本文提出了一种基于客观赋权法-熵权法的信息安全健康度评价模型,该模型属于完全的定量评估,评估结果为0~100的数值,称为信息安全健康度指数。该信息安全健康度评价模型从综合层、专题层、对象层、指标层四个层面出发,按照“自下而上,先局部后整体”的策略,结合多层权重、多种类型指标对信息系统安全状况进行客观且全面的量化评估,实现安全问题早发现早解决,进而提高信息安全整体水平。%This paper presents an evaluation model of health degree of information security based on the objective weighting -entropy method. The model is a kind of complete quantitative evaluation and the result changes between 0 and 100, which is called the index of health degree of information security. This model is based on four levels, including the synthetic level, the topic level, the object level and the index level, and the “bottom-up” tactic from the whole to the part is used. The safety condition of network information is evaluated objectively and completely, combined with different weights and different types of indexes so that problems are spotted and treated earlier to improve the integral level of information security.
展开▼
