Computer model of security risks
First Claim
Patent Images
1. A computer-implemented method of quantifying a security risk associated with a computer system, the method comprising:
- identifying a computer system;
identifying a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system;
determining a likelihood that the event associated with the risk will occur;
determining a cost associated with the event occurring on the computer system; and
quantifying the risk into an impact value by using the likelihood and the cost.
6 Assignments
0 Petitions
Accused Products
Abstract
The security risk associated with a computer system may be quantified by identifying a computer system, identifying a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system, determining a likelihood that the event associated with the risk will occur, determining a cost associated with the event occurring on the computer system, and quantifying the risk into an impact value by using the likelihood and the cost.
68 Citations
31 Claims
-
1. A computer-implemented method of quantifying a security risk associated with a computer system, the method comprising:
-
identifying a computer system;
identifying a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system;
determining a likelihood that the event associated with the risk will occur;
determining a cost associated with the event occurring on the computer system; and
quantifying the risk into an impact value by using the likelihood and the cost. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system configured to quantify a security risk associated with a computer system, the system comprising:
-
an identifying processor structured and arranged to identify a computer system;
a risk processor structured and arranged to identify a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system;
a likelihood processor structured and arranged to determine a likelihood that the event associated with the risk will occur;
a cost processor structured and arranged to determine a cost associated with the event occurring on the computer system; and
an impact value processor structured and arranged to quantify the risk into an impact value by using the likelihood and the cost. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A system configured to quantify a security risk associated with a computer system, the system comprising:
-
means for identifying a computer system;
means for identifying a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system;
means for determining a likelihood that the event associated with the risk will occur;
means for determining a cost associated with the event occurring on the computer system; and
means for quantifying the risk into an impact value by using the likelihood and the cost.
-
-
31. A computer program configured to quantify a security risk associated with a computer system, the system comprising:
-
a first code segment structured and arranged to identify a computer system;
a second code segment structured and arranged to identify a risk associated with the computer system, the risk relating to an event that may interrupt a normal operating mode of the computer system;
a third code segment structured and arranged to determine a likelihood that the event associated with the risk will occur;
a fourth code segment structured and arranged to determine a cost associated with the event occurring on the computer system; and
a fifth code segment structured and arranged to quantify the risk into an impact value by using the likelihood and the cost.
-
Specification