[工学]网络安全-01.pptVIP

2010年岁末，德国混沌电脑俱乐部评出了2010年最超级病毒，Stuxnet病毒获此“殊荣”。 Stuxnet病毒被誉为“网络空间的精确制导武器”可谓实至名归。研究结果显示，Stuxnet病毒攻击目标锁定为西门子的Simatic WinCC SCADA（数据采集与监控）系统，并配备有两个“数字弹头”。 第一个弹头攻击西门子S7-300(315)系统，目标锁定于伊朗在纳坦兹的浓缩铀工厂。 据称在近17个月的时间内，Stuxnet病毒潜伏在目标系统特定的组件里，改变离心机旋转速度的控制，通过让离心机快速转动然后急剧停止来使离心机受损伤。虽然其没有直接破坏离心机，但它使轴承快速磨损，导致设备需要不断更新和维修。而此前，多个网络安全公司已经通过研究和模拟分析确认了Stuxnet病毒的攻击目标就是伊朗的核设施。 第二个弹头攻击西门子的S7-400(417)系统，目标是布什尔核电厂汽轮机控制。它采用了中间人攻击（MITM）的方式，让实际控制代码强制设备进行错误的输入输出，其代码显然比针对S7-315系统的代码精妙。根据研究人员分析，没有被激活的Stuxnet代码仍然定期更新过程映射，但是Stuxnet代码可以传递原来通过物理映射输入的初始值，也可以不传递，这会使汽轮机的控制受到干扰，极端情况下，涡轮会遭到破坏。 /forum.php?mod=viewthreadtid=201869 * The second, illustrated in Figure 1.6, model is concerned with controlled access to information or resources on a computer system, in the presence of possible opponents. Here appropriate controls are needed on the access and within the system, to provide suitable security. Some cryptographic techniques are useful here also. * * Detail here the tasks needed to use this model. Note that trusted computer systems (discussed in Ch 20 can be useful here). * Chapter 1 summary. * * * * * Discuss observed security trends (Stallings section 1.1 Figure 1.2 above), noting growth in sophistication of attacks contrasting with decrease in skill knowledge needed to mount an attack. * * * To assess effectively the security needs of an organization and to evaluate and choose various security products and policies, the manager responsible for security needs some systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. This is difficult enough in a centralized data processing environment; with the use of local and wide area networks,the problems are compounded. ITU-T Recommendation X.800, Security Architecture for OSI, defines such a systematic approach. The OSI security architecture is useful to managers as a way of organizing the task of providing security. * The OSI security architecture focuses on security attacks,mech