Title :
Quantitative risk assessment for dependent vulnerabilities
Author :
Sahinoglu, Mehmet
Author_Institution :
Dept. of Comput. Sci., Troy Univ., Montgomery, AL
Abstract :
In actual life scenarios, the components of the big risk picture are interdependent rather than purely independent. Moreover, the quantitative risk measurements are needed to objectively compare alternatives and calculate monetary figures to budget for reducing or minimizing the existing risk. A detailed treatment of the proposed security-meter, a quantitative risk assessment technique, has been recently studied and published when vulnerabilities were assumed to be all independent and disjoint of each other, and so were the ensuing threats. However, when these vulnerabilities of the quantitative security risk assessment are not perfect; that is they are non-independent and non-disjoint, then a new probabilistic approach needs to replace that of the special case of independence or disjoint outcomes
Keywords :
financial management; probability; risk management; security; budget; monetary figures; probability model; quantitative risk assessment; security; threats; vulnerabilities; Authentication; Costs; Electric breakdown; Fires; Hardware; Measurement uncertainty; Random variables; Risk analysis; Risk management; Security;
Conference_Titel :
Reliability and Maintainability Symposium, 2006. RAMS '06. Annual
Conference_Location :
Newport Beach, CA
Print_ISBN :
1-4244-0007-4
Electronic_ISBN :
0149-144X
DOI :
10.1109/RAMS.2006.1677354
