Design And Implementation Of Security Risk Assessment System Based On Mobile Internet

With. the development of mobile communications and Internet technology, the mobile Internet has been widely present in people’s daily lives, and the future will be more integrated into the lives of individuals and enterprises in production, so the mobile Internet safety risk assessment becomes necessary. However, the rapid development of the Internet has also brought an increasing number of security issues. The mobile terminal has become increasingly prominent. Mobile Network Security inherited the traditional network security issues, and at the same time generate a new security issues, mobile business platform also brings its own vulnerability more and more security issues. Outbreak of these safety issues may give mobile Internet users a huge loss. Therefore, risk identification and avoidance of mobile Internet has become the current field of serious security risk assessment issues.Currently, the mobile Internet industry lacks of security risk assessment targeted reasonable risk assessment criteria and targeted quantitative assessment methods, and it is not able to fully and accurately assess risk on the mobile Internet. Therefore, this article has carried on the analysis to the mobile Internet. Mobile Internet is divided into terminals, pipelines and businesses modules. This article proposed risk domain into the mobile Internet-based risk assessment model, using compliance analysis, asset assignment evaluation method based on AHP and quantify the various risks and risk domains point obtain overall risk profile. Based on the methods and model of evaluation, this paper has developed a risk assessment system of mobile Internet, covering the entire process of risk assessment. The practice of assessment of a mobile network unit model verifies the feasibility of the system. In this paper, the main work is as follows:1. Research and analyze architecture of the mobile Internet; divide the mobile Internet into terminals, pipelines and business modules; and study security threats that three modules are currently facing. At the same time survey the current status of the risk assessment of the mobile Internet; proposed the basic idea of the mobile Internet business risk assessment from the terminal domain, pipes domain and business domain.; determine the risk domain AHP division and combination of quantitative risk assessment methods.2. Based on the above division of the mobile Internet, construct evaluation model of mobile Internet. Combing through the relevant standard risk point of mobile Internet terminal domain, and through compliance checks to quantify and weight assignment method of risk to quantify the value of the terminal domain. Identify risk assets, threats and vulnerabilities of the pipeline domain and business domain using quantitative methods, then get the value of their security risk by AHP. Obtain risk-weighted value of the mobile Internet as a whole domain ultimately based on the above results.3. Combining these assessment models and evaluation methods, the paper designs and builds the mobile Internet risk assessment system. Risk assessment system mainly includes business module, knowledge base module and system management module, and it can provide full support for the mobile Internet risk assessment. System support compliance quantify risk entry points, and calculate the overall risk assessment and risk-based assets and other functions.4. Take a mobile network system as an example, to carry out risk assessments of mobile Internet. The results demonstrate the feasibility of using the practice assessment models and evaluation systems.