- ISBN:9787030680891
- 装帧:一般胶版纸
- 册数:暂无
- 重量:暂无
- 开本:B5
- 页数:52
- 出版时间:2021-12-01
- 条形码:9787030680891 ; 978-7-03-068089-1
本书特色
本书提出内置式主动防御的理念、模型和技术体系。可供网络空间安全、信息技术等领域科研人员、工程技术人员以及研究生、高校教师阅读。
内容简介
本书提出内置式主动防御新思路,强调从分析攻击机理和路径入手,找出信息系统漏洞背后攻击者所利用的信息技术安全脆弱点,从安全的需求出发,改变安全从属地位,重新设计、改造现有的信息技术,使其具备有效抑制、发现、调控、消除自身安全脆弱性造成的安全威胁的能力,变"信息技术加安全"为"安全的信息技术"。
目录
Preface
Chapter 1 Security Threats in Cyberspace 1
Chapter 2 Dilemma of Classic Defense Systems and Technology 4
2.1 Defense Systems 4
2.2 Security Technology 6
2.3 Main Issues 7
Chapter 3 The Built-in Active Defense Theory and Model 11
3.1 Core Ideas 11
3.2 Defense Model 14
3.3 Main Features 18
Chapter 4 Built-in Active Defense Framework 22
4.1 Overview 22
4.2 Security-First Architecture 24
4.3 Key Techniques 29
Chapter 5 Summary 33
Acknowledgments 34
References 35
节选
Chapter 1 Security Threats in Cyberspace The extensive application of information technology and the expansive reach of cyberspace have greatly boosted economic development and social prosperity, while bringing new security risks and challenges. On the one hand, the society and economy are increasingly integrated with the information systems. With the rapid development of emerging technologies such as 5G, cloud computing, artificial intelligence, and big data, the degree at which human, machine, and things are integrated is becoming higher and higher. Security threats in cyberspace are increasingly getting into the human society and physical space. On the other hand, security vulnerabilities in cyberspace are becoming more prevalent, the boundary between cyberspace and physical space is becoming increasingly blurred, attacks with unknown patterns are becoming ever more destructive, and cyberspace is becoming harder and harder to defend. Cybersecurity is now tightly associated with the common interests of all mankind, world peace and development, and national security of every country. It is a common challenge faced by all countries in the world. From a technical point of view, cybersecurity is facing two increasingly critical problems. First, software and hardware vulnerabilities are inevitable. In the past two decades, the scale and complexity of software systems have increased constantly. The higher complexity of software code and the greater difficulty of verification, the higher probability of having security vulnerabilities. At the same time, hardware vulnerabilities are also ubiquitous. Defects in hardware designs and complex design/manufacturing processes are the two main factors that introduce hardware vulnerabilities. ①Many classic design principles embedded in the current hardware architectures place a heavy emphasis on performance optimization over security, leading to inherent security deficiencies in hardware. ②The hardware design process is lengthy and complex, such as requiring the use of many third-party IPs, standard cell libraries, and various EDA (electronic design automation) tools. The entire process may involve dozens of vendors, all of which may introduce new security vulnerabilities to the final products. Second, attacks with unknown patterns emerge continuously. Attacks exploring software and hardware vulnerabilities are the main security threats in cyberspace. In recent years, the number of zero-day vulnerabilities has been growing rapidly and has become a norm. Although new vulnerabilities may pose difficulty of varying degrees when it comes to them being exploited, there are always new vulnerabilities that will be successfully exploited, leading to security breaches with previously unknown patterns. The traditional defense technology that uses ad-hoc patches after each breach is reactive in nature and is always lagging behind attacks. Attacks with unknown patterns have become the most threatening challenge in cyberspace and are the focus and main challenge of future defense strategies. As software and hardware vulnerabilities are inevitable and attacks with unknown patterns are unavoidable, exploring and designing more effective new defense systems for cyberspace has great practical significance, broad scientific and technological importance, and profound strategic influence. Chapter 2 Dilemma of Classic Defense Systems and Technology 2.1 Defense Systems The classic defense systems, represented by perimeter defense and defense-in-depth, mainly consider the network system as the center and create a perimeter surrounding the network system. It then implements defense policies at the perimeter and achieves the effect of "fending off the enemy outside the gate". Perimeter defense[1], as the earliest defense mechanism, mainly guards the perimeter to resist external attacks. It, however, has many shortcomings, such as that there is no effective way to prevent internal threats and any breach of the perimeter will render the entire security system completely ineffective. The defense-in-depth system[2] is an extension of the perimeter defense and typically implements hierarchical multi-layered defense policies. It considers human, technology, and operation as the core elements of safeguarding information systems and deploys security measures in the critical areas such as network infrastructure, network boundaries, computing systems, and supporting infrastructure. It sets up layered protection and detection measures according to the hierarchical network architecture to form a hierarchical security framework. In an open network, defenders cannot fully control all the paths of the network, making it difficult to build a defense-in-depth system. To address this challenge, a new type of defense system represented by zero-trust has been proposed a few years ago[3]. In the zero-trust system, security defense is no longer centered on networks and
-
全图解零基础word excel ppt 应用教程
¥15.6¥48.0 -
有限与无限的游戏:一个哲学家眼中的竞技世界
¥37.4¥68.0 -
零信任网络:在不可信网络中构建安全系统
¥37.2¥59.0 -
硅谷之火-人与计算机的未来
¥20.3¥39.8 -
情感计算
¥66.8¥89.0 -
大模型RAG实战 RAG原理、应用与系统构建
¥69.3¥99.0 -
LINUX企业运维实战(REDIS+ZABBIX+NGINX+PROMETHEUS+GRAFANA+LNMP)
¥52.4¥69.0 -
AI虚拟数字人:商业模式+形象创建+视频直播+案例应用
¥68.2¥89.8 -
LINUX实战——从入门到精通
¥49.0¥69.0 -
UNIX环境高级编程(第3版)
¥164.9¥229.0 -
剪映AI
¥52.8¥88.0 -
快速部署大模型:LLM策略与实践(基于ChatGPT等大语言模型)
¥56.9¥79.0 -
数据驱动的工业人工智能:建模方法与应用
¥68.3¥99.0 -
深度学习高手笔记 卷2:经典应用
¥90.9¥129.8 -
纹样之美:中国传统经典纹样速查手册
¥81.8¥109.0 -
UG NX 12.0数控编程
¥24.8¥45.0 -
MATLAB计算机视觉与深度学习实战(第2版)
¥90.9¥128.0 -
UN NX 12.0多轴数控编程案例教程
¥24.3¥38.0 -
做好课题申报:AI辅助申请书写作
¥48.9¥69.8 -
微机组装与系统维护技术教程(第二版)
¥37.8¥43.0