| 基于AHP法的信息安全风险评估
模型应用研究 |
| |
| 引用本文: | 孟 猛,胡盛红.基于AHP法的信息安全风险评估
模型应用研究[J].热带作物学报,2009,33(1):36-41. |
| |
| 作者姓名: | 孟 猛 胡盛红 |
| |
| 作者单位: | 中国热带农业科学院科技信息研究所;中国热带农业科学院科技信息研究所 |
| |
| 摘 要: | 信息安全风险评估所涉及的4个基本要素是信息资产、信息资产的脆弱性、信息资产面临的威胁和信息资产存在的可能风险。风险评估的一个关键问题就是风险因素之间的权重分配。本文以某企业为实证,运用层次分析法进行风险因素权重的计算,并按照风险因素权重大小进行排序,可以直观地掌握各类风险的危害程度,筛选出权重相对较大的风险因素进行管理,为该企业的信息安全风险管理决策提供科学依据。
|
| 关 键 词: | 层次分析 信息安全 风险评估 |
Establishment of Information Security Risk Assessment Model based on AHP |
| |
| MENG Meng and HU Shenghong.Establishment of Information Security Risk Assessment Model based on AHP[J].Chinese Journal of Tropical Crops,2009,33(1):36-41. |
| |
| Authors: | MENG Meng and HU Shenghong |
| |
| Institution: | Institute of Scientific and Technical Information, CATAS;Institute of Scientific and Technical Information, CATAS |
| |
| Abstract: | The risk assessment of information security is a scientific process of estimating the existing frangibility, the encountering menace and the possible risk in information capital. The basic factors involved in risk assessment include information capital, frangibility of information capital, menace of information capital, and possible risk arising from information capital. The key problem for risk assessment relies on allocation of weight among risk factors. The method of AHP(Analytic Hierarchy Process) developed by T. L. Saaty was used to estimate the information security risk by taking an enterprise as an example. The risk factors were listed in order based on the factor weight to give a clear view of harmfulness of various risks. Factors of heavier weight were then selected for risk assessment management. |
| |
| Keywords: | Analytic Hierarchy Process information security risk assessment |
|
| 点击此处可从《热带作物学报》浏览原始摘要信息 |
| 点击此处可从《热带作物学报》下载免费的PDF全文 |
