关键词: 信息安全指标体系, 信息安全等级保护, 安全等级分配, 安全指数, 代价函数

Abstract: A multidimensional security index system was established by integrating information security measurements and allocation of information security levels. A quantitative level protection model based on security index was proposed. The security index of a system was evaluated by using a hierarchical method based on grading. The problem of security level allocation was abstracted as a kind of linear programming problem. Compared to models using conventional methods, the proposed model is more quantifiable and operable. The application of the model was illustrated with an example of a real information system.

Key words: information security index system, information security level protection, allocation of security level, security index, cost function