| Information security risk assessment is the process used to identify and understand risks to the confidentiality,integrity,and availability of information and information systems.It provides a scientific basis for the protection of networks and information security.Information security risk assessment is a new technology in China,so there are many difficulties in it's application.In this paper,we introduced Bayesian network into information security risk assessment system based on risk analysis studies,and completed the following work:(1)creating a risk assessment model based on Bayesian networks,which used probabilistic reasoning to seek value at risk and combined with expert knowledge;(2)describing the various elements of the ranking and the reasoning process of the model we introduced;(3)giving a risk assessment model system architecture network based on Bayesian analysis and the corresponding security knowledge base in detail;(4)giving a implementation of risk analysis module based on Bayesian network,and used it to analyze an example.According to researches and practices we did in this paper,at last,we proved that the model of risk assessment based on Bayesian analysis is an effective model of information security risk assessment system. |
PDF Full Text Request