摘要
针对信息系统安全管理评价过程存在的问题,借助层次分析法(Analytic Hierarchy Process,AHP)、灰色理论和熵权法,对信息系统安全管理评价指标体系设置、主客观权重结合、分层综合评估模型构建进行研究,提出一种基于灰色关联分析综合法的信息系统安全管理评价方法,并以某集团公司10个信息系统的信息安全管理评价为例,建立信息安全管理指标体系和评价模型,阐述基于灰色关联分析综合法的评价方法在信息安全管理评价中的应用和评价结果对安全管理的指导意义。
In view of the problems existing in the evaluation process of information system security management, with the help of Analytic Hierarchy Process(AHP), grey theory and entropy weight method, this paper studies the setting of information system security management evaluation index system, the combination of subjective and objective weights, and the construction of hierarchical comprehensive evaluation model, and puts forward an evaluation method of information system security management based on grey correlation analysis and synthesis. Taking 10 information systems of a group company as an example, the index system and evaluation model of information security management are established, and the application of the evaluation method based on gray correlation analysis comprehensive method in information security management evaluation and the guiding significance of the evaluation results for security management are expounded.
作者
唐荣华
TANG Ronghua(Guangdong Jinzhi Information Technology Co.,Lid.,Guangzhou 510220,China)
出处
《电视技术》
2022年第11期41-46,共6页
Video Engineering
关键词
灰色关联度
信息安全管理
灰色系统理论
专家打分
熵权法
grey correlation degree
information security management
grey system theory
expert scoring
entropy weight method
