Information security risk assessment method based on fault tree and system thereof

A technology for information security and risk assessment, applied in the field of information security risk assessment method and its system based on fault tree, which can solve the problems of improper use of assessment method and the accuracy of fault location affecting the progress of assessment, so as to improve stability and use The effect of long life and convenient system safety maintenance

Inactive Publication Date: 2013-05-08
SUZHOU CHIEN SHIUNG INST OF TECH
View PDF1 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] There are many kinds of information security assessment methods. With the different application systems, the assessment objects are also changing. In the assessment, the network and security hardware equipment of the architecture are often ignored. With the change of the application system assessment factors, the assessment method is not properly adopted. , will affect the progress of evaluation and the accuracy of fault location

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information security risk assessment method based on fault tree and system thereof
  • Information security risk assessment method based on fault tree and system thereof
  • Information security risk assessment method based on fault tree and system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0019] A fault tree-based information security risk assessment method, in which the fault tree analysis method is used for network equipment to realize system risk calculation, and the disjoint minimum cut set is used for risk qualitative analysis and top event probability analysis, so as to quickly identify the weakest link in the system Locate and calculate its occurrence probability, use this method to classify system security, and propose corresponding corrective measures.

[0020] In this embodiment, the risk assessment based on the fault tree is carried out. In the implementation of the risk assessment, the risk calculation model of "asset-threat-vulnerability" is selected as the core to realize the assessment. The asset (asset), denoted as A, refers to the organization's Valuable information or resources, belonging to the object of security policy protection, can be described by confidentiality, integrity, and availability; threat (threat), denoted as T, refers to the po...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an information security risk assessment method based on a fault tree and a system of the information security risk assessment method. According to the information security risk assessment method, a fault tree analysis method is adopted to achieve system risk calculation for a network device, non-intersecting minimum cutest is adopted to carry out risk qualitative analysis and top event probability analysis, location of the weakest link of the system is conducted quickly and occurrence probability of the weakest link of the system is calculated, through the method, system safety grading is carried out, and corresponding rectification measures are put forward. Due to the fact that the information security risk assessment method is adopted, the information security risk assessment method based on the fault tree and the system of the information security risk assessment method are suitable for safety assessment of an application system constructed on a network security hardware device in a frame mode.

Description

technical field [0001] The invention relates to an information security assessment method and system, in particular to a fault tree-based information security risk assessment method and system in network equipment. Background technique [0002] There are many kinds of information security assessment methods. With the different application systems, the assessment objects are also changing. In the assessment, the network and security hardware equipment of the architecture are often ignored. With the change of the application system assessment factors, the assessment method is not properly adopted. , will affect the evaluation progress and the accuracy of fault location. Contents of the invention [0003] Purpose of the invention: In order to solve the problems in the prior art, the present invention provides an information security risk assessment system for evaluating network equipment based on a fault tree. [0004] Technical solution: In order to achieve the above purpos...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
Inventor 刘静张学军李亚方
Owner SUZHOU CHIEN SHIUNG INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap