模糊认知图在信息安全风险评估中的应用研究  被引量:7

Application Research on Fuzzy Cognitive Map in Information Security Risk Assessment

在线阅读下载全文

作  者:陈宇[1] 王亚弟[1] 王晋东[1] 王娜[1] 

机构地区:[1]解放军信息工程大学密码工程学院,郑州450004

出  处:《计算机工程》2016年第7期109-116,共8页Computer Engineering

基  金:国家部委基金资助项目

摘  要:由于各类信息安全风险评估标准过于复杂,企业在实施中大多只能替代性地选择按照安全标准进行建设,从而导致安全措施与系统实际情况不符,无法根据系统变化快速调整。针对该问题,提出一种实施难度低的风险评估方法。利用模糊认知图获取资产间关系,通过模糊认知图推理过程计算系统风险值。以一个移动办公信息系统为例对方法进行应用研究,结果表明,该方法效率高、成本低,能够及时、合理地反映系统的风险状态。Since various types of information security risk enterprises can only choose to do construction in accordance assessment standards are too complex, as an alternative, most with safety standards in implementation. This always leads to a substantial gap that security measures are not for particular systems and cannot be quickly adjusted according to the changes of the system. To deal with these problems,this paper proposes a risk assessment method with low difficulty of implementation. In this method, Fuzzy Cognitive Map (FCM) is used to capture dependencies between assets FCM reasoning process is used to calculate the value of systemic risks. An application of the method is studied using an example of a mobile office system. Results indicate that the proposed method is efficient and low-cost. It can reflect the risk status of the system promptly and appropriately.

关 键 词:模糊认知图 信息安全 风险评估 资产增值树 风险聚合 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象