학술논문
基于CMDB的资产识别与管理系统设计与实现 / Design and Implementation of Asset Identification and Management System Based on CMDB
Document Type
Academic Journal
Author
Source
计算机技术与发展 / Computer Technology and Development. 33(12):106-112
Subject
Language
Chinese
ISSN
1673-629X
Abstract
随着信息技术的迅速发展,针对企事业单位在资产识别与管理相关业务的开展过程中资产属性标准不健全、资产演变分析灵活性不足、安全分析不够完善等问题,设计基于配置管理数据库的资产识别与管理系统,推进企事业单位的资产信息化管理.该系统通过对资产信息的加工利用,覆盖到资产标准、资产质量、资产集成、资产安全等相关领域,充分标注资产各方面特征信息,完善了资产的演变分析.系统设计了一种安全分析计算的方法,收集资产的自有特征、脆弱特征、威胁特征完成资产的安全分析计算,通过信息安全技术方面的测试结果,明确目标资产自身的安全状态,及时对存在安全风险的资产采取合理的安全措施,对目标资产发生安全事件的可能性和抵御安全风险的能力做出评估.该系统应用突破了传统台账式资产管理,实现资产价值、脆弱和威胁的分析计算,对组织资产的信息安全建设有着积极推动作用.
With the rapid development of information technology,aiming at the problems of unsound asset attribute standards,insufficient flexibility of asset evolution analysis,and insufficient security analysis in the process of asset identification and management related business of enterprises and institutions,the asset identification and management system based on configuration management database(CMDB)is designed,which promotes the asset information management of enterprises and institutions.Through the processing and utilization of asset information,the system covers asset standards,asset quality,asset integration,asset security and other related fields,fully marks the characteristic information of all aspects of assets,and improves the evolution analysis of assets.The system designs a method of security analysis and calculation,which collects the asset's own characteristics,vulnerability characteristics,and threat characteristics to complete the security analysis and calculation of assets.Through the test results of information security technology,the security status of the target asset itself is clarified,and the existing assets with security risks take reasonable security measures to evaluate the possibility of security incidents and the ability to resist security risks of target assets.The application of this system breaks through the traditional ledger asset management,realizes the analysis and calculation of asset value,vulnerability and threat,and plays a positive role in promoting the information security construction of organizational assets.
With the rapid development of information technology,aiming at the problems of unsound asset attribute standards,insufficient flexibility of asset evolution analysis,and insufficient security analysis in the process of asset identification and management related business of enterprises and institutions,the asset identification and management system based on configuration management database(CMDB)is designed,which promotes the asset information management of enterprises and institutions.Through the processing and utilization of asset information,the system covers asset standards,asset quality,asset integration,asset security and other related fields,fully marks the characteristic information of all aspects of assets,and improves the evolution analysis of assets.The system designs a method of security analysis and calculation,which collects the asset's own characteristics,vulnerability characteristics,and threat characteristics to complete the security analysis and calculation of assets.Through the test results of information security technology,the security status of the target asset itself is clarified,and the existing assets with security risks take reasonable security measures to evaluate the possibility of security incidents and the ability to resist security risks of target assets.The application of this system breaks through the traditional ledger asset management,realizes the analysis and calculation of asset value,vulnerability and threat,and plays a positive role in promoting the information security construction of organizational assets.