中国邮电高校学报(英文) ›› 2007, Vol. 14 ›› Issue (4): 77-81.doi: 1005-8885 (2007) 04-0077-05

• Artificial Intelligence • 上一篇    下一篇

Information security assurance lifecycle research

谢成山; 许佳古月; 王理   

  1. School of Economy and Management, Beihang University
  • 收稿日期:2007-01-18 修回日期:1900-01-01 出版日期:2007-12-24
  • 通讯作者: 谢成山

Information security assurance lifecycle research

XIE Cheng-shan; XUJIA Gu-yue; WANG Li   

  1. School of Economy and Management, Beihang University
  • Received:2007-01-18 Revised:1900-01-01 Online:2007-12-24
  • Contact: XIE Cheng-shan

摘要:

This article proposes that problems of information security are mainly caused by the ineffective integration of people, operation, and technology, and not merely by the poor use of technology. Based on the information lifecycle, a model of the information security assurance lifecycle is presented. The crucial parts of the model are further discussed, with the information risk value and protect level, and the solution in each step of the lifecycle is presented with an ensured information risk level, in term of the integration of people, operation, and technology.

关键词:

information security; information risk; information lifecycle

Abstract:

This article proposes that problems of information security are mainly caused by the ineffective integration of people, operation, and technology, and not merely by the poor use of technology. Based on the information lifecycle, a model of the information security assurance lifecycle is presented. The crucial parts of the model are further discussed, with the information risk value and protect level, and the solution in each step of the lifecycle is presented with an ensured information risk level, in term of the integration of people, operation, and technology.

Key words:

information security; information risk; information lifecycle