检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《信息安全研究》2017年第3期270-276,共7页Journal of Information Security Research
基 金:国家自然科学基金重点项目(61433006);国家自然科学基金面上项目(61272204)
摘 要:舰艇系统作为典型的信息物理融合系统,在对其进行信息安全脆弱性评估时需要充分考虑网络部分和物理部分融合的特性.在对舰艇系统信息安全问题进行深入分析的基础上,结合工作流基本原理,提出了基于工作流的舰艇系统信息安全脆弱性评估方法.该方法针对待评估的业务过程建立基于工作流的脆弱性评估模型,对执行工作流任务的设备进行解析,分析设备中存在的脆弱点,利用层次分析法对设备的信息安全脆弱性进行评估.根据工作流任务之间的逻辑关系以及执行工作流任务设备的脆弱性评估结果,对工作流任务的信息安全脆弱性进行评估,最终评估得到业务过程的信息安全脆弱性.Warship system is a typical cyber-physical system. The characteristics of the fusion of cyber part and physical part of warship system needs to be fully considered during the security vulnerability assessment In this paper, a workflow based vulnerability assessment method for security of the warship system is proposed after analyzing the security issues of the warship deeply and studying the principle of workflow. In detail, A workflow based vulnerability assessment model is established for the business process which is to be evaluated. Further, the composition of equipment that performs the workflow task and the vulnerability of the equipment are analyzed, respectively. And then, the security vulnerability of the equipment is evaluated by analytic hierarchy process (AHP) method. According to the logical relationship between workflow tasks and the results of vulnerability assessment of equipment, the security vulnerability of the workflow tasks is evaluated, and finally the security vulnerability of the business process is evaluated.
关 键 词:信息物理融合系统 舰艇系统 脆弱性评估 工作流模型 层次分析法
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.144.216.188