http://www.cnr.it/ontology/cnr/individuo/prodotto/ID203290

Unbounded impacts and risk mitigation in billing infrastructures (Articolo in rivista)

Type

Label

Unbounded impacts and risk mitigation in billing infrastructures (Articolo in rivista) (literal)

Anno

Alternative label

Sgandurra D. [1], Baiardi F. [2], Telmon C. [2] (2011)
Unbounded impacts and risk mitigation in billing infrastructures
in International journal of risk assessment and management; Inderscience Enterprises Ltd., Geneva (Swaziland)
(literal)

Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#autori

Pagina inizio

Pagina fine

Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#altreInformazioni

Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#numeroVolume

Rivista

Note

Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#affiliazioni

[1] CNR-IIT, Pisa, Italy; [2] Dipartimento di Informatica, Università di Pisa, Italy (literal)

Titolo

Abstract

A billing infrastructure is an information and communications technology system that bills a set of customers for some service they access. We discuss how the minimisation of the infrastructure cost may introduce components that are points of catastrophic failure in a security perspective because successful attacks against these components result in a full control of the infrastructure. We describe a classification of both attacks and threats and a mathematical model of attack impacts to prove that the introduction of points of catastrophic failure result in a heavy-tailed probability distribution of impacts. A heavy-tailed distribution has several implications on risk management because the probability of very large impacts may not be neglected and countermeasures cannot be selected according to their cost effectiveness because even the most expensive ones are convenient. For these reasons, risk management should introduce redundant components with a decentralised control to increase resilience and minimise attack impacts. (literal)

Editore