Design And Implementation On Risk Assessment System Of Enterprise Assets

In recent years, as the foundation of information security management in the field of information security information, risk assessment technology becomes more and more popular. In this process, the importance of evaluation method is easy to use, rationality and comparative is increasing day by day. In a commercial society, more and more companies try to evaluation method for information security to make improvement. Therefore, how to reasonably, effectively to assess the security of assets, has become a hot research topic in business and academic field. This paper focuses on the risk assessment of enterprise assets, the main content is divided into three parts.First, study the evaluation model of the assets of the enterprise. This paper presents in the case of numbers of categories of enterprise assets, how to design a system which can automate assess and strengthen enterprise assets reasonably and efficiently.Secondly, design the automatic safety assessment tool. In this paper, according to the configuration characteristic and the survival characteristics of enterprises in all assets, I design a reasonable process of evaluation, including identification and weighted on the firm’s assets, recognition and classification on the threat, vulnerability, prevention and control measures of assets, and the calculation of risk degree, as the basis of the design of automatic safety assessment of enterprise assets tool.Finally, implement the automated assessment enterprise assets tool by coding. Assessment tool’s main function is:enter all the assets of the username and password, configure weights, means of verification according to the enterprise’s asset list; using the NETBIOS protocol, Telnet protocol, SSH protocol, http protocol security scanning asset for enterprises, processing the results, and export the report, make the assessment staff conveniently according to requirements and security grade reinforcement; the tool can support all kinds of operating system, such as windows, linux, databases such as oracle, db2, and various kinds of routers, switches and Middleware Tools, automated assessment of these assets. This paper covers the design of tools, and framework, evaluation process, design of the core function module and system performance verification, at the same time test the tool, get the verification results and deduced the sample report.