Abstract
Evaluating the effectiveness of the security measures undertaken to protect a distributed system (e.g., protecting privacy of data in a network or in an information system) is a difficult task that, among other things, requires a risk assessment. We introduce a logical framework that allows one to reason about risk by means of operators that formalize causes, effects, preconditions, prevention and mitigation of events that may occur in the system. This is work in progress and we describe a number of interesting variants that could be considered.
Chapter PDF
References
AVANTSSAR. Deliverable 5.1: Problem cases and their trust and security requirements (2008), http://www.avantssar.eu
Bartsch, S.: A calculus for the qualitative risk assessment of policy override authorization. In: SIN, pp. 62–70 (2010)
Basin, D.A., Caleiro, C., Ramos, J., Viganò, L.: Labelled tableaux for distributed temporal logic. Journal of Logic and Computation 19(6), 1245–1279 (2009)
Bell, J.: A Common Sense Theory of Causation. In: Blackburn, P., Ghidini, C., Turner, R.M., Giunchiglia, F. (eds.) CONTEXT 2003. LNCS, vol. 2680, pp. 40–53. Springer, Heidelberg (2003)
Chapin, P.C., Skalka, C., Wang, X.S.: Risk assessment in distributed authorization. In: FMSE, pp. 33–42 (2005)
D’Agostino, M., Gabbay, D.M., Hähnle, R., Posegga, J. (eds.): Handbook of Tableau Methods. Kluwer Academic Publishers (1999)
Dunn, J.M.: Positive modal logic. Studia Logica 55, 301–317 (1995)
Gabbay, D.M.: Labelled Deductive Systems. Clarendon Press (1996)
Giunchiglia, E., Lee, J., Lifschitz, V., McCain, N., Turner, H.: Nonmonotonic causal theories. Artificial Intelligence 153(1-2), 49–104 (2004)
Lewis, D.: Causation. The Journal of Philosophy 70(17), 556–567 (1973)
Lewis, D.: Causation as influence. The Journal of Philosophy 97(4), 182–197 (2000)
Li, N., Mitchell, J.C.: A role-based trust-management framework. In: DISCEX-III, pp. 201–212. IEEE Computer Society (2003)
Masini, A., Viganò, L., Volpe, M.: A history of until. ENTCS 262, 189–204 (2010)
Shafer, G., Gillett, P.R., Scherl, R.B.: The logic of events. Annals of Mathematics and Artificial Intelligence 28(1-4), 315–389 (2000)
Singh, A., Lilja, D.J.: Improving risk assessment methodology: a statistical design of experiments approach. In: SIN, pp. 21–29 (2009)
Terenziani, P., Torasso, P.: Time, action-types, causation: An integrated analysis. Computational Intelligence 11, 529–552 (1995)
Turner, H.: A logic of universal causation. AI 113(1-2), 87–123 (1999)
Viganò, L.: Labelled Non-Classical Logics. Kluwer Academic Publishers (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Cristani, M., Karafili, E., Viganò, L. (2012). Towards a Logical Framework for Reasoning about Risk. In: Quirchmayr, G., Basl, J., You, I., Xu, L., Weippl, E. (eds) Multidisciplinary Research and Practice for Information Systems. CD-ARES 2012. Lecture Notes in Computer Science, vol 7465. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32498-7_46
Download citation
DOI: https://doi.org/10.1007/978-3-642-32498-7_46
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32497-0
Online ISBN: 978-3-642-32498-7
eBook Packages: Computer ScienceComputer Science (R0)