Resources Allocation Analysis of Information Security Defense in Network Information System——In Perspective of Theory of Constrains

Operations Research and Management Science ›› 2014, Vol. 23 ›› Issue (3): 163-169.

Previous Articles Next Articles

Resources Allocation Analysis of Information Security Defense in Network Information System——In Perspective of Theory of Constrains

XIONG Qiang^1,2, ZHONG Wei-jun¹, LI Zhi-wen²

1. School of Economic and Management, Southeast University, Nanjing 210096, China;
2. School of Management, Jiangsu University, Zhenjiang 212013, China

Received:2012-11-02 Online:2014-03-25

网络信息系统中信息安全防御资源分配策略分析——基于约束理论视角

熊强^1,2, 仲伟俊¹, 李治文²

1.东南大学经济管理学院,江苏南京 210096;
2.江苏大学管理学院,江苏镇江 212013

作者简介:熊强(1979-),男,江苏常州人,博士研究生,研究方向:电子商务、信息安全管理;仲伟俊(1962-),男,江苏南通人,教授,研究方向:信息管理与信息系统、企业创新;李治文(1981-),男,山东海阳人,博士,研究方向:电子商务、信息系统管理。
基金资助:
国家自然科学基金项目(71071033);国家社会科学基金项目(10BGL097);教育部人文社会科学研究青年基金项目(11YJC630234)

Abstract

Abstract: Being safe and economical is the main foundation when enterprises make the decision on information security defense, so that enterprises need to trade off optional allocation of defense resources among many different information nodes in the network information system. This paper firstly establishes a decision model of security defense without resource constraints in order to study how enterprise optimizes the allocation of its defense resources, and the result obtains the defense threshold and relative economical defense level of different nodes. Furthermore, the condition that security resources are limited is combined into the basic model. Through analyzing the impact of factors such as the defensive value of different information nodes, the expected loss, attack probability and so on, we draw conclusions about the priority of different nodes, the amount of resources invested in the defense of different nodes.

Key words: information system, resources allocation, constrains theory, information security

摘要： 安全经济性是企业信息安全防御决策的重要依据,在网络信息系统中企业需要权衡如何在众多不同信息资源节点间实施防御资源的合理分配。本文首先构建了无安全资源约束下的安全防御决策模型,研究企业在信息安全防御中如何来优化分配其防御资源,得出不同信息节点存在防御阀值以及各节点的相对经济防御水平值;在此模型基础上增加了安全防御资源约束条件,分析不同信息资源节点的防御价值、损失预期、攻击概率等因素对决策的影响,得出企业在不同节点上的防御优先级以及防御过程中投入资源量等相关结论。

关键词: 信息系统, 资源分配, 约束理论, 信息安全

CLC Number:

F224.32

XIONG Qiang, ZHONG Wei-jun, LI Zhi-wen. Resources Allocation Analysis of Information Security Defense in Network Information System——In Perspective of Theory of Constrains[J]. Operations Research and Management Science, 2014, 23(3): 163-169.

熊强, 仲伟俊, 李治文. 网络信息系统中信息安全防御资源分配策略分析——基于约束理论视角[J]. 运筹与管理, 2014, 23(3): 163-169.

[1]	XU Qi, WU Cui, CHEN Qi. Dynamic Optimal Allocation Strategy of Idle Resources Supply Chain on Shared Platform [J]. Operations Research and Management Science, 2021, 30(9): 86-92.
[2]	LV Cheng-shu. Anti-Attack Social Recommendation Algorithm Based on Multiple Implicit Trust Relationship [J]. Operations Research and Management Science, 2020, 29(1): 69-78.
[3]	LV Cheng-shu. Shilling Attack Detection Approach Based on Asymmetric Semi-supervised Ensemble SVM [J]. Operations Research and Management Science, 2018, 27(8): 84-91.
[4]	WANG Xiao-long, LI Wen-li. The Influence of the Certainty and the Appropriateness of Penalty on Information Security Compliance Behavior [J]. Operations Research and Management Science, 2018, 27(3): 133-142.
[5]	ZHONG Qiu-yan, WANG Ran, QU Yi. A Method of Attribute Reduction for Emergency Based on Rough Set [J]. Operations Research and Management Science, 2018, 27(1): 89-95.
[6]	ZENG Qian, ZHANG Jin. A Decision Method of Fair Distribution of Resources Based on Classification [J]. Operations Research and Management Science, 2017, 26(6): 10-15.
[7]	HOU Yan-hui, RAO Wei-zhen, HAO Min. Study on Multi-project Human Resources Allocationof Engineering Construction Enterprise—Based on the Perspective of Competence and Two-level Optimization [J]. Operations Research and Management Science, 2017, 26(4): 192-199.
[8]	GU Jian-qiang, MEI Shu-e, ZHONG Wei-jun. Dynamic Coordination Mechanism of Information System Security Investment Based on Interdependent Security [J]. Operations Research and Management Science, 2015, 24(6): 136-142.
[9]	DONG Xue-jie, JIANG Guo-rui, HUANG Ti-yun. Research on Emotional Decision Model of Multi-Agent Negotiation [J]. Operations Research and Management Science, 2014, 23(2): 133-138.
[10]	LIU Yu-peng, QU Shi-you. Information Security Competency Evaluation Model for Internal Staff [J]. Operations Research and Management Science, 2014, 23(1): 151-156.
[11]	NAN Guo-fang, ZHOU Shuai-yin, LI Min-qiang, KOU Ji-song. Forecasting Model of Sensing Data for Sensor Networks Based on Fuzzy Time Series [J]. Operations Research and Management Science, 2013, 22(2): 143-149.
[12]	ZHANG Ge, JIANG Guo-Rui, HUANG Ti-Yun. Argument Generation and Decision Process in Multi-agent Argumentation-based Negotiation Oriented to E-commerce [J]. Operations Research and Management Science, 2011, 20(2): 7-14.

Resources Allocation Analysis of Information Security Defense in Network Information System——In Perspective of Theory of Constrains

网络信息系统中信息安全防御资源分配策略分析——基于约束理论视角

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 12

Recommended Articles

Metrics