| As the core components to protect information security, the intension of cryptographicmodules security defense capabilities is the focus point of designers and users. Currently, themethod of qualitative evaluation of cryptographic modules security defense capabilities has theproblems that the precision of results was not enough and the form was singleness. It wasdifficult to gain access to the general understanding of the performance of evaluation objects anddidn’t meet the requirements for cryptographic modules under the conditions of informationresearch and application. In order to evaluate the security defense capabilities of cryptographicmodules roundly and accurately, this paper study the quantitative evaluation methods for securitydefense capabilities of comparable cryptographic modules.This paper established the index systems which contained the factors of technique andmanagement by using a hybrid multi-attributes group decision-making method to quantitativeanalyzed and implemented a prototype system based on Asp.net and Sql Server database. Themajor work completed included:1. By analyzing the security requirement for cryptographic modules of FIPS PUB140-2andProtection Profile, established index system of cryptographic modules security defense capability.It illuminated the threats to the cryptographic modules and elements which could influence theintension of the capabilities. Finally, the specific meaning of indicator values and extractionmethods described in detail.2. A quantitative evaluation method known as hybrid multi-attributes group decision-makingwas proposed.Then, it introduced the methods how to normalize the evaluation value and acquirethe index weights and expert weights by the similarity concepts of interval number and triangularfuzzy number. Extended the application area of VIKOR method to hybrid multi-attributes groupdecision-making, the problem of information loss in the transforming process among differentforms of indicator values was solved in a certain extent.Finally,used the extended methods toprocess the group evaluation value.The example showed that the index systems and the hybridmulti-attributes group decision-making method was feasible.3. A cryptographic modules security capabilities evaluation prototype system was designedand implemented. By implemented the indexes system and quantitative evaluation methods, theprototype system granted the organizers to input the basic information of cryptographic moduleobjects and a number of experts to evaluate the cryptographic modules in different times andlocations efficiently and cheaply. |
PDF Full Text Request