摘要
应用多任务委托——代理模型,从全面信息安全绩效评估和技术方面工作的效果测评2个方面分析了对信息安全的激励效果,并用三角函数表示两者间的扭曲.对于全面信息安全绩效评估的误差较大,为了在激励中平衡误差和扭曲,提出综合两个方面进行激励的方法.随着信息安全风险评估的实施,全面信息安全绩效评估的误差将减少,激励中其所占比重必然加大.当信息安全水平足够成熟时,信息安全的激励可完全通过全面信息安全绩效评估来进行,实现信息安全工作效果和信息安全战略目标的精确校准,产生最优的信息安全激励效果.
Based on the multi-task principal-agent model, the article focuses on the incentive effect to information security from performance estimation of full-scale information security and technological work. Trigonometric function is used to explain the distortion between the two aspects. Since the performance estimation of full-scale information security may produce serious error, the integration of these two aspects is proposed to balance the error and distortion in incentives. With the development of information security risk evaluation, the performance estimation error of full-scale information security may decrease. Thus, the proportion of full-scale information security may increase. When the information security level is mature enough, the incentive of information security will entirely depend on the performance estimation of full-scale information security, the accurate correlation of information security work effect and information security strategic aims will be achieved, and the best information security incentive effect will be produced.
出处
《东南大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2007年第5期940-944,共5页
Journal of Southeast University:Natural Science Edition
基金
国家自然科学基金资助项目(70671024)
关键词
信息安全
激励
多任务委托-代理
扭曲
information security
incentives
multi-task principal-agent
distortion