| The popularity of computers and networks for information technology provides the basis for our country.Information related to the vital interests of the state, legal persons and other organizations and citizens,so how to protect information systems security work has become an important branch for China’s information technology work.Information security level of protection is an important means to protect information systems, for which China has also developed a corresponding information security protection system to guide China’s information security protection work.Level Evaluation level of protection measures is a critical component,evaluation results affect the quality level of protection,and traditional hierarchical evaluation process relies on manual single point detection, a longer evaluation period and error-prone.There is now many security configuration verification system to assess the information systems and they can not cover all aspects of Level Assessment.So this page design an information security level assessment system for the secondary level of evaluation work to improve the level of assessment of the efficiency and completeness.This paper presents the information security level assessment system solutions based on the traditional problems, standards and norms of information security level of protection and the basic level of protection requirements.Through basic knowledge base that the system built to guide the user for online information system evaluation process. And provide accurate and complete survey results evaluation report, time-saving and reduce errors caused by manual operation may improve the evaluation organization or information system owners and system self-test of the efficiency of a certain degree of completeness.In this paper, the main work done as follows:1.The paper analysis and research relevant standards and norms like "information security level assessment basic requirements", evaluation mastered traditional information security level assessment process, and analyzes the traditional evaluation process defects and deficiencies;2.The paper research on the weighted arithmetic average method, apply it to the Information Security Evaluation results of the analysis module to address information security level evaluation session worth the survey results according to the various requirements of different items right program, to make the evaluation results more accurate;3.The paper design and implement information security level assessment system based on traditional evaluation process problems and Information security level evaluation system,which achieve the automatic generation information security level assessment and evaluation of online evaluation process documents. The paper mainly introduce the main functions and implementation process and the key technologies used.Use of this system for detailed information security status of the system can help system owners improve safety management information system security protection, effectively circumvent the system’s security vulnerabilities, to some extent, to ensure the normal operation of information systems, to protect the interests of users. |
PDF Full Text Request