CN106203831A - A kind of power supply enterprise Electronic Archival Security risk evaluating system - Google Patents

Abstract

The invention discloses a kind of power supply enterprise Electronic Archival Security risk evaluating system, build module, fuzzy overall evaluation result computing module and risk evaluation module including evaluation index system generation module, opinion rating system generation module, quantization modules, weight computation module, subordinated-degree matrix.The present invention can effectively understand the safety management risk of electronic record, can be to promote electronic records management to provide reference proposition, and by fuzzy matrix and analytic hierarchy process (AHP) application in risk assessment, can be analyzed the various uncertain factors, the index that occur in risk assessment processes, Evaluation accuracy is higher.

Description

A kind of power supply enterprise Electronic Archival Security risk evaluating system

Technical field

The present invention relates to electricity digital data processing field, be specifically related to the Electronic Archival Security risk assessment of a kind of power supply enterprise System.

Background technology

In power marketing business procedure, there is substantial amounts of archives of paper quality, be used for recording reflection practical business situation truly, All refer to the collection to archives material from service handling, In-site supervision, the multi-service item such as oppose electricity-stealing, preserve and manage.For Avoiding the problem in paper files management, power supply enterprise starts combining information technology in recent years, uses the mode of electronization to manage Archives of paper quality, it is achieved marketing archives electronic management, improves work efficiency in business and management, accelerates inquiry velocity, The biggest effect has been played to improving good service service level.But meanwhile, compare archives of paper quality, the safety of electronic record Also become the emphasis of work, the factors such as environment, management and network that electronic archives information constitutes safely serious challenge.

Summary of the invention

For the problems referred to above, the present invention provides a kind of power supply enterprise Electronic Archival Security risk evaluating system.

The purpose of the present invention realizes by the following technical solutions:

A kind of power supply enterprise Electronic Archival Security risk evaluating system, including:

(1) evaluation index system generation module, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger；

(2) opinion rating system generation module, for generating the opinion rating system corresponding to evaluation criteria system, described Opinion rating system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each The corresponding grade fuzzy subset of opinion rating；

(3) quantization modules, evaluates the influence degree of corresponding female index for antithetical phrase index, and enters evaluation result Row quantifies；

(4) weight computation module, calculates female index and the weight vectors of sub-index for reference level fractional analysis；

(5) subordinated-degree matrix builds module, for according to described evaluation criteria system, calculates female index to described grade mould Stick with paste the degree of membership of subset, build the subordinated-degree matrix of female index；

(6) fuzzy overall evaluation result computing module, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis Evaluation result；

(7) risk evaluation module, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer Degree, divides risk class.

Risk is divided into 5 grades by described risk evaluation module, interval belonging to each grade risk be respectively (0,20%], (20%, 40%], (40%, 60%], (60%, 80%], (80%, 1], represent that risk class is negligible, the most respectively Safety, unsafe, be absolutely unsafe, disaster.

The computing formula of described overall risk degree is:

If the risk of i-th target is FD_I, the computing formula of described overall risk degree is:

$\stackrel{\‾}{FD}=\underset{I=1}{\overset{5}{\Σ}}{\mathrm{FD}}_I{W}_{{\mathrm{FD}}_I}$

Wherein,It is directed to i-th mesh for formulated by the expert group evaluating power supply enterprise's Electronic Archival Security Target weight.

Wherein, the sub-index that physical security is corresponding includes storing whether the environmental condition inside and outside the storehouse of archive information meets Safety requirements, computer equipment are the most in a safe condition, whether media meet safety requirements.

Wherein, the sub-index that described management safety is corresponding include special archives information security organization the most sound, Full-time archives information security management personnel are the most complete, rules and regulations are the most sound, whether there is contingency management scheme.

Wherein, the sub-index that described network security is corresponding includes whether have precaution against computer virus, whether have Anti-hacker attacks facility, whether have access control measure, whether have audit and surveillance and control measure.

Wherein, specifically perform during the running of described quantization modules:

If P, D, C represent respectively probability that destination layer causes danger, target cause danger after influence degree and uncontrollable Property, the expert group evaluating power supply enterprise's Electronic Archival Security carries out n evaluation to the quantized value of the sub-index of x-th of female index y The set of quantized obtained isY=P, D, C, the final quantization value of the sub-index of x-th of female index y is:

${I_x^y}^{\′}=\frac{{\Σ}_i^n{I}_{xi}^y}{n},{I_x^y}^{\′}\∈\[0,1\]$

Wherein, described subordinated-degree matrix builds module when calculating female index to the degree of membership of described grade fuzzy subset, tool Body performs

Below operation:

Definition grade fuzzy subset is { v_j, j=1,2 ..., 5}, and define the influence degree equity for describing female index The membership function of the degree of membership of level fuzzy subset:

Wherein, ρ is the xth being formulated female index y that expert determines by the expert group evaluating power supply enterprise's Electronic Archival Security The final quantization value of individual sub-index,For grade fuzzy subset { v_j, j=1,2 ..., standard value corresponding for 5},μ is the expert group the evaluating power supply enterprise's Electronic Archival Security certainty factor to described final quantization value；

According to described membership function, construct P, the subordinated-degree matrix R of tri-female indexs of D, C respectively_P,R_D,R_C:

$R_P=\left\{\begin{array}{cccc}{f}_{v_1}\left({I_1^P}^{\′}\right)& f_{v_2}\left({I_1^P}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_1^P}^{\′}\right)\\ f_{v_1}\left({I_2^P}^{\′}\right)& f_{v_2}\left({I_2^P}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_2^P}^{\′}\right)\\ .& .& & .\\ .& .& & .\\ .& .& & .\\ f_{v_1}\left({I_{N_P}^P}^{\′}\right)& f_{v_2}\left({I_{N_P}^P}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_{N_P}^P}^{\′}\right)\end{array}\right.$

$R_D=\left\{\begin{array}{cccc}{f}_{v_1}\left({I_1^D}^{\′}\right)& f_{v_2}\left({I_1^D}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_1^D}^{\′}\right)\\ f_{v_1}\left({I_2^D}^{\′}\right)& f_{v_2}\left({I_2^D}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_2^D}^{\′}\right)\\ .& .& & .\\ .& .& & .\\ .& .& & .\\ f_{v_1}\left({I_{N_D}^D}^{\′}\right)& f_{v_2}\left({I_{N_D}^D}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_{N_D}^D}^{\′}\right)\end{array}\right.$

$R_C=\left\{\begin{array}{cccc}{f}_{v_1}\left({I_1^C}^{\′}\right)& f_{v_2}\left({I_1^C}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_1^C}^{\′}\right)\\ f_{v_1}\left({I_2^C}^{\′}\right)& f_{v_2}\left({I_2^C}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_2^C}^{\′}\right)\\ .& .& & .\\ .& .& & .\\ .& .& & .\\ f_{v_1}\left({I_{N_C}^C}^{\′}\right)& f_{v_2}\left({I_{N_C}^C}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_{N_C}^C}^{\′}\right)\end{array}\right.$

Wherein, N_PRepresent the sub-index number that female index P comprises, N_DRepresent the sub-index number that female index D comprises, N_CTable Show the sub-index number that female index C comprises；

Wherein, the computing formula of described fuzzy overall evaluation result computing module calculating fuzzy overall evaluation result M is:

$M=W*\left(\begin{array}{c}{m}_P*R_P\\ m_D*R_D\\ m_C*R_C\end{array}\right)=(L_1,L_2,...,L_5)$

Wherein, if the weight fuzzy subset corresponding to female index P obtained according to weight vectors, D, C is W={w_P,w_D, w_C, the weight fuzzy subset corresponding to sub-index set under female index P of obtaining according to weight vectors, D, C is respectively m_P、m_D、 m_C, * represents that generalized fuzzy synthesizes computing；

Wherein, when calculating described risk, if grade corresponding to grade fuzzy subset is entered as { H_j, j=1,2 .., 5}, I.e. grade v_jCorresponding numerical value H_j, and grade v₎From low paramount time described H_jValue is incremented by, and the computing formula of described risk is:

The invention have the benefit that

(1) can effectively understand the safety management risk of electronic record, can be to promote electronic records management to provide reference Suggestion, and by fuzzy matrix and analytic hierarchy process (AHP) application in risk assessment, can be to appearance in risk assessment processes Various uncertain factors, index are analyzed；

(2) membership function of the degree of membership of influence degree In Grade fuzzy subset for describing female index is defined, and Described membership function is utilized to carry out subordinated-degree matrix structure, the degree of membership Normal Distribution calculated, it is to avoid artificial subjectivity The impact of factor, enhances the objectivity of assessment result；

(3) proposing the computing formula of fuzzy overall evaluation result and risk, this computing formula is examined the most all sidedly Consider the factor affecting risk, highlighted the impact of safety measure Usefulness Pair systematic risk degree, it is achieved that to power supply enterprise's electricity The after-action review of sub-file safety, improves system evaluation precision.

Accompanying drawing explanation

The invention will be further described to utilize accompanying drawing, but the embodiment in accompanying drawing does not constitute any limit to the present invention System, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to obtain according to the following drawings Other accompanying drawing.

Fig. 1 is the connection diagram of each module of the present invention；

Fig. 2 is the structural representation of evaluation criteria system of the present invention.

Reference:

Evaluation index system generation module 1, opinion rating system generation module 2, quantization modules 3, weight computation module 4, Subordinated-degree matrix builds module 5, fuzzy overall evaluation result computing module 6, risk evaluation module 7.

Detailed description of the invention

The invention will be further described with the following Examples.

Embodiment 1

See Fig. 1, Fig. 2, the present embodiment power supply enterprise Electronic Archival Security risk evaluating system, including:

(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger；

(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each The corresponding grade fuzzy subset of individual opinion rating；

(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result Quantify；

(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis；

(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index；

(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis Evaluation result；

(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer Degree, divides risk class.

The present embodiment can effectively understand the safety management risk of electronic record, can be to promote electronic records management to provide Reference proposition, and by fuzzy matrix and analytic hierarchy process (AHP) application in risk assessment, can go out in risk assessment processes Existing various uncertain factors, index are analyzed

Embodiment 2

See Fig. 1, Fig. 2, the present embodiment power supply enterprise Electronic Archival Security risk evaluating system, including:

(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger；

(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each The corresponding grade fuzzy subset of individual opinion rating；

(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result Quantify；

(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis；

(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index；

(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis Evaluation result；

(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer Degree, divides risk class.

Risk is divided into 5 grades by described risk evaluation module 7, interval belonging to each grade risk be respectively (0, 20%], (20%, 40%], (40%, 60%], (60%, 80%], (80%, 1], respectively represent risk class be negligible, The most unsafe, unsafe, be absolutely unsafe, disaster.

The present embodiment defines risk partition mode, makes system more perfect.

Embodiment 3

See Fig. 1, Fig. 2, the present embodiment power supply enterprise Electronic Archival Security risk evaluating system, including:

(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger；

(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each The corresponding grade fuzzy subset of individual opinion rating；

(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result Quantify；

(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis；

(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index；

(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis Evaluation result；

(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer Degree, divides risk class.

Wherein, whether the sub-index that described physical security is corresponding includes the environmental condition inside and outside the storehouse of storage archive information Meet that safety requirements, computer equipment be the most in a safe condition, whether media meet safety requirements.

The sub-index of described management safety correspondence includes that special archives information security organization is the most sound, full-time Archives information security management personnel are the most complete, rules and regulations are the most sound, whether there is contingency management scheme.

Sub-index corresponding to described network security includes whether have precaution against computer virus, whether have anti-hacker Invasion facility, whether have access control measure, whether have audit and surveillance and control measure.

The present embodiment can effectively understand the safety management risk of electronic record, can be to promote electronic records management to provide Reference proposition, and by fuzzy matrix and analytic hierarchy process (AHP) application in risk assessment, can go out in risk assessment processes Existing various uncertain factors, index are analyzed；Define sub-index corresponding to physical security, the son of management safety correspondence refers to Mark the sub-index corresponding with network security, make system more perfect.

Embodiment 4

See Fig. 1, Fig. 2, the present embodiment power supply enterprise Electronic Archival Security risk evaluating system, including:

(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger；

(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each The corresponding grade fuzzy subset of individual opinion rating；

(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result Quantify；

(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis；

(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index；

(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis Evaluation result；

(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer Degree, divides risk class.

Wherein, described quantization modules 3 specifically performs when operating: set probability that P, D, C represent that destination layer causes danger respectively, Target cause danger after influence degree and uncontrollability, evaluate the expert group of power supply enterprise Electronic Archival Security to female index y The quantized value of the sub-index of x-th carry out the set of quantized that n evaluation obtain and beY=P, D, C, female index The final quantization value of the sub-index of x-th of y is:

${I_x^y}^{\′}=\frac{{\Σ}_i^n{I}_{xi}^y}{n},{I_x^y}^{\′}\∈\[0,1\]$

Wherein, described subordinated-degree matrix builds module 5 and calculates power supply enterprise's Electronic Archival Security fuzzy to described grade During the degree of membership collected, the following operation of concrete execution:

Definition grade fuzzy subset is { v_j, j=1,2 ..., 5}, and define the influence degree equity for describing female index The membership function of the degree of membership of level fuzzy subset:

Wherein, ρ is the xth being formulated female index y that expert determines by the expert group evaluating power supply enterprise's Electronic Archival Security The final quantization value of individual sub-index,For grade fuzzy subset { v_j, j=1,2 ..., 5 } corresponding standard value,μ is the expert group the evaluating power supply enterprise's Electronic Archival Security certainty factor to described final quantization value；

According to described membership function, construct P, the subordinated-degree matrix R of tri-female indexs of D, C respectively_P,R_D,R_C:

$R_P=\left\{\begin{array}{cccc}{f}_{v_1}\left({I_1^P}^{\′}\right)& f_{v_2}\left({I_1^P}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_1^P}^{\′}\right)\\ f_{v_1}\left({I_2^P}^{\′}\right)& f_{v_2}\left({I_2^P}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_2^P}^{\′}\right)\\ .& .& & .\\ .& .& & .\\ .& .& & .\\ f_{v_1}\left({I_{N_P}^P}^{\′}\right)& f_{v_2}\left({I_{N_P}^P}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_{N_P}^P}^{\′}\right)\end{array}\right.$

$R_D=\left\{\begin{array}{cccc}{f}_{v_1}\left({I_1^D}^{\′}\right)& f_{v_2}\left({I_1^D}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_1^D}^{\′}\right)\\ f_{v_1}\left({I_2^D}^{\′}\right)& f_{v_2}\left({I_2^D}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_2^D}^{\′}\right)\\ .& .& & .\\ .& .& & .\\ .& .& & .\\ f_{v_1}\left({I_{N_D}^D}^{\′}\right)& f_{v_2}\left({I_{N_D}^D}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_{N_D}^D}^{\′}\right)\end{array}\right.$

$R_C=\left\{\begin{array}{cccc}{f}_{v_1}\left({I_1^C}^{\′}\right)& f_{v_2}\left({I_1^C}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_1^C}^{\′}\right)\\ f_{v_1}\left({I_2^C}^{\′}\right)& f_{v_2}\left({I_2^C}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_2^C}^{\′}\right)\\ .& .& & .\\ .& .& & .\\ .& .& & .\\ f_{v_1}\left({I_{N_C}^C}^{\′}\right)& f_{v_2}\left({I_{N_C}^C}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_{N_C}^C}^{\′}\right)\end{array}\right.$

Wherein, N_PRepresent the sub-index number that female index P comprises, N_DRepresent the sub-index number that female index D comprises, N_CTable Show the sub-index number that female index C comprises；

What the present embodiment defined the degree of membership of the influence degree In Grade fuzzy subset for describing female index is subordinate to letter Number, and utilizes described membership function to carry out subordinated-degree matrix structure, the degree of membership Normal Distribution calculated, it is to avoid artificial The impact of subjective factors, enhances the objectivity of assessment result.

Embodiment 5

See Fig. 1, Fig. 2, the present embodiment one power supply enterprise Electronic Archival Security risk evaluating system, including:

(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger；

(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each The corresponding grade fuzzy subset of individual opinion rating；

(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result Quantify；

(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis；

(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index；

(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis Evaluation result；

(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer Degree, divides risk class.

Risk is divided into 5 grades by described risk evaluation module 7, interval belonging to each grade risk be respectively (0, 20%], (20%, 40%], (40%, 60%], (60%, 80%], (80%, 1], respectively represent risk class be negligible, The most unsafe, unsafe, be absolutely unsafe, disaster.

The computing formula of described overall risk degree is:

If the risk of i-th target is FD_I, the computing formula of described overall risk degree is:

$\stackrel{\‾}{FD}=\underset{I=1}{\overset{5}{\Σ}}{\mathrm{FD}}_I{W}_{{\mathrm{FD}}_I}$

Wherein,It is directed to i-th mesh for formulated by the expert group evaluating power supply enterprise's Electronic Archival Security Target weight.

Wherein, the sub-index that physical security is corresponding includes storing whether the environmental condition inside and outside the storehouse of archive information meets Safety requirements, computer equipment are the most in a safe condition, whether media meet safety requirements.

Wherein, the sub-index that described management safety is corresponding include special archives information security organization the most sound, Full-time archives information security management personnel are the most complete, rules and regulations are the most sound, whether there is contingency management scheme.

Wherein, the sub-index that described network security is corresponding includes whether have precaution against computer virus, whether have Anti-hacker attacks facility, whether have access control measure, whether have audit and surveillance and control measure.

Wherein, described quantization modules 3 specifically performs when operating:

If P, D, C represent respectively probability that destination layer causes danger, target cause danger after influence degree and uncontrollable Property, the expert group evaluating power supply enterprise's Electronic Archival Security carries out n evaluation to the quantized value of the sub-index of x-th of female index y The set of quantized obtained isY=P, D, C, the final quantization value of the sub-index of x-th of female index y is:

${I_x^y}^{\′}=\frac{{\Σ}_i^n{I}_{xi}^y}{n},{I_x^y}^{\′}\∈\[0,1\]$

Wherein, described subordinated-degree matrix builds module 5 when calculating female index to the degree of membership of described grade fuzzy subset, tool Body operates below performing:

Definition grade fuzzy subset is { v_j, j=1,2 ..., 5}, and define the influence degree equity for describing female index The membership function of the degree of membership of level fuzzy subset:

Wherein, ρ is the xth being formulated female index y that expert determines by the expert group evaluating power supply enterprise's Electronic Archival Security The final quantization value of individual sub-index,For grade fuzzy subset { v_j, j=1,2 ..., standard value corresponding for 5},μ is the expert group the evaluating power supply enterprise's Electronic Archival Security certainty factor to described final quantization value；

According to described membership function, construct P, the subordinated-degree matrix R of tri-female indexs of D, C respectively_P,R_D,R_C:

$R_P=\left\{\begin{array}{cccc}{f}_{v_1}\left({I_1^P}^{\′}\right)& f_{v_2}\left({I_1^P}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_1^P}^{\′}\right)\\ f_{v_1}\left({I_2^P}^{\′}\right)& f_{v_2}\left({I_2^P}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_2^P}^{\′}\right)\\ .& .& & .\\ .& .& & .\\ .& .& & .\\ f_{v_1}\left({I_{N_P}^P}^{\′}\right)& f_{v_2}\left({I_{N_P}^P}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_{N_P}^P}^{\′}\right)\end{array}\right.$

$R_D=\left\{\begin{array}{cccc}{f}_{v_1}\left({I_1^D}^{\′}\right)& f_{v_2}\left({I_1^D}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_1^D}^{\′}\right)\\ f_{v_1}\left({I_2^D}^{\′}\right)& f_{v_2}\left({I_2^D}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_2^D}^{\′}\right)\\ .& .& & .\\ .& .& & .\\ .& .& & .\\ f_{v_1}\left({I_{N_D}^D}^{\′}\right)& f_{v_2}\left({I_{N_D}^D}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_{N_D}^D}^{\′}\right)\end{array}\right.$

$R_C=\left\{\begin{array}{cccc}{f}_{v_1}\left({I_1^C}^{\′}\right)& f_{v_2}\left({I_1^C}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_1^C}^{\′}\right)\\ f_{v_1}\left({I_2^C}^{\′}\right)& f_{v_2}\left({I_2^C}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_2^C}^{\′}\right)\\ .& .& & .\\ .& .& & .\\ .& .& & .\\ f_{v_1}\left({I_{N_C}^C}^{\′}\right)& f_{v_2}\left({I_{N_C}^C}^{\′}\right)& \mathrm{...}& f_{v_5}\left({I_{N_C}^C}^{\′}\right)\end{array}\right.$

Wherein, N_PRepresent the sub-index number that female index P comprises, N_DRepresent the sub-index number that female index D comprises, N_CTable Show the sub-index number that female index C comprises；

Wherein, the computing formula that described fuzzy overall evaluation result computing module 6 calculates fuzzy overall evaluation result M is:

$M=W*\left(\begin{array}{c}{m}_P*R_P\\ m_D*R_D\\ m_C*R_C\end{array}\right)=(L_1,L_2,...,L_5)$

Wherein, if the weight fuzzy subset corresponding to female index P obtained according to weight vectors, D, C is W={w_P,w_D, w_C, the weight fuzzy subset corresponding to sub-index set under female index P of obtaining according to weight vectors, D, C is respectively m_P、m_D、 m_C, * represents that generalized fuzzy synthesizes computing；

Wherein, when calculating described risk, if grade corresponding to grade fuzzy subset is entered as { H_j, *=1,2 .., 5}, I.e. grade v_jCorresponding numerical value H_j, and grade v_jFrom low paramount time described H_jValue is incremented by, and the computing formula of described risk is:

On the basis of the present embodiment is based on above-described embodiment, continue to propose the meter of fuzzy overall evaluation result and risk Calculating formula, this computing formula considers the factor affecting risk the most all sidedly, highlights safety measure Usefulness Pair system The impact of risk, it is achieved that the after-action review to power supply enterprise's Electronic Archival Security, improves system evaluation precision.

Last it should be noted that, above example is only in order to illustrate technical scheme, rather than the present invention is protected Protecting the restriction of scope, although having made to explain to the present invention with reference to preferred embodiment, those of ordinary skill in the art should Work as understanding, technical scheme can be modified or equivalent, without deviating from the reality of technical solution of the present invention Matter and scope.

Claims (8)

1. power supply enterprise's Electronic Archival Security risk evaluating system, it is characterised in that including:

(1) evaluation index system generation module, for generating the evaluation criteria system being directed to power supply enterprise's Electronic Archival Security, Described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it include destination layer, rule layer and Indicator layer, described destination layer includes physical security, management safety, network security, information security and four targets of security of system, institute State probability that rule layer includes that target causes danger, target cause danger after influence degree and three female indexs of uncontrollability, Described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures the abatement to risk And control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger；

(2) opinion rating system generation module, for generating the opinion rating system corresponding to evaluation criteria system, described evaluation Hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, and each is evaluated The corresponding grade fuzzy subset of grade；

(3) quantization modules, evaluates the influence degree of corresponding female index for antithetical phrase index, and to the evaluation result amount of carrying out Change；

(4) weight computation module, calculates female index and the weight vectors of sub-index for reference level fractional analysis；

(5) subordinated-degree matrix builds module, for according to described evaluation criteria system, calculates female index son fuzzy to described grade The degree of membership of collection, builds the subordinated-degree matrix of female index；

(6) fuzzy overall evaluation result computing module, for according to subordinated-degree matrix and weight vector computation fuzzy overall evaluation Result；

(7) risk evaluation module, for calculating power supply enterprise's electronics shelves according to weight vectors and fuzzy overall evaluation result vector The risk of the case each destination layer of safety, and the overall wind of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer Danger degree, divides risk class；The computing formula of described overall risk degree is:

If the risk of i-th target is FD_I, the computing formula of described overall risk degree is:

Wherein,It is directed to i-th target for formulated by the expert group evaluating power supply enterprise Electronic Archival Security Weight.

A kind of power supply enterprise the most according to claim 1 Electronic Archival Security risk evaluating system, it is characterised in that physics The sub-index of safety correspondence includes storing whether the environmental condition inside and outside the storehouse of archive information meets safety requirements, computer sets Whether safety requirements is met for the most in a safe condition, media.

A kind of power supply enterprise the most according to claim 1 Electronic Archival Security risk evaluating system, it is characterised in that described The sub-index of management safety correspondence includes the archives information security that special archives information security organization is the most sound, full-time Management personnel are the most complete, rules and regulations are the most sound, whether there is contingency management scheme.

A kind of power supply enterprise the most according to claim 1 Electronic Archival Security risk evaluating system, it is characterised in that described Sub-index corresponding to network security includes whether to have precaution against computer virus, whether has anti-hacker attacks facility, is No have access control measure, whether have audit and surveillance and control measure.

A kind of power supply enterprise the most according to claim 1 Electronic Archival Security risk evaluating system, it is characterised in that described Specifically perform during quantization modules running:

If P, D, C represent respectively probability that destination layer causes danger, target cause danger after influence degree and uncontrollability, comment The expert group of valency power supply enterprise Electronic Archival Security carries out what n evaluation obtained to the quantized value of the sub-index of x-th of female index y Set of quantized isY=P, D, C, the final quantization value of the sub-index of x-th of female index y is:

。

A kind of power supply enterprise the most according to claim 5 Electronic Archival Security risk evaluating system, it is characterised in that described Subordinated-degree matrix builds module when calculating female index to the degree of membership of described grade fuzzy subset, concrete performs following operation:

Definition grade fuzzy subset is { v_j, j=1,2 ..., 5}, and define the influence degree In Grade mould for describing female index The membership function of the degree of membership of paste subset:

Wherein, ρ is x-th being formulated female index y that expert determines by the expert group evaluating power supply enterprise's Electronic Archival Security The final quantization value of index,For grade fuzzy subset { v_j, j=1,2 ..., standard value corresponding for 5},μ For evaluating the expert group of the power supply enterprise Electronic Archival Security certainty factor to described final quantization value；

According to described membership function, construct P, the subordinated-degree matrix R of tri-female indexs of D, C respectively_P,R_D,R_C:

Wherein, N_PRepresent the sub-index number that female index P comprises, N_DRepresent the sub-index number that female index D comprises, N_CRepresent mother The sub-index number that index C comprises.

A kind of power supply enterprise the most according to claim 6 Electronic Archival Security risk evaluating system, it is characterised in that described Fuzzy overall evaluation result computing module calculates the computing formula of fuzzy overall evaluation result M:

Wherein, if the weight fuzzy subset corresponding to female index P obtained according to weight vectors, D, C is W={w_P,w_D,w_C, root The weight fuzzy subset corresponding to sub-index set under female index P of obtaining according to weight vectors, D, C is respectively m_P、m_D、m_C, * table Show that generalized fuzzy synthesizes computing.

A kind of power supply enterprise the most according to claim 7 Electronic Archival Security risk evaluating system, it is characterised in that calculate During described risk, if grade corresponding to grade fuzzy subset is entered as { H_j, j=1,2 .., 5}, i.e. grade v_jCorresponding numerical value H_j, and grade v_jFrom low paramount time described H_jValue is incremented by, and the computing formula of described risk is: