模糊评价在信息系统安全综合评测中的应用

随着我国信息化的快速发展，信息安全变的越来越重要，信息安全等级保护、信息安全风险评估和安全检查作为我国信息安全保障的重要手段和制度越来越被政府和各行各业重视．笔者通过积累多年的信息安全测评经验，以及结合金融行业和国税总局等多个全国联网大系统的风险评估、等级保护测评和安全检查三项整合工作的经验总结，提出在信息系统信息安全三合一整合的综合信息安全测评中采用基于模糊综合评价方法论，进行信息安全的综合评价具有实际的可操作性和指导意义．

Fuzzy Evaluation in the Comprehensive Review of the Information Systems Security

With the rapid development of Chinese information technology, information security becomes more and more important, the information level of security protection, risk assessment and security check as an important means of information security in China. Through the accumulation of years of information security evaluation experience, we combined with the risk assessment of the financial industry and the State Administration of Taxation of the national network system, grade protection evaluation and security check of three integrated work experience presented in the triple integration of information systems Information Security Information Security Evaluation, which operability and guidance based on fuzzy comprehensive evaluation methodology. Then we get fuzzy evaluation information security model.