| 网络安全等级保护测评中测评结论的度量方法优化 |
| |
| 引用本文: | 马力.网络安全等级保护测评中测评结论的度量方法优化[J].信息网络安全,2020(5):1-10. |
| |
| 作者姓名: | 马力 |
| |
| 作者单位: | 公安部信息安全等级保护评估中心 |
| |
| 摘 要: | 文章分析了网络安全等级保护2.0时期国家标准的新变化对等级测评结论可能产生的影响,并用实际案例和数据论述了以往描述的基于测评指标和基于测评对象的定量分析方法存在的局限性。根据网络安全等级保护国家标准结构和内容的新特点,结合新的等级测评结论表述方法,文章提出了调整和优化定量计算产生等级测评结论的思路,给出了缺陷扣分的原理和缺陷扣分的定量计算方法,并比较了各种定量计算方法在计算结果上的差异,提出了适合新标准的测评结论定量计算公式。
|
| 关 键 词: | 等级保护对象 等级保护测评 测评指标 测评对象 |
Optimization of Measurement Methods in the Assessment of Classified Protection of Cybersecurity |
| |
| MA Li.Optimization of Measurement Methods in the Assessment of Classified Protection of Cybersecurity[J].Netinfo Security,2020(5):1-10. |
| |
| Authors: | MA Li |
| |
| Affiliation: | (Information Classified Security Protection Evaluation Center of the Ministry of Public Security,Beijing 100142,China) |
| |
| Abstract: | This paper analyzes the possible impact of the new changes of the national standard in classified protection of cybersecurity in the period of 2.0 on the assessment conclusions,and discusses the limitations of the quantitative analysis methods based on assessment indicators and assessment objects described in the past with actual cases and data,and puts forward the idea of adjusting and optimizing quantitative calculation to produce the assessment conclusions according to the new characteristics of the structure and content of the national standard in classified protection of cybersecurity.The principle of defect deduction and the quantitative calculation method of defect deduction are given,and the difference in the calculation results of various quantitative calculation methods is compared with the example,and the quantitative calculation formula of the assessment conclusion is proposed suitable for the new standard for the reader to analyze and reference. |
| |
| Keywords: | classified protection object classified protection assessment assessment indicators assessment objects |
| 本文献已被 维普 等数据库收录! |
