检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]中国信息安全测评中心信息资源处,北京100085
出 处:《武汉理工大学学报(信息与管理工程版)》2011年第6期855-858,共4页Journal of Wuhan University of Technology:Information & Management Engineering
基 金:国家自然科学基金重大研究计划资助项目(90818021)
摘 要:针对漏洞管理机制的复杂性,在对现有漏洞管理体制进行多层次、多角度分析的基础上,提出了一种基于公开交易的漏洞管理机制的设想,对其交易流程进行了阐述,并使用PEST-SWOT方法对其进行风险分析,综合考虑了政治、经济、社会和技术等因素,比较分析了机制的优势、劣势、机遇和挑战,提出了一系列业务战略,给出了规避风险,提高其可用性的具体措施。Managing vulnerability is a complex process. After current vulnerability management mechanism was analyzed in detail from different aspects, a public vulnerability trading mechanism was proposed, and the workflow of vulnerability trade was described. PEST - SWOT was introduced to analyze the risk of this mechanism, and factors including politics, economics, society, technology were taken into account. Strength, weakness, opportunities and threads were comparatively analyzed. A series of business strategies were proposed and some strategies for risk mitigation were given.
关 键 词:安全漏洞 漏洞交易 漏洞验证 PEST—SWOT 风险管理
分 类 号:TP393.3[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222