Skip to Main Content
After systematic analysis of risk factors of information security and assessment process, a quantitative security assessment method is presented based on fuzzy number operations. Both the fuzziness of the indices and the uncertainty of weight determination are considered. Then the grades of fuzzy language variables are given, and the opinions of multi experts are integrated to triangular fuzzy numbers. Hence, comprehensive fuzzy assessment is made by using the operation rules defined on the triangular fuzzy number. Finally, by using fuzzy number ranking method, the assessment result is defuzzified and the risk grade is determined. An illustrative example is given to show the effectiveness and validity of this method.
Date of Conference: 12-14 Oct. 2008