Applicability of risk analysis methods to risk-aware routing in software-defined networks

摘要

Managing risk related to operation of Communication and Information Systems (CIS) is nowadays a very important objective of every organization. Incorrectly performed, risk assessment may lead to critical errors in the entire risk management process and expose an organization to unacceptable operational risk. Unfortunately, most of the currently adopted risk assessment approaches are only marginally applicable to modern IT systems. In this paper we evaluate suitability of various existing risk analysis approaches in support of risk management process for operation of Software Defined Network (SDN). Our objective is to identify risk analysis methods, which are most suitable for supporting risk-aware routing in SDN. From a large set of available risk analysis methods, we select methods that can be potentially used for risk-aware routing system in SDN and compare their suitability for this task. We conclude that the most suitable for our use case are risk assessment methods based on Bayesian networks.