Quantitative risk assessment for dependent vulnerabilities

In actual life scenarios, the components of the big risk picture are interdependent rather than purely independent. Moreover, the quantitative risk measurements are needed to objectively compare alternatives and calculate monetary figures to budget for reducing or minimizing the existing risk. A det...

Full description

Saved in:
Bibliographic Details
Main Author: Sahinoglu, M.
Format: Conference Proceeding
Language:English
Subjects:
Authentication
Costs
Electric breakdown
Fires
Hardware
Measurement uncertainty
Random variables
Risk analysis
Risk management
Security
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In actual life scenarios, the components of the big risk picture are interdependent rather than purely independent. Moreover, the quantitative risk measurements are needed to objectively compare alternatives and calculate monetary figures to budget for reducing or minimizing the existing risk. A detailed treatment of the proposed security-meter, a quantitative risk assessment technique, has been recently studied and published when vulnerabilities were assumed to be all independent and disjoint of each other, and so were the ensuing threats. However, when these vulnerabilities of the quantitative security risk assessment are not perfect; that is they are non-independent and non-disjoint, then a new probabilistic approach needs to replace that of the special case of independence or disjoint outcomes
ISSN:0149-144X
2577-0993
DOI:10.1109/RAMS.2006.1677354