摘要
为保证电网企业信息安全,在传统评估对象资产、脆弱性和威胁3个要素的基础上增加了安全防控措施要素.借助模糊集理论对4个要素进行分析,并构造对应评判集的隶属度矩阵.为减小主观赋权的偏差,采用熵权理论计算权重,集成综合风险值并判定所属安全等级.通过实例计算证明了模型的合理性和有效性.
To ensure information security of power grid enterprises, the security prevention and control measures is added as the fourth aspect based on the tradition risk factors including asset, vulnerability and threat. The four aspects are analyzed based on the fuzzy set theory, and the membership matrix of factors corresponding to the judge set are constructed. The weights of the risk factors are calculated with the entropy weight theory to reduce the subjectivity bias, the comprehensive risk results are integrated to output the risk rating. An example application proves that the method is a feasible and effective method of assessment.
出处
《天津师范大学学报(自然科学版)》
CAS
2014年第2期93-96,共4页
Journal of Tianjin Normal University:Natural Science Edition
基金
国家自然科学基金资助项目(71271084)
关键词
信息安全
风险评估
熵权
模糊集
information security
risk assessment
entropy weight
fuzzy set
