- the consequences of potential decisions made by decision makers (e.g. in terms of strategic policies and adoption of controls) on key aspects such as security risks, costs, impact on reputation, etc.;
- the impact of identity management solutions on IT infrastructures, people and business contexts;
- the implications of people behaviours on security and privacy aspects.
The aim is to help decision makers to assess the consequences of their decisions and explore investment trade-offs. In particular, assessing the impacts on security risks and costs is very important: given the current global financial situation, the “cost” dimension is going to play more and more a key role.
We published a few HP Labs Technical Reports to provide an overview of our R&D work, including HPL-2008-186 and HPL-2008-84. In particular, the most recent HPL-2008-186 report provides and example of a model (based on the Demos2K simulation framework) we used to carry out our simulations and trade-off analysis in a “data sharing collaborative scenario”.
Many case studies can potentially be explored with our approach, including Web 2.0 collaborative services, access and protection of critical business applications and services, user account lifecycle management processes, data flows and lifecycle management, identity theft scenarios, etc.
I would be interested in discussing this topic with this community, in particular about related work and exploring any specific requirement or case study you might have in this space.
--- NOTE: my original HP blog can be found here ---
No comments:
Post a Comment