The Design And Research Of The Evaluation Model Of Dynamic Security Risk Of Colleges And Universities Campus Network

With the rapid development of university campus network, the routine work in the university depends more and more on it. But because of its unique physical environment and special customers, together with the characteristics of openness, dynamics, and decentralization, it has become the target of hackers and suffered a lot from the virus, junk mails and all sorts of harmful information. In the recent years, the situation of criminals'stealing secrets, tampering with the information, and bluffing has become more and more serious. The security of campus network has become a big challenge to the management and the network security administrators of the university.The study is based on the security principle of"multiple levels, all-sided, and integrity,"analysing the characteristics of campus network and the dynamic security situation. Based on the framework of planning-executing-examining-improving of IOS/IEC 17799:2005 and the information security evaluating principles of ISO/13335 , it designs the PDCA model and evaluating systems about the evaluation and management of the dynamic security of campus network. According to the characteristics of openness and dynamics of campus network, it introduces two different evaluating methods and systems. One is regularly the all-sided risk evaluation and the other is daily partial risk evaluation. It designs the risk evaluation model, then analyses and calculates the risk using the AHP of Fuzzy math. It combines the dynamic risk evaluation and security management, which are feasible and integrated. In the end, it evaluates the risk of the hardware in the server room on the campus, its physical environment and measures of security supervision and gives the rational suggestions based on the analysis and evaluation.The practical application shows the designed solutions are generally rational and feasible and can be applied in the security evaluation of campus network. The further study will be made to improve the evaluation system to be more rational, scientific, integrated and feasible.