论文部分内容阅读
在国际标准ISO27001基础上,提出一种基于模糊数学、构建威胁场景、CVSS以及风险矩阵相结合的综合评估模型。该模型通过对数字图书馆资产价值、威胁等级和薄弱点等级的分别判定,最终综合计算得到数字图书馆信息资产的风险总值。采用该模型对某一数字图书馆进行实例研究,计算其风险值,结果与该馆实际情况相符,验证该模型的合理性和可行性。
Based on the international standard ISO27001, this paper proposes a comprehensive evaluation model based on fuzzy mathematics to construct threat scenarios, CVSS and risk matrix. The model determines the total risk value of digital library information assets through the separate judgment of digital library asset value, threat level and vulnerability level. The model is used to study a digital library and calculate its risk value. The result is consistent with the actual situation in the museum, and the rationality and feasibility of the model are verified.