外文翻译---深入理解安致系统的安全性

计算机网络安全与防范外文翻译文献(文档含中英文对照即英文原文和中文翻译)翻译：计算机网络安全与防范1.1引言计算机技术的飞速发展提供了一定的技术保障，这意味着计算机应用已经渗透到社会的各个领域。

在同一时间，巨大的进步和网络技术的普及，社会带来了巨大的经济利润。

然而，在破坏和攻击计算机信息系统的方法已经改变了很多的网络环境下，网络安全问题逐渐成为计算机安全的主流。

1.2网络安全1.2.1计算机网络安全的概念和特点计算机网络的安全性被认为是一个综合性的课题，由不同的人，包括计算机科学、网络技术、通讯技术、信息安全技术、应用数学、信息理论组成。

作为一个系统性的概念，网络的安全性由物理安全、软件安全、信息安全和流通安全组成。

从本质上讲，网络安全是指互联网信息安全。

一般来说，安全性、集成性、可用性、可控性是关系到网络信息的相关理论和技术，属于计算机网络安全的研究领域。

相反，狭隘“网络信息安全”是指网络安全，这是指保护信息秘密和集成，使用窃听、伪装、欺骗和篡夺系统的安全性漏洞等手段，避免非法活动的相关信息的安全性。

总之，我们可以保护用户利益和验证用户的隐私。

计算机网络安全有保密性、完整性、真实性、可靠性、可用性、非抵赖性和可控性的特点。

隐私是指网络信息不会被泄露给非授权用户、实体或程序，但是授权的用户除外，例如，电子邮件仅仅是由收件人打开，其他任何人都不允许私自这样做。

隐私通过网络信息传输时，需要得到安全保证。

积极的解决方案可能会加密管理信息。

虽然可以拦截，但它只是没有任何重要意义的乱码。

完整性是指网络信息可以保持不被修改、破坏，并在存储和传输过程中丢失。

诚信保证网络的真实性，这意味着如果信息是由第三方或未经授权的人检查，内容仍然是真实的和没有被改变的。

因此保持完整性是信息安全的基本要求。

可靠性信息的真实性主要是确认信息所有者和发件人的身份。

可靠性表明该系统能够在规定的时间和条件下完成相关的功能。

这是所有的网络信息系统的建立和运作的基本目标。

浅析计算机网络安全（英文-含中文翻译）X X X X 学院计算机专业英语班级计科学号 12姓名日期 2015-12-Security of Computer Network System Abstract: This paper discussed the secure and dependable problem about the computer network system. On some aspects: the importance of network security basic theory function and the method of solving a problem etc. Good views for solving the problem are put forward. It strengthens people’s consciousness on network security.Key words: Computer network Virtual private network Encryption techniques FirewallIntroduction: Along with the computer network technology development the network security and the reliability have become the question of common interest by all users. The people all hoped their own network system can move reliably not external intruder disturbance and destruction .Therefore solves the network security and the reliable problem carefully is a guarantee the network normal operation’s premise and safeguard.First: the importance of the network security. With the information developing fast today the computer network obtained the widespread application but along with the network information transmission capacity growing faster some organizations and departments benefit the speed up with the service operation in the network while the data has also sufferedto extent attack and destruction. The aggressor may intercept the information in the network steals the user’s password the database information also may tamper with the database content the forge users status denies own signature. And what is more the aggressor may delete the database content the destroy node releases computer virus and so on. This cause data security and own benefit have received the serious threat. According to American FBI US Federal Bureau of Investigation invest the network security creates the economic loss surpasses 17 billion dollars every year.75 corporation report financeloss is because the computer system security problem creates. More than 50 safe threat come from inside. But only 59 loss could be possible estimate. In China the economic loss amount in view of financial domain and the bank negotiable securities computer system security problems creates has reached as high as several hundred million Yuan also sometimes occurs in view of other profession network security threat. Thus it can be seen regardless of is the mean attack or unconscious disoperation will all be able to bring the inestimable loss to the system. Therefore the computer network must have the enough strong security measure. Regardless of is in the local area network or in WAN the network security measure should be Omni-directional in view of each kind of different threat and the vulnerability so that it can guarantee the network information’s secrecy the integrity and the usability. Second: Network security rationale. International Standardization Organization ISO once suggested the computer security the definition was: “The computer system must protect its hardware the data not accidentally or reveals intentionally the change and the destruction.”In order to help the computer user discriminationand the solution computer network security problem the American Department of Defense announced “the orange peel book”orange book official name is “credible computer system standard appraisal criterion” has carried on the stipulation to the multiuser computer system security rank division. The orange peel book from low to high divides into the computer security four kinds of seven levels: D1 C1 C2 B1 B2 B3 A1.Above allD1 level does not have the lowest safety margin rank C1 and the C2 level has the lowest safety margin rank B1 and the B2 level has the medium safekeeping of security ability rank B3 and A1 belongs to the highest security rating. In the network concrete design process it should act according to each technology standard the equipment typethe performance requirement as well as the funds which in the network overall plan proposed and so on the overall evaluation determines one quite reasonably the performance high network security rank thus realization network security and reliability.Third: The network security should have function. In order to adapt the information technology development well the computer network application system must have following function: 1 Access control: Through to the specific webpage the service establishment access control system in arrives the overwhelming majority attack impediment in front of the attack goal. 2 Inspects the security loophole: Through to security loophole cyclical inspection even if attacks may get the attack goal also may cause the overwhelming majority attack to be invalid. 3 Attack monitoring: Through to specific webpage service establishment attack monitoring system but real-time examines the overwhelming majority attack and adopts the response themotion for example separation network connection recording attack process pursuit attack source and so on. 4 Encryption Communication: Encrypts on own initiative the communication may enable the aggressor to understand the revision sensitive information. 5 Authentication: The good authentication system may prevent the aggressor pretends the validated user. 6 Backup and restoration: The good backup and restores the mechanism may causes the losses when the attack as soon as possible restores the data and the system service. 7 Multi-layered Defense: The aggressor after breaks through the first defense line delays or blocks it to reach the attack goal. 8 Sets up the safe monitoring center: Provides the security system management the monitoring the protection and the emergency case service for the information system. Fourth: The network system safety comprehensive solution measures. If want to realize the network security function we should carry on theOmni-directional guarding to the network system and thus formulate the quite reasonable network security architecture. Below on the network system security problem proposes some guard measure. Physics safe may divide into two aspects: One is the artificial harm to the network the other is the network to the users. Most common thing is the constructor who did not understand to the buried cable clearly thus lead to the destruction of electric cable this kind of situation may through standing symbolized the sign guards against Has not used the structure wiring the network to be able to appear the user frequently to the electric cable damage this needs to use the structure wiring to install the network as far as possible Artificial or natural disaster influence when to consider the plan. The access control security the access control distinguishes andconfirms the user limits the user in the already activity and the resources scope which is authorized. The network access control safe may consider from following several aspects.1 password: The network security system most outer layer defense line is network users registering in the registration process the system would inspect the user to register the name and the password validity only then the legitimate user can enter the system.2 The network resources’host the attribute and the visit jurisdiction: The network resources mainly include the resources which shared files the shared printer network users and so on that all the network users can use. The resources were the host to manifest the different user to the resources subordinate relations such as builder modifier and group member and so on. The resources attribute expressed itself deposit and withdrawal characteristics as can read by who write or the execution and so on. The visit jurisdiction mainly manifests in the user to the network resources available degree in using assigns the network resources to be the host the attribute and the visit jurisdiction mayeffectively in the application cascade control network system security.3 Network security surveillance: The network surveillance is generally called for “the network management” its function mainly is carries on the dynamic surveillance to the entire network movement and handles each kind of event promptly. May understand simply through the network surveillance discovers and solves in the network security problem such as the localization network fault point seizes the IP embezzler the control network visit scope and so on.4 Audit and track: Network audit and track which is including the network aspect resources use network breakdown and system keeping. It composed generally by two parts: One the recording event soon each kind of event entirely records in the document. Two carries on the analysis and the statistics to.Data transmission security, transmission security requirements to protect the information on the network is transmitted to prevent the passive and active violations. The security of data transmission can take the following measures: (1) encryption and digital signature: digital signature is the receiver of data used to confirm the sender of the data is true and correct.(2) firewall: firewall (Firewall) is a security measure that is widely used in Internet. It can be used to set up a series of components in different network or network security domain. It can detect, limit and change the data flow of the firewall, and detect the information, structure and running status of the network as far as possible, so as to realize the network security. (3) Username or Password certification: the authentication method is the most commonly used as an authentication method for the operating system, telnet (remote login), rlogin (remote login), but the process is not encrypted, that is, password is easy to be monitored and decryption.(4) authentication using the algorithm: radius (Remote Authentication Dial protocol, OSPF (open routing protocol), SNMP Security Protocoluse shared Security Key (key), and the abstract algorithm (MD5) certification, but abstract algorithm is an irreversible process, therefore, in the authentication process, by the information cannot be calculated Security Key shared, so the sensitive information in the network transmission. The algorithmis mainly used on the market are mainly MD5 and SHA - 1. (5) authentication and encryption based on PKI: using PKI (public key system). This method has a high security level, which is integrated with the technology of the algorithm, asymmetric encryption, symmetric encryption, digital signature, and so on. This authentication method is currently used in the fields of email, application server access, customer authentication, firewall authentication, etc.. This kind of authentication method is very safe, but it involves a relatively heavy certificate management task. (6) virtual private network (VPN) technology: VPN technology mainly provides two-way communication in the public security, the transparent encryption scheme to ensure data integrity and confidentiality.In summary, for the security of computer network transmission, we must do the following. First, we should strictly limit access to the Internet users of the system information and resources, this function can be achieved by setting the Net Screen firewall on the access server. Second, we should strengthen the identity authentication of Internet users, using RADIUS and other special authentication server. On the one hand, it can achieve the unified management of Internet users account; on the other hand, in the process of identity verification using encryption means to avoid the possibility of leakage of the account. Third: The use of encryption technology in the process of data transmission, to prevent data theft. One way is to use for Business Security PGP to encrypt data. Another approach is to use the VPN technology provided by Net Screen firewall. VPN in the provision ofnetwork data encryption, but also provides a single user of the encryption software, that is, the use of software encryptiontechnology to ensure the security of data transmission.浅析计算机网络安全摘要：针对计算机网络系统存在的安全性和可靠性问题，本文从网络安全的重要性、理论基础、具备功能以及解决措施等方面提出一些见解，并且进行了详细的阐述，以使广大用户在计算机网络方面提高安全防范意识。

论维护ＡＳＰ应用程序的安全性【摘要】正确配置安全设置，以保护您的ASP应用程序不被未授权的用户访问和篡改。

该文提供了多种维护ASP应用程序的方法。

【关键字】ASP 安全性 Web服务器ASP是位于服务器端的脚本运行环境，通过这种环境，用户可以创建和运行动态的交互式Web 服务器应用程序。

ASP使用的ActiveX技术基于开放设计环境，用户可以自己定义和制作组件加入其中，使自己的动态网页几乎具有无限的扩充能力。

ASP还可利用ADO方便快捷地访问数据库,从而使得开发基于WWW的应用系统成为可能。

但是，千万不要轻视正确配置安全设置的重要性。

如果不正确配置安全设置，不但会使您的ASP应用程序遭受不必要的篡改，而且会妨碍正当用户访问您的asp文件。

Web服务器提供了各种方法，保护您的ASP应用程序不被未授权的用户访问和篡改。

1 NTFS 权限您可以通过单独的文件和目录应用NTFS访问权限来保护ASP应用程序文件。

NTFS 权限是We b服务器安全性的基础，它定义了一个或一组用户访问文件和目录的不同级别。

当拥有Windo ws NT 有效帐号的用户试图访问一个有权限限制的文件时，计算机将检查文件的访问控制表。

该表定义了不同用户和用户组所被赋予的权限。

如果用户的帐号具有打开文件的权限，计算机则允许该用户访问文件。

2 维护Globalasa的安全为了充分保护 ASP 应用程序，一定要在应用程序的Globalasa文件上为适当的用户或用户组设置NTFS文件权限。

如果Globalasa包含向浏览器返回信息的命令而您没有保护 Global asa文件，则信息将被返回给浏览器，即便应用程序的其他文件被保护。

而且，一定要对应用程序的文件应用统一的NTFS权限。

3 Web 服务器权限可以通过配置的Web服务器的权限来限制所有用户查看、运行和操作的ASP 页的方式。

不同于 NTFS权限提供的控制特定用户对应用程序文件和目录的访问方式，Web服务器权限应用于所有用户，并且不区分用户帐号的类型。

外文翻译--ASP. NET 中认证安全特征评述南京邮电大学通达学院毕业设计(论文)外文资料翻译学院：通达学院专业：网络工程学生姓名：班级学号：外文出处：Simulation of Time-Varying, Frequency-Selective Multipath Fading Channels forSpread-Spectrum Waveforms附件：1.外文资料翻译译文；2.外文原文指导教师评价：1．翻译内容与课题的结合度：□优□良□中□差2．翻译内容的准确、流畅：□优□良□中□差3．专业词汇翻译的准确性：□优□良□中□差4．翻译字符数是否符合规定要求：□符合□不符合指导教师签名：年月日附件1：外文资料翻译译文ASP. NET 中认证安全特征评述Narcisio Tumushabe ,谭冠正(音译)(中南大学计算机科学与信息技术学院, 湖南长沙410083)摘要:一个适用于任意的扩频信道模拟器传输任意随时间变化的波形，频率选择性多径瑞利衰落渠道的开发和实施。

都多普勒（或时间）的多样性和延迟（或频率）多样性被认为是在信道模型的siinuhtor是根据。

的信道被假定为是一个随时间变化的服从不相关的高斯信道，散射的假设。

模型由多个多普勒频移的分支抽头延迟线。

没有假设是由独立的通道水龙头。

仿真结果为平坦慢衰落，平快衰落，频率选择性慢衰落和频率选择快衰落的例子给出。

1 介绍多径衰落的一种现象，介绍了信号通过在多个所引起的失真的干扰传播路径上的通信信道。

很好一种时变多径衰落信道的例子是移动无线通信信道。

在移动无线电信道，多径传播时发生的信号从周围的物体反射，和相对运动发射机和接收机之间的介绍在通道中，表现为随时间的变化多普勒展宽谱中的多径组件。

模拟多径的最准确的方法衰落信道的使用实际记录的条宽带信道测量。

然而，由于系统性能分析的复杂性记录的数据，从理论上推导了信道模拟器原则是感兴趣的，特别是用于系统性能评价[我]。

系统安全的重要性导言：随着虚拟世界蓬勃发展，如今的虚拟财产直接与人民币划上了等号，于是QQ 帐号被盗、网上交易被黑司空见惯……另一方面，隐私照被窃、加密数据被破解，损失惨重。

系统遭到破坏，浪费时间就等于损失金钱。

系统安全的重要性不言而喻，我们都为它付出过沉重的代价。

本文旨在引领普通用户，轻松驾驭好系统安全，将威胁最小化。

这会是一趟其乐无穷的旅程……一、系统安全“自滤术”系统需要打安全补丁，是入门级用户都知道的事。

作为微软的用户，你需要养成“每月一补”的好习惯。

不能忽视的是，系统中仍存着“被遗忘的隐形杀手”。

1、更新或卸载老版本/不常用软件在互联网中，0day通常指外界还未获知的漏洞，而0day的发现者能轻易的利用它进行破坏，基于专业技术所开发的软件都可能存在0day，在国内外地下交易初具规模，0day让人防不胜防。

通过0day，可引发动网络攻击，计算机控制，数据窃取等一系列的麻烦。

两大知名播放器——暴风影音与realplayer均有过0day“前科”，realplayer的0day 入侵工具在百度中能轻易的下载到(图1)。

(图1)危险的“0day漏洞利用工具”泛滥高危软件：多媒体播放器类软件，娱乐平台、对战平台类软件。

解决方法：无用软件，你可以考虑卸载或升级最新版本。

2、关闭系统自动播放自动播放类病毒防不胜防，通常他们有着死灰复燃，自动运行与更新的本领。

系统缺省设置下，默认开放自动播放，是此类病毒传播极快的主要原因，只要我们关闭此功能，就能有效的做到防范。

关闭自动播放的方法有很多，可以通过软件法，如360安全卫士的系统防护设置，当然也可以不借助于任何软件噢！小技巧：希望大家可以养成，鼠标右键打开“可移动媒介”的习惯。

方法：XP下从开始菜单运行命令“gpedit.msc”，通过左侧菜单栏“计算机配置-管理模板-系统”内，如(图2)找到“自动播放”项，进行关闭操作。

(图2)3、关闭远程控制与网络共享关闭远程控制与网络共享，是保证计算机安全的重要手段，两者与关闭自动播放一样，能通过软件禁止，在这里为大家讲解一下如何关闭远程控制。

第10章计算机安全第一部分阅读和翻译A部分计算机安全计算机安全是信息安全技术的一个分支。

计算机安全的研究对象很多，包括保护信息不被盗窃或私藏，保全信息在界定的安全政策内的可用性。

计算机安全在计算机上添加了一些不同于大多数其他系统的要求，因为它们往往对计算机在被限制的条件下不该怎么做进行限制。

[1]这使得计算机安全特别具有挑战性，因为让计算机程序完全按照要求去执行是相当困难的。

此外，消极的要求，错综复杂的迷惑，需要详尽的测试来验证，这对大多数计算机程序来说是不切实际的。

（1）计算机安全提供了将消极的要求转化为积极的可执行的规则的技术。

正因为如此，计算机安全比很多计算机科学领域显得更为精确和专业。

提高计算机安全的典型方式可以包括以下内容：●只有那些不会危害计算机安全的才能进入计算机。

●对计算机程序实施规则的硬件机制，从而避免计算机安全只依赖软件。

●对计算机程序实施规则的操作系统机制，以避免过于信任计算机程序。

●规划战略，使计算机程序可靠和抵制崩溃。

航空领域的应用计算机安全对于几乎所有的依靠计算机系统的技术驱动的行业上是至关重要的。

基于系统和寻找弱点所在的计算机议题是维护操作工业的一个重要的部分。

计算机安全对航空工业尤其重要，因为所涉及的风险包括昂贵的设备和货物，运输基础设施和人的生命。

安全可能被不法的硬件或软件所危害，也可能被人为错误，和错误的操作环境所危害。

攻击计算机弱点的威胁可以源于破坏，间谍，工业竞争，恐怖袭击，机械故障和人为错误。

故意或无意滥用计算机系统的后果，在航空业的范围内导致了保密系统完整性的损失，从而可能导致更严重的问题，如数据被盗或丢失，网络和空中交通管制失灵，这样又可能导致机场关闭，飞机损失，乘客的生命损失。

控制弹药的军事系统可能会造成更大的风险。

一个适当的在机场攻击并不需要很高的技术或资金，因为就算机场停电也会引起世界范围的关注。

最简单的，可以说也是最难以追查的安全漏洞是在特定的无线电频率发射未经授权的通信信号。

南京工程学院毕业设计文献资料翻译（原文及译文）原文名称：Computer security课题名称：基于Windows平台的个人防火墙研究与设计学生姓名：井凯学号：208050517指导老师：郭丽红所在系部：通信工程学院专业名称：通信工程(计算机通信)2009 年 3 月南京目录英文原文： (3)Computer security (3)Hardware mechanisms that protect computers and data (3)Secure operating systems (4)Security architecture (5)Security by design (5)Early history of security by design (6)Secure coding (6)中文翻译： (8)计算机安全 (8)保护计算机和数据的硬件机制 (8)安全的操作系统 (8)安全架构 (9)安全设计 (9)早期历史的安全设计 (10)安全代码 (10)英文原文：原文地址：/wiki/Computer_securityComputer securityFrom Wikipedia, the free encyclopediaThis article is about computer security through design and engineering.Computer security is a branch of technology known as information security as applied to computers. The objective of computer security varies and can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy.Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do. This makes computer security particularly challenging because it is hard enough just to make computer programs do everything they are designed to do correctly. Furthermore, negative requirements are deceptively complicated to satisfy and require exhaustive testing to verify, which is impractical for most computer programs. Computer security provides a technical strategy to convert negative requirements to positive enforceable rules. For this reason, computer security is often more technical and mathematical than some computer science fields.Typical approaches to improving computer security (in approximate order of strength) can include the following:∙Physically limit access to computers to only those who will not compromise security.∙Hardware mechanisms that impose rules on computer programs, thus avoiding depending on computer programs for computer security.∙Operating system mechanisms that impose rules on programs to avoid trusting computer programs.∙Programming strategies to make computer programs dependable and resist subversion. Hardware mechanisms that protect computers and dataHardware based or assisted computer security offers an alternative to software-only computer security. Devices such as dongles may be considered more secure to the physical access required in order to be compromised.While many software based security solutions encrypt the data to prevent data from being stolen, a malicious program may corrupt the data in order to make it unrecoverable or unusable. Hardware-based security solutions can prevent read and write access to data and hence offers very strong protection against tampering.Secure operating systemsOne use of the term computer security refers to technology to implement a secure operating system. Much of this technology is based on science developed in the 1980s and used to produce what may be some of the most impenetrable operating systems ever. Though still valid, the technology is in limited use today, primarily because it imposes some changes to system management and also because it is not widely understood. Such ultra-strong secure operating systems are based on operating system kernel technology that can guarantee that certain security policies are absolutely enforced in an operating environment. An example of such a Computer security policy is the Bell-LaPadula model. The strategy is based on a coupling of special microprocessor hardware features, often involving the memory management unit, to a special correctly implemented operating system kernel. This forms the foundation for a secure operating system which, if certain critical parts are designed and implemented correctly, can ensure the absolute impossibility of penetration by hostile elements. This capability is enabled because the configuration not only imposes a security policy, but in theory completely protects itself from corruption. Ordinary operating systems, on the other hand, lack the features that assure this maximal level of security. The design methodology to produce such secure systems is precise, deterministic and logical.Systems designed with such methodology represent the state of the art of computer security although products using such security are not widely known. In sharp contrast to most kinds of software, they meet specifications with verifiable certainty comparable to specifications for size, weight and power. Secure operating systems designed this way are used primarily to protect national security information, military secrets, and the data of international financial institutions. These are very powerful security tools and very few secure operating systems have been certified at the highest level (Orange Book A-1) to operate over the range of "Top Secret" to "unclassified" (including Honeywell SCOMP, USAF SACDIN, NSA Blacker and Boeing MLS LAN.) The assurance of security depends not only on the soundness of the design strategy, but also on the assurance of correctness of the implementation, and therefore there are degrees of security strength defined for COMPUSEC. The Common Criteria quantifies security strength of products in terms of two components, security functionality and assurance level (such as EAL levels), and these are specified in a Protection Profile for requirements and a Security Target for product descriptions. None of these ultra-high assurance secure general purpose operating systems have been produced for decades or certified under the Common Criteria.In USA parlance, the term High Assurance usually suggests the system has the right security functions that are implemented robustly enough to protect DoD and DoE classified information. Medium assurance suggests it can protect less valuable information, such as income tax information. Secure operating systems designed to meet medium robustness levels of security functionality and assurance have seen wider use within both government and commercial markets. Medium robust systems may provide the same security functions as high assurance secure operating systems but do so at a lower assurance level (such as Common Criteria levels EAL4 or EAL5). Lower levels mean we can be less certain that the security functions are implemented flawlessly, and therefore less dependable. These systems are found in use on webservers, guards, database servers, and management hosts and are used not only to protect the data stored on these systems but also to provide a high level of protection for network connections and routing services.Security architectureSecurity Architecture can be defined as the design artifacts that describe how the security controls (security countermeasures) are positioned, and how they relate to the overall information technology architecture. These controls serve the purpose to maintain the system's quality attributes, among them confidentiality, integrity, availability, accountability and assurance.In simpler words, a security architecture is the plan that shows where security measures need to be placed. If the plan describes a specific solution then, prior to building such a plan, one would make a risk analysis. If the plan describes a generic high level design (reference architecture) then the plan should be based on a threat analysis.Security by d esignThe technologies of computer security are based on logic. There is no universal standard notion of what secure behavior is. "Security" is a concept that is unique to each situation.Security is extraneous to the function of a computer application, rather than ancillary to it, thus security necessarily imposes restrictions on the application's behavior.There are several approaches to security in computing, sometimes a combination of approaches is valid:1.Trust all the software to abide by a security policy but the software is not trustworthy(this is computer insecurity).2.Trust all the software to abide by a security policy and the software is validated astrustworthy (by tedious branch and path analysis for example).3.Trust no software but enforce a security policy with mechanisms that are nottrustworthy (again this is computer insecurity).4.Trust no software but enforce a security policy with trustworthy mechanisms.Many systems have unintentionally resulted in the first possibility. Since approach two is expensive and non-deterministic, its use is very limited. Approaches one and three lead to failure. Because approach number four is often based on hardware mechanisms and avoids abstractions and a multiplicity of degrees of freedom, it is more practical. Combinations of approaches two and four are often used in a layered architecture with thin layers of two and thick layers of four. There are myriad strategies and techniques used to design security systems. There are few, if any, effective strategies to enhance security after design.One technique enforces the principle of least privilege to great extent, where an entity has only the privileges that are needed for its function. That way even if an attacker gains access to one part of the system, fine-grained security ensures that it is just as difficult for them to access the rest.Furthermore, by breaking the system up into smaller components, the complexity of individual components is reduced, opening up the possibility of using techniques such as automated theorem proving to prove the correctness of crucial software subsystems. This enables a closed form solution to security that works well when only a single well-characterized property can be isolated as critical, and that property is also assessable to math. Not surprisingly, it is impractical for generalized correctness, which probably cannot even be defined, much less proven. Where formal correctness proofs are not possible, rigorous use of code review and unit testing represent a best-effort approach to make modules secure.The design should use "defense in depth", where more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds. Defense in depth works when the breaching of one security measure does not provide a platform to facilitate subverting another. Also, the cascading principle acknowledges that several low hurdles does not make a high hurdle. So cascading several weak mechanisms does not provide the safety of a single stronger mechanism.Subsystems should default to secure settings, and wherever possible should be designed to "fail secure" rather than "fail insecure" (see fail safe for the equivalent in safety engineering). Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure.In addition, security should not be an all or nothing issue. The designers and operators of systems should assume that security breaches are inevitable. Full audit trails should be kept of system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks. Finally, full disclosure helps to ensure that when bugs are found the "window of vulnerability" is kept as short as possible.Early history of security by d esignThe early Multics operating system was notable for its early emphasis on computer security by design, and Multics was possibly the very first operating system to be designed as a secure system from the ground up. In spite of this, Multics' security was broken, not once, but repeatedly. The strategy was known as 'penetrate and test' and has become widely known as a non-terminating process that fails to produce computer security. This led to further work on computer security that prefigured modern security engineering techniques producing closed form processes that terminate.Secure codingIf the operating environment is not based on a secure operating system capable of maintaining a domain for its own execution, and capable of protecting application code from malicious subversion, and capable of protecting the system from subverted code, then high degrees of security are understandably not possible. While such secure operating systems are possible and have been implemented, most commercial systems fall in a 'low security' category because they rely on features not supported by secure operating systems (like portability, et al.).In low security operating environments, applications must be relied on to participate in their own protection. There are 'best effort' secure coding practices that can be followed to make an application more resistant to malicious subversion.In commercial environments, the majority of software subversion vulnerabilities result from a few known kinds of coding defects. Common software defects include buffer overflows, format string vulnerabilities, integer overflow, and code/command injection.Some common languages such as C and C++ are vulnerable to all of these defects (see Seacord, "Secure Coding in C and C++"). Other languages, such as Java, are more resistant to some of these defects, but are still prone to code/command injection and other software defects which facilitate subversion.Recently another bad coding practice has come under scrutiny:dangling pointers. The first known exploit for this particular problem was presented in July 2007. Before this publication the problem was known but considered to be academic and not practically exploitable.In summary, 'secure coding' can provide significant payback in low security operating environments, and therefore worth the effort. Still there is no known way to provide a reliable degree of subversion resistance with any degree or combination of 'secure coding.'中文翻译：计算机安全本文来自维基百科----自由的百科全书本文是通过设计和工程实践来阐述计算机安全。

2012 Fifth International Conference on Intelligent Computation Technology and AutomationAnalysis and Research of System Security Based on AndroidHan BingNorth China University of Technology, Beijing, ,100144, Chinajluhan_bin@Abstract—Android is a smart mobile terminal operating platform core on Linux. But due to its open-source software and programmable framework character, it leads the Android system vulnerable to get virus attacks. This paper has deeply researched from the Linux system security mechanism, Android-specific security mechanisms and other protection mechanisms. And on this basis, Android devices have achieved closely guarded on normal state. So that attackers can not use the kernel module or core library to get highest access permission and be attacked. Meanwhile, to further strengthen he security of Android devices, it enables them to properly handle the high-risk threat. This paper also strengthened intrusion detection system (HIDS) based on the host in order to detect malicious software and strengthen the Android system-level access control.Keywords-Android, System Security, Abnormity DetectionI. I NTRODUCTIONAndroid is a software stack for mobile devices that includes an operating system, middleware and key applications. The Android SDK provides the tools and APIs necessary to begin developing applications on the Android platform using the Java programming language.[1] Android is planned to run on many different types of devices. For developers, the range and number of devices means a huge potential audience: the more devices that run Android applications, the more users who can access application. In exchange, however, it also means that applications will have to cope with that same variety of hardware.Android platform is based on Linux technology and composed of operating system, user interface and application components. It allows developer freedom access and modify the source code. It is the free mobile terminal platform with open, the application program equality, no boundaries between applications, facilitate and rapid application development and other advantages. Its issuance breaks monopoly status of the Microsoft Windows Mobile operating system and Nokia's Symbian operating system in he smart mobile telephone platform, while the advantages of its platformalso greatly enriched the variety of handheld device software functions. It becomes the intelligent terminal market leader.Android platform is a set of software package for mobile devices, it includes an operating system, middleware and key applications. Android uses the most innovative characteristic.It allows anyone develop him own applications and freely distributed. But when open provides various conveniences for developers and users, it also increases the safety misery.Due to the lack application development and issuance of effective control, the user is likely downloaded and installed malicious written by software hackers. This will result in some or all of the features in the mobile telephone not work properly. So it deeply studies Android's security mechanisms, it can effectively enhance the protection ability and great significanceII. ANDROID P LATFORM ARCHITECTUREAndroid has built-in tools and support which make it easy for applications to do that, while at the same time letting the system maintain control of what types of devices application is available to. With a bit of forethought and some minor changes in application's manifest file, it can ensure that users whose devices can’t run application will never see it in the Android Market, and will not get in trouble by downloading it. This can explains how it can control which devices have access to its applications, and how to prepare its applications to make sure they reach the right audience.Android provides an open development platform and offers developers the capability to build greatly rich and innovative applications. Developers are free to be superiority of device hardware, access location information, run background service, set alarm, add inform to the status bar,and so on. Developers have full access to the same framework. The core applications use APIs. The application architecture is designed to simplify the reuse of components; any application can publish its abilities and any other application may then make use of those abilities. This same mechanism permits components to be replaced by the user.From top to bottom Android platform is composed of the Linux kernel, system libraries, Android run time, application framework and so on five parts. It is shown in Figure 1 of the following:A.Linux KernelAndroid relies on Linux 2.6 version. It provides core system services: security, memory management, process management, network group, driven model. The core part is equivalent to a abstract level between the hardware layer and other software in the systems,B. Library and Android RuntimeAndroid includes a set of C/C++ libraries. Various components of Android system are use now. These functions are exposed to developers through the Android application framework. Android's core libraries provide most of the function to the Java class libraries. Every Android application runs in its own process, and enjoys the proprietary instance distributed by Dalvik virtual machine,and support multiple virtual machines efficiently run on the same device.Figure 1. Android System ArchitectureC. Application FrameworkUpper core application program of Android system is reply on frame arrangement API development, application architecture can simplify component reuse mechanism. Any application can publish its own features. These functions can be used to any other application (of course, it is restricted from the framework constraints safety standards); and the same to reuse mechanism, the framework supports component replacement.D. ApplicationsAndroid applications are written in Java programming language. The Android SDK tools compile the code—along with any data and resource files—into an Android package, an archive file with an .apk suffix. All the code in a single .apk file is considered to be one application and is thefile that Android-powered devices use to install the application.The Android platform default includes a set of core applications. It includes home, browser, communication services, contacts and other applications. These applicationsare written by the Java programming language. It can provides developers a reference. As the Android platform applications equality, developers can write their own applications to replace the default applications provided by Android.III. ANDROID S YSTEM SECURITYThe core design idea of Android security architecture is as the following. In the default settings, all applications do not have permission for other applications, systems or users greater impact on the operation. This includes read and write user privacy data (contacts or e-mail), read and write otherapplications files, access the network or block devices and so on.Android's security mechanism is mainly reflected in two aspects: Android system security and data security. Android system security is referred to the protection of smart terminal itself to operating system. It can prevent unauthorized user external access and authorized service permission. It includes users' behaviour detection, operating authority and other measures. The data security is referred to ensure the integrity and legitimacy of stored data, it requires the system can properly transmit data, the authorization process successfully read data.A. Android system security protectionAndroid system safety inherited the design of Linux in the design ideology, Android provided security, memory management, process management, network management, drive model and other core service in the kernel. The kernel part is actually a abstract level between hardware abstraction layer and other software group. In practice operation, each Android application runs in its own process. Android system applications are run in some low-level function such as threads and low memory management; Android itself is a separate operating and permission system. In the operating system, each application runs with a unique system identity (Linux user ID and group ID). Each parts of the system were also using their own independent identification mode.The most security functions of the system are provided by the permission mechanism. Permission can be restricted to particular specific process operations, and can also restrict URL permission to access specific data segment.B. Android Data Security ProtectionAndroid is a operating system with privilege-separated. Each application runs with a distinct system identity in android. Parts of the system are also separated into distinct identities. So Linux separates applications from one another and the system. Additional finer-grained security features are provided by a "permission" mechanism that enforces restrictions on the specific operations that a particular process can perform, and per-URI permissions for granting ad-hoc access tospecific pieces of data. Data security mainly relies on software signature mechanism. Android and applications are both needed sign. When it releases, at first it need generate a public key andprivate key through development/tools/make_key. Thetools ./out/host/linux-x86/framework/signapk.jar provided by Android, the main role of signature is to modify program limited to the same source. The system has two main ways to detect. If the program is upgrade install, it needs check whether the signature certificate of old and new program areconsistent. If it is not the same, it will failed install. To application permission for the protected level of signature or signature or system, it will check the certificate of permission requester and permission of declarer is the same.It uses AndroidManifest.xml file to achieve software’s data security function. When the specified software services is called, the system first checks AndroidManifest. Xml file in the software, namely the software master configuration file. Which contains a <uses-permission> label to declare operating authority :<manifest><uses-permissionandroid:name="android.permission.READ_***" /><uses-permission android: name="android.permission.RECEIVE_***" /><uses-permissionandroid:name="android.permission.SEND_***" /></manifest>According to the permission declaration, system checks the relevant permission when software installation and calling. If the system will successfully execute when it own with the permission, otherwise it reject operation.IV. ANDROID SECURITY P ERFORMANCE I MPROVEMENTAlthough the Android security mechanisms has ensured through the system and data security mechanisms, but it does not mean that there is no android security risks. Current there is securityrisks exist and combined with today's mobile devices against attack, this paper has deeply researched on the android mobile devices based on Linux kernel attacks. To ensure system security requirements, it is necessary to implement detecting malicious software on mobile devices. The software has evaluated the running process. This framework relies on a lightweight agent and continuous samples various characteristics on the device. Using self-learning, adaptive method to analyze the collected data, and then infer the device's health status. Framework provides API extraction keyboard, touch screen, scheduling and memory and Linux kernel operating. Android devices have developed many applications. The SDK provides many tools to facilitate. These tools could be accessed according to the command line or AndroidDevelopment Tools. As Android could straight call the tools Developing with Eclipse. So it needs the preferred method when it develops applications.When it selects to develop another IDE or a simple text editor and calls the tools on the command line or with scripts. As it will have to call command line tools manually onoccasion, this is a less streamlined way to develop. At the same time it will haveaccess to the same number of functions that it would have in Eclipse. As the Android system is based on the Linux kernel, so it there exists a lot of vulnerabilities like Linux, it has become the focus of the current target attacked by hackers. Because it exist loophole, hackers have developed a number ofexploits to steal users' privacy, deductions and other malicious software. The malicious software can start malicious processes in the background through automatic network. It stole the privacy content of mobile telephones and directly threat user's security.Intrusion detection systemframework is designed as the following in figure 2:In order to further strengthen the Android system and underlying access control which belong to privileged user in critical Linux process. System adopts SELinux to avoid an attacker controlling the system process using high-privilege. When the system is running SELinux on Android.Experiments show that Android devices running on SELinux is feasible. The user can establish a customized security policy to improve the system security levelV. CONCLUSIONSThe Android’s goal is to establish a enormous installed base for developers to take advantage. One of the method it will accomplish this is according to different kinds of hardware running the same software environment. But it also recognizes that only developers know which kinds of devices their applications make sense on. It has builtin tools to the SDK and set up policies and requirements to ensure that developers remain in control of their apps, today and inthe future. With the information it just read, and the resources listed in the sidebar of this document, it can publish its application with the confidence that only userswho can run it will see it. In this paper, it has analysis Android system's security mechanisms with widely used in mobile platforms. It has separately introduced its system architecture, securitymechanism and safety problems. Through it has analysis Android security mechanisms and its components, it has set to the Android security, safety mechanism side, system security and data security. It has promoted system security to system permission. At the same time it analysis the Android security risks, it has deeply researched the attack based on Linux kernel. It has proposed security mechanisms based on SELinux policy theory to ensure system security on application program framework layer. Not only from the Linux kernel layer, it uses Android's security framework to ensure system security from the application layer intrusion, so it is essential to research and develop the method to protect the Android framework. This work will be the reference base to the Android further security analysis. ACKNOWLEDGMENTThe work is supported by "Science Park Cup" Studentsscientific and technological innovation projects "Design andImplementation of Personalized smart telephone lock/unlock " of North China University of Technology in 2011.REFERENCES[1] /guide/basics/what-is-android.html[2] Android Kernel Issues..[3] Benj amin Speckmann.The Android mobile platform[EB /OL].[2008-04-26].[4] http: Ġ /compsci /projects/Master_thesis-Benjamin_Specklnann.pdf㧚[5] Gong lei, zhou chong, Development and Research of mobile terminal application based on Android, [J]. Computer and Modernization,2008.86-89.[6] Shabtai A,Fledel Y,Elovici Y.Securing Android-powered mobiledevices using SELinux.IEEE Security & Privacy,2010:36 —44.[7] Chatterjee, S. Abhichandani, T. Haiqing Li.TuIu, B. Jongbok Byun.Instant messaging and presence technologies for collegecampuses[ J] . IEEE Net wo rk, 2005, 19 ( 3) : 22-33.[8] Chan Yeob YeunSalman Mohammed Al-Marzouqi. Practical Implementations for Securing V oIP Enabled Mobile Devices.International Conference on Network and System Security (NSS2009) 3rd.[9] ED P Saint..Andre. RFC3921, Ex tensible messag ing and presencepro tocol ( XM PP) : instant messag ing and presence[ S] . [ S. l. ] .IETF, 2004.[10] Shin W,Kwak S,Kiyomoto S,et al.A small but non-negligible flaw inthe Android permission scheme.IEEE International Symposium onPolicies for Distributed Systems and Net-works,2010:109 —110.[11] Shin W 㧘Kiyomoto S 㧘Fukushima K㧘et al 㧚A formal model to analyze the permission authorization and enforcement in the androidframework 㧚International Symposium on Secure Computing( SecureCom-10) 2010:944 —945.[12] Enck W 㧘Ongtang M 㧘McDaniel P㧚Understanding androidsecurity㧚IEEE Security 㧒Privacy 㧘2009;7(1):53—54.[13] Shabtai A,Kanonov U,Elovici Y.Intrusion Detection on mobiledevices using the knowledge based temporal-abstractionmethod.Systems and Software,2010;83(8):1527—1536.[14] Prince McLean.Inside google’s Android and Apple’s iPhone OS asbusiness models.roughlyDrafted Magazine.November 10,2009.翻译基于安卓系统安全性的分析和研究摘要：Android是一个智能移动终端操作系统基于Linux平台的核心。