What aspects does information security include?

Question 1: What are the three main aspects of information system security? The security of classified computer information systems includes four aspects:

(1) Physical security. Physical security mainly includes environmental security, equipment security and media security. Effective technical precautions should be taken in the central computer room of the system dealing with classified information, and important systems should also be equipped with security personnel for regional protection.

(2) Safe operation. Operation safety mainly includes backup and recovery, virus detection and removal, electromagnetic compatibility, etc. Main equipment, software, data, power supply, etc. The confidential system should be backed up and have the ability to restore the system operation in a short time. Anti-virus software recognized by relevant national authorities should be used for timely anti-virus, including anti-virus of servers and clients.

(3) Information security. Ensuring the confidentiality, integrity, availability and non-repudiation of information is the central task of information security.

(4) Safety management. The security management of classified computer information system includes three aspects: management organization, management system and management technology. It is necessary to establish a complete security management organization, set up security management personnel, formulate a strict security management system, and use advanced security management technology to manage the entire classified computer information system.

Question 2: What does information security include? In fact, I think most enterprises don't have to worry too much about the definition of information security, just what measures need to be taken. Those with good technical and financial strength can do their own information security, otherwise they can consider buying existing mature solutions.

Recommend the intranet security solution of IP-guard.

IP-guard is an intranet security management software launched by 200 1, with 18 functions and 7 solutions. There are many successful cases of well-known enterprises in all walks of life, including well-known Fortune 500 enterprises, well-known Japanese enterprises and well-known domestic enterprises.

The main functions of IP-guard include transparent encryption, security gateway, read-only encryption, instant messaging, document operation control, document printing management, mail control, application management, network traffic, screen monitoring, asset management and so on.

IP-guard is suitable for enterprise information leakage prevention, behavior control and system operation and maintenance. Up to now, it has served more than 5600 domestic and foreign enterprises/KLOC-0, and deployed more than 4.7 million computers.

Question 3: What aspects does enterprise information security include? Information security mainly involves three aspects: information transmission security, information storage security and network transmission information content audit.

distinguish

Authentication is the process of verifying the subject in the network, and there are usually three ways to verify the identity of the subject. One is secrets that only the subject knows, such as passwords and keys; Second, the items carried by the subject, such as smart cards and token cards; Third, only the subject has unique features or abilities, such as fingerprints, voices, retinas or signatures.

Password mechanism: Password is a code agreed by both parties, assuming that only users and systems know it. Passwords are sometimes selected by users and sometimes assigned by the system. Usually, users first enter some logo information, such as user name and ID number, and then the system will ask the user to enter a password. If the password matches the password in the user file, the user can enter the access. There are many kinds of passwords, such as one-time passwords. The system generates a one-time password list. You must use X the first time, Y the second time, Z the third time, and so on. There are also time-based passwords, that is, the correct password for access changes with time, and this change is based on time and a secret user key. So the password changes every minute, and it's harder to guess.

Smart card: Access requires not only a password, but also a physical smart card. Check whether you are allowed to touch the system before you are allowed to enter the system. A smart card is the size of a credit card and usually consists of a microprocessor, a memory and input/output devices. The microprocessor can calculate the unique number (ID) of the card and the encrypted form of other data. The ID ensures the authenticity of the card and the cardholder can access the system. In order to prevent smart cards from being lost or stolen, many systems need smart cards and PIN. If you only have a card and don't know the PIN code, you can't get into the system. Smart card is superior to the traditional password method for authentication, but it is inconvenient to carry and the cost of opening an account is high.

Subject feature identification: The method of personal feature identification has high security. At present, the existing equipment includes: retina scanner, voice verification equipment and hand recognizer.

Data transmission security system

The purpose of data transmission encryption technology is to encrypt the data stream in transmission to prevent eavesdropping, leakage, tampering and destruction on communication lines. If the communication levels of encryption are distinguished, encryption can be realized at three different communication levels, namely link encryption (encryption below OSI network layer), node encryption and end-to-end encryption (file encryption before transmission and encryption above OSI network layer).

Commonly used are link encryption and end-to-end encryption. Link encryption focuses on communication links, regardless of source and destination, and provides security protection for confidential information by using different encryption keys in each link. Link encryption is node-oriented, transparent to network high-level subjects, and encrypts high-level protocol information (address, error detection, frame header and frame tail), so data is ciphertext in transmission, but it must be decrypted at the central node to get routing information. End-to-end encryption means that information is automatically encrypted by the sender, encapsulated in TCP/IP packets, and then passed through the Internet as unreadable and unrecognizable data. Once the information reaches its destination, it will be automatically reassembled and decrypted into readable data. End-to-end encryption is an advanced subject facing the network. It does not encrypt the information of the lower protocol, and the protocol information is transmitted in plain text, so the user data does not need to be decrypted at the central node.

Data integrity authentication technology At present, for dynamically transmitted information, many protocols mostly ensure the integrity of information by receiving and retransmitting errors and discarding subsequent data packets. However, hacker attacks can change the internal contents of data packets, so effective measures should be taken to control the integrity.

Message authentication: Similar to CRC control in the data link layer, the message name field (or domain) is combined into a constraint value through certain operations, which is called the message integrity check vector ICV(Integrated Check Vector). Then it is encapsulated with the data for encryption. In the transmission process, because the intruder cannot decrypt the message, it is impossible to modify the data and calculate the new ICV at the same time. In this way, the receiver can decrypt and calculate the ICV after receiving the data. If it is different from the ICV in plaintext, the message is considered invalid.

Checksum: One of the simplest and easiest integrity control methods is to use checksums to calculate the checksum value of this file and compare it with the last calculated value. If they are equal, the document has not changed; If they are not equal, it means that the document may have been changed by unconscious behavior. The checksum method can check for errors, but it cannot ... >>

Question 4: What does information security mainly include? Information security mainly includes the following five aspects: to ensure confidentiality, authenticity, integrity, unauthorized copying and the security of parasitic systems.

Question 5: What two aspects does information security generally include? One aspect is the security of information itself, such as preventing loss, preventing files from being deleted by mistake, preventing files from being destroyed and so on.

On the other hand, it refers to the security of information use rights, such as preventing information from being stolen and leaked.

Question 6: What does Internet information security include? Information security itself covers a wide range. It is as big as national military and political secrets, and as small as preventing the secrets of commercial enterprises from leaking, preventing teenagers from browsing bad information and revealing personal information. The information security system under the network environment is the key to ensure information security, including computer security operating system, various security protocols, security mechanisms (digital signature, information authentication, data encryption, etc. ), even the security system, any one of which may threaten global security. Information security service should at least include the basic theory supporting information network security service and the network security service architecture based on the new generation information network architecture. In today's Internet age, the main aspects of information security are: computer crime, hacker attacks, information loss, electronic espionage (such as information traffic analysis, information theft, etc. ), information warfare, network protocol defects (such as TCP/IP protocol security issues), sniffing (sniffers can eavesdrop on packets flowing through the network) and so on.

Question 7: What does network security include? Network security knowledge, the stable development of the Internet industry, and solving network security problems are the key.

One after another, network security problems cast a shadow over the rapidly developing Internet economy, causing huge losses. It can be said that if the Internet wants to develop continuously and rapidly, it must pass the security barrier.

If the soaring Nasdaq stock makes people see the network magic behind the bubble, then the continuous network security incidents make people calmly think about the reality behind the magic-the incidents of online game players' equipment being stolen are endless; Website hacking attacks are also frequent; Wave after wave of virus "shock wave" makes netizens tremble with fear. Hackers and viruses have become popular words in the online world, and their repeated offensives have made the already fragile Internet even more fragile. This tells us that while people enjoy the convenient information brought by the Internet, they must pay attention to and properly solve the network security problem.

According to the latest statistics, at present, 95% of China's network management centers connected to the Internet have been attacked or invaded by hackers at home and abroad, and the scope and extent of the victims are increasing. According to the report of Internet security company Symantec, in 2002, China even became the third largest hacker source country in the world, and 6.9% of the attacks on the Internet came from China. On the other hand, according to the daily monitoring results of the National Computer Virus Emergency Response Center, computer viruses are extremely active. In 20001year, 73% of computers in China were infected with virus, which rose to nearly 84% in 2002 and 85% in the first half of 2003. According to the official statistics of Microsoft, in 2002, network security directly caused a loss of 1.30 USD to the global economy.

As we all know, security is the foundation of the network. Without secure information assets, it is impossible to realize its own value. As a carrier of information, the network is also the same. The harm of network security is obvious, and the causes of network security problems are also different.

The first is the paralysis of users' concept and lack of corresponding vigilance, and the result of this concept is that management can't keep up with the pace of technological development, let alone specific network security precautions and awareness. Because users' cognition of network security is passive and once and for all, when there is a network security problem, they don't know what measures to take to effectively protect their information security. Most people think that several antivirus software and firewalls can ensure the security of network information. Although this practice does have certain effect, it can't guarantee the absolute security of the network. It can be seen that to effectively solve the network security problem, first of all, users should pay attention to security issues, improve security awareness, and build a "protective wall" for the network ideologically.

Secondly, most of China's network security equipment is imported, and there is no core product of its own. To a great extent, this has caused dependence on the network security products of foreign enterprises, which has had a certain impact on the network information security of our country. Therefore, we should strengthen the research and development ability of our own network security technology and improve the practical operation ability of our network security.

Question 8: What aspects of information security of financial institutions include (1) Information leakage: Protected information is leaked or disclosed to unauthorized entities.

(2) Destruction of information integrity: data is added, deleted, modified or destroyed without authorization and suffers losses.

(3) Denial of service: The legal access of information users to information or other resources is unconditionally blocked.

(4) Illegal use (unauthorized access): Resources are used by unauthorized persons or in an unauthorized way.

(5) Eavesdropping: stealing information resources and sensitive information in the system by all possible legal or illegal means. For example, monitoring the signals transmitted in communication lines, or intercepting useful information by using the electromagnetic leakage generated by communication equipment in the working process. (6) Business flow analysis: By monitoring the system for a long time, the parameters such as communication frequency, communication information flow direction, and total communication volume change are studied by statistical analysis methods, and valuable information and rules are found.

(7) Impersonation: By deceiving communication systems (or users), illegal users can impersonate legitimate users, or users with less authority can impersonate users with greater authority. Most of the hackers we usually talk about use fake attacks.

(8) Bypass control: The attacker takes advantage of the security flaws or loopholes in the system to gain unauthorized rights or privileges. For example, the attacker found some system "features" that should be kept secret, but they were exposed. Using these "features", attackers can bypass the defenders of the defense line and invade the inside of the system.

(9) Authorization infringement: A person who is authorized to use a system or resource for a certain purpose uses this right for other unauthorized purposes, which is also called "internal attack".

(10) Denial: This is an attack from users, covering a wide range, such as denying a message you have published, forging the other party's letter, etc.

(1 1) Computer virus: This is a program that can realize the functions of infection and infringement during the operation of a computer system, and its behavior is similar to that of a virus, so it is called a computer virus.

(12) Imperfect information security laws and regulations: Because the laws and regulations that restrict information operation are still not perfect, there are many loopholes, many people play the edge of the law, giving information thieves and information destroyers an opportunity.

Question 9: What is information security? What are the basic contents? Six aspects of information security:-Confidentiality (c): the characteristic that information will not be disclosed to unauthorized users, entities or processes-Integrity (i): the characteristic that data cannot be changed without authorization, that is, the characteristic that information remains unchanged, not destroyed or lost during storage or transmission. -Availability (a): the feature that can be accessed by authorized entities and used as needed, that is, the required information should be accessible when needed. -Authenticity: Authenticity of content-Verifiability: If access control has the ability to control information dissemination and content, it is controllable. -Reliability: system reliability. Information security features:-Offensive and defensive features: alternating improvement of offensive and defensive technologies.-Relativity: Information security is always relative, just right.-Supporting features: Information security is always a foil role and cannot be safe for safety's sake. Security application is the forerunner-dynamic: information security is a continuous process. Scope of information security (any scene with IT application):-management and technology-password, network attack and defense, information hiding-single machine, server, database, application system-disaster tolerance, emergency, daily management-information security technology and management:-establishing a secure host system and network system is the main method of information security technology; Establishing information security system is the basic method of information security management. -the relationship between two-thirds technology and seven-thirds management, but at present, the two are seriously out of touch: the information security strategy is out of touch with the management strategy, and "business continuity" is equated with "disaster recovery", and the awareness of information security is insufficient.