摘要
对信息化发展过程中信息系统所面临的各种威胁进行有效的评估预测,并根据评估结果部署相应的措施,可减少威胁带来的负面影响。提出了一种基于AHP的信息安全威胁评估模型,它将AHP方法与模糊综合评价法相结合,建立了威胁评估指标,通过资产识别、威胁识别、威胁分析的方法拟得到评估结果。通过实践验证了模型的有效性和可行性。
The measures deployed by the assessment results can reduce the negative impacts of the threats of information systems that we assess and predict in informatization development process.Proposed an model of information securi-ty threaten assessment based on AHP,which combining AHP with Fuzzy Comrehensive Evaluation,establishes threat assessment indicators,and plans to get the assessment result through the methods of assets identify,threats identify,threats analysis.The results of experiment verify the feasibility and validity of the model.
出处
《计算机科学》
CSCD
北大核心
2012年第1期61-64,共4页
Computer Science
基金
重庆市信息产业发展资金项目(200921011)资助
关键词
威胁评估
AHP
资产识别
威胁识别
Threaten assessment
AHP
Assets identify
Threats identify