Research Article
Dynamic Risk Mitigation in Computing Infrastructures
@INPROCEEDINGS{10.1109/IAS.2007.91, author={R. Ann Miura-Ko and Nicholas Bambos}, title={Dynamic Risk Mitigation in Computing Infrastructures}, proceedings={3rd International ICST Symposium on Information Assurance and Security}, publisher={IEEE}, proceedings_a={IAS}, year={2007}, month={9}, keywords={Analytical models Data security Databases Information analysis Information security Management information systems Network servers Resource management Risk analysis Risk management}, doi={10.1109/IAS.2007.91} }- R. Ann Miura-Ko
Nicholas Bambos
Year: 2007
Dynamic Risk Mitigation in Computing Infrastructures
IAS
IEEE
DOI: 10.1109/IAS.2007.91
Abstract
In this brief paper, we formulate a novel analytical framework for modeling and mitigation of dynamically changing security risk profiles in information systems and networks. Risk accumulates at components/nodes (hosts, servers, databases, etc.) due to risk shocks hitting them (virus, worm attacks, etc.) and is monitored by risk indicators. The risk manager dynamically chooses defenses by reconfiguring and allocating available protection resources to various infrastructure components/nodes. The issue is to dynamically control risk by (re)deploying defenses on the spot in response to changing risk indicators. The framework is designed to parallel queuing modeling ones, mapping backlog/congestion to risk level/stress. This exposes interesting connections between dynamic risk management and queueing systems. It also allows for leveraging some results of congestion management for risk mitigation, as well as developing new ones to capture risk management performance tradeoffs.
