基于模糊综合评判和AHP信息安全风险评估模型

A Information Security Risk Assessment Model Based on AHP and Fuzzy Comprehensive Evaluation

考虑到定性分析信息安全风险评估具有一定的主观性,基于层次分析法和模糊综合评判法,构建信息安全风险评估数学模型,对信息安全风险评估进行定性与定量相结合的方法进行分析,将该模型应用于信息安全风险评估实例,验证了模型的有效性。

Considering the qualitative analysis of information security risk assessment has certain subjectivity. In this paper, based on AHP and fuzzy comprehensive evaluation method, a mathematical model of information security risk assessment is built, which provided a method to study the information security risk assessment with ualitative analysis and quantitative analysis. And the model was applied to information security risk assessment instance, which proved the validity of the model.