Research Article
A Survey of Information Intelligent System Security Risk Assessment Models, Standards and Methods
@INPROCEEDINGS{10.1007/978-3-030-48513-9_48, author={Zijian Ying and Qianmu Li and Shunmei Meng and Zhen Ni and Zhe Sun}, title={A Survey of Information Intelligent System Security Risk Assessment Models, Standards and Methods}, proceedings={Cloud Computing, Smart Grid and Innovative Frontiers in Telecommunications. 9th EAI International Conference, CloudComp 2019, and 4th EAI International Conference, SmartGIFT 2019, Beijing, China, December 4-5, 2019, and December 21-22, 2019}, proceedings_a={CLOUDCOMP}, year={2020}, month={6}, keywords={Assessment models Security risk Security standard}, doi={10.1007/978-3-030-48513-9_48} }- Zijian Ying
Qianmu Li
Shunmei Meng
Zhen Ni
Zhe Sun
Year: 2020
A Survey of Information Intelligent System Security Risk Assessment Models, Standards and Methods
CLOUDCOMP
Springer
DOI: 10.1007/978-3-030-48513-9_48
Abstract
This paper describes the theoretical hierarchy of information security risk assessment, which includes the models, standards and methods. Firstly, this paper generalizes and analyzes the security risk assessment models on the macro scale and proposes a common security risk assessment model by reviewing the development history of the models. Secondly, this paper compares different security risk assessment standards and classifies them into information security risk assessment standards, information security risk assessment management standards and information security risk assessment management implementation guidelines on the mesoscale. Then, on the micro scale, this paper generalizes security risk assessment methods and analyzes the security risk assessment implementation standards, which is the specific implementation method of security assessment work. Finally, this paper proposes a cloud security event description and risk assessment analysis framework based on the cloud environment and the common security risk assessment model we proposed.