Compulsory content of network security knowledge

Source: Internet
Author: User

Intermediary transaction SEO diagnosis Taobao guest Cloud host technology Hall

With the deepening of the information process and the rapid development of the Internet, people's work, learning and life style are undergoing great changes, the efficiency is greatly improved and the information resources are shared to the greatest extent. However, it must be seen that the network security problem that comes with the development of informatization is becoming more and more protruding, if the problem is not solved well, it will hinder the process of information development.

1. The generation of network security problems

Different interpretations of network security can be made from different perspectives. In general sense, network security is the two parts of information security and control security. The International Organization for Standardization defines information security as "integrity, availability, confidentiality and accessibility of information"; Control security means identity authentication, non-repudiation, authorization and access control.

The open, interactive and dispersive characteristics of the Internet have satisfied the demand for information sharing, openness, agility and rapidity that human beings aspire to. The network environment has created ideal space for information sharing, information exchange and information service, and the rapid development and wide application of network technology have provided great impetus for the progress of human society. However, due to the above characteristics of the Internet, many security problems arise:

A information leakage, information pollution, information is not easily controlled. For example, unauthorized intrusion of resources, the emergence of unauthorized information flow, system denial of information flow and system denial, etc., these are the technical difficulties of the security.

b in the network environment, some organizations or individuals for some special purpose, information leakage, information destruction, information infringement and ideological information infiltration, and even through the network of political subversion, so that national interests, social public interests and the legitimate rights and interests of various subjects are threatened.

C The trend of network utilization is the wide participation of the whole society, followed by the management of decentralized control. Because of the differences of interests, goals and values, the protection and management of information resources are disjointed and vacuum, which makes the problem of information security become extensive and complex.

(d) With the high level of information on the important infrastructure of society, the "lifeblood" of society and the core control systems are likely to face malicious attacks leading to damage and paralysis, including defence communications facilities, power control networks, financial systems and government websites.

2, network security has become the common challenge of mankind in the information age

"In less than a generation, the information revolution and computers have entered every area of society, a phenomenon that has changed the state's economic functioning and safe operation and the way people live in their daily lives," former US President Bill Clinton stated in his presidential address to the National Plan for protection information systems. This beautiful new generation also carries its own risks. All computer-driven systems are vulnerable to intrusion and destruction. Any planned attack on computers in important economic sectors or government institutions can have disastrous consequences, a danger that exists objectively. In the past, hostile forces and terrorists have used bombs and bullets without exception, and now they can turn their laptops into effective weapons, causing great harm. If people want to continue to enjoy the benefits of the information age and continue to secure national security and economic prosperity, they must protect computer control systems from attack. ”

In all areas of computer crime and network infringement, whether the number, means, or nature, scale, has reached a staggering point. According to the relevant statistics, the United States every year due to network security problems suffered by the economic losses of more than 17 billion U.S. dollars, Germany and the United Kingdom are also in the billions of U.S. dollars, France for 10 billion francs, Japan, Singapore is also very serious problems. Computer crime is the top of the list of new crimes in the modern society enumerated by the International criminal law community. In 2003, 56% of the 524 organizations contacted by the CSI/FBI survey encountered computer security incidents, of which 38% encountered 1~5 and more than 16% encountered 11. Organizations that become frequent attack points due to Internet connections have been increasing for 3 consecutive years, while the number of denial of service attacks (DoS) has risen from 27% in 2000 to 42% in 2003. According to the survey, 96% of the 521 surveyed organizations had websites, 30% of which provided e-commerce services, and in the 1 years of 2003, 20% found unauthorized intrusions or misuse of websites. More disturbing, 33% of the groups said they did not know if their sites were compromised. According to statistics, the global average of 1 times per 20s online intrusion event, hackers once found the weak link in the system, all users will suffer.

3, China's network security problems increasingly prominent

At present, the main signs of the network security problem in our country are:

(a) The virus infection and destruction of computer systems is quite serious. According to the National Computer Virus Emergency treatment Center Deputy Director Zhang introduced, from the National Computer Virus Emergency Treatment center daily monitoring results, computer viruses appear unusually active situation. According to a 2001 survey, about 73% of the computer users in our country had contracted the virus and rose to 83% in the first half of 2003. Among them, more than 3 infected users up to 59%, and the virus is more destructive, the virus destroyed all the data accounted for 14%, the destruction of some of the data accounted for 57%.

b Computer hacking has become a major threat. The network information system has the fatal fragility, the vulnerability and the openness, from the domestic situation, at present our country 95% with the Internet Network Management Center has been subjected to the attack or the invasion by the inside and outside hacker, among them the bank, the finance and the securities organization is the hacker attack the focal point.

(c) The information infrastructure faces the challenge of network security. Facing the severe situation of information security, our country's network security system has many weak points in predicting, responding, preventing and restoring ability. According to the UK's Jane Strategy report and other network organizations on national information protection capabilities of the assessment, China has been listed as one of the lowest protective capacity, not only much lower than the United States, Russia and Israel and other information security powers, and ranked after India, South Korea. In recent years, all kinds of illegal activities related to the Internet have increased by 30% annually. According to the Information Security Management Department of a city, in the 1th quarter of 2003, the city suffered nearly 370,000 hacking attacks, more than 21,000 virus intrusions and 57 information system paralysis. The mirror site of a company in the city was attacked by malicious attacks from more than 100 IP addresses within 1 months of October.

(d) Frequent cyber political subversion activities. In recent years, the reactionary forces at home and abroad use the Internet Group Party Association to conduct illegal organization and series activities against our party and government, which are rampant and frequent. In particular, some illegal organizations systematically through the network channels, propaganda heresy, in an attempt to disturb the people, disturb the social order. For example, according to media reports, "* * *" illegal organization is the United States to set up a Web site, the use of borderless information space for anti-government activities.

4. Factors restricting the ability of network security in China

At present, the main factors restricting China's ability to improve network security are as follows.

4.1 Lack of independent computer network and software core technology

In the process of informatization construction in China, it lacks independent technical support. There are three black holes in computer security: CPU chips, operating systems and databases, gateway software are mostly dependent on imports. Hu Shansheng, a researcher at the Institute of High Energy Physics at the Chinese Academy of Sciences, has hit the nail on the back of our information system: "Our network is growing fast, but how about security?" There's a lot of people investing a lot of money to build a network, but it's not clear that it's only half the Some network consultant company built a lot of nets, the market cloth good, but built is bare net, no protection, just like the real estate company built a lot of buildings, doors and windows are not locked on the delivery to the owners to live. "The network management equipment and software used by our computer networks are basically imported products, these factors make our computer network security can be greatly reduced, is considered to be easy to peep and easily hit the" glass net. Because of the lack of independent technology, the network is in the information security threats of eavesdropping, jamming, surveillance and fraud, and the network security is in a very fragile state.

4.2 Security awareness is the bottleneck of network security

At present, there are many cognitive blind spots and restrictive factors in the network security problem. Network is a new thing, many people are busy in contact with the study, work and entertainment, the security of network information is not enough to take into account, security awareness is very weak, the lack of information on the security of the network of facts. At the same time, network operators and institutional users pay attention to the network effect, the input and management of the security field can not meet the requirements of security protection. On the whole, network information security is in a passive state of plugging, from top to bottom there is a common sense of luck, did not form the initiative to prevent, actively respond to the national consciousness, but also can not fundamentally improve the network monitoring, protection, response, recovery and combat capabilities. In recent years, the national and various functional departments have made considerable efforts in information security, but in terms of scope, influence and effect, the information security protection measures and related plans that have been taken so far can not solve the current passive situation fundamentally, the whole information security system in the main aspects of rapid response, quick action and precaution, Lack of sense of direction, sensitivity and coping ability.

4.3 The defects and deficiencies of operation management mechanism restrict the strength of safety precaution

The operation management is the process management, is the key which realizes the whole network security and the dynamic security. The policy, plan and management means of information security will eventually be reflected in the operation management mechanism. In view of the current operation management mechanism, there are several defects and deficiencies in the following aspects.

(a) Lack of human resources in Network security management: Because of the very low cost of Internet communications, distributed client servers and different kinds of configuration continue to develop. Due to the extension of technology application, the management of technology should be expanded simultaneously, but the personnel who are engaged in system management often do not have the skills, resources and benefit orientation required for safety management. The personnel of information security technology management, whether quantity or level, can not meet the needs of information security situation.

b The security is not in place: the Internet is more and more comprehensive and dynamic characteristics, which is also the reason for the Internet insecurity factors. However, network users are not aware of this, do not enter the security-ready state in a hurry to operate, resulting in sensitive data exposure, the system is exposed to risk. Improperly configured or obsolete operating systems, mail programs, and internal networks can be exploited by intruders, and without careful and effective security, it is not possible to detect and Chan vulnerabilities in a timely manner. When vendors release patches or upgrade software to address security issues, many users ' systems are not synchronized, because managers are not fully aware of the risk of network insecurity, not attention.

(c) Lack of comprehensive solutions: in the face of the complex and changing world of the Internet, most users lack comprehensive security management solutions, a security-conscious user increasingly relies on "silver bullet" solutions (such as firewalls and encryption technology), but these users have also generated a false sense of safety, gradually lost vigilance. In fact, a one-time use of a scheme does not guarantee that the system is once and for all, the network security problem is far from anti-virus software and firewalls can be resolved, nor a large number of standard safety products can be solved by simple embankment. In recent years, some foreign Internet security products manufacturers timely contingency, turned into a provider of enterprise security solutions by antivirus software vendors who have launched a comprehensive range of enterprise security solutions in China, including risk assessment and vulnerability detection, intrusion detection, firewall and virtual private networks, antivirus and content filtering solutions , as well as a comprehensive portfolio of security management solutions such as enterprise management solutions.

4.4 Lack of institutionalized preventive mechanism

Many units have not established the corresponding safety precaution mechanism from the management system, in the whole operation process, lacks the effective security check and the response protection system. Imperfect systems have fostered the illegal behavior of network managers and insiders themselves. Many cyber-crimes, especially illegal operations, have been successful because of lax management of intranet computers and systems management systems. At the same time, the policies and regulations are difficult to adapt to the needs of network development, information legislation still exists quite a lot of blank. Personal privacy Protection Law, database protection Law, digital media law, digital signature authentication method, computer crime law and computer security supervision law, etc. Because the network crime method new, the time is short, does not leave the mark and so on the characteristic, has brought the extremely difficulty to the detection and the trial criminal case.

5. Some suggestions on solving the problem of network security in China

As far as the Government is concerned, the following recommendations should be adopted as soon as possible to solve the problem of cyber security:

(a) As soon as possible at the national level, a strategic "national network security Plan" is presented. To fully study and analyze the country's interests in the field of information and the internal and external threats it faces, according to our country's national conditions, the plan can strengthen and guide the network security system in all areas of national politics, military, economy, culture and social life, and invest enough funds to strengthen the information security protection of key infrastructure.

(b) Establishment of an effective national information security management system. To change the original function mismatch, overlap, and mutual conflict and other unreasonable situation, improve the Government's management function and efficiency.

(c) Expedite the introduction of relevant laws and regulations. To change some relevant laws and regulations are too general, lack of operational status quo, the various information subject rights, obligations and legal responsibilities, make clear legal definition.

D in the development of information technology, especially the key products of information security, provide a global and forward-looking development goal and related industrial policies to ensure the orderly development of information technology industry and information security products market.

E to strengthen the construction of information security infrastructure in China, to establish a fully functional and globally coordinated security technology platform (including emergency response, technical prevention and public Key Infrastructure (PKI) systems), and information security management system to support and coordinate with each other.

6. Concluding remarks

The complexity and variability of network environment and the fragility of information system determine the existence of network security threat. Our country is increasingly open and integrated into the world, but it is indispensable to strengthen security regulation and build protective barriers. "Information security is a major issue related to China's economic development, social development and national security," Xu, Minister of National Science and Technology, said in a municipal conference on information security. In recent years, with the development of international political situation and the acceleration of economic globalization, it is more and more clear that the information security problem caused by information age not only involves the national economic security and financial security, but also involves the national defense security, political security and cultural security. Therefore, it can be said that in the information society, without the protection of information security, the State has no security barrier. The importance of information security cannot be overemphasized. "At present, our Government, relevant departments and people of Insight have brought the network supervision to a new height, the department of Shanghai's Information security work proposed the use of asymmetric strategy to build the Shanghai Information Security Defense system, its core is in the weak technology, with the strengthening management system to improve the overall level of network security." Sincerely hope that in the near future, our country's information security work can follow the information development, a new level.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.