Security assessment can help understand the security conditions of an information system and yield results highly conducive to the solution of security problems in it. Taking the computer networks in a certain univers...Security assessment can help understand the security conditions of an information system and yield results highly conducive to the solution of security problems in it. Taking the computer networks in a certain university as samples, this paper, with the information system security assessment model as its foundation, proposes a multi-attribute group decision-making (MAGDM) security assessment method based on a variable consistency dominance-based rough set approach (VC-DRSA). This assessment method combines VC-DRSA with the analytic hierarchy process (AHP), uncovers the inherent information hidden in data via the quality of sorting (QoS), and makes a synthetic security assessment of the information system after determining the security attribute weight. The sample findings show that this method can effectively remove the bottleneck of MAGDM, thus assuming practical significance in information system security assessment.展开更多
基金Supported by the High Technology Research and Development Programme of China (No. 2007AA01Z473)
文摘Security assessment can help understand the security conditions of an information system and yield results highly conducive to the solution of security problems in it. Taking the computer networks in a certain university as samples, this paper, with the information system security assessment model as its foundation, proposes a multi-attribute group decision-making (MAGDM) security assessment method based on a variable consistency dominance-based rough set approach (VC-DRSA). This assessment method combines VC-DRSA with the analytic hierarchy process (AHP), uncovers the inherent information hidden in data via the quality of sorting (QoS), and makes a synthetic security assessment of the information system after determining the security attribute weight. The sample findings show that this method can effectively remove the bottleneck of MAGDM, thus assuming practical significance in information system security assessment.
