Evaluation of Strategic Information Security with Fuzzy AHP Method

Successful e-government adoption in society depends mostly on trust among citizens who use it. It is vital to ensuring security of e-government applications and infrastructures as a guarantee of security and privacy of stakeholders in storing, processing and exchanging information over the online systems offered by the government. As threats on e-government information security are dynamic and continue to grow, policy makers need to perform evaluation on existing information security strategy to establish a trusted e-government service. This paper intends to propose a new method that can guide decision makers in evaluating strategic government information security. The evaluation framework is based on new Fuzzy Analytic Hierarchy Process that combines tangible and intangible factors as well as has specific capabilites to be used in vague and fuzzy decision environment which is common in information security related issues.

[1]  Ross J. Anderson Why information security is hard - an economic perspective , 2001, Seventeenth Annual Computer Security Applications Conference.

[2]  M. Bouaziz,et al.  An Introduction to Computer Security , 2012 .

[3]  R. Filipek Information security becomes a business priority , 2007 .

[4]  M. Bohanec,et al.  The Analytic Hierarchy Process , 2004 .

[5]  Junseok Hwang,et al.  Failure of E-Government Implementation: A Case Study of South Sulawesi , 2008, 2008 Third International Conference on Convergence and Hybrid Information Technology.

[6]  G. Tzeng,et al.  Evaluating sustainable fishing development strategies using fuzzy MCDM approach , 2005 .

[7]  James Backhouse,et al.  Current directions in IS security research: towards socio‐organizational perspectives , 2001, Inf. Syst. J..

[8]  Richard Heeks,et al.  Benchmarking eGovernment: Improving the National and International Measurement, Evaluation and Comparison of eGovernment , 2008 .

[9]  Irfan Syamsuddin,et al.  The Application of AHP Model to Guide Decision Makers: A Case Study of E-banking Security , 2009, 2009 Fourth International Conference on Computer Sciences and Convergence Information Technology.

[10]  Jin-fu Wang E-government Security Management: Key Factors and Countermeasure , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[11]  J. Buckley,et al.  Fuzzy hierarchical analysis , 1999, FUZZ-IEEE'99. 1999 IEEE International Fuzzy Systems. Conference Proceedings (Cat. No.99CH36315).

[12]  Harri Oinas-Kukkonen,et al.  A review of information security issues and respective research contributions , 2007, DATB.

[13]  Junseok Hwang,et al.  Information Security Policy Decision Making: An Analytic Hierarchy Process Approach , 2009, Asia International Conference on Modelling and Simulation.

[14]  David C. Yen,et al.  National information security policy and its implementation: A case study in Taiwan , 2009 .

[15]  Gurpreet Dhillon,et al.  Value‐focused assessment of information system security in organizations , 2006, Inf. Syst. J..