A Method of Security Evaluation based on Fuzzy Mathematics

Author

Lu, Guo-Ming ; Chen, Zhi-Hong ; He, Xue-Zhi ; Li, Jian-Ping

Author_Institution

Dept. of Comput. Sci. & Eng., Univ. of Electron. Sci. & Technol. of China, Chengdu

fYear

2008

fDate

13-15 Dec. 2008

Firstpage

106

Lastpage

109

Abstract

In order to effectively evaluate the system security, a quantitative information security evaluation method which combine analytic hierarchy process (AHP) and fuzzy comprehensive evaluation were proposed. Firstly, referring to Common Criteria (CC), we established security evaluation hierarchy model. Then, the analytic hierarchy process (AHP) method was used to calculate the security factors´ weights to the evaluated system. In the end, fuzzy comprehensive evaluation method was applied to calculate the final quantitative security level. The effectiveness of this method is validated by evaluation of a practical system.

Keywords

fuzzy set theory; security of data; analytic hierarchy process; common criteria; fuzzy comprehensive evaluation; fuzzy mathematics; quantitative information security evaluation method; Computer security; Cryptography; Data security; Fuzzy systems; Information analysis; Information security; Information technology; Mathematics; Protection; Resource management; Information security evaluation; analytic hierarchy process; fuzzy comprehensive evaluation;

fLanguage

English

Publisher

ieee

Conference_Titel

Apperceiving Computing and Intelligence Analysis, 2008. ICACIA 2008. International Conference on

Conference_Location

Chengdu

Print_ISBN

978-1-4244-3427-5

Electronic_ISBN

978-1-4244-3426-8

Type

conf

DOI

10.1109/ICACIA.2008.4769982

Filename

4769982