Insured Access: An Approach to Ad-hoc Information Sharing for Virtual Organizations

Insured Access:An Approach to Ad-hoc Information Sharing for Virtual Organizations

Naoki Tanaka†,‡, ∗ , Marianne Winslett†,∗,Adam J. Lee◦, David K. Y. Yau ,⋄ ∗, Feng Bao‡

† Department of Computer Science, University of Illinois at Urbana-Champaign‡ Cryptography & Security Department, Institute for Infocomm Research

Advanced Digital Sciences Center∗◦ Department of Computer Science, University of Pittsburgh

Department of Computer Science, Purdue University ⋄

Third ACM Conference on Data and Application Security and PrivacyFebruary 20, 2013, San Antonio, TX, USA

This presentation proposes insurance-based ad-hoc information sharing scheme

2

Insured Access

Simulation Results

Pricingand

Purchase Decisions

Traditional access control grants access for original purposes

3

AliceInformation Producer

BobInformation Consumer

Map of USAInformation

Alice prepared a map of USA for Bob

Bob has access to the map of USA

Traditional access control grants access for original purposes

4


Map of SingaporeInformation

CarolInformation Consumer

Alice prepared a map of Singapore for Carol

Carol has access to the map of Singapore

Can traditional access control deal with ad-hoc information access?





?


Hey Alice, I came up with a good idea to use the map of Singapore!

Access rights are assigned according to the original purpose of information

6





Information access for other purposes is denied


Sorry Bob, but I cannot release it.

(I don’t want to be blamed later…)

7




Traditional methods try to eliminate risk

We need a more flexible method to consider benefits while bounding risk

Traditional authorization methods are inflexible

Risk-based access control tries to mitigate problems

8

MITRE JASON report proposed a risk-based access control approach

InformationRisk tokens

Use risk tokens to purchase access rights

Price = expected value of damages due to the access

one-day, soft-copy-only access to one document by the average Secret-cleared individual

1 token =

Total amount of allocated tokens < tolerable risk

Current risk-based access control has its own problems

9

InformationRisk tokens

Use risk tokens to purchase access rights?

Cannot control the worst-case aggregate damages

Doesn’t distinguish between good and bad risk-takers

Insured access encourages information sharing

10



InnisInsurer

Insurance policy

Information


11



InnisInsurer

Insurance policy

Information

1. Request policy


12



InnisInsurer

Insurance policy

Information

2. Quote priceor deny access Use premium principles


13



InnisInsurer

Insurance policy

Information

3. Pay premiumDecide considering benefits & costs


14



InnisInsurer

Insurance policyInformation

4. Receive policy


15



InnisInsurer


5. Request access,show policy


16



InnisInsurer


6. Provide access

No reason to deny because producers won’t lose anything


17



InnisInsurer


7. File claimagainst policy


18



InnisInsurer


8. Pay claimProducers get reimbursed for the exact amount

Insurer calculates premium (policy price) using premium principle

19

InnisInsurer

Insurance policy

Risk distribution Premium (Policy price)

Premium Principle

Risk distribution represents the total amount of claims

Principle of Equivalent Utility is the most widely adopted approach

20

Principle of Equivalent Utility

uI: insurer’s utility functionwI: insurer’s current capitalP: premium (policy price)X: random variable representing the total amount of claims

Insurer is equally happy whether or not the policy is issued (indifferent)

Exponential Principle is derived when exponential utility function is used

21

Exponential Principle

When exponential utility function

is used…

π: premium principleX: random variable representing the total amount of claimsmX(α): moment generating function of X around α

Exponential Principle is widely used because of its favorable properties

risk aversion index

Consumers consider both benefits and costs of accessing information

22

u: consumer’s utility functionw: consumer’s current capitalP: premium (policy price)Y: random variable representing the consumer’s expected additional value (revenue)

Consumers purchase policies only when the following inequality is met

Traditional actuarial methods don’t consider this kind of tradeoff

We can derive the maximum premium the consumer is willing to pay

23

When exponential utility function is used…

P+: maximum premium (policy price) the consumer is willing to paymY(αc): moment generating function of Y around αc

Y: random variable representing the consumer’s expected additional value (revenue)αc: consumer’s risk aversion index

If the quoted price is less than P+, the consumer buys the policy and accesses information

Bonus-malus system rewards good risk-takers and punishes bad ones

24

Dutch systemNew insureds enter at step 2

Good risk-takers

No claimsEnjoy discount

Bad risk-takers

Many claimsIncur penalty

Discrete event simulations model a map sharing scenario

25

10 consumers 10 producers

Sensitivity is reflected in parameters of risk (claim size) distributions


26

10 consumers 10 producers Each insured access is independent

Arrival of requests is modeled by a separate Poisson process for each consumer

A consumer chooses a producer a uniformly at random from the producers it has not purchased previously

Inter-arrival time follows exponential distribution


27

10 consumers 10 producers

For each purchased policy

1 claim arrival & 1 benefit arrival

Arrival time follows exponential distribution

Risk (claim size) & Benefit follow Normal Distribution

More risk averse insurer results in smaller capitals because of smaller # of transactions

28

Each principal has $10 as its initial capital

Varied the insurer’s risk aversion index α, and examined how α affects capitals at the end of simulations

Large α → Small # of transactions → Small capitals

With BM, consumers who make smaller number of claims have larger capitals

29

Consumer ID 1 2 3 4 5 6 7 8 9 10Probability of causing claims 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1

steps are updated every 5 time periods

Without Bonus-Malus With Bonus-Malus

Good risk-takers (small # of claims) → Large capitals

We need to estimate distributions to realize Insured Access

30

1. Request policy2. Quote price

3. Pay premium

4. Receive policy

5. Request access, show policy

6. Provide access

7. File claim against policy

8. Pay claim

or deny access Can we estimate distributions?

This presentation proposed Insured Access and evaluated its effectiveness through simulations

31

Questions? Email: [email protected]: @naokitnk

Proposed Insured Access that considers benefits while bounding risk

Showed how to calculate premium and how consumers decide to buy policies

Simulation results confirmed the effectiveness of Insured Access

Documents

Insured Access: An Approach to Ad-hoc Information Sharing for Virtual Organizations