The fuzzy integrated evaluation of enterprise information system security based on EC

Abstract

As enterprises increase their electronic communication in business activities through network, the security of enterprise information system based on EC becomes crucial for enterprises. This paper proposes a fuzzy integrated security evaluation method based on man-computer combined data collection and fuzzy expert evaluation in Delphi method. The method could reduce the subjectivity of expert evaluation and alleviate the difficulty of data collection and makes possible a better combination of qualitative and quantitative evaluations. Firstly, the evaluation factor and hierarchy structure of security evaluation is constructed. Secondly, according to data collected and the evaluation comment of each expert, the subjection degree matrix is constructed. Finally, a new concept of degree of assurance is presented for the quantificational evaluation of enterprise information system security based on. In this paper the study of the case shows that the method can be easily used and its results conform to the actual situation.