| 信息系统安全度量与评估模型 |
| |
| 引用本文: | 闫强,陈钟,段云所,王立福. 信息系统安全度量与评估模型[J]. 电子学报, 2003, 31(9): 1351-1355 |
| |
| 作者姓名: | 闫强 陈钟 段云所 王立福 |
| |
| 作者单位: | 北京大学 计算机科学技术系,北京 100871 |
| |
| 基金项目: | 国家自然科学基金 (No .699730 0 4 ,60 0 0 30 1 5) |
| |
| 摘 要: | 信息技术安全评估标准GB17859定义了信息系统安全评估的安全要素集,并以等级的形式表示信息系统的安全度量.为区分各个安全要素在信息系统安全度量评估过程中表现出的不同特性,提出了组合独立性安全要素、组合互补性安全要素及组合关联性安全要素的概念,通过定义访问路径、规范路径及组件之间的相互关系,给出了信息系统安全度量的形式化评估模型及其实现.
|
| 关 键 词: | 安全度量 评估 组合独立性安全要素 组合互补性安全要素 组合关联性安全要素 访问路径 |
| 文章编号: | 0372-2112(2003)09-1351-05 |
| 收稿时间: | 2003-01-16 |
Information System Security Metrics and Evaluation Model |
| |
| YAN Qiang,CHEN Zhong,DUAN Yun suo,WANG Li fu. Information System Security Metrics and Evaluation Model[J]. Acta Electronica Sinica, 2003, 31(9): 1351-1355 |
| |
| Authors: | YAN Qiang CHEN Zhong DUAN Yun suo WANG Li fu |
| |
| Affiliation: | Dept.of Computer Science & Technology,Peking University,Beijing 100871,China |
| |
| Abstract: | Information technology security evaluation criteria GB 17859 represents the security metrics of information systems as different ratings and defines the security elements set for the security metrics evaluation.The concepts of composition independent security element,composition complementary security element and composition correlated security element are introduced to discriminate between the various characters of the security elements presented in the process of security metrics assessment.The formal evaluation model for information system security metrics and its implementation are also introduced based on the definitions of access path,regular path and the relationship between components. |
| |
| Keywords: | security metrics evaluation composition independent security element composition complementary security element composition correlated security element access path |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《电子学报》浏览原始摘要信息 |
|
点击此处可从《电子学报》下载免费的PDF全文 |
