| 基于FAHP的信息安全风险评估方法 |
| |
| 引用本文: | 秦大力,张利,李吉慧.基于FAHP的信息安全风险评估方法[J].计算机工程,2009,35(15):156-158. |
| |
| 作者姓名: | 秦大力 张利 李吉慧 |
| |
| 作者单位: | 1. 湖南大学机械与汽车工程学院,长沙410082;中国信息安全产品测评认证中心系统隐患研究实验室,北京100089
2. 中国信息安全产品测评认证中心系统隐患研究实验室,北京,100089 |
| |
| 基金项目: | 中国信息安全产品测评认证中心基金 |
| |
| 摘 要: | 提出基于模糊层次分析法的信息安全风险综合评估模型,从主观评测和工具检测两方面对各个风险因素分别评价其重要程度。利用模糊偏好法求出各个风险因素在系统风险评估中的优先级排序,给出目标系统在不同安全侧面上的量化风险,增强评估准确性。实例分析表明,该模型可方便地应用于信息安全风险评估,具有实用性。
|
| 关 键 词: | 风险评估 模糊层次分析法 信息安全 |
| 修稿时间: | |
Risk Assessment Approach for Information Security Based on FAHP |
| |
| QIN Da-li,ZHANG Li,LI Ji-hui.Risk Assessment Approach for Information Security Based on FAHP[J].Computer Engineering,2009,35(15):156-158. |
| |
| Authors: | QIN Da-li ZHANG Li LI Ji-hui |
| |
| Affiliation: | 1.College of Mechanical and Auto Engineering;Hunan University;Changsha 410082;2.Research Office of System Hidden Fault;China Information Technology Security Evaluation Center;Beijing 100089;3.College of Information Science and Technology;Hunan Agricultural University;Changsha 410128 |
| |
| Abstract: | A model of risk assessment based on Fuzzy-AHP(FAHP) is introduced to the estimation of the information security.The important degree of each risk factor is judged in the aspects of the subjective assessment and tools inspection.By utilizing fuzzy preference programming method,the risk value of each factor is calculated.Next the quantitative risk degree of the target system is calculated,and the veracity of risk assessment is improved.The study case of the assets value shows that the model can be easily used... |
| |
| Keywords: | risk assessment Fuzzy-AHP(FAHP) information security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
