Integrated risk computing method and system of computer information system

A technology of comprehensive risk and information system, applied in the field of comprehensive risk calculation method and system of computer information system, which can solve the problems of ignorance and uncertainty

Inactive Publication Date: 2009-07-22
BEIJING VENUS INFORMATION TECH
View PDF1 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, when using fuzzy calculation technology to synthesize evaluation factors, the nature of "uncertainty" or "unknown" in the evaluation process has not been well reflected.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Integrated risk computing method and system of computer information system
  • Integrated risk computing method and system of computer information system
  • Integrated risk computing method and system of computer information system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0040] Embodiment 1. utilize the present invention to carry out the specific method and step of risk assessment, such as image 3 shown.

[0041] 1. Step 301 establishes risk level standards:

[0042] The 7-point grade standard for hypothetical definition risk is shown in Table 1.

[0043] Table 1: Risk Level Criteria

[0044] grade factor

Grade symbol

No describe

0 d 1 Ignorable. The occurrence of a risk event has little impact on the system

0.1

d 2 small. Influential but small. Once a risk event occurs, the

10% more value loss.

0.3

d 3 slightly obvious. Can feel the changes caused by the system, but not very strict

Heavy. Once a risk event occurs, at most 30% of the value loss will be caused

lose.

0.5

d 4 medium. can cause damage to the reputation of the system, or

A decrease in trust in the source or service requiring the payment of significant resources to re...

Embodiment 2

[0061] Embodiment 2. The implementation of the initial risk credit evaluator of the original element (such as Figure 4 ). The evaluator assigns the reliability of the original evaluation elements relative to the established risk level standard based on the evaluation of the original evaluation elements. It includes the following devices:

[0062] 1) The input device 401, which inputs the initial risk assessment value s of the original assessment element and the risk level standard vector D.

[0063] 2) The initial risk reliability calculation unit 402 calculates an initial risk reliability vector of an original assessment element according to the initial risk assessment value of the original assessment element.

[0064] 2) The output means 403, which outputs an initial risk reliability vector of the original evaluation element.

[0065] Assume that the 7-point risk level standard {d 1 , d 2 ,...,d 7}={0, 0.1, 0.3, 0.5, 0.7, 0.9, 1}, if the CVE score s=7.6 of an element,...

Embodiment 3

[0070] Embodiment 3, the implementation of comprehensive risk credibility calculator (such as Figure 5 ). The calculator calculates the comprehensive risk reliability of the evaluation object based on the risk reliability matrix of all evaluation elements and the weight vector of the evaluation elements. It includes the following devices:

[0071] 1) The risk reliability matrix input device 501, which inputs the risk reliability matrix R of the evaluation elements. When the assessment element is the original assessment element, the risk credibility matrix R is the initial risk credibility matrix output by the initial risk credibility evaluator.

[0072] 2) The weight vector input means 502 of evaluation elements, which inputs the weights of all evaluation elements of an evaluation object.

[0073] 3) The comprehensive risk computer device 503 completes the calculation of the comprehensive risk reliability of the evaluation object.

[0074] 4) The risk reliability vector o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method and a system for integrated risk calculation of a computer information system, comprising the following functional modules: an original factor initial risk reliability valuator forms original factor initial risk reliability vector and a comprehensive risk reliability calculator connected with the original factor initial risk reliability valuator for calculating and evaluating the comprehensive risk reliability of the object; the method comprises the following steps: building risk level standard, analyzing the object and building weight, evaluating the original factor initial risk reliability, building risk reliability matrix, calculating the comprehensive risk reliability and quantizing the comprehensive risk. Evaluation factors are used as evidence of the evaluation object, and the risk of the evaluation object is calculated with an evidence synthesis method; the result of the evaluation factors is synthesized from the angle of the evidence, so as to be capable of directly expressing the uncertain or unknown factors in the evaluating process, and the information is kept in the synthesis process of the evaluation factors, thus leading the evaluation result to be more objective and real.

Description

technical field [0001] The invention belongs to the field of information security, and in particular relates to a computer information system comprehensive risk calculation method and system. Background technique [0002] With the continuous development and popularization of information technology, the risk assessment of information system also plays an increasingly important role. In the actual evaluation process, evaluators often use analytical methods to divide the complex evaluation object into several relatively simple evaluation elements, and then calculate the risk of the evaluation object from the evaluation results of each evaluation element. Since the current computer information system is usually a complex system composed of a network, there are security dependencies between components and between components and systems. Due to the uncertainty of these associations, there are quite a lot of randomness, ambiguity and subjective arbitrariness in the evaluation proc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00H04L12/24H04L29/06G06F21/50
Inventor 胡振宇骆拥政史萍萍李杰谢瑞璇
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap