http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
A Hierarchical Information System Risk Evaluation Method Based on Asset Dependence Chain
Xin Tong,Xiaofang Ban 보안공학연구지원센터 2014 International Journal of Security and Its Applicat Vol.8 No.6
The current information security risk evaluation methods are only concerned with the risk of system components, rarely based on business risk perspective. Thus, it is difficult to meet different levels of information security risk comprehension such as the operational staff and the organization's manager. This paper proposes a hierarchical risk evaluation method based on asset dependence chain to quantify the hierarchical risk, the information systems security risks are divided into three levels: the component level, system level and organizational level. By analyzing the assets dependence in three levels, a "business systems-information systems-system components" assets dependence chain is formed. In the end, a hierarchical risk calculation method is presented. The risk analysis result can reflect the level of security risk evaluation needs more comprehensively and objectively.