JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE) ›› 2019, Vol. 54 ›› Issue (1): 47-52.doi: 10.6040/j.issn.1671-9352.3.2018.002

• High-end forum • Previous Articles     Next Articles

Evaluation method of information system grade protection based on DIT

Yao-yao DU(),Ping PAN*(),Jin-hua LINGHU   

  1. College of Computer Science and Technology, Guizhou University, Guiyang 550025, Guizhou, China
  • Received:2018-06-25 Online:2019-01-20 Published:2019-01-23
  • Contact: Ping PAN E-mail:1823554507@qq.com;panping_17@163.com
  • Supported by:
    贵州省高等学校教学内容和课程体系改革(重点)项目(SJJG201404)

RichHTML

25

PDF (PC)

399

Abstract:

The configuration of information system security policy was an important measure and component of the level protection of information system. The purpose was to ensure the optimal minimum security configuration under the corresponding security level. Based on the theory of information distance this paper, establishes a distribution function by random investigation of the allocation of information system assets security strategy, and measures the confidence interval of the assets qualitatively, thus constructs the evaluation method of the level protection level of the information system. The method is simple, intuitive and high reliability; It provides a new theoretical basis and method for grading protection evaluation.

Key words: DIT, distribution function, level protection, evaluation interval

CLC Number: 

  • TP309

Fig.1

Normal distribution function graph"

Table 1

Average DIT of assets"

等级表示 资产等级 安全配置目标概率p(xk) 信息距离均值xmk
xm3 2 50% 1
xm2 3 65% 0.621 5
xm1 4 80% 0.321 9

Table 2

Device-based DIT"

单位 设备 m[6] N 安全配置完备率 权值 信息距离
服务器 15 33 0.454 5 0.005 2 1.137 6
交换机 24 32 0.750 0 0.284 9 0.415 0
单位1 物理环境 22 36 0.611 1 0.191 5 0.710 5
应用系统 18 36 0.500 0 0.034 7 1
管理文件 32 170 0.188 2 0.483 9 2.409 7
服务器 20 33 0.606 1 0.091 9 0.722 4
交换机 16 32 0.500 0 0.001 3 1
单位2 物理环境 25 36 0.694 4 0.488 3 0.526 2
应用系统 23 36 0.638 9 0.355 1 0.646 3
管理文件 61 170 0.358 9 0.063 3 1.478 3
服务器 26 33 0.787 9 0.231 7 0.343 9
交换机 22 32 0.687 5 0.062 3 0.540 6
单位3 物理环境 28 36 0.777 8 0.348 1 0.362 5
应用系统 27 36 0.750 0 0.339 6 0.415 0
管理文件 63 170 0.370 5 0.018 3 1.432 5

Table 3

Comparison of grade protection evaluation methods"

评估方法 特点 适用范围 优缺点
信息距离 以信息距离为基础,构建等级保护评价判据,对比标准区间,根据结果直接度量信息系统等级保护的等级 适用于复杂的信息系统及具体的实践环境,能够综合的评估度量系统 用直观的数据表述评估结果,使研究结果更科学,更严密,更深刻,直观、明显、对比性强,同时操作简单,计算量小
标准法 直接按照国际GB/T 22239-2008的要求,对配置项进行测评,对测评数据进行评估,对比标准要求配置项是否能达到要求 适用于相对简单,易于对比并和测评的系统 对资产的评价太过分散,需要对每一个安全配置项进行比对,且需要全部符合标准才算达到目标等级,对信息系统安全配置项完备率要求太高
1 杨磊, 郭志博. 信息安全等级保护的等级测评[J]. 中国人民公安大学学报(自然科学版), 2007, (1): 50- 53.
doi: 10.3969/j.issn.1007-1784.2007.01.012
YANG Lei , GUO Zhibo . Level assessment of information security level protection[J]. Journal of Chinese People's Public Security University(Science and Technology), 2007, (1): 50- 53.
doi: 10.3969/j.issn.1007-1784.2007.01.012
2 张文勇, 李维华, 唐作其. 信息系统安全等级保护测评中网络安全现场测评方法研究[J]. 电子科技技术, 2016, 3 (3): 272- 276.
ZHANG Wenyong , LING Weihua , TANG Zuoqi . Research on the method of metwork security evaluation on the spot for classified protection of information system[J]. Electronic Science & Technology, 2016, 3 (3): 272- 276.
3 任卫红.基于指标测量的等级保护有效性测评方法[C]//第六届全国网络安全等级保护技术大会论文集.上海:公安部第一研究所, 2017.
REN Weihong. Level protection effectiveness evaluation method based on indicator measurement[C]// Proceedings of the 6th National Network Security Protection Technology Conference. Shanghai: First Institute of Public Security, 2017.
4 朱丹, 谢晓尧, 徐洋, 等. 基于云模型与贝叶斯反馈的网络安全等级评估方法[J]. 山东大学学报(理学版), 2018, 53 (1): 53- 62.
ZHU Dan , XIE Xiaoxiao , XU Yang , et al. Evaluation method of network Security level based on cloud model and Bayesian feedback[J]. Journal of Shandong University(Natural Science), 2018, 53 (1): 53- 62.
5 曹兆泉.基于D-S证据理论的信息系统安全等级测评结果判决方法研究[D].北京:北京邮电大学, 2010.
CAO Zhaoquan. Research on evaluation method of information system of classified protection based on Dempster-Shafer theory[D]. Beijing: Beijing University of Posts and Telecommunications, 2010.
6 石桂花, 徐超, 刘君. 基于云安全服务平台的等级保护测评方法[J]. 移动通信, 2017, 41 (21): 10- 15.
doi: 10.3969/j.issn.1006-1010.2017.21.003
SHI Guihua , XU Chao , LIU Jun . Method of level protection evaluation based on cloud security service platform[J]. Mobile Communication, 2017, 41 (21): 10- 15.
doi: 10.3969/j.issn.1006-1010.2017.21.003
7 唐作其, 黄玉洁, 梁静, 等. 基于灰色模糊综合理论的信息系统定级[J]. 北京工业大学学报, 2018, 44 (7): 34- 40.
TANG Zuoqi , HUANG Yujie , LIANG Jing . Classification of information system based on Gray-fuzzy comprehensive theory[J]. Journal of Beijing University of Technology, 2018, 44 (7): 34- 40.
8 ZHOU Chao , PAN Ping , MAO Xinyue , et al. Risk analysis of information system security based on distance of information-state transition[J]. Wuhan University Journal of Natural Sciences, 2018, 23 (3): 210- 218.
doi: 10.1007/s11859-018-1312-3
9 管萍, 宋良荣. 网络环境下信息距离的测度与优化[J]. 情报学报, 2017, 36 (12): 1302- 1308.
doi: 10.3772/j.issn.1000-0135.2017.12.011
GUAN Ping , SONG Liangrong . Measurement and optimization of distance of information-state transition under a network environment[J]. Journal of the China Society for Scientific and Technical Information, 2017, 36 (12): 1302- 1308.
doi: 10.3772/j.issn.1000-0135.2017.12.011
10 李杨, 郭亚军, 杨友良. 基于K-L信息距离的证据冲突特征识别与应用[J]. 系统工程理论与实践, 2014, 34 (8): 2071- 2077.
LI Yang , GUO Yajun , YANG Youliang . Identification and application of the evidence conflict based on K-L information distance[J]. Systems Engineering-Theory & Practice, 2014, 34 (8): 2071- 2077.
[1] SHI Kai-quan. Big data structure-logic characteristics and big data law [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2019, 54(2): 1-29.
[2] QI Ting-ting, ZHANG Zhen-fu, LIU Yan-sheng. Existence of positive solutions for fractional differential system with coupled integral boundary conditions [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2019, 54(2): 71-78.
[3] SHEN Liu-xiao, ZHAO Chun. Optimal control for inputting rate of a size-structure competitive system [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(7): 21-29.
[4] YE Fu-mei. Existence results of a resonance problem with derivative terms [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(2): 25-31.
[5] YANG Dan-dan. Endpoint theorem on existence of solutions for Hadamard-type fractional differential inclusions with nonlocal integral boundary value conditions [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(2): 46-51.
[6] FENG De-cheng, WANG Xiao-yan, GAO Yu-feng. Maximal φ-inequalities for conditional N-demimartingales based on Y functions [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(2): 91-96.
[7] FENG Hai-xing, ZHAI Cheng-bo. Multiple positive solutions of a system of high order nonlinear fractional differential equations [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(12): 48-57.
[8] CUI Jing, LIANG Qiu-ju. Existence and controllability of nonlocal stochastcic integro-differential equations driven by fractional Brownian motion [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(12): 81-88.
[9] ZHU Zhi-qiang, MA Ke-xin, SUN Lei. A zero-knowledge proof based remote desktop authentication protocol [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(9): 47-52.
[10] FU Li-na, ZHANG Jian-hua. Characterization of Lie centralizers on B(X) [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(8): 10-14.
[11] ZHANG Yu, XIAO Ben-qiong, XU Ke, SHEN Ai-ting. Complete moment convergence for arrays of rowwise NSD random variables [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(6): 30-36.
[12] XUE Wen-ping, JI Pei-sheng. On the HUR stability of a mixed functional equation deriving from AQC mappings in FFNLS [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(4): 1-8.
[13] LIU Bing-bing, HAO Qing-yi. First order necessary optimality conditions for a class of pessimistic bilevel programming problems [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(3): 44-50.
[14] ZHANG Chun-yan, HAO Sheng-nan, FENG Li-chao. Stochastic suppression on explosive solutions of a class of nonlinear impulsive differential systems by noise [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(2): 29-36.
[15] LIU Wen-yue, SUN Tong-jun. Iterative non-overlapping domain decomposition method for optimal boundary control problems governed by elliptic equations [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(2): 21-28.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
[1] MAO Ai-qin1,2, YANG Ming-jun2, 3, YU Hai-yun2, ZHANG Pin1, PAN Ren-ming1*. Study on thermal decomposition mechanism of  pentafluoroethane fire extinguishing agent[J]. J4, 2013, 48(1): 51 -55 .
[2] YANG Yong-wei1, 2, HE Peng-fei2, LI Yi-jun2,3. On strict filters of BL-algebras#br#[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(03): 63 -67 .
[3] GUO Lan-lan1,2, GENG Jie1, SHI Shuo1,3, YUAN Fei1, LEI Li1, DU Guang-sheng1*. Computing research of the water hammer pressure in the process of #br# the variable speed closure of valve based on UDF method[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(03): 27 -30 .
[4] LIU Ting-ting, CHEN Zhi-yong, LI Xiao-qin*, YANG Wen-zhi. The Berry-Esseen bound for the sequence of #br# negatively associated random variables#br#[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(03): 101 -106 .
[5] MENG Xiang-bo1, ZHANG Li-dong1, DU Zi-ping2. Investment and reinsurance strategy for insurers under #br# mean-variance criterion with jumps#br#[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(05): 36 -40 .
[6] HAN Ya-fei, YI Wen-hui, WANG Wen-bo, WANG Yan-ping, WANG Hua-tian*. Soil bacteria diversity in continuous cropping poplar plantation#br# by high throughput sequencing[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(05): 1 -6 .
[7] ZHANG Ya-dong1, LI Xin-xiang2, SHI Dong-yang3. Superconvergence analysis of a nonconforming finite element for #br# strongly damped wave equations[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(05): 28 -35 .
[8] HUANG Xian-li,LUO Dong-mei. Feature impprtance study on  transfer learning of  sentiment  text  classification[J]. J4, 2010, 45(7): 13 -17 .
[9] ZENG Weng-fu1, HUANG Tian-qiang1,2, LI Kai1, YU YANG-qiang1, GUO Gong-de1,2. A local linear emedding agorithm based on harmonicmean geodesic kernel[J]. J4, 2010, 45(7): 55 -59 .
[10] DU Ji-xiang1,2, YU Qing1, ZHAI Chuan-ming1. Age estimation of facial images based on non-negative matrix factorization with sparseness constraints[J]. J4, 2010, 45(7): 65 -69 .
Copyright 2018 © Editorial office of JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE)
Supported by Beijing Magtech Co.Ltd