| With the development of network and global economy in the world, the people start to depend on network gradually. The information of our country has come in the phase of electronic government affair, electronic business affair, news and culture, education and entertainment, multimedia communications and electric power. People enjoy the benefit bringing by the information and also are faced with information security and secrecy. Because of the information technology's sensitivity and particularity, the problem about security of information product and network is very important. How to assess an information system generally and scientifically and how to adopt effective security measurement are significant tasks.The main results are a follows.1. Study the security assessment standards, and introduce the history of development of the international security assessment standards. Introduce the characteristic of trusted computer system evaluation criteria (TCSEC), Information technology security assessment standards (ITSEC) and common criteria for information technology security evaluation (CC). Introduce the surveys of our country information security assessment standards and compare overseas standards with our country's standards.2. Analyze the definitions and characteristic of network securities and the key technology and security policies of network securities and the threatening factors and the sort and the solution of network securities3. Study the factors of the risk assessment and the relations of factors and the theory of the risk analysis and the flow of the risk assessment. The important step of the risk assessment is identifying and recognizing asset, threat, vulnerability and security measurement. The risk analysis is most important in the assessment process..4. Study the models of risk assessment and the two prevalent methods of risk calculation, which are quantificational and qualitative computation. Study and compare with the two methods.5. Illustrate the process of risk assessment. |
PDF Full Text Request