A Novel Security Risk Assessment Model for Information System
Security defense against threats is very important to information system. A novel security risk assessment model is presented. In this model, an information system consists of a series of network nodes, which have three elements: assets, rights and vulnerabilities. To analyze the relevance between vulnerabilities, an algorithm for intrusion path discovery is proposed centralized on assets. By investigating the intrusion paths found, the system risk is quantitatively evaluated on vulnerabilities, nodes, assets, or system, which indicates the risk situation of the system. A simulation experiment and results verify availability and effectiveness of the model.
information security model risk assessment vulnerability
Huiying Lv
School of Information Engineering Capital Normal University Beijing 100037 China
国际会议
The 2nd IEEE International Conference on Advanced Computer Control(第二届先进计算机控制国际会议 ICACC 2010)
沈阳
英文
282-287
2010-03-27(万方平台首次上网日期,不代表论文的发表时间)