摘要
网络信息安全的本质是风险的管理和控制,风险评估是风险管理和控制的核心组成部分。安全风险评估技术既需要有严密的理论、又需要与实践经验相结合,其可操作性成为安全风险评估成功的关键。针对当前安全风险评估中的实践问题,提出一种可操作的基于模型的安全风险评估方法。
Abstract risk management and control are the essence of the network and information security, risk assessment is the core of the risk management and control. Security risk assessment technology must combine theory and practice; operational assessment is the key to the success. For those practice problems, this paper discusses the models of the security risk assessment, proposes an operational risk assessment method.
出处
《计算机工程》
EI
CAS
CSCD
北大核心
2005年第9期129-131,共3页
Computer Engineering
关键词
安全风险评估
网络安全
风险管理
可操作性
Security risk assessment
Network security
Risk management
Operability