Abstract
Security evaluation and management has become increasingly important for Web-based information technology (IT) systems, especially for educational institutions. For the security evaluation and management of IT systems in educational institutions, determining the security level for a single IT system has been well developed. However, it is still difficult to evaluate the information security level of the entire educational institution considering multiple IT systems, because there might be too many different IT systems in one institution, educational institutions can be very different, and there is no standard model or method to provide a justifiable information security evaluation among different educational institutions considering their differences. In light of these difficulties, a security evaluation model of educational institutions’ IT systems (SEMEIS) is proposed in this work to facilitate the information security management for the educational institutions. Firstly, a simplified educational industry information system security level protection rating (EIISSLPR) with a new weight redistribution strategy for a single IT system is proposed by choosing important evaluation questions from EIISSLPR and redistributing the weights of these questions. Then for the entire educational institution, analytic hierarchy process (AHP) is used to redistribute the weights of multiple IT systems at different security levels. Considering the risk of possible network security vulnerabilities, a risk index is formulated by weighting different factors, normalized by a utility function, and calculated with the real data collected from the institutions under the evaluation. Finally, the information security performance of educational institutions is obtained as the final score from SEMEIS. The results show that SEMEIS can evaluate the security level of the education institutions practically and provide an efficient and effective management tool for the information security management.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.