计算机科学
客观性(哲学)
风险分析(工程)
脆弱性(计算)
资产(计算机安全)
信息安全
计算机安全
风险评估
功能(生物学)
业务
进化生物学
生物
认识论
哲学
作者
Ji-zheng GUAN,Mingtao Lei,Zhu Xiao-lu,Jianyi Liu
标识
DOI:10.1016/s1005-8885(13)60220-4
摘要
It is an important function for managers to keep away from information security risks. With the increasing complex and scale of information systems, information system security risks may be more difficult to assess and strategies for risk reduction may be lack of objectivity. To solve this problem, this paper proposes a knowledge-based information security risk assessment method in which basic rules and specific rules are defined to match every asset, threat and vulnerability. Basic rules are defined as the rules without influence of external relationships. Specific rules are defined as the rules by user group. Performance analysis shows this method could increase efficiency and ensure accuracy of risk assessment.
科研通智能强力驱动
Strongly Powered by AbleSci AI