JOURNAL OF COMPUTING, VOLUME 4, ISSUE 3, MARCH 2012, ISSN 2151-9617 https://sites.google.com/sit https://sites.google.com/site/journalofcomputing e/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
1
Using Fuzzy Methodology to Mapping ITIL Security KPIs to ISMS Nasibeh Mohammadi, Nasser Modiri, Pantea Arya, Afshin Rezakhani
Abstract— Abstract— Security management in Information Technology Infrastructure Library (ITIL) is a number of Key process Indicators (KPIs) that are unclear. In this paper, we propose to create a new framework for mapping ITIL security KPIs to related KPIs in Information Security Management Management System (ISMS). For this mapping is utilized from fuzzy algorithm as named fuzzy Analytic Hierarchy Process (fuzzy AHP). This algorithm obtains the priority of ISMS KPIs that i s related to ITIL security management KPIs. With this algorithm the Prioritization in the ISMS KPIs will be possible. The most advantage of this method is creating the collaborative platform between ITIL and ISMS KPIs. Other benefit of this methodology is improving the security in the enterprises that implement ITIL. With this approach, enterprises managers will be able to decide accurately in apply ISMS KPIs in ITIL implementation. Index Terms— Terms— Fuzzy AHP, ISMS, ITIL, KPIs.
—————————— ——————————
1. INTRODUCTION
D
ue to enhanced focus on the customer in the planning, development and delivery of information services, IT service management has become increasingly important. These days IT management is focusing particularly on the de facto standard ITIL (IT Infrastructure Library) for implementing IT service management [1]. Unfortunately, the most of enterprises managers think that they must get ISO 27000 standard (ISMS) into their organization to implement security indicators directly; but they don’t know that can utilize ISMS KPIs beside ITIL framework, because ITIL in security management scope have several KPIs. But these KPIs are not clear and they are described ambiguously. This article suggest a new methodology for persuade the managers to apply ISMS KPIs in the ITIL implementation. Because the enterprises managers have some limitations in understanding the meaning of each security KPI in ITIL, our method help managers to decide for mapping each ITIL security KPI to one or more KPIs in ISMS accurately and correctly. A few researches have been done in creating collaborative platform between ITIL and ISMS. For example, Jim Clinch in his research considered ITIL KPIs and ISMS KPIs and mapping all ITIL KPIs to ISMS generally [2]. James Doss also considered approaches to integrating other Frameworks and
Methodologies Complementary to ITIL [3]. All of these researches did their ideas in mapping ITIL KPIs to ISMS ambiguously and without any clarity in implementation. We propose a new method that is based on a fuzzy algorithm (in decision) that enables the managers to have accurate decision to mapping each security KPI in ITIL into one or more KPIs in ISMS.
2. ITIL FRAMEWORK ITIL (IT Infrastructure Library) provides a framework of Best Practice guidance for IT Service Management and since its creation, ITIL has grown to become the most widely accepted approach to IT Service Management in the world.
———————————————— —————————————— ——
Department of Computer Engineering, Islamic Azad University, Arak Branch, Arak, Iran. Department of Computer Engineering, Islamic Azad University, Zanjan Branch, Zanjan, Iran. Department of Computer Engineering, Islamic Azad University, Tehran Center, Tehran, Iran. Department of Computer Engineering, Ayatollah Boroujerdi University, Boroujerd, Iran.
Figure 1. ITIL Life Cycle[5]
Guide describes the key principles of IT Service Management and provides a high-level overview of each of the core publications within ITIL [4]: Service Strategy Service Design Service Transition
© 2012 Journal of Computing Press, NY, NY, USA, ISSN 2151-9617 http://sites.google.com/site/journalofcomputing/
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 3, MARCH 2012, ISSN 2151-9617 https://sites.google.com/sit https://sites.google.com/site/journalofcomputing e/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
Service Operation Continual Service Improvement 2.1 Service Strategy The Service strategy volume provides guidance on how to design, develop, and implement service management not only as an organizational capability but also as a strategic asset [6]. 2.2 Service Design The Service Design publication provides guidance for the design and development of services and Service Management processes [7]. 2.3 Service Transition The Service Transition publication provides guidance for the development and improvement of capabilities for transitioning new and changed services into operations [ 8]. 2.4 Service Operation This volume embodies practices in the management of Service Operations. It includes guidance on achieving effectiveness and efficiency in the delivery and support of services so as to ensure value for the customer and the service provider [9]. 2.5 Continual Service Improvement This volume provides instrumental guidance in creating and maintaining value for customers through better design, introduction and operation of services [10]. 2.6. Information Security Management KPIs in ITIL In this section we consider the security KPIs in ITIL. These KPIs show in below [7]:
An overview of the ISMS family of standards; An introduction to information security management systems (ISMS); A brief description of the Plan-Do-Check-Act (PDCA) process; and An understanding of terms and definitions in use throughout the ISMS family of standards. And… The ISMS is divided from eleven general scopes as below:
The production, maintenance, distribution and enforcement of an Information Security Policy and supporting secur ity policies Understanding the agreed current and future security requirements of the business and the existing Business Security Policy and plans Implementation of a set of security controls that support the Information Security Policy and manage risks associated with access to services, information and systems Documentation of all security controls, together with the operation and maintenance of the controls and their associated risks Management of suppliers and contracts regarding access to systems and services, in conjunction with Supplier Management Management of all security breaches and incidents associated with all systems and services The proactive improvement of security controls, and security risk management and the reduction of security risks Integration of security aspects within all other IT SM processes.
2
Table 1. ISMS Scope
Security Policy Organization of Information Security Asset Management Human Resource Security Physical & Environmental Security Communications & Operations Management Access Controls Information System Acquisition, Development and Maintenance Information Security Incident Management Business Continuity Management Compliance
4. FUZZY AHP Fuzzy set, in decision making problem, is the most important in the usage of comparison with classic set theory [12]. In fact, the theory of fuzzy decision making efforts to model the ambiguity that is exists in decision making problem. AHP was proposed by Saaty in 1980 [13]. It is a multi criteria decision making method for unstructured problems. It is an approach that uses a hierarchical model having levels of goal, criteria, possible sub-criteria, and alternatives. The AHP divides the decision problem into the following main steps [14]: 1. Problem structuring; 2. Assessment of local priorities; 3. Calculation of global priorities; Generally, the fuzzy AHP is divided to four steps. These steps are showing in Figure2.
3. ISMS ISO/IEC 27000:2009 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of standards, and defines related terms. As a result of implementing ISO/IEC 27000:2009, all types of organization (e.g. commercial enterprises, government agencies and nonprofit organizations) are expected to obtain [11]:
© 2012 Journal of Computing Press, NY, NY, USA, ISSN 2151-9617 http://sites.google.com/site/journalofcomputing/
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 3, MARCH 2012, ISSN 2151-9617 https://sites.google.com/sit https://sites.google.com/site/journalofcomputing e/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
4.2 The explanation of Step2 In this step is determined the pair wise comparison matrix in based on the idea of decision maker. This work is done for each level of component toward the upper level in separate matrixes that can be can be seen below: seen below: Creating pair wise comparison matrix for each alternative toward each criteria. Creating pair wise comparison matrix for each criteria toward goal. Each of elements in pairwise comparison matrix is shown with the name of that determine the relative importance of element “i” toward element “j”. The values of is calculated from below table that these values are Triangular fuzzy numbers.
,
Figure 2. Fuzzy AHP Requirements and Results
As you can see in above figure, the fuzzy AHP is divided in four steps. In step1 is created hierarchical structure for problems. In step2we obtain pair wise comparison matrixes. In step3 the Relative Weights of the elements is estimated. To calculating step3 must use of Chang’s fuzzy extent analysis [15]. Finally in last step the relative Weights for priority of alternatives is aggregated. In below sub section, above steps will be considered accurately.
4.1 The Explanation of Step1 In this step, for better for better understanding an AHP problem, in the first, is required to determine the different levels of problem and the relation between relation between the components in each level with upper level graphically. Below figure shows the schema of hierarchical structure of problem in first step in fuzzy AHP.
,
Table 2. Similar fuzzy numbers with preference in the paired comparisons [16] Statement Absolutely Stronger Very Stronger Stronger Low Approximately Equal Exactly Equal
Triangular fuzzy number
, , ) ( , , ) ( , , ) (, , ) ( , , ) (
(
, ,
)
All of the elements on original diameter in pair wise comparison matrix are (1,1,1) then Mji = = =( )
Mij Lij,Mij,Uij , ,
Two examples of pair wise comparison matrix are below: are below:
Figure 2. Hierarchical structure of Problems As it can be seen in above figure, hierarchical structure is divided in three levels. This diagram shows the graphical schema of problem. Figure 3. An example of pair wise comparison matrix
© 2012 Journal of Computing Press, NY, NY, USA, ISSN 2151-9617 http://sites.google.com/site/journalofcomputing/
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 3, MARCH 2012, ISSN 2151-9617 https://sites.google.com/sit https://sites.google.com/site/journalofcomputing e/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
, 1 i f 1 d , ifotherwi se
If
= (li, mi, ui) and = (lk, mk, uk) then Degree priority on is calculated as follows: V( ) =SUP (min ) that for Triangular fuzzy numbers as follows:
(Alternative toward Criteria)
V(
) =
Figure 5.Intersection Point Between Figure 4. An example of pair wise comparison matrix (Criteria toward goal)
and
1, … , … , , , , , 1 , … , , , , ,…, 1,2 , 3 , 4 , 5 , . . . . . ., ́ , ,…, ́ ,…, , ,…, Si M M ⊗ M M ∑ M ∑ ,∑, ∑⊕ , ∑ ⊕…, ́ ⊕, ́ 1 1 1 M , , n ∑ ∑ ∑ ́ ́ SI , ́ , ́ ⊗ ∑ ́ , ∑ ́ , ∑
As can be can be seen in Figure5, d is the largest intersection point between and .
4.3 The Explanation of Step3
For applying the process, according to the method of Chang’s extent analysis [15], each criterion is taken and extent analysis for each criterion, ; is performed respectively. Therefore, m extent analysis values for each criterion can be can be obtained by obtained by using following notation.
is the goal set (i = 1, 2, 3, 4, 5, … ,n) and all the are Triangular Fuzzy Numbers (TFNs).
The steps of Chang’s analysis can be given as in the following: Substep1: The fuzzy synthetic extent value with respect to the ith criterion is defined.
AND IF
= (LIJ , MIJ , UIJ ) THEN
(LI1, MI1, UI1) UIM)=(
THEREFORE:
(
Substep3: The degree of conceivability for a convex fuzzy number to be greater than k convex fuzzy numbers is defined as follows: V(S )=V((S ),(S ),…,(S ))=minV(S ) ) for (k=1,2,…,n k ) Then the if ( )= minV( weight vector is given:
=(
)
Substep4: Via normalization vector, the normalized weight vectors are given [17]: W=( )
4.4 The Explanation of Step4 In last step we must calculate the final weights of alternatives that are determined by the combination of weights. These weights were obtained of the previous step.
5. PROPOSED APPROACH
(LI2, MI2, UI2) )=(
(LIM , MIM , )
)
=(LI ,
UI )
[17]
Substep2: The degree of conceivability of
MI ,
As we explained the ITIL framework and ISMS in above sections, ITIL is a standard framework to manage IT services in enterprises. In the other hand, ISMS have viewpoints in the security problems in enterprises. Unfortunately, some of managers think that the implementation of ISMS in their enterprises is sufficient without the ITIL implementation. While ISMS only have viewpoints, we can use from ISMS KPIs in the implementation of ITIL security KPIs. These two standards together can be can be sufficient and help to management of implement all IT services in enterprise.
on
© 2012 Journal of Computing Press, NY, NY, USA, ISSN 2151-9617 http://sites.google.com/site/journalofcomputing/
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 3, MARCH 2012, ISSN 2151-9617 https://sites.google.com/sit https://sites.google.com/site/journalofcomputing e/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
We propose to determine the number of ISMS KPIs that are equivalent to each ITIL security KPI and we place them to different categories in based on each ITIL security KPI. Each category is entered in fuzzy AHP technique as alternatives. Then, the preferred amount of alternatives and effective factors (criteria) is determined by manager’s viewpoints and fuzzy table. Finally, the KPIs that exist in each category are ranking. These priorities must be calculated for each category.We explain suggested methodology in under sections. In section 5.1 the election of ISMS KPIs is considered. In section 5.2.1 the creating of hierarchical structure is obtained. In section 5.2.2 pair wise comparison matrix is calculated. In section 5.2.3 the relative weight of criteria and alternatives is calculated and finally in the last section the priority of ISMS KPIs in each ITIL security KPI is estimated.
5.1. The Election of ISMS KPIs In this section, we consider the ISMS KPIs that are equivalent with each ITIL security KPI. However, the obtain all of related KPIs is a lot. So, we find a number of these dependencies in one the ITIL security KPI. Table3 show an example of this mapping.
Finally alternatives are completed by ISMS KPIs that is obtained from above section. Further explanation is that effective factors are obtained by obtained by interview with managers. Now, we consider a real example. Because the ISMS KPIs in each category are a lot, we assume that exist below exist below mapping. So, we create hierarchical structure for these KPIs only in one category. Table able 4. A sample real Example of Mapping ITIL KPI to ISMS in a category ITIL Security KPI ITIL_KPI (The production, maintenance, distribution and enforcement of an Information Security Policy and supporting security policies)
Table 3. An Example of Mapping ITIL KPI to ISMS KPIs ITIL KPI The production, maintenance, distribution and enforcement of an Information Security Policy and supporting security policies
ISMS KPIs [18] 1. Establish a comprehensive information security policy. 2. Make sure that your information security policy provides clear direction for your information security program. 3. Make sure that your information security policy shows that your management is committed committed to information security. 4. Make sure that your management supports your organization’s information security policy.
ISMS KPIs [18] KPI_1 (Establish a comprehensive information security policy) KPI_2 (Make sure that your information security policy provides clear direction for your information security program) KPI_3 (Make sure that your information security policy shows that your management is committed to information security)
Figure 7 shows the hierarchical structure for above KPIs. For clear explanation, we use abbreviation form of above KPIs.
…
5.2.Use of Fuzzy AHP Fuzzy AHP process is explained in below in below subsections:
5.2.1 . Creating Hierarchical Structure After finding the ISMS KPIs in last section, we must create a hierarchical structure of each category.The goal level is the priority of ISMS KPIs in each category. Also, Criteria level is filled by effective factors on ISMS KPIs in each category.
Figure 6. Creating Hierarchical Structure 5.2.2. Creating Pair wise Comparison Matrix
For doing this step, we must create four matrixes that is shown in below figures. Matrixes values are determined by table2 and interview with managers.
© 2012 Journal of Computing Press, NY, NY, USA, ISSN 2151-9617 http://sites.google.com/site/journalofcomputing/
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 3, MARCH 2012, ISSN 2151-9617 https://sites.google.com/sit https://sites.google.com/site/journalofcomputing e/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
Matrix2: The KPIs Pair wise Comparison Matrix according to Stability
Matrix1: The KPIs Pair wise Comparison Matrix according to Cost
Matrix3: The KPIs Pair wise Comparison Matrix according to Risk Management
Matrix4: The Criteria’s Pair wise Comparison Matrix according to goal
Figure 7. The Matrix of Pair wise Comparison (Alternatives and Criteria) 5.2.3. Calculating the Relative Weight of Criteria and Alternatives
we must obtain relative weight by Chang method. Because the calculating are more, we obtain the relative weights between KPI_1, KPI_2, KPI_3 and cost criteria exactly and then other weights also will will be be calculated. Relative Weights of Matrix1: =(1,1,1) (1/5,2,2/5) (2,5/2,3) =(3.2,5.5,4.4) (5/2, 1/2, 5) (1, 1, 1) (1/2, 1, 3/2) = (4, 2.5, 7.5)
∑∑ MM ⊕ ⊕ ⊕ ⊕ ∑ M ∑ ∑ M ⊕ ⊕⊕1,1,1 ⊕ ∑ ∑ M . . , . =(1/3,2/5,1/2) ( 2/3,1,2) (3.2,5.5,4.4)
=(1.9,2.4,3.5)
(4,2.5,7.5)
(1.9,2.4,3.5) =
(9.1,10.4,15.4)
=(
,
according
to
risk
according
to
risk
according
to
risk
Relative Weights of Matrix4: The relative weight for criteria of cost toward goal (S1) = (0.342, 0.528, 0.078) The relative weight of stability’s criteria according to goal(S2)=(0.136,0.230,0.360) The relative weight of risk management’s criteria according to goal(S3)=(0.152,0.240,0.432) 5.2.4. Calculating the conceivability degree According to formulas that were explained in section 4.4, the conceivability degrees of Matrixes are like these:
.. ....
The conceivability degree of Matrix1: V( )=1 V( )= =0.352
V( V(
)=1 )=1
V( V(
)=0.652 )=0.925
The conceivability degree of Matrix2: V( )=0.873 V( )=1 V( V( )=0.819 V( )=1 V(
)=1 )=0.603
The conceivability degree of Matrix3: V( )=1 V( )=1 V( V( )=1 V( )=1 V(
) = (0.065, 0.096, 0.110)
The relative weight of KPI_1 according to cost (S1) = (0.208, 0.528, 0.484) The relative weight of KPI_2 according to cost (S2) = (0.26, 0.24, 0.825) The relative weight of KPI_3 according to cost (S3) =(0.123, 0.230, 0.385)
Relative Weights of Matrix3: The relative weight of KPI_1 management(S1)=(0.342,0.528,0.572) The relative weight of KPI_2 management(S2)=(0.144,0.24,0.272) The relative weight of KPI_3 management(S3)=(0.144,0.230,0.308)
The conceivability degree of Matrix4: V( )=1 V( )=0.056 V( )=0.238 V( )=0.954
V( V(
)=1 )=0.942
)=1 )=1
5.2.5. Calculating the conceivability degree for a convex fuzzy numbers
The conceivability degree for convex fuzzy numbers in Matrix1:
Relative Weights of Matrix2:
The relative weight of KPI_1 according to stability(S1) =(0.172,0.327,0.596) The relative weight of KPI_2 according to stability(S2)=(0.223,0.381,0.745) The relative weight of KPI_3 according to stability(S3)=(0.180,0.283,0.372)
,, ,
V( )=min(V( ),V( ))=min(1,1)=1 V( )=min(V( ),V( ))=min(0.352,1)=0.352 V( )=min(V( ),V( ))=min(0.652 ,0.925)=0.652 Then, is calculated from three above lines. So, =(1,0.352,0.652) ′
′
© 2012 Journal of Computing Press, NY, NY, USA, ISSN 2151-9617 http://sites.google.com/site/journalofcomputing/
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 3, MARCH 2012, ISSN 2151-9617 https://sites.google.com/sit https://sites.google.com/site/journalofcomputing e/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
́
The conceivability degree for convex fuzzy numbers in Matrix2: V( )=min(V( ), V( ))=min(0.873,1)=0.873 V( )=min(V( ),V( ))=min(1,1)=1 V( )=min(V( ),V( ))=min(0.819 ,0.603)=0.603 So, =(0.873,1,0.603)
, ,, ,, ,
normalization vector for matrix4: W= (0.556, 0.031, 0.132)
5.2.7. Calculate the final weight of KPIs Finally, the calculated weights in above sections are shown in hierarchical structure.
The conceivability degree for convex fuzzy numbers in Matrix3: V( )=min(V( ), V( ))=min(1,1)=1 V( )=min(V( ), V( ))=min(1,1)=1 V( )=min(V( ), V( ))=min(1,0.942)=0.942 So, =(1,1,0.942)
Figure 8. Showing the weights in hierarchical structure
The conceivability degree for convex fuzzy numbers in Matrix4:
,, , ́ V( )=min(V( ), V( V( )=min(V( ), V( ))=min(0.056,0.954)=0.056 V( )=min(V( ), V( ))=min(0.238,1)=0.238 So,
))=min(1,1)=1
=(1,0.056,0.238)
5.2.6. The Normalization vector If the weight vector is defined as below: as below: =( , , ,… ) that =minV ( ) k=1,…,n ,k k=1,…,n ,k i Then, the Normalized vector w is calculated of the below the below formula [19]:
,, … , ∑ ,…,, ́ . → .. ... .. W=
Normalization = (1, 0.352, 0.652)
vector for matrix1: = =0.499
=
=0.175
=
=0.325
Then, the normal vector of W’ is obtained from above lines. So, W= (0.499, 0.175, 0.325)
́ ́
normalization vector for matrix2: W= (0.352, 0.403, 0.243)
normalization vector for matrix3: W= (0.339, 0.339, 0.320)
The final KPIs weights are obtained of combination of the weights that were showed in figure9. So, the final weights of KPIs are:
The final weight of KPI_1 is: (0.499*0.556)+ (0.352*0.031)+(0.339*0.132)=0.331 The final weight of KPI_2 is: (0.175*0.556)+ (0.403*0.031)+(0.339*0.132)=0.153
The final weight of KPI_3 is: (0.325*0.556)+ (0.243*0.031)+(0.320*0.132)=0.229 Thus, the priority of ISMS KPIs is as below: as below:
KPI_1>KPI_3>KPI_2 As can be seen, our methodology able to prioritize the ISMS KPIs that is need to implement ITIL security KPIs according to the idea of managers. The determined priority in above show the priority of KPI_1 in the enterprise is more than KPI_3 in implementation. Also the priority of KPI_3 is more than KPI_2 in implementation. So, the manager is able to elect more important KPIs and implementing them.
5.3.The advantage of Proposed Approach We consider the advantages of suggested methodology. The most advantages of proposed approach are as below: as below: Creating collaborative platform between platform between ITIL and ISMS. Establishing better information security by implementation ISMS in ITIL. Managers can decide better in implementing information security scope in enterprise. Creating clear views in ITIL security KPIs.
© 2012 Journal of Computing Press, NY, NY, USA, ISSN 2151-9617 http://sites.google.com/site/journalofcomputing/
JOURNAL OF COMPUTING, VOLUME 4, ISSUE 3, MARCH 2012, ISSN 2151-9617 https://sites.google.com/sit https://sites.google.com/site/journalofcomputing e/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG
The ability of giving rate as quantitative values, on ISMS KPIs.and…
6. Conclusion In this paper, we proposed a new methodology to create a new framework for mapping ITIL security KPIs that is related to KPIs in Information Security Management System (ISMS). We applied fuzzy algorithm to obtain the priority of ISMS KPIs that is related to ITIL security management KPIs. The advantage of this method was creating the collaborative platform between ITIL and ISMS KPIs and improving the security in the enterprises that implement ITIL. With this approach, managers able to decide in apply ISMS KPIs in ITIL implementation.
References [1]
[2] [3] [4] [5] [6]
Hochstein, A.; Zarnekow, R.; Brenner, W.: ITIL as common practice reference model for IT service management: formal assessment and implications for practice. In Proceedings of the e-Technology, eCommerce and e-Service, 2005. EEE '05. Proceedings. The 2005 IEEE International Conference, Gallen, Switzerland, 704 - 710. (2005) Jim Clinch: ITIL V3 and Information Security. Best Management Practice website managed and published by TSO in conjunction with the Cabinet Office (part of HM Government) and APMG , White Paper. (2009) James Doss, Integrating other Frameworks and Methodologies Complementary to ITIL, TSO information & publishing solutions, White Paper. (2010) An Introductory Overview of ITIL® V3, itSMF, The IT Service Management Forum, published in the UK by the IT Service Management Forum Limited, ISBN 0-9551245-8-1. http://www. pmtrainingonline.com, last visited on 2012. ITIL Version 3 Service Strategy, Crown copyright 2007 Produced under license from OGC. (2007)
[7]
ITIL Version 3 Service Design, Crown copyright 2007 Produced under license from OGC. (2007) [8] ITIL Version 3 Service Transition, Crown copyright 2007 Produced under license from OGC. (2007) [9] ITIL Version 3 Service Operation, Crown copyright 2007 Produced under license from OGC. (2007) [10] ITIL Version 3 Service Operation, Crown copyright 2007 Produced under license from OGC. (2007) [11] http://www.iso.org [12] Zadeh, L.A.. "Fuzzy sets", Information and Control 8 (3): 338–353. (1965) [13] Saaty, T.L. The Analytic Hierarchy Process, New York: McGraw Hill. International, Translated to Russian, Portuguese, and Chinese, Revised editions, Paperback (1996, 2000), Pittsburgh: RWS Publications. (1980) [14] T.L. Saaty, Multicriteria decision making: The analytic hierarchy process, RWS Publications, Pittsburgh PA. (1988) [15] Chang, D. Y., “Extent Analysis and Synthetic Decision”, Optimization Techniques and Applications, World Scientific, Singapore, 1, 352. (1992) [16] Nüfer Yasin Ateş, Sezi Çevik, Cengiz Kahraman, Murat Gülbay and S. Ayça Erdoğan, "Multi Attribute Performance Evaluation Using a Hierarchical Fuzzy TOPSIS Method ", Istanbol Technical University, Department of Industrial Engineering 34367 Macja Istanbul, Turkey. (2006) [17] Aşk ın ÖZDAĞOĞLU, Güzin ÖZDAĞOĞLU, "COMPARISON OF AHP AND FUZZY AHP FOR THE MULTICRITERIA DECISION MAKING PROCESSES WITH LINGUISTIC EVALUATIONS", İstanbul Ticaret Üniversitesi Fen Bilimleri Dergisi Yıl: 6 Sayı:11Bahar 2007/1 s. 65-85. (2007) [18] PRAXIOM RESEARCH GROUP LIMITED, 9619 - 100A Street, Edmonton, Alberta, T5K 0V7, Canada, http://www.praxiom.com. [19] M.H. Vahidniaa, A. Alesheikhb, A. Alimohammadic, A. Bassirid, FUZZY ANALYTICAL HIERARCHY PROCESS IN GIS APPLICATION, The International Archives of the Photogrammetry, Remote Sensing and Spatial Information Sciences. Vol. XXXVII. (2008)
© 2012 Journal of Computing Press, NY, NY, USA, ISSN 2151-9617 http://sites.google.com/site/journalofcomputing/