ABSTRACT
The development of a computer security program in any organization must deal with three basic issues. These are: what are the specific security problems of the organization; what mechanisms are available which will provide protection for the computer related assets of the organization; and what degree of security is appropriate for each of the assets of the organization. Both probabilistic methods and fuzzy methods have been applied to different aspects of the computer security problem. The chapter aims to create a version of the risk analysis model which uses fuzzy methods. For the application of the fuzzy model to complex systems, the development of a computer program which takes the conjunction of the possibility distributions would be extremely helpful. The use of the fuzzy expected value and the typical value of a population of possibility distributions algorithm in the fuzzy risk analysis model is just one possible application of these methods to decision making.
