登入 | 搜小說

討厭的東西(非文勿進)小說txt下載_路人某某最新章節無彈窗

時間:2017-12-02 06:49 / 編輯:千面
主人公叫未知的書名叫《討厭的東西(非文勿進)》,這本小說的作者是路人某某寫的一本近代未知、未知、未知小說,內容主要講述:Dimensions of e-business security維度電子商務安全 - Integrity refers to the ability to e...
《討厭的東西(非文勿進)》精彩章節

Dimensions of e-business security維度電子商務安全

- Integrity refers to the ability to ensure that information being displayed on a web site or transmitted or received over the internet, has not been altered in any way by an unauthorized party正直提到能保證資訊被顯示在網站或被傳或者獲得在網際網路,未在任何情況下被修改由一個未批准的黨

- Non-repudiation refers to the ability to ensure that e-business participants do not deny (i.e., repudiate) their online action非拒絕提到能保證電子商務參加者不否認(即,否定)他們的網上行動

- Authenticity refers to the ability to ensure that identify the identify of a person or entity with whom you are dealing on the internet真實提到能保證辨認人辨認或個體您在網際網路涉及

- Confidentiality refers to the ability to ensure that messages and data are available only to those who are authorized to view them機密提到能保證訊息和資料對被批准觀看他們的那些人是僅可利用的

- Privacy refers to the ability to ensure the use of information about oneself保密提到能保證對關於自己的資訊的用途

- Availability refers to the ability to ensure that an e-business site continues to function as intended可及提到能保證電子商務站點繼續起作用按照計劃

The tension between security and other values緊張在安全和其他價值

(a) Ease of use易用之間

- The more security measures that are added to an e-business site, the more difficult it is to be use and the slower the site becomes, hampering ease of use, security is purchased at the price of slowing down processors and adding significantly to data storage demands越多安全措施增加到電子商務站點,越困難的它是用途,並且越慢站點變得,阻礙易用,安全被購買以減速處理器的價格,並且重大增加到資料儲存要

- Too much security can harm profitability, while not enough can potentially put a business out of business而不是足夠可能潛在地投入事務在事務外面, -許多安全可能危害有利

(b) Public safety and the criminal use of security公共安全和對安全的犯罪用途

- There is tension between the claims of individuals to act anonymously and the needs of the public officials to maintain public safety that can be threatened by criminals or terrorists有緊張在行動的個體聲稱匿名和公務員之間的需要維護可以由罪犯或恐怖分子威脅的公共安全

Security threats in the e-business environment

- Three key points of vulnerability – the client; the server; communications pipeline三個關鍵弱點-客戶; 務器; 通訊管

Seven security threats to e-business sites

(1) Malicious code惡意程式碼

- Includes a variety of threats such as viruses, Trojan horses, and bad applets包括各種各樣的威脅例如病毒、特洛伊馬和壞附屬程式

- Virus is a computer program that has the ability to replicate or make copies of itself, and spread to other files病毒是有能複製或做複製的本的計算機程式,並且傳播了對其他檔案

- Trojan horse appears to be benign, but then does something other than expected除期望之外,另一方面-電腦程式內的病毒看來是良的,但做某事

(2) Hacking and cyber vandalism亂砍和故意破壞

- Hacker is an individual who intends to gain unauthorized access to a computer system駭客是打算獲取對計算機系統的越權存取的人

- Cracker is the term typically used within the hacking community to denote a hacker with criminal intent薄脆餅乾是規定典型地用於在亂砍的社群範圍內表示一位駭客以犯罪意向

- Cyber vandalism is intentionally disrupting, defacing, or even destroying a site Cyber故意破壞是打亂,故意地損毀,甚至毀壞站點

- White hats are “good” hackers that help organization locate and fix security flaws拜瑟帽子是「幫助組織找出和修理安全漏洞的好」駭客

- Black hats are hackers who act with the intention of causing harm黑帽子是行動打算導致害處的駭客

- Grey hats are hackers who believe they are pursuing some greater good by breaking in and revealing in and revealing system flaws灰帽子是相信的駭客他們透過打破在和顯某一更加偉大好和顯的系統缺點

(3) Credit card fraud信用卡欺騙

- Different from traditional business與傳統事務不同

- Hackers target files on merchant server駭客目標檔案在商人務器

(4) Spoofing欺騙

- Misrepresenting oneself by using fake email addresses or masquerading as someone else誤傳的透過使用假電子郵件或化妝像個別人

(5) Denial of service attacks取消

- Flooding a web site with useless traffic to inundate and overwhelm the network充斥網站以無用的通淹沒和淹沒網路

- Distributed denial of service attack uses numerous computers to attack the target network from numerous launch points分佈的取消擊使用許多計算機擊目標網路從許多發

(6) Sniffing嗅

- A type of eavesdropping program that monitors information traveling over a network竊聽的節目的型別旅行在網路的那顯示器資訊

(7) Insider jobs知情人工作

- Employees with access to sensitive information僱員以對高度機密資訊的通入

- Sloppy internal security procedures散漫的內部安全規程

- Able to roam throughout an organization’s system without leaving a trace能漫遊在組織的系統中,不用留下蹤影

Encryption加密

(a) The process of transforming plain text or data into cipher text that cannot be read by anyone outside of the sender and receiver變換純文字或資料的過程成不可能由任何人讀在發令者和接收器外面的密碼文字

(b) The purpose of encryption is (a) to secure stored information and (b) to secure information transmission加密的目的是(a)綁被儲存的資訊和(b)到安全資訊傳輸上

(c) Cipher text is text that has been encrypted and thus cannot be read by anyone beside the sender and the receiver密碼文字是被加了密和不可能由任何人因而讀在發令者和接收器旁邊的文字

(d) Key or cipher is any method for transforming plain text to cipher text鑰匙或暗號是所有方法為變換純文字對密碼文字

(e) Substitution cipher is where every occurrence of a given letter is systematically replaced by another letter替換密碼是一封特定信件的每發生被另一封信件的地方系統地替換

(f0 Transposition cipher changes the order of the letters in each world in some systematic way叉點暗號在每個世界改變信件的定貨用某一系統的方式

(g) Symmetric key encryption (secret key encryption) the sender and the receiver use the same key to encrypt and decrypt the message相稱關鍵加密(秘密關鍵加密)發令者和接收器使用同一把鑰匙加密和解碼訊息

- Data encryption standard (DES) is the most widely used symmetric key encryption, developed by the national security agency (NSA) and IBM資料加密標準(DES)是最用途廣泛的相稱關鍵加密,開發由國家安全代辦處(NSA)和IBM

(h) Public key cryptography use two mathematically related digital keys: a public key and a private key公共金鑰加密法用途二數學上相關的數字式鑰匙:一個公共金鑰和一個私用金鑰

- The private key is kept secret by the owner, and the public key is widely disseminated私用金鑰由所有者保持秘密,並且廣泛傳播公共金鑰

- Both keys can be used to encrypt and decrypt a message兩把鑰匙可以用於加密和解碼訊息

- However, once the key are used to encrypt a message, the same key cannot be used to unencrypted the message然而-,一旦鑰匙用於加密訊息,同一把鑰匙不可能用於末加密訊息

(i) Digital signature is a “signed” cipher text that can be sent over the internet數字簽名是可以被在網際網路的「簽字的」密碼文字

(j) Hash function uses an algorithm that produces a fixed-length number called a hash or message digest雜湊函式使用導致稱回鍋隧疡的一個定長數字或訊息摘要的一種演算法

(k) Digital envelop is a technique that uses symmetric encryption for large documents, but public key encryption to encrypt and send the symmetric key數字式包圍是為大檔案使用相稱加密的技術,但是公共金鑰加密法加密和相稱鑰匙

(l) Digital certificate is a digital document issued by a certification authority that contains the name of the subject or company, the subject’s public key, a digital certification serial number, an expiration data, the digital signature of the certification authority, and other identifying information數字認證是包主題或公司的名字,主題的公共金鑰、一個數字式證明號碼、失效資料、證明當局數字簽名和其他辨認資訊的證明當局發布的一個數字式檔案

(m) Certification authority (CA) is a trusted third party that issues digital certificates證明當局(加州)一被信任的第三方問題數字認證

(n) Public key infrastructure (PKI) are certification authorities and digital certificate procedures that are accepted by all parties公共金鑰基礎設施(PKI)是證明當局和由所有黨接受的數字認證規程

Securing channels of communications通訊安全信

- Secure sockets layer (SSL) is the most common form of securing channels安全接字層(SSL)是安全信的最共同的形式

- Secure negotiated session is a client-server session in which the URL of the requested document, along with the contents, the contents of forms, and the cookies exchanged, are encrypted安全談判的會議是請的檔案,與內容一起,內容形式和曲奇餅URL換的客戶端務器會議,被加密

- Session key is an unique symmetric encryption key chosen for a single secure session對話鍵是為一個唯一安全會議選擇的一個獨特的相稱金鑰

Protecting networks

- Firewalls are software applications that act as a filter between a company’s private network and the internet itself防火牆是作為過濾器在公司的專用網和網際網路之間的軟體應用

- Proxy server is a software server that handles all communications originating from or being sent to the internet, acting as a spokesperson or bodyguard for the organization代理務器是處理所有通訊起源或被到網際網路的軟體務器,作為一位發言人或保鏢為組織

Protecting servers and clients

- Operating system controls allow for the authentication of the user and access controls to files, directories and network paths 保護的務器和客戶-作系統的控制考慮到使用者和存取控制的認證對檔案、目錄和網路路徑

- Anti-virus software is the easier and least expensive way to prevent threats to system integrity抗病毒軟體是更加容易和最少昂貴的方式防止威脅到系統完整

Developing an e-business security plan

(a) Perform a risk assessment執行一個風險評估

- Assessment of risks and point of vulnerability對風險的評估和問題的弱點

(b) Develop a security policy開發一項安全策略

- A set of statements prioritizing the information risks, identifying acceptable risk targets, and identifying the mechanisms for achieving these targets給予資訊風險優先,辨認可接受的風險目標和辨認機制為達到的一宣告這些目標

- Mechanisms includes: - access controls determine who can gain legitimate access to a network; authentication procedures include the use of digital signatures, certificates of authority, and public key infrastructure; authorization policies determine differing levels of access to information assets for differing levels of users機制包括: -存取控制確定誰可能獲得對網路的法的使用; 認證規程包括對數字簽名、許可證和公共金鑰基礎設施的用途; 授權政策確定通入的不同的平對資訊財產的為使用者的不同的

(c) Develop an implementation plan開發實施計劃

- The action steps you will take achieve the security plan goals您將採取的行動步驟達到安全計劃目標

(d) Create a security organization創造安全組織

- Educates and trains users, keeps management aware of security threats and breakdowns, and maintain the tools chosen implement security育並且訓練使用者,保持管理明安全威脅和故障,並且維護工選上的貫徹安全

(e) Perform security audit執行安全審計

- Involves the routine review of access logs identifying how outside are using the site as well as how insides are accessing the site’s assets介入通入誌定期回顧辨認在怎麼之外的使用站點以及怎麼裡面訪問站點的財產

(5 / 9)
討厭的東西(非文勿進)

討厭的東西(非文勿進)

作者:路人某某
型別:
完結:
時間:2017-12-02 06:49

大家正在讀
相關內容

本站所有小說為轉載作品,所有章節均由網友上傳,轉載至本站只是為了宣傳本書讓更多讀者欣賞。

Copyright © 2026 窩波書庫 All Rights Reserved.
[繁體版]

聯絡客服:mail