The Collaborative Risk Assessment Service is to run a higher level of risk assessment, based on pre-analysed data (e.g. the output of the Asset Risk Assessment Service reports), and run an aggregation risk assessment on top of that. It supports the FINSTIX objects. That is the “x-risk-configuration”, “x-threat” and filtering the model/instance depending on the task purpose as illustrated in the figure below.

Fetching data is achieved in almost real-time by utilizing the /dbstream endpoint provided by the data-layer as a result of the implementation of MongoDB change streams (more details can be found in Section “Data Tier Access”). This fact provides a more efficient and less error prone way of fetching data and triggering the risk calculations. The change is seamless to the end user. More information on the architecture conformance and the endpoint itself can be found in Section (data-layer dbStream cross reference).

Calculating risks is now considering the event thresholds provided by the security officer. This is a new adjustment during wave 2 and provides more robust and dynamic calculations. The final formula for calculating the service risk for a specific threat is: R = t × TL × VL × IL which means that risk is the product of Threat, Vulnerability and Impact levels multiplied by a factor t which is the combined event threshold for all events affecting the threat. The factor t gets values inside the [0,1] space hence the attenuation of the risk value if the threshold is not reached.

The Collaboration Module enables the consuming/sending of Risk Assessment reports across organizations. This information serves as an Input to the Collaborative Risk Assessment. Risk reports will be sent to other partners using the Blockchain infrastructure by producing FINSTIX data (x-risk custom SDOs) and utilizing the Collaboration Module endpoints. A high-level overview of this scenario is illustrated in the Figure below. The Collaborative Risk Assessment Module i.e. MITIGATE extension, will get input reports from ATOS RAE and Collaboration Module and will provide output to other partners (Blockchain entries) through Collaboration Module middleware.

The technology architecture of the Collaborative Risk Assessment Service consists of a local database and scheduled jobs which carry out the risk calculation process. Local storage is preferred since configuration options are only relative to the current service. In addition, internal operations for risk calculations are time consuming and complex object relations are required for the scope of the service. These factors impose the need of a local database for storage and configuration purposes.

More information on the Collaborative Risk Management is available in the Securing Critical Infrastructures in the Financial Sector course.

 

---

 

Innovation

The Collaborative Risk Assessment Engine exhibits the following novel features:
• It leverages decentralized information sharing based on blockchain technology, which provides distributed trust and obviates the need for a trusted third party.
• It automatically triggers the aggregate risk scoring functionalities upon the reception of risk-related security events from other participants of the collaborative security infrastructure.

more information

CONTACT 1

Hristo Koshutanski

---

CONTACT 2

Konstantinos Mavrogiannis

---