Comprehensive Information Security Evaluation Model Based on Multi-Level Decomposition Feedback for IoT

The development of the Internet of Things(IoT)calls for a comprehensive in-formation security evaluation framework to quantitatively measure the safety score and risk(S&R)value of the network urgently.In this paper,we summarize the architecture and vulnerability in IoT and propose a comprehensive information security evaluation model based on multi-level decomposition feedback.The evaluation model provides an idea for information security evaluation of IoT and guides the security decision maker for dynamic protection.Firstly,we establish an overall evaluation indicator system that includes four primary indicators of threat information,asset,vulnerability,and management,respectively.It also includes eleven secondary indicators of system protection rate,attack detection rate,confidentiality,availability,controllability,identifiability,number of vulnerabilities,vulnerability hazard level,staff organization,enterprise grading and service continuity,respectively.Then,we build the core algorithm to enable the evaluation model,wherein a novel weighting technique is developed and a quantitative method is proposed to measure the S&R value.Moreover,in order to better supervise the performance of the proposed evaluation model,we present four novel indicators includes residual risk,continuous conformity of residual risk,head-to-tail consistency and decrease ratio,respectively.Simulation results show the advantages of the proposed model in the evaluation of information security for IoT.

Analysis and Evaluation of Non-systematic Risks in Enterprise Informationization

Enterprise Informationization （El） is encountering a large variety of non-systematic risks in demanding and planning, designing and selecting, implementing and controlling, managerial and cultural aspects,due to which the investment in IT normally cannot simultaneously create the expected commercial values. Through analyzing the factors influencing non-systematic risks of EI, the paper established a risk evaluating index system and accordingly proposed a set of appropriate risk evaluating methodology, with which enterprise can well control informationization risks.

A comparative analysis of information literacy curriculum standards in the educational programs of high schools in China and in the United States

Our study aims to take a closer look at China's current information literacy(IL) program standards at secondary schools and to analyze their level of success and/or failures in a comparative way with those of the United States in terms of fulfilling their each other's mission-oriented mandates. Our research findings show that China's current IL standards of high schools contain a disproportionate emphasis on information technology(IT). Moreover, the stipulations of these IL standards are narrowly construed and without being solidly grounded on a broad and comprehensive educational perspective. We also suggest that there are two underlying causes for this set of unsound IL standards in China.Firstly, there is a lack of collaboration between two major competing forces engaged in the curricular development and research of IL in China: Those professionals in educational IT discipline vis-à-vis those in Library and Information Science. Secondly, library professionals have a very limited influence on major socio-cultural policies, even at their own institutions. As a result, this paper recommends the following three possible measures,which may help remedy this situation strategically: 1) Establishing a set of new IL curriculum standards based on an IL-centered educational perspective; 2) establishing a teacher-librarian's training program to promote school librarians' role in IL education; and 3) strengthening the research and development of an online IL education program and an accompanied evaluation mechanism.

Security-Critical Components Recognition Algorithm for Complex Heterogeneous Information Systems

With the skyrocketing development of technologies,there are many issues in information security quantitative evaluation(ISQE)of complex heterogeneous information systems(CHISs).The development of CHIS calls for an ISQE model based on security-critical components to improve the efficiency of system security evaluation urgently.In this paper,we summarize the implication of critical components in different filed and propose a recognition algorithm of security-critical components based on threat attack tree to support the ISQE process.The evaluation model establishes a framework for ISQE of CHISs that are updated iteratively.Firstly,with the support of asset identification and topology data,we sort the security importance of each asset based on the threat attack tree and obtain the security-critical components(set)of the CHIS.Then,we build the evaluation indicator tree of the evaluation target and propose an ISQE algorithm based on the coefficient of variation to calculate the security quality value of the CHIS.Moreover,we present a novel indicator measurement uncertainty aiming to better supervise the performance of the proposed model.Simulation results show the advantages of the proposed algorithm in the evaluation of CHISs.

Group Performance Evaluation in Universities with Entropy Method

Due to the characteristics of variable quantity and great individual difference in group evaluation,an effective entropy-based method for group performance evaluation was proposed. First,a group evaluation indexing system was built upon the real scenarios of universities. Then, a continuous ordered weighted operator was introduced to eliminate uncertainty evaluation information. By using an entropy strategy,a systematic approach to group performance evaluation was established. Finally, an illustrative example was provided,showing the practicability of the proposed methods in real applications of the efficient performance appraisal theory of colleges and universities.

Study on the Evaluation Method of the Performances of Corporation

This paper studies the evaluation method of the performances of corporation that was set up by the Financial Ministry in 1999, and then analyzes the advantages and the problems of the method. Finally, this paper studies the theoretical method of the evaluation of the performances of corporation.

Ideas of establishing the information system for emergence decisions on the protection against earthquakes and disaster reduction in cities (application of GIS)

ith urban reformation and opening becoming deeper,the work of protection against earthquake and disaster reduction would be more important.In this paper,some ideas are suggested about establishing the information system for emergency decisions on protection against earthquake and disaster reduction in cities .The information system mainly includes a subsystem for rapid evaluation of damage loss from earthquake (which includes input of seismic information,distribution of earthquake intensity,evaluation of seismic fragility on all social factors and etc.) and a subsystem for the decisive information of seismic emergency(which mainly includes project of disaster relief,project of personnel evacuation,dangerous degree warning for the dangerous articlesstoring places and protection measures against them,assistant decision on fire due to earthquake,location of headquarter for providing disaster relief,and etc.). It is thought that the data investigation and collection about all kinds of buildings(including lifeline engineering)are the most important and difficult work as establishing this system.

Scheme optimum selection for dynamic control of reservoir limited water level

Dynamic control of reservoir limited water level is important to reservoir flood control operation.A reasonable limited water level can best utilize flood water resources in addition to flood control.This paper is a trial application of the fuzzy information entropy matter-element evaluation method(FIEMEM) as an optimal selection of dynamic control of limited water level.In this method,compound matter elements are established first,followed by establishment of an evaluation model and choice of the optimal scheme on the basis of fuzzy information entropy.In determining weights,a combined weighting method in game theory is adopted to combine experiential weights and mathematical weights so as to eliminate one-sidedness of the single weighting method.Finally,the feasibility of this optimization method is verified by citing dynamic control of Biliuhe reservoir limited water level as an example.