| 面向安全管理的定量安全评估模型 |
| |
| 引用本文: | 栗志果,曾庆凯. 面向安全管理的定量安全评估模型[J]. 计算机工程, 2008, 34(2): 105-105 |
| |
| 作者姓名: | 栗志果 曾庆凯 |
| |
| 作者单位: | 南京大学计算机软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093;南京大学计算机软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划) , 国家自然科学基金 , 江苏省自然科学基金 |
| |
| 摘 要: | 提出面向安全管理的系统安全评估模型贝叶斯功能网络,采用风险分析方法建立反映安全功能和威胁关系的贝叶斯信念网络,可以对功能组件缺失程度及其对系统安全的影响进行量化评估。实验表明,模型不仅可用于系统的安全评估比较,而且能够指出系统存在的缺陷以便优化和改进。
|
| 关 键 词: | 安全评估 定量安全评估 贝叶斯功能网络 风险分析 |
| 文章编号: | 1000-3428(2008)02-0105-03 |
| 收稿时间: | 2007-02-20 |
| 修稿时间: | 2007-02-20 |
Quantitative Security Evaluation Model for Security Management |
| |
| LI Zhi-guo,ZENG Qing-kai. Quantitative Security Evaluation Model for Security Management[J]. Computer Engineering, 2008, 34(2): 105-105 |
| |
| Authors: | LI Zhi-guo ZENG Qing-kai |
| |
| Affiliation: | (1. State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093;
2. Department of Computer Science and Technology, Nanjing University, Nanjing 210093)
|
| |
| Abstract: | This paper proposes a quantitative security evaluation model, BFN, which reflects the probability relationship between functional components and threats in a system, based on risk analysis approach, By this model it can quantitatively evaluate the deficiency in functional components of a system as well as its impact on the system. The experiments demonstrate that the model can compare different systems in security, and optimize a system by analyzing its weakness. |
| |
| Keywords: | security evaluation quantity security evaluation Bayesian Function Network (BFN) risk analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载免费的PDF全文 |
|
