Research And Implement Of Information Security Management Model

Posted on:2010-03-05

Degree:Master

Type:Thesis

Country:China

Candidate:X Y Yu

Full Text:PDF

GTID:2178360278959875

Subject:Computer application technology

Abstract/Summary:

PDF Full Text Request

With the rapid development of information technology, the national economy depends on the information more and more. So, the information security gets more and more attention. The essence of the information security management is the management of risk because risk and security never be separated. There is neither absolute security nor absolute risk. This paper presents a information security management model based on the related technologies and the existents risk management models. This risk management of model consists of two subsystems includes risk evaluate subsystem, risk reduce subsystem. The function of the risk evaluate subsystem is to evaluate system. The function of the risk reduce subsystem is to manage the risk.The risk assessment subsystem consists of two layers including information collect layer, information analyze layer. The function of this part is to collect information and assess information. Information control subsystem includes information reduce layer. It consists of two modules includes forecast module, manage module. Forecast module provides inform function. Manage module based on the result of the risk assessment model to manage the system risk.The kernel of the risk management is assessment. With the appropriate method of risk assess, we could assess the system according to information analysis, vulnerability scan and threat recognition. This paper presents an assessment model which based on the fuzzy mathematics. This method first uses fuzzy mathematics to calculate the risk of asset value, and then use the calculated risk asset value and the threat, vulnerability value to calculate the results. The results showed that the quantified Risk Assessment is implemented, the deviation which the appraised subjectivity and the discrete data brings has reduced, obtained appraisal result which an entire direct-viewing user is easy to accept.This paper implements the model of risk assessment and risk control based on scan technology, intrusion detection based on pattern search, the model of information input.

Keywords/Search Tags:

Risk Management Model, Risk Assessment, Risk Control, Risk Management, Vulnerability

PDF Full Text Request

Related items

1	Research And Implement Of Information Security Management Model
2	Study Of The Risk Management Of Software Projects And Design And Development Of Its Supported System
3	Research On Risk Management In The Data Center Construction Project Of Agricultural Bank Of China Heilongjiang Branch
4	Mobile Transmission Network Construction Project Risk Management Research
5	Research On Risk Management Of Project Alterationof Dezhou Municipal Quality Supervision System Of Office Automation Network
6	Research On Risk Management Of Customs Automatic Clearance System Development Project In Shanghai Zhonghe Software Co.,Ltd.
7	Yanzhou Coal Enterprise Risk Management Information System The Design And Implementation
8	Research On Progect Risk Management Of S Company ERP System Implementation
9	IT Risk Management System Design And Implementation
10	The Research On Network Security Risk Assessment And Risk Management