A Tale of Two Mechanisms: Incentivizing Investments in Security Games

TL;DR

This paper compares two incentive mechanisms, Pivotal and Externality, for promoting security investments in interdependent user systems modeled as security games, revealing fundamental limitations and effects of interdependence.

Contribution

It introduces a general impossibility result for incentivizing optimal security investments while ensuring participation and budget balance, and analyzes mechanisms in weighted effort models.

Findings

No mechanism can achieve social optimality, voluntary participation, and budget balance simultaneously.

The Pivotal mechanism's budget deficit varies with user interdependence.

The Externality mechanism's participation incentives are affected by interdependency levels.

Abstract

In a system of interdependent users, the security of an entity is affected not only by that user's investment in security measures, but also by the positive externality of the security decisions of (some of) the other users. The provision of security in such system is therefore modeled as a public good provision problem, and is referred to as a security game. In this paper, we compare two well-known incentive mechanisms in this context for incentivizing optimal security investments among users, namely the Pivotal and the Externality mechanisms. The taxes in a Pivotal mechanism are designed to ensure users' voluntary participation, while those in an Externality mechanism are devised to maintain a balanced budget. We first show the more general result that, due to the non-excludable nature of security, no mechanism can incentivize the socially optimal investment profile, while at the same time ensuring voluntary participation and maintaining a balanced budget for all instances of security games. To further illustrate, we apply the Pivotal and Externality mechanisms to the special case of weighted total effort interdependence models, and identify some of the effects of varying interdependency between users on the budget deficit in the Pivotal mechanism, as well as on the participation incentives in the Externality mechanism.