A Method of Information Security Risk Assessment Using Fuzzy Number Operations
After systematic analysis of risk factors of information security and assessment process, a quantitative security assessment method is presented based on fuzzy number operations. Both the fuzziness of the indices and the uncertainty of weight determination are considered. Then the grades of fuzzy language variables are given, and the opinions of multi experts are integrated to triangular fuzzy numbers. Hence, comprehensive fuzzy assessment is made by using the operation rules defined on the triangular fuzzy number. Finally, by using fuzzy number ranking method, the assessment result is defuzzified and the risk grade is determined. An illustrative example is given to show the effectiveness and validity of this method.
Information security Risk assessment Triangular fuzzy number
Yu Fu Yanlin Qin Xiaoping Wu
Department of Information Security Naval Univ.of Engineering Wuhan, China
国际会议
大连
英文
1-4
2008-10-12(万方平台首次上网日期,不代表论文的发表时间)