| 一种基于公开交易的漏洞管理机制 |
| |
| 引用本文: | 熊琦,易锦,刘晖,刘林.一种基于公开交易的漏洞管理机制[J].武汉理工大学学报(信息与管理工程版),2011,33(6):855-858. |
| |
| 作者姓名: | 熊琦 易锦 刘晖 刘林 |
| |
| 作者单位: | 中国信息安全测评中心信息资源处,北京,100085 |
| |
| 基金项目: | 国家自然科学基金重大研究计划资助项目 |
| |
| 摘 要: | 针对漏洞管理机制的复杂性,在对现有漏洞管理体制进行多层次、多角度分析的基础上,提出了一种基于公开交易的漏洞管理机制的设想,对其交易流程进行了阐述,并使用PEST-SWOT方法对其进行风险分析,综合考虑了政治、经济、社会和技术等因素,比较分析了机制的优势、劣势、机遇和挑战,提出了一系列业务战略,给出了规避风险,提高其可用性的具体措施。
|
| 关 键 词: | 安全漏洞 漏洞交易 漏洞验证 PEST-SWOT 风险管理 |
Vulnerability Management Mechanism Based on Public Trading and Risk Analysis |
| |
| XIONG Qi,YI Jin,LIU Hui,LIU Lin.Vulnerability Management Mechanism Based on Public Trading and Risk Analysis[J].Journal of Wuhan University of Technology(Information & Management Engineering),2011,33(6):855-858. |
| |
| Authors: | XIONG Qi YI Jin LIU Hui LIU Lin |
| |
| Affiliation: | XIONG Qi,YI Jin,LIU Hui,LIU Lin Doctor,China Information Technology Evaluation Center,Beijing 100085,China. |
| |
| Abstract: | Managing vulnerability is a complex process.After current vulnerability management mechanism was analyzed in detail from different aspects,a public vulnerability trading mechanism was proposed,and the workflow of vulnerability trade was described.PEST-SWOT was introduced to analyze the risk of this mechanism,and factors including politics,economics,society,technology were taken into account.Strength,weakness,opportunities and threads were comparatively analyzed.A series of business strategies were proposed ... |
| |
| Keywords: | security vulnerability vulnerability trading vulnerability verify PEST-SWOT risk management |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
