計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文

.計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文精品精品.精品計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文1.網(wǎng)絡(luò)安全的含義網(wǎng)絡(luò)安全從其本質(zhì)上來講就是網(wǎng)絡(luò)上信息的安全.它涉及的領(lǐng)域相當(dāng)廣泛。這是因為.在目前的公用通信網(wǎng)絡(luò)中存在著各種各樣的安全漏洞和威脅。從廣義的角度來說：凡是涉及到網(wǎng)絡(luò)上信息的保密性、完整性、可用性、真實性和可控性的相關(guān)技術(shù)和理論都是網(wǎng)絡(luò)安全索要研究的領(lǐng)域。下面給出網(wǎng)絡(luò)安全的一個通用定義：網(wǎng)絡(luò)安全是指網(wǎng)絡(luò)系統(tǒng)的硬件、軟件及其系統(tǒng)中的數(shù)據(jù)受到保護(hù)，不受偶然的或者惡意的原因而遭到破壞、更改、泄露，系統(tǒng)連續(xù)可靠正常地運行.防止和控制非法、有害的信息、進(jìn)行傳播后的后果，本質(zhì)上是維護(hù)道德、法規(guī)或國家利益網(wǎng)絡(luò)上信息內(nèi)容的安全.即我們討論的狹義的“信息安全”。它側(cè)重于保護(hù)信息、的保密性、真實性和完整性，避免攻擊者利用系統(tǒng)的安全漏洞進(jìn)行竊聽、冒充等有損于合法用戶的行為.本質(zhì)上是保護(hù)用戶的利益和隱私網(wǎng)絡(luò)安全與其所保護(hù)的信息對象有關(guān).其含義是通過各種計算機(jī)、網(wǎng)絡(luò)、密碼技術(shù)和信息安全技術(shù)，保護(hù)在公用通信網(wǎng)中傳輸、交換和存儲的信息的機(jī)密性、完整性和真實性.并對信息的傳播即內(nèi)容具有控制能力。網(wǎng)絡(luò)安全的結(jié)構(gòu)層次包括：物理安全、安全控制和安全服務(wù)。2.計算機(jī)網(wǎng)絡(luò)安全機(jī)制分析計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第1頁。安全性機(jī)制是操作系統(tǒng)、軟硬件功能部件、管理程序以及它們的任意組合.為一個信息系統(tǒng)的任意部件檢測和防止被動與主動威脅的方法。安全機(jī)制與安全性服務(wù)有關(guān)，機(jī)制是用于實現(xiàn)服務(wù)的程序，OSI定義的安全性機(jī)制有加密、數(shù)字簽名、鑒別、訪問控制、通信量填充、路由控制、公證等。安全性服務(wù)和安全性機(jī)制有一定的對應(yīng)關(guān)系，例如：機(jī)密性服務(wù)可以通過加密、通信量填充和路由控制來實現(xiàn)。另外，加密不僅可以是機(jī)密性服務(wù)的成分.而且還可以是完整性和鑒計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第2頁。別服務(wù)的成分。計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第1頁。計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第2頁。.精品精品.精品各種安全機(jī)制中.加密有著最廣泛的應(yīng)用.并且可以提供最大程度的安全性。加密機(jī)制的主要應(yīng)用是防止對機(jī)密性、完整性和鑒別的破壞。數(shù)字簽名是一種用于鑒別的重要技術(shù)數(shù)字簽名可以用于鑒別服務(wù)，也可以用于完整性服務(wù)和無拒絕服務(wù)。當(dāng)數(shù)字簽名用于無拒絕服務(wù)時，它是和公證一起使用的公證是通過可信任的第三方來驗證(鑒別)消息的。對于網(wǎng)絡(luò)終端用戶來說.最通常的安全性經(jīng)歷是通過使用口令來實現(xiàn)訪問控制?？诹钍且粋€字符串，用來對身份進(jìn)行鑒別。在獲得對數(shù)據(jù)的訪問權(quán)之前.通常要求用戶提交一個口令，以滿足安全性要求。問卷與口令有很近的親緣關(guān)系.它也是鑒定身份的方法。3.采取的應(yīng)對措施計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第3頁。3.1信息加密信息加密技術(shù)是一種主動的信息安全防范措施.是保證網(wǎng)絡(luò)信息安全的核心技術(shù)信息加密技術(shù)的原理是利用一定的加密算法.將明文轉(zhuǎn)換成為不可以直接讀取的密文.對非法用戶獲取和理解原始數(shù)據(jù)起到了很好的阻止作用，確保了數(shù)據(jù)的保密性。明文轉(zhuǎn)化為密文的過程我們稱之為加密，密文還原成為明文的過程我們稱之為解密，加密、解密使用的可變參數(shù)就叫做密鑰。信息加密技術(shù)通常分為兩類：一類是對稱加密技術(shù)。另一類是非對稱加密技術(shù)。計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第3頁。.精品精品.精品3.2數(shù)字簽名為防止他人對傳輸?shù)奈募M(jìn)行破壞以及確定發(fā)信人的身份.我們采取了數(shù)字簽名這一手段。數(shù)字簽名在電子商務(wù)中起著至關(guān)重要的作用，它具備他人不能偽造，簽字方不能抵賴，在公證人面前能驗證真?zhèn)蔚忍攸c。3.3數(shù)字證書數(shù)字證書是互聯(lián)網(wǎng)通訊中標(biāo)志通訊各方身份的一系列數(shù)據(jù).它為網(wǎng)絡(luò)提供了一種驗證身份的方式。由權(quán)威機(jī)構(gòu)CA來負(fù)責(zé)簽發(fā)、認(rèn)證、管理證書。此技術(shù)可以用來驗證識別用戶身份。3.4數(shù)字摘要又稱數(shù)字指紋、SHA(secureHashMgorithm)或MD5(MDStandardsforMessageDigest).它是使用單向Hash函數(shù)加密算法對任意長度報文進(jìn)行加密.摘要成一串128比特的密文.這段密文我們稱為數(shù)字摘要它是一個唯一對應(yīng)一段數(shù)據(jù)的值。3.5數(shù)字信封數(shù)字信封就是信息發(fā)送端用接收端的公鑰.把一個對稱通信密鑰進(jìn)行加密.形成的數(shù)據(jù)稱為數(shù)字信封只有指定的接收方才可以用自己的私鑰打開數(shù)字信封，獲取對稱密鑰，解讀通訊信息。4.結(jié)語計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第4頁。網(wǎng)絡(luò)安全的重要性已經(jīng)有目共睹.特別是隨著全球信息、基礎(chǔ)設(shè)施和各個國家的信息基礎(chǔ)逐漸形成.信息電子化己經(jīng)成為現(xiàn)代社會的一個重要特征。信息本身就是時間、就是財富、就是生命、就是生產(chǎn)力。因此.各國開始利用電子空間的無國界性和信息、戰(zhàn)來實現(xiàn)其以前軍事、文化、經(jīng)濟(jì)侵略所達(dá)不到的戰(zhàn)略目的。隨著計算機(jī)技術(shù)的高速發(fā)展.攻擊網(wǎng)絡(luò)的技術(shù)的不斷更新.單一的安全防護(hù)策略則是不安全的，網(wǎng)絡(luò)安全將是一個系統(tǒng)的概念未來的計算機(jī)網(wǎng)絡(luò)安全防護(hù)策略方向應(yīng)該是安全措施高度綜合集成的。在我國，計算機(jī)網(wǎng)絡(luò)安全技術(shù)的研發(fā)正處于起步階段。各種技術(shù)需要我們不斷的去探索，爭取趕上發(fā)達(dá)國家的水平.保障我計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第5頁。國計算機(jī)網(wǎng)絡(luò)信息的安全，推進(jìn)信息全球化的進(jìn)程。計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第4頁。計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第5頁。.精品精品.精品計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第6頁。計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第6頁。.精品精品.精品計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第7頁。Computernetworksecurityandtoguardagainst

Abstract:Whenmankindenteredthe21stcenturyinformationsociety,thenetworksocietyofthetime,Chinawillestablishacompletesetofnetworksecuritysystem,especiallyfromthepolicyandlawtoestablishChina'sowncharacteristics,networksecuritysystem.

Keywords:computer;network;security;prevent

Intheinformationage,informationcanhelpgroupsorindividualssothattheybenefitfrom,thesameinformationcanalsobeusedtoposeathreattothem,causeddamage.Thereforenetworksecurity,includingthecompositionofnetworkhardware,softwareandnetworktransmissionofinformationsecurity,sothattheydonotbecauseofaccidentalormaliciousdestructionoftheattacks,networksecuritynotonlythetechnicalaspects,butalsomanagementissues,bothcomplementeachother,areindispensable.

First,theconceptofcomputernetworksecurity

InternationalOrganizationforStandardizationof"computersecurity"isdefinedas:"Toestablishadataprocessingsystemandtheadoptionoftechnologyandmanagementofsecurityprotection,theprotectionofcomputerhardware,software,dataisnotduetoaccidentalandmaliciousdestructionofreasons,changeandleakage."Theabovedefinitionofcomputersecurityincludesphysicalsecurityandlogicalsecurityofboththecontentsofthecontentsofthelogicofsecuritycouldbeunderstoodasweoftensaythattheinformationsecurity,informationreferstotheconfidentiality,integrityandavailabilityofprotection,andnetworksecurityInformationsecurityisthemeaningoftheextension,thatnetworksecurityisanetworkofinformationconfidentiality,integrityandavailabilityprotection.Computernetworksecurityasthespecificmeaningoftheuserchanges,theuserisdifferentonthenetworksecurityawarenessandrequirementswillbedifferent.Fromtheordinaryuser'spointofview,couldonlyhopethatpersonalprivacyorconfidentialinformationtransmissiononthenetworkbeprotectedagainsteavesdropping,tamperingandforgery;andnetworkproviderinadditiontocareaboutthesenetworkinformationsecurity,wemustalsoconsiderhowtodealwithsuddennaturaldisasters,suchasmilitarystrikesagainstthedestructionofnetworkhardware,aswellasunusualinthenetworkhowtorestorenetworkcommunications,andmaintainthecontinuityofnetworkcommunications.

Inessence,thenetworksecurity,includingthecompositionofnetworkhardware,softwareandnetworktransmissionofinformationsecurity,sothattheydonotbecauseofaccidentalormaliciousattacksonthedestructionofboththetechnicalaspectsofnetworksecurityissues,therearemanagementissues,thetwosidescomplementeachother,areindispensable.Man-madenetworkintrusionandattacksmakesnetworksecurityisfacingnewchallenges.

Second,computernetworksecuritystatusquo

計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第8頁。Computernetworksecurityisthenetworkhardware,softwareanddatasystemsareprotectedfromaccidentalormaliciousdestructionofreasons,alteration,disclosure,thesystemcontinuous,reliable,normaloperationofnetworkserviceswithoutdisruption.Computerandnetworktechnologyhasthecomplexityanddiversity,makescomputerandnetworksecurityhasbecomeaneedtocontinuetoupdateandimprovethearea.Atpresent,hackersmethodhasbeenmorethanthetypeofcomputervirus,andmanyattacksarefatal.IntheInternetnetwork,becausetheInternetdoesnothavethetimeandgeographicalconstraints,wheneverthereisameanstogeneratenewattacks,wecaninaweekaroundtheworld,theseattacksmeanstheuseofnetworkandsystemvulnerabilitiestoattackcomputersystemsandresultinginnetworkparalysis.Worms,backdoor(Back-doors),Rootkits,DOS(DenialofServices)andSniffer(networkmonitor)isafamiliarmeansofseveralhackerattacks.However,noneoftheseattacksmeanstheyreflecttheastonishingpoweroftodaybecomeworse.Thesetypesofattacksmeansthenewvariant,withpreviousattacksappearedmethods,moreintelligent,targetedagainstInternet-basedprotocolsandoperatingsystemlevel.FromtheWebprocesscontrolprocedurestothekernel-levelRootlets.Hackerspracticesescalatingrenovation,totheuser'sabilitytoguardagainstinformationsecuritychallenge.

Third,computernetworksecurityprecautions

1,tostrengthentheinternalnetworkmanagementandtheuseofsafetyawarenessamongstaff,manycomputersystemscommonlyusedpasswordstocontrolaccesstosystemresources,whichisanti-virusprocess,themostvulnerableandthemost計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第9頁。economicalmethods.Networkadministratorandterminaloperatorprivilegesinaccordancewiththeirresponsibilities,chooseadifferentpasswordfortheapplicationdatalegitimateoperation,topreventunauthorizeduserstoaccessthedataandtheuseofnetworkresources.

Onthenetwork,softwareinstallationandmanagementiscrucial,itisnotonlyrelatedtonetworkmaintenanceandmanagementefficiencyandquality,butalsotothenetworksecurity.AgoodantivirussoftwarecanbeeasilyinstalledwithinminutestotheorganizationeachNTservercanalsobedownloadedandspreadtoallthepurposeofthemachinebythenetworkadministratorsetupandmanagetofocus,itwillworkwiththeoperatingsystemandothersecurityiscloselylinkedtobecomeapartofnetworksecuritymanagement,andautomaticallyprovidethebestnetworkvirusdefensivemeasures.Whenthecomputerviruson-lineresourcesapplicationsattack,suchasthevirusexistsintheinformation-sharingnetworkofmedia,itisnecessarytothesecurityatthegateway,onthenetworkfront-endforantivirus.

2,networkfirewalltechnology

Isakindofusedtostrengthenthenetworkaccesscontroltopreventtheexternalnetworkuserstoillegalmeanstoentertheexternalnetworkthroughtheinternalnetwork,accessinternalnetworkresourcesandprotecttheinternalnetworkoperatingenvironmentspecialforNetworkInterconnectionDevices.Itisbetweentwoormorenetworkssuchaspackettransmissionlinkinaccordancewithacertaindegreeofsecuritystrategytoimplementtheinspection,todeterminewhetherthenetworkcommunicationbetweenareallowedto,andmonitorthenetworkrunning.Althoughthefirewallisto計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第10頁。protectthenetworkfromaneffectivemeansofhacking,butthereareobviouslyinadequate:throughthefirewallcannotprotectagainstoutsideattackothermeans,cannotpreventdefectorsfromtheinsideandinadvertentthreatsposedbyusers,butalsocannotcompletelypreventthetransmissionofthevirushavebeeninfectedwiththesoftwareordocuments,andcannotprotectagainstdata-drivenattacks.

3,securityencryptiontechnology

Encryptiontechnologyfortheglobale-commercetoprovideaguarantee,sothatInternet-basedelectronictradingsystemhasbecomepossible,thusimprovingthesymmetricencryptionandasymmetricencryptiontechnologyisstillthemainstreamofthe21stcentury.Symmetricencryptiontotheconventionalpassword-basedtechnology,computingencryptionanddecryptionoperationsusethesamekey.Asymmetricencryption,encryptionkeythatisdifferentfromthedecryptionkey,encryptionkeysaremadepublic,anyonecanuse,onlythedecryptionkeytodecryptpeopleknow.

4,thenetworkhostoperatingsystemsecurityandphysicalsecuritymeasures

Networkfirewallasthefirstlineofdefenseandcannotfullyprotecttheinternalnetwork,mustbecombinedwithothermeasurestoimprovethesafetyofthesystemlevel.Afterthefirewallisbasedonthenetworkhostoperatingsystemsecurityandphysicalsecuritymeasures.Inaccordancewiththelevelfromlowtohigh,namely,thephysicalsecurityofthehostsystem,thecoreoperatingsystemsecurity,systemsecurity,applicationservicessecurityandfilesystemsecurity;Atthesametime,hostsecuritychecksandbugfixes,aswellasabackupsafetysystemasasupplementarysafetymeasures.Theseconstitutetheentirenetworksystem,thesecondlineofdefense,themainpartofabreakthroughto計算機(jī)網(wǎng)絡(luò)技術(shù)基礎(chǔ)論文全文共13頁，當(dāng)前為第11頁。preventthefirewallaswellasattacksfromwithin.Systembackupisthelastlineofdefensenetworksystem,usedtoattackaftertheSystemRestore.Thefirewallandhostsecuritymeasuresistheoverallsystemsecuritybyauditing,intrusiondetectionandresponseprocessorconstitutetheoverallsafetyinspectionandresponsemeasures.Itfromthenetworksystemfirewall,networkhostorevendirectlyfromthenetworklinklayerontheextractionofnetworkstatusinformation,asinputtotheintrusiondetectionsubsystem.IntrusionDetectionSysteminaccordancewithcertainrulestodeterminewhetherthereisanyinvasionoftheincident,iftheinvasionoccurred,theemergencytreatmentmeasures,andgenerateawarningmessage.Moreover,thesystem'ssecurityauditalsocanbe