论网络安全体系设计
随着社会信息化的普及,计算机网络已经在各行各业得到了广泛的应用。目前,绝大多数业务处理几乎完全依赖计算机和网络执行,各种重要数据如政府文件、工资档案、财务账目和人事档案等均依赖计算机和网络进行存储与传输。另一方面,针对计算机和网络的攻击活动日益猖獗,网络安全已经成为当前社会的主要安全问题之一。
在上述背景下,国家标准《信息处理系统工程开放系统互联基本参考模型——第二部分:安全体系结构》(GB/T 9387.2-1995)定义了基于OSI参考模型7层协议之上的信息安全体系,其核心内容是:为了保证异构计算机进程与进程之间远距离交换信息的安全,定义了认证服务、访问控制服务、数据机密性服务、数据完整性服务和抗抵赖性服务等5大类安全服务,以及提供这些服务的8类安全机制及相应的OSI安全管理,并根据具体系统适当配置于OSI模型的7层协议之中。
问题内容:
请以“网络安全体系设计”为题,依次从以下三个方面进行论述。
1.概要叙述你参与管理和开发的软件项目以及你在其中承担的主要工作,并详细阐述该软件系统在网络安全方面的要求。
2.请对GB/T 9387.2-1995中定义的5大类安全服务进行描述,阐述每类安全服务的定义和主要实现手段。
3.请结合项目实际,具体阐述你在项目中实现了上述5大类安全服务中的哪些服务,具体运用了哪些实现手段。
正确答案及解析
正确答案
解析
本文第一部分应花400-600字的篇幅进行项目简介,涉及项目背景、规模、人员、作者的角色,开发的系统有什么样的一些功能,大体的设计。
完成本论文,需要了解标准中定义的五类安全服务。
五类安全服务:
1、鉴别服务:鉴别参与通信的对等实体和数据源的合法性。对等实体鉴别和数据源鉴别:由第N层实体提供,可向第N+1层实体证实。安全服务由第N层实体提供,可向第N+1层实体证实数据源。
2、访问控制服务:能够阻止未经授权而利用通过OSI模型的可访问资源。
3、数据保密性服务对数据提供保护,防止数据未经授权而被泄漏,防止在系统之间交换数据时被截取。它还内含四项服务:连接保密性、无连接保密性、选择字段保密性、通信业务流保密性。
4、数据完整性服务:防止系统之间交换数据,非法修改数据或丢失数据。数据完整性可分四类:实体完整性、域完整性、参照完整性、用户定义的完整性。
5、禁止否认服务:阻止通信双方否认发送和接收数据的行为。
包含此试题的试卷
你可能感兴趣的试题
Data security is the practice of protecting digital information from ( )access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the ( )security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational ( )and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should ( )the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like (作答此空),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.compression
- B.encryption
- C.decryption
- D.translation
- 查看答案
Data security is the practice of protecting digital information from ( )access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the ( )security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational ( )and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should (作答此空)the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like ( ),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.address
- B.define
- C.ignore
- D.pose
- 查看答案
Data security is the practice of protecting digital information from ( )access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the ( )security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational (作答此空)and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should ( )the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like ( ),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.behaviors
- B.cultures
- C.policies
- D.structures
- 查看答案
Data security is the practice of protecting digital information from ( )access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the (作答此空)security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational ( )and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should ( )the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like ( ),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.logical
- B.physical
- C.network
- D.Information
- 查看答案
Data security is the practice of protecting digital information from (作答此空)access,corruption,or theft throughout its entire lifecycle. It is a concept that encompasses every aspect of information security from the ( )security of hardware and storage devices to administrative and access controls,as well as the logical security of software applications. It also includes organizational ( )and procedures.Data security involves deploying tools and technologies that enhance the organization's visibility into where its critical data resides and how it is used. These tools and technologies should ( )the growing challenges inherent in securing today's complex distributed,hybrid,and/or multicloud computing environments.Ideally,these tools should be able to apply protections like ( ),data masking,and redaction of sensitive files, and should automate reporting to streamline audits and adhering to regulatory requirements.
-
- A.unauthorizeD
- B.authorizeD
- C.normal
- D.frequent
- 查看答案