網(wǎng)絡(luò)工程專業(yè)外文翻譯、英漢互譯、中英對(duì)照

1、 2012 屆本科畢業(yè)設(shè)計(jì)(論文)外文文獻(xiàn)翻譯學(xué) 院： 計(jì)算機(jī)科學(xué)與工程學(xué)院 專 業(yè)： 網(wǎng)絡(luò)工程 姓 名： 學(xué) 號(hào)： (用外文寫)外文出處： security and precaution on computer network 附 件： 1.外文資料翻譯譯文；2.外文原文。附件1：外文資料翻譯譯文第一章計(jì)算機(jī)網(wǎng)絡(luò)安全與防范1.1引言計(jì)算機(jī)技術(shù)的飛速發(fā)展提供了一定的技術(shù)保障，這意味著計(jì)算機(jī)應(yīng)用已經(jīng)滲透到社會(huì)的各個(gè)領(lǐng)域。在同一時(shí)間，巨大的進(jìn)步和網(wǎng)絡(luò)技術(shù)的普及，社會(huì)帶來了巨大的經(jīng)濟(jì)利潤。然而，在破壞和攻擊計(jì)算機(jī)信息系統(tǒng)的方法已經(jīng)改變了很多的網(wǎng)絡(luò)環(huán)境下，網(wǎng)絡(luò)安全問題逐漸成為計(jì)算機(jī)安全的主流。1.2網(wǎng)

2、絡(luò)安全1.2.1計(jì)算機(jī)網(wǎng)絡(luò)安全的概念和特點(diǎn)計(jì)算機(jī)網(wǎng)絡(luò)的安全性被認(rèn)為是一個(gè)綜合性的課題，由不同的人，包括計(jì)算機(jī)科學(xué)、網(wǎng)絡(luò)技術(shù)、通訊技術(shù)、信息安全技術(shù)、應(yīng)用數(shù)學(xué)、信息理論組成。作為一個(gè)系統(tǒng)性的概念，網(wǎng)絡(luò)的安全性由物理安全、軟件安全、信息安全和流通安全組成。從本質(zhì)上講，網(wǎng)絡(luò)安全是指互聯(lián)網(wǎng)信息安全。一般來說，安全性、集成性、可用性、可控性是關(guān)系到網(wǎng)絡(luò)信息的相關(guān)理論和技術(shù)，屬于計(jì)算機(jī)網(wǎng)絡(luò)安全的研究領(lǐng)域。相反，狹隘“網(wǎng)絡(luò)信息安全”是指網(wǎng)絡(luò)安全，這是指保護(hù)信息秘密和集成，使用竊聽、偽裝、欺騙和篡奪系統(tǒng)的安全性漏洞等手段，避免非法活動(dòng)的相關(guān)信息的安全性?？傊?，我們可以保護(hù)用戶利益和驗(yàn)證用戶的隱私。計(jì)算機(jī)網(wǎng)絡(luò)安

3、全有保密性、完整性、真實(shí)性、可靠性、可用性、非抵賴性和可控性的特點(diǎn)。隱私是指網(wǎng)絡(luò)信息不會(huì)被泄露給非授權(quán)用戶、實(shí)體或程序，但是授權(quán)的用戶除外，例如，電子郵件僅僅是由收件人打開，其他任何人都不允許私自這樣做。隱私通過網(wǎng)絡(luò)信息傳輸時(shí)，需要得到安全保證。積極的解決方案可能會(huì)加密管理信息。雖然可以攔截，但它只是沒有任何重要意義的亂碼。完整性是指網(wǎng)絡(luò)信息可以保持不被修改、破壞，并在存儲(chǔ)和傳輸過程中丟失。誠信保證網(wǎng)絡(luò)的真實(shí)性，這意味著如果信息是由第三方或未經(jīng)授權(quán)的人檢查，內(nèi)容仍然是真實(shí)的和沒有被改變的。因此保持完整性是信息安全的基本要求?？煽啃孕畔⒌恼鎸?shí)性主要是確認(rèn)信息所有者和發(fā)件人的身份?？煽啃员砻髟撓到y(tǒng)

4、能夠在規(guī)定的時(shí)間和條件下完成相關(guān)的功能。這是所有的網(wǎng)絡(luò)信息系統(tǒng)的建立和運(yùn)作的基本目標(biāo)?？捎眯员砻骶W(wǎng)絡(luò)信息可被授權(quán)實(shí)體訪問，并根據(jù)自己的需求使用。不可抵賴性要求所有參加者不能否認(rèn)或推翻成品的操作和在信息傳輸過程中的承諾。處理不可抵賴性的措施之一是使用數(shù)字簽名技術(shù)。可控性指示控制網(wǎng)絡(luò)信息傳輸和內(nèi)容的能力上。例如，禁止違法和不良信息通過公共網(wǎng)絡(luò)傳輸。1.3計(jì)算機(jī)網(wǎng)絡(luò)所面臨的威脅計(jì)算機(jī)網(wǎng)絡(luò)所面臨的各種威脅有：惡意攻擊，泄漏軟件，計(jì)算機(jī)病毒和自然災(zāi)害。1.3.1惡意攻擊惡意攻擊被認(rèn)為是計(jì)算機(jī)網(wǎng)絡(luò)的嚴(yán)重威脅之一。根據(jù)建議可以將人為破壞分為主動(dòng)攻擊和被動(dòng)攻擊。主動(dòng)攻擊旨在破壞網(wǎng)絡(luò)和信息，通常使用的方式有修改

5、、刪除、弄虛作假、欺騙、病毒和邏輯炸彈。一旦成功，它可能會(huì)停止網(wǎng)絡(luò)系統(tǒng)的運(yùn)行，甚至整個(gè)系統(tǒng)的癱瘓。被動(dòng)攻擊是為了獲取信息，這通常是進(jìn)行竊取秘密信息，我們知道的，如在不影響正常運(yùn)行的情況下進(jìn)行的竊取貿(mào)易和商業(yè)秘密、項(xiàng)目計(jì)劃、投標(biāo)數(shù)字和個(gè)人信息。惡意攻擊，不管是模仿或者被動(dòng)，都可能會(huì)損壞嚴(yán)重的電腦網(wǎng)絡(luò)，導(dǎo)致機(jī)密數(shù)據(jù)的泄漏，最終造成不可挽回的損失。1.3.2軟件的泄漏和后門（計(jì)算）有兩種軟件泄漏：一種是通過建議精心設(shè)計(jì)來控制系統(tǒng)和竊取信息為將來使用所準(zhǔn)備，另一種是意外，比如因?yàn)樵O(shè)計(jì)師的疏忽或其他技術(shù)元素。然而，由于這些漏洞的存在導(dǎo)致了嚴(yán)重的隱藏的網(wǎng)絡(luò)安全威脅。例如，為了方便地進(jìn)入操作系統(tǒng)開發(fā)者沒有為

6、系統(tǒng)設(shè)置進(jìn)入密碼，這將為黑客提供進(jìn)入系統(tǒng)的通道。進(jìn)行作業(yè)系統(tǒng)時(shí)，一些系統(tǒng)進(jìn)程一直在等待某些條件，一旦一次滿意的條件下出現(xiàn)，這一進(jìn)程將繼續(xù)運(yùn)行，這也可以被黑客利用。否則，雖然一直保持保密，由程序員設(shè)置了供自己使用的一些后門程序（計(jì)算），如果它們泄露出去，或由其他人發(fā)現(xiàn)這可能會(huì)帶來巨大的損害和信息丟失。1.3.3計(jì)算機(jī)病毒破壞網(wǎng)絡(luò)安全計(jì)算機(jī)病毒是一個(gè)專門的計(jì)算機(jī)程序，它通過各種渠道比如磁盤，光盤和計(jì)算機(jī)網(wǎng)絡(luò)進(jìn)行復(fù)制和傳播。它在20世紀(jì)80年代首先發(fā)現(xiàn)，到現(xiàn)在的數(shù)字已經(jīng)提高到世界各地的10,000多個(gè)。同時(shí)，隱瞞、傳染和破壞也進(jìn)一步發(fā)展。隨著互聯(lián)網(wǎng)的飛速發(fā)展，計(jì)算機(jī)病毒的擴(kuò)散速度已經(jīng)在很大程度上加快

7、，大大破壞和傳染世界各地資源。這場(chǎng)災(zāi)難對(duì)每一個(gè)國家和整個(gè)世界的信息系統(tǒng)產(chǎn)生了一個(gè)嚴(yán)重的影響。美國大約63%的計(jì)算機(jī)被傳染了病毒， 9的情況下已經(jīng)導(dǎo)致了超過10萬美元的損失，根據(jù)著名的mis系統(tǒng)管理和數(shù)據(jù)任務(wù)營銷公司進(jìn)行的研究。在1996年，計(jì)算機(jī)病毒已經(jīng)造成美國制造業(yè)大1億美元的經(jīng)濟(jì)損失?；ヂ?lián)網(wǎng)提供了計(jì)算機(jī)病毒容易擴(kuò)散的環(huán)境，同時(shí)增加了消滅他們的困難。計(jì)算機(jī)病毒的傳播，不僅破壞網(wǎng)絡(luò)，也使網(wǎng)絡(luò)信息泄漏。計(jì)算機(jī)病毒已經(jīng)嚴(yán)重威脅到網(wǎng)絡(luò)安全，特別是專用網(wǎng)絡(luò)。病毒代碼很小，通常附在其他文件或程序末尾，因此它們很容易隱藏在系統(tǒng)內(nèi)部。病毒的自我復(fù)制能力使其在網(wǎng)絡(luò)上傳播時(shí)能夠傳染給其他文件和程序，病毒一旦擴(kuò)散

8、到網(wǎng)絡(luò)上就非常難以追蹤了。1987年，計(jì)算機(jī)病毒在美國四處蔓延，而且第一種計(jì)算機(jī)病毒“小球”在當(dāng)年年底傳播到我國。從那以后，已經(jīng)發(fā)現(xiàn)進(jìn)口和國內(nèi)的病毒。迄今為止，計(jì)算機(jī)病毒已經(jīng)增加到20,000多種；其中90以上能攻擊微型計(jì)算機(jī)。病毒的基本特征有：（1） 傳染：計(jì)算機(jī)病毒作為一個(gè)程序，能自我復(fù)制到其他正常程序或者系統(tǒng)的某些部件上，例如磁盤的引導(dǎo)部分。這是病毒程序的基本特征。隨著網(wǎng)絡(luò)日益廣泛發(fā)展，計(jì)算機(jī)病毒能夠在短時(shí)間內(nèi)通過網(wǎng)絡(luò)廣泛傳播。（2） 潛伏：隱藏在受感染系統(tǒng)內(nèi)的病毒并不立即發(fā)作；相反，在它發(fā)作前，需要一定時(shí)間或具備某些條件。在潛伏期內(nèi)，它并不表現(xiàn)出任何擾亂行動(dòng)，因此很難發(fā)現(xiàn)病毒并且病毒能

9、夠繼續(xù)傳播。一旦病毒發(fā)作，它能造成嚴(yán)重破壞。（3） 可觸發(fā)性：一旦具備某些條件，病毒便開始攻擊。這一特征稱作可觸發(fā)性。利用這一特征，我們能控制其傳染范圍和攻擊頻率。觸發(fā)病毒的條件可能是預(yù)設(shè)的日期、時(shí)間、文件種類或計(jì)算機(jī)啟動(dòng)次數(shù)等。（4） 破壞：計(jì)算機(jī)病毒造成的破壞是廣泛的它不僅破壞計(jì)算機(jī)系統(tǒng)、刪除文件、更改數(shù)據(jù)等，而且還能占用系統(tǒng)資源、擾亂機(jī)器運(yùn)行等。其破壞表現(xiàn)出設(shè)計(jì)者的企圖。通過我們已經(jīng)學(xué)過的知識(shí)，我們知道病毒有如下的分類：（1） 按寄生分類按寄生，計(jì)算機(jī)病毒可分成引導(dǎo)病毒、文件病毒和混合病毒。引導(dǎo)病毒：指寄生在磁盤引導(dǎo)部分的那些計(jì)算機(jī)病毒。它是一種常見病毒，利用計(jì)算機(jī)系統(tǒng)通常不檢查引導(dǎo)部分

10、的內(nèi)容是否正確的弱點(diǎn)，并且留存在內(nèi)存中，監(jiān)視系統(tǒng)運(yùn)行，一有機(jī)會(huì)就傳染和破壞。按寄生在磁盤的位置，它能進(jìn)一步分成主引導(dǎo)記錄病毒和段引導(dǎo)記錄病毒。前者傳染硬盤的主引導(dǎo)部分，例如“marijuana”病毒、“2708”病毒、“porch”病毒；段記錄病毒傳染硬盤上的常用段記錄，例如“小球”病毒、“女孩”病毒等。（2） 按后果分類從后果看，計(jì)算機(jī)病毒能分成“良性”病毒和“惡性”病毒?！傲夹浴辈《緦⑵茐臄?shù)據(jù)或程序，但不會(huì)使計(jì)算機(jī)系統(tǒng)癱瘓。這種病毒的始作俑者大多是胡鬧的黑客他們創(chuàng)造病毒不是為了破壞系統(tǒng)，而是為了炫耀他們的技術(shù)能力；一些黑客使用這些病毒傳播他們的政治思想和主張，例如“小球”病毒和“救護(hù)車”病

11、毒?！皭盒浴辈《緦⑵茐臄?shù)據(jù)和系統(tǒng)，導(dǎo)致整個(gè)計(jì)算機(jī)癱瘓，例如chi病毒，“porch”病毒。這些病毒一旦發(fā)作，后果將是無法彌補(bǔ)的。應(yīng)當(dāng)指出，“危險(xiǎn)”是計(jì)算機(jī)病毒的共同特征?！傲夹浴辈《静⒎峭耆辉斐晌ｋU(xiǎn)，而只是危險(xiǎn)后果相對(duì)較輕?！傲夹浴敝皇且粋€(gè)相對(duì)概念。事實(shí)上，所有計(jì)算機(jī)病毒都是惡性的。1.4計(jì)算機(jī)網(wǎng)絡(luò)安全防范措施為了保護(hù)網(wǎng)絡(luò)資源，我們應(yīng)該指導(dǎo)一些管理和合理的說明。此外，我們必須進(jìn)行有關(guān)的技術(shù)措施，旨在解決網(wǎng)絡(luò)安全中存在的問題，實(shí)現(xiàn)網(wǎng)絡(luò)和數(shù)據(jù)的保護(hù)。在此之后，可以保證定期循環(huán)，可以確保合法用戶的利益。目前，處理網(wǎng)絡(luò)安全的措施如下：防火墻技術(shù)，加密技術(shù)，訪問控制技術(shù)和病毒防護(hù)技術(shù)。1.4.1防火墻

12、技術(shù)在目前保護(hù)計(jì)算機(jī)網(wǎng)絡(luò)安全的技術(shù)措施中，防火墻可以分割本地網(wǎng)絡(luò)和主網(wǎng)絡(luò)，在保護(hù)網(wǎng)絡(luò)和外部網(wǎng)絡(luò)之間限制信息訪問和傳輸。防火墻是關(guān)閉在網(wǎng)絡(luò)拓?fù)浣Y(jié)構(gòu)和服務(wù)上不安全因素來提高網(wǎng)絡(luò)的工具。它保護(hù)的對(duì)象之一就是明確在網(wǎng)絡(luò)接近臨界點(diǎn)的模塊，而它遠(yuǎn)離是外部威脅來保護(hù)網(wǎng)絡(luò)。因此，在公司它首先是適合在專門的網(wǎng)絡(luò)，尤其是連接公共網(wǎng)絡(luò)。防火墻三個(gè)的基本功能如下：過濾。它可以拒絕未經(jīng)授權(quán)的電腦主機(jī)發(fā)送tcp / ip協(xié)議數(shù)據(jù)，并拒絕接受未經(jīng)授權(quán)的服務(wù)鏈接要求。網(wǎng)絡(luò)地址轉(zhuǎn)換。翻譯內(nèi)部主機(jī)的ip地址以避免通過外部監(jiān)視器被檢測(cè)，或者我們可以說成ip偽裝。代理服務(wù)。代表主機(jī)電腦應(yīng)用方面具有較高水平，能夠完全中斷連接之間的跨主

13、機(jī)和外部網(wǎng)絡(luò)層。我們應(yīng)該更加注重的是沒有防火墻可以提供絕對(duì)的保護(hù)。防火墻具有邊界，其中包括來自防火墻外部其他攻擊方式的無用保護(hù)；難以阻止病毒污染的軟件或文件的傳輸，幾乎沒有拒絕構(gòu)成內(nèi)部用戶的威脅；幾乎可以防止運(yùn)行數(shù)據(jù)的攻擊。此外，由于防火墻的安全政策在公司是由網(wǎng)絡(luò)管理員來控制的，所以他的道德標(biāo)準(zhǔn)似乎更為重要。1.4.2 加密技術(shù)加密的目的是為了保護(hù)數(shù)據(jù)、文件、密碼和網(wǎng)絡(luò)上的控制信息，以及保護(hù)網(wǎng)絡(luò)上數(shù)據(jù)傳輸。這個(gè)過程實(shí)際上是進(jìn)行了各種加密算法，用最低的成本獲得一些保護(hù)。在大多數(shù)情況下，加密是保證信息保密性和重要性的唯一途徑。加密系統(tǒng)可以根據(jù)分類代碼之間信息的發(fā)送者和接受密碼的方式，通常被劃分成對(duì)

14、稱加密代碼（單個(gè)鍵）和公共加密代碼（雙擊鍵），如典型的代表des和rsa。伴隨著高加密產(chǎn)生的優(yōu)勢(shì)之一是對(duì)稱加密代碼管理與安全方式傳輸信息的難度。公眾的加密代碼的優(yōu)勢(shì)是它可以適用于網(wǎng)絡(luò)不限成員名額的要求，并實(shí)現(xiàn)數(shù)字簽名和驗(yàn)證。然而，復(fù)雜的算法將使數(shù)據(jù)加密速度放緩。隨著現(xiàn)代電子技術(shù)和加密技術(shù)的發(fā)展，公共密碼編碼算法將逐漸成為網(wǎng)絡(luò)安全加密系統(tǒng)的主流。人們通常將常規(guī)密碼和公共密碼在網(wǎng)絡(luò)安全中一起同應(yīng)用。常規(guī)的網(wǎng)絡(luò)數(shù)據(jù)加密具有鏈路、節(jié)點(diǎn)和端到端的方式。作為最常用的加密方式，鏈路加密可以通過鏈路層和物理層在網(wǎng)絡(luò)和硬件條件下實(shí)現(xiàn)。它用來保護(hù)通信節(jié)點(diǎn)傳輸?shù)臄?shù)據(jù)，對(duì)用戶是透明的。節(jié)點(diǎn)加密提高了鏈路加密和克服鏈路

15、加密很容易被非法訪問的缺陷。它也可以在協(xié)議傳輸層加密，使原始節(jié)點(diǎn)和目的節(jié)點(diǎn)之間傳輸?shù)臄?shù)據(jù)進(jìn)行加密保護(hù)。端到端的加密是在網(wǎng)絡(luò)層，在表示層中的網(wǎng)絡(luò)和數(shù)據(jù)傳輸加密具有高水平的水準(zhǔn)，而不是低級(jí)別的協(xié)議信息。相比鏈路加密它往往是由軟件完成，它具有較低的成本和更高的安全性。1.4.3訪問控制技術(shù)它是網(wǎng)絡(luò)安全防范和保護(hù)的主要技術(shù)。并且關(guān)鍵的任務(wù)是確保網(wǎng)絡(luò)資源不會(huì)被非法使用和訪問。此技術(shù)規(guī)范每一個(gè)文件和資源，比如可讀、可錄制和可以修改用戶的操作權(quán)限。據(jù)預(yù)計(jì)，所有的信息資源可以集中管理，沒有任何含糊和以往法規(guī)之間也沒有沖突。它應(yīng)該與審計(jì)功能記錄所有活動(dòng)作進(jìn)一步檢查，以及提供微控制。為了保障網(wǎng)絡(luò)系統(tǒng)的安全性和保護(hù)

16、網(wǎng)絡(luò)資源，訪問控制技術(shù)是保障網(wǎng)絡(luò)安全的最重要的核心的之一。1.4.4病毒防范技術(shù)目前，日益發(fā)達(dá)的網(wǎng)絡(luò)技術(shù)提供了多種方式的傳輸，使病毒的極大威脅網(wǎng)絡(luò)安全與傳播的多元化路線。專門的反病毒軟件可以被認(rèn)為是以最常用的方式驅(qū)逐電腦病毒，它還可以自動(dòng)檢測(cè)和刪除在內(nèi)存、bios和磁盤中的病毒。然而，反病毒軟件的探索和更新總是遠(yuǎn)遠(yuǎn)落后于新病毒的出現(xiàn)，所以它有時(shí)可能不能夠檢測(cè)或刪除一些病毒。盡管反病毒軟件的版本已日益更新和功能大大提高，帶有病毒的程序和常規(guī)程序有共同的相似性和特異性目標(biāo)。更重要的是，人們很難預(yù)測(cè)病毒在未來如何發(fā)展和變化，所以我們?cè)谔剿鬈浖头床《居布O(shè)備的時(shí)候也有巨大的困難。此外，一旦病毒成功通

17、過穿過系統(tǒng)或違反授權(quán)攻擊，攻擊者通常植入木馬程序或者系統(tǒng)邏輯炸彈來為下一步攻擊系統(tǒng)提供便利條件?；ヂ?lián)網(wǎng)正在挑戰(zhàn)很多的反病毒軟件。如今，每天都會(huì)有幾十種新病毒出現(xiàn)，其中大多數(shù)是通過互聯(lián)網(wǎng)傳播。為了有效地保護(hù)企業(yè)的信息化，防病毒軟件應(yīng)該支持所有的因特網(wǎng)協(xié)議及可用于所有的企業(yè)的郵件系統(tǒng)，保證它能夠及時(shí)申請(qǐng)和跟上不斷變化的世界步伐。有些像諾頓的防病毒軟件，mcafee公司做出了很大的進(jìn)展。不僅有效地切斷病毒訪問，而且可以保護(hù)企業(yè)和其他方面避免病毒的爆發(fā)和造成經(jīng)濟(jì)損失。1.5總結(jié)隨著計(jì)算機(jī)技術(shù)的飛速發(fā)展，計(jì)算機(jī)已成為一種工具，同時(shí)網(wǎng)絡(luò)已經(jīng)成為我們的日常工作、學(xué)習(xí)和生活中的重要組成部分之一。因此，網(wǎng)絡(luò)安全

18、技術(shù)已成為信息網(wǎng)絡(luò)發(fā)展的關(guān)鍵點(diǎn)。當(dāng)人們踏進(jìn)信息社會(huì)第一步的時(shí)候，它已變得對(duì)社會(huì)發(fā)展具有重大的戰(zhàn)略意義。網(wǎng)絡(luò)安全技術(shù)是保證社會(huì)發(fā)展不可替代的保證。中國仍然處于網(wǎng)絡(luò)安全探索和信息網(wǎng)絡(luò)技術(shù)產(chǎn)品探索的原始階段，這意味著我們應(yīng)該大力地研究、開發(fā)、探索確保信息安全的措施，從而促進(jìn)了國民經(jīng)濟(jì)的快速發(fā)展。附件1：外文原文security and precaution on computer network1.1 introductionthe rapid development of computer technology has provided certain technological protecti

19、on, which means computer application has infiltrated into various fields of society. at the same time, enormous progress and popularization of network technology has brought large economic profits to the society. however, ways to sabotage and attack computer information system has changed a lot unde

20、r the network circumstance which gradually makes network security issues the mainstream of computer security.1.2 network security1.2.1 concept and characteristics of computer network security.computer network security is considered to be a comprehensive subject that consists of various ones, includi

21、ng computer science, network technology, communication technology, information security technology, applied mathematics and information theory. as a systemic concept, network security is composed by physical security, software security, information security and circulation security. essentially, net

22、work security means internet information security. generally speaking, relevant theory and technology on security, integration, availability, and controllability that is related to network information belong to research fields of computer network security. on the contrary, narrowly, network informat

23、ion security means security of relevant information on network, which is to protect the information secret and integration, avoiding illegal activities by using system security vulnerabilities made to wiretap, pretend, spoof and usurp. above all, we can protect validated users profits and privacy.co

24、mputer network security is characterized by privacy, integrity, facticity, reliability, availability, non-repudiation and controllability.privacy refers to network information will not be leaked to non-authorized users, entities or procedures, but only for authorized users, for example, mails can me

25、rely be opened by addressees, anyone else are not allowed to do that privately. when transferring information with network, privacy needs to be guaranteed. positive solution might be made to encrypt management on information. although one can intercept that, its just insignificant unicode without ay

26、 importance.integrity means network information can be kept not being modified, sabotaged and lost in the process of storage and transmission. integrity guarantees facticity, which means if the information is checked by the third party or non-authorized person, the content, is still for real, not be

27、ing changed. so keeping integrity is the basic requirement for information security.facticity points to reliability on information, mainly confirms identities of information owner and sender. reliability indicates that system can accomplish regulated functions with stated conditions and limited time

28、. its the basic aim for all network information system establishment and operation.availability shows that network information can be visited by authorized entities and be used according to their demand.non-repudiation requires all participants that can not deny or repudiate the finished operations

29、and promises in the process of transferring information. one of the measures to deal with non-repudiation is to use digital signature technology. controllability directs at the ability of controlling network information transmission and content. for instance, illegal and unhealthy information are fo

30、rbidden to transfer through public network.1.3 treats faced by computer networkthere are various threats confronted by computer network: hostile attack, software leak, computer virus and natural disaster.1.3.1 hostile attackhostile attack is considered to be one of the serious threats for computer n

31、etwork. its a man-made destruction with propose that can be divided into initiative attack and passive attack. initiative attack aims to wreck network and information, usually using ways of modification, delete, falsifications, deception, virus and logical bombs. once succeed, it could stop operatio

32、n of network system, even a paralysis of overall system. passive attack is to get information, which is usually conducted to steal secret information that on one is aware of, such as business and trade secret, project plan, bid figures and personal information, without affecting regular operation. h

33、ostile attack, both imitative and passive, could damage badly computer network, lead to leaks of confidential data, finally cause irreparable lost.1.3.2 software leak and backdoor (computing)there are two kinds of software leaks: one is made by propose, which is intently designed to control system a

34、nd steal information for the future use; the other one is accidentally made because of negligence or other technological elements by designers. however, the existence of these leas bought serious security hidden dangers to network. for example, for providing convenient access to the system developer

35、s without setting up entrance password for system operation will offer channels for hacker as well. when conducting operation system, some system processes are always waiting certain conditions, once the satisfied conditions appear the process will go on running, which can also be used by hackers. o

36、therwise, although have been kept for secrets, some backdoors (computing) set up by programmers for accommodating themselves will possibly bring large damages and lost if they are leaked out or found by others.1.3.3 damages to network security by computer viruscomputer virus is a specially programme

37、d computer process that can be copied and transmitted through various channels, such as disk, cd and computer network. it was firstly discovered in 1980s, and up to now the figures have been to more than 10,000 around the world with high increasing. meanwhile, the concealment, contamination and dest

38、ruction are also further developed. with the rapid development of internet, diffusion rate of computer virus has been accelerated largely, destructed greatly and contaminated heavily all over the world. this disaster had a serious influence on information system for every country and the whole world

39、. about 63% of computers in america had been infracted by computer virus, and 9% of cases had caused more than us$100,000 damages, according to the research carried out by famous mis manages and data quest marketing company. in 1996, computer virus had damaged us$i 00,000,000 economic lost to americ

40、an manufacturing industry. internet has provided easy-diffused environment for computer virus, at the same time increased the difficulty in exterminating them. the transmission of computer virus not only produces network destruction, but also the leaks of network information. computer virus has been

41、 a grave threat to network security, especially to the dedicated network.virus code is very small, usually attached to other documents or procedures at the end, so they can easily hide in the system. ability to self-replicating virus on the network so that it can spread infection to other documents

42、and procedures, once the virus spread to the network very difficult to track down.in 1987, computer viruses spread in the united states. the first computer virus small ball at the end of the year spread to our country. since then, has found a virus imported and domestic. so far, computer viruses hav

43、e risen to more than 20,000 kinds; which can attack more than 90% of micro-computer. the characteristics of computer viruses are:（1） infection: a computer virus as a program that can replicate itself to other normal procedures or systems of certain components, such as the disk part of the guide. thi

44、s is the basic characteristic of the virus program. with the increasingly extensive network development, computer viruses can be widely disseminated through the network in a short time.（2） latent: hidden in the infected system the virus does not immediately attack; the contrary, in its pre-attack, t

45、he need for a certain period of time or have certain conditions. within the incubation period, it does not show any disruption of operations, making it difficult to find the virus and the virus can continue to spread. once a virus outbreak, it can cause serious damage.（3） can be triggered: once cert

46、ain conditions, the virus began to attack. this feature can be triggered is called. take advantage of this characteristic, we can control its transmission range and frequency of attacks. conditions may trigger the virus is the default date, time, file type or frequency of the computer to start.（4） d

47、amage: the damage caused by computer viruses are a wide range of - it not only undermines the computer system, delete files, change data, but also occupied system resources, such as disruption of the machine running. its destruction of the designers attempt to show.by using the knowledge that we hav

48、e learned, we can know the computer virus classification as follows:（1） by the parasitic categoryby parasitic, computer viruses can be divided into lead-virus, file virus and mixed virus. boot virus parasites in the disk guide meaning those parts of a computer virus. it is a common virus, the use of

49、 computer systems do not usually check the guide part of the content is correct weaknesses, and retained in memory and monitor system operation, one has the opportunity to infection and destruction. according to the location of parasites in the disk, it can further be divided into the master boot re

50、cord boot record viruses and paragraph virus. the former master boot hard drive transmission parts, such as marijuana virus, 2708 virus, porch virus; record paragraph of transmission of the virus commonly used hard drive record paragraphs, such as small ball virus, girl virus.（2） by the consequences

51、 of classificationfrom the consequences of watch, computer viruses can be divided into benign viruses and vicious virus. benign virus would destroy data or programs, but it will not make computer systems paralyzed. initiator of the virus are most mischievous hackers - they created the virus is not i

52、n order to undermine the system, but in order to show off their technical capacity; some hackers use these viruses to disseminate their political thought and ideas, such as small ball virus and ambulance car virus. vicious virus would destroy data and systems, resulting in paralysis of the entire co

53、mputer, such as the chi virus, porch virus. once the virus attack, the consequences will be irreparable.it should be noted that dangerous are a common feature of computer viruses. benign viruses are not dangerous, but the risk of the consequences of relatively light. virtuous is a relative concept.

54、in fact, all computer viruses are malignant.1.4 precaution measures on computer network securityin order to protect network resources, we should conduct certain ladder of management and legal instruments. besides, we must carry out relevant technological measures aimed at the problems existed in net

55、work security to accomplish the protection for network and data. after that, regular circulation can be guaranteed and profits of legal users can be ensured. at present, precaution measures dealing with network security treats are as follows: firewall technology, encryption technology, access contro

56、l technology and virus protection technology.1.4.1 firewall technologyas a present technological measure for protecting computer network security, firewall can compart local network and major network and restrict information access and transmission between protected network and exterior one. firewal

57、l is the instrument that closes off unsafe factors on network topology structure and service type to improve network. what it protect is one of the modules with definite close borderline in network, while what it keep away is threat outside the protected network. as a result, it is firstly fit for s

58、pecialized network in companies, especially for the connection with public network.3 basic functions of firewall:filtration. it can reject tcp/ip sent by unauthorized host computer, and reject accepting the link requirement by unauthorized service. network addresses translation. translating ip address of inter host computer to avoiding being detected by external monitor, or we can say ip disguise. proxy services. on behalf of host computer to make applied connection with high level, and completely i