مبانی رایانش امن یکی از کتاب های رشته مهندسی کامپیوتر است. این محصولی که در سایت قرار داده شده در قالب pdf و به صورت زبان اصلی و بدون ترجمه می باشد. توضیحاتی که در زیر به زبان فارسی قرار داده شده فقط جهت آشنایی شما عزیزان با مفهوم رایانش امن می باشد که در ادامه، مباحثی از همین کتاب را به صورت زبان اصلی در اخیتار شما دوست داران علم قرار می دهیم.
مبانی رایانش امن
مفهوم رایانش computing
به تمامی کارهایی که بتوان توسط کامپیوتر انجام داد رایانش میگویند.
سوال:تفاوت رایانش امن با مفهوم عمومی امنیت چیست؟
به تمام مسائل امنیتی که مربوط به امور کامپیوتر می شود رایانش امن می گویند. بنابراین شامل شبکه, ویروس, کامپیوتر شخصی و…می شود. به طور کلی در رایانش امن«دانش» نقش ایفا می کند.
بنابراین شکل تأمین امنیت در دنیای کامپیوتر با تأمین امنیت در حالت عادی تفاوت دارد.
به طور کلی برقراری امنیت به دو دسته تقسیم می شود:
- برقراری امنیت برای حمله پکت های بیرونی external attack شبکه که وارد یا خارج میشوند.
- برقراری امنیت برای حمله های داخلی internal attack
مفاهیم امنیت کامپیوتر
- از همان روز اول پیدایش کامپیوتر، بحث امنیت آن مطرح بوده است. ابتدا بیشتر بحث امنیت از طریق ابزارهای سخت افزاری تامین می شد. مثلا درهای دارای قفلهای محکم و یا رمز گذاشتن روی قفسه های تجهیزات شبکه یا مستندات مهم.
- سیستمهای توزیع شده نیز تاثیر زیادی بر بحث امنیت گذاشتند.
- بحث «امنیت کامپیوتر» خیلی نمی توانند از همدیگر تفکیک شوند چراکه مثلا انتقال ویروس از طریق یک فلش درایو به امنیت کامپیوتر مربوط است ولی همین ویروس ممکن است از طریق اینترنت به کامپیوتر وارد شود.
- امنیت کامپیوتر: مجموعه ای از ابزارهای طراحی شده برای حفاظت داده ها و خنثی نمودن حملات هکرها.
- تعریف سازمان NIST از امنیت کامپیوتر: حفاظت اعمال شده روی سیستم اطلاعاتی مکانیزه جهت حفظ صحت (Integrity)، در دسترس پذیری (availability)، و محرمانه بودن (confidentiality) منابع سیستم های اطلاعاتی (شامل: سخت افزار، نرم افزار، میان افزار، اطلاعات/ داده و ارتباطات).
- از سال 2000 به بعد,مبحث امنیت و لزوم داشتن سیستم های امن اهمیت زیادی پیدا کرد. هر ساله آمارهای مختلفی از حملات به شبکه های مختلف سازمان ها اعم از شبکه های بانکی,سیاسی, پزشکی و…گزارش می شود. بسیاری دیگر نیز در جایی ثبت و گزارش نشده است.
تعریف
تهدید امنیتی security threat
هر عاملی(هرکس یا هرچیز لزوما هکرها نیستند) که به طور بالقوه (یعنی هنوز اتفاق نیافتاده است اما می تواند باعث بروز مشکل شود) بتواند منجر به وقوع رخدادی خطرناک شود یک تهدید امنیتی است. تهدید های امنیتی از عوامل زیر ناشی میشوند.
- تهدیدهای طبیعی: عواملی نظیر سیل و زلزله و غیره که جزء حقایق زندگی هستند ولی می توانند منجر به افشای اطلاعات محرمانه یا اختلال در سرویس دهی شوند. پس درابتدای طراحی شبکه باید این تهدید ها در نظر گرفته شده و برایشان چاره هایی اندیشید. به عنوان مثال: ایجاد مراکز پشتیبان در مناطق جغرافیایی دیگر یا استفاده از خطوط ماهواره در کنار خطوط فیبر نوری.
- تهدیدهای غیر عمدی: این گونه تهدیدات می تواند ناشی از اشتباهات سهوی عوامل انسانی باشد. به عنوان مثال: طراحی غلط زیر ساخت شبکه، عدم تهیه ی پشتیبان، وجود افزونگی در تجهیزات شبکه، عدم بررسی به موقع خطراتی نظیر ویروس ها وغیره، عدم بررسی به موقع آنتی ویروس ها غیره، بروز اشکالات ناخواسته نظیر bug در یک سیستم عامل یا نرم افزار یا سخت افزار,عدم تغییر پسورد و اصلاح سیاست ها.
- تهدیدهای عمدی: هرگونه اقدام برنامه ریزی شده جهت افشاء، نابودی، تغییر در داده ها یا ایجاد اختلال در سرویس دهی و غیره.
تعریف برخی واژه ها در دنیای امنیت
- حمله(Attack): هنگامی که تهدیدی از حالت بالقوه به بالفعل تبدیل شود میگوئیم حمله رخ داده است(به این معنی که از تهدید یا نقطه ضعف برای حمله استفاده می شود). حمله ممکن است منجر به خسارت بشود یا نشود.
- آسیب یا خسارت (Harm): وقتی حمله ای صورت گیرد که منابع شبکه را از بین ببرد یا دستکاری کند، داده ها افشاء شوند، حریم خصوصی افراد نقض شود، یا بطور غیر مجاز از امکانات و خدمات شبکه استفاده شود، آسیب وارد شده است.
- حاشیه امنیت(Security margin): تخمین یا شناسایی قبلی از تهدیداتی که متوجه یک موجودیت (وب سرور، کلید رمز، کابل های شبکه، بی سیم، افراد، دیتابیس یا حتی table ،سیستم عامل وغیره) است و اتخاذ تمهیداتی (چاره هایی) برای پیشگیری از آن تهدیدات را حاشیه امنیت آن موجودیت می گویند. قبل از ارائه هر نوع سرویس، باید حاشیه امنیت آن ایجاد گردد. در واقع حاشیه امنیت از تبدیل “تهدید” به “حمله” جلوگیری می کند.
- نقطه آسیب پذیری(Vulnerability): هرگونه ضعف یا اشکال در موجودیت های شبکه که بتواند منجر به حمله شود، نقطه آسیب پذیری نامیده می شود. مثلا یک پورت خاص یا یک امکان خاص مثل آپلود در نرم افزار.
- میزان خطر(Risk): تخمینی از احتمال وقوع یک حمله و پیش بینی خساراتی که بالقوه به بار خواهد آمد، میزان خطر را تعین می کند. مثلا تخمین اینکه به ازای هر ساعت از دسترس خارج شدن شبکه، چه میزان خسارت مالی به شرکت وارد می شود.این تخمین کمک می کند تا براساس اولویت بندی برای هر مورد بودجه خاصی اختصاص دهیم.
- استراتزی امنیتی/ استراتژی خطر(Srcurity/ risk strategy): تعیین دقیق راهکارهای مقابله با هر کدام از تهدیدات.
- سرویس های امنیتی(Security services): پیاده سازی مکانیزم های امنیتی به طوری که کمترین ریسک(خطر) امنیتی را داشته باشیم.
PART One
In this section of the book, I cover the basics of security engineering technology. The first chapter sets out to define the subject matter by giving an overview of the secure distributed systems found in four environments: a bank, an air force base, a hospital, and the home. The second chapter is on security protocols, which lie at the heart of the subject: they specify how the players in a system—whether people, computers, or other electronic devices—communicate with each other. The third, on passwords and similar mechanisms, looks in more detail at a particularly simple kind of security protocol that is widely used to authenticate people to computers, and provides the foundation on which many secure systems are built.
The next two chapters are on access control and cryptography. Even once a client (be it a phone, a PC, or whatever) has authenticated itself satisfactorily to a server—whether with a password or a more elaborate protocol—we still need mechanisms to control which data it can read or write on the server, and which transactions it can execute. It is simplest to examine these issues first in the context of a single centralized system (access control) before we consider how they can be implemented in a more distributed manner using multiple servers, perhaps in different domains, for which the key enabling technology is cryptography. Cryptography is the art (and science) of codes and ciphers. It is much more than a technical means for keeping messages secret from an eavesdropper. Nowadays it is largely concerned with authenticity and management issues: “taking trust from where it exists to where it’s needed” [535].
The final chapter in this part is on distributed systems. Researchers in this field are interested in topics such as concurrency control, fault tolerance, and naming. These take on subtle new meanings when systems must be made resilient against malice as well as against accidental failure. Using old data—replaying old transactions or reusing the credentials of a user who has left some time ago—is a serious problem, as is the multitude of names by which people are known to different systems (email addresses, credit card numbers, subscriber numbers, etc.) Many system failures are due to a lack of appreciation of these issues.
Most of the material in these chapters is standard textbook fare, and the chapters are intended to be pedagogic rather than encyclopaedic, so I have not put in as many citations as in the rest of the book. I hope, however, that even experts will find some of the case studies of value.
CHAPTER 1
?What Is Security Engineering
Security engineering is about building systems to remain dependable in the face of malice, error, or mischance. As a discipline, it focuses on the tools, processes, and methods needed to design, implement, and test complete systems, and to adapt existing systems as their environment evolves.
Security engineering requires cross-disciplinary expertise, ranging from cryptography and computer security through hardware tamper-resistance and formal methods to a knowledge of applied psychology, organizational and audit methods and the law. System engineering skills, from business process analysis through software engineering to evaluation and testing, are also important; but they are not sufficient, as they deal only with error and mischance rather than malice.
Many security systems have critical assurance requirements. Their failure may endanger human life and the environment (as with nuclear safety and control systems), do serious damage to major economic infrastructure (cash machines and other bank systems), endanger personal privacy (medical record systems), undermine the viability of whole business sectors (pay-TV), and facilitate crime (burglar and car alarms). Even the perception that a system is more vulnerable than it really is (as with paying with a credit card over the Internet) can significantly hold up economic development.
The conventional view is that while software engineering is about ensuring that certain things happen (“John can read this file”), security is about ensuring that they don’t (“The Chinese government can’t read this file”). Reality is much more complex. Security requirements differ greatly from one system to another. One typically needs some combination of user authentication, transaction integrity and accountability, fault tolerance, message secrecy, and covertness. But many systems fail because their designers protect the wrong things, or protect the right things but in the wrong way.
In order to see the range of security requirements that systems have to deliver, we will now take a quick look at four application areas: a bank, an air force base, a hospital, and the home. Once we have given some concrete examples of the kind of protection that security engineers are called on to provide, we will be in a position to attempt some definitions.
Example 1: A Bank
Banks operate a surprisingly large range of security-critical computer systems:
The core of a bank’s operations is usually a branch bookkeeping system. This keeps customer account master files plus a number of journals that record the day’s transactions. The main threat to this system is the bank’s own staff; about one percent of bankers are fired each year, mostly for petty dishonesty (the average theft is only a few thousand dollars). The main defense comes from bookkeeping procedures that have evolved over centuries. For example, each debit against one account must be matched by an equal and opposite credit against another; so money can only be moved within a bank, never created or destroyed. In addition, large transfers of money might need two or three people to authorize them. There are also alarm systems that look for unusual volumes or patterns of transactions, and staff are required to take regular vacations during which they have no access to the bank’s premises or systems.
The public face of the bank is its automatic teller machines. Authenticating transactions based on a customer’s card and personal identification number— in such a way as to defend against both outside and inside attack—is harder than it looks! There have been many local epidemics of “phantom withdrawals” when villains (or bank staff) have found and exploited loopholes in the system. Automatic teller machines are also interesting as they were the first large-scale commercial use of cryptography, and they helped establish a number of crypto standards.
Behind the scenes are a number of high-value messaging systems. These are used to move large sums of money (whether between local banks or between banks internationally); to trade in securities; to issue letters of credit and guarantees; and so on. An attack on such a system is the dream of the sophisticated white-collar criminal. The defense is a mixture of bookkeeping procedures, access controls, and cryptography.
Most bank branches still have a large safe or strongroom, whose burglar alarms are in constant communication with a security company’s control center. Cryptography is used to prevent a robber manipulating the communications and making the alarm appear to say “all’s well” when it isn’t.
Over the last few years, many banks have acquired an Internet presence, with a Web site and facilities for customers to manage their accounts online. They also issue credit cards that customers use to shop online, and they acquire the resulting transactions from merchants. To protect this business, they use stan dard Internet security technology, including the SSL/TLS encryption built into Web browsers, and firewalls to prevent people who hack the Web server from tunneling back into the main bookkeeping systems that lie behind it.
We will look at these applications in later chapters. Banking computer security is important for a number of reasons. Until quite recently, banks were the main nonmilitary market for many computer security products, so they had a disproportionate influence on security standards. Second, even where their technology isn’t blessed by an international standard, it is often widely used in other sectors anyway. Burglar alarms originally developed for bank vaults are used everywhere from jewelers’ shops to the home; they are even used by supermarkets to detect when freezer cabinets have been sabotaged by shop staff who hope to be given the food that would otherwise spoil.
Example 2: An Air Force Base
Military systems have also been an important technology driver. They have motivated much of the academic research that governments have funded into computer security in the last 20 years. As with banking, there is not one single application but many:
Some of the most sophisticated installations are the electronic warfare systems whose goals include trying to jam enemy radars while preventing the enemy from jamming yours. This area of information warfare is particularly instructive because for decades, well-funded research labs have been developing sophisticated countermeasures, counter-countermeasures, and so on—with a depth, subtlety, and range of deception strategies that are still not found elsewhere. Their use in battle has given insights that are not available anywhere else. These insights are likely to be valuable now that the service-denial attacks, which are the mainstay of electronic warfare, are starting to be seen on the Net, and now that governments are starting to talk of “information warfare.”
Military communication systems have some interesting requirements. It is often not sufficient just to encipher messages: an enemy, who sees traffic encrypted with somebody else’s keys may simply locate the transmitter and attack it. Low-probability-of-intercept (LPI) radio links are one answer; they use a number of tricks, such as spread-spectrum modulation, that are now being adopted in applications such as copyright marking.
Military organizations have some of the biggest systems for logistics and inventory management, and they have a number of special assurance requirements. For example, one may have a separate stores management system at each different security level: a general system for things like jet fuel and boot polish, plus a second secret system for stores and equipment whose location might give away tactical intentions. (This is very like the business that keeps separate sets of books for its partners and for the tax man, and can cause similar problems for the poor auditor.) There may also be intelligence systems and command systems with even higher protection requirements. The general rule is that sensitive information may not flow down to less-restrictive classifica tions. So you can copy a file from a Secret stores system to a Top Secret command system, but not vice versa. The same rule applies to intelligence systems that collect data using wiretaps: information must flow up to the intelligence analyst from the target of investigation, but the target must not know which communications have been intercepted. Managing multiple systems with information flow restrictions is a difficult problem that has inspired a lot of research.
The particular problems of protecting nuclear weapons have given rise over the last two generations to a lot of interesting security technology. These range from electronic authentication systems, which prevent weapons being used without the permission of the national command authority, through seals and alarm systems, to methods of identifying people with a high degree of certainty using biometrics such as iris patterns.
The civilian security engineer can learn a lot from these technologies. For example, many early systems for inserting copyright marks into digital audio and video, which used ideas from spread-spectrum radio, were vulnerable to desynchronization attacks, which are also a problem for some spread-spectrum systems. Another example comes from munitions management, in which a typical system enforces rules such as, “Don’t put explosives and detonators in the same truck.” Such techniques may be more widely applicable, as in satisfying hygiene rules that forbid raw and cooked meats being handled together.
#کتاب مبانی رایانش امن#کتاب رایانش امن#pdf کتاب مبانی رایانش امن#pdfکتاب رایانش امن#دانلود کتاب مبانی رایانش امن#دانلود pdf مبانی رایانش امن#مبانی رایانش امن#رایانش امن#دانلود کتاب رایانش امن#دانلود کتاب مبانی رایانش امن رشته مهندسی کامپیوتر#دانلود مبانی رایانش امن رشته مهندسی کامپیوتر#دانلود pdf کتاب مبانی رایانش امن رشته مهندسی کامپیوتر#دانلود pdf مبانی رایانش امن رشته مهندسی کامپیوتر#معماری کامپیوتر#شبکه های کامپیوتری
نقد و بررسیها
هیچ دیدگاهی برای این محصول نوشته نشده است.