摘要
文章在对信息安全体系结构进行分析的基础上,对一种分层和面向服务的智能企业信息安全体系结构进行了研究,有助于构建一个模型来系统和智能地对企业信息安全活动进行管理,并与整体信息管理活动相结合。文章还着重对其中的相关领域(例如,信息安全中最关键的属性以及信息安全管理等方面)进行了研究,并探讨了采用ISO/IEC 27001标准的信息安全和风险控制服务。
Based on the analysis of information security architecture, this paper introduces a layered and service-oriented intelligent enterprise information security architecture; helping to build a model to manage the enterprise information security activities systematically and intelligently, and incorporate with the overall information management activities. Meanwhile, this paper emphasizes theresearches on the relevant areas (e.g. the most critical attribute in information security, information security management and so on),and discusses information security and risk control services based on ISO/IEC 27001 standard.
出处
《科技创新与应用》
2018年第6期186-190,共5页
Technology Innovation and Application
关键词
信息安全
体系结构
信息安全管理
可用性
风险控制
information security
architecture
information security management
availability
risk control
