發(fā)布時(shí)間：2018-04-02 14:24

  本文選題：長(zhǎng)城證券　切入點(diǎn)：信息安全　出處：《天津大學(xué)》2013年碩士論文

【摘要】：證券市場(chǎng)在我國(guó)經(jīng)濟(jì)發(fā)展中具有舉足輕重的位置。證券行業(yè)的業(yè)務(wù)主要是信息數(shù)據(jù)和資金數(shù)據(jù)的流動(dòng)。一旦證券行業(yè)發(fā)生信息安全事故，，不僅會(huì)對(duì)數(shù)以萬(wàn)計(jì)的投資者造成影響，而且會(huì)傳導(dǎo)到其他行業(yè)，給國(guó)民經(jīng)濟(jì)、社會(huì)秩序造成混亂。在這種情況下，研究如何做好信息安全管理，提前做好預(yù)防工作是必要而且現(xiàn)實(shí)的。 風(fēng)險(xiǎn)評(píng)估是風(fēng)險(xiǎn)管理的基礎(chǔ)。信息安全管理就是對(duì)風(fēng)險(xiǎn)識(shí)別、風(fēng)險(xiǎn)評(píng)估、風(fēng)險(xiǎn)控制的過(guò)程。信息安全風(fēng)險(xiǎn)評(píng)估的研究由來(lái)已久，在評(píng)估流程、方法、以及相關(guān)工具的研究上都取得了很多成果。但同時(shí)在理論上和方法上都存在很大的爭(zhēng)議，也還有很多進(jìn)一步研究的地方。 本文首先對(duì)信息安全風(fēng)險(xiǎn)評(píng)估的發(fā)展?fàn)顩r進(jìn)行了研究。并且深入分析了各種評(píng)估方法的差異。本文指出了國(guó)內(nèi)證券市場(chǎng)信息安全存在的主要問(wèn)題，同時(shí)本文詳細(xì)介紹了基于資產(chǎn)、脆弱性、威脅三個(gè)風(fēng)險(xiǎn)要素的風(fēng)險(xiǎn)評(píng)估原理和評(píng)估模型，在對(duì)信息資產(chǎn)識(shí)別賦值和對(duì)脆弱性和威脅進(jìn)行識(shí)別的基礎(chǔ)上，計(jì)算風(fēng)險(xiǎn)影響和發(fā)生可能性，并完成對(duì)風(fēng)險(xiǎn)值的計(jì)算。本文重點(diǎn)研究了利用風(fēng)險(xiǎn)評(píng)估理論實(shí)現(xiàn)風(fēng)險(xiǎn)評(píng)估在證券行業(yè)的應(yīng)用。本文設(shè)計(jì)了適合證券公司的風(fēng)險(xiǎn)計(jì)算方法來(lái)完成對(duì)信息安全風(fēng)險(xiǎn)的評(píng)估和分級(jí)。 本文最后對(duì)風(fēng)險(xiǎn)評(píng)估在長(zhǎng)城證券的應(yīng)用做了整體介紹，并對(duì)風(fēng)險(xiǎn)評(píng)估在長(zhǎng)城證券的應(yīng)用效果進(jìn)行了闡述。通過(guò)風(fēng)險(xiǎn)評(píng)估，長(zhǎng)城證券對(duì)信息安全風(fēng)險(xiǎn)有了一個(gè)全面地認(rèn)識(shí)，風(fēng)險(xiǎn)管理水平得到全面地提升，風(fēng)險(xiǎn)控制能力得到了有效提高。同時(shí)此案例也給證券同業(yè)提供了一個(gè)有益的借鑒。
[Abstract]:The securities market plays an important role in the economic development of our country.The main business of the securities industry is the flow of information data and capital data.Once the information security accident occurs in the securities industry, it will not only affect tens of thousands of investors, but also be transmitted to other industries, causing chaos to the national economy and social order.In this case, it is necessary and realistic to study how to manage the information security and do the prevention work well in advance.Risk assessment is the basis of risk management.Information security management is the process of risk identification, risk assessment and risk control.Information security risk assessment has been studied for a long time, and many achievements have been made in the evaluation process, methods and related tools.But at the same time, there is a lot of controversy in theory and method, and there are many further studies.Firstly, this paper studies the development of information security risk assessment.The differences of various evaluation methods are also analyzed in depth.This paper points out the main problems of information security in domestic securities market, and introduces in detail the risk assessment principle and evaluation model based on three risk elements: assets, vulnerability and threat.Based on the identification of information assets and the identification of vulnerability and threat, the risk impact and possibility are calculated, and the calculation of risk value is completed.This paper focuses on the application of risk assessment theory in securities industry.In this paper, a risk calculation method suitable for securities companies is designed to evaluate and classify the risk of information security.Finally, the paper introduces the application of risk assessment in the Great Wall securities, and expounds the application effect of risk assessment in the Great Wall securities.Through risk assessment, the Great Wall Securities has a comprehensive understanding of information security risks, the level of risk management has been comprehensively improved, and the ability of risk control has been effectively improved.At the same time, this case also provides a useful reference for the securities industry.
【學(xué)位授予單位】：天津大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2013
【分類號(hào)】：F832.39

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 高陽(yáng);羅軍舟;;基于灰色關(guān)聯(lián)決策算法的信息安全風(fēng)險(xiǎn)評(píng)估方法[J];東南大學(xué)學(xué)報(bào)(自然科學(xué)版);2009年02期

2 付鈺;吳曉平;葉清;彭熙;;基于模糊集與熵權(quán)理論的信息系統(tǒng)安全風(fēng)險(xiǎn)評(píng)估研究[J];電子學(xué)報(bào);2010年07期

3 吳炎太;龔習(xí)良;劉偉賢;;信息系統(tǒng)內(nèi)部控制風(fēng)險(xiǎn)管理——以A公司為例[J];財(cái)務(wù)與會(huì)計(jì)(理財(cái)版);2011年06期

4 趙冬梅;劉金星;馬建峰;;基于模糊小波神經(jīng)網(wǎng)絡(luò)的信息安全風(fēng)險(xiǎn)評(píng)估[J];華中科技大學(xué)學(xué)報(bào)(自然科學(xué)版);2009年11期

5 黨德鵬;孟真;;基于支持向量機(jī)的信息安全風(fēng)險(xiǎn)評(píng)估[J];華中科技大學(xué)學(xué)報(bào)(自然科學(xué)版);2010年03期

6 肖龍;戚ng;李千目;;基于AHP和模糊綜合評(píng)判的信息安全風(fēng)險(xiǎn)評(píng)估[J];計(jì)算機(jī)工程與應(yīng)用;2009年22期

7 張_";慕德俊;任帥;姚磊;;一種基于風(fēng)險(xiǎn)矩陣法的信息安全風(fēng)險(xiǎn)評(píng)估模型[J];計(jì)算機(jī)工程與應(yīng)用;2010年05期

8 戴利研;;基于COSO框架的企業(yè)全面風(fēng)險(xiǎn)管理信息系統(tǒng)研究——以中國(guó)投資有限責(zé)任公司為例[J];遼寧師范大學(xué)學(xué)報(bào)(社會(huì)科學(xué)版);2012年02期

9 李曉蓉;莊毅;許斌;;基于危險(xiǎn)理論的信息安全風(fēng)險(xiǎn)評(píng)估模型[J];清華大學(xué)學(xué)報(bào)(自然科學(xué)版);2011年10期

10 孫慶波;姚國(guó)祥;;基于風(fēng)險(xiǎn)因子的信息安全風(fēng)險(xiǎn)評(píng)估方法研究[J];計(jì)算機(jī)工程與設(shè)計(jì);2012年01期

本文編號(hào)：1700800