计算机工程 ›› 2007, Vol. 33 ›› Issue (21): 134-136,.doi: 10.3969/j.issn.1000-3428.2007.21.047

• 安全技术 • 上一篇    下一篇

信息安全风险管理系统的设计与实现

陶晓燕1,2,姬红兵1,董淑福2   

  1. (中国科学院研究生院国家计算机网络入侵防范中心,北京 100043)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-11-05 发布日期:2007-11-05

Modified PSVM and Its Application in Unbalanced Data Classification

WU Bin, ZHANG Yu-qing, MAO Jian   

  1. (National Computer Network Intrusion Protection Center, Graduate School of Chinese Academy of Sciences, Beijing 100043)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-11-05 Published:2007-11-05

摘要: 针对目前风险管理系统中风险消减体现不足以及安全标准难以综合运用的问题,给出了一种新的信息安全风险管理工具的设计思路和实现方法。提出了风险评估结果分析方法和风险消减策略,并对某些风险管理中的关键要素分析算法进行了改进。弥补了诸多风险管理系统设计在功能性与结论数据通用性等方面的不足,提高了实际应用价值。

关键词: 信息安全, 风险管理, 风险评估

Abstract: To solve the problem of lacking risk mitigation part and using security standards synthetically in current information security risk management system(ISRMS), this article expatiates a method to design and implement a new ISRMS. It also brings forward a way to analyze the result of risk assessment and a method to mitigate the risk. Some algorithms for analyzing key factors in risk management are improved. This system covers the short in functions and the interoperability of data in most ISRMS and enhances its application value.
information security; risk management; risk assessment

Key words: information security, risk management, risk assessment

中图分类号: