原创力文档- 1、本文档共34页,可阅读全部内容。
- 2、原创力文档(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。
- 3、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载。
- 4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
查看更多
移动通信安全设计
2005/09/20 Internet Security - System Analysis Planning 2005/09/20 Internet Security, Principles Practices John K Zao Lecture II :
Security Analysis and Planning Internet Security: Principles Practices John K. Zao, PhD SMIEEE National Chiao-Tung University Fall 2005 Theme Objectives Highlight objectives of security system design implementation Introduce procedure of security system planning operation Motto Security/Safety is a relative measure NO system is absolutely secure ! Users’ sense of security is usually a fuzzy warm feeling Security specialists must specify quantify security measures Security systems only offer measured protection (safeguards) over selected resources (assets) against identified dangers (threats) Security protection is a perpetual practice consisting of planning, deployment, monitoring improvement Security System, Planning Operation Vulnerability Analysis Service Selection Mechanism Implementation Security System, Concepts Assets – system resources to be valued protected Vulnerability – system weakness exposes assets to threats Threats – persons/things/events pose dangers to assets Attacks – actual realizations of security threats Risks – cost measures of realized vulnerability (considering probability of successful attacks Countermeasures/Safeguards –
structures/policies/mechanisms protect assets from threats Threats, Categorization Fundamental Threats Confidentiality Violation – leakage of information Integrity Violation – compromise of information consistency Denial of Services – service unavailability to legitimate users Illegitimate Use – service availability to illegitimate users Enabling Threats Penetration Threats Masquerade – identity falsification Control/Protection Bypass – system flaw exploitation Authorization Violation – insider violation of usage authorization Planting Threats Trojan Horse Trapdoor/Backdoor Threats, Categorization [Cont’d] Underlying Threats Eavesdropping Traffic Analysis Personnel Indiscretion/Misco
您可能关注的文档
- 新目标英语八年级下Unit8 Have you read Treasure 课件.ppt
- takara primestar GXL 酶 操作手册.pdf
- LED TubeLED灯管在申请ETL或UL时要注意的问题及结构要求UL2097和UL1993标准解析.pdf
- 名著导读 雾都孤儿 活动课.ppt
- 中餐菜名翻译研究综述.pdf
- 重复固溶处理对超低温用铸造马氏体时效不锈钢性能的影响_苏文文.pdf
- 06. 3DMAX 放样物体的建立.ppt
- Carboplatin±Oral Etoposide Personalised Dosing in Elderly Non-small Cell Lung Cancer Patients.pdf
- 矮壮素对黄瓜幼苗形态及生理指标的影响.pdf
- 新编简明英语语言学教程 第二版 戴炜栋6 pragmatics.ppt
文档评论(0)