|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Thorsten Holz (thorsten.holz
gmail.com)
Date: Wed Dec 10 2008 - 01:40:29 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Dec 10, 2008, at 3:19 AM, sinan.erenimmunitysec.com wrote:
> I would appreciate ideas to tie the value of a vulnerability to a
> premium, any
> quants who do security as well ?
Rainer Böhme discussed the idea of exploit derivatives and cyber-
insurances in a talk at CCC'05: http://events.ccc.de/congress/2005/fahrplan/events/801.en.html
There is also a paper from the Workshop on the Economics of
Information Security (WEIS 2005), in which Böhme discusses these ideas
in more detail: http://infosecon.net/workshop/pdf/15.pdf
Pretty interesting concept, but some obstacles need to be taken when
implementing such a market (monoculture, correlation of attacks and
such).
Cheers,
Thorsten
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]