Fuzzy Expert System of Information Security Risk Assessment on the Example of Analysis Learning Management Systems

The rapid development and application of new digital technologies has, on the one hand, opened up new opportunities for more efficient management of technological and business processes. On the other hand, this leads to a significant increase in security threats, increasing the vulnerability of busi...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: S. A. Abdymanapov, M. Muratbekov, S. Altynbek, A. Barlybayev
Formato: article
Lenguaje:EN
Publicado: IEEE 2021
Materias:
Acceso en línea:https://doaj.org/article/780dab3f948043eb84b9bc13ef6a12f3
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
Descripción
Sumario:The rapid development and application of new digital technologies has, on the one hand, opened up new opportunities for more efficient management of technological and business processes. On the other hand, this leads to a significant increase in security threats, increasing the vulnerability of businesses and organisations to cybercriminals. In recent years, the rapid growth of incidents of various kinds has shown that traditional approaches to information security (IS) are insufficient. Consequently, software product information security risk assessment has become an important task for most organisations. Several models have been proposed to help different enterprises deal with the challenges of building information security. This paper proposes a new hierarchical structured model for information security risk assessment using fuzzy logic. A new method for information security risk assessment of software is also described using the example of automated control systems or enterprise resource planning (ERP) systems (using learning management systems as an example). The proposed new risk assessment model has been software implemented using fuzzy logic in the form of 15 fuzzy machines. In a series of experiments, we have scrutinised the information security risk assessment of various software products. The proposed method should solve the problem of flexible risk assessment.