1 Oppliger: Ch. 15 Risk Management. 2 Outline Introduction Formal risk analysis Alternative risk...
-
Upload
deirdre-king -
Category
Documents
-
view
212 -
download
0
Transcript of 1 Oppliger: Ch. 15 Risk Management. 2 Outline Introduction Formal risk analysis Alternative risk...
1
Oppliger: Ch. 15
Risk Management
2
Outline
• Introduction
• Formal risk analysis
• Alternative risk analysis approaches/technologies– Security scanning– Intrusion detection
• True or false?Risks are everywhere!
A new risk may be introduced (or triggered) by a solution.
3
Risk
• A risk is an expectation of loss.– Usually represented as the probability that a particular threat will
exploit a particular vulnerability with a particular harmful result
• Risk = prob (T, V, R)
• Example:– Let T = “port scanning”
– Let V = “No firewall exists between the public Internet and the private network”
– Let R = “An unauthorized connection is established between a computer in the private network and a remote (potentially malicious) computer”
• Other examples of risk?
4
Risk Analysis
• Aka. Risk Assessment
• A systematical process that a) identifies valuable system resources and threats to those
resources;
b) quantifies loss exposures (i.e., loss potential) based on estimated frequencies and costs of occurrence;
c) (optionally) recommends how to allocate resources to countermeasures so as to minimize total exposure
• A process that identifies risks and their respective potential cost (and countermeasures)
5
Risk Analysis (cont.)
• Example of risk analysis ?– Let T = “port scanning”
– Let V = “No firewall exists between the public Internet and the private network”
– Let R = “An unauthorized connection is established between a computer in the private network and a remote (potentially malicious) computer”
– Factors affecting the potential cost ? Cost per incident, frequency of incident
• Other examples of risk analysis?
• Other definitions of risk analysis ?
6
Risk Analysis (cont.)
• Other definitions of risk analysis ?
– Risk analysis (in business) is a technique to identify and assess factors that may jeopardize the success of a project or achieving a goal.
source: http://en.wikipedia.org/wiki/Risk_analysis_(Business)
– Risk analysis (in engineering) is the science of risks and their probability and evaluation.
Source: http://en.wikipedia.org/wiki/Risk_analysis_(engineering)
c.f., Risks with respect to project failure;
Risks with respect to a system’s being breached;
Other risks ??
7
Risk Management• A process of identifying, controlling, and eliminating or
minimizing uncertain events that may affect system resources
Threat model The attackers (who) The attacks (how) The resources (what) …
8
Formal Risk Analysis
• A formal process/tool(s) for performing risk analysis
• Examples: – British CCTA’s CRAMM (CCTA Risk Analysis &
Management Methodology)– French CLUSIF’s MARION
• Steps:– Establish an inventory of all assets– Quantifying loss exposures based on estimated
frequencies and costs of occurrence• Quantitative risk analysis is complex! • It’s difficult to quantify (due to complexities and
lack of models).
9
Qualitative risk analysis• Differs from formal/quantitative risk analysis in the
quantification step
• Qualitative risk analysis only identifies the existence of risks, but does not try to quantify the estimated frequency and the costs of occurrence in order to calculate the loss potential.
• Examples: – A Web site connected to the Internet could be hacked.
– A computer connected to the Internet is subject to port scanning.
Note: The definition may be arguable.
See http://www.anticlue.net/archives/000817.htm, for example.
The qualitative risk analysis outlined in that article include a quantification step.
10
Other approaches of risk analysis
• Security scanning– The process of performing vulnerability analyses
using a security scanner.
– Security scanner: a tool that scans the system to identify vulnerabilities
• Intrusion Detection– The process of identifying and responding to
intrusions to a system.
– An intrusion is “a sequence of related actions by a malicious adversary that results in the occurrence of unauthorized security threats …”
The Network Security
Process model
11