Intrusion detection
Dempster belief functions are based on the principle of complete ignorance
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems - special issue on models for imprecise probabilities and partial knowledge
Beyond Fear: Thinking Sensibly about Security in an Uncertain World
Beyond Fear: Thinking Sensibly about Security in an Uncertain World
The CORAS methodology: model-based risk assessment using UML and UP
UML and the unified process
ACSW Frontiers '04 Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation - Volume 32
ISSRE '04 Proceedings of the 15th International Symposium on Software Reliability Engineering
Bayesian probabilistic risk analysis
ACM SIGMETRICS Performance Evaluation Review
Modeling Security Requirements Through Ownership, Permission and Delegation
RE '05 Proceedings of the 13th IEEE International Conference on Requirements Engineering
Software Security: Building Security In
Software Security: Building Security In
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Security Metrics: Replacing Fear, Uncertainty, and Doubt
Security Metrics: Replacing Fear, Uncertainty, and Doubt
Why Trust is not Proportional to Risk
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
From Trust to Dependability through Risk Analysis
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Secure Systems Development with UML
Secure Systems Development with UML
Hi-index | 0.00 |
In the last years, IT systems play a more and more fundamental role in human activities and, in particular, in critical activities such as the management of Air Traffic Control and Nuclear Power Plant. This has spurred several researchers to develop models, metrics, and methodologies for analyzing and measuring the security and dependability of critical systems. Their objective is to understand whether the risks affecting the system are acceptable or not. If risks are too high, analysts need to identify the treatments adequate to mitigate them. Existing proposals however fail to consider risks within multi-actors settings. Here, different actors participating to the system might have a different perception of risk and react consequently. In this paper, we introduce the concept of perceived risk and discuss its differences with actual risk. We also investigate the concepts necessary to capture and analyze perceived risk.