Information systems security risk assessment on improved fuzzy AHP

Author

Wu, Xiaoping ; Fu, Yu ; Wang, Jiasheng

Author_Institution

Dept. of Inf. Security, Naval Univ. of Eng., Wuhan, China

Volume

4

fYear

2009

fDate

8-9 Aug. 2009

Firstpage

365

Lastpage

369

Abstract

An improved fuzzy AHP method based on triangular fuzzy number is presented to deal with the problem of the risk assessment for information systems security. The calculation model for the information systems risk assessment is established. The judgments of the experts are depicted with triangular fuzzy number complementary judgment matrix, and the weights of the indices are obtained by the least variance priority method for triangular fuzzy number complementary judgment matrix. Then the security rank of the systems is determined by the fuzzy comprehensive evaluation. An example dedicates that the method is feasible and effective, and provides reasonable data for constituting the risk control strategy of the information systems security.

Keywords

fuzzy set theory; information management; information systems; risk management; security of data; analytic hierarchical process; fuzzy comprehensive evaluation; improved fuzzy AHP method; information systems security risk assessment; least variance priority method; risk control strategy; triangular fuzzy number complementary judgment matrix; Control systems; Costs; Data security; Fuzzy control; Fuzzy systems; Information security; Information systems; Management information systems; Risk analysis; Risk management; Information systems; fuzzy AHP; risk assessment; triangular fuzzy number;

fLanguage

English

Publisher

ieee

Conference_Titel

Computing, Communication, Control, and Management, 2009. CCCM 2009. ISECS International Colloquium on

Conference_Location

Sanya

Print_ISBN

978-1-4244-4247-8

Type

conf

DOI

10.1109/CCCM.2009.5270427

Filename

5270427