计算机网络文献翻译报告

英文原文：

CHAPTER 8 Security in Computer Networks

Way back in Section 1.6 we described some of the more prevalent and damaging classes of Internet attacks, including malware attacks, denial of service, sniffing, source masquerading, and message modification and deletion. Although we have since learned a tremendous amount about computer networks, we still haven’t examined how to secure networks from those attacks. Equipped with our newly acquired expertise in computer networking and Internet protocols, we’ll now study in-depth secure communication and, in particular, how computer networks can be defended from those nasty bad guys.

Let us introduce Alice and Bob, two people who want to communicate and wish to do so “securely.” This being a networking text, we should remark that Alice and Bob could be two routers that want to exchange routing tables securely, a client and server that want to establish a secure transport connection, or two e-mail appli- cations that want to exchange secure e-mail —all case studies that we will consider later in this chapter. Alice and Bob are well-known fixtures in the security commu- nity, perhaps because their names are more fun than a generic entity named “A”that wants to communicate securely with a generic entity named “B.” Love affairs, wartime communication, and business transactions are the commonly cited human needs for secure communications; preferring the first to the latter two, we’re happy to use Alice and Bob as our sender and receiver, and imagine them in this first scenario.

We said that Alice and Bob want to communicate and wish to do so “securely ”but what precisely does this mean? As we will see, security (like love) is a many- splendored thing; that is, there are many facets to security. Certainly, Alice and Bob would like for the contents of their communication to remain secret from an eavesdropper. They probably would also like to make sure that when they are communicating, they are indeed communicating with each other, and that if their communication is tampered with by an eavesdropper, that this tampering is detected. In the first part of this chapter, we’ll cover the fundamental cryptography techniques that allow for encrypting communication, authenticating the party with whom one is communicating, and ensuring message integrity.

In the second part of this chapter, we’ll examine how the fundamental

crypto- graphy principles can be used to create secure networking protocols. Once again taking a top-down approach, we’ll examine secure protocols in each of the (top four) layers, beginning with the application layer. We’ll examine how to secure e- mail, how to secure a TCP connection, how to provide blanket security at the net- work layer, and how to secure a wireless LAN. In the third part of this chapter we’ll consider operational security, which is about protecting organizational networks from attacks. In particular, we’ll take a careful look at how firewalls and intrusion detection systems can enhance the security of an organizational network.

What Is Network Security?

Let’s begin our study of network security by returning to our lovers, Alice and Bob, who want to communicate “securely.” What precisely does this mean? Certainly, Alice wants only Bob to be able to understand a message that she has sent, even though they are communicating over an insecure medium where an intruder (Trudy, the intruder) may intercept whatever is transmitted from Alice to Bob. Bob also wants to be sure that the message he receives from Alice was indeed sent by Alice, and Alice wants to make sure that the person with whom she is communicat- ing is indeed Bob. Alice and Bob also want to make sure that the contents of their messages have not been altered in transit. They also want to be assured that they can communicate in the first place (i.e., that no one denies them access to the resources needed to communicate). Given these considerations, we can identify the following desirable properties of secure communication.

●Confidentiality. Only the sender and intended receiver should be able

to under- stand the contents of the transmitted message. Because eavesdroppers may inter- cept the message, this necessarily requires that the message be somehow encrypted so that an intercepted message cannot be understood by an intercep- tor. This aspect of confidentiality is probably the most commonly perceived meaning of the term secure communication. We’ll study cryptographic tech- niques for encrypting and decrypting data in Section 8.2.

●Message integrity. Alice and Bob want to ensure that the content of

their com- munication is not altered, either maliciously or by

accident, in transit. Extensions to the checksumming techniques that

we encountered in reliable transport and data link protocols can be

used to provide such message integrity. We will study message integrity

in Section 8.3.

●End-point authentication. Both the sender and receiver should be

able to confirm the identity of the other party involved in the

communication—to confirm that the other party is indeed who

or what they claim to be. Face-to-face human communication solves

this problem easily by visual recognition. When communicating

entities exchange messages over a medium where they cannot see

the other party, authentication is not so simple. When a user wants

to access an inbox, how does the mail server ver- ify that the user

is the person he or she claims to be? We study end-point

authentication in Section 8.4.

●Operational security. Almost all organizations (companies,

universities, and so on) today have networks that are attached to

the public Internet. These net- works therefore can potentially be compromised. Attackers can attempt to deposit worms into the

hosts in the network, obtain corporate secrets, map the internal

network configurations, and launch DoS attacks. We’ll see in

Section 8.9 that operational devices such as firewalls and intrusion

detection systems are used to counter attacks against an

organization’s network. A firewall sits between the organization

’s network and the public network, controlling packet access to

and from the network. An intrusion detection sys- tem performs “

deep packet inspection,” alerting the network administrators about

suspicious activity.

Having established what we mean by network security, let’s next consider exactly what information an intruder may have access to, and what actions can be taken by the intruder. Figure 8.1 illustrates the scenario. Alice, the sender, wants to send data to Bob, the receiver. In order to exchange data securely, while meeting the requirements of confidentiality, end-point authentication, and message integrity, Alice and Bob will exchange control messages and data messages (in much the same way that TCP senders and receivers exchange control segments and data seg- ments). All or some of these

messages will typically be encrypted. As discussed in Section 1.6, an intruder can potentially perform

● eavesdropping —sniffing and recording control and data messages

on the channel.

● modification, insertion, or deletion of messages or message content.

Figure 8.1 Sender, receiver, and intruder (Alice, Bob, and Trudy)

As we ’ll see, unless appropriate countermeasures are taken, these capabilities allow an intruder to mount a wide variety of security attacks: snooping on commu- nication (possibly stealing passwords and data), impersonating another entitity, hijacking an ongoing session, denying service to legitimate network users by over- loading system resources, and so on. A summary of reported attacks is maintained at the CERT Coordination Center [CERT 2012].

Having established that there are indeed real threats loose in the Internet, what are the Internet equivalents of Alice and Bob, our friends who need to com- municate securely? Certainly, Bob and Alice might be human users at two end systems, for example, a real Alice and a real Bob who really do want to exchange secure e-mail. They might also be participants in an electronic commerce transac- tion. For example, a real Bob might want to transfer his credit card number securely to a Web server to purchase an item online. Similarly, a real Alice might want to interact with her bank online. The parties needing secure communication might themselves also be part of the network infrastructure. Recall that the domain name system (DNS, see Section 2.5) or routing daemons that exchange routing information (see Section 4.6) require secure communication between two parties. The same is true for network management applications, a topic we exam- ine in Chapter

9. An intruder that could actively interfere with DNS lookups (as discussed in Section 2.5), routing computations [RFC 4272], or network manage- ment functions [RFC 3414] could wreak havoc in the Internet.

Secure sender Secure receiver

Data Data

Control, data messages Channel Alice Bob

Having now established the framework, a few of the most important defi- nitions, and the need for network security, let us next delve into cryptography. While the use of cryptography in providing confidentiality is self-evident, we’ll see shortly that it is also central to providing end-point authentication and message integrity—making cryptography a cornerstone of network security.

Principles of Cryptography

Although cryptography has a long history dating back at least as far as Julius Caesar, modern cryptographic techniques, including many of those used in the Internet, are based on advances made in the past 30 years. Kahn’s book, The Codebreakers [Kahn 1967], and Singh’s book, The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography [Singh 1999], provide a fascinating look at the long history of cryptography. A complete discussion of cryptography itself requires a complete book [Kaufman 1995; Schneier 1995] and so we only touch on the essential aspects of cryptography, particularly as they are practiced on the Internet. We also note that while our focus in this section will be on the use of cryptography for confidentiality, we’ll see shortly that cryptographic techniques are inextricably woven into authentication, message integrity, nonrepudiation, and more.

Cryptographic techniques allow a sender to disguise data so that an intruder can gain no information from the intercepted data. The receiver, of course, must be able to recover the original data from the disguised data. Figure 8.2 illustrates some of the important terminology.

Suppose now that Alice wants to send a message to Bob. Alice’s message in its original form (for example, “Bob, I love you. Alice”) is known as plaintext, or cleartext. Alice encrypts her plaintext message using an encryption algorithm so that the encrypted message, known as ciphertext, looks unintelligible to any intruder. Interestingly, in many modern cryptographic systems, including those used in the Internet, the encryption technique itself is known—published, stan- dardized, and available to everyone (for example, [RFC 1321; RFC 3447; RFC 2420; NIST 2001]), even a potential intruder! Clearly, if everyone knows the method for encoding data, then there must be some secret information that prevents an intruder

from decrypting the transmitted data. This is where keys come in.

Key:

Figure 8.2 Cryptographic components In Figure 8.2, Alice provides a key, K A , a string of numbers or characters, as input to the encryption algorithm. The encryption algorithm takes the key and the

plaintext message, m, as input and produces ciphertext as output. The notation K A (m ) refers to the ciphertext form (encrypted using the key K A ) of the plaintext message, m . The actual encryption algorithm that uses key K A will be evident from the context. Similarly, Bob will provide a key, K B , to the decryption algorithm that takes the ciphertext and Bob ’s key as input and produces the original plain- text as output. That is, if Bob receives an encrypted message K A (m ), he decrypts it by computing K B (K A (m )) = m. In symmetric key systems, Alice ’s and Bob ’s keys are identical and are secret. In public key systems, a pair of keys is used. One of the keys is known to both Bob and Alice (indeed, it is known to the whole world). The other key is known only by either Bob or Alice (but not both).

Encryption algorithm

Decryption algorithm Plaintext Plaintext Ciphertext Channel K A K B Alice Bob

译文：

第八章计算机网络中的安全

早在1.6节就阐述了一些流行的和危险的网络攻击，包括恶意的软件攻击、拒绝服务、嗅探、源伪装以及报文修改和删除。虽然我们学习过有关计算机网络的相关知识，但却没有考察如何使用网络安全，使计算机远离攻击的威胁。在获得了新的计算机网络和网络协议的专业知识后，现在我们将深入地学习安全通信，尤其是计算机网络可以防御那些讨厌的坏家伙的原理。

首先，我们介绍一下Alice和Bob，他们两个人要进行通信，并希望这个过程是安全的。因为本书是网络教科书，所以Alice和Bob可以是两台需要安全地交换路由选择表的路由器，也可以是希望建立一个安全传输链接的客户和服务器，或者是两个交换安全电子邮件的电子邮件程序，所有这些案例都是在本站后面要考虑的。总之，Alice和Bob是安全领域中我们熟知的两个设备，也许因为使用Alice和Bob更有趣，这和命名A的普通实体需要安全地与名为B的普通实体进行通信的作用是一样的。需要安全通信的例子通常包括不正当的情人关系、战时通信和商务往来；我们更喜欢用第一个例子而不是后两个，并乐于使用Alice和Bob作为我们的发送方和接收方，并以第一种例子作为背景来讨论接下来的问题。

我们说过，Alice和Bob要进行通信并希望做到安全，那么此处的安全的确切意义是什么呢？正如我们将会看到的那样，安全性（像爱一样）是多姿多彩的；换句话说，安全性有很多方面。毫无疑问，Alice和Bob希望他们之间的通信内容是保密的。他们可能也想希望他们需要通信时确实是在和对方在通信，还希望如果他们之间的通信被窃听者篡改时，他们能够知道该通信已被这种篡改破坏。在本章的第一部分，我们将会讨论能够加密通信的密码技术，鉴别正在与他通信的对方并确保报文完整性。

在本章的第二部分，我们将研究基本的密码学原则怎样被应用于生成安全的网络协议。我们再次采用自顶向下方法，从应用层开始，将逐层（上面四层）研究安全协议。我们将研究如何加密电子邮件，如何加密一条TCP连接，如何在网络层提供覆盖式安全性，以及如何使无线LAN安全。在本章的第三部分，我们将考虑运行的安全性，这与保护机构网络免受攻击有关。特别的是，我们将仔细观察防火墙和入侵检测系统是怎样加强机构网络的安全性的。

网络安全是什么？

我们还是以要进行安全通信的情人Alice和Bob为例，开始我们的网络安全研究。这意味着什么呢？显然，Alice希望即使他们在一个不安全的媒体上进行通信，也只有Bob能够明白她发送的报文，其中入侵者（设入侵者叫Trudy）能够在这个媒体上截获这个报文。Bob也需要确认从Alice接收的报文确实是Alice发送的，并且Alice 也要确认和她进行通信的人就是Bob。Alice和Bob还要确认通信过程中报文没有被修改。他们首先也要确认他们能够通信（即无人能够拒绝他们进行通信所接入的资源）。考虑了这些问题后，我们能够指出安全通信具有下列所需要的特性。

●保密性。仅由发送方和其希望的接收方能够理解传输的报文的内容。因

为窃听者可以截获报文，这就要求报文必须在一定程度上进行加密，是

被截取的报文无法被窃听者理解。保密性的这个方面大概就是通常意义

上对于术语安全通信的理解。我们将会在8.2节学习数据加密和解密的密

码学技术。

●报文完整性。Alice和Bob希望确保其通信内容在传输过程中没有改变—

—或者恶意篡改或意外的改动。我们在可靠传输和数据链路协议中遇到

的检验和技术在扩展后能够用于提供这种报文完整性，我们将在8.3节中

研究这个主题。

●端点鉴定。发送方和接收方都应该能够证实通信时涉及的另一方，以确

定通信的另一方确实具有他们所声称的身份。人们的面对面通信可以通

过视觉轻易的解决这个问题。当通信实体在不能看到对方的媒体上交换

报文时，坚定就不是那么简单的了。当某用户要访问一个邮箱，邮件服

务器如何证实该用户就是他或她所声称的那个人呢？我们将在8.4节学

习端点鉴定技术。

●运行安全性。几乎所有的机构（公司、大学等等）今天都有了与公共因

特网相连的网络。这些网络都因此潜在地能够被危及安全。攻击者能试

图在网络主机中安放蠕虫，获取公司秘密，勘察内部网络配置并发起DoS

攻击。我们将在8.9节看到诸如防火墙和入侵检测系统等运行设备正被运

用于反制对机构网络的攻击。防火墙位于机构网络和公共网络之间，控

制接入和来自网络的分组。入侵检测系统执行深度分组检查任务，向网

络管理员发起有关可疑活动的警告。

明确了我们所指的网络安全的具体含义后，接下来要考虑的是入侵者可能要访问的是哪些信息，以及入侵者可能会采取哪些行动。图8-1阐述了一种情况。Alice（发送方）想要发送数据给Bob（接收方）。为了安全的交换数据，即在满足保密性、端点鉴定和报文完整性要求下，Alice和Bob将交换控制报文和数据报文（以非常类似于TCP发送和接受双方交换控制报文和数据报文的方式进行）。通常将这些报文全部或部分加密。如在1.6节所讨论的那样，入侵者能够潜在地执行下列行为：

数据数据

控制、数据报文

安全发送方安全接收方

信道

图8-1 发送方、接收方和入侵者（Alice、Bob和Trudy）

●窃听——坚挺并记录信道上传输的控制报文和数据报文。

●修改、插入、或删除报文或报文内容。

如我们将要看到的那样，除非采取适当的措施，否则上述能力使入侵者可以用各种各样的方式发动多种攻击：窃听通信内容（可能窃取口令和数据），假冒另一个实体，“劫持”一个正在进行的会话，通过使系统资源过载拒绝合法用户的服务请求等等。CERT协调中心对已报道的攻击进行了总结【CERT 2012】。

已经知道在因特网中某个角落存在真实的威胁，则Alice、Bob（我们的两个需要安全通信的朋友）在因特网上的对应的实体是什么呢？当然，Alice、Bob可以是两个位于端系统的人类用户，例如，真实的Alice和真实的Bob真的需要交换安全电子邮件。他们也可以参与电子商务事务。例如，一个真实的Bob希望安全的向一台Web 服务器传输他的信用卡号码，以在线购买商品。类似的，真实的Alice要与银行在线交互。需要安全通信的各方自身也可能是网络基础设施的一部分。前面讲过，域名系统（DNS，参见2.5节）或交换路由选择信息的路由选择守护程序（参见4.6节）需要在双方之间安全通信。对于网络管理应用也有相同的情况，网络管理是第9章学习的主题。能主动干扰DNS查找和更新（如在2.5节讨论的那样）、路由选择计算【RFC 4272】或网络管理功能【RFC 3414】的入侵者能够给因特网造成不可估量的破坏。

建立了上述框架，明确了一些重要意义以及网络安全需求之后，我们将深入学习密码学。应用密码学来提供机密性是不言而喻的，同时我们将很快看到他对于提供端点鉴定、报文完整性也起到了核心作用，这使得密码学成为网络安全的基石。

密码学的原则

尽管密码学的漫长历史可以追溯到朱利叶斯·凯撒，但现代密码技术（包括正在今天的因特网中应用的许多技术）基于的是过去30年所取得进展。Kahn的著作《破译者》回顾了引人入胜的密码学的悠久的历史。对密码学全面的讨论需要一本完整的书，所以我们只能初步了解密码学的基本方面，特别是这些东西正在今天的因特网上发挥作用。我们也注意到尽管本节的重点是密码学在保密性方面的应用，但我们将很快看到密码学技术与鉴别、报文完整性和不可否认性等是紧密相关的。

密码技术使得发送方可以伪装数据，使入侵者不能从截取到的信息中获得任何信息。当然，接收方必须能够从伪装的数据中恢复出原始数据。图8-2说明了一些重要的术语。

现在假设Alice要向Bob发送一个报文。Alice报文的最初形式被称为明文。Alice 使用加密算法加密其明文报文，生成的加密报文称为密文，该密文在任何入侵者看来是不明白的。有趣的是在许多现代密码系统中，包括因特网上所使用的那些，加密技术本身是已知的，即公开发行的、标准化的和任何人都可使用的，即对潜在的入侵者也是如此！显然，如果任何人都知道数据编码的方法，则一定有一些秘密信息可以组

织入侵者解密被传输的数据。这些秘密信息就是密钥。

图8-2 密码学组成部分

在图8-2中，Alice 提供了一个密钥Ka ，它是一串数字或字符，作为加密算法的输入。加密算法以密钥和明文报文m 为输入，生成的密文作为输出。用符号Ka （m ）表示明文报文m 的密文形式。使用密钥Ka 的实际加密算法显然与上下文有关。类似的Bob 将为解密算法提供密钥Kb ，将密文和Bob 的密钥作为输入，输出起始明文。也就是说，如果Bob 接收到一个加密的报文Ka （m ），他可通过计算Kb （Ka （m ））=m 进行解密。在对称密钥系统中，Alice 和Bob 的密钥是相同的和秘密的。在公开密钥系统中，使用一对密钥：一个密钥为Bob 和Alice 两人所知（实际上全世界都知道），另一个密钥只有Bob 或Alice 知道（不是双方都知道）。

加密算法

解密算法 明文

明文

信道 密文 图例：

密钥

【计算机专业文献翻译】计算机网络

附录1英文及其译文 Computer Networks Network Goals Some reasons are causing centralized computer systems to give way to networks. The first one is that many organizations already have a substantial number of computers in operation, often located far apart .Initially, each of these computers may have worked in isolation from the other ones, but at a certain time, and management may have decided to connect them to be able to correlate information about the entire organization. Generally speaking, the goal is to make all programs, data, and other resources available to anyone on the network without regard to the physical location of the resource and the user. The second one is to provider high reliability by having alternative sources of supply. With a network, the temporary loss of a single computer is much less serious, because its users can often be accommodated elsewhere until the service is restored. Another important reason for distributing computing power has to do with the relative price of computing versus communication. Now the cost of a small computer is negligible, so it becomes attractive to analyze the data at where it is captured, and only to send occasional summaries back to the computer center, to reduce the communication cost, which now represents a larger percentage of the total cost than it used to. Yet another reason of setting up a computer network is that a computer network can provider a powerful communication medium among widely separated people. Application of Networks One of the main areas of potential network use is access to remote data bases. It may someday be easy for people sitting at their terminals

计算机网络新技术外文翻译文献

计算机网络新技术外文翻译文献 (文档含中英文对照即英文原文和中文翻译) 译文: 计算机网络新技术 摘要 21世纪是一个信息时代的经济，计算机网络技术是这个时期的代表技术，以非常快的、具创造性得不断地发展，并将深入到人民群众的工作，生活和学习中。因此，控制这种技术看起来似乎具有很重要的意义。现在，我主要是采用新技术的几种网络技术在现实生活的应用。 关键字 因特网数字证书数字银包网格存储 3G

1.前言 互联网满36岁，仍然是一个进展中的工作。36年后在加州大学洛杉矶分校的计算机科学家使用15英尺的灰色电缆连接两台笨重的电脑，测试了一种在网络上新的数据交换的方式，这将最终成为互联网依然是一个在取得进展的工作。 大学的研究人员正在试验如何提高网络容量和速度。编程人员正在设法为网页注入更多的智能。并正在进行重新设计网络以减少垃圾邮件（垃圾邮件）和安全麻烦的工作。 与此同时威胁织机：批评人士警告说，商业，法律和政治压力可能会阻碍一些使互联网发展到今天的创新的类型。 斯蒂芬克罗克和温顿瑟夫属于1969年9月2日研究生加入的加州大学洛杉矶分校斯莱昂兰罗克教授工程实验室的团体，作为位无意义的测试数据两台计算机之间默默流动。到第二年的1月，其他三个“节点”加入到了这个网络。 然后是电子邮箱，几年之后，在七十年代后期一个所谓的核心通信协议即TCP / IP 协议，在80年代域名系统和在1990年万维网-现在的第二个最流行的应用背后电子邮件出现了。互联网的扩大，超出其最初的军事和教育领域延伸到了企业和全球的家庭中。 今天，克罗克仍然为互联网工作，为协作设计更好的工具。作为互联网管理机构的安全委员会主席，他正试图保卫系统的核心处理免受来自外部的威胁。 他认识到，他帮助建立的互联网工作远未完成，而这些改变是在商店，以满足多媒体日益增长的需求。网络供应商现唯一的“最佳努力”是在提供的数据包上。克罗克说，需要有更好的保障，以防止跳过和过滤现在常见的视频。 瑟夫，现在在MCI公司说，他希望他建立了有内置安全的互联网。微软，雅虎和美国在线公司，和其他的一些，目前正在努力改进网络，使邮件发送者可以验证的方式发送以降低使用虚假地址发送垃圾邮件。 瑟夫说，现在正在制定许多功能，是不可能立即解决计算速度慢和互联网管道窄，或

电子商务企业文化中英文对照外文翻译文献

中英文对照外文翻译文 电子商务时代企业文化的再造 随着网络时代电子商务大规模发展，电子商务企业文化随之产生，它在一个企业在产生的一种新的价值观，使企业内部资源得到从新整合，在为企业带来降低交易成本，提高效率，缩短生产周期等诸多好处的同时，也对已有的企业文化发起了挑战。电子商务的兴起是一场由技术手段飞速发展而引发的商业运作模式的变革，传统经济活动的生存基础、运作方式和管理机制均发生了彻底改变，传统的企业文化也面临着巨大的冲击。 一、企业文化对企业价值的贡献 文化现象是一个国家和民族文明的主要见证。广义的文化，包括知识、信仰、艺术、道德、法律、习俗和任何人作为一名社会成员而获得的能力和习惯在内的复杂整体。作为“亚文化”的企业文化，对企业的生存与发展亦起着举足轻重的作用。企业文化是商品经济和市场经济的产物，符合市场经济的客观规律，体现企业的竞争实务、竞争精神和整体形象。所谓企业文化就是企业的经营管理哲学，企业面对所处的社会和商业环境，在长期的生产经营活动中，形成全体员工所接受和认同信守的、为争取事业成功的一套非正式规则。它表明企业奉行何种管理哲学，以及企业通过管理要达到一个什么样的目标。是经济管理的重要内容之一。企业文化意味着一个公司的价值观，而这些价值观成为公司员工活动和行为的规范。 企业文化的本源问题是如何增加企业利润，降低企业的成本和费用。它的要义就是怎么使企业能够有效的整合资源，以达到对外部的适应性，使公司在竞争中生存，进而实现持续发展。企业文化建设为企业开展文化管理指出一个明确的方向。企业文化建设的根本目的是建设能够对外竞争环境具有高度适应性，并能根据环境变换做出迅速反应的行为方式能力，这种能力其实就是企业所拥有的根据外部竞争的环境需要而对内部资源进行整合运用的能力。企业文化建设应促进这一能力系统的形成，并维持好这一能力系统。中国的许多企业例如海尔、联想等企业成功的秘诀之一就是发展了一整套公司理念、经营哲学，形成了自己独特的企业文化。 1、企业文化体现企业的形象和精神。树立良好的企业形象，需要企业文化的支撑。现

文献阅读与翻译(精华版)

Unit 1 general description of literature reading and translation 1.Definition of Literature Literature is a general term for professional writings in the form of books, papers, and other documentations. As an important means for preserving knowledge, literatures have become precious resources or treasures for the mankind, which have greatly contributed to the social progress of the human race. 2.Classification of Literature 1) Textbooks（课本） a kind of professional writing（一种专业的写作） 2) Monographs（专著） various viewpoints and discussions 3) Papers（论文） the theoretical analysis and experimental description title, author, affiliation, abstract, keywords, introduction, theoretical analysis and/or experimental description, results and discussion or conclusion, acknowledgments, references 4) Encyclopedias(百科全书) every branch of knowledge 5) Periodicals （期刊） a series of publications 6)Special Documentation（特殊文档） all the printed materials 3.Linguistic Features of Scientific Literature stylistically (文体上) scientific literature is a kind of form writing; syntactically（结构上）scientific literature has rigorous grammatical structures and in most cases is rather unitary; Morphologically（语法上）scientific literaure is featured by high specialization,the use of technical terms and jargons ,unambiguous implication and the fixed sense of the word Principles or Criteria of Translation Whenever principles or criteria of translation are under discussion in China, Yan Fu’s three- character guide”-----xin, da, ya, namely, faithfulness (信), expressiveness (达), and elegance (雅). These three principle has always been regarded as a plumb-line for measuring the professional level of translation and a goal for translators to strive after. However, in the application of this principle, people come to find some unsatisfactory aspects of the three-character guide and have put foreword a variety of new standards or criteria of translation. Despite a variety of opinions, two criteria are almost unanimously accepted by all, namely, the criterion of faithfulness/accuracy (忠实/准确) and that of smoothness (流畅). We may also take these two criteria as the principle scientific literature translation. By faithful/accuracy, we mean to be faithful not only to the original contents, to the original meaning and views, but also to the original form and style. By smoothness, we mean not only easy and readable rendering, but also idiomatic expression in the target language, free form stiff formula and mechanical copying form dictionaries. Unit 2 professional papers 2.1.Definition of professional papers A professional paper is a typewritten paper in which professionals present their views and research findings on a chosen topic. It is variously known as the “research paper”, “course paper”, “thesis paper” or “library paper”. The task of the author of a paper is essentially the same: to read on a particular topic, gather information about it, and report the findings in it. 2.2.Classification of professional papers

计算机网络专业词汇中英对照

《计算机网络》中英文对照 Chapter 1 End system P28 端系统 Modem P29 调制解调器（俗称：猫） Base station P29 基站 Communication link P30 通信链路 Physical media P30 物理介质 Coaxial cable P30 同轴电缆 Fiber optics P30 光纤 Radio spectrum P30 射频频谱 Transmission rate P30 传输速率 Packets P30 （数据）包，或分组 Routers P30 路由器 Link-layer switches P30 链路层交换机 Path P30 路径 ISP (Internet Service Provider) P30 网络服务提供商 TCP (Transmission Control Protocol) P31 传输控制协议 IP ( Internet Protocol) P31 网际协议 Intranets P31 内网 API (Application Programming Interface) P32 应用程序编程接口Network edge P35 网络边缘 Access Networks P38 接入网 Ethernet P42 以太网 Network core P48 网络核心 Circuit Switching P50 电路转换 Packet Switching 分组交换 FDM (frequency-division multiplexing) P50 频分多路复用 TDM (time-division multiplexing) P50 时分多路复用 Statistical Multiplexing 统计复用 Store-and-forward 存储转发 Queuing delays P53 排队延迟 Transmission delay P60 传输延迟，或发送延迟 Propagation delay P60 传播延迟 Throughput P59 吞吐量 Internet backbone P57 骨干网 Delay P59 延迟，或时延 Loss P59 丢包 Packet-Switched Network P59 分组交换网络 Nodal processing delay P60 节点处理延迟 End-to-end delay P66 端到端延迟 Instantaneous throughput P68 瞬时吞吐量

计算机网络体系结构外文翻译

附录A With the new network technology and application of the continuous rapid development of the computer network should. Use of becoming increasingly widespread, the role played by the increasingly important computer networks and human. More inseparable from the lives of the community's reliance on them will keep growing. In order for computers to communicate, they must speak the same language or protocol. In the early days of networking, networks were disorganized in many ways. Companies developed proprietary network technologies that had great difficulties in exchanging information with other or existing technologies; so network interconnections were very hard to build. To solve this problem, the International Organization for Standardization（ISO）created a network model that helps vendors to create networks compatible with each other. Finding the best software is not easy. A better understanding of what you need and asking the right questions makes it easier. The software should be capable of handling challenges specific to your company. If you operate multiple distribution centers, it may be beneficial to create routes with product originating from more than one depot. Few software providers though, are capable of optimizing routes using multiple depots. The provider should be able to support installation of its product. Make sure to clearly understand what training and software maintenance is offered. Obviously, selecting the right routing/scheduling software is critically important. Unfortunately, some companies are using software that may not be best suited to their operation. Logistics actives with responsibility for approving the software ought to be comfortable they've made the right decision. It is important to realize that not all routing/scheduling software is alike！ There questions to ask are：Which operating system is used？How easy is the software to use？Here is a good way to tell. Ask if its graphical user interface（GUI）is flexible. Find out about installation speed - how long does it take？Is the software able to route third party customers with your core business？When was the software originally released and when was it last upgraded？ In 1984, ISO released the Open Systems Interconnection（OSI）reference model,

计算机网络中英文互译

AN (Access Network) 接入网 ADSL (Asymmetric Digital Subscriber Line)：非对称数字用户线 ADSL (Asymmetric Digital Subscriber Line)：非对称数字用户线 ATU (Access Termination Unit) 接入端接单元 ARP (Address Resolution Protocol) 地址解析协议 ARQ (Automatic Repeat reQuest) 自动重传请求 BER (Bit Error Rate) 误码率 CBT (Core Based Tree) 基于核心的转发树 CIDR (Classless Inter-Domain Routing) 无分类域间路由选择 DSL (Digital Subscriber Line) 数字用户线 DMT (Discrete Multi-Tone) 离散多音调 DSLAM (DSL Access Multiplexer) 数字用户线接入复用器 DVMRP (Distance Vector Multicast Routing Protocol) 距离向量多播路由选择协议EGP (External Gateway Protocol外部网关协议 FTTH (Fiber To The Home) 光纤到家 FTTB (Fiber To The Building) 光纤到大楼 FTTC (Fiber To The Curb) 光纤到路边 FCS (Frame Check Sequence) 帧检验序列 HDSL (High speed DSL)：高速数字用户线 IGP (Interior Gateway Protocol内部网关协议 ICMP(Internet Control Message Protocol) 网际控制报文协议 ISP (Internet Service Provider) 因特网服务提供者 ICMP(Internet Control Message Protocol) 网际控制报文协议 IGMP (Internet Group Management Protocol) 网际组管理协议 LCP (Link Control Protocol) 链路控制协议 LLC (Logical Link Control) 子层逻辑链路控制 LAN (Local Area Network) 局域网 MAC (Medium Access Control) 媒体接入控制 MOSPF (Multicast Extensions to OSPF) 开放最短通路优先的多播扩展 MAN (Metropolitan Area Network) 城域网 NCP (Network Control Protocol) 网络控制协议 NAT (Network Address Translation) 网络地址转换 NIC (Network Interface Card) 网络接口卡 OSPF (Open Shortest Path First) 光内部网关协议 ODN (Optical Distribution Node) 分配结点 PAN (Personal Area Network) 个人区域网 PPP (Point-to-Point Protocol) 点对点协议对等方式（P2P 方式） PIM-SM (Protocol Independent Multicast-Sparse Mode) 协议无关多播-稀疏方式PIM-DM (Protocol Independent Multicast-Dense Mode) 协议无关多播-密集方式RTO (RetransmissionTime-Out) 超时重传时间 RPB (Reverse Path Broadcasting) 反向路径广播

文献综述,外文翻译,论文网站

文献综述怎么写 1) 什么是文献综述? 文献综述是研究者在其提前阅读过某一主题的文献后，经过理解、整理、融会贯通，综合分析和评价而组成的一种不同于研究论文的文体。 2) 文献综述的写作要求 1、文献综述的格式 文献综述的格式与一般研究性论文的格式有所不同。这是因为研究性的论文注重研究的方法和结果，而文献综述介绍与主题有关的详细资料、动态、进展、展望以及对以上方面的评述。因此文献综述的格式相对多样，但总的来说，一般都包含以下四部分：即前言、主题、总结和参考文献。撰写文献综述时可按这四部分拟写提纲，再根据提纲进行撰写工作。 前言，要用简明扼要的文字说明写作的目的、必要性、有关概念的定义，综述的范围，阐述有关问题的现状和动态，以及目前对主要问题争论的焦点等。前言一般200-300字为宜，不宜超过500字。 正文，是综述的重点，写法上没有固定的格式，只要能较好地表达综合的内容，作者可创造性采用诸多形式。正文主要包括论据和论证两个部分，通过提出问题、分析问题和解决问题，比较不同学者对同一问题的看法及其理论依据，进一步阐明问题的来龙去脉和作者自己的见解。当然，作者也可从问题发生的历史背景、目前现状、发展方向等提出文献的不同观点。正文部分可根据内容的多少可分为若干个小标题分别论述。 小结，是结综述正文部分作扼要的总结，作者应对各种观点进行综合评价，提出自己的看法，指出存在的问题及今后发展的方向和展望。内容单纯的综述也可不写小结。 参考文献，是综述的重要组成部分。一般参考文献的多少可体现作者阅读文献的广度和深度。对综述类论文参考文献的数量不同杂志有不同的要求，一般以30条以内为宜，以最近3-5年内的最新文献为主。 2、文献综述规定 1. 为了使选题报告有较充分的依据，要求硕士研究生在论文开题之前作文献综述。 2. 在文献综述时，研究生应系统地查阅与自己的研究方向有关的国内外文献。通常阅读文献不少于30篇，且文献搜集要客观全面 3. 在文献综述中，研究生应说明自己研究方向的发展历史，前人的主要研究成果，存在的问题及发展趋势等。 4. 文献综述要条理清晰，文字通顺简练。 5. 资料运用恰当、合理。文献引用用方括号[ ]括起来置于引用词的右上角。 6. 文献综述中要有自己的观点和见解。不能混淆作者与文献的观点。鼓励研究生多发现问题、多提出问题、并指出分析、解决问题的可能途径，针对性强。 7. 文献综述不少于3000字。 3、注意事项 ⒈搜集文献应尽量全。掌握全面、大量的文献资料是写好综述的前提，否则，随便搜集一点资料就动手撰写是不可能写出好的综述。 ⒉注意引用文献的代表性、可靠性和科学性。在搜集到的文献中可能出现观点雷同，有的文献在可靠性及科学性方面存在着差异，因此在引用文献时应注意选用代表性、可靠性和科学性较好的文献。 ⒊引用文献要忠实文献内容。由于文献综述有作者自己的评论分析，因此在撰写时应分清作者的观点和文献的内容，不能篡改文献的内容。引用文献不过多。文献综述的作者引用间接文献的现象时有所见。如果综述作者从他人引用的参考文献转引过来，这些文献在他人

计算机网络外文翻译

附录 一、英文原文： The NetWorks Birth of the Net The Internet has had a relatively brief, but explosive history so far. It grew out of an experiment begun in the 1960's by the U.S. Department of Defense. The DoD wanted to create a computer network that would continue to function in the event of a disaster, such as a nuclear war. If part of the network were damaged or destroyed, the rest of the system still had to work. That network was ARPANET, which linked U.S. scientific and academic researchers. It was the forerunner of today's Internet. In 1985, the National Science Foundation (NSF) created NSFNET, a series of networks for research and education communication. Based on ARPANET protocols, the NSFNET created a national backbone service, provided free to any U.S. research and educational institution. At the same time, regional networks were created to link individual institutions with the national backbone service. NSFNET grew rapidly as people discovered its potential, and as new software applications were created to make access easier. Corporations such as Sprint and MCI began to build their own networks, which they linked to NSFNET. As commercial firms and other regional network providers have taken over the operation of the major Internet arteries, NSF has withdrawn from the backbone business. NSF also coordinated a service called InterNIC, which registered all addresses on the Internet so that data could be routed to the right system. This service has now been taken over by Network Solutions, Inc., in cooperation with NSF. How the Web Works The World Wide Web, the graphical portion of the Internet, is the most popular part of the Internet by far. Once you spend time on the Web,you will begin to feel like there is no limit to what you can discover. The Web allows rich and diverse communication by displaying text, graphics, animation, photos, sound and video. So just what is this miraculous creation? The Web physically consists of your personal computer, web browser software, a connection to an Internet service provider, computers called servers that host digital data and routers and switches to direct the flow of information. The Web is known as a client-server system. Your computer is the client; the remote computers that store electronic files are the servers. Here's how it works: Let's say you want to pay a visit to the the Louvre museum website. First you enter the address or URL of the website in your web browser (more about this shortly). Then your browser requests the web page from the web server that hosts the Louvre's site. The Louvre's server sends the data over the Internet to your computer. Your web

跨境电商外文文献综述

跨境电商外文文献综述 (文档含英文原文和中文翻译) 译文: 本地化跨境电子商务的模型 摘要 通过对国际供应链的B2B电子商务交易量的快速增长和伊朗快速增加的跨境交易业务，跨境电商过程的有效管理对B2B电子商务系统十分重要。本文对局部模型的结构是基于B2B电子商务的基础设施三大层，消息层、业务流程层和内容层。由于伊朗的电子商务的要求，每一层的需要适当的标准和合适的方案的选择。当电子文件需要移动顺利向伊朗，建议文件的标准为文件内容支持纸质和电子文件阅读。验证提出的模型是通过案例研究方法呈现一到四阶段的情景。本文试图通过交换商业文件在贸易过程中这一局部模型，实现在全球电子贸易供应链更接近区域单一窗口建设的关键目标。 关键词：电子商务;跨境贸易;电子文档管理;国际供应链

1.简介 电子商务是关于在互联网或其他网络电子系统购买和销售产品或服务。术语B2B（企业对企业），描述了企业间的电子商务交易，如制造商和批发商，或批发商和零售商之间。本文的研究目标是上两个不同国家贸易商之间的通信。今天的世界贸易组织的主要目标之一是建立区域单一窗口，可以提高世界各地的贸易便利化。建立区域单一窗口需要跨境海关，可以有效地交换贸易文件。因此，首先，简化跨境贸易文件的关键在于朝着国家单一窗口移动。然后，区域单一窗口可以授权国家之间的通信。电子商务模型是基于三个主要逻辑层的研究。这三个层消息传输层，业务处理层和内容层。本文的局部模型是一种能够自动交换读取文件的过程。通过与东亚和中东国家的建立区域单一窗口可以在将来得到改善的更多的互操作性，从而建立伊朗国家单一窗口 在本文的第二部分讨论引进国际供应链中的跨境B2B模式所需的基本概念和标准。第三部分介绍在大的模型中引入的组件功能和范围。第四部分讨论了B2B交易层模型的定位，最后结束本文。 2.背景 在本节中，除了了解B2B电子商务在伊朗的情况，还有参考模型的背景等概念以及讨论B2B电子商务跨境模式的本土化。 2.1 B2B电子商务在伊朗 如今伊朗在贸易进程的变现是一个关键的贸易成功点。伊朗和许多其他国家接壤，它的进口和出口过程可以通过公路，铁路，海上和空中的方式来完成。因此，这个国家的中部和战略作用，使得它在亚洲和中东地区货物运输的主要贸易点。今天，在伊朗海关几乎所有的贸易过程通过纸质表格完成，由商务部提供的电子服务仅限于谁该国境内交易的商人。今天，伊朗海关几乎所有的贸易流程都是通过纸质表格来完成的，商务部给出的电子服务只限于该国的商人。介绍了模型试图简化在伊朗交易的跨境电子商务供应链交换电子文件的过程。这里提到的一些系统，由商务部在伊朗的电子服务被提及：进口订单管理系统。贸易统计制度。伊朗法典伊朗。这些电子系统的主要使用，以促进在伊朗贸易过程。这里提到的系统作为独立的贸易者可与建议本文模型在未来的作用。在亚洲的区域性单

(完整版)计算机网络课后作业以及答案(中英文对照)

Chapter1 1-11.What are two reasons for using layered protocols? (请说出使用分层协议的两个理由) 答：通过协议分层可以把设计问题划分成较小的易于处理的片段。分层意味着某一层的协议的改变不会影响高层或低层的协议。 1-13. What is the principal difference between connectionless communication and connection-oriented communication? (在无连接通信和面向连接的通信两者之间，最主要的区别是什么？) 答：主要的区别有两条。 其一：面向连接通信分为三个阶段，第一是建立连接，在此阶段，发出一个建立连接的请求。只有在连接成功建立之后，才能开始数据传输，这是第二阶段。接着，当数据传输完毕，必须释放连接。而无连接通信没有这么多阶段，它直接进行数据传输。 其二：面向连接的通信具有数据的保序性，而无连接的通信不能保证接收数据的顺序与发送数据的顺序一致。 1-20. A system has an n-layer protocol hierarchy. Applications generate messages of length M bytes. At each of the layers, an h-byte header is added. What fraction of the network bandwidth is filled with headers? (一个系统有n层协议的层次结构。应用程序产生的消息的长度为M字节。在每一层上需要加上一个h字节的头。请问，这些头需要占用多少比例的网络带宽) 答：hn/(hn+m)*100% 1-28. An image is 1024 x 768 pixels with 3 bytes/pixel. Assume the image is uncompressed. How long does it take to transmit it over a 56-kbps modem channel? Over a 1-Mbps cable modem? Over a 10-Mbps Ethernet? Over 100-Mbps Ethernet? (一幅图像的分辨率为1024 x 768像素，每个像素用3字节来表示。假设该图像没有被压缩。请问，通过56kbps的调制解调器信道来传输这幅图像需要多长时间？通过1Mbps的电缆调制解调器呢？通过10Mbps的以太网呢？通过100Mbps的以太网呢?) 答：The image is 1024*768*3 bytes or 2359296 bytes.This is 18874368 bit. At 56,000 bits/sec, it takes about 337.042 sec. At 1,000,000 bits/sec, it takes about 18.874 sec. At 10,000,000 bits/sec, it takes about 1.887 sec. At 100,000,000 bits/sec, it takes about 0.189 sec. Chapter2 2-2. A noiseless 4-kHz channel is sampled every 1 msec. What is the maximum data rate? (一条无噪声4kHz信道按照每1ms一次进行采样，请问最大数据传输率是多少？)