Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Software running security measurement and estimation method based on network environment

A software security and network environment technology, applied in the field of network information security analysis and evaluation, can solve problems such as poor pertinence, lack of test basis, lack of test basis, etc., and achieve the effect of good scalability, flexible evaluation method and objective evaluation

Active Publication Date: 2015-06-17
CHINA INFORMATION TECH SECURITY EVALUATION CENT
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] (1) Corresponding software security analysis and evaluation work was not carried out during the software development cycle, resulting in incomplete software security requirements and a lack of tracking and control of system and software risks
[0004] (2) Lack of sufficient awareness of the application of software security testing in engineering
At present, although domestic software testing includes the testing type of security testing, the testing is not very targeted, and the lack of testing basis is also caused by the lack of comprehensive security requirements.
[0005] (3) There is a lack of a complete description of software security testing related technologies in relevant domestic standards, which also affects the promotion and application of software security testing in the software verification process

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software running security measurement and estimation method based on network environment
  • Software running security measurement and estimation method based on network environment
  • Software running security measurement and estimation method based on network environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to make the above objects, features and advantages of the present invention more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0023] refer to figure 1 , figure 1 It is a flow chart of the steps of the software security evaluation embodiment in the network environment of the present invention, including the following steps: step S110 of establishing a measurement system, selecting software security evaluation indicators; threat modeling step S120, modeling the threats faced by the software in the network environment ; Software security assessment step S130, based on the assessment indicators, use the reliability-based software security assessment method, the vulnerability-based software security assessment method and the risk-based software security assessment method to perform security assessment on software facing threats in the network environment . ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a software running security measurement and estimation method based on a network environment, and belongs to a network information security analysis and estimation technology. The method comprises the following steps of: constructing a measurement system, namely selecting a software security estimation index; performing threat modeling, namely modeling a threat of software under the network environment; and estimating the security of the software, namely performing security estimation on the software facing the threat under the network environment according to the estimation index through a software security estimation method based on reliability, a software security estimation method based on bug and a software security estimation method based on risk. The step of constructing the measurement system also comprises a substep of selecting the completeness, the non-repudiation, the confidentiality, the authorization, the availability and the identity checkability as the software security estimation indexes. By the method, the security bug and the risk of the software can be estimated in advance, so that a function and security module of the software can be immediately adjusted, and dangerous events can be effectively controlled and prevented.

Description

technical field [0001] The present invention relates to network information security analysis and assessment technology, and more specifically, to a software security assessment method in a network environment. Background technique [0002] Nowadays, the software system under the network environment has penetrated into various fields such as the national economy, national defense, and social life. It has changed people's traditional production and lifestyle, and has become an indispensable necessity for human society. On the one hand, people's dependence on software is getting higher and higher, making software systems and functions more and more complex; Quality is becoming more and more difficult, such as system attacks and failures caused by software vulnerabilities, defects and failures, software system paralysis caused by instantaneous mutations in the number of concurrent users of the system, and privacy leaks caused by malicious behaviors of rogue software. Hidden da...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
Inventor 吴世忠赵向辉刘晖易锦刘彦钊张磊刘林吴润浦李娟
Owner CHINA INFORMATION TECH SECURITY EVALUATION CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com