| 基于改进灰色关联度的风险评估方法 |
| |
| 引用本文: | 罗东梅,秦水介.基于改进灰色关联度的风险评估方法[J].计算机工程与设计,2011,32(6):1922-1925,1974. |
| |
| 作者姓名: | 罗东梅 秦水介 |
| |
| 作者单位: | 贵州大学贵州省光电子技术及应用重点实验室,贵州贵阳,550025 |
| |
| 基金项目: | 国家自然科学基金项目,贵州省工业攻关计划基金项目,贵州省优秀科技教育人才省长专项基金项目(黔省专合字 |
| |
| 摘 要: | 为解决信息系统风险评估中资产、威胁、脆弱之间的复杂和不确定性关系,提出一种基于资产的改进灰色关联度的风险评估方法。该方法以资产为核心,以关联资产为基础识别、量化威胁-脆弱性对,再运用结合相容矩阵法计算权重的改进算法对信息系统进行风险分析。对某税务局网站系统的实际应用结果表明,该方法能直观、有效地评估系统,评估结果与实际符合程度较高,为决策和实施保障信息系统的安全措施提供可靠的依据。
|
| 关 键 词: | 风险评估 灰色关联度 关联资产 威胁-脆弱性对 相容矩阵 |
Risk assessment method based on improved gray correlation degree |
| |
| LUO Dong-mei,QIN Shui-jie.Risk assessment method based on improved gray correlation degree[J].Computer Engineering and Design,2011,32(6):1922-1925,1974. |
| |
| Authors: | LUO Dong-mei QIN Shui-jie |
| |
| Affiliation: | LUO Dong-mei,QIN Shui-jie(Guizhou Province Key Laboratory for Optoelectronic Technology and Application,Guizhou University,Guiyang 550025,China) |
| |
| Abstract: | To deal with the complexity and uncertainty among assets,threat and vulnerability of the information system,an risk assessment method based on the assests with improved gray correlation degree is proposed.With assets as core,threat-the vulnerability is identified and quantified based on the aeeet-related.Finally,the risk of information system is analyzed using the improved method,which included of compatibility matrix to calculate weight.The practical application on a certain web system of Tax Guizhou Provi... |
| |
| Keywords: | risk assessment gray correlation degree aeeet-related threat-the vulnerability compatibility matrix |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
