Title :
A Method of Information Security Risk Assessment Using Fuzzy Number Operations
Author :
Fu, Yu ; Qin, Yanlin ; Wu, Xiaoping
Author_Institution :
Dept. of Inf. Security, Naval Univ. of Eng., Wuhan
Abstract :
After systematic analysis of risk factors of information security and assessment process, a quantitative security assessment method is presented based on fuzzy number operations. Both the fuzziness of the indices and the uncertainty of weight determination are considered. Then the grades of fuzzy language variables are given, and the opinions of multi experts are integrated to triangular fuzzy numbers. Hence, comprehensive fuzzy assessment is made by using the operation rules defined on the triangular fuzzy number. Finally, by using fuzzy number ranking method, the assessment result is defuzzified and the risk grade is determined. An illustrative example is given to show the effectiveness and validity of this method.
Keywords :
fuzzy set theory; number theory; risk analysis; security of data; fuzzy language variable; fuzzy number ranking method; fuzzy uncertainty; information security risk assessment; operation rule; systematic risk analysis; triangular fuzzy number operation; Fuzzy systems; Information analysis; Information security; Information systems; Management information systems; National security; Risk analysis; Risk management; System testing; Uncertainty;
Conference_Titel :
Wireless Communications, Networking and Mobile Computing, 2008. WiCOM '08. 4th International Conference on
Conference_Location :
Dalian
Print_ISBN :
978-1-4244-2107-7
Electronic_ISBN :
978-1-4244-2108-4
DOI :
10.1109/WiCom.2008.2927
