Information exposure rating based on hierarchical model for big data

Abstract. Big data improves the function of information, but also increases the exposure of information leakage. From the perspective of information leakage, Information entropy is used to quantify information, and the quantitative index of security exposure are identified as mutual information, and a hierarchical exposure assessment model is established. With the help of local priority principle, classify the types of information leaks and attack methods, the mutual information is determined as quantitative indicators for the exposure of information disclosure. The security exposure of information leakage is evaluated by fuzzy comprehensive evaluation


Introduction
The concept and application of big data have gradually penetrated into the accounting field, and the big data has improved the function of information and the efficiency of accounting work. The information of the big data era, the data sources is extensive, storage is relatively concentrated, contains a detailed record of accounting behavior, such as enterprise management data, customer information and privacy, big data had increased the exposure of information disclosure [1][2][3].
Big data and cloud computing the depth of the fusion, to promote the rapid development of the information system, but new information system, such as cloud accounting, is faced with some exposures, cloud accounting network information system is a special kind of information processing system, in addition to general information processing system of security features, but also has its own characteristics for some security, in the process of information system development, the stability of the platform system, identity authentication and management of the loopholes and defects such as data encryption system security problems appear, is likely to be pregnant and exposure factor in the production of information [4].
For complex and diversified information exposure in big data environment, this paper establishes the quantitative exposure assessment of a hierarchical model, effectively quantitative evaluation caused the security exposures by the information disclosure.
The remainder of this paper is organized as follows: In Section 2, basic concepts of exposure assessment. In Section 3, common exposure assessment methods. In Section 4, calculate the security exposure of information leakage. In Section 5, hierarchical model of exposure assessment. In Section 6, conclusions and future work.

Basic concepts of exposure assessment
The premise of studying the security exposure assessment of information system is to clarify the formation mechanism of security exposure of information system. In general, exposure is the uncertainty of the outcome of actions or events. no matter the result is positive opportunity or negative threat, people can only through the possibility of these uncertainties, and the actual after the effects and consequences to evaluate exposure. The security exposure of information system is to lead the security problems of information system, the possibility or the actual negative threat. The composition of security exposure of information system is divided into five aspects: origin, mode, pathway, receptor and consequence. The origin is the sponsor of the threat, called the threat source; The means by which the threat is threatened is called threat behavior; The path is the weak link used by the threat source, called vulnerability or vulnerability; The receptor is the recipient of the threat, the asset; The consequence is the loss caused by the threat to the source, called the impact., the relationship between them can be expressed as the origin of one or more of the exposure, using one or a variety of ways, through one or more channels, violation of one or more receptor, system adverse consequences [5]..

Common exposure assessment methods
In the process of exposure assessment, the most important point is how to calculate the security exposure. Figure1 shows the process of exposure calculation: Exposure assessment is generally divided into the following steps: (1) identify information assets and assign values to information assets.
(2) identify possible threats and assign values to them.
(3) find vulnerabilities and assign values to them. (4) the probability and threat of security incidents and the combination of vulnerability and vulnerability.
(5) the exposure value of information assets is calculated based on the importance of assets and the possibility of occurrence of security incidents.
The above gives the general steps and procedures for the calculation of security exposures. but in the actual exposure assessment process, due to the differences each system, the choice of assessment methods will directly affect the outcome of exposure assessment. Therefore, it is necessary to choose the appropriate exposure assessment method according to the specific situation of the system.

Calculate the security exposure of information leakage
The safety exposure index method in the literature [6] is used to calculate the security exposure of information leakage, which R is the exposure index: (1) is the probability function of the exposure event, is the consequence function, estimating use the fuzzy theory, measuring use the mutual information .
The process of information leakage can be seen as the process of information entropy reduction, and the secret information entropy is reduced by the attack of the attacker's statistical analysis. If the information entropy is , the conditional entropy of the secret key is in , the mutual information of and is .
Maximum acquisition is the target of information disclosure: Mutual information quantification is the quantitative calculation parameter in (2).

Hierarchical model of exposure assessment
In view of the complex and diversified information disclosure, the classification of information disclosure and attack methods, Based on the local priority principle, the exposure quantification is carried out from local to global level, and the multi-factor problem is solved to solve the single factor problem and reduce the complexity of the problem Because of the uncertainty and variability of threats, different attacks use fuzzy security threat weight factors to distinguish them. The evaluation steps in the hierarchical model of information disclosure exposure assessment are as follows [7][8].: (1) Establishment of the collection of security exposure factors for information disclosure. Assume different types of information disclosure collections is LS : The disclosure of has the information attacks set consisting of all possible attack methods: (2) Definition of exposure indicators. Disclosure can affect the security of information systems, if the information system has s sub-system, the security exposure index is defined as: , is the exposure value of the subsystem, is quantized by .
For , the determination of fuzzy weight coefficient for different attack methods , it can be obtained according to formula (6): This indicates that different attack methods have different attack efficiency.
(4) Local exposures and global exposures. Introduce local exposure and global exposure assessment information single leakage and multiple leakage security exposures. The proportion of a single attack ij a in a exposure set : The local exposures is determined by a single leak : , The global exposure S is determined by multiple leaks: (10) is the exposure assessment matrix, is the exposure quantization matrix.

Conclusions and future work
In this paper, a hierarchical model of information exposure assessment is established. The local first, after the overall analysis, step by step, which effectively divides the types of information leakage and attack methods. The quantitative assessment of the information disclosure from the local exposures to the global exposure level, thus the complicated environment of information system security analysis simplified, established the definition of an effective assessment of the exposures of the information disclosure.
As future work, we will further refine the model and apply the model to the actual situation.