計算機專業(yè)英語Chapter課件11

1、內(nèi)容正文Intrusion Detection Systems and Intrusion Response MechanismAn Introduction to Information Security閱讀材料Introduction to FirewallInternet Security Architecture1 Intrusion Detection Systems and Intrusion Response Mechanism1. Introduction2. Intrusion responses2.1. Why Automatic Intrusion Response 2.

2、2 The key factor of development of automatic intrusion response systemKey Wordsintrusion detection system入侵檢測系統(tǒng)anomalyn. 異常intrusion response system入侵反應系統(tǒng)orifice n. 漏洞NotesThere are many solutions for the first problem, such as using new detection algorithms, improvement of old algorithms, fusion of

3、 multiple classifiers and extending detection range of systems etc.第一個問題有很多種解決方案，比如使用新的檢測算法、改進已有的算法、融合多種分類器并擴展檢測范圍等等。Intrusion responses are a series actions and countermeasures when an intrusion is detected. These actions and measures can prevent further attacks or restore the system to a normal st

4、ate.入侵響應是當檢測到入侵后采取的一系列的行動和對策，這些行動和對策可以防止進一步的攻擊或者恢復系統(tǒng)到正常狀態(tài)。2 An Introduction to Information Security1. Information Security and Cryptographic Systems 1.1 What is Information Security? 1.2 What Services do Cryptographic Systems Provide? 2. Types of Cryptographic Systems 3. Security Services using Publ

5、ic-Key Cryptosystems 3.1 Public-Key Encryption Confidentiality3.2 Digital Signatures3.3 Signed Challenges 3.4 Certification Authorities Key Wordsinformation security信息安全confidentialityn. 機密性concealmentn. 隱藏auditn. 審計authenticationn. 驗證repudiatev. 否認plaintextn. 明文ciphertextn. 加密文本symmetric-key crypto

6、system對稱密碼體制public-key cryptosystem公鑰密碼體制Key Wordsdivulgev. 泄露hash function散列函數(shù)message digest信息摘要challengen. 挑戰(zhàn)mutual authentication雙向認證subtletyn. 微妙之處，精華certificaten. 證書Certification Authority證書頒發(fā)機構(gòu)revokev. 撤銷reapv. 獲得NotesSimply put, information security describes all measures taken to prevent una

7、uthorized use of electronic data - whether this unauthorized use takes the form of disclosure, alteration, substitution, or destruction of the data concerned.簡而言之，信息安全描述了所有用于防止未經(jīng)授權(quán)使用電子數(shù)據(jù)的方法。無論這個未授權(quán)所采用的是公開、修改、替代還是破壞相關(guān)數(shù)據(jù)的形式。That is, the receiver of a transaction is able to demonstrate to a neutral thi

8、rd party that the claimed sender did indeed send the transaction.也就是說，事務(wù)的接收方能夠向中立的第三方證明發(fā)送方的確發(fā)送了事務(wù)。NotesReal-world applications are rarely straightforward, so a typical implementation will require that various services provided by a cryptosystem be combined to provide a variety of services simultaneo

9、usly.用于實際生活的應用很少是簡單的，所以一個典型的實現(xiàn)通常需要密碼系統(tǒng)同時提供多種服務(wù)。The essential difference between the use of a public-key cryptosystem for signing and its use for encrypting is that the order in which the keys are used is reversed.使用公鑰加密技術(shù)進行簽名和加密的根本區(qū)別在于使用密鑰的順序是相反的。NotesSuppose that Eve is also able to place a public

10、key of her choice into this public directory, claiming that the key belongs to Bob. When Alice now encrypts confidential information and sends it to Bob, Eve intercepts the ciphertext and decrypts the information herself.假設(shè)Eve也可以將自己選的公鑰放入這個公共號碼簿，并且聲明這個密鑰是Bob的。 當Alice將經(jīng)過加密的保密信息發(fā)給Bob時, Eve可以截取加密文本并自己解

11、密信息。Reading Material 1 Introduction to FirewallProtocols ApplicationsOSI Model LayerOSI Model DescriptionFirewall GenerationDNS, FTP, HTTP, etc.7ApplicationApplication Proxy6Presentation5SessionTCP / UDP4TransportPacket FilterIP3NetworkPacket Filter2Data Link1PhysicalTodays Firewall Solution MatrixR

12、eading Material 1 Introduction to FirewallFirewall ArchitectureReading Material 2 Internet Security Architecture1. Introduction2. IP Security3. Transport Layer Security4. Key Management5. Domain Name System Security ExtensionsExercises IDS stands for _._ are a series actions and countermeasures when

13、 an intrusion is detected.AIRS stands for _.Current intrusion response systems can be categorized as _, _, or _.Cryptographic systems (or cryptosystems) potentially provide all three objectives of information security: _, _, and _.In a cryptographic system, _ assurance that the parties involved in a real-time transaction are who they