精品单片机与PC的串行通讯专业外文翻译定.docx
- 文档编号:4234327
- 上传时间:2022-11-28
- 格式:DOCX
- 页数:13
- 大小:40.21KB
精品单片机与PC的串行通讯专业外文翻译定.docx
《精品单片机与PC的串行通讯专业外文翻译定.docx》由会员分享,可在线阅读,更多相关《精品单片机与PC的串行通讯专业外文翻译定.docx(13页珍藏版)》请在冰豆网上搜索。
精品单片机与PC的串行通讯专业外文翻译定
专业外文翻译
题目
InternetSecurity
系(院)
计算机科学技术系
专业
通信工程
班级
2008级2班
学生姓名
李华山
学号
2008110311
指导教师
陈瑞斌
职称
讲师
二〇一二年五月二十日
InternetSecurity
AnintruderwiththerightbackgroundandmaliciousintenthasmanywaystoinfiltrateinternalcompanysystemsandnetworkdevicesthroughtheInternetconnection.Onceinside,thehackerhasfreereigntodestroy,change,orstealdataandtheseactionsbecausevarioussortsofnetworkhavoc.ThemostpopularuseoftheInternet,e-mail,isalsoinsecure.Thesamehackerwithaprotocolanalyzerandaccesstoroutersandothernetworkdevicescaninterceptorchangemessages.ThreatsliketheseconfrontsuchindustriesasInternetcommerceandcorporationsthatwishtointerconnecttheirofficesthroughLANsviatheInternet.
ThenetworksecuritymarketisquicklyrespondingtothethreatsbyapplyingauthenticationandencryptiontechnologiestotheInternetandbydevelopingnewproducts.Theseproductscomeatatimewheremethodsofattackingusernetworksaremoreelaborateandvendorsareimprovingtheirproductstokeepupwiththeincreasedthreats.“Usersneedthesetools[becausetheyrealize]theycan’tusetraditionalmonitoringtoolstostopincreasinglysophisticatedattacks,”saysJimHurley,ananalystwithTheAberdeenGroup.Thisarticledescribesvarioussecuritythreatsandsolutionsneededtoprotectindividualsandcompanies.
TypesofInternetSecurityProtection
1.SecurityPolicy
Internetconnectionswillneverbe100percentsecure.Ratherthanaimingfortotalsecurity,anorganizationhastoassessthevalueoftheinformationitistryingtoprotectandbalancethatagainstthelikelihoodofasecurityviolationandthecostofimplementingvarioussecuritymeasures.Acompany’sfirstline-of-defenseshouldbeeithertodeviseortoreviseitssecuritypolicyfortheorganizationthattakesInternetconnectionsintoaccount.Thispolicyshoulddefineindetailwhichemployeeshaverightstospecificservices.Itshouldalsoeducateemployeesabouttheirresponsibilitiesforprotectingtheorganization’sinformation,suchasprotectingpasswords,andclearlyspelloutactionsthatwillbetakenifasecurityviolationisdetected.Suchapolicycanbethefirststep,explainingtoemployeeswherethecompanystandsonmisuseofInternetconnections.
Partoftheprocesswillrequireevaluatingthecosttothecompanyofdifferenttypesofsecurityviolations.Corporationswillwanttoinvolvepeopleatthehighestlevelsoftheorganizationinthisprocess.Hiringacomputersecurityconsultantmaybeofsomehelp.Onceacompanywidepolicyisimplemented,thecompanythenshouldstartevaluatingtheuseoffirewalls,encryption,andauthentication.
2.Firewall
Afirewallisabarrierbetweentwonetworks,aninternalnetwork(trustednetwork)andanexternalnetwork(untrustednetwork).HeretheexternalnetworkistheInternet.Firewallsexamineincomingandoutgoingpacketsandaccordingtoasetofrulesdefinedbytheadministrator,eitherletthemthroughorblockthemout.FirewallsarenotanInternetsecurityremedy,buttheyareessentialtothestrategy.
Differentkindsoffirewallsfunctiondifferently.Theyscrutinize,examine,andcontrolthenetworktrafficinnumerouswaysdependingontheirsoftwarearchitecture.Belowarefirewallsthatworkindifferentways.
1)PacketFilteringFirewallTechnique
Manyroutersuseafirewalltechniquecalledpacketfiltering,whichexaminesthesourceanddestinationaddressesandportsofincomingTCPandUDPpackets,denyingorallowingpacketstoenterbasedonasetofpredefinedrulessetbytheadministrator.Packetfiltersareinexpensive,transparenttousers,andhaveanegligibleimpactonnetworkperformance.Configuringpacketfilteringisarelativelycomplexprocess,requiringapreciseknowledgeofnetwork,transport,andevenapplicationprotocolstrategy.
Aproblemwithpacketfiltersisthattheyaresusceptibleto“IPspoofing”,atrickthathackersusetogainaccesstoacorporatenetwork.IntrudersfoolthefirewallbychangingInternetProtocoladdressesinpacketheaderstoonesthatareacceptable.
2)TheApplication-GatewayFirewall
Amoresophisticatedandsecuretypeoffirewallisanapplicationgateway,whichisgenerallyconsideredmoresecurethanpacketfilters.ApplicationgatewaysareprogramswrittenforspecificInternetservicessuchasHTTP,FTP,andtelnet;applicationsthatrunonaserverwithtwonetworkconnections,actingasaservertotheapplicationclientandasaclienttotheapplicationserver.
Applicationgatewaysevaluatenetworkpacketsforvalidspecificdatamakingtheproxiesmoresecurethanpacketfiltering.Mostapplication-gatewayfirewallsalsohaveafeaturecallednetworkaddresstranslationthatpreventsinternalIPaddressesfromappearingtousersoutsidethetrustednetwork.
Therearetwoprimarydisadvantagestoapplicationgateways.Thefirstdisadvantageisaperformancedeclinecausedbytheproxyfunction’sdoubleprocessing.AnotheristhelagtimeforthefirewallvendortosupplyanapplicationproxyforanewlyintroducedInternetservice,suchasRealAudio.
3)SOCKSfirewall
Anothertypeofapplication-proxyfirewallistheSOCKSfirewall.Wherenormalapplication-proxyfirewallsdonotrequiremodificationstonetworkclients,SOCKSfirewallsrequirespeciallymodifiednetworkclients.Thismeansusershavetomodifyeverysystemontheirinternalnetworkthatneedstocommunicatewiththeexternalnetwork.OnaWindowsorOS/2system,thiscanbeaseasyasswappingafewDLLs.
Incaseswhereperformanceisconcerned,organizationsusingapplicationgatewaysshouldnotbeworriedwitha10-MbpsEthernetor100-MbpsFastEthernetconnection.Ifcompaniesuseapplicationproxieswithintheirnetwork,theycanconsiderfasthardware-basedsolutionssuchasCisco’sPIXFirewallorSeattleSoftware’sFirebox.Thecompanymayalsoconsiderinstallingfirewallsoftwareonasystemwithmultipleprocessors.
MajorfirewallvendorshaveincorporatedadditionalsecuritytechnologiesintotheirfirewallproductsandpartneredwithothersecurityvendorstooffercompleteInternetsecuritysolutions.Theseadditionalfeatureswillbediscussedsubsequentlyinthisarticleandincludeencryption,authenticationandprotectionfrommaliciousJavaandActiveXdownloads.
3.Authentication
FirewallsdotheirauthenticationusingIPaddresses,whichcanbefaked.IfacompanywantstogivecertainusersaccessovertheInternettosensitiveinternalfilesanddata,theywillwanttomakesuretoauthenticateeachuser.Authenticationsimplydescribesthenumerousmethodsthatpositivelyidentifyauser.Passwordsarethemostcommonmethodofauthenticationusedtoday,butemployeesarenotoriousformakingpoorpasswordchoicesthatcanbeguessedbyanexperiencedhacker.Inadditiontopasswords,whichareoftenusually“somethingyouknow,”manyorganizationsareturningtosolutionsthatalsorequire“somethingyouhave,”suchastokensandsmartcards.
Tokensaresmall,creditcardorcalculator-sizedevicesthattheremoteusercancarryaround.Smartcardsusedforauthenticationaresimilartotokens,excepttheyneedareadertoprocesstheauthenticationrequest.Bothuseachallengeresponsescheme.Whentheuserattemptstoconnect,anauthenticationserveronthenetworkissuesachallenge,whichtheuserkeysintothetokendevice.Thedevicedisplaystheappropriateresponse,whichtheremoteuserthensendstotheserver.ManyofthesetokensmayalsorequiretheusertotypeinaPIN.Firewallscansupporttheseauthenticationproductswithminoradjustments.Theadministratorsimplyconfiguresthefirewalltoforwardauthenticationforcertainservicestothedesignatedthird-partyserver,orusesanyincludedauthenticationservice.
4.Encryption
AsofficesandorganizationsconnecttotheInternet,manywillconsidertheInternetinfrastructureaninexpensivewayforwide-areaandremoteconnections.Inadditiontocompanies,InternetcommercevendorsneedtoprotectcreditcardandordertransactionsbeingtransferredthroughtheInternet.TousetheInternetforthesepurposes,companieshavetoprotecttheirinformationandcustomerswithencryption.Encryptionistheprocessofusinganencryptionalgorithmtotranslateplaintextintoanincomprehensibleciphertextandthenbacktoplaintextagain.Essentialtoencryptionisanumericvaluecalledthekeythatbecomespartoftheencryptionalgorithm,settingtheencryptionprocessinmotion.
1)TheEncryptionProcess
Apre-hashcodeisderivedmathematicallyfromthemessagetobesent.Thepre-hashcodeisencryptedusingthesender’sprivatekey.Theencryptedpre-hashcodeandthemessageareencryptedusingthesecretkey.Thesenderencryptsthesecretkeywiththerecipient’spublickey,soonlytherecipientcandecryptitwithhis/herprivatekey.
2)TheDecryptionProcess
Thedecryptionprocessessentiallyistheencryptionprocessinreverse.Therecipientuseshis/herprivatekeytodecryptthesecretkey.Therecipientthenusesthesecretkeytodecrypttheencryptedmessageandprehashcode.
5.Virtualprivatenetwork
Virtualprivatenetworking(VPN)isthetermusedtodescriberemoteaccessovertheInternet,aswellasuseoftheInternetinfrastructureforconnectingtwoofficesofanorganizationoreventwodifferentorganizations.Basically,aVPNisanencryptedconnectionbetweenprivatenetworksoverapublicnetwork.Withremoteaccess,theremoteusercallsthelocalISP,andthenconnectstothecentralnetworkovertheInternet.
Twoindustrystandardshaverecentlybecomeinteroperabletomakeremoteaccessandconnectionsovervirtualprivate
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 精品 单片机 PC 串行 通讯 专业 外文 翻译