论文信息 - Information systems security risk assessment on improved fuzzy AHP

Information systems security risk assessment on improved fuzzy AHP

An improvedfuzzy AHP method based on triangular fuzzy number is presented to deal with the problem of the risk assessment for information systems security. The calculation model for the information systems risk assessment is established. The judgments of the experts are depicted with triangular fuzzy number complementary judgment matrix, and the weights of the indices are obtained by the least variance priority method for triangular fuzzy number complementary judgment matrix. Then the security rank of the systems is determined by the fuzzy comprehensive evaluation. An example dedicates that the method is feasible and effective, and provides reasonable data for constituting the risk control strategy of the information systems security.

Xiaoping Wu | Jiasheng Wang | Yu Fu

[1] Samantha Thomas Cruz,et al. Information Security Risk Assessment , 2007, Information Security Management Handbook, 6th ed..

[2] Chen Chuang-xi. Risk Calculation for Information System Based on Fuzzy Theory , 2007 .

[3] Wang Yue-sheng. Model of fuzzy risk assessment of the information system , 2007 .

[4] Zhang Yu-qing. Survey of information security risk assessment , 2004 .

[5] Wang Qiang. Least variance priority method for triangular fuzzy number complementary judgment matrix , 2008 .

[6] Barry R. Litman. Is Network Ownership in the Public Interest , 1978 .

[7] Zhang Xue-jun. Fuzzy Risk Assessment of Information System Security Based on Entropy-weight Coefficient Method , 2005 .

[8] Dong-Liang Liu,et al. An Information System Security Risk Assessment Model Based on Fuzzy Analytic Hierarchy Process , 2009, 2009 International Conference on E-Business and Information System Security.

[9] Xu Ze-shui,et al. On priority method of triangular fuzzy number complementary judgement matrix , 2003 .

[10] Sheng-Yuan Wang,et al. Survey of Information Security Risk Assessment , 2010, 2010 International Conference on Electrical and Control Engineering.