• DocumentCode
    987197
  • Title

    A Doubt of the Benefit

  • Author

    Geer, Daniel E., Jr. ; Conway, Daniel G.

  • Volume
    7
  • Issue
    3
  • fYear
    2009
  • Firstpage
    86
  • Lastpage
    87
  • Abstract
    Cost-benefit analysis in security is appealing as a standard approach, admirable for its simplicity, appreciated for its generality, but otherwise worthless. Every cost-benefit calculation requires a consistent scale, and the more people this affects, the less they\´re likely to agree on whatever rescaling this forces. Thus, questions such as "What is a human life worth?" or, in our case, "What is a secure machine worth?" yield indefensible answers, which serve as an awkward basis on which to begin formal analysis. For the record, we believe our lives to be more valuable than standard governmental estimates. Cost-effectiveness analysis simply assumes that you\´ll spend the money, so it asks "How many lives can you save?" or, in our case, "How much breakage can you prevent?".
  • Keywords
    cost-benefit analysis; computer security; cost-benefit analysis; cost-effectiveness analysis; digital assets; Automatic testing; Cardiac arrest; Costs; Educational institutions; Humans; Lab-on-a-chip; Libraries; Manufacturing; Public healthcare; Security; cost-benefit analysis; cost-effectiveness analysis; for good measure; security & privacy;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2009.57
  • Filename
    5054919
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=987197