Features:
Network information security function to ensure information security, the most fundamental thing is to ensure that the basic functions of information security play a role. Therefore, there are five characteristics of information security.
complete
It refers to the characteristics that information can not be modified, destroyed or lost during transmission, exchange, storage and processing, that is, it can be generated, stored and transmitted correctly, which is the most basic security feature.
2. Confidentiality
It refers to the characteristic that information will not be leaked to unauthorized individuals, entities or processes or provided for their use according to given requirements, that is, it prevents useful information from being leaked to unauthorized individuals or entities and emphasizes the characteristic that useful information is only used by authorized objects.
3. Effectiveness
Refers to the characteristics that network information can be correctly accessed by authorized entities, and can be used normally or resumed under abnormal conditions as needed, that is, the required information can be correctly accessed when the system is running, and it can be quickly restored and put into use when the system is attacked or destroyed. Availability is a measure of the user-oriented security performance of network information system.
4. Non-repudiation
Refers to the communication between the two parties in the process of information interaction, convinced that the information provided by the participants themselves and participants is true, that is, it is impossible for all participants to deny or deny their true identity, as well as the authenticity of the information provided and the completed operations and commitments.
5. controllability
It refers to the characteristics that the information dissemination and specific content circulating in the network system can be effectively controlled, that is, any information in the network system should be controllable within a certain transmission range and storage space. In addition to the conventional monitoring of communication sites and communication contents, the most typical hosting strategies, such as passwords, must be strictly controlled and implemented when the encryption algorithm is managed by a third party.
Information security mainly includes the following five aspects: the need to ensure confidentiality, authenticity, integrity, unauthorized copying and the security of parasitic systems. Information security itself covers a wide range, including how to prevent the disclosure of business secrets, prevent teenagers from browsing bad information, and disclose personal information. The information security system under the network environment is the key to ensure information security, including computer security operating system, various security protocols, security mechanisms (digital signature, message authentication, data encryption, etc. ), and even security systems, such as UniNAC and DLP. As long as there are security loopholes, global security may be threatened. Information security refers to the protection of information systems (including hardware, data, personnel, physical environment and its infrastructure) from being damaged, changed or leaked by accidents or malicious reasons, the system runs continuously and reliably, the information service is uninterrupted, and finally the business continuity is realized.
Information security discipline can be divided into two levels: narrow security and broad security. Security in a narrow sense is the field of computer security based on cryptography, and the early information security major in China usually takes this as a benchmark, supplemented by computer technology, communication network technology and programming. Information security in a broad sense is a comprehensive subject. From traditional computer security to information security, it is not only a change of name, but also an extension of security development. Safety is not a purely technical issue, but a product of the combination of management, technology, law and other issues. This major trains senior information security professionals who can engage in computer, communication, e-commerce, e-government and e-finance.