鉴于写论文的痛苦 现把我论文的部分内容公布

以供同学们共享使用

Characteristics of

computer intrusion and kinds of security breaches

1.

Characteristics of computer intrusion

The target of a crime involving computers may be

any piece of the computing system. A computing system is a

collection of hardware, software ,storage media, data, and persons

that an organization uses to do computing tasks. Whereas the

obvious target of a bank robbery is cash, a list of names and

addresses of depositors might be valuable to a competing bank.. The

list might be on paper, recorded on a magnetic medium, stored in

internal computer memory or transmitted electronically across a

medium such as a telephone line. This multiplicity of targets makes

computer security difficult.

In any

security system, the weakest point is the most serious

vulnerability. A robber intent on stealing something from your

house will not attempt to penetrate a two inch thick metal door if

a window gives easier access. A sophisticated perimeter physical

security system does not compensate for unguarded access by means

of a simple telephone line and modem. The “weakest point”

philosophy can be restated as the following principe.

Principle of easiest

penetration. An

intruder musr be expected to use any available means of

penetration. This will not necessarily be the most obvious

means,nor will it necessarily be the against which the most solid

defense has been installed.

This principle says

that computer security specialists must consider all possible means

of penetration, because strengthening one may just make another

means more appealing to intruders.We now consider what these means

of penetration are.

2.

kinds

of security breaches

In security, an exposure is a form of possible

loss or harm in a computing system; examples of exposures are

unauthorized disclosure of data, modification of data, or denial of

legitimate access to computing .A vulnerability is a weakness in

the security system that might be exploited to cause loss or harm.

A human who exploits a

vulnerability perpetrates an attack on the system. Threats to

computing systems are circumstances that have the potential to

cause loss or harm; human attacks are examples of threats, as are

natural disasters, inadvertent human errors,and internal hardware

or software flaws. Finally, a control is a protective measure-an

action, a device , a procedure, or a technique-that reduces a

vulnerability.

The major assets of

computing systems are hardware, and data. There are four kinds of

threats to the security of a compuing

system:interruption,interception,modification,and fabrication. The

four threats all exploit vulnerabilities of the assets in computing

systems .These four threats are shown in fig1-1.

(1)

In an

interruption, an asset of the system becomes lost or unavailable or

unusable.An example is malicious destruction of a hardware

device,erasure of a program or data file,or failure of an operating

system file manager so that it cannot find a particular disk

file.

(2)

An interception

means that some unauthorized party has gained access to an asset. The outside party can be

a person,a program.or a computing system.Examples of this typle of

failure are illicit copying of program or data files,or wiretapping

to obtain data in a network While a loss may be discovered fairly

quickly, a silent interceptor may leave no traces by which the

interception can be readily detected.

(3)

If an

unauthorized party not only accesses but tampers with an asset, the

failure becomes a modification.For example,someone might modify the

values in a database,alter a program so that it performs an

additional computation ,or modify data being transmitted electronically.It is even

possible for hardware to be modified. Some cases of modification

can be detected with simple measures,while other more subtle

changes may be almost impossible to detect.

(4)

Finally, an

unauthorized party might fabricate counterfeit objects for a

computing system.The intruder may wish to add spurious to a network

communication system, ,or add records to an existing data

base,sometimes these additions can be detected as forgeries, but if

skillfully done,they are virtually indistinguishable from the real

thing.

These four classes of interference with computer

activity-interruption,interception, modification,and

fabrication-can describe the kinds of exposures possible.Examples

of these kinds of interferences are shown in fig1-1.

入侵计算机的特点和破坏安全的类型

1．

入侵计算机的特点

对计算机作案的目标可以是计算机系统的任何部分。计算机系统指硬件、软件、存储媒体、数据和部门中用计算机去完成计算机任务的人的集合。银行抢劫犯的明显目标是现金，而储户姓名和地址目录对竞争的银行来说是很有价值的。这种目录可以大纸面上的、记录在磁介质上的、存储在内存中的或通过像电话线那样的媒体传送的。这么多的目标使得处理计算机安全问题很困难。

任何安全系统，最薄弱点是最致命的。一个强盗要偷你的房间中的东西，如果破窗而入很容易，他决不会穿国英寸厚的铁门。很

高级的视野人体安全系统并不能弥补通过电话线和调制解调器这种简单地非设防入侵。最“薄弱点”哲理可用下述原理描述。

最容易攻破原理。入侵者必定要使用一种可以攻破的方法，这种方法既不可能是最常用的，也不可能是针对已经才却了最可靠的防范措施的方法。

这一原理寿命计算机安全专家必须考虑所有可能的攻击方法。由于你加强了某一方面，入侵者可能会想出另外的对付方法。我们现在就说明显赫写攻击的方法是什么。

2．

破坏安全的类型

在计算机系统中，暴露是一种使安全完全丧失或受到伤害的一种形式；暴露的例子是非授权的数据公开、数据修改或拒绝合法的访问计算机。脆弱性是安全系统中的薄弱环节，他可能引起安全的丧失或伤害。人可使用脆弱性对系统进行罪恶的攻击。对计算机系统的威胁是引起安全丧失或伤害的环境；人们的攻击是威胁的狸子，如自然灾害，人们非故意错误和硬件或软件缺陷等。最后。控制是一种保护性措施——控制可以是一种动作，一个设备，一个过程或一种技术——减少了脆弱性。

计算机系统的主要资源是硬件、软件和数据。有四种对计算机安全的威胁：中断，截取，篡改和伪造。这四种威胁都利用了实际上机系统资源的脆弱性，图1-1表示这四种威胁。

(1)

在中断情况下，系统资源开始丢失，不可用或不能用。例如，蓄意破坏硬件设备，抹除程序或数据文件或造成操作系统的文件管理程序故障，以致不能找到某一磁盘文件。

(2)

截取是指某一非特许用户掌握了访问资源的权利。外界用户可以是一个人、一个程序或一个计算机系统。这种威胁的例子如程序或数据文件的非法拷贝，或私自接线入网去获取数据。数据丢失可能会很快被发现，但很快被发现，但很可能截取者并不留下任何容易检测的痕迹。

(3)

如果非授权用户不仅可以访问计算机资源，而且可以篡改资源，则威胁就成了修改了。例如，某人可以修改数据库中的值，更换一个程序，以便完成另外的计算，或修改微妙的修改是不可能检测出来的。

(4)

最后，非授权用户可以伪造计算机系统的一些对象。入侵者妄图向网络通信系统假如一个假的事物处理业务，或向现有的数据库加入记录。有时，这些增加的数据可以作为伪造检测出来。但如果做的很巧妙，这些数据实际上无法与真正的数据分开。

这四种对计算机工作的干扰——中断，截取，修改，伪造——表明了可能出现的集中为的类型，图1-1给出了实例。