Abstract:

One can evaluate risk using a probabilistically accurate estimation scheme in a quantitative security-meter model that will mimic the actual events. An empirical study is presented and verified by Discrete Event and Monte Carlo simulations. The design improves as time elapses, and as more corresponding data are collected. Non-ideal scenarios are studied as well as risk management practices. Additionally a time-dependent stochastic model is proposed for estimating the likelihood of lack of privacy (or # privacy breaches). Both metric studies aim to quantify risk probabilistically therefore leading to monetary estimates for risk mitigation, rather than qualify them in a high, medium or low terminology, conventionally exercised.

Speaker Bio:

Dr. Sahinoglu holds a B.S. from METU, Ankara and M.S. from UMIST, England, both in EE, and his Ph.D. from Texas A&M jointly in ECE and Statistics. He is a Fellow of SDPS (The Society of Design and Process Science), a Senior Member in IEEE, members of AFCEA, ACM, and ASA, elected members of ISI, IASC and TIE (Turkish Institute of Statistics) He originated jointly the "Sahinoglu - Libby (SL) pdf" with David Libby in 1981, "Compound Poisson Software Reliability Model"(1992) and "Compound Poisson Stopping Rule Algorithm" (1997) in cost-effective software testing, and recently "The Security-Meter" (2005) to quantify risk. Dr. Sahinoglu is currently researching on the Reliability and Security Modeling of Hardware & Software Systems, and writing a text book on Trustworthy Computing (TWC). He is a 2006 Microsoft Research Scholar on TWC Curriculum, one of 14 awardees around the globe.

a) A Universal (Time-Independent) Design to Quantify Risk using the Security-Meter Model , b) A Time-Dependent Stochastic Model to Quantify Lack of Privacy