1、班级 计科 学号 12 姓名 日期 2015-12- Security of Computer Network SystemAbstract: This paper discussed the secure and dependable problem about the computer network system. On some aspects: the importance of network security basic theory function and the method of solving a problem etc. Good views for solving
2、the problem are put forward. It strengthens peoples consciousness on network security.Key words: Computer network Virtual private network Encryption techniques FirewallIntroduction: Along with the computer network technology development the network security and the reliability have become the questi
3、on of common interest by all users. The people all hoped their own network system can move reliably not external intruder disturbance and destruction .Therefore solves the network security and the reliable problem carefully is a guarantee the network normal operations premise and safeguard. First: t
4、he importance of the network security. With the information developing fast today the computer network obtained the widespread application but along with the network information transmission capacity growing faster some organizations and departments benefit the speed up with the service operation in
5、 the network while the data has also suffered to extent attack and destruction. The aggressor may intercept the information in the network steals the users password the database information also may tamper with the database content the forge users status denies own signature. And what is more the ag
6、gressor may delete the database content the destroy node releases computer virus and so on. This cause data security and own benefit have received the serious threat. According to American FBI US Federal Bureau of Investigation invest the network security creates the economic loss surpasses 17 billi
7、on dollars every year.75 corporation report finance loss is because the computer system security problem creates. More than 50 safe threat come from inside. But only 59 loss could be possible estimate. In China the economic loss amount in view of financial domain and the bank negotiable securities c
8、omputer system security problems creates has reached as high as several hundred million Yuan also sometimes occurs in view of other profession network security threat. Thus it can be seen regardless of is the mean attack or unconscious disoperation will all be able to bring the inestimable loss to t
9、he system. Therefore the computer network must have the enough strong security measure. Regardless of is in the local area network or in WAN the network security measure should be Omni-directional in view of each kind of different threat and the vulnerability so that it can guarantee the network inf
10、ormations secrecy the integrity and the usability. Second: Network security rationale. International Standardization Organization ISO once suggested the computer security the definition was: “The computer system must protect its hardware the data not accidentally or reveals intentionally the change
11、and the destruction.” In order to help the computer user discrimination and the solution computer network security problem the American Department of Defense announced “the orange peel book” orange book official name is “credible computer system standard appraisal criterion” has carried on the stipu
12、lation to the multiuser computer system security rank division. The orange peel book from low to high divides into the computer security four kinds of seven levels: D1 C1 C2 B1 B2 B3 A1.Above allD1 level does not have the lowest safety margin rank C1 and the C2 level has the lowest safety margin ran
13、k B1 and the B2 level has the medium safekeeping of security ability rank B3 and A1 belongs to the highest security rating. In the network concrete design process it should act according to each technology standard the equipment type the performance requirement as well as the funds which in the netw
14、ork overall plan proposed and so on the overall evaluation determines one quite reasonably the performance high network security rank thus realization network security and reliability. Third: The network security should have function. In order to adapt the information technology development well the
15、 computer network application system must have following function: 1 Access control: Through to the specific webpage the service establishment access control system in arrives the overwhelming majority attack impediment in front of the attack goal. 2 Inspects the security loophole: Through to securi
16、ty loophole cyclical inspection even if attacks may get the attack goal also may cause the overwhelming majority attack to be invalid. 3 Attack monitoring: Through to specific webpage service establishment attack monitoring system but real-time examines the overwhelming majority attack and adopts th
17、e response the motion for example separation network connection recording attack process pursuit attack source and so on. 4 Encryption Communication: Encrypts on own initiative the communication may enable the aggressor to understand the revision sensitive information. 5 Authentication: The good aut
18、hentication system may prevent the aggressor pretends the validated user. 6 Backup and restoration: The good backup and restores the mechanism may causes the losses when the attack as soon as possible restores the data and the system service. 7 Multi-layered Defense: The aggressor after breaks throu
19、gh the first defense line delays or blocks it to reach the attack goal. 8 Sets up the safe monitoring center: Provides the security system management the monitoring the protection and the emergency case service for the information system. Fourth: The network system safety comprehensive solution meas
20、ures. If want to realize the network security function we should carry on the Omni-directional guarding to the network system and thus formulate the quite reasonable network security architecture. Below on the network system security problem proposes some guard measure. Physics safe may divide into
21、two aspects: One is the artificial harm to the network the other is the network to the users. Most common thing is the constructor who did not understand to the buried cable clearly thus lead to the destruction of electric cable this kind of situation may through standing symbolized the sign guards
22、against Has not used the structure wiring the network to be able to appear the user frequently to the electric cable damage this needs to use the structure wiring to install the network as far as possible Artificial or natural disaster influence when to consider the plan. The access control security
23、 the access control distinguishes and confirms the user limits the user in the already activity and the resources scope which is authorized. The network access control safe may consider from following several aspects. 1 password: The network security system most outer layer defense line is network u
24、sers registering in the registration process the system would inspect the user to register the name and the password validity only then the legitimate user can enter the system. 2 The network resources host the attribute and the visit jurisdiction: The network resources mainly include the resources
25、which shared files the shared printer network users and so on that all the network users can use. The resources were the host to manifest the different user to the resources subordinate relations such as builder modifier and group member and so on. The resources attribute expressed itself deposit an
26、d withdrawal characteristics as can read by who write or the execution and so on. The visit jurisdiction mainly manifests in the user to the network resources available degree in using assigns the network resources to be the host the attribute and the visit jurisdiction may effectively in the applic
27、ation cascade control network system security. 3 Network security surveillance: The network surveillance is generally called for “the network management” its function mainly is carries on the dynamic surveillance to the entire network movement and handles each kind of event promptly. May understand
28、simply through the network surveillance discovers and solves in the network security problem such as the localization network fault point seizes the IP embezzler the control network visit scope and so on. 4 Audit and track: Network audit and track which is including the network aspect resources use
29、network breakdown and system keeping. It composed generally by two parts: One the recording event soon each kind of event entirely records in the document. Two carries on the analysis and the statistics to.Data transmission security, transmission security requirements to protect the information on t
30、he network is transmitted to prevent the passive and active violations. The security of data transmission can take the following measures: (1) encryption and digital signature: digital signature is the receiver of data used to confirm the sender of the data is true and correct. (2) firewall: firewal
31、l (Firewall) is a security measure that is widely used in Internet. It can be used to set up a series of components in different network or network security domain. It can detect, limit and change the data flow of the firewall, and detect the information, structure and running status of the network
32、as far as possible, so as to realize the network security. (3) Username or Password certification: the authentication method is the most commonly used as an authentication method for the operating system, telnet (remote login), rlogin (remote login), but the process is not encrypted, that is, passwo
33、rd is easy to be monitored and decryption. (4) authentication using the algorithm: radius (Remote Authentication Dial protocol, OSPF (open routing protocol), SNMP Security Protocol use shared Security Key (key), and the abstract algorithm (MD5) certification, but abstract algorithm is an irreversible process, therefore,