浅析计算机网络安全英文 含中文翻译.docx
《浅析计算机网络安全英文 含中文翻译.docx》由会员分享,可在线阅读,更多相关《浅析计算机网络安全英文 含中文翻译.docx(9页珍藏版)》请在冰豆网上搜索。
![浅析计算机网络安全英文 含中文翻译.docx](https://file1.bdocx.com/fileroot1/2023-4/1/c36f40ef-4c35-4e37-8ced-1cbeffe48707/c36f40ef-4c35-4e37-8ced-1cbeffe487071.gif)
浅析计算机网络安全英文含中文翻译
XXXX学院
计算机专业英语
班级计科
学号 12
姓名
日期2015-12-
SecurityofComputerNetworkSystem
Abstract:
Thispaperdiscussedthesecureanddependableproblemaboutthecomputernetworksystem.Onsomeaspects:
theimportanceofnetworksecuritybasictheoryfunctionandthemethodofsolvingaproblemetc.Goodviewsforsolvingtheproblemareputforward.Itstrengthenspeople’sconsciousnessonnetworksecurity.
Keywords:
ComputernetworkVirtualprivatenetworkEncryptiontechniquesFirewall
Introduction:
Alongwiththecomputernetworktechnologydevelopmentthenetworksecurityandthereliabilityhavebecomethequestionofcommoninterestbyallusers.Thepeopleallhopedtheirownnetworksystemcanmovereliablynotexternalintruderdisturbanceanddestruction.Thereforesolvesthenetworksecurityandthereliableproblemcarefullyisaguaranteethenetworknormaloperation’spremiseandsafeguard.
First:
theimportanceofthenetworksecurity.Withtheinformationdevelopingfasttodaythecomputernetworkobtainedthewidespreadapplicationbutalongwiththenetworkinformationtransmissioncapacitygrowingfastersomeorganizationsanddepartmentsbenefitthespeedupwiththeserviceoperationinthenetworkwhilethedatahasalsosufferedtoextentattackanddestruction.Theaggressormayintercepttheinformationinthenetworkstealstheuser’spasswordthedatabaseinformationalsomaytamperwiththedatabasecontenttheforgeusersstatusdeniesownsignature.Andwhatismoretheaggressormaydeletethedatabasecontentthedestroynodereleasescomputervirusandsoon.Thiscausedatasecurityandownbenefithavereceivedtheseriousthreat.AccordingtoAmericanFBIUSFederalBureauofInvestigationinvestthenetworksecuritycreatestheeconomiclosssurpasses17billiondollarseveryyear.75corporationreportfinancelossisbecausethecomputersystemsecurityproblemcreates.Morethan50safethreatcomefrominside.Butonly59losscouldbepossibleestimate.InChinatheeconomiclossamountinviewoffinancialdomainandthebanknegotiablesecuritiescomputersystemsecurityproblemscreateshasreachedashighasseveralhundredmillionYuanalsosometimesoccursinviewofotherprofessionnetworksecuritythreat.Thusitcanbeseenregardlessofisthemeanattackorunconsciousdisoperationwillallbeabletobringtheinestimablelosstothesystem.Thereforethecomputernetworkmusthavetheenoughstrongsecuritymeasure.RegardlessofisinthelocalareanetworkorinWANthenetworksecuritymeasureshouldbeOmni-directionalinviewofeachkindofdifferentthreatandthevulnerabilitysothatitcanguaranteethenetworkinformation’ssecrecytheintegrityandtheusability.
Second:
Networksecurityrationale.InternationalStandardizationOrganizationISOoncesuggestedthecomputersecuritythedefinitionwas:
“Thecomputersystemmustprotectitshardwarethedatanotaccidentallyorrevealsintentionallythechangeandthedestruction.”InordertohelpthecomputeruserdiscriminationandthesolutioncomputernetworksecurityproblemtheAmericanDepartmentofDefenseannounced“theorangepeelbook”orangebookofficialnameis“crediblecomputersystemstandardappraisalcriterion”hascarriedonthestipulationtothemultiusercomputersystemsecurityrankdivision.Theorangepeelbookfromlowtohighdividesintothecomputersecurityfourkindsofsevenlevels:
D1C1C2B1B2B3A1.AboveallD1leveldoesnothavethelowestsafetymarginrankC1andtheC2levelhasthelowestsafetymarginrankB1andtheB2levelhasthemediumsafekeepingofsecurityabilityrankB3andA1belongstothehighestsecurityrating.Inthenetworkconcretedesignprocessitshouldactaccordingtoeachtechnologystandardtheequipmenttypetheperformancerequirementaswellasthefundswhichinthenetworkoverallplanproposedandsoontheoverallevaluationdeterminesonequitereasonablytheperformancehighnetworksecurityrankthusrealizationnetworksecurityandreliability.
Third:
Thenetworksecurityshouldhavefunction.Inordertoadapttheinformationtechnologydevelopmentwellthecomputernetworkapplicationsystemmusthavefollowingfunction:
1Accesscontrol:
Throughtothespecificwebpagetheserviceestablishmentaccesscontrolsysteminarrivestheoverwhelmingmajorityattackimpedimentinfrontoftheattackgoal.2Inspectsthesecurityloophole:
Throughtosecurityloopholecyclicalinspectionevenifattacksmaygettheattackgoalalsomaycausetheoverwhelmingmajorityattacktobeinvalid.3Attackmonitoring:
Throughtospecificwebpageserviceestablishmentattackmonitoringsystembutreal-timeexaminestheoverwhelmingmajorityattackandadoptstheresponsethemotionforexampleseparationnetworkconnectionrecordingattackprocesspursuitattacksourceandsoon.4EncryptionCommunication:
Encryptsonowninitiativethecommunicationmayenabletheaggressortounderstandtherevisionsensitiveinformation.5Authentication:
Thegoodauthenticationsystemmaypreventtheaggressorpretendsthevalidateduser.6Backupandrestoration:
Thegoodbackupandrestoresthemechanismmaycausesthelosseswhentheattackassoonaspossiblerestoresthedataandthesystemservice.7Multi-layeredDefense:
Theaggressorafterbreaksthroughthefirstdefenselinedelaysorblocksittoreachtheattackgoal.8Setsupthesafemonitoringcenter:
Providesthesecuritysystemmanagementthemonitoringtheprotectionandtheemergencycaseservicefortheinformationsystem.
Fourth:
Thenetworksystemsafetycomprehensivesolutionmeasures.IfwanttorealizethenetworksecurityfunctionweshouldcarryontheOmni-directionalguardingtothenetworksystemandthusformulatethequitereasonablenetworksecurityarchitecture.Belowonthenetworksystemsecurityproblemproposessomeguardmeasure.Physicssafemaydivideintotwoaspects:
Oneistheartificialharmtothenetworktheotheristhenetworktotheusers.MostcommonthingistheconstructorwhodidnotunderstandtotheburiedcableclearlythusleadtothedestructionofelectriccablethiskindofsituationmaythroughstandingsymbolizedthesignguardsagainstHasnotusedthestructurewiringthenetworktobeabletoappeartheuserfrequentlytotheelectriccabledamagethisneedstousethestructurewiringtoinstallthenetworkasfaraspossibleArtificialornaturaldisasterinfluencewhentoconsidertheplan.Theaccesscontrolsecuritytheaccesscontroldistinguishesandconfirmstheuserlimitstheuserinthealreadyactivityandtheresourcesscopewhichisauthorized.Thenetworkaccesscontrolsafemayconsiderfromfollowingseveralaspects.1password:
Thenetworksecuritysystemmostouterlayerdefenselineisnetworkusersregisteringintheregistrationprocessthesystemwouldinspecttheusertoregisterthenameandthepasswordvalidityonlythenthelegitimateusercanenterthesystem.2Thenetworkresources’hosttheattributeandthevisitjurisdiction:
Thenetworkresourcesmainlyincludetheresourceswhichsharedfilesthesharedprinternetworkusersandsoonthatallthenetworkuserscanuse.Theresourceswerethehosttomanifestthedifferentusertotheresourcessubordinaterelationssuchasbuildermodifierandgroupmemberandsoon.Theresourcesattributeexpresseditselfdepositandwithdrawalcharacteristicsascanreadbywhowriteortheexecutionandsoon.Thevisitjurisdictionmainlymanifestsintheusertothenetworkresourcesavailabledegreeinusingassignsthenetworkresourcestobethehosttheattributeandthevisitjurisdictionmayeffectivelyintheapplicationcascadecontrolnetworksystemsecurity.3Networksecuritysurveillance:
Thenetworksurveillanceisgenerallycalledfor“thenetworkmanagement”itsfunctionmainlyiscarriesonthedynamicsurveillancetotheentirenetworkmovementandhandleseachkindofeventpromptly.MayunderstandsimplythroughthenetworksurveillancediscoversandsolvesinthenetworksecurityproblemsuchasthelocalizationnetworkfaultpointseizestheIPembezzlerthecontrolnetworkvisitscopeandsoon.4Auditandtrack:
Networkauditandtrackwhichisincludingthenetworkaspectresourcesusenetworkbreakdownandsystemkeeping.Itcomposedgenerallybytwoparts:
Onetherecordingeventsooneachkindofevententirelyrecordsinthedocument.Twocarriesontheanalysisandthestatisticsto.
Datatransmissionsecurity,transmissionsecurityrequirementstoprotecttheinformationonthenetworkistransmittedtopreventthepassiveandactiveviolations.Thesecurityofdatatransmissioncantakethefollowingmeasures:
(1)encryptionanddigitalsignature:
digitalsignatureisthereceiverofdatausedtoconfirmthesenderofthedataistrueandcorrect.
(2)firewall:
firewall(Firewall)isasecuritymeasurethatiswidelyusedinInternet.Itcanbeusedtosetupaseriesofcomponentsindifferentnetworkornetworksecuritydomain.Itcandetect,limitandchangethedataflowofthefirewall,anddetecttheinformation,structureandrunningstatusofthenetworkasfaraspossible,soastorealizethenetworksecurity.(3)UsernameorPasswordcertification:
theauthenticationmethodisthemostcommonlyusedasanauthenticationmethodfortheoperatingsystem,telnet(remotelogin),rlogin(remotelogin),buttheprocessisnotencrypted,thatis,passwordiseasytobemonitoredanddecryption.(4)authenticationusingthealgorithm:
radius(RemoteAuthenticationDialprotocol,OSPF(openroutingprotocol),SNMPSecurityProtocolusesharedSecurityKey(key),andtheabstractalgorithm(MD5)certification,butabstractalgorithmisanirreversibleprocess,ther