An Object-Oriented Information System Security Evaluation Method Based on Security Level Distinguishing Model

Author

Cuihua, Xu ; Jiajun, Lin

Author_Institution

Sch. of Inf. Sci. & Eng., East China Univ. of Sci. & Technol., Shanghai, China

fYear

2009

fDate

7-8 Nov. 2009

Firstpage

497

Lastpage

500

Abstract

This paper proposes an object-oriented model for security evaluation with the concept of object-oriented technology, so that the security evaluation process structure can be clearer. A security level distinguishing model is developed to combine experts´ evaluation and auto evaluation together. Dempster-Shafer evidence theory is used in experts´ evaluation to synthesize different experts´ evaluation information. The evaluation results reveal that the proposed method for security evaluation is more believable and impersonal.

Keywords

object-oriented methods; security of data; Dempster-Shafer evidence theory; information system security evaluation; object-oriented technology; security level distinguishing model; Communication system security; Data security; Encapsulation; Information science; Information security; Information systems; North America; Object oriented modeling; Paper technology; Standards development; D-S evidence theory; Object-Oriented Model; Security Assurance Level Distinguish Model; Security Evaluation;

fLanguage

English

Publisher

ieee

Conference_Titel

Web Information Systems and Mining, 2009. WISM 2009. International Conference on

Conference_Location

Shanghai

Print_ISBN

978-0-7695-3817-4

Type

conf

DOI

10.1109/WISM.2009.106

Filename

5368279