Computer Engineering and Applications ›› 2009, Vol. 45 ›› Issue (14): 18-21.DOI: 10.3778/j.issn.1002-8331.2009.14.006

• 博士论坛 • Previous Articles     Next Articles

Research on evaluating survivability of network information systems

XIAO Zhi-li1,HE Ming2,3,XIAO Deng-hai2,ZHOU Zhi-jie1   

  1. 1.Institute of Communication Engineering,PLA University of Science and Technology,Nanjing 210007,China
    2.Institute of Command Automation,PLA University of Science and Technology,Nanjing 210007,China
    3.Institute of Information Science and Engineering,Southeast University,Nanjing 210096,China
  • Received:2009-01-07 Revised:2009-02-16 Online:2009-05-11 Published:2009-05-11
  • Contact: XIAO Zhi-li

网络信息系统的可生存性评估研究

肖志力1,何 明2,3,肖登海2,周志杰1   

  1. 1.解放军理工大学 通信工程学院,南京 210007
    2.解放军理工大学 指挥自动化学院,南京 210007
    3.东南大学 信息科学与工程学院,南京 210096
  • 通讯作者: 肖志力

Abstract: In order to evaluate the survivability of network information systems,an overall method for assessing is presented based on the integrity of conjoint analysis and AHP.The idea of network security levels is used for reference.Different aspects of NIS are graded into vary levels.With the value and priority,the problem of evaluating NIS survivability is solved.The assessment of NIS is constructed on two levels.One focuses on the investigation about the global performance,another is specialized on the performance of survivability.The experiment results show that the method is valid and is applied easily.Based on the investigation of the performance of NIS survivability,this helps NIS managers make tradeoffs between security and cost.The best security level of NIS survivability is guaranteed.

Key words: Network Information System(NIS), survivability, conjoint analysis, Analytic Hierarchy Process(AHP)

摘要: 为有效评估网络信息系统(NIS)的可生存性,将联合分析法和层次分析法有机结合,提出一种综合评价方法。借鉴网络安全等级的思想,对NIS不同方面重要性进行分级,获取用户期望产品和目标的价值和优先权,解决评估NIS的可生存性问题。通过在两个层次上对NIS进行测量:一是调查NIS关于组织策略目标的各方面的全局性能;二是专门调查NIS可生存性的性能,即在受到攻击时如何维持自身的性能。实验结果表明该方法有效,并易于推广应用。利用该方法调查与可生存性相关的性能,帮助NIS管理者在安全与耗费之间做出权衡,以保证NIS可生存性的最佳安全等级。

关键词: 网络信息系统, 可生存性, 联合分析, 层次分析法