摘要
首先从信息安全风险评估的流程入手,着重叙述了信息安全风险评估过程中风险计算的原理和步骤。针对目前风险计算缺乏统一的标准和具体计算方法的问题,结合实际的风险评估工作,探索性地给出一种改进的风险计算方法。在深入研究常用的几种风险计算方法后,对改进算法的客观性和准确性做了进一步的阐述。
At first, start with from procedure of information security risk assessment, describe the principle and step that risk calculate in the evaluation process especially. At present, the risk calculating lacks unity standard and the concrete computational method, combining with practice of risk assessment, a kind of improved algorithm is proposed in this paper. The improved method is further explained from objectivity and accuracy of the risk calculation, after investigating several kinds of extant risk calculating method.
出处
《无线电通信技术》
2006年第2期44-47,共4页
Radio Communications Technology
关键词
信息安全
风险评估
风险计算
量化分析
information security
risk assessment
risk calculation
quantization analysis
