Security policy level joint modeling method based on consultative objective risk analysis system (CORAS)-Petri

A modeling method and security policy technology, applied in the field of network information security risk assessment, to achieve the effect of improving accuracy and precision

Inactive Publication Date: 2013-05-08
WUXI NANLIGONG TECH DEV
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to accurately predict the security risk of the information system, improve the lack of comprehensive protection of the traditional single security measurement technology, comprehensively evaluate t...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security policy level joint modeling method based on consultative objective risk analysis system (CORAS)-Petri
  • Security policy level joint modeling method based on consultative objective risk analysis system (CORAS)-Petri
  • Security policy level joint modeling method based on consultative objective risk analysis system (CORAS)-Petri

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0034] The information system of a medical institution is analyzed and researched by using the security policy hierarchical joint modeling method based on CORAS-Petri, and the steps are as follows:

[0035] The first step is to assess preparation. The main work of assessment preparation is to establish a project leadership team and project implementation team, collect system information of assessment objects, start assessment project management, and conduct training on basic knowledge and skills of risk assessment for relevant participants in the assessment, so as to facilitate the smooth implementation of the project. The use of the CORAS-Petri tool in the evaluation preparation stage is to input the evaluation team organization information, evaluation plan and plan into the CORAS-Petri system after the evaluation team members and evaluation projects are established, and through the project management function of CORAS-Petri, establish a comprehensive evaluation system. Archi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the field of network information security risk assessment and discloses a security policy level joint modeling method based on a consultative objective risk analysis system (CORAS)-Petri. Aimed at a vulnerable spot and defect of a CORAS framework and improving of the CORAS framework, and based on unified modeling language modeling, a Petri net describing network or information system dynamic behavior is introduced, a risk assessment method based on an analytic hierarchy process (AHP) and fuzzy comprehensive evaluation risk assessment method is introduced in a risk computing method of the CORAS framework to compute the risk, and the security policy level joint modeling method can not only reduce working amount of estimation and improves estimation efficiency, but also can refer to previous estimation conclusion, strengthens accuracy and effectiveness of estimation, and therefore improves acquaintance of information system security risk. People can take effectively security protection measures to ensure security of an information system.

Description

technical field [0001] The invention relates to the field of network information security risk assessment, in particular to a CORAS-Petri-based security policy hierarchical joint modeling method, which can effectively perform security risk assessment on information network systems. Background technique [0002] All countries in the world attach great importance to the issue of information security. In the mid-1980s, in order to meet the confidentiality needs of military computers, the US Department of Defense formulated the "trusted computer System Security Evaluation Criteria" (TCSEC), and later made a series of security explanations for network systems, databases, etc., forming the earliest principles of security information system architecture. So far, the United States has developed more than 100 safety systems that meet the requirements of TCSEC, but these systems still have limitations, and have not really reached the highest level of formal description and proof. In ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
Inventor 李千目侍球干侯君
Owner WUXI NANLIGONG TECH DEV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap