| With the rapid development of information technology, the application of information technology pervades at every corner in the society. However, the applications of information system are frequently threatened by virus, Trojan house, malfunction, sabotage and so forth due to the characteristics and limitations of information and network system. The researches of ensuring information security have being considered as a central issue. In order to promote security controlling level and establish reliable information security management system, some measures, i.e. making the complete assessment of information system with scientific and effective methods, mastering safety conditions of systems, analyzing potential threaten and adopting the necessary measures, are needed. Those are the tasks of information security risk assessment.In this paper, after the study of existing security assessment technology, a security assessment method was presented. The thesis includes the following main pursuit:1) The existing assessment methods were analyzed systematically, which provided reliable theoretical instruction;2) An information security risk assessment index system was established through analyzing security events and their constitute elements;3) The weights of index were determined by AHP method, and the information security risk assessment model based on grey system theory was established;4) Gray evaluation method was applied on the analysis and calculation of a concrete data.This paper concentrates on the topic of applying grey assessment on establishing information security risk assessment. The final comprehensive assessment value was derived by establishing triangle albino function and calculating grey evaluation coefficients with examples. The results indicated that the established model can sufficiently utilize the information contained in evaluation index, and has good operability also. The model is helpful for practical work. |
PDF Full Text Request