摘要
计算机是信息系统的重要组成部分,它面临来自外部和内部的信息安全威胁。目前计算机终端上的防护方式主要针对来自网络和外部的病毒、木马和攻击等安全威胁,对于内部人员的疏忽和蓄意造成的泄密基本无能为力。此外,由于防护功能建立在待保护的计算机上,其本身可靠性受现有计算机硬件与操作系统的各种缺陷和漏洞的制约。文章提出了一种具备独立防护系统的安全计算机架构,理论分析和实践表明,该架构能够有效应对外部和内部的安全威胁,保护计算机本身及内部数据信息的安全。
As an important part of the information system, computer faces security threats from external and internal. The current way of protection, mainly against viruses, Trojans and other security threats and attacks from the network and external, has little effect on negligence and deliberate leaks from behavior of internal staff. Furthermore, the protection function is based on the computer to be protected, its own reliability is limited. This article proposes secure computer architecture with independent protection system, theoretical analysis and practice show that this architecture can effectively respond to external and internal security threats, protect the security of the computer itself and internal data information.
出处
《信息网络安全》
2014年第9期171-175,共5页
Netinfo Security
关键词
计算机
防护系统
双主机
可信计算
computer
protection system
dual host
trusted computing
