TreeviewCopyright © aleen42 all right reserved, powered by aleen42

Security Back

  • Security(安全性)衡量一個系統抵抗非法使用的能力或該系統是否存在安全問題.
  • Attack(攻擊): 指嘗試違反系統安全的行為.
  • Nonrepudiation(不可否認性): 指一個事務不能被否認的性質
  • Confidentiality(保密性): 指數據或服務不能被無驗證訪問的性質
  • Integrity(完整性): 指數據或服務提交後不能被隨意修改的性質
  • Assurance(保證性): 指事務被確保完成的性質
  • Availability(可用性): 指系統可用的性質
  • Auditing(審核): 指系統會追尋每一活動的性質

Scenario

  • example:

Tatics(策略)

1. Resisting Attacks(防止攻擊)

  • Authenticate users: 驗證用戶 (密碼, 一次性密碼)
  • Authorize users: 授權用戶
  • Maintain data confidentiality: 維持數據的保密性 (網銀使用https協議, 雙通道/雙因素驗證)
  • Maintain integrity: 維持完整性 (MD5值)
  • Limit exposure: 限制暴露 (關閉端口, 關閉服務, 關閉無線SSID等)
  • Limit access: 限制訪問 (防火牆, MAC地址過濾)

2. Detecting Attacks(檢測攻擊)

  • Intrusion Detection: 入侵檢測
    • Intrusion Detection System(IDS): traffic pattern

3. Recovering from Attacks(從攻擊中恢復)

  • Restoring state: 修復狀態
  • Attacker identification: 識別攻擊者的身份
    • audit trail = copy of transaction + identifying information
Comments Copyright © aleen42 all right reserved, powered by aleen42
Empty Comments
Sign in GitHub

As the plugin is integrated with a code management system like GitLab or GitHub, you may have to auth with your account before leaving comments around this article.

Notice: This plugin has used Cookie to store your token with an expiration.

Aleen®

More than a coder, more than a designer

Copyright © aleen42 all right reserved, powered by aleen42

modified at 2021-12-15 10:14:06

20 issues reported

#35 [思] Handlebars 模板应该如何进行预处理2019-01-31 13:42:05Inspiration!

#32 [集] A collection of confusing problems met when developing JavaScript under IE2022-01-11 14:03:30Tasks!

#30 [思] 当需要传递多个不定参数时,该如何设计 JavaScript 函数?2017-05-29 09:42:07Inspiration!

#29 [歸納] 304 Status Code 下的头部信息2018-03-19 12:25:21Communication!Summary!

#28 [歸納] 你以为 JavaScript 没数据结构么?2018-03-19 12:25:04Communication!Summary!

#27 [歸納] JavaScript 之高性能2019-09-20 13:56:28Communication!Summary!

#26 Microtasks? Macrotasks?2017-02-26 18:05:36Communication!

#25 gitbook-edit plugin ignores book.json root configuration element2017-02-24 18:53:37Communication!

#24 [譯] Align SVG Icons to Text and Say Goodbye to Font Icons2017-02-07 10:39:42Translations!

#23 [轉載] Discover the Full Story of City's Buildings2017-02-04 03:17:33Posts!Inspiration!

#22 All books has opened a button for editing on Github2016-11-21 09:38:58Author Announcement!GitBook!

#21 Mingtocat2016-10-22 12:42:38Design!

#20 Enhancement of Gitbook Treeview2016-10-20 11:59:22Enhancement!

#19 [譯] Google Interview University2018-10-29 18:58:52Translations!

#18 [轉載] Styling SVG Content with CSS2016-10-18 18:14:48Posts!Translations!

#17 Drawing in JavaScript2018-05-11 17:03:36Author Announcement!

#15 Learning React Redux2016-08-29 14:22:55Learning Plan!

#14 Learning React Router2016-08-25 10:55:38Learning Plan!

#13 Learning Webpack + React2016-08-25 10:47:15Learning Plan!

#12 GitBook Community in Google+2016-08-19 10:16:16GitBook!