摘要
Nowadays,clear evaluation models and methods are lacking in classified protection of information system,which our country is making efforts to promote.The quantitative evaluation of classified protection of information system security is studied.An indicators system of testing and evaluation is established.Furthermore,a model of unit testing and evaluation and a model of entirety testing and evaluation are presented respectively.With analytic hierarchy process and two-grade fuzzy comprehensive evaluation,the subjective and uncertain data of evaluation will be quantitatively analyzed by comprehensive evaluation.Particularly,the variable weight method is used to model entirety testing and evaluation.It can solve the problem that the weights need to be adjusted because of the relationship role which enhances or reduces security of information system.Finally,the paper demonstrates that the model testing and evaluation can be validly used to evaluate the information system by an example.The model proposed in this paper provides a new valuable way for classified protection of information system security.
Nowadays,clear evaluation models and methods are lacking in classified protection of information system,which our country is making efforts to promote.The quantitative evaluation of classified protection of information system security is studied.An indicators system of testing and evaluation is established.Furthermore,a model of unit testing and evaluation and a model of entirety testing and evaluation are presented respectively.With analytic hierarchy process and two-grade fuzzy comprehensive evaluation,the subjective and uncertain data of evaluation will be quantitatively analyzed by comprehensive evaluation.Particularly,the variable weight method is used to model entirety testing and evaluation.It can solve the problem that the weights need to be adjusted because of the relationship role which enhances or reduces security of information system.Finally,the paper demonstrates that the model testing and evaluation can be validly used to evaluate the information system by an example.The model proposed in this paper provides a new valuable way for classified protection of information system security.
基金
supported in part by National Natural Science Foundation of China under Grant No. 60970115 and 91018008
Science and Technology Foundation of Guizhou Province,China under Grant No. 20112213
2010 Doctoral Scientific Research Foundation of Guizhou Normal University,China
Natural Science Research Project of Education Department of Guizhou Province,China under Grant No. 20090034
