Chapter 10 Computer and Network Security Computer English 计算机专业英语—电子教程演示教学.pptVIP

Computer English ;Key points:  useful terms and definitions of computer securityDifficult points:  distinguish between four kinds of computer security breaches;Requirements:;New Words Expressions: breach 破坏，缺口 involve 包含，涉及，也可不译 depositor 寄托者 vulnerability 弱点，攻击 perimeter 周围，周边 penetrate vt. 攻破，攻击 Exposure 曝光，揭露 threat n. 威胁，恐吓 asset 资产 interruption 中断，打断 interception 截取 modification 修改 fabricate v. 伪造 tamper v. 篡改 spurious adj. 假的 ; 10.1.1 入侵计算机的特点 Principle of Easiest Penetration. An intruder must be expected to use any available means of penetration. This will not necessarily be the most obvious means, nor will it necessarily be the one against which the most solid defense has been installed. 最容易攻破原理。入侵者必定要使用一种可以攻破的方法，这种方法既不可能是最常用的，也不可能是针对已经采取了最可靠的防范措施的方法。 This principle says that computer security specialists must consider all possible means of penetration, because strengthening one may just make another means more appealing to intruders. We now consider what these means of penetration are. 这一原理说明计算机安全专家必须考虑所有可能的攻击方法。由于你加强了某一方面，入侵者可能会想出另外的对付方法。我们现在就说明这些攻击的方法是什么。;10.1.2 KINDS OF SECURITY BREACHES The major assets of computing systems are hardware, software, and data. There are four kinds of threats to the security of a computing system: interruption, interception, modification, and fabrication. The four threats all exploit vulnerabilities of the assets in computing systems. These four threats are shown in Fig.10-1. 计算机系统的主要资源是硬件、软件和数据。有四种对计算机安全的威胁：中断，截取，篡改和伪造。这四种威胁都利用了计算机系统资源的脆弱性，图10-1表示这四种威胁。;Fig.10-1 Four classes of System Security Failures;10.1.2 KINDS OF SECURITY BREACHES In an interruption, an asset of the system becomes lost or unavailable or unusable. An example is malicious destruction of a hardware device, erasure of a program or data file, or failure of an operating system file manager so that it cannot find a particular disk file. (1)在中断情况下，系统资源开始丢失，不可用或不能用。例如，蓄意破坏硬件设备，抹除程序或数据文件或造成操作系统的文件管理程序故障，以致不能找