入侵計算機的特點和破壞安全的類型(中英對照)

CHARACTERISTICS OF COMPUTER INTRUSION AND KINDS OF SECURITY BREACHES

           
1．CHARACTERISTICS OF COMPUTER INTRUSION
           
　　The target of a crime involving computers may be any piece of the computing system．A computing system is a collection of hardware，software，storage media，data，and persons that an organization uses to do computing tasks．Whereas the obvious target of a bank robbery is cash，a list of names and addresses of depositors might be valuable to a competing bank．The list might be on paper，recorded on a magnetic medium，stored in internal computer memory，or transmitted electronically across a medium such as a telephone line．This multiplicity of targets makes computer security difficult．
　　In any security system，the weakest point is the most serious vulnerability．A robber intent on stealing something from your house will not attempt to penetrate a two-inch thick metal door if a window gives easier access．A sophisticated perimeter physical security system does not compensate for unguarded access by means of a simple telephone line and a modem．The“weakest point”philosophy can be restated as the following principle．
　　Principle of Easiest Penetration．An intruder must be expected to use any available means of penetration．This will not necessarily be the most obvious means，nor will it necessarily be the one against which the most solid defense has been installed[1]．
　　This principle says that computer security specialists must consider all possible means of penetration，because strengthening one may just make another means more appealing to intruders[2]．We now consider what these means of penetration are．
   
2．KINDS OF SECURITY BREACHES
   
　　In security，an exposure is a form of possible loss or harm in a computing system；examples of exposures are unauthorized disclosure of data，modification of data，or denial of legitimate access to computing．A vulnerability is a weakness in the security system that might be exploited to cause loss or harm．A human who exploits a vulnerability perpetrates an attack on the system．Threats to computing systems are circumstances that have the potential to cause loss or harm；human attacks are examples of threats，as are natural disasters，inadvertent human errors，and internal hardware or software flaws[3]．Finally，a control is a protective measure—an action，a device，a procedure，or a technique一that reduces a vulnerability．
　　The major assets of computing systerns are hardware，software，and data．There are four kinds of threats to the security of a computing system：interruption，interception，modification，and fabrication．The four threats all exploit vulnerabilities of the assets in computing systems．These four threats are shown in Fig. 18-1．

�。�1）In an interruption，an asset of the system becomes lost or unavailable or unusable．An example is malicious destruction of a hardware device，erasure of a program or data file，or failure of on operating system file manager so that it cannot find a particular disk file．
�。�2）An interception means that some unauthorized party has gained access to an asset．The outside party can be a person，a program，or a computing system．Examples of this type of failure are illicit copying of program or data files，or wiretapping to obtain data in a network．While a loss may be discovered fairly quickly，a silent interceptor may leave no traces by which the interception can be readily detected[4]．
�。�3）If an unauthorized party not only accesses but tampers with an asset，the failure becomes a modif ication．For example，someone might modify the values in a database，alter a program so that it performs an additional computation，or modify data being transmitted electronically．It is even possible for hardware to be modified．Some cases of modification can be detected with simple measures，while other more subtle changes may be almost impossible to detect．
�。�4）Finally，an unauthorized party might fabricate counterfeit objects for a computing system．The intruder may wish to add spurious transactions to a network communication system，or add records to an existing data base．Sometimes these additions can be detected as forgeries，but if skillfully done，they are virtually indistinguishable from the real thing．
　　These four classes of interference with computer activity—interruption，interception，modification，and fabrication—can describe the kinds of exposures possible．Examples of these kinds of interferences are shown in Fig. 18-2．
        

NOTES
[1]not…，nor結構，譯為“既不…也不…”，against which…為定語從句，修飾前面的one，one代表means。
[2]主句中由that引出的是賓語從句。because引出的原因狀語從句中，主語為strengthening one，more appealing為賓語補足語。
[3]由分號隔開的長句，后一句有插入語as are natural disasters。
[4]While引出的是讓步狀語從句，可譯為“雖然…”。

KEYWORDS
    breach  破壞，缺口，違背                  attack   攻擊
    vulnerability 脆弱性                      interception  截獲，竊聽
    penetration  滲入，穿透                   threat   威脅
    exposure  暴露                            fabrication  偽造，建造

EXERCISES
Multiple choices．
（1）A computer system is a collection of             ．
          a．hardware      b．software
          c．persons       d．data
（2）An intruder may use              to penetrate a computer system．
          a．the most obvious means    b．the less obvious means
          c．any available means       d．one fixed way
（3）A sophisticated perimeter physical security system             ．
          a．can compensate for unguarded access by telephone line
          b．can not compensate for unguarded access by telephone line
          c．can compensate for unguarded access by a modem
          d．can not compensate for unguarded access by a modem
（4）The weakest point is             ．
          a．the easiest penetration      b．the most serious vulnerability
          c．expected by any intruder     d．difficult to break
（5）The major assets of computing systems are             ．
          a．hardware      b．software
          c．data          d．all of them
（6）Interruption can cause asset of system           ．
          a．useful          b．unusable
          c．unavailable     d．lost
（7）Unauthorized party can be             ．
          a．a computer system     b．a person
          c．legal user            d．a program
（8）Examples of modification include             ．
          a．modification of the values in a data base
　　　　　b．altering a program
          c．modifying data being transmitted
　　　　　d．making the operating system unavailable
（9）Fabrication intrusion includes             ．
          a．to add spurious transaction   b．to interrupt a system
          c．to fabricate objects          d．to add records
（10）There are              kinds of threats to the security of a computer system．
          a．three      b．four
          c．five       d．six

答案：
（1）a，b，c，d       （2）b，c  
（3）b，d             （4）a，b，c   
（5）a，b，c，d       （6）b，c，d   
（7）a，b，d          （8）a，b，c
（9）a，c，d          （10）b

翻譯：

入侵計算機的特點和破壞安全的類型

1．入侵計算機的特點
    對計算機犯罪的目標可以是計算機系統的任何部分。計算機系統是指硬件、軟件、存儲媒體、數據和部門中用計算機去完成計算任務的人的集合。銀行搶劫的目標顯然是現金，而儲戶姓名和地址清單對競爭的銀行來說是很有價值的。這種清單可以是書面上的、記錄在磁介質上的、存儲在內存中的或通過像電話線那樣的媒體以電子方式傳送的。這么多的目標使得處理計算機安全問題很困難。
    任何安全系統，最薄弱點是最致命的。一個強盜要偷你房間中的東西，如果破窗而入更容易，他絕不會穿過兩英寸厚的鐵門。很高級的全范圍實物安全系統并不能防范通過電話線和調制解調器這種簡單的無設防接入。最“薄弱點”法則可用下述原理描述。
    最容易滲入原理。入侵者必定要使用一種可以滲入的方法，這種方法既不一定是最常用的，也不一定是針對已經采取了最可靠防范措施的。
    這一原理說明計算機安全專家必須考慮所有可能的攻擊方法。也許正是由于你加強了某一方面，入侵者可能會想出另外的對付方法。我們現在就說明這些滲入的方法是什么。

2．破壞安全的類型
    在計算機系統中，暴露是一種使計算機系統安全喪失或受到傷害的一種形式；暴露的例子有非授權的數據泄露、數據修改或拒絕合法訪問計算機。脆弱性是安全系統中的薄弱環節，它可能引起安全的喪失或傷害。有人會利用脆弱性對系統進行罪惡的攻擊。潛在的引起安全喪失或傷害的環境是對計算機系統的威脅；人類的攻擊像自然災害一樣是一場災難，人們非故意錯誤和硬件或軟件缺陷一樣是威脅的例子。最后，控制是一種保護性措施（控制可以是一種動作、一個設備、一個過程或一種技術），控制的目的是減少脆弱性。
    計算機系統的主要資源是硬件、軟件和數據。有4種對計算機安全的威脅：中斷、截獲、修改和偽造。這4種威脅都利用了計算機系統資源的脆弱性，如圖18-1所示。
    （1）在中斷情況下，系統資源開始丟失，不可用或不能用。例如，惡意破壞硬件設備，抹除程序或數據文件或造成操作系統的文件管理程序失效，以致不能找到某一磁盤文件。
    （2）截獲是指某非授權用戶掌握了資源訪問權。外界用戶可以是一個人、一個程序或一個計算機系統。這種威脅的例子如程序或數據文件的非法復制，或私自搭線入網去獲取數據。數據丟失可能會很快被發現，但暗中的截獲者很可能并不留下任何容易檢測的痕跡。
    （3）如果非授權用戶不僅可以訪問而且可以篡改資源，則失效就成為修改了。例如，某人可以修改數據庫中的值，更改一個程序、以便完成另外的計算，或修改正在傳送的數據、甚至還可能修改硬件。某些情況下可以用簡單的測量手段檢測出所做的修改，但某些微妙的修改是不可能檢測出來的。
    （4）最后，非授權用戶可以偽造計算機系統的一些對象。入侵者企圖向網絡通信系統加入假的事務處理業務，或向現有的數據庫加入記錄。有時，這些添加的數據可以作為偽造品檢測出來，但如果做得很巧妙，這些數據實際上無法與真正的數據分開。
　　這4種對計算機工作的干擾（中斷、截獲、修改或偽造）表明了可能出現的幾種威脅類型，如圖18-2展示了這幾種干擾的實例。