In order to evaluate the effectiveness of the security measures undertaken to protect a distributed system (e.g., protecting privacy of data in a network or in an information system) one should, among other things, perform a risk assessment. In this paper, we introduce a logical framework that allows one to reason about risk by means of operators that formalize causes, effects, preconditions, prevention and mitigation of events that may occur in the system. We give tableau rules and discuss a number of interesting variants that could be considered, prove soundness and completeness for some of the resulting tableau systems, and give an algorithm for satisfiability.

Tableau systems for reasoning about risk

CRISTANI, Matteo;VIGANO', Luca
2014-01-01

Abstract

In order to evaluate the effectiveness of the security measures undertaken to protect a distributed system (e.g., protecting privacy of data in a network or in an information system) one should, among other things, perform a risk assessment. In this paper, we introduce a logical framework that allows one to reason about risk by means of operators that formalize causes, effects, preconditions, prevention and mitigation of events that may occur in the system. We give tableau rules and discuss a number of interesting variants that could be considered, prove soundness and completeness for some of the resulting tableau systems, and give an algorithm for satisfiability.
2014
Security; Formal methods; risk analysis
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11562/747775
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? 1
social impact