检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:张晓东 刘俊 夏琨 ZHANG Xiaodong;LIU Jun;XIA Kun(State Grid Ningxia Marketing Service Center(State Grid Ningxia Metrology Center),Yinchuan Ningxia 750021,China;State Grid Ningxia Information&Communication Company,Yinchuan Ningxia 750001,China)
机构地区:[1]国网宁夏电力有限公司营销服务中心(计量中心),宁夏银川750021 [2]国网宁夏电力有限公司信息通信公司,宁夏银川750001
出 处:《信息安全与通信保密》2022年第4期11-17,共7页Information Security and Communications Privacy
摘 要:信息安全量化管理系统是安全闭环管控的管理手段,其结合了相关信息安全技术和管理标准,能够对信息系统的安全性进行过程评价,针对不同系统形成安全配置标准,为安全加固提供操作指南。量化评估的结果可以作为参考标准,支撑系统建设、运维过程安全加固;也可以在任何阶段用以评价系统的安全状态,评估系统是否处在可接受的水平。为信息系统入网测试、工程验收和运行维护等设备全生命周期各个阶段安全管控提供手段,促进安全要求的落实。The assessment management system of information security quantitative is a management method for closed-loop security management and control. It combines relevant information security technologies and management standards to evaluate the security of information systems in the process, and form security configuration standards for different systems, providing operational guidelines for security reinforcement. The results of the quantitative evaluation can be used as a reference standard to support the security reinforcement of the system construction and operation and maintenance process;It can also be used to evaluate the security status of the system at any stage and evaluate whether the system is at an acceptable level. This system provides measures for the safety management and control at all stages of the equipment entire life cycle, such as information system network access test, engineering acceptance,operation and maintenance, etc., and promotes the implementation of safety requirements.
分 类 号:TP399[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222