| 信息安全风险评估方法的比较分析 |
| |
| 引用本文: | 刘佳,徐赐文. 信息安全风险评估方法的比较分析[J]. 中央民族大学学报(自然科学版), 2012, 21(2): 91-96 |
| |
| 作者姓名: | 刘佳 徐赐文 |
| |
| 作者单位: | 中央民族大学理学院,北京,100081 |
| |
| 基金项目: | 国家自然科学基金(No.11171342);中央民族大学“211”工程学科建设项目资助 |
| |
| 摘 要: | 近年来,国内外信息安全风险评估的研究工作取得突飞猛进的进展,各种评估方法层出不穷,大大缩短了评估所花费的时间、资源,提高了评估的效率,改善了评估的效果。然而无论何种方法,基本上都遵循了风险评估流程,只是在具体实施手段和风险计算方面有所不同,其共同的目标都是找出组织信息资产面临的风险,并确定主要安全风险,从而分析其影响,以及目前安全水平与组织安全需求之间的差距。本文重点剖析了九种常见的信息安全风险评估方法及其优缺点。
|
| 关 键 词: | 信息安全 风险评估 信息安全风险评估 评估流程 风险计算 |
Comparative Analysis of on the Information Security Risking-Assessment Methods |
| |
| LIU Jia,XU Ci-wen. Comparative Analysis of on the Information Security Risking-Assessment Methods[J]. Journal of The Central University for Nationalities(Natural Sciences Edition), 2012, 21(2): 91-96 |
| |
| Authors: | LIU Jia XU Ci-wen |
| |
| Affiliation: | (College of Science,Minzu University of China,Beijing 100081,China) |
| |
| Abstract: | In recent years,the research work of the information safety risking-assessment has made rapid progress,and various evaluation methods are endless.It shortens the consumption in the time and resources,and improves the efficiency of the assessment,and improves the assessment result.The differenf kind of methods basically follows the risk assessment process.In the concrete implementation method and calculating method,they have a little different.Their common goal is to find out the risks of organizational information assets,and determined the main safety risk,and analyzing the influence,as well as the distance of the security level and organization security needing.This paper analyzes nine kinds of common information safety risking-assessment methods and also introduces their advantages and disadvantages. |
| |
| Keywords: | information security risk assessment information safety risking-assessment assessment process risk calculation |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
