检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:刘昕宇 蔡一鸣 李琳[1] 周睿康 杜俊卓 黄晶晶 LIU Xinyu;CAI Yiming;LI Lin;ZHOU Ruikang;DU Junzhuo;HUANG Jingjing(China Electronics Standardization Institute,Beijing 100007,China;Beijing SaiXi Technology Development Co.,Ltd.,Beijing 100176,China)
机构地区:[1]中国电子技术标准化研究院,北京100007 [2]北京赛西科技发展有限责任公司,北京100176
出 处:《信息安全与通信保密》2024年第2期14-21,共8页Information Security and Communications Privacy
基 金:国家重点研发计划(2021YFB3101601)。
摘 要:《商用密码应用安全性评估量化评估规则》自2020年首次制定以来,先后经历了两次修订。为探讨新的量化评估规则对信息系统测评的影响,通过对新旧版本中各测评对象的测评结果量化评估规则和整体测评结果量化评估规则的差异分析,采用定性和定量相结合的方法,对信息系统测评量化评估分值的计算,以及依据新旧量化评估规则得到的测评结果进行对比分析研究,结果表明,新的量化评估规则对量化评估分值处于阈值附近的系统影响较大。The Quantitative Evaluation Rules for Security Evaluation of Commercial Cryptographic Applications has been revised twice since it was first formulated in 2020.In order to explore the impact of the new quantitative evaluation rules on information system evaluation,through the difference analysis of the quantitative evaluation rules of the evaluation results of each evaluation object and the quantitative evaluation rules of the overall evaluation results in the old and new versions,and by adopting a combination of qualitative and quantitative methods,the calculation of quantitative evaluation scores of information system evaluation as well as the comparative analysis of the evaluation results based on the old and the new quantitative evaluation rules are investigated.The results indicate that the new quantitative evaluation rules have a greater impact on systems with quantitative evaluation scores near the threshold.
分 类 号:TN918[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.224.184.41