Model-based Management of Information System Security Risk

During the last twenty years, the impact of security concerns on the development and exploitation of information systems never ceased to grow. Security risk management methods are methodological tools, helping organisations to take rational decisions, regarding the security of their IS. Feedbacks on the use of such approaches show that they considerably reduce losses originating from security problems. Today, these methods are generally built around a well structured process. However, the product coming from the different risk management steps is still largely informal, and often not analytical enough. This lack of formality hinders the automation of the management of risk-related information. Another drawback of current methods is that they are generally designed for being used a posteriori, that is, to assess the way existing systems handle risks, and are with difficulty usable a priori, during information system development. Finally, each method using its own terminology, it is difficult to combine several methods, in the aim of taking advantage of each of them. For tackling the preceding problems, our contribution proposes a model-based approach for risk management, applicable since the early phases of information system development. This approach was successfully experimented in the frame of the ISO 27001 certification of a company, described in this book.