CN112508435A - Information system security risk assessment method, device, equipment and storage medium - Google Patents
Information system security risk assessment method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN112508435A CN112508435A CN202011491859.9A CN202011491859A CN112508435A CN 112508435 A CN112508435 A CN 112508435A CN 202011491859 A CN202011491859 A CN 202011491859A CN 112508435 A CN112508435 A CN 112508435A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- information
- security
- asset
- threat
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012502 risk assessment Methods 0.000 title claims abstract description 43
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000001514 detection method Methods 0.000 claims abstract description 28
- 238000011156 evaluation Methods 0.000 claims description 29
- 230000015654 memory Effects 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 13
- 238000012545 processing Methods 0.000 claims description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000008901 benefit Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000013515 script Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 238000010205 computational analysis Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 238000011002 quantification Methods 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
- 238000012800 visualization Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Strategic Management (AREA)
- Entrepreneurship & Innovation (AREA)
- Economics (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Educational Administration (AREA)
- General Business, Economics & Management (AREA)
- Tourism & Hospitality (AREA)
- Quality & Reliability (AREA)
- Operations Research (AREA)
- Marketing (AREA)
- Computing Systems (AREA)
- Game Theory and Decision Science (AREA)
- Development Economics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application is applicable to the technical field of computers, and provides an information system security risk assessment method, device, equipment and storage medium. The information system security risk assessment method comprises the following steps: acquiring an asset standing book of an information system, wherein the asset standing book comprises a plurality of assets; acquiring the asset value, threat information, first vulnerability information and existing safety measures of the asset; acquiring a vulnerability detection result of the information system, and determining a target asset with a security vulnerability in the assets according to the vulnerability detection result; and determining a security event existing in the target asset and a risk value corresponding to the security event according to the vulnerability information of the target asset, the asset value, the threat information, the first fragile information and the existing security measures. The method provided by the application has high accuracy in safety risk assessment.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, and a storage medium for evaluating security risk of an information system.
Background
With the rapid development of industrialization and informatization, enterprise information systems are in the process of operation. However, the information system brings benefits and convenience to the enterprises and also brings a series of security problems. Once the information system has defects and vulnerabilities and is successfully utilized by attackers, data leakage is caused slightly, and huge influences are caused to enterprises and even the society. Therefore, it is necessary to secure the security of the information system.
One of the important means for ensuring the security of an information system is to perform security risk assessment. The safety risk assessment is carried out aiming at the enterprise information system, and the existing or potential risk hidden danger in the aspects of people, equipment and management in the enterprise can be found. And quantifying the existing risk into a specific risk value after evaluation, so that a user can more intuitively know the existing risk in the system and take safety measures with different priorities to prevent and control according to the risk level, thereby reducing the possibility of safety events.
The information system security risk assessment method in the traditional technology has the problem of low accuracy.
Disclosure of Invention
The application provides a method, a device, equipment and a storage medium for evaluating the security risk of an information system, which can improve the accuracy of the security risk evaluation.
In a first aspect, an embodiment of the present application provides an information system security risk assessment method, including:
acquiring an asset standing book of an information system, wherein the asset standing book comprises a plurality of assets;
acquiring the asset value, threat information, first vulnerability information and existing safety measures of the asset;
acquiring a vulnerability detection result of the information system, and determining a target asset with a security vulnerability in the assets according to the vulnerability detection result;
and determining a security event existing in the target asset and a risk value corresponding to the security event according to the vulnerability information of the target asset, the asset value, the threat information, the first fragile information and the existing security measures.
In one embodiment, the determining the risk and risk value of the target asset according to the vulnerability information, the asset value, the threat information, the first vulnerable information and the existing security measure of the target asset includes:
determining vulnerability information of the target asset according to the vulnerability information; the vulnerability information is used for representing corresponding vulnerability related information when the security vulnerability is taken as a vulnerability;
determining second vulnerability information of the target asset according to the vulnerability information and the first vulnerability information;
determining the security event and the risk value based on the asset value, the threat information, the second vulnerability information, and the existing security measures.
In one embodiment, said determining said security event and said risk value based on said asset value, said threat information, said second vulnerability information and said existing security measures comprises:
determining the security event and the likelihood of the security event occurring based on the threat information, the second vulnerability information, and the existing security measures;
determining a loss after the security event occurs according to the asset value and the second vulnerability information;
determining the risk value based on the likelihood and the loss.
In one embodiment, the threat information includes at least one threat and a threat frequency corresponding to each threat, and the second vulnerability information includes a vulnerability corresponding to each threat and a vulnerability class, wherein the vulnerability class is used for representing the difficulty of the vulnerability being utilized by the corresponding threat;
determining the security event and the likelihood of the security event occurring based on the threat information, the second vulnerability information, and the existing security measures, comprising:
for each threat, determining a security event corresponding to each vulnerable point under the threat;
for each security event, judging whether the existing security measures comprise target security measures or not, wherein the target security measures can resist threats corresponding to the security events;
if the existing security measures comprise the target security measures, adjusting the vulnerability level corresponding to the security events according to the target security measures and the threat frequency corresponding to the security events;
and determining the possibility of the occurrence of the security event according to the adjusted vulnerability level and the threat frequency corresponding to the security event.
In one embodiment, the determining the possibility of the occurrence of the security event according to the adjusted vulnerability level and the threat frequency corresponding to the security event includes:
according to the formula
Determining a likelihood of the occurrence of the security event, wherein L represents the likelihood of the occurrence of the security event, T represents a threat frequency corresponding to the security event, and V represents the adjusted vulnerability level.
In one embodiment, the second vulnerability information further includes a vulnerability severity value corresponding to each of the vulnerable points;
the determining the loss after the security event occurs according to the asset worth value and the second vulnerability information comprises:
according to the formula
Determining the loss after the occurrence of the safety event, wherein F represents the loss after the occurrence of the safety event, IaRepresenting said asset value, VaAnd representing the vulnerability severity value corresponding to the safety event.
In one embodiment, the method further comprises:
and displaying the safety event existing in each target asset and the risk value corresponding to the safety event in a chart form.
In a second aspect, an embodiment of the present application provides an information system security risk assessment apparatus, including:
the system comprises an account acquisition module, a processing module and a processing module, wherein the account acquisition module is used for acquiring an asset account of an information system, and the asset account comprises a plurality of assets;
the information acquisition module is used for acquiring the asset value, the threat information, the first vulnerability information and the existing safety measures of the asset;
the vulnerability detection module is used for detecting the vulnerability of the information system and determining target assets with security vulnerabilities in the assets according to the vulnerability detection result;
and the evaluation module is used for determining a security event existing in the target asset and a risk value corresponding to the security event according to the vulnerability information of the target asset, the asset value, the threat information, the first fragile information and the existing security measures.
In a third aspect, an embodiment of the present application provides a terminal device, including: a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the information system security risk assessment method according to any of the first aspect.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the method for evaluating security risk of an information system according to any one of the above first aspects is implemented.
According to the information system security risk assessment method, the information system security risk assessment device, the information system security risk assessment equipment and the storage medium, by obtaining the vulnerability detection result of the information system, for assets with vulnerabilities in the asset ledger, security risk assessment is carried out according to vulnerability information, asset value, threat information, first fragile information and existing security measures. Vulnerability information obtained by vulnerability detection can reflect the vulnerability of an information system more truly, so that a security risk assessment result obtained by taking the vulnerability information as an assessment element of security risk assessment is more accurate.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a schematic structural diagram of a terminal device to which a security risk assessment method for an information system according to an embodiment of the present application is applied;
fig. 2 is a schematic flowchart of a method for evaluating security risk of an information system according to an embodiment of the present application;
FIG. 3 is a schematic flow chart illustrating a method for security risk assessment of an information system according to another embodiment of the present application;
fig. 4 is a schematic structural diagram of an information system security risk assessment apparatus according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
It is to be understood that the terms "first," "second," "third," "fourth," and the like (if any) in the embodiments of the present application are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
It is understood that the term "and/or" as used herein refers to and includes any and all possible combinations of one or more of the associated listed items.
The information system security evaluation method provided by the embodiment of the application can be applied to terminal equipment. Exemplarily, fig. 1 is a schematic structural diagram of a terminal device according to an embodiment of the present application. As shown in fig. 1, the terminal device 1 may include: the information system security assessment method provided by the embodiment of the application can be implemented when the processor 10 executes the computer program 12, wherein the computer program 12 is stored in the memory 11 and can be run on the processor 10. The number and type of the processors 10 and the memories 11 are not limited in the embodiments of the present application.
The embodiment of the present application does not limit the type of the terminal device 1. For example, the computing device may be a desktop computer, a notebook, a palm top computer, a cloud server, and the like.
The technical solution in the present application will be described in detail below with reference to the accompanying drawings. It should be noted that, in the present application, different technical features may be combined with each other without conflict.
First, it should be noted that the information system security evaluation method provided in the embodiment of the present application may be applied to information security systems of various industries and various subjects, including but not limited to information security systems of central and local departments, industry associations, industrial control operation units, various research institutions, industrial control product providers, system integrators, information security manufacturers, and the like. The application object of the method is not limited in any way in the embodiment of the application.
Fig. 2 shows a schematic flow chart of an information system security assessment method provided by the present application. As shown in fig. 2, the information system security evaluation method provided in this embodiment may include:
s201, acquiring an asset standing book of the information system, wherein the asset standing book comprises a plurality of assets.
Optionally, before the information system security evaluation, a user may create a security evaluation task through an interactive interface of the terminal device. Specifically, a user inputs information such as a task name, an evaluation object, evaluation time, an evaluator and the like to the terminal device, and the terminal device establishes a security evaluation task according to the input content. Different security evaluation tasks can be correspondingly linked with different evaluation templates, and different evaluation templates require to acquire different types of evaluation original information. The evaluation original information refers to information which is acquired through equipment detection or user input and is used for later safety evaluation. Taking the evaluation original information obtained by filling in the questionnaire by the user as an example, implementing different security evaluation tasks will invoke different evaluation templates under which different content questionnaires are presented.
The asset ledger can be obtained through automatic scanning of the terminal device or through user input. The asset ledger includes a plurality of assets including, but not limited to, data, software, hardware, services, personnel, and the like. The information system security assessment is to assess the security events existing in each asset in the asset ledger and the risk value of the security events.
S202, acquiring the asset value, the threat information, the first vulnerability information and the existing safety measures of the asset.
And performing asset identification, threat identification, vulnerability identification and existing safety measure confirmation on each asset in the asset ledger to respectively obtain asset value, threat information, first vulnerability information and existing safety measures.
Wherein the asset value is used to characterize the importance or sensitivity of the asset. Optionally, the asset value may be obtained by computational analysis according to confidentiality evaluation, integrity evaluation, and availability evaluation of the asset. Illustratively, a user may assign confidentiality, integrity and availability to an asset via a questionnaire, resulting in the above-described confidentiality, integrity and availability assignments. Optionally, the asset value may be obtained according to one of confidentiality assignment, integrity assignment, and availability assignment of the asset, or the asset value may be obtained by performing calculation processing such as weighted summation on a plurality of assignments.
Threats refer to potential causes that may lead to unwanted incidents, which are events that pose a hazard to the information system. Threat information includes information related to at least one threat, including but not limited to threat frequency. Optionally, the threat frequency may be obtained by the user filling out a questionnaire to assign values to the occurrence frequencies of various types of threats.
The first vulnerability information includes vulnerability-related information corresponding to the threat. The vulnerability information may include vulnerability and a vulnerability grade, vulnerability severity value, etc. corresponding to each vulnerability. Wherein the vulnerable point corresponds to a threat. The vulnerability class is used to characterize how easily a vulnerability is exploited by a corresponding threat. The vulnerability severity value is used to characterize the severity of damage to the asset when the vulnerability is exploited by the corresponding threat. Alternatively, vulnerability related information may be obtained through a questionnaire filled out by the user.
Existing security measures refer to practices, procedures, and mechanisms that users take with information systems to protect assets, defend threats, reduce vulnerabilities, and reduce security incidents. The existing security measures may include preventative security measures and protective security measures. Alternatively, the secured measures may be obtained by the user filling out a questionnaire.
S203, acquiring a vulnerability detection result of the information system, and determining a target asset with a security vulnerability in the plurality of assets according to the vulnerability detection result.
And carrying out vulnerability detection on the information system through the vulnerability detection script to obtain a vulnerability detection result. Vulnerability detection scripts include, but are not limited to, denial of service, access control, code execution, password vulnerabilities, buffer overflows, and the like. The vulnerability detection result comprises at least one item of vulnerability information. Each item of vulnerability information comprises asset ID, vulnerability type, repair suggestion and the like corresponding to the security vulnerability. Optionally, the vulnerability information may further include a plurality of items of information such as vulnerability detection equipment, vulnerability detection time, vulnerability detection people, and the like. Optionally, the assets with security vulnerabilities may be determined according to asset IDs corresponding to the security vulnerabilities in the vulnerability detection results, so as to obtain target assets.
S204, determining a security event existing in the target asset and a risk value corresponding to the security event according to the vulnerability information, asset value, threat information, first fragile information and existing security measures of the target asset.
And for the target assets, performing security risk assessment according to the acquired vulnerability information, asset value, threat information, first fragile information and existing security measures to obtain security events existing in each project target asset and risk values corresponding to the security events.
For other assets except the target asset in the asset ledger, security risk assessment can be performed through the acquired asset value, threat information, first fragile information and existing security measures, and security events existing in each asset and risk values of the security events are obtained.
According to the method provided by the embodiment, by obtaining the vulnerability detection result of the information system, for the assets with vulnerabilities in the asset ledger, security risk assessment is carried out according to vulnerability information, asset value, threat information, first fragile information and existing security measures. Vulnerability information obtained by vulnerability detection can reflect the vulnerability of an information system more truly, so that a security risk assessment result obtained by taking the vulnerability information as an assessment element of security risk assessment is more accurate.
As shown in fig. 3, in one embodiment, determining the security event and the risk value corresponding to the security event existing in the target asset according to the vulnerability information, asset value, threat information, first vulnerability information and existing security measures of the target asset may be implemented by:
s301, vulnerability information of the target asset is obtained according to vulnerability information; and the vulnerability information is used for representing corresponding vulnerability related information when the security vulnerability is taken as a vulnerability.
Specifically, the security vulnerability can be used as a vulnerability according to vulnerability information, and the vulnerability grade and vulnerability severity degree value corresponding to the vulnerability can be analyzed. Optionally, the corresponding relationship between various types of security vulnerabilities and the level and severity of the vulnerability may be pre-established. After the vulnerability information of the target asset is obtained, the corresponding vulnerability grade and the vulnerability severity are searched according to the security vulnerability type of the target asset, and the vulnerability information of the target asset is obtained.
S302, second vulnerability information of the target asset is determined according to the vulnerability information and the first vulnerability information.
That is, the second vulnerability information includes the first vulnerability information and the vulnerability information.
S303, determining a security event and a risk value according to the asset value, the threat information, the second vulnerability information and the existing security measures.
In the embodiment, vulnerability information is incorporated into the vulnerability identification result of the target asset, so that the vulnerability is identified more accurately, and the result of the security risk assessment is more accurate.
Illustratively, step S303 may include: determining a security event and the possibility of occurrence of the security event according to the threat information, the second vulnerability information and the existing security measures; determining loss after the safety event occurs according to the asset value and the second vulnerability information; determining a risk value of the security event based on the likelihood of the security event occurring and the loss after the security event.
Alternatively, the probability of occurrence of a security event may be represented by a probability value or the like. The loss of occurrence of a security event may be represented by a loss value or the like.
Specifically, the security event existing in the target asset can be determined according to the type of the threat included in the threat information and the vulnerability included in the second vulnerability information. The type of the threat corresponds to the vulnerability, and for various threats faced by each target asset, the security event corresponding to the vulnerability under each threat is respectively determined, namely the security event existing in the target asset is obtained. That is, there may be a one-to-one correspondence for each threat, threat frequency, vulnerability level, vulnerability severity value, and security event.
For each security event, it is determined whether the existing security measures include the target security measure. The target security measure refers to a security measure capable of resisting a threat corresponding to the security event. And if the existing safety measures comprise the target safety measures, adjusting the vulnerability level corresponding to the safety events according to the target safety measures and the threat frequency corresponding to the safety events. For example, a vulnerability is highly susceptible to exploitation by threats, with a vulnerability rating of 5. Some target security measure exists in the existing security measures, which can resist part of the kinds of threats, so that the vulnerability is generally easy to be utilized by the threats, and therefore, the vulnerability level is adjusted from 5 level to 3 level. It will be appreciated that when the target security measure is sufficient to defend against all threats, then the vulnerability level may be adjusted to 0, then the threat is eliminated and the corresponding security event is eliminated.
And determining the possibility of the occurrence of the security event according to the adjusted vulnerability level and the threat frequency corresponding to the security event. Alternatively, it can be according to a formula
A likelihood of occurrence of a security event is determined. Wherein L represents a probability of occurrence of a security event, T represents a threat frequency corresponding to the security event, and V represents the adjusted vulnerability level. The probability of the occurrence of the safety event can be determined simply, quickly and accurately through the formula.
Illustratively, losses after a security event occurs may be determined by asset value and vulnerability severity values. Alternatively, it can be according to a formula
A loss after a security event occurs is determined. Wherein F represents the loss after a safety event, IaRepresenting asset value, VaIndicating the vulnerability severity value corresponding to the security event. The loss after the safety event happens can be simply, quickly and accurately determined through the formula.
Illustratively, it can be based on a formula
A risk value for the security event is determined, where R represents the risk value for the security event.
In this embodiment, when the existing security measures can resist the threat corresponding to the security event, the vulnerability level corresponding to the security event is adjusted, and the probability of the security event occurring is calculated according to the adjusted vulnerability level, so that the effect of the existing security measures is considered in the security risk assessment quantification, and the result of the security risk assessment is more accurate and real.
Further, in an embodiment, the information security risk assessment method may further include: and displaying the safety events existing in each project target asset and the risk values corresponding to the safety events in a chart form. Of course, other assets than the target asset in the asset ledger may also be displayed in a diagrammatic form. Specific display forms include, but are not limited to, text lists, bar charts, pie charts, or graphs. The embodiment of the present application is not limited to this, and may be selected according to actual requirements. The visualization of the safety risk assessment result is realized through the chart display of the safety event, namely the risk value corresponding to the safety event, so that the result is more visual, and the user experience is improved.
Further, in an embodiment, the information security risk assessment method may further include: and generating a safety risk assessment report according to the safety events existing in the assets and the risk values of the safety events. The contents of the security risk assessment report include, but are not limited to, the security risk assessment time, the assessor, the assessment process, and the assessment results. In the embodiment, by generating the safety risk assessment report, detailed safety risk assessment records and data support are provided for the user, and user experience is improved.
Fig. 4 shows a block diagram of a structure of an information system security risk assessment apparatus provided in an embodiment of the present application. As shown in fig. 4, the information system security risk assessment apparatus provided in this embodiment may include:
the standing book acquiring module 401 is configured to acquire an asset standing book of an information system, where the asset standing book includes multiple assets;
an information obtaining module 402, configured to obtain an asset value, threat information, first vulnerability information, and existing security measures of the asset;
a vulnerability result obtaining module 403, configured to obtain a vulnerability detection result of the information system, and determine, according to the vulnerability detection result, a target asset with a security vulnerability among the multiple assets;
an evaluation module 404, configured to determine, according to the vulnerability information of the target asset, the asset value, the threat information, the first vulnerability information, and the existing security measure, a security event existing in the target asset and a risk value corresponding to the security event.
In one embodiment, the assessment module 404 is specifically configured to determine vulnerability information of the target asset according to the vulnerability information; the vulnerability information is used for representing corresponding vulnerability related information when the security vulnerability is taken as a vulnerability; determining second vulnerability information of the target asset according to the vulnerability information and the first vulnerability information; determining the security event and the risk value based on the asset value, the threat information, the second vulnerability information, and the existing security measures.
In one embodiment, the evaluation module 404 is specifically configured to determine the security event and the probability of the security event occurring based on the threat information, the second vulnerability information, and the existing security measures; determining a loss after the security event occurs according to the asset value and the second vulnerability information; determining the risk value based on the likelihood and the loss.
In one embodiment, the threat information includes at least one threat and a threat frequency corresponding to each threat, and the second vulnerability information includes a vulnerability corresponding to each threat and a vulnerability class, wherein the vulnerability class is used for representing the difficulty level of the vulnerability being utilized by the corresponding threat; the evaluation module 404 is specifically configured to, for each threat, determine a security event corresponding to each vulnerable point under the threat; for each security event, judging whether the existing security measures comprise target security measures or not, wherein the target security measures can resist threats corresponding to the security events; if the existing security measures comprise the target security measures, adjusting the vulnerability level corresponding to the security events according to the target security measures and the threat frequency corresponding to the security events; and determining the possibility of the occurrence of the security event according to the adjusted vulnerability level and the threat frequency corresponding to the security event.
In one embodiment, the evaluation module 404 is specifically configured to evaluate the value of the formula
Determining a likelihood of the occurrence of the security event, wherein L represents the likelihood of the occurrence of the security event, T represents a threat frequency corresponding to the security event, and V represents the adjusted vulnerability level.
In one embodiment, the second vulnerability information further includes a vulnerability severity value corresponding to each of the vulnerability points; the evaluation module 404 is specifically configured to evaluate the formula
Determining the loss after the occurrence of the safety event, wherein F represents the loss after the occurrence of the safety event, IaRepresenting said asset value, VaAnd representing the vulnerability severity value corresponding to the safety event.
In one embodiment, the information system security risk assessment apparatus further includes a display module 405, configured to display the security event existing in each of the target assets and the risk value corresponding to the security event in a graph form.
The information system security risk assessment apparatus provided in this embodiment is used to execute the information system security risk assessment method provided in the embodiment of the method of the present application, and the technical principle and the technical effect are similar to each other.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
An embodiment of the present application further provides a terminal device, for example, as shown in fig. 1, the terminal device includes: at least one processor, a memory, and a computer program stored in the memory and executable on the at least one processor, the processor implementing the steps of any of the method embodiments described above when executing the computer program.
Embodiments of the present application further provide a computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the computer program can implement the steps in any of the above method embodiments.
It will be appreciated by those of ordinary skill in the art that any reference to memory, storage, databases, or other media used in the embodiments provided herein may include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.
Claims (10)
1. An information system security risk assessment method is characterized by comprising the following steps:
acquiring an asset standing book of an information system, wherein the asset standing book comprises a plurality of assets;
acquiring the asset value, threat information, first vulnerability information and existing safety measures of the asset;
acquiring a vulnerability detection result of the information system, and determining a target asset with a security vulnerability in the assets according to the vulnerability detection result;
and determining a security event existing in the target asset and a risk value corresponding to the security event according to the vulnerability information of the target asset, the asset value, the threat information, the first fragile information and the existing security measures.
2. The method of claim 1, wherein determining the risk and risk value of the target asset based on the vulnerability information, the asset value, the threat information, the first vulnerability information, and the existing security measures of the target asset comprises:
determining vulnerability information of the target asset according to the vulnerability information; the vulnerability information is used for representing corresponding vulnerability related information when the security vulnerability is taken as a vulnerability;
determining second vulnerability information of the target asset according to the vulnerability information and the first vulnerability information;
determining the security event and the risk value based on the asset value, the threat information, the second vulnerability information, and the existing security measures.
3. The method of claim 2, wherein determining the security event and the risk value based on the asset value, the threat information, the second vulnerability information, and the existing security measures comprises:
determining the security event and the likelihood of the security event occurring based on the threat information, the second vulnerability information, and the existing security measures;
determining a loss after the security event occurs according to the asset value and the second vulnerability information;
determining the risk value based on the likelihood and the loss.
4. The method of claim 3, wherein said threat information comprises at least one threat and a threat frequency corresponding to each said threat, and wherein said second vulnerability information comprises a vulnerability corresponding to each said threat and a vulnerability class, wherein said vulnerability class is used to characterize how easily said vulnerability is exploited by the corresponding said threat;
determining the security event and the likelihood of the security event occurring based on the threat information, the second vulnerability information, and the existing security measures, comprising:
for each threat, determining a security event corresponding to each vulnerable point under the threat;
for each security event, judging whether the existing security measures comprise target security measures or not, wherein the target security measures can resist threats corresponding to the security events;
if the existing security measures comprise the target security measures, adjusting the vulnerability level corresponding to the security events according to the target security measures and the threat frequency corresponding to the security events;
and determining the possibility of the occurrence of the security event according to the adjusted vulnerability level and the threat frequency corresponding to the security event.
5. The method of claim 4, wherein determining the likelihood of the occurrence of the security event based on the adjusted vulnerability level and the corresponding threat frequency of the security event comprises:
according to the formula
Determining a likelihood of the occurrence of the security event, wherein L represents the likelihood of the occurrence of the security event, T represents a threat frequency corresponding to the security event, and V represents the adjusted vulnerability level.
6. The method of claim 4, wherein said second vulnerability information further includes a vulnerability severity value corresponding to each of said vulnerability points;
the determining the loss after the security event occurs according to the asset worth value and the second vulnerability information comprises:
according to the formula
Determining the loss after the occurrence of the safety event, wherein F represents the loss after the occurrence of the safety event, IaRepresenting said asset value, VaAnd representing the vulnerability severity value corresponding to the safety event.
7. The method according to any one of claims 1 to 6, further comprising:
and displaying the safety event existing in each target asset and the risk value corresponding to the safety event in a chart form.
8. An information system security risk assessment apparatus, comprising:
the system comprises an account acquisition module, a processing module and a processing module, wherein the account acquisition module is used for acquiring an asset account of an information system, and the asset account comprises a plurality of assets;
the information acquisition module is used for acquiring the asset value, the threat information, the first vulnerability information and the existing safety measures of the asset;
the vulnerability detection module is used for detecting the vulnerability of the information system and determining target assets with security vulnerabilities in the assets according to the vulnerability detection result;
and the evaluation module is used for determining a security event existing in the target asset and a risk value corresponding to the security event according to the vulnerability information of the target asset, the asset value, the threat information, the first fragile information and the existing security measures.
9. A terminal device, comprising: memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the method according to any of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program which, when executed by a processor, implements the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011491859.9A CN112508435A (en) | 2020-12-17 | 2020-12-17 | Information system security risk assessment method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011491859.9A CN112508435A (en) | 2020-12-17 | 2020-12-17 | Information system security risk assessment method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112508435A true CN112508435A (en) | 2021-03-16 |
Family
ID=74973018
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011491859.9A Pending CN112508435A (en) | 2020-12-17 | 2020-12-17 | Information system security risk assessment method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112508435A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112800437A (en) * | 2021-04-08 | 2021-05-14 | 国家信息中心 | Information security risk evaluation system |
| CN113206823A (en) * | 2021-03-19 | 2021-08-03 | 北京双湃智安科技有限公司 | Industrial information safety monitoring method and device, computer equipment and storage medium |
| CN113343243A (en) * | 2021-04-29 | 2021-09-03 | 浙江乾冠信息安全研究院有限公司 | Organization risk assessment method and device, electronic equipment and medium |
| CN113392409A (en) * | 2021-08-17 | 2021-09-14 | 深圳市位元领航科技有限公司 | Risk automated assessment and prediction method and terminal |
| CN113553583A (en) * | 2021-07-28 | 2021-10-26 | 中国南方电网有限责任公司 | Information system asset security risk assessment method and device |
| CN114866434A (en) * | 2022-03-09 | 2022-08-05 | 上海纽盾科技股份有限公司 | Security assessment method and application of network assets |
| CN114866280A (en) * | 2022-03-25 | 2022-08-05 | 鹏城实验室 | Security assessment method, device, equipment and computer readable storage medium |
| CN114884705A (en) * | 2022-04-22 | 2022-08-09 | 方圆标志认证集团浙江有限公司 | Method and system for generating implementation case for information security assessment |
| CN114969759A (en) * | 2022-06-07 | 2022-08-30 | 中国软件评测中心(工业和信息化部软件与集成电路促进中心) | Asset safety assessment method, device, terminal and medium for industrial robot system |
| CN114997607A (en) * | 2022-05-17 | 2022-09-02 | 保利长大工程有限公司 | Anomaly assessment early warning method and system based on engineering detection data |
| CN115049192A (en) * | 2022-03-25 | 2022-09-13 | 内蒙古大唐国际托克托发电有限责任公司 | Calculation method and system for risk value of power generation enterprise information system |
| CN115208627A (en) * | 2022-06-07 | 2022-10-18 | 广西双正工程监理服务有限公司 | Information system safety detection evaluation and processing system |
| CN116232768A (en) * | 2023-05-08 | 2023-06-06 | 汉兴同衡科技集团有限公司 | Information security assessment method, system, electronic equipment and storage medium |
| CN116471131A (en) * | 2023-06-20 | 2023-07-21 | 北京门石信息技术有限公司 | Processing method and processing device for logical link information asset |
| CN117172791A (en) * | 2023-11-02 | 2023-12-05 | 中保车服科技服务股份有限公司 | Risk assessment method, system, storage medium and equipment for transaction system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109146240A (en) * | 2018-07-03 | 2019-01-04 | 北京航空航天大学 | A kind of Information Security Risk Assessment Methods and system towards intelligent network connection vehicle |
| CN111157833A (en) * | 2019-10-15 | 2020-05-15 | 国网山东省电力公司电力科学研究院 | Power distribution terminal safety detection system and method based on automatic operation of assembly line |
| CN112087408A (en) * | 2019-06-12 | 2020-12-15 | 普天信息技术有限公司 | Method and device for evaluating network assets |
-
2020
- 2020-12-17 CN CN202011491859.9A patent/CN112508435A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109146240A (en) * | 2018-07-03 | 2019-01-04 | 北京航空航天大学 | A kind of Information Security Risk Assessment Methods and system towards intelligent network connection vehicle |
| CN112087408A (en) * | 2019-06-12 | 2020-12-15 | 普天信息技术有限公司 | Method and device for evaluating network assets |
| CN111157833A (en) * | 2019-10-15 | 2020-05-15 | 国网山东省电力公司电力科学研究院 | Power distribution terminal safety detection system and method based on automatic operation of assembly line |
Non-Patent Citations (3)
| Title |
|---|
| 周柳鸿等: "电网信息安全风险评估系统的设计与实现", 《福州大学学报(自然科学版)》 * |
| 戴琳: "基于ERP的医院财务管理系统风险智能评估方法", 《自动化与仪器仪表》 * |
| 袁静等: "油田企业信息安全风险评估模型研究", 《信息安全与通信保密》 * |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113206823A (en) * | 2021-03-19 | 2021-08-03 | 北京双湃智安科技有限公司 | Industrial information safety monitoring method and device, computer equipment and storage medium |
| CN112800437A (en) * | 2021-04-08 | 2021-05-14 | 国家信息中心 | Information security risk evaluation system |
| CN113343243A (en) * | 2021-04-29 | 2021-09-03 | 浙江乾冠信息安全研究院有限公司 | Organization risk assessment method and device, electronic equipment and medium |
| CN113553583A (en) * | 2021-07-28 | 2021-10-26 | 中国南方电网有限责任公司 | Information system asset security risk assessment method and device |
| CN113392409A (en) * | 2021-08-17 | 2021-09-14 | 深圳市位元领航科技有限公司 | Risk automated assessment and prediction method and terminal |
| CN113392409B (en) * | 2021-08-17 | 2021-12-14 | 深圳市位元领航科技有限公司 | Risk automated assessment and prediction method and terminal |
| CN114866434B (en) * | 2022-03-09 | 2023-05-02 | 上海纽盾科技股份有限公司 | Network asset security assessment method and application |
| CN114866434A (en) * | 2022-03-09 | 2022-08-05 | 上海纽盾科技股份有限公司 | Security assessment method and application of network assets |
| CN114866280A (en) * | 2022-03-25 | 2022-08-05 | 鹏城实验室 | Security assessment method, device, equipment and computer readable storage medium |
| CN114866280B (en) * | 2022-03-25 | 2023-08-25 | 鹏城实验室 | Security assessment method, apparatus, device and computer-readable storage medium |
| CN115049192A (en) * | 2022-03-25 | 2022-09-13 | 内蒙古大唐国际托克托发电有限责任公司 | Calculation method and system for risk value of power generation enterprise information system |
| CN114884705A (en) * | 2022-04-22 | 2022-08-09 | 方圆标志认证集团浙江有限公司 | Method and system for generating implementation case for information security assessment |
| CN114997607A (en) * | 2022-05-17 | 2022-09-02 | 保利长大工程有限公司 | Anomaly assessment early warning method and system based on engineering detection data |
| CN115208627A (en) * | 2022-06-07 | 2022-10-18 | 广西双正工程监理服务有限公司 | Information system safety detection evaluation and processing system |
| CN114969759A (en) * | 2022-06-07 | 2022-08-30 | 中国软件评测中心(工业和信息化部软件与集成电路促进中心) | Asset safety assessment method, device, terminal and medium for industrial robot system |
| CN115208627B (en) * | 2022-06-07 | 2024-03-22 | 广西双正工程监理服务有限公司 | Information system security detection evaluation and processing system |
| CN114969759B (en) * | 2022-06-07 | 2024-04-05 | 中国软件评测中心(工业和信息化部软件与集成电路促进中心) | Asset security assessment method, device, terminal and medium of industrial robot system |
| CN116232768A (en) * | 2023-05-08 | 2023-06-06 | 汉兴同衡科技集团有限公司 | Information security assessment method, system, electronic equipment and storage medium |
| CN116471131A (en) * | 2023-06-20 | 2023-07-21 | 北京门石信息技术有限公司 | Processing method and processing device for logical link information asset |
| CN116471131B (en) * | 2023-06-20 | 2023-09-08 | 北京门石信息技术有限公司 | Processing method and processing device for logical link information asset |
| CN117172791A (en) * | 2023-11-02 | 2023-12-05 | 中保车服科技服务股份有限公司 | Risk assessment method, system, storage medium and equipment for transaction system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112508435A (en) | Information system security risk assessment method, device, equipment and storage medium | |
| de Gusmão et al. | Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory | |
| Ruohonen | A look at the time delays in CVSS vulnerability scoring | |
| US10178116B2 (en) | Automated computer behavioral analysis system and methods | |
| US9727723B1 (en) | Recommendation system based approach in reducing false positives in anomaly detection | |
| US11768945B2 (en) | Machine learning system for determining a security vulnerability in computer software | |
| KR20210145126A (en) | Methods for detecting and interpreting data anomalies, and related systems and devices | |
| US11263327B2 (en) | System for information security threat assessment and event triggering | |
| CN111666573A (en) | Method and device for evaluating vulnerability grade of website system and computer equipment | |
| Kaluarachchilage et al. | An analytical approach to assess and compare the vulnerability risk of operating systems | |
| CN113553583A (en) | Information system asset security risk assessment method and device | |
| Angermeir et al. | Enterprise-driven open source software: A case study on security automation | |
| CN110287703B (en) | Method and device for detecting vehicle safety risk | |
| CN113535577B (en) | Application testing method and device based on knowledge graph, electronic equipment and medium | |
| JP6247749B2 (en) | Information leakage detection device, information leakage detection method, and information leakage detection program | |
| CN113609493A (en) | Phishing website identification method, device, equipment and medium | |
| CA3204098C (en) | Systems, devices, and methods for observing and/or securing data access to a computer network | |
| Lee et al. | K-FFRaaS: A Generic Model for Financial Forensic Readiness as a Service in Korea | |
| US20220407882A1 (en) | Likelihood assessment for security incident alerts | |
| CN114268483A (en) | Vehicle network security evaluation method and device, terminal equipment and storage medium | |
| Lee et al. | A design on information security occupational classification for future convergence environment | |
| CN114091013A (en) | Security scoring method, device, computer system and readable storage medium | |
| US20140359780A1 (en) | Anti-cyber attacks control vectors | |
| CN111782967A (en) | Information processing method, information processing device, electronic equipment and computer readable storage medium | |
| Chahal et al. | Improvisation of Information System Security Posture Through Continuous Vulnerability Assessment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210316 |