摘要
以SSE-CMM为基础识别信息系统的安全风险因素,利用模糊综合评判法对信息系统安全进行风险评估.采用熵权系数法确定风险因素的权重,从而克服专家评判的主观影响.应用实例分析结果表明该方法是有效和实用的.
Based on SSE-CMM, the security risk factor of the information system(IS) is recognized. The method of fuzzy comprehensive judgment is applied to the risk assessment of the IS security. The weight of the risk factor is calculated by the entropy-weight coefficient method and the subjective influence of the experts judgment is reduced. Experimental result indicate that the proposed method is efficient and practical.
出处
《内蒙古大学学报(自然科学版)》
CAS
CSCD
北大核心
2005年第6期709-713,共5页
Journal of Inner Mongolia University:Natural Science Edition
基金
内蒙古大学青年基金项目
关键词
模糊风险评估
信息系统安全
熵
熵权
fuzzy risk assessment
information system security
entropy
entropy-weight
