摘要
针对信息安全风险评估的特点及要求,给出一种电力信息系统资产重要性的定量评估方法。构建了信息系统的层次评估模型,并改进ISO13335评估模型中的资产价值计算函数,运用层次分析法(AHP)确定不同层次上各评价因素的权重值。最后,通过实例证明该方法可直接用于电力信息系统的重要性评价;并且所需主观数据少,简单易行,可操作性强。
According to the characteristics and requirements of information security risk assessment, proposes a method for evaluating value of assets based on a hierarchy model of the electric power information system. The calculating functions in ISO13335 are improved and the weight of influence faetors on each level of the model is confirmed with AHP (Analytic Hierarchy Process) method. Finally, the study of the case shows this method can be directly used in risk assessment with strong maneuverability. It also can be operated conveniently without the need of too much data.
出处
《科技资讯》
2009年第20期112-113,115,共3页
Science & Technology Information
关键词
电力信息系统
重要性评价
AHP
Electric Power Information System
Evaluating of lmportance
AHP
