面向业务流程关键业务节点识别模型

doi:10.19665/j.issn1001-2400.2022.02.022

Abstract

Abstract:

Aiming at the problem of business continuity security management,a key business node identification model for the business process is proposed.First,the node set to be evaluated is obtained according to the business process,the node importance evaluation attributes are quantified according to the importance of the business nodes,and the business node importance decision matrix is constructed by combining with the business node set to be evaluated and the value of the business node evaluation attributes.Second,the evaluation attribute weight of business nodes is improved from the subjective and objective dimensions,the importance combination weight decision matrix of business nodes is constructed,the AE-VIKOR (Analytic hierarchy process and Entropy weighting VIKOR,AE-VIKOR) method is used to calculate the importance coefficient of business nodes,and the key node is identified.Finally,when a security event occurs in a system,the effectiveness and accuracy of the model are proved by comparing and analyzing the impact of the implementation of key businesses and the other businesses on business continuity.Experimental results show that the node importance coefficient is calculated by the AE-VIKOR method in the model,and that the key business node is identified according to the node importance coefficient.The experiment further compares and analyzes the impact of key business nodes and other business nodes on business continuity,and compares the identification results of the AE-VIKOR method and other methods and different decision coefficients,with the results showing that the model identification is efficient and accurate.

Key words: information security, key business node, AE-VIKOR, business continuity

CLC Number:

TP309

XIE Lixia,NI Huiyu. Key business node identification model for the business process[J].Journal of Xidian University, 2022, 49(2): 190-197.

Figures/Tables 12

References 15

[1]	MOLDAGULOVA A N, USKENBAYEVA R K, SATYBALDIYEVA R Z, et al. On Identification of Hybrid Business Processes for Effective Implementation in the Form of Cloud Services[C]// 2019 19th International Conference onControl,Automation and Systems.Piscataway:IEEE, 2019:51-54.
[2]	杨宏宇, 秦赓. 面向风险评估的关键系统识别[J]. 大连理工大学学报, 2020, 60(3):306-316.
	YANG Hongyu, QIN Geng. Identification of Key Business Nodes for Risk Assessment[J]. Journal of Dalian University of Technology, 2020, 60(3):306-316.
[3]	QI M, LU S. Overview of System Wide Information Management and Security Analysis[C]// 2017 IEEE 13th International Symposium on Autonomous Decentralized System.Piscataway:IEEE, 2017:191-194.
[4]	SHEN Y, GU C, ZHAO P. Structural Vulnerability Assessment of Multi-energy System Using a PageRank Algorithm[J]. Energy Procedia, 2019, 158:6466-6471. doi: 10.1016/j.egypro.2019.01.132
[5]	STERGIOPOULOS G, DEDOSIS P, GRITZALIS D. Automatic Network Restructuring and Risk Mitigation through Business Process Asset Dependency Analysis(2020)[EB/OL].[2020-5-18]. https://doi.org/10.1016/j.cose.2020.101869.
[6]	TORABI S A, GIAHI R, SAHEBJAMNIA N. An Enhanced Risk Assessment Framework for Business Continuity Management Systems[J]. Safety Science, 2016, 89:201-218. doi: 10.1016/j.ssci.2016.06.015
[7]	HARIYANTI E, DJUNAIDY A, SIAHAAN D O. A Conceptual Model for Information Security Risk Considering Business Process Perspective[C]// 2018 4th International Conference on Science and Technology.Piscataway:IEEE, 2018:1-6.
[8]	VARELA-VACA A J, PARODY L, GASCA R M, et al. Automatic Verification and Diagnosis of Security Risk Assessments in Business Process Models[J]. IEEE Access, 2019, 7:26448-26465. doi: 10.1109/ACCESS.2019.2901408
[9]	BELOV V M, PESSTUNOV A I, PESSTUNOVA T M. On the Issue of Information Security Risks Assessment of Business Processes[C]// 2018 XIV International Scientific-Technical Conference on Actual Problems of Electronics Instrument Engineering.Piscataway:IEEE, 2018:136-139.
[10]	MOHSEN O, FERESHTEH N. An Extended VIKOR Method Based on Entropy Measure for the Failure Modes Risk Assessment-A Case Study of the Geothermal Power Plant[J]. Safety Science, 2017, 92:160-172. doi: 10.1016/j.ssci.2016.10.006
[11]	YANG J, HAN J, ZHANG X. Information System Security Risk Assessment Based on IDAV Multi-Criteria Decision Model[C]// 2018 12th IEEE International Conference on Anti-Counterfeiting,Security,and Identification.Piscataway:IEEE, 2018:121-127.
[12]	DIESCH R, PFAFF M, KRCMAR H. A Comprehensive Model of Information Security Factors for Decision-Makers(2020)[EB/OL].[2020-02-04]. https://doi.org/10.1016/j.cose.2020.101747.
[13]	DENG Y J, LI Y Q, YIN R R, et al. Efficient Measurement Model for Critical Nodes Based on Edge Clustering Coefficients and Edge Betweenness[J]. Wireless Networks, 2019, 26:2785-2795. doi: 10.1007/s11276-019-02040-4
[14]	KIM J H, AHN B S. Extended Vikor Method Using Incomplete Criteria Weights[J]. Expert Systems with Applications, 2019, 126:124-132. doi: 10.1016/j.eswa.2019.02.019
[15]	PLOSKAS N, PAPATHANASIOU J. A Decision Support System for Multiple Criteria Alternative Ranking Using Topsis And Vikor in Fuzzy and Nonfuzzy Environments[J]. Fuzzy Sets and Systems, 2019, 377:1-30. doi: 10.1016/j.fss.2019.01.012

业务类型	服务特征	应用类型	业务优先级
背景类	时延不要求	传输时间无特别要求	1
交互类	按需响应	在线数据交互的业务	2
流类	有时延要求	实时业务,互动要求较低	3
会话类	时延要求严格	实时业务,高要求互动	4

含义	赋值
属性i与属性j影响一致	1
属性i比属性j影响较强	3
属性i比属性j影响绝对地强	5

业务连续性风险值	业务连续性风险等级
0~0.05	低
0.05~0.10	中
0.10~0.15	高
≥0.15	高危

节点	业务关联度	业务用户类型	业务优先级
n₁	0.250	3	1
n₂	0.375	2	1
n₃	0.250	3	2
n₄	0.500	3	3
n₅	0.125	2	2
n₆	0.250	2	2
n₇	0.125	2	1
n₈	0.250	1	1
n₉	0.250	2	1

业务	旅客值机			配载航班			配载结载
各时刻情况	用户数	平均执行时间/s	资源利用率/%	用户数	平均执行时间/s	资源利用率/%	用户数	业务平均执行时间/s	资源利用率/%
T₀	1 000	10.0	90	100	5.0	98	800	3.0	95
T₁	800	10.5	85	80	6.5	81	675	4.0	72
T₂	550	12.0	65	55	7.2	69	574	4.3	63
T₃	300	12.5	50	30	7.8	50	350	4.8	57
T₄	100	13.0	25	10	8.0	28	190	5.0	26

Key business node identification model for the business process

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 12

References 15

Related Articles 6

Metrics

Comments

Recommended 10

[1]	YANG Luhui,LIU Guangjie,ZHAI Jiangtao,LIU Weiwei,BAI Huiwen,DAI Yuewei. Improved algorithm for detection of the malicious domain name based on the convolutional neural network [J]. Journal of Xidian University, 2020, 47(1): 37-43.
[2]	WANG Sen;QIU Yang;TIN Jin;XU Qinglin. Electromagnetic leakage characteristics of the digital video cable [J]. Journal of Xidian University, 2017, 44(5): 81-86.
[3]	KANG Haiyan;XIONG Li. Enhancing user privacy for personalized web search in big data [J]. J4, 2014, 41(5): 148-154+160.
[4]	WU De;LIU Sanyang. Risk assessment model of information security SVRAMIS [J]. J4, 2013, 40(1): 44-47+154.
[5]	XIAO Heling;CAI Ning;WANG Xiao. Application of quantum LDPC codes to quantum key distribution [J]. J4, 2012, 39(2): 8-11+23.
[6]	QIU Yang;ZHANG Kun;LIU Hao;TIAN Jin. Research on the relationship between the formats of computer information storage and the leakage of electromagnetic information [J]. J4, 2004, 31(2): 269-271.