收稿日期: 2016-02-01
修回日期: 2016-03-20
网络出版日期: 2016-04-05
基金资助
本文系国家社会科学基金项目"大数据环境下政务信息资源优化配置与服务模式创新研究"(项目编号:15BTQ051)研究成果之一。
Model Construction and Empirical Study on Smart City Information Security Risk Assessment
Received date: 2016-02-01
Revised date: 2016-03-20
Online published: 2016-04-05
邹凯 , 向尚 , 张中青扬 , 毛太田 . 智慧城市信息安全风险评估模型构建与实证研究[J]. 图书情报工作, 2016 , 60(7) : 19 -24 . DOI: 10.13266/j.issn.0252-3116.2016.07.003
[Purpose/significance] Considering the increasingly prominent information security issues of smart city, a scientific risk assessment model is proposed, which could classify and analyze the risk factors rapidly. [Method/process] From five connotations of smart city public service's information security and four main factors of risk assessment, it constructs a smart city public service's information security risk index framework. Using the ward method of systematical clustering calculates 12 examples of smart city to form classification properties. Choosing the C4.5 algorithm of decision tree method to establish a model of risk assessment, and verify that the model is scientific. [Result/conclusion] It finds that the safety management system, data leak and the threat of damage, safety awareness' weakness and equipment security vulnerabilities is the most significant risk factors' gap between wisdom cities, according to the results of the assessment, making recommendations to protect the information safety of wisdom city.
Key words: information security; risk assessment; smart city; C4.5 decision tree
[1] 李勇.智慧城市建设对城市信息安全的强化与冲击分析[J].图书情报工作,2012,56(6):20-24.
[2] 丁波涛.智慧城市视野下的新型信息安全体系建构[J].上海城市管理,2012(4):17-20.
[3] ELMAGHRABY A, LOSAVIO M. Cyber security challenges in smart cities:safety, security and privacy[J]. Journal of advanced research,2014,5(4):491-497.
[4] KOŽUCH B, SIENKIEWICZ-MALYJUREK K.New requirements for managers of public safety systems[J].Procedia-social and behavioral sciences,2014,149(5):472-478.
[5] BELANCHE-GRACIA D, CASALÓ-ARIÑO L V, PÉREZ-RUEDA A.Determinants of multi-service smartcard success for smart cities development:a study based on citizens' privacy and security perceptions[J].Government information quarterly,2015,32(2):154-163.
[6] YASUKO F, MASAKI S, HIROSHI U.Survey on risk management based on information security psychology[J]. Lecture notes in computer science,2015,9171:396-408.
[7] 刘彦麟,张盛.智慧城市建设中信息安全保障机制探究[J].信息通信,2015(6):156.
[8] 董袁泉.智慧城市中信息安全的分析以及应对措施[J].微型机与应用,2014(23):16-18.
[9] GB/T 20984-2007.信息安全风险评估规范[S].北京:中华人民共和国国家质量监督检验检疫总局,2007.
[10] 满晓元.智慧城市信息安全风险及评估方法[J].电子世界,2013(23):77-78.
[11] 邓贤峰."智慧城市"建设的风险分析[J].财经界,2011(1):106-109.
[12] 张立超,刘怡君,李娟娟.智慧城市视野下的城市风险识别研究——以智慧北京建设为例[J].中国科技论坛,2014(11):46-51.
[13] GB/T 31509-2015.信息安全风险评估实施指南[S].北京:中华人民共和国国家质量监督检验检疫总局,2015.
[14] ISO/IEC 27001:2005, Information technology-security techniques-information security management systems-requirements[S].Geneva:International Organization for Standardization,2005.
[15] 李卫东.应用多元统计分析[M].北京:北京大学出版社,2008.
[16] 何跃,王猛. 基于灰色关联与Ward系统聚类的国民幸福评价[J]. 统计与决策,2012(5):42-45.
[17] QUINLAN J R.C4.5:Programs for machine learning[M].San Mateo:Morgan Kaufmann Puhlishers Inc,1993:17-42.
/
| 〈 |
|
〉 |
