Computer Engineering and Applications ›› 2009, Vol. 45 ›› Issue (11): 129-131.DOI: 10.3778/j.issn.1002-8331.2009.11.040

• 网络、通信、安全 • Previous Articles     Next Articles

Novel method for information security risk assessment based on Dempster-Shafer evidence reasoning

CAO Ju-ying1,ZHAO Yue-long2   

  1. 1.Department of Physics,Xiangnan University,Chenzhou,Hunan 423000,China
    2.School of Computer Science and Engineering,South China University of Technology,Guangzhou 510640,China
  • Received:2008-02-29 Revised:2008-05-12 Online:2009-04-11 Published:2009-04-11
  • Contact: CAO Ju-ying

基于DS证据推理的信息安全风险评估方法研究

曹菊英1,赵跃龙2   

  1. 1.湘南学院 物理系,湖南 郴州 423000
    2.华南理工大学 计算机科学与工程学院,广州 510640
  • 通讯作者: 曹菊英

Abstract: Based on the analysis of the factors deciding information security risk,a hierarchical information security assessment model is presented in this paper.Then,a novel method for assessing the information security is discussed in detail,in which the judgement from a expert is made full use to gain the basic probability assignments of all propositions.Futhermore,the uncertainty of judgement may be well tracked to improve the feasibility and validity.

Key words: information security risk, Dempster-Shafer(DS), evidence reasoning, Analytic Hierarchy Process(AHP)

摘要: 在分析影响信息安全风险要素的基础上,构造了信息安全风险评估的层次结构模型,提出了基于Dempster-Shafer证据推理的信息安全风险评估方法。该方法可充分利用信息安全风险评估过程中专家的认知判断信息,处理评估过程中专家认知判断信息的不确定性问题,从而有效地提高风险评估的合理性。

关键词: 信息安全风险, Dempster-Shafer, 证据推理, 层次分析法