|
|||||
|
|
| 基于层次结构的信息安全评估模型研究 | |
| 引用本文: | 朱岩,杨永田,张玉清,冯登国.基于层次结构的信息安全评估模型研究[J].计算机工程与应用,2004,40(6):40-43. |
| 作者姓名: | 朱岩 杨永田 张玉清 冯登国 |
| 作者单位: | 1. 哈尔滨工程大学计算机科学与技术学院,哈尔滨,150001;中国科学院国家计算机网络入侵防范中心,北京,100039 2. 哈尔滨工程大学计算机科学与技术学院,哈尔滨,150001 3. 中国科学院国家计算机网络入侵防范中心,北京,100039 |
| 基金项目: | 国家高技术研究发展计划(编号:2002AA142151) |
| 摘 要: | 论文提出了一种包含管理因素在内的模糊风险评估模型。采用了ISO17799国际标准作为风险的分类标准,以多层分析的模糊逻辑为模型,同时考虑到安全因素间的相互影响,引入了关系矩阵,实现了安全评估综合决策。通过使用三层结构将复杂关系分解为由局部简单关系构成的递增层次结构关系,同时,考虑到评判打分的主观性,制定了七种评判准则及其到评判集元素间的映射关系,增加了评判的客观性。总之,所提出的模糊风险评估模型是有效而实用的。 |
| 关 键 词: | 模糊模型 风险评估 关系矩阵 层级结构 评估准则 |
| 文章编号: | 1002-8331-(2004)06-0040-04 |
Research on Information Security Evaluation Model Based on Hierarchy Structure |
|
| Zhu Yan , Yang Yongtian Zhang Yuqing Feng Dengguo.Research on Information Security Evaluation Model Based on Hierarchy Structure[J].Computer Engineering and Applications,2004,40(6):40-43. | |
| Authors: | Zhu Yan Yang Yongtian Zhang Yuqing Feng Dengguo |
| Affiliation: | Zhu Yan 1,2 Yang Yongtian 1 Zhang Yuqing 2 Feng Dengguo 21 |
| Abstract: | A fuzzy comprehensive evaluation model involved management factors is proposed in this paper.The model takes international standard ISO17799as classification rules for risk evaluation,and use hierarchy analytics fuzzy logic in model.Moreover,considering inter-relationships among security elements,relationship matrix is introduced to achieve security evaluation intelligent decision.The model uses3layer structures to decompose complexity relationship into local simple relationships,and then constitutes an increase hierarchy relationship.Furthermore,considering subjectivity of securi-ty grade,7evaluation criterions and mapping relationship between evaluating elements are considered,which increase e-valuation objectivity.In conclusion,the proposed fuzzy risk evaluation model presented in this paper is effective and prac-ticable. |
| Keywords: | Fuzzy model security evaluation elation matrix hierarchy structure evaluation criterion |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |