电子政务系统风险评估模型设计与研究
|
摘要
电子政务系统是政府有效决策、管理、服务的重要手段,涉及国家秘密信息和高敏感度的核心政务信息,必然会遇到各种敌对势力、恐怖集团、捣乱分子的破坏和攻击。另外,电子政务系统是基于互联网的,存在诸多安全隐患,使电子政务系统安全面临着严峻的挑战。建立电子政务信息安全保障体系已成为目前电子政务安全建设的首要任务。而信息安全管理是其中的关键环节之一,风险评估作为信息安全管理的重要内容,在信息安全管理体系建设的各个阶段发挥着重要的作用。风险评估是一个综合评价过程,建立简化有效的评估模型是顺利完成风险评估的基础。
本文论述了国内外信息安全评估标准的研究历史及现状。介绍信息系统安全风险分析的各种流行方法,如OCTAVE、SSE-CMM、层次分析法、RMECA法等。然后分析了电子政务系统的安全需求,着重分析了电子政务系统与一般信息系统的特殊性安全需求。从系统结构、应用层面和网络结构分析了电子政务系统,在此基础上分析电子政务系统在物理安全、网络结构、系统结构、应用安全、管理方面存在的风险。
基于上述的理论研究,利用系统科学的理论和方法建立了一个基于模糊数学理论的结合OCTAVE的电子政务系统安全评估模型。建立了威胁发生的可能性的三层指标体系,从脆弱性对资产的影响程度和攻击的难易程度两个方面分析脆弱性的严重程度,利用模糊综合评价方法计算评估实体的隶属度以及相应的权重,计算风险事件的风险等级。此算法结合了OCTVAE方法的易操作性和模糊综合评判方法的准确性,为电子政务系统进行风险评估提供了有效的参考。最后以电子政务系统的实例,证明了此种风险评估模型的可行性。
E-government system is an important means to effectively make policy, manage and service, involving state secrets and high sensitivity of the core of government information, will inevitably encounter various hostile forces, terrorist groups, the destruction and disruption of attacks. In addition, the E-government system is based on the Internet, there are many potential safety problems, so that E-government system security is faced with severe challenges. E-government System Security has been already the important component of National Security, as to ensure the E-government System Security. It is the most important task of security construct to build E-government Information Security Guarantee system. Information Security Management is one of key link in the guarantee system. As the important content of Information Security Management, Risk Assessment plays an important role in each stage of building the information security administration. Now with that the Risk Assessment study going deep, various assessment methods have appeared. The risk assessment is a synthesis assessment process, establishing the simplification and effective assessment model is the foundation that smoothly completes the Risk Assessment.
The paper discusses the development history and situation of the international and national Information Security Guarantee, introduces many popular risk assessment methods, like OCTAVE, SSE-CMM, Analytic Hierarchy Process(AHP), RMECA etc. Then analyzes the security demand of E-government System, emphasize the security demand differ with the ordinary information system. Based on the above analysis, summarizes risk in the physical security, network structure, system structure, application security, management.
According to the above theoretical research, An E-government System information security risk assessment model based on fuzzy theory and OCTAVE method is established here with the theories and methods of systems science. First of all, we set base concept of fuzzy mathematics theory. Three level indexes system of the impossibility of threats was established, the critical degree of vulnerabilities was analyzed from the impact degree to the asset and the degree of being attacked. And the fuzzy comprehensive evaluation method was used to calculate membership degrees which relating to the weights of indexes and risk rank of security events. The algorithm combines the operability of the OCTAVE method with the accuracy of the fuzzy comprehensive evaluation method, provides an effective reference for the E-government System assessment. Finally, an E-government system example to prove that such a risk assessment model is feasible.
本文论述了国内外信息安全评估标准的研究历史及现状。介绍信息系统安全风险分析的各种流行方法,如OCTAVE、SSE-CMM、层次分析法、RMECA法等。然后分析了电子政务系统的安全需求,着重分析了电子政务系统与一般信息系统的特殊性安全需求。从系统结构、应用层面和网络结构分析了电子政务系统,在此基础上分析电子政务系统在物理安全、网络结构、系统结构、应用安全、管理方面存在的风险。
基于上述的理论研究,利用系统科学的理论和方法建立了一个基于模糊数学理论的结合OCTAVE的电子政务系统安全评估模型。建立了威胁发生的可能性的三层指标体系,从脆弱性对资产的影响程度和攻击的难易程度两个方面分析脆弱性的严重程度,利用模糊综合评价方法计算评估实体的隶属度以及相应的权重,计算风险事件的风险等级。此算法结合了OCTVAE方法的易操作性和模糊综合评判方法的准确性,为电子政务系统进行风险评估提供了有效的参考。最后以电子政务系统的实例,证明了此种风险评估模型的可行性。
E-government system is an important means to effectively make policy, manage and service, involving state secrets and high sensitivity of the core of government information, will inevitably encounter various hostile forces, terrorist groups, the destruction and disruption of attacks. In addition, the E-government system is based on the Internet, there are many potential safety problems, so that E-government system security is faced with severe challenges. E-government System Security has been already the important component of National Security, as to ensure the E-government System Security. It is the most important task of security construct to build E-government Information Security Guarantee system. Information Security Management is one of key link in the guarantee system. As the important content of Information Security Management, Risk Assessment plays an important role in each stage of building the information security administration. Now with that the Risk Assessment study going deep, various assessment methods have appeared. The risk assessment is a synthesis assessment process, establishing the simplification and effective assessment model is the foundation that smoothly completes the Risk Assessment.
The paper discusses the development history and situation of the international and national Information Security Guarantee, introduces many popular risk assessment methods, like OCTAVE, SSE-CMM, Analytic Hierarchy Process(AHP), RMECA etc. Then analyzes the security demand of E-government System, emphasize the security demand differ with the ordinary information system. Based on the above analysis, summarizes risk in the physical security, network structure, system structure, application security, management.
According to the above theoretical research, An E-government System information security risk assessment model based on fuzzy theory and OCTAVE method is established here with the theories and methods of systems science. First of all, we set base concept of fuzzy mathematics theory. Three level indexes system of the impossibility of threats was established, the critical degree of vulnerabilities was analyzed from the impact degree to the asset and the degree of being attacked. And the fuzzy comprehensive evaluation method was used to calculate membership degrees which relating to the weights of indexes and risk rank of security events. The algorithm combines the operability of the OCTAVE method with the accuracy of the fuzzy comprehensive evaluation method, provides an effective reference for the E-government System assessment. Finally, an E-government system example to prove that such a risk assessment model is feasible.
引文
[1]崔丽,沈昌祥.《国家安全新概念:对信息系统安全应从“两弹一星”的高度去认识》[J]中国青年报,1999.6.18.
[2]崔书昆.国外信息安全风险管理标准的研发历程.国务院信息化办公室信息安全风险评估课题组[EB/OL]http://5doc.com/doc/164293
[3]ISO/IEC 17799:2005 Information technology----Security techniques--- Code of practice for information security management;
[4]ISO/IEC TR 15443,A framework for IT Security assurance
[5]ISO/IEC 13335 Information technology-Security techniques-Management of information and communications technology security(MICTS)
[6]国家标准,GB/T 18336-2001信息技术安全技术信息技术安全性评估准则
[7]国家标准,GB/T 20274.1-2006信息安全技术信息系统安全保障评估框架 第一部分:简介和一般模型
[8]国家网络与信息安全协调小组,关于开展信息安全风险评估工作的意见[J],国家测评中心《国家信息安全测评认证》,2006(2):1-2
[9]国家标准,GB 17859-1999计算机信息系统安全保护划分准则
[10]吴亚非,李新友,禄凯.信息安全风险评估[M].北京:清华大学出版社2007:54.
[11]科飞管理工作咨询公司.信息安全风险评估[M].北京:中国标准出版社2005:9-10.
[12]Fred Cohen.Managing Network Security-Part5:Risk Management or Risk Analysis.Network Security,1997,(4):15-19.
[13]Christopher Alberts,Audrey Dorofee.Managing Information Security Risks[M].北京:清华大学出版社,2003.
[14]宋如顺.基于SSE-CMM的信息系统安全风险评估[J].计算机应用研究,2000,(11):12-14.
[15]许树柏,层次分析法原理[M],天津大学出版社,1988
[16]郭红芳,曾向阳.风险分析方法研究[J].计算机工程,2001,(3):131-133.
[17]丘菀华.现代项目风险管理方法与实践[M].北京:科学出版社,2003:73-74.
[18]盐见弘,岛冈淳.故障模式和影响分析与故障树分析的应用[M].北京:机械工业出版社,1987:42.
[19]朱木秀,冯定.风险分析方法研究.现代机械,2004,(2):19-20.
[20]电子政务信息化综述.中国电子政务资讯网[EB/OL].(2008-03-17)http://www.cegov.cn/article/2008/0317/article_8218.html.
[21]朱荣辉.电子政务系列报道1-4.中国计算机用户[J].2002.
[22]杨世远.国内电子政务现状.中国科技论坛,华中科技大学.
[23]胡铮.网络与信息安全.北京:清华大学出版社2006:14-15.
[24]尧秋根.中国计算机报[EB/OL](2002-05-13)http://e-gov.nsa.gov.cn/digest.asp?articleid=47.
[25]电子政务系统体系结构[EB/OL].http://www.hbjzit.gov.cn/News_View.asp?NewsID=278J.
[26]电子政务网解决方案.赛迪网[EB/OL].(2004-12-14)http://www.hlj.gov.en/dzzw/jjfa/200707/t20070705_10700.htm.
[27]中国电子政务样板工程-青岛市电子政务工程http://www.microsoft.com/china/windowsserversystem/facts/casestudies/QinDaoGOV.mspx
[28]李伯伟.基于安全机制的电子政务系统的研究与实现.山东师范大学硕士论文,2006.
[29]汤嘉伟.电子政务中网络安全问题分析与研究.贵州大学硕士论文,2006.
[30]李鸿吉.模糊数学基础及实用算法.科学出版社,2005:47-58
[31]李守鹏.信息安全及其模型与评估的几点新思路.四川大学博士论文,2002:105-129页
[32]吴昌伦,王毅刚.信息安全管理体系之风险评估.2004.8.2
[33]信息系统安全等级保护定级指南.
[34]赵战生,谢宗晓.信息安全风险评估--概念、方法和实践.北京:中国标准出版社.2007
[35]王英梅等.信息安全风险评估.北京:电子工业出版社,2007.
[36]陆宝华,王楠.信息系统安全原理与应用.北京:清华大学出版社,2007.
[37]Larry L.Peterson,Brace S.Davie.Computer Networks A Systems Approach(Second Edition).China Machine Press,2001.
[38]邵波,王其和.计算机网络安全技术及应用.北京:电子工业出版社,2005.11.
[39]汪楚娇,蒋志雄,王拓等.基于模糊数学的网络安全风险评估模型[J].网络安全技术与应用,2003,10:22-25.
[40]李磊.研究中国电子政务研究中心[2006-6-11]http://www.lusin.cn/ebjiehu/zhengwu/2006-6-11/10828.htm
[2]崔书昆.国外信息安全风险管理标准的研发历程.国务院信息化办公室信息安全风险评估课题组[EB/OL]http://5doc.com/doc/164293
[3]ISO/IEC 17799:2005 Information technology----Security techniques--- Code of practice for information security management;
[4]ISO/IEC TR 15443,A framework for IT Security assurance
[5]ISO/IEC 13335 Information technology-Security techniques-Management of information and communications technology security(MICTS)
[6]国家标准,GB/T 18336-2001信息技术安全技术信息技术安全性评估准则
[7]国家标准,GB/T 20274.1-2006信息安全技术信息系统安全保障评估框架 第一部分:简介和一般模型
[8]国家网络与信息安全协调小组,关于开展信息安全风险评估工作的意见[J],国家测评中心《国家信息安全测评认证》,2006(2):1-2
[9]国家标准,GB 17859-1999计算机信息系统安全保护划分准则
[10]吴亚非,李新友,禄凯.信息安全风险评估[M].北京:清华大学出版社2007:54.
[11]科飞管理工作咨询公司.信息安全风险评估[M].北京:中国标准出版社2005:9-10.
[12]Fred Cohen.Managing Network Security-Part5:Risk Management or Risk Analysis.Network Security,1997,(4):15-19.
[13]Christopher Alberts,Audrey Dorofee.Managing Information Security Risks[M].北京:清华大学出版社,2003.
[14]宋如顺.基于SSE-CMM的信息系统安全风险评估[J].计算机应用研究,2000,(11):12-14.
[15]许树柏,层次分析法原理[M],天津大学出版社,1988
[16]郭红芳,曾向阳.风险分析方法研究[J].计算机工程,2001,(3):131-133.
[17]丘菀华.现代项目风险管理方法与实践[M].北京:科学出版社,2003:73-74.
[18]盐见弘,岛冈淳.故障模式和影响分析与故障树分析的应用[M].北京:机械工业出版社,1987:42.
[19]朱木秀,冯定.风险分析方法研究.现代机械,2004,(2):19-20.
[20]电子政务信息化综述.中国电子政务资讯网[EB/OL].(2008-03-17)http://www.cegov.cn/article/2008/0317/article_8218.html.
[21]朱荣辉.电子政务系列报道1-4.中国计算机用户[J].2002.
[22]杨世远.国内电子政务现状.中国科技论坛,华中科技大学.
[23]胡铮.网络与信息安全.北京:清华大学出版社2006:14-15.
[24]尧秋根.中国计算机报[EB/OL](2002-05-13)http://e-gov.nsa.gov.cn/digest.asp?articleid=47.
[25]电子政务系统体系结构[EB/OL].http://www.hbjzit.gov.cn/News_View.asp?NewsID=278J.
[26]电子政务网解决方案.赛迪网[EB/OL].(2004-12-14)http://www.hlj.gov.en/dzzw/jjfa/200707/t20070705_10700.htm.
[27]中国电子政务样板工程-青岛市电子政务工程http://www.microsoft.com/china/windowsserversystem/facts/casestudies/QinDaoGOV.mspx
[28]李伯伟.基于安全机制的电子政务系统的研究与实现.山东师范大学硕士论文,2006.
[29]汤嘉伟.电子政务中网络安全问题分析与研究.贵州大学硕士论文,2006.
[30]李鸿吉.模糊数学基础及实用算法.科学出版社,2005:47-58
[31]李守鹏.信息安全及其模型与评估的几点新思路.四川大学博士论文,2002:105-129页
[32]吴昌伦,王毅刚.信息安全管理体系之风险评估.2004.8.2
[33]信息系统安全等级保护定级指南.
[34]赵战生,谢宗晓.信息安全风险评估--概念、方法和实践.北京:中国标准出版社.2007
[35]王英梅等.信息安全风险评估.北京:电子工业出版社,2007.
[36]陆宝华,王楠.信息系统安全原理与应用.北京:清华大学出版社,2007.
[37]Larry L.Peterson,Brace S.Davie.Computer Networks A Systems Approach(Second Edition).China Machine Press,2001.
[38]邵波,王其和.计算机网络安全技术及应用.北京:电子工业出版社,2005.11.
[39]汪楚娇,蒋志雄,王拓等.基于模糊数学的网络安全风险评估模型[J].网络安全技术与应用,2003,10:22-25.
[40]李磊.研究中国电子政务研究中心[2006-6-11]http://www.lusin.cn/ebjiehu/zhengwu/2006-6-11/10828.htm
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |