Marco Casassa Mont - Web Page - HP Labs

Marco Casassa Mont at HP Labs
Senior Researcher
Cloud & Security Lab
Bristol, UK

Identity Analytics Project

The Identity Analytics project is part of the Security Analytics project, at HP Labs, System Security Lab.

“Identity Analytics” consists of a set of approaches, techniques and methodologies to explain and predict the impact of investments in the space of  Identity and Identity and Access Management (IAM) on aspects of relevance to decision makers (e.g. CIOs/CISOs), such as on security exposure/risks, (financial) costs, people behaviours, compliance, trust, reputation, effect on productivity and business (e.g. on business alignment and agility) etc., in well defined context and scenarios.

Our recent research and development in this space aims at exploring the Economics of IAM by eliciting decision makers' strategic preferences on strategic outcomes of relevance (e.g. security risks, productivity, compliance, costs, etc.), exploring  trade-offs and the impact of potential options by using modelling and simulation techniques.

In this context, “Identity Analytics” aims at providing decision makers with decision support tools and services (based on modelling, simulation and analysis techniques)  by factoring in the “levers” (e.g. acting on identity management technologies, automation & centralisation, education, other security investments, policies, etc.) they can act on and the consequences of their decisions (what-if analysis) along with exploring potential trade-offs (e.g. investing on identity automation vs. security patching and intrusion detection). The following picture shows the main aspects and factors involved in Identity Analytics:

The focus is at the business level. Key decision makers, such as CIOs/CISOs are targeted. Identity management is likely to be an area where even the experts have little intuitions as to how to invest for the best (security) outcomes. The complexity and tight relationship with business and compliance mean it will remain high priority for CIOs and CISOs. As such it is likely to be a high profile and rich problem area .

There are many research opportunities and challenges in this space: we believe that a rigorous, scientific approach is required, involving the usage of modelling and simulation techniques, coupled with the understanding of involved technologies and processes, human behaviours and economic aspects.

For more  information and an overview of this project, have a look at the following HP Labs Technical Reports:

  • HPL-2010-35 Marco Casassa Mont, Adrian Baldwin, Simon Shiu, Paul Collins - Job Design: providing Strategic Decision Support for Risk Analysis and Policy Definitions, HPL-2010-35

  • HPL-2010-12 Marco Casassa Mont, Yolanta Beres, David Pym, Simon Shiu - Economics of Identity and Access Management: A Case Study on Enterprise Business Services, HPL-2010-12

  • HPL-2010-11 Marco Casassa Mont, Yolanta Beres, David Pym, Simon Shiu - Economics of Identity and Access Management: Providing Decision Support for Investments, HPL-2010-11

  • HPL-2009-173 Adrian Baldwin, Marco Casassa Mont, David Pym, Simon Shiu - System Modelling for Economic Analysis of Security Investments: A Case Study in Identity and Access Management - HPL-2009-173

  • HPL-2009-142 Yolanta Beres, Marco Casassa Mont, Jonathan Griffin, Simon Shiu - Using Metrics Coupled with Predictive Modelling and Simulation to Assess Security Processes - HPL 2009-142

  • HPL-2009-138 Anna Squicciarini, Marco Casassa Mont, Sathya Dev Rajasekaran - Towards an Analytic Approach to Evaluate Enterprises' Risk Exposure to Social Networks - HPL-2009-138

  • HPL-2009-57 Marco Casassa Mont, Adrian Baldwin, Simon Shiu - Identity Analytics - User provisioning Case Study: Using Modelling and Simulation for Policy Decision Support - HPL-2009-57, 2009

  • HPL-2009-56 Adrian Baldwin, Marco Casassa Mont, Simon Shiu - Using Modelling and Simulation for Policy Decision Support in Identity Management - HPL-2009-56, 2009

  • HPL-2008-188 Marco Casassa Mont, Adrian Baldwin, Jonathan Griffin, Simon Shiu, Yolanta Beres - Identity Analytics: Using Modeling and Simulation to Improve Data Security Decision Making- HPL-2008-188, 2008

  • HPL-2008-186 Marco Casassa Mont, Adrian Baldwin, Jonathan Griffin, Simon Shiu - Towards Identity Analytics in Enterprises - HPL-2008-186, 2008

  • HPL-2008-84 Marco Casassa Mont, Adrian Baldwin, Simon Shiu - On Identity Analytics: Setting the Context, 2008

My Contacts:

Marco Casassa Mont

HP Laboratories

Cloud & Security Lab

Long Down Avenue

Stoke Gifford

Bristol, BS34 8QZ, UK       

TEL: +44-117-3128794
FAX: +44-117-3129250