Decision Model for the Security and Utility Risk Evaluation (SURE) Framework

被引:0
|
作者
Billard, Angela K. [1 ]
机构
[1] Def Sci & Technol Grp, Edinburgh, SA, Australia
来源
PROCEEDINGS OF THE AUSTRALASIAN COMPUTER SCIENCE WEEK MULTICONFERENCE (ACSW 2019) | 2019年
关键词
Cyber security; utility; operational requirement; risk; mitigation strategy; trade off;
D O I
10.1145/3290688.3290694
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
The Security and Utility Risk Evaluation (SURE) framework is a framework for specifying and calculating risk to enable dynamic and autonomous decisions about cyber security and utility risk in generic computer-based systems. The SURE framework's decision model provides the ability to select between multiple alternative mitigation strategies in order to optimise security and utility risk during the operation of a system. This paper presents the decision model of the SURE framework and an example illustrating how the decision model operates in a mobile networking scenario. The example shows that the SURE framework's decision model enables a better fit than existing security decision models between the context of the requested action, security and utility requirements and the selected mitigation strategy, giving greater flexibility to both policy makers and users.
引用
收藏
页数:11
相关论文
共 50 条
  • [21] Incremental Decision Making Under Risk with the Weighted Expected Utility Model
    Gilbert, Hugo
    Benabbou, Nawal
    Perny, Patrice
    Spanjaard, Olivier
    Viappiani, Paolo
    PROCEEDINGS OF THE TWENTY-SIXTH INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE, 2017, : 4588 - 4594
  • [22] Quantifying Risk Perception: The Entropy Decision Risk Model Utility (EDRM-U)
    Monroe, Thomas
    Beruvides, Mario
    Tercero-Gomez, Victor
    SYSTEMS, 2020, 8 (04): : 1 - 37
  • [23] Developing a utility decision framework to evaluate predictive models in breast cancer risk estimation
    Wu, Yirong
    Abbey, Craig K.
    Chen, Xianqiao
    Liu, Jie
    Page, David C.
    Alagoz, Oguzhan
    Peissig, Peggy
    Onitilo, Adedayo A.
    Burnside, Elizabeth S.
    JOURNAL OF MEDICAL IMAGING, 2015, 2 (04)
  • [24] A Decision Framework Model for Migration into Cloud: Business, Application, Security and Privacy Perspectives
    Islam, Shareeful
    Weippl, Edgar R.
    Krombholz, Katharina
    16TH INTERNATIONAL CONFERENCE ON INFORMATION INTEGRATION AND WEB-BASED APPLICATIONS & SERVICES (IIWAS 2014), 2014, : 185 - 189
  • [25] Security Challenges and Risk Evaluation Framework for Industrial Wireless Sensor Networks
    Liang, Lulu
    Liu, Yanzhao
    Yao, Yuangang
    Yang, Tianshi
    Hu, Yuening
    Ling, Chen
    2017 4TH INTERNATIONAL CONFERENCE ON CONTROL, DECISION AND INFORMATION TECHNOLOGIES (CODIT), 2017, : 904 - 907
  • [26] Risk Evaluation for Security Network Based on Protection Model and Risk Entropy
    Lv, Haitao
    Hu, Ruimin
    PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON TEACHING AND COMPUTATIONAL SCIENCE, 2014, : 146 - 149
  • [27] Information security risk analysis model using fuzzy decision theory
    Henriques de Gusmao, Ana Paula
    Camara e Silva, Lucio
    Silva, Maisa Mendonca
    Poleto, Thiago
    Cabral Seixas Costa, Ana Paula
    INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT, 2016, 36 (01) : 25 - 34
  • [28] Security meter: A practical decision-tree model to quantify risk
    Sahinoglu, M
    IEEE SECURITY & PRIVACY, 2005, 3 (03) : 18 - 24
  • [29] A security evaluation framework for cloud security auditing
    Rizvi, Syed
    Ryoo, Jungwoo
    Kissell, John
    Aiken, William
    Liu, Yuhong
    JOURNAL OF SUPERCOMPUTING, 2018, 74 (11): : 5774 - 5796
  • [30] A security evaluation framework for cloud security auditing
    Syed Rizvi
    Jungwoo Ryoo
    John Kissell
    William Aiken
    Yuhong Liu
    The Journal of Supercomputing, 2018, 74 : 5774 - 5796
12345