| 等级保护风险评估模型研究 |
| |
| 引用本文: | 赵云,顾健. 等级保护风险评估模型研究[J]. 信息安全与技术, 2014, 0(3): 14-18 |
| |
| 作者姓名: | 赵云 顾健 |
| |
| 作者单位: | 公安部第三研究所检测中心,上海200031 |
| |
| 基金项目: | 适用于重要信息系统的产品安全性检验平台项目(编号:C13383)支持 |
| |
| 摘 要: | 文章针对信息系统风险评估易受主观因素的影响,存在模糊性和不确定性等问题,提出了一个新的风险评估模型。通过建立基于等级保护的层次化评估体系,并运用基于层次分析法的评估方法处理评估中存在的模糊值,最终量化评估结果。实证结果表明,该模型能够减小风险评估中的模糊性和不确定性,可以较好地解决信息系统风险评估的实际困难和问题。
|
| 关 键 词: | 信息安全 等级保护 风险评估 层次分析法 |
Level Protection Risk Assessment Model for Research |
| |
| Affiliation: | Zhao Yun (The Third Research Institute of Ministry of Public Security Shanghai 200031) |
| |
| Abstract: | This article in view of the information system risk assessment are susceptible to the influence of subjective factors, some problems such as vagueness and uncertainty, a new risk assessment model is put forward. By establishing hierarchical evaluation system based on the level of protection, and using the evaluation method based on analytic hierarchy process (AHP) that exist in the process evaluation fuzzy value, finally quantitative evaluation results. The empirical results show that the model can reduce the fuzziness and uncertainty in risk assessment can better solve practical difficulties and problems of information system risk assessment. |
| |
| Keywords: | information security grade protection risk evaluation analytic hierarchy process |
| 本文献已被 CNKI 维普 等数据库收录! |
|
