Computer Engineering and Applications ›› 2009, Vol. 45 ›› Issue (22): 82-85.DOI: 10.3778/j.issn.1002-8331.2009.22.028

• 网络、通信、安全 • Previous Articles     Next Articles

Information security risk assessment based on AHP and fuzzy comprehensive evaluation

XIAO Long,QI Yong,LI Qian-mu   

  1. College of Computer Science,Nanjing University of Science and Technology,Nanjing 210094,China
  • Received:2008-04-30 Revised:2008-07-21 Online:2009-08-01 Published:2009-08-01
  • Contact: XIAO Long

基于AHP和模糊综合评判的信息安全风险评估

肖 龙,戚 湧,李千目   

  1. 南京理工大学 计算机科学与技术学院,南京 210094
  • 通讯作者: 肖 龙

Abstract: This article starts with the theory and research of information security risk assessment.It proposes information security risk assessment method based on Analytic Hierarchy Process(AHP) and fuzzy comprehensive evaluation.It solves the difficulty when conducting quantitative evaluation of qualitative assessment in risk assessment.Finally it gives a practical example to prove that this method can be applied very well to information security risk assessment.

Key words: information security risk assessment, Analytic Hierarchy Process(AHP), fuzzy comprehensive evaluation

摘要: 从信息安全风险评估的原理和研究现状入手,提出了基于层次分析法(AHP)和模糊综合评判的信息安全风险评估的方法,解决了风险评估中定性指标定量评估的难点。最后给出实例,证明该方法能有效地应用于信息安全风险评估。

关键词: 信息安全风险评估, 层次分析法, 模糊综合评判