| 系统安全工程能力成熟模型安全度量研究 |
| |
| 引用本文: | 崔宝灵,张洁,杨昌. 系统安全工程能力成熟模型安全度量研究[J]. 哈尔滨工业大学学报, 2003, 35(3): 293-297 |
| |
| 作者姓名: | 崔宝灵 张洁 杨昌 |
| |
| 作者单位: | 哈尔滨工业大学,管理学院,黑龙江,哈尔滨,150001 |
| |
| 基金项目: | 信息产业部资助项目 (0 2研 3 -0 15 ) |
| |
| 摘 要: | 为解决在应用系统安全工程能力成熟模型(SSE-CMM)过程中如何度量其应用效果的问题,从两个不同的角度讨论了度量SSE-CMM的应用效果的方法。阐述了“过程度量”和“安全度量”的定义和发展,以及如何对它们进行分组和识别。研究结果表明,安全度量是衡量系统安全状态的运行能力、SSE-CMM过程域实施效果的重要工具。
|
| 关 键 词: | 系统安全工程能力成熟模型 过程度量 安全度量 |
| 文章编号: | 0367-6234(2003)03-0293-05 |
| 修稿时间: | 2002-11-14 |
Security metrics for systems security engineering capability maturity model |
| |
| CUI Bao ling,ZHANG Jie,YANG Chang. Security metrics for systems security engineering capability maturity model[J]. Journal of Harbin Institute of Technology, 2003, 35(3): 293-297 |
| |
| Authors: | CUI Bao ling ZHANG Jie YANG Chang |
| |
| Abstract: | A systems security engineering capability maturity model (SSE-CMM) is used to describe the essential characteristics of an organization's security engineering process to ensure good security engineering. A common question posed in using the SSE-CMM is, how to know if these processes will result in a more secure system or operational capability. To answer this question, this paper approaches the question from two different perspectives using metrics as a basis for the answer. The metrics are divided into two kinds: process metrics and security metrics. Then the paper gives the definition and development of metrics and discusses how to group and identify them. Then one conclusion can be drawn: a security metri is an important tool to measure the security status, operational capability of a system and the effects of SSE-CMM process areas. |
| |
| Keywords: | systems security engineering capability maturity model process metrics security metrics |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
