The purpose of this paper is to describe the Framework described in [BG16] in a game theoretic way. The idea behind this is that for modelling security (i. e. the assumption of an intelligent attacker) the language of game theory seems to be a very good choice. Game theory can deal with the problem where the actions of each subject are interdependent, e.g. an attacker will change his strategy whenever a new security feature will prevent his old strategy from succeeding or a new attack seems to be more promising. Moreover, game theory has been thoroughly studied and hence changing the description language of the model, gives access to
many results. Additionally, we view the Beyerer and Geisler Framework as part of security economics.