Assessing the Risk of an Information Infrastructure Through Security Dependencies
نویسندگان
چکیده
We outline a framework for the risk assessment of information infrastructures that generalizes the notion of dependency with respect to attributes such as confidentiality, integrity or availability. Dependencies are used to model an infrastructure at distinct abstraction levels and to discover attack strategies as well as risk mitigation plans. A plan is formulated in terms of set of countermeasures because single countermeasures may be ineffective due to alternative threat attack strategies. We do not detail the assessment steps but show how the proposed framework support their integration to define risk mitigation plans. Lastly, we consider programming tools to support the assessment.
منابع مشابه
Risk assessment of multi-order dependencies between critical ICT infrastructures
Assessing risk in information and communication infrastructures is a challenging topic due to the complexity of critical infrastructures (CIs) and of the various dependencies between such infrastructures. This chapter discusses the basic concepts of risk assessment for CIs. Moreover, it describes a recently proposed methodology for criticality assessment. The main goal of this methodology is to...
متن کاملMicrofinance Institutions’ Operational Infrastructure in India: Assessing the Efficiencies through OLS Model
This study attempts to examine the operational efficiency of thirty-two microfinance institutions in India. Operational efficiency in microfinance institutions refers to how well microfinance institutions allocate the input resources. Since the study is an exploratory nature, therefore, the data are collected from mix market on annual basis. It covers the seven-year period ranging from 2005-06 ...
متن کاملProposing a new model for assessing the resilience of susceptible infrastructure (case study: hydroelectric power plant)
Background and objective: Given the high share of energy production by hydropower plants in Iran and the weaknesses of the resilience and protection model in this area, the importance of providing a model based on concepts such as؛ Expresses dependencies, correlations, risk management and analysis. In this paper, a new method for measuring the resilience of an energy infrastructure is presented...
متن کاملExploring a Controls-Based Assessment of Infrastructure Vulnerability
Assessing the vulnerability of an enterprise’s infrastructure is an important step in judging the security of its network and the trustworthiness and quality of the information that flows through it. Currently, low-level infrastructure vulnerability is often judged in an ad hoc manner, based on the criteria and experience of the assessors. While methodological approaches to assessing an organis...
متن کاملCascading Effects of Common-Cause F on ailures Critical Infrastructures
One of the most challenging problems in Critical Infrastructure Protection is the assessment and mitigation of cascading failures across infrastructures. In previous research we have proposed a method for assessing the cumulative security risk of cascading threats due to multi-order dependencies between infrastructures. However, recent empirical studies indicate that common mode failures may re...
متن کامل