面向空管信息系统网络安全的量化评估方法
Quantitative Evaluation Method for Network Security of ATC Information System
顾兆军 1杨文 1隋翯2
作者信息
- 1. 中国民航大学信息安全测评中心,天津 300300;中国民航大学计算机科学与技术学院,天津 300300
- 2. 中国民航大学信息安全测评中心,天津 300300;中国民航大学航空工程学院,天津 300300
- 折叠
摘要
随着"智慧空管"建设不断推进,对空管信息系统的安全性要求逐步提高.为了及时发现空管信息系统存在的风险,提出一种面向空管信息系统网络安全的量化评估方法.结合空管信息系统结构复杂、业务繁多等特点,从技术和管理两方面确定了网络安全评估指标体系;首先运用序关系分析法确定评估指标权重,引入决策实验室法能考虑到因素之间的影响,达到了优化指标权重的效果,进而构建基于云模型的网络安全评估模型,从而确定风险等级.最后选取多个具体的空管信息系统为例进行网络安全评估,验证了该评估模型的可用性和有效性.
Abstract
With the continuous advancement of the construction of"smart air traffic control",the security require-ments for the air traffic control information system have gradually increased.In order to find out the risks existing in the air traffic control information system in time,a quantitative assessment method for the network security of the air traffic control information system was proposed.Combining the characteristics of the air traffic control information sys-tem with complex structure and various services,the network security assessment index system was determined from the aspects of technology and management.Firstly,the G1 method was used to determine the weight of the evaluation indicators,and the DEMATEL method was introduced to take into account the influence of factors to achieve the effect of optimizing the weight of the indicators.Then a network security evaluation model based on the cloud model was constructed to determine the risk level.Finally,several specific air traffic control information systems were selected as examples to conduct network security assessment,which verifies the availability and effectiveness of the assessment model.
关键词
空管信息系统/量化评估/序关系分析法/决策实验室法/云模型Key words
Air traffic control information system/Quantitative assessment/G1/EMATEL/Cloud model引用本文复制引用
基金项目
中国民航大学信息安全测评中心开放基金(ISECCA-202103)
民航安全能力建设基金(PESA2022093)
出版年
2024
NETL
NSTL
万方数据