Security Solution Suitability Analysis using Modified Multiplicative Analytic Hierarchy Process

Tackling security and performance issues in ubiquitous computing has turned out to be a challenging task due to the heterogeneity of both the environment and the applications. Services must satisfy several constraints caused by the security, performance, and other requirements of applications, users and providers. This paper introduces a new formalized decision model for security solution suitability analysis. It supports the design of dynamic security services and can be used by security managers making runtime decisions. Our solution improves previously proposed AHP-based decision models. The MAHP decision engine is applied using a new approach. Furthermore, we extend the MAHP algorithm to handle the non-fulfillment of requirements. This results in more accurate decisions, and better fulfillment of the design criteria. The use of the proposed decision model is illustrated through an IKEv2 authentication method selection problem.