Open Access Open Access  Restricted Access Subscription or Fee Access

An Information Security Risk Evaluation Scheme Based on OWA Operator and Grey System Theory

Shichao Ye, Kehe Wu, Long Chen

Abstract


In order to make an accurate and quantitative assessment on the security risk of information system, the method of information security risk assessment which combines the advantages of OWA operator and DHGF algorithm based on grey system theory is put forward. By the deep mining on priori sample value of information security risk assessment indexes, the objective attribute weight is obtained with OWA operator. The fusion on assessed value is achieved using grey system theory. This method is applied to information security risk assessment. It guarantees the objectivity of assessment result, while reducing the dependency on the integrity of the assessed value. The strict requirements on the indexes in conventional information risk assessment approaches are lifted, thereby resolving the problem of objective quantification. The example of information risk assessment demonstrates the effectiveness and objectivity of this method.

Keywords


information security, quantitative assessment, OWA operator.

Full Text:

PDF


Disclaimer/Regarding indexing issue:

We have provided the online access of all issues and papers to the indexing agencies (as given on journal web site). It’s depend on indexing agencies when, how and what manner they can index or not. Hence, we like to inform that on the basis of earlier indexing, we can’t predict the today or future indexing policy of third party (i.e. indexing agencies) as they have right to discontinue any journal at any time without prior information to the journal. So, please neither sends any question nor expects any answer from us on the behalf of third party i.e. indexing agencies.Hence, we will not issue any certificate or letter for indexing issue. Our role is just to provide the online access to them. So we do properly this and one can visit indexing agencies website to get the authentic information. Also: DOI is paid service which provided by a third party. We never mentioned that we go for this for our any journal. However, journal have no objection if author go directly for this paid DOI service.