摘要
信息系统安全风险评估工作是信息系统安全管理的基础和前提。本文在充分论述军用信息保障系统安全重要性的基础上,针对其安全风险评估问题,阐述了相关定义,给出了军用信息保障系统安全风险评估的思路,并着重介绍了基于系统综合、灰色理论、模糊理论和神经网络的风险评估方法,为定义系统安全需求、制定有效的安全风险控制策略提供了理论依据。
Security risk assessment of information system Based on discussing the importance of information-safeguard is the prerequisite of security management. system security, the paper describes some corresponding definitions and concepts. Then, the thought of information-safeguard system security risk assessment is presented, and the methods of information security risk assessment such as systems integration, grey theory, fuzzy theory and neural network are introduced especially in the paper. Thus, it provides the theory evidence for defining system security demand and establishing useful security risk control strategy.
出处
《舰船科学技术》
2009年第8期127-130,143,共5页
Ship Science and Technology
基金
国家自然科学基金资助项目(60774029)
关键词
信息保障系统
安全风险评估
评估方法
information-safeguard system
security risk assessment
assessment method
