欢迎光临中图网 请 | 注册
> >
网络空间内置式主动防御(英文版)

网络空间内置式主动防御(英文版)

作者:孟丹等
出版社:科学出版社出版时间:2021-12-01
开本: B5 页数: 52
中 图 价:¥54.5(7.9折) 定价  ¥69.0 登录后可看到会员价
加入购物车 收藏
运费6元,满39元免运费
?新疆、西藏除外
本类五星书更多>

网络空间内置式主动防御(英文版) 版权信息

网络空间内置式主动防御(英文版) 本书特色

本书提出内置式主动防御的理念、模型和技术体系。可供网络空间安全、信息技术等领域科研人员、工程技术人员以及研究生、高校教师阅读。

网络空间内置式主动防御(英文版) 内容简介

本书提出内置式主动防御新思路,强调从分析攻击机理和路径入手,找出信息系统漏洞背后攻击者所利用的信息技术安全脆弱点,从安全的需求出发,改变安全从属地位,重新设计、改造现有的信息技术,使其具备有效抑制、发现、调控、消除自身安全脆弱性造成的安全威胁的能力,变"信息技术加安全"为"安全的信息技术"。

网络空间内置式主动防御(英文版) 目录

Contents
Preface
Chapter 1 Security Threats in Cyberspace 1
Chapter 2 Dilemma of Classic Defense Systems and Technology 4
2.1 Defense Systems 4
2.2 Security Technology 6
2.3 Main Issues 7
Chapter 3 The Built-in Active Defense Theory and Model 11
3.1 Core Ideas 11
3.2 Defense Model 14
3.3 Main Features 18
Chapter 4 Built-in Active Defense Framework 22
4.1 Overview 22
4.2 Security-First Architecture 24
4.3 Key Techniques 29
Chapter 5 Summary 33
Acknowledgments 34
References 35
展开全部

网络空间内置式主动防御(英文版) 节选

Chapter 1 Security Threats in Cyberspace   The extensive application of information technology and the expansive reach of cyberspace have greatly boosted economic development and social prosperity, while bringing new security risks and challenges. On the one hand, the society and economy are increasingly integrated with the information systems. With the rapid development of emerging technologies such as 5G, cloud computing, artificial intelligence, and big data, the degree at which human, machine, and things are integrated is becoming higher and higher. Security threats in cyberspace are increasingly getting into the human society and physical space. On the other hand, security vulnerabilities in cyberspace are becoming more prevalent, the boundary between cyberspace and physical space is becoming increasingly blurred, attacks with unknown patterns are becoming ever more destructive, and cyberspace is becoming harder and harder to defend. Cybersecurity is now tightly associated with the common interests of all mankind, world peace and development, and national security of every country. It is a common challenge faced by all countries in the world. From a technical point of view, cybersecurity is facing two increasingly critical problems.   First, software and hardware vulnerabilities are inevitable. In the past two decades, the scale and complexity of software systems have increased constantly. The higher complexity of software code and the greater difficulty of verification, the higher probability of having security vulnerabilities. At the same time, hardware vulnerabilities are also ubiquitous. Defects in hardware designs and complex design/manufacturing processes are the two main factors that introduce hardware vulnerabilities. ①Many classic design principles embedded in the current hardware architectures place a heavy emphasis on performance optimization over security, leading to inherent security deficiencies in hardware. ②The hardware design process is lengthy and complex, such as requiring the use of many third-party IPs, standard cell libraries, and various EDA (electronic design automation) tools. The entire process may involve dozens of vendors, all of which may introduce new security vulnerabilities to the final products.   Second, attacks with unknown patterns emerge continuously. Attacks exploring software and hardware vulnerabilities are the main security threats in cyberspace. In recent years, the number of zero-day vulnerabilities has been growing rapidly and has become a norm. Although new vulnerabilities may pose difficulty of varying degrees when it comes to them being exploited, there are always new vulnerabilities that will be successfully exploited, leading to security breaches with previously unknown patterns. The traditional defense technology that uses ad-hoc patches after each breach is reactive in nature and is always lagging behind attacks. Attacks with unknown patterns have become the most threatening challenge in cyberspace and are the focus and main challenge of future defense strategies.   As software and hardware vulnerabilities are inevitable and attacks with unknown patterns are unavoidable, exploring and designing more effective new defense systems for cyberspace has great practical significance, broad scientific and technological importance, and profound strategic influence.   Chapter 2 Dilemma of Classic Defense Systems and Technology   2.1 Defense Systems   The classic defense systems, represented by perimeter defense and defense-in-depth, mainly consider the network system as the center and create a perimeter surrounding the network system. It then implements defense policies at the perimeter and achieves the effect of "fending off the enemy outside the gate".   Perimeter defense[1], as the earliest defense mechanism, mainly guards the perimeter to resist external attacks. It, however, has many shortcomings, such as that there is no effective way to prevent internal threats and any breach of the perimeter will render the entire security system completely ineffective.   The defense-in-depth system[2] is an extension of the perimeter defense and typically implements hierarchical multi-layered defense policies. It considers human, technology, and operation as the core elements of safeguarding information systems and deploys security measures in the critical areas such as network infrastructure, network boundaries, computing systems, and supporting infrastructure. It sets up layered protection and detection measures according to the hierarchical network architecture to form a hierarchical security framework.   In an open network, defenders cannot fully control all the paths of the network, making it difficult to build a defense-in-depth system. To address this challenge, a new type of defense system represented by zero-trust has been proposed a few years ago[3]. In the zero-trust system, security defense is no longer centered on networks and

商品评论(0条)
暂无评论……
书友推荐
本类畅销
编辑推荐
返回顶部
中图网
在线客服