Title :
Information Security Risk Assessment Based on AHP/DST
Author :
Ye Qing ; Zhang Changhong ; Wu Xiaoping ; Zhai Dingjun
Author_Institution :
Dept. of Inf. Security, Naval Univ. of Eng., Wuhan, China
Abstract :
To enhance the security management on information systems, it is urgent to apply some effective approaches for assessing their security. In this paper, a novel approach, in which analytic hierarchy process (AHP) and Dempster-Shafer theory of evidence (DST) can be combined organically, is presented. In this approach, AHP is applied to acquire all propositions´ basic probability assignments (BPA) based on a large amount of experts´ opinion when assessing the security. Thus, the DST´s ability of dealing with uncertain information and AHP´s performance of quantitative and qualitative analysis may be utilized fully. Furthermore, a hierarchical risk assessment model for the information security is established. Finally, an illustrative example is given to explain the application of the proposed approach and its feasibility.
Keywords :
information systems; risk management; security of data; AHP; DST; Dempster-Shafer theory of evidence; analytic hierarchy process; basic probability assignments; information security risk assessment; information systems; security management; Engineering management; Information analysis; Information management; Information security; Information systems; Management information systems; Performance analysis; Physics computing; Risk analysis; Risk management;
Conference_Titel :
Management and Service Science, 2009. MASS '09. International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-4638-4
Electronic_ISBN :
978-1-4244-4639-1
DOI :
10.1109/ICMSS.2009.5301106
