Title :
Method to Select Effective Risk Mitigation Controls Using Fuzzy Outranking
Author :
Nagata, Kiyoshi ; Amagasa, Michio ; Kigawa, Yutaka ; Cui, Dongmei
Author_Institution :
Fac. of Bus. Adm., Daito Bunka Univ., Tokyo, Japan
fDate :
Nov. 30 2009-Dec. 2 2009
Abstract :
In an information-oriented society, the security of information related assets in organizations is one of chief concerns and the importance of security evaluation system to grasp their security level is increasing. We also consider that the magnitude of risk to information assets is highly dependent on the scales, forms, treat etc. of the organization, and should be evaluated by reflecting these characteristics. Standing on this concept, we adopted OCTAVESM as the basic information system and already proposed two fuzzy-based methods integrated in it. One is to determine the set of critical assets using fuzzy decision making methodology by multi-participants. The other is to calculate the degree of risks along with the given threat path as a crisp value using fuzzy inference mechanism and so on. In this paper, we propose a system for selecting some mitigation controls considered to be more effective than others as an application of fuzzy outranking.
Keywords :
decision making; fuzzy reasoning; information management; security of data; OCTAVESM; fuzzy decision making; fuzzy inference; fuzzy outranking; fuzzy-based methods; information related assets security; information system; information-oriented society; risk mitigation controls; security evaluation system; Communication system security; Control systems; Fuzzy control; Fuzzy systems; IEC standards; ISO standards; Information management; Information security; Risk analysis; Risk management; Fuzzy Outranking; Risk Mitigation; Security Evaluation;
Conference_Titel :
Intelligent Systems Design and Applications, 2009. ISDA '09. Ninth International Conference on
Conference_Location :
Pisa
Print_ISBN :
978-1-4244-4735-0
Electronic_ISBN :
978-0-7695-3872-3
DOI :
10.1109/ISDA.2009.186
