Reality told people that security is the precondition of any system ’ s existence . informatization construction may be come the “ soft rib ” of the country in the competition if there is no security assurance , therefore countries around the world are exploring and constructing information assurance system positively so as to construct a strong “ immunity system ” 现实让人们意识到,安全是任何体系生存的前提,没有安全的保障,信息化建设很可能成为国家在竞争中受制于人的“软肋” ,因而世界各国均积极探索、建立信息保障体系,意图构建一个健壮的“免疫系统” 。
To satisfy the actual demands in the daily running of area network , we develop a network management software . the main work of the paper is : intrusion detection sysetm and network accounting system . intrusion detection , as an essential component in the information assurance framework , settles the issues in which traditional methods such as access control and identification authentication could n ' t work 针对园区网的实际需求,我们网络课题组研究开发了一个网络管理软件,本论文的工作主要有以下两方面:在安全管理模块中引入入侵检测系统设计实现了适合本园区网的计费管理系统入侵检测,作为信息安全保障中的一个重要环节,很好的弥补了访问控制、身份认证等传统保护机制所不能解决的问题。
On the basis of the introduction of informatization status in america , russia , japan , india and china , points out that with the appearance of information security problem which accompanied with informatization , all communities of the society have highly recognized the construction of information assurance system . at the same time , developments of relative theories about information security and practices as well as the construction experience of evaluation indicator system in some relative domains make the research on this subject own important strategic meaning , necessity and possibility as well 本章首先介绍了课题研究的背景,即在介绍美国、俄罗斯、日本、印度和中国信息化发展现状的基础上,指出与信息化相伴的信息安全问题凸现,社会各界都高度重视信息保障体系的建立,而信息安全相关理论与实践的发展及相关领域评价指标体系建立的经验使得本课题的研究有着重要的战略意义,具有必要性和可能性。
Through condrious study and exploring , large ainounts of valuable approaches and experiences used to solve the problem of security of information infrastructures have been accumulated . and eventually the concept and method of " information assurance ( ia ) " which has been ever developing and improving is established 经过不断的研究和探索,已经积累了大量的解决信息基础设施安全的宝贵方法和经验,最终形成了今天还依然在不断发展和完善的“信息保障”概念和方法。
Aim at information security risk , according to the research on relative literatures and practices in information security domain and based on advices and suggestions from information experts and security technicians , this paper proposes three elements of information assurance system strategy , management and technology ; following the limited - aim principle , and starting with three elements , the paper also outlines the whole frame of an information assurance system 文章综合研究了国内外信息安全领域的相关文献与实践,在汲取众多信息安全专家、安全技术人员等的意见和建议的基础上,针对信息安全风险,提出了建立信息保障体系的三大要素? ?战略、管理和技术;遵循有限目标的原则,以三大要素为切入点,作者勾勒了信息保障体系的整体框架。
And an algorithm for checking the consistency of the policies is given . in order to fully understand the ia , chapter 4 first gives a brief introduction of the " information assurance technical framework ( iatf ) " , and then according to the speciaity of the development of china ' s information technology a " special assurance " prob1em and technology that is often ignored by the normal " ia " technoiogy is brought forward 为全面了解信息保障,第四章首先简要介绍了信息保障技术框架( fatf ) ,然后针对我国信息技术发展的特殊性,提出了为常规保障技术所忽视的“特种保障”问题和技术,并且围绕着恶意功能的作用方式,深入研究了恶意功能的检测和防范方法。
