Researches on a Fuzzy Synthetic Assessment Model of the Information System Security Risks

With the extensive application of Information System in all walks of life, security analysis and assessment carried out on the IS have become quite necessary. This paper has, on the basis of the Fuzzy Synthetic Assessment method, suggested a security assessment model to the financial service IS, and applied it in the practical Information System Security Risk assessment to demonstrate the feasibility of this approach. The model provides a quantitative method for identifying the key ISSR components by avoiding various contrived factors in the process of subjective judgments. In practice, it will provide reliable basis for the system management departments to take appropriate means as well as adopt necessary security and technology measures, thereby posing an important practicability and applicability.