Security evaluation standardization method for civil aviation information system

Journal of Civil Aviation University of China ›› 2021, Vol. 39 ›› Issue (3): 45-48.

• Civil Aviation • Previous Articles Next Articles

Security evaluation standardization method for civil aviation information system

HAN Yanzheng, ZHANG Xugao , QIU Xiaorui , WANG Yong, JIANG Laiwei

（1. Information Technology Department, Beijing Capital International Airport Co., Ltd., Beijing 100621, China; 2a. College of Computer Science and Technology; 2b. Information Network Center, CAUC, Tianjin 300300, China）

Received:2020-09-27 Revised:2020-09-27 Accepted:2020-06-09 Online:2021-06-25 Published:2021-11-28

Abstract

Abstract: Aiming at the quantifying difficulty of security evaluation for civil aviation information system due to various kinds of evaluation indicators, a standardization method for security evaluation is proposed. Firstly, the evaluation indicators are divided into qualitative and quantitative indicators of compliance degree of security. Then, description tables of compliance degree of security and index matrix tables of compliance degree of security are set for qualitative indicators, quantitative indicators are divided into positive indicators and reverse indicators. Finally, the normalized operator is used to transform the evaluation results into percentile form. The standardization method can provide a relatively intuitive reference for security managers to understand the security status of information systems.

Key words: information system, security evaluation, standardization, compliance degree of security policy

CLC Number:

HAN Yanzheng, ZHANG Xugao , QIU Xiaorui , WANG Yong, JIANG Laiwei. Security evaluation standardization method for civil aviation information system [J]. Journal of Civil Aviation University of China, 2021, 39(3): 45-48.

[1]	许诗诗, 程杰. 关于计算机信息系统安全风险评估标准与方法的研究[J]. 数字通信世界, 2017(2): 149-150.
[2]	杨宏宇, 张旭高. 基于自修正系数修匀法的网络安全态势预测[J].通信学报, 2020, 41(5): 196-204.
[3]	杨宏宇, 王峰岩. 基于无监督多源数据特征解析的网络威胁态势评估[J].通信学报, 2020, 41(2): 143-154.
[4]	成翔. 信息系统安全态势评估与基于业务流程的风险控制方法[D].天津: 中国民航大学, 2016.
[5]	TURSKIS Z, GORANIN N, NURUSHEVA A, et al. Information securityrisk assessment in critical infrastructure: a hybrid MCDM approach[J].Informatica, 2019, 30(1): 187-211.
[6]	杨宏宇, 张旭高, 吕伟力. 基于矩阵修正方法的信息系统安全态势评估模型[J]. 清华大学学报(自然科学版), 2020, 60(5): 393-401.
[7]	吴晓平, 付钰. 信息安全风险评估教程[M]. 武汉: 武汉大学出版社,2011.

[1]	LIU Jie, LI Xue, XUE Siqi, AN Yuan, RAN Xia, YANG Lisong, ZHANG Xinxin, WANG Qing. A study of budget and cost management strategies for civil aviation information systems project portfolios [J]. Journal of Civil Aviation University of China, 2025, 43(6): 83-87.
[2]	HU Tieqiao, BI Ziwen. The design and realization of ADS-B receiver monitoring and testing software [J]. Journal of Civil Aviation University of China, 2022, 40(4): 10-16.
[3]	HE Yao, SHU Fumin, ZHENG Haowen. selection method of airport location based on GIS multi-factor weighted superposition [J]. Journal of Civil Aviation University of China, 2021, 39(4): 42-47.
[4]	GU Zhaojun, LIU Dongnan. Identity-based certificateless bilinear pairing key agreement scheme [J]. , 2019, 37(1): 55-59.
[5]	WU Renbiao, MA Yabing, WANG Xiaoliang. Design and implementation of flight plan evaluation systemfor general aviation [J]. , 2016, 34(6): 1-5.
[6]	SHAO Xian-zhi,YUAN Jie,YANG Shan,LING Jian-ming. Design and development of airport pavement management systembased on distributional application strategy [J]. , 2015, 33(5): 11-15.
[7]	WANG Jing,WANG Chen-guang,DING Jian-li,WANG Xi-yan. Research on design method of aviation cargo and equipment tracking system [J]. , 2014, 32(6): 29-32.

Security evaluation standardization method for civil aviation information system

Knowledge

Abstract

Cite this article

share this article

References 7

Related Articles 7

Recommended Articles

Metrics

Comments