Based On The Information System Risk Assessment Of The Risk Entropy Quantification Model Research

In recent years, Exchange and sharing information become the important premise of modern technology and economic development rapidly, with the extensive research and application of computer and information technology. Every country and every industry almost make lagre—scale comprehensive information building.The information system application of political, economic, military and other social fields deepen widely.At the same time,the problem of information system security become more complex, which make the protection of information system become hot issuese.so the reaserch of information system security seem much urgent and important than anytime.However the tradition information protection measure have already not satisfy the the development actual needs, which need the new theorys and research ways.One of the important theory base is information system security research. In the current view, Implementation of the safety assessment work on most of the information systems are mainly used for different information systems security evaluation criteria for qualitative analysis of security properties to make more qualitative assessment.This analys of subjective judgments flatted, which bring the larger distortion for Understanding of information systems security.So we should increase the quantitative analysis on the basis of the qualitative analysis to information system security, which use an objective value to determine the number of information systems security in order to enhance the credibility of the results to determine.In response to these expositions "entropy" concept and application of learning principles, the proposed information system "Risk entropy" of the concept. According to the study were constructed based on the different point of view,"the richness of the system state" information system "risk entropy" model and "measure of the number of information systems analysis of loss of information system "entropy risk" model, and has made the following findings:1, A brief overview of information security risk assessment of related concepts, highlighting the value of risk analysis methods and the calculation of risk points, which provide useful information and practical analysis for the subsequent construction of two models in the process of analysis and calculations.2, Introduced the "entropy" learning from generation to obtain the current development and generalization of research results. In the base of theory of entropy study, by analyzing the basic knowledge on information systems security point, the numerical relationship between information systems security and information systems’ risk entropy is introduced.3, In the definition of information system "risk entropy" concept, based on their needs from the two models to determine the basis for calculating the starting build two different risk profile of information systems risk entropy model, and gives the effects of different risk profile of the information system."risk entropy "value calculation process, from the theoretical explanation based on the" richness of the system state "information system" risk entropy "model used to calculate the information system to the risk faced by state the number of results; based on the" measure of the number of information system loss analysis "information system" risk entropy "model to information systems at risk of loss has a number of measures.that is detailed analysis the meaning and significance of the two models.4, On the basis of the foregoing theoretical analysis is given of the two models, selecting"Multimedia Information System" and "personal computers-a mini-information system" built on the different information systems’ risk entropy "model to determine the actual calculation process respectively, the two models explain the specific conditions of application from the quantitative results obtained illustrate.5, This study are summarized, presented research and plan the next step.