The Research Of Enterprise Information Security System Innovation

With the deepening of the development of the information era, the importance of enterprise information security (EIS) issues become more and more important. All enterprises rely on operation and efficiency of the development of information technology. With the development of times and the reliance on technology, enterprises have higher requirements on a confidentiality, integrity and availability information security. Based on the results of previous studies, this thesis ultimately defines protect object of enterprise as the enterprise customer information and technology information. Meanwhile, the thesis discusses limitations of pervasive security standard which cannot play an effective role of business practice guidance, and emphasizes the importance of researching on the principles of enterprise information security system (EISS) innovation.Through the integrated use of economics, game theory, system dynamic and simulation research, this thesis has studied on the issues of the EIS activities relating to corporate information security protected objects, the structure of EISS, the binding of EIS system, the relative value of enterprise information, enterprise customers information risk, and the risk of technology information. EIS risks derived from employees, suppliers and the menaces caused by internal and external risks. Many problems for EIS management cause by the risks, the internal and external collusive behavior will lead to risks occurring together which may leads serious consequences, and the internal risks will exist for a long time which is a long-term potential risk. In the tripartite evolutionary game theory analysis of enterprise customer information security, the thesis derives the conclusion of enterprise customer information security institution characteristics though the combination of mathematical and theoretical method, and adopts the conclusion to summarize the operating and institution innovation mechanism of EISS. In contrast, as sources of increasing enterprise information technology security risks lead to greater information security risks, based on evolutionary game theory, this thesis chooses replicator equation as the behavioral characteristics of decision makers in multi-party risk decision making system of enterprise technology information security, constructs multi-decision system dynamics model to make simulation analysis, and confirms that:in the EIS management, the loyalty of employees and of suppliers affected by informal EISS is positive with the effectiveness of EISS; the deterioration of the competitive environment and the reduction of loyalty will reduce the effectiveness of EISS; the rationality and pertinence of EISS should conform to the changes of EIS demand; the fact of long-standing internal risk of non-collusive behavior requires the enterprises to conduct long-term internal training and risk management, etc.Finally, the thesis takes the constraint on decision makers of risk behavior, which is given by EISS, as the main control object, and summarizes the universal operation principles of EISS as15innovative mechanisms, which can make relatively comprehensive guidance on the EISS innovation activities.