On the application and influence of "cloud security" to the Internet era

1 Concept of cloud security

For the network, many concepts or nouns are imported, or literal translation or transliteration. For example: Internet (Internet), mouse (mouse), Network Surfer (Cybersurfer), hardware (hardware), software (soft ware), database (data bank), etc., "cloud security" is not the word, It is the concept of the Chinese antivirus enterprise creation, is the cloud computing in the security domain concrete application. 2006 Google launched the "Google 101 Plan", and formally put forward the "cloud" concept and theory. Then Amazon, Microsoft, Hewlett-Packard, Yahoo, Intel, IBM and other companies have announced their own "cloud plan." Since then, the concept of "cloud" is surging. The "Cloud Security" program is the latest manifestation of information security in the network era under this situation. Cloud The so-called cloud security, it is through the fusion of parallel processing, grid computing, unknown virus behavior, and so on, and rely on a large network of clients to monitor the behavior of the Internet software, so as to obtain the latest information on Trojans and malicious programs in the Internet, and sent to the server for analysis and processing, Finally, the virus and Trojan solution distributed to each customer view of the process. In other words, the so-called cloud security, is the virus collection, identification, killing, processing and other acts are all placed on the "cloud" side, based on the Internet and the terminal of the connection of the security information processing technology.

2 Benefits of "cloud security" for network users

(1) Save resources, user-friendly. Users in the process of using a computer, usually encounter such a situation: The virus attack caused by the data loss or hard disk damage, game account or bank card information was hacked and so on. Although antivirus software is installed in 90% of the current users, most users will experience similar scenarios. That is, because the killing software in the operation and open protection, will consume too much system resources, affecting the overall speed and performance of the ※※, this is the user in the security software is the most headache problem. With the concept of "cloud security", this problem can be effectively avoided by cloud security technology. For example, the data can be stored on the network services, no longer worry about the loss of data or damage. In the anti-virus aspect, the user also can obviously feel the computer anti-virus software no longer invades the excessive memory space, the computer's whole also does not need because of the anti-virus to appear the running speed to descend the condition.

(2) Stop the virus at any time before the threat arrives. At present, the detection rate of the virus is much concerned, and the detection rate determines the performance of killing soft. Before the anti-virus software is a virus to the security software to kill, so that not only waste time, but also may cause security risks. Now have the cloud security, in the cloud can be eradicated, the virus is too late to endanger the computer. Cloud security, in contrast to tradition, places virus definitions and feature libraries on the server side (cloud), allowing users to access and use the tens of millions of virus feature library to identify a corresponding threat only in the context of local invocation of the engine and feature library. The detection rate of virus Trojan sample up to 99% has been verified by many times, which confirms the absolute advantage of cloud security.

(3) Resource sharing, effective protection against virus intrusion. With cloud security, the first user will be attacked by a virus, and all other users will be spared. "Cloud security" to make full use of network support to achieve real-time virus collection. Cloud data is updated in real time, only the first user will be the victim, and thousands of users will not be harassed by the same virus. And for the first victim, products that use cloud security technology can also address the threat in the first time. In this way, the more users, the wider the distribution of the network, the "cloud" of the larger data, the faster the update. This will allow all users to enjoy more and more excellent service.

3 Cloud security technology impact on the network

With the rapid development of communication technology and network technology, all kinds of Trojan and virus appear "blowout type" outbreak situation. The virus also utilizes the function of the Internet to realize the network of infection and harm. Compared with the past and present virus characteristics, we can find that the computer virus itself has not made much progress in technology, precisely the continuous development of the network has greatly improved its operational efficiency. With the change of network security situation, the traditional code can not meet the changing anti-virus demand, and can not effectively deal with the security threat posed by virus. Therefore, more effective methods must be established to make up for the shortcomings of traditional methods. How to deal with the Internet of virus? Can we make the corresponding anti-virus software also take full advantage of the network of fast-spreading characteristics, to the internet direction of change? This is what we say, strive to improve and promote the "cloud security" technology, so that "cloud security" into every user's computer to the maximum to protect against the virus.

3.1 Main forms of the computer network under attack

The computer network is attacked form, mainly has the following six kinds.

(1) Internal cyber and destruction. Internal personnel knowingly or unintentionally leak, destroy the network system or change the record information.

(2) Intercept all kinds of information. The attacker may intercept the confidential information or analyze parameters such as information flow and flow, communication frequency and length by means of wiring or installing intercept devices within the scope of electromagnetic radiation, and introducing useful information.

(3) Illegal access. Illegal use of network resources or unauthorized use of network resources, mainly including the system of illegal operation, illegal users into the network or the legitimate user to operate in an unauthorized manner.

(4) Take advantage of some unsafe factors on TCP/IP protocol. Currently widely used TCP/IP protocols have a large number of security vulnerabilities, such as the designated source route (the source point can specify the message packet to transfer to the destination node of the intermediate route), or through the forgery of packets, etc., to do APR spoofing and IP spoofing attacks.

(5) Virus destruction. Refers to the illegal use of the virus to occupy bandwidth, plug the network, so that the server into paralysis, causing the system crash or let the server flooded with a lot of spam, resulting in lower data performance.

(6) Other network attack mode. Including the destruction of network system availability, so that legitimate users can not normally access network resources, denial of service or even destroy the system, damage the integrity of the system information, but also may impersonate the host to deceive legitimate users, illegal occupation of system resources.

3.2 Anti-virus strategy based on cloud security technology

After the "cloud project" emerged, the various software providers to launch their own "cloud security" technology products, then "cloud security" technology is how to protect against the virus? The author takes the threat management technology introduced by trend technology as an example to discuss the anti-virus strategy based on cloud security technology.

The so-called trend technology introduces threat management technology, which is designed to protect users ' personal information and property from spam, malicious programs, data leaks and the latest web threats. When the user is accessing the Internet, downloading files or receiving mail, cloud security will turn the user request to the trend Cloud threat database for query comparison, once the database discovers the target address has the threatening information, the database will immediately block the user request, thus promptly blocks the malicious threat, protects the user's computer security, In order to reduce the probability of university library network being infected by malware, and reduce the computer nearly 70% of the core memory by a variety of destructive footprint. Cloud security technology mainly includes web reputation technology (WRT), mail reputation Technology (ERT) and file Reputation technology (FRT).

Reference Web reputation Technology: According to the site's existing time, historical location changes and malicious software analysis showed suspicious activity signs, such as 50 indicators for the URL rating credit score, so as to record the credibility of the URL, as a site to determine whether the security of one of the conditions.

(2) The credibility of the technology: according to the known spam source reputation database Check IP address, the use of real-time evaluation of the e-mail sender's reputation of dynamic services, to authenticate the IP address, the malicious e-mail interception in the cloud, thereby preventing various threats to reach the network or user's computer.

(3) File reputation technology: Before allowing users to access, check each email or Web site links in the credibility of the file. High-performance content-providing networks and local buffering servers will reduce latency to a minimum-measured in milliseconds.

Application of 3.3 Cloud security technology in Network

Cloud security technology in the application of the network has become more and more extensive, which is related to our daily life, but also the most common is the cloud storage and cloud killing.

(1) cloud storage. Before the concept of "cloud" appeared, people want to carry electronic data information, must have a computer or mobile hard disk, U disk and other ancillary equipment, and if people need to travel, usually because of the need to carry things over to bring a lot of inconvenience. For such issues, cloud security can also help users share the burden. Some network operators provide users with cloud-based Internet backup services to provide users with large storage space. This allows users to travel without the heavy notebook, mobile hard drives and other devices, especially for some people who need to carry large capacity storage information to provide a lot of convenience. In terms of security, through the "Cloud Security" program, to lift the user's worries. As long as there is a network access, users can be free and secure upload downloads.

(2) cloud killing. Cloud killing is to send the information needed to be sent to the cloud Computing Center for analysis, centralized all resources, and automatic management by software, process without human participation. This allows the application provider to be more focused on its business and to develop innovation and reduce technical costs and save human and material resources without having to worry about tedious details. For example: This is like switching from an old single generator to a centralized power supply model. It means that computing power can also be used as a commodity for circulation, like gas, easy to use, low-cost. The biggest difference is that it is transmitted over the Internet.

4 implementation difficulties of "cloud security" plan and its technical development prospect

4.1 Difficulties in the implementation of the "Cloud Security" program

Throughout the full text, the "cloud Security" program can provide more and better security for the network. However, to build a "cloud security" system, and make it normal operation, there are many practical problems, the key is to solve the four major problems: the need for a large number of clients (cloud security probes), the need for professional anti-virus technology and experience, need a lot of money and technical input, must be open system, And the need for a large number of partners to join.

4.2 Prospect of the future development of "cloud security" technology

In the current network age, with the continuous development of network technology, virus increasingly rampant. In this case, the network security problem has become a common challenge for the people in the information age, which is as follows: The computer system is infected and destroyed by virus is very serious; the cyber-hacker activity has formed the important threat; The information infrastructure is confronted with the challenge of the network security problem; There are many weaknesses in the prevention and recovery capacity, and cyber political subversive activities are frequent. In this case, it is very urgent and important to establish a security technology platform with complete function and global coordination.

In the past few years, the domestic Information security technology field Cloud security technology research and development, although the current China's "cloud security" technology has yet to be further improved, but also constantly questioned the role of cloud security, that is just a gimmick and not necessarily the real technology and service model innovation, but in the "cloud security" support, Anti-virus software in the "total interception", "thorough killing" and "speed response" in the three major areas show the extraordinary strength, comprehensive solution to the "virus Trojans spread", "Trojan Download Overflow", "anti-virus software lag behind the virus" three major anti-virus industry historical problems of the extraordinary performance, has shown that "cloud security" is actually a trend, Irreversible。

The application of computers and their networks has been increasingly geared towards all ordinary consumers, providing a cheap Internet that allows more citizens to use information without time, space and language restrictions. Provide ultra-high speed, large capacity of network access forms, increase the spread of information and speed of transmission, to provide a stronger data processing capacity to meet the different groups, different industries and the whole society's medical, welfare, employment, education, savings, distribution and other aspects of the application needs.

In addition, the development of network and computer related technology, such as encryption technology, for computer use and network security to provide a good environmental protection, effectively avoid computer hacking, tampering with computer data, information abuse and other phenomena, for the full application of our computer, to provide reliable information resources.