搜索
XXXX学院计算机专业英语班级计科学号12姓名日期2015-12-SecurityofComputerNetworkSystem1SecurityofComputerNetworkSystemAbstract:Thispaperdiscussedthesecureanddependableproblemaboutthecomputernetworksystem.Onsomeaspects:theimportanceofnetworksecuritybasictheoryfunctionandthemethodofsolvingaproblemetc.Goodviewsforsolvingtheproblemareputforward.Itstrengthenspeople’sconsciousnessonnetworksecurity.Keywords:ComputernetworkVirtualprivatenetworkEncryptiontechniquesFirewallIntroduction:Alongwiththecomputernetworktechnologydevelopmentthenetworksecurityandthereliabilityhavebecomethequestionofcommoninterestbyallusers.Thepeopleallhopedtheirownnetworksystemcanmovereliablynotexternalintruderdisturbanceanddestruction.Thereforesolvesthenetworksecurityandthereliableproblemcarefullyisaguaranteethenetworknormaloperation’spremiseandsafeguard.First:theimportanceofthenetworksecurity.Withtheinformationdevelopingfasttodaythecomputernetworkobtainedthewidespreadapplicationbutalongwiththenetworkinformationtransmissioncapacitygrowingfastersomeorganizationsanddepartmentsbenefitthespeedupwiththeserviceoperationinthenetworkwhilethedatahasalsosufferedtoextentattackanddestruction.Theaggressormayintercepttheinformationinthenetworkstealstheuser’spasswordthedatabaseinformationalsomaytamperwiththedatabasecontenttheforgeusersstatusdeniesownsignature.Andwhatismoretheaggressormaydeletethedatabasecontentthedestroynodereleasescomputervirusandsoon.Thiscausedatasecurityandownbenefithavereceivedtheseriousthreat.AccordingtoAmericanFBIUSFederalBureauofInvestigationinvestthenetworksecuritycreatestheeconomiclosssurpasses17billiondollarseveryyear.75corporationreportfinancelossisbecausethecomputersystemsecurityproblemcreates.Morethan50safethreatcomefrominside.Butonly59losscouldbepossibleestimate.InChinatheeconomiclossamountinviewoffinancialdomainandthebankSecurityofComputerNetworkSystem2negotiablesecuritiescomputersystemsecurityproblemscreateshasreachedashighasseveralhundredmillionYuanalsosometimesoccursinviewofotherprofessionnetworksecuritythreat.Thusitcanbeseenregardlessofisthemeanattackorunconsciousdisoperationwillallbeabletobringtheinestimablelosstothesystem.Thereforethecomputernetworkmusthavetheenoughstrongsecuritymeasure.RegardlessofisinthelocalareanetworkorinWANthenetworksecuritymeasureshouldbeOmni-directionalinviewofeachkindofdifferentthreatandthevulnerabilitysothatitcanguaranteethenetworkinformation’ssecrecytheintegrityandtheusability.Second:Networksecurityrationale.InternationalStandardizationOrganizationISOoncesuggestedthecomputersecuritythedefinitionwas:“Thecomputersystemmustprotectitshardwarethedatanotaccidentallyorrevealsintentionallythechangeandthedestruction.”InordertohelpthecomputeruserdiscriminationandthesolutioncomputernetworksecurityproblemtheAmericanDepartmentofDefenseannounced“theorangepeelbook”orangebookofficialnameis“crediblecomputersystemstandardappraisalcriterion”hascarriedonthestipulationtothemultiusercomputersystemsecurityrankdivision.Theorangepeelbookfromlowtohighdividesintothecomputersecurityfourkindsofsevenlevels:D1C1C2B1B2B3A1.AboveallD1leveldoesnothavethelowestsafetymarginrankC1andtheC2levelhasthelowestsafetymarginrankB1andtheB2levelhasthemediumsafekeepingofsecurityabilityrankB3andA1belongstothehighestsecurityrating.Inthenetworkconcretedesignprocessitshouldactaccordingtoeachtechnologystandardtheequipmenttypetheperformancerequirementaswellasthefundswhichinthenetworkoverallplanproposedandsoontheoverallevaluationdeterminesonequitereasonablytheperformancehighnetworksecurityrankthusrealizationnetworksecurityandreliability.Third:Thenetworksecurityshouldhavefunction.Inordertoadapttheinformationtechnologydevelopmentwellthecomputernetworkapplicationsystemmusthavefollowingfunction:1Accesscontrol:ThroughtothespecificSecurityofComputerNetworkSystem3webpagetheserviceestablishmentaccesscontrolsysteminarrivestheoverwhelmingmajorityattackimpedimentinfrontoftheattackgoal.2Inspectsthesecurityloophole:Throughtosecurityloopholecyclicalinspectionevenifattacksmaygettheattackgoalalsomaycausetheoverwhelmingmajorityattacktobeinvalid.3Attackmonitoring:Throughtospecificwebpageserviceestablishmentattackmonitoringsystembutreal-timeexaminestheoverwhelmingmajorityattackandadoptstheresponsethemotionforexampleseparationnetworkconnectionrecordingattackprocesspursuitattacksourceandsoon.4EncryptionCommunication:Encryptsonowninitiativethecommunicationmayenabletheaggressortounderstandtherevisionsensitiveinformation.5Authentication:Thegoodauthenticationsystemmaypreventtheaggressorpretendsthevalidateduser.6Backupandrestoration:Thegoodbackupandrestoresthemechanismmaycausesthelosseswhentheattackassoonaspossiblerestoresthedataandthesystemservice.7Multi-layeredDefense:Theaggressorafterbreaksthroughthefirstdefenselinedelaysorblocksittoreachtheattackgoal.8Setsupthesafemonitoringcenter:Providesthesecuritysystemmanagementthemonitoringtheprotectionandtheemergencycaseservicefortheinformationsystem.Fourth:Thenetworksystemsafetycomprehensivesolutionmeasures.Ifwanttorealizethenetworksecurityfunctionw