Abstract
Network safeguarding practices involve decisions in at least three areas: identification of well-defined security policies, selection of cost-effective defense strategies and implementation of real-time defense tactics. Although choices made in each of these three affect the others, many existing decision models handle these three decision areas in isolation. There is no comprehensive tool that can integrate them to provide a single efficient model for safeguarding a network. In addition, there is no clear way to determine which particular combinations of defense decisions result in cost-effective solutions. To address these problems, this paper introduces a layered decision model (LDM) for use in deciding how to address defense decisions based on cost-effectiveness. To illustrate the technique, the LDM model is applied to the design of network defense for a sample e-commercial business.