CN102495731A - Generation method of embodiment for information safety evaluation - Google Patents
Generation method of embodiment for information safety evaluation Download PDFInfo
- Publication number
- CN102495731A CN102495731A CN2011103975508A CN201110397550A CN102495731A CN 102495731 A CN102495731 A CN 102495731A CN 2011103975508 A CN2011103975508 A CN 2011103975508A CN 201110397550 A CN201110397550 A CN 201110397550A CN 102495731 A CN102495731 A CN 102495731A
- Authority
- CN
- China
- Prior art keywords
- testing
- assessment
- case
- project
- type
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a generation method of an embodiment for information safety evaluation, which includes storing safety evaluation contents each evaluative criteria corresponds to; respectively forming evaluation use case templates of different industry types and business types; selecting a corresponding evaluation use case template according to the business type and the industry type of a project to be evaluated to construct an evaluation use case embodiment of the project to be evaluated; and selecting a test method according to the evaluation use case embodiment and a test object in the project to be evaluated to generate a test use case embodiment. Each evaluation use case template comprises safety evaluation contents corresponding to the evaluative criteria included by the industry types and the business types and the test methods the safety evaluation contents correspond to. The generation method is capable of simply, conveniently, flexibly, standardly, systematically generating the embodiment in the information safety evaluation field.
Description
Technical field
The present invention relates to information security field, refer more particularly to a kind of enforcement use-case generation method of Information Security Evaluation.
Background technology
At present, the system security assessment in the information security field generally is according to concerned countries Information Security Evaluation standard in the operating process of reality, and adopting with the manually-operated is that main mode is implemented.Therefore each evaluation item all can have strong individualized feature because of the difference of implementing personnel, causes under identical standard, and the enforcement of finally assessing usefulness also has nothing in common with each other with regular meeting, the difficult quality guarantee of assessment.
Existing is that the evaluating system of platform provides a database of preserving the substantive test use-case usually with the computing machine, when actual assessment, calls corresponding test case; And in the assessment of information security field, situation is comparatively complicated and changeable, and evaluation criteria, industry type, application scenarios, system object type are various, and be varied especially by the situation of its actual assessment project that combines; If indiscriminately imitate the thought of organizing in conventional test case data storehouse; System security assessment project to dissimilar characteristics designs a cover enforcement use-case respectively; Enforcement use-case quantity size in the final data storehouse will be very huge so, and still might can't contain all types of evaluation items; When new standard or new sector application occurring, all need write the dependence test use-case again in addition, very complicated, the easy error of working, application flexibility and extendability are all relatively poor.Therefore existingly can't well be applicable to information security field based on computer implemented evaluating system.
Summary of the invention
The technical matters that the present invention will solve is how easy in the Information Security Evaluation field, flexible, standard, systematically generates automatically and implement use-case, comprises assessment use-case instance and dependence test use-case instance with it.
In order to address the above problem, the invention provides a kind of generation method of enforcement use-case of Information Security Evaluation, comprising:
Preserve each item evaluation criteria, wherein, said each item evaluation criteria comprises each self-corresponding safety assessment content;
Form the assessment use-case template of different industries type and type of service respectively; The safety assessment content that each item evaluation criteria that industry type and type of service were comprised under said assessment use-case template comprised is corresponding, and the pairing method of testing of each safety assessment content;
Type of service, industry type according to project to be assessed are selected corresponding assessment use-case template, construct the assessment use-case instance of this project to be assessed;
According to the assessment use-case instance of this project to be assessed, and the tested object in this project to be assessed is selected method of testing, generation test case instance.
Further, the pairing safety assessment content of each item evaluation criteria is saved as the information security java standard library.
Further; According to the stratification incidence relation of evaluation criteria, in the information security java standard library, set up hierarchical logic, under standard, comprise a plurality of types; Each class comprises a plurality of subclasses; Each subclass comprises a plurality of assemblies, and assembly can also be decomposed into a plurality of leading elements, and each leading element is corresponding with method of testing.
Further, also comprise after forming the step of assessment use-case template of different industries type and type of service respectively:
The assessment use-case template that forms is saved as assessment use-case ATL.
Further, also comprise before the step of the said assessment use-case template that forms different industries type and type of service respectively:
Preserve the pairing method of testing of each safety assessment content;
When forming assessment use-case template, set up the safety assessment content and the method for testing of being preserved between incidence relation.
Further, the pairing method of testing of each safety assessment content is saved as the method for testing storehouse; The determinant attribute in method of testing storehouse comprises: method of testing title, method of testing content description, tested object, means of testing.
Further, the method for testing storehouse comprises a plurality of method of testings, and each method of testing is corresponding to a method of testing content description, corresponding to the combination of one or more means of testing and tested object.
Further, the combination of means of testing and tested object saves as the form of doublet;
A tested object has one or more means of testing, and a kind of means of testing is used to test one or more tested objects.
Further, also comprise before the step of the assessment use-case instance of said structure project to be assessed:
Obtain project foundation data to be assessed, comprise type of service, industry type, tested object.
Further, according to the assessment use-case instance of this project to be assessed, and the selection of the tested object in this project to be assessed method of testing, the step that generates the test case instance specifically can comprise:
According to the assets information of project to be assessed, from the method for testing set that the assessment use-case instance of this project to be assessed is comprised, filter out the method for testing that the Asset Type in tested object and the assets information matees;
In the method for testing that filters out, to classify according to means of testing, merger is a plurality of test case instances.
Through method provided by the invention; Can set up the software implementation framework of a kind of standardization, robotization, Componentized general information security implementation use-case (comprising assessment use-case instance and test case instance associated therewith) generation, mission planning and assessment data collection, Macro or mass analysis; Thereby support similar Information Security Evaluation activity can code requirement, consistent assessment requirement and implementation method; Carry out efficiently, thus the data acquisition efficiency and the analysis and assessment effect of raising evaluation work.Method provided by the invention can also expand in other assessment activities based on the particular implementation standard, thereby strengthens the standardization and the consistance of correlated activation, improves evaluation effect, improves assess effectiveness, improves the automatic management level of evaluation item.
Description of drawings
Fig. 1 is the process flow diagram of generation method of enforcement use-case of the Information Security Evaluation of embodiment one;
Fig. 2 is the data hierarchy graph of a relation of information security java standard library among the embodiment one;
Fig. 3 is the building-block of logic in method of testing storehouse among the embodiment one;
Fig. 4 is general data entity relationship and the processing logic synoptic diagram in first example of embodiment one;
Fig. 5 is in second example of embodiment one, the product process figure of assessment use-case instance and test case instance.
Embodiment
To combine accompanying drawing and embodiment that technical scheme of the present invention is explained in more detail below.
Need to prove that if do not conflict, each characteristic among the embodiment of the invention and the embodiment can mutually combine, all within protection scope of the present invention.In addition, though logical order has been shown, in some cases, can carry out step shown or that describe in process flow diagram with the order that is different from here.
At first introduce the definition of the several terms that relate among this paper:
Assessment use-case instance is the framework of the professional concrete action of assessment.
The test case instance is in order to accomplish the content measurement description that the concrete safety assessment content of assessment use-case instance each item need be carried out.
Implement use-case, assessment use-case instance and test case instance associated therewith constitute implements use-case.
By evaluation object, be meant the objective for implementation of evaluation item, wherein generally comprise a series of assets.
The generation method of the enforcement use-case of embodiment one, a kind of Information Security Evaluation, process is as shown in Figure 1, comprising:
Preserve each item evaluation criteria, wherein, said each item evaluation criteria comprises each self-corresponding safety assessment content;
Form the assessment use-case template of different industries type and type of service respectively; The safety assessment content that each item evaluation criteria that industry type and type of service were comprised under said assessment use-case template comprised is corresponding, and the pairing method of testing of each safety assessment content;
Type of service, industry type according to project to be assessed are selected corresponding assessment use-case template, construct the assessment use-case instance of this project to be assessed;
According to the assessment use-case instance of this project to be assessed, and the tested object in this project to be assessed is selected method of testing, generation test case instance.
The enforcement use-case instance that present embodiment generates intactly contained this evaluation item needs all assess the test case example collection that detailed rules and regulations need be carried out.Through carry out the test case instance generated just can guarantee complete, systematically gather and take back the various data of evaluation item needs; The data of taking back through the test case instance can be set up the evidence data acquisition of safety assessment content, to support follow-up safety assessment analysis to the data backfill of assessment use-case instance.
In the present embodiment, when preserving each item evaluation criteria can but be not limited to save as the information security java standard library, also can save as other form during practical application; Evaluation criteria is the basic foundation of carrying out safety assessment.Type has determined the type of service of safety assessment project; The safety assessment content depends on the choice that evaluation criteria is required content; Therefore the foundation of information security java standard library, need can careful parsing standard content, and can in the assessment activity, be suitable for the combination of content easily.
In the present embodiment; The general characteristic that all has the stratification incidence relation according to the detailed content of evaluation criteria; Can carry out the segmentation step by step of unification to the content of standard according to the level of class, subclass, establishment, element; In the information security java standard library, set up corresponding hierarchical logic as shown in Figure 2; Under standard, comprise a plurality of types, each type comprises a plurality of subclasses, and each subclass comprises a plurality of assemblies, and assembly can also be decomposed into a plurality of leading elements.
The segmentation criterion of information security java standard library is referred to as element, is basic test and appraisal assembly unit, and each leading element all has method of testing corresponding with it.
In the present embodiment, can further include after forming the assessment use-case template of different industries type and type of service respectively:
The assessment use-case template that forms is saved as assessment use-case ATL.
It is thus clear that assessment use-case ATL comprises a series of assessment use-case template, is the characteristics according to different industries, the set of the evaluation criteria detailed rules and regulations of setting up targetedly that are suitable for.
In the present embodiment, the body data logic of assessment use-case ATL is equal to the data hierarchy logic of information security java standard library basically.The promptly same hierarchical logic of class, subclass, assembly, element that adopts makes up.
The assessment use-case ATL of present embodiment has further been set up the incidence relation between each leading element and the method for testing under the framework of the data logic of information security java standard library, a leading element can be corresponding to one or more method of testings.
In the present embodiment, can also comprise before the step of the said assessment use-case template that forms different industries type and type of service respectively:
Preserve the pairing method of testing of each safety assessment content;
When forming assessment use-case template, set up the safety assessment content and the method for testing of being preserved between incidence relation.
During preservation can but be not limited to save as the method for testing storehouse, also can save as other form during practical application; The relevant determinant attribute in method of testing storehouse mainly comprises: method of testing title, method of testing content description, tested object, means of testing.
The logical organization in the method for testing storehouse in the present embodiment can be as shown in Figure 3.The method of testing storehouse comprises a plurality of method of testings; Such as the method for testing among Fig. 31 ..., method of testing M, according to concrete technical characterstic, each method of testing can be corresponding to the combination of one or more means of testing and tested object corresponding to a method of testing content description.Wherein, the combination of means of testing and tested object can but be not limited to save as the form of doublet, such as the doublet among Fig. 31 ..., doublet N; In the method for testing storehouse of present embodiment, the mapping relations of method of testing and doublet are one-to-manies.
Comprise multiple means of testing in the method for testing storehouse of present embodiment, such as the means of testing among Fig. 31 ..., means of testing n, also comprise multiple tested object, such as the tested object among Fig. 31 ..., tested object m; A tested object can have one or more means of testing, and a kind of means of testing can be used to test one or more tested objects.
Describe with an example below.In this example, comprise the tested object shown in table one in the method for testing storehouse, comprise the means of testing shown in table two.
Table one, tested object
Sequence number | The tested object classification |
1 | The network equipment |
2 | Operating system |
3 | Database |
4 | Application service |
5 | Operation system |
6 | Physical environment |
7 | Document |
8 | Personnel |
9 | Data |
Table two, means of testing
Sequence number | The means of testing classification |
1 | Vulnerability scanning |
2 | Penetration testing |
3 | Forensics analysis |
4 | The control desk audit |
5 | Applied in network performance test |
6 | Personnel's interview |
7 | The document examination |
8 | Field observation |
Can think that present embodiment is in assessment use-case ATL, to set up and preserved in the information security java standard library mapping relations (also not having man-to-man situation but do not get rid of) of the one-to-many between the method for testing in the leading element and method of testing storehouse.
In the present embodiment, can also comprise before the step of the assessment use-case instance of said structure project to be assessed:
Obtain project foundation data to be assessed, shown in table three, comprise type of service, industry type, tested object; Wherein tested object can show as the detailed assets information of project; Basic data can also comprise application characteristic in addition, and this is the general descriptor of using.
Table three, project foundation data to be assessed
Above-mentioned information is used to support to accomplish the structure of assessment use-case instance and test case instance when supporting to carry out the analysis and planning of project.
In the present embodiment, the generation of assessment use-case instance will be based on the type of service and corresponding industry type of evaluation item, selected suitable assessment use-case template; On this basis, can also adjust or cut out based on needs, generate assessment use-case instance security evaluation content wherein.Assessment use-case instance has determined the assessment content frame of an evaluation item.
Can find out; When new standard occurring; Only need to increase standard content;-and optionally suitably replenish the content in method of testing storehouse; Set up the incidence relation of method of testing in new standard content and the method for testing storehouse (can comprise newly-increased with original method of testing), can set up the assessment use-case template of new standard; When new industry type or application scenarios type occurring, utilize the security evaluation use-case template of having preserved to form new assessment use-case template and get final product.Adopt this technology, strengthened evaluation capacity extensibility, made things convenient for the accumulation of evaluate knowledge, improved the utilization ratio of evaluate knowledge.
In the present embodiment, according to the assessment use-case instance of this project to be assessed, and the selection of the tested object in this project to be assessed method of testing, the step that generates the test case instance specifically can comprise:
According to the assets information of project to be assessed, from the method for testing set that the assessment use-case instance of this project to be assessed is comprised, filter out the method for testing that the Asset Type in its tested object and the assets information matees;
In the method for testing that filters out, to classify according to means of testing, tested object, merger is a plurality of test case instances.
In the data association relation of assessment use-case instance, comprised the incidence relation of the method for testing of needs, this relation is in order to confirm the set of the method for testing that this project implementation data acquisition is suitable for; And whether each method of testing in the set of this method of testing really is suitable for, depend on project whether existed in the evaluation object and this method of testing in the assets of correlation type of tested object coupling.Therefore, the first step processing of generation test case is " confirming effective test case set ".The set side that obtains behind the categorical filtering under above-mentioned method of testing set each assets in evaluation object is the set of final effectively test case.
The application of test case instance; Generally be according to on-the-spot test required take the classification of means of testing, tested object divide the work tissue; Such as in the risk assessment project, carry out host computer system is carried out the control desk audit, be exactly that fixing special messenger implements.Therefore; Second step processing that generates the test case instance is the test case instantiation; Task is:, the test case set is put in order the test case instance that merger is used for convenient relevant test implementation personnel according to the engine request of field conduct test according to the means of testing classification.
The implementation process of an object lesson of present embodiment is as shown in Figure 4, at first carries out the basic data construction phase, sets up three databases shown in Fig. 4 dotted line top.
Wherein, preserve the evaluation criteria that every profession and trade type and type of service comprise in the information security java standard library, comprise the standard detailed rules and regulations of each evaluation criteria, and the multinomial safety assessment content in each standard detailed rules and regulations.
Preserve each method of testing in the method for testing storehouse, the combination of the corresponding method of testing content description (being the content measurement among Fig. 4) of each method of testing and one or more means of testing and tested object.
Preserve the assessment use-case template of every profession and trade in the assessment use-case ATL; In the assessment use-case template, comprise from the information security java standard library corresponding to the standard detailed rules and regulations and the safety assessment content of industry type and type of service, also comprise the mapping relations of one or more method of testings in each safety assessment content and the method for testing storehouse.
Assessment use-case ATL just can use in the evaluate application stage after setting up and accomplishing; Shown in dotted line below among Fig. 4; After starting safety assessment; Know the industry type and the type of service of project to be assessed according to project foundation information, in assessment use-case ATL, choose the assessment use-case template of coupling then in view of the above, form the assessment use-case instance of this project to be assessed; Then in the method for testing of the assessment use-case instance association that forms; Select the method for testing of the coupling of the Asset Type in the assets information in tested object and the project asset table to be assessed, from the method for testing storehouse, obtain selected method of testing and generate the test case set; According to means of testing and combine tested object classification, set divides into groups to obtain the corresponding test case instance of this project to be assessed again to test case at last.
Use assessment use-case instance and test case instance just can carry out safety assessment to project at last, just implement use-case and use, specifically how using can be with reference to existing evaluation scheme; After obtaining the backfill data; Based on test case instance and the mapping relations of assessing each standard detailed rules and regulations in the use-case instance; The backfill data can be automatically associated on the relevant standard detailed rules and regulations; Thereby support assessment personnel carry out comprehensively various basic test information, write the integration test result of corresponding standard detailed rules and regulations; So far, safety assessment finishes.
In another object lesson of present embodiment, the process of the generation of assessment use-case instance and test case instance is as shown in Figure 5, comprising:
Based on type of service and industry type in the project foundation information to be assessed, from assessment use-case ATL, select assessment use-case template earlier, structure assessment use-case instance is also preserved.
Extract the assessment use-case instance preserved then, structure safety assessment contents list, and the method for testing storehouse in the tabulation of the relevant method of testing that comprises (means of testing, tested object) doublet.
The method of testing of safety assessment relevance in the assessment use-case instance and the relationship map of actual tested object (being assets in this example) are set up and preserved to withdrawal of assets information from project foundation information to be assessed;
The method of testing of no corresponding tested object (being assets) in the filtering assessment use-case instance according to means of testing and combine the tested object classification, is gathered method of testing and is divided into groups again;
Again the test case instance that obtains after dividing into groups is kept in the test case case library; Finish.
Based on the mapping relations of respectively assessing detailed rules and regulations in test case instance and the assessment use-case instance; Backfill data in the multiple test case instance; Can be automatically associated on the relevant assessment detailed rules and regulations; Thereby support assessment personnel carry out comprehensively various basic test information, write the integration test result of corresponding assessment detailed rules and regulations.
Certainly; The present invention also can have other various embodiments; Under the situation that does not deviate from spirit of the present invention and essence thereof; Those of ordinary skill in the art work as can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection domain of claim of the present invention.
Claims (10)
1. the generation method of the enforcement use-case of an Information Security Evaluation comprises:
Preserve each item evaluation criteria, wherein, said each item evaluation criteria comprises each self-corresponding safety assessment content;
Form the assessment use-case template of different industries type and type of service respectively; The safety assessment content that each item evaluation criteria that industry type and type of service were comprised under said assessment use-case template comprised is corresponding, and the pairing method of testing of each safety assessment content;
Type of service, industry type according to project to be assessed are selected corresponding assessment use-case template, construct the assessment use-case instance of this project to be assessed;
According to the assessment use-case instance of this project to be assessed, and the tested object in this project to be assessed is selected method of testing, generation test case instance.
2. the method for claim 1 is characterized in that:
The pairing safety assessment content of each item evaluation criteria is saved as the information security java standard library.
3. method as claimed in claim 2 is characterized in that:
According to the stratification incidence relation of evaluation criteria, in the information security java standard library, set up hierarchical logic, under standard, comprise a plurality of types; Each class comprises a plurality of subclasses; Each subclass comprises a plurality of assemblies, and assembly can also be decomposed into a plurality of leading elements, and each leading element is corresponding with method of testing.
4. method as claimed in claim 3 is characterized in that, also comprises after forming the step of assessment use-case template of different industries type and type of service respectively:
The assessment use-case template that forms is saved as assessment use-case ATL.
5. method as claimed in claim 4 is characterized in that, also comprises before the step of the said assessment use-case template that forms different industries type and type of service respectively:
Preserve the pairing method of testing of each safety assessment content;
When forming assessment use-case template, set up the safety assessment content and the method for testing of being preserved between incidence relation.
6. method as claimed in claim 5 is characterized in that:
The pairing method of testing of each safety assessment content is saved as the method for testing storehouse; The determinant attribute in method of testing storehouse comprises: method of testing title, method of testing content description, tested object, means of testing.
7. method as claimed in claim 6 is characterized in that:
The method of testing storehouse comprises a plurality of method of testings, and each method of testing is corresponding to a method of testing content description, corresponding to the combination of one or more means of testing and tested object.
8. method as claimed in claim 6 is characterized in that:
The combination of means of testing and tested object saves as the form of doublet;
A tested object has one or more means of testing, and a kind of means of testing is used to test one or more tested objects.
9. like each described method in the claim 1 to 8, it is characterized in that, also comprise before the step of the assessment use-case instance of said structure project to be assessed:
Obtain project foundation data to be assessed, comprise type of service, industry type, tested object.
10. method as claimed in claim 9 is characterized in that, according to the assessment use-case instance of this project to be assessed, and the selection of the tested object in this project to be assessed method of testing, the step that generates the test case instance specifically can comprise:
According to the assets information of project to be assessed, from the method for testing set that the assessment use-case instance of this project to be assessed is comprised, filter out the method for testing that the Asset Type in its tested object and the assets information matees;
In the method for testing that filters out, to classify according to means of testing, merger is a plurality of test case instances.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110397550.8A CN102495731B (en) | 2011-12-02 | 2011-12-02 | Generation method of embodiment for information safety evaluation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110397550.8A CN102495731B (en) | 2011-12-02 | 2011-12-02 | Generation method of embodiment for information safety evaluation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102495731A true CN102495731A (en) | 2012-06-13 |
CN102495731B CN102495731B (en) | 2014-12-10 |
Family
ID=46187559
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201110397550.8A Expired - Fee Related CN102495731B (en) | 2011-12-02 | 2011-12-02 | Generation method of embodiment for information safety evaluation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102495731B (en) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104331366A (en) * | 2014-10-30 | 2015-02-04 | 北京思特奇信息技术股份有限公司 | Test case design efficiency promotion method and system |
CN106845257A (en) * | 2017-02-09 | 2017-06-13 | 北京启明星辰信息安全技术有限公司 | One kind etc. is protected analysis method and waits guarantor's analysis system |
CN107783901A (en) * | 2017-09-26 | 2018-03-09 | 深圳市牛鼎丰科技有限公司 | Method for generating test case, device, computer equipment and storage medium |
CN108629682A (en) * | 2018-05-07 | 2018-10-09 | 平安普惠企业管理有限公司 | User's financial risks appraisal procedure, device, equipment and readable storage medium storing program for executing |
CN109598334A (en) * | 2018-12-03 | 2019-04-09 | 中国信息安全测评中心 | A kind of sample generating method and device |
CN111178753A (en) * | 2019-12-27 | 2020-05-19 | 重庆大学 | Information service-oriented safety capability level grading evaluation method |
CN112949176A (en) * | 2021-02-28 | 2021-06-11 | 杭州翔毅科技有限公司 | Artificial intelligence industry standard test evaluation method |
CN113419961A (en) * | 2021-07-09 | 2021-09-21 | 平安国际智慧城市科技股份有限公司 | Method, device, equipment and storage medium for establishing case library for business test |
CN113742222A (en) * | 2021-08-20 | 2021-12-03 | 许继集团有限公司 | Automatic generation method and test method for server communication test case |
CN114884705A (en) * | 2022-04-22 | 2022-08-09 | 方圆标志认证集团浙江有限公司 | Method and system for generating implementation case for information security assessment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060265691A1 (en) * | 2005-05-20 | 2006-11-23 | Business Machines Corporation | System and method for generating test cases |
CN101339534A (en) * | 2008-06-17 | 2009-01-07 | 金蝶软件(中国)有限公司 | Software test apparatus and test method |
CN101562535A (en) * | 2009-05-22 | 2009-10-21 | 公安部第三研究所 | Closed loop type information system security class assessment tool |
CN102103540A (en) * | 2011-03-23 | 2011-06-22 | 镇江睿泰信息科技有限公司 | Cloud test device and method for general software system |
-
2011
- 2011-12-02 CN CN201110397550.8A patent/CN102495731B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060265691A1 (en) * | 2005-05-20 | 2006-11-23 | Business Machines Corporation | System and method for generating test cases |
CN101339534A (en) * | 2008-06-17 | 2009-01-07 | 金蝶软件(中国)有限公司 | Software test apparatus and test method |
CN101562535A (en) * | 2009-05-22 | 2009-10-21 | 公安部第三研究所 | Closed loop type information system security class assessment tool |
CN102103540A (en) * | 2011-03-23 | 2011-06-22 | 镇江睿泰信息科技有限公司 | Cloud test device and method for general software system |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104331366A (en) * | 2014-10-30 | 2015-02-04 | 北京思特奇信息技术股份有限公司 | Test case design efficiency promotion method and system |
CN106845257A (en) * | 2017-02-09 | 2017-06-13 | 北京启明星辰信息安全技术有限公司 | One kind etc. is protected analysis method and waits guarantor's analysis system |
CN107783901A (en) * | 2017-09-26 | 2018-03-09 | 深圳市牛鼎丰科技有限公司 | Method for generating test case, device, computer equipment and storage medium |
CN107783901B (en) * | 2017-09-26 | 2020-05-12 | 深圳市牛鼎丰科技有限公司 | Test case generation method and device, computer equipment and storage medium |
CN108629682A (en) * | 2018-05-07 | 2018-10-09 | 平安普惠企业管理有限公司 | User's financial risks appraisal procedure, device, equipment and readable storage medium storing program for executing |
CN109598334B (en) * | 2018-12-03 | 2021-06-29 | 中国信息安全测评中心 | Sample generation method and device |
CN109598334A (en) * | 2018-12-03 | 2019-04-09 | 中国信息安全测评中心 | A kind of sample generating method and device |
CN111178753A (en) * | 2019-12-27 | 2020-05-19 | 重庆大学 | Information service-oriented safety capability level grading evaluation method |
CN112949176A (en) * | 2021-02-28 | 2021-06-11 | 杭州翔毅科技有限公司 | Artificial intelligence industry standard test evaluation method |
CN113419961A (en) * | 2021-07-09 | 2021-09-21 | 平安国际智慧城市科技股份有限公司 | Method, device, equipment and storage medium for establishing case library for business test |
CN113742222A (en) * | 2021-08-20 | 2021-12-03 | 许继集团有限公司 | Automatic generation method and test method for server communication test case |
CN113742222B (en) * | 2021-08-20 | 2024-04-09 | 河南源网荷储电气研究院有限公司 | Automatic generation method and test method for server communication test cases |
CN114884705A (en) * | 2022-04-22 | 2022-08-09 | 方圆标志认证集团浙江有限公司 | Method and system for generating implementation case for information security assessment |
Also Published As
Publication number | Publication date |
---|---|
CN102495731B (en) | 2014-12-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102495731B (en) | Generation method of embodiment for information safety evaluation | |
US10282370B1 (en) | Data processing systems for generating and populating a data inventory | |
US20090055382A1 (en) | Automatic Peer Group Formation for Benchmarking | |
Anza et al. | Developing E-government maturity framework based on COBIT 5 and implementing in city level: Case study Depok city and South Tangerang city | |
Unsal et al. | Technology management capability: Definition and its measurement | |
Avent-Holt et al. | Relational inequality: Gender earnings inequality in US and Japanese manufacturing plants in the early 1980s | |
CN103577915A (en) | Task allocation management system and method | |
CN101799809A (en) | Data mining method and system | |
Vuko et al. | Controlling and business efficiency | |
CN107480188B (en) | Audit service data processing method and computer equipment | |
Ward et al. | Creating past habitat maps to quantify local extirpation of Australian threatened birds | |
Dutra et al. | Opportunities for research on evaluation of seaport performance: A systemic analysis from international literature | |
Boselli et al. | Inconsistency knowledge discovery for longitudinal data management: A model-based approach | |
US20110082839A1 (en) | Generating intellectual property intelligence using a patent search engine | |
Volk et al. | How much is Big Data? A Classification Framework for IT Projects and Technologies. | |
Sen et al. | Intellectual Capital Disclosure of Select Pharmaceutical and Software Companies in India. | |
Besrour et al. | Investigating requirement engineering techniques in the context of small and medium software enterprises | |
Galeitzke et al. | Sustainability strategies in german small and medium-sized companies | |
Zhu et al. | How do platform cooperatives contribute to sustainable development goals? | |
US20150066576A1 (en) | Collaborative Audit Management System | |
Paixão et al. | Mapping perceptions about the influence of critical success factors in BPM initiatives | |
US20130339372A1 (en) | System and method for contexual ranking of information facets | |
Bogus et al. | A Model to Determine Optimal Numbers of Monograph Copies for Preservation in Shared Print Collections | |
RU105492U1 (en) | AUTOMATED SYSTEM FOR REALIZATION OF REQUESTS OF THE MANAGEMENT BODY TO SUBSIDIARY STRUCTURE ELEMENTS ON THE BASIS OF MODIFIED EXCEL TABLES | |
CN111209330A (en) | Method and system for identifying consistent actor |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20141210 Termination date: 20211202 |
|
CF01 | Termination of patent right due to non-payment of annual fee |