Combination of AHP and TOPSIS methods for the ranking of information security controls to overcome its obstructions under fuzzy environment
The organizations utilizing the cloud computing services are required to select suitable Information Security Controls (ISCs) to maintain data security and privacy. Many organizations bought popular products or traditional tools to select ISCs. However, selecting the wrong information security contr...
- Autores:
-
Tariq, Muhammad Imran
Tayyaba, Shahzadi
Ali Mian, Natash
Sarfraz, Muhammad Shahzad
De-la-Hoz-Franco, Emiro
Butt, Shariq Aziz
Santarcangelo, Vito
Rad, Dana V
- Tipo de recurso:
- Article of journal
- Fecha de publicación:
- 2020
- Institución:
- Corporación Universidad de la Costa
- Repositorio:
- REDICUC - Repositorio CUC
- Idioma:
- eng
- OAI Identifier:
- oai:repositorio.cuc.edu.co:11323/7314
- Acceso en línea:
- https://hdl.handle.net/11323/7314
http://doi.org/10.3233/JIFS-179692
https://repositorio.cuc.edu.co/
- Palabra clave:
- Information security
Analytical Hierarchy Process
TOPSIS
fuzzy logic
MCDM
MADM
- Rights
- openAccess
- License
- Attribution-NonCommercial-NoDerivatives 4.0 International
| Summary: | The organizations utilizing the cloud computing services are required to select suitable Information Security Controls (ISCs) to maintain data security and privacy. Many organizations bought popular products or traditional tools to select ISCs. However, selecting the wrong information security control without keeping in view severity of the risk, budgetary constraints, measures cost, and implementation and mitigation time may lead to leakage of data and resultantly, organizations may lose their user’s information, face financial implications, even reputation of the organization may be damaged. Therefore, the organizations should evaluate each control based on certain criteria like implementation time, mitigation time, exploitation time, risk, budgetary constraints, and previous effectiveness of the control under review. In this article, the authors utilized the methodologies of the Multi Criteria Decision Making (MCDM), Analytic Hierarchy Process (AHP) and Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) to help the cloud organizations in the prioritization and selection of the best information security control. Furthermore, a numerical example is also given, depicting the step by step utilization of the method in cloud organizations for the prioritization of the information security controls. |
|---|