I. Introduction
International information system security certification expert, working in Tsinghua University Information Network Engineering Research Center, director of Tsinghua University Network and Information Security Laboratory, director of Tsinghua University -Chianxin Group Joint Research Center, and head of China Education and Research Computer Network Emergency Team.
Second, achievements.
Mainly engaged in computer network security related research, operation management and teaching. He has more than 20 years of experience in the field of network security, mainly engaged in the research of network infrastructure and protocol security, intrusion detection and other fields.
He has undertaken the teaching of two courses in Tsinghua University, undertaken many national scientific research projects such as National 973, 863 and Natural Science Foundation, and won the ministerial-level scientific and technological progress award. He has published more than 20 academic papers in domestic and foreign academic journals or international conferences, including more than EI/SCI 10 and 7 monographs or translations.
He led the team to discover important security vulnerabilities of a series of basic protocols such as DNS, HTTPS, CDN and PKI, which prompted Google and CloudFlare to upgrade their security products many times, and prompted IETF and other international standardization organizations to modify their protocols many times, thus improving the security of the Internet.
A number of research results have been published in the four top security academic conferences with the fiercest international competition in network security, and have been widely used in the industry, with high influence in academic and industrial circles at home and abroad.
Third, honor.
2020 IETF Internet Research Task Force (IRTF) Network Research and Application Award;
20 18 Japan okawa fund award;
20 16 NDSS Excellent Paper Award of International Top Safety Academic Conference;
20 16 "Excellent Network Security Talents" of the Central Network Information Office.
Definition and characteristics of network security
1, definition
Network security includes network equipment security, network information security and network software security, which means to protect the hardware and software of the network system and the data in the system from being destroyed, changed or leaked by accidents or malicious reasons, so that the system can run continuously, reliably and normally without interrupting network services.
2. Features
(1) confidentiality
The feature that information will not be disclosed or used by unauthorized users, entities or processes.
(2) Integrity
The characteristics of data cannot be changed without authorization. In other words, information remains unchanged, not destroyed or lost during storage or transmission.
(3) Availability
Functions that authorized entities can access and use on demand. That is, whether the required information can be accessed when needed. For example, denial of service in the network environment, destroying the normal operation of the network and related systems, are all attacks on usability.
(4) controllability
Ability to control the dissemination and content of information.
(5) Auditability
Provide basis and means when security problems occur.