| Summary: | 碩士 === 國防大學 === 資訊管理學系 === 107 === Due to the development and popularity of the Internet, hostile countries can destroy military or civilian infrastructure through the Internet. Cyber-attacks have become a form of military attack today. The Ministry of National Defense (MND) follows the policy of information equipment co-location and energy conservation and carbon reduction formulated by the Executive Yuan. Now, MND is building a cloud data center in the military network for the armed force. Its purpose is to integrate information services and uniformly dispatch information resources to satisfy the information operation needs of military units at all levels. However, it must be considered that resource centralization is a high risk. Therefore, how to explore the mainly indicators affecting the information security of the military cloud data center is an important issue through scientific methods. The practice of these key indicators relates to the protection of classified data and information infrastructure. To the best of our knowledge, there are no related papers discussing the topic of the information security evaluation indicators for the military cloud data center in the meantime.
The research methods in this study consist of three steps. Firstly, the initial framework of information security assessment indictors for the military cloud data center had been summarized based on literature reviews. There are three categories and twenty five indicators. Then, an expert questionnaire was designed based on the above framework according to principles of the Delphi Method, and this study obtained the revised framework through the interview with experts. Finally, the study further designed an Analytic Hierarchy Process (AHP) questionnaire based on the revised structure to investigate and calculate the weight of each indicator. This study shows that the highest weight among three categories is “organizations and the professionals’ capabilities," in which the top three indicators with higher weights are "senior executives' awareness and support on information security," "personnel safety assessment," and "system operation and management capabilities." The findings of this study can be used as an important reference for the military cloud data center during designing information security specifications and implementing information security practices.
|
|---|
