Unlock instant, AI-driven research and patent intelligence for your innovation.

Security risk evaluation device, security risk evaluation method and security risk evaluation program

A technology of safety risk and evaluation device, which is applied in the field of evaluating personal safety risk, and can solve problems such as difficult quantification and interpretation of causal relationships.

Pending Publication Date: 2021-01-08
MITSUBISHI ELECTRIC CORP
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the use of difficult-to-quantify information such as psychological states, it is difficult to make an evidence-based explanation for the obtained causal relationship

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security risk evaluation device, security risk evaluation method and security risk evaluation program
  • Security risk evaluation device, security risk evaluation method and security risk evaluation program
  • Security risk evaluation device, security risk evaluation method and security risk evaluation program

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach 1

[0044] according to Figure 1 to Figure 7 , which describes a method of quantitatively and automatically calculating an individual's security risk in consideration of the degree of information disclosure of the individual and the degree of information disclosure of persons having a relationship with the individual.

[0045] ***Description of structure***

[0046] according to figure 1 , the structure of the security risk assessment device 100 will be described.

[0047] The security risk assessment device 100 is a computer including hardware such as a processor 101 , a memory 102 , an auxiliary storage device 103 , an input interface 104 , and a communication device 105 . These pieces of hardware are connected to each other via signal lines.

[0048] The processor 101 is an IC (Integrated Circuit, integrated circuit) that performs arithmetic processing, and controls other hardware. For example, the processor 101 is a CPU (Central Processing Unit, central processing unit), ...

Embodiment approach 2

[0183] Regarding the method of calculating the related risk in consideration of the degree of relationship between the subject person and the related person, points different from Embodiment 1 will be mainly described.

[0184] ***Description of structure***

[0185] The structure of the security risk assessment device 100 is the same as that in Embodiment 1 (see Figure 1 to Figure 3 ).

[0186] ***Description of actions***

[0187] The steps of the safety risk assessment method are the same as those in Embodiment 1 (refer to Figure 4 ).

[0188] However, in step S110 , the person network detection unit 110 generates a person network graph of the subject person.

[0189] For example, the recursive control unit 113 adds a node to be processed to the person network graph for each recursive search process, thereby generating a person network graph of the target person.

[0190] The person network graph of the subject person is the same as that described in the first embodi...

Embodiment approach 3

[0216] Regarding the method of calculating the association risk considering the attack from all the relational node to the object node, according to Figure 8 , the points different from Embodiment 1 will be mainly described.

[0217] ***Description of structure***

[0218] The structure of the security risk assessment device 100 is the same as that in Embodiment 1 (see Figure 1 to Figure 3 ).

[0219] ***Description of actions***

[0220] The steps of the safety risk assessment method are the same as those in Embodiment 1 (refer to Figure 4 ).

[0221] However, in step S110 , the person network detection unit 110 generates a person network graph of the subject person.

[0222] For example, the recursive control unit 113 generates a temporary person network graph by adding a node to be processed to the person network graph for each recursive search process.

[0223] The temporary character network graph is the character network described in the first embodiment.

[02...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A people network detection unit (110) detects a people network indicating the connections between a target and a responsible persons group on the basis of public information about the target. A disclosure risk calculation unit (120) calculates the disclosure risk of the target on the basis of the public information about the target, and, on the basis of a public information group corresponding tothe responsible persons group, calculates a disclosure risk group corresponding to said responsible persons group. On the basis of the disclosure risk group corresponding to the responsible persons group, a connection risk determination unit (130) determines a representative value of the disclosure risk group as the connection risk of the target. A security risk calculation unit (140) uses the disclosure risk of the target and the connection risk of the target to calculate a security risk of the target for cyber-attacks.

Description

technical field [0001] The present invention relates to techniques for assessing an individual's security risk. Background technique [0002] Efforts against cyber-attacks are actively carried out in organizations in order to protect confidential information as well as assets. [0003] One is education or training related to cyber attacks and security. There are examples of acquiring knowledge related to countermeasures against cyber attacks through seminars or e-learning, and examples of training countermeasures against targeted attacks by sending simulated targeted attack emails. [0004] However, even with such efforts, security incidents continue to increase. [0005] Non-Patent Document 1 describes the following. In the actual situation investigation related to the information leakage incidents of enterprises, 59% of the enterprises that reported information leakage have security policies and procedures, but they have not implemented them. In addition, it also point...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/57H04L63/1408H04L63/1433
Inventor 山本匠西川弘毅河内清人
Owner MITSUBISHI ELECTRIC CORP