%0 Journal Article
%A CHENG Xiang
%A YANG Hong-yu
%T Information System Risk Control Method Based on Work-Flow
%D 2016
%R 10.13190/j.jbupt.2016.03.019
%J Journal of Beijing University of Posts and Telecommunications
%P 105-109
%V 39
%N 3
%X <p>In order to effectively control the security risks of the business process in the information system, a risk control method based on work-flow (WRCM) was proposed. It includes two operations, the risk quantification and the risk control. In the risk quantification operation, the risk quantification parameters are defined and initialized. In the risk control operation, the minimum residual risk damage was used as object function to get a minimum risk damage deployment scheme based on linear programming method through the control effect maximization operation. Then, the minimum control cost was used as object function to get the minimum control cost deployment scheme through the control cost minimization operation. Experiments show that the WRCM has preferable risk control effect and lower control cost.</p>
%U https://journal.bupt.edu.cn/EN/10.13190/j.jbupt.2016.03.019