信息系统风险评估及风险管理对策研究
|
摘要
随着经济全球化和信息技术的迅猛发展,信息系统在国家的政治、军事和经济等领域应用的日益广泛,整个社会对信息系统的依赖性越来越大,信息系统的安全问题已经成为一个关乎国家政治稳定、社会安定和经济健康有序运行的全局性重要问题。信息安全管理本质上是基于风险的管理。当前信息技术迅猛发展,信息安全管理理论和方法正经历一场重大的变革:从单一的技术手段到“技术与管理”并重的综合治理手段;从局部的工程管理到全局性的系统管理;从标准不完善的经验式管理到安全等级分明的科学管理;风险评估对象从综合评估到人因评估、从现状评估到趋势评估;评估方式从静态评估到动态评估;评估手段从手动评估到自动评估;评估方法从定性评估、定量评估到定性和定量相结合。结合信息系统实际情况,对相关科学的理论和方法进行完善与创新,是确保信息系统风险评估与管理工作不断完善的必要前提。
本文遵循定性-定量-定性的分析研究思路,着眼于从技术层面和管理层面的有机结合,从信息系统风险评估与管理过程中的关键问题入手,结合安全管理、系统工程、信息安全、层次分析法(AHP)、灰色理论、模糊理论、决策理论多种学科的理论及相关方法开展了针对性的研究。主要研究工作有:
(1)首先应用基于改进型AHP的模糊综合评价法和基于离差平方和的模糊综合评价法对信息系统进行综合评估。通过对信息系统的风险综合评估,掌握了信息系统风险整体状况、主要风险影响因素,为信息系统人因失误风险评估、风险态势评估以及风险管理模型与对策的研究提供了理论方法基础和依据。
(2)基于交互式群决策的信息系统人因失误风险评估研究。运用Reason模型和SHEL模型对信息系统人因失误的风险进行分析,并建立信息系统人因失误风险评估指标体系,应用群决策技术对专家权重进行判断,可以有效地提高信息系统风险评估的合理性和准确性。并应用改进型AHP模糊综合方法进对信息系统人因失误进行风险评估,分析了人因失误风险因素的影响作用,并确定信息系统人因失误的风险等级,为探讨信息系统人因失误风险管理对策奠定了基础。
(3)基于灰色理论的信息系统风险态势评估研究。在实际情况中,由于信息系统威胁的不确定性、动态性,同时由于风险因素的构成、因素之间的关系、因素发挥作用的时间和范围等在不断变化,从而导致信息系统所面临的风险呈现动态而复杂的演化趋势,静态风险评估很难预测或评估未来风险状况,因而对系统未来风险态势进行评估凸显其重要。论文将系统灰色理论方法引入信息系统安全风险态势感知的研究领域,提出一种风险态势感知评估模型,通过仿真实验,验证了该方法和模型的可行性和有效性。并提出基于态势评估的信息系统风险预警、防范与控制模型。
(4)信息系统风险管理模式及对策研究。信息系统的安全建设不仅是一个技术问题,更是一个管理问题,管理是贯穿信息安全体系建设过程的生命线,风险管理是信息安全保障工作中的一项基础性工作。论文提出了适合未来智能化发展需要的信息系统动态风险管理模型和信息系统人因失误风险管理与控制模型,并提出具体的对策建议。
With the constant deepening of information technology, Information system is widely applied in the country's political, military and economic spheres, the entire society have more and more depended on the information systems, so information systems security has risen as a overall matter of national political stability, social stability and economic health operate orderly. Information security management is essentially a risk-based management. The current rapid development of information technology, information security management theory and methods undergoing a major transformation:from a single technical means to "Technology and Management" equal emphasis on the comprehensive management tools; from the local project management to the global system management; from the inadequate standard empirical management to safety-level clearly management; objects of risk assessment which from comprehensive assessment to human-reason assessment; from static assessment methods to dynamic assessment; assessment tools which from automatic evaluation assessment to the qualitative assessment, the qualitative and quantitative combined of the quantitative evaluation. Information systems with the actual situation of the relevant scientific theories and methods of improvement and innovation is to ensure information systems risk assessment and management,that is a necessary prerequisite for continuous improvement.
This dissertation is proceeded with ideas of the qualitative-quantitative qualitative analysis, focusing on the technical level and management level, from the crucial problems of the information systems risk assessment and management process, combined with security management, systems engineering, information security, analytic hierarchy process France (AHP), gray theory, fuzzy theory, decision theory, multi-disciplinary theory and related approachesm,which is carried out targeted research. Main research work are:
(1) First, This dissertation is studyed on application of AHP which base on improved fuzzy comprehensive evaluation method and base on sum of squared deviations of the fuzzy comprehensive evaluation method to conduct a comprehensive assessment of information systems. Through a comprehensive assessment of the information systems risks, master overall situation of the information system risk, the main risk factors, while risk management information systems provide the basis for strategy and control measures. The dissertation is studyed for the follow-up dissertation information systems human-error risk assessment, risk assessment and risk management models situation and provide countermeasures of the study and a theoretical basis and foundation methods.
(2) This dissertation is studyed on Interactive group decision-making which base on the information system human-error risk assessment studies. the use of Reason model and the SHEL model for information system risk of human error analysis, and the establishment of information systems human-error risk assessment index system, the application group decision-making techniques to judge the weight of experts, can effectively improve reasonableness and accuracy of the information system risk assessment. And application of improved fuzzy AHP information systems into an integrated approach to human-error risk assessment, analysis of the human error and the role of risk factors and to identify information systems human error risk level, in order to explore the information systems risk management, human error and laid the foundation for response.
.(3) This dissertation is studyed on Gray Theory of information systems risk posture assessment. In fact, due to the uncertainty and dynamic of the threat information systems, risk factors and the relationship between factors, the ever-changing timing and scope factors,leading to the risks that facing with information systems presents dynamic and complex evolutionary trend, static risk assessment is difficult to predicted or assess the future risk status, and thus the system assess future risk trends which highlight its significance. This dissertation will be introduced into the theory of gray system, information system security risk situational awareness of the research area, it is presented a risk situational awareness assessment model, through simulation experiments, validate the methods and models of the feasibility and effectiveness. And this dissertation is studyed on how to make situation assessment base on information system risk early warning, prevention and control model.
(4) This dissertation is studyed on Information systems risk management model and Countermeasures. Information system security building is not only a technical issue, but also a management issue, management is the lifeblood of the construction process through the information security system, risk management is a basic work of the information security. This dissertation is presented the development needs for the future of intelligent information systems for dynamic risk management models and information systems, human-error risk management and control model, and make concrete policy proposals.
本文遵循定性-定量-定性的分析研究思路,着眼于从技术层面和管理层面的有机结合,从信息系统风险评估与管理过程中的关键问题入手,结合安全管理、系统工程、信息安全、层次分析法(AHP)、灰色理论、模糊理论、决策理论多种学科的理论及相关方法开展了针对性的研究。主要研究工作有:
(1)首先应用基于改进型AHP的模糊综合评价法和基于离差平方和的模糊综合评价法对信息系统进行综合评估。通过对信息系统的风险综合评估,掌握了信息系统风险整体状况、主要风险影响因素,为信息系统人因失误风险评估、风险态势评估以及风险管理模型与对策的研究提供了理论方法基础和依据。
(2)基于交互式群决策的信息系统人因失误风险评估研究。运用Reason模型和SHEL模型对信息系统人因失误的风险进行分析,并建立信息系统人因失误风险评估指标体系,应用群决策技术对专家权重进行判断,可以有效地提高信息系统风险评估的合理性和准确性。并应用改进型AHP模糊综合方法进对信息系统人因失误进行风险评估,分析了人因失误风险因素的影响作用,并确定信息系统人因失误的风险等级,为探讨信息系统人因失误风险管理对策奠定了基础。
(3)基于灰色理论的信息系统风险态势评估研究。在实际情况中,由于信息系统威胁的不确定性、动态性,同时由于风险因素的构成、因素之间的关系、因素发挥作用的时间和范围等在不断变化,从而导致信息系统所面临的风险呈现动态而复杂的演化趋势,静态风险评估很难预测或评估未来风险状况,因而对系统未来风险态势进行评估凸显其重要。论文将系统灰色理论方法引入信息系统安全风险态势感知的研究领域,提出一种风险态势感知评估模型,通过仿真实验,验证了该方法和模型的可行性和有效性。并提出基于态势评估的信息系统风险预警、防范与控制模型。
(4)信息系统风险管理模式及对策研究。信息系统的安全建设不仅是一个技术问题,更是一个管理问题,管理是贯穿信息安全体系建设过程的生命线,风险管理是信息安全保障工作中的一项基础性工作。论文提出了适合未来智能化发展需要的信息系统动态风险管理模型和信息系统人因失误风险管理与控制模型,并提出具体的对策建议。
With the constant deepening of information technology, Information system is widely applied in the country's political, military and economic spheres, the entire society have more and more depended on the information systems, so information systems security has risen as a overall matter of national political stability, social stability and economic health operate orderly. Information security management is essentially a risk-based management. The current rapid development of information technology, information security management theory and methods undergoing a major transformation:from a single technical means to "Technology and Management" equal emphasis on the comprehensive management tools; from the local project management to the global system management; from the inadequate standard empirical management to safety-level clearly management; objects of risk assessment which from comprehensive assessment to human-reason assessment; from static assessment methods to dynamic assessment; assessment tools which from automatic evaluation assessment to the qualitative assessment, the qualitative and quantitative combined of the quantitative evaluation. Information systems with the actual situation of the relevant scientific theories and methods of improvement and innovation is to ensure information systems risk assessment and management,that is a necessary prerequisite for continuous improvement.
This dissertation is proceeded with ideas of the qualitative-quantitative qualitative analysis, focusing on the technical level and management level, from the crucial problems of the information systems risk assessment and management process, combined with security management, systems engineering, information security, analytic hierarchy process France (AHP), gray theory, fuzzy theory, decision theory, multi-disciplinary theory and related approachesm,which is carried out targeted research. Main research work are:
(1) First, This dissertation is studyed on application of AHP which base on improved fuzzy comprehensive evaluation method and base on sum of squared deviations of the fuzzy comprehensive evaluation method to conduct a comprehensive assessment of information systems. Through a comprehensive assessment of the information systems risks, master overall situation of the information system risk, the main risk factors, while risk management information systems provide the basis for strategy and control measures. The dissertation is studyed for the follow-up dissertation information systems human-error risk assessment, risk assessment and risk management models situation and provide countermeasures of the study and a theoretical basis and foundation methods.
(2) This dissertation is studyed on Interactive group decision-making which base on the information system human-error risk assessment studies. the use of Reason model and the SHEL model for information system risk of human error analysis, and the establishment of information systems human-error risk assessment index system, the application group decision-making techniques to judge the weight of experts, can effectively improve reasonableness and accuracy of the information system risk assessment. And application of improved fuzzy AHP information systems into an integrated approach to human-error risk assessment, analysis of the human error and the role of risk factors and to identify information systems human error risk level, in order to explore the information systems risk management, human error and laid the foundation for response.
.(3) This dissertation is studyed on Gray Theory of information systems risk posture assessment. In fact, due to the uncertainty and dynamic of the threat information systems, risk factors and the relationship between factors, the ever-changing timing and scope factors,leading to the risks that facing with information systems presents dynamic and complex evolutionary trend, static risk assessment is difficult to predicted or assess the future risk status, and thus the system assess future risk trends which highlight its significance. This dissertation will be introduced into the theory of gray system, information system security risk situational awareness of the research area, it is presented a risk situational awareness assessment model, through simulation experiments, validate the methods and models of the feasibility and effectiveness. And this dissertation is studyed on how to make situation assessment base on information system risk early warning, prevention and control model.
(4) This dissertation is studyed on Information systems risk management model and Countermeasures. Information system security building is not only a technical issue, but also a management issue, management is the lifeblood of the construction process through the information security system, risk management is a basic work of the information security. This dissertation is presented the development needs for the future of intelligent information systems for dynamic risk management models and information systems, human-error risk management and control model, and make concrete policy proposals.
引文
[1]国家互联网应急中心http://www.cert.org.cn/
[2]吴世忠.信息安全的科技支撑—美国信息安全产业研究.北京中电电子出版社2007:1-54
[3]Halliday, Sharon, Badenhorst, Karin, Solms, Rossouw von. A business approach to effective information technology risk analysis and management[J]. Information Management&Computer Security. Bradford:1996.vol.4, Iss.1:pg.19-31
[4]Kokolakis SA, Demopoulos AJ, Kiountouzis EA. The use of business process modeling in information systems security analysis and design[J], Information Management & Computer Security. Bradford:2000.vol.8, Iss.3:pg.107.
[5]曹阳.基于三视图框架的分布式信息系统体系结构研究.国防科技大学学位论文.2002.10.
[6]蔡卫.信息系统安全管理中亟待解决的若干问题.信息安全与通信保密.2002 NO.7:19-21.
[7]Anderson RJ.信息安全工程.蒋佳北京:机械工业出版社.2003:2-8.
[8]沈昌祥.信息安全工程导论.北京:电子工业出版社.2003:1-53.
[9]中国信息安全产品测评认证中心.信息安全工程与管理.北京:人民邮电出版社,2003:1-345 1-69.
[10]US DoD 5200.28-Std.Trusted Computer Systems Evaluation Criteria.1985.
[11]Federal criteria for information technology security. Jointly published by the National Institute of Standards and Technology and the National Security Agency, U. S. Government, 1993.
[12]Information Technology Security Evaluation Criteria (ITSEC). Office for Official Publications of the European Communities,1991.
[13]International Standards Organization. Common Criteria for Information Technology Security Evaluation (CC) version 2.1. International Standards Organization International Standard 15408,2000.
[14]Canadian trusted computer product evaluation criteria (CTCPEC). Canadian System Security Centre, Communications Security Establishment, Government of Canada,1993.
[15]SSE-CMM Model Description Document Version 2.0. http://www.sse-cmm.org,1999.
[16]National Institute of Standards and Technology. Guidelines for Automatic Data Processing Risk Analysis.1975.
[17]Department of Defense. DoD Directive:Information Assurance (IA).2003.
[18]Department of Defense. DoD Directive:Security Requirements for Automated Information Systems (AISs).1988.
[19]Department of Defense. Trusted computer system evaluation criteria (DoD 5200.28-STD).1985.
[20]Swanson M, Hash J, Wilson M. Guide for Information Security Program Assessments and System Reporting Form (NIST SP800-26.1). National Institute of Standards and Technology,2005.
[21]Swanson M. Security Self-Assessment Guide for Information Technology Systems(NIST SP800-26). National Institute of Standards and Technology 2001.
[22]Alberts CJ, Dorofee AJ. Managing Information Security Risks:The OCTAVE Approach: Addusion Wesley Professional. ISBN:0321118863.2002.
[23]CORAS:A platform for risk analysis of security system.2000.
[24]国家信息安全标准.信息技术安全管理指南(GB/T 19715-2005).2005.
[25]信息技术安全性评估准则(GB/T 18336-2001).2001.
[26]国家信息安全标准.信息安全管理实用规则(GB/T 19716-2005).2005.
[27]Department of Defense. DoD Information Technology Security Certification and Accreditation Process{DITSCAP).1997.
[28]Stonebumer G, Grogen A, Fering A. Risk Management Guide for information Technology Systems. National Institute for Standards and Technology, special Publication 800-30, 2002.
[29]Risk Management. Standards Australia and Stands New Zealand, AS/NZS 4360:1999,ISBN:7337 2647 X.,1999.
[30]Information Technology Code of Practice for Information Security Management. ISO/IEC 17799:2000(Part 1),2000.
[31]Information Security Management Systems. BS 7799-2:2002(Part 2),2002.
[32]Information Technology-Guidelines for the management of IT security. ISO/IEC TR 13335.
[33]A Guide to Risk Management and Safeguard Selection for IT Systems. Government of Canada, Communications Security Establishment,1996.
[34]Information Technology Security Evaluation Manual (ITSEM). Commission of the European Communities, Directorate General XIII:Telecommunications, Information Market and Exploitation of Research, Directorate B:Advanced Communication Technologies and Services,1993.
[35]C&A Systems Security:The COBRA Risk Consultant MethodologyTM, July 1999.
[36]Information Security Management:Learning form Leading Organizations. United States General Accounting Office, GAO/AIMD-98-68,1998.
[37]CCRA Risk Analysis and Management Method (CRAMM+).1985. http:// www.cramm.com
[38]NIST. Automated Security Self-Evaluation Tool (ASSET).http://csrc.nist.gov/asset
[39]Cost-of-Risk Analysis (CORA),International Security Technology. inc.www.ist-usa.com
[40]Stolen K. Model-based risk assessment—the CORAS approach. In Proc. the 1st iTrust Workshop,Glasgow,Septermber,2002.
[41]Miles MB, Huberman AM. Qualitative data analysis,2nd ed. Newbury Park, Cal:Sage, 1994.
[42]Anselm L strauss. Qualitative analysis for social scientists, New York:Cambridge University Press,1987.
[43]Yang Y, Boehm B, Wu D. COCOTS risk analyzer, Fifth International Conference On Commercial-off-the-Shelf(COTS)-Based Software Systems, pages 8,2006.
[44]Yang Y, Boehm B, Clark B. Assessing COTS integration risk using cost estimation inputs, Proceeding of the 28th international conference on Software engineering, Shanghai, China, ACM Press,431-438,2006.
[45]Helmer O. Social Technology, Basic Books, New York,1966.
[46]Gordon TJ, Glenn JC. Issues in Creating the Millennium project:Initial Report from the Millennium Project Feasibility Study, United Nations University,1993.
[47]Spradley JP. Participant observation, Fort Worth:Harcourt Brace,1980.
[48]Lofland J, Lofland LH. Analyzing social settings,3rd Ed. Belmont, Cal.:Wadsworth, 1995.
[49]Katz J. A theory of qualitative methodology, Contemporary field research, Prospect Heights, Ⅲ.:Waveland,1983.
[50]Gee JP. Discourse analysis, The handbook of qualitative research in education (chapter 6), San Diego:Academic Press,1922.
[51]Soh BC, Dillon TS, County P. Quantitative risk assessment of computer virus attacks on computer networks, Computer Networks and ISDN Systems, ACM Press,1995.
[52]Shoemaker D. A quantitative risk assessment model for the management of software projects, Practicing software engineering in the 21st century, Idea Group Publishing,97-115, 2003.
[53]Nishimura J. Topological Equivalence of K-Equivalent Map Germs, London Math. Soc: 308-320,1999.
[54]Lee C, Landgrebe DA. Analyzing High-Dimensional Multispectral Data,IEEE Transactions Geosci, Remote Sensing,31(4):792-800,1993.
[55]Carreira-Perpinan MA.. Continuous Latent Variable Models for Dimensionality Reduction and Sequential Data Reconstruction [D], PhD Thesis,2001.
[56]Multivariate Analysis-Factor Analysis and Principal Component. Oxford UK:The Numerical Algorithms Group Ltd,2000.
[57]Yeung KY, RUzzo WL. Principal Component Analysis for Clustering Gene Expression Data, Bioinformatics, Oxford University Press,7(9):763-774,2001.
[58]Lin KM, Lin CJ. A study on reduce support vector machines, IEEE Transaction on Neural Networks,14(6):1449-1459,2003.
[59]Chen Y, Jense C. Risk Probability Estimating Based on Clustering, Proceedings of the 4th IEEE Annual Information Assurance Workshop, West point, New York, U.S.A,2003.
[60]Li YH, Sun LY. Study and applications of data mining to the structure risk analysis of customs declaration cargo, IEEE international Conference on e-Business Engineering, 761-764,2005.
[61]Sato-Ilic M. Weighted principal component analysis for interval-valued data based on fuzzy clustering, IEEE International Conference on Systems, Man and Cybernetic,4476-4482, 2003.
[62]Chacon M, Luci O. Patients Classification by Risk Using Cluster Analysis and Genetic Algorithms, Lecture Notes in Computer Science, Heidelberg:Springer Berlin,2905: 350-358,2005.
[63]Muller KR, Mika S, Ratsch G. An Introduction to Kernel-based Learning. Algorithms, IEEE Transaction on Neural Networks,12(2):181-201,2001.
[64]Koo DY. A practical timing-risk analysis method, Reliability and Maintainability Symposium,210-215,1994.
[65]Cherkassky V, Mulier F. Model Complexity Control for Regression using VC Generalization Bounds, IEEE Transaction on Neural Networks,10(5):1075-1089,1999.
[66]Eugene Schultz E. A framework for understanding and predicting insider attacks, Computers and Security,21(6),2002.
[67]Schechter SE. Toward econometric models of the security risk from remote attack Security and Privacy Magazine,IEEE,3(1):40-44,2005.
[68]Sahinoglu M. Security meter:a practical decision-tree model to quantify risk, Security & Privacy Magazine, IEEE,3(3):18-24,2005.
[69]Shenoy PP. A comparison of graphical techniques for decision analysis, European Journal of Operational Research,78(1):1-21,1994.
[70]Cardie C. Using decision trees to improve case -based learning. Proceedings of the Tenth International Conference on Machine Learning, Morgan Kaufmann Publishers,25-32,1993
[71]Saaty TL. The Analytic Hierarchy Process:Planning, Priority Setting, Resource Allocation, New York:McGraw-Hill,1980.
[72]Salo AA, Hamalainen RP. On the measurement of preferences in the analytic hierarchy process. Journal of Multi-Criteria Decision Analysis,11(6):309-319,1997.
[73]Mustafa MA, Fai-Bahar J. Project risk assessment using the analytic hierarchy process, IEEE Transactions on Engineering Management,38(1):46-52.,1991.
[74]Tuysuz F, Kahraman C. Project risk evaluation using a fuzzy analytic hierarchy process: An application to information technology projects, International Journal of intelligent Systems,21(6):559-584,2006.
[75]Millet I, William C. Wedley. Modeling risk and uncertainty with the analytic hierarchy process, Journal of Multi-Criteria Decision Analysis,11(2):97-107,2002.
[76]Buede DM, Maxwell DT. Rank disagreement:A comparison of multi-criteria methodologies. Journal of Multi-Criteria Decision Analysis,4(1).
[77]刘恒,吕述望.基于模型的安全风险评价方法.计算机工.2005.5.
[78]钱钢.信息系统安全的工程化管理研究[博士学位论文].南京:东南大学,2002.
[79]朱而刚,张素英.基于灰色评估的信息安全风险评估模型.信息安全与通信保密.2004.(7):p32-35.
[80]陈鍊,文巨峰,韩冰青.信息系统安全风险评估.计算机工程与应用.2006.4.
[81]李杨,聂晓伟,杨鼎才.一个基于等级保护的有效风险评估方法.计算机应用研究.2005.7.
[82]向宏,董长青.风险评估的量化模型研究.哈尔滨工业大学学报(增刊).2006.7.
[83]王连强,吕述望,张剑,刘振华.组合对象信息安全风险评估研究.计算机工程与应用.2006.6.
[84]张义荣,鲜明,王国玉.一种基于网络嫡的计算机网络攻击效果定量评估方法,通信学报,25(11):158-165,2004.
[85]裴尔明,刘宝旭.一种有效的风险评估模型、算法及流程.计算机工程.2006.11.
[86]许福永,申健,李剑英.基于Delphi和ANN的网络安全综合评价方法研究,微机发展,2005.15(10):11-15.
[87]Turban E. Wetherbe J.,Mclean. E. Information Technology for Management:Improving Quality and Productivity. New York:John Wiley and Sons,1996.
[88]Benaroch M. Managing Information Technology Investment Risk:A Real Options Perspective. Journal of Management Information Systems,2002.
[89]National Security Agency. Information Assurance Technical Framework (IATF), Version 3.0.2000, http://www.iatf.net.
[90]Gehani A. Support for automated passive host-base instruction response[Ph.D. Dissertation] Durham, North Caronila:Department of Computer Science, Duke University.2003.
[91]Bilar D. Quantitative risk analysis of computer networks[PhD Dissertation]. Hanover, New Hampshire:Thayer school of Engineering, Dartmouth University,2003.
[92]Butler, SA. Security Attribute Evaluation Method[Ph.D. Dissertation]. Pittsburgh., PA: Department of Computer Science, Carnegie Mellon University,2003.
[93]Xie N, Mead NR. SQUARE Project:Cost/Benefit Analysis Framework for Information Security Improvement Projects in Small Companies. Department of Computer Science, University of California at Davis:Technical Report TCMU/SEI-2004-TN-045,2004.
[94]Bass T. Multisensor data fusion for next generation distributed intrusion detection systems.1999 IRIS National Symposium on Sensor and Data Fusion, Laurel, USA,1999.
[95]Bass T. Intrusion systems and multisensor data fusion:creating cyberspace Situational awareness. Communications of the ACM,2000,43(4):99-105P.
[96]陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法.软件学报,2006.17(4):885-897.
[97]北京理工先河科技发展有限公司.http://www.thinkor.com.
[98]姚淑萍.攻防对抗环境下的网络安全态势评估技术研究.科技导报.2007.25(7):9-12.
[99]王娟,张凤荔,傅种,陈丽莎.网络态势感知中的指标体系研究.计算机工程与应用.2007,27(8):1907-1909.
[100]任伟.网络安全态势评估智能化研究.上海交大硕士论文.2007.
[101]刘炜,刘鲁.基于模糊模式识别和D-S证据理论的安全态势估计.计算机工程与应用.2006.22:20-22.
[102]任伟,蒋兴浩,铁锋.基于邓F神经网络的网络安全态势预测方法.计算机工程与应用.2006.31:136-138.
[103]Lai JB, Wang HQ, Liu XW, Liang Y. A Quantitative Prediction Method of Network Security Situation Based on Wavelet Neural Network. First International Symposium on Data, Privacy and E-Commerce.2007,36:197-202P.
[104]Chen Y, Jensen C. A General Risk Assessment of Security in Pervasive Computing. Technical Report TCD-CS-2003-45. Department of Computer Science. Trinity College Dublin.2003.11.
[105]Liu F, Chen Y, Dai K, Wang ZY. Research on Risk Probability Estimating using Fuzzy Clustering for Dynamic Security Assessment. The Tenth International Conference on Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing, Regina, Saskatchewan, Canada, Ivo Duentsch (Eds.):LNCS, Springer Verlag.2005.9.
[106]刘芳.信息系统安全评估理论及其关建技术研究.国防科学技术大学博士学位论文.2005.4.
[107]D'Ambrosio B. Takikawa M, Fitzgerald J. Daniel Upper, Suzanne Mahoney. Security Situation Assessment and Response Evaluation (SSARE).Proceedings of the DARPA Information Survivability Conference and Exposition(DISCEXr.O1). IEEE.2001.
[108]Ishiguro M. Suzuki H, Murase I, Hiroyuki Ohno. Internet Threat Detection System Using Bayesian Estimation. FIRST'2004.
[109]Arthure H, Seymour B, Douglas BH. Computer Security Handbook.NewYork, USA:John Wiley&Sons, Inc,1995:57-68.
[110]宋如顺.安全技术的安全风险分析与评估.计算机工程与应用.2001.24:83-84.
[111]魏忠,邓高峰,孙绍荣.信息安全管理集成原理探究.计算机工程与应用,2002,38:64-65.
[112]Gollmann D.计算机安全.华蓓,蒋凡,史杏荣等.北京:人民邮电出版社.2003:120-133.
[113]Cuter SL. Living With Risk:The Geography of Technological Hazards. London and NY: Edward Arnold,1993:58-71.
[114]ISO/IEC TR 13335-1.Guidelines for the management of IT Security Part 1:Conceptes and models for IT Security[S].1997.
[115]全国信息安全标准化技术委员会.TC260 N0001信息技术安全技术信息系统安全保障等级评估准则第一部分:简介和一般模型,2004.
[116]中华人民共和国计算机信息系统安全保护条例,1994,2.
[117]石文昌,梁朝晖.信息系统安全概论.电子工业出版社.2009.03.
[118]中国信息安全产品测评认证中心.信息安全理论与技术.北京:人民邮电出版社.2003.
[119]闵京华,王晓东.一种信息安全风险的概念模型和评估模型.国家信息安全测评认证.2005(1):28-31.[120]ISO/IEC 17799-2000, Information security management—Part 1: Code of practice.
[121]刘钧.风险管理概论.清华大学出版社.2008.6:1-29.
[122]孟祥宏.电子政务信息安全风险管理研究综述.电子政务.2009.67-71.
[123]李禾,王述洋.信息安全评估的模型和方法研究.中国安全科学学报.2007(2):144-148.
[124]王正德,杨世松.信息安全管理论.北京:军事科学出版社.2009.
[125]新禾.自我评估与自主保护.网络安全技术与应用.2003(10):14-17.
[126]谢宗晓,刘振华,张文卿.VaR法在信息安全风险评估中的应用探讨.微计算机信息.2006(12):76-77.
[127]肖龙,戴宗坤,王祯学,王标.信息系统资源分布模型研究.四川大学学报,2004.41(3):560-564.
[128]肖龙.信息系统风险分析与量化评估.四川大学博士学位论文.2006:15-18.
[129]吴亚非,李新友,禄凯.信息安全风险评估.清华大学出版社.2006.
[130]吴亚非,李新友,禄凯.增强风险评估的竞争力.IT时代周刊.2005(4):76.
[131]吴世忠.基于风险管理的信息安全保障的研究.四川大学博士学位论文.2002.
[132]Townsend TJ.Security Adequacy Review Process and.Technology. Technical White Paper.Palo Alto,CA:Sun Microsystems,1998.
[133]Satty TL.The Analytic Hierarchy Process[M].New York:McGraw-Hill,1980.
[134]Satty TL.How to make a decision:The Analytical Hierachy Process[J].European Journal of Operational Research.1990,48.9-26.
[135]Satty TL.Fundaments of Decision Making and Priority Theory with the Analytic Hierarchy Process[M].RWS Publication,1994.
[136]王莲芬,许树柏.层次分析法引论.北京.中国人民大学出版社.1990.
[137]舒康,梁镇韩.AHP中的指数标度法.系统工程理论与实践.1990.10(1).5-8.
[138]Saaty TL. The Analytic Hierarchy Process.McGraw-Hill.Newyork.1980.
[139]CooPer DF, Chapman CB.Risk analysis for large projects:model, methods and cases[M].USA,John Wiley&Sons,1987.
[140]姚兰.基于离差平方和的综合赋权法在灌区节水改造评价中的应用研究.节水灌溉.2009.4.
[141]马富裕.新疆48个春小麦品种农艺性状的聚类分析及主成分分析.石河子大学学报.1995.9-13.
[142]胡坤.样品集合分类方法及其在化探异常评价中的应用.地质找矿论丛.1990.12.90-95.
[143]范柳燕.用最小离差平方和法优化监测断面.环境工程.1995.6.48-50.
[144]Zadeh LA. Fuzzy Sets.Information and Control.1965,8.338-356.
[145]Zadeh LA. Similarity relations and fuzzy orderings.Inf.Sci.1971,3.
[146]肖龙,戴宗坤.信息系统风险的多级模糊综合评判模型.四川大学学报(工程科学版).2004.36(3).98-102.
[147]郭仲伟.风险分析与决策.北京.机械工业出版社.1987.
[148]Gleason JM. Fuzzy set computational proeesses in risk analysis.IEEE Transactions on Engineering Management.1991,38(2).177-178.
[149]刘磊.企业信息化项目的风险评估与风险控制研究.吉林大学硕士论文.2004.
[150]邓聚龙灰理论基础.武汉:华中科技大学出版社.2002.122-154.
[151]李孜军.1992-2001年我国灰色系统理论应用研究进展.系统工程.2003.21(5):8-12.
[152]郇正军,卢刚夫,周大水.灰色理论在入侵检测技术中的应用研究.计算机工程与设计.2007.28(23):5610-5612.
[153]罗成本,原魁,马小军等.基于灰关联度评价的投资决策模型及运用.系统工程理论与实践.2002(9):132-136.
[154]严俊,李立辉.基于灰色关联评估的通用量化测评系统.系统工程理论与实践.2001(3):136-138.
[155]张文红,成森发.农业生态环境灰色综合评价及其支持系统.系统工程理论与实践.2003(11):119-124.
[156]马亚龙,王精业,徐享忠等.基于理想方案的灰色关联综合评估研究.系统工程与电子技术.2002.24(7):51-52.
[157]曹丽.基于人工神经网络的工程项目风险管理研究.硕士学位论文.西安理工大学2006.23-28.
[158]母晓科.浅析人工智能与专家系统.电脑知识与技术.2009.1669-1670.
[159]GB/20984-2007《信息安全技术信息系统的风险评估规范》.中华人民共和国国家标准.2007.
[160]冯登国,张阳,张玉清.信息安全风险评估综述.通信学报.2004.25(7).10-18.
[161]Jones JA. An introduction to Factor Analysis of Information Risk(FAIR)[R].2005.
[162]Haimes YY.Risk Modeling. Assessment.and Management[R].Wiley-Interscience. 2002.
[163]Deswarte O. Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security[R].LAAS Report.1997,1.
[164]Mc Dowell R. Introduction to Quantitative Analyses[R].Risk Analysis System. USDA APHIS PPD.
[165]CMS Information Security Risk Assessment(RA)[EB]. Methodology. OIS. SSG.2002.
[166]胡勇.网络信息系统风险评估方法研究.博士论文.2007.
[167]李志伟.基于AHP和BP神经网络的应急物流风险评估与预测模型.物流技术.2008.(9)75-77.
[168]李志伟,宋守信,赵志龙.基于模糊综合评判法的信息安全风险评估方法研究.生产力研究.2009.(19).
[169]黄典剑,李传贵.突发事件应急能力评价.北京.冶金工业出版社.2006.
[170]骆正清.AHP中不一致性判断矩阵调整的新方法.系统工程理论与实践.2004.24(6).84-92.
[171]舒康,梁镇韩.AHP中的指数标度法.系统工程理论与实践.1990.10(1).5-8.
[172]王菁.客滚运输人为因素风险评价与控制研究.硕士论文.2008.46-48.
[173]程建华.信息安全风险管理_评估与控制研究.吉林大学博士论文.2008.154-155.
[174]王应明.离差平方和的多指标决策方法及其应用.中国软科学.2000.3.110-113.
[175]冯宏祥.基于系统安全程学的港航通航安全评价中国水运.2007(5)
[176]Hollnagel E.Cognitive Reliability and Error Analysis Method. Elsevier Science Ltd,1998.
[177]Reason J. Human Error.U K, Cambridge:Cambridge University Press,1990.
[178]武淑平.电力企业生产中人因失误问题研究.博士论文.2009.
[179]王硕,费树岷,夏安邦.关键技术选择与评价的方法论研究.中国管理科学.2000.13(专辑).69-75.
[180]刘向阳.专家权威性权重与改进的群体决策AHP法.中国管理科学.1994.2(1):41-48.
[181]李志伟,宋守信,黄永民.交互式AHP群组专家动态权重的决策方法及实证研究.物流技术.2009.(8)56-58.
[182]魏代俊,王能发.关于层次分析法中群体决策权重系数确定的探讨.2007,(2)146-147.
[183]程其襄.实变函数与泛函分析基础.北京.高等教育出版社.2001:173.
[184]王莲芬,许树柏.层次分析法引论.北京.中国人民大学出版社.1990.120-148.
[185]Satty TL.The Analytic Hierarchy Process.New York:McGraw-Hill,1980.
[186]王莲芬,许树柏.层次分析法引论.北京.中国人民大学出版社.1990.
[187]王莲芬.相容性与群组决策[J].系统工程理论与实践.2000.(2).92-96.
[188]徐泽水,达庆利.衡量判断矩阵相容性的一个通用指标.东南大学学报(自然科学版).2001.31(6).94-97.
[189]邓聚龙.灰色预测与决策.武汉:华中工学院出版社.1986.
[190]Deng JL. Efficacy of grey assessment. The Journal of Grey System.1998(3):244-252.
[191]傅立.灰色系统理论及其应用.北京:科学技术文献出版社.1992.
[192]Bass T. Intrusion detection systems and multi-sensor data fusion:Creating cyberspace situational awareness. Communications of the ACM,2000,43(4):99-105.
[193]Yin XX, Yurcik W, Slagell A. The design of VisFlowConnect-IP:A link analysis system for IP security situational awareness. The 3rd IEEE Int'l Workshop on Information Assurance(IWIA), Baltimore, USA,2005.
[194]陈秀真,郑庆华,管晓宏,林晨光.基于粗糙集理论的主机安全评估方法.西安交通大学学报.2004.38(12):1228-1231.
[195]赖积宝,王慧强,朱亮.网络信息系统安全态势感知风险预测模型研究.计算机研究与 发展.2006(43):456-460.
[196]陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法.软件学报.2006.17(4):885-897.
[197]Boyce JQ Jennings DW.InformationAssuranceManagingorganization IT Security Risks[M].USA:Elsevier Science.2002.101-235.
[198]冯定.神经网络专家系统.科学出版社.2006.9.1-11.
[2]吴世忠.信息安全的科技支撑—美国信息安全产业研究.北京中电电子出版社2007:1-54
[3]Halliday, Sharon, Badenhorst, Karin, Solms, Rossouw von. A business approach to effective information technology risk analysis and management[J]. Information Management&Computer Security. Bradford:1996.vol.4, Iss.1:pg.19-31
[4]Kokolakis SA, Demopoulos AJ, Kiountouzis EA. The use of business process modeling in information systems security analysis and design[J], Information Management & Computer Security. Bradford:2000.vol.8, Iss.3:pg.107.
[5]曹阳.基于三视图框架的分布式信息系统体系结构研究.国防科技大学学位论文.2002.10.
[6]蔡卫.信息系统安全管理中亟待解决的若干问题.信息安全与通信保密.2002 NO.7:19-21.
[7]Anderson RJ.信息安全工程.蒋佳北京:机械工业出版社.2003:2-8.
[8]沈昌祥.信息安全工程导论.北京:电子工业出版社.2003:1-53.
[9]中国信息安全产品测评认证中心.信息安全工程与管理.北京:人民邮电出版社,2003:1-345 1-69.
[10]US DoD 5200.28-Std.Trusted Computer Systems Evaluation Criteria.1985.
[11]Federal criteria for information technology security. Jointly published by the National Institute of Standards and Technology and the National Security Agency, U. S. Government, 1993.
[12]Information Technology Security Evaluation Criteria (ITSEC). Office for Official Publications of the European Communities,1991.
[13]International Standards Organization. Common Criteria for Information Technology Security Evaluation (CC) version 2.1. International Standards Organization International Standard 15408,2000.
[14]Canadian trusted computer product evaluation criteria (CTCPEC). Canadian System Security Centre, Communications Security Establishment, Government of Canada,1993.
[15]SSE-CMM Model Description Document Version 2.0. http://www.sse-cmm.org,1999.
[16]National Institute of Standards and Technology. Guidelines for Automatic Data Processing Risk Analysis.1975.
[17]Department of Defense. DoD Directive:Information Assurance (IA).2003.
[18]Department of Defense. DoD Directive:Security Requirements for Automated Information Systems (AISs).1988.
[19]Department of Defense. Trusted computer system evaluation criteria (DoD 5200.28-STD).1985.
[20]Swanson M, Hash J, Wilson M. Guide for Information Security Program Assessments and System Reporting Form (NIST SP800-26.1). National Institute of Standards and Technology,2005.
[21]Swanson M. Security Self-Assessment Guide for Information Technology Systems(NIST SP800-26). National Institute of Standards and Technology 2001.
[22]Alberts CJ, Dorofee AJ. Managing Information Security Risks:The OCTAVE Approach: Addusion Wesley Professional. ISBN:0321118863.2002.
[23]CORAS:A platform for risk analysis of security system.2000.
[24]国家信息安全标准.信息技术安全管理指南(GB/T 19715-2005).2005.
[25]信息技术安全性评估准则(GB/T 18336-2001).2001.
[26]国家信息安全标准.信息安全管理实用规则(GB/T 19716-2005).2005.
[27]Department of Defense. DoD Information Technology Security Certification and Accreditation Process{DITSCAP).1997.
[28]Stonebumer G, Grogen A, Fering A. Risk Management Guide for information Technology Systems. National Institute for Standards and Technology, special Publication 800-30, 2002.
[29]Risk Management. Standards Australia and Stands New Zealand, AS/NZS 4360:1999,ISBN:7337 2647 X.,1999.
[30]Information Technology Code of Practice for Information Security Management. ISO/IEC 17799:2000(Part 1),2000.
[31]Information Security Management Systems. BS 7799-2:2002(Part 2),2002.
[32]Information Technology-Guidelines for the management of IT security. ISO/IEC TR 13335.
[33]A Guide to Risk Management and Safeguard Selection for IT Systems. Government of Canada, Communications Security Establishment,1996.
[34]Information Technology Security Evaluation Manual (ITSEM). Commission of the European Communities, Directorate General XIII:Telecommunications, Information Market and Exploitation of Research, Directorate B:Advanced Communication Technologies and Services,1993.
[35]C&A Systems Security:The COBRA Risk Consultant MethodologyTM, July 1999.
[36]Information Security Management:Learning form Leading Organizations. United States General Accounting Office, GAO/AIMD-98-68,1998.
[37]CCRA Risk Analysis and Management Method (CRAMM+).1985. http:// www.cramm.com
[38]NIST. Automated Security Self-Evaluation Tool (ASSET).http://csrc.nist.gov/asset
[39]Cost-of-Risk Analysis (CORA),International Security Technology. inc.www.ist-usa.com
[40]Stolen K. Model-based risk assessment—the CORAS approach. In Proc. the 1st iTrust Workshop,Glasgow,Septermber,2002.
[41]Miles MB, Huberman AM. Qualitative data analysis,2nd ed. Newbury Park, Cal:Sage, 1994.
[42]Anselm L strauss. Qualitative analysis for social scientists, New York:Cambridge University Press,1987.
[43]Yang Y, Boehm B, Wu D. COCOTS risk analyzer, Fifth International Conference On Commercial-off-the-Shelf(COTS)-Based Software Systems, pages 8,2006.
[44]Yang Y, Boehm B, Clark B. Assessing COTS integration risk using cost estimation inputs, Proceeding of the 28th international conference on Software engineering, Shanghai, China, ACM Press,431-438,2006.
[45]Helmer O. Social Technology, Basic Books, New York,1966.
[46]Gordon TJ, Glenn JC. Issues in Creating the Millennium project:Initial Report from the Millennium Project Feasibility Study, United Nations University,1993.
[47]Spradley JP. Participant observation, Fort Worth:Harcourt Brace,1980.
[48]Lofland J, Lofland LH. Analyzing social settings,3rd Ed. Belmont, Cal.:Wadsworth, 1995.
[49]Katz J. A theory of qualitative methodology, Contemporary field research, Prospect Heights, Ⅲ.:Waveland,1983.
[50]Gee JP. Discourse analysis, The handbook of qualitative research in education (chapter 6), San Diego:Academic Press,1922.
[51]Soh BC, Dillon TS, County P. Quantitative risk assessment of computer virus attacks on computer networks, Computer Networks and ISDN Systems, ACM Press,1995.
[52]Shoemaker D. A quantitative risk assessment model for the management of software projects, Practicing software engineering in the 21st century, Idea Group Publishing,97-115, 2003.
[53]Nishimura J. Topological Equivalence of K-Equivalent Map Germs, London Math. Soc: 308-320,1999.
[54]Lee C, Landgrebe DA. Analyzing High-Dimensional Multispectral Data,IEEE Transactions Geosci, Remote Sensing,31(4):792-800,1993.
[55]Carreira-Perpinan MA.. Continuous Latent Variable Models for Dimensionality Reduction and Sequential Data Reconstruction [D], PhD Thesis,2001.
[56]Multivariate Analysis-Factor Analysis and Principal Component. Oxford UK:The Numerical Algorithms Group Ltd,2000.
[57]Yeung KY, RUzzo WL. Principal Component Analysis for Clustering Gene Expression Data, Bioinformatics, Oxford University Press,7(9):763-774,2001.
[58]Lin KM, Lin CJ. A study on reduce support vector machines, IEEE Transaction on Neural Networks,14(6):1449-1459,2003.
[59]Chen Y, Jense C. Risk Probability Estimating Based on Clustering, Proceedings of the 4th IEEE Annual Information Assurance Workshop, West point, New York, U.S.A,2003.
[60]Li YH, Sun LY. Study and applications of data mining to the structure risk analysis of customs declaration cargo, IEEE international Conference on e-Business Engineering, 761-764,2005.
[61]Sato-Ilic M. Weighted principal component analysis for interval-valued data based on fuzzy clustering, IEEE International Conference on Systems, Man and Cybernetic,4476-4482, 2003.
[62]Chacon M, Luci O. Patients Classification by Risk Using Cluster Analysis and Genetic Algorithms, Lecture Notes in Computer Science, Heidelberg:Springer Berlin,2905: 350-358,2005.
[63]Muller KR, Mika S, Ratsch G. An Introduction to Kernel-based Learning. Algorithms, IEEE Transaction on Neural Networks,12(2):181-201,2001.
[64]Koo DY. A practical timing-risk analysis method, Reliability and Maintainability Symposium,210-215,1994.
[65]Cherkassky V, Mulier F. Model Complexity Control for Regression using VC Generalization Bounds, IEEE Transaction on Neural Networks,10(5):1075-1089,1999.
[66]Eugene Schultz E. A framework for understanding and predicting insider attacks, Computers and Security,21(6),2002.
[67]Schechter SE. Toward econometric models of the security risk from remote attack Security and Privacy Magazine,IEEE,3(1):40-44,2005.
[68]Sahinoglu M. Security meter:a practical decision-tree model to quantify risk, Security & Privacy Magazine, IEEE,3(3):18-24,2005.
[69]Shenoy PP. A comparison of graphical techniques for decision analysis, European Journal of Operational Research,78(1):1-21,1994.
[70]Cardie C. Using decision trees to improve case -based learning. Proceedings of the Tenth International Conference on Machine Learning, Morgan Kaufmann Publishers,25-32,1993
[71]Saaty TL. The Analytic Hierarchy Process:Planning, Priority Setting, Resource Allocation, New York:McGraw-Hill,1980.
[72]Salo AA, Hamalainen RP. On the measurement of preferences in the analytic hierarchy process. Journal of Multi-Criteria Decision Analysis,11(6):309-319,1997.
[73]Mustafa MA, Fai-Bahar J. Project risk assessment using the analytic hierarchy process, IEEE Transactions on Engineering Management,38(1):46-52.,1991.
[74]Tuysuz F, Kahraman C. Project risk evaluation using a fuzzy analytic hierarchy process: An application to information technology projects, International Journal of intelligent Systems,21(6):559-584,2006.
[75]Millet I, William C. Wedley. Modeling risk and uncertainty with the analytic hierarchy process, Journal of Multi-Criteria Decision Analysis,11(2):97-107,2002.
[76]Buede DM, Maxwell DT. Rank disagreement:A comparison of multi-criteria methodologies. Journal of Multi-Criteria Decision Analysis,4(1).
[77]刘恒,吕述望.基于模型的安全风险评价方法.计算机工.2005.5.
[78]钱钢.信息系统安全的工程化管理研究[博士学位论文].南京:东南大学,2002.
[79]朱而刚,张素英.基于灰色评估的信息安全风险评估模型.信息安全与通信保密.2004.(7):p32-35.
[80]陈鍊,文巨峰,韩冰青.信息系统安全风险评估.计算机工程与应用.2006.4.
[81]李杨,聂晓伟,杨鼎才.一个基于等级保护的有效风险评估方法.计算机应用研究.2005.7.
[82]向宏,董长青.风险评估的量化模型研究.哈尔滨工业大学学报(增刊).2006.7.
[83]王连强,吕述望,张剑,刘振华.组合对象信息安全风险评估研究.计算机工程与应用.2006.6.
[84]张义荣,鲜明,王国玉.一种基于网络嫡的计算机网络攻击效果定量评估方法,通信学报,25(11):158-165,2004.
[85]裴尔明,刘宝旭.一种有效的风险评估模型、算法及流程.计算机工程.2006.11.
[86]许福永,申健,李剑英.基于Delphi和ANN的网络安全综合评价方法研究,微机发展,2005.15(10):11-15.
[87]Turban E. Wetherbe J.,Mclean. E. Information Technology for Management:Improving Quality and Productivity. New York:John Wiley and Sons,1996.
[88]Benaroch M. Managing Information Technology Investment Risk:A Real Options Perspective. Journal of Management Information Systems,2002.
[89]National Security Agency. Information Assurance Technical Framework (IATF), Version 3.0.2000, http://www.iatf.net.
[90]Gehani A. Support for automated passive host-base instruction response[Ph.D. Dissertation] Durham, North Caronila:Department of Computer Science, Duke University.2003.
[91]Bilar D. Quantitative risk analysis of computer networks[PhD Dissertation]. Hanover, New Hampshire:Thayer school of Engineering, Dartmouth University,2003.
[92]Butler, SA. Security Attribute Evaluation Method[Ph.D. Dissertation]. Pittsburgh., PA: Department of Computer Science, Carnegie Mellon University,2003.
[93]Xie N, Mead NR. SQUARE Project:Cost/Benefit Analysis Framework for Information Security Improvement Projects in Small Companies. Department of Computer Science, University of California at Davis:Technical Report TCMU/SEI-2004-TN-045,2004.
[94]Bass T. Multisensor data fusion for next generation distributed intrusion detection systems.1999 IRIS National Symposium on Sensor and Data Fusion, Laurel, USA,1999.
[95]Bass T. Intrusion systems and multisensor data fusion:creating cyberspace Situational awareness. Communications of the ACM,2000,43(4):99-105P.
[96]陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法.软件学报,2006.17(4):885-897.
[97]北京理工先河科技发展有限公司.http://www.thinkor.com.
[98]姚淑萍.攻防对抗环境下的网络安全态势评估技术研究.科技导报.2007.25(7):9-12.
[99]王娟,张凤荔,傅种,陈丽莎.网络态势感知中的指标体系研究.计算机工程与应用.2007,27(8):1907-1909.
[100]任伟.网络安全态势评估智能化研究.上海交大硕士论文.2007.
[101]刘炜,刘鲁.基于模糊模式识别和D-S证据理论的安全态势估计.计算机工程与应用.2006.22:20-22.
[102]任伟,蒋兴浩,铁锋.基于邓F神经网络的网络安全态势预测方法.计算机工程与应用.2006.31:136-138.
[103]Lai JB, Wang HQ, Liu XW, Liang Y. A Quantitative Prediction Method of Network Security Situation Based on Wavelet Neural Network. First International Symposium on Data, Privacy and E-Commerce.2007,36:197-202P.
[104]Chen Y, Jensen C. A General Risk Assessment of Security in Pervasive Computing. Technical Report TCD-CS-2003-45. Department of Computer Science. Trinity College Dublin.2003.11.
[105]Liu F, Chen Y, Dai K, Wang ZY. Research on Risk Probability Estimating using Fuzzy Clustering for Dynamic Security Assessment. The Tenth International Conference on Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing, Regina, Saskatchewan, Canada, Ivo Duentsch (Eds.):LNCS, Springer Verlag.2005.9.
[106]刘芳.信息系统安全评估理论及其关建技术研究.国防科学技术大学博士学位论文.2005.4.
[107]D'Ambrosio B. Takikawa M, Fitzgerald J. Daniel Upper, Suzanne Mahoney. Security Situation Assessment and Response Evaluation (SSARE).Proceedings of the DARPA Information Survivability Conference and Exposition(DISCEXr.O1). IEEE.2001.
[108]Ishiguro M. Suzuki H, Murase I, Hiroyuki Ohno. Internet Threat Detection System Using Bayesian Estimation. FIRST'2004.
[109]Arthure H, Seymour B, Douglas BH. Computer Security Handbook.NewYork, USA:John Wiley&Sons, Inc,1995:57-68.
[110]宋如顺.安全技术的安全风险分析与评估.计算机工程与应用.2001.24:83-84.
[111]魏忠,邓高峰,孙绍荣.信息安全管理集成原理探究.计算机工程与应用,2002,38:64-65.
[112]Gollmann D.计算机安全.华蓓,蒋凡,史杏荣等.北京:人民邮电出版社.2003:120-133.
[113]Cuter SL. Living With Risk:The Geography of Technological Hazards. London and NY: Edward Arnold,1993:58-71.
[114]ISO/IEC TR 13335-1.Guidelines for the management of IT Security Part 1:Conceptes and models for IT Security[S].1997.
[115]全国信息安全标准化技术委员会.TC260 N0001信息技术安全技术信息系统安全保障等级评估准则第一部分:简介和一般模型,2004.
[116]中华人民共和国计算机信息系统安全保护条例,1994,2.
[117]石文昌,梁朝晖.信息系统安全概论.电子工业出版社.2009.03.
[118]中国信息安全产品测评认证中心.信息安全理论与技术.北京:人民邮电出版社.2003.
[119]闵京华,王晓东.一种信息安全风险的概念模型和评估模型.国家信息安全测评认证.2005(1):28-31.[120]ISO/IEC 17799-2000, Information security management—Part 1: Code of practice.
[121]刘钧.风险管理概论.清华大学出版社.2008.6:1-29.
[122]孟祥宏.电子政务信息安全风险管理研究综述.电子政务.2009.67-71.
[123]李禾,王述洋.信息安全评估的模型和方法研究.中国安全科学学报.2007(2):144-148.
[124]王正德,杨世松.信息安全管理论.北京:军事科学出版社.2009.
[125]新禾.自我评估与自主保护.网络安全技术与应用.2003(10):14-17.
[126]谢宗晓,刘振华,张文卿.VaR法在信息安全风险评估中的应用探讨.微计算机信息.2006(12):76-77.
[127]肖龙,戴宗坤,王祯学,王标.信息系统资源分布模型研究.四川大学学报,2004.41(3):560-564.
[128]肖龙.信息系统风险分析与量化评估.四川大学博士学位论文.2006:15-18.
[129]吴亚非,李新友,禄凯.信息安全风险评估.清华大学出版社.2006.
[130]吴亚非,李新友,禄凯.增强风险评估的竞争力.IT时代周刊.2005(4):76.
[131]吴世忠.基于风险管理的信息安全保障的研究.四川大学博士学位论文.2002.
[132]Townsend TJ.Security Adequacy Review Process and.Technology. Technical White Paper.Palo Alto,CA:Sun Microsystems,1998.
[133]Satty TL.The Analytic Hierarchy Process[M].New York:McGraw-Hill,1980.
[134]Satty TL.How to make a decision:The Analytical Hierachy Process[J].European Journal of Operational Research.1990,48.9-26.
[135]Satty TL.Fundaments of Decision Making and Priority Theory with the Analytic Hierarchy Process[M].RWS Publication,1994.
[136]王莲芬,许树柏.层次分析法引论.北京.中国人民大学出版社.1990.
[137]舒康,梁镇韩.AHP中的指数标度法.系统工程理论与实践.1990.10(1).5-8.
[138]Saaty TL. The Analytic Hierarchy Process.McGraw-Hill.Newyork.1980.
[139]CooPer DF, Chapman CB.Risk analysis for large projects:model, methods and cases[M].USA,John Wiley&Sons,1987.
[140]姚兰.基于离差平方和的综合赋权法在灌区节水改造评价中的应用研究.节水灌溉.2009.4.
[141]马富裕.新疆48个春小麦品种农艺性状的聚类分析及主成分分析.石河子大学学报.1995.9-13.
[142]胡坤.样品集合分类方法及其在化探异常评价中的应用.地质找矿论丛.1990.12.90-95.
[143]范柳燕.用最小离差平方和法优化监测断面.环境工程.1995.6.48-50.
[144]Zadeh LA. Fuzzy Sets.Information and Control.1965,8.338-356.
[145]Zadeh LA. Similarity relations and fuzzy orderings.Inf.Sci.1971,3.
[146]肖龙,戴宗坤.信息系统风险的多级模糊综合评判模型.四川大学学报(工程科学版).2004.36(3).98-102.
[147]郭仲伟.风险分析与决策.北京.机械工业出版社.1987.
[148]Gleason JM. Fuzzy set computational proeesses in risk analysis.IEEE Transactions on Engineering Management.1991,38(2).177-178.
[149]刘磊.企业信息化项目的风险评估与风险控制研究.吉林大学硕士论文.2004.
[150]邓聚龙灰理论基础.武汉:华中科技大学出版社.2002.122-154.
[151]李孜军.1992-2001年我国灰色系统理论应用研究进展.系统工程.2003.21(5):8-12.
[152]郇正军,卢刚夫,周大水.灰色理论在入侵检测技术中的应用研究.计算机工程与设计.2007.28(23):5610-5612.
[153]罗成本,原魁,马小军等.基于灰关联度评价的投资决策模型及运用.系统工程理论与实践.2002(9):132-136.
[154]严俊,李立辉.基于灰色关联评估的通用量化测评系统.系统工程理论与实践.2001(3):136-138.
[155]张文红,成森发.农业生态环境灰色综合评价及其支持系统.系统工程理论与实践.2003(11):119-124.
[156]马亚龙,王精业,徐享忠等.基于理想方案的灰色关联综合评估研究.系统工程与电子技术.2002.24(7):51-52.
[157]曹丽.基于人工神经网络的工程项目风险管理研究.硕士学位论文.西安理工大学2006.23-28.
[158]母晓科.浅析人工智能与专家系统.电脑知识与技术.2009.1669-1670.
[159]GB/20984-2007《信息安全技术信息系统的风险评估规范》.中华人民共和国国家标准.2007.
[160]冯登国,张阳,张玉清.信息安全风险评估综述.通信学报.2004.25(7).10-18.
[161]Jones JA. An introduction to Factor Analysis of Information Risk(FAIR)[R].2005.
[162]Haimes YY.Risk Modeling. Assessment.and Management[R].Wiley-Interscience. 2002.
[163]Deswarte O. Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security[R].LAAS Report.1997,1.
[164]Mc Dowell R. Introduction to Quantitative Analyses[R].Risk Analysis System. USDA APHIS PPD.
[165]CMS Information Security Risk Assessment(RA)[EB]. Methodology. OIS. SSG.2002.
[166]胡勇.网络信息系统风险评估方法研究.博士论文.2007.
[167]李志伟.基于AHP和BP神经网络的应急物流风险评估与预测模型.物流技术.2008.(9)75-77.
[168]李志伟,宋守信,赵志龙.基于模糊综合评判法的信息安全风险评估方法研究.生产力研究.2009.(19).
[169]黄典剑,李传贵.突发事件应急能力评价.北京.冶金工业出版社.2006.
[170]骆正清.AHP中不一致性判断矩阵调整的新方法.系统工程理论与实践.2004.24(6).84-92.
[171]舒康,梁镇韩.AHP中的指数标度法.系统工程理论与实践.1990.10(1).5-8.
[172]王菁.客滚运输人为因素风险评价与控制研究.硕士论文.2008.46-48.
[173]程建华.信息安全风险管理_评估与控制研究.吉林大学博士论文.2008.154-155.
[174]王应明.离差平方和的多指标决策方法及其应用.中国软科学.2000.3.110-113.
[175]冯宏祥.基于系统安全程学的港航通航安全评价中国水运.2007(5)
[176]Hollnagel E.Cognitive Reliability and Error Analysis Method. Elsevier Science Ltd,1998.
[177]Reason J. Human Error.U K, Cambridge:Cambridge University Press,1990.
[178]武淑平.电力企业生产中人因失误问题研究.博士论文.2009.
[179]王硕,费树岷,夏安邦.关键技术选择与评价的方法论研究.中国管理科学.2000.13(专辑).69-75.
[180]刘向阳.专家权威性权重与改进的群体决策AHP法.中国管理科学.1994.2(1):41-48.
[181]李志伟,宋守信,黄永民.交互式AHP群组专家动态权重的决策方法及实证研究.物流技术.2009.(8)56-58.
[182]魏代俊,王能发.关于层次分析法中群体决策权重系数确定的探讨.2007,(2)146-147.
[183]程其襄.实变函数与泛函分析基础.北京.高等教育出版社.2001:173.
[184]王莲芬,许树柏.层次分析法引论.北京.中国人民大学出版社.1990.120-148.
[185]Satty TL.The Analytic Hierarchy Process.New York:McGraw-Hill,1980.
[186]王莲芬,许树柏.层次分析法引论.北京.中国人民大学出版社.1990.
[187]王莲芬.相容性与群组决策[J].系统工程理论与实践.2000.(2).92-96.
[188]徐泽水,达庆利.衡量判断矩阵相容性的一个通用指标.东南大学学报(自然科学版).2001.31(6).94-97.
[189]邓聚龙.灰色预测与决策.武汉:华中工学院出版社.1986.
[190]Deng JL. Efficacy of grey assessment. The Journal of Grey System.1998(3):244-252.
[191]傅立.灰色系统理论及其应用.北京:科学技术文献出版社.1992.
[192]Bass T. Intrusion detection systems and multi-sensor data fusion:Creating cyberspace situational awareness. Communications of the ACM,2000,43(4):99-105.
[193]Yin XX, Yurcik W, Slagell A. The design of VisFlowConnect-IP:A link analysis system for IP security situational awareness. The 3rd IEEE Int'l Workshop on Information Assurance(IWIA), Baltimore, USA,2005.
[194]陈秀真,郑庆华,管晓宏,林晨光.基于粗糙集理论的主机安全评估方法.西安交通大学学报.2004.38(12):1228-1231.
[195]赖积宝,王慧强,朱亮.网络信息系统安全态势感知风险预测模型研究.计算机研究与 发展.2006(43):456-460.
[196]陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法.软件学报.2006.17(4):885-897.
[197]Boyce JQ Jennings DW.InformationAssuranceManagingorganization IT Security Risks[M].USA:Elsevier Science.2002.101-235.
[198]冯定.神经网络专家系统.科学出版社.2006.9.1-11.