基于资源分布规律的信息系统风险量化模型

The Information System Risks Quantified ModelBased on the Rules of Resources Distribution

作者：王标(国际关系学院信息科技系，北京 100091)；肖龙(信息综合控制国家重点实验室，四川成都 610036)

Author：(Info. Sci. and Technol. Dept.,Univ. of International Relations, Beijing 100091,China)；(National Info. Control Lab., Chengdu 610036,China)

收稿日期：2007-04-16 年卷（期）页码：2007,39(6):129-133

期刊名称：工程科学与技术

Journal Name：Advanced Engineering Sciences

关键字：资源分布规律；风险分布规律；风险关联；层次分析法；模糊综合评判

Key words：rules of resources distribution; rules of risks distribution; risk association; F-statistic; least square estimation; analytic hierarchy process; fuzzy comprehensive evaluation

基金项目：国家863高技术研究发展计划资助项目(2001AA142171)

中文摘要

为了实施信息系统的风险度量，首先基于信息流的资源分布规律，参考风险评估要素改进模型，得到具有体系性和完整性的风险分布；在获取风险分布后，基于资源保护角度，考虑安全保护等级，运用层次分析法、多级模糊综合评判、函数级数展开、F－统计量等方法和工具对资源的安全属性所面临的风险进行量化，给出系统的风险量化指标体系，重点考虑风险之间的相关性，构建相关性准则，并得到其计算量为o(Si)。

英文摘要

In order to carry out the risk quantification for the information system,the risk distribution was proposed based on resources distribution of information system, and the improvement of elements relationship model for risk assessment. In quantifying risks,Analytic Hierarchy Process (AHP), Fuzzy Comprehensive Evaluation (FCE), F-statistic and Least Square Estimation (LSE) was applied to get hierarchy of risk factors. The criteria of relativity and formulated relativity functions were established.

【关闭】

论文摘要

基于资源分布规律的信息系统风险量化模型

The Information System Risks Quantified ModelBased on the Rules of Resources Distribution