+

CN109840688A - A kind of electric power mobile terminal security appraisal procedure and device - Google Patents

A kind of electric power mobile terminal security appraisal procedure and device Download PDF

Info

Publication number
CN109840688A
CN109840688A CN201811617283.9A CN201811617283A CN109840688A CN 109840688 A CN109840688 A CN 109840688A CN 201811617283 A CN201811617283 A CN 201811617283A CN 109840688 A CN109840688 A CN 109840688A
Authority
CN
China
Prior art keywords
mobile terminal
security
power mobile
threat
index
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811617283.9A
Other languages
Chinese (zh)
Other versions
CN109840688B (en
Inventor
陈璐
陈牧
李尼格
马媛媛
邵志鹏
戴造建
李勇
张波
管小娟
华晔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Zhejiang Electric Power Co Ltd
Global Energy Interconnection Research Institute Co Ltd
Electric Power Research Institute of State Grid Zhejiang Electric Power Co Ltd
State Grid Corp of China SGCC
Original Assignee
State Grid Zhejiang Electric Power Co Ltd
Global Energy Interconnection Research Institute Co Ltd
Electric Power Research Institute of State Grid Zhejiang Electric Power Co Ltd
State Grid Corp of China SGCC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Zhejiang Electric Power Co Ltd, Global Energy Interconnection Research Institute Co Ltd, Electric Power Research Institute of State Grid Zhejiang Electric Power Co Ltd, State Grid Corp of China SGCC filed Critical State Grid Zhejiang Electric Power Co Ltd
Priority to CN201811617283.9A priority Critical patent/CN109840688B/en
Publication of CN109840688A publication Critical patent/CN109840688A/en
Application granted granted Critical
Publication of CN109840688B publication Critical patent/CN109840688B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Telephone Function (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明涉及一种电力移动终端安全评估方法及装置,包括:利用电力移动终端的安全威胁的威胁指数获取电力移动终端的安全指数;利用所述电力移动终端的安全指数对电力移动终端进行安全评估。本发明提供的技术方案,通过利用电力移动终端的安全指数对电力移动终端进行安全评估,减少电力移动终端的安全威胁带来的负面影响,降低潜在问题发生的可能性,保证了电力移动终端的安全稳定运行。

The invention relates to a security assessment method and device for a power mobile terminal, comprising: obtaining a security index of the power mobile terminal by using the threat index of the security threat of the power mobile terminal; and using the security index of the power mobile terminal to perform a security assessment on the power mobile terminal . The technical scheme provided by the present invention reduces the negative impact brought by the security threat of the power mobile terminal, reduces the possibility of potential problems, and ensures the safety of the power mobile terminal by using the security index of the power mobile terminal to conduct security assessment on the power mobile terminal. Safe and stable operation.

Description

A kind of electric power mobile terminal security appraisal procedure and device
Technical field
The present invention relates to mobile application security fields, and in particular to a kind of electric power mobile terminal security appraisal procedure and dress It sets.
Background technique
With quickly propelling for electric network information process, electric power mobile business also in high speed development, realizes business information Real-time flowing and shared.It is moved currently, some mobile applications are divided into the mobile class of jobs of Intranet, the mobile cooperation class of outer net and internet Dynamic service class.Intranet moves class of jobs, mainly there is O&M maintenance, marketing operation and inventory etc.;The mobile cooperation class of outer net, it is main There is mobile operation of enterprise's letter, PMS2.0 outer net etc. not to be related to the outer net mobile service of company trade secrets;Internet Information Mobile Service Class mainly has the Internet services such as 95598, state net store, electricity transaction, financial property insurance.
The work that is widely used as we of these mobile applications in power grid scope brings great convenience, while also drawing A large amount of Information Security Risk is entered.Recently it emerges one after another for the attack technology of electric power mobile terminal and threat mode, it is mobile The security threat that terminal user is faced is growing day by day, therefore carries out security threat analysis and assessment to electric power mobile terminal system It is very necessary.
But there is also following deficiencies for the existing assessment for mobile terminal: electric power mobile terminal more stores personal hidden The contents such as private, enterprise's sensitive information have complicated hierarchical relationship between each element of terminal security risk, consider single Assets, single threat value, the relationship between synthetic threat value are comprehensive not enough;Lack reasonable electric power mobile terminal security assessment Index, security threat are not yet corresponding with evaluation index;The analysis for lacking the working scene for electric power mobile terminal, can not be from peace The angle of full risk resolution formulates effective Safeguard tactics.
Summary of the invention
In view of the deficiencies of the prior art, the electric power mobile terminal based on analytic hierarchy process (AHP) that the object of the present invention is to provide a kind of Safety evaluation method and device obtain electric power mobile terminal by the threat index of the security threat using electric power mobile terminal Safety index carries out security evaluation to electric power mobile terminal using the safety index of the electric power mobile terminal, reduces electric power and move The security threat bring negative effect of dynamic terminal, reduces a possibility that potential problems occur, ensure that electric power mobile terminal Safe and stable operation.
The purpose of the present invention is adopt the following technical solutions realization:
A kind of electric power mobile terminal security appraisal procedure, it is improved in that the described method includes:
The safety index of electric power mobile terminal is obtained using the threat index of the security threat of electric power mobile terminal;
Security evaluation is carried out to electric power mobile terminal using the safety index of the electric power mobile terminal.
Preferably, the threat index of the security threat using electric power mobile terminal obtains the safety of electric power mobile terminal Before index, comprising:
Determine that i-th kind of security threat of electric power mobile terminal causes at the loss amount nondimensionalization of jth kind consequence as the following formula Reason value vi,j*:
In above formula, i ∈ [1, N], N are total type of the security threat of electric power mobile terminal, j ∈ [1, M], k ∈ [1, M], M Total type of consequence caused by security threat for electric power mobile terminal;vi,jIt is made for i-th kind of security threat of electric power mobile terminal At the loss amount of jth kind consequence,The loss amount of consequence caused by i-th kind of security threat for electric power mobile terminal Maximum value;
The threat index T of i-th kind of security threat of electric power mobile terminal is determined as the following formulai:
In above formula, WjThe weight of jth kind consequence, P caused by security threat for electric power mobile terminaliFor electric power mobile end The probability that i-th kind of security threat at end occurs.
Preferably, the threat index of the security threat using electric power mobile terminal obtains the safety of electric power mobile terminal Index, comprising:
S1. selection is more than or equal to the security threat of the corresponding electric power mobile terminal of threat index of secure threshold;
S2. the safety of the electric power mobile terminal is obtained using the threat index of the security threat of the electric power mobile terminal Threaten the weight coefficient of influenced index of security assessment generic;
S3. the weight system of the index of security assessment generic influenced using the security threat of the electric power mobile terminal Number obtains the safety index of electric power mobile terminal.
Further, the step S2, comprising:
S2-1. determine the index of security assessment generic a's that the security threat of electric power mobile terminal is influenced as the following formula Threat index Za:
In above formula, index of security assessment generic that a ∈ [1, A], A are influenced by the security threat of electric power mobile terminal Total type;b∈[1,Ba], BaIt is electric in the index of security assessment generic a influenced by the security threat of electric power mobile terminal The total quantity for the index of security assessment that the security threat of power mobile terminal is influenced;Ta,bFor the security threat of electric power mobile terminal The security evaluation that the security threat of b-th of electric power mobile terminal is influenced in the index of security assessment generic a influenced refers to Mark the threat index of the security threat of corresponding electric power mobile terminal;
S2-2. the threat of the index of security assessment generic influenced according to the security threat of the electric power mobile terminal The affiliated class of index of security assessment that index influences the security threat of the electric power mobile terminal according to sequence from big to small It is not ranked up, obtains the index of security assessment generic sequence that the security threat of electric power mobile terminal is influenced;
S2-3. the index of security assessment generic sequence that the security threat of electric power mobile terminal is influenced is determined as the following formula The weight coefficient Y for the index of security assessment generic d that the security threat of middle electric power mobile terminal is influencedd:
In above formula, rdIt is electric in the index of security assessment generic sequence influenced by the security threat of electric power mobile terminal The different degree for the index of security assessment generic d that the security threat of power mobile terminal is influenced,D ∈ [1, D], D The safety of electric power mobile terminal in the index of security assessment generic sequence influenced by the security threat of electric power mobile terminal Threaten the serial number maximum value of influenced index of security assessment generic.
Specifically, the step S3, comprising:
Matrix G is set as the following formula:
G=[Y1,Y2, Yd,···,YD]
The safety index S of electric power mobile terminal is determined as the following formula:
S=G β
In above formula, β is fragility coefficient matrix, whereinβdFor the security threat institute shadow of electric power mobile terminal The fragile property coefficient of loud index of security assessment generic d.
Preferably, the safety index of the electric power mobile terminal is directly proportional to the safety of the electric power mobile terminal.
A kind of electric power mobile terminal security assessment device, it is improved in that described device includes:
Acquiring unit obtains the peace of electric power mobile terminal for the threat index of the security threat using electric power mobile terminal Total index number;
Assessment unit carries out safety to electric power mobile terminal for the safety index using the electric power mobile terminal and comments Estimate.
Preferably, described device, further includes:
First determination unit, for determining that i-th kind of security threat of electric power mobile terminal causes jth kind consequence as the following formula Loss amount nondimensionalization processing costs vi,j*:
In above formula, i ∈ [1, N], N are total type of the security threat of electric power mobile terminal, j ∈ [1, M], k ∈ [1, M], M Total type of consequence caused by security threat for electric power mobile terminal;vi,jIt is made for i-th kind of security threat of electric power mobile terminal At the loss amount of jth kind consequence,The loss amount of consequence caused by i-th kind of security threat for electric power mobile terminal Maximum value;
Second determination unit, the threat index T of i-th kind of security threat for determining electric power mobile terminal as the following formulai:
In above formula, WjThe weight of jth kind consequence, P caused by security threat for electric power mobile terminaliFor electric power mobile end The probability that i-th kind of security threat at end occurs.
Preferably, the acquiring unit, comprising:
Selecting module, for selecting the safe prestige of the corresponding electric power mobile terminal of threat index more than or equal to secure threshold The side of body;
First obtains module, and the threat index for the security threat using the electric power mobile terminal obtains the electric power The weight coefficient for the index of security assessment generic that the security threat of mobile terminal is influenced;
Second obtains module, the index of security assessment institute for being influenced using the security threat of the electric power mobile terminal The weight coefficient for belonging to classification obtains the safety index of electric power mobile terminal.
Further, described first module is obtained, comprising:
First determines submodule, and the security evaluation for determining that the security threat of electric power mobile terminal is influenced as the following formula refers to Mark the threat index Z of generic aa:
In above formula, index of security assessment generic that a ∈ [1, A], A are influenced by the security threat of electric power mobile terminal Total type;b∈[1,Ba], BaIt is electric in the index of security assessment generic a influenced by the security threat of electric power mobile terminal The total quantity for the index of security assessment that the security threat of power mobile terminal is influenced;Ta,bFor the security threat of electric power mobile terminal The security evaluation that the security threat of b-th of electric power mobile terminal is influenced in the index of security assessment generic a influenced refers to Mark the threat index of the security threat of corresponding electric power mobile terminal;
First acquisition submodule, the index of security assessment for being influenced according to the security threat of the electric power mobile terminal The safety that the threat index of generic influences the security threat of the electric power mobile terminal according to sequence from big to small Evaluation index generic is ranked up, and obtains the affiliated class of index of security assessment that the security threat of electric power mobile terminal is influenced Other sequence;
Second determines submodule, and the security evaluation for determining that the security threat of electric power mobile terminal is influenced as the following formula refers to The weight coefficient for the index of security assessment generic d that the security threat of electric power mobile terminal is influenced in mark generic sequence Yd:
In above formula, rdIt is electric in the index of security assessment generic sequence influenced by the security threat of electric power mobile terminal The different degree for the index of security assessment generic d that the security threat of power mobile terminal is influenced,D ∈ [1, D], D The safety of electric power mobile terminal in the index of security assessment generic sequence influenced by the security threat of electric power mobile terminal Threaten the serial number maximum value of influenced index of security assessment generic.
Specifically, described second obtains module, comprising:
Submodule is set, for matrix G to be arranged as the following formula:
G=[Y1,Y2, Yd,···,YD]
Third determines submodule, for determining the safety index S of electric power mobile terminal as the following formula:
S=G β
In above formula, β is fragility coefficient matrix, whereinβdFor the security threat institute shadow of electric power mobile terminal The fragile property coefficient of loud index of security assessment generic d.
Preferably, the safety index of the electric power mobile terminal is directly proportional to the safety of the electric power mobile terminal.
Compared with the immediate prior art, the invention has the benefit that
Technical solution provided by the invention obtains electric power by the threat index of the security threat using electric power mobile terminal The safety index of mobile terminal carries out security evaluation to electric power mobile terminal using the safety index of the electric power mobile terminal, Corresponding safety measure can be taken according to assessment result, and is targetedly disposed, and the peace of electric power mobile terminal is reduced It is complete to threaten bring negative effect, a possibility that potential problems occur is reduced, ensure that the safety and stability fortune of electric power mobile terminal Row.
Detailed description of the invention
Fig. 1 is a kind of flow diagram of electric power mobile terminal security appraisal procedure in the embodiment of the present invention;
Fig. 2 is a kind of structural schematic diagram of electric power mobile terminal security assessment device in the embodiment of the present invention.
Specific embodiment
Specific embodiments of the present invention will be described in further detail with reference to the accompanying drawing.
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art All other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
The present invention provides a kind of electric power mobile terminal security appraisal procedures, as shown in Figure 1, which comprises
The safety index of electric power mobile terminal is obtained using the threat index of the security threat of electric power mobile terminal;
Security evaluation is carried out to electric power mobile terminal using the safety index of the electric power mobile terminal.
Further, the threat index of the security threat using electric power mobile terminal obtains the peace of electric power mobile terminal Before total index number, comprising:
Determine that i-th kind of security threat of electric power mobile terminal causes at the loss amount nondimensionalization of jth kind consequence as the following formula Reason value vi,j*:
In above formula, i ∈ [1, N], N are total type of the security threat of electric power mobile terminal, j ∈ [1, M], k ∈ [1, M], M Total type of consequence caused by security threat for electric power mobile terminal;vi,jIt is made for i-th kind of security threat of electric power mobile terminal At the loss amount of jth kind consequence,The loss amount of consequence caused by i-th kind of security threat for electric power mobile terminal Maximum value;
The threat index T of i-th kind of security threat of electric power mobile terminal is determined as the following formulai:
In above formula, WjThe weight of jth kind consequence, P caused by security threat for electric power mobile terminaliFor electric power mobile end The probability that i-th kind of security threat at end occurs.
For example, consequence caused by the security threat of electric power mobile terminal can be with are as follows: not can be carried out key operation, loss production Power, damages public reputation and endangers public security loss income.
Further, the threat index of the security threat using electric power mobile terminal obtains the peace of electric power mobile terminal Total index number, comprising:
S1. selection is more than or equal to the security threat of the corresponding electric power mobile terminal of threat index of secure threshold;
S2. the safety of the electric power mobile terminal is obtained using the threat index of the security threat of the electric power mobile terminal Threaten the weight coefficient of influenced index of security assessment generic;
S3. the weight system of the index of security assessment generic influenced using the security threat of the electric power mobile terminal Number obtains the safety index of electric power mobile terminal.
Specifically, the step S2, comprising:
S2-1. determine the index of security assessment generic a's that the security threat of electric power mobile terminal is influenced as the following formula Threat index Za:
In above formula, index of security assessment generic that a ∈ [1, A], A are influenced by the security threat of electric power mobile terminal Total type;b∈[1,Ba], BaIt is electric in the index of security assessment generic a influenced by the security threat of electric power mobile terminal The total quantity for the index of security assessment that the security threat of power mobile terminal is influenced;Ta,bFor the security threat of electric power mobile terminal The security evaluation that the security threat of b-th of electric power mobile terminal is influenced in the index of security assessment generic a influenced refers to Mark the threat index of the security threat of corresponding electric power mobile terminal;
For example, the security evaluation analytical table of electric power mobile terminal as shown in Table 1, lists some electrical power mobile terminal Security threat, the security threat index of security assessment influenced of electric power mobile terminal and the security threat institute of electric power mobile terminal The index of security assessment generic of influence utilizes the threat index of the security threat of the electric power mobile terminal of above method acquisition The threat index of the index of security assessment generic influenced with the security threat of electric power mobile terminal.
The security evaluation analytical table of 1 electric power mobile terminal of table
S2-2. the threat of the index of security assessment generic influenced according to the security threat of the electric power mobile terminal The affiliated class of index of security assessment that index influences the security threat of the electric power mobile terminal according to sequence from big to small It is not ranked up, obtains the index of security assessment generic sequence that the security threat of electric power mobile terminal is influenced;
S2-3. the index of security assessment generic sequence that the security threat of electric power mobile terminal is influenced is determined as the following formula The weight coefficient Y for the index of security assessment generic d that the security threat of middle electric power mobile terminal is influencedd:
In above formula, rdIt is electric in the index of security assessment generic sequence influenced by the security threat of electric power mobile terminal The different degree for the index of security assessment generic d that the security threat of power mobile terminal is influenced,D ∈ [1, D], D The safety of electric power mobile terminal in the index of security assessment generic sequence influenced by the security threat of electric power mobile terminal Threaten the serial number maximum value of influenced index of security assessment generic.
Further, the safety index of the electric power mobile terminal is directly proportional to the safety of the electric power mobile terminal.
For example, can be obtained using the above method: the security evaluation that the security threat of the electric power mobile terminal in table 1 is influenced refers to Mark generic hardware classes, network class, system class, using class, data class, perception class and manage class weight coefficient be respectively 0.1097,0.1975,0.1975,0.1975,0.1097,0.1097 and 0.0784;
Specifically, the step S3, comprising:
Matrix G is set as the following formula:
G=[Y1,Y2, Yd,···,YD]
For example, G=[0.1097,0.1975,0.1975,0.1975,0.1097,0.1097,0.0784]
The safety index S of electric power mobile terminal is determined as the following formula:
S=G β
In above formula, β is fragility coefficient matrix, whereinβdFor the security threat institute shadow of electric power mobile terminal The fragile property coefficient of loud index of security assessment generic d.
For example, the index of security assessment influenced using the security threat that Field Using Fuzzy Comprehensive Assessment obtains electric power mobile terminal Generic hardware classes, network class, system class, using class, data class, perception class and manage the fragile property coefficient of class be respectively 2, 6,4,2,7,5 and 1, then
The final safety index S=3.9842 for obtaining electric power mobile terminal;
If the safety index of electric power mobile terminal belongs to first threshold range, the security evaluation of the electric power mobile terminal It as a result is very poor;
If the safety index of electric power mobile terminal belongs to second threshold range, the security evaluation of the electric power mobile terminal It as a result is poor;
If the safety index of electric power mobile terminal belongs to third threshold range, the security evaluation of the electric power mobile terminal It as a result is general;
If the safety index of electric power mobile terminal belongs to the 4th threshold range, the security evaluation of the electric power mobile terminal It as a result is good;
If the safety index of electric power mobile terminal belongs to the 5th threshold range, the security evaluation of the electric power mobile terminal It as a result is outstanding.
Such as: if the safety index of electric power mobile terminal belong to [0,3), then the security evaluation knot of the electric power mobile terminal Fruit is very poor;
If the safety index of electric power mobile terminal belong to [3,6), then the security assessment result of the electric power mobile terminal is Difference;
If the safety index of electric power mobile terminal belong to [6,7), then the security assessment result of the electric power mobile terminal is Generally;
If the safety index of electric power mobile terminal belong to [7,9), then the security assessment result of the electric power mobile terminal is Well;
If the safety index of electric power mobile terminal belong to [9,10), then the security assessment result of the electric power mobile terminal is It is outstanding.
Due to the safety index S=3.9842 of electric power mobile terminal, then the security assessment result of the electric power mobile terminal For difference.
Electric power mobile terminal security index is divided into hardware classes, network class, system class, application by embodiment provided by the invention Class, data class, perception class and management class cover two aspect of electric power mobile terminal inherently safe and security management and control, and can be directed to The features such as electric power mobile terminal data is sensitive, business is crucial.
The present invention also provides a kind of electric power mobile terminal securities to assess device, as shown in Fig. 2, described device includes:
Acquiring unit obtains the peace of electric power mobile terminal for the threat index of the security threat using electric power mobile terminal Total index number;
Assessment unit carries out safety to electric power mobile terminal for the safety index using the electric power mobile terminal and comments Estimate.
Further, described device, further includes:
First determination unit, for determining that i-th kind of security threat of electric power mobile terminal causes jth kind consequence as the following formula Loss amount nondimensionalization processing costs vi,j*:
In above formula, i ∈ [1, N], N are total type of the security threat of electric power mobile terminal, j ∈ [1, M], k ∈ [1, M], M Total type of consequence caused by security threat for electric power mobile terminal;vi,jIt is made for i-th kind of security threat of electric power mobile terminal At the loss amount of jth kind consequence,The loss amount of consequence caused by i-th kind of security threat for electric power mobile terminal Maximum value;
Second determination unit, the threat index T of i-th kind of security threat for determining electric power mobile terminal as the following formulai:
In above formula, WjThe weight of jth kind consequence, P caused by security threat for electric power mobile terminaliFor electric power mobile end The probability that i-th kind of security threat at end occurs.
Further, the acquiring unit, comprising:
Selecting module, for selecting the safe prestige of the corresponding electric power mobile terminal of threat index more than or equal to secure threshold The side of body;
First obtains module, and the threat index for the security threat using the electric power mobile terminal obtains the electric power The weight coefficient for the index of security assessment generic that the security threat of mobile terminal is influenced;
Second obtains module, the index of security assessment institute for being influenced using the security threat of the electric power mobile terminal The weight coefficient for belonging to classification obtains the safety index of electric power mobile terminal.
Specifically, described first obtains module, comprising:
First determines submodule, and the security evaluation for determining that the security threat of electric power mobile terminal is influenced as the following formula refers to Mark the threat index Z of generic aa:
In above formula, index of security assessment generic that a ∈ [1, A], A are influenced by the security threat of electric power mobile terminal Total type;b∈[1,Ba], BaIt is electric in the index of security assessment generic a influenced by the security threat of electric power mobile terminal The total quantity for the index of security assessment that the security threat of power mobile terminal is influenced;Ta,bFor the security threat of electric power mobile terminal The security evaluation that the security threat of b-th of electric power mobile terminal is influenced in the index of security assessment generic a influenced refers to Mark the threat index of the security threat of corresponding electric power mobile terminal;
First acquisition submodule, the index of security assessment for being influenced according to the security threat of the electric power mobile terminal The safety that the threat index of generic influences the security threat of the electric power mobile terminal according to sequence from big to small Evaluation index generic is ranked up, and obtains the affiliated class of index of security assessment that the security threat of electric power mobile terminal is influenced Other sequence;
Second determines submodule, and the security evaluation for determining that the security threat of electric power mobile terminal is influenced as the following formula refers to The weight coefficient for the index of security assessment generic d that the security threat of electric power mobile terminal is influenced in mark generic sequence Yd:
In above formula, rdIt is electric in the index of security assessment generic sequence influenced by the security threat of electric power mobile terminal The different degree for the index of security assessment generic d that the security threat of power mobile terminal is influenced,D ∈ [1, D], D The safety of electric power mobile terminal in the index of security assessment generic sequence influenced by the security threat of electric power mobile terminal Threaten the serial number maximum value of influenced index of security assessment generic.
Specifically, described second obtains module, comprising:
Submodule is set, for matrix G to be arranged as the following formula:
G=[Y1,Y2, Yd,···,YD]
Third determines submodule, for determining the safety index S of electric power mobile terminal as the following formula:
S=G β
In above formula, β is fragility coefficient matrix, whereinβdFor the security threat institute shadow of electric power mobile terminal The fragile property coefficient of loud index of security assessment generic d.
Further, the safety index of the electric power mobile terminal is directly proportional to the safety of the electric power mobile terminal.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
Finally it should be noted that: the above embodiments are merely illustrative of the technical scheme of the present invention and are not intended to be limiting thereof, to the greatest extent Invention is explained in detail referring to above-described embodiment for pipe, it should be understood by those ordinary skilled in the art that: still It can be with modifications or equivalent substitutions are made to specific embodiments of the invention, and without departing from any of spirit and scope of the invention Modification or equivalent replacement, should all cover within the scope of the claims of the present invention.

Claims (12)

1.一种电力移动终端安全评估方法,其特征在于,所述方法包括:1. A method for evaluating the safety of a power mobile terminal, wherein the method comprises: 利用电力移动终端的安全威胁的威胁指数获取电力移动终端的安全指数;Obtain the security index of the power mobile terminal by using the threat index of the security threat of the power mobile terminal; 利用所述电力移动终端的安全指数对电力移动终端进行安全评估。The safety evaluation of the electric power mobile terminal is performed by using the safety index of the electric power mobile terminal. 2.如权利要求1所述的方法,其特征在于,所述利用电力移动终端的安全威胁的威胁指数获取电力移动终端的安全指数之前,包括:2. The method according to claim 1, wherein before obtaining the security index of the power mobile terminal by using the threat index of the security threat of the power mobile terminal, the method comprises: 按下式确定电力移动终端的第i种安全威胁造成第j种后果的损失量无量纲化处理值vi,j*:Determine the loss of the jth consequence caused by the ith security threat of the power mobile terminal as follows: 上式中,i∈[1,N],N为电力移动终端的安全威胁的总种类,j∈[1,M],k∈[1,M],M为电力移动终端的安全威胁造成的后果的总种类;vi,j为电力移动终端的第i种安全威胁造成第j种后果的损失量,为电力移动终端的第i种安全威胁造成的后果的损失量最大值;In the above formula, i∈[1,N], N is the total type of security threats to the power mobile terminal, j∈[1,M], k∈[1,M], M is the security threat caused by the power mobile terminal The total types of consequences; vi ,j is the loss amount of the jth consequence caused by the ith security threat of the power mobile terminal, The maximum value of the loss amount of the consequences caused by the ith security threat of the power mobile terminal; 按下式确定电力移动终端的第i种安全威胁的威胁指数TiThe threat index T i of the ith security threat of the power mobile terminal is determined as follows: 上式中,Wj为电力移动终端的安全威胁造成的第j种后果的权重,Pi为电力移动终端的第i种安全威胁发生的概率。In the above formula, W j is the weight of the jth consequence caused by the security threat of the power mobile terminal, and P i is the probability of the ith security threat of the power mobile terminal occurring. 3.如权利要求1所述的方法,其特征在于,所述利用电力移动终端的安全威胁的威胁指数获取电力移动终端的安全指数,包括:3. The method according to claim 1, wherein the obtaining the security index of the power mobile terminal by using the threat index of the security threat of the power mobile terminal comprises: S1.选择大于等于安全阈值的威胁指数对应的电力移动终端的安全威胁;S1. Select the security threat of the power mobile terminal corresponding to the threat index greater than or equal to the security threshold; S2.利用所述电力移动终端的安全威胁的威胁指数获取所述电力移动终端的安全威胁所影响的安全评估指标所属类别的权重系数;S2. Use the threat index of the security threat of the power mobile terminal to obtain the weight coefficient of the category to which the security assessment index affected by the security threat of the power mobile terminal belongs; S3.利用所述电力移动终端的安全威胁所影响的安全评估指标所属类别的权重系数获取电力移动终端的安全指数。S3. Obtain the security index of the power mobile terminal by using the weight coefficient of the category to which the security evaluation index affected by the security threat of the power mobile terminal belongs. 4.如权利要3所述的方法,其特征在于,所述步骤S2,包括:4. The method according to claim 3, wherein the step S2 comprises: S2-1.按下式确定电力移动终端的安全威胁所影响的安全评估指标所属类别a的威胁指数ZaS2-1. Determine the threat index Z a of the category a to which the security assessment index affected by the security threat of the power mobile terminal belongs to the following formula: 上式中,a∈[1,A],A为电力移动终端的安全威胁所影响的安全评估指标所属类别的总种类;b∈[1,Ba],Ba为电力移动终端的安全威胁所影响的安全评估指标所属类别a中电力移动终端的安全威胁所影响的安全评估指标的总数量;Ta,b为电力移动终端的安全威胁所影响的安全评估指标所属类别a中第b个电力移动终端的安全威胁所影响的安全评估指标对应的电力移动终端的安全威胁的威胁指数;In the above formula, a∈[1,A], A is the total category of the security assessment index affected by the security threat of the power mobile terminal; b∈[1,B a ], B a is the security threat of the power mobile terminal The total number of security assessment indicators affected by the security threat of the power mobile terminal in the category a of the affected security assessment index; T a, b are the bth in the category a of the security assessment index affected by the security threat of the power mobile terminal The threat index of the security threat of the power mobile terminal corresponding to the security assessment index affected by the security threat of the power mobile terminal; S2-2.根据所述电力移动终端的安全威胁所影响的安全评估指标所属类别的威胁指数按照从大到小的顺序对所述电力移动终端的安全威胁所影响的安全评估指标所属类别进行排序,获取电力移动终端的安全威胁所影响的安全评估指标所属类别序列;S2-2. According to the threat index of the category of the security assessment index affected by the security threat of the electric power mobile terminal, sort the category of the security assessment index affected by the security threat of the electric power mobile terminal in descending order , to obtain the category sequence of the security assessment indicators affected by the security threat of the power mobile terminal; S2-3.按下式确定电力移动终端的安全威胁所影响的安全评估指标所属类别序列中电力移动终端的安全威胁所影响的安全评估指标所属类别d的权重系数YdS2-3. Determine the weight coefficient Y d of the category d to which the security assessment index affected by the security threat of the power mobile terminal belongs in the category sequence of the security assessment index affected by the security threat of the power mobile terminal as follows: 上式中,rd为电力移动终端的安全威胁所影响的安全评估指标所属类别序列中电力移动终端的安全威胁所影响的安全评估指标所属类别d的重要度,d∈[1,D],D为电力移动终端的安全威胁所影响的安全评估指标所属类别序列中电力移动终端的安全威胁所影响的安全评估指标所属类别的序号最大值。In the above formula, r d is the importance of the category d of the security assessment index affected by the security threat of the power mobile terminal in the category sequence of the security assessment index affected by the security threat of the power mobile terminal, d∈[1,D], D is the maximum sequence number of the category to which the security assessment index affected by the security threat of the power mobile terminal belongs in the category sequence to which the security assessment index affected by the security threat of the power mobile terminal belongs. 5.如权利要求4所述的方法,其特征在于,所述步骤S3,包括:5. The method of claim 4, wherein the step S3 comprises: 按下式设置矩阵G:Set up matrix G as follows: G=[Y1,Y2,…,Yd,…,YD]G=[Y 1 ,Y 2 ,...,Y d ,...,Y D ] 按下式确定电力移动终端的安全指数S:The safety index S of the power mobile terminal is determined as follows: S=G·βS=G·β 上式中,β为脆弱性系数矩阵,其中,βd为电力移动终端的安全威胁所影响的安全评估指标所属类别d的脆弱性系数。In the above formula, β is the vulnerability coefficient matrix, where, β d is the vulnerability coefficient of category d to which the security assessment index affected by the security threat of the power mobile terminal belongs. 6.如权利要求1所述的方法,其特征在于,所述电力移动终端的安全指数与所述电力移动终端的安全性成正比。6. The method of claim 1, wherein the security index of the power mobile terminal is proportional to the security of the power mobile terminal. 7.一种电力移动终端安全评估装置,其特征在于,所述装置包括:7. A power mobile terminal security assessment device, wherein the device comprises: 获取单元,用于利用电力移动终端的安全威胁的威胁指数获取电力移动终端的安全指数;an obtaining unit, configured to obtain the security index of the power mobile terminal by using the threat index of the security threat of the power mobile terminal; 评估单元,用于利用所述电力移动终端的安全指数对电力移动终端进行安全评估。An evaluation unit, configured to perform safety evaluation on the electric mobile terminal by using the safety index of the electric mobile terminal. 8.如权利要求7所述的装置,其特征在于,所述装置,还包括:8. The apparatus of claim 7, wherein the apparatus further comprises: 第一确定单元,用于按下式确定电力移动终端的第i种安全威胁造成第j种后果的损失量无量纲化处理值vi,j*:The first determination unit is used to determine the non-dimensionalized processing value v i,j * of the loss amount of the jth consequence caused by the ith security threat of the power mobile terminal as follows: 上式中,i∈[1,N],N为电力移动终端的安全威胁的总种类,j∈[1,M],k∈[1,M],M为电力移动终端的安全威胁造成的后果的总种类;vi,j为电力移动终端的第i种安全威胁造成第j种后果的损失量,为电力移动终端的第i种安全威胁造成的后果的损失量最大值;In the above formula, i∈[1,N], N is the total type of security threats to the power mobile terminal, j∈[1,M], k∈[1,M], M is the security threat caused by the power mobile terminal The total types of consequences; vi ,j is the loss amount of the jth consequence caused by the ith security threat of the power mobile terminal, The maximum value of the loss amount of the consequences caused by the i-th security threat of the power mobile terminal; 第二确定单元,用于按下式确定电力移动终端的第i种安全威胁的威胁指数TiThe second determination unit is configured to determine the threat index T i of the i-th security threat of the power mobile terminal as follows: 上式中,Wj为电力移动终端的安全威胁造成的第j种后果的权重,Pi为电力移动终端的第i种安全威胁发生的概率。In the above formula, W j is the weight of the jth consequence caused by the security threat of the power mobile terminal, and P i is the probability of the ith security threat of the power mobile terminal occurring. 9.如权利要求7所述的装置,其特征在于,所述获取单元,包括:9. The apparatus of claim 7, wherein the acquiring unit comprises: 选择模块,用于选择大于等于安全阈值的威胁指数对应的电力移动终端的安全威胁;The selection module is used to select the security threat of the power mobile terminal corresponding to the threat index greater than or equal to the security threshold; 第一获取模块,用于利用所述电力移动终端的安全威胁的威胁指数获取所述电力移动终端的安全威胁所影响的安全评估指标所属类别的权重系数;a first obtaining module, configured to use the threat index of the security threat of the power mobile terminal to obtain the weight coefficient of the category to which the security assessment index affected by the security threat of the power mobile terminal belongs; 第二获取模块,用于利用所述电力移动终端的安全威胁所影响的安全评估指标所属类别的权重系数获取电力移动终端的安全指数。The second obtaining module is configured to obtain the safety index of the power mobile terminal by using the weight coefficient of the category to which the security evaluation index affected by the security threat of the power mobile terminal belongs. 10.如权利要9所述的装置,其特征在于,所述第一获取模块,包括:10. The apparatus according to claim 9, wherein the first obtaining module comprises: 第一确定子模块,用于按下式确定电力移动终端的安全威胁所影响的安全评估指标所属类别a的威胁指数ZaThe first determination submodule is used to determine the threat index Z a of the category a to which the security assessment index affected by the security threat of the power mobile terminal belongs to the following formula: 上式中,a∈[1,A],A为电力移动终端的安全威胁所影响的安全评估指标所属类别的总种类;b∈[1,Ba],Ba为电力移动终端的安全威胁所影响的安全评估指标所属类别a中电力移动终端的安全威胁所影响的安全评估指标的总数量;Ta,b为电力移动终端的安全威胁所影响的安全评估指标所属类别a中第b个电力移动终端的安全威胁所影响的安全评估指标对应的电力移动终端的安全威胁的威胁指数;In the above formula, a∈[1,A], A is the total category of the security assessment index affected by the security threat of the power mobile terminal; b∈[1,B a ], B a is the security threat of the power mobile terminal The total number of security assessment indicators affected by the security threat of the power mobile terminal in the category a of the affected security assessment index; T a, b are the bth in the category a of the security assessment index affected by the security threat of the power mobile terminal The threat index of the security threat of the power mobile terminal corresponding to the security assessment index affected by the security threat of the power mobile terminal; 第一获取子模块,用于根据所述电力移动终端的安全威胁所影响的安全评估指标所属类别的威胁指数按照从大到小的顺序对所述电力移动终端的安全威胁所影响的安全评估指标所属类别进行排序,获取电力移动终端的安全威胁所影响的安全评估指标所属类别序列;The first obtaining sub-module is used for the security assessment index affected by the security threat of the electric power mobile terminal in descending order according to the threat index of the category to which the security assessment index affected by the security threat of the electric power mobile terminal belongs Sort by category, and obtain the category sequence of the security assessment indicators affected by the security threat of the power mobile terminal; 第二确定子模块,用于按下式确定电力移动终端的安全威胁所影响的安全评估指标所属类别序列中电力移动终端的安全威胁所影响的安全评估指标所属类别d的权重系数YdThe second determination sub-module is used to determine the weight coefficient Y d of the category d of the security assessment index affected by the security threat of the electric power mobile terminal in the category sequence of the security assessment index affected by the security threat of the electric power mobile terminal as follows: 上式中,rd为电力移动终端的安全威胁所影响的安全评估指标所属类别序列中电力移动终端的安全威胁所影响的安全评估指标所属类别d的重要度,d∈[1,D],D为电力移动终端的安全威胁所影响的安全评估指标所属类别序列中电力移动终端的安全威胁所影响的安全评估指标所属类别的序号最大值。In the above formula, r d is the importance of the category d of the security assessment index affected by the security threat of the power mobile terminal in the category sequence of the security assessment index affected by the security threat of the power mobile terminal, d∈[1,D], D is the maximum sequence number of the category to which the security assessment index affected by the security threat of the power mobile terminal belongs in the category sequence to which the security assessment index affected by the security threat of the power mobile terminal belongs. 11.如权利要求10所述的装置,其特征在于,所述第二获取模块,包括:11. The apparatus of claim 10, wherein the second acquiring module comprises: 设置子模块,用于按下式设置矩阵G:The setup submodule is used to setup matrix G as follows: G=[Y1,Y2,…,Yd,…,YD]G=[Y 1 ,Y 2 ,...,Y d ,...,Y D ] 第三确定子模块,用于按下式确定电力移动终端的安全指数S:The third determination sub-module is used to determine the safety index S of the power mobile terminal as follows: S=G·βS=G·β 上式中,β为脆弱性系数矩阵,其中,βd为电力移动终端的安全威胁所影响的安全评估指标所属类别d的脆弱性系数。In the above formula, β is the vulnerability coefficient matrix, where, β d is the vulnerability coefficient of category d to which the security assessment index affected by the security threat of the power mobile terminal belongs. 12.如权利要求7所述的装置,其特征在于,所述电力移动终端的安全指数与所述电力移动终端的安全性成正比。12. The apparatus of claim 7, wherein the security index of the power mobile terminal is proportional to the security of the power mobile terminal.
CN201811617283.9A 2018-12-28 2018-12-28 Security assessment method and device for electric mobile terminal Active CN109840688B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811617283.9A CN109840688B (en) 2018-12-28 2018-12-28 Security assessment method and device for electric mobile terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811617283.9A CN109840688B (en) 2018-12-28 2018-12-28 Security assessment method and device for electric mobile terminal

Publications (2)

Publication Number Publication Date
CN109840688A true CN109840688A (en) 2019-06-04
CN109840688B CN109840688B (en) 2024-09-20

Family

ID=66883428

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811617283.9A Active CN109840688B (en) 2018-12-28 2018-12-28 Security assessment method and device for electric mobile terminal

Country Status (1)

Country Link
CN (1) CN109840688B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111815799A (en) * 2020-08-31 2020-10-23 国网山东省电力公司高密市供电公司 A flight inspection and monitoring system based on power towers and power lines

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674302A (en) * 2009-09-25 2010-03-17 联想网御科技(北京)有限公司 Method and device for conducting security identification on information system
CN101964730A (en) * 2010-01-28 2011-02-02 北京邮电大学 Network vulnerability evaluation method
CN102073823A (en) * 2011-02-25 2011-05-25 天津大学 Defect analysis based software creditability evaluating method
CN102799822A (en) * 2012-07-11 2012-11-28 中国信息安全测评中心 Software running security measurement and estimation method based on network environment
CN103400027A (en) * 2013-07-09 2013-11-20 贵州大学 Risk assessment algorithm for information system
CN103716177A (en) * 2013-11-18 2014-04-09 国家电网公司 Security risk assessment method and apparatus
CN104657915A (en) * 2015-03-10 2015-05-27 国家电网公司 Dynamic self-adaptive power system terminal security threat evaluation method
CN105933316A (en) * 2016-04-21 2016-09-07 国家电网公司 Network security level determination method and device
CN106209831A (en) * 2016-07-08 2016-12-07 瑞达信息安全产业股份有限公司 A kind of network security index calculation method
CN106713233A (en) * 2015-11-13 2017-05-24 国网智能电网研究院 Method for judging and protecting network security state
CN107832943A (en) * 2017-11-02 2018-03-23 国网浙江省电力公司电力科学研究院 A kind of power system mobile terminal safety intimidation estimating method
CN108092981A (en) * 2017-12-22 2018-05-29 北京明朝万达科技股份有限公司 A kind of data security protection method and device
CN108833416A (en) * 2018-06-21 2018-11-16 北京市劳动保护科学研究所 A SCADA system information security risk assessment method and system
CN108881110A (en) * 2017-05-10 2018-11-23 全球能源互联网研究院 A kind of safety situation evaluation and defence policies joint decision method and system

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674302A (en) * 2009-09-25 2010-03-17 联想网御科技(北京)有限公司 Method and device for conducting security identification on information system
CN101964730A (en) * 2010-01-28 2011-02-02 北京邮电大学 Network vulnerability evaluation method
CN102073823A (en) * 2011-02-25 2011-05-25 天津大学 Defect analysis based software creditability evaluating method
CN102799822A (en) * 2012-07-11 2012-11-28 中国信息安全测评中心 Software running security measurement and estimation method based on network environment
CN103400027A (en) * 2013-07-09 2013-11-20 贵州大学 Risk assessment algorithm for information system
CN103716177A (en) * 2013-11-18 2014-04-09 国家电网公司 Security risk assessment method and apparatus
CN104657915A (en) * 2015-03-10 2015-05-27 国家电网公司 Dynamic self-adaptive power system terminal security threat evaluation method
CN106713233A (en) * 2015-11-13 2017-05-24 国网智能电网研究院 Method for judging and protecting network security state
CN105933316A (en) * 2016-04-21 2016-09-07 国家电网公司 Network security level determination method and device
CN106209831A (en) * 2016-07-08 2016-12-07 瑞达信息安全产业股份有限公司 A kind of network security index calculation method
CN108881110A (en) * 2017-05-10 2018-11-23 全球能源互联网研究院 A kind of safety situation evaluation and defence policies joint decision method and system
CN107832943A (en) * 2017-11-02 2018-03-23 国网浙江省电力公司电力科学研究院 A kind of power system mobile terminal safety intimidation estimating method
CN108092981A (en) * 2017-12-22 2018-05-29 北京明朝万达科技股份有限公司 A kind of data security protection method and device
CN108833416A (en) * 2018-06-21 2018-11-16 北京市劳动保护科学研究所 A SCADA system information security risk assessment method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111815799A (en) * 2020-08-31 2020-10-23 国网山东省电力公司高密市供电公司 A flight inspection and monitoring system based on power towers and power lines
CN111815799B (en) * 2020-08-31 2021-02-19 国网山东省电力公司高密市供电公司 Flight inspection monitoring system based on electric power tower and electric power line

Also Published As

Publication number Publication date
CN109840688B (en) 2024-09-20

Similar Documents

Publication Publication Date Title
CN111652732B (en) A Bitcoin Abnormal Transaction Entity Recognition Method Based on Transaction Graph Matching
Grover et al. Information systems effectiveness: The construct space and patters of application
CN105635112B (en) Evaluation Method of Information System Security Performance
CN101459537A (en) Network security situation sensing system and method based on multi-layer multi-angle analysis
CN102521685A (en) Electronic monitoring system
CN106101098B (en) A kind of information assets recognition methods and device
Arora et al. Credit Risk Management Index Score for Indian Banking Sector: An In-Depth Analysis.
Qadri et al. Overflow Effect of COVID‐19 Pandemic on Stock Market Performance: A Study Based on Growing Economy
Korobeinikova et al. A General Method of Risk Estimation
Wei et al. Analysis of countermeasures for risk management of construction engineering
CN109840688A (en) A kind of electric power mobile terminal security appraisal procedure and device
Zhan et al. Resource conflict resolution in China
Zheng et al. Addressing the challenges of government service provision with AI
Reddy et al. Utilization of AI for streamlining and optimizing credit decision process and security access loan risks in the banking sector
Kerschbaum et al. Confidential information-sharing for automated sustainability benchmarks
Berkowitz et al. Corporate control and enterprise structure in the Canadian economy: 1972–1987
Zhuo et al. Research on Comprehensive Blockchain Regulation and Anti-fraud System
Reddy et al. Utilization of AI for streamlining and optimizing credit decision process and security in banking sector
Gossen et al. Quantification and assessment method for a company's product piracy risks
Kim et al. Human centric security policy and management design for small and medium business
Kim et al. A study on the impact analysis of security flaws between security controls: An empirical analysis of K-ISMS using case-control study
De Aquino et al. Six steps to an effective continuous audit process
Amelia et al. The Effect of Personal Tenure on Earnings Surprise Management
Li et al. R&D performance evaluation and analysis under uncertainty: the case of Chinese industrial enterprises
Hong et al. A coastal vulnerability index and its application in Xiamen, China

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载