2006/10/30
price of security
All this talk of “in real life, we accept managed insecurity” has got me thinking about the question of how much security is actually worth to people. People pay some “appropriate” amount for security by buying alarms, paying for antivirus software, buying locks and whatever. How much should be paid? Is there a model for this behavior? Here is a not even half-baked look:
Suppose your thing is worth \(D\) dollars (to everyone, for simplicitiy) and the probability of it getting stolen/destroyed is \(p_0\). Let’s actually make \(p\) a function of how much you pay for security, so \(p(S)\). This function is, say, monotonically decreasing in \(S\) with \(p(0)=p_0\). Then the worth of \(S\) security dollars is \((p(0)-p(S))D\). I guess you should not pay for security when \(S>(p(0)-p(S))D\), and you should aim for \(S^*=\arg\max_S{(p(0)-p(S))D-S}\) when you should pay.
Another question altogether is how should security services be priced? They should probably be priced such that \((p(0)-p(S))D=S\), but are they? No idea. |
So far so good. At this point, I’m taking a digression because I am reminded of my bicycle. It’s a piece of junk but I lock it. Next to a nice bike. Even better if the nice bike has a worse-looking lock – although that doesn’t happen usually. My bicycle never gets stolen. This happens with recommendations for securing computers, too. Often there is advice to hide unused ports, leave small footprint, make yourself less of a target, etc. As long as it takes less effort to get more from somewhere else, you are somewhat secure, although you really aren’t. So there is the idea of competitive influence in the security problem.
So let’s say your neighbor also has a thing worth \(D\) dollars and \(S’\) is thrown into security for it by your neighbor. Now if you don’t pay more than your neighbor for security, it’s like you haven’t paid at all. Define a new function \(p’(S)=p(0)\) for \(S\leq S’\) and \(p’(S)=p(S)\) for \(S>S’\). Then you should aim for \(\tilde{S}^*=\arg\max_S{(p(0)-p’(S))D-S}\) when it is nonnegative. Now it is really possible to lose no matter what. Although it is possible to have \(S^*=0\) as the solution previously, that would have been a result of particularly poor security service. This is different. Depending on what your neighbor does, you may have no way to get more security for your thing.
Of course, your neighbor would normally aim for the optimal point, as would you. So you both could try to outbid each other until you hit the next \(S\) larger than \(S^*\) where \((p(0)-p(S))D-S=0\). This would be the competitive equilibrium. But then what’s the point? Both of you could do just as well by not paying anything for security – like leaving all (equally nice) bikes unlocked. but that would be a cooperative equilibrium, which won’t happen in reality.
However, it isn’t that simple. If we think about how a security service is able to decrease the probability of a thing getting stolen/destroyed, we (or I) get a headache, so that’s it for now. This may be revisited.