摘要
随着信息技术安全问题的日益突出,信息安全产品的开发者纷纷寻求可信的第三方的安全评估,而目前针对主机软件系统的评估方法都存在着一定的缺点。该文结合软件系统的弱点信息,提出了一种主机系统安全的量化风险评估方法,并以评估实例分析了评估算法,最后阐明了本评估方法的优势。
With increasing security problems of information technology, developers of information security products seek for the trusted securityassessment by the third part. But there are some defects in present assessment methods for host software systems. This paper proposes a quantitativerisk assessment approach for host system security, combining with the vulnerability information in software system. An assessment instance is givento analyze the assessment algorithm. Finally, this paper illuminates the advantages of this assessment approach.
出处
《计算机工程》
CAS
CSCD
北大核心
2005年第14期147-149,共3页
Computer Engineering
基金
国防"十五"预研项目
关键词
网络安全
风险评估
量化评估疗法
评估策略
Network security
Risk assessment
Quantitative assessment approach
Evaluation policy