The Research Of Risk Valuation For Classified Protection Of Information System Based On Big Data

The security problem of information system is faced with the growing, has brought more and more threat to social stability and the development of production. Therefore, ministry of public security established evaluation system and standards for grades of information security and protection. In the current evaluation mechanism for classified protection of information system, there is no clearly definition for risk grading for conformance term. Therefore, the risk assessment model is lack of adaptability and wide dynamic. In view of this, this paper will take all the elements of risk assessment as the clue, introduce the risk parameters based on big data, building risk valuation model according to industry characteristics and basic classification, solve the lack of specific issues for risk grading of conformance term, to establish the scientific and reasonable risk valuation system.The research focus of this paper is: First, I combine the elements of risk assessment with the classified protection of information system, improve the risk classification valuation method of former classified protection of information system, instead risk classification grading directly with quantitative results based on big data parameter. Second, I introduce the parameters based on big data to the risk valuation model, introduce the risk valuation in different industries to the risk assessment, as the valuation basis of asset, threat, vulnerability in different industries.First, I analyze the existing testing and evaluation of classified protection of information system. Second, I research the risk assessment system, and the implementation process. Third, I combine the characteristics and commonness of classified protection of information system with risk assessment, introduce the big data parameters to the risk assessment model, improve the method of risk valuation, find out the calculation method and calculation formula, and the risk grading standard. Fourth, I use the method in a project case, to prove the feasibility of the theory.