multi attribute risk assessment l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Multi-Attribute Risk Assessment PowerPoint Presentation
Download Presentation
Multi-Attribute Risk Assessment

Loading in 2 Seconds...

play fullscreen
1 / 17

Multi-Attribute Risk Assessment - PowerPoint PPT Presentation


  • 205 Views
  • Uploaded on

Multi-Attribute Risk Assessment. Shawn A. Butler Computer Science Department Carnegie Mellon University 16 October 2002. Advantages of Multi-Attribute Risk Assessments. Provides a systematic and repeatable method for evaluating risks

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Multi-Attribute Risk Assessment' - Antony


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
multi attribute risk assessment

Multi-Attribute Risk Assessment

Shawn A. Butler

Computer Science Department

Carnegie Mellon University

16 October 2002

advantages of multi attribute risk assessments
Advantages of Multi-Attribute Risk Assessments
  • Provides a systematic and repeatable method for evaluating risks
  • Helps organizations identify and prioritize security requirements
  • Makes explicit expectations about attack consequences
  • Provides insights into the affect of uncertainty
some terminology
Some Terminology
  • Threats - events, which could lead to an information system compromise.

(Examples: denial of service attacks, procedural violations, IP spoofing, etc.)

  • Attacks -An attack (a) is an instance of a threat that results in an information system compromise. that has an outcome (Oa)
  • Outcome - one or more consequences (Xj).
  • Consequence – Damage (xj)from a successful attack

(Examples: lost productivity, lost revenue, damaged public image, lost lives)

slide4

(Threat)

Denial of Service

(Outcomes)

X1 X2 X3

Lost Productivity Lost Revenue Damaged

Public Image

Attacks(Consequence Values (x 1, x2, x 3)

a13 hours $0 none

a2 40 hours $20,000 moderate

a3 10 hours $500 slight

Outcome

security architecture development process

Threats

Prioritized

Risks

Risk

Assessment

Outcomes

Security Architecture

Security Architecture Development Process

Security Architecture Development Process

System

Design

Available

Countermeasures

Security

Components

Select

Countermeasures

Develop

Security Architecture

Requirements

Policies

multi attribute risk assessment process

Sensitivity

Analysis

Threat

Definition

Compute

Threat

Indexes

Estimate

Outcome

Values

Multi-attribute Risk Assessment Process

Expected Frequency

of Attack

Outcomes

S.M.

Best Est.

Risks

Prioritized

Org

Threats

Threats

Most Likely

Outcomes

Additive

Model

Security

Manager Questions

the additive model
The Additive Model

TIa = Freqa * (j=attributeswj * vj(xaj ))

  • Check additivity assumptions to see if the additive form is valid
  • Assess the single-attribute value functions v1, v2, …, vn
  • Assess the weighting factors w1, w2, …, wn
  • Compute the value of each alternative and rank alternatives
  • Conduct sensitivity analysis to see how sensitive the ranking is to model assumptions
independence assumptions
Independence Assumptions

Tradeoffs between two consequence values

— holding all other consequence values fixed —

do not depend on where we hold the other attributes fixed

assess single consequence value function
Assess Single Consequence Value Function

vj(xaj )

1

1

1

0

0

xj*

0

xj*

xj*

Linear

Convex

Concave

weight the consequences

Outcome Attribute

Rank

Assessed Preference

Weight

(wj)

Lost Productivity

1

100

.42

Public Reputation

2

80

.33

Regulatory Penalties

3

40

.17

Lost Revenue

4

20

.08

Weight the Consequences

wj

conclusions
Conclusions
  • Multi-attribute Risk Assessments provide insight during risk assessment process
  • Multi-attribute Risk Assessments can help security manager’s prioritize risks, which leads to prioritized requirements
  • Inexperienced security managers will be able to benefit from information collected from other organizations