Combination of AHP and TOPSIS methods for the ranking of information security controls to overcome its obstructions under fuzzy environment

The organizations utilizing the cloud computing services are required to select suitable Information Security Controls (ISCs) to maintain data security and privacy. Many organizations bought popular products or traditional tools to select ISCs. However, selecting the wrong information security contr...

Full description

Saved in:
Bibliographic Details
Published in:Journal of intelligent & fuzzy systems 2020-01, Vol.38 (5), p.6075-6088
Main Authors: Tariq, Muhammad Imran, Tayyaba, Shahzadi, Ali Mian, Natash, Sarfraz, Muhammad Shahzad, De-la-Hoz-Franco, Emiro, Butt, Shariq Aziz, Santarcangelo, Vito, Rad, Dana V.
Format: Article
Language:English
Subjects:
Analytic hierarchy process
Cloud computing
Decision analysis
Decision making
Fuzzy logic
Fuzzy sets
Obstructions
Organizations
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The organizations utilizing the cloud computing services are required to select suitable Information Security Controls (ISCs) to maintain data security and privacy. Many organizations bought popular products or traditional tools to select ISCs. However, selecting the wrong information security control without keeping in view severity of the risk, budgetary constraints, measures cost, and implementation and mitigation time may lead to leakage of data and resultantly, organizations may lose their user’s information, face financial implications, even reputation of the organization may be damaged. Therefore, the organizations should evaluate each control based on certain criteria like implementation time, mitigation time, exploitation time, risk, budgetary constraints, and previous effectiveness of the control under review. In this article, the authors utilized the methodologies of the Multi Criteria Decision Making (MCDM), Analytic Hierarchy Process (AHP) and Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) to help the cloud organizations in the prioritization and selection of the best information security control. Furthermore, a numerical example is also given, depicting the step by step utilization of the method in cloud organizations for the prioritization of the information security controls.
ISSN:1064-1246
1875-8967
DOI:10.3233/JIFS-179692