摘要： 网络安全评估技术和方法的研究对网络安全防护体系的建设具有重要意义。该文结合实际工作经验和研究成果，在分析安全评估技术发展现状的基础上，提出了一种定性分析与定量计算相结合的风险评估模型，给出了具体算法及基于该算法的风险评估流程，并加以实际应用。实践结果证明，应用该算法和模型实施的风险评估对被评估单位的网络安全防护和管理工作起到了良好的指导作用。

关键词: 信息安全, 评估, 模型, 算法

Abstract: Network security evaluation technologies and methods are important to the network security protection system. Combined with the actual experience and research results and based on the analysis of the present status about security evaluation technologies, this paper puts forward and describes an efficient model and algorithm with qualitative analysis and the quantify calculate, and gives a risk evaluation flow based on the algorithm. The model is applied in security evaluation work and the practice result proves that the model and algorithm do a good directive function in network security protection and management.

Key words: information security, evaluation, model, algorithm

中图分类号: 

• TP393.08