把信息安全性能度量和信息安全等级分配结合起来,建立了一个多维信息安全指标体系,提出了一个基于安全指数的信息安全等级保护量化模型.用层次化的基于评分的方法来对系统的信息安全性进行评估,安全等级分配问题则被抽象成一类线性规划问题.与使用传统方法的模型相比,该模型具有易于量化、可操作性强等特性.通过举例说明了模型的实际应用.%A multidimensional security index system was established by integrating information security measurements and allocation of information security levels. A quantitative level protection model based on security index was proposed. The security index of a system was evaluated by using a hierarchical method based on grading. The problem of security level allocation was abstracted as a kind of linear programming problem. Compared to models using conventional methods, the proposed model is more quantifiable and operable. The application of the model was illustrated with an example of a real information system.
展开▼
