期刊文献+

一种主机系统安全的量化风险评估方法 被引量:4

A Quantitative Risk Assessment Approach for Host System Security
下载PDF
导出
摘要 随着信息技术安全问题的日益突出,信息安全产品的开发者纷纷寻求可信的第三方的安全评估,而目前针对主机软件系统的评估方法都存在着一定的缺点。该文结合软件系统的弱点信息,提出了一种主机系统安全的量化风险评估方法,并以评估实例分析了评估算法,最后阐明了本评估方法的优势。 With increasing security problems of information technology, developers of information security products seek for the trusted securityassessment by the third part. But there are some defects in present assessment methods for host software systems. This paper proposes a quantitativerisk assessment approach for host system security, combining with the vulnerability information in software system. An assessment instance is givento analyze the assessment algorithm. Finally, this paper illuminates the advantages of this assessment approach.
出处 《计算机工程》 CAS CSCD 北大核心 2005年第14期147-149,共3页 Computer Engineering
基金 国防"十五"预研项目
关键词 网络安全 风险评估 量化评估疗法 评估策略 Network security Risk assessment Quantitative assessment approach Evaluation policy
  • 相关文献

参考文献7

  • 1Kim G H, Spafford E H. Writing, Supporting, and Evaluating Tripwire: A Publicly Available Security Tool. UNIX Application Development Symposium, The USENIX Association, 1994: 89-107
  • 2Hamilton C R. Risk Management and Security. Information Systems Security, 1999, 8(2): 69-78
  • 3Alberts C J, Behrens S G, Pethia R D, et al. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework [Version 1.0]. Technical Report of Carnegie Mellon Software Engineering Institute, Pittsburgh, 1999
  • 4Foo S W, Muruganantham A. Software Risk Assessment Model. Proceedings of ICMIT , 2000,2: 536 -544
  • 5Tregear J. Risk Assessment. Information Security Technical Report, 2001, 6(3): 19-27
  • 6汪立东.[D].哈尔滨:哈尔滨工业大学,2002.
  • 7Schneier B. Attack Trees. Dr. Dobb's Journal,1999, 24(12): 21-29

同被引文献40

引证文献4

二级引证文献72

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部