| 基于GB/T 20984的信息安全风险评估模型与综合评价方法 |
| |
| 引用本文: | 欧晓聪,王祯学,胡勇,吴荣军.基于GB/T 20984的信息安全风险评估模型与综合评价方法[J].四川大学学报(自然科学版),2010,47(3):469-472. |
| |
| 作者姓名: | 欧晓聪 王祯学 胡勇 吴荣军 |
| |
| 作者单位: | 四川大学信息安全研究所,成都,610064 |
| |
| 摘 要: | 在GB/T 20984的基础上建立了信息安全风险评估的数学模型;通过定义"风险熵",以定量描述各风险域及系统整体风险状态的不确定性程度,揭示信息安全风险随系统复杂程度而递增的规律;对信息安全风险评估和系统风险的整体评价进行了理论归纳.
|
| 关 键 词: | 风险评估 风险概率 风险熵 评估规范 |
The information security risk evaluation model and method based on GB/T 20984 |
| |
| OU Xiao-Cong,WANG Zhen-Xue,HU Yong,WU Rong-Jun.The information security risk evaluation model and method based on GB/T 20984[J].Journal of Sichuan University (Natural Science Edition),2010,47(3):469-472. |
| |
| Authors: | OU Xiao-Cong WANG Zhen-Xue HU Yong WU Rong-Jun |
| |
| Institution: | Institute of Information Security, Sichuan University;Institute of Information Security, Sichuan University;Institute of Information Security, Sichuan University;Institute of Information Security, Sichuan University |
| |
| Abstract: | Based on the standard, GB/T20984- information security technology-risk assessment specification for information security, a math model was built to evaluate information security risk. The definition of risk entropy was given to quantify the uncertainty of the risk state in every risk domain and the whole system, and the law, the system more complex, the more information security risks, was discovered. The risk evaluation of information security and system risk synthetical assessment method was also theoretically concluded. |
| |
| Keywords: | risk evaluation risk probability risk entropy evaluation standard |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《四川大学学报(自然科学版)》浏览原始摘要信息 |
| 点击此处可从《四川大学学报(自然科学版)》下载免费的PDF全文 |
|
