| With the development of IT technology, the complexity of the various types of businessis increasing the complexity of IT support system. The idea of information security needs toimplement the entire life cycle of IT support system.Considering information security wider coverage, it prone to loss of function of part ofthe information security at the beginning of system construction. We need to assess thesecurity of the system. Popular industry information security assessment methods, standards,specifications and models are more complex and difficult to master and specific applications.Therefore, at the present stage we need a simple system security model and assessmentmethods for adding the security demands in every stages of system construction. This thesisintroduces the security analysis for China Mobile support systems. According to the industry’scurrent safety norms, combined with work experience, and learned from “The InformationSecurity System of The Mobile Communications System”, this thesis builds the securityassessment model. It includes three aspects (the assessment implementation, the assessmentcontents and the assessment system) and three assessment indexes (Conformance, validity,reasonableness).Then, in the thesis, the models are validated by two current network systems. Through thevalidation, the models are able to assess the risks from multi-dimensional angles and make theentering of data more efficient, the result of which is more visualized. The models can notonly be a basis for the IT support system owners to assess the network and informationsecurity, but also a reference to the organizations providing network and information securityassessment services to improve their own ability. |
PDF Full Text Request