| Networks has became a very important part of people's life. It make life more and more convenient, but it also bring a lot of security problems. With the widely and deeply applied of information technology, information security problems become more and more complex. Now, we usually adopt information security risk management to resolve information security security problems of organization in international. The reliability of a information system is much more depending on the safeguard of the information security. Information security risk management is the foundation of safeguard of the information security. Many expert consider that the most effective and scientific way to resolve organization security problems is risk management. Moreover risk assessment is the foundation of risk management. The way to give an security assessment , to affirm the existing security loopholes of organization and mend them, to reduce the severity to the minimum, has become an important research field of information security.The dissertation describe the related concept of information security, build risk assessment module which based on assets, threaten and vulnerability on the foundation of several information security criterion, explain the risk analysis way. The risk assessment method was given in this paper is base on asset, quantitative analysis and qualitative analysis.Information security commonly emphasize CIA(confidentiality, integrality, Availability) objective, evaluating assets adopt CIA method in this paper. Analyzing assets, vulnerability and possibility of threaten adopt qualitative method, analyzing influencing degree of threaten adopt quantitative method. This paper focus on identifying and evaluating assets, threaten and vulnerability, it uses Analytic Hierarchy Process (AHP) to risk analysis as a scientific and efficient way to analyze... |
PDF Full Text Request