| Driving by the computer technology and network communications, information quickly became one of the decisive powers in dominating over the development progress of human social. With more broadly and easily in information sharing and communication, the more risks information faced with. The risks include with steal, destroy, pollution, and distort. Information security in all fields especially in INTERNET is an urgent issue.The National Security Telecommunications and Information Systems Security Committee have defined IA as "information operations that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This includes providing for restoration of information systems by incorporating protection, detection, and reaction capabilities." In IA the selection of security measures is very important.This paper mainly research about an approach of selection security measures, which are based on risks and costs. Based on risk management and risk assessment an approach of security measures selection based on costs is given, this approach also can optimization IA model.In this paper, firstly is about the importance of information security and researchstatus and trench of information security in both abroad and domestic. Then described some classic information security models such as BLP, Biba, RBAC, McCumber etc. and then is the information assurance technical infrastructure. The IATF is mainly introduces the technologies of Defense-in-Deep.Information security is rely on the implement of security measures, so select security measures are very important in IA. Security measures include technology measures and non-technology measures. This paper mainly research the selection of technology security measures based on risks and costs. After studied the policy of select security measures, this paper researched the risk management and risk assessment The research through out the whole procedure of risk management, include asset assessment, vulnerability analysis, threats analysis and risk assessment and the policies of risk assessment.When we select security measures, no concern about the costs of measures is impossible. One of the goals of IA is to reduce or eliminate loss of assets, we hope be benefited from mis. The same time, the costs can be used in IA is limited. So based on the research of risk management, this paper give an approach of security measures selection based on costs which also can optimization IA model.
|
PDF Full Text Request