| 信息安全风险评估的数值分析法初探 |
| |
| 引用本文: | 岳宇,岳珊珊.信息安全风险评估的数值分析法初探[J].计算机工程与设计,2006,27(3):404-406,410. |
| |
| 作者姓名: | 岳宇 岳珊珊 |
| |
| 作者单位: | 北京航空航天大学,北京,100083;北京中科网威信息技术有限公司,北京,100083 |
| |
| 摘 要: | 介绍了一种对信息安全风险的数值分析方法,包括对资产价值的评估、对威胁和薄弱点评估以及最终的风险计算和函数拟合方法。通过这种方法,可以在传统方法的基础上,定量地计算出不同信息资产的风险程度,以供安全方案的设计和投资指导之用。
|
| 关 键 词: | 信息资产 风险评估 威胁 薄弱点 风险值 |
| 文章编号: | 1000-7024(2006)03-0404-03 |
| 收稿时间: | 2004-12-28 |
| 修稿时间: | 2004-12-28 |
Method based on numerical analysis for information security assessment |
| |
| YUE Yu,YUE Shan-shan.Method based on numerical analysis for information security assessment[J].Computer Engineering and Design,2006,27(3):404-406,410. |
| |
| Authors: | YUE Yu YUE Shan-shan |
| |
| Affiliation: | 1. Beijing University of Aeronautics and Astronautics, Beijing 100083, China; 2. Beijing Netpower Technologies Inc, Beijing 100083, China |
| |
| Abstract: | A method based on numerical analysis theory to asset risks of information security was introduced, involving information assessment, threads, vulnerabilities, risk calculation and function approximation. So by this approach, risks to different information assets could be calculated quantificationally on the base of traditional method. And security solution and investigation could be evaluated accurately. |
| |
| Keywords: | information assets risk assessment thread vulnerability vulnerability |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
