Algorithmic Aspects of Risk Management
Risk analysis has been used to manage the security of systems for several decades. However, its use has been limited to offline risk computation and manual response. In contrast, the authors use risk computation to drive changes in an operating system's security configuration. This allows risk management to occur in real time and reduces the window of exposure to attack. They posit that it is possible to protect a system by reducing its functionality temporarily when it is under siege. Their goal is to minimize the tension between security and usability by trading them dynamically. Instead of statically configuring a system, they aim to monitor the risk level, using it to drive the tradeoff between security and utility.