The Security Risk Assessment Of Command Automation Information Network Based On Multiple Indexes Synthetic Evaluation

With the rapid development of military information technology, Armed Police Force has been established and widely used command automation information network. That is, the realization of information network interconnection among the headquarters, corps (division), detachment (regiment) and the squadron. It is a multi-service, multi-purpose platform for the exchange of information for the armed police's duties and emergencies'disposal under modern conditions. In the application and improvement of information platform, there are also security issues that can not be ignored. It has become a hot spot for information technology security personnel that how to achieve a just, objective information network security risk evaluation and enhance security level of the command automation information network effectively.Information network security risk evaluation is a risk possibility assessment which is for the command automation network's threats, weaknesses, impacts, as well as the comprehensive effect of the three. Multiple indexes synthetic evaluation is a multidisciplinary cross-edged, interpenetrative, and multi-point corbelled emerging research method. That is, through converging a number of indicators'information from the assessment object, we get a composite indicator to reflect the whole situation of it.Based on the background of information network security risk evaluation and the multi-criteria synthetical evaluation, we introduced the information network security risk evaluation research situation, raised the risk evaluation model combined with the development of command automation information network of APF in view of the actual demand, and calculated, compared, analyzed several commonly used multi-criteria synthetical evaluation and selection methods of weight at home and abroad. Finally, we designed and implemented a program of the command automation information network security risk evaluation on the basis of the comprehensive evaluation.In this paper, the fuzzy Synthesis evaluation based on the attributes of the hierarchical model better reflected the science and objectivity of assessment. The use of Attribute Hierarchical Model evaluation to calculate the object's weight targets set quantified the weight of indicators of the security risk evaluation reasonably, avoided the unfair evaluation arising from subjective weight, what's more, it didn't require consistency test ,just needed a small amount of calculation, and was easy to program. For the ambiguity of practical problems, fuzzy Synthesis evaluation can assess the uncertainty of the targets and indicators objectively, and be able to make a comprehensive and accurate security risk evaluation. By the use of Attribute Hierarchical Model with fuzzy Synthesis evaluation, we can effectively deal with the inconsistent opinion of experts, analyze and explain the results of the evaluation easily, therefore put forward rational proposals. It is a well method to improve the security risks hierarchy of command automation information network.Eventually, we had a commanding automated security risk evaluation on some of their detachments by the design of the evaluation system, gave the security risk rating and ranking, and made a reference frame for the force. At the same time, we raised reform proposals of security risk according to the assessment report, which ensure the safe and efficient operation of the force's command automation information network.