According to the distribution characteristic of information systems, a model for information systems security risk assessment is given. On the fuzzy set theory, an approach for security risk assessment based on fuzzy group decision is proposed with the practical factors. Firstly, the multi experts' opinions can be integrated by the Delphi to determine the fuzzy set of weight and evaluation for the indices. Then, the linguistic variables on the experts fuzzy weights are represented by triangular fuzzy number. Simultaneously, with the fuzzy number algorithm and the assessment method, the certain risk assessment value may be calculated to determine the risk attribute. Finally, the efficiency and reliability of the presented way are verified through actual examples.%针对信息系统的安全风险分布特征,给出了一种安全风险评估模型.引入模糊集理论,并结合具体安全风险因素提出了一种基于模糊群组决策的安全风险评估方法.采用Delphi法集成群组意见以确定指标的模糊权重集与模糊评价集,运用三角模糊数描述语言变量的专家模糊权重,综合模糊数运算法则与风险值的求取算法求得安全风险评估值,并给出安全风险的属性判定.实例分析验证了该方法的可行性和有效性.
展开▼
