This paper prescnts an approach for decision making under security risks in a computer network environment. The proposed method relies on a many sorted algebraic signature and on a rewriting system. This lattcr is shown to be terminating and yielding a normal form, called the risk analysis equation, that models the cost-benefit balance. Furtherrnore, a gradual algebraic resolution of the risk analysis equation is described. This formalism helps security analysts to automate the selection of the optimal security solutions that minimize the residual risk. © 2004 by Springer Science+Business Media Dordrecht.
CITATION STYLE
Hamdi, M., & Boudriga, N. (2004). An abstract reduction model for computer security risk. In IFIP Advances in Information and Communication Technology (Vol. 147, pp. 1–16). Springer New York LLC. https://doi.org/10.1007/1-4020-8143-x_1
Mendeley helps you to discover research relevant for your work.