EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Assessing the Value of Network Security Technologies: The Impact of Configuration and Interaction on Value

Huseyin Cavusoglu () and Hasan Cavusoglu ()
Additional contact information
Huseyin Cavusoglu: The School of Management, University of Texas at Dallas, http://www.utdallas.edu/~huseyin
Hasan Cavusoglu: Sauder School of Business, University of British Columbia, http://people.commerce.ubc.ca/faculty/cavusoglu/

No 07-19, Working Papers from NET Institute

Abstract: Proper configuration of security technologies is critical to balance the access and protection requirements of information. The common practice of using a layered security architecture that has multiple technologies amplifies the need for proper configuration because the configuration decision about one security technology has ramifications for the configuration decisions about others. We study the impact of configuration on the value obtained from a firewall and an Intrusion Detection System (IDS). We also study how a firewall and an IDS interact with each other in terms of value contribution. We show that the firm may be worse off when it deploys a technology if the technology (either the firewall or the IDS) is improperly configured. A more serious consequence for the firm is that even if each of these (improperly configured) technologies offers a positive value when deployed alone, deploying both may be detrimental to the firm. Configuring the IDS and the firewall optimally eliminates the conflict between them, resulting in a non-negative value to the firm. When optimally configured, we find that these technologies may complement or substitute each other. Further, we find that while the optimal configuration of an IDS is the same whether it is deployed alone or together with a firewall, the optimal configuration of a firewall has a lower detection rate (i.e., allow more access) when it is deployed with an IDS than when deployed alone. Our results highlight the complex interactions between firewall and IDS technologies when they are used together in a security architecture, and, hence, the need for proper configuration in order to benefit from these technologies.

Keywords: information security; software configuration; analytical modeling (search for similar items in EconPapers)
JEL-codes: C72 D81 L20 L86 (search for similar items in EconPapers)
Pages: 48 pages
Date: 2007-05, Revised 2007-08
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
http://www.netinst.org/Cavusoglu_07-19.pdf (application/pdf)
no

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:net:wpaper:0719

Access Statistics for this paper

More papers in Working Papers from NET Institute
Bibliographic data for series maintained by Nicholas Economides ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-04-02
Handle: RePEc:net:wpaper:0719