Basic Knowledge computer security technology

The security requirements of computer systems mainly include: confidentiality, security, integrity, reliability, usability, and the validity of the information rent legality confidentiality refers to the computer information storage and transmission should be confidential; security means that the program and data of an information system are not destroyed, not accessed and used by the outside world; Completeness means that information such as procedures and data should be complete to meet predetermined requirements; Reliability is the ability to ensure that system hardware and software have no faults or errors in order to complete the predetermined function under specified conditions; Availability is to ensure that legitimate users can use the normal, to prevent illegal users to access the system, Also to prevent the illegal operation or use of legitimate users; the validity and legality of information means that in the network application, the information receiving party should be able to confirm that the information content and order that it receives is true, not outdated, the two sides of the information exchange should be able to identify each other's identity, and the sender of the information cannot deny the information that has been sent. It is claimed that the information was forged by the receiving party and that the recipient of the information could not modify or falsify the information received, nor could it arrive at the information received.

According to the above security requirements, the security technology of computer system mainly consider the following aspects

(1) Solid security technology

Physical security mainly refers to the technology and methods adopted to ensure the safety of computer equipment, communication lines and related facilities. Mainly related to: computer system environmental security technology, fault diagnosis technology, anti-electromagnetic interference technology, electromagnetic leakage prevention technology, entity access control technology, media storage and management technology.

(2) Data security technology

Data security technology is to ensure that the database or data files in the computer system to avoid damage, modification, theft and the use of technical methods, mainly including user identification technology, password authentication technology, access control technology and data encryption technology, as well as the establishment of backup, offsite storage, proper custody and other techniques and methods.

(3) Software security technology

Software security technology is mainly meant to ensure that the software in the computer system, such as operating systems, database systems or applications, etc. from damage, illegal copying, illegal use. Or to avoid defects in the software itself and the use of technology and methods, including a variety of password control and identification technology, software encryption technology, software to prevent replication technology, Anti-dynamic tracking technology. Software development management technology, software testing technology, software safety standards.

(4) Network security technology

Network security technology refers to the technology and method used to guarantee the security of network and its nodes. It mainly includes message identification technology, digital signature technology, access control technology, data encryption technology, key management technology, security transmission media technology, network monitoring and tracking and isolation technology, routing control and Flow analysis control technology, network management technology, network firewall technology and so on.

(5) Operating security technology

Operation Safety technology includes safe operation and management technology, system use and maintenance technology, stochastic fault maintenance technology, software fault diagnosis technology, software reliability technology, software maintenance technology, operating system fault analysis and processing technology, computer room environment monitoring technology, equipment maintenance technology, power monitoring technology; The recording and statistic analysis technology of the system running state.

(6) Anti-virus technology

In order to prevent the computer system from virus invasion, in addition to the establishment of sound management measures, but also to grasp the virus scanning, detection and analysis technology, software itself anti-virus technology, system anti-virus technology, in the system after the virus destroyed data recovery technology, as well as the elimination of virus technology.

(7) Safety evaluation Technology

The security of computer systems is relative, there is no absolute security system, and the security of computer systems is the result of the balance between effect and cost. Different systems, different tasks and different scales have different requirements for the security level of information systems, so a safety evaluation standard is needed. As a test basis for system safety.

This article from the Internet and the search engine IT Technology blog http://www.guhongtao.com/issued reprint please be sure to indicate