Mainly refers to the protection of the hardware, software and data in the network system from being destroyed, changed or leaked due to unexpected or malicious factors, so that the system can run continuously, reliably and normally without interrupting the network service.
Broadly speaking, all technologies and theories related to the confidentiality, integrity, availability, authenticity and controllability of information on the network are the research fields of network security.
Network security is a very complicated problem. For many technical and management reasons, the security of the network is determined by the host system, applications and services, routing, network, security equipment, network management and management system.
1. confidentiality: ensure that information will not be exposed to unauthorized entities and processes;
2. Integrity: protect the data from being modified by unauthorized entities, and be able to judge whether the data has been tampered with;
3. Availability: The authorized entity can access the data when needed, that is, the attacker can't occupy all the resources and hinder the work of the licensor;
4. Controllability: it can control the information flow and behavior within the scope of authorization;
5. Auditability: Provide a basis and means for investigating emerging network security issues.
The all-round and integrated network security prevention system is hierarchical, and different levels reflect different security issues.
According to the national computer security standards, it can be roughly divided into three categories: entity security, network and information security and application security.
According to the application status and organization form of the network, the security system can be divided into five layers:
1. Physical layer security: including communication line security, physical equipment and computer room security, etc. Mainly reflected in the reliability of communication lines, the safety of hardware and software equipment, equipment backup, disaster prevention ability, anti-interference ability, equipment operating environment and uninterrupted power supply guarantee.
2. System layer security: the security of the operating system used in the network is mainly reflected in three aspects: (1) the unsafe factors brought by the defects of the operating system itself, mainly including identity authentication, access control and system loopholes; (2) Security configuration of operating system; (3) The threat of virus to the operating system.
3. Network layer security: mainly includes network layer identity authentication, access control of network resources, confidentiality and integrity of data transmission, security of remote access, security of domain name system, security of routing system, intrusion detection means and anti-virus of network facilities.
4. Application layer security: It is mainly caused by the security of application software and data that provide services, including Web services, email systems and DNS, and also includes the threat of viruses to the system.
5. Management safety: mainly including the management of safety technology and equipment, safety management system, organizational rules of departments and personnel, etc.