Abstract
The literature and the practice of security show a remarkable influence of the probabilistic risk management paradigm over security reasoning. This paper investigates whether, and to what extent, this influence is justified. It suggests that any reasoning on risk and security should be preceded by a clarification of its premises, and, with them, of the rules of the game. To corroborate the point, the author looks at the evolution of the concept of risk, and examines a number of contexts where the paradigm is applied. These are found based on different assumptions, starting from different premises and obeying different rules for different goals, some of which hardly fit with genuine security premises and reasoning. The conclusion is that, over and above linguistic and methodological problems, there are a number of ontological discrepancies between the concept of security and that of risk which deserve further study and investigation.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
