Skip to main content
SpringerLink
Log in

Risk Assessment Aspects in Mastering the Value Function of Security Measures

  • Conference paper
New Results in Dependability and Computer Systems

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 224))

Abstract

The chapter presents the risk management approach applied in the EC FP7 ValueSec project. The security measures selection process is based on three pillars: Risk Reduction Assessment (RRA), Cost-Benefit-Analysis (CBA) and Qualitative Criteria Assessment (QCA). The ValueSec tool set, which is elaborated in the project, should be equipped with components corresponding to these pillars. The chapter overviews the researches of the project focused on the decision model elaboration and selection of existing method to be implemented, or existing tools to be integrated in the ValueSec framework. Risk management is a broad issue, especially in five of the project assumed contexts. For this reason more specialized components are allowed for the RRA pillar. Currently the project passes to the implementation and use case experimentation phase. The chapter shows the general architecture, currently implemented and the RRA component example.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ValueSec web page: http://www.valuesec.eu (accessed January 10, 2012)

  2. D2.1 Decision domains concepts and trends (2011), http://www.valuesec.eu/content/d21-decision-domains-concepts-and-trends

  3. D2.2 Data model and decision model (2011), http://www.valuesec.eu/content/d22-data-model-and-decision-model

  4. D2.3 Relational concept between security and politico-economic sphere (2011), http://www.valuesec.eu/content/d23-relational-concept-between-security-and-politico-economic-sphere

  5. D2.5 Report on workshop on user needs and requirements (2011), http://www.valuesec.eu/content/d25-report-workshop-user-needs-and-requirements

  6. D3.1 Framework for the assessment of methods and tools (2011), http://www.valuesec.eu/content/d31-framework-assessment-methods-and-tools

  7. D3.2 Catalogue of evaluated methodologies and tools available (2011), http://www.valuesec.eu/content/d32-catalogue-evaluated-methodologies-and-tools-available

  8. D3.3 Evaluation of methods and tools, and the required improvements (2012), http://www.valuesec.eu/content/d33-evaluation-methods-and-tools-and-required-improvements

  9. D4.1 Part 1 Usability assessment criteria and usability analysis (2012), http://www.valuesec.eu/content/d41-part-1-usability-assessment-criteria-and-usability-analysis

  10. Zuniga, E.B., Blobner, C.: ValueSec – Mastering the Value Function of Security Measures. In: Ender, J., Fiege, J. (eds.) 6th Future Security: Security Research Conference, Future Security, Berlin, September 5-7. Conference Proceedings, pp. 277–281 (2011)

    Google Scholar 

  11. Bjorheim Abrahamsen, E., Aven, T., Pettersen, K., Rosqvist, T.: A framework for selection of strategy for management of security measures. In: PSAM 2011 & Esrel 2012 Int’l Conference Proceedings. Scandic Marina Congress Centre, Helsinki, Finland, June 25-29, pp. 18-Tu2-4. USB memory stick (2012)

    Google Scholar 

  12. RĂ€ikkönen, M., Rosqvist, T., Poussa, L., JĂ€hi, M.: A Framework for Integrating Economic Evaluation and Risk Assessment to Support Policymakers’ Security-related Decisions. In: PSAM 2011 & Esrel 2012 Int’l Conference Proceedings. Scandic Marina Congress Centre, Helsinki, Finland, June 25-29, pp. 18-Tu3-2. USB memory stick (2012)

    Google Scholar 

  13. Adar, E., Blobner, C., Hutter, R., Pettersen, K.: An extended Cost-Benefit Analysis for evaluating Decisions on Security Measures of Public Decision Makers. Forthcoming CRITIS 2012, 7th International Conference on Critical Information Infrastructures Security, Lillehammer, Norway, September 17-19 (2012)

    Google Scholar 

  14. BiaƂas, A.: Computer support in business continuity and information security management. In: KapczyƄski, A., Tkacz, E., Rostanski, M. (eds.) Internet - Technical Developments and Applications 2. AISC, vol. 118, pp. 155–169. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  15. BagiƄski, J., RostaƄski, M.: The modeling of Business Impact Analysis for the loss of integrity, confidentiality and availability in business processes and data. Theoretical and Applied Informatics 23(1), 73–82 (2011) ISSN 1896-5334

    Google Scholar 

  16. BagiƄski, J.: Software support of the risk reduction assessment in the valueSec project flood use case. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds.) New Results in Dependability & Comput. Syst. AISC, vol. 224, pp. 11–24. Springer, Heidelberg (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Innovative Technologies EMAG, 40-189, Katowice, Leopolda 31, Poland

    Andrzej BiaƂas

Authors
  1. Andrzej BiaƂas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andrzej BiaƂas .

Editor information

Editors and Affiliations

  1. , Institute of Computer Engineering, WrocƂaw University of Technology, ul. Janiszewskiego 11/17, WrocƂaw, 50-372, Poland

    Wojciech Zamojski

  2. , Institute of Computer Engineering, WrocƂaw University of Technology, ul. Janiszewskiego 11/17, WrocƂaw, 50-372, Poland

    Jacek Mazurkiewicz

  3. , Institute of Computer Engineering, WrocƂaw University of Technology, ul. Janiszewskiego 11/17, WrocƂaw, 50-372, Poland

    JarosƂaw Sugier

  4. , Institute of Computer Engineering, WrocƂaw University of Technology, ul. Janiszewskiego 11/17, WrocƂaw, 50-372, Poland

    Tomasz Walkowiak

  5. , Systems Research Institute, Polish Academy of Sciences, ul. Newelska 6, Warszawa, 01-447, Poland

    Janusz Kacprzyk

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

BiaƂas, A. (2013). Risk Assessment Aspects in Mastering the Value Function of Security Measures. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds) New Results in Dependability and Computer Systems. Advances in Intelligent Systems and Computing, vol 224. Springer, Heidelberg. https://doi.org/10.1007/978-3-319-00945-2_3

Download citation

Publish with us

Policies and ethics

Search

Navigation