security services
1. Security services include peer entity authentication services, data confidentiality services, data integrity services, data source point authentication services, non-denial services and criminal evidence provision services, etc.
2. (1) Peer entity authentication service. The peer entity authentication service is used to confirm the legality and authenticity of the other entity when establishing links or data transmission between entities in the same layer of two open systems to prevent counterfeiting.
(2) Data confidentiality services. Data confidentiality services include a variety of confidentiality services. In order to prevent data between systems in the network from being intercepted or illegally accessed and leaked, password encryption protection is provided. The data confidentiality service can provide data confidentiality in both linked and unlinked ways, and can also protect data in user-selectable fields.
(3) Data integrity services. Data integrity services are used to prevent illegal entities from modifying, inserting, deleting exchanged data, and preventing data loss during the data exchange process. Data integrity services can be divided into: Link mode data integrity with recovery function; Link mode data integrity without recovery function; Link mode data integrity for selected fields; Data integrity for selected fields without link mode; Data integrity without link mode Integrity.
(4) Data source point authentication service. The data source authentication service is used to ensure that data comes from the real source to prevent counterfeiting.
(5) Denial of service is prohibited. The no-denial service is used to prevent the sender from denying that he has sent the data after sending the data, and the receiver to deny that he has received the data or forge the received data after receiving the data. It consists of two services: no-deny sending and no-deny. Providing services for receiving
(6) criminal evidence. It refers to providing various digital evidences, information clues, etc. for behaviors or activities that violate domestic and foreign laws and regulations.
safety technology
Security technology mainly involves encryption, digital signature technology, prevention and control, data integrity, authentication, data mining, etc.
Engineering basics
The construction of information security systems is carried out at all levels of the OS I network reference model. Therefore, information security system engineering activities are inseparable from other related projects, mainly including: hardware engineering, software engineering, communication and network engineering, data storage and disaster recovery Engineering, system engineering, test engineering, cryptography engineering and organizational information engineering, etc.
ISSE-CMM Basics
1. Information Security System Engineering Capability Maturity Model (ISSE CMM) is a method of measuring the implementation capabilities of information security system engineering. It is an engineering process-oriented method. 2. ISSE C is mainly used to
guide information security systems. The improvement and improvement of engineering make information security system engineering a clearly defined, mature, manageable, controllable, effective and measurable discipline.
3. ISSE-CMM is mainly suitable for engineering organizations, acquisition organizations and evaluation organizations.