论文部分内容阅读
针对大型网络信息系统的安全问题,提出了一种基于安全域的安全性评估方法。首先,基于安全域的划分原则将网络信息系统按照其所维护的数据类型和所承担的业务功能类别划分为六个安全域,并以电信运营商MBOSS系统为例进行了基于六大安全域的划分。然后,介绍了层次分析法AHP的基本数学原理,建立了电信运营商MBOSS系统的多级层次化结构模型。最后,讨论了基于该模型采用AHP方法对信息系统进行安全性评估的过程。
Aiming at the security problem of large-scale network information system, a security domain based security assessment method is proposed. Firstly, based on the principle of security domain partitioning, the network information system is divided into six security domains according to the type of data it maintains and the category of business functions it undertakes. Taking the telecom operator MBOSS system as an example, Divided. Then, the basic mathematics principle of Analytic Hierarchy Process (AHP) is introduced and a multi-level hierarchical structure model of MBOSS system is established. Finally, the process of using AHP to evaluate the security of information system based on this model is discussed.