Information Security Risk Assessment Methodology Research: Group Decision Making and Analytic Hierarchy Process

2010 ◽  
Author(s):  
Zhang Xinlan ◽  
Huang Zhifang ◽  
Wei Guangfu ◽  
Zhang Xin
Keyword(s):  
Risk Assessment ◽  
Decision Making ◽  
Group Decision ◽  
Assessment Methodology ◽  
Security Risk ◽  
Analytic Hierarchy ◽  
Information Security Risk ◽  
Security Risk Assessment ◽  
Hierarchy Process ◽  
Risk Assessment Methodology

Information Security Risk Assessment Based on Analytic Hierarchy Process

2016 ◽  
Vol 1 (3) ◽  
pp. 656 ◽  
Author(s):  
Ming Xiang He ◽  
Xin An
Keyword(s):  
Risk Assessment ◽  
Information Security ◽  
Analytic Hierarchy Process ◽  
Quantitative Assessment ◽  
Assessment Method ◽  
Security Risk ◽  
Analytic Hierarchy ◽  
Information Security Risk ◽  
Security Risk Assessment ◽  
Hierarchy Process

<p>Information security risk assessment was an important component of information systems security engineering and the selection of assessment method had a direct impact on the final results of the assessment. But there were too many elements in the process of information security risk assessment. How to find the optimal elements from many elements to simplify the calculation of risk value and provide a strong basis for taking relevant measures, which was a problem needed to be solved. In addition, the reliability of the risk assessment results could not be guaranteed only through a single qualitative or quantitative assessment method. By Analytic Hierarchy Process (AHP), the relative weight of elements related to information security risk could be calculated. Then the optimal indicators, which provided a strong basis for taking relevant measures, could be selected by sorting the weights of elements to reduce the number of indicators. Moreover, Analytic Hierarchy Process, a method of the combination of qualitative and quantitative assessment methods, could overcome the shortcomings of single qualitative or quantitative assessment method.</p>

Evaluation and Analysis of the Quantitative Computing Model of the Information Security Risk Assessment

2014 ◽  
Vol 543-547 ◽  
pp. 3565-3568
Author(s):  
Xiao Qiang Peng ◽  
Ting Ting Lu
Keyword(s):  
Risk Assessment ◽  
Information Security ◽  
Analytic Hierarchy Process ◽  
Objective Assessment ◽  
Security Risk ◽  
Analytic Hierarchy ◽  
Qualitative Risk Assessment ◽  
Information Security Risk ◽  
Security Risk Assessment ◽  
Hierarchy Process

To solve the difficult quantify analysis problem in the process of information security risk assessment, on the basis of the original qualitative risk assessment method, the fuzzy analytic hierarchy process is put forward, in order to realize the organic combination of subjective and objective assessment of risk factors. Based on the improvement of the analytic hierarchy process and fuzzy evaluation method, the two methods are organically combined. On the basis of the analysis and assessment of risk probability and impact of the incident, the risk rank of each risk factor is determined, and the information system risk control suggestions are given

A Method for Information Security Risk Aassessment Based on Fuzzy Operator

2013 ◽  
Vol 850-851 ◽  
pp. 454-457
Author(s):  
Shi Chao Ye ◽  
Ke He Wu ◽  
Yu Guang Niu
Keyword(s):  
Risk Assessment ◽  
Information Security ◽  
A Priori ◽  
Assessment Methodology ◽  
Owa Operator ◽  
Security Risk ◽  
Gray Theory ◽  
Information Security Risk ◽  
Security Risk Assessment ◽  
Risk Assessment Methodology

To address the security risks of information systems to make accurate quantitative assessment of problems in the OWA operator and based on gray theory DHGF algorithm is proposed based on combining advantages of both information security risk assessment methodology. Information security risk assessment based on an a priori sample value index depth of excavation, the use of the basic methods of OWA operator, objective indicators derived property rights, and the use of gray theory for assessing the value of integration. This approach will be applied to information security risk assessment, to ensure the objectivity of the evaluation results, while reducing dependence on the assessed value of integrity, to solve the traditional information security risk assessment methodology for index data have special requirements, it is difficult strictly objective and quantitative problems. Assessment examples show the effectiveness of the method and objectivity.

Sign in / Sign up

Export Citation Format

Share Document