| The problem of information system security should be considered as a system engineering, in which the risk evaluation to information system security plays an important role. It is the base and precondition of information system security.An information security evaluation model based on gray theory is established here with the theories and methods of systems science. First of all, we set base concept of information security and gray theory. Then the application of gray theory in network information security evaluation model is discussed. The establishment of system indexes and evaluation coefficients and weight matrix are also expatiated.It is an innovation to apply gray theory to the establishment of information security evaluation model. There are few domestic researches on information security evaluation model based on gray theory, because it is a new study.There are two difficulties solved in this paper: one is the extraction, analysis and classification of evaluation indexes. There are many objects in information security evaluation, which can be classified into qualitative index and quantitative index, profitability index, cost index and interval index. Three integrated indexes (physical security risk index, network security defence measure indexes and application security indexes) in the instance model are used in the model computation. The other is the establish of triangle albino functions and membership degrees which relating to the weights of indexes, partition of risk rank , normalization of indexes and the computation of membership degrees. All these problems are resolved by related mathematic methods here. |
PDF Full Text Request