研究信息系统安全评估技术,由于信息系统安全问题的日益不确定性和复杂性,传统的仅依靠固定的几个信息系统属性的安全评估方法已不能有效将隐藏在系统中的安全风险监测出来,造成信息系统安全评估的准确性和有效性不高的问题.为了解决上述难题,提出了一种多维属性的信息系统安全评估方法.通过提取信息系统中的多维度属性信息,并采用信息熵和多属性决策算法提取出其中可疑度较高的属性,最后利用筛选出的属性计算出风险概率,完成安全问题的最终评估.仿真结果表明,新方法能够有效提取出隐藏在复杂信息系统中的风险信息,并准确完成对安全风险的评估,取得了满意的结果.%Research the information system security evaluation technology. , The paper put forward an information system security assessment method based on the multidimensional attributes. By extracting the multidi - mension-al attribute information of the information system, the comentropy and multiple attributes decision making were used to to extract the attributes with hither suspicious. Finally, the selected attributes were used to calculate the risk probability, and complete the final assessment of safety. The simulation experiment shows that this method can effectively and accurately extract the risk information hidden in the complex information system, and achieves satisfactory results.
展开▼
