中文摘要：

信息安全风险评估是提出信息安全策略的基础和关键。本文依据资产、脆弱性、威胁等风险评估基本要素,提出一种基于Markov方法、以威胁为核心的电子政务信息安全风险评估模型。通过运用Markov方法、威胁分析,并结合多属性决策理论以及专家评分法得到威胁发生的概率、威胁的后果属性及属性值,进而计算出客观的威胁指数。利用威胁指数对风险进行排序,为制定有针对性的电子政务信息安全风险管理控制策略提供科学的依据。

英文摘要：

Information security evaluation is the key of information security management.This article presents an E-government information security risk evaluation model based on Markov and menaces analysis The probability and consequence of the risks are measured using menaces index through Markov and menaces analysis.Then,the importance of risk factors can be determined according to menaces index,which could be applied as the foundation of E-government information security risk management and control strategies.