摘要
信息安全等级保护测评报告模版(2015版)给出了信息系统等级测评综合得分算法,但该算法存在计算工作量大、计算结果不影响测评结论的问题。针对2015版等级测评综合得分算法存在的不足,文章提出了一种新的等级测评综合得分算法,该算法缩小了测评项符合程度的得分取值范围,简化了测评项加权得分的计算方法,大幅度降低了等级测评的计算工作量,实现了对信息系统等级测评结论的定量判定。实验结果表明,新的等级测评综合得分算法能够对信息系统进行合理评价,有效提高了等级测评结论的准确性和科学性。
The report template(2015 edition)gives the scoring algorithm of testing and evaluation for classified cybersecurity protection,however,there are some problems in this algorithm,such as the heavy workload of calculation and the result of calculation does not affect the evaluation conclusion.In this paper,aiming at the problem of scoring algorithm in 2015 edition report template,a new scoring algorithm of classified cybersecurity protection evaluation is proposed.The algorithm reduces the score range of coincidence degree of evaluation items,simplifies the calculation method of weighted score of evaluation items,greatly reduces the computational workload,and realizes the quantitative determination of evaluation conclusion.The experimental results show that the new scoring algorithm achieves a reasonable result in quantitative evaluation of information system,and effectively improves the accuracy and scientificity of evaluation conclusion.
作者
黎水林
祝国邦
范春玲
陈广勇
LI Shuilin;ZHU Guobang;FAN Chunling;CHEN Guangyong(The Third Research Institute of Ministry of Public Security,Shanghai 200031,China;Cyber Security Department of the Ministry of Public Security,Beijing 100741,China)
出处
《信息网络安全》
CSCD
北大核心
2020年第2期1-6,共6页
Netinfo Security
基金
国家重点研发计划[2018YFB0803503]。
关键词
网络安全等级保护
等级测评
综合得分算法
classified cybersecurity protection
testing and evaluation for classified cybersecurity protection
scoring algorithm