情报杂志
情報雜誌
정보잡지
JOURNAL OF INFORMATION
2013年
2期
169-172
,共4页
陈健%吉久明%孙济庆%李楠
陳健%吉久明%孫濟慶%李楠
진건%길구명%손제경%리남
信息安全%风险评估模型%威胁指数%初始概率值
信息安全%風險評估模型%威脅指數%初始概率值
신식안전%풍험평고모형%위협지수%초시개솔치
information security %risk assessment model %menace index% initial probability value
依据资产、脆弱性、威胁等风险评估基本要素,提出一种基于Markov方法、以威胁为核心的高校信息安全风险评估模型.通过运用Markov,德尔菲集体讨论法,层次分析法等方法得到威胁发生的概率、威胁的后果属性、属性值及其权重,进而计算出威胁指数.利用威胁指数对风险进行排序,为制定有针对性的高校信息安全风险管理策略提供科学的依据.并着重对不同方法选取的初始概率值对最终结果影响进行了比较分析,发现初始概率对最终的结果影响很大.
依據資產、脆弱性、威脅等風險評估基本要素,提齣一種基于Markov方法、以威脅為覈心的高校信息安全風險評估模型.通過運用Markov,德爾菲集體討論法,層次分析法等方法得到威脅髮生的概率、威脅的後果屬性、屬性值及其權重,進而計算齣威脅指數.利用威脅指數對風險進行排序,為製定有針對性的高校信息安全風險管理策略提供科學的依據.併著重對不同方法選取的初始概率值對最終結果影響進行瞭比較分析,髮現初始概率對最終的結果影響很大.
의거자산、취약성、위협등풍험평고기본요소,제출일충기우Markov방법、이위협위핵심적고교신식안전풍험평고모형.통과운용Markov,덕이비집체토론법,층차분석법등방법득도위협발생적개솔、위협적후과속성、속성치급기권중,진이계산출위협지수.이용위협지수대풍험진행배서,위제정유침대성적고교신식안전풍험관리책략제공과학적의거.병착중대불동방법선취적초시개솔치대최종결과영향진행료비교분석,발현초시개솔대최종적결과영향흔대.
With the rapid development of information construction in colleges and universities, information security risk assessment is im-perative. This paper presents a universities' information security risk assessment model based on Markov method and menace analysis. By using Markov, Delphi collective discussion and the Analytic Hierarchy Process(AHP), the probability of occurrence of the threat, the property of the consequences of the threat, property values and their weights are arrived at, then menace index is calculated. The menace index is then used to rank risks involved, thus provides a scientific basis for developing appropriate information security risk management strategy in universities. And with a focus on the effects of the initial probability value selected by different methods on the final result, the comparative analysis conducted finds a significant impact on the final result by the initial probability.