Abstract : Evaluating the effectiveness of the security measures undertaken to protect a distributed system (e.g., protecting privacy of data in a network or in an information system) is a difficult task that, among other things, requires a risk assessment. We introduce a logical framework that allows one to reason about risk by means of operators that formalize causes, effects, preconditions, prevention and mitigation of events that may occur in the system. This is work in progress and we describe a number of interesting variants that could be considered.
https://hal.inria.fr/hal-01542424 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Monday, June 19, 2017 - 5:01:03 PM Last modification on : Monday, March 21, 2022 - 5:22:04 PM Long-term archiving on: : Sunday, December 17, 2017 - 7:52:13 PM
Matteo Cristani, Erisa Karafili, Luca Viganò. Towards a Logical Framework for Reasoning about Risk. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Aug 2012, Prague, Czech Republic. pp.609-623, ⟨10.1007/978-3-642-32498-7_46⟩. ⟨hal-01542424⟩