黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

JIANG Rui,LI Jianhua,PAN Li

DOI: https://doi.org/10.3969/j.issn.1000-3428.2005.14.051

2005-01-01

Abstract:This paper establishes a new security model of information network system in the way of systematically analyzing the security threatsto the information network system, and determines the relative independent fundamental factors and corresponding sub-factors on security functionsfor information network system. Then it makes a new mathematical model and the method of fuzzy similarity selection on evaluation of securitywith the fuzzy theory. It applies the model quantitatively in evaluating security functions for five example systems, and obtains the quantitativesecurity grades and sequences of the five information network systems. In this way the availability and the novelty of the system security model andthe mathematical evaluation theory are verified.

侯智,余忠华

DOI: https://doi.org/10.13952/j.cnki.jofmdr.2009.06.007

2009-01-01

Abstract:In order to solve the problems such as mass indices and unguaranteed weights objectiveness,a new evaluating method based on PCA(Principal Component Analysis) and IE(Information Entropy) was presented.Evaluation index system was reduced by PCA,so the original data matrix was standardized and the dimension of indices was removed.By construeting the correlation coefficient matrix of standard data matrix,the eigenvalue were gained,and both variance contribution and cumulative variance contribution were calculated and also the number of principal components was determined.At the same time,IE was used to determine weights objectively.Through the calaulation of entropy values and difference coefficient,the objective weights of indices were gained further.And then,scores of each scheme could be calculated and evaluation process of schemes was finished.In the end,this method was validated by example of anti-outburst drilling machine's scheme evaluation.

Zhang Lianhua,Zhang Jie,Bai Yingcai

DOI: https://doi.org/10.3969/j.issn.1000-386X.2006.08.047

2006-01-01

Abstract:Security model need the feature attributes of the protected information system.For example,alert correlation analysis can evaluate whether the alert is false or not by comparing the attack prerequisite with the configuration information of attacked destination information system.A new information system model from the security view is proposed in this paper,which include both the static structure and dynamic activity.The model incorporates the present related information model such as NERD,Netmap etc.and,more inportantly,it provides a bridge between the security theory research and engineering practice.

Xiuzhen Chen,Qinghua Zheng,Xiaohong Guan,Chenguang Lin

DOI: https://doi.org/10.3321/j.issn:0253-987X.2004.04.019

2004-01-01

Abstract:Aiming at the deficiency that is unable to provide useful security situation information encountered in the cur2 rent security evaluation systems , a hierarchical and quantitative model , which is used to evaluate security situation of net2 worked systems , and its corresponding computation method are proposed based on the importance of service , host , and the structure of the network system. This model adopts the evaluation policy from bottom to top and from local to global , calculates the risk indexes of service , host and whole network system by weighting the importance of service and host based on the analysis of attack frequency and its severity , and further evaluates their security situation. Experiments on the HoneyNet dataset show that this system can evaluate the security situation in three levels : service , host and local area network system. It provides system administrators with system intuitive security situation curve and releases them from the exhausting task of alert analysis.

Zhou Guoqiang,Lu Wei,Zeng Qingkai

DOI: https://doi.org/10.3969/j.issn.1000-386X.2007.11.002

2007-01-01

Abstract:An information security evaluation model is proposed.Based on the analyses of contents and functions of security evolution,the architecture of the security evaluation model and platform is presented,and its implementation is given.The main functions of this model are to organize,manage and control the security test and evaluation.It also has features in generalization,integration and configuration.

Ziyu Guo,Jiahao Qi,Jinxin Zuo,Weixuan Xie,YueMing Lu,Huiping Tian,Ruohan Cao

DOI: https://doi.org/10.1109/jiot.2024.3375077

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Based on the rapid development of edge computing and resource-constrained characteristics, new requirements for edge information system security evaluation are proposed. Oriented to the resource-constrained scenarios of edge information systems and the distribution characteristics of raw data for security evaluation, the adaptability of existing models is improved. The improved Principal Component Analysis (PCA-S method) based on Spearman’s Coefficient is proposed for index screening. In order to further improve the screening effect and reduce the resource consumption of the security evaluation model, the PCA-S method and the Distinction Degree Screening method are combined by taking the intersection, and the PCA-SDC combination screening method is proposed. Through the PCA-SDC index combination screening, the Coefficient of Variation weighting, and the Fuzzy Comprehensive Evaluation, the PSDC-CVF edge information system security evaluation model is finally formed. In order to assess the effect of index screening and security evaluation, three indicators, namely, the improved Average Quantity of Information Change Degree, the Average Information Contribution Change Degree, and the Fuzzy Evaluation Deviation Degree, are proposed. Through experiments, the improved PCA-S method and the combination screening PCA-SDC method are sequentially proved to be well adapted and effective in the index screening process of edge information system security evaluation. It is also verified that the PSDC-CVF model reduces the resource consumption compared with the traditional model and better balances the model energy consumption and performance.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yiyang Jia,Hanyan Wu,Dongxing Jiang

DOI: https://doi.org/10.1109/CyberC.2015.47

2015-01-01

Abstract:Security situation assessment is an effective way to analyze the situation of an information system, which helps administrator understand the current system risk status and make policy to response in time. However, the existing researches for security situation assessment mostly focus on network. The proposed methods for network are not so suitable for information systems. This paper proposes a hierarchical security situation analysis framework for information system, based on a classical NSSA [1] (network security situation analysis) model. The framework provides a standard flow for analyzing the security situation of information system. It consists a security situation analysis model of information system, an index system used in the model proposed, and a quantitative index fusion method to calculate a security situational value. We divided information system into 3 levels: sub-system level, composition level and index level. The collected information from the index level can be combined with grey model to determine the correlation degree between each major index and secondary index. Finally we calculate the whole system security situational value level by level. We use data from Tsinghua University information system to verify the proposed model and method. The result shows that this model can reflect the current security situation of information system comprehensively.

Qiang YAN,Hua-ying SHU,Zhong CHEN,Yun-suo DUAN

DOI: https://doi.org/10.3969/j.issn.1007-5321.2005.04.017

2005-01-01

Abstract:Security evaluation is an important approach for the security risk management of the information system. But there are lack of effective methods and tools for security evaluation. To resolve the problem, an object model of security evaluation is established based on the object oriented technology. The concepts of correlation test and dependency test are introduced and a set of tools is also developed according to the model. The practical application indicates that the object oriented technology can improve the efficiency of security evaluation, and the correlation test and dependency test also improve the penetration testing effects.

Y Hu,XR Xie,YZ Xin

DOI: https://doi.org/10.1109/pes.2004.1372957

2005-01-01

Abstract:This paper presents a modeling language and a quantitative evaluation approach for the security of power information systems. We firstly design a security architecture design trace language to universally describe system structures, services, security policies, attack behaviors and countermeasures. Next an automated risk analysis algorithm is proposed to get attack traces of power information systems. Then, based on the concept of relative security degree, security architecture can be quantitatively evaluated. Finally, with a case study in a real power information system, the effectiveness of the presented approach is demonstrated. In practice, the approach can be employed for assessing various kinds of countermeasures, such as increasing a new security function, adjusting system self structure, and changing customer operation requirements. And it can greatly decrease the subjectivity of counter-measure selection.

Yu-peng LIU,Shi-you QU

DOI: https://doi.org/10.3969/j.issn.1007-3221.2014.01.021

2014-01-01

Abstract:In recent years , more and more evidence shows that the security of information systems and information management within the organization is a major security risk .Therefore , it is particularly urgent and important that internal staff shall be evaluated and a staff competenly information security responsibility is found to eliminate internal attack behaviours of employees and ensure the security of information systems and information manage-ment.Consequently information security competency evaluation for internal staff is an important issue .Under the analysis of the characteristics of the aggressive behavior from internal staff and a comprehensive summary of the competency research , internal staff information security competency evaluation index system is built .On this base , organization internal staff information security competency evaluation model is proposed .Based on safety and risk prevention thinking , the model divides the evaluation into two stages and takes into account the person-ality advantage of the decision makers in decision-making preferences and individuality advantage , which more realistically reflects the difference between the team members .Finally, the effectiveness and practicality of the evaluation model is verified through case analysis .

ZHANG Yong-Zheng,YUN Xiao-Chun

DOI: https://doi.org/10.3724/sp.j.1016.2012.01666

2012-01-01

Chinese Journal of Computers

Abstract:As a core method,security indices are greatly significant for reflecting and measuring network security situation.To measure the security situation of network information systems in runtime,this paper defines two concepts of network operation security indicator and index,proposes ten key classification attributes and a common conceptual model for index classification(ICM) which provides a uniform formal methodology for establishment of a model example and comparison of different models.Based on ICM and the attributes,this paper also presents an index classification model with multidimensional attributes M10.Four representative indices are given to illustrate the process and senses of applying M10.The analysis of the application example indicates that because of ability to depict the natures of security indices on ten key attributes,M10 has guiding significances for deep study on the natures,correlations and meanings of indices,and also provides a theory and technology base for establishing a hierarchical system of security indices.

Jian Qiu,Huifang Wang,Zhiguang Chen,Genghui Zeng,Benteng He

DOI: https://doi.org/10.7500/AEPS201209026

2013-01-01

Abstract:According to the new characteristics of the smart substation automation system, a model for quantitatively evaluating the capacity effectiveness of the system in task fulfillment is proposed. The evaluation system composed of a physical network architecture, a logical network architecture, and the information flow, or the 'two networks one flow' platform for short is set up firstly. The effectiveness is defined as the total index which involves reliability, availability, real time and economy in the index system. Then, an analytic network process (ANP) model is developed to describe the complex relationships of influencing factors and calculate the network synthetic rank by the weighting, test and modulation of judgment matrixes. Finally, the stability of the ANP evaluation model and the credibility of scheme rank are tested by the ANP sensitivity analytical method to help evaluation decision-making. © 2013 State Grid Electric Power Research Institute Press.

CHEN Lei-ting,WEN Li-Yu,LI Zhi-gang

DOI: https://doi.org/10.3969/j.issn.1001-0548.2005.03.023

2005-01-01

Abstract:This paper introduces the definition, standard and development on evaluation of information security; emphasis on Class of B2 in TCSEC, especially the security policy of B2, such as discretionary access control, object reuse, Labels (label integrity and exportation of labeled information) and mandatory access control. this paper also studies and analyses the other requirements for class B2, such as identification and authentication in the requirement of accountability; operational assurance (system architecture, system integrity, covert channel analysis and trusted facility management) and life-cycle assurance (security testing, design specification and verification and configuration management) in the requirement of assurance; security features user’s guide, trusted facility manual, test documentation and design documentation in the requirement of documentation. in the end of this paper, we study and comparatively analyses the class of B2 with the class of EAL5 in CC.

Liu Wei

2003-01-01

Abstract:By dividing the system of evaluation indexes for information system into layers,we can get the evaluation index matrix with three dimensions. A way of TOPSIS for multiple target decision is applied to space with matrix elements,and we can make comprehensive evaluation of information system according to the relative distance between evaluation index matrix and best solution matrix and worst solution matrix. A new evaluation model for information system is presented in this paper. The implementation techniques of this model are discussed in detail. Lastly,a example of comprehensive evaluation for information system is given.

翁亮,李建华,杨宇航,诸鸿文

DOI: https://doi.org/10.3321/j.issn:1006-2467.2001.11.035

2001-01-01

Abstract:IT security evaluation is a major measure to ensure IT system/product security, while secure network is a new technology based on network management, intelligent network and evaluation technology aiming to enhance the configuration and performance of IT security functions. This paper summarized both current IT security technologies and secure network functional model. It analyzed in detail the cooperation of these two technologies in re use of evaluation results, formal evaluation method and assurance maintain mechanism. And then it raised one feasible cooperation model. The result of this paper provides a new approach for the development of both the technologies.

LI Jun,XUE Zhi

DOI: https://doi.org/10.3969/j.issn.1009-8054.2007.10.041

2007-01-01

Abstract:Information Security risk evaluation is the process of evaluating complex information systems according to multi-guideline. In order to raise the objectivity and accuracy of the evaluation,an evaluation method based on Rough Set is proposed,the principle and basic procedure of evaluation by this method is described in detail. Finally,it is of realistic and practical significance to apply the evaluation conclusion mentioned above to security-level classification.

Zhu Zhengwei,Xiao Qunying

DOI: https://doi.org/10.3969/j.issn.1672-6162.2006.01.005

2006-01-01

Abstract:There are two structural elements of capacity assessment and vulnerability assessment (CA&VA) in the classical frameworks of international public security evaluation. These two indicator groups can supplement each other. One takes the charge of identifying factors that tend to induce risks; the other plays a role in evaluating flexibility of fighting against crisis. The international public security evaluation mode based on CA&VA is different from ordinary modes in designs of evaluating objective, evaluating level, evaluating indicator and model, and statistical data resource. According to the theory mode of CA&VA, it is easy to build up China Regional Security Evaluation Model, which reveals the technical significance of its theory's application.

HE Ting-ting,LIU Yang

DOI: https://doi.org/10.3969/j.issn.1008-5327.2007.02.022

2007-01-01

Abstract:This article elaborates the necessity of the information security appraisal of the campus net and the content of the information security appraisal.According to the relative principles of security of information,this article brings forward the appraisal system model,and based on this model,the paper discusses how to measure the security of the net.

Jin Yang,Cilin Wang,Le Yu,Caiming Liu,Lingxi Peng

DOI: https://doi.org/10.1007/978-3-642-34041-3_68

2012-01-01

Abstract:Cloud computing is an important innovation in the current computing model. The critical problem of cloud computing faced at present is the security issue. In the current network environment, that relying on a single terminal to check the Trojan virus is considered increasingly unreliable. Based on the correspondence between the artificial immune system antibody and pathogen invasion intensity, this paper is to establish a real-time network risk evaluation model in cloud computing. This paper builds a hierarchical, quantitative measurement indicator system, and a unified evaluation information base and knowledge base. The paper also combines assets evaluation system and network integration evaluation system, considering from the application layer, the host layer, network layer may be factors that affect the network risks. The experimental results show that the new model improves the ability of intrusion detection and prevention than that of the traditional intrusion prevention systems.