论文部分内容阅读
做为关键管理手段之一,安全评估贯穿于信息系统生命周期始终,其占据着安全策略制定及调整的基础性地位。采取有效的安全防范策略的重要前提是对系统中所存在的安全风险进行充分识别。本文首先介绍了研究层次化网络威胁态势量化评估网络安全方法相关工作,在此基础上,从层次化网络安全威胁评估模型、安全威胁指数定量计算、参数确定等方面阐述了从上到下、从局部入手扩展至全局的网络安全威胁态势评估体系。
As one of the key management tools, security assessment runs through the life cycle of the information system and occupies the basic position of making and adjusting security policies. An important precondition for an effective security strategy is to fully identify the security risks that exist in the system. This paper firstly introduces the research work on the quantitative assessment of network security based on the hierarchical network threat situation. On this basis, it elaborates the top-down and the top-down from the hierarchical network security threat assessment model, the quantitative calculation of security threat index, Local start to extend the global network security threat situation evaluation system.