Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Information system security risk assessment model based on combined evaluation method

An information system and security risk technology, which is applied in the field of information system security risk assessment model based on the combined assessment method, can solve the problems of inconsistency of assessment conclusions, difficulty in obtaining consistent assessment, differences, etc., to overcome one-sidedness and limitations, Reduce subjectivity and assess the effects of cost, efficiency and accuracy

Inactive Publication Date: 2010-06-09
FIFTH ELECTRONICS RES INST OF MINIST OF IND & INFORMATION TECH
View PDF0 Cites 40 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to provide an information system security risk assessment model based on the combined assessment method, so as to solve the problem of inconsistency in the assessment conclusions of multiple methods, that is, when the same object with a certain attribute value is evaluated using a variety of different methods There are differences in the conclusions at the time, and it is difficult to obtain a consistent evaluation that is consistent with the objective reality
Finally, according to the weight of each method, the evaluation results of each method are combined to obtain a risk assessment report for the entire information system, so as to solve the problem of inconsistency in the evaluation conclusions of multiple methods, so as to achieve a more scientific and reasonable assessment of the information system. Purpose of Risk Level Assessment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information system security risk assessment model based on combined evaluation method
  • Information system security risk assessment model based on combined evaluation method
  • Information system security risk assessment model based on combined evaluation method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014] Embodiments of the present invention will be described in detail with reference to the accompanying drawings.

[0015] figure 1 It is the overall structure of a complete information system security risk model based on the combined assessment method. The process of combined evaluation is as follows: For m methods in the method library, according to the principle of fuzzy comprehensive evaluation method, expert evaluation is carried out from the two aspects of scientificity and rationality of the method, and then the calculation of each method is obtained by fuzzy analytic hierarchy process. Evaluation value, the first-level index of the evaluation method is used as the output index of the data envelopment analysis (DEA), and the result of the second-level evaluation of the fuzzy combination evaluation is used as the index value, and the relative effectiveness of different evaluation methods is evaluated by using the DEA method. Then select one or several evaluation meth...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an information system security risk assessment model based on a combined assessment method. The model integrates the advantages of qualitative analysis and quantitative analysis, defines a reasonable index hierarchical structure and an algorithm flow and has a core idea of collecting current risk assessment methods into a method base. In assessment, data envelopment analysis (DEA) based on fuzzy comprehensive evaluation is firstly used to screen out a plurality of methods aiming at the highest performance value of an assessment system, and then the assessment results of the screened methods are combined according to fuzzy analytic hierarchy process (FAHP) to solve the problem of inconsistent result of assessment by a plurality of methods and achieve the goal of more scientific and reasonable assessment for information system risk grade.

Description

technical field [0001] The invention relates to an information system security risk assessment model, in particular to an information system security risk assessment model based on a combined assessment method. Background technique [0002] Information security risk assessment is a key link in strengthening the construction and management of information security assurance system. Information security risk assessment is the starting point and foundation of information security construction. solutions to many critical problems. [0003] After years of development, there are many existing risk assessment methods at home and abroad, and their common goal is to find out the risks and impacts faced by the organization's information system, as well as the gap between the current security level and the organization's security needs. However, the choice of assessment method will directly affect every link in the assessment process, and can even influence the final assessment result....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06Q10/00G06Q10/06
Inventor 罗衡峰杨晓明
Owner FIFTH ELECTRONICS RES INST OF MINIST OF IND & INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com