容错系统工作方式－磁盘阵列续.pptVIP

计算系统与网络安全Computer System and Network Security 电子科技大学 计算机科学与工程学院 第8章 计算机系统安全(基础) 第8章 计算机系统安全(基础) What We Should Know 熟悉自己的系统 计算机、嵌入式系统 熟悉所用的软件平台 操作系统、开发软件及工具 熟悉系统所处的环境 系统连接和接口 熟悉系统安全中的热点 KeyPoint, Hotarea Key Points: Organization Overview Key Points: OS Overview Key Points: Safe Guarantee 第8章 计算机系统安全(基础) 物理安全－Outline Why physical security? Security plan Contents of physical security Security plan and physical security Conclusions Why physical security? Physical Security Security plan Security Planning A security plan Document describing how an organization addresses its security needs（如何解决安全需求） Periodically reviewed and revised（需要不断的修改） Creating a security plan What it should do（做什么？） Who should write the plan（谁来写计划） How to acquire support for the plan（如何为计划获得支持） Security Planning A security plan must address the following Policy：策略 Current security state：当前安全事态 Recommendations and the requirements to meet the security goals：推荐的方法 Accountability：义务 Who is responsible for a each security activity Timetable：时间表 For different security functions Continuing attention for periodic update：持续计划 Policy（策略） Should address Who should be allowed to access what resources and how should the access be regulated Should specify Organizational security goals（目标） Where the responsibility lies (accountability policy); limits of responsibility（责任） Organizational support for security（支持） Legal and ethical aspects?（法律与道德） Current Security State Can be determined on the basis of risk analysis Indicates Organizational assets（企业财产） Security threats to these assets（对企业财产的威胁） Controls in place against these threats（如何控制这些威胁） Recommendation and requirements It is important to Indicate what requirements are to be imposed in a plan, and over what period Phase out implementation, and indicate elements of each phase and their time periods（指出每一个阶段及其时间表） The plan Must be extensible：可扩展性 Must include a procedure for change and growth：可适应性 Should remain laregely intact through change in the or