Augmented Risk Analysis (Contributo in atti di convegno)

Type
Label
  • Augmented Risk Analysis (Contributo in atti di convegno) (literal)
Anno
  • 2006-01-01T00:00:00+01:00 (literal)
Alternative label
  • [1] Bistarelli S., [2] Bella G., [2] Riccobene S., [3] Peretti P. (2006)
    Augmented Risk Analysis
    in Proc. Second International Workshop on Views on Designing Complex Architectures (VODCA 2006), Bertinoro, Italy 16-17 September 2006., Bertinoro, Italy, 16-17 Sept 2006
    (literal)
Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#autori
  • [1] Bistarelli S., [2] Bella G., [2] Riccobene S., [3] Peretti P. (literal)
Pagina inizio
  • 181 (literal)
Pagina fine
  • 194 (literal)
Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#altreInformazioni
  • Codice Puma: cnr.iit/2006-A2-002 (literal)
Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#affiliazioni
  • [1]CNR-IIT, Pisa, Italy; [2] Dipartimento di Matematica e Informatica, Università di Catania, Catania, Italy; [3] Dipartimento di Scienze, Università degli Studi \"G. D'Annunzio\", Pescara, Italy (literal)
Titolo
  • Augmented Risk Analysis (literal)
Abstract
  • Risk analysis has recently emerged as a structured and precise methodology to help modern companies understand their risks and plan the relative countermeasures well in advance. It is based on a number of indicators: parameters that quantify the key concepts on which an enterprise designs its security and safety investments. A modificator is a function that further modifies an existing indicator, and is itself an indicator. It is argued here that Risk Analysis can dramatically benefit from three novel modificators. One, the Exposure Factor during Critical Time (EFCT), expresses the percentage of loss or damage that an attack can infer to a time-critical asset. Another one, the Exposure Factor under Retaliation (EFR), formalises the mitigation to the loss or damage that an attack can infer to an asset when that loss or damage can be retaliated back onto the attacker. The third one, the Mitigated Risk against Collusion (MRC), formalises how a security measure can be effective against a single attacker but not necessarily against a large team of attackers working collaboratively for the same target. Our simulated results firmly support the benefits of such augmented Risk Analysis confirming the novel insights it can provide. (literal)
Editore
Prodotto di
Autore CNR
Insieme di parole chiave

Incoming links:


Prodotto
Autore CNR di
Editore di
Insieme di parole chiave di
data.CNR.it