Dynamic Risk Mitigation in Computing Infrastructures

Author

Miura-Ko, R.Ann ; Bambos, Nicholas

Author_Institution

Stanford Univ., Stanford

fYear

2007

fDate

29-31 Aug. 2007

Firstpage

325

Lastpage

328

Abstract

In this brief paper, we formulate a novel analytical framework for modeling and mitigation of dynamically changing security risk profiles in information systems and networks. Risk accumulates at components/nodes (hosts, servers, databases, etc.) due to risk shocks hitting them (virus, worm attacks, etc.) and is monitored by risk indicators. The risk manager dynamically chooses defenses by reconfiguring and allocating available protection resources to various infrastructure components/nodes. The issue is to dynamically control risk by (re)deploying defenses on the spot in response to changing risk indicators. The framework is designed to parallel queuing modeling ones, mapping backlog/congestion to risk level/stress. This exposes interesting connections between dynamic risk management and queueing systems. It also allows for leveraging some results of congestion management for risk mitigation, as well as developing new ones to capture risk management performance tradeoffs.

Keywords

computer network management; queueing theory; risk management; security of data; computing infrastructures; congestion management; dynamic risk management; dynamic risk mitigation; information systems; parallel queuing modeling; queueing systems; risk indicators; security risk profiles; Analytical models; Data security; Databases; Information analysis; Information security; Management information systems; Network servers; Resource management; Risk analysis; Risk management;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Assurance and Security, 2007. IAS 2007. Third International Symposium on

Conference_Location

Manchester

Print_ISBN

0-7695-2876-7

Electronic_ISBN

978-0-7695-2876-2

Type

conf

DOI

10.1109/IAS.2007.91

Filename

4299794