The Journal of Information Systems (한국정보시스템학회지:정보시스템연구)

Korea Association of Information Systems (한국정보시스템학회)
권호 표지
DOI QR코드

DOI QR Code

Comparison of Fuzzy AHP Decision Making Approaches for Selection among Information Security Systems

정보 보안 방안 선택을 위한 퍼지 AHP 방법의 비교 검토

  • Received : 2010.05.06
  • Accepted : 2010.07.01
  • Published : 2010.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

Along with advance of information technology, value of information is growing much more than ever. And nearly all organizations pay great attentions to information security to protect their own important informations against every kind of hazardous accidents. Therefore, organizations want to select best information security system among many possible alternatives. For this purpose, several fuzzy AHP decision making approaches can be utilized. In this study, we consider a number of qualitative and quantitative factors to evaluate security systems and then apply three fuzzy AHP approaches for simple case to compare the results from three approaches. We find that final decision depends on both fuzzy AHP methods and degree of fuzziness.

Keywords

References

  1. 김기윤, 나관식, "취약성 평가에 의한 정보보호 지표의 계량화: 정보자산 가중치법," 한국정보보호학회지, 제10권, 제1호, 2000, pp. 51-62.
  2. 김수영, 이승찬, "퍼지 AHP를 이용한 정보시스템 솔루션 선정 모델에 관한 연구," Entrue Journal of Information Technology, 제4권, 제1호, 2005, pp. 79-89.
  3. 김종기, "정보시스템 보안의 효과성 모형에 관한 실증적 연구," 정보시스템연구, 제7권, 제2호, 1998, pp. 91-108.
  4. 김종기, 전진환, 임호섭, "정보 보안정책, 보안통제 및 사용자특성이 정보 보안효과에 미치는 영향- 컴퓨터 바이러스를 중심으로," 정보시스템연구, 제15권, 제1호, 2006, pp. 145-168.
  5. 이웅규, "보안위험, 편리성, 사회적 영향이 인터넷 뱅킹 사용에 미치는 효과 - 계좌이체와 잔액조회 서비스의 비교," 정보시스템연구, 제14권, 제2호, 2005, pp. 1-23. https://doi.org/10.1057/palgrave.ejis.3000517
  6. 정희조, 김진영, 임춘성, "기업의 정보보호수준 및 성숙도 진단을 위한 정보보호수준 통합 평가시스템 개발에 관한 연구," 정보보호학회지, 제14권, 제4호, 2004, pp. 37-44.
  7. Barnard, L., "The Evaluation and Certification of Information Security against BS7799," Information Management & Computer Security, Vol.6, No.2, 1998, pp. 72-77. https://doi.org/10.1108/09685229810209397
  8. Bozdag, C. E., Kahraman, C. and Ruan, D., "Fuzzy Group Decision Making for Selection among Computer Integrated Manufacturing Systems," Computers in Industry Vol.51, 2003, pp. 13-29. https://doi.org/10.1016/S0166-3615(03)00029-0
  9. Cheng, C. H., "Evaluating Naval Tactical Missile Systems by Fuzzy AHP based on the Grade Value of Membership Function," European Journal of Operations Research Vol.96, 1996, pp. 343-350.
  10. Zhu, K. J., Jing, Y. and Chang, D. Y., "A Discussion on Extent Analysis Method and Applications of Fuzzy AHP," European Journal of Operations Research, Vol.116, 1999, pp. 450-456. https://doi.org/10.1016/S0377-2217(98)00331-2
  11. Rossouw, S., "Information Security Management(3) : the Code of Practice for Information Security Management," Information Management & Computer Security Vol.6, No.5, 1998, pp. 224-225. https://doi.org/10.1108/09685229810240158
  12. NIST, An Introduction to Computer Security: the NIST Handbook, NIST, 1995.
  13. OECD, OECD Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security, OECD, 2002.

Cited by

  1. Risk Assessment of Submerged Floating Tunnels based on Fuzzy AHP vol.13, pp.7, 2012, https://doi.org/10.5762/KAIS.2012.13.7.3244