An Approach to Select Cost-Effective Risk Countermeasures

Abstract : Security risk analysis should be conducted regularly to maintain an acceptable level of security. In principle, all risks that are unacceptable according to the predefined criteria should be mitigated. However, risk mitigation comes at a cost, and only the countermeasures that cost-efficiently mitigate risks should be implemented. This paper presents an approach to integrate the countermeasure cost-benefit assessment into the risk analysis and to provide decision makers with the necessary decision support. The approach comes with the necessary modeling support, a calculus for reasoning about the countermeasure cost and effect, as well as means for visualization of the results to aid decision makers.
Type de document :
Communication dans un congrès
Lingyu Wang; Basit Shafiq. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. Springer, Lecture Notes in Computer Science, LNCS-7964, pp.266-273, 2013, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-39256-6_18〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01490710
Contributeur : Hal Ifip <>
Soumis le : mercredi 15 mars 2017 - 17:15:57
Dernière modification le : jeudi 16 mars 2017 - 09:24:24
Document(s) archivé(s) le : vendredi 16 juin 2017 - 14:59:09

Fichier

978-3-642-39256-6_18_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Le Tran, Bjørnar Solhaug, Ketil Stølen. An Approach to Select Cost-Effective Risk Countermeasures. Lingyu Wang; Basit Shafiq. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. Springer, Lecture Notes in Computer Science, LNCS-7964, pp.266-273, 2013, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-39256-6_18〉. 〈hal-01490710〉

Partager

Métriques

Consultations de la notice

22

Téléchargements de fichiers

32