Ontology Based Risk Management
Risk management in several application domains is receiving increasing attention in the last years especially when the risk management must be pursued in a network made of interacting systems. The motivation is that although risk management models and techniques are mature enough to handle risk in the context of a single system, risk evaluation in the setting of a network of systems is much more difficult to model and manage. Because of the lack of awareness of risk, it is difficult to perceive risks propagation within the network of systems. On the other hand, the lack of shared goals and knowledge represents itself a risk, so that we need a good paradigm to organize and communicate information.
In this paper we first introduce a metamodel able to represent the fundamental structure from which distributed risk management models can be derived with respect to several application domains. This abstraction arises from an approach to risk management based on the definition of risk ontologies. A risk ontology is specialized to represent and share risk knowledge in a given application domain; changing the underlying ontology, the metamodel can be adapted to a new application domain so that the logic for risk management can be reused with a reasonable tailoring effort.
Two case studies are discussed in the paper as possible implementation of risk management systems based on the proposed metamodel.
KeywordsSensor Network Risk Management Risk Exposure Mitigation Action Virtual Enterprise
Unable to display preview. Download preview PDF.
- 2.Aiello, R., Nota, G.: Proactive contract management through rsf specification. In: Computer Supported Activity Coordination, pp. 76–86. INSTICC Press, PRT (2007). In conjuction with ICEIS 2007Google Scholar
- 3.Alberts, C.: Common elements of risk (2006). Carnegie Mellon University, Software Engineering Institute, PittsburghGoogle Scholar
- 4.AS/NZS4360: Risk management (1999). AS/NZS 4360, Australian Standard — Risk Management, 1999Google Scholar
- 6.Caprio, F., Aiello, R., Nota, G.: Adaptive risk management in distributed sensor networks. In: ICEIS 2008 — Proceedings of the Tenth International Conference on Enterprise Information Systems, Volume SAIC, Barcelona, Spain, June 12–16, pp. 315–320 (2008)Google Scholar
- 9.Higuera, R., Haimes, Y.: Software risk management (1996). CMU/SEI-96-TR-012 Carnegie Mellon University, Software Engineering Institute, PittsburghGoogle Scholar
- 10.Mees, W.: Risk management in coalition networks. In: Proceedings of the Third International Symposium on Information Assurance and Security, IAS 2007, August 29–31, 2007, Manchester, United Kingdom, pp. 329–336 (2007)Google Scholar
- 11.Meyers, B.: Risk management considerations for interoperable acquisition (2006). CMU/SEI-2006-TN-032 Carnegie Mellon University, Software Engineering Institute, PittsburghGoogle Scholar
- 12.Noor, I.: Risk and issue management — principles and practice. http://www.pmolink.com/ articles/RiskPaper.pdfGoogle Scholar
- 13.PMBOK: A Guide To The Project Management Body Of Knowledge (PMBOK Guides). Project Management Institute (2004)Google Scholar
- 14.Ricci, A., Denti, E., Omicini, A.: Agent coordination infrastructures for virtual enterprises and workflow management. In: M. Klusch, F. Zambonelli (eds.) Cooperative Information Agents V, 5th International Workshop, CIA 2001, Modena, Italy, September 6–8, 2001, Proceedings, Lecture Notes in Computer Science, vol. 2182, pp. 235–246. Springer (2001)Google Scholar
- 15.Wiener, N.: Cybernetics: Or Control and Communication in Animal and the Machine. MIT Press, Cambridge, MA, USA (2000)Google Scholar