摘要
为解决信息系统风险分析过程中不确定信息难以量化分析的问题,用信息熵度量信息系统风险.引入信息熵风险分析算法,采用定性分析与定量计算相结合,构建一种信息系统风险分析模型,并以实例分析与验证基于此模型的风险分析方法.仿真结果表明,该方法是一种有效的风险分析算法,较准确地反映了信息系统的风险状况,为信息系统风险分析提供了一种新的思路.
According to the characteristic of uncertainty information in the information system risk analysis process, and information system risk measurement using entropy theory, a risk analysis algorithm using entropy-weight coefficient is presented. When combining qualitative analysis and quantitative calculation, a model of information system risk analysis is constructed. Finally, an instance of the risk analysis approach based on the model is analyzed and validated, which demonstrates the rationality and feasibility of the model. So it provides a new method for information system risk analysis.
出处
《北京邮电大学学报》
EI
CAS
CSCD
北大核心
2008年第2期50-53,共4页
Journal of Beijing University of Posts and Telecommunications
基金
国家“973计划”项目(2007CB310704)
北京市自然科学基金项目(4062025)
关键词
信息安全
风险分析
熵权系数
故障树分析
information security
risk analysis
entropy-weight coefficient
fault tree analysis