A fuzzy outranking approach in risk analysis of web service security

被引:6
作者
Wang, Ping [1 ]
Chao, Kuo-Ming
Lo, Chi-Chun
Huang, Chun-Lung
Younas, Muhammad
机构
[1] Kun Shan Univ Technol, Dept MIS, Tainan, Taiwan
[2] Fudan Univ, Software Sch, Shanghai 200433, Peoples R China
[3] Coventry Univ, Fac Engn & Comp, Coventry, W Midlands, England
[4] Natl Chiao Tung Univ, Inst Informat Management, Hsinchu, Taiwan
[5] Oxford Brookes Univ, Dept Comp, Oxford OX3 0BP, England
来源
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS | 2007年 / 10卷 / 01期
关键词
fuzzy outranking; risk analysis; web services security; pseudo-order; POPM;
D O I
10.1007/s10586-007-0002-2
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Risk analysis is considered as an important process to identify the known and potential vulnerabilities and threats in the web services security. It is quite difficult for users to collect adequate events to estimate the full vulnerabilities and probability of threats in the Web, due to the rapid change of the malicious attacks and the new computers vulnerabilities. In this paper, a fuzzy risk assessment model is developed in order to evaluate the risk of web services in a situation where complete information is not available. The proposed model extends Pseudo-Order Preference Model (POPM) to estimate the imprecise risk based on richness of information and to determine their ranking using a weighted additive rule. A case Study of a number of web services is presented in order to test the proposed approach.
引用
收藏
页码:47 / 55
页数:9
相关论文
共 50 条
  • [41] The Progress and Prospective of the Fuzzy Risk Analysis
    Liu, Guolei
    Huang, Chongfu
    Yang, Junmin
    THEORY AND PRACTICE OF RISK ANALYSIS AND CRISIS RESPONSE, PROCEEDINGS, 2008, : 205 - +
  • [42] Towards Risk-Driven Security Testing of Service Centric Systems
    Zech, Philipp
    Felderer, Michael
    Breu, Ruth
    2012 12TH INTERNATIONAL CONFERENCE ON QUALITY SOFTWARE (QSIC), 2012, : 140 - 143
  • [43] Cyber Security Risk Modelling and Assessment: A Quantitative Approach
    Sokri, Abderrahmane
    PROCEEDINGS OF THE 18TH EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY (ECCWS 2019), 2019, : 466 - 474
  • [44] Validation of risk analysis for ship collision in narrow waters by using fuzzy Bayesian networks approach
    Aydin, Muhammet
    Akyuz, Emre
    Turan, Osman
    Arslan, Ozcan
    OCEAN ENGINEERING, 2021, 231
  • [45] FUZZY TOPSIS APPROACH TO IMPROVE QUANTITATIVE RISK ANALYSIS CONSIDERING DIFFERENT CRITERIA AND THEIR MUTUAL EFFECTS
    Sarbaghi, Mohammad-Hossein
    Shakhsi-Niaei, Majid
    Iranmanesh, Seyed Hossein
    ICINCO 2011: PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON INFORMATICS IN CONTROL, AUTOMATION AND ROBOTICS, VOL 1, 2011, : 219 - 222
  • [46] Modeling and risk analysis of virtual project team through project life cycle with fuzzy approach
    Ghaffari, Mona
    Sheikhahmadi, Farrokh
    Safakish, Gholamreza
    COMPUTERS & INDUSTRIAL ENGINEERING, 2014, 72 : 98 - 105
  • [47] A fuzzy reasoning approach to assess innovation risk in ecosystems
    Abreu, Antonio
    Martins, Jose Moleiro
    Calado, Joao M. F.
    OPEN ENGINEERING, 2018, 8 (01): : 551 - 561
  • [48] Integrated fuzzy approach for system modeling and risk assessment
    Kumar, Vikas
    Schuhmacher, Marta
    Garcia, Miriam
    MODELING DECISIONS FOR ARTIFICIAL INTELLIGENCE, 2006, 3885 : 227 - 238
  • [49] A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
    Md Tarique Jamal Ansari
    Fahad Ahmed Al-Zahrani
    Dhirendra Pandey
    Alka Agrawal
    BMC Medical Informatics and Decision Making, 20
  • [50] A fuzzy TOPSIS based analysis toward selection of effective security requirements engineering approach for trustworthy healthcare software development
    Ansari, Md Tarique Jamal
    Al-Zahrani, Fahad Ahmed
    Pandey, Dhirendra
    Agrawal, Alka
    BMC MEDICAL INFORMATICS AND DECISION MAKING, 2020, 20 (01)
12345