CN106203831A - A kind of power supply enterprise Electronic Archival Security risk evaluating system - Google Patents
A kind of power supply enterprise Electronic Archival Security risk evaluating system Download PDFInfo
- Publication number
- CN106203831A CN106203831A CN201610541637.0A CN201610541637A CN106203831A CN 106203831 A CN106203831 A CN 106203831A CN 201610541637 A CN201610541637 A CN 201610541637A CN 106203831 A CN106203831 A CN 106203831A
- Authority
- CN
- China
- Prior art keywords
- index
- risk
- power supply
- security
- supply enterprise
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000011156 evaluation Methods 0.000 claims abstract description 96
- 239000011159 matrix material Substances 0.000 claims abstract description 37
- 238000013139 quantization Methods 0.000 claims abstract description 25
- 239000013598 vector Substances 0.000 claims description 34
- 238000007726 management method Methods 0.000 claims description 30
- 238000004458 analytical method Methods 0.000 claims description 7
- 241000700605 Viruses Species 0.000 claims description 4
- 238000012550 audit Methods 0.000 claims description 4
- 230000007613 environmental effect Effects 0.000 claims description 4
- 230000008520 organization Effects 0.000 claims description 4
- 238000000034 method Methods 0.000 abstract description 9
- 238000012502 risk assessment Methods 0.000 abstract description 9
- 230000005611 electricity Effects 0.000 description 8
- 230000015572 biosynthetic process Effects 0.000 description 6
- 238000003786 synthesis reaction Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
Landscapes
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Engineering & Computer Science (AREA)
- Economics (AREA)
- Strategic Management (AREA)
- Entrepreneurship & Innovation (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Marketing (AREA)
- General Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Tourism & Hospitality (AREA)
- Educational Administration (AREA)
- Quality & Reliability (AREA)
- Operations Research (AREA)
- Game Theory and Decision Science (AREA)
- Development Economics (AREA)
- Public Health (AREA)
- Water Supply & Treatment (AREA)
- General Health & Medical Sciences (AREA)
- Primary Health Care (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of power supply enterprise Electronic Archival Security risk evaluating system, build module, fuzzy overall evaluation result computing module and risk evaluation module including evaluation index system generation module, opinion rating system generation module, quantization modules, weight computation module, subordinated-degree matrix.The present invention can effectively understand the safety management risk of electronic record, can be to promote electronic records management to provide reference proposition, and by fuzzy matrix and analytic hierarchy process (AHP) application in risk assessment, can be analyzed the various uncertain factors, the index that occur in risk assessment processes, Evaluation accuracy is higher.
Description
Technical field
The present invention relates to electricity digital data processing field, be specifically related to the Electronic Archival Security risk assessment of a kind of power supply enterprise
System.
Background technology
In power marketing business procedure, there is substantial amounts of archives of paper quality, be used for recording reflection practical business situation truly,
All refer to the collection to archives material from service handling, In-site supervision, the multi-service item such as oppose electricity-stealing, preserve and manage.For
Avoiding the problem in paper files management, power supply enterprise starts combining information technology in recent years, uses the mode of electronization to manage
Archives of paper quality, it is achieved marketing archives electronic management, improves work efficiency in business and management, accelerates inquiry velocity,
The biggest effect has been played to improving good service service level.But meanwhile, compare archives of paper quality, the safety of electronic record
Also become the emphasis of work, the factors such as environment, management and network that electronic archives information constitutes safely serious challenge.
Summary of the invention
For the problems referred to above, the present invention provides a kind of power supply enterprise Electronic Archival Security risk evaluating system.
The purpose of the present invention realizes by the following technical solutions:
A kind of power supply enterprise Electronic Archival Security risk evaluating system, including:
(1) evaluation index system generation module, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security
System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion
Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project
Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability
Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk
Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger;
(2) opinion rating system generation module, for generating the opinion rating system corresponding to evaluation criteria system, described
Opinion rating system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each
The corresponding grade fuzzy subset of opinion rating;
(3) quantization modules, evaluates the influence degree of corresponding female index for antithetical phrase index, and enters evaluation result
Row quantifies;
(4) weight computation module, calculates female index and the weight vectors of sub-index for reference level fractional analysis;
(5) subordinated-degree matrix builds module, for according to described evaluation criteria system, calculates female index to described grade mould
Stick with paste the degree of membership of subset, build the subordinated-degree matrix of female index;
(6) fuzzy overall evaluation result computing module, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis
Evaluation result;
(7) risk evaluation module, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector
The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer
Degree, divides risk class.
Risk is divided into 5 grades by described risk evaluation module, interval belonging to each grade risk be respectively (0,20%],
(20%, 40%], (40%, 60%], (60%, 80%], (80%, 1], represent that risk class is negligible, the most respectively
Safety, unsafe, be absolutely unsafe, disaster.
The computing formula of described overall risk degree is:
If the risk of i-th target is FDI, the computing formula of described overall risk degree is:
Wherein,It is directed to i-th mesh for formulated by the expert group evaluating power supply enterprise's Electronic Archival Security
Target weight.
Wherein, the sub-index that physical security is corresponding includes storing whether the environmental condition inside and outside the storehouse of archive information meets
Safety requirements, computer equipment are the most in a safe condition, whether media meet safety requirements.
Wherein, the sub-index that described management safety is corresponding include special archives information security organization the most sound,
Full-time archives information security management personnel are the most complete, rules and regulations are the most sound, whether there is contingency management scheme.
Wherein, the sub-index that described network security is corresponding includes whether have precaution against computer virus, whether have
Anti-hacker attacks facility, whether have access control measure, whether have audit and surveillance and control measure.
Wherein, specifically perform during the running of described quantization modules:
If P, D, C represent respectively probability that destination layer causes danger, target cause danger after influence degree and uncontrollable
Property, the expert group evaluating power supply enterprise's Electronic Archival Security carries out n evaluation to the quantized value of the sub-index of x-th of female index y
The set of quantized obtained isY=P, D, C, the final quantization value of the sub-index of x-th of female index y is:
Wherein, described subordinated-degree matrix builds module when calculating female index to the degree of membership of described grade fuzzy subset, tool
Body performs
Below operation:
Definition grade fuzzy subset is { vj, j=1,2 ..., 5}, and define the influence degree equity for describing female index
The membership function of the degree of membership of level fuzzy subset:
Wherein, ρ is the xth being formulated female index y that expert determines by the expert group evaluating power supply enterprise's Electronic Archival Security
The final quantization value of individual sub-index,For grade fuzzy subset { vj, j=1,2 ..., standard value corresponding for 5},μ is the expert group the evaluating power supply enterprise's Electronic Archival Security certainty factor to described final quantization value;
According to described membership function, construct P, the subordinated-degree matrix R of tri-female indexs of D, C respectivelyP,RD,RC:
Wherein, NPRepresent the sub-index number that female index P comprises, NDRepresent the sub-index number that female index D comprises, NCTable
Show the sub-index number that female index C comprises;
Wherein, the computing formula of described fuzzy overall evaluation result computing module calculating fuzzy overall evaluation result M is:
Wherein, if the weight fuzzy subset corresponding to female index P obtained according to weight vectors, D, C is W={wP,wD,
wC, the weight fuzzy subset corresponding to sub-index set under female index P of obtaining according to weight vectors, D, C is respectively mP、mD、
mC, * represents that generalized fuzzy synthesizes computing;
Wherein, when calculating described risk, if grade corresponding to grade fuzzy subset is entered as { Hj, j=1,2 .., 5},
I.e. grade vjCorresponding numerical value Hj, and grade v)From low paramount time described HjValue is incremented by, and the computing formula of described risk is:
The invention have the benefit that
(1) can effectively understand the safety management risk of electronic record, can be to promote electronic records management to provide reference
Suggestion, and by fuzzy matrix and analytic hierarchy process (AHP) application in risk assessment, can be to appearance in risk assessment processes
Various uncertain factors, index are analyzed;
(2) membership function of the degree of membership of influence degree In Grade fuzzy subset for describing female index is defined, and
Described membership function is utilized to carry out subordinated-degree matrix structure, the degree of membership Normal Distribution calculated, it is to avoid artificial subjectivity
The impact of factor, enhances the objectivity of assessment result;
(3) proposing the computing formula of fuzzy overall evaluation result and risk, this computing formula is examined the most all sidedly
Consider the factor affecting risk, highlighted the impact of safety measure Usefulness Pair systematic risk degree, it is achieved that to power supply enterprise's electricity
The after-action review of sub-file safety, improves system evaluation precision.
Accompanying drawing explanation
The invention will be further described to utilize accompanying drawing, but the embodiment in accompanying drawing does not constitute any limit to the present invention
System, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to obtain according to the following drawings
Other accompanying drawing.
Fig. 1 is the connection diagram of each module of the present invention;
Fig. 2 is the structural representation of evaluation criteria system of the present invention.
Reference:
Evaluation index system generation module 1, opinion rating system generation module 2, quantization modules 3, weight computation module 4,
Subordinated-degree matrix builds module 5, fuzzy overall evaluation result computing module 6, risk evaluation module 7.
Detailed description of the invention
The invention will be further described with the following Examples.
Embodiment 1
See Fig. 1, Fig. 2, the present embodiment power supply enterprise Electronic Archival Security risk evaluating system, including:
(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security
System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion
Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project
Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability
Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk
Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger;
(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute
Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each
The corresponding grade fuzzy subset of individual opinion rating;
(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result
Quantify;
(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis;
(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade
The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index;
(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis
Evaluation result;
(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector
The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer
Degree, divides risk class.
The present embodiment can effectively understand the safety management risk of electronic record, can be to promote electronic records management to provide
Reference proposition, and by fuzzy matrix and analytic hierarchy process (AHP) application in risk assessment, can go out in risk assessment processes
Existing various uncertain factors, index are analyzed
Embodiment 2
See Fig. 1, Fig. 2, the present embodiment power supply enterprise Electronic Archival Security risk evaluating system, including:
(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security
System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion
Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project
Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability
Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk
Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger;
(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute
Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each
The corresponding grade fuzzy subset of individual opinion rating;
(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result
Quantify;
(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis;
(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade
The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index;
(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis
Evaluation result;
(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector
The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer
Degree, divides risk class.
Risk is divided into 5 grades by described risk evaluation module 7, interval belonging to each grade risk be respectively (0,
20%], (20%, 40%], (40%, 60%], (60%, 80%], (80%, 1], respectively represent risk class be negligible,
The most unsafe, unsafe, be absolutely unsafe, disaster.
The present embodiment defines risk partition mode, makes system more perfect.
Embodiment 3
See Fig. 1, Fig. 2, the present embodiment power supply enterprise Electronic Archival Security risk evaluating system, including:
(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security
System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion
Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project
Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability
Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk
Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger;
(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute
Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each
The corresponding grade fuzzy subset of individual opinion rating;
(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result
Quantify;
(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis;
(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade
The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index;
(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis
Evaluation result;
(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector
The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer
Degree, divides risk class.
Wherein, whether the sub-index that described physical security is corresponding includes the environmental condition inside and outside the storehouse of storage archive information
Meet that safety requirements, computer equipment be the most in a safe condition, whether media meet safety requirements.
The sub-index of described management safety correspondence includes that special archives information security organization is the most sound, full-time
Archives information security management personnel are the most complete, rules and regulations are the most sound, whether there is contingency management scheme.
Sub-index corresponding to described network security includes whether have precaution against computer virus, whether have anti-hacker
Invasion facility, whether have access control measure, whether have audit and surveillance and control measure.
The present embodiment can effectively understand the safety management risk of electronic record, can be to promote electronic records management to provide
Reference proposition, and by fuzzy matrix and analytic hierarchy process (AHP) application in risk assessment, can go out in risk assessment processes
Existing various uncertain factors, index are analyzed;Define sub-index corresponding to physical security, the son of management safety correspondence refers to
Mark the sub-index corresponding with network security, make system more perfect.
Embodiment 4
See Fig. 1, Fig. 2, the present embodiment power supply enterprise Electronic Archival Security risk evaluating system, including:
(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security
System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion
Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project
Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability
Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk
Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger;
(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute
Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each
The corresponding grade fuzzy subset of individual opinion rating;
(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result
Quantify;
(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis;
(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade
The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index;
(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis
Evaluation result;
(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector
The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer
Degree, divides risk class.
Wherein, described quantization modules 3 specifically performs when operating: set probability that P, D, C represent that destination layer causes danger respectively,
Target cause danger after influence degree and uncontrollability, evaluate the expert group of power supply enterprise Electronic Archival Security to female index y
The quantized value of the sub-index of x-th carry out the set of quantized that n evaluation obtain and beY=P, D, C, female index
The final quantization value of the sub-index of x-th of y is:
Wherein, described subordinated-degree matrix builds module 5 and calculates power supply enterprise's Electronic Archival Security fuzzy to described grade
During the degree of membership collected, the following operation of concrete execution:
Definition grade fuzzy subset is { vj, j=1,2 ..., 5}, and define the influence degree equity for describing female index
The membership function of the degree of membership of level fuzzy subset:
Wherein, ρ is the xth being formulated female index y that expert determines by the expert group evaluating power supply enterprise's Electronic Archival Security
The final quantization value of individual sub-index,For grade fuzzy subset { vj, j=1,2 ..., 5 } corresponding standard value,μ is the expert group the evaluating power supply enterprise's Electronic Archival Security certainty factor to described final quantization value;
According to described membership function, construct P, the subordinated-degree matrix R of tri-female indexs of D, C respectivelyP,RD,RC:
Wherein, NPRepresent the sub-index number that female index P comprises, NDRepresent the sub-index number that female index D comprises, NCTable
Show the sub-index number that female index C comprises;
What the present embodiment defined the degree of membership of the influence degree In Grade fuzzy subset for describing female index is subordinate to letter
Number, and utilizes described membership function to carry out subordinated-degree matrix structure, the degree of membership Normal Distribution calculated, it is to avoid artificial
The impact of subjective factors, enhances the objectivity of assessment result.
Embodiment 5
See Fig. 1, Fig. 2, the present embodiment one power supply enterprise Electronic Archival Security risk evaluating system, including:
(1) evaluation index system generation module 1, for generating the evaluation index being directed to power supply enterprise's Electronic Archival Security
System, described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it includes destination layer, criterion
Layer and indicator layer, described destination layer includes physical security, management safety, network security, information security and security of system four project
Mark, described rule layer include probability that target causes danger, target cause danger after influence degree and three mothers of uncontrollability
Index, described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures to risk
Abatement and control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger;
(2) opinion rating system generation module 2, for generating the opinion rating system corresponding to evaluation criteria system, institute
Commentary valency hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, each
The corresponding grade fuzzy subset of individual opinion rating;
(3) quantization modules 3, evaluate the influence degree of corresponding female index for antithetical phrase index, and to evaluation result
Quantify;
(4) weight computation module 4, calculate female index and the weight vectors of sub-index for reference level fractional analysis;
(5) subordinated-degree matrix builds module 5, for according to described evaluation criteria system, calculates female index to described grade
The degree of membership of fuzzy subset, builds the subordinated-degree matrix of female index;
(6) fuzzy overall evaluation result computing module 6, for according to subordinated-degree matrix and weight vector computation fuzzy synthesis
Evaluation result;
(7) risk evaluation module 7, for calculating power supply enterprise's electricity according to weight vectors and fuzzy overall evaluation result vector
The risk of sub-file safety, and the overall risk of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer
Degree, divides risk class.
Risk is divided into 5 grades by described risk evaluation module 7, interval belonging to each grade risk be respectively (0,
20%], (20%, 40%], (40%, 60%], (60%, 80%], (80%, 1], respectively represent risk class be negligible,
The most unsafe, unsafe, be absolutely unsafe, disaster.
The computing formula of described overall risk degree is:
If the risk of i-th target is FDI, the computing formula of described overall risk degree is:
Wherein,It is directed to i-th mesh for formulated by the expert group evaluating power supply enterprise's Electronic Archival Security
Target weight.
Wherein, the sub-index that physical security is corresponding includes storing whether the environmental condition inside and outside the storehouse of archive information meets
Safety requirements, computer equipment are the most in a safe condition, whether media meet safety requirements.
Wherein, the sub-index that described management safety is corresponding include special archives information security organization the most sound,
Full-time archives information security management personnel are the most complete, rules and regulations are the most sound, whether there is contingency management scheme.
Wherein, the sub-index that described network security is corresponding includes whether have precaution against computer virus, whether have
Anti-hacker attacks facility, whether have access control measure, whether have audit and surveillance and control measure.
Wherein, described quantization modules 3 specifically performs when operating:
If P, D, C represent respectively probability that destination layer causes danger, target cause danger after influence degree and uncontrollable
Property, the expert group evaluating power supply enterprise's Electronic Archival Security carries out n evaluation to the quantized value of the sub-index of x-th of female index y
The set of quantized obtained isY=P, D, C, the final quantization value of the sub-index of x-th of female index y is:
Wherein, described subordinated-degree matrix builds module 5 when calculating female index to the degree of membership of described grade fuzzy subset, tool
Body operates below performing:
Definition grade fuzzy subset is { vj, j=1,2 ..., 5}, and define the influence degree equity for describing female index
The membership function of the degree of membership of level fuzzy subset:
Wherein, ρ is the xth being formulated female index y that expert determines by the expert group evaluating power supply enterprise's Electronic Archival Security
The final quantization value of individual sub-index,For grade fuzzy subset { vj, j=1,2 ..., standard value corresponding for 5},μ is the expert group the evaluating power supply enterprise's Electronic Archival Security certainty factor to described final quantization value;
According to described membership function, construct P, the subordinated-degree matrix R of tri-female indexs of D, C respectivelyP,RD,RC:
Wherein, NPRepresent the sub-index number that female index P comprises, NDRepresent the sub-index number that female index D comprises, NCTable
Show the sub-index number that female index C comprises;
Wherein, the computing formula that described fuzzy overall evaluation result computing module 6 calculates fuzzy overall evaluation result M is:
Wherein, if the weight fuzzy subset corresponding to female index P obtained according to weight vectors, D, C is W={wP,wD,
wC, the weight fuzzy subset corresponding to sub-index set under female index P of obtaining according to weight vectors, D, C is respectively mP、mD、
mC, * represents that generalized fuzzy synthesizes computing;
Wherein, when calculating described risk, if grade corresponding to grade fuzzy subset is entered as { Hj, *=1,2 .., 5},
I.e. grade vjCorresponding numerical value Hj, and grade vjFrom low paramount time described HjValue is incremented by, and the computing formula of described risk is:
On the basis of the present embodiment is based on above-described embodiment, continue to propose the meter of fuzzy overall evaluation result and risk
Calculating formula, this computing formula considers the factor affecting risk the most all sidedly, highlights safety measure Usefulness Pair system
The impact of risk, it is achieved that the after-action review to power supply enterprise's Electronic Archival Security, improves system evaluation precision.
Last it should be noted that, above example is only in order to illustrate technical scheme, rather than the present invention is protected
Protecting the restriction of scope, although having made to explain to the present invention with reference to preferred embodiment, those of ordinary skill in the art should
Work as understanding, technical scheme can be modified or equivalent, without deviating from the reality of technical solution of the present invention
Matter and scope.
Claims (8)
1. power supply enterprise's Electronic Archival Security risk evaluating system, it is characterised in that including:
(1) evaluation index system generation module, for generating the evaluation criteria system being directed to power supply enterprise's Electronic Archival Security,
Described evaluation criteria system by evaluate power supply enterprise's Electronic Archival Security expert group formulate, it include destination layer, rule layer and
Indicator layer, described destination layer includes physical security, management safety, network security, information security and four targets of security of system, institute
State probability that rule layer includes that target causes danger, target cause danger after influence degree and three female indexs of uncontrollability,
Described indicator layer includes the every sub-index corresponding to female index, wherein considers that system is taken safety measures the abatement to risk
And control action, definition uncontrollability target makes the ability characteristics of security failure after causing danger;
(2) opinion rating system generation module, for generating the opinion rating system corresponding to evaluation criteria system, described evaluation
Hierarchical system is formulated by the expert group evaluating power supply enterprise's Electronic Archival Security, and it includes multiple opinion rating, and each is evaluated
The corresponding grade fuzzy subset of grade;
(3) quantization modules, evaluates the influence degree of corresponding female index for antithetical phrase index, and to the evaluation result amount of carrying out
Change;
(4) weight computation module, calculates female index and the weight vectors of sub-index for reference level fractional analysis;
(5) subordinated-degree matrix builds module, for according to described evaluation criteria system, calculates female index son fuzzy to described grade
The degree of membership of collection, builds the subordinated-degree matrix of female index;
(6) fuzzy overall evaluation result computing module, for according to subordinated-degree matrix and weight vector computation fuzzy overall evaluation
Result;
(7) risk evaluation module, for calculating power supply enterprise's electronics shelves according to weight vectors and fuzzy overall evaluation result vector
The risk of the case each destination layer of safety, and the overall wind of power supply enterprise's Electronic Archival Security is calculated according to the risk of each destination layer
Danger degree, divides risk class;The computing formula of described overall risk degree is:
If the risk of i-th target is FDI, the computing formula of described overall risk degree is:
Wherein,It is directed to i-th target for formulated by the expert group evaluating power supply enterprise Electronic Archival Security
Weight.
A kind of power supply enterprise the most according to claim 1 Electronic Archival Security risk evaluating system, it is characterised in that physics
The sub-index of safety correspondence includes storing whether the environmental condition inside and outside the storehouse of archive information meets safety requirements, computer sets
Whether safety requirements is met for the most in a safe condition, media.
A kind of power supply enterprise the most according to claim 1 Electronic Archival Security risk evaluating system, it is characterised in that described
The sub-index of management safety correspondence includes the archives information security that special archives information security organization is the most sound, full-time
Management personnel are the most complete, rules and regulations are the most sound, whether there is contingency management scheme.
A kind of power supply enterprise the most according to claim 1 Electronic Archival Security risk evaluating system, it is characterised in that described
Sub-index corresponding to network security includes whether to have precaution against computer virus, whether has anti-hacker attacks facility, is
No have access control measure, whether have audit and surveillance and control measure.
A kind of power supply enterprise the most according to claim 1 Electronic Archival Security risk evaluating system, it is characterised in that described
Specifically perform during quantization modules running:
If P, D, C represent respectively probability that destination layer causes danger, target cause danger after influence degree and uncontrollability, comment
The expert group of valency power supply enterprise Electronic Archival Security carries out what n evaluation obtained to the quantized value of the sub-index of x-th of female index y
Set of quantized isY=P, D, C, the final quantization value of the sub-index of x-th of female index y is:
。
A kind of power supply enterprise the most according to claim 5 Electronic Archival Security risk evaluating system, it is characterised in that described
Subordinated-degree matrix builds module when calculating female index to the degree of membership of described grade fuzzy subset, concrete performs following operation:
Definition grade fuzzy subset is { vj, j=1,2 ..., 5}, and define the influence degree In Grade mould for describing female index
The membership function of the degree of membership of paste subset:
Wherein, ρ is x-th being formulated female index y that expert determines by the expert group evaluating power supply enterprise's Electronic Archival Security
The final quantization value of index,For grade fuzzy subset { vj, j=1,2 ..., standard value corresponding for 5},μ
For evaluating the expert group of the power supply enterprise Electronic Archival Security certainty factor to described final quantization value;
According to described membership function, construct P, the subordinated-degree matrix R of tri-female indexs of D, C respectivelyP,RD,RC:
Wherein, NPRepresent the sub-index number that female index P comprises, NDRepresent the sub-index number that female index D comprises, NCRepresent mother
The sub-index number that index C comprises.
A kind of power supply enterprise the most according to claim 6 Electronic Archival Security risk evaluating system, it is characterised in that described
Fuzzy overall evaluation result computing module calculates the computing formula of fuzzy overall evaluation result M:
Wherein, if the weight fuzzy subset corresponding to female index P obtained according to weight vectors, D, C is W={wP,wD,wC, root
The weight fuzzy subset corresponding to sub-index set under female index P of obtaining according to weight vectors, D, C is respectively mP、mD、mC, * table
Show that generalized fuzzy synthesizes computing.
A kind of power supply enterprise the most according to claim 7 Electronic Archival Security risk evaluating system, it is characterised in that calculate
During described risk, if grade corresponding to grade fuzzy subset is entered as { Hj, j=1,2 .., 5}, i.e. grade vjCorresponding numerical value
Hj, and grade vjFrom low paramount time described HjValue is incremented by, and the computing formula of described risk is:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610541637.0A CN106203831A (en) | 2016-07-05 | 2016-07-05 | A kind of power supply enterprise Electronic Archival Security risk evaluating system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610541637.0A CN106203831A (en) | 2016-07-05 | 2016-07-05 | A kind of power supply enterprise Electronic Archival Security risk evaluating system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106203831A true CN106203831A (en) | 2016-12-07 |
Family
ID=57474212
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610541637.0A Withdrawn CN106203831A (en) | 2016-07-05 | 2016-07-05 | A kind of power supply enterprise Electronic Archival Security risk evaluating system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106203831A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108229806A (en) * | 2017-12-27 | 2018-06-29 | 中国银行股份有限公司 | A kind of method and system for analyzing business risk |
CN108345972A (en) * | 2017-01-24 | 2018-07-31 | 上海中信信息发展股份有限公司 | Electronic record long-term preservation reliability comprehensive estimation method under multifactor complex environment |
CN108764481A (en) * | 2018-05-04 | 2018-11-06 | 国家计算机网络与信息安全管理中心 | A kind of information security ability evaluating method and system based on mobile terminal behavior |
CN110703712A (en) * | 2019-10-25 | 2020-01-17 | 国家工业信息安全发展研究中心 | Industrial control system information security attack risk assessment method and system |
CN112163777A (en) * | 2020-10-12 | 2021-01-01 | 杭州电子科技大学 | Enterprise information system security evaluation model based on boundary shell comprehensive strength |
-
2016
- 2016-07-05 CN CN201610541637.0A patent/CN106203831A/en not_active Withdrawn
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108345972A (en) * | 2017-01-24 | 2018-07-31 | 上海中信信息发展股份有限公司 | Electronic record long-term preservation reliability comprehensive estimation method under multifactor complex environment |
CN108229806A (en) * | 2017-12-27 | 2018-06-29 | 中国银行股份有限公司 | A kind of method and system for analyzing business risk |
CN108764481A (en) * | 2018-05-04 | 2018-11-06 | 国家计算机网络与信息安全管理中心 | A kind of information security ability evaluating method and system based on mobile terminal behavior |
CN110703712A (en) * | 2019-10-25 | 2020-01-17 | 国家工业信息安全发展研究中心 | Industrial control system information security attack risk assessment method and system |
CN110703712B (en) * | 2019-10-25 | 2020-09-15 | 国家工业信息安全发展研究中心 | Industrial control system information security attack risk assessment method and system |
CN112163777A (en) * | 2020-10-12 | 2021-01-01 | 杭州电子科技大学 | Enterprise information system security evaluation model based on boundary shell comprehensive strength |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Koc et al. | Integrating feature engineering, genetic algorithm and tree-based machine learning methods to predict the post-accident disability status of construction workers | |
CN106203831A (en) | A kind of power supply enterprise Electronic Archival Security risk evaluating system | |
Chen et al. | A fault diagnosis method considering meteorological factors for transmission networks based on P systems | |
CN108399340A (en) | Based on the onboard networks safety risk estimating method for improving FAHP and cloud model | |
Purba et al. | Fuzzy probability based event tree analysis for calculating core damage frequency in nuclear power plant probabilistic safety assessment | |
Song et al. | Power transformer operating state prediction method based on an LSTM network | |
CN106230773A (en) | Risk evaluating system based on fuzzy matrix analytic hierarchy process (AHP) | |
CN106295332A (en) | Based on interval number and the Information Security Risk Assessment Methods of ideal solution | |
Wang et al. | Identification of critical transmission lines in complex power networks | |
Chiacchio et al. | Modelling and resolution of dynamic reliability problems by the coupling of simulink and the stochastic hybrid fault tree object oriented (SHyFTOO) library | |
Linkov et al. | Resilience stress testing for critical infrastructure | |
Liu et al. | A review of power system fault diagnosis with spiking neural P systems | |
Xiahou et al. | Research on Safety Resilience Evaluation Model of Data Center Physical Infrastructure: An ANP-Based Approach | |
Qudsi et al. | Predictive data mining of chronic diseases using decision tree: a case study of health insurance company in Indonesia | |
Han et al. | Critical lines identification for skeleton-network of power systems under extreme weather conditions based on the modified VIKOR method | |
Liu et al. | A data-driven approach for online inter-area oscillatory stability assessment of power systems based on random bits forest considering feature redundancy | |
Slavkovic | Statistical disclosure limitation beyond the margins: characterization of joint distributions for contingency tables | |
Zhou et al. | Construction safety management in the data-rich era: A hybrid review based upon three perspectives of nature of dataset, machine learning approach, and research topic | |
Sun | Construction and research of digital archives cloud platform based on big data management | |
Reznik et al. | Poster: Data quality evaluation: Integrating security and accuracy | |
Vakili et al. | A Machine Learning-Based Method for Identifying Critical Distance Relays for Transient Stability Studies | |
Kang et al. | Commercial Bank IT Risk Evaluation Model Based on GA-BP Neural Network | |
Alidaee et al. | Integrating Statistical Simulation and Optimization for Redundancy Allocation in Smart Grid Infrastructure | |
Ewing et al. | Text mining for procedure-level primitives in human reliability analysis | |
CN113742495B (en) | Rating feature weight determining method and device based on prediction model and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C04 | Withdrawal of patent application after publication (patent law 2001) | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20161207 |