Research of Information System Security Risk Management based on Probability Model and Security Entropy

Nowadays, there is a big challenge on the security risk of information system with the rapid development of network. Computer viruses have brought great intimidation on information systems, which made the loss of worldwide information security moving up. Therefore, more and more people focus on the security problem of information systems, which need our appropriate protection. At first, the principle approach from security risk identification to risk management is proposed. Secondly, an information system security risk management algorithm based on probability model and security entropy is described in detail. Thirdly, a particular system is selected as the example. The whole risk of information system security is modelled and computed according to the risk management computing formula. In accordance with the example, the applicability and feasibility of the probability model is verified. The method proposed in this paper provides some use of reference in the risk management of information system security and execution of security measures.