摘要
依据模糊决策理论,提出了一种结合三角模糊数和层次分析法(AHP)定量评估信息安全风险的方法。在构建信息安全风险因素递阶层次结构模型基础上,用三角模糊数表示信息安全专家判断信息,同时采用一种基于可能度的模糊互补判断矩阵排序方法对风险因素进行重要度排序,从而确定了各层次风险因素的相对权重系数和整体绝对权重系数,为信息安全风险管理决策和安全工程建设提供了依据。最后通过实例说明了算法的应用。
Based on the fuzzy decision theory, a quantitative evaluation method of information security risk is proposed, combining with triangular fuzzy number and AHP. On the basis of information security risk factor hierarchical structure and using the triangular fuzzy number to indicate the information expertsi judgment, all risk factorsi weights are ranked by using fuzzy complementary judgment matrix priority method based on possibility degree, and the relative and absolute weight coefficient of all levels can be got, which can contribute to the risk management decision of information security and information security engineering development. Finally, a example shows the process of the approach.
出处
《网络安全技术与应用》
2005年第6期32-35,共4页
Network Security Technology & Application
关键词
信息安全
风险评估
模糊层次分析法
模糊决策理论
信息系统
information security
security evaluation
triangular fuzzy number
fuzzy analytic hierarchical method
