基于综合权衡分析的信息安全管理系统评估

Evaluation of Information Security Management System Based on Tradeoff Analysis

下载PDF

导出

摘要随着信息时代的到来,每个组织所拥有和需要的信息越来越多,构建信息安全管理系统日益受到各级组织的重视。采用综合权衡分析方法,研究信息安全管理系统的评估问题。构建了一个包括整体评估和系统优化两层含义的信息安全管理系统评估框架,框架完全符合评价、分析及优化的系统工程思想。提出了基于综合权衡方法的信息安全管理系统评估的一套方法集,方法集不仅实现了定性定量相结合的评估思路,而且实现了评估过程的可视化。研究一方面可以总结信息安全管理系统评估的相关理论和方法,另一方面可以有效地指导我国信息安全管理系统的建设工作。 Along with the advent of information era, each organization possesses and needs more and more information. They pay great attention to the construction of the Information Security Management System （ISMS）. This study applies the tradeoff analysis to evaluate the ISMS. It constructs an available framework for ISMS evaluation. This framework includes the holistic evaluation and the system optimization, and is consistent with the thought of system engineering. It presents an effective methodology set for ISMS evaluation. The methodology set is based on the tradeoff analysis, and combines the qualitative analysis with quantitative analysis, and realizes the visualization of optimization process. This study can summarize some interrelated theories and methodologies for ISMS evaluation on the one hand, and can help the construction of the ISMS of our country on the other hand.

作者余燕芳

机构地区衢州广播电视大学

出处《计算机仿真》 CSCD 北大核心 2009年第8期75-79,共5页 Computer Simulation

基金 2008年度浙江省教育科学规划研究课题

关键词信息安全管理系统性能评估综合权衡 Information security Management system Performance evaluation Tradeoff analysis

分类号 TP391 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献12

1Nstissc ( National Security Telecommunications and Information System Security Committee). National Information Assurance Certification and Accreditation Process(NIACAP) [ R]. New York. NSTISSC, 2000.
2K J Jean, S H Lin, A R W Fung. A study on information security management system evaluation - assets, threat and vulnerability [ J]. Computer Standards & Interfaces. 2004, (26) : 501 -513.
3SO ( International Organization for Standardization ). Information technology - guidelines for the management of IT security - Part 1 : concepts and models for IT security[ R]. Geneva. ISO, 1996.
4D Herman, S Keith. Application of the common criteria to a system: a case study [ J ]. Computer Security Journal. 2001,17 (2) : 21 -28.
5R Kazman, et al. Experience with performing architecture tradeoff analysis [ C ]. In Proceedings of the 21st International Conferences on Software Engineering ( ICSE' 99 ), 1999. 54 63.
6R Kazman, J Asundi, M Klein. Quantifying the costs and benefits of architectural decision [ C]. In Proceedings of the 23rd Interna- tional Conference on Software Engineering (ICSE) . 2001. 297 -306.
7D Gross, E S K Yu. From non -functional requirements to design through pattems[ J]. Requirement Engineering. 2001, 6( 1 ) : 18 -36.
8M Svahnberg, et al. A quality - driven decision - support method for identifying software architecture candidates [ J ]. International Journal of Software Engineering and Knowledge, 2003,13 (5) :547 - 573.
9L Chung, et al. Non - Functional Requirements in Software Engineering[ M]. Dordrecht: Kluwer Academic Publishers, 2000.
10P Giorgini, et al. Formal reasoning techniques for goal models [J]. Journal on Data Semantics. 2004, (1) : 1 -20.

1郭昊.基于灵敏度分析和综合权衡的信息安全管理系统评估[J].计算机应用与软件,2008,25(9):276-278. 被引量：1
2余燕芳.基于灵敏度和综合权衡分析的信息安全管理系统评估[J].电脑知识与技术,2009,5(11X):9230-9233.
3于满泉,陈铁睿,许洪波.基于分块的网页信息解析器的研究与设计[J].计算机应用,2005,25(4):974-976. 被引量：55
4延续M4辉煌，英睿达推出V4系列入门SSD[J].数码时代,2012(9):32-32.
5江峰,杨章伟.Hadoop云平台中基于行为的信任评估研究[J].萍乡学院学报,2014,31(6):85-88.
6胡绍勇.网厅及网上支付系统安全评估方法[J].电信网技术,2011(3):10-13.
7王攀,唐超,刘明兰,梁红彬.定性定量相结合的自适应模糊控制新算法研究[J].系统工程与电子技术,1998,20(11):55-57. 被引量：5
8江明,李玎.浅析面向用户关系的网络隐私攻击与保护[J].网络安全技术与应用,2015(2):95-95.
9吴贻君.多学科设计优化技术[J].中国制造业信息化（应用版）,2010,39(6):53-54.
10宋彩红.怎样科学填报志愿[J].山西教育（招生考试）,2013(7):23-23. 被引量：1

计算机仿真

2009年第8期

浏览历史

内容加载中请稍等...

基于综合权衡分析的信息安全管理系统评估

参考文献12

相关作者

相关机构

相关主题

浏览历史