Model of information security evaluation based on gray analytical hierarchy process
一种基于灰色层次分析法的信息安全评估模型

An information security evaluation model was proposed based on Gray Analytical Hierarchy Process. First, an information security hierarchy model with three-hierarchy was estabhshed according to ISO/IEC 17 799 and some domestic information security evaluation criteria. Second, the model was explained by AHP and gray systems theory, thus the result could be more objective. Finally, a case study was carried out to a stock exchange net and the result was acknowledged by the company. Therefore, this model is proved to be feasible and effective.