Results 1 to 4 of 4

Math Help - How to interpret summation notation...

  1. #1
    Newbie
    Joined
    Feb 2013
    From
    Belgium
    Posts
    2

    How to interpret summation notation...

    Hi all,

    I'm an ICT specialist geared towards networking, however for a new project I went out of my comfort zone and went to design a complete Information Security Management System. In scope of that, I found a simple risk assessment method created by Goel&Chen. This method uses 3 matrices and 3 summation formulas to get a value assigned to each risk/threat. I checked on the formula and found an explanation on how the summation works and so on. My problem is, that with the given information in their document, I fail to understand exactly which parameters to place where. This is the extract out of their document that I need help on:
    "The methodology proposed in the paper uses three separate matrices, i.e. vulnerability matrix, threat matrix and control matrix to collect the data that is required for risk analysis. The vulnerability matrix (Table 1) contains the associations between the assets and vulnerabilities in the organization, the threat matrix (Table 2) similarly contains the relationships between the vulnerabilities and threats, and the control matrix (Table 3) contains the links between the threats and controls. Each cell in a table contains the value of the relationship between the row and the column element of the table (e.g. asset and vulnerability). It uses one of the three values, i.e. low, medium or high.
    3
    When the risk analysis is initially conducted, lists of assets, vulnerabilities, threats, and controls are generated and added to the respective tables. The matrices are then populated by adding data that correlates the row of the matrix with the column of the matrix. Finally, the data from the vulnerability matrix is aggregated using Equation 1 and then cascaded on to Table 2. Similarly, data in the threat matrix is aggregated using equation 2 and cascaded on to Table 3. The data from the Control matrix is then aggregated to obtain the relative importance of the different controls.

    How to interpret summation notation...-goel-chen-table.png
    Let us assume that there are m assets where the relative cost of asset aj is Cj (j = 1,, n). Also let cij be the impact of vulnerability vi on asset aj. Then the relative cumulative impact of vulnerability vi on the assets of the organizations is:
    j=n
    Vi= Σvij *Cj
    j=1
    "
    The table has been filled in with fictive values.

    I'm a bit confused by the the subscript parameters, not sure of what to fill in. Could anyone help me with this?


    Follow Math Help Forum on Facebook and Google+

  2. #2
    Super Member
    Joined
    Mar 2010
    Posts
    993
    Thanks
    244

    Re: How to interpret summation notation...

    I'm not sure I understand the details of the model. There seems to be 3 levels to it. But it sounds like each level is just a matrix of values that gets multiplied and added in pretty much the same way.

    So I'm looking at the equation v_i = \sum_{j=1}^{n}v_{ij}c_j. This just means v_i = v_{i1}c_1 + v_{i2}c_2 + \dots + v_{in}c_n. The vulnerability v_i of each asset is the sum of the vulnerability from all sources. There are n sources, and the vulnerability of asset i from source j is v_{ij}c_j, where c_j measures the vulnerability at source j, and v_{ij} measures how important source j is to asset i.

    I've probably butchered your model, but hopefully that helps a little with the math.

    - Hollywood
    Follow Math Help Forum on Facebook and Google+

  3. #3
    Newbie
    Joined
    Feb 2013
    From
    Belgium
    Posts
    2

    Re: How to interpret summation notation...

    I think I may have figured it out...I got some more insight to what needs to be filled in on the first (emtpy) line in the raster.
    The first line in the raster is the C value, standing for the cost of an asset.

    So, let's assume the following partial) raster:
    How to interpret summation notation...-goel-chen-table2.png
    The assets being the trade secrets and so on.

    So, the relative vulnerability impact Vi

    j=10
    = Σvij *Cj
    j=1

    where vi = v1 = web servers, and Cj is the value granted to each asset on the first line

    = (0*9)+(3*3)+(9*9)+(9*9)+(9*3)+(9*3)+(3*1)+(9*3)+(9 *3)+(9*1) = 291

    Care to confirm if I'm right with this way of writing out the formula?
    Follow Math Help Forum on Facebook and Google+

  4. #4
    Super Member
    Joined
    Mar 2010
    Posts
    993
    Thanks
    244

    Re: How to interpret summation notation...

    Yes, that looks right.

    - Hollywood
    Follow Math Help Forum on Facebook and Google+

Similar Math Help Forum Discussions

  1. summation notation
    Posted in the Calculus Forum
    Replies: 1
    Last Post: October 1st 2009, 07:24 AM
  2. summation notation
    Posted in the Advanced Statistics Forum
    Replies: 3
    Last Post: September 7th 2009, 06:01 PM
  3. notation - summation
    Posted in the Advanced Statistics Forum
    Replies: 0
    Last Post: September 7th 2009, 03:18 PM
  4. Summation Notation
    Posted in the Calculus Forum
    Replies: 1
    Last Post: September 2nd 2009, 12:18 PM
  5. Summation notation
    Posted in the Statistics Forum
    Replies: 5
    Last Post: May 27th 2009, 08:55 PM

Search Tags


/mathhelpforum @mathhelpforum