Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Information security risk assessment system and method

A risk assessment system and information system technology, applied in the direction of instruments, data processing applications, resources, etc., can solve the problems of small assessment scope, single assessment items, ignoring potential threats, etc., and achieve the effect of wide assessment scope

Inactive Publication Date: 2018-12-21
向心力信息技术股份有限公司
View PDF5 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The current information system risk assessment is mainly carried out through the threat assessment method, that is, according to the security incidents generated by the vulnerability warning information and the virus warning information, the threat screening of the security incidents, the identification of the risk level and the correlation of the corresponding information asset information are generated. Risk assessment data, this risk assessment method has a single assessment item, the scope of assessment is small, the assessment ignores potential threats, and corresponding risk control cannot be performed based on the assessment data

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information security risk assessment system and method
  • Information security risk assessment system and method
  • Information security risk assessment system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] Embodiments of the technical solutions of the present invention will be described in detail below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, so they are only examples, and should not be used to limit the protection scope of the present invention.

[0030] It should be noted that, unless otherwise specified, the technical terms or scientific terms used in this application shall have the usual meanings understood by those skilled in the art to which the present invention belongs.

[0031] Information security risk (referred to as risk) is a potential and negative thing that has not occurred, and a security incident is an obvious and negative thing that has occurred. Risk is the premise of events, and events evolve from risks under certain conditions. The composition of risk includes five aspects: origin, mode, pathway, receptor and consequence. The source...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The information security risk assessment system disclosed by the invention comprises an asset information acquisition module, a risk factor identification module, a risk degree analysis module, a riskgrade evaluation module and a risk control module. The risk factor identification module is used for identifying risk factors. The risk degree analysis module is used for synthesizing the analysis results according to the existing security measures analysis information, threat source analysis information, threat behavior analysis information, vulnerability analysis information, asset value analysis information and impact degree analysis information. The risk grade evaluation module is used for obtaining the risk evaluation report according to the comprehensive evaluation risk grade of the risk evaluation algorithm library. The risk control module is used to make corresponding risk control measures according to the risk assessment report. By combining the frequency of threat sources, the severity of vulnerability utilization and asset value to calculate the risk rating, comprehensive assessment, assessment of a wider range, can be based on the assessment data to make corresponding riskcontrol measures.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to an information security risk assessment system and method. Background technique [0002] The research on information system security risk assessment in foreign countries has a history of more than 20 years. In the 1970s and 1980s, IT developed countries such as the United States and Canada established national certification bodies and risk assessment certification systems, responsible for researching and developing relevant assessment standards. , Evaluate certification methods and assessment technologies, and conduct information security assessment and certification based on assessment standards. At present, the standard systems, technical systems, organizational structures, and business systems related to information system risk assessment in these countries are quite mature. From the point of view of relevant countries that have established information sec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06Q10/06
CPCG06Q10/0635
Inventor 吴涛刘杰
Owner 向心力信息技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com