Method of Information Security Risk Assessment Based on Improved Fuzzy Theory of Evidence

Authors

  • Xuepeng Huang Information & Network Center, Hubei University of Police, P.R. China
  • Wei Xu Department of Information Technology, Hubei University of Police, P.R. China

DOI:

https://doi.org/10.3991/ijoe.v14i03.8422

Keywords:

theory of evidence, fuzzy sets, entropy weight, information systems, risk assessment

Abstract


A method based on improved fuzzy theory of evidence was presented to solve the problem that there exist all kinds of uncertainty in the process of information security risk assessment. The hierarchy model for the information systems risk assessment was established firstly, and then fuzzy sets were introduced into theory of evidence. The basic probability assignments were constructed using the membership function of fuzzy sets, and the basic probability assignments were determined. Moreover, weight coefficients were calculated using entropy weight and empirical factor, which combined the objective weights with the subjective ones, and improved the validity and reliability. An illustration example indicates that the method is feasible and effective, and provides reasonable data for constituting the risk control strategy of the information systems security.

Downloads

Published

2018-03-30

How to Cite

Huang, X., & Xu, W. (2018). Method of Information Security Risk Assessment Based on Improved Fuzzy Theory of Evidence. International Journal of Online and Biomedical Engineering (iJOE), 14(03), pp. 188–196. https://doi.org/10.3991/ijoe.v14i03.8422

Issue

Section

Short Papers