Information security risk assessment method and device, equipment and storage medium

An information security and risk assessment technology, applied in the fields of devices, information security risk assessment methods, equipment and computer-readable storage media, can solve the problems of inability to accurately assess the risk status of information systems, ignoring information system threat factors, etc.

Active Publication Date: 2020-07-24
TENCENT TECH (SHENZHEN) CO LTD
View PDF5 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] It can be seen that the existing technology only evaluates the risk of the information system from the two dimensions of the terminal and the server, and only considers the security incidents tha...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information security risk assessment method and device, equipment and storage medium
  • Information security risk assessment method and device, equipment and storage medium
  • Information security risk assessment method and device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0025] see figure 1 , figure 1 is a schematic diagram of an implementation environment involved in this application, and the implementation environment is an exemplary information system.

[0026] It should be noted that the information system described in this embodiment is a man-machine integration system for the purpose of processing information flow, which is composed of computer hardw...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses an information security risk assessment method and device, equipment and a storage medium. The method comprises the following steps that: 1, the asset value and the vulnerability value of an information system are determined respectively; each influence factor threatening the information system is decomposed into a plurality of hierarchies according to different information attributes, a threat value of the information system is determined according to the relevance between the influence factors in the adjacent hierarchies, and the vulnerability valueis used for describing the weakness degree of the assets in the aspect of security; the risk possibility of the information system is calculated according to the threat value and the vulnerability value, and the risk consequence possibility of the information system is calculated according to the vulnerability value and the asset value; and an information security risk value of the information system is determined according to the risk possibility and the risk consequence possibility. According to the technical scheme of the embodiment of the invention, the security risk state of the information system can be accurately evaluated.

Description

technical field [0001] The present application relates to the technical field of information security, in particular to an information security risk assessment method, device, equipment and computer-readable storage medium. Background technique [0002] With the rapid development of network technology, a large number of information systems and related products are deployed in various industries, and the security issues faced by information systems have become the focus of attention in the industry. [0003] In order to assess the risk of information systems, the existing technology proposes a risk assessment method based on asset security events. Specifically, it is necessary to calculate the risk score and loss score of the server according to the number and probability of different security events occurring in the server, and according to the terminal Calculate the security score and loss score of the terminal based on the number of vulnerabilities, security baselines and ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 马超
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap