Section 1.3 the objectives of network and information security
Section 1.3 the objectives of network and information security
信息安全的目标 (1)机密性(Confidentiality):Prevent unauthorised disclosure of information. 即使非授权用户得到信息也无法知晓信息内容。可通过访问控制(access control) 阻止非授权用户获得机密信息,通过加密(encryption)阻止非授权用户知晓信息 内容
信息安全的目标 (1)机密性(Confidentiality):Prevent unauthorised disclosure of information. 即使非授权用户得到信息也无法知晓信息内容。可通过访问控制(access control) 阻止非授权用户获得机密信息,通过加密(encryption)阻止非授权用户知晓信息 内容
信息安全的目标 (2)完整性(Integrity):Assurance that data received are exactly as sent by an authorized sender. 通过访问控制(access control))阻止篡改行为,通过消息摘要(message digest)算 法检验信息是否被篡改
信息安全的目标 (2)完整性(Integrity):Assurance that data received are exactly as sent by an authorized sender. 通过访问控制(access control)阻止篡改行为,通过消息摘要(message digest)算 法检验信息是否被篡改
信息安全的目标 (3)可用t性(Availability).:services should be accessible when needed and without delay. 涉及物理、网络、系统、数据、应用和用户等多方面因素
信息安全的目标 (3)可用性(Availability):services should be accessible when needed and without delay. 涉及物理、网络、系统、数据、应用和用户等多方面因素
信息安全的目标 ●(4)真实性(Authentication): assurance that the communicating entity is the one it claims to be. peer entity authentication. Data-origin authentication
信息安全的目标 (4)真实性(Authentication): assurance that the communicating entity is the one it claims to be. peer entity authentication. Data-origin authentication
信息安全的目标 (5)不可抵赖性(Non-Repudiation): protection against denial by one of the parties in a communication. Origin non-repudiation:proofthat the message was sent by the specified party. Destination non-repudiation:proofthat the message was received by the specified party. 一般通过数字签名(digital signature)来提供不可抵赖性服务
信息安全的目标 (5)不可抵赖性(Non-Repudiation): protection against denial by one of the parties in a communication. Origin non-repudiation:proof that the message was sent by the specified party. Destination non-repudiation:proof that the message was received by the specified party. 一般通过数字签名(digital signature)来提供不可抵赖性服务