1. Field of the Invention
The present invention relates to the protection of computer systems. More particularly, the present invention relates to risk profiling and security policy setting.
2. Description of Related Art
Broadly viewed, a security policy defines the access and use of various resources, such as computer system resources. A security policy for a computer system is typically determined by a user and/or a system administrator. Developing a useful security policy can be a difficult task.
Much of the difficulty in developing a useful security policy arises from the attempt to cover a dynamic set of circumstances, environment, and users with a static security policy. Often some environments present more risk than others and some users are more prone to risky behaviors than other users.