Computer Engineering and Applications ›› 2007, Vol. 43 ›› Issue (5): 159-162.

• 网络、通信与安全 • Previous Articles     Next Articles

A Kind of Evaluation Models for Information Security

Ling-Bo Zhu   

  • Received:2006-03-03 Revised:1900-01-01 Online:2007-02-11 Published:2007-02-11
  • Contact: Ling-Bo Zhu

一类基于非线性PCA的信息安全评估模型

朱灵波 戴冠中   

  1. 西北工业大学控制与网络研究所 信息安全中心 西北工业大学
  • 通讯作者: 朱灵波

Abstract: This paper presents a proposed evaluation model based on the three properties of the information security system defined by ISO17799. First, the information security system model with three hierarchies is established by arranging and classifying the subsets of the three properties of the information security system. Second, the NLPCA(Nolinear Principal Components Analysis) method is employed for the calculation of the values of the coefficients in this information security system model. Second,Before simulations the condition of selecting nolinear function is proposed after analyzing the properties of the function.Then,according to the condition,four nolinear functions are selected to adopt for the system simulations. Third, based on the comparison among the results of the four methods the principle of selecting functions is sumed up.The application of the NLPCA method to information security evaluation is an attempt, and the model proposed is proved to be of rationality and validity by the simulations.

摘要: 首先基于ISO17799所提出的信息安全三属性,建立了信息安全系统评估的层次模型,然后将了多元统计分析中的非线性主成分分析法(NLPCA)应用到该评估模型中。在使用NLPCA之前,分析了非线性函数的选取条件,在系统仿真时,根据得出的条件选用了四种非线性函数进行仿真,并对每种函数下的结果加以比较,得出选用非线性函数的原则。总之,非线性主成分分析法用于信息安全系统评估是一种全新的尝试,仿真结果表明本文的模型和使用的方法是合理的、有效的。