Research and application of risk assessment of digital security surveillance system based on AHP-FCE
The network security risk assessment of digital security systems is usually affected by a variety of uncertain factors.In order to effectively reduce the impact of expert subjective factors and other uncertain factors on the assessment results during the assessment process,a method based on the Analytic Hierarchy Process(AHP)is proposed.AHP network security risk assessment method and apply it to the risk assessment practice of the Tobacco Group's digital security system.Firstly,analyze the structure of the digital security system and its security threats;secondly,study the generation mechanism of security events in the digital security system,follow the"National Standard for Information Security Technology Information Security Risk Assessment Method"(GB/T 20984-2022),and conduct questionnaire surveys,interviews,and on the basis of scanning and penetration,a network security risk assessment index system is constructed including 6 secondary indicators and 12 third-level indicators.Determine the weight of each indicator based on the AHP,use the Fuzzy Comprehensive Evaluation(FCE)to obtain the comprehensive evaluation results of each indicator,and incorporate uncertainty factors into the calculation of the probability of security events.Through the probability of security events and their losses,the risk value of the digital security system is calculated.Finally,the proposed method is modeled and risk assessment tested based on yaahp software,which improves the authenticity and validity of the evaluation results.
万方数据
维普
