| 信息化建设中的信息安全风险评估 |
| |
| 引用本文: | 赵英杰,李鹏辉,张升波,杨贺,朱继锋.信息化建设中的信息安全风险评估[J].信息安全与通信保密,2011(4):67-69,73. |
| |
| 作者姓名: | 赵英杰 李鹏辉 张升波 杨贺 朱继锋 |
| |
| 作者单位: | 1. 中国航天科工运载技术研究院,北京,102308
2. 国防科工局信息中心,北京,100081 |
| |
| 摘 要: | 风险评估是发现薄弱环节的基本方法,不仅需在系统建设之前进行,更要贯彻在信息系统从设计到运行乃至到报废的整个生命周期之中。信息安全风险评估是建立信息安全体系的基础,是信息系统安全工程的一个关键组成部分。分析了国内外信息安全风险评估的现状,包括相关的评估标准体系、评估方法和评估过程,针对中国信息安全发展现状,探讨了目前信息安全风险评估工作中急需解决的问题。
|
| 关 键 词: | 信息安全 风险评估 脆弱性 威胁 |
Information Security Risk Assessment in Building Information System |
| |
| ZHAO Ying-jie,LI Peng-hui,ZHANG Sheng-bo,YANG He,ZHU Ji-feng.Information Security Risk Assessment in Building Information System[J].China Information Security,2011(4):67-69,73. |
| |
| Authors: | ZHAO Ying-jie LI Peng-hui ZHANG Sheng-bo YANG He ZHU Ji-feng |
| |
| Affiliation: | ZHAO Ying-jie1,LI Peng-hui2,ZHANG Sheng-bo1,YANG He1,ZHU Ji-feng2 (1The 4th Institute of CASIC,Beijing 102308,China,2Information Center of SASTIND,Beijing 100081,China) |
| |
| Abstract: | Risk assessment, the basic method for finding vulnerabilities, should be implemented before the system construction, and even more, in the whole process from its design to its operation and to its reject. The information security risk assessment is the foundation for building information system and the key to information security engineering. This paper analyzes the present situation of information security risk assessment both at home and abroad, including related standard system, methods and processes of ... |
| |
| Keywords: | information security risk assessment vulnerability threat |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
