Traditional Culture Encyclopedia - Traditional stories - What does information security mean?

What does information security mean?

Information security means that the hardware and software of the information network and the data in its system are protected from being destroyed, changed or leaked by accidents or malicious reasons, and the system runs continuously, reliably and normally without interrupting information services.

Information security is a comprehensive subject involving computer science, network technology, communication technology, cryptography technology, information security technology, applied mathematics, number theory, information theory and other disciplines.

Broadly speaking, all technologies and theories related to the confidentiality, integrity, availability, authenticity and controllability of information on the network are the research fields of network security.

The realization goal of information security

Authenticity: judge the source of information and identify the information from forged sources.

◆ Confidentiality: ensure that confidential information is not eavesdropped, otherwise eavesdroppers cannot understand the true meaning of the information.

◆ Integrity: ensure the consistency of data and prevent data from being tampered with by illegal users.

Availability: Ensure that legitimate users' use of information and resources will not be improperly denied.

Undeniability: It is extremely important to establish an effective responsibility mechanism to prevent users from denying their actions.

Controllability: the ability to control the dissemination and content of information.

Checkability: Provide basis and means for investigating emerging network security issues.

Major information security threats

◆ Stealing: Illegal users obtain sensitive information through data eavesdropping.

◆ Interception: Illegal users first obtain information and then send it to the real receiver.

◆ Forgery: Send forged information to the receiver.

◆ Tampering: Illegal users modify the communication information between legal users and then send it to the receiver.

Denial of service attack: attacks the service system, paralyzing the system and preventing legitimate users from obtaining services.

◆ Behavior Denial: Legal users deny the behavior that has happened.

◆ Unauthorized access: unauthorized use of network or computer resources by the system.

Spreading viruses: Spreading computer viruses through the network is very destructive, and it is difficult for users to guard against it.

The main source of information security threats

◆ Natural disasters and accidents;

◆ Computer crime;

◆ Human error, such as improper use and poor safety awareness;

◆ "hacker" behavior;

◆ Internal leakage;

◆ External leakage;

◆ Information loss;

Electronic espionage, such as information flow analysis, information theft, etc. ;

◆ Information warfare;

◆ Defects of network protocol itself, such as security issues of TCP/IP protocol.

Information security strategy

Information security policy refers to the rules that must be followed to ensure a certain degree of security protection. Realizing information security depends not only on advanced technology, but also on strict security management, legal constraints and security education;

Advanced information security technology is the fundamental guarantee of network security. Users assess the threats they face, decide the types of security services they need, choose the corresponding security mechanisms, and then integrate advanced security technologies to form an all-round security system;

◆ Strict safety management. All computer network users, enterprises and units should establish corresponding network security management measures, strengthen internal management, establish an appropriate network security management system, strengthen user management and authorization management, establish a security audit and tracking system, and improve the overall network security awareness;

◆ Formulate strict laws and regulations. Computer network is a new thing. Many of its behaviors can't be followed and there is no chapter to follow, which leads to the disorder of computer crimes on the network. In the face of increasingly serious cyber crimes, it is necessary to establish laws and regulations related to cyber security, so that criminals are intimidated by the law and dare not act rashly.

Main problems involved in information security

◆ Network attack and attack detection and prevention.

◆ Security vulnerabilities and security countermeasures

◆ Information security and confidentiality issues

◆ Internal security of the system.

◆ Anti-virus problem

◆ Data backup and recovery issues and disaster recovery issues.

Brief introduction of information security technology

At present, there are several kinds of safety products that are popular in the market and can represent the future development direction:

◆ Firewall: A firewall can be said to be an access control product in a sense. It sets up a barrier between the internal network and the unsafe external network to prevent illegal access to internal resources from the outside and unsafe access from the inside to the outside. The main technologies are packet filtering technology, application gateway technology and proxy service technology. Firewall can effectively prevent hackers from using unsafe services to attack the intranet, and can realize the functions of monitoring, filtering, recording and reporting the data flow, and better cut off the connection between the intranet and the external network. But it may have its own security problems, or it may be a potential bottleneck.

◆ Secure router: Because WAN connection requires special router equipment, network transmission can be controlled through the router. Access control list technology is usually used to control network information flow.

◆ Virtual private network (VPN): Virtual private network (VPN) is to realize the interconnection between two or more trusted intranets by using data encryption technology and access control technology on the public data network. The construction of VPN usually needs to use a router or firewall with encryption function to realize the reliable transmission of data on public channels.

◆ Security server: The security server mainly aims at the security of information storage and transmission in a LAN, and its functions include the management and control of LAN resources, the management of users in the LAN, and the audit and tracking of all security-related events in the LAN.

Electronic Certification Authority-CA and PKI products: As the third party of communication, electronic certification authority (CA) provides reliable certification services for various services. CA can issue electronic visa certificates to users, and provide users with membership authentication, key management and other functions. PKI products can provide more functions and better services, and will become the core component of computing infrastructure for all applications.

◆ User authentication products: Due to the maturity and perfection of IC card technology, IC cards are more widely used to store users' personal private keys in user authentication products, and are combined with other technologies such as dynamic passwords to effectively identify users' identities. At the same time, the digital signature mechanism can be realized by combining the personal private key on the IC card with the digital signature technology. With the development of pattern recognition technology, advanced recognition technologies such as fingerprint, retina and facial features will also be put into use, and combined with existing technologies such as digital signature, the authentication and recognition of user identity will be more perfect.

◆ Security management center: Because there are many security products on the Internet and they are distributed in different places, it is necessary to establish a centralized management mechanism and equipment, namely the security management center. Used to distribute keys to network security devices, monitor the running status of network security devices and collect audit information of network security devices.

◆ Intrusion Detection System (IDS): As an effective supplement to traditional protection mechanisms (such as access control and identity identification), intrusion detection forms an indispensable feedback chain in information systems.

◆ Secure database: As a large amount of information is stored in the computer database, some information is valuable and sensitive and needs to be protected. A secure database can ensure the integrity, reliability, effectiveness, confidentiality, auditability, access control and user identification of the database.

◆ Secure operating system: provides a secure operating platform for key servers in the system, and constitutes a secure WWW service, a secure FTP service, a secure SMTP service, etc. , and as a solid foundation for various network security products to protect their own security.