The Vulnerability Assessment Research Of Information System

Information age, network security problems are more and more attented. What is the network security situation, what are the potential risks and vulnerabilities, these problems have become the primary issue of concern. Based on this, the paper proposed a set of indicators of vulnerability assessment, models and processes to evaluate these issues in order to get people the sense of security of information systems.Firstly, this paper analysis the fundamental theories and key technologies of knowledge of information systems vulnerability assessment, and then build the whole information system vulnerability assessment index system.On evaluation index system of vulnerability assessment, assessment models, as well as an in-depth study of the assessment process and proposed a set of assessment models, processes and methods, and to give a basis. And the whole evaluation index system for slicing. And then using the AHP hierarchy analysis method to calculate weight relationship between each layer of the indicator system as a whole, the weight is generally carried out by expert according to the indicator system evaluation, generally speaking, as long as the target system does not change, the weight is fixed. Secondly, this paper provides a set of information systems vulnerability assessment process. And the leaf nodes at the bottom of the evaluation index system for processing, this requires two steps:operations, using scan tool collecting environmental data sets in, if you are scanning tool does not form part of the questionnaire needed to fully understand or are in the area of information systems developers and managers. If there is still no results are identified will need to rely on experts in the field to assess the environment in the other data set; operation of the second, the interpretation of the assessment information object with the data, and map and assessment index system one by one. If the entire process is completed after these two steps, with AHP hierarchy analysis calculated weight to find the levels of a factor in the vulnerability assessment results and gives the corresponding level.Finally, this paper proposed presents the assessment system and method to the actual situation. Instance through the network for data acquisition, quantitative and perfecting the design of index system of testing, that are referred to in this article index system and assessment method of feasibility.