基于能力成熟度模型的信息系统安全保障评估
|
摘要
在高度信息化的今天,网络与信息安全问题越来越突出,信息系统安全保障的意义变得越来越重要。中国信息安全测评中心提出《信息系统安全保障评估框架》(GB/T20274),用以解决对信息系统安全保障的评估。由于其在可执行性上的问题,因此本文主要研究的是基于该标准的信息系统安全保障评估,解决其存在的可执行性问题,并在基础上设计和实现了信息系统安全保障能力成熟度评估的平台。
首先,在《信息系统安全保障评估框架》标准的指导下,结合《信息技术安全性评估准则》及相关内容,提出信息系统安全技术架构类、管理保障的能力成熟类及工程保障的能力成熟度类。
接着,在此基础上,设计出基于《信息系统安全保障评估框架》的安全用例:评估用例和测试用例,用来评估信息系统安全保障的能力成熟度。
最后,针对信息系统安全保障能力成熟度评估,详细分析了保障评估的核心思想和基本原则,建立基于能力成熟度的信息系统安全保障的评估平台。
本文所进行的研究旨在提高在信息系统安全保障评估过程中的可操作性,并建立评估平台,提高评估的规范性和效率。
With the highly developing of information system, information security problems become more serious and information system security evaluation become more important than before. In order to solve information system security assurance evaluation, China Information Technology Security Evaluation Center provided an Information System Security Assurance Evaluation Framework. But these standards have some problem on enforceability, on this paper research evaluation method based on those standards, in order to solve the problems. At last, designs and implements the platform about information system security assurance evaluation based on capability maturity model.
First, this paper under the guidance of Information System Security Assurance Evaluation Framework combined with Evaluation criteria for IT security and other related contents, provided information system safety architecture class, capability maturity class about management assurance and engineering assurance.
Second, based on research, built the safety cases, about Information System Security Assurance Evaluation Framework, like assurance cases and testing cases, in order to evaluate capability maturity about information system security assurance.
Finally, address information system security capability maturity assessment, this paper particularly analyzes the ideas and basic principles, building the platform about information system security assurance evaluation based on capability maturity.
This paper aimed to improve the information system security assessment process operability, and the establishment of evaluation platform to improve the assessment of the normative and efficiency.
首先,在《信息系统安全保障评估框架》标准的指导下,结合《信息技术安全性评估准则》及相关内容,提出信息系统安全技术架构类、管理保障的能力成熟类及工程保障的能力成熟度类。
接着,在此基础上,设计出基于《信息系统安全保障评估框架》的安全用例:评估用例和测试用例,用来评估信息系统安全保障的能力成熟度。
最后,针对信息系统安全保障能力成熟度评估,详细分析了保障评估的核心思想和基本原则,建立基于能力成熟度的信息系统安全保障的评估平台。
本文所进行的研究旨在提高在信息系统安全保障评估过程中的可操作性,并建立评估平台,提高评估的规范性和效率。
With the highly developing of information system, information security problems become more serious and information system security evaluation become more important than before. In order to solve information system security assurance evaluation, China Information Technology Security Evaluation Center provided an Information System Security Assurance Evaluation Framework. But these standards have some problem on enforceability, on this paper research evaluation method based on those standards, in order to solve the problems. At last, designs and implements the platform about information system security assurance evaluation based on capability maturity model.
First, this paper under the guidance of Information System Security Assurance Evaluation Framework combined with Evaluation criteria for IT security and other related contents, provided information system safety architecture class, capability maturity class about management assurance and engineering assurance.
Second, based on research, built the safety cases, about Information System Security Assurance Evaluation Framework, like assurance cases and testing cases, in order to evaluate capability maturity about information system security assurance.
Finally, address information system security capability maturity assessment, this paper particularly analyzes the ideas and basic principles, building the platform about information system security assurance evaluation based on capability maturity.
This paper aimed to improve the information system security assessment process operability, and the establishment of evaluation platform to improve the assessment of the normative and efficiency.
引文
[1]范红,冯登国.信息安全风险评估实施教程[M].北京:清华大学出版社,2007.
[2]林梦泉,王强民,陈秀真.基于粗糙集的网络信息系统安全评估模型研究[J].控制与决策.2007,22(8):952-960
[3]杨昌昊,胡小建,竺长安.从故障树到故障贝叶斯网映射的故障诊断方法[J].仪器仪表学报.2009,30(7):1481-1486
[4]李涛.基于免疫的网络安全风险检测[J].中国科学E辑信息科学.2005,35(8):798-816
[5]王如龙.基于贝叶斯网络的软件项目风险评估模型[J].计算机工程.2008,34(22):91-93,105
[6]Nikolai Mansourov. System Assurance[M]. Morgan Kaufmann Publishers, USA,2010
[7]Peter Bishop, RE Bloomfield. A Methodology for Safety Case Development[R]. Safety-Critical Systems Symposium (SSS'98), Birmingham, UK, Feb 1998
[8]Tim Kelly, Rob Weaver. The Goal Structuring Notation-A Safety Argument Notation[R]. In Proc. of The Dependable Systems and Networks 2004 Workshop on Assurance Cases, July 2004
[9]中国信息安全测评中心.GB/T 20274.1-2006.信息安全技术信息系统安全保障评估框架第1部分:简介和一般模型[S].2006
[10]中国信息安全测评中心.GB/T 20274.2-2008.信息安全技术信息系统安全保障评估框架第2部分:技术保障[S].2008
[11]中国信息安全测评中心.GB/T 20274.3-2008.信息安全技术信息系统安全保障评估框架第3部分:管理保障[S].2008
[12]中国信息安全测评中心.GB/T 20274.4-2008.信息安全技术信息系统安全保障评估框架第4部分:工程保障[S].2008
[13]Herbsleb JD, Goldenson DR. A systematic survey of CMM experience and results[J]. In: Rombach HD, ed. Proc. Of the 18th Int Conf. on Software Engineering(ICSE'96). Washington:IEEE Computer Society,1996,323-330
[14]DOD. TCSEC:Trusted computer system evaluation criteria[S]. Technical Report 5200. 28-STD, USA. Department of Defense, Dec,1985
[15]UK ITSEC Certification Body. UK ITSEC Scheme Certification Report NO.P 129 Mondex Purse[S]. Technical report, UK IT Security Evaluation and Certification Scheme, 1999
[16]Canadian Systems Security Center. Criteria Canadian Trusted Computer Product Evaluation[S].1993
[17]National Institute of Standards and Technology and the National Security Agency. Federal Criteria for Information Technology security[S].1993
[18]Joint Technical Committee. Evaluation Criteria for IT Security[S]. Draft Version 0.9, 1993
[19]罗锋盈.信息安全国家标准制定动态[J].信息技术与标准化,2010,(3):21-26
[20]张新红.中国信息化趋势报告[J].中国信息界,2006,(23):8-21
[21]佟鑫,张利,姚轶崭.信息系统安全保障评估标准综述[J].信息技术与标准化,2010,(8):41-45
[22]中国信息安全测评中心.征求意见稿:信息系统安全保障通用评估方法[S].2010
[23]江常青.基于模型的信息系统安全评估研究[D].上海:华东理工大学,2007
[24]Maconachy, Ragsdale, Welch. A model for information assurance:an integrated approach[J]. Proceedings of the 2nd Annual IEEE Information Assurance Workshop, June 2001,306-310
[25]中国信息安全测评中心:GB/T 18336.1-2008.信息技术安全性评估准则第1部分:简介和一般模型[S].2008
[26]中国信息安全测评中心:GB/T 18336.2-2008.信息技术安全性评估准则第2部分:安全功能要求[S].2008
[27]中国信息安全测评中心:GB/T 18336.2-2008.信息技术安全性评估准则第3部分:安全保证要求[S].2008
[28]ISO PDTR 15446. Guide for Production of Protection Profiles and Security Targets[S]. 2000
[29]许诚,雷震甲,王纷.国家关键信息技术的保护轮廓开发研究[J].情报杂志,2005,24(3):57-59
[30]S.Zahran. Software Process Improvement[M]. Addison Wesley,1998
[31]Operating Units of the Department of Commerce. IT Architecture Capability Maturity Model[S].2003
[32]李杨,聂晓伟,杨鼎才.基于BS7799标准风险评估实施性研究[J].计算机应用研究,2005,22(7):42-44,62
[33]Carnegie Mellon on University. Systems Security Engineering Capability Maturity Model SSE-CMM Model Description Document Version 3.0[S].2003
[34]BSI. ISO/IEC 17799-2000, Information Technology-code of Practice for Information Security Management[S],2000
[35]谭良,罗讯,佘堃.CC与SSE-CMM的研究与比较[J].计算机应用研究,2006,23(5):38-43
[36]Tan Liang, Zhou Ming Tian. A New Evaluation Strategy Based on Combining CC and SSE-CMM for Security Systems and Products[J]. Proceedings of the Fifth International Conference on Grid and Cooperative Computing.2006,395-403
[37]赵卫东.信息系统生命周期中的安全工程活动研究[J].计算机工程与科学,2004,26(2):108-109
[38]The Assurance Approaches Working Group. SSE-CMM Appraisal Method Version 2.0[S]. 1999
[39]陈建明,龚尧莞.基于SSE-CMM的信息系统安全工程模型[J].计算机工程,2003,29(16):35-36
[40]Saint Germain. Information security management best practice based on ISO/IEC 17799[J]. Information Management Journal,2005,39(4):60-66
[41]Common Criteria Interpretation Management Board. Common Criteria for Information Technology Security Evaluation Part 1:Introduction and general model version 3.1 [S]. 2009
[42]Common Criteria Interpretation Management Board. Common Criteria for Information Technology Security Evaluation Part 2:Security functional requirements version 3.1 [S]. 2009
[43]Common Criteria Interpretation Management Board. Common Criteria for Information Technology Security Evaluation Part 3:Security assurance requirements version 3.1 [S]. 2009
[44]Robin E Bloomfield. Assurance Cases for Security[M]. Washington, USA,2005
[45]成卫青,龚俭.网络安全评估[J].计算机工程,2003,29(2):182-186
[46]徐萃华,林家骏,张雪芹.基于证据推理及评估用例的信息系统安全评估模型[J].华东理工大学学报(自然科学版).2010,36(6):818-824
[47]陈驰,冯登国,徐震.信息安全产品安全保证量化评估方法研究[J].电子学报,2007,35(10):1886-1891
[48]赵冬梅,马建峰,王跃生.信息系统的模糊风险评估模型[J].通信学报,2007,28(4):51-56
[49]Andreas Ekelhat. Security ontologies:Improving quantitative risk analysis[C]. Proceedings of the 40th Annual Hawaii International Conference on System Sciences. Hawaii, USA:IEEE,2007.156-162
[50]袁春阳,贺也平,潘学俭.使用CC标准开发的高保证安全信息系统[J].计算机科学,2007,34(2):17-21,47
[51]周倩.面向业务流程的信息安全风险评估研究和实现[D].国防科学技术大学,2006.
[52]张雪芹,江常青,徐萃华.基于符合性判定的CME信息系统安全风险评估模型[J].清华大学学报(自然科学版),2010,50(1):156-166
[53]Peri, Joseph S.J. Dempster-Shafer theory, Bayesian theory and measure theory[C]. Proceedings of SPIE-The International Society for Optical Engineering. Laurel, MD: IEEE,2005:378-389
[2]林梦泉,王强民,陈秀真.基于粗糙集的网络信息系统安全评估模型研究[J].控制与决策.2007,22(8):952-960
[3]杨昌昊,胡小建,竺长安.从故障树到故障贝叶斯网映射的故障诊断方法[J].仪器仪表学报.2009,30(7):1481-1486
[4]李涛.基于免疫的网络安全风险检测[J].中国科学E辑信息科学.2005,35(8):798-816
[5]王如龙.基于贝叶斯网络的软件项目风险评估模型[J].计算机工程.2008,34(22):91-93,105
[6]Nikolai Mansourov. System Assurance[M]. Morgan Kaufmann Publishers, USA,2010
[7]Peter Bishop, RE Bloomfield. A Methodology for Safety Case Development[R]. Safety-Critical Systems Symposium (SSS'98), Birmingham, UK, Feb 1998
[8]Tim Kelly, Rob Weaver. The Goal Structuring Notation-A Safety Argument Notation[R]. In Proc. of The Dependable Systems and Networks 2004 Workshop on Assurance Cases, July 2004
[9]中国信息安全测评中心.GB/T 20274.1-2006.信息安全技术信息系统安全保障评估框架第1部分:简介和一般模型[S].2006
[10]中国信息安全测评中心.GB/T 20274.2-2008.信息安全技术信息系统安全保障评估框架第2部分:技术保障[S].2008
[11]中国信息安全测评中心.GB/T 20274.3-2008.信息安全技术信息系统安全保障评估框架第3部分:管理保障[S].2008
[12]中国信息安全测评中心.GB/T 20274.4-2008.信息安全技术信息系统安全保障评估框架第4部分:工程保障[S].2008
[13]Herbsleb JD, Goldenson DR. A systematic survey of CMM experience and results[J]. In: Rombach HD, ed. Proc. Of the 18th Int Conf. on Software Engineering(ICSE'96). Washington:IEEE Computer Society,1996,323-330
[14]DOD. TCSEC:Trusted computer system evaluation criteria[S]. Technical Report 5200. 28-STD, USA. Department of Defense, Dec,1985
[15]UK ITSEC Certification Body. UK ITSEC Scheme Certification Report NO.P 129 Mondex Purse[S]. Technical report, UK IT Security Evaluation and Certification Scheme, 1999
[16]Canadian Systems Security Center. Criteria Canadian Trusted Computer Product Evaluation[S].1993
[17]National Institute of Standards and Technology and the National Security Agency. Federal Criteria for Information Technology security[S].1993
[18]Joint Technical Committee. Evaluation Criteria for IT Security[S]. Draft Version 0.9, 1993
[19]罗锋盈.信息安全国家标准制定动态[J].信息技术与标准化,2010,(3):21-26
[20]张新红.中国信息化趋势报告[J].中国信息界,2006,(23):8-21
[21]佟鑫,张利,姚轶崭.信息系统安全保障评估标准综述[J].信息技术与标准化,2010,(8):41-45
[22]中国信息安全测评中心.征求意见稿:信息系统安全保障通用评估方法[S].2010
[23]江常青.基于模型的信息系统安全评估研究[D].上海:华东理工大学,2007
[24]Maconachy, Ragsdale, Welch. A model for information assurance:an integrated approach[J]. Proceedings of the 2nd Annual IEEE Information Assurance Workshop, June 2001,306-310
[25]中国信息安全测评中心:GB/T 18336.1-2008.信息技术安全性评估准则第1部分:简介和一般模型[S].2008
[26]中国信息安全测评中心:GB/T 18336.2-2008.信息技术安全性评估准则第2部分:安全功能要求[S].2008
[27]中国信息安全测评中心:GB/T 18336.2-2008.信息技术安全性评估准则第3部分:安全保证要求[S].2008
[28]ISO PDTR 15446. Guide for Production of Protection Profiles and Security Targets[S]. 2000
[29]许诚,雷震甲,王纷.国家关键信息技术的保护轮廓开发研究[J].情报杂志,2005,24(3):57-59
[30]S.Zahran. Software Process Improvement[M]. Addison Wesley,1998
[31]Operating Units of the Department of Commerce. IT Architecture Capability Maturity Model[S].2003
[32]李杨,聂晓伟,杨鼎才.基于BS7799标准风险评估实施性研究[J].计算机应用研究,2005,22(7):42-44,62
[33]Carnegie Mellon on University. Systems Security Engineering Capability Maturity Model SSE-CMM Model Description Document Version 3.0[S].2003
[34]BSI. ISO/IEC 17799-2000, Information Technology-code of Practice for Information Security Management[S],2000
[35]谭良,罗讯,佘堃.CC与SSE-CMM的研究与比较[J].计算机应用研究,2006,23(5):38-43
[36]Tan Liang, Zhou Ming Tian. A New Evaluation Strategy Based on Combining CC and SSE-CMM for Security Systems and Products[J]. Proceedings of the Fifth International Conference on Grid and Cooperative Computing.2006,395-403
[37]赵卫东.信息系统生命周期中的安全工程活动研究[J].计算机工程与科学,2004,26(2):108-109
[38]The Assurance Approaches Working Group. SSE-CMM Appraisal Method Version 2.0[S]. 1999
[39]陈建明,龚尧莞.基于SSE-CMM的信息系统安全工程模型[J].计算机工程,2003,29(16):35-36
[40]Saint Germain. Information security management best practice based on ISO/IEC 17799[J]. Information Management Journal,2005,39(4):60-66
[41]Common Criteria Interpretation Management Board. Common Criteria for Information Technology Security Evaluation Part 1:Introduction and general model version 3.1 [S]. 2009
[42]Common Criteria Interpretation Management Board. Common Criteria for Information Technology Security Evaluation Part 2:Security functional requirements version 3.1 [S]. 2009
[43]Common Criteria Interpretation Management Board. Common Criteria for Information Technology Security Evaluation Part 3:Security assurance requirements version 3.1 [S]. 2009
[44]Robin E Bloomfield. Assurance Cases for Security[M]. Washington, USA,2005
[45]成卫青,龚俭.网络安全评估[J].计算机工程,2003,29(2):182-186
[46]徐萃华,林家骏,张雪芹.基于证据推理及评估用例的信息系统安全评估模型[J].华东理工大学学报(自然科学版).2010,36(6):818-824
[47]陈驰,冯登国,徐震.信息安全产品安全保证量化评估方法研究[J].电子学报,2007,35(10):1886-1891
[48]赵冬梅,马建峰,王跃生.信息系统的模糊风险评估模型[J].通信学报,2007,28(4):51-56
[49]Andreas Ekelhat. Security ontologies:Improving quantitative risk analysis[C]. Proceedings of the 40th Annual Hawaii International Conference on System Sciences. Hawaii, USA:IEEE,2007.156-162
[50]袁春阳,贺也平,潘学俭.使用CC标准开发的高保证安全信息系统[J].计算机科学,2007,34(2):17-21,47
[51]周倩.面向业务流程的信息安全风险评估研究和实现[D].国防科学技术大学,2006.
[52]张雪芹,江常青,徐萃华.基于符合性判定的CME信息系统安全风险评估模型[J].清华大学学报(自然科学版),2010,50(1):156-166
[53]Peri, Joseph S.J. Dempster-Shafer theory, Bayesian theory and measure theory[C]. Proceedings of SPIE-The International Society for Optical Engineering. Laurel, MD: IEEE,2005:378-389