摘要
评估信息系统安全防护有效性是提升信息系统安全防护能力的一条重要途径,也是信息安全风险评估的重要环节。本文介绍了几种比较常见的信息系统安全防护有效性评估方法,如综合评价方法与基于图论的评估方法。并对这些典型方法的思想进行了分析阐述并指出了方法的优点与需要改进完善之处。最后,本文展望了信息安全防护有效性评估方法今后发展的趋势。
The effectiveness assessment of safeguards taken in information system is not only important to improve the security, but also holds the balance in the information security risk assessment.The paper presented several methods of safeguards' effectiveness assessment, including the methods of comprehensive evaluation, the methods based on graph and so on.The typical methods are simply analyzed.Furthmore, the advantage and shortcoming of different methods are given in this paper.The future development of methods on effectiveness assessment of safeguards is also predicted.
出处
《网络安全技术与应用》
2014年第9期158-160,共3页
Network Security Technology & Application
关键词
安全防护措施
有效性评估
综合评价法
图论
safeguards
effectiveness assessment
methods of comprehensive evaluation
theory of graph
