计算机专业英语Chapter课件11

1、内容正文Intrusion Detection Systems and Intrusion Response MechanismAn Introduction to Information Security阅读材料Introduction to FirewallInternet Security Architecture1 Intrusion Detection Systems and Intrusion Response Mechanism1. Introduction2. Intrusion responses2.1. Why Automatic Intrusion Response 2.

2、2 The key factor of development of automatic intrusion response systemKey Wordsintrusion detection system入侵检测系统anomalyn. 异常intrusion response system入侵反应系统orifice n. 漏洞NotesThere are many solutions for the first problem, such as using new detection algorithms, improvement of old algorithms, fusion of

3、 multiple classifiers and extending detection range of systems etc.第一个问题有很多种解决方案，比如使用新的检测算法、改进已有的算法、融合多种分类器并扩展检测范围等等。Intrusion responses are a series actions and countermeasures when an intrusion is detected. These actions and measures can prevent further attacks or restore the system to a normal st

4、ate.入侵响应是当检测到入侵后采取的一系列的行动和对策，这些行动和对策可以防止进一步的攻击或者恢复系统到正常状态。2 An Introduction to Information Security1. Information Security and Cryptographic Systems 1.1 What is Information Security? 1.2 What Services do Cryptographic Systems Provide? 2. Types of Cryptographic Systems 3. Security Services using Publ

5、ic-Key Cryptosystems 3.1 Public-Key Encryption Confidentiality3.2 Digital Signatures3.3 Signed Challenges 3.4 Certification Authorities Key Wordsinformation security信息安全confidentialityn. 机密性concealmentn. 隐藏auditn. 审计authenticationn. 验证repudiatev. 否认plaintextn. 明文ciphertextn. 加密文本symmetric-key crypto

6、system对称密码体制public-key cryptosystem公钥密码体制Key Wordsdivulgev. 泄露hash function散列函数message digest信息摘要challengen. 挑战mutual authentication双向认证subtletyn. 微妙之处，精华certificaten. 证书Certification Authority证书颁发机构revokev. 撤销reapv. 获得NotesSimply put, information security describes all measures taken to prevent una

7、uthorized use of electronic data - whether this unauthorized use takes the form of disclosure, alteration, substitution, or destruction of the data concerned.简而言之，信息安全描述了所有用于防止未经授权使用电子数据的方法。无论这个未授权所采用的是公开、修改、替代还是破坏相关数据的形式。That is, the receiver of a transaction is able to demonstrate to a neutral thi

8、rd party that the claimed sender did indeed send the transaction.也就是说，事务的接收方能够向中立的第三方证明发送方的确发送了事务。NotesReal-world applications are rarely straightforward, so a typical implementation will require that various services provided by a cryptosystem be combined to provide a variety of services simultaneo

9、usly.用于实际生活的应用很少是简单的，所以一个典型的实现通常需要密码系统同时提供多种服务。The essential difference between the use of a public-key cryptosystem for signing and its use for encrypting is that the order in which the keys are used is reversed.使用公钥加密技术进行签名和加密的根本区别在于使用密钥的顺序是相反的。NotesSuppose that Eve is also able to place a public

10、key of her choice into this public directory, claiming that the key belongs to Bob. When Alice now encrypts confidential information and sends it to Bob, Eve intercepts the ciphertext and decrypts the information herself.假设Eve也可以将自己选的公钥放入这个公共号码簿，并且声明这个密钥是Bob的。 当Alice将经过加密的保密信息发给Bob时, Eve可以截取加密文本并自己解

11、密信息。Reading Material 1 Introduction to FirewallProtocols ApplicationsOSI Model LayerOSI Model DescriptionFirewall GenerationDNS, FTP, HTTP, etc.7ApplicationApplication Proxy6Presentation5SessionTCP / UDP4TransportPacket FilterIP3NetworkPacket Filter2Data Link1PhysicalTodays Firewall Solution MatrixR

12、eading Material 1 Introduction to FirewallFirewall ArchitectureReading Material 2 Internet Security Architecture1. Introduction2. IP Security3. Transport Layer Security4. Key Management5. Domain Name System Security ExtensionsExercises IDS stands for _._ are a series actions and countermeasures when

13、 an intrusion is detected.AIRS stands for _.Current intrusion response systems can be categorized as _, _, or _.Cryptographic systems (or cryptosystems) potentially provide all three objectives of information security: _, _, and _.In a cryptographic system, _ assurance that the parties involved in a real-time transaction are who they