| 一种定量的信息安全风险评估模型 |
| |
| 引用本文: | 程湘云,王英梅,刘增良.一种定量的信息安全风险评估模型[J].空军工程大学学报,2005,6(6):56-59. |
| |
| 作者姓名: | 程湘云 王英梅 刘增良 |
| |
| 作者单位: | 北京科技大学,北京,100083;国防大学,北京,100011 |
| |
| 基金项目: | 国家自然科学基金资助项目(60572162) |
| |
| 摘 要: | 目前人们采用的信息安全风险评估方法基本局限于定性或半定量的方法。采用概率风险分析的方法,通过故障树分析网络系统被攻击的根本原因,并对网络构成的实质进行了剖析,同时分析了系统漏洞的类型及对攻击结果进行了分类,在此基础上建立了定量风险计算模型。
|
| 关 键 词: | 网络安全 风险评估 故障树 漏洞 威胁 |
| 文章编号: | 1009-3516(2005)06-0056-04 |
| 收稿时间: | 2005-06-13 |
| 修稿时间: | 2005年6月13日 |
A Quantitative Risk Assessment Model for Information Security |
| |
| CHENG Xiang-yun,WANG Ying-mei,LIU Zeng-liang.A Quantitative Risk Assessment Model for Information Security[J].Journal of Air Force Engineering University(Natural Science Edition),2005,6(6):56-59. |
| |
| Authors: | CHENG Xiang-yun WANG Ying-mei LIU Zeng-liang |
| |
| Institution: | 1. University of Science and Technology Beijing, Beijing 100083, China; 2. National Defense Academy, Beijing 100011, China |
| |
| Abstract: | The current methods of risk evaluation on information security are basically related to qualitative or semi - quantitative ones. So, in this paper, by using a method of probability risk analysis, analyzing the fundamental reasons why network systems are attacked through fault tree, position and of the different types of system vulnerabilities, quantitative model of information security risk assessment is making a serious study of the essence of network comand classifying the consequences of network attacks, a proposed. |
| |
| Keywords: | network security risk assessment fault tree vulnerability threat |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《空军工程大学学报》浏览原始摘要信息 |
| 点击此处可从《空军工程大学学报》下载免费的PDF全文 |
