Conferences in Research and Practice in Information Technology
  

Online Version - Last Updated - 20 Jan 2012

 

 
Home
 

 
Procedures and Resources for Authors

 
Information and Resources for Volume Editors
 

 
Orders and Subscriptions
 

 
Published Articles

 
Upcoming Volumes
 

 
Contact Us
 

 
Useful External Links
 

 
CRPIT Site Search
 
    

Belief Based Risk Analysis

Josang, A., Bradley, D. and Knapskog, S.J.

    This paper describes a method for risk analysis based on the approach used in CRAMM, but instead of using discrete measures for threats and vulnerabilities and lookup tables to derive levels of risk, it uses subjective beliefs about threats and vulnerabilities as input parameters, and uses the belief calculus of subjective logic to combine them. Belief calculus has the advantage that uncertainty about threat and vulnerability estimates can be taken into consideration, and thereby reflecting more realistically the nature of such estimates. As a result, the computed risk assessments will better reflect the real uncertainties associated with those risks.
Cite as: Josang, A., Bradley, D. and Knapskog, S.J. (2004). Belief Based Risk Analysis. In Proc. Second Australasian Information Security Workshop (AISW2004), Dunedin, New Zealand. CRPIT, 32. Montague, P. and Steketee, C., Eds. ACS. 63-68.
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS
 

 

ACS Logo© Copyright Australian Computer Society Inc. 2001-2014.
Comments should be sent to the webmaster at crpit@scem.uws.edu.au.
This page last updated 16 Nov 2007