Information security risk control model based on PROMETHEE method

doi:10.3778/j.issn.1002-8331.2010.22.031

Computer Engineering and Applications ›› 2010, Vol. 46 ›› Issue (22): 103-106.DOI: 10.3778/j.issn.1002-8331.2010.22.031

• 网络、通信、安全 • Previous Articles Next Articles

Information security risk control model based on PROMETHEE method

LV Jun-jie¹，DONG Hong²

1.Beijing Technology and Business University，School of Business，Beijing 100037，China
2.Project Management Department，China Nuclear Power Engineering Co.，Ltd，Beijing 100840，China

Received:2010-04-14 Revised:2010-06-01 Online:2010-08-01 Published:2010-08-01
Contact: LV Jun-jie

信息安全风险控制的PROMETHEE决策方法研究

吕俊杰¹，董红²

1.北京工商大学商学院，北京 100037
2.中国核电工程有限公司项目管理部，北京 100840

通讯作者: 吕俊杰

Abstract

Abstract: Based on cost-benefit analysis and the “level higher than relation” PROMETHEE multi-criteria preference index，an information security risk control model is put forward.Given the preference function，the criteria values and criteria weights of decision-makers，“edge flow” and “inferior flow” of each preparation program is calculated to compare advantages and disadvantages of control measurements，then the partial or complete sequence is obtained.The sensitivity analysis and validation are conducted further.Finally，an example is given to illustrate the application of the proposed method.

摘要： 在成本效益分析的基础上，引入“级别高于关系”的PROMETHEE多属性偏好指数，提出了基于PROMETHEE方法的信息安全风险控制模型。该模型利用决策者给出的偏好，设置偏好函数、准则值和准则权重，从方案优劣程度入手，计算备选方案的“优势流”和“劣势流”，得到方案集的部分或完全排序，并基于此对安全控制措施的备选方案进行有效地筛选。还对该模型的灵敏度进行了分析和验证，最后结合实例分析了该风险控制模型的有效性。

CLC Number:

TP309

LV Jun-jie¹，DONG Hong². Information security risk control model based on PROMETHEE method[J]. Computer Engineering and Applications, 2010, 46(22): 103-106.

吕俊杰¹，董红². 信息安全风险控制的PROMETHEE决策方法研究[J]. 计算机工程与应用, 2010, 46(22): 103-106.

[1]	WANG Baowen，WU Xiaoliang，LI Ruiting，LIU Weilong. New verifiable multi-secret sharing scheme [J]. Computer Engineering and Applications, 2011, 47(4): 90-92.
[2]	HU Ming，PAN Xuezeng，LI Wen. Design and implementation of improved multiple-level security model [J]. Computer Engineering and Applications, 2011, 47(4): 77-80.
[3]	WANG Chuancai¹，PAN Feng^1，2，SHEN Junwei¹. Multi-level access control scheme of image ROI based on Hash chains [J]. Computer Engineering and Applications, 2011, 47(4): 81-83.
[4]	ZHONG Hong^1,2，SUN Yanfei²，YAN Feifei²，HUANG Hongsheng². Protocol for privacy-preserving space closest-pair of points [J]. Computer Engineering and Applications, 2011, 47(4): 87-89.
[5]	FENG Fan^1，2，WANG Jiazhen¹，LIU Huiying¹，WANG Huiping²，GUO Jingtao2，ZHANG Bin¹. Blind steganalysis algorithm based on PCA and Hilbert envelope analysis [J]. Computer Engineering and Applications, 2011, 47(4): 93-96.
[6]	SONG Wangan¹，CHEN Hu¹，ZHANG Futai². New certificateless proxy signature scheme [J]. Computer Engineering and Applications, 2011, 47(4): 97-101.
[7]	LIU Xiaoya，XIN Xiaolong. Improved blind signature electronic cash scheme [J]. Computer Engineering and Applications, 2011, 47(4): 114-116.
[8]	LUO Weimin¹，LIU Jing²，LIU Jingbo¹，CHEN Xiaofeng¹. Research of worms propagation in social networks based on game theory [J]. Computer Engineering and Applications, 2011, 47(3): 74-77.
[9]	NING Guoqiang，LI Xiehua，YIN Zhangfei. Solution to secure instant messaging [J]. Computer Engineering and Applications, 2011, 47(3): 82-83.
[10]	YUE Sheng，XIN Xiaolong. Threshold signature scheme without trusted party [J]. Computer Engineering and Applications, 2011, 47(3): 87-89.
[11]	LIU Yun，ZHENG Yongai. Novel encryption scheme for color image based on chaotic system [J]. Computer Engineering and Applications, 2011, 47(3): 90-93.
[12]	GUO Zhen，ZHANG Jianzhong，LAN Jianqing. Analysis and improvement of dynamic（t，n） threshold multi-secret sharing scheme [J]. Computer Engineering and Applications, 2011, 47(3): 110-112.
[13]	HU Guozheng¹，HAN Lansheng²，XIA Xiangsheng³. Security analysis of efficient certificateless signature scheme [J]. Computer Engineering and Applications, 2011, 47(2): 19-20.
[14]	CHEN Gang¹，CHEN Ning²，HU Anfeng². Image watermarking algorithm based on integer wavelet transform to resist geometric attacks [J]. Computer Engineering and Applications, 2011, 47(2): 185-189.
[15]	WU Rong. Composited authorization model for workflow applications [J]. Computer Engineering and Applications, 2011, 47(2): 91-94.

Information security risk control model based on PROMETHEE method

信息安全风险控制的PROMETHEE决策方法研究

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics