Computer network 5000-word model essay 1 Analysis of computer network security maintenance in public institutions.
Under the background of information age, computer network technology is widely used in office and management of public institutions. Information can be shared through computer network, which effectively improves work efficiency. In the process of operation and management of public institutions, a large number of confidential information about the unit will enter the computer. When the computer network faces security problems, it may lead to information leakage, which is unfavorable to the development of the unit. Therefore, it is of great significance to analyze the security problems faced by public institutions in the process of computer network operation, and then put forward security maintenance measures for improving the security of computer networks.
Keywords: computer network security management; Public institutions; operate
Because of the high degree of office automation and fast running speed, computer network can effectively improve work efficiency. At present, the application scope of computer network in institutions is expanding, and all kinds of work can be done through the network. Through the internal network of the company, you can get all the information of the company in detail. However, due to the openness of the computer network itself, and the security problem of the computer network has not been completely solved, it has had a certain impact on the organization. If the network information is leaked, it will not only lead to the disclosure of customer information, but also all kinds of confidential information within the enterprise will face great risks, seriously damaging the vital interests of individuals and units. Therefore, it is necessary to strengthen the security maintenance of computer networks in public institutions. From the system construction to the actual operation and implementation, perfect protection measures are needed to ensure the safety of internal information of the unit.
1 Main factors affecting computer network security
* * * Enjoy 1. 1 network resources.
Resource sharing is the main feature of computer network operation. Only by sharing resources can we deepen the relationship between departments and improve work efficiency. However, it is precisely because * * * enjoys the resources that it provides the attacker with the technology to undermine security, because when the information resources inside the unit allow external service requests, the attacker can take advantage of this opportunity to carry out network attacks, thus obtaining the information inside the unit.
Openness of 1.2 network
The network is characterized by openness, and any user in any country in the world can participate in the network. Moreover, with the gradual expansion of the network function of network information, it will be easier to obtain the information of units and individuals on the network. For example, the human flesh search used in the network can be directly related to the real society through the participation of all netizens or any information they want.
1.3 network operating system vulnerability
Network operating system is the main form of network information operation. Through the operation of hardware system and software system, various network behaviors can be realized. However, due to the complexity of network protocols, there must be various defects and loopholes in the operation process, which is a security problem that cannot be completely solved at present.
1.4 network system design defects
Network design refers to the design of topological structure and the selection of various network devices. Network equipment, network protocol, network operating system, etc. Will directly bring security risks. Reasonable network design can also provide better security under the condition of saving resources, while unreasonable network design will become the security threat of the network.
1.5 malicious attack
Malicious attack is the most important security problem faced by computer networks. Hackers use superb technical means, Trojan virus and other means to invade the internal computer network of the unit, maliciously tamper with or steal the internal information of the unit, and cause certain losses to the unit. With the improvement of hacker's level, the success rate of this malicious attack will be higher, and the defense ability will be weaker for general institutions.
2 computer network security precautions
2. 1 firewall technology
Firewall is the barrier of network security, and configuring firewall is one of the most basic, economical and effective security measures to realize network security. Firewall refers to the combination of software or hardware equipment, which is located between the computer of a unit or network group and the external channel, restricting the access of external users to the internal network and managing the access rights of internal users to the external network. When a network is connected to the Internet, the security of the system should not only consider the computer virus and the robustness of the system, but also prevent the invasion of illegal users. At present, the prevention measures are mainly completed by firewall technology.
Firewall can greatly improve the security of internal network and reduce risks by filtering unsafe services. Firewall can strengthen the network security policy, and all security software (such as password, encryption and authentication) can be configured on the firewall through the firewall-centered security scheme. Secondly, monitor and audit the network access and access. If all the accesses go through the firewall, the firewall can record these accesses and make a log record, and at the same time, it can provide statistical data of network usage. When suspicious behavior occurs, the firewall can issue appropriate alarms and provide detailed information about whether the network is being monitored or attacked. Third, prevent internal information from leaking. Using firewall to divide the internal network can isolate the key network segments of the internal network, thus reducing the impact of local key or sensitive network security issues on the global network.
2.2 Data encryption and user authorization access control technology
Compared with firewall technology, data encryption and user authorization access control technology are more flexible, especially suitable for information security prevention within the unit. Data encryption technology is mainly used to protect dynamic information. In the face of external attacks, it can detect attacks in time and give corresponding protection, while for passive attacks, it can effectively avoid attacks. Data encryption technology is mainly accomplished by "key", and the key can only be mastered by authorized users, which can effectively protect information security. User authorization access control technology is a way to control visitors according to the degree of information confidentiality within the company, which is mainly implemented in the operating system. The company divides information into several security levels according to its confidentiality, and then only those with corresponding rights can access the information at the corresponding level, which is generally realized by double protection of user name and password.
2.3 Intrusion detection technology
Intrusion detection system is a network security system that collects information from various computer systems and network systems, and then analyzes the intrusion characteristics through these information. IDS is considered as the second security gate behind the firewall. It can detect intrusion attacks before they do harm to the system, and use alarm and protection systems to drive them out. In the process of intrusion attack, the loss caused by intrusion attack can be reduced; After being attacked by an invasion, the relevant information of the invasion attack is collected as the knowledge of the defense system, which is added to the strategy set to enhance the defense ability of the system and avoid the system from being invaded by the same type again. There is also anti-virus technology, mainly for the use of anti-virus software. Strengthen the construction of internal security management team in the unit and improve the level of computer network security protection. Improve the operating system security and physical security of network hosts, and provide favorable basic guarantee for the development of firewall technology.
3 Conclusion
Computer network is a complex system with extremely powerful functions, but it brings convenience to people's work and life, and at the same time, there are certain security risks. If the network information is tampered with or stolen, it will cause great losses to the unit, so a perfect network information security protection system should be established within the unit. In order to ensure the safe operation of the computer network in the unit, it is necessary to strengthen the awareness of computer network security prevention of all employees, use advanced network security prevention technology and take comprehensive network security prevention measures to improve the comprehensive business level of computer managers and create a healthy network environment for the efficient operation of the unit.
References:
Huang Xiang. Exploration on strengthening the management level of computer network security in public institutions [J]. Computer CD-ROM software and application, 20 1 4,5,1.
[2] Tan Renwei. On the security management of computer network in public institutions [J]. Computer CD-ROM software and its application, 2012,4,8.
[3] Zhou Wei. On the problems and countermeasures of computer network maintenance in public institutions [J]. Computer CD-ROM software and application, 2013,6, 15.
A 5000-word model essay on computer network 2 on the security and confidentiality methods of confidential computer networks
This paper analyzes the security problems and solutions of classified computer networks, attaches importance to the security engineering construction of classified systems, and puts forward corresponding security suggestions.
Keywords: classification system; Computer network security; security policy
The security engineering of classified system is complicated. In the process of dealing with this problem, we need to consider the security scheme of the secret-related system, and meet the actual needs of the secret-related computer through the effective design of the security scheme. In the process of analyzing this problem, this paper starts from two aspects: security scheme design and security strategy. The specific analysis content is as follows.
I. Design of safety scheme
The security system of classified computer network includes three parts: computer terminal, server and wireless mobile platform, covering a lot of contents. In the specific application process, it is necessary to authenticate the user's authority, and only after passing the identity identification can you log in to the system and operate the system accordingly. The network security control system includes authorization, USB control, network interface and authorized access to confidential terminals. Through the control and monitoring of network transmission data, the leakage of important information in the system is prevented, and the security and reliability of the system are ensured [1].
Generally speaking, in the process of designing a confidentiality scheme, the following points are usually considered:
(1) server security: the server security problem involves the link and encryption operation between the server and the communication port, and the operator should be authenticated accordingly. At the same time, the design of server security scheme also involves the control of management authority, using USB token password to achieve the purpose of control.
(2) Client security: Client security issues mainly involve file transmission protection, including transmission process, registry, remote access monitoring and other related contents. Client security needs to avoid the destruction of the client agent, and it needs to take two-way protection measures from USB interface, I/O port and local hard disk to encrypt. To ensure the safety of customers.
(3) Management security: Management security mainly lies in authenticating the identity information of managers. Through USB token, managers can obtain management rights and manage computer systems.
Second, the security solution of classified computer network
To solve the security problems of classified computer networks, we should consider distinguishing classified systems from non-classified systems, dividing security domains within classified systems, focusing on managing important document information, and improving the security and reliability of classified systems. The specific solutions are as follows:
(1) Classification of classification system and non-classification system.
In the application of security scheme of classified computer network, it is necessary to distinguish classified system from non-classified system, so that there is a clear boundary between them, so as to manage classified system pertinently. In the process of using secret-related systems, international networking cannot be carried out, and the physical layer should be used to distinguish. At the same time, combined with security and confidentiality technology, we should focus on the management of confidential systems, adopt basic management methods for non-confidential systems, reasonably divide the cost of confidentiality and reduce the cost of confidentiality. In the process of confidentiality of classified system, it is necessary to clarify the scale and scope of classified system to ensure that the work is highly targeted [2]. Generally speaking, in the process of protecting secret-related systems, there is a situation that the secrecy is too strict and irregular, which leads to the increase of the cost of security and secrecy, and also makes some information that needs to be kept secret ignored, which is not conducive to the security work of secret-related systems. In view of this situation, it is necessary to pay due attention to the security work, and pay attention to the actual situation in the gymnastics process, choose effective security measures, and improve the security of the system.
(2) Strengthen the division of security domains.
Set the corresponding security domain in the hierarchical system, including security policy domain and subject-object protection. In the process of dividing the internal security domain of the system, it is necessary to consider the network structure such as local area network and logical subnet, so as to effectively consider the division of the internal security domain of the classified system. The composition of security domain structure needs to be divided according to the classification and importance of information, and combined with the concepts of VLAN and domain to ensure that the division of security domain meets the actual needs.
(3) Pay attention to strengthening management.
In the security process of classified computer network security system, due to some deficiencies in technical means, there may be some system security risks. In this way, in view of the technical defects, we can make up for the problems through management. Generally speaking, the ratio of management and technology of security system of classified computer system is 7:3, and management is more important for the security of classified computers. After the design of security system is completed, it is necessary to strengthen management according to the specific situation, realize the close combination of management means and technical means, and improve the safety and reliability of security system.
The key to the security of classified computer networks lies in the organic combination of technical means and management means. Only in this way can the probability of the system being illegally invaded be reduced. However, due to some loopholes in technical means, security problems have affected classified computer systems. In view of this situation, we should pay attention to separate the classified system from the non-classified system, effectively divide the security domain within the classified system, and strengthen management to ensure that important information is not leaked and improve the reliability of the system.
refer to
[1] Yu Di. Analysis of security solutions based on confidential computer networks [J]. China New Communication, 20 14, 03:35.
[2] Liu Yong. Analysis of security solutions based on confidential computer networks [J]. Information and Communication, 2014,02: 92.
& gt& gt& gt More exciting "Computer Network 5000 Words Model essay" next page.