|
|
Assessment of Information Security Risk in Digital Libraries |
Huang Shuiqing Mao Yihong Xiong Jian |
(College of Information Science and Technology,Nanjing Agricultural University, Nanjing 210095,China) |
|
|
Abstract In accordance with the ISO27000 series standards, this paper proposes the measures of digital library information security risk assessment. On the basis of distinguishing and evaluating the digital library assets, threats and vulnerabilities, this paper calculates and analyzes the risks which digital library faces with, puts forward the measures of dividing risk levels, and forms the model of digital library information security risk assessment.
|
Received: 27 May 2010
Published: 19 September 2010
|
|
Corresponding Authors:
Huang Shuiqing
E-mail: sqhuang@njau.edu.cn
|
About author:: Huang Shuiqing Mao Yihong Xiong Jian |
[1] ISO/IEC 27001:2005, Information Technology—Security Techniques—Information Security Management Systems—Requirements[S].Geneva: International Organization for Standardization, 2005.
[2] 张红旗,王新昌,杨英杰,等.信息安全管理[M].北京:人民邮电出版社,2007:64-68.
[3] 范红.信息安全风险评估规范国家标准理解与实施[M].北京:中国标准出版社,2008:37-44.
[4] 赵战生,谢宗晓.信息安全风险评估:概念、方法和实践[M].北京:中国标准出版社,2007:46-60.
[5] GB/T 20984-2007,信息安全技术 信息安全风险评估规范[S].北京:国家质量监督检验检疫总局,2007. |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|