综合网络安全风险等级计算模型的研究与实现

上海交通大学硕士学位论文综合网络安全风险等级计算模型的研究与实现姓名：周楠申请学位级别：硕士专业：通信与信息系统指导教师：李生红20071101AbstractAtpresent,theInternethasenteredintoeverycornerofoursociallife.Forindividuals,itchangedtheirlifestyles.Forenterprises,itchangedtheirtraditionalbusinessmodelsandinternalmanagementsystems.Buteverythinghastwosides.Whilebringinguslotsofconvenience,ithascreatedahostofsecurityheadaches.WhentheInternetwasdesignedatfirst,onlycompatibilityandinteroperabilityhasbeentakenintoconsideration,whereastheconsequentsecurityproblemsweretotallyneglected.Asaresult,moreandmoresecurityproblemsemergedastheInternetdeveloped.TheriseofnewservicesontheInternetsuchase-commerce,e-currencyandonlinebankingdemandsbetterInternetsecurity.Buttherealityisthathackingeventstakeplaceoneafteranother,ringingalarmandposingseverechallengestotheInternetsecurityinChina.HowtoevaluatesecurityriskrankofNetworkisbecomingaveryimportantproblem.Bringfowardacalculationmodelofintegratednetworksecurityriskrank,basedonsecuritytechnologysystem,securitystrategysystem,securityorganizingsystemandsecurityactionsysteminnetwork,afterthestudyofthedevelopmentofpresentnetworksecutiyandtheexistentcalculationmodelofnetworksecurityriskrank.Whenitcomestothecalculationmodelofsecuritytechnologysystem,themodelevaluatesthenetworklayer,systemlayerandapplicationlayerthroughttheintegrality,secrecyabilityandusabilityofinfomationsystem.Andreferstoakindofinformationsecurityriskevaluationmethod,basedonUML,ATAandETA,whichcanenhancetheaccuracyandobjectivityofriskevaluation.Whenitcomestothecalculationmodelofsecuritystrategysystem,securityorganizingsystemandsecurityactionsystem,themodelisbasedonthedraw-outevaluationfactors.Themodelestablishesasecurityarrayandsubdividedsecondrankevaluationparameters,andclassifiesthenetworksecuritybyweightcalculationaccordingtotheimportanceoftheevaluationmodule,andthenclassifiesthenetworksecuritybyworkingoutproportionofthenetworksecurityrankaccordingtotheevaluationprobabilityofsubdividedsecurityeventsintheinformationsystem.Themodelisputforwardwithall-aroundconsiderationoftheinformationsystem.Presentthecalculationsampleandtheapplicationmethodofthemodelatthelastofthisarticle.Keyword:securityriskevaluatingcalculationmodelsecuritymatrixquadraticevaluatingparametersecuritystrategysystemsecuritytechnologysystemsecurityactionsystemsecurityorganizingsystemqualitativeanalysisquantitativeanalysis11.1[31][1]21-1[6]Figure1-1SecurityRiskRelation1.2Knowledge-basedModel-basedQualitativeQuantitative[15]123453Cobra20011CORASPlatformforRiskAnalysisofSecurityCriticalSystemsUMLITCORASCORASITCORASCORASCORAS[16]1.31234542.12.1.1[7]207080903004:ISO()ISO/IECJTC1()SC27()SC20()ISO/TC68SC27ISO/IECJTC1IEC()IECISOJTC1(TC56TC74ITTC77TC108/)(IEC60950)ITU()ITUSG17SG16H.323IETF(Internet)IETFInternet8Internet8IKEIPSecRFC2-15Table2-1theinternationalstandardorganizations(CITS)(CCSA)CITS1984ISO/IECJTC124CITSCCSA20021218CCSA4:;;2-2Table2-2theinternalstandardorganizations2.1.2[9]BS7799(ISO/IEC17799)BS77992000ISO17799ISO17799113913362-3BS7799Figure2-3thesecuritydirectiveflowofBS7799&SSE-CMM[10]SSE-CMM19935CMMCMM19951CMM19994SSE-CMMSSE-CMM7SSE-CMMSSE-CMMSSE-CMMSSE-CMMSSE-CMMSSE-CMMSSE-CMMSSE-CMMSSE-CMMSSE-CMM:::SSE-CMMSSE-CMMISO/IEC15408(GB/T18336)CC1996ISO15408GB/T18336CC8CCISO/IEC13335ISO13335ITIT6GB17895-1999525AS/NZS4360:1999OCTAVEOperationallyCriticalThreat,Asset,andVulnerabilityEvaluationGAO/AIMD-00-33IATFAS/NZS436019991995AS/NZS4360:1999AS/NZS4360:1999OCTAVEOCTAVEO—C—9OCTAVETCSEC198547ITSEC90ITSEC2.2[6][2003]27200466[2006]72-4Table2-4principleofriskevaluation102.3BS7799/ISO17799ISO/IEC13335GB17589GB183361-1(SSE-CMM)SSE-CMMSSE-CMM11(PA)PA01PA02PA03PA04PA05PA06PA07PA08PA09PA10PA11SSE-CMM112-5DIEMFigure2-5securitypeojectmodelofDIEM276625GB17859-1999Classifiedcriteriaforsecurity[3]GB/T1785972006••••••••12[2]2-62-6Figure2-6grademodelofsecuritysystemAS/NZS4360:1999FMECAHistoricalAnalysis132-7Figure2-7riskcalculationalmodelHistoricalAnalysis[17]ExposureFactorEFSingleLossExpectancySLESOCSingleOccuranceCostsAnnualizedRateofOccurrenceAROAnnualizedLossExpectancyALEEACEstimatedAnnualCost2-8Table2-8conception12EF140~100%3ARO4SLESLE=AssetValue×EF5ALEALE=SLE×AROAROEFFMECA[18]DelphiChecklistQuestionnaireInterviewSurveyFailureMode,EffectsandCriticalityAnalysis(FMECAorFMEA),153.1[18](1)(2)(3)[14]3.2[19]OSI16AndrewS.TanenbauOSITCP/IP3-1100N(1,1)N(1,2)N(1,3)N(1,4)N(1,5)N(2,1)N(2,2)N(2,3)N(2,4)N(2,5)N(3,1)N(3,2)N(3,3)N(3,4)N(3,5)N(4,1)N(4,2)N(4,3)N(4,4)N(4,5)N(5,1)N(5,2)N(5,3)N(5,4)N(5,5)TotalN=1003-1Table3-1securitytechnologymatrix3-1R(z)(R)(r)1R1r12R2r23R3r34R4r43-2Table3-2pointcalculationofriskthreaten17(r)r3-33-3(F)(z)(F)(f)1F1f12F2f23F3f34F4f45F5f56F6f67F7f78F8f83-3Table3-3securityenhancing1W(ij)a(i,j)=r/R2W(ij)b(i,j)=f/F3m%1-m%c(i,j)=r/R*m%+f/F*1-m%43-1W(ij)s(i,j)=c(i,j)*N(i,j)5s(i,j)S=s(i,j)183.312343-4Figure3-4infomationgsecuritysystem19OSI3-5Figure3-5securityframe203-6Figure3-6securitytechnologysystem3.4UnifiedModellingLanguage,UMLUMLUML[20]FaultTreeAnalysis,FTA[21]AttackTreeAnalysis,ATA[22]ATAATA21ProbabilisticRiskAssessment,