Abstract
Risk analysis has been used to manage the security of systems for several decades. However, its use has been limited to offline risk computation and manual response. In contrast, we use risk computation to drive changes in an operating system’s security configuration. This allows risk management to occur in real time and reduces the window of exposure to attack. We posit that it is possible to protect a system by reducing its functionality temporarily when it is under siege. Our goal is to minimize the tension between security and usability by trading them dynamically. Instead of statically configuring a system, we aim to monitor the risk level, using it to drive the tradeoff between security and utility. The advantage of this approach is that it provides users with the maximum possible functionality for any predefined level of risk tolerance.
Risk management can be framed as an exercise in managing the constraints on edge and vertex weights of a tripartite graph, with the partitions corresponding to the threats, vulnerabilities, and assets in the system. If a threat requires a specific permission and affects a particular asset, an edge is added between the threat and the permission that mediates access to the vulnerable resource. Another edge is added between the permission and the asset. The presence of a path from a threat, through a permission check, to an asset contributes an element of risk. Risk can be reduced by denying access to a resource that contains a vulnerability or activating data protection measures. We analyze some of the problems that form the algorithmic underpinnings of optimal risk management.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Bilar, D.: Quantitative Risk Analysis of Computer Networks, Ph.D. Thesis, Dartmouth College (2003)
1st Computer Security Risk Management Model Builders Workshop, Martin Marietta, Denver, Colorado, National Bureau of Standards (May 1988)
2nd Computer Security Risk Management Model Builders Workshop, AIT Corporation, Ottawa, Canada, National Institute of Standards and Technology (June 1989)
3rd International Computer Security Risk Management Model Builders Workshop, Los Alamos National Laboratory, Santa Fe, New Mexico, National Institute of Standards and Technology (August 1990)
4th International Computer Security Risk Management Model Builders Workshop, University of Maryland, College Park, Maryland, National Institute of Standards and Technology (August 1991)
Guidelines for Automatic Data Processing Physical Security and Risk Management, National Bureau of Standards (1974)
Guidelines for Automatic Data Processing Risk Analysis, National Bureau of Standards (1979)
Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. Freeman, San Francisco (1979)
Gehani, A.: Support for Automated Passive Host-based Intrusion Response, PhD thesis, Duke University (2003)
Gehani, A.: Performance-sensitive Real-time Risk Management is NP-Hard. In: Workshop on Foundations of Computer Security affiliated with the 19th IEEE Symposium on Logic in Computer Science (2004)
Gehani, A., Kedem, G.: RheoStat: Real-time Risk Management. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 296–314. Springer, Heidelberg (2004)
Gehani, A., Kedem, G.: Real-time Access Control Reconfiguration. In: International Infrastructure Survivability Workshop affiliated with the 25th IEEE International Real-Time Systems Symposium (2004)
Gehani, A., Chandra, S., Kedem, G.: Augmenting Storage with an Intrusion Response Primitive to Ensure the Security of Critical Data. In: 1st ACM Symposium on Information, Computer and Communications Security (2006)
Ibarra, O., Kim, C.: Fast Approximation Algorithms for the Knapsack and Sum of Subset Problems. Journal of the ACMÂ 22(4) (1975)
Kellerer, H., Pferschy, U.: A new fully polynomial approximation scheme for the knapsack problem. In: Jansen, K., Rolim, J.D.P. (eds.) APPROX 1998. LNCS, vol. 1444, pp. 123–134. Springer, Heidelberg (1998)
Kellerer, H., Pferschy, U., Pisinger, D.: Knapsack Problems. Springer, Heidelberg (2004)
Martello, S., Toth, P.: Knapsack Problems: Algorithms and Computer Implementations. John Wiley and Sons, New York (1990)
Guidelines for Automatic Data Processing Physical Security and Risk Management, National Institute of Standards and Technology (1996)
Description of Automated Risk Management Packages that NIST/NCSC Risk Management Research Laboratory Has Examined, National Institute of Standards and Technology (1991)
Hoo, K.S.: Guidelines for Automatic Data Processing Physical Security and Risk Management, Ph.D. Thesis, Stanford University (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Gehani, A., Zaniewski, L., Subramani, K. (2011). Algorithmic Aspects of Risk Management. In: Agha, G., Danvy, O., Meseguer, J. (eds) Formal Modeling: Actors, Open Systems, Biological Systems. Lecture Notes in Computer Science, vol 7000. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24933-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-24933-4_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24932-7
Online ISBN: 978-3-642-24933-4
eBook Packages: Computer ScienceComputer Science (R0)