| With the development of global informatization and the popularization of Internet, information system that correlate with organization business has became the important strategic resource which organization must depend upon in order to survive. So the importance of assuring the information security of information system has drawn broad attention. Once the information security of organization information system has been destroyed, it would not only cause the security attributes of organization information to be compromised but also make organization business; the loss of it is not only involve economic loss, but also can make deathful damnification to organization's image, reputation, or even strategic competitive predominance. Therefore, it is very essential to perform information security risk management upon information system.However, there are some common problems in existing information system information security risk management method. For example, these methods often separate the risk analysis and assessment of information system from the concrete organization environment and business background; or lack the formalization of the process which get the risk into shape; or take into account technical factor merely when they make security decision, so the decision process can't embody multiple decision objective which organization supervisors expect to achieve. To solve these problems, this thesis presents a information system information security risk management method named ISISRM which provides a new way for information security risk management of information system , and then lucubrates the pivotal question of this new method. The main contents and fruits of this thesis are outlined as follows:Firstly, ISISRM framework is constructed from four aspects such as the essence of idea, management circle, processes and methods, management organization. ISISRM provides a suit of normative practical procedure of implementing risk management on information system through an process framework composed by 13 processes. ISISRM method adequately materialize the modern information security risk management theory. ISISRM has four characteristic: it identifies and analyses risk factors orienting to the concrete business process in organization; it calculates risk event frequency based upon the process which get the risk event into shape; it measures information security risk based on proper quantity level; it balances several decision-making objective against each other to seek satisfied security plan.Secondly, a method of modeling risk event through Exploit Graph(EG) is presented. A information system security analysis model is constructed. A algorithm of construct exploit graph is presented based on this model, and the efficiency of the algorithm is analysised. A system framework of risk event process modeling based on EG is proposed. Using EG to describe the process which the risk event is get into shape can simulate the thoughtway of the attack initiator, portray comprehensively and subtly all of the possible action scenarios that attack initiator can induce the risk event and the temporal order relations between vulnerability exploiting actions in each process. Then EG can provide a clear view for understanding the dynamic process of risk event.Thirdly, a method of calculating information system information security risk events frequency based on EG is presented. The main content of this method includes the method of forecasting the attack frequency, the algorithm of calculating the maximal victory frequency of risk event based on EG, and the method of calculating the victory frequency of atomic exploit node in EG based on Bayesian Network theory.Fourthly, a method of calculating the loss of information security risk event based on fuzzy NCIC(Nontraditional Capital Investment Criteria) method is put forward. The main study of this method include: a hierarchical holographic model of loss(HHML) of information security risk event is presented; the fuzzy NCIC method for fuzzy multi-criteria decision making is studied; the method using language variable to express the fuzzy preference information of decision-maker in the pairwise comparison matrix is proposed; the flow of using fuzzy NCIC method to assess the loss of information security risk event is presented is designed. Using fuzzy NCIC method to assess the loss of risk event can quantify the loss in currency format, then can not only intuitionisticly reflect the harmful result to information system and organization induced by risk events, but also be convenient for security decision maker to perform cost-effect-ratio analysis on security plans, which enable decision-maker to put information security risk management in the frame of economics analysis and to use economics theory to provide guidance and method for information security management decision.Fifthly, an integrated framework of information security decision is built. The framework includes three phases: startup of security decision judging phase, budget on the investment of security adjusting and controlling phase, and risk control decision making phase. In the first phase, based on the condition of security decision start-up, the flow of judging the start-up of security decision is proposed. In the second phase, the flow of dynamicly adjusting the current security investment budget is designed, a model for minimal information security investment is presented, and an adaptive genetic algorithm based on fuzzy arithmetic named AGABOFA is proposed for the model. AGABOFA adopts adaptive genetic arithmetic, dispose restriction based on fuzzy arithmetic and uses overall global risk value update algorithm to calculate information system residual risk corresponding to given security plan during the decoding phase of solving course of itself. In the third phase, the model of fuzzy multi-objective optimization for information security risk control is built and the solving frame of the model is proposed. And the strength Pareto evolutionary algorithm based on fuzzy arithmetic named SPEABOFA for the model is presented, SPEABOFA dispose restriction based on fuzzy arithmetic, adopts several operations such as filtering, niches and breeding process which guarantee the diversity of the population and the divergent speed. Then a fuzzy multiple attributes group decision making method is presented for selecting the most satisfactory security plan in Pareto set of the model. Based on holistic frame of the information system security decision, a satisfactory security plan which synthesizes the opinion of all decision-maker, takes into account multiple security decision objective, and can control the information security risk of information system in the acceptable scope can be worked out.Last, a real information system is used to illustrate key methodologies presented in this thesis.
|
PDF Full Text Request