Data di Pubblicazione:
2021
Citazione:
An Assurance-Based Risk Management Framework for Distributed Systems / M. Anisetti, C.A. Ardagna, N. Bena, A. Foppiani - In: 2021 IEEE International Conference on Web Services (ICWS)[s.l] : IEEE, 2021. - ISBN 978-1-6654-1681-8. - pp. 482-492 (( convegno ICWS tenutosi a Chicago nel 2021 [10.1109/ICWS53863.2021.00068].
Abstract:
The advent of cloud computing and Internet of Things (IoT) has deeply changed the design and operation of IT systems, affecting mature concepts like trust, security, and privacy. The benefits in terms of new services and applications come at a price of new fundamental risks, and the need of adapting risk management frameworks to properly understand and address them. While research on risk management is an established practice that dates back to the 90s, many of the existing frameworks do not even come close to address the intrinsic complexity and heterogeneity of modern systems. They rather target static environments and monolithic systems thus undermining their usefulness in real-world use cases. In this paper, we present an assurance-based risk management framework that addresses the requirements of risk management in modern distributed systems. The proposed framework implements a risk management process integrated with assurance techniques. Assurance techniques monitor the correct behavior of the target system, that is, the correct working of the mechanisms implemented by the organization to mitigate the risk. Flow networks compute risk mitigation and retrieve the residual risk for the organization. The performance and quality of the framework are evaluated in a simulated industry 4.0 scenario.
Tipologia IRIS:
03 - Contributo in volume
Keywords:
Assurance; Network Flows; Risk Management; Security; Testing
Elenco autori:
M. Anisetti, C.A. Ardagna, N. Bena, A. Foppiani
Link alla scheda completa:
Link al Full Text:
Titolo del libro:
2021 IEEE International Conference on Web Services (ICWS)