| Large financial service systems has many key characteristics on its structure and border, such as dynamic, nonlinear, complex logical relationship. With reference to the current domestic and foreign information security risk evaluation methods, this paper focuses on the research of information security risk assessment model and test-driven information system security risk assessment standard of large financial service systems, the main work of the thesis includes three aspects as follow:(1) Researched conduction effect based large financial service systems security risk assessment model and designed the model from three aspects, which are information asset dependence modeling, risk conduction mechanism, and risk calculation model. The model is suitable for large financial service systems.(2) Researched large financial service systems security risk assessment standard and presented a test-driven security risk assessment specification for large financial service systems based on the author’s related work. It can promote and standardize the security risk assessment process of large financial service systems from the point of view of a comprehensive guarantee of the product quality through the test cases and test work.(3) Given an actual assessment example using the above methods against a large financial service system which the author has actually participated, so as to check the research results of the thesis. In the example, the professional security testing tools and test cases are used for the security analysis of the system.The thesis has formed a set of method suitable for large financial service systems security risk assessment, and it has been used in the author’s real work. It will have certain guiding significance for security risk assessment of large financial service systems. |
PDF Full Text Request