| With contemporary communications and network technology, high-density storage technology, computer technology and multimedia and other advanced technologies, the rapid development of a truly meaningful information resources space - digital library is taking shape, and this is the 21st century development of the countries in the world library theme, global economic integration is a prerequisite for one. The digital library of directly affects the future of the national economy, culture, education, science and technology, such as the cause of construction and development. Therefore, strengthening information security research and prevention, and create an atmosphere and environment information security has become a digital library of the most important priority. Information security of digital library is an understanding of risk management, risk assessment, risk management process and risk assessment is the understanding of the digital library security risk status, technology and management to implement safety measures to reinforce the premise. However, in order to assess their risk of relying solely on the completion of unrealistic, because assessment elements with the evaluation process, the communication process, monitoring and assessment process, the assessment process and repeated constantly changing, and the need to keep a lot of duplication of data processing, the Digital Library for the security management software to design a risk assessment seems particularly unnecessary.This paper first on the domestic and international information security risk assessment, evaluation criteria and evaluation software research carried out in-depth analysis of the status quo, and describes the information security and the relationship between risk assessment and then assess the information security risks in the relevant concept of the assessment process, model and methods, and ISO27000 standards were introduced; followed in-depth study to assess the information security software in the assessment, as well as the important role of the three types of commonly used now risk assessment software. On this basis, the realization of the digital library based on ISO27000 risk assessment of the necessity and feasibility of the software, combined with digital library information security management based on the characteristics of the digital library ISO27000 Information Security Risk Assessment tool processes. Finally, on the basis of this process, designed and implemented based on the ISO27000 digital library of information security risk assessment tool. This article is the first research and development based on the ISO27000 of the digital library of information security risk assessment system to address the risk assessment of its past, a lot of complicated manual, to a certain extent, improve work efficiency and reduce the loss of the digital library. At the same time the system provides the template import / export, and other operating functions for a variety of exchanges between the digital library, reducing the duplication of work and business processes to those norms, the related assets, threats and weak points easily into the organization risk assessment provided interface. |
PDF Full Text Request