DNS—Domain Name Servers 域名服务 Computer Emergency Respon Team (CERT)计算机应急响应小组 The Department of Defen (DoD)国防部
The IATF is bad on the concept of an information infrastructure. An information infrastructure compris communications networks, computers, databas, management, applications, and consumer electronics and can exist at the global, national, or local level. The global information infrastructure is not controlled or owned by a single organization—“ownership” is distributed among corporate, academic, and government entities as well as by individuals. The Internet is an example of a global information infrastructure as is the global telecommunications network. Most organizations that communicate externally rely upon this global system in conducting their operations using a combination of global, virtual networks, dedicated networks, Wide Area Networks (WAN), and customized information systems.
走过花季qq微信
IATF 建立在信息基础设施的概念上。信息基础设施包括通讯网络、计算机、数据库、管理、应用和消耗性电子器件。它可以建立在全球、国家或本地的级别上。全球信息基础设施不受
某个机构的控制或归其所有。它的“所有权”分布于公司、院校、政府机构以及个人。Internet 就是一个全球信息基础设施。也是全球通讯网络。大多数对外联络通信的机构都依靠这个全球系统利用全球、虚拟网络、专用网、宽带网络(WAN)所定义的信息系统相结合来处理他们的商业。
To accomplish their various missions and to protect their critical functions, all organizations—both government and private ctor—have public and private information they need to safeguard. The mission or business environment determines how, and to what extent, specific information is protected. What is publicly releasable to one organization may be private to another, and vice versa. The Federal Government us specific categories for some of its private information under the heading of “classified information.” In general, the government recognizes four classification levels: unclassified, confidential, cret, and top cret. Within the classification levels, there may be subcategories specific to individual communities. Three of the classification categories—confidential, cret, and top cret—address private information. The fourth level of classification covers both private information (such as nsitive or Privacy Act Inf
ormation) and public information.
为完成各种任务和保护关键功能,包括政府部门与专有机构在内的所有机构都有其需要保护的公共和秘密信息。任务或商业环境决定了保护具体信息的方式与程度。被允许以公开方式发送给某个机构的信息对另一个机构而言可能具有保密性,反之亦然。联邦政府以“带密级的信息”为标题依据其专用分类标准规定了一些联邦政府专用信息的密级。一般地,这些密级按照秘密程度由低到高的次序分为以下4 种:无密级、保密、机密与绝密。在各级别中可能有用于特定团体的子级别。保密、机密与绝密这三个密级均指的是秘密信息,另一密级则包括一些专有信息(如:敏感信息或隐私法案所规定的信息)和一些公共信息。
Local Computing Environments.;副厨师长Enclave Boundaries (around the local computing environments).;Networks and Infrastructures.;Supporting Infrastructures.
本地的计算环境;域名 区域边界(本地计算环境的外缘); 网络和基础设施; 支持性基础设施。
The local ur computing environment typically contains rvers, clients, and the applicati
ons installed on them. Applications include, but are not limited to, tho that provide rvices such as scheduling or time management, printing, word processing, or directories.
局域用户计算环境如图1-4 所示。它包括服务器、客户以及其上所安装的应用程序。这些应用程序能够提供包括(但不仅限于)调度(或时间管理)、打印、字处理或目录在内的一些服务。
A collection of local computing devices interconnected via Local Area Networks (LAN), governed by a single curity policy, regardless of physical location is considered an “enclave.” As discusd above, becau curity policies are unique to the type, or level, of information being procesd, a single physical facility may have more than one enclave prent. Local and remote elements that access resources within an enclave must satisfy the policy of that enclave. A single enclave may span a number of geographically parate locations with connectivity via commercially purchad point-to-point communications (e.g., T-1, T-3, Integrated Services Digital Network [ISDN]) along with WAN connectivity such as the Internet.
平时英语“区域”指的是通过局域网相互连接、采用单一安全策略并且不考虑物理位置的本地计算设备的集合。如上所述,由于安全策略独立于所处理信息类型或级别。单一物理设备可能位于不同的区域之内。本地和远程元素在访问某个区域内的资源时必须满足该区域的安全策略要求。
The two areas addresd in the IATF are key management infrastructure (KMI), which includes Public Key Infrastructures (PKI), and detect and respond infrastructures.
IATF 所讨论的两个范围分别是:密钥管理基础设施(KMI),其中包括公钥基础设施(PKI);检测与响应基础设施。
The Department of Defen (DoD) has led the way in defining a strategy called untill牛腩炖萝卜Defen-in-Depth, to achieve an effective IA posture. The underlying principles of this strategy are applicable to any information system or network, regardless of organization. Esntially, organizations address IA needs with people executing operations supported by technology.
青屏山
Defen-in-Depth and the IATF:
Information infrastructures are complicated systems with multiple points of vulnerability. To address this, the IATF has adopted the u of multiple IA technology solutions within the fundamental principle of the Defen-in-Depth strategy, that is, using layers of IA technology solutions to establish an adequate IA posture. Thus, if one protection mechanism is successfully penetrated, others behind it offer additional protection. Adopting a strategy of layered protections does not imply that IA mechanisms are needed at every possible point in the network architecture. By implementing appropriate levels of protection in key areas, an effective t of safeguards can be tailored according to each organization’s unique needs. Further, a layered strategy permits application of lower-assurance solutions when appropriate, which may be lower in cost. This approach permits the judicious application of higher-assurance solutions at critical areas, (e.g., network boundaries).
