Title :
Exploitation of auctions for outsourcing security-critical projects
Author :
Kandias, Miltiadis ; Mylonas, Alexios ; Theoharidou, Marianthi ; Gritzalis, Dimitris
Author_Institution :
Dept. of Inf., Athens Univ. of Econ. & Bus., Athens, Greece
fDate :
June 28 2011-July 1 2011
Abstract :
ICT outsourcing may introduce several risks. This paper attempts to mitigate this problem by applying an auctioning scheme. By adopting the scheme, the involved organization selects one or more potential outsourced service providers via an auction similar to the FCC spectrum ones. The project is divided in sub-projects, bidders are pre-evaluated, in terms of security and each bid is assessed in terms of cost and appropriate security metrics. The bidding process continues according to the auction rules allocating all the sub-projects to the best bidders. The ultimate goal is to achieve upgraded security, while keeping the cost at a reasonable level and meeting adequate security requirements. In this direction our model provokes competition and motivates providers to place superior bids, in terms of security, while providing flexibility to the organization. The auction process is demonstrated through a case study, where the outsourcer is a critical infrastructure organization.
Keywords :
commerce; outsourcing; security of data; FCC spectrum; ICT outsourcing; auctions; security-critical projects; FCC; Measurement; Outsourcing; Resource management; Risk management; Security; Auction; IT Security; Outsourcing; Security-Critical;
Conference_Titel :
Computers and Communications (ISCC), 2011 IEEE Symposium on
Conference_Location :
Kerkyra
Print_ISBN :
978-1-4577-0680-6
Electronic_ISBN :
1530-1346
DOI :
10.1109/ISCC.2011.5983912
