File(s) stored somewhere else
Please note: Linked content is NOT stored on Carnegie Mellon University and we can't guarantee its availability, quality, security or accept any liability.
Using Integer Programming to Optimize Investments in Security Countermeasures: A Practical Tool for Fixed Budgets
journal contribution
posted on 2006-01-01, 00:00 authored by Jonathan Caulkins, Eric Hough, Nancy Mead, Hassan OsmanSoftware engineers and businesses must make the difficult decision of how much of their budget to spend on software security mitigation for the applications and networks on which they depend. In this article, we introduce a novel method of optimizing, using Integer Programming (IP), the combination of security countermeasures to be implemented in order to maximize system security under fixed resources. We describe the steps involved in our approach, and discuss recent results with a case study client.