摘要： 提出了一个基于策略支持的信息系统安全评估模型，描述了一个基于该模型系统的结构和实现机制，并应用模糊集和有向图理论对扫描数据进行分析。基于该设计思想的安全评估软件能够适应大型复杂信息网络，并能方便地与其他安全产品整合。

关键词: 计算机网络；关联分析；安全评估；漏洞扫描

Abstract: model is proposed for the assessment software based on strategy support for information system security. With this model, the components and implementation of a kind of assessment software for information system security are described. Moreover, fuzzy theory and directed graph method are applied in analyzing scanning data. The software is designed to have a good adaptability to very large and complex information system and is easy to be integrated to other kinds of security product.

Key words: Computer network; Relation analysis; Security assessment; Vulnerability scanning