信息安全的英语课件_第1页
信息安全的英语课件_第2页
信息安全的英语课件_第3页
信息安全的英语课件_第4页
信息安全的英语课件_第5页
已阅读5页,还剩23页未读 继续免费阅读

下载本文档

版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领

文档简介

1、We know, information security is so important in our life. Then,it is necessary to know what is information security, and how to guarantee it .Information securityHQYUNNAN UNIVERSITYMain contentsBasic concepts and principles 1Security issues and threatens2Security policy and technology3Popular falla

2、cies and strategies41. Basic concepts and principlesInformation security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.Three core principles: confidentiality, integrity and avail

3、ability. 1. Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems. 2. Integrity means that data cannot be modified undetectably. 3. Availability: For any information system to serve its purpose, the information must be available when it is n

4、eeded.Security classification for informationThe type of information security classification labels selected and used will depend on the nature of the organisation, look the following examples:1.In the business sector, labels such as: Public, Sensitive, Private, Confidential(保密).2.In the government

5、sector, labels such as: Unclassified, Sensitive But Unclassified, Restricted(限制), Confidential(机密), Secret, Top Secret(绝密) and their non-English equivalents.3.In cross-sectoral formations(跨部门的单位), the Traffic Light Protocol, which consists of: White, Green, Amber(黄色) and Red. Three phasesWe learn in

6、formation security through three phases: data security (emphasis on secure communications)network and information security era (emphasis on network environment) the current era of information assurance (emphasis it can not be passive protection, the need for protection - detection - reaction - resto

7、re, four links). 2. Security problems and threatensMajor problemscyber attacks and attack detection, prevention issues 网络攻击与攻击检测、防范问题 security vulnerabilities and security countermeasures problem 安全漏洞与安全对策问题 Information Security issues security problems within the system 系统内部安全防范问题 problem防病毒问题 data

8、 backup and recovery issues, disaster recovery issues 数据备份与恢复问题、 灾难时恢复问题Security threatens (1) Information disclosure: information is leaked or disclosed to a non-authorized entities. (2) damage to the integrity of information: data is carried out unauthorized deletion, modification or destruction a

9、nd loss. (3) denial of service: information or other resources on the legal access is unconditionally blocked. (4) unlawful use of (unauthorized access): a resource is a non-authorized persons, or unauthorized use. (5) tapping(窃听): Using a variety of possible legal or illegal means to steal system i

10、nformation resources and sensitive information. (6) business flow analysis(业务流分析): long-term monitoring of the system by using the statistical method, which found valuable information and laws. (7) Passing: deception through communications system to impersonate a legitimate user of illegal users. Mo

11、st hackers are using fake attack.(8) Trojan horse(特洛伊木马): an aware of the software contains no harmful block, when it is executed, will destroy the users security. This application is called Trojan horse. (9) Computer virus: A computer system is running against infection and functions to achieve the

12、 program.(10) Physical invasion(物理侵入): to bypass the physical control of the intruder to gain access to the system. ExamplesComputer viruses Network Worms 网络蠕虫Pop-Ups 插入式网络广告Trojan Horses 特洛伊木马Spam 垃圾电子邮件Password Grabbers 密码采集卡Password Crackers 密码破解Hijacked Home Pages 劫持主页DID YOU KNOW?In 1980 a comp

13、uter cracked a 3-character password within one minute.In 1999 a team of computers cracked a 56-character password within one day.(一天之内破获56个字符的密码)In 2004 a computer virus infected 1 million computers within one hour.A computer program Tells a computer what to do and how to do it.Computer viruses, net

14、work worms, Trojan Horse These are computer programs.DIFFERENCES 1) Computer Virus:Needs a host file2) Network Worm:No host (self-contained) Copies itself ExecutableCopies itselfExecutable3) Trojan Horse: No host (self-contained)Does not copy itselfImposter ProgramTYPICAL SYMPTOMSFile deletionFile c

15、orruption 文件损坏Visual effectsPop-Ups 弹出窗口Erratic (and unwanted) behavior不稳定(和不必要的)的行为Computer crashes 死机Why Do We Have This Problem?Software companies rush products to the consumer market (“No program should go online before its time”) Recycling old code reduces development time, but perpetuates(永存)

16、old flaws(缺陷).AND A FEW MORE REASONSMarket share(占有率) is more important than securityInterface(界面) design is more importantthan securityNew feature designs are more important than securityEase of use is more important than securityA Trojan Horse exploits computer ports letting its “friends” enter, a

17、ndSecurity patches often close computer ports and vulnerabilitiesMORE ON THE HORSE.“once a thief gets into your house he opens a rear window for his partners”3. security policy and technology1、Security Policy2、DG map document encryption (图文档加密)3、advanced information security technology 4、strict safe

18、ty management5、formulated strict laws and regulations (制订严格的法律、法规)6、secure operating systemTechnical Overview(简介) Security technology, strictly speaking only three categories: hiding, access control and cryptography(密码学).Currently, more popular technonogies in the market and who can represent the di

19、rection of future development of security products generally have the following categories: 1. user authentication(身份认证): the first is the security door, a variety of security measures can play a role in the premise, authentication technologies. 2. firewall : Firewall is a form of access control pro

20、ducts. It can prevent unsafe access to the internal to external.3. Network Security Isolation(隔离).4. Virtual Private Network ( VPN ).5. Security Server : a LAN security server mainly for internal information storage, transmission security issues . 6. Electronic Travel agencies(签证机构) - CA and PKI pro

21、ducts.7. Security Management Center8. Intrusion Detection System ( IDS ) 入侵检测系统9. Intrusion Prevention System ( IPS ) 入侵防御系统10. Safety Database11. secure operating system12. DG map document encryption4. Popular fallacies and StrategiesIf I never log off then my computer can never get a virusIf I loc

22、k my office door then my computer can never get a virusCompanies create viruses so they can sell anti-virus softwareMy ISP will protect me?Microsoft will protect meISP:互联网服务供应商AND A FEW MORE.I got this disc from my (mother, boss, friend) so it must be okayYou cannot get a virus by opening an attachment from someone you knowBut I only downloaded one fileYou can catch a cold from a computer virusMy friend who knows a lot about computers showed me this is really a cool siteStrategies :BACK IT UP!Offline copies

温馨提示

  • 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
  • 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
  • 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
  • 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
  • 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
  • 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
  • 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

最新文档

评论

0/150

提交评论