Walk-through test technique based information security audit implementation method and system

A technology of information security and testing technology, applied in the field of information monitoring, which can solve problems such as the inability to assess the potential risks of business sensitive information

Inactive Publication Date: 2015-03-25
STATE GRID CORP OF CHINA +2
View PDF1 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Under the existing information security risk assessment method, the core information assets of the enterprise, that is, the core (sensitive) business data of the enterprise, exist as part of the information system. When conducting information security risk assessment, business data is used as a

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Walk-through test technique based information security audit implementation method and system
  • Walk-through test technique based information security audit implementation method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. The components of the embodiments of the invention generally described and illustrated in the figures herein may be arranged and designed in a variety of different configurations. Accordingly, the following detailed description of the embodiments of the invention provided in the accompanying drawings is not intended to limit the scope of the claimed invention, but merely represents selected embodiments of the invention. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention.

[0035] In view of the fact that in the protection of...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of information monitoring, in particular to a walk-through test technique based information security audit implementation method and system. The method includes: recognizing business sensitive information waiting for audit and access right of the business sensitive information; tracking flow paths of the business sensitive information in one or more information systems based on the access right; performing audit analysis on risk vulnerabilities existing in the process that the systems with access right process the business sensitive information according to tracking results; based on audit analysis results of the risk vulnerabilities, acquiring a risk value of the business sensitive information. By the method and system, risks existing in the process that the sensitive information flows in full life circles of the multiple information systems can be monitored.

Description

technical field [0001] The invention relates to the technical field of information monitoring, in particular to a method and system for realizing information security auditing based on walk-through testing technology. Background technique [0002] At present, information security audit adopts information security risk assessment method in terms of information asset protection, and the implementation steps include: (1) Identify information assets (such as information systems, equipment, etc.) and list assets; Identify the vulnerabilities and configuration vulnerabilities of information system software and information equipment by means of scanning and security inspection; (3) identify the security threats faced by information systems, information networks and information equipment; (4) comprehensively analyze according to the vulnerability level and security threat level Information Security Risk. [0003] Under the existing information security risk assessment method, the c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57G06F21/60
CPCG06F21/577G06F2221/034G06F2221/2141
Inventor 张淑娟顾广宇孙建王潇
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap