CN102663503A - Information security assessment method - Google Patents
Information security assessment method Download PDFInfo
- Publication number
- CN102663503A CN102663503A CN2012100975619A CN201210097561A CN102663503A CN 102663503 A CN102663503 A CN 102663503A CN 2012100975619 A CN2012100975619 A CN 2012100975619A CN 201210097561 A CN201210097561 A CN 201210097561A CN 102663503 A CN102663503 A CN 102663503A
- Authority
- CN
- China
- Prior art keywords
- index
- leaf
- assessment
- goal systems
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an information security assessment method, and purposes of raising the accuracy of a security assessment result and raising security assessment efficiency can be reached. The method comprises the following steps of: establishing a standard evaluation index tree according to an information security attribute and a device parameter of a target system; based on the established standard evaluation index tree, using an analytic hierarchy process to determine a weight of each index in the standard evaluation index tree; taking values of all leaf indexes as the assessment source data, and carrying out normalization to obtain source values of the leaf indexes; according to the source values of the leaf indexes, evaluating the leaf indexes in the standard evaluation index tree to obtain an evaluation values of all leaf indexes; based on the established standard evaluation index tree, according to the evaluation values and weights of the leaf indexes, carrying out evaluation calculation; and generating an information security assessment result of the target system.
Description
Technical field
The present invention relates to Information Security Evaluation metric tree constructing technology, belong to the Information Security Evaluation field, be specifically related to a kind of Method of Information Security Evaluation.
Background technology
Existing Information Security Evaluation technology is mainly carried out the assessment of Information Security according to " Information Technology Security Evaluation Common Criteria CC (ISO15408) ", ISO17799 information security management standard, SSE-CMM (System Security Engineering-Capability Maturity Model) and the world, national criterion and standards such as " information system security class protection test and appraisal criterions "; But these criterions and standard; It is respectively certain side from information security; Set out like technology, management, process etc., be difficult to science, reflect the security of information comprehensively and systematically.
In existing Information Security Evaluation technology; Because the unified evaluation criteria of neither one still, in the Information Security Evaluation process, great majority are according to professional person or expert opinion; The method that adopts marking to gather; Make different evaluators usually to occur assessment result deficiency in objective property and drawn different assessment results by evaluation object, so just reduced the safety assessment result's of infosystem accuracy same.
In addition, receive the restriction of evaluation criteria and appraisal procedure present situation, the related master data of the assessment tool software in the existing Information Security Evaluation technology needs artificial collection and processing, has so just reduced the efficient of whole evaluation process.
Summary of the invention
In view of this, the invention provides a kind of Method of Information Security Evaluation, to reach accuracy that improves the safety assessment result and the purpose that improves safety assessment efficient.
The detailed process that adopts method provided by the present invention to carry out Information Security Evaluation is described below:
Totally five layers of the criterion evaluation metric tree of being set up are followed successively by from top to bottom: the root index is the target system information security; Second layer index is a security attribute, comprises confidentiality, integrality, availability and non-repudiation; The 3rd layer of sub-index of attribute that index is each security attribute, the sub-index of the attribute of each security attribute includes physical environment, topological structure, performance and reliability, security function, policy configurations and management system; The 4th layer of index is the related equipment of the sub-index of each attribute; The layer 5 index is the device parameter of each equipment, and said device parameter is the performance index of corresponding device under the sub-index of respective attributes, and the type of the device parameter of identical device under the sub-index of different attribute is different; With each device parameter as a leaf index.
Step 2, based on the criterion evaluation metric tree of being set up, adopt analytical hierarchy process, confirm the weight of each index in this criterion evaluation metric tree.
Step 3, all leaves are referred to that target value as the assessment source data, and carries out normalization, obtain the score value of leaf index.
Said normalization is specially: if the assessment source data type is a Boolean type, then " very " with these Boolean type data is designated as 1, and " vacation " is designated as 0; Otherwise,, in knowledge base, search the corresponding linear mapping relation of this device parameter according to this assessment source data and corresponding device parameter; The linear mapping relation is used for the device parameter span of setting [a, b], and linear mapping is to [0; 1], should assess source data and a and b and compare respectively, if this assessment source data maybe should be assessed source data greater than b less than a; Then in knowledge base, a or the b of said span correspondingly replaced with this assessment source data; Otherwise, do not replace; After relatively accomplishing,, adopt said linear mapping relation, obtain the normalization result that said assessment source data is shone upon according to said assessment source data and corresponding device parameter, and as the score value of leaf index.
Step 4, according to the score value of said leaf index, leaf index in the said criterion evaluation metric tree is assessed, obtain the assessed value of all leaf indexs.
For the key equipment in the goal systems; If the key equipment of two or more same types is arranged under the sub-index of same attribute; Then for the identical leaf index under this key equipment, with the minimum score value of these identical leaf indexs assessed value as these leaf indexs; Otherwise, with the score value of said leaf index directly as the assessed value of corresponding leaf index.
For the non-critical devices in the goal systems; If the non-critical devices of two or more same types is arranged under the sub-index of same attribute; Then, the score value of these identical leaf indexs is made the assessed value that arithmetic on average obtains these leaf indexs for the identical leaf index under this non-critical devices; Otherwise, with the score value of said leaf index directly as the assessed value of corresponding leaf index.
Step 5, evaluates calculation.
In said criterion evaluation metric tree; Weight according to leaf index evaluation value and this leaf index; Adopt calculated with weighted average method to obtain corresponding father's desired value, calculate from the bottom up, finally can obtain the root desired value also with of the security scoring of this root desired value as goal systems with this.
Step 6, generation assessment result.
With the security scoring of resulting goal systems, compare with given system standard assessment result, can obtain the assessment result of goal systems; Given assessment result comprises safe, dangerous and the basic security Three Estate, and each grade is corresponding to the scoring scope of setting.
After obtaining the assessment result of goal systems; Each leaf index score value that step 3 is obtained compares with the security scoring of goal systems respectively; If leaf index score value is lower than the security scoring of goal systems, then with the pairing device parameter of this leaf index score value as tender spots, according to resulting tender spots; Search preset tender spots improvement table; Obtain corresponding measures to rectify and reform, and the measures to rectify and reform of all tender spots are gathered and tabulate, with the safety assessment conclusion of this tabulation as goal systems.Said tender spots improvement table is stored in the said knowledge base.
After obtaining the safety assessment conclusion of goal systems; According to safety assessment conclusion table; Said tender spots is improved processing; The order of improve handling is to begin to carry out from the minimum tender spots of leaf index score value, and tender spots is improved processing successively by leaf index score value is ascending, finally accomplishes the improvement work of treatment of goal systems.
Beneficial effect:
Method provided by the present invention; In setting up criterion evaluation metric tree process, involved device parameter is comparatively comprehensive, and promptly data source is than horn of plenty; And adopt minimum point-score and arithmetic mean method to carry out leaf index assignment; Do not need the operation of artificial assignment, so just improved safety assessment result's accuracy, thereby reached the purpose that improves safety assessment efficient.
Description of drawings
Fig. 1 is for adopting the process flow diagram of method provided by the present invention;
Fig. 2 is for adopting Information Security Evaluation metric tree synoptic diagram provided by the present invention;
Fig. 3 is an ABC system information safety evaluation index tree synoptic diagram provided by the present invention.
Embodiment
Below in conjunction with accompanying drawing also for example, describe the present invention.
The invention provides a kind of Method of Information Security Evaluation, Fig. 1 shows the process flow diagram of this method, and the concrete steps of this method are:
S00, according to the information security attribute and the device parameter of goal systems, set up the criterion evaluation metric tree.
Totally five layers of the criterion evaluation metric tree of being set up are followed successively by from top to bottom: the root index is the target system information security; Second layer index is a security attribute, comprises confidentiality, integrality, availability and non-repudiation; The 3rd layer of sub-index of attribute that index is each security attribute, the sub-index of each attribute includes physical environment, topological structure, performance and reliability, security function, policy configurations and management system; The 4th layer of index is the related equipment of the sub-index of each attribute, comprises switch, router, fire wall, server, vulnerability scanning equipment, key distribution management equipment, intrusion detection device, authentication device, user terminal, end-to-end encryption machine, link encryption machine and network encryption machine; The layer 5 index is the device parameter of each equipment, with each device parameter as a leaf index.
Said device parameter is the performance index of corresponding device under the sub-index of respective attributes; The type of the device parameter of identical device under the sub-index of different attribute is different; For example: when security attribute is a confidentiality, the server leaf index of wherein secret temper index security function comprises identity discriminating, user right classification, differentiates failure processings, session locking, password encryption storage, audit management, clock synchronization, failover capability, resource storage security and the warning of service horizontal detection; And the server leaf index of secret temper index policy configurations comprises that safe anti-virus software, anti-virus unified management, password length, password complexity, password replacement cycle, the restriction of default user authority, minimum service and mobile device access are controlled.The final criterion evaluation metric tree of setting up is as shown in Figure 2.
S01, based on the criterion evaluation metric tree of being set up, adopt analytical hierarchy process, can confirm the weight of each index in this criterion evaluation metric tree.Said analytical hierarchy process is: in the criterion evaluation metric tree of being set up; Choose a level; The importance of each index in this layer about a certain criterion in the last layer is compared in twos, can obtain the judgment matrix of selected level, find the solution the proper vector of this judgment matrix; Resultant proper vector is carried out normalization, and the element in will the proper vector after normalization is as the index weight of selected level.
S02, all leaves are referred to that target value as the assessment source data, and carries out normalization, obtain the score value of leaf index.
Said normalization is specially: if the assessment source data type is a Boolean type, then " very " with these Boolean type data is designated as 1, and " vacation " is designated as 0; Otherwise,, in knowledge base, search the corresponding linear mapping relation of this device parameter according to this assessment source data and corresponding device parameter; The linear mapping relation is used for the device parameter span of setting [a, b], and linear mapping is to [0; 1], should assess source data and a and b and compare respectively, if this assessment source data maybe should be assessed source data greater than b less than a; Then in knowledge base, a or the b of said span correspondingly replaced with this assessment source data; Otherwise, do not replace; After relatively accomplishing,, adopt said linear mapping relation, obtain the normalization result that said assessment source data is shone upon according to said assessment source data and corresponding device parameter, and as the score value of leaf index.
Said linear mapping relation is: [(x-a)/(b-a)] * (1-0), wherein, x is the assessment source data.
S03, according to the score value of said leaf index, leaf index in the said criterion evaluation metric tree is assessed, obtain the assessed value of all leaf indexs.
For the key equipment in the goal systems; If the key equipment of two or more same types is arranged under the sub-index of same attribute; Then for the identical leaf index under this key equipment, with the minimum score value of these identical leaf indexs assessed value as these leaf indexs; Otherwise, with the score value of said leaf index directly as the assessed value of corresponding leaf index.
For the non-critical devices in the goal systems; If the non-critical devices of two or more same types is arranged under the sub-index of same attribute; Then, the score value of these identical leaf indexs is made the assessed value that arithmetic on average obtains these leaf indexs for the identical leaf index under this non-critical devices; Otherwise, with the score value of said leaf index directly as the assessed value of corresponding leaf index.
Said key equipment comprises server, fire wall, vulnerability scanning equipment, key distribution management equipment, intrusion detection device, authentication device, end-to-end encryption machine, link encryption machine and the network encryption machine of all devices of said physical environment, said security function and policy configurations.
S04, evaluates calculation;
In said criterion evaluation metric tree; Weight according to leaf index evaluation value and this leaf index; Adopt calculated with weighted average method to obtain corresponding father's desired value, calculate from the bottom up, finally can obtain the root desired value also with of the security scoring of this root desired value as goal systems with this.The security scoring scope of goal systems is 0~1.
S05, generation assessment result;
With the security scoring of resulting goal systems, compare with given system standard assessment result, can obtain the assessment result of goal systems; Given assessment result comprises safe, dangerous and the basic security Three Estate, and each grade is corresponding to the scoring scope of setting.
Each leaf index score value is compared with the security of goal systems scoring respectively; If leaf index score value is lower than the security scoring of goal systems; Then with the pairing device parameter of this leaf index score value as tender spots; According to resulting tender spots, search preset tender spots improvement table (tender spots improvement table is stored in the knowledge base), obtain corresponding measures to rectify and reform; And the measures to rectify and reform of all tender spots are gathered and tabulate, with the safety assessment conclusion of this tabulation as goal systems.
Operating personnel can be with reference to safety assessment conclusion table; Tender spots is improved processing; The order of improve handling is to begin to carry out from the minimum tender spots of leaf index score value, improves processing successively by leaf index score value is ascending, finally accomplishes the improvement work of treatment of goal systems.Such improvement processing mode makes comparatively obvious for the improvement treatment effect of goal systems.
Bright for instance below said method.
As goal systems, the process of this goal systems being carried out Information Security Evaluation is with one " ABC system ":
S00, according to the information security attribute and the device parameter of goal systems, set up the criterion evaluation metric tree.
Totally five layers of " ABC system " criterion evaluation metric tree of being set up, be followed successively by from top to bottom: the root index is " ABC system " Information Security; Second layer index is a security attribute, comprises confidentiality, integrality, availability and non-repudiation; The 3rd layer of sub-index of attribute that index is each security attribute, the sub-index of the attribute of each security attribute includes physical environment, topological structure, performance and reliability, security function, policy configurations and management system; The 4th layer of index is the related equipment of the sub-index of each attribute, comprises 1 station server A, 1 user terminal B and 1 switch C; The layer 5 index is the device parameter of each equipment; With each device parameter as a leaf index; For example, the leaf index of the server A of policy configurations comprises that installation anti-virus software, anti-virus unified management, password length, password complexity, password replacement cycle, the restriction of default user authority, minimum service, mobile device insert controlled; The leaf index of the switch C of policy configurations comprises password length, password complexity and password replacement cycle.The leaf index of the server A of performance and reliability comprises that hardware redundancy and professional the automatic switchover recover; The leaf index of the switch C of performance and reliability comprises Redundancy Design, transfer capability, buffer memory forwarding and cache size.Final " ABC system " Information Security Evaluation metric tree of setting up is as shown in Figure 3.
S01, based on the criterion evaluation metric tree of being set up, adopt analytical hierarchy process, can confirm the weight of each index in this criterion evaluation metric tree.For example, the sub-index of confidentiality: the leaf index weight of the switch C of policy configurations is respectively: the weight of password length is 0.4; The weight of password complexity is 0.4; The weight of password replacement cycle is 0.2.
S02, all leaves are referred to that target value as the assessment source data, and carries out normalization, obtain the score value of leaf index.For example: the value of the installation anti-virus software of policy configurations is " very ", and promptly assessing source data type is Boolean type, and then the score value with the installation anti-virus software of policy configurations is designated as " 1 ".The value of the password replacement cycle of policy configurations is 10, and promptly assessing source data type is integer type, in knowledge base, searches the setting numerical range [6,12] of password stored replacement cycle, and decidable 10 is being set within the numerical range [6,12], so do not replace.Utilize linear mapping relation [(10-6)/(12-6)] * (1-0), the assessment source score value that calculates the password replacement cycle of policy configurations is 0.667.
S03, according to the score value of said leaf index, all the leaf indexs in " ABC system " Information Security Evaluation metric tree are assessed, obtain the assessed value of all leaf indexs.For example: the server A of policy configurations belongs to key equipment; For its leaf index anti-virus software is installed; In " ABC system " except server A; Do not have other servers again, the score value that the leaf index that so step S02 is calculated is installed anti-virus software is directly as the assessed value of this installation anti-virus software.Simultaneously, the assessed value of leaf index password length that calculates the switch C of policy configurations is 0.8, and the assessed value of password complexity is 0.9, and the assessed value of password replacement cycle is 0.4.If also comprise server B and server C under the policy configurations, then anti-virus software, the minimum score value M of the installation anti-virus software of calculation server A, B, C are installed for the leaf index under the such equipment of server
Min, with M
MinAssessed value as this leaf index of installation anti-virus software of Servers-all under the policy configurations.
S04, evaluates calculation.
For example; Switch C for policy configurations; Weight and assessed value according to the resulting password length of above-mentioned steps, password complexity, password replacement cycle three; The desired value that adopts calculated with weighted average method to obtain the switch C of policy configurations is: 0.8 * 0.4+0.9 * 0.4+0.4 * 0.2=0.76, to calculate from the bottom up with this, and the security scoring that finally can obtain root index " ABC system " is 0.8.
S05, generation assessment result.
For example; Assessed value for leaf index password replacement cycle of the switch C of policy configurations is 0.4, and the security scoring 0.8 of " the ABC system " that obtains according to step S04 can know that the leaf index password replacement cycle of the switch C of policy configurations is a tender spots; According to this tender spots; Search preset tender spots improvement table, can obtain its measures to rectify and reform and be " shortening the password replacement cycle ", and these measures to rectify and reform are aggregated in the safety assessment conclusion table of " ABC system ".
In sum, more than being merely preferred embodiment of the present invention, is not to be used to limit protection scope of the present invention.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (4)
1. a Method of Information Security Evaluation is characterized in that, the concrete steps of this method are described below:
Step 1, according to the information security attribute and the device parameter of goal systems, set up the criterion evaluation metric tree;
Totally five layers of the criterion evaluation metric tree of being set up are followed successively by from top to bottom: the root index is the target system information security; Second layer index is a security attribute, comprises confidentiality, integrality, availability and non-repudiation; The 3rd layer of sub-index of attribute that index is each security attribute, the sub-index of the attribute of each security attribute includes physical environment, topological structure, performance and reliability, security function, policy configurations and management system; The 4th layer of index is the related equipment of the sub-index of each attribute; The layer 5 index is the device parameter of each equipment, and said device parameter is the performance index of corresponding device under the sub-index of respective attributes, and the type of the device parameter of identical device under the sub-index of different attribute is different; With each device parameter as a leaf index;
Step 2, based on the criterion evaluation metric tree of being set up, adopt analytical hierarchy process, confirm the weight of each index in this criterion evaluation metric tree;
Step 3, all leaves are referred to that target value as the assessment source data, and carries out normalization, obtain the score value of leaf index;
Said normalization is specially: if the assessment source data type is a Boolean type, then " very " with these Boolean type data is designated as 1, and " vacation " is designated as 0; Otherwise,, in knowledge base, search the corresponding linear mapping relation of this device parameter according to this assessment source data and corresponding device parameter; The linear mapping relation is used for the device parameter span of setting [a, b], and linear mapping is to [0; 1], should assess source data and a and b and compare respectively, if this assessment source data maybe should be assessed source data greater than b less than a; Then in knowledge base, a or the b of said span correspondingly replaced with this assessment source data; Otherwise, do not replace; After relatively accomplishing,, adopt said linear mapping relation, obtain the normalization result that said assessment source data is shone upon according to said assessment source data and corresponding device parameter, and as the score value of leaf index;
Step 4, according to the score value of said leaf index, leaf index in the said criterion evaluation metric tree is assessed, obtain the assessed value of all leaf indexs;
For the key equipment in the goal systems; If the key equipment of two or more same types is arranged under the sub-index of same attribute; Then for the identical leaf index under this key equipment, with the minimum score value of these identical leaf indexs assessed value as these leaf indexs; Otherwise, with the score value of said leaf index directly as the assessed value of corresponding leaf index;
For the non-critical devices in the goal systems; If the non-critical devices of two or more same types is arranged under the sub-index of same attribute; Then, the score value of these identical leaf indexs is made the assessed value that arithmetic on average obtains these leaf indexs for the identical leaf index under this non-critical devices; Otherwise, with the score value of said leaf index directly as the assessed value of corresponding leaf index;
Step 5, evaluates calculation;
In said criterion evaluation metric tree; Weight according to leaf index evaluation value and this leaf index; Adopt calculated with weighted average method to obtain corresponding father's desired value, calculate from the bottom up, finally can obtain the root desired value also with of the security scoring of this root desired value as goal systems with this;
Step 6, generation assessment result;
With the security scoring of resulting goal systems, compare with given system standard assessment result, can obtain the assessment result of goal systems; Given assessment result comprises safe, dangerous and the basic security Three Estate, and each grade is corresponding to the scoring scope of setting.
2. the method for claim 1 is characterized in that, obtain the assessment result of goal systems through step 6 after; Each leaf index score value that said step 3 is obtained compares with the security scoring of goal systems respectively; If leaf index score value is lower than the security scoring of goal systems, then with the pairing device parameter of this leaf index score value as tender spots, according to resulting tender spots; Search preset tender spots improvement table; Obtain corresponding measures to rectify and reform, and the measures to rectify and reform of all tender spots are gathered and tabulate, with the safety assessment conclusion of this tabulation as goal systems.
3. method as claimed in claim 2; It is characterized in that, after obtaining the safety assessment conclusion of goal systems, according to safety assessment conclusion table; Said tender spots is improved processing; The order of improve handling is to begin to carry out from the minimum tender spots of leaf index score value, and tender spots is improved processing successively by leaf index score value is ascending, finally accomplishes the improvement work of treatment of goal systems.
4. method as claimed in claim 2 is characterized in that, said tender spots improvement table is stored in the said knowledge base.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012100975619A CN102663503A (en) | 2012-04-05 | 2012-04-05 | Information security assessment method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012100975619A CN102663503A (en) | 2012-04-05 | 2012-04-05 | Information security assessment method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102663503A true CN102663503A (en) | 2012-09-12 |
Family
ID=46772984
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012100975619A Pending CN102663503A (en) | 2012-04-05 | 2012-04-05 | Information security assessment method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102663503A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103366258A (en) * | 2013-07-30 | 2013-10-23 | 国家电网公司 | Method for evaluating indexes of hydroelectric production management system |
| CN104320271A (en) * | 2014-10-20 | 2015-01-28 | 北京神州绿盟信息安全科技股份有限公司 | Network device security evaluation method and device |
| CN105450512A (en) * | 2015-12-30 | 2016-03-30 | 中电长城网际系统应用有限公司 | Mail security analysis method and device based on OSI seven-layer protocol |
| CN106295356A (en) * | 2016-08-24 | 2017-01-04 | 浪潮电子信息产业股份有限公司 | A kind of Host Security rank statistical method based on SSR product |
| CN106570633A (en) * | 2016-11-04 | 2017-04-19 | 中软信息系统工程有限公司 | Index system evaluation method based on weight design |
| CN107122884A (en) * | 2017-03-24 | 2017-09-01 | 中国电力科学研究院 | The appraisal procedure and device of a kind of electrical power distribution automatization system protecting information safety |
| CN107292174A (en) * | 2016-03-31 | 2017-10-24 | 中国电子科技集团公司电子科学研究院 | A kind of cloud computing system security assessment method and device |
| CN109063411A (en) * | 2018-06-29 | 2018-12-21 | 中国电子科技集团公司第二十八研究所 | It is a kind of based on system interoperability maturity assessment application, facility, data attribute metric tree calculation method |
| CN109361696A (en) * | 2018-11-29 | 2019-02-19 | 重庆大学 | A kind of safety classification method towards trust on-line |
| CN109450956A (en) * | 2018-12-29 | 2019-03-08 | 北京奇安信科技有限公司 | Internet security appraisal procedure, system, medium and calculating equipment |
| CN110689211A (en) * | 2018-07-04 | 2020-01-14 | 北京国双科技有限公司 | Method and device for evaluating website service capability |
| CN113657726A (en) * | 2021-07-29 | 2021-11-16 | 广西友迪资讯科技有限公司 | Personnel risk analysis method based on random forest |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101226614A (en) * | 2008-01-29 | 2008-07-23 | 四川大学 | Method for estimation of network assets essentiality |
| CN101246569A (en) * | 2008-02-28 | 2008-08-20 | 江苏省电力试验研究院有限公司 | Electric network energy quality synthetic appraisement method based on analytic hierarchy process and fuzzy algorithm |
| CN101727627A (en) * | 2009-12-16 | 2010-06-09 | 工业和信息化部电子第五研究所 | Information system security risk assessment model based on combined evaluation method |
| CN102207955A (en) * | 2008-06-05 | 2011-10-05 | 国际商业机器公司 | Context-based security policy evaluation using weighted search trees |
-
2012
- 2012-04-05 CN CN2012100975619A patent/CN102663503A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101226614A (en) * | 2008-01-29 | 2008-07-23 | 四川大学 | Method for estimation of network assets essentiality |
| CN101246569A (en) * | 2008-02-28 | 2008-08-20 | 江苏省电力试验研究院有限公司 | Electric network energy quality synthetic appraisement method based on analytic hierarchy process and fuzzy algorithm |
| CN102207955A (en) * | 2008-06-05 | 2011-10-05 | 国际商业机器公司 | Context-based security policy evaluation using weighted search trees |
| CN101727627A (en) * | 2009-12-16 | 2010-06-09 | 工业和信息化部电子第五研究所 | Information system security risk assessment model based on combined evaluation method |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103366258B (en) * | 2013-07-30 | 2016-09-07 | 国家电网公司 | Water power production management system index Evaluation Method |
| CN103366258A (en) * | 2013-07-30 | 2013-10-23 | 国家电网公司 | Method for evaluating indexes of hydroelectric production management system |
| CN104320271A (en) * | 2014-10-20 | 2015-01-28 | 北京神州绿盟信息安全科技股份有限公司 | Network device security evaluation method and device |
| CN104320271B (en) * | 2014-10-20 | 2017-11-21 | 北京神州绿盟信息安全科技股份有限公司 | A kind of network equipment safety evaluation method and device |
| CN105450512A (en) * | 2015-12-30 | 2016-03-30 | 中电长城网际系统应用有限公司 | Mail security analysis method and device based on OSI seven-layer protocol |
| CN105450512B (en) * | 2015-12-30 | 2019-02-15 | 中电长城网际系统应用有限公司 | A kind of mail security analysis method and device based on seven layer protocol of OSI |
| CN107292174A (en) * | 2016-03-31 | 2017-10-24 | 中国电子科技集团公司电子科学研究院 | A kind of cloud computing system security assessment method and device |
| CN106295356A (en) * | 2016-08-24 | 2017-01-04 | 浪潮电子信息产业股份有限公司 | A kind of Host Security rank statistical method based on SSR product |
| CN106570633A (en) * | 2016-11-04 | 2017-04-19 | 中软信息系统工程有限公司 | Index system evaluation method based on weight design |
| CN107122884A (en) * | 2017-03-24 | 2017-09-01 | 中国电力科学研究院 | The appraisal procedure and device of a kind of electrical power distribution automatization system protecting information safety |
| CN107122884B (en) * | 2017-03-24 | 2022-09-02 | 中国电力科学研究院 | Evaluation method and device for information safety protection of power distribution automation system |
| CN109063411A (en) * | 2018-06-29 | 2018-12-21 | 中国电子科技集团公司第二十八研究所 | It is a kind of based on system interoperability maturity assessment application, facility, data attribute metric tree calculation method |
| CN110689211A (en) * | 2018-07-04 | 2020-01-14 | 北京国双科技有限公司 | Method and device for evaluating website service capability |
| CN109361696A (en) * | 2018-11-29 | 2019-02-19 | 重庆大学 | A kind of safety classification method towards trust on-line |
| CN109450956A (en) * | 2018-12-29 | 2019-03-08 | 北京奇安信科技有限公司 | Internet security appraisal procedure, system, medium and calculating equipment |
| CN109450956B (en) * | 2018-12-29 | 2021-06-08 | 奇安信科技集团股份有限公司 | Network security evaluation method, system, medium, and computer system |
| CN113657726A (en) * | 2021-07-29 | 2021-11-16 | 广西友迪资讯科技有限公司 | Personnel risk analysis method based on random forest |
| CN113657726B (en) * | 2021-07-29 | 2023-10-31 | 广西友迪资讯科技有限公司 | Personnel risk analysis method based on random forest |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102663503A (en) | Information security assessment method | |
| CN107819771B (en) | Information security risk assessment method and system based on asset dependency relationship | |
| US20190342307A1 (en) | System and method for monitoring security attack chains | |
| CN109583711B (en) | Safety risk assessment overall process management system | |
| CN106295349A (en) | Risk Identification Method, identification device and the anti-Ore-controlling Role that account is stolen | |
| CN105516130B (en) | Data processing method and device | |
| CN102594783B (en) | Network security emergency responding method | |
| US20200403991A1 (en) | Security for network environment using trust scoring based on power consumption of devices within network | |
| CN105337971A (en) | Electric power information system cloud safety guarantee system and implementation method thereof | |
| CN112560046B (en) | Assessment method and device for business data security index | |
| CN109522166A (en) | A kind of automatic assessment method and system of equal guarantors' assessment | |
| Chalvatzis et al. | Evaluation of security vulnerability scanners for small and medium enterprises business networks resilience towards risk assessment | |
| CN113115315B (en) | IOT equipment behavior credible supervision method based on block chain | |
| CN104320271B (en) | A kind of network equipment safety evaluation method and device | |
| JP2021027505A (en) | Monitoring device, monitoring method, and monitoring program | |
| Otuoze et al. | Electricity theft detection framework based on universal prediction algorithm | |
| Songma et al. | Classification via k-means clustering and distance-based outlier detection | |
| CN117478433B (en) | Network and information security dynamic early warning system | |
| CN108900328A (en) | A kind of electricity grid network data safety test macro and method | |
| CN105487936A (en) | Information system security evaluation method for classified protection under cloud environment | |
| CN114065220B (en) | Dual-level analysis situation assessment method based on distributed system | |
| Zhu et al. | Influence of overloading on the reliability and critical components of networked critical infrastructures | |
| Li et al. | User behaviour authentication model based on stochastic petri net in cloud environment | |
| Yousiff et al. | Designing A Blockchain Approach to Secure Firefighting Stations Based Internet of Things | |
| CN115809950B (en) | Machine room operation and maintenance management platform and management method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120912 |