Examples of MarketNet's reaction to attacks
9. Conclusions
Acknowledgements
References
Vitae







Decision Support Systems
Volume 28, Issues 1-2, March 2000, Pages 205-216
 
Home
Browse
My Settings
Alerts
Help
Elsevier.com (Opens new window)
About ScienceDirect  |  Contact Us  |  Information for Advertisers  |  Terms & Conditions  |  Privacy Policy
Copyright © 2008 Elsevier B.V. All rights reserved. ScienceDirect® is a registered trademark of Elsevier B.V.