浅析计算机网络安全英文 含中文翻译.docx

浅析计算机网络安全英文 含中文翻译.docx

《浅析计算机网络安全英文 含中文翻译.docx》由会员分享，可在线阅读，更多相关《浅析计算机网络安全英文 含中文翻译.docx（9页珍藏版）》请在冰豆网上搜索。

浅析计算机网络安全英文含中文翻译

XXXX学院

计算机专业英语

班级计科

学号　12

姓名　

日期2015-12-

SecurityofComputerNetworkSystem

Abstract:

Thispaperdiscussedthesecureanddependableproblemaboutthecomputernetworksystem.Onsomeaspects:

theimportanceofnetworksecuritybasictheoryfunctionandthemethodofsolvingaproblemetc.Goodviewsforsolvingtheproblemareputforward.Itstrengthenspeople’sconsciousnessonnetworksecurity.

Keywords:

ComputernetworkVirtualprivatenetworkEncryptiontechniquesFirewall

Introduction:

Alongwiththecomputernetworktechnologydevelopmentthenetworksecurityandthereliabilityhavebecomethequestionofcommoninterestbyallusers.Thepeopleallhopedtheirownnetworksystemcanmovereliablynotexternalintruderdisturbanceanddestruction.Thereforesolvesthenetworksecurityandthereliableproblemcarefullyisaguaranteethenetworknormaloperation’spremiseandsafeguard.

First:

theimportanceofthenetworksecurity.Withtheinformationdevelopingfasttodaythecomputernetworkobtainedthewidespreadapplicationbutalongwiththenetworkinformationtransmissioncapacitygrowingfastersomeorganizationsanddepartmentsbenefitthespeedupwiththeserviceoperationinthenetworkwhilethedatahasalsosufferedtoextentattackanddestruction.Theaggressormayintercepttheinformationinthenetworkstealstheuser’spasswordthedatabaseinformationalsomaytamperwiththedatabasecontenttheforgeusersstatusdeniesownsignature.Andwhatismoretheaggressormaydeletethedatabasecontentthedestroynodereleasescomputervirusandsoon.Thiscausedatasecurityandownbenefithavereceivedtheseriousthreat.AccordingtoAmericanFBIUSFederalBureauofInvestigationinvestthenetworksecuritycreatestheeconomiclosssurpasses17billiondollarseveryyear.75corporationreportfinancelossisbecausethecomputersystemsecurityproblemcreates.Morethan50safethreatcomefrominside.Butonly59losscouldbepossibleestimate.InChinatheeconomiclossamountinviewoffinancialdomainandthebanknegotiablesecuritiescomputersystemsecurityproblemscreateshasreachedashighasseveralhundredmillionYuanalsosometimesoccursinviewofotherprofessionnetworksecuritythreat.Thusitcanbeseenregardlessofisthemeanattackorunconsciousdisoperationwillallbeabletobringtheinestimablelosstothesystem.Thereforethecomputernetworkmusthavetheenoughstrongsecuritymeasure.RegardlessofisinthelocalareanetworkorinWANthenetworksecuritymeasureshouldbeOmni-directionalinviewofeachkindofdifferentthreatandthevulnerabilitysothatitcanguaranteethenetworkinformation’ssecrecytheintegrityandtheusability.

Second:

Networksecurityrationale.InternationalStandardizationOrganizationISOoncesuggestedthecomputersecuritythedefinitionwas:

“Thecomputersystemmustprotectitshardwarethedatanotaccidentallyorrevealsintentionallythechangeandthedestruction.”InordertohelpthecomputeruserdiscriminationandthesolutioncomputernetworksecurityproblemtheAmericanDepartmentofDefenseannounced“theorangepeelbook”orangebookofficialnameis“crediblecomputersystemstandardappraisalcriterion”hascarriedonthestipulationtothemultiusercomputersystemsecurityrankdivision.Theorangepeelbookfromlowtohighdividesintothecomputersecurityfourkindsofsevenlevels:

D1C1C2B1B2B3A1.AboveallD1leveldoesnothavethelowestsafetymarginrankC1andtheC2levelhasthelowestsafetymarginrankB1andtheB2levelhasthemediumsafekeepingofsecurityabilityrankB3andA1belongstothehighestsecurityrating.Inthenetworkconcretedesignprocessitshouldactaccordingtoeachtechnologystandardtheequipmenttypetheperformancerequirementaswellasthefundswhichinthenetworkoverallplanproposedandsoontheoverallevaluationdeterminesonequitereasonablytheperformancehighnetworksecurityrankthusrealizationnetworksecurityandreliability.

Third:

Thenetworksecurityshouldhavefunction.Inordertoadapttheinformationtechnologydevelopmentwellthecomputernetworkapplicationsystemmusthavefollowingfunction:

1Accesscontrol:

Throughtothespecificwebpagetheserviceestablishmentaccesscontrolsysteminarrivestheoverwhelmingmajorityattackimpedimentinfrontoftheattackgoal.2Inspectsthesecurityloophole:

Throughtosecurityloopholecyclicalinspectionevenifattacksmaygettheattackgoalalsomaycausetheoverwhelmingmajorityattacktobeinvalid.3Attackmonitoring:

Throughtospecificwebpageserviceestablishmentattackmonitoringsystembutreal-timeexaminestheoverwhelmingmajorityattackandadoptstheresponsethemotionforexampleseparationnetworkconnectionrecordingattackprocesspursuitattacksourceandsoon.4EncryptionCommunication:

Encryptsonowninitiativethecommunicationmayenabletheaggressortounderstandtherevisionsensitiveinformation.5Authentication:

Thegoodauthenticationsystemmaypreventtheaggressorpretendsthevalidateduser.6Backupandrestoration:

Thegoodbackupandrestoresthemechanismmaycausesthelosseswhentheattackassoonaspossiblerestoresthedataandthesystemservice.7Multi-layeredDefense:

Theaggressorafterbreaksthroughthefirstdefenselinedelaysorblocksittoreachtheattackgoal.8Setsupthesafemonitoringcenter:

Providesthesecuritysystemmanagementthemonitoringtheprotectionandtheemergencycaseservicefortheinformationsystem.

Fourth:

Thenetworksystemsafetycomprehensivesolutionmeasures.IfwanttorealizethenetworksecurityfunctionweshouldcarryontheOmni-directionalguardingtothenetworksystemandthusformulatethequitereasonablenetworksecurityarchitecture.Belowonthenetworksystemsecurityproblemproposessomeguardmeasure.Physicssafemaydivideintotwoaspects:

Oneistheartificialharmtothenetworktheotheristhenetworktotheusers.MostcommonthingistheconstructorwhodidnotunderstandtotheburiedcableclearlythusleadtothedestructionofelectriccablethiskindofsituationmaythroughstandingsymbolizedthesignguardsagainstHasnotusedthestructurewiringthenetworktobeabletoappeartheuserfrequentlytotheelectriccabledamagethisneedstousethestructurewiringtoinstallthenetworkasfaraspossibleArtificialornaturaldisasterinfluencewhentoconsidertheplan.Theaccesscontrolsecuritytheaccesscontroldistinguishesandconfirmstheuserlimitstheuserinthealreadyactivityandtheresourcesscopewhichisauthorized.Thenetworkaccesscontrolsafemayconsiderfromfollowingseveralaspects.1password:

Thenetworksecuritysystemmostouterlayerdefenselineisnetworkusersregisteringintheregistrationprocessthesystemwouldinspecttheusertoregisterthenameandthepasswordvalidityonlythenthelegitimateusercanenterthesystem.2Thenetworkresources’hosttheattributeandthevisitjurisdiction:

Thenetworkresourcesmainlyincludetheresourceswhichsharedfilesthesharedprinternetworkusersandsoonthatallthenetworkuserscanuse.Theresourceswerethehosttomanifestthedifferentusertotheresourcessubordinaterelationssuchasbuildermodifierandgroupmemberandsoon.Theresourcesattributeexpresseditselfdepositandwithdrawalcharacteristicsascanreadbywhowriteortheexecutionandsoon.Thevisitjurisdictionmainlymanifestsintheusertothenetworkresourcesavailabledegreeinusingassignsthenetworkresourcestobethehosttheattributeandthevisitjurisdictionmayeffectivelyintheapplicationcascadecontrolnetworksystemsecurity.3Networksecuritysurveillance:

Thenetworksurveillanceisgenerallycalledfor“thenetworkmanagement”itsfunctionmainlyiscarriesonthedynamicsurveillancetotheentirenetworkmovementandhandleseachkindofeventpromptly.MayunderstandsimplythroughthenetworksurveillancediscoversandsolvesinthenetworksecurityproblemsuchasthelocalizationnetworkfaultpointseizestheIPembezzlerthecontrolnetworkvisitscopeandsoon.4Auditandtrack:

Networkauditandtrackwhichisincludingthenetworkaspectresourcesusenetworkbreakdownandsystemkeeping.Itcomposedgenerallybytwoparts:

Onetherecordingeventsooneachkindofevententirelyrecordsinthedocument.Twocarriesontheanalysisandthestatisticsto.

Datatransmissionsecurity,transmissionsecurityrequirementstoprotecttheinformationonthenetworkistransmittedtopreventthepassiveandactiveviolations.Thesecurityofdatatransmissioncantakethefollowingmeasures:

（1）encryptionanddigitalsignature:

digitalsignatureisthereceiverofdatausedtoconfirmthesenderofthedataistrueandcorrect.

（2）firewall:

firewall（Firewall）isasecuritymeasurethatiswidelyusedinInternet.Itcanbeusedtosetupaseriesofcomponentsindifferentnetworkornetworksecuritydomain.Itcandetect,limitandchangethedataflowofthefirewall,anddetecttheinformation,structureandrunningstatusofthenetworkasfaraspossible,soastorealizethenetworksecurity.（3）UsernameorPasswordcertification:

theauthenticationmethodisthemostcommonlyusedasanauthenticationmethodfortheoperatingsystem,telnet（remotelogin）,rlogin（remotelogin）,buttheprocessisnotencrypted,thatis,passwordiseasytobemonitoredanddecryption.（4）authenticationusingthealgorithm:

radius（RemoteAuthenticationDialprotocol,OSPF（openroutingprotocol）,SNMPSecurityProtocolusesharedSecurityKey（key）,andtheabstractalgorithm（MD5）certification,butabstractalgorithmisanirreversibleprocess,ther