完整後設資料紀錄
DC 欄位語言
dc.contributor.author王秀文en_US
dc.contributor.authorHsiu-Wen wangen_US
dc.contributor.author羅濟群en_US
dc.contributor.authorChi-Chun Loen_US
dc.date.accessioned2014-12-12T02:18:29Z-
dc.date.available2014-12-12T02:18:29Z-
dc.date.issued2003en_US
dc.identifier.urihttp://140.113.39.130/cdrfb3/record/nctu/#GT009164514en_US
dc.identifier.urihttp://hdl.handle.net/11536/62646-
dc.description.abstract隨著網路科技的發達,使用資訊系統的規模,以及對資訊環境的依賴程度日益增加,使得共通作業環境安全的重要性逐漸突顯出來,針對資訊系統進行風險管理的概念便日漸受到重視。世界標準組織為此也特別出版了ISO / IEC 17799資訊技術──資訊安全管理實施要則,以便組織了解自身資訊安全需求,並進行風險評估。 基於上述原因,如何在共通作業環境下,建立一個符合國際標準相關規定的風險評估模式,是一個值得深入研究的範疇。根據ISO / IEC Guide 73的定義,風險管理包括風險評鑑、風險處理、風險承受與風險溝通,本論文將焦點鎖定在資訊資產的風險評鑑上,因此,針對資訊資產進行風險分析與風險評估,成為本論文討論主軸與研究目標。 本論文將應用RRF二階段式風險分析的方法論、導入修正後的Microsoft風險計算公式、結合AHP層級分析的決策模式,建立一個二階段式風險評估模型,最後以工研院電通所的風險分析自動化程式為藍圖,實作一個二階段式資訊資產風險評估模型。經過實驗評估,證明此模型能有效找出關鍵性的資訊資產,並排列出優先等級順序。zh_TW
dc.description.abstractThe concept of carrying on risk management to protect information system is more important today, because the development of network technology and the degree of dependence to the information environment increases and computer virus attacks. The international Organization for Standardization has published ISO / IEC 17799 Information Technology – Code of Practice for Information Security Management, to help the organization find their demand of information security and risk assessment. In this research, we will propose a two phase risk assess model which is based on RRF two stage risk analysis with Microsoft risk calculate formula and AHP decision mode to find out critical information assets and help enterprise build security protection effectively.en_US
dc.language.isozh_TWen_US
dc.subject資訊安全zh_TW
dc.subject風險評估zh_TW
dc.subject資產zh_TW
dc.subject資訊資產zh_TW
dc.subject弱點zh_TW
dc.subject威脅zh_TW
dc.subjectInformation Securityen_US
dc.subjectRisk Assessmenten_US
dc.subjectAssetsen_US
dc.subjectInformation Assetsen_US
dc.subjectVulnerabilityen_US
dc.subjectThreaten_US
dc.title一個針對共通作業環境中資訊資產風險評估模式zh_TW
dc.titleA Risk Assessment Model for Information Asset of Common Operation Environmenten_US
dc.typeThesisen_US
dc.contributor.department管理學院資訊管理學程zh_TW
顯示於類別:畢業論文