共查询到20条相似文献,搜索用时 62 毫秒
1.
针对信息系统安全风险因素的灰色性和模糊性,以及信息安全风险评估过程中存在的主观性,将灰色统计评估法、模糊综合评判法和层次分析法结合,建立一种信息系统安全风险的灰色模糊综合评估模型.通过灰色统计法建立模糊隶属度矩阵,层次分析法确定风险因素权重,以此来评估量化系统风险,该方法能较好地量化评估信息系统安全风险. 相似文献
2.
针对层次分析法(AHP)的缺点,提出了一种基于三角模糊数的模糊层次分析法,该评估方法通过使用模糊数来反映专家评判的模糊性,弱化了单纯使用AHP方法存在的主观性,并对网络用户行为各属性的权重进行量化计算,使评判结果更加客观,通过实例说明如何在实际中应用该方法。评价结果为基于动态信任的安全控制提供量化分析基础,为服务提供者采取更加安全的策略来响应用户请求提供量化依据。 相似文献
3.
4.
5.
基于熵权系数法的信息安全模糊风险评估 总被引:4,自引:0,他引:4
信息安全风险分析中存在大量模糊、不确定性影响因素,以往的信息安全风险综合分析方法如PRA分析法需要收集到精确全面的评估数据,通过故障树分析信息系统被攻击的原因,建立风险计算模型定量计算系统风险,此方法过于繁琐,不易对信息系统风险进行准确的量化.针对此问题,文中通过对信息系统风险影响因素的识别与分析,构建反映信息安全风险影响因素及它们相互关系的风险评估指标体系,并应用多级模糊综合评判法对风险评估指标进行多层量化评估,同时利用信息熵定量计算各风险影响因素的权重,克服了直接赋值的主观性.该方法能较好地量化评估信息系统风险,方便计算出信息系统总的风险值. 相似文献
6.
航天测控系统容灾能力评估是建设航天测控容灾系统的关键环节.通过对航天测控系统容灾能力评估因素进行深入分析,建立评价指标体系,利用层次分析法(AHP)确定各指标的组合权重;利用模糊评判方法建立模糊评判模型,计算容灾能力的综合评判值并做出决策.按照以上方法评估,航天测控系统的总体容灾能力等级是“较强”,但在灾难恢复管理、灾难恢复规划及灾难恢复技术措施等方面还需提高.结果表明,通过将层次分析法和模糊评判方法相结合对容灾能力进行评估,可以为容灾建设提供合理参考依据. 相似文献
7.
本文在分析影响信息安全风险的因素的基础上构建了信息安全风险分析的层次结构模型,提出了采用模糊层次分析法(Fuzzy-AHP)对风险进行量化分析的方法。该方法采用三角模糊数来表示基于群组决策的信息安全风险各因素的判断矩阵,并用层次分析法来对专家判断结果进行处理,为决策提供了更合理的数据。 相似文献
8.
高新技术企业风险投资及投资风险评价 总被引:7,自引:0,他引:7
本文研究了风险投资的含义和基本特点,并且在全面分析风险投资特点的基础上
,提出了高科技产业开发投资风险综合评判体系. 文中利用层次分析法和聚类分析法相结合的形式确定权数,以主观概率来描述风险, 从而建立了高科技产业开发投资风险的多因素层次模糊综合评判模型,采用模糊数学工具对高新技术项目的投资风险进行综合评价.进行了实证运算,实现了高新技术产业开发投资风险较为科学的评判与判断. 相似文献
9.
10.
针对工业控制系统漏洞风险评估角度较为单一且与工控环境联系不紧密问题,提出了面向工业控制系统漏洞的多维属性评估方法。首先,建立了漏洞有效性、风险类别属性判别模板,同时定义漏洞风险程度多维评价指标。其次,提出基于ernieCat的风险程度预测模型,使用漏洞文本描述及漏洞内在评价属性作为融合特征预测漏洞的严重性、危害性以及可利用性等级。结合工业控制系统设备层级关键信息与漏洞风险等级情况,建立多维度量化指标,对工业控制系统漏洞的危害程度进行量化评估。最后,通过实验验证ernieCat模型应用在漏洞风险程度预测方面的优越性。 相似文献
11.
12.
基于VaR模型的金融市场风险评估系统与软件研究 总被引:2,自引:0,他引:2
该文首先对VaR风险价值模型的基本概念进行了阐述;接着阐述了存款性金融机构建立金融市场风险评估分析系统的必要性以及VaR模型用于该系统的可行性;提出该评估分析系统的逻辑与软件结构,分析其功能、技术难点与相关的解决思路;最后介绍该系统的实证应用情况并讨论需进一步研究、解决和完善的问题。 相似文献
13.
基于投影寻踪和支持向量机的模式识别方法* 总被引:1,自引:0,他引:1
由于支持向量机(SVM)在处理小样本、高维数及泛化性能强等方面的优势,提出了一种基于投影寻踪(PP)和支持向量机的模式分类方法.利用PP方法把高维数据转换到低维子空间,同时用加速遗传算法获得最佳投影方向和投影值,揭示了高维数据的结构特征,然后在低维空间中用SVM对特征向量进行分类识别,并将其应用到银行信贷风险评估中.选用2005年度80家贷款申请企业的数据样本,对该模型进行验证,通过与神经网络模型的比较,证实了该方法用于模式识别的有效性及优越性. 相似文献
14.
15.
基于结构风险最小化的加权偏最小二乘法 总被引:1,自引:0,他引:1
为了在偏最小二乘法(PLS)建模过程中实现结构风险最小化(SRM),提出基于结构风险最小化的加权偏最小二乘法(WPLS)。WPLS先提取训练样本中的主元,然后使用支持向量机(SVM)训练算法计算训练样本权值,最后计算原始论域中的回归模型。该算法保留了PLS能有效地提取对系统解释性最强的信息的优点,并通过样本权值提高模型的泛化能力,从而实现SRM准则,所建立的模型具有可解释性。仿真计算证明了模型的有效性。 相似文献
16.
ContextOrganizations combine agile approach and Distributed Software Development (DSD) in order to develop better quality software solutions in lesser time and cost. It helps to reap the benefits of both agile and distributed development but pose significant challenges and risks. Relatively scanty evidence of research on the risks prevailing in distributed agile development (DAD) has motivated this study.ObjectiveThis paper aims at creating a comprehensive set of risk factors that affect the performance of distributed agile development projects and identifies the risk management methods which are frequently used in practice for controlling those risks.MethodThe study is an exploration of practitioners’ experience using constant comparison method for analyzing in-depth interviews of thirteen practitioners and work documents of twenty-eight projects from thirteen different information technology (IT) organizations. The field experience was supported by extensive research literature on risk management in traditional, agile and distributed development.ResultsAnalysis of qualitative data from interviews and project work documents resulted into categorization of forty-five DAD risk factors grouped under five core risk categories. The risk categories were mapped to Leavitt’s model of organizational change for facilitating the implementation of results in real world. The risk factors could be attributed to the conflicting properties of DSD and agile development. Besides that, some new risk factors have been experienced by practitioners and need further exploration as their understanding will help the practitioners to act on time.ConclusionOrganizations are adopting DAD for developing solutions that caters to the changing business needs, while utilizing the global talent. Conflicting properties of DSD and agile approach pose several risks for DAD. This study gives a comprehensive categorization of the risks faced by the practitioners in managing DAD projects and presents frequently used methods to reduce their impact. The work fills the yawning research void in this field. 相似文献
17.
18.
A logistic regression framework for information technology outsourcing lifecycle management 总被引:2,自引:0,他引:2
Aleksandra Mojsilovi Bonnie Ray Richard Lawrence Samer Takriti 《Computers & Operations Research》2007,34(12):3609
We present a methodology for managing outsourcing projects from the vendor's perspective, designed to maximize the value to both the vendor and its clients. The methodology is applicable across the outsourcing lifecycle, providing the capability to select and target new clients, manage the existing client portfolio and quantify the realized benefits to the client resulting from the outsourcing agreement. Specifically, we develop a statistical analysis framework to model client behavior at each stage of the outsourcing lifecycle, including: (1) a predictive model and tool for white space client targeting and selection—opportunity identification (2) a model and tool for client risk assessment and project portfolio management—client tracking, and (3) a systematic analysis of outsourcing results, impact analysis, to gain insights into potential benefits of IT outsourcing as a part of a successful management strategy. Our analysis is formulated in a logistic regression framework, modified to allow for non-linear input–output relationships, auxiliary variables, and small sample sizes. We provide examples to illustrate how the methodology has been successfully implemented for targeting, tracking, and assessing outsourcing clients within IBM global services division.Scope and purposeThe predominant literature on IT outsourcing often examines various aspects of vendor–client relationship, strategies for successful outsourcing from the client perspective, and key sources of risk to the client, generally ignoring the risk to the vendor. However, in the rapidly changing market, a significant share of risks and responsibilities falls on vendor, as outsourcing contracts are often renegotiated, providers replaced, or services brought back in house. With the transformation of outsourcing engagements, the risk on the vendor's side has increased substantially, driving the vendor's financial and business performance and eventually impacting the value delivery to the client. As a result, only well-ran vendor firms with robust processes and tools that allow identification and active management of risk at all stages of the outsourcing lifecycle are able to deliver value to the client. This paper presents a framework and methodology for managing a portfolio of outsourcing projects from the vendor's perspective, throughout the entire outsourcing lifecycle. We address three key stages of the outsourcing process: (1) opportunity identification and qualification (i.e. selection of the most likely new clients), (2) client portfolio risk management during engagement and delivery, and (3) quantification of benefits to the client throughout the life of the deal. 相似文献
19.
在分析传统污水处理厂出水水质预测方法的基础上,提出一种核主元分析和小波神经网洛相结合的预测新方法。首先利用核主元分析实现输入变量的降维和去相关,然后运用小波神经网络建立预测模型。采用统计学理论的中的结构风险最小化原则为目标来训练网络的结构,采用自适应正交最小二乘法来训练网络权值,该方法最大限度地保证了网络的泛化能力。实验结果表明,该预测模型具有预测精度高,使用方便等优点。 相似文献
20.
The aim of this paper was to evaluate the risk level for both intra-organizational cultures and for different industries in implementing an enterprise resource planning (ERP) system. This study adopts the Fuzzy Analytic Network Process (FANP) method to assess ERP implementation risks, which were categorized into four dimensions: management and execution, software system, users, and technology planning. An empirical survey was conducted that utilized the collected survey data of 20 ERP experts in Taiwan to assess, rank, and improve the critical risks of ERP implementation via the FANP method. Based on the results of the FANP method, a follow-up survey of ERP end-users in different departments of three industries was conducted to assess how intra-organizational cultures and cross-industries affect users’ perceived risks a real world scenario. Our research results demonstrated that “lack of management support and assistance” is vital risk for a successful ERP implementation. Top management support and involvement are crucial and essential factors to the success of a firm's ERP implementation. “Ineffective communication with users” was found to be the second highest risk factor. The benefits of using the FANP method for evaluating the risk factors come from the clear priority weights between alternatives. Finally, this study provides suggestions to help enterprises decrease ERP risks, and enhance the chances of success of ERP implementations among intra-organizational cultures and across-industries. 相似文献