Mixed-index information system security evaluation

doi:10.16511/j.cnki.qhdxxb.2016.25.010

Download: PDF(1005 KB)
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks

Abstract A mixed-index evaluation method is given to evaluate the security of system operations using a business effectiveness index. The business effectiveness index was established in Q·S, with real type, interval data and language types using BECM. A complete information system security evaluation then uses a general consideration of both the business effectiveness index and other security indexes. The uncertainty of the overall system security due to incomparable attribute characteristics, such as the security risk and stable operating descriptions is improved by a comprehensive model to evaluate linguistic terms using lattice implication algebra. Examples demonstrate that this method gives intuitive, credible evaluations for decision analyse.

Keywords business effectiveness index mixed-index security situation incomparability linguistic evaluation

ZTFLH:

TP393.08

Issue Date: 15 May 2016

	Service

	E-mail this article
	E-mail Alert
	RSS
	Articles by authors

	WANG Danchen
	XU Yang
	LI Bin
	HE Xingxing

Cite this article:

WANG Danchen,XU Yang,LI Bin, et al. Mixed-index information system security evaluation[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(5): 517-521,529.

URL:

http://jst.tsinghuajournals.com/EN/10.16511/j.cnki.qhdxxb.2016.25.010 OR http://jst.tsinghuajournals.com/EN/Y2016/V56/I5/517

[1] Ulrik F, Joel B. Cyber situational awareness-A systematic review of the literature[J].Computer & Security, 2014,46:18-31.
[2] Endsley M R. Design and evaluation for situation awareness enhancement[C]//Proceedings of the Human Factors Society 32nd Annual Meeting. California:Human Factors & Ergonomics Society Meeting,1988:97-101.
[3] Endsley M R. Toward a theory of situation awareness in dynamic systems[J].Hum Factors Mar, 1995,37(1):32-64.
[4] Bass T, Gruber D. A glimpse into the future of ID[Z/OL]. (1999-11-16). http://www.usenix.org/publicaitons/login/1999-9/features/future.html.
[5] 龚正虎, 卓莹. 网络态势感知研究[J]. 软件学报, 2010,21(7):1605-1619. GONG Zhenghu, ZHUO Ying. Research on cyberspace situational awareness[J].Journal of Software, 2010,21(7):1605-1619.(in Chinese)
[6] Hall D, Llinas J. An introduction to multisensory data fusion[J].Proceedings of the IEEE, 1997,85(1):6-23.
[7] Klein G, Gnther H, Trber S. Modularizing cyber defense situational awareness-Technical integration before human understanding[J]. Computer Information, 2012,10:307-318.
[8] Yang S, Byers S, Holsopple J, et al. Intrusion activity projection for cyber situational awareness[C]//IEEE International Conference on Intelligence and Security Informatics. Taipei:Springer International Publishing, 2008:167-172.
[9] 王娟, 张凤荔, 傅翀, 等. 网络态势感知中的指标体系研究[J]. 计算机应用, 2007,27(8):1907-1912. WANG Juan, ZHANG Fengli, FU Chong, et al. Study on index system in network situation awareness[J].Journal of Computer Applications, 2007,27(8):1907-1912. (in Chinese)
[10] 蒋运承, 汤庸. 服务组合的质量估计模型[J]. 小型微型计算机系统, 2006,27(8):1519-1525. JIANG Yunchen, TANG Yong. Quality of service estimation model for service composition[J].Journal of Chinese Mini-Micro Computer Systems, 2006,27(8):1519-1525. (in Chinese)
[11] Liu Y, Ngu A H, Zeng L. Q·S computation and policing in dynamic web service selection[C]//Proceedings of the WWW'04. New York:ACM Press, 2004:42-53.
[12] Wang X, Vitvar T, Kerrigan M, et al. Synthetical evaluation of multiple qualities for service selection[C]//In:Asit D, Winfried L, eds. Proceedings of the ICSOC'06. LNCS 4294. Heidelberg:Springer-Verlag, 2006:152-162.
[13] Xu Y, Chen S W, Ma J. Linguistic truth-valued lattice implication algebra and its properties[C]//IMACS Multi Conference on Computational Engineering in System Application. Beijing:IEEE, 2006:1413-1418.
[14] Liu J, Xu Y, Ruan D, et al. A lattice-valued linguistic-based decision-making method[C]//2005 IEEE International Conference on Granular Computing. Beijing:IEEE, 2005:199-202.