CN116232768B - 一种信息安全评估方法、系统、电子设备及存储介质 - Google Patents
一种信息安全评估方法、系统、电子设备及存储介质 Download PDFInfo
- Publication number
- CN116232768B CN116232768B CN202310504403.9A CN202310504403A CN116232768B CN 116232768 B CN116232768 B CN 116232768B CN 202310504403 A CN202310504403 A CN 202310504403A CN 116232768 B CN116232768 B CN 116232768B
- Authority
- CN
- China
- Prior art keywords
- information
- vulnerability
- analysis
- security
- user object
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Technology Law (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (2)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310504403.9A CN116232768B (zh) | 2023-05-08 | 2023-05-08 | 一种信息安全评估方法、系统、电子设备及存储介质 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310504403.9A CN116232768B (zh) | 2023-05-08 | 2023-05-08 | 一种信息安全评估方法、系统、电子设备及存储介质 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116232768A CN116232768A (zh) | 2023-06-06 |
CN116232768B true CN116232768B (zh) | 2023-08-01 |
Family
ID=86587588
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310504403.9A Active CN116232768B (zh) | 2023-05-08 | 2023-05-08 | 一种信息安全评估方法、系统、电子设备及存储介质 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116232768B (zh) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117395033B (zh) * | 2023-09-22 | 2024-05-03 | 广州尚全信息技术有限公司 | 一种数据安全监管方法及系统 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106790198A (zh) * | 2016-12-30 | 2017-05-31 | 北京神州绿盟信息安全科技股份有限公司 | 一种信息系统风险评估方法及系统 |
CN109064018A (zh) * | 2018-07-31 | 2018-12-21 | 郑州向心力通信技术股份有限公司 | 一种信息安全风险评估系统及方法 |
WO2021082966A1 (zh) * | 2019-10-31 | 2021-05-06 | 中兴通讯股份有限公司 | 资产脆弱性的计算方法、装置、存储介质及服务器 |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101436967A (zh) * | 2008-12-23 | 2009-05-20 | 北京邮电大学 | 一种网络安全态势评估方法及其系统 |
US20140137257A1 (en) * | 2012-11-12 | 2014-05-15 | Board Of Regents, The University Of Texas System | System, Method and Apparatus for Assessing a Risk of One or More Assets Within an Operational Technology Infrastructure |
CA2968710A1 (en) * | 2016-05-31 | 2017-11-30 | Valarie Ann Findlay | Security threat information gathering and incident reporting systems and methods |
CN106713333A (zh) * | 2016-12-30 | 2017-05-24 | 北京神州绿盟信息安全科技股份有限公司 | 一种信息系统风险评估方法及装置 |
US11343263B2 (en) * | 2019-04-15 | 2022-05-24 | Qualys, Inc. | Asset remediation trend map generation and utilization for threat mitigation |
CN112508435A (zh) * | 2020-12-17 | 2021-03-16 | 国家工业信息安全发展研究中心 | 信息系统安全风险评估方法、装置、设备及存储介质 |
CN114978584A (zh) * | 2022-04-12 | 2022-08-30 | 深圳市蔚壹科技有限公司 | 基于单位单元的网络安全防护安全方法及系统 |
CN115860455A (zh) * | 2022-09-29 | 2023-03-28 | 国网河南省电力公司超高压公司 | 一种变电站资产监控风险评估方法 |
CN115996146A (zh) * | 2022-12-19 | 2023-04-21 | 华中科技大学 | 数控系统安全态势感知与分析系统、方法、设备及终端 |
-
2023
- 2023-05-08 CN CN202310504403.9A patent/CN116232768B/zh active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106790198A (zh) * | 2016-12-30 | 2017-05-31 | 北京神州绿盟信息安全科技股份有限公司 | 一种信息系统风险评估方法及系统 |
CN109064018A (zh) * | 2018-07-31 | 2018-12-21 | 郑州向心力通信技术股份有限公司 | 一种信息安全风险评估系统及方法 |
WO2021082966A1 (zh) * | 2019-10-31 | 2021-05-06 | 中兴通讯股份有限公司 | 资产脆弱性的计算方法、装置、存储介质及服务器 |
Non-Patent Citations (1)
Title |
---|
信息系统安全风险评估方法的研究;刘守澜;卿昱;;西南民族大学学报(自然科学版)(第02期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN116232768A (zh) | 2023-06-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7877780B2 (en) | System and method for enforcing functionality in computer software through policies | |
US20150302198A1 (en) | Detection of Malicious Code Insertion in Trusted Environments | |
Balzarotti et al. | An experience in testing the security of real-world electronic voting systems | |
Katole et al. | Detection of SQL injection attacks by removing the parameter values of SQL query | |
Esche et al. | Software risk assessment for measuring instruments in legal metrology | |
Groce et al. | What are the actual flaws in important smart contracts (and how can we find them)? | |
CN116232768B (zh) | 一种信息安全评估方法、系统、电子设备及存储介质 | |
Paule et al. | Vulnerabilities in continuous delivery pipelines? a case study | |
Alhassan et al. | A fuzzy classifier-based penetration testing for web applications | |
Soud et al. | A fly in the ointment: an empirical study on the characteristics of Ethereum smart contract code weaknesses | |
Simic et al. | Eliminating SQL injection and cross site scripting using aspect oriented programming | |
Dharam et al. | Runtime monitors to detect and prevent union query based SQL injection attacks | |
Kahtan et al. | Evaluation dependability attributes of web application using vulnerability assessments tools | |
Mead et al. | Managing software development for survivable systems | |
McLaurin | A study on the efficacy of small business cybersecurity controls | |
Kaur et al. | Modeling a SQL injection attack | |
Larsen et al. | State-of-the-art resources (soar) for software vulnerability detection, test, and evaluation | |
McCoy | A Relevance Model for Threat-Centric Ranking of Cybersecurity Vulnerabilities | |
Kaur et al. | Mitigation of SQL injection vulnerability during development of web applications | |
Fong et al. | State-of-the-Art Resources (SOAR) for Software Vulnerability Detection, Test, and Evaluation 2016 | |
Nabi et al. | A Taxonomy of Logic Attack Vulnerabilities in Component-based e-Commerce System | |
Wortman et al. | Discover Internet of Things | |
Gracis | Next Generation SOC: Automations and Machine Learning in Cybersecurity | |
Kamble et al. | Software Vulnerability Analysis | |
Kennedy | A Framework for the Systematic Evaluation of Malware Forensic Tools |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CB03 | Change of inventor or designer information |
Inventor after: Hong Zhixu Inventor after: Liu Jianchao Inventor after: Zhang Kejia Inventor after: Zhang Chengwei Inventor after: Hong Yuxuan Inventor after: Zhang Ya Inventor after: Meng Fanyu Inventor after: Zhao Yangbin Inventor after: Feng Zhentao Inventor before: Hong Zhixu Inventor before: Liu Jianchao Inventor before: Zhang Kejia Inventor before: Zhang Chengwei Inventor before: Hong Yuxuan Inventor before: Zhang Ya Inventor before: Meng Fanyu Inventor before: Zhao Yangbin Inventor before: Feng Zhentao |
|
CB03 | Change of inventor or designer information |