CN104243478A - Safety protection capability assessment method and equipment of network equipment - Google Patents

Safety protection capability assessment method and equipment of network equipment Download PDF

Info

Publication number
CN104243478A
CN104243478A CN201410483755.1A CN201410483755A CN104243478A CN 104243478 A CN104243478 A CN 104243478A CN 201410483755 A CN201410483755 A CN 201410483755A CN 104243478 A CN104243478 A CN 104243478A
Authority
CN
China
Prior art keywords
safety
evaluation index
safety evaluation
security protection
judgment matrix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410483755.1A
Other languages
Chinese (zh)
Inventor
赵静宜
贾永华
黑昱冬
戴茵
王卫东
李秀成
汪志
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201410483755.1A priority Critical patent/CN104243478A/en
Publication of CN104243478A publication Critical patent/CN104243478A/en
Pending legal-status Critical Current

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a safety protection capability assessment method and equipment of network equipment. Safety evaluation indicators related to the safety protection capability of the network equipment to be tested and safety analysis indicators included in the safety evaluation indicators are obtained, a hierarchical structure used for assessing the safety protection capability is built based on the safety evaluation indicators and the safety analysis indicators, a comprehensive weight vector on the safety protection capability from the safety evaluation indicators and the safety analysis indicators is determined based on the hierarchical structure, the comprehensive weight vector is multiplied by preset membership vectors of safety grades, and the safety protection capability grade of the network equipment is obtained. The safety evaluation indicators related to the safety protection capability of the network equipment are divided into a plurality of dimensionalities, each dimensionality comprises a plurality of safety analysis indicators, the safety protection capability of the network equipment is analyzed quantitatively, and an important basis is provided for determining the influence on the network safety state from the network equipment and stability of bearer services.

Description

The security protection capability assessment method of the network equipment and equipment
Technical field
The present invention relates to the communications field, particularly relate to a kind of security protection capability assessment method and equipment of the network equipment.
Background technology
Along with the extensive use of information technology, human society enters the information age comprehensively.Network as information transmission carrier is the infrastructure of information-intensive society.Day by day universal along with network application, network security problem becomes increasingly conspicuous, and causes the great attention of various circles of society.The network equipment is as the basis of network consisting, the safety of the network equipment must become the key element affecting network security, therefore, the network equipment carries out security protection capability evaluation to be become and builds network, safeguards and the important reference of security evaluation, has great importance to maintaining network safe operation.
At present, the security protection ability of methods of risk assessment to the network equipment that adopt is assessed more, is first network equipment setting at least one risk classifications, then obtains by scanning institute's at-risk data that in this network equipment, often kind of risk classifications is corresponding.Further, by institute's at-risk data corresponding for this risk classifications comprised in scanning result, the security criteria line of the institute at-risk data corresponding with each risk classifications preset for this network equipment contrasts, and is assessed the safety of this network equipment by comparative analysis.This methods of risk assessment belongs to appraisal procedure qualitatively, and the assessment result obtained can have certain limitation, can not react the security protection ability of this network equipment exactly.
Summary of the invention
The invention provides a kind of security protection capability assessment method and equipment of the network equipment, for solving existing appraisal procedure, there is certain limitation, the problem of the security protection ability of this network equipment can not be reacted exactly.
To achieve these goals, the security protection capability assessment method of a kind of network equipment provided by the invention, comprising:
Safety analysis index included under obtaining each safety evaluation index relevant to the security protection ability of network under test equipment and each safety evaluation index;
Safety analysis index included under each safety evaluation index and each safety evaluation index is used to build the recursive hierarchy structure of described security protection ability, wherein said recursive hierarchy structure comprises destination layer, rule layer and solution layer, described destination layer is the decision-making level of described security protection ability, described rule layer comprises all safety evaluation indexs, and described solution layer comprises all safety analysis indexs;
According to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, determine first weight vectors of described rule layer for described destination layer;
According to the relative importance of each safety analysis index relative to this safety evaluation index being under the jurisdiction of same safety evaluation index, determine that in described solution layer, each safety analysis index is to the second weight vectors of be subordinate to safety evaluation index;
Described first weight vectors of described rule layer and all second weight vectors of described solution layer are carried out comprehensively, obtains the comprehensive weight vector of described solution layer to described destination layer;
Described comprehensive weight vector is multiplied with the membership vector of each safe class preset, obtains the security protection ability rating of the described network equipment.
To achieve these goals, the security protection capability evaluation equipment of a kind of network equipment provided by the invention, comprising:
First acquisition module, for obtaining safety analysis index included under each safety evaluation index relevant to the security protection ability of network under test equipment and each safety evaluation index;
Level builds module, for the recursive hierarchy structure using safety analysis index included under each safety evaluation index and each safety evaluation index to build described security protection ability, wherein said recursive hierarchy structure comprises destination layer, rule layer and solution layer, described destination layer is the decision-making level of described security protection ability, described rule layer comprises all safety evaluation indexs, and described solution layer comprises all safety analysis indexs;
First determination module, for according to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, determines first weight vectors of described rule layer for described destination layer;
Second determination module, for according to the relative importance of each safety analysis index relative to this safety evaluation index being under the jurisdiction of same safety evaluation index, determine that in described solution layer, each safety analysis index is to the second weight vectors of be subordinate to safety evaluation index;
Integration module, for being undertaken comprehensively by described first weight vectors of described rule layer and all second weight vectors of described solution layer, obtains the comprehensive weight vector of described solution layer to described destination layer;
Second acquisition module, for being multiplied with the membership vector of each safe class preset by described comprehensive weight vector, obtains the security protection ability rating of the described network equipment.
The security protection capability assessment method of the network equipment provided by the invention and equipment, safety analysis index included under obtaining each safety evaluation index relevant to the security protection ability of network under test equipment and each safety evaluation index, safety analysis index included under each safety evaluation index and each safety evaluation index is used to build the recursive hierarchy structure of described security protection ability, according to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, determine first weight vectors of described rule layer for described destination layer, according to the relative importance of each safety analysis index relative to this safety evaluation index being under the jurisdiction of same safety evaluation index, determine that in described solution layer, each safety analysis index is to the second weight vectors of be subordinate to safety evaluation index, described first weight vectors of described rule layer and all second weight vectors of described solution layer are carried out comprehensively, obtain the comprehensive weight vector of described solution layer to described destination layer, described comprehensive weight vector is multiplied with the membership vector of each safe class preset, obtain the security protection ability rating of the described network equipment.In the present embodiment, the safety evaluation index relevant to network equipment security protection is carried out being divided into multiple dimension, each dimension comprises some safety analysis indexs, determine that each safety evaluation index and safety analysis index are to the weight of security protection ability, and then get the security protection ability rating of the network equipment, for determining that the network equipment provides important evidence to the impact of network safe state and the stability of bearer service.
Accompanying drawing explanation
The schematic flow sheet of the security protection capability assessment method of a kind of network equipment that Fig. 1 provides for the embodiment of the present invention one;
A kind of schematic diagram assessing the recursive hierarchy structure of security protection ability that Fig. 2 provides for the embodiment of the present invention one;
What Fig. 3 provided for the embodiment of the present invention one a kind ofly obtains the process schematic of solution layer to the comprehensive weight vector of destination layer;
The structural representation of the security protection capability evaluation equipment of a kind of network equipment that Fig. 4 provides for the embodiment of the present invention two;
The structural representation of a kind of first determination module that Fig. 5 provides for the embodiment of the present invention two;
The structural representation of a kind of second determination module that Fig. 6 provides for the embodiment of the present invention two;
The structural representation of a kind of integration module that Fig. 7 provides for the embodiment of the present invention two.
Embodiment
For making the object of the embodiment of the present invention, technical scheme and advantage clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiments.
Embodiment one
The schematic flow sheet of the security protection capability assessment method of a kind of network equipment that Fig. 1 provides for the embodiment of the present invention one.As shown in Figure 1, the security protection capability assessment method of this network equipment comprises the following steps:
101, safety analysis index included under obtaining each safety evaluation index relevant to the security protection ability of network under test equipment and each safety evaluation index.
What affect the security protection ability of the network equipment in reality will have a lot of, comprises again multiplely wanting prime factor below each key element.In the present embodiment, the key element of the security protection ability affecting the network equipment is set as safety evaluation index, prime factor of wanting included under each safety evaluation index is set as safety analysis index.
For the ease of understanding, suppose that the safety evaluation index relevant to the security protection ability of network under test equipment mainly comprises: security breaches P1, access control policy P2, data security protect P3, protocol security protects P4, electrical safety protects P5, Prevention-Security strategy P6, Security Audit Strategy P7, managing security policies P8, back up and recovery policy P9 and security monitoring strategy P10.Safety analysis index included under each safety evaluation index, as shown in table 1.
Table 1
102, safety analysis index included under each safety evaluation index and each safety evaluation index is used to build the recursive hierarchy structure of described security protection ability.
Wherein, described recursive hierarchy structure comprises destination layer, rule layer and solution layer, and described destination layer is the decision-making level of described security protection ability, and described rule layer comprises all safety evaluation indexs, and described solution layer comprises all safety analysis indexs.
In the present embodiment, safety analysis index included under using each safety evaluation index and each safety evaluation index builds the recursive hierarchy structure to the security protection ability of network under test equipment.This recursive hierarchy structure comprises destination layer, rule layer and solution layer, as shown in Figure 2.In Fig. 2, destination layer is positioned at top layer, is the decision-making level of described security protection ability, namely determines the rank of the security protection ability of the network equipment.Rule layer is positioned at intermediate layer, and comprise all safety evaluation indexs, solution layer is positioned at bottom, comprises all safety analysis indexs.
103, according to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, first weight vectors of described rule layer for described destination layer is determined.
Particularly, the relative importance of each safety evaluation index relative to described security protection ability is compared between two, obtains the first judgment matrix of described rule layer, use root method to calculate the first weight vectors to this first judgment matrix.
Wherein, describedly use root method to calculate described first weight vectors to described first judgment matrix, comprising:
Calculate the first product of described first each row element of judgment matrix, Nth power root is carried out to described first product of every a line and calculates the first numerical value, use described first numerical value of every a line form vector and be normalized, obtain described first weight vectors.
104, according to the relative importance of each safety analysis index relative to this safety evaluation index being under the jurisdiction of same safety evaluation index, determine that in described solution layer, each safety analysis index is to the second weight vectors of be subordinate to safety evaluation index.
Particularly, each safety analysis index under being under the jurisdiction of same safety evaluation index is compared between two relative to the relative importance of this safety evaluation index, second judgment matrix of each safety analysis index under obtaining this safety evaluation index, the second weight vectors corresponding under using root method to calculate this same safety evaluation index to safety analysis index second judgment matrix each under belonging to same safety evaluation index.
Wherein, describedly root method is used to calculate described second weight vectors to described second judgment matrix, comprise: the second product calculating described second each row element of judgment matrix, Nth power root is carried out to described second product of every a line and calculates second value, the described second value of every a line is normalized, obtains described second weight vectors.
For safety evaluation index, structure first judgment matrix and acquisition the first weight vectors are described.
Delphi (Delphi) Experts consultation method is adopted to compare between two the importance of safety evaluation index relative to the security protection ability of the network equipment, by relatively determining the significance level of safety evaluation index relative to the security protection ability of the network equipment between two, and quantification assignment is carried out to significance level.Wherein, the proportion quotiety of 1 ~ 9 in foundation analytic hierarchy process (AHP) (Analytic Hierarchy Process is called for short AHP) identifies the significance level of different index.Table 2 is the opinion scale of AHP.
Table 2
After assignment is carried out to significance level, build the first judgment matrix R of safety evaluation index.
R = P 11 K P 1 i M O M P i 1 L P ii , Wherein, R is the first judgment matrix, P ikrepresent i-th safety evaluation index P iwith a kth safety evaluation index P kcompare between two, relative to the significance level of security protection ability, with P in above-mentioned steps 101 1~ P 10for example, the span 1 ~ 10 of i, k.
After getting the first judgment matrix R, calculate the first weight vectors B by root method, for the first judgment matrix R, (1) calculates the product U of first each row element of judgment matrix R i, (2) calculate U inth power root i.e. the first numerical value, wherein, N=10, (3) adopt the Nth power root of every a line to form vector right do normalized, obtain B=(B 1, K, B i), this B is the first required weight vectors, wherein the span 1 ~ 10 of i,
Wherein, normalized formula is:
B = B i ‾ Σ i = 1 10 B i ‾
In the present embodiment, according to obtain safety evaluation index for the network equipment security protection ability the step of the first weight vectors and process, obtain each safety analysis index under belonging to same safety evaluation index, relative to the second weight vectors of this safety evaluation index, to repeat no more herein.
Higher in order to ensure the assessment correctness obtained when assessing the security protection ability of the network equipment, after getting the first weight vectors, consistency checking is carried out to the first weight vectors and the second weight vectors.
For safety evaluation index, calculate the eigenvalue of maximum λ of the first judgment matrix max:
wherein, (RB) irepresent i-th component of vectorial RB.
Getting this eigenvalue of maximum λ maxafter, calculate the coincident indicator CI of the first judgment matrix:
CI = λ max - 10 ( 10 - 1 )
Consistency ration CR is introduced in AHP algorithm, determine that whether the first judgment matrix is by checking by this consistency ration CR, by the ratio of random index RI default in the described coincident indicator of the first judgment matrix and AHP algorithm, as the consistency ration of the first judgment matrix.
Namely CR = CI RI
RI is the random index provided in AHP method, in table 3.
Table 3
In the present embodiment, safety evaluation index is 10, and the exponent number of RI corresponding is as shown in Table 3 10, and namely the value of RI is 1.49.
As CR<0.1, think that the consistency of the first judgment matrix is by checking, especially, think that as CR=0 the first judgment matrix has crash consistency, when CR >=0.1, then think that the first judgment matrix does not have consistency, not by consistency checking, need to revise the first judgment matrix, adjust the importance of each safety evaluation index relative to the security protection ability of the network equipment, again obtain the first judgment matrix, and recalculate CR and carry out consistency checking.
After the second weight vectors obtaining the second judgment matrix, also comprise:
Calculate the eigenvalue of maximum of the second judgment matrix, the coincident indicator of this second judgment matrix is calculated according to the eigenvalue of maximum of this second judgment matrix, by the ratio of random index default in the coincident indicator of the second judgment matrix and AHP algorithm, as the consistency ration of the second judgment matrix, if the consistency ration of the second judgment matrix is less than 0.1, judge that this second judgment matrix passes through consistency checking, if the consistency ration of the second judgment matrix is equal to, or greater than 0.1, adjust the importance of each safety evaluation index relative to belonging safety evaluation index, again the second judgment matrix of this safety evaluation index is obtained.
105, described first weight vectors of described rule layer and all second weight vectors of described solution layer are carried out comprehensively, obtain the comprehensive weight vector of described solution layer to described destination layer.
What Fig. 3 provided for the embodiment of the present invention one a kind ofly obtains the process schematic of solution layer to the comprehensive weight vector of destination layer, and as shown in Figure 3, this process comprises the following steps:
1051, to utilize under same safety evaluation index each safety analysis index to the degree of membership of each safe class preset, build the Evaluations matrix that each safety analysis index belonged under this safety evaluation index is corresponding.
Use Delphi Experts consultation method, organize expert to be under the jurisdiction of default safe class to each safety analysis index to evaluate with reference to carrying out actual test to safety analysis index, obtain i-th safety evaluation index P ia lower jth safety analysis index p ijbe under the jurisdiction of the degree of y safe class.
In the present embodiment, the security protection ability of the network equipment is divided into five safe classes: the first order, the second level, the third level, the fourth stage and level V, i.e. S={S 1, S 2, S 3, S 4, S 5.In the present embodiment, the safe class that the network equipment is preset is quantized, for each safe class arranges a span, as shown in table 4.
Table 4
Safe class Level definition Grade span
S 1 Weak protection, equipment has lower security protection ability 0≤S≤2
S 2 Basic protection, equipment has basic security protection ability 2<S≤4
S 3 Medium protection, equipment has general security protection ability 4<S≤6
S 4 Protect more by force, equipment has stronger security protection ability 6<S≤8
S 5 Strong protection, equipment has very strong security protection ability 8<S≤10
If r jyrepresent i-th safety evaluation index P ia lower jth safety analysis index p ijbe under the jurisdiction of the degree of y safe class, wherein 5 grades of the corresponding above-mentioned security protection ability of y=(1,2,3,4,5), j is safety evaluation index P ithe quantity of middle comprised safety analysis index.The degree of membership number obtaining evaluation represents with the ratio of total evaluation number x:
r jy = x jy x
Wherein, x represents the expert's total number of persons participating in evaluating, x jyexpression participates in thinking in the expert evaluated i-th safety evaluation index P ia lower jth safety analysis index p ijbelong to the number of y grade.
After the degree of membership obtaining each safety analysis index under same safety evaluation index, under utilizing same safety evaluation index, each safety analysis index is to the degree of membership of each safe class preset, and builds the Evaluations matrix A that each safety analysis index belonged under this safety evaluation index is corresponding i:
A i=(r jy) j×y=(x jy/x) j×y
1052, described second weight vectors being under the jurisdiction of same safety evaluation index is multiplied with described Evaluations matrix, obtains the fuzzy synthesis vector of this safety evaluation index.
In the present embodiment, all corresponding second weight vectors of each safety evaluation index, is multiplied the second corresponding for each safety evaluation index weight vectors with Evaluations matrix, just can obtains the fuzzy synthesis result of each safety evaluation index.That is, by weighted average, fuzzy overall evaluation is carried out to each safety analysis index under same judging quota, obtains fuzzy synthesis result.
1053, the fuzzy synthesis vector utilizing all safety evaluation indexs corresponding forms the synthetic evaluation matrix of described security protection ability.
1054, described first weight vectors is multiplied with described synthetic evaluation matrix, obtains the comprehensive weight vector of described destination layer.
Fuzzy synthesis result corresponding for all safety evaluation indexs is combined, form the synthetic evaluation matrix of the security protection ability of the network equipment, first weight vectors of the rule layer got is multiplied with the synthetic evaluation matrix got, obtains the comprehensive weight vector of the security protection ability of the network equipment.
106, described comprehensive weight vector is multiplied with the membership vector of each safe class preset, obtains the security protection ability rating of the described network equipment.
The comprehensive weight of the security protection ability of network equipment vector is multiplied with the membership vector of each safe class preset, the grade point that the security protection ability of this network equipment is corresponding can be got.Wherein, the membership vector S'=[2,4,6,8,10] of each grade preset t.Be Pyatyi to the safety status classification of the security protection ability of the network equipment in step 1051, and the corresponding span of each safe class as shown in table 4, the table of comparisons 4 and grade point corresponding to the security protection ability got, learn the grade of the security protection ability of this network equipment.
In the present embodiment, consider the weight of the key element relevant to the security protection of the network equipment and comparatively safe protection thereof, and put down by building the security protection ability of recursive hierarchy structure to the network equipment, assessment result comparatively accurately can be got, so just can provide certain reference to the security protection ability of of a sort heterogeneous networks equipment, be conducive to the type selecting to the network equipment and examination, can also determine whether its security capabilities meets the requirement of network safety prevention rank based on this evaluation structure, corresponding safety prevention measure is taked to the network equipment.
For certain route exchange device, table 5 is all safety evaluation index P 1~ P 10relative to the relative importance of the security protection ability of this route exchange device.
Table 5
R P 1 P 2 P 3 P 4 P 5 P 6 P 7 P 8 P 9 P 10
P 1 1 2 4 4 6 2 8 9 3 9
P 2 1/2 1 4 4 6 2 6 8 2 9
P 3 1/4 1/4 1 1 2 1/2 2 4 1/2 4
P 4 1/4 1/4 1 1 2 1/3 2 2 1/2 3
P 5 1/6 1/6 1/2 1/2 1 1/4 1 2 1/2 2
P 6 1/2 1/2 2 3 4 1 4 6 2 8
P 7 1/8 1/6 1/2 1/2 1 1/4 1 2 1/6 2
P 8 1/9 1/8 1/4 1/2 1/2 1/6 1/2 1 1/8 1
P 9 1/3 1/2 2 2 2 1/2 6 8 1 6
P 10 1/9 1/9 1/4 1/3 1/2 1/8 1/2 1 1/6 1
Further, the relative importance of each safety evaluation index is compared between two, obtains the first judgment matrix R of rule layer:
R = p 11 K p 1 j M O M p i 1 L p ij = 1.0000 2.0000 4.0000 4.0000 6.0000 2.0000 8.0000 9.0000 3.0000 9.0000 0.5000 1.0000 4.0000 4.0000 6.0000 2.0000 6.0000 8.0000 2.0000 9.0000 0.2500 0.2500 1.0000 1.0000 2.0000 0.5000 2.0000 4.0000 0.5000 4.0000 0.2500 0.2500 1.0000 1.0000 2.0000 0.3333 2.0000 2.0000 0.5000 3.0000 0.1667 0.1667 0.5000 0.5000 1.0000 0.2500 1.0000 2.0000 0.5000 2.0000 0.5000 0.5000 2.0000 3.0000 4.0000 1.0000 4.0000 6.0000 2.0000 8.0000 0.1250 0.1667 0.5000 0.5000 1.0000 0.2500 1.0000 2.0000 0.1667 2.0000 0.1111 0.1250 0.2500 0.5000 0.5000 0.1667 0.5000 1.0000 0.1250 1.0000 0.3333 0.5000 2.0000 2.0000 2.0000 0.5000 6.0000 8.0000 1.0000 6.0000 0.1111 0.1111 0.2500 0.3333 0.5000 0.1250 0.5000 1.0000 0.1667 1.0000 ;
Further, according to the first judgment matrix R, the first weight vectors according to root method computationally secure judging quota:
(1) product of every a line in the first judgment matrix is calculated:
U=(U 1,K,U i)=(746496、82944、1、0.249975、0.003473、2304、0.000868、0.000009、191.9808、0.000005)
(2) 10 th Roots of U are calculated:
B &OverBar; = ( 3.866364 , 3.103691 , 1 , 0.870541 , 0.567637 , 2.168944 , 0.494142 , 0.312913 , 1.691709 , 0.295051 )
(3) according to normalized formula, B is normalized, obtains the first weight vectors B of safety evaluation index:
B=(B 1,K,B i)=(0.2690、0.2170、0.0695、0.0605、0.0395、0.1509、0.0344、0.0216、0.1172、0.0204)
After getting the first weight vectors, need to carry out consistency desired result to this first weight vectors, detailed process is as follows: calculate eigenvalue of maximum λ max, first try to achieve:
RB = [ R ] [ B ] = 1.0000 2.0000 4.0000 4.0000 6.0000 2.0000 8.0000 9.0000 3.0000 9.0000 0.5000 1.0000 4.0000 4.0000 6.0000 2.0000 6.0000 8.0000 2.0000 9.0000 0.2500 0.2500 1.0000 1.0000 2.0000 0.5000 2.0000 4.0000 0.5000 4.0000 0.2500 0.2500 1.0000 1.0000 2.0000 0.3333 2.0000 2.0000 0.5000 3.0000 0.1667 0.1667 0.5000 0.5000 1.0000 0.2500 1.0000 2.0000 0.5000 2.0000 0.5000 0.5000 2.0000 3.0000 4.0000 1.0000 4.0000 6.0000 2.0000 8.0000 0.1250 0.1667 0.5000 0.5000 1.0000 0.2500 1.0000 2.0000 0.1667 2.0000 0.1111 0.1250 0.2500 0.5000 0.5000 0.1667 0.5000 1.0000 0.1250 1.0000 0.3333 0.5000 2.0000 2.0000 2.0000 0.5000 6.0000 8.0000 1.0000 6.0000 0.1111 0.1111 0.2500 0.3333 0.5000 0.1250 0.5000 1.0000 0.1667 1.0000 0.2690 0.2170 0.0695 0.0605 0.0395 0.1590 0.0344 0.0216 0.1172 0.0.04 = 2.7666 2.2075 0.7013 0.6126 0.4002 1.5372 0.3500 0.2234 1.2314 0.2089
&lambda; max = &Sigma; i = 1 10 ( RB ) i 10 B = 1 10 &Sigma; i = 1 10 ( RB ) i B i = 10.2256
Calculate CI: CI = 10.2256 - 10 10 - 1 = 0.0251
Calculating CR, 3 to obtain by tabling look-up: RI=1.49, CR=CI/RI=0.0168<0.1
Because CR is less than 0.1, so this first weight vectors passes through consistency checking.
Under being under the jurisdiction of same safety evaluation index about acquisition, each safety analysis index is relative to the process of the second weight vectors of this safety evaluation index, with obtain safety evaluation index for the network equipment security protection ability the step of the first weight vectors and process similar, repeat no more herein.
After consistency checking, the second weight vectors being under the jurisdiction of same safety evaluation index each safety analysis index corresponding is respectively:
C 1=(0.4000,0.4000,0.2000);
C 2=(0.1818,0.1818,0.0909,0.0909,0.0909,0.0909,0.0909,0.1818);
C 3=(0.5000,0.5000);
C 4=(0.1600,0.1600,0.1800,0.1400,0.1400,0.2200);
C 5=(0.3000,0.1000,0.3000,0.2000,0.1000);
C 6=(0.3000,0.3000,0.3000,0.1000);
C 7=(0.3333,0.3333,0.3333);
C 8=(0.5000,0.5000);
C 9=(0.2500,0.2500,0.2500,0.2500);
C 10=(0.3000,0.2000,0.2000,0.3000)。
Table 6 is for each safety analysis index pre-set is to the degree of membership of each safe class preset.
Table 6
Under utilizing same safety evaluation index, each safety analysis index is to the degree of membership of each safe class preset, and builds the Evaluations matrix that each safety analysis index belonged under this safety evaluation index is corresponding.
A 1 = 0.1000 0.1000 0.5000 0.2000 0.1000 0.2000 0.2000 0.4000 0.1000 0.1000 0.0000 0.1000 0.6000 0.1000 0.2000
A 2 = 0.2000 0.5000 0.2000 0.1000 0.0000 0.1000 0.2000 0 . 4000 0.2000 0.1000 0.0000 0.5000 0.2000 0.2000 0.1000 0.1000 0.6000 0.2000 0.1000 0.0000 0.2000 0.2000 0.5000 0.1000 0.0000 0.1000 0.1000 0.7000 0.1000 0.0000 0.0000 0.0000 0.6000 0.3000 0.1000 0.1000 0.1000 0.4000 0.2000 0.2000
By that analogy, all the other are no longer listed.
Evaluations matrix corresponding with this full judging quota for the second weight vectors being under the jurisdiction of same safety evaluation index is multiplied, obtains the fuzzy synthesis vector D of this safety evaluation index i.
That is: D i=C i× A i; Wherein, i=(1,2 ..., 10)
Further, the fuzzy synthesis vector utilizing all safety evaluation indexs corresponding forms the synthetic evaluation matrix L of described security protection ability:
L = D 1 D 2 M D i ; Wherein, i=(1,2 ..., 10)
L = 0.1200 0.1400 0.4800 0.1400 0.1200 0.1091 0.2727 0.3818 0.1636 0.0727 0.1000 0.3500 0.4500 0.0500 0.0500 0.0440 0.2960 0.4160 0.1500 0.0940 0.1500 0.2500 0.3400 0.1800 0.0800 0.0500 0.0400 0.2900 0.4300 0.1900 0.0667 0.3666 0.4666 0.1000 0.0000 0.1000 0.2500 0.4000 0.1500 0.1000 0.1000 0.3250 0.4500 0.1000 0.0250 0.0500 0.2000 0.4300 0.1600 0.1600
Get synthetic evaluation matrix L, the first weight vectors B is being multiplied with synthetic evaluation matrix L, obtain the comprehensive weight vector G of destination layer.
That is: G=B × L=[0.0962 0.2152 0.4118 0.1794 0.0974]
After getting comprehensive weight vector G, this comprehensive weight vector G is multiplied with the membership vector S ' of each safe class preset, obtain the grade point of the security protection ability of route exchange device, according to the grade of described grade point with the security protection ability of span determination route exchange device corresponding to each safe class preset.
That is: S=G × S'=5.9330
The span of each safe class as shown in Table 4, can learn this grade point correspondence got and third level class of safety protection.
The security protection capability assessment method of the network equipment that the present embodiment provides, safety analysis index included under obtaining each safety evaluation index relevant to the security protection ability of network under test equipment and each safety evaluation index, safety analysis index included under each safety evaluation index and each safety evaluation index is used to build the recursive hierarchy structure of described security protection ability, according to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, determine first weight vectors of described rule layer for described destination layer, according to the relative importance of each safety analysis index relative to this safety evaluation index being under the jurisdiction of same safety evaluation index, determine that in described solution layer, each safety analysis index is to the second weight vectors of be subordinate to safety evaluation index, described first weight vectors of described rule layer and all second weight vectors of described solution layer are carried out comprehensively, obtain the comprehensive weight vector of described solution layer to described destination layer, described comprehensive weight vector is multiplied with the membership vector of each safe class preset, obtain the security protection ability rating of the described network equipment.In the present embodiment, the safety evaluation index relevant to network equipment security protection is carried out being divided into multiple dimension, each dimension comprises some safety analysis indexs, determine that each safety evaluation index and safety analysis index are to the weight of security protection ability, and then get the security protection ability rating of the network equipment, for determining that the network equipment provides important evidence to the impact of network safe state and the stability of bearer service.
Embodiment two
The structural representation of the security protection capability evaluation equipment of a kind of network equipment that Fig. 4 provides for the embodiment of the present invention two.As shown in Figure 4, this equipment comprises: the first acquisition module 31, level build module 32, first determination module 33, second determination module 34, integration module 35 and the second acquisition module 36.
Wherein, the first acquisition module 31, for obtaining safety analysis index included under each safety evaluation index relevant to the security protection ability of network under test equipment and each safety evaluation index.
The level be connected with the first acquisition module 31 builds module 32, for the recursive hierarchy structure using safety analysis index included under each safety evaluation index and each safety evaluation index to build described security protection ability.
Wherein said recursive hierarchy structure comprises destination layer, rule layer and solution layer, and described destination layer is the decision-making level of described security protection ability, and described rule layer comprises all safety evaluation indexs, and described solution layer comprises all safety analysis indexs.
Build with level the first determination module 33 that module 32 is connected, for according to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, determine first weight vectors of described rule layer for described destination layer.
The second determination module 34 that module 32 is connected is built with level, for according to the relative importance of each safety analysis index relative to this safety evaluation index being under the jurisdiction of same safety evaluation index, determine that in described solution layer, each safety analysis index is to the second weight vectors of be subordinate to safety evaluation index.
The integration module 35 be connected with the first determination module 33 and the second determination module 34, for being undertaken comprehensively by described first weight vectors of described rule layer and all second weight vectors of described solution layer, obtain the comprehensive weight vector of described solution layer to described destination layer.
The second acquisition module 36 be connected with integration module 35, for being multiplied with the membership vector of each safe class preset by described comprehensive weight vector, obtains the security protection ability rating of the described network equipment.
The structural representation of a kind of first determination module that Fig. 5 provides for the embodiment of the present invention two.As shown in Figure 5, this first determination module 33 comprises: the first comparing unit 331 and the first computing unit 332.
Wherein, the first comparing unit 331, for the relative importance of each safety evaluation index relative to described security protection ability being compared between two, obtains the first judgment matrix of described rule layer.
The first computing unit 332 be connected with the first comparing unit 331, for using root method to calculate described first weight vectors to described first judgment matrix.
Further, first computing unit 332, specifically for calculating the first product of described first each row element of judgment matrix, Nth power root is carried out to described first product of every a line and calculates the first numerical value, use described first numerical value of every a line form vector and be normalized, obtain described first weight vectors.
Alternatively, the first determination module 33, also comprises: the first authentication unit 333.
First authentication unit 333, for calculating the eigenvalue of maximum of described first judgment matrix, the coincident indicator of described first judgment matrix is calculated according to described eigenvalue of maximum, by the ratio of random index default in the described coincident indicator of described first judgment matrix and described AHP algorithm, as the consistency ration of described first judgment matrix, if described first judges that the described consistency ration of square is less than 0.1, judge that described first judgment matrix passes through consistency checking, if described first judges that the described consistency ration of square is equal to, or greater than 0.1, adjust the importance of each safety evaluation index relative to described security protection ability, again described first judgment matrix is obtained.
The structural representation of a kind of second determination module that Fig. 6 provides for the embodiment of the present invention two.As shown in Figure 6, this second determination module 34 comprises: the second comparing unit 341 and the second computing unit 342.
Wherein, second comparing unit 341, for comparing each safety analysis index under being under the jurisdiction of same safety evaluation index between two relative to the relative importance of this safety evaluation index, the second judgment matrix of each safety analysis index under obtaining being under the jurisdiction of this safety evaluation index.
The second computing unit 342 be connected with the second comparing unit 341, for using root method to calculate to the second judgment matrix described in each safety analysis index under being under the jurisdiction of same safety evaluation index, obtain being under the jurisdiction of described second weight vectors corresponding to this safety evaluation index each safety analysis index.
Further, second computing unit 342, specifically for calculating the second product of described second each row element of judgment matrix, Nth power root is carried out to described second product of every a line and calculates second value, use the described second value of every a line form vector and be normalized, obtain described second weight vectors.
Alternatively, the second determination module 34, also comprises: the second authentication unit 343.
Second authentication unit 343, for calculating the eigenvalue of maximum of described second judgment matrix, the coincident indicator of described second judgment matrix is calculated according to described eigenvalue of maximum, by the ratio of random index default in the described coincident indicator of described second judgment matrix and described AHP algorithm, as the consistency ration of described second judgment matrix, if the consistency ration of described second judgment matrix is less than 0.1, judge that described second judgment matrix passes through consistency checking, if the consistency ration of described second judgment matrix is equal to, or greater than 0.1, adjust the importance of each safety evaluation index relative to belonging safety evaluation index, again described second judgment matrix is obtained.
The structural representation of a kind of integration module that Fig. 7 provides for the embodiment of the present invention two.As shown in Figure 7, this integration module 35, comprising: construction unit 351, first acquiring unit 352, second acquisition unit 353 and the 3rd acquiring unit 354.
Wherein, construction unit 351, for the degree of membership of each safety analysis index under utilizing same safety evaluation index to each safe class preset, builds the Evaluations matrix that each safety analysis index belonged under this safety evaluation index is corresponding;
The first acquiring unit 352 be connected with construction unit 351, for being multiplied by described Evaluations matrix corresponding with this full judging quota for described second weight vectors being under the jurisdiction of same safety evaluation index, obtains the fuzzy synthesis vector of this safety evaluation index;
The second acquisition unit 353 be connected with the first acquiring unit 352, the fuzzy synthesis vector for utilizing all safety evaluation indexs corresponding forms the synthetic evaluation matrix of described security protection ability;
The 3rd acquiring unit 354 be connected with second acquisition unit 353, for being multiplied with described synthetic evaluation matrix by described first weight vectors, obtains the comprehensive weight vector of described destination layer.
Further, second acquisition module 36, specifically for described comprehensive weight vector is multiplied with the membership vector of each safe class preset, obtain the grade point of described security protection ability, the span corresponding with each safe class preset according to described grade point determines the grade of described security protection ability.
In the present embodiment, safety analysis index included under obtaining each safety evaluation index relevant to the security protection ability of network under test equipment and each safety evaluation index, safety analysis index included under each safety evaluation index and each safety evaluation index is used to build the recursive hierarchy structure of described security protection ability, according to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, determine first weight vectors of described rule layer for described destination layer, according to the relative importance of each safety analysis index relative to this safety evaluation index being under the jurisdiction of same safety evaluation index, determine that in described solution layer, each safety analysis index is to the second weight vectors of be subordinate to safety evaluation index, described first weight vectors of described rule layer and all second weight vectors of described solution layer are carried out comprehensively, obtain the comprehensive weight vector of described solution layer to described destination layer, described comprehensive weight vector is multiplied with the membership vector of each safe class preset, obtain the security protection ability rating of the described network equipment.In the present embodiment, the safety evaluation index relevant to network equipment security protection is carried out being divided into multiple dimension, each dimension comprises some safety analysis indexs, determine that each safety evaluation index and safety analysis index are to the weight of security protection ability, and then get the security protection ability rating of the network equipment, for determining that the network equipment provides important evidence to the impact of network safe state and the stability of bearer service.
Last it is noted that above each embodiment is only in order to illustrate technical scheme of the present invention, be not intended to limit; Although with reference to foregoing embodiments to invention has been detailed description, those of ordinary skill in the art is to be understood that: it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein some or all of technical characteristic; And these amendments or replacement, do not make the essence of appropriate technical solution depart from the scope of various embodiments of the present invention technical scheme.

Claims (12)

1. a security protection capability assessment method for the network equipment, is characterized in that, comprising:
Safety analysis index included under obtaining each safety evaluation index relevant to the security protection ability of network under test equipment and each safety evaluation index;
Safety analysis index included under each safety evaluation index and each safety evaluation index is used to build the recursive hierarchy structure of described security protection ability, wherein said recursive hierarchy structure comprises destination layer, rule layer and solution layer, described destination layer is the decision-making level of described security protection ability, described rule layer comprises all safety evaluation indexs, and described solution layer comprises all safety analysis indexs;
According to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, determine first weight vectors of described rule layer for described destination layer;
According to the relative importance of each safety analysis index relative to this safety evaluation index being under the jurisdiction of same safety evaluation index, determine that in described solution layer, each safety analysis index is to the second weight vectors of be subordinate to safety evaluation index;
Described first weight vectors of described rule layer and all second weight vectors of described solution layer are carried out comprehensively, obtains the comprehensive weight vector of described solution layer to described destination layer;
Described comprehensive weight vector is multiplied with the membership vector of each safe class preset, obtains the security protection ability rating of the described network equipment.
2. the security protection capability assessment method of the network equipment according to claim 1, it is characterized in that, described according to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, determine first weight vectors of described rule layer for described destination layer, comprising:
The relative importance of each safety evaluation index relative to described security protection ability is compared between two, obtains the first judgment matrix of described rule layer;
Root method is used to calculate described first weight vectors to described first judgment matrix;
Described basis is under the jurisdiction of the relative importance of each safety analysis index relative to this safety evaluation index of same safety evaluation index, determines that in described solution layer, each safety analysis index, to the second weight vectors of be subordinate to safety evaluation index, comprising:
By comparing between two relative to the relative importance of this safety evaluation index of each safety analysis index under being under the jurisdiction of same safety evaluation index, the second judgment matrix of each safety analysis index under obtaining being under the jurisdiction of this safety evaluation index;
Use root method to calculate to the second judgment matrix described in each safety analysis index under being under the jurisdiction of same safety evaluation index, obtain being under the jurisdiction of described second weight vectors corresponding to this safety evaluation index each safety analysis index.
3. the security protection capability assessment method of the network equipment according to claim 2, it is characterized in that, described described first weight vectors of described rule layer and all second weight vectors of described solution layer are carried out comprehensively, obtain the comprehensive weight vector of described solution layer to described destination layer, comprising:
Under utilizing same safety evaluation index, each safety analysis index is to the degree of membership of each safe class preset, and builds the Evaluations matrix that each safety analysis index be under the jurisdiction of under this safety evaluation index is corresponding;
Described Evaluations matrix corresponding with this safety evaluation index for described second weight vectors being under the jurisdiction of same safety evaluation index is multiplied, obtains the fuzzy synthesis vector of this safety evaluation index;
The fuzzy synthesis vector utilizing all safety evaluation indexs corresponding forms the synthetic evaluation matrix of described security protection ability;
Described first weight vectors is multiplied with described synthetic evaluation matrix, obtains the comprehensive weight vector of described destination layer.
4. the security protection capability assessment method of the network equipment according to claim 3, is characterized in that, is multiplied by described comprehensive weight vector, obtains the security protection ability rating of the described network equipment, comprising with the membership vector of each safe class preset:
Described comprehensive weight vector is multiplied with the membership vector of each safe class preset, obtains the grade point of described security protection ability;
The span corresponding with each safe class preset according to described grade point determines the grade of described security protection ability.
5. the security protection capability assessment method of the network equipment according to any one of claim 2-4, is characterized in that, describedly uses root method to calculate described first weight vectors to described first judgment matrix, comprising:
Calculate the first product of described first each row element of judgment matrix;
Nth power root is carried out to described first product of every a line and calculates the first numerical value;
Use described first numerical value of every a line form vector and be normalized, obtain described first weight vectors;
Describedly use root method to calculate described second weight vectors to described second judgment matrix, comprising:
Calculate the second product of described second each row element of judgment matrix;
Nth power root is carried out to described second product of every a line and calculates second value;
Use the described second value of every a line form vector and be normalized, obtain described second weight vectors.
6. the security protection capability assessment method of the network equipment according to claim 5, is characterized in that, described in obtain described first weight vectors after, also comprise:
Calculate the eigenvalue of maximum of described first judgment matrix;
The coincident indicator of described first judgment matrix is calculated according to described eigenvalue of maximum;
By the ratio of random index default in the described coincident indicator of described first judgment matrix and described AHP algorithm, as the consistency ration of described first judgment matrix;
If described first judges that the described consistency ration of square is less than 0.1, judge that described first judgment matrix passes through consistency checking;
If described first judges that the described consistency ration of square is equal to, or greater than 0.1, adjust the importance of each safety evaluation index relative to described security protection ability, again obtain described first judgment matrix;
Described obtain described second weight vectors after, also comprise:
Calculate the eigenvalue of maximum of described second judgment matrix;
The coincident indicator of described second judgment matrix is calculated according to described eigenvalue of maximum;
By the ratio of random index default in the described coincident indicator of described second judgment matrix and described AHP algorithm, as the consistency ration of described second judgment matrix;
If the consistency ration of described second judgment matrix is less than 0.1, judge that described second judgment matrix passes through consistency checking;
If the consistency ration of described second judgment matrix is equal to, or greater than 0.1, adjusts the importance of each safety evaluation index relative to belonging safety evaluation index, again obtain described second judgment matrix.
7. a security protection capability evaluation equipment for the network equipment, is characterized in that, comprising:
First acquisition module, for obtaining safety analysis index included under each safety evaluation index relevant to the security protection ability of network under test equipment and each safety evaluation index;
Level builds module, for the recursive hierarchy structure using safety analysis index included under each safety evaluation index and each safety evaluation index to build described security protection ability, wherein said recursive hierarchy structure comprises destination layer, rule layer and solution layer, described destination layer is the decision-making level of described security protection ability, described rule layer comprises all safety evaluation indexs, and described solution layer comprises all safety analysis indexs;
First determination module, for according to the relative importance of safety evaluation index each in described rule layer relative to described security protection ability, determines first weight vectors of described rule layer for described destination layer;
Second determination module, for according to the relative importance of each safety analysis index relative to this safety evaluation index being under the jurisdiction of same safety evaluation index, determine that in described solution layer, each safety analysis index is to the second weight vectors of be subordinate to safety evaluation index;
Integration module, for being undertaken comprehensively by described first weight vectors of described rule layer and all second weight vectors of described solution layer, obtains the comprehensive weight vector of described solution layer to described destination layer;
Second acquisition module, for being multiplied with the membership vector of each safe class preset by described comprehensive weight vector, obtains the security protection ability rating of the described network equipment.
8. the security protection capability evaluation equipment of the network equipment according to claim 7, is characterized in that, described first determination module, comprising:
First comparing unit, for the relative importance of each safety evaluation index relative to described security protection ability being compared between two, obtains the first judgment matrix of described rule layer;
First computing unit, for using root method to calculate described first weight vectors to described first judgment matrix;
Described second determination module, comprising:
Second comparing unit, for comparing each safety analysis index under being under the jurisdiction of same safety evaluation index between two relative to the relative importance of this safety evaluation index, the second judgment matrix of each safety analysis index under obtaining being under the jurisdiction of this safety evaluation index;
Second computing unit, for using root method to calculate to the second judgment matrix described in each safety analysis index under being under the jurisdiction of same safety evaluation index, obtains being under the jurisdiction of described second weight vectors corresponding to this safety evaluation index each safety analysis index.
9. the security protection capability evaluation equipment of the network equipment according to claim 8, it is characterized in that, described integration module, comprising:
Construction unit, for the degree of membership of each safety analysis index under utilizing same safety evaluation index to each safe class preset, builds the Evaluations matrix that each safety analysis index belonged under this safety evaluation index is corresponding;
First acquiring unit, for being multiplied by described Evaluations matrix corresponding with this full judging quota for described second weight vectors being under the jurisdiction of same safety evaluation index, obtains the fuzzy synthesis vector of this safety evaluation index;
Second acquisition unit, the fuzzy synthesis vector for utilizing all safety evaluation indexs corresponding forms the synthetic evaluation matrix of described security protection ability;
3rd acquiring unit, for being multiplied with described synthetic evaluation matrix by described first weight vectors, obtains the comprehensive weight vector of described destination layer.
10. the security protection capability evaluation equipment of the network equipment according to claim 9, it is characterized in that, by the second acquisition module, specifically for described comprehensive weight vector is multiplied with the membership vector of each safe class preset, obtain the grade point of described security protection ability, the span corresponding with each safe class preset according to described grade point determines the grade of described security protection ability.
The security protection capability evaluation equipment of 11. network equipments according to Claim 8 described in-10 any one, it is characterized in that, described first computing unit, specifically for calculating the first product of described first each row element of judgment matrix, Nth power root is carried out to described first product of every a line and calculates the first numerical value, use described first numerical value of every a line form vector and be normalized, obtain described first weight vectors;
Described second computing unit, specifically for calculating the second product of described second each row element of judgment matrix, Nth power root is carried out to described second product of every a line and calculates second value, use the described second value of every a line form vector and be normalized, obtain described second weight vectors.
The security protection capability evaluation equipment of 12. network equipments according to claim 11, is characterized in that, described first determination module, also comprises:
First authentication unit, for calculating the eigenvalue of maximum of described first judgment matrix, the coincident indicator of described first judgment matrix is calculated according to described eigenvalue of maximum, by the ratio of random index default in the described coincident indicator of described first judgment matrix and described AHP algorithm, as the consistency ration of described first judgment matrix, if described first judges that the described consistency ration of square is less than 0.1, judge that described first judgment matrix passes through consistency checking, if described first judges that the described consistency ration of square is equal to, or greater than 0.1, adjust the importance of each safety evaluation index relative to described security protection ability, again described first judgment matrix is obtained,
Described second determination module, also comprises:
Second authentication unit, for calculating the eigenvalue of maximum of described second judgment matrix, the coincident indicator of described second judgment matrix is calculated according to described eigenvalue of maximum, by the ratio of random index default in the described coincident indicator of described second judgment matrix and described AHP algorithm, as the consistency ration of described second judgment matrix, if the consistency ration of described second judgment matrix is less than 0.1, judge that described second judgment matrix passes through consistency checking, if the consistency ration of described second judgment matrix is equal to, or greater than 0.1, adjust the importance of each safety evaluation index relative to belonging safety evaluation index, again described second judgment matrix is obtained.
CN201410483755.1A 2014-09-19 2014-09-19 Safety protection capability assessment method and equipment of network equipment Pending CN104243478A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410483755.1A CN104243478A (en) 2014-09-19 2014-09-19 Safety protection capability assessment method and equipment of network equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410483755.1A CN104243478A (en) 2014-09-19 2014-09-19 Safety protection capability assessment method and equipment of network equipment

Publications (1)

Publication Number Publication Date
CN104243478A true CN104243478A (en) 2014-12-24

Family

ID=52230827

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410483755.1A Pending CN104243478A (en) 2014-09-19 2014-09-19 Safety protection capability assessment method and equipment of network equipment

Country Status (1)

Country Link
CN (1) CN104243478A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105939307A (en) * 2015-07-08 2016-09-14 北京匡恩网络科技有限责任公司 Network structure security analysis method
CN106156629A (en) * 2015-04-17 2016-11-23 国家电网公司 A kind of security measure method of android terminal
CN106203123A (en) * 2015-05-06 2016-12-07 北大方正集团有限公司 A kind of wireless sense network safe evaluation method and device
CN106850645A (en) * 2017-02-18 2017-06-13 许昌学院 A kind of system and method for detecting invalid access to computer network
CN107306419A (en) * 2016-04-21 2017-10-31 中国移动通信集团广东有限公司 A kind of end-to-end quality appraisal procedure and device
CN107454105A (en) * 2017-09-15 2017-12-08 北京理工大学 A kind of multidimensional network safety evaluation method based on AHP and grey correlation
CN107832621A (en) * 2017-11-16 2018-03-23 成都艾尔普科技有限责任公司 The weighing computation method of Behavior trustworthiness evidence based on AHP
CN108696397A (en) * 2018-08-14 2018-10-23 国家电网有限公司 A kind of electric network information safety evaluation method and device based on AHP and big data
CN108921438A (en) * 2018-07-10 2018-11-30 国网福建省电力有限公司 A kind of power distribution network regulation and administration weak link identification method based on cascade weight

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102591732A (en) * 2011-12-02 2012-07-18 徐云峰 Security evaluation system of information system and evaluation method of the system
CN102609778A (en) * 2012-02-17 2012-07-25 广东省电力调度中心 Method and device for assessing risk of electric power communication network
CN103065050A (en) * 2012-12-31 2013-04-24 河南省电力公司电力科学研究院 Health level judging method of information system during operation maintenance period
CN103337043A (en) * 2013-06-27 2013-10-02 广东电网公司电力调度控制中心 Pre-warning method and system for running state of electric power communication equipment
CN103581155A (en) * 2012-08-08 2014-02-12 贵州电网公司信息通信分公司 Information security situation analysis method and system
CN103679558A (en) * 2013-12-20 2014-03-26 国家电网公司 Electric automobile charging and replacing station fire risk data evaluation method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102591732A (en) * 2011-12-02 2012-07-18 徐云峰 Security evaluation system of information system and evaluation method of the system
CN102609778A (en) * 2012-02-17 2012-07-25 广东省电力调度中心 Method and device for assessing risk of electric power communication network
CN103581155A (en) * 2012-08-08 2014-02-12 贵州电网公司信息通信分公司 Information security situation analysis method and system
CN103065050A (en) * 2012-12-31 2013-04-24 河南省电力公司电力科学研究院 Health level judging method of information system during operation maintenance period
CN103337043A (en) * 2013-06-27 2013-10-02 广东电网公司电力调度控制中心 Pre-warning method and system for running state of electric power communication equipment
CN103679558A (en) * 2013-12-20 2014-03-26 国家电网公司 Electric automobile charging and replacing station fire risk data evaluation method

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106156629A (en) * 2015-04-17 2016-11-23 国家电网公司 A kind of security measure method of android terminal
CN106203123A (en) * 2015-05-06 2016-12-07 北大方正集团有限公司 A kind of wireless sense network safe evaluation method and device
CN105939307A (en) * 2015-07-08 2016-09-14 北京匡恩网络科技有限责任公司 Network structure security analysis method
CN107306419A (en) * 2016-04-21 2017-10-31 中国移动通信集团广东有限公司 A kind of end-to-end quality appraisal procedure and device
CN106850645A (en) * 2017-02-18 2017-06-13 许昌学院 A kind of system and method for detecting invalid access to computer network
CN107454105A (en) * 2017-09-15 2017-12-08 北京理工大学 A kind of multidimensional network safety evaluation method based on AHP and grey correlation
CN107832621A (en) * 2017-11-16 2018-03-23 成都艾尔普科技有限责任公司 The weighing computation method of Behavior trustworthiness evidence based on AHP
CN108921438A (en) * 2018-07-10 2018-11-30 国网福建省电力有限公司 A kind of power distribution network regulation and administration weak link identification method based on cascade weight
CN108921438B (en) * 2018-07-10 2022-03-08 国网福建省电力有限公司 Power distribution network regulation and control management weak link identification method based on cascade weight
CN108696397A (en) * 2018-08-14 2018-10-23 国家电网有限公司 A kind of electric network information safety evaluation method and device based on AHP and big data
CN108696397B (en) * 2018-08-14 2022-02-25 国家电网有限公司 Power grid information security assessment method and device based on AHP and big data

Similar Documents

Publication Publication Date Title
CN104243478A (en) Safety protection capability assessment method and equipment of network equipment
CN104376400A (en) Risk assessment method based on fuzzy matrix and analytic hierarchy process
CN106850254B (en) Method for identifying key nodes in power communication network
CN110310031A (en) A kind of power distribution network multidimensional methods of risk assessment
CN104063612B (en) A kind of Tunnel Engineering risk profiles fuzzy evaluation method and assessment system
CN103366123B (en) Software hazard appraisal procedure based on defect analysis
CN109685340A (en) A kind of controller switching equipment health state evaluation method and system
CN107734512A (en) A kind of network selecting method based on the analysis of gray scale relevance presenting levelses
CN106971265A (en) A kind of method for evaluating rescue at sea ability
CN102496069A (en) Cable multimode safe operation evaluation method based on fuzzy analytic hierarchy process (FAHP)
CN108038300A (en) Optical fiber state evaluating method based on improved membership function combination neutral net
CN106549826A (en) Intelligent substation switch applied in network performance test appraisal procedure
CN105938609A (en) Power grid operation assessment method for realizing multilayer indicator system
CN110111024A (en) Scientific and technological achievement market valuation method based on AHP model of fuzzy synthetic evaluation
CN104217122A (en) Tunnel construction process safety evaluation method based on multi-element information early warning system
CN104376413A (en) Power grid planning scheme evaluation system based on analytic hierarchy process and data envelopment analysis
CN104484678B (en) Multiple Classifiers Combination method for diagnosing faults based on fault type differential ability rating matrix
CN105046407B (en) A kind of power grid and the methods of risk assessment of user&#39;s two-way interaction Service Operation pattern
CN103745415A (en) Level analysis-based assessment method and level analysis-based assessment system for grid operating condition indicators
CN103065050A (en) Health level judging method of information system during operation maintenance period
CN104392393A (en) DEMATEL-ANP-VIKOR mixed selection method of power system security risk reduction schemes
CN108228412A (en) A kind of method and device based on system health degree faults of monitoring system and hidden danger
CN106295332A (en) Based on interval number and the Information Security Risk Assessment Methods of ideal solution
CN107239905A (en) Onboard networks safety risk estimating method based on advanced AHP GCM
CN105912857A (en) Selection and configuration method of distribution equipment state monitoring sensors

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20141224

RJ01 Rejection of invention patent application after publication