Security Risk Ontology Model And Assessment Analysis For Mobile Office System

In the era of digital economy,the software and hardware technologies in the field of mobile communication are becoming more and more mature.Meanwhile,the outbreak of the "COVID-19" epidemic has further promoted the accelerated release of the market demand for remote "contactless" office,and government and enterprise offices have gradually shifted from "fixed" to "mobile" step forward.In this context,the usage scenarios and usage frequencies involved in mobile office are gradually increasing,and the related functional modules are more comprehensive and intelligent.The overall development shows the characteristics of continuous upgrading of agile development capabilities and richer system functions.However,while the mobile office effectively breaks the time and space limitations and improves the operation efficiency of enterprises,the security risks it faces are constantly highlighted.In an increasingly complex network environment,the security requirements of the mobile office model are complex,the protection is difficult,and the data security protection requirements are prominent.The relevant security assurance system is still in the process of continuous construction and development.In addition to the relevant security supervision and compliance requirements recently issued by the government,the current mobile office security requirements focus on three aspects:identity security certification,whole-process security protection and security deployment.The focus and difficulty of its risk management mainly lies in how to identify and assess security risk factors.At the theoretical level,domestic and foreign research in the field of mobile office system security risks has achieved certain results,but it is still in the initial stage.The research on risk distribution and identification needs to be strengthened systematically.There are relatively few researches on the security risk ontology of the mobile office system,and the security risk assessment modeling object is not fully focused on the mobile office system.On the whole,there are still theoretical deficiencies in the construction of the security risk ontology model and assessment system for the mobile office system,and the academic theory has not been established yet.Based on this,this dissertation innovatively starts from the perspective of system science,fully combines artificial intelligence algorithms and big data analysis technology,and combines risk management,domain ontology analysis,risk assessment and other methods to carry out research work on the security of mobile office systems from the following three aspects:Firstly,the identification and research of the risk factors of mobile office system are carried out.Based on system science,this dissertation breaks through traditional definitions and boundary limitations,and establishes a matrix of key elements of a mobile office system from four aspects: personnel,software and hardware,environment,and management mode from the perspective of functional categories.Considering the elements of system security,system composition and operating status,etc.,the distribution of security risk factors of the main body of the mobile office system is studied from four aspects: vulnerability,confidentiality,reliability and availability.This dissertation studies the distribution of security risk factors in the operation of mobile office system from two aspects of confidentiality and reliability,and carries out empirical analysis respectively.Secondly,the security risk ontology of the mobile office system is constructed.This dissertation analyzes the logical relationship between vulnerability,confidentiality,reliability,availability and security level,and clarifies the overall security goal of the mobile security office system.Comprehensive expert assessment and security risk assessment ontology extraction method to form a more scientific and accurate mobile office system security risk assessment model.Through empirical research,based on the tensor space model and tensor ontology reasoning,a security risk assessment ontology for the main body and operation process of the mobile office system is constructed.Finally,a dynamic assessment model of mobile office system security risk is built.Based on the preliminary screening of the assessment security risk indicators,this dissertation determines the assessment factor set and assessment set,and the corresponding weight based on Analytic Hierarchy Process(AHP)and entropy method.According to this,this dissertation builds a mobile office system security risk assessment model based on the fuzzy comprehensive assessment model and the fuzzy neural network.Effectively eliminate randomness and subjectivity in system security risk assessment,and realize quantitative analysis of key risk factors.And on the basis of multi-party demonstration,a universal security risk assessment mode and model are formed,combined with empirical analysis,a targeted security risk control strategy is proposed.The innovation of this research is mainly reflected in the theory and model.From the perspective of theoretical methods,the innovation of system theory and zero trust security concept has been carried out,and the security risk system of the mobile office system with "two dimensions" of subject and process has been successfully constructed.In terms of model system,a system security risk ontology construction model based on tensor representation and tensor ontology reasoning is formed.And according to the concept of "dynamic assessment and dynamic management",a security risk prediction model of mobile office system is constructed based on the fuzzy neural network to accurately predict and assess the risk level faced by the office system and significantly improve the efficiency of security risk assessment,which provides a new path with strong operability,high practical value and outstanding achievements for multi-subjects in the security risk management of mobile office systems.The dissertation has practical value and benefit both in theory and practice.In terms of theoretical research,it focuses on system theory,model construction,algorithm application,etc.for academic exploration and breakthroughs,and enriches and improves theories related to security risk assessment and management of mobile office systems.In terms of economic and social development,it can effectively reduce the economic losses caused by security risks,assist in optimizing the expenditure cost structure for security risk prevention,provide support for related product technology research and development,and actively promote the construction of system security trust relationship and ecosystem.