浅析计算机安全与维护

随着科学技术的进步,特别是信息传播的迅猛发展,网络已经成为了2l世纪经济发展和人类文明进步的载体。然而,随着计算机的普遍使用,计算机安全问题已经随之成为了威胁到广大计算机用户重要问题。本文主要解析了计算机安全的相关问题,并且提出了维护计算机安全具体措施。     

基层银行计算机安全管理的现状与对策

近年来,随着计算机及网络通信等新技术在银行广泛应用,金融电子化、网上银行、现金支付系统等新业务为储户提供方便快捷服务的同时,给银行自身带来了众多安全隐患,还引发了许多资金风险,这一状况在基层银行分支机构潜伏性更大,笔者经过多年对基层银行计算机安全管理工作的实践了解,指出存在的问题,并提出一些对策建议。     

加密数据库系统中的密钥管理

在数据库的项加密方法的基础上，给出了一种新的密钥生成函数并证明了它是安全的提出了以主密钥表密钥、数据加密密钥不同保护对象的一种多级管理方案，对各级密钥的作用及生成方式和数据库系统使用的密码装置的功能作了详细讨论。     

会计电算化内部控制之浅见

会计电算化的内部控制是内部会计控制的特殊形式,主要是指内部管理控制和内部会计控制.财政部颁布的<内部会计控制规范--基本规范(试行)>中指出:"电子信息技术控制要求运用电子信息技术手段建立内部会计控制系统,减少和消除人为操纵因素,确保内部会计控制的有效实施".     

Analysis and Application for Integrity Model on Trusted Platform

To build a trusted platform based on Trusted Computing Platform Alliance (TCPA)‘s recommendation, we analyze the integrity mechanism for such a PC platform in this paper. By combinning access control model with information flow model, we put forward a combined process-based lattice model to enforce security. This model creates a trust chain by which we can manage a series of processes from a core root of trust module to some other application modules. In the model,once the trust chain is created and managed correctly,the integrity of the computer‘s hardware and sofware has been mainfained, so does the confidentiality and authenticity. Moreover, a relevant implementation of the model is explained.     

Building Intrusion Tolerant Software System

In this paper, we describe and analyze the hypothesis about intrusion tolerance software system, so that it can provide an intended server capability and deal with the impacts caused by the intruder exploiting the inherent security vulnerabilities. We present some intrusion tolerance technology by exploiting N-version module threshold method in con-structing multilevel secure software architecture, by detecting with hash value, by placing an ““““““““antigen““““““““ word next to the return address on the stack that is similar to human immune system, and by adding ““““““““Honey code““““““““ nonfunctional code to disturb intruder, so that the security and the availability of the software system are ensured.     

A Neural Network Approach for Misuse and Anomaly Intrusion Detection

An MLP(Multi-Layer Perceptron)/ Elman neural network is proposed in this paper, which realizes classification with memory of past events using the real-time classification of MI.P and the memorial functionality of Elman. The system‘s sensitivity for the memory of past events can be easily reconfigured without retraining the whole network. This approach can be used for both misuse and anomaly detection system. The intrusion detection systems(IDSs) using the hybrid MLP/Elman neural network are evaluated by the intrusion detection evaluation data sponsored by U. S. Defense Advanced Research Projects Agency (DARPA). The results of experiment are presented in Receiver Operating Characteristic (ROC) curves. The capabilites of these IDSs to identify Deny of Service(DOS) and probing attacks are enhanced.     

用DEBUG程序清除CMOS病毒

文章简要介绍了用DEBUG程序清除计算机CMOS病毒的方法和具体操作步骤。     

Nimda病毒的机理分析及防治技术研究

简述了计算机病毒的危害、侵入途径，并对计算机病毒的工作原理进行了分析，通过对Nimda病毒的危害、感染方式、防治等机理分析，给出了加强计算机安全防范的一些具体措施。     

基于数据挖掘的分布式协同入侵检测

将数据挖掘技术用于协同入侵检测，提出基于数据挖掘的协同入侵规则生成算法，采用基于数据挖掘的分布式协同入侵检测技术，可以有效的检测协同入侵，同时还具有对未知协同攻击模式的检测能力。