With the increasing exposure and vulnerability to cyber attacks, it becomes necessary to develop methodologies and systems that are capable of dealing with the complex and multifaceted nature of decision situations encountered in security planning and management. In this paper we present the theoretical basis, architecture and design of a web-based multi-perspective decision support system (DSS) and an underlying decision multi-criteria decision framework that is consistent with security and decision theory. The system is illustrated through a multi-stakeholder scenario that captures the complexity encountered in a multi-criteria security control selection decision problem.
Read full abstract