QoS-T: QoS throttling to elicit user cooperation in computer systems

Abstract

While there exist strong security concepts and mechanisms, implementation and enforcement of these security measures is a critical concern in the security domain. Normal users, unaware of the implications of their actions, often attempt to bypass or relax the security mechanisms in place, seeking instead increased performance or ease of use. Thus, the human in the loop becomes the weakest link. This shortcoming adds a level of uncertainty unacceptable in highly critical information systems. Merely educating the user to adopt safe security practices is limited in its effectiveness; there is a need to implement a technically sound measure to address the weak human factor across a broad spectrum of systems. In this paper, we present a game theoretic model to elicit user cooperation with the security mechanisms in a system. We argue for a change in the design methodology, where users are persuaded to cooperate with the security mechanisms after suitable feedback. Users are offered incentives in the form of increased Quality of Service (QoS) in terms of application and system level performance increase. User's motives and their actions are modeled in a game theoretic framework using the class of generalized pursuit-evasion differential games.1,2 © Springer-Verlag 2010.