北京邮电大学学报
北京郵電大學學報
북경유전대학학보
JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS
2009年
6期
83-87
,共5页
信息安全%风险评估%Shapley熵%Choquet积分%层次分析法
信息安全%風險評估%Shapley熵%Choquet積分%層次分析法
신식안전%풍험평고%Shapley적%Choquet적분%층차분석법
information security%risk assessment%Shapley entropy%Choquet integral%analytic hierarchy process
针对评估要素关联关系的模糊性和复杂性以及属性关联性合成权重在实际评估中难以获得的特点,提出了基于Shapley熵和Choquet积分的层次化评估模型. 该模型通过引入多人合作对策中的Shapley值概念,基于最大Shapley熵原理,运用逐级Choquet积分融合的层次分析法解决了贫信息条件下网络系统风险综合评估问题. 某园区子网信息安全风险评估实例验证了该模型的有效性.
針對評估要素關聯關繫的模糊性和複雜性以及屬性關聯性閤成權重在實際評估中難以穫得的特點,提齣瞭基于Shapley熵和Choquet積分的層次化評估模型. 該模型通過引入多人閤作對策中的Shapley值概唸,基于最大Shapley熵原理,運用逐級Choquet積分融閤的層次分析法解決瞭貧信息條件下網絡繫統風險綜閤評估問題. 某園區子網信息安全風險評估實例驗證瞭該模型的有效性.
침대평고요소관련관계적모호성화복잡성이급속성관련성합성권중재실제평고중난이획득적특점,제출료기우Shapley적화Choquet적분적층차화평고모형. 해모형통과인입다인합작대책중적Shapley치개념,기우최대Shapley적원리,운용축급Choquet적분융합적층차분석법해결료빈신식조건하망락계통풍험종합평고문제. 모완구자망신식안전풍험평고실례험증료해모형적유효성.
The existing information security risk assessment approaches commonly ignore the relations among the assessment factors. To overcome the ambiguity and complexity of relations among the factors, and the difficulty of acquiring the correlative fusion weights of attributes in practice, a hierarchical risk assessment model based on Shapley entropies and Choquet integrals is proposed. By introducing the Shapley value concept of n-person cooperative game theory into the assessment model, this approach solves the information security risk assessment problem under poor information conditions by using the analytic hierarchy process with Choquet integrals from bottom to top, which is based on the maximum Shapley entropy principle. The effectiveness of the proposed approach is illustrated via an actual information security risk assessment for four subnets of the intranet in a community.