A Hybrid Approach for Information Systems Security Risk Assessment under Uncertain Environment

Abstract:

Article Preview

In electronic business environment, it is critical for an enterprise to assess information systems security (ISS) risks. In this paper, we propose a hybrid approach for ISS risk assessment. Given there is a great deal of uncertainty in the ISS risk assessment, in the hybrid approach, we combine the evidence theory with fuzzy sets to deal with the uncertain evidence found in the ISS risk assessment. The proposed approach provides a new way to define the basic belief assignment in fuzzy measure. Moreover, the approach also provides a method of testing the evidential consistency, which can reduce the uncertainty derived from the conflicts of evidence. Finally, the approach is further demonstrated and validated via a case study, in which the effectiveness of the proposed approach is evaluated by comparing it with other methods.

Info:

Periodical:

Key Engineering Materials (Volumes 467-469)

Edited by:

Dehuai Zeng

Pages:

481-486

DOI:

10.4028/www.scientific.net/KEM.467-469.481

Citation:

N. Feng et al., "A Hybrid Approach for Information Systems Security Risk Assessment under Uncertain Environment", Key Engineering Materials, Vols. 467-469, pp. 481-486, 2011

Online since:

February 2011

Export:

Price:

$35.00

In order to see related information, you need to Login.

In order to see related information, you need to Login.