CN103186709B - A kind of method and system determining risk value of security incident - Google Patents
A kind of method and system determining risk value of security incident Download PDFInfo
- Publication number
- CN103186709B CN103186709B CN201110460610.6A CN201110460610A CN103186709B CN 103186709 B CN103186709 B CN 103186709B CN 201110460610 A CN201110460610 A CN 201110460610A CN 103186709 B CN103186709 B CN 103186709B
- Authority
- CN
- China
- Prior art keywords
- target area
- risk factors
- data
- event object
- parameter value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the present invention relates to field of computer technology, in particular to a kind of method and the system of determining risk value of security incident, in order to determine risk value of security incident, thus broadband network information carries out control and improves basic guarantee. The method of the embodiment of the present invention comprises: determine, from multiple regions that event object is corresponding, the target area that risk factors is corresponding; Risk factors data according to each target area corresponding to event object, it is determined that the risk factors distribution parameter value of each target area that event object is corresponding; The loss parameter value of the risk factors distribution parameter value according to each target area described and each target area, it is determined that vulnerability model; According to the risk factors parameter value of described vulnerability model and each target area described, it is determined that the value-at-risk of each target area described. Adopt the embodiment of the present invention that broadband network information can carry out control and improve basic guarantee, the loss that maximum possible minimizing brings because of safe event.
Description
Technical field
The present invention relates to field of computer technology, in particular to a kind of method and the system of determining risk value of security incident.
Background technology
Along with the fast development of information technology, broadband network has been distributed widely among the use of personal user and enterprise user.
Along with the continuous increase to broadband network demand, the scale of network operator at different levels and service quality also need to obtain corresponding raising. Meanwhile, all kinds of safe event is such as disaster caused by a windstorm, and flood, fire etc., impact to as facility resources such as the machine room on broadband network physical hardware basis, optical cable, transfer websites at different levels, and then cause the financial loss of network operator.
It is thus desirable to determine safe event risk, thus realizing being controlled by broadband network information, and formulate corresponding preventive measures and building method according to risk distribution, maximum possible is reduced the loss. But also there is no a kind of scheme determining risk value of security incident at present.
In sum, also there is no a kind of scheme determining risk value of security incident at present.
Summary of the invention
The embodiment of the present invention provides a kind of method and system determining risk value of security incident, in order to determine risk value of security incident, thus broadband network information carries out control and improves basic guarantee.
A kind of method determining risk value of security incident that the embodiment of the present invention provides, comprising:
Determine, from multiple regions that event object is corresponding, the target area that risk factors is corresponding;
Risk factors data according to each target area corresponding to event object and parametric model, or according to the risk factors data of each target area corresponding to event object and kinetic model, it is determined that the risk factors distribution parameter value of each target area that event object is corresponding;
The loss parameter value of the risk factors distribution parameter value according to each target area described and each target area, it is determined that vulnerability model;
According to the risk factors parameter value of described vulnerability model and each target area described, it is determined that the value-at-risk of each target area described;
Where it is determined that vulnerability model comprises:
The network resource data in the loss parameter value according to each target area and each region, it is determined that the rate of loss of each target area;
The rate of loss of the risk factors distribution parameter value according to each target area described and each target area, it is determined that vulnerability model.
A kind of system determining risk value of security incident that the embodiment of the present invention provides, comprising:
First data management module, for determining the target area that risk factors is corresponding in multiple regions corresponding from event object;
2nd data management module, for risk factors data and the parametric model of each target area corresponding according to event object, or according to the risk factors data of each target area corresponding to event object and kinetic model, it is determined that the risk factors distribution parameter value of each target area that event object is corresponding;
3rd data management module, for the loss parameter value of the risk factors distribution parameter value according to each target area described He each target area, it is determined that vulnerability model;
4th data management module, for the risk factors parameter value according to described vulnerability model and each target area described, it is determined that the value-at-risk of each target area described;
Wherein, described 3rd data management module specifically for: according to the network resource data of the loss parameter value of each target area He each region, it is determined that the rate of loss of each target area; The rate of loss of the risk factors distribution parameter value according to each target area described and each target area, it is determined that vulnerability model.
Owing to risk value of security incident can be determined, thus broadband network information is carried out control and improves basic guarantee so that personnel can formulate corresponding preventive measures and building method according to risk distribution, the loss that maximum possible minimizing brings because of safe event.
Accompanying drawing explanation
Fig. 1 is the method flow schematic diagram that the embodiment of the present invention determines risk value of security incident;
Fig. 2 is the system architecture schematic diagram that the embodiment of the present invention determines risk value of security incident;
Fig. 3 is the system topological schematic diagram that the embodiment of the present invention determines risk value of security incident.
Embodiment
The embodiment of the present invention is according to the risk factors data of each target area corresponding to event object and parametric model, or according to the risk factors data of each target area corresponding to event object and kinetic model, determine the risk factors distribution parameter value of each target area that event object is corresponding, then according to the risk factors distribution parameter value of each target area and the loss parameter value of each target area, determine vulnerability model, last according to the risk factors parameter value of vulnerability model He each target area, it is determined that the value-at-risk of each target area. Owing to risk value of security incident can be determined, thus broadband network information is carried out control and improves basic guarantee so that personnel can formulate corresponding preventive measures and building method according to risk distribution, the loss that maximum possible minimizing brings because of safe event.
Below in conjunction with Figure of description, the embodiment of the present invention is described in further detail.
As shown in Figure 1, the embodiment of the present invention determines that the method for risk value of security incident comprises the following steps:
Step 101, determine, from multiple regions corresponding to event object, the target area that risk factors is corresponding;
Step 102, according to the risk factors data of each target area corresponding to event object and parametric model, or according to the risk factors data of each target area corresponding to event object and kinetic model, it is determined that the risk factors distribution parameter value of each target area that event object is corresponding;
Step 103, according to the risk factors distribution parameter value of each target area and the loss parameter value of each target area, it is determined that vulnerability model;
Step 104, risk factors parameter value according to vulnerability model and each target area, it is determined that the value-at-risk of each target area.
Goodly, in step 102, the general type of risk factors distribution parameter value be H=f (H` ...) functional form. Independent variable(s) H` is risk factors data, by the calculating of parametric model and kinetic model, so that it may to obtain continuous print risk factors parameter value on room and time.
Independent variable(s) comprises but is not limited only to risk factors data in embodiments of the present invention.
The value-at-risk of the embodiment of the present invention represents holds expectation loss and the outcross probability that danger body affects by risk factors in certain geographical scope, calculation result shows with space networks case form usually.
In enforcement, also comprise further before step 101:
Geographical scope corresponding for event object is divided into multiple region.
Concrete, first determine the geographical scope that event object is corresponding. According to different demands. The geographical scope that different event objects is corresponding is likely different. Such as want to check the earthquake of Beijing area, then event object is exactly earthquake, and geographical scope is exactly Beijing.
Then, the geographical scope determined is divided according to the region quantity of setting, such as needs to be divided into n �� m region, so that it may so that geographical scope to be divided into the grid matrix of n �� m, each grid represents a region.
Due in enforcement, and value-at-risk is all determined in the region of not all, so part or all zones can be selected as required from all regions as target area.
In step 102, risk factors data are the data sets for representing all kinds of safe event self attributes. Its data characteristics is unrelated with its effective object and action effect, and character own with data characteristics is relevant, such as disaster caused by a windstorm wind speed, flood water level, and fire size class index etc. Simultaneously, it is also possible to comprise the geographical data information (i.e. the spatial positional information of risk factors, because event object always has oneself a position, the position of such as earthquake epicenter, the fiery source location etc. that fire occurs) of this risk factors. Storage mode is main with attribute data (safe event self attributes information, such as magnitude of earthquake, earthquake intensity, peak accelerator etc.) or space data (earthquake source, earthquake centre, impact scope isovector data or grid data).
Wherein, the corresponding event object of each risk factors data, each event object at least one risk factors data corresponding. Such as typhoon to there being maximum wind speed, very big wind speed, maximum wind speed radius, process rainfall amount, accumulation rainfall amount etc.
In step 102, parametric model is, by statistical method, risk factors natural character and vulnerability (risk factors intensity and the correlationship holding danger bulk diffusion) are carried out function matching, determines parameter by matching, component model mathematical expression formula.
In step 102, kinetic model is by physical experimental method, utilizes the mathematics instrument such as the differential equation, integral equation simulation risk factors natural character, and then what recycling function approximating method carried out building.
In step 103, loss parameter value, is the loss amount occurred after network resource are subject to safe events affecting.Comprise damage amount and the damage rate of different damage grade, it is also possible to comprise other numerical value. The effect of loss parameter value combines with risk factors distribution parameter value to determine vulnerability mould, and then calculation risk value.
In order to improve the accuracy rate of value-at-risk further, it is preferred that, in step 103, according to the network resource data of the loss parameter value of each target area He each region, it is determined that the rate of loss of each target area; The rate of loss of the risk factors distribution parameter value according to each target area and each target area, it is determined that vulnerability model.
Concrete, in step 103, determine that the mode of vulnerability model has a lot: a series of risk factors distribution parameter value and rate of loss such as carry out regression treatment, and (content of concrete regression treatment can be see: about carrying out the content of regression treatment in Beijing Normal University's journal 2011 (8) 409-414, do not repeat them here), obtain vulnerability model.
In step 103, network resource data, the information of the object of the effect that is namely damaged. The network resource data of the embodiment of the present invention is divided into two classes, one class is spatial distribution and the quantity of holding danger body, and the spatial distribution of broadband network information and quantity, in actual applications, this spatial distribution often combines with above-mentioned geo-spatial data, describes the locus having geographic significance holding danger residing for body; Another class is these resources of description is the data that final risk value has meaning to the data of naturally safe event resistibility index. As optical cable degree of wind resistance, anti-flood degree, resistance to bright degree etc.
Goodly, in step 104, for one of them target area (i.e. space grid), the risk factors h of this target area and vulnerability model f (h), this target area hold danger body quantity e, value-at-risk r=h*f (h) the * e of this target area.
Wherein, this result only represents the value-at-risk of a target area, if to be calculated the risk (one, multiple target area value-at-risk) of more large regions, is then exactly expectation loss E (r) calculating this multiple target area.
Goodly, can further include after step 104:
Show the value-at-risk of each target area.
It is the most basic function that system carries out risk management to safe event spatial positioning. It is thus desirable to locus is described. Goodly, the embodiment of the present invention is it may also be determined that the geographical data information of each target area.
Concrete, according to the corresponding relation of the positional information pre-set and geographical data information, it is determined that the geographical data information that the positional information that each target area comprises is corresponding;
Then geographical data information and the value-at-risk of each target area is shown.
Geographical data information can form independent system, i.e. geographical information system(GIS) (GIS, GeographicInformationSystem), includes geospatial information and other attribute informations in ownership goal region. Geospatial information is description object geographical position, such as longitude and latitude, the coordinate (the albers projection coordinate as under WGS84 system of coordinates) under such as other terrestrial coordinates systems; Other attribute informations are the attributes of some except geographical position, the population in such as certain city, area, administrative grade etc., and these attributes freely can customize according to customer need.
Wherein, geographical data packets draws together all kinds of vector data and grid data, and wherein corresponding geographical key element has been carried out spatial positioning.
Goodly, the corresponding relation of the risk factors data of the embodiment of the present invention, network resource data, positional information and geographical data information can adopt cloud mode to store.
Goodly, in step 102, determine the risk factors data of each target area according to the following step:
From the corresponding relation of the event object of cloud storage, target area and risk factors data, it is determined that the risk factors data of each target area that event object is corresponding.
Goodly, in step 104, determine the risk factors parameter value of each target area according to the following step:
From the corresponding relation of the event object of cloud storage, target area and risk factors parameter value, it is determined that the risk factors parameter value of each target area that event object is corresponding.
In enforcement, owing to the risk factors distribution parameter value determined in step 102, the value-at-risk determined in step 104 likely need every period to determine once, need the data before using every time. In order to raise the efficiency, after determining risk factors distribution parameter value and value-at-risk, cloud mode can be adopted to store every time, directly adopt when needs use cloud mode to read, it is not necessary to redefine this part numerical value again, it is to increase efficiency.
For event object as earthquake:
Assume that risk factors distribution parameter is peak accelerator.
If needing central point (ij) (0��i < n of certain grid in the n*m matrix grid calculated, m), < this central point peak accelerator is gal (ij), GAL is earthquake centre peak accelerator to 0��j, it is generally authoritative institution's measurement to obtain, i.e. risk factors data. Separately set r (ij) as this grid element center point is to the distance in earthquake centre.
Parametric model is exactly gal (ij)=f (r (ij), GAL), other contents can also be increased as required, such as gal (ij)=f (r (ij), GAL in parametric model, p1, p2 ...), wherein, p1, p2 are other desired parameter.
The risk factors data of each target area are substituted into parametric model and just obtains one group of value { gal (00), gal (01), gal (02) ... gal (10), gal (11),, gal (ij) ... gal (n-1) (m-1) }, n*m value altogether, i.e. the distribution situation of the peak accelerator (risk factors) of earthquake;
Kinetic model d (ij) is similar with parametric model, the risk factors data of each target area are substituted into kinetic model and just obtains one group of value { d (00), d (01), d (02) ... d (10), d (11) ... d (ij), d (n-1) (m-1) }, n*m value altogether, the i.e. distribution situation of the peak accelerator (risk factors) of earthquake;
No matter adopting which kind of model, finally all obtain the distribution situation of the peak accelerator (risk factors) of earthquake.
Obtain vulnerability model lr=v (gal) risk factors distribution parameter value and rate of loss are carried out regression treatment.
That assumes network resource is distributed as { N0, N1, N2 ... N (k-1) }, k network resource and matrix grid define singly penetrates. The risk factors of each target area expects parameter value gi=E (gal (i)), then the value-at-risk of each grid is E (lr (i))=Ni*v (gi).
Wherein, above-mentioned just taking event object as earthquake, and risk factors distribution parameter be peak accelerator is that example is described, different time objects and different risk factors distribution parameters, corresponding model is not identical, and the structure of concrete model is all conventional means, does not repeat one by one at this.
Conceive based on same invention, the embodiment of the present invention additionally provides a kind of system determining risk value of security incident, the principle dealt with problems due to this system is similar to determining the method for risk value of security incident, and therefore the enforcement of this system see the enforcement of method, can repeat part and repeat no more.
As shown in Figure 2, the embodiment of the present invention determines that the system of risk value of security incident comprises: the first data management module 21, the 2nd data management module 22, the 3rd data management module 23 and the 4th data management module 24.
First data management module 21, for determining the target area that risk factors is corresponding in multiple regions corresponding from event object;
2nd data management module 22, for risk factors data and the parametric model of each target area corresponding according to event object, or according to the risk factors data of each target area corresponding to event object and kinetic model, it is determined that the risk factors distribution parameter value of each target area that event object is corresponding;
3rd data management module 23, for the loss parameter value of the risk factors distribution parameter value according to each target area He each target area, it is determined that vulnerability model;
4th data management module 24, for according to the risk factors parameter value of vulnerability model He each target area, it is determined that the value-at-risk of each target area.
Goodly, before the first data management module 21 determines the target area that risk factors is corresponding, geographical scope corresponding for event object is divided into multiple region.
Goodly, after the 4th data management module 24 determines the value-at-risk of each target area, according to the corresponding relation of the positional information pre-set and geographical data information, it is determined that the geographical data information that the positional information that each target area comprises is corresponding; Show geographical data information and the value-at-risk of each target area.
Goodly, the corresponding relation of positional information and geographical data information adopts cloud mode to store.
Goodly, the 3rd data management module 23 is according to the network resource data of the loss parameter value of each target area He each region, it is determined that the rate of loss of each target area; The rate of loss of the risk factors distribution parameter value according to each target area and each target area, it is determined that vulnerability model.
Goodly, the 2nd data management module 22 determines the risk factors data of each target area that event object is corresponding according to the following step:
From the corresponding relation of the event object of cloud storage, target area and risk factors data, it is determined that the risk factors data of each target area that event object is corresponding.
Goodly, the 4th data management module 24 determines the risk factors parameter value of each target area that event object is corresponding according to the following step:
From the corresponding relation of the event object of cloud storage, target area and risk factors parameter value, it is determined that the risk factors parameter value of each target area that event object is corresponding.
The embodiment of the present invention additionally provides the system of a kind of determination risk value of security incident based on cloud computing. As shown in Figure 3, the embodiment of the present invention is determined in the system topological schematic diagram of risk value of security incident, and whole system adopts layered model, and basic structure is divided into data Layer, model layer, user's layer three level.
One, data Layer is whole system data storage section, for storing all data.
Data Layer is as the support of whole system, and software framework can adopt the pattern of basic database+Spatial Data Engine to build. What traditional relational database (SQLServer, Oracle etc.) stored is generally attribute data, namely stores Various types of data with the form of data sheet. To space data, except having attribute data sheet and being described, locus figure information is also had to portray all kinds of point-line-surface data characteristics. Traditional data storehouse pattern cannot store this class data object. It is thus desirable to set up middleware, i.e. Spatial Data Engine (SDE, a SpatialDataEngine) between space data and database.If system development framework adopts business software pattern, the framework of Oracle+OracleSpatial or SQLServer+ArcSDE can be adopted; Develop according to the pattern of increasing income, the framework of PostgreSQL+PostGIS can be adopted.
Data Layer adopts cloud to store pattern. System will realize stores service for user sets up privately owned cloud storage space. Data store is deployed in enterprise firewall, carries out Data Update and maintenance by enterprise user. System will provide user management interface and other development interfaces customized according to customer need.
Two, the function of model layer is that the data stored according to data Layer adopt model approach, the value-at-risk of computationally secure event.
I/O interface in model layer is the interface connecting data management and model algorithm realization. Its main function has: 1) reading data Layer and calculate desired data accordingly, row data of going forward side by side processes. 2) intermediate result in computation process and final calculation result are carried out data processing, and write data Layer and store.
For data processing, space calculates and usually calculates the distribution of objective result in space in units of grid. As calculated the distribution situation of disaster caused by a windstorm wind speed in A area, then it is the grid matrix of n �� m by A regional classification, gets each grid element center point as calculation level, thus calculate the air speed value of each grid. The matrix finally obtained is the wind speed profile in A area. Therefore its calculating precision is relevant to sizing grid. Due to the module that data processing and computational algorithm are independent mutually, therefore the data read in data Layer can be carried out the process of symbolic computation demand by model layer, it can be used as the importation that model algorithm realizes. With reason, when calculation result data writes data Layer, it is also the form meeting data Layer storage organization by model layer to result treatment, stored in data Layer.
The data that model layer stores according to data Layer adopt model approach, it is determined that the content of the value-at-risk of safe event is identical with the mode of the value-at-risk determining safe event in Fig. 1, does not repeat them here.
In system practical application, it is determined that risk may be the intermediate result of customer need, user may carry out being applicable to own service operation according to value-at-risk other calculate or management. Therefore system will provide model layer second development interface, it may also be useful to calculation result can be called in family and part method of calculation carry out customizable secondary development, or native system and other business systems of user are carried out integration.
In the calculating of safe event, there is the contradiction of method of calculation integrated level and computation complexity in model layer. Calculating due to model and relate to space calculating in a large number, it is highly professional, and the function storehouse that traditional computer language lacks additional space data processing and calculating such as C/Java/Delphi etc. is supported, and the difficulty carrying out the exploitation of related function storehouse is bigger. Function storehouse, the space support that some scientific algorithm script language are as comparatively powerful and complete in IDL/Python then has. But owing to this speech like sound is interpreted languages, its code execution efficiency can lower than above-mentioned compiled language. Owing to risk model computation process is complicated, calculating dependence data volume huge, therefore this kind of script language has certain inferior position in algorithm time cost.
In the design of native system, Python is selected to carry out model algorithm written in code. Python has powerful scientific algorithm bag NumPy and space Data support bag GDAL, it is possible to better integrated efficient scientific algorithm and space Data support, need not write algorithm from bottom. And Python is in authoritative institution evaluates and tests, its over-all properties comprises VB, ASP, PERL, comparatively powerful in the tens of kinds of script language such as Ruby.
Data Layer framework have employed cloud stores service mode. And in model layer, according to the scientific algorithm feature of its complexity, correspondingly adopt cloud computing service pattern to carry out framework. This stratus calculation services uses publicly-owned cloud mode, system provides data I/O interface for user, being connected with I/O interface by lower data layer, user will from calling I/O interface, it may also be useful to the powerful computing cluster resource that system provides carries out safe event risk model and calculates. Due to the advantage of cloud computing in calculated performance, system provides the calculation services of fast and stable for user.
Three, the function of user's layer is to provide data display interface, model displaying interface, user interactions interface, user's control of authority module.
The map Web service (WMS, WFS, WCS) that user's layer is formulated with open geographic information system association (OGC, OpenGISConsortium), for standard, builds a WebGIS system and is shown by bottom data. Owing to bottom data mostly is space data, therefore data display module will based on map form, and diagrammatic form is auxiliary organizing. WebGIS type selecting customizes according to the business operation model of different enterprise. Can build based on business software ArcGISServer, MapInfo, it is possible to use open source software MapGuide, WorldWide build. This module will set up direct passage from data Layer to user's layer, it may also be useful to the basic GIS functions such as bottom data can be browsed, searches by family, space calculating, and provide statistical and analytical tool, utility, drafting instrument.
The WebGIS system inheriting data display module is presented by Risk Calculation result, and provides statistical and analytical tool, utility, drafting instrument.
User and system interaction mainly comprise two aspects: 1) user and data Layer are mutual. Namely user can delete data according to self-demand customization data, data query, editor, import and export data. 2) user and model layer are mutual. Namely user can according to self-demand preference pattern classification, and method of calculation, calculate precision, calculation result. User uses client terminal to carry out alternately, comprises C/S structure client terminal and B/S structure client terminal. C/S structure client terminal mainly carries out local data customization, and B/S client terminal is mainly used in result and shows and computing function selection.
Different user groups will be carried out authority management for the different level of system by user's control of authority. User's authority customizes according to the data Layer having access to and access limit. System is divided into three layers, therefore different rights totally 6 kinds; Every layer of access comprises read-only/read-write two kinds of authorities, therefore has 6 �� 2=12 kind authority. In addition, system has Administrator's account, and whole system carries out fortune dimension.
Those skilled in the art are it should be appreciated that embodiments of the invention can be provided as method, system or computer program. Therefore, the present invention can adopt the form of complete hardware embodiment, completely software implementation or the embodiment in conjunction with software and hardware aspect. And, the present invention can adopt the form at one or more upper computer program implemented of computer-usable storage medium (including but not limited to multiple head unit, CD-ROM, optical memory etc.) wherein including computer usable program code.
The present invention is that schema and/or skeleton diagram with reference to method according to embodiments of the present invention, equipment (system) and computer program describe. Should understand can by the combination of the flow process in each flow process in computer program instructions flowchart and/or skeleton diagram and/or square frame and schema and/or skeleton diagram and/or square frame.These computer program instructions can be provided to the treater of multi-purpose computer, special purpose computer, Embedded Processor or other programmable data processing device to produce a machine so that the instruction performed by the treater of computer or other programmable data processing device is produced for realizing the device of function specified in schema flow process or multiple flow process and/or skeleton diagram square frame or multiple square frame.
These computer program instructions also can be stored in and can guide in computer-readable memory that computer or other programmable data processing device work in a specific way, making the instruction that is stored in this computer-readable memory produce the manufacture comprising instruction device, this instruction device realizes the function specified in schema flow process or multiple flow process and/or skeleton diagram square frame or multiple square frame.
These computer program instructions also can be loaded in computer or other programmable data processing device, make on computer or other programmable devices, to perform a series of operation steps to produce computer implemented process, thus the instruction performed on computer or other programmable devices is provided for realizing the step of the function specified in schema flow process or multiple flow process and/or skeleton diagram square frame or multiple square frame.
Although having described the preferred embodiments of the present invention, but those skilled in the art once the substantially creative concept of cicada, then these embodiments can be made other change and amendment. Therefore, it is intended that the appended claims shall be construed comprise preferred embodiment and fall into all changes and the amendment of the scope of the invention.
Obviously, the present invention can be carried out various change and modification and not depart from the spirit and scope of the present invention by the technician of this area. Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these change and modification.
Claims (10)
1. determine the method for risk value of security incident for one kind, it is characterised in that, the method comprises:
Determine, from multiple regions that event object is corresponding, the target area that risk factors is corresponding;
Risk factors data according to each target area corresponding to event object and parametric model, or according to the risk factors data of each target area corresponding to event object and kinetic model, it is determined that the risk factors distribution parameter value of each target area that event object is corresponding;
The loss parameter value of the risk factors distribution parameter value according to each target area described and each target area, it is determined that vulnerability model;
According to the risk factors parameter value of described vulnerability model and each target area described, it is determined that the value-at-risk of each target area described;
Where it is determined that vulnerability model comprises:
The network resource data in the loss parameter value according to each target area and each region, it is determined that the rate of loss of each target area;
The rate of loss of the risk factors distribution parameter value according to each target area described and each target area, it is determined that vulnerability model;
Described parametric model is, by statistical method, the risk factors data of each target area corresponding to event object are carried out function matching, is determined the model mathematical expression formula of the risk factors distribution parameter value of each target area described by matching;
Described kinetic model passes through physical experimental method, utilize the risk factors data of each target area that the differential equation, integral equation simulation event object is corresponding, again the risk factors data of each target area described in simulation are carried out function matching, build the model mathematical expression formula of the risk factors distribution parameter value obtaining each target area described;
If the fitting function of the risk factors data of each target area that event object is corresponding is f (r (ij), GAL), then the model mathematical expression formula of the risk factors distribution parameter value of each target area described is gal (ij), wherein, gal (ij)=f (r (ij), GAL).
2. the method for claim 1, it is characterised in that, it is determined that also comprise before the target area that risk factors is corresponding:
Geographical scope corresponding for event object is divided into multiple region.
3. method as claimed in claim 2, it is characterised in that, it is determined that also comprise after the value-at-risk of each target area described:
According to the corresponding relation of the positional information pre-set and geographical data information, it is determined that the geographical data information that the positional information that each target area comprises is corresponding;
Show geographical data information and the value-at-risk of each target area.
4. method as claimed in claim 3, it is characterised in that, the corresponding relation of described positional information and geographical data information adopts cloud mode to store.
5. the method for claim 1, it is characterised in that, the corresponding relation of event object, target area and risk factors data adopts cloud mode to store; The corresponding relation of event object, target area and risk factors parameter value adopts cloud mode to store; Then
The risk factors data of each target area that event object is corresponding are determined according to the following step:
From the corresponding relation of the event object of cloud storage, target area and risk factors data, it is determined that the risk factors data of each target area that event object is corresponding;
The risk factors parameter value of each target area that event object is corresponding is determined according to the following step:
From the corresponding relation of the event object of cloud storage, target area and risk factors parameter value, it is determined that the risk factors parameter value of each target area that event object is corresponding.
6. determine the system of risk value of security incident for one kind, it is characterised in that, this system comprises:
First data management module, for determining the target area that risk factors is corresponding in multiple regions corresponding from event object;
2nd data management module, for risk factors data and the parametric model of each target area corresponding according to event object, or according to the risk factors data of each target area corresponding to event object and kinetic model, it is determined that the risk factors distribution parameter value of each target area that event object is corresponding;
3rd data management module, for the loss parameter value of the risk factors distribution parameter value according to each target area described He each target area, it is determined that vulnerability model;
4th data management module, for the risk factors parameter value according to described vulnerability model and each target area described, it is determined that the value-at-risk of each target area described;
Wherein, described 3rd data management module specifically for: according to the network resource data of the loss parameter value of each target area He each region, it is determined that the rate of loss of each target area; The rate of loss of the risk factors distribution parameter value according to each target area described and each target area, it is determined that vulnerability model;
Described parametric model is, by statistical method, the risk factors data of each target area corresponding to event object are carried out function matching, is determined the model mathematical expression formula of the risk factors distribution parameter value of each target area described by matching;
Described kinetic model passes through physical experimental method, utilize the risk factors data of each target area that the differential equation, integral equation simulation event object is corresponding, again the risk factors data of each target area described in simulation are carried out function matching, build the model mathematical expression formula of the risk factors distribution parameter value obtaining each target area described;
If the fitting function of the risk factors data of each target area that event object is corresponding is f (r (ij), GAL), then the model mathematical expression formula of the risk factors distribution parameter value of each target area described is gal (ij), wherein, gal (ij)=f (r (ij), GAL).
7. system as claimed in claim 6, it is characterised in that, described first data management module also for:
Before determining the target area that risk factors is corresponding, geographical scope corresponding for event object is divided into multiple region.
8. system as claimed in claim 7, it is characterised in that, described 4th data management module also for:
After determining the value-at-risk of each target area described, according to the corresponding relation of the positional information pre-set and geographical data information, it is determined that the geographical data information that the positional information that each target area comprises is corresponding; Show geographical data information and the value-at-risk of each target area.
9. system as claimed in claim 8, it is characterised in that, the corresponding relation of described positional information and geographical data information adopts cloud mode to store.
10. system as claimed in claim 6, it is characterised in that, the corresponding relation of event object, target area and risk factors data adopts cloud mode to store; The corresponding relation of event object, target area and risk factors parameter value adopts cloud mode to store; Then
Described 2nd data management module determines the risk factors data of each target area that event object is corresponding according to the following step:
From the corresponding relation of the event object of cloud storage, target area and risk factors data, it is determined that the risk factors data of each target area that event object is corresponding;
Described 4th data management module determines the risk factors parameter value of each target area that event object is corresponding according to the following step:
From the corresponding relation of the event object of cloud storage, target area and risk factors parameter value, it is determined that the risk factors parameter value of each target area that event object is corresponding.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110460610.6A CN103186709B (en) | 2011-12-31 | 2011-12-31 | A kind of method and system determining risk value of security incident |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110460610.6A CN103186709B (en) | 2011-12-31 | 2011-12-31 | A kind of method and system determining risk value of security incident |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103186709A CN103186709A (en) | 2013-07-03 |
| CN103186709B true CN103186709B (en) | 2016-06-08 |
Family
ID=48677876
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110460610.6A Expired - Fee Related CN103186709B (en) | 2011-12-31 | 2011-12-31 | A kind of method and system determining risk value of security incident |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103186709B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112541666B (en) * | 2020-12-08 | 2022-09-13 | 同济大学 | Shield tunnel risk assessment method considering uncertainty of earthquake vulnerability model |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101354757A (en) * | 2008-09-08 | 2009-01-28 | 中国科学院地理科学与资源研究所 | Method for predicting dynamic risk and vulnerability under fine dimension |
| CN101726750A (en) * | 2009-11-30 | 2010-06-09 | 中国矿业大学(北京) | 'Three-map method' for evaluating ground fissures |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090240433A1 (en) * | 2008-03-18 | 2009-09-24 | University Of South Carolina | System for Determining Risk of Loss to Coastal Wetlands |
-
2011
- 2011-12-31 CN CN201110460610.6A patent/CN103186709B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101354757A (en) * | 2008-09-08 | 2009-01-28 | 中国科学院地理科学与资源研究所 | Method for predicting dynamic risk and vulnerability under fine dimension |
| CN101726750A (en) * | 2009-11-30 | 2010-06-09 | 中国矿业大学(北京) | 'Three-map method' for evaluating ground fissures |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103186709A (en) | 2013-07-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sakieh et al. | Scenario-based evaluation of urban development sustainability: an integrative modeling approach to compromise between urbanization suitability index and landscape pattern | |
| Saeidian et al. | Evaluation and comparison of Genetic Algorithm and Bees Algorithm for location–allocation of earthquake relief centers | |
| Coelho et al. | Multicriteria decision support system for regionalization of integrated water resources management | |
| Liu et al. | A generalized framework for measuring pedestrian accessibility around the world using open data | |
| EP3979178A1 (en) | Method, apparatus, and electronic device for collecting loan and storage medium | |
| Ma et al. | How China’s linked urban–rural construction land policy impacts rural landscape patterns: A simulation study in Tianjin, China | |
| US20230024680A1 (en) | Method of determining regional land usage property, electronic device, and storage medium | |
| Chen et al. | Defining agents' behaviour based on urban economic theory to simulate complex urban residential dynamics | |
| Samadi Alinia et al. | Tehran’s seismic vulnerability classification using granular computing approach | |
| Mustafa et al. | A Time Monte Carlo method for addressing uncertainty in land-use change models | |
| Wang et al. | A fast candidate viewpoints filtering algorithm for multiple viewshed site planning | |
| CN108647910A (en) | Setting method, device, terminal and the computer storage media of city upblic traffic station | |
| Raimbault | An urban morphogenesis model capturing interactions between networks and territories | |
| US8666652B2 (en) | System and method for running stored statistical processes using a web-based graphical information system | |
| Burian et al. | Disaggregator–a tool for the aggregation and disaggregation of spatial data | |
| Zhong et al. | Multi-objective optimization approach of shelter location with maximum equity: an empirical study in Xin Jiekou district of Nanjing, China | |
| Lu et al. | Predicting long-term urban growth in Beijing (China) with new factors and constraints of environmental change under integrated stochastic and fuzzy uncertainties | |
| Maleki et al. | Many‐objective land use planning using a hypercube‐based NSGA‐III algorithm | |
| Lagarias | Exploring land use policy scenarios with the use of a cellular automata-based model: urban sprawl containment and sustainable development in Thessaloniki | |
| CN103186709B (en) | A kind of method and system determining risk value of security incident | |
| CN112215864A (en) | Contour processing method and device of electronic map and electronic equipment | |
| Escalante et al. | Methodological issues in modern track analysis | |
| CN111339446B (en) | Interest point mining method and device, electronic equipment and storage medium | |
| Hu et al. | Framework for prioritizing geospatial data processing tasks during extreme weather events | |
| Batsaris et al. | Spatial Decision Support System for Efficient School Location-Allocation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: North Building 100088 Beijing city Haidian District Institute of Road No. 15 5 floor Applicant after: FOUNDER BROADBAND NETWORK SERVICE Co.,Ltd. Address before: North Building 100088 Beijing city Haidian District Institute of Road No. 15 5 floor Applicant before: FOUNDER BROADBAND NETWORK SERVICE Co.,Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160608 Termination date: 20211231 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |