08系统装iss_安全信息系统| ISS | 第2部分

08系统装iss

信息安全—目标 (Information Security — Objectives)

Once the risks identified, it is desirable to determine the security objectives. These objectives are an expression of intent to counter identified risks and / or to comply with organizational security policies. A goal can be on the target system, its development environment or operating environment. These objectives can then be listed in security functions implementable on the information system.

一旦确定了风险，就需要确定安全目标。 这些目标表达了应对已识别风险和/或遵守组织安全策略的意图。 目标可以位于目标系统，其开发环境或操作环境上。 然后，可以在可在信息系统上实现的安全功能中列出这些目标。

保护系统的手段 (Means of securing a system)

整体设计 (Overall Design)

The security of an information system can be likened to a chain of links more or less resistant. It is then characterized by the level of security the weakest link.

信息系统的安全性可以比喻为或多或少具有抵抗力的链接链。 然后，以安全级别最弱的环节为特征。

Thus, the security of information system must be addressed in a global context:

因此，必须在全球范围内解决信息系统的安全问题：

• User awareness to security issues, or in some cases “awareness” (the English use the term awareness);
  用户对安全问题的意识，或在某些情况下为“意识”(英语使用术语“意识”)；
• Security information;
  安全信息；
• Data security, related to interoperability issues, and the needs of data consistency in distributed universe;
  与互操作性问题有关的数据安全性，以及分布式Universe中数据一致性的需求；
• Network Security;
  网络安全;
• Security of operating systems;
  操作系统的安全性；
• Security Telecommunications;
  安全电信；
• Application Security (buffer overflow), it requires secure programming example;
  应用程序安全性(缓冲区溢出)，它需要安全的编程示例；
• Physical security or security at the physical infrastructure (see “Recovery Strategy”).
  物理安全性或物理基础结构的安全性(请参阅“恢复策略”)。

Some data security is the basis of security of information systems because all systems use the data and common data are often very heterogeneous (format, structure, occurrence, etc.).

某些数据安全性是信息系统安全性的基础，因为所有系统都使用数据，并且公共数据通常非常异构(格式，结构，事件等)。

深度防御 (Defense in Depth)

Straight out of an old military practice and always topical, the principle of defense in depth is up to each secure sub-system as a whole, and opposes the vision of a secure system only in the periphery. As a purist, the concept of defense in depth means that the various components of an infrastructure or an information system does not trust the other components with which they interact. Thus, each component itself performs all validations necessary to ensure safety. In practice, this model is applied partly because it is usually impractical to duplicate all the security checks. In addition, it may even be preferable to consolidate multiple security checks in a component dedicated to this purpose. This component must be considered safe by the whole system.

深入防御的原则与古老的军事实​​践截然不同，并且始终是时事话题，它取决于每个安全子系统的整体，并且仅对外围的安全系统提出异议。 作为纯粹主义者，深度防御的概念意味着基础架构或信息系统的各个组件不信任与之交互的其他组件。 因此，每个组件本身都会执行确保安全性所需的所有验证。 在实践中，部分应用此模型是因为复制所有安全检查通常不切实际。 另外，甚至更可取的是将多个安全检查合并到专用于此目的的组件中。 整个系统必须将此组件视为安全的。

安全政策 (Security Policy)

The security of information systems is generally limited to guaranteeing rights of access to data and resources of a system, putting in place mechanisms for authentication and control. These mechanisms ensure that users of these resources have only the rights they were granted.

信息系统的安全性通常仅限于保证对系统数据和资源的访问权，并建立用于身份验证和控制的机制。 这些机制确保这些资源的用户仅拥有被授予的权利。

Computer security must however be studied in such a way that does not prevent users to develop uses that are necessary, and ensure that they can use the information system with confidence. That is why it is necessary to define a first time a security policy, that is to say:

但是，必须以不妨碍用户开发必要的使用方式并确保他们可以放心使用信息系统的方式研究计算机安全性。 这就是为什么有必要首次定义安全策略的原因，即：

• Develop rules and procedures, installation of technical tools in different departments of the organization (ranging from computer);
  制定规则和程序，在组织的不同部门(从计算机)安装技术工具；
• Define the action and persons to contact in case of an intrusion detection;
  定义入侵检测时要采取的行动和联系人员；
• Educate users on security issues of information systems;
  向用户介绍信息系统的安全性问题；
• Clarify the roles and responsibilities.
  明确角色和责任。

The security policy is therefore all the paths taken by an entity in terms of security. As such, it needs to be developed at the direction of the organization, because it affects all users of the system.

因此，安全策略是实体在安全方面采取的所有路径。 因此，它需要在组织的指导下进行开发，因为它会影响系统的所有用户。

负责系统安全信息 (Responsible for system security information)

However, in France, it is mainly large corporations, businesses and public administrations have appointed and employed on a full time or not, “responsible for security of information systems. The tasks of the function depends on political will, managers and technicians involved in general have a good computing experience combined with the qualities of teaching, belief, etc.. Gradually, the management of data security is organized into domains or sub domains of services or staff and are given adequate financial and human resources and integrate the planning contracts or programs of the company.

但是，在法国，主要由大型公司，企业和公共行政部门全职任命和雇用，“负责信息系统的安全性。 该功能的任务取决于政治意愿，通常所涉及的管理人员和技术人员都具有良好的计算经验，并具有良好的教学，信念等素质。员工，并获得足够的财务和人力资源，并整合公司的计划合同或计划。

Thus, it is not for administrators to define access rights for users, but line managers thereof or CISO (Chief of Security of Information Systems), if the position exists within the organization. The role of the administrator is to ensure that resources and access rights to them are consistent with the security policy adopted. Moreover, since it is the only one who knows the system well, it was up to back the information about security at his direction, possibly to advise on strategies to implement and to be the point of entry for users of communication problems and recommendations in terms of security.

因此，如果该职位存在于组织内部，则不是管理员为用户定义访问权限，而是为其直属经理或CISO(信息系统安全首长)定义权限。 管理员的角色是确保资源和对其的访问权限与所采用的安全策略一致。 此外，由于它是唯一一个了解该系统的人，因此应在他的指导下备份有关安全性的信息，可能就实施策略提供建议，并成为沟通问题和建议用户的切入点安全性。

正式的安全模型 (Formal models of security)

To achieve a target score with a good degree of confidence (level E4 minimum TCSEC), we formally define the concept of security in a model whose objectives are:

为了以良好的信心达到目标分数(最低E4级TCSEC)，我们在模型中正式定义了安全性概念，其目标是：

• Express the needs of safety integrated into a computer context,
  表达集成到计算机环境中的安全需求，
• Provide a means to justify the model is consistent
  提供证明模型一致的方法
• Provide the means to satisfy the needs are satisfied
  提供满足需求的手段
• Provide methods for designing and implementing the system.
  提供用于设计和实现系统的方法。

有几种正式的安全模型： (There are several formal models of security:)

• The Bell-LaPadula model (management mandate access, confidentiality, static) model that has been most used to check the security of computer systems. The designers of this model have demonstrated a theorem called Basic Security Theorem (BST). From this model were derived from other models: the Biba (access management by mandate, integrity, static), one of Dion (access management by mandate, confidentiality and integrity, static) of Jajodia and Sandhu (management Access by money, privacy, static).
  Bell-LaPadula模型(管理任务访问，机密性，静态)模型已被最广泛地用于检查计算机系统的安全性。 此模型的设计者已经证明了一个定理，称为基本安全定理(BST)。 从此模型中衍生出了其他模型：Biba(按授权，完整性，静态访问管理)，Jajodia和Sandhu的Dion(按授权，保密性和完整性访问管理)和Sandhu(按金钱，隐私，静态管理访问) )。
• The model of non-deduction (access management by mandate, confidentiality, dynamic) modeling the flow of information using concepts of logic. The security templates based on the principle of information flow are useful in controlling indirect access to information: they highlight the problem of covert channels.
  非推理模型(按权限，机密性，动态性进行访问管理)使用逻辑概念对信息流进行建模。 基于信息流原理的安全模板可用于控制对信息的间接访问：它们突出了隐蔽渠道的问题。
• The HRU model (discretionary access management) and its derivatives, the Take-Grant model and the model SPM.
  HRU模型(自由访问管理)及其派生，Take-Grant模型和SPM模型。

业务连续性计划(BCP) (Business Continuity Plan (BCP))

Faced with the increasing criticality of information systems within companies, it is now essential to have a security plan for the activity.

面对公司内部信息系统的日益严格的要求，现在有必要为该活动制定安全计划。

The plan is divided into two distinct levels:

该计划分为两个不同的级别：

• The Disaster Recovery Activity (PRA) also called back “cold” which is used to restart “fast” activity after a disaster, with restoration of a backup system with data from the last backup
  灾难恢复活动(PRA)也称为“冷”，用于在灾难后重新启动“快速”活动，并使用上次备份中的数据还原备份系统
• Continuity Plan (BCP) also called recovery “hot” which, by a redundant infrastructure and continuous data replication between sites, maintains the activity in case of major loss of one of sites.
  连续性计划(BCP)也称为恢复“热”，通过冗余基础结构和站点之间的连续数据复制，可以在站点之一严重丢失的情况下维持活动。

Each of these plans attempt to minimize data loss and increase responsiveness in case of major disaster; an effective BCP must in principle be virtually transparent to users and ensure data integrity with no loss information. The implementation of a particular solution is often determined by the functional and budgetary constraints.

这些计划中的每一个都试图最大程度地减少数据丢失并在发生重大灾难时提高响应能力。 有效的BCP原则上必须对用户几乎是透明的，并确保数据完整性而不会丢失任何信息。 特定解决方案的实施通常取决于功能和预算约束。

技术资源 (Technical Resources)

In many ways technology can be implemented to ensure system security information. It should choose the means necessary, sufficient and fair. Here is a list of technical resources that can meet certain needs in terms of system security information:

可以通过多种方式实施技术以确保系统安全信息。 它应该选择必要，充分和公平的手段。 以下是可以在系统安全信息方面满足某些需求的技术资源列表：

• Control access to the information system;
  控制对信息系统的访问；
• Network monitoring: snort, intrusion detection system;
  网络监控：snort，入侵检测系统；
• Application Security: privilege separation, code auditing, reverse engineering;
  应用程序安全性：特权分离，代码审核，逆向工程；
• Use of technology ad-hoc: Firewalls, UTM, Anti-malware (antivirus), antispam, and spyware;
  临时使用技术：防火墙，UTM，反恶意软件(反病毒)，反垃圾邮件和间谍软件；
• Cryptography: strong authentication, PKI, encryption.
  密码：强身份验证，PKI，加密。

Study: From Wikipedia, the free encyclopedia. The text is available under the Creative Commons.

研究：来自维基百科，免费的百科全书。 该文本可在“ 知识共享”下找到 。

翻译自: https://www.eukhost.com/blog/webhosting/security-information-system-iss-part-2/

08系统装iss