全部 标题 作者
关键词 摘要

OALib Journal期刊
ISSN: 2333-9721
费用:99美元

查看量下载量

相关文章

更多...
-  2016 

面向业务流程的信息系统风险控制方法

DOI: 10.13190/j.jbupt.2016.03.019

Keywords: 业务流程, 信息安全风险控制, 线性规划方法, 控制成本
Key words: work-flow information security risk control linear programming method control cost

Full-Text   Cite this paper   Add to My Lib

Abstract:

摘要 为有效控制信息系统中业务流程所面临的安全风险,提出一种基于业务流程的风险控制方法(WRCM).该方法包含风险量化和风险控制两部分,在风险量化部分为风险控制部分定义了11个风险量化参数.在风险控制部分,以线性规划方法为基础,通过控制效果最大化操作,将最小残余风险损失作为目标函数导出安全风险损失最小化部署方案;通过控制成本最小化操作,将最小控制成本作为目标函数,在不超过最小残余风险损失的前提下导出控制成本最小化部署方案.风险控制效果对比实验检测结果表明,WRCM具有较好的安全风险控制效果和较低的控制成本.
In order to effectively control the security risks of the business process in the information system, a risk control method based on work-flow (WRCM) was proposed. It includes two operations, the risk quantification and the risk control. In the risk quantification operation, the risk quantification parameters are defined and initialized. In the risk control operation, the minimum residual risk damage was used as object function to get a minimum risk damage deployment scheme based on linear programming method through the control effect maximization operation. Then, the minimum control cost was used as object function to get the minimum control cost deployment scheme through the control cost minimization operation. Experiments show that the WRCM has preferable risk control effect and lower control cost.

Full-Text

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133