摘要
信息技术的发展使得政府和军队相关部门对信息系统安全问题提出更高要求。涉密信息系统安全有其独特性,风险评估区别于普通信息安全系统。文章以涉密信息系统为研究对象,首先阐述涉密信息系统的特点,针对其独特性对现有信息安全风险评估方法进行分析评价。然后将基于层析分析法的评估模型引入到涉密信息系统安全风险评估中。为涉密信息系统进行风险评估提供一种新的技术思路。最后通过实例分析,所提模型在处理涉密信息系统评估过程中对得到的离散数据分布无要求,与德菲尔法以及BP神经网络相比,该模型具有一定实用性和可扩张性,适合用于实际地涉密信息系统风险评估中。
The development of information technology makes the government and military authorities put forward higher requirements on the security of information system. The uniqueness of classified information system security makes risk assessment different from the common information security system. In this paper, classified information systems are research object. We first describe the characteristics of information system security, the uniqueness of the existing methods of analysis and evaluation of information security risk assessment. Then an evaluation model based on AHP is introduced into security risk assessment of information system security. A new way of classified information system risk assessment is presented. At last, through the analysis of an example, we analyze that the proposed model in processing of information system security evaluation process to get the discrete data distribution is not required, compared with the Delphi method and BP neural network, this model is highly of practicability and expansibility, it does suitable for classified information system risk assessment actually.
出处
《信息网络安全》
2014年第3期80-86,共7页
Netinfo Security
基金
黑龙江省科技厅科学技术研究项目[12513049]
关键词
涉密信息系统
信息安全
层次分析法
风险评估
classified information system
information security
analytic hierarchy process
risk assessment
