Risk Assessment as an Argumentation Game

This paper explores the idea that IT security risk assessment can be formalized as an argumentation game in which assessors argue about how the system can be attacked by a threat agent and defended by the assessors. A system architecture plus assumptions about the environment is specified as an ASPIC + argumentation theory, and an argument game is defined for exchanging arguments between assessors and hypothetical threat agents about whether the specification satisfies a given security requirement. Satisfaction is always partial and involves a risk assessment of the assessors. The game is dynamic in that the players can both add elements to and delete elements from the architecture specification. The game is shown to respect the underlying argumentation logic in that for any logically completed game 'won' by the defender, the security requirement is a justified conclusion from the architecture specification at that stage of the game.

[1]  Henry Prakken,et al.  Relating Protocols For Dynamic Dispute With Logics For Defeasible Argumentation , 2000, Synthese.

[2]  Henry Prakken,et al.  An abstract framework for argumentation with structured arguments , 2010, Argument Comput..

[3]  Alessandra Russo,et al.  Using Argumentation Logic for Firewall Policy Specification and Analysis , 2006, DSOM.

[4]  Bashar Nuseibeh,et al.  Risk and argument: A risk-based argumentation method for practical security , 2011, 2011 IEEE 19th International Requirements Engineering Conference.

[5]  Henry Prakken,et al.  A general account of argumentation with preferences , 2013, Artif. Intell..

[6]  Ronald Prescott Loui,et al.  Process and Policy: Resource‐Bounded NonDemonstrative Reasoning , 1998, Comput. Intell..

[7]  Simon Parsons,et al.  Arguing About Firewall Policy , 2012, COMMA.

[8]  Bashar Nuseibeh,et al.  Security Requirements Engineering: A Framework for Representation and Analysis , 2008, IEEE Transactions on Software Engineering.

[9]  Sjouke Mauw,et al.  Foundations of Attack Trees , 2005, ICISC.

[10]  Trevor J. M. Bench-Capon,et al.  Computational Models of Argument , 2006 .

[11]  Radu State,et al.  Large Scale Management of Distributed Systems , 2006, Lecture Notes in Computer Science.

[12]  Phan Minh Dung,et al.  On the Acceptability of Arguments and its Fundamental Role in Nonmonotonic Reasoning, Logic Programming and n-Person Games , 1995, Artif. Intell..

[13]  John Fox,et al.  An argumentation-based approach to risk assesment , 1993 .

[14]  Henry Prakken,et al.  Reasoning about Preferences in Structured Extended Argumentation Frameworks , 2010, COMMA.

[15]  Simon Parsons,et al.  Argumentation and risk assessment , 2002 .

[16]  Stefan Woltran,et al.  Proceedings of COMMA 2012 , 2012 .

[17]  Seungjoo Kim,et al.  Information Security and Cryptology - ICISC 2005 , 2005, Lecture Notes in Computer Science.

[18]  Henry Prakken,et al.  Coherence and Flexibility in Dialogue Games for Argumentation , 2005, J. Log. Comput..

[19]  Ketil Stølen,et al.  Model-Driven Risk Analysis - The CORAS Approach , 2010 .