Computer and Network Security (2) | August Challenge This is my second day in the August Challenge.August more challenge | new game play strange upgrade, prize overlay get soft 🎁 (juejin.cn))
1.4 Security Services
- Authentication ① Peer entity authentication; ② Data source authentication
- Access control
- Data confidentiality
- Data integrity
- nonrepudiability
1.5 Security Mechanism
1.5.1 Specific Security Mechanism
- Encryption: The use of algorithms to transform data into an unknown form
- Digital signature: A piece of data appended to a data unit, changing the password table of the data unit to enable the recipient to prove the data source and integrity and prevent forgery
- Access control
- Data integrity
- Authentication exchange: Various mechanisms for ensuring the identity of entities through the exchange of information
- Flow padding: The insertion of several bits in the data flow gap to prevent traffic analysis
- Routing control: Select special physically secure lines for certain data, allowing routing changes
- Notarization: The use of a trusted third party to guarantee some nature of the data exchange
1.5.2 General Security mechanism
- Trusted features: features that are considered correct according to some criteria
- Security label: A label for a resource (data unit) that names or specifies the security attributes of the resource
- Event detection: Detects security-related events
- Security audit trail: Collect security audit data, which is an independent review and verification of system records and behavior
- Secure recovery: Handles requests from security mechanisms, such as event handling, managing functions, and taking recovery actions
1.6 Basic safety design guidelines
- Economy of Mechanism
- Fail-safe Defaults
- Complete Mediation
- Open Design
- Separation of Privilege
- Least privilege
- Least common mechanism
- Psychological acceptability
- Isolation
- Encapsulation
- Modularity
- Layering
- Minimum accidents (Least astonishment)
Bye.