基于密码学理论的私密信息安全风险评估方法
DOI:
作者:
作者单位:

作者简介:

通讯作者:

中图分类号:

TP393

基金项目:

国家自然科学基金项目(61202395,61562077,61662069,61662071);甘肃省自然科学基金(No.145RJDA325);甘肃省高等学校科研项目(2017A-003,2018A-207)


Research on Privacy Information Security Risk Assessment Method Based on Cryptography Theory
Author:
Affiliation:

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    为了解决传统方法没有考虑针对私密信息的防控措施,得到评估结果不准确的问题,通过密码学理论研究了私密信息安全风险评估方法。在将资产-威胁-脆弱性作为核心对风险值进行计算的基础上,引入安全防控措施功能进行分析。按照相关原则,建立阶梯层次式私密信息安全风险评估指标体系,通过熵系数对各评估指标的权重进行计算。在不考虑防控措施的情况下计算风险值,通过密码学理论对私密信息安全性进行保护后风险值进行计算,将二者结合在一起,获取考虑密码学理论下防控措施后,私密信息风险值,实现私密信息安全风险评估。结果表明:所提方法可有效实现私密信息安全风险评估;所提方法风险评估结果准确合理。可见所提方法评估性能准确。

    Abstract:

    In order to solve the problem that traditional methods do not consider the inaccuracy of the evaluation results of the prevention and control measures against private information, the risk assessment method of private information security is studied by cryptography theory. On the basis of calculating the risk value with the asset-threat-vulnerability as the core, the function of security prevention and control measures is introduced to analyze. According to the relevant principles, the hierarchical risk assessment index system of private information security was established, and the weight of each evaluation index was calculated by entropy coefficient. The risk value was calculated without considering the preventive measures, and the risk value was calculated after the privacy information security was protected by cryptography theory. Combining the two, the risk value of privacy information was obtained after considering the preventive measures under cryptography theory to realize the risk assessment of privacy information security. The results show that the proposed method can effectively realize the risk assessment of private information security, and the risk assessment results of the proposed method are accurate and reasonable. It can be seen that the proposed method is accurate in evaluating performance.

    参考文献
    相似文献
    引证文献
引用本文

许钦百,王彩芬. 基于密码学理论的私密信息安全风险评估方法[J]. 科学技术与工程, 2019, 19(7): .
XU Qin-bai and. Research on Privacy Information Security Risk Assessment Method Based on Cryptography Theory[J]. Science Technology and Engineering,2019,19(7).

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2018-10-31
  • 最后修改日期:2018-12-17
  • 录用日期:2019-01-02
  • 在线发布日期: 2019-03-15
  • 出版日期:
×
律回春渐,新元肇启|《科学技术与工程》编辑部恭祝新岁!
亟待确认版面费归属稿件,敬请作者关注