The paper introduces a novel proposal of a security management system destined primarily for application in the field of IT. Its core is formed by a triplet of cooperating knowledge-based (expert) systems, the knowledge bases of which consist of vague If-Then rules. The knowledge bases were created by experts on the problem domain and multiple times tested and verified on actual scenarios and real systems. With the system, a comprehensive methodology that is a part of a more complex approach to a decision making process is introduced. The proposed fuzzy tool is demonstrated on examples and problems from the area of information security. The paper also briefly reviews other used approaches to information security management - mainly qualitative and quantitative methodologies.
Information retrieval in information systems (IS) with large amounts of data is not only a matter of an effective IS architecture and design and technical parameters of computer technology used for operation of the IS, but also of an easy and intuitive orientation in a number of offers and information provided by the IS. Such retrievals in IS are, however, frequently carried out with indeterminate information, which requires other models of orientation in the environment of the IS.