信息安全风险的多层次模糊灰色综合评估
Multi-level Fuzzy-Gray Comprehensive Evaluation of Information Security Risk
为了保护信息系统的信息安全,及时地对系统进行评估,本文以信息安全风险评估的原理为依据,采用多层次模糊灰色综合评估方法来评价信息安全风险,解决了风险评估中定性指标定量评估的难点,也利用了专家评判信息的模糊性与灰性,使评估更加准确。最后通过实例证明了该方法能有效地应用于信息安全风险评估。
In order to protect information from threat and timely evaluate the information system, the paper is based on the principle of information security risk assessment, the method of multi-level fuzzy-gray comprehensive evaluation is applied in information security risk evaluation, solve the difficulties of risk assessment in quantitative evaluation of qualitative indicators, and use the ambiguity and gray of experts’ judgment information, to make evaluation more accuracy. Finally, an example proves that the method can be effectively applied to information security risk assessment.
张彤、吴爽
安全科学
信息安全风险评估多层次模糊综合评判灰色综合评判指标体系
Information security risk assessmentmulti-levelfuzzy comprehensive evaluationgray comprehensive evaluationindex system
张彤,吴爽.信息安全风险的多层次模糊灰色综合评估[EB/OL].(2010-03-09)[2025-08-05].http://www.paper.edu.cn/releasepaper/content/201003-237.点此复制
评论