什么是安全

1213WhatyouknowWhatyouhavcWhoyouareWhereyouareKerberosOTPACLECLROUNDS,PARALLELIZATIONTRIPLEDESRSARC6BLOWFISHANDTWOFISHSKIPJACKANDMARSHASHHASHHASHSHAE-MAILPRETTYGOODPRIVACY(PGP)SecureMIME(S-MIME)MD5SUMWEBSECUREHTTP(SSL)(VPN)PPTPIPSEC(PKI)BUGROOTKITSEMAILTCP/IPTCP/IPOSITCP/IPTHEWEBSERVERCGIIIS(FTP)(SMTP)INTERNERMELISSAE-MAILE-MAILSMTPINTERNETNATDMZ(STATEFULMULTI-LAYERINSPECTION)WEB()VPN,()()IPCHAINSLINUSIPCHAINSIPCHAINSIPCHAINSCHECKSUMTTIPWIREAUTOMATEDCHECKSUMSTRIPSIREJAILSINTERNETITSECBS7799TCSECC2F-C2,E2CCWINDOWSNTWINDOWSNTWINDOWSNTWINDOWSNTWINLOGONANDGINAUNIXUNIXNTNUIXWINDOWSNTUNIXPATHROOTWINDOWSNTUNIXUNIXTHEUMASKTHECHMODUIDGIDSETUID,SETGIDWINDOWSNTUNIXTHERLOGINTELNETRLOGININSNISNIS+NFS,NFSSECURERPCNFSPATCHESFIXESMICROSOFTSERVICEPACKSREDHATLINUXWINDOWSNTUNIXTFTPSENDMAILSMTPTCPWRAPPER5MD5WINDOWSNT,,WHOISNSLOOKUPHOSTTRACEROUTETRACERTPINGNMAPSNMPTCP/IPAXCETNETRECONNETWORKASSOCIATESCYBERCOPSCANNERINTERNETSECURITYSYSTEMSWEBBUG,NETBILSAUTHENTICATIONTOOLNATIP:TCP/IPSYNFLOODSMURFFRAGGLETEARDROP/TEARDROP2PINGOFDEATHLANDATTACKROOTUNIXWINDOWSNTL0PHTCRACKUNIXSHADOWJOHNTHEFIPPPERCRACK,NETBUSIDSIDSIDSACTIONINTRUDERALERTUNIXNTWINDOWSNTLINUXISO7498-27799BS7799COMMONCRITERIACCEVALUATIONASSURANCELEVELJAILSIPSECNTTCPSECURESHELLSSHNetscapeNavigatorIE()e-bayAmazonCOM1988RobertMomsInternetWorm()kevinMitnickJohnDraper(CaptainCrunch)PentagonKGB16()FBIDatastreamCowboy1915InternetInternetISPIntemetIntemetInternetInternet?()Internet(LAN)InternetInternetVPNInternetCERT()CERT10050()1999745IT52122300IT()InternetIThttp()116Emailpager4(windows982000)()(DNSWebFTPe-mail)()ActiveXJava()(Tr01ans)(trojans),E-mailActiveXJavainternetIP(IP)IP(systemsnooping)TCPIPInternetE-maiFTPl-2JavaIP33(FBI)(ISO)7498-2ISOISO7498-21-3packetsnifferEmailpingSYNISOISOOSITCPIPNovellNT,UNIXISO7498-2BritishStandard7799IT()D()A1()???()WEBInternetTelnet,E-mail1WEBE-mai231232-13248Internetll1E-maill1CEOCEOWEB1WEB??()()1??l3WEB()HTML2-2()emailDESRSAMD5()()HASHHASHHASHHASHATMIDWhatyouknow?Whatyouhave?Whoyouare?Whereyouare?Whatyouknow?Whatyouhave?()ISO7816WEB{}KnKnKerberosCIAACKcK1K1A{K1C}KaKc{K1{k1C}Ka}KcCcA{K1(k1,C)Ka}KcKc{K1c}KacAKcccAP{K2,C}KPAKaAcKccC-A{K1C}Ka,{C,MD-5Checksumtimestamp}K1A--)CCA{C,MD-5Checksumtimestamp}K1KerberosC(OTP)(OTPOneTimePassword)OTPMD5(++)WEB(ACL)(ACL)ACLACL(ECL)(ECL)NetscapeNavigatorInternetExplorerECLECLUNIXrexecrloginrshellABActiveXjavaECL(WEBFTPe-mail)()HASHHASHVPNSSLWindowsNTLinuxPGPGPG2-3HASH????2nn402401099511627776MichaelwienerDES(56)Moore(18)ElectronicFrontierFoundation6440PrettyGoodPrivacy(PGP)404040PGPSMIMESSLIPSec()RoundsParallelizationRoundroundsparallelizationhttp(DES)TRIPLEDES,RSARC2,RC4,RC5,RC6MARSTwofishSerpent(NIST)1977DEShttp(FIPS)PUB46-lFIPSNISTCipher-BlockChaining(CBC)FIPSPUB81http(NSA)(NIST)DESblock64blockdiffusionandconfusion64(round)DES16roundsroundDESDES25DESDESTripleDESDES56tripleDES565656TripleDES128LTripleDESman-in-the-middleDESTripleDESTripleDESDESTripleDESRSARonRivestAdiShamirLeonardAdleman1977LRSAWindowsNTNetscapeNavigatorRSA()RSA(http)RC2RC4128RC2RC440RC2RC5RC2RonRivestblock64RC5RC2blockblockround128RC51216roundsRC4Rivest198712840LotusNotesOracleSecuresQLCDPDRC4RC6RC6RC61998RC5UiroundRC6BlowfishandrwolishBlowfishBruceSchneierround448SchneierTwofish128blockBlowfishTwofish28192256SkiackandMARSSkiackMARSIBMDESTwofishDESTripleDES19971(NIST)DESNISTAES128192256ABBA1970()RSAtheDigitalSignatureAlgorithm(DSA)Diffie-HellmanDSARSALinuxDiffie-HellmanDiffie-Hellmanmadin-themiddleStation-to-station(STS)DiffieHellmanHASHHASH128HASHHASHHASH(ATM)(PIN)HASHATMPINHASHHASHPINATM-()()??--HASHHASHMD2MD4MD5MD2,MD4MD5HASHHASHe-mail128RonRivest2(MD2)MD4MD5MD2MD4RivestMD5MD4128HASHHASH(SHA)HASHHASHHASH(SHS)NISTNSA160HASHSHAMD4MD5MD525MD525emailWEB(VPN)HASHIIS,PGPSSL,S-MIMEHASH(Email)E-maile-mailPGPS-MIMEE-mail1Email2emailDESTripleDESBlowfishRC53HASHMD2MD4MD5SHAlMD5SSLS-MIMESHAl4HASHHASH5e-mail67e-mailPrettyGoodPrivacy(PGP)PGPPGPHASHhttp(S-MIME)NetscapeCommunicator'sMessengerE-mailsMIMEPGPe-mailWindowsBestCrypt()BlowfishAdvancedCS(hOmeknuutdemchahnsOftwarehtml)Locker()EasyCrypt()MD5sumMD5sumWindowsNTLiunxLinuxmd5sum128WebWEB(SecureHTTP)(SSL)90SecureHTTPSSLSecureHTTPSecureHTTPNetscapeNavigatorInternetExplorer(SSL)SSLSSL30(1ETF)SSLSSL(TCPIP)SSLSSL20Netscape1995SSL301996SSL(OSl)SecureHTTPSSLSecureHTTPHTTPSSL(VPN)VPNVPN(INTERNETATMFRAMERELAY)VPNVPNVPNVPNVPNVPN(1)(2)(3)VPNNSPVPNInternet(1ETF)lpsecVPNPPTPIPSecPPTPIPSecPPTPMicrosoftUSRoboticsPPTPVPNISPIPSecPPTPL