Abstract: This paper discussed the secure and dependable problem about the computer network system. On some aspects: the importance of network security, basic theory, function, and the method of solving a problem, etc. Good views for solving the problem are put forward. It strengthens people’s consciousness on network security.
Key words: Computer network Virtual private network Encryption techniques Firewall
Introduction: Along with the computer network technology development, the network security and the reliability have become the question of common interest by all users. The people all hoped their own network system can move reliably, not external intruder disturbance and destruction. Therefore solves the network security and the reliable problem carefully, is a guarantee the network normal operation’s premise and safeguard.
First, the importance of the network security. With the informationization developing fast today, the computer network obtained the widespread application, but along with the network information transmission capacity growing faster, some organizations and departments benefit the speedup with the service operation in the network, while, the data has also suffered to extent attack and destruction. The aggressor may intercept the information in the network, steals the user’s password, the database information; also may tamper with the database content, the forge user’s status, denies own signature. And what is more, the aggressor may delete the database content, the destroy node, releases computer virus and so on. This cause data security and own benefit have received the serious threat.
According to American FBI (US Federal Bureau of Investigation) investigation, the network security creates the economic loss surpasses 17,000,000,000 dollars every year. 75% corporation report finance loss is because the computer system security problem creates. More than 50% safe threat come from inside. But only 59% loss could be possible estimate. In China, the economic loss amount in view of financial domain and the bank, negotiable securities computer system security problems creates has reached as high as several hundred million Yuan, also sometimes occurs in view of other profession network security threat.
Thus it can be seen, regardless of is the mean attack, or unconscious disoperation, will all be able to bring the inestimable loss to the system. Therefore, the computer network must have the enough strong security measure. Regardless of is in the local area network or in WAN, the network security measure should be Omni-directional in view of each kind of different threat and the vulnerability, so that it can guarantee the network information’s secrecy, the integrity and the usability.
Second, network security rationale. International Standardization Organization (ISO) once suggested the computer security the definition was: “The computer system must protect its hardware, the data not accidentally or reveals intentionally, the change and the destruction.” In order to help the computer user discrimination and the solution computer network security problem, the American Department of Defense announced “the orange peel book” (orange book, official name is “credible computer system standard appraisal criterion”), has carried on the stipulation to the multiuser computer system security rank division.
The orange peel book from low to high divides into the computer security four kinds of seven levels: D1, C1, C2, B1, B2, B3, A1.Above all,D1 level does not have the lowest safety margin rank, C1 and the C2 level has the lowest safety margin rank, B1 and the B2 level has the medium safekeeping of security ability rank, B3 and A1 belongs to the highest security rating.
In the network concrete design process, it should act according to each technology standard, the equipment type, the performance requirement as well as the funds which in the network overall plan proposed and so on, the overall evaluation determines one quite reasonably, the performance high network security rank, thus realization network security and reliability.
Third, the network security should have function. In order to adapt the information technology development well, the computer network application system must have following function: (1) Access control: Through to the specific webpage, the service establishment access control system, in arrives the overwhelming majority attack impediment in front of the attack goal. (2) Inspects the security loophole: Through to security loophole cyclical inspection, even if attacks may get the attack goal, also may cause the overwhelming majority attack to be invalid.
(3) Attack monitoring: Through to specific webpage, service establishment attack monitoring system, but real-time examines the overwhelming majority attack, and adopts the response the motion (for example separation network connection, recording attack process, pursuit attack source and so on). (4) Encryption communication: Encrypts on own initiative the communication, may enable the aggressor to understand, the revision sensitive information. (5) Authentication: The good authentication system may prevent the aggressor pretends the validated user.
(6) Backup and restoration: The good backup and restores the mechanism, may causes the losses when the attack, as soon as possible restores the data and the system service. (7) Multi-layered defense: The aggressor after breaks through the first defense line delays or blocks it to reach the attack goal.
(8) Sets up the safe monitoring center: Provides the security system management, the monitoring, the protection and the emergency case service for the information system.
Fourth, the network system safety comprehensive solution measures. If want to realize the network security function, we should carry on the Omni-directional guarding to the network system, and thus formulate the quite reasonable network security architecture. Below on the network system security problem, proposes some guard measure.
Physics safe may divide into two aspects: One is the artificial harm to the network; the other is the network to the users. Most common thing is the constructor who did not understand to the buried cable clearly, thus lead to the destruction of electric cable, this kind of situation may through standing symbolized the sign guards against; Has not used the structurized wiring the network to be able to appear the user frequently to the electric cable damage, this needs to use the structurized wiring to install the network as far as possible; Artificial or natural disaster influence, when to consider the plan.
The access control security, the access control distinguishes and confirms the user, limits the user in the already activity and the resources scope which is authorized. The network access control safe may consider from following several aspects.
Courtney from Study Moose
Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/3TYhaX