摘要
文章在深入研究信息安全风险评估理论的基础上,结合国内外风险评估的实例,从实践的角度提出了风险评估中所涉及的关键技术。同时,文中还重点阐述了关键技术的实现方法,形成了一套完整的评估流程,为建立信息安全风险评估体系打下了良好的基础。
In combining with the practice of domestic and foreign risk assessment, the key technology of information security risk assessment is proposed on the basis of studying in depth the information security risk assessment theory. Meanwhile, the implementation of the key technology is described in this paper, the complete assessing procedure is formed, and a good foundation is laid for information security risk assessment system.
出处
《信息安全与通信保密》
2007年第4期17-20,共4页
Information Security and Communications Privacy
关键词
信息安全风险评估
资产评估
威胁评估
脆弱性评估
风险计算
量化分析
Information Security Risk Assessment
Asset Assessment
Threat Assessment
Vulnerability Assessment
Risk Calculation
Quantization Analysis