Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2005, Vol. 28 ›› Issue (4): 69-73.doi: 10.13190/jbupt.200504.69.076

• Reports • Previous Articles     Next Articles

An ObjectOriented Method for Information System Security Evaluation

YAN Qiang1,SHU Huaying1,CHEN Zhong2,DUAN Yunsuo2   

  1. 1School of Economics and Management, Beijing University of Posts and Telecommunications, Beijing 100876, China;  2Department of Computer Science and Technology, Beijing University, Beijing 100871, China
  • Online:2005-08-28 Published:2005-08-28

Abstract:

ecurity evaluation is an important approach for the security risk management of the information system. But there are lack of effective methods and tools for security evaluation. To resolve the problem, an object model of security evaluation is established based on the object oriented technology. The concepts of correlation test and dependency test are introduced and a set of tools is also developed according to the model. The practical application indicates that the object oriented technology can improve the efficiency of security evaluation, and the correlation test and dependency test also improve the penetration testing effects.

Key words: object oriented, security context, security evaluation, object model

CLC Number: