摘要
提出了一种基于任务模型的安全量化评估方法,应用于静态的弱点评估和动态的威胁评估。与传统的风险评估方法相比,该模型以组织的任务目标为核心,避免主观偏见,排除大量无关弱点和威胁对评估的负面影响,评估结果更可信。实例分析表明,该方法能更准确、更全面的度量网络系统的安全性。
A new quantitative method based on mission tree for security assessment was proposed. It was applied for static vulnerability assessment and dynamic threat assessment. Compared with traditional risk assessment methods, this model took organizational mission target as core. It avoided the subjective bias, excluding negative influence of a great deal of irrelevant vulnerability and threat. A case indicates that this method can measure the security of network system more accurately and generally.
出处
《系统仿真学报》
EI
CAS
CSCD
北大核心
2007年第15期3372-3375,共4页
Journal of System Simulation
基金
国防"十一五"预研基金(9140A150601)
关键词
任务模型
关键状态
静态评估
动态评估
mission model
key state
static assessment
dynamic assessment