SpringerLink
Log in

Risk Assessment as an Argumentation Game

  • Conference paper
Computational Logic in Multi-Agent Systems (CLIMA 2013)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 8143))

Included in the following conference series:

Abstract

This paper explores the idea that IT security risk assessment can be formalized as an argumentation game in which assessors argue about how the system can be attacked by a threat agent and defended by the assessors. A system architecture plus assumptions about the environment is specified as an ASPIC  +  argumentation theory, and an argument game is defined for exchanging arguments between assessors and hypothetical threat agents about whether the specification satisfies a given security requirement. Satisfaction is always partial and involves a risk assessment of the assessors. The game is dynamic in that the players can both add elements to and delete elements from the architecture specification. The game is shown to respect the underlying argumentation logic in that for any logically completed game β€˜won’ by the defender, the security requirement is a justified conclusion from the architecture specification at that stage of the game.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Applebaum, A., Levitt, K., Rowe, J., Parsons, S.: Arguing about firewall policy. In: Verheij, B., Woltran, S., Szeider, S. (eds.) Computational Models of Argument. Proceedings of COMMA 2012, pp. 91–102. IOS Press, Amsterdam (2012)

    Google ScholarΒ 

  2. Bandara, A.K., Kakas, A.C., Lupu, E.C., Russo, A.: Using argumentation logic for firewall policy specification and analysis. In: State, R., van der Meer, S., O’Sullivan, D., Pfeifer, T. (eds.) DSOM 2006. LNCS, vol.Β 4269, pp. 185–196. Springer, Heidelberg (2006)

    ChapterΒ  Google ScholarΒ 

  3. Dung, P.M.: On the acceptability of arguments and its fundamental role in nonmonotonic reasoning, logic programming, and n–person games. Artificial IntelligenceΒ 77, 321–357 (1995)

    ArticleΒ  MathSciNetΒ  MATHΒ  Google ScholarΒ 

  4. Franqueira, V.N.L., Tun, T.T., Wieringa, R., Nuseibeh, B.: Risk and argument: a risk-based argumentation method for practical security. In: Proceedings of the 19th IEEE International Requirements Engineering Conference, Trento, Italy, pp. 239–248 (2011)

    Google ScholarΒ 

  5. Haley, C., Laney, R., Moffett, J., Nuseibeh, B.: Security requirements engineering: A framework for representation and analysis. IEEE Transactions on Software EngineeringΒ 34(1), 133–153 (2008)

    ArticleΒ  Google ScholarΒ 

  6. Krause, P., Fox, J., Judson, P.: An argumentation-based approach to risk assessment. IMA Journal of Mathematics Applied in Business & IndustryΒ 5, 249–263 (1993)

    Google ScholarΒ 

  7. Loui, R.P.: Process and policy: resource-bounded non-demonstrative reasoning. Computational IntelligenceΒ 14, 1–38 (1998)

    ArticleΒ  Google ScholarΒ 

  8. Lund, M.S., Solhaug, B., StΓΈlen, K.: Model-Driven Risk Analysis. The CORAS Approach. Springer, Heidelberg (2011)

    BookΒ  Google ScholarΒ 

  9. Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol.Β 3935, pp. 186–198. Springer, Heidelberg (2006)

    ChapterΒ  Google ScholarΒ 

  10. Modgil, S., Prakken, H.: Reasoning about preferences in structured extended argumentation frameworks. In: Baroni, P., Cerutti, F., Giacomin, M., Simari, G.R. (eds.) Computational Models of Argument. Proceedings of COMMA 2010, pp. 347–358. IOS Press, Amsterdam (2010)

    Google ScholarΒ 

  11. Modgil, S., Prakken, H.: A general account of argumentation with preferences. Artificial IntelligenceΒ 195, 361–397 (2013)

    ArticleΒ  MathSciNetΒ  MATHΒ  Google ScholarΒ 

  12. Parsons, S., Fox, J., Coulson, A.: Argumentation and risk assessment. In: Proceedings of the AAAI Spring Symposium on Predictive Toxicology (1999)

    Google ScholarΒ 

  13. Prakken, H.: Relating protocols for dynamic dispute with logics for defeasible argumentation. SyntheseΒ 127, 187–219 (2001)

    ArticleΒ  MathSciNetΒ  MATHΒ  Google ScholarΒ 

  14. Prakken, H.: Coherence and flexibility in dialogue games for argumentation. Journal of Logic and ComputationΒ 15, 1009–1040 (2005)

    ArticleΒ  MathSciNetΒ  MATHΒ  Google ScholarΒ 

  15. Prakken, H.: An abstract framework for argumentation with structured arguments. Argument and ComputationΒ 1, 93–124 (2010)

    ArticleΒ  Google ScholarΒ 

Download references

Author information

Authors and Affiliations

  1. Department of Information and Computing Sciences, Utrecht University, Utrecht, The Netherlands

    Henry Prakken

  2. Faculty of Law, University of Groningen, Groningen, The Netherlands

    Henry Prakken

  3. Department of Computer Science, University of Twente, Enschede, The Netherlands

    Dan IonitaΒ &Β Roel Wieringa

Authors
  1. Henry Prakken
    View author publications

    You can also search for this author in PubMedΒ Google Scholar

  2. Dan Ionita
    View author publications

    You can also search for this author in PubMedΒ Google Scholar

  3. Roel Wieringa
    View author publications

    You can also search for this author in PubMedΒ Google Scholar

Editor information

Editors and Affiliations

  1. CENTRIA and Departamento de InformΓ‘tica, Universidade Nova de Lisboa, Campus de Caparica, 2829-516, Caparica, Portugal

    JoΓ£o Leite

  2. Department of Computer Science, New Mexico State University, 88003, Las Cruces, NM, USA

    Tran Cao Son

  3. Dipartimento di Informatica: Scienza e Ingegneria (DISI), University of Bologna, V.le Risorgimento 2, 40136, Bologna, Italy

    Paolo Torroni

  4. Computer Science and Communication Lab, University of Luxembourg, 6 Rue Richard Coudenhove-Kalergi, 1359, Luxembourg, Luxembourg

    Leon van der Torre

  5. Institute of Information Systems, Vienna University of Technology, Favoritenstraße 9-11, 1040, Vienna, Austria

    Stefan Woltran

Rights and permissions

Reprints and permissions

Copyright information

Β© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Prakken, H., Ionita, D., Wieringa, R. (2013). Risk Assessment as an Argumentation Game. In: Leite, J., Son, T.C., Torroni, P., van der Torre, L., Woltran, S. (eds) Computational Logic in Multi-Agent Systems. CLIMA 2013. Lecture Notes in Computer Science(), vol 8143. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40624-9_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40624-9_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40623-2

  • Online ISBN: 978-3-642-40624-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation