| With the development of Internet technology,the society has entered the era of information explosion,at the same time,the scale of all walks of life is also expanding day by day.Because of the inherent vulnerability of the software and hardware equipment supporting the operation of the system,as well as the system operation failure caused by the staff,the information system is also bearing a huge risk while processing a large amount of information and data.In the information system,all business links are related orderly according to the business process.The interruption of single business link will affect the operation of its associated business links,leading to the spread reaction,and even lead to the stagnation or collapse of the business process.Therefore,it is of great significance to analyze the impact of business interruption on business process to ensure business continuity and maintain the stable operation of the system.First,this paper expounds the factors that affect the security of information system,analyzes the impact of security risks on the business continuity of information system,and the significance of business impact analysis.Summarize the research results in the field of information system security and business continuity management at home and abroad,and lay a theoretical foundation for this study.Then,vulnerability-based information system business affecting impact analysis model was proposed.By identifying the main business links of the information system,and based on the association order of the business links in the business process,the business network topology of the information system is constructed with the business links as the node and the orderly association between the business links as the edge.The vulnerability evaluation index system is established to quantify the business vulnerability and calculate the node weights.The edge weights are calculated based on the asset business relationship,and the directional weighted business network topology is obtained.The weighted directed network structure entropy calculation method is proposed to analyzes the dynamic change of the entropy of the network structure during the period from interruption to recovery.Finally,the model is realized by simulation experiments,verify the validity of the model in the information system business affecting impact analysis.The experimental results show that the model can accurately reflect the changes of business process operation state under the affecting influence of business,and analyze the impact of business interruption on the whole system business process effectively. |
