检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《武汉理工大学学报(信息与管理工程版)》2014年第6期862-865,共4页Journal of Wuhan University of Technology:Information & Management Engineering
基 金:国家自然科学基金资助项目(81271513;91324201)
摘 要:针对技术方面的安全风险和人的弱点的安全风险以及以前的风险评估都是分开进行的情况,指出了现实的信息安全风险往往是技术问题与人为因素密不可分的,因此需要综合评估。分析了两类信息安全风险的评估要素,阐述了建立综合评估指标体系的原则,基于结构方程模型给出了具体的评估指标体系,介绍了模型的确定性算法,在评估的基础上讨论了综合防范的原则和措施,这对于信息安全风险的评估和防范具有一定的参考价值。The traditional information security risk comes from the technical aspects, but people's weaknesses can cause the second information security risk:non-traditional information security risk.In the past literatures two kinds of information securi-ty risks are evaluated separately.In a real work to prevent information security risk, technical problems and human weakness are often closely connected each other, so the comprehensive assessment is needed.In this paper, two kinds of information security risks were mixed to analyze synchronously.The evaluation index system were expounded and the specific assessment indicators were given.Meanwhile, the summary of index system of evaluation of information security risks was carried out by structural e-quation model using definite linear algorithm, and comprehensive prevention principles and measures were discussed based on the evaluation at last.The work is valuable for the assessment and prevention of information security risk.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.145