共查询到20条相似文献,搜索用时 125 毫秒
1.
该文通过对TCP/IP协议分层结构中存在的安全威胁入手,从最基础的节点查找可能出现的威胁,寻找网络中存在的安全隐患,分析安全威胁的方面,并在分析的基础上提出利用虚拟主机的思想进行安全防范的思想。 相似文献
2.
王连鸣 《网络安全技术与应用》2018,(5):11-11
近几年来随着经济的快速发展与进步,国家也越来越重视计算机技术的发展,尤其是网络安全问题。通过计算机所处理的业务,主要也是从利用数学运算、文件处理以及一些简单的办公自动化发展成为现在基于复杂的内部网、外部网的计算机处理系统。在系统不断提高自身处理信息能力的同时连接能力也在不断地提高,与此同时网络安全问题也就体现的更加明显。本文首先分析网络安全的分类,然后对网络安全的脆弱性进行分析,最后提出基于网络安全观视角下的网络空间安全战略。 相似文献
3.
随着信息技术与产业的高速发展和广泛应用,人类社会进入信息化时代。在信息化时代,人类生活工作在网络空间中,因此确保网络空间安全成为信息时代的基本需求。我国已经发展形成了完整的网络空间安全学科体系,因此,全面论述网络空间安全学科的体系结构与理论基础成为网络空间安全学科建设和人才培养的当务之急,内容包括:网络空间与网络空间安全的概念,网络空间安全学科的内涵,网络空间安全学科的主要研究方向及研究内容,网络空间安全学科的理论基础和方法论基础。因此,正确理解和掌握网络空间安全学科理论与体系结构,不仅对我国网络空间安全学科建设和人才培养具有十分重要的指导意义,而且对我国网络空间安全领域的科学研究和产业发展也具有十分重要的指导意义。 相似文献
4.
5.
高雄波;王喜 《数字社区&智能家居》2022,(31):68-70
数据中心作为关键基础设施,给5G、云计算、大数据、人工智能等技术发展提供了有力的支撑。该文阐述了数据中心网络空间安全的基本特征,提出了一种数据中心网络空间安全运营能力体系模型,能够有效预防监测、分析,应对日益多样化、多元化的网络安全攻击和威胁行为,有效提高数据中心运营的安全水平,保障数据中心安全可靠地运行。 相似文献
6.
7.
8.
许艳萍;任一支;仇建;邱洪君 《网络安全技术与应用》2025,(5):90-94
“没有网络安全,就没有国家安全”,在总体国家安全观的统领下,本文研究立足于课程特色和培养目标,建设特色的网络空间安全类专业“一心四维”全课程安全思政,充分挖掘安全思政元素,制定安全思政建设原则,贯彻落实安全思政建设路线,培养辩证的网络安全思维,塑造正确的网络安全观,实现立德树人,供相关读者参考。 相似文献
9.
互联网的迅猛发展,使得中国面临着一些较为复杂的意识形态问题和社会舆论问题。一些西方国家通过互联网,对我国实施资本主义性质的文化入侵,企图从意识形态上实现对中国的控制。由此可见,网络空间安全与意识形态安全既关系着我国的生存发展命脉,也直接反映出中国的国家软实力,必须引起高度重视。 相似文献
10.
近年来,我国高度重视网络空间安全人才的培养与体系建设.网络安全的竞争归根结底是人才的竞争,网络空间安全人才体系与机制的建立,对网络安全人才培养至关重要.从美国、欧盟、日本等政府对网络安全人才培养体系进行介绍,并对我国当前网络安全人才培养体系现状进行深度分析,同时给出网络安全人才培养的思路和方法.围绕“培养实践型的网络安... 相似文献
11.
Keith F. Joiner 《Information Security Journal: A Global Perspective》2017,26(2):74-84
The cyber threat to Australia’s Department of Defense (DoD) is not only information security, but includes preventing its platforms from being crippled. This threat is increasing and Australia is not keeping pace with its allies. Since 2009, the United States has used test and evaluation (T&E) policy and practice to inculcate the threat posed by cyber warfare into the development, acquisition, and fielding of all of its DoD platforms. As a result, U.S. defense chiefs understood early the operational vulnerability of their systems to cyber warfare, and of the necessity of designing more cyber-resilient systems. Australia has not required such cyber-security T&E and therefore may be blind to the operational vulnerabilities of its major platforms to cyber attack and is therefore likely to continue to underinvest in the cyber resilience of its capabilities. This article argues that the Australian DoD needs to urgently conduct operationally-focused cyber-survivability trials that leverage its alliance with the United States. In studying the growing divide in cyber security between these two close allies, this article’s contribution is concluding that representative cyber threats in operational T&E is a crucial first step for any country to gain understanding and appropriate investment in DoD cyber security. 相似文献
12.
《Information Security Journal: A Global Perspective》2013,22(2):102-114
ABSTRACT In order to deter cyber terrorism, it is important to identify the terrorists, since punishment may not deter them. The identification probability relies heavily on tracking cyber terrorists. However, there are legal and technical challenges to tracking terrorists. This paper proposes suggestions and insights on overcoming these challenges. Three types of infrastructures must be present in order to deter cyber terrorism: technical, policy, and legal. We list some of the key items that academics as well as practitioners need to focus on to improve cyber-terrorism deterrence. 相似文献
13.
As exemplified in the 2010 Stuxnet attack on Iranian nuclear facilities, cyber attackers have capabilities to embed disruptive infections into equipment that is employed within physical systems. This paper presents a cyber security design approach that addresses cyber attacks that include modification of operator displays used for support in managing software controlled automated systems. This class of problems is especially important because our nation's critical infrastructures include such systems. In addition, many other systems, such as surveillance systems, navigation systems, and communications systems, are candidates for such solutions as they continue to become more and more automated. The suggested design approach builds upon fault–tolerant and automatic control system techniques that, with important and necessary modifications, are the basis for providing improved cyber security. In particular, the appropriate combination of diversely redundant security designs coupled with system dynamics models and state estimation techniques provide a potential means for detecting purposeful adjustments to operator displays. This paper provides a theoretical approach for designing such solutions and a corresponding set of examples with simulation–based results. In addition, the paper includes a discussion of important implementation requirements for greater assurance of such physical system security solutions. © 2013 Wiley Periodicals, Inc. Syst Eng 16 相似文献
14.
在不断加剧的网络安全攻防对抗过程中,攻防双方存在着天然的不对称性,网络安全威胁情报共享利用是一种有效提高防护方响应能力和效果的手段.然而威胁情报共享利用中的隐私保护需求与构建完整攻击链的需求之间存在矛盾.针对上述矛盾点,提出一种基于区块链的网络安全威胁情报共享模型,利用了区块链技术的账户匿名性和不可篡改性,使用单向加密函数保护情报中的隐私信息,基于加密后的情报构建完整攻击链,借助区块链的回溯能力完成攻击链中攻击源的解密.最后,通过实验验证了该模型的可行性和有效性. 相似文献
15.
为了提高并行程序中共享内存数据的读写访问性能,事务内存机制于1993年被提出。因为事务内存机制直接涉及内存数据的读写控制,所以也得到了系统安全研究人员的极大关注。2013年,Intel公司开始支持TSX(Transactional Synchronizatione Xtension)特性,第一次在广泛使用的计算机硬件中支持事务内存机制。利用事务内存机制的内存访问跟踪、内存访问信号触发和内存操作回滚,以及Intel TSX特性的用户态事务回滚处理、在Cache中执行所有操作和硬件实现高效率,研究人员完成了各种的系统安全研究成果,包括:授权策略实施、虚拟机自省、密钥安全、控制流完整性、错误恢复和侧信道攻防等。本文先介绍了各种基于事务内存机制的研究成果;然后分析了现有各种系统安全研究成果与事务内存机制特性之间的关系,主要涉及了3个角度:内存访问的控制、事务回滚处理、和在Cache中执行所有操作。我们将已有的研究成果的技术方案从3个角度进行分解,与原有的、不基于事务内存机制的解决方案比较,解释了引入事务内存机制带来的技术优势。最后,我们总结展望了将来的研究,包括:硬件事务内存机制的实现改进,事务内存机制(尤其是硬件事务内存机制)在系统安全研究中的应用潜力。 相似文献
16.
17.
Almost everyone recognizes the salience of cyberspace as a fact of daily life. Given its ubiquity, scale, and scope, cyberspace has become a fundamental feature of the world we live in and has created a new reality for almost everyone in the developed world and increasingly for people in the developing world. This paper seeks to provide an initial baseline, for representing and tracking institutional responses to a rapidly changing international landscape, real as well as virtual. We shall argue that the current institutional landscape managing security issues in the cyber domain has developed in major ways, but that it is still “under construction.” We also expect institutions for cyber security to support and reinforce the contributions of information technology to the development process. We begin with (a) highlights of international institutional theory and an empirical “census” of the institutions-in-place for cyber security, and then turn to (b) key imperatives of information technology-development linkages and the various cyber processes that enhance developmental processes, (c) major institutional responses to cyber threats and cyber crime as well as select international and national policy postures so critical for industrial countries and increasingly for developing states as well, and (d) the salience of new mechanisms designed specifically in response to cyber threats. 相似文献
18.
The increase in cyber attacks launched against the ASEAN (Association of South East Asian Nations) regional bloc that have been attributed to the PRC (People's Republic of China) sets a precedent for the future of low impact cyber conflicts. Conflicting interests between members and the nature of the ASEAN principles suggests that any eventual cyber defense policies can only be framed within the context of individual state interests. This paves the way for low impact cyber attacks that may enable the aggressor to influence the different instruments of national power within the region and serves as a viable tool to project power and influence with minimal risk of escalation. This study aims to discuss how the PRC has adopted this strategy in response to recent disputes with members within ASEAN. The study highlights the low impact approach that the PRC has chosen as a means of exerting its influence within the region. The study discusses the underlying factors that allow the PRC to operate freely by taking advantage of the fundamental weaknesses of ASEAN as a platform for establishing a cyber defense mechanisms within the region and goes on to caution as to such long term repercussions. 相似文献
19.
Critical considerations in engineering today's systems are securing the collection, access, and dissemination of the information they contain. Advanced computing technologies, ubiquitous environments, and sophisticated networks enable globally distributed access to data and information repositories to an uncountable community of consumers. Engineering security into these systems is more challenging and sophisticated than ever before. Along with this, assuring the integrity of highly networked systems requires economic decisions in rapidly changing technology and threat environments. Recognizing that countermeasures effective against cyber intrusions today can be ineffective tomorrow, the systems engineering community needs a rapid and agile way to identify the efficacies of competing countermeasure investment decisions. This paper presents a macroanalytic method for measuring economic‐benefit returns on investments in cybersecurity. The method is called the Table Top Approach. The table top approach is designed to place light demands on the granularity of inputs to evaluate the impacts of cyber intrusion events and the benefits of countermeasure investments. The table top approach derives which investments in a set of competing choices offer the greatest cost‐benefit gains in cyber defense, and why. It finds sets of Pareto efficient cost‐benefit investments, and their economic returns, that capture tangible and intangible advantages of countermeasures that strengthen cybersecurity. ©2012 Wiley Periodicals, Inc. Syst Eng 16 相似文献
20.
随着人们对网络信息资源要求的逐渐增高,加强网络资源的优化配置已经成为一个重大的课题.通过NRM系统来解决电信网络资源的优化和配置问题,使对网络资源的管理更加合理化、科学化、高效化,同时也大大改善网络环境,提高网络的安全性.本文就对网络资源配置的优化措施进行探讨. 相似文献