中央民族大学学报:自然科学版
中央民族大學學報:自然科學版
중앙민족대학학보:자연과학판
Journal of The Central University for Nationalities(Natural Sciences Edition)
2012年
2期
91-96
,共6页
信息安全%风险评估%信息安全风险评估%评估流程%风险计算
信息安全%風險評估%信息安全風險評估%評估流程%風險計算
신식안전%풍험평고%신식안전풍험평고%평고류정%풍험계산
information security%risk assessment%information safety risking-assessment%assessment process%risk calculation
近年来,国内外信息安全风险评估的研究工作取得突飞猛进的进展,各种评估方法层出不穷,大大缩短了评估所花费的时间、资源,提高了评估的效率,改善了评估的效果。然而无论何种方法,基本上都遵循了风险评估流程,只是在具体实施手段和风险计算方面有所不同,其共同的目标都是找出组织信息资产面临的风险,并确定主要安全风险,从而分析其影响,以及目前安全水平与组织安全需求之间的差距。本文重点剖析了九种常见的信息安全风险评估方法及其优缺点。
近年來,國內外信息安全風險評估的研究工作取得突飛猛進的進展,各種評估方法層齣不窮,大大縮短瞭評估所花費的時間、資源,提高瞭評估的效率,改善瞭評估的效果。然而無論何種方法,基本上都遵循瞭風險評估流程,隻是在具體實施手段和風險計算方麵有所不同,其共同的目標都是找齣組織信息資產麵臨的風險,併確定主要安全風險,從而分析其影響,以及目前安全水平與組織安全需求之間的差距。本文重點剖析瞭九種常見的信息安全風險評估方法及其優缺點。
근년래,국내외신식안전풍험평고적연구공작취득돌비맹진적진전,각충평고방법층출불궁,대대축단료평고소화비적시간、자원,제고료평고적효솔,개선료평고적효과。연이무론하충방법,기본상도준순료풍험평고류정,지시재구체실시수단화풍험계산방면유소불동,기공동적목표도시조출조직신식자산면림적풍험,병학정주요안전풍험,종이분석기영향,이급목전안전수평여조직안전수구지간적차거。본문중점부석료구충상견적신식안전풍험평고방법급기우결점。
In recent years,the research work of the information safety risking-assessment has made rapid progress,and various evaluation methods are endless.It shortens the consumption in the time and resources,and improves the efficiency of the assessment,and improves the assessment result.The differenf kind of methods basically follows the risk assessment process.In the concrete implementation method and calculating method,they have a little different.Their common goal is to find out the risks of organizational information assets,and determined the main safety risk,and analyzing the influence,as well as the distance of the security level and organization security needing.This paper analyzes nine kinds of common information safety risking-assessment methods and also introduces their advantages and disadvantages.