Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Information system security performance assessment method

An information system and safety performance technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as inability to assess risks, inability to intuitively respond to risks, and inability to grasp the information risks of information systems in real time, and achieve evaluation results Intuitive and reliable, simple and scientific calculation method

Active Publication Date: 2016-06-01
STATE GRID CORP OF CHINA +2
View PDF8 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, the security assessment methods of information systems are mostly static assessments for specific information environments, which cannot grasp the information of information systems in real time and the risks faced by the environment in which information systems are located.
In addition, the existing evaluation methods of the Ministry of Security mainly focus on the overall security environment of information assets and information systems, and their focus is on the overall risk of the information system, and it is impossible to conduct risk assessment on a single information system object or element
At the same time, the evaluation results of the existing evaluation methods are relatively abstract, and cannot intuitively reflect the risks faced by the information system and its components.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information system security performance assessment method
  • Information system security performance assessment method
  • Information system security performance assessment method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] Such as figure 1 As shown, it is a flow chart of the method of the present invention: the method for evaluating the security performance of the information system provided by the present invention includes the following steps:

[0040] S1. Grade and score the security level, operation and maintenance level, confidentiality, integrity and availability of the information system according to the importance of the information system;

[0041] The information system and the grading score of the information system are shown in Table 1:

[0042] Table 1 Information system classification table

[0043]

[0044]

[0045] S2. Classify the importance of the assets under the information system, and grade and score the confidentiality, integrity and availability of the assets;

[0046] Table 2 Classification and Confidentiality, Integrity and Availability Scoring Table of Assets Subordinate to Information System

[0047]

[0048]

[0049] S3. Carry out information se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an information system security performance assessment method. The method comprises following steps: carrying out leveled scoring to the security level, the operating maintenance level, the confidentiality, the integrity and the availability of an information system; classifying the assets subordinate to the information system; carrying out leveled scoring to the confidentiality, the integrity and the availability of the assets; discovering the vulnerabilities of the information system; obtaining the asset classes to which the vulnerabilities belong; carrying out vulnerability scoring to the vulnerabilities; calculating the security risk values of all vulnerabilities of the information system; and finishing assessing the information system security performance. According to the method of the invention, the information system and the assets subordinate to the information system are classified and scored; the security assessment is carried out to the information system through combining the vulnerability of the vulnerabilities and the assets to which the vulnerabilities belong; the security of the information system can be reacted visually in real time; the information system is assessed by a quantitative calculation method; the assessment result is visual and reliable; and the calculation method is simple and scientific.

Description

technical field [0001] The invention specifically relates to a method for evaluating the security performance of an information system. Background technique [0002] With the development of the country's economy and the improvement of people's living standards, data information has penetrated into thousands of households. Now people's basic necessities of life are inseparable from data information. The advent of the data age and the information age has greatly facilitated people's lives. [0003] Information system is a man-machine integration system for the purpose of processing information flow, which is composed of computer hardware, network, communication equipment, computer software, information resources, users and certain protocols. The security of information system is directly related to the security of data information and the operation security of information system. [0004] At present, the security assessment methods of information systems are mostly static as...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/14H04L63/1433
Inventor 陈中伟童一维陈传鹏刘淼杨启严庆伟陈龚
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com