摘要
为了实施信息系统的风险度量,首先基于信息流的资源分布规律,参考风险评估要素改进模型,得到具有体系性和完整性的风险分布;在获取风险分布后,基于资源保护角度,考虑安全保护等级,运用层次分析法、多级模糊综合评判、函数级数展开、F-统计量等方法和工具对资源的安全属性所面临的风险进行量化,给出系统的风险量化指标体系,重点考虑风险之间的相关性,构建相关性准则,并得到其计算量为o(Si)。
In order to carry out the risk quantification for the information system, the risk distribution was proposed based on resources distribution of information system, and the improvement of elements relationship model for risk assessment. In quantifying risks, Analytic Hierarchy Process (AHP), Fuzzy Comprehensive Evaluation (FCE), Fstatistic and Least Square Estimation (LSE) was applied to get hierarchy of risk factors. The criteria of relativity and formulated relativity functions were established.
出处
《四川大学学报(工程科学版)》
EI
CAS
CSCD
北大核心
2007年第6期129-133,共5页
Journal of Sichuan University (Engineering Science Edition)
基金
国家863高技术研究发展计划资助项目(2001AA142171)
关键词
资源分布规律
风险分布规律
风险关联
层次分析法
模糊综合评判
rules of resources distribution
rules of risks distribution
risk association
F-statistic
least square estimation
analytic hierarchy process
fuzzy comprehensive evaluation