| 信息保护系统脆弱性评价方式研究 |
| |
| 引用本文: | 金点九.信息保护系统脆弱性评价方式研究[J].黑龙江八一农垦大学学报,2006,18(1):70-74. |
| |
| 作者姓名: | 金点九 |
| |
| 作者单位: | 南首尔大学,韩国,首尔 |
| |
| 基金项目: | 南首尔大学校科研和教改项目 |
| |
| 摘 要: | 保证可信度的评价标准得到了统一,但各国的评价方法等客观性的保证方面上的一些部分还是有点模糊。换言之,脆弱性评价有范围,深度,实验用道具,提纲和评价者因素,而随着这些因素的不同其评价结果也会出现差异,这样一来,评价的公正性和客观性的保证上就存在困难。本论文提出了能保证信息保护产品保安脆弱性评价的公正性客观性和效率性的信息保护产品保安脆弱性评价方法,体现了自动化完成评价系统的设计。
|
| 关 键 词: | 信息保护 脆弱性 TOE |
| 文章编号: | 1002-2090(2006)01-0070-05 |
| 收稿时间: | 2005-12-02 |
| 修稿时间: | 2005-12-02 |
Study on Vulnerability Evaluation Methodology for Information Security System |
| |
| Jeom Goo Kim.Study on Vulnerability Evaluation Methodology for Information Security System[J].Journal of Heilongjiang August First Land Reclamation University,2006,18(1):70-74. |
| |
| Authors: | Jeom Goo Kim |
| |
| Institution: | Jeom Goo Kim |
| |
| Abstract: | Although an evaluation criterion for reliable guarantee is unified, the difference in evaluation mechanism is already ambiguity in every country. In other words, the aspect of objectivity would be a little because it is true that the vulnerability evaluation include evaluator, scenario and target of evaluation (TOE) security vulnerability evaluation system applying in test, depth and scope of evaluation. Bu evaluation results can be difference in accordance with each evaluation elements. We propose the system to evaluate network security vulnerability. First, we expected the evaluation results are impartiality objectivity, repeatability, reproducibility, appropriateness and soundness of results. Second, it could be transferred manual ways into automation ways, and then expected easiness and safety of extension and modification in a quality of products as well as reduction of waste of time and energy. |
| |
| Keywords: | information security vulnerability TOE |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
