Simulating Perceptions of Security
Author
Wernick, Paul
Christianson, Bruce
Spring, William
Attention
2299/20033
Abstract
Systems complicated enough to have ongoing security issues are difficult to understand, and hard to model. The models are hard to understand, even when they are right (another reason they are usually wrong), and too complicated to use to make decisions. Instead attackers, developers, and users make security decisions based on their {\em perceptions} of the system, and not on properties that the system actually has. These perceptions differ between communities, causing decisions made by one community to appear irrational to another. Attempting to predict such irrational behaviour by basing a model of perception on a model of the system is even more complicated than the original modelling problem we can't solve. Ockham's razor says to model the perceptions directly, since these will be simpler than the system itself.