Software running security measurement and estimation method based on network environment

A software security and network environment technology, applied in the field of network information security analysis and evaluation, can solve problems such as lack, lack of pertinence, lack of test basis, etc., and achieve the effect of objective evaluation, good scalability, and flexible evaluation methods
CN102799822AActive Publication Date: 2012-11-28CHINA INFORMATION TECH SECURITY EVALUATION CENT
4 Cites 43 Cited by

Patent Information

Authority / Receiving Office
CN · China
Current Assignee / Owner
CHINA INFORMATION TECH SECURITY EVALUATION CENT
Publication Date
2012-11-28

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a software running security measurement and estimation method based on a network environment, and belongs to a network information security analysis and estimation technology. The method comprises the following steps of: constructing a measurement system, namely selecting a software security estimation index; performing threat modeling, namely modeling a threat of software under the network environment; and estimating the security of the software, namely performing security estimation on the software facing the threat under the network environment according to the estimation index through a software security estimation method based on reliability, a software security estimation method based on bug and a software security estimation method based on risk. The step of constructing the measurement system also comprises a substep of selecting the completeness, the non-repudiation, the confidentiality, the authorization, the availability and the identity checkability as the software security estimation indexes. By the method, the security bug and the risk of the software can be estimated in advance, so that a function and security module of the software can be immediately adjusted, and dangerous events can be effectively controlled and prevented.
Need to check novelty before this filing date? Find Prior Art

Description

Technical field

[0001] The present invention relates to network information security analysis and evaluation technology, and more specifically, to a software security evaluation method in a network environment. Background technique

[0002] Nowadays, the software system under the network environment has penetrated into various fields such as national economy, national defense, and social life. It has changed people's traditional production and life style, and has become an indispensable necessity of human society. On the one hand, people are increasingly dependent on software, making software systems and functions more and more complex. On the other hand, due to the openness of the software development process and the uncertainty of the network environment, the software must be guaranteed Quality is getting harder and harder, such as system attacks and failures caused by software vulnerabilities, defects and failures, software system paralysis caused by the instantaneous mutation...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More