What does information security mainly include?

Information security mainly includes: 1. Physical security mainly includes environmental security, equipment security and media security; 2. Operational security mainly includes backup and recovery, virus detection and elimination and electromagnetic compatibility; 3. Information security ; 4. Security and confidentiality management.

#The operating environment of this article: Windows 7 system, Dell G3 computer.

Information security mainly includes the following five aspects, namely confidentiality, authenticity, integrity, unauthorized copying and security of the parasitic system.

Information system security includes:

(1) Physical security. Physical security mainly includes environmental security, equipment security and media security. Effective technical precautions should be taken in system central rooms that handle confidential information. Critical systems should also be staffed with security personnel for area protection.

(2) Safe operation. Operational security mainly includes backup and recovery, virus detection and elimination, and electromagnetic compatibility. The main equipment, software, data, power supply, etc. of the confidential system should be backed up and the system can be restored within a short period of time. Anti-virus and anti-virus software approved by the relevant national competent authorities should be used for timely detection and disinfection, including viruses and anti-virus software on servers and clients.

(3) Information security. Ensuring the confidentiality, integrity, availability and non-repudiation of information are core tasks of information security.

(4) Security and confidentiality management. The security and confidentiality management of classified computer information systems includes three aspects: management organization, management system and management technology at all levels. Establish a complete security management organization, establish security management personnel, establish a strict security and confidentiality management system, and use advanced security and confidentiality management technology to manage the entire confidential computer information system.

Information security itself covers a wide range, including how to prevent the leakage of commercial enterprise secrets, prevent young people from browsing inappropriate information, and leak personal information.

The information security system in the network environment is the key to ensuring information security, including computer security operating systems, various security protocols, security mechanisms (digital signatures, message authentication, data encryption, etc.), until security systems, such as Security vulnerabilities such as UniNAC, DLP, etc. may threaten global security.

Information security means that information systems (including hardware, software, data, personnel, physical environment and its infrastructure) are protected from being destroyed, altered, leaked, and the system is not for accidental or malicious reasons. Can operate continuously and reliably. Information services will not be interrupted, ultimately achieving business continuity.

Information security rules can be divided into two levels: narrow security and general security. Narrow security is based on the field of computer security based on encryption. Early Chinese information security majors usually used this as the benchmark, supplemented by computer technology and communication network technology. Content related to programming; Information security in the broad sense is a comprehensive discipline, from traditional computer security to information security. Not only the name change is an extension of the development of security, security is not a purely technical issue, but a combination of management, technology and legal issues. Combine.

This major cultivates senior information security professionals who can be engaged in computers, communications, e-commerce, e-government and e-finance.

Information security mainly involves three aspects: the security of information transmission, the security of information storage and the audit of the information content transmitted over the network. Authentication Authentication is the process of verifying a subject in a network. There are generally three ways to verify a subject's identity. One is the secret known by the subject, such as passwords and keys; the second is the items carried by the subject, such as smart cards and token cards; the third is the unique functions or abilities that are only subject, such as fingerprints, voices, retinas or signatures. wait.

Extended information:

Protective measures that can be taken for computer network information security

1. The use of firewall technology is the main means to solve network security problems . The firewall method used in computer networks is to isolate the internal network from the external network through logical means. It protects the security of internal information within the network and at the same time prevents illegal intrusions by external visitors. It is a technology that strengthens the connection between the internal network and the external network. Firewalls physically protect the information security of computer networks by filtering, scanning and screening various data that communicate through their networks.

2. Intrusion detection of accessed data is a new generation of network information security protection method adopted after traditional security measures such as data encryption and firewalls. Intrusion detection collects information from key nodes in the computer network, analyzes and decodes it, and filters out whether there are factors that threaten the security of the computer network information. Once a threat is detected, a response will be made as soon as it is discovered. According to the different detection methods, it can be divided into intrusion detection systems, anomaly detection systems, and hybrid intrusion detection systems.

3. Encryption technology for network information is a very important technical means and effective measure. By encrypting the transmitted information, it can effectively protect the information transmitted in the network from being maliciously stolen or tampered with. In this way, even if the attacker intercepts the message, he cannot know the content of the message. This method enables some confidential data to be obtained only by those with access rights.

4. Controlling access rights is also one of the important protection methods for computer network information security. This method is based on identity authentication. When illegal visitors attempt to enter the system and steal data, access rights are used to block them. outer. Access control skills ensure that users can obtain information resources on the network normally and prevent illegal intrusions to ensure security. The contents of access control include: identification and authentication of user identity, access control and audit trail.

Related video recommendations: PHP programming from entry to proficiency

The above is the detailed content of What does information security mainly include?. For more information, please follow other related articles on the PHP Chinese website!