摘要: 提出面向安全管理的系统安全评估模型贝叶斯功能网络,采用风险分析方法建立反映安全功能和威胁关系的贝叶斯信念网络,可以对功能组件缺失程度及其对系统安全的影响进行量化评估。实验表明,模型不仅可用于系统的安全评估比较,而且能够指出系统存在的缺陷以便优化和改进。
关键词:
安全评估,
定量安全评估,
贝叶斯功能网络,
风险分析
Abstract: This paper proposes a quantitative security evaluation model, BFN, which reflects the probability relationship between functional components and threats in a system, based on risk analysis approach. By this model it can quantitatively evaluate the deficiency in functional components of a system as well as its impact on the system. The experiments demonstrate that the model can compare different systems in security, and optimize a system by analyzing its weakness.
Key words:
security evaluation,
quantity security evaluation,
Bayesian Function Network (BFN),
risk analysis
中图分类号:
栗志果;曾庆凯;. 面向安全管理的定量安全评估模型[J]. 计算机工程, 2008, 34(2): 105-105.
LI Zhi-guo; ZENG Qing-kai;. Quantitative Security Evaluation Model for Security Management[J]. Computer Engineering, 2008, 34(2): 105-105.