• DocumentCode
    3232985
  • Title

    A method for system auditing based on baseline assessment

  • Author

    Zhang, Jianwu ; Xu, Guoai ; Yang, Yixian ; Guo, Shize

  • Author_Institution
    Key Lab. of Network & Inf. Attack & Defense Technol. of MOE, Beijing Univ. of Posts & Telecommun., Beijing, China
  • fYear
    2011
  • fDate
    27-29 May 2011
  • Firstpage
    568
  • Lastpage
    572
  • Abstract
    Common Criteria (CC) provides only the standard for evaluating information security product or system. CC based evaluation on system auditing is considered crucial for the overall evaluation and in trouble without an effective method; however, the information system is a large-scale complex system. It includes many uncertain factors, as software, hardware, people and so on. As a result, information systems security risk is related to many ambiguous factors, what are difficult to measure, with ambiguity. In this paper, a method for system auditing based on baseline assessment was presented, In our method, analytic hierarchy process is introduced, which could be used to evaluate the security situation of information system.
  • Keywords
    decision making; information systems; security of data; analytic hierarchy process; baseline assessment; common criteria; information security product; information system; large-scale complex system; system auditing; Hardware; IP networks; Protocols; Security; Syntactics; XML; analytical hierarchy process(AHP); baseline assessment; configration auditing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communication Software and Networks (ICCSN), 2011 IEEE 3rd International Conference on
  • Conference_Location
    Xi´an
  • Print_ISBN
    978-1-61284-485-5
  • Type

    conf

  • DOI
    10.1109/ICCSN.2011.6014334
  • Filename
    6014334
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3232985