摘要
在信息系统安全风险评估研究方面,现有不少方法是非定量的或者抽象的,它们对系统安全风险只做出定性描述。目前缺乏能够对系统安全风险作出定量描述的评估模型。基于灰色层次模型提出了一个定量的信息系统安全风险评估模型,并结合熵权理论给出了相应的风险值计算方法,以消减主观因素的影响,提高评估结果实用性。最后通过一个应用实例对该模型的实用价值进行验证。
For risk assessment on information system security,much work lies on non-quantitative or abstract research,and could only do a qualitative description on security risk.Now it is short of assessment model capable to make a qualitative description of the security risk.This paper,based on grey AHP(Analytical Hierarchy Process) model,proposes a quantitative risk assessment model for information system security,while based on entropy weights,gives an algorithm for risk evaluation and for removing the influence of subjective factors and making the assessment result more practicable.Finally,with an example the practicability of the proposed model is verified.
出处
《通信技术》
2010年第12期126-128,共3页
Communications Technology
关键词
信息安全
风险评估
AHP模型
灰色
熵权
information security
risk assessment
AHP model
grey
entropy weight
