Title :
The role of vulnerability in risk management
Author :
Otwell, Ken ; Aldridge, Bruce
Author_Institution :
Martin Marietta Lab., Baltimore, MD, USA
Abstract :
The treatment of vulnerability at the 1988 Risk Model Builders´ Workshop is examined, and a definition of vulnerability that is intuitively satisfying and provides a foundation upon which mathematical models can be built is developed. Two vulnerability models that together appear to capture the general conceptualizations of vulnerability espoused by other authors are presented. The authors also discuss the ongoing development of their expert system for risk management (M2 RISK), which will utilize knowledge about vulnerabilities of information systems and their components. M2RISK is designed to eventually function as a full risk-management system with interface tools that will allow rapid specification of systems and easy management of system changes, and generally aid the risk-management process
Keywords :
DP management; expert systems; M2RISK; expert system for risk management; interface tools; mathematical models; risk management; role of vulnerability; Computer security; Expert systems; Information systems; Knowledge management; Laboratories; Management information systems; Mathematical model; Minerals; NIST; Risk management;
Conference_Titel :
Computer Security Applications Conference, 1989., Fifth Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-8186-2006-4
DOI :
10.1109/CSAC.1989.81022
