Campus Network Security Risk Assessment Based On SSE-CMM Model

In the information society, informatization construction and application have been the core works of every trade. Compus Network, as the basic platform of education informatization, gain rapid development in the informatization tide as well. However, the faster Compus Network developes, the higher education informatization level is, the huger threat in information security education departments have to face. To protect its security has became the key task of Compus Network construction and eration and maintenance.The information security of Compus Network not only depends on the advanced security technologies, is also relevant to complete security management system, as well as the consciousness of security and security protection skills of Compus Network administrators and users. Therefore the information security of Compus Network is not just simple technical problems, but the systems security engineering.The Compus Network systems security engineering is a large and complex task, while Compus Network security risk assessment is the foundation of the whole Compus Network system security engineering. Thus the paper makes the Compus Network security risk assessment based on SSE-CMM model which is widly used in the field of security engineering.By analysis the Development status and Application environment of Compus Network, the paper sum up security problems which are exposed and security threat the system faced. Then the paper maintains the requirement of Compus Network security. Furthermore, the paper tailors the risk processes in SSE-CMM model and build the SSE-CMM risk assessment model suit for Compus Network. Consequently, using that model to assess security risks in Compus Network and the security requirement of Compus Network, the paper identify security risk of Compus Network and make the foundation for the next step of security risk management.In addition, this paper design and develop a tool for Compus Network Security Risk Assessment(CNSRAT). By import the toilored SSE-CMM model, it provide many functions as input of related factors with Compus Network risk, and risk analysis, and output of risk forms and so on. The significance of CNSRAT is to provide a guarantee that the risk processes of SSE-CMM apply in the security risk assessment of Compus Network, and the same to make out the result of risk assessment from the related factors with Compus Network risks.