Study Of Theory And Example Of Information Security Risk Assessment Of Hybrid Library Based On ISO27000

In the information age, with the development of library automatization, digital and network construction, Modern Library is gradually from the traditional library to digital library moving. "Hybrid Library", as the combination of the traditional library and digital library, and as the prevalent form of university library, public library and scientific library, is now facing a new challenge: digital information resources increase dramatically, new business are constantly emerging, and network services approach is also increasingly rise. For these reasons, how to guarantee the accuracy of the information resources for customer service, how to ensure that the library continued stability operations, and how to avoid the threat of the library network application systems are encroached upon. Library Information security is higher demanded. We need to assess the security risk and management of hybrid library in order to protect its security.In this thesis, the first theoretical research is about library information security status. While summing up the current field of information security some of the most popular security technologies, such as Firewall technology, Anti-virus technology, Intrusion Detection Technology and the VPN, then, based on the data both from the China Social Sciences Citation Index (CSSCI) and China National Knowledge Infrastructure (CNKI), the thesis analyzes the domestic researches in the information security management field. Then it presents to the domestic and international library community hotspot: Digital Library for the security of information in the literature, and an overview of security technology, security management and security policy and other content.To better manage the information security of hybrid library, this thesis is based on the current international representative of the general information security management standard ISO27000 series, using the risk assessment methods, information safety management and control measures, from the ISO27001 and ISO17799, as a guide to assess the information security risk of hybrid library, for risk management preparedness.The example research components, has selected the current national digital library project of the University Library, public library and scientific library as research targets for their information security status of the investigation, then in accordance with the ISO27000 standard risk assessment as the object of study of risk analysis and assessment. According to research data collected, summarized, comparison and analysis, it present implement model of information security risk assessment of hybrid library based on the ISO27000. The model is under the ISO27000 risk assessment steps along with hybrid library operational characteristics. It analyses and evaluates security risk of hybrid library by analyzing three elements of security's information, the information assets, threats and vulnerabilities. And the assessment results are preconditions of hybrid library's security management. Finally, this thesis is a study of the college library model based on the implementation of the risk assessment process, examples from the perspective of ISO27000 certification based on security risk assessment of hybrid library for the implementation of the application and feasibility.This thesis proposed by the ISO27000-based hybrid library information security risk assessment model will help implement complex Library business sectors self assessing, in order to build the foundation of information security risk management and information security systems.