Autonomic-computing approach to secure knowledge management: A game-theoretic analysis

The explosion of knowledge management systems (KMS) and the need for their wide accessibility and availability has created an urgent need for reassessing the security practices and policies in organizations. Security of these assets is a day-to-day job placing a tremendous cognitive load on information-technology (IT) professionals, which can make it almost impossible to manage the security aspects of KMS. Autonomic-computing systems are well suited to manage KMS, as they use high-level system objectives provided by administrators as the basis for managing the security of KMS. The authors model the self-protection and self-healing configuration attributes in autonomic systems through game-theoretic models. The proposed modeling approach progressively moves from a manual intervention-oriented security setup to an autonomic security setup. This allows the authors to compare and contrast the different approaches and provide insights on their applicability to different security environments. The authors find that moving to a partial autonomic system with self-healing mechanisms can provide a stable environment for securing enterprise knowledge assets and can reduce hacking. It is beneficial to implement an autonomic system when manual investigation costs are higher and/or when the volume of malicious traffic is very low. An autonomic approach is especially attractive when it is difficult to impose penalties on malicious users. Autonomic systems can be effective in securing organizational knowledge assets and in reducing the potential damage from malicious users.