空管信息安全风险评估

Air traffic control information security risk assessment

文章在深入研究标准信息安全体系结构、充分考量结构合理性的基础上,结合空管行业特点,遵循体系设计原则,选取模糊综合评价方法,建立了信息安全风险评估模糊综合评价模型,并对风险评估结果判定和风险管理流程进行了改进,通过归一化方法把个体系统特征统一到整体安全评估系统当中,进一步延伸,能够实现每一环节都有例证来准确反映风险状况的目的。

The article in in-depth study of information security standards architecture ,fully consider the rationality of structure based on, combined with the characteristics of the ATC industry, according to the design principle of the system, using fuzzy comprehensive evaluation method, information security risk evaluation, fuzzy comprehensive evaluation model is established and the risk assessment results to determine the processes and risk management has been improved, the method of normalized to a system of unity to the whole safety assessment system, further extension, to achieve each link are illustrated to accurately reflect the risk profile.