Risk assessment as an argumentation game

Henry Prakken, Dan Ionita, Roelf J. Wieringa

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    13 Citations (Scopus)

    Abstract

    This paper explores the idea that IT security risk assessment can be formalized as an argumentation game in which assessors argue about how the system can be attacked by a threat agent and defended by the assessors. A system architecture plus assumptions about the environment is specified as an ASPIC +  argumentation theory, and an argument game is defined for exchanging arguments between assessors and hypothetical threat agents about whether the specification satisfies a given security requirement. Satisfaction is always partial and involves a risk assessment of the assessors. The game is dynamic in that the players can both add elements to and delete elements from the architecture specification. The game is shown to respect the underlying argumentation logic in that for any logically completed game ‘won’ by the defender, the security requirement is a justified conclusion from the architecture specification at that stage of the game.
    Original languageUndefined
    Title of host publication14th International Workshop on Computational Logic in Multi-Agent Systems, CLIMA XIV
    EditorsJ. Leite, T.C. Son, P. Torrini, L. Van Der Torre, S. Woltran
    Place of PublicationLondon
    PublisherSpringer
    Pages357-373
    Number of pages17
    ISBN (Print)978-3-642-40623-2
    DOIs
    Publication statusPublished - Sep 2013
    Event14th International Workshop on Computational Logic in Multi-Agent Systems: 14th International Workshop on Computational Logic in Multi-Agent Systems, CLIMA XIV - Corunna, Spain
    Duration: 16 Sep 201318 Sep 2013
    Conference number: 14th

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    Volume8143

    Conference

    Conference14th International Workshop on Computational Logic in Multi-Agent Systems
    Abbreviated titleCLIMA XIV
    CountrySpain
    CityCorunna
    Period16/09/1318/09/13

    Keywords

    • SCS-Services
    • EC Grant Agreement nr.: FP7/318003
    • METIS-300053
    • EC Grant Agreement nr.: FP7/2007-2013
    • IR-87983
    • EWI-23791

    Cite this