摘要
针对评估结果不确定性造成决策层无法感知信息安全的整体保障水平,当前解决方案较少考虑数据元素间的融合和关系等问题,本文提出一种基于D-S理论的安全评估结果不确定性解决方案.方案从36个方面动态多角度收集原始证据,按照对应关系进一步将原始证据形成5部分评估证据,借助统计模型生成评估证据所需贡献矩阵,融合D-S证据理论,采用单点信任度值大的作为本次安全评估的结果.实验表明,方案解决了主机安全评估结果带来的不确定性,具有通用性特色.
Due to the uncertainty of assessment results, the level of information security is difficult to be per- ceived. However, there are few solutions focusing on the data integration and relation. In this paper, we propose a so- lution to deal with the uncertainty of assessment results based on the D-S evidence theory. We first dynamically collect the original evidence from 36 aspects. Then, we form five parts of assessment evidence according to the corresponding relation, and generate the contribution matrix using the statistic model. Based on this, we take the maximum trusted single-point value as the assessment result. Our experiments suggest that the proposed solution is efficient and univer sal to solve the problem of uncertainty.
出处
《武汉大学学报(理学版)》
CAS
CSCD
北大核心
2013年第2期178-182,共5页
Journal of Wuhan University:Natural Science Edition
基金
河南省科技攻关项目(112102310368)
河南省教育厅科技攻关项目(2011A520050)资助
关键词
安全评估
不确定性
原始证据
评估证据
D-S证据理论
security assessment ~ result uncertainty~ original evidence~ assessment evidence~ D-S evidence theory