The information security risk assessment based on AHP and fuzzy comprehensive evaluation

Author

Fu, Sha ; Zhou, Hangjun

Author_Institution

Dept. of Inf. Manage., Hunan Univ. of Finance & Econ., Changsha, China

fYear

2011

fDate

27-29 May 2011

Firstpage

124

Lastpage

128

Abstract

Information security risk assessment is the most fundamental basis of the risk management about information security. Moreover, the objectivity and accuracy of information security risk assessment play an important role to safeguard the information system security. Through the study on the information security risk of the network system in a university, we firstly build an index system of information security risk assessment and analyze the functions of its essential elements in detail. Then, based on AHP and fuzzy comprehensive evaluation, an information security risk assessment method is proposed to effectively resolve the quantitative assessment problems of qualitative indicators in the risk assessment. An actual instance shows that the method is of strong rationality and effectiveness, and it can be better applied to information security risk assessment.

Keywords

computer network security; decision making; educational institutions; fuzzy set theory; information systems; risk management; AHP; analytic hierarchy process; fuzzy comprehensive evaluation; information security risk assessment; information system security; qualitative indicators; risk management; university network system; Artificial intelligence; Bismuth; TV; Analytic Hierarchy Process (AHP); fuzzy comprehensive evaluation; fuzzy relation matrix; information security; risk assessment;

fLanguage

English

Publisher

ieee

Conference_Titel

Communication Software and Networks (ICCSN), 2011 IEEE 3rd International Conference on

Conference_Location

Xi´an

Print_ISBN

978-1-61284-485-5

Type

conf

DOI

10.1109/ICCSN.2011.6014018

Filename

6014018