| 一种用于信息安全的信息保障模型 |
| |
| 引用本文: | 陈炜,罗霄峰,罗万伯.一种用于信息安全的信息保障模型[J].四川大学学报(工程科学版),2004,36(4):103-106. |
| |
| 作者姓名: | 陈炜 罗霄峰 罗万伯 |
| |
| 作者单位: | 1. Center for Advanced Research in Biotechnology,Univ.of Maryland Biotechnology Inst.,MD 20850, USA
2. 四川大学,计算机学院,四川,成都610064 |
| |
| 摘 要: | 将一种信息安全(IFOSEC)模型扩展成为一个信息保障(IA)模型,用于指导信息安全研究、工程和教育。新模型包括四维度量:安全目标,信息流状态,安全保障,时间。将信息安全的保护范畴扩大到信息资产,并对可用性、完整性和机密性重新进行了定义,增加了新内涵;采用深度防御概念,在注重技术的同时,突出了人的因素,并强调了安全管理在系统生命期重要作用。时间维的引入,使该模型真正成为动态模型。
|
| 关 键 词: | 信息安全 信息资产 信息保障 信息安全模型 安全管理 |
| 文章编号: | 1009-3087(2004)04-0103-04 |
A Information Assurance Model for Information Security |
| |
| CHEN Wei,LUO Xiao-feng,LUO Wan-bo.A Information Assurance Model for Information Security[J].Journal of Sichuan University (Engineering Science Edition),2004,36(4):103-106. |
| |
| Authors: | CHEN Wei LUO Xiao-feng LUO Wan-bo |
| |
| Affiliation: | CHEN Wei~1,LUO Xiao-feng~2,LUO Wan-bo~2 |
| |
| Abstract: | In this article an information assurance model extended from information security model is proposed. The new model comprises four dimensions: security goal, information stream states, security assurance, and time. The objects to be protected are extended to both information and assets, and the meaning of confidentiality, integrity and availability is augmented by redefining. It is emphasized that both the people and IT security management are critical. It is a really dynamic model which can be used for information security research, engineering and education. |
| |
| Keywords: | information security(INFOSEC) information assets information assurance(IA) information security model security management |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
