Group Decision-Making Information Security Risk Assessment Based on AHP and Information Entropy
نویسندگان
چکیده
The phenomenon of over-reliance on subjective assignment is a challenging task in the information security risk assessment process. This study deals with this problem. We have presented a group decisionmaking information security risk assessment method by combining Analytic Hierarchy Process (AHP) with Information entropy. When AHP is used to assess the security risk of information systems, the elements of the Criteria level are the risk probability, impact and uncontrollability. The priorities of the Alternatives as risk factors with respect to the Criteria level are determined by applying the group decision-making approach. And the experts’ weights are obtained through information entropy. The experts’ judgments are aggregated into a consensus matrix. The consensus matrix reduces the subjectivity of judgments due to the experts’ preferences.
منابع مشابه
A novel ranking method for intuitionistic fuzzy set based on information fusion and application to threat assessment
A novel ranking method based on multi-time information fusion is proposed for intuitionistic fuzzy sets (IFSs) and applied to the threat assessment problem, a multi-attribute decision making (MADM) one. This method integrates a designed intuitionistic fuzzy entropy (IFE), the closeness degree of technique for order preference by similarity to ideal solution (TOPSIS), the decision maker¡¯s (DM¡¯...
متن کاملINFORMATION MEASURES BASED TOPSIS METHOD FOR MULTICRITERIA DECISION MAKING PROBLEM IN INTUITIONISTIC FUZZY ENVIRONMENT
In the fuzzy set theory, information measures play a paramount role in several areas such as decision making, pattern recognition etc. In this paper, similarity measure based on cosine function and entropy measures based on logarithmic function for IFSs are proposed. Comparisons of proposed similarity and entropy measures with the existing ones are listed. Numerical results limpidly betoken th...
متن کاملA New Extended Analytical Hierarchy Process Technique with Incomplete Interval-valued Information for Risk Assessment in IT Outsourcing
Information technology (IT) outsourcing has been recognized as a new methodology in many organizations. Yet making an appropriate decision with regard to selection and use of these methodologies may impose uncertainties and risks. Estimating the occurrence probability of risks and their impacts organizations goals may reduce their threats. In this study, an extended analytical hierarchical proc...
متن کاملThe Application of AHP to Evaluate Information Security Policy Decision Making
This paper examines the application of AHP in evaluating information security policy decision making with respect to Indonesian e-government systems. We suggest a new model based on four aspects of information security (management, technology, economy and culture) and three information security components (confidentiality, integrity and availability). AHP methodology was applied to analyze the ...
متن کاملThe Use of AHP in Security Policy Decision Making: An Open Office Calc Application
In this paper, we introduce a framework to guide decision makers evaluating information security policy performance. It is motivated by lack of adequate decision making mechanism with broader scopes and easy to use for the decision makers. The framework, which adopts Analytic hierarchy Process (AHP) methodology, is developed into a four level hierarchy (goal, criteria, sub-criteria, and alterna...
متن کامل