摘要
提出了一种新颖的安全评估方法。由于当前评估理论的匮乏,导致实际中相当多的安全评估不规范,随意,低效 率。机构需要标准化的评估方法来指导相关工作。基于面向安全描述(OOSD)模型,给出了一种规范、开放和清晰的安全 评估的架构。
A novel approach to the security evaluation of information system is presented. Due to the absence of evaluation theory, most of the security evaluation is informal, random, and low efficient in practice. The organization need standards to regulate their evalutaion for the huge information system and network. Based on the model of object oriented security description (OOSD), a formal, open and clear framework for security evaluation is given.
出处
《计算机工程与设计》
CSCD
北大核心
2005年第1期103-106,共4页
Computer Engineering and Design