信息安全风险评估方法综述
首发时间:2007-07-12
摘要:信息安全风险评估是信息安全管理的最根本依据,是对信息系统安全性进行分析的第一手资料。信息安全风险评估已经成为一个完整的信息系统安全保障体系的重要环节,在企业信息安全建设中发挥着不可替代的作用。本文首先介绍了信息安全风险评估的基本概念和风险评估流程,详细介绍了目前常用的信息安全风险评估方法,并对其进行了分类,特别分析了各种不同方法的优缺点,为信息安全人员提供了有益的参考。
For information in English, please click here
Overview on Information Security Risk Assessment Method
Abstract:Information risk assessment is the fundamental of information security management, and the first-hand material for information system security analysis. Information security risk assessment has become an integral part of information system security guard and protection architecture, playing an critical role in the enterprise establishment of information security management system. This paper first introduces the basics of information security risk assessment. Then, a set of detailed risk assessment methods are discussed and categorized, especially with analysis of advantages and disadvantages of different methods, providing a useful reference for information security professionals.
Keywords: information security management, risk assessment, asset, vulnerability, threat
基金:
论文图表:
引用
No.1401612856511842****
同行评议
勘误表
信息安全风险评估方法综述
评论
全部评论0/1000