| Information Security is a new integrative intersectional subject inosculate with modem cryptograph, computer network Security and secrecy communicate theory. It has abstruse theoretic topics and widely applied requirement. I study it from two sides: discussing in theoretic and application in factual. Part 1 (Chapter 1 - 4) establishes theoretic basic framework of Information Security in systematically and integrally. I make a demonstration in theory for comparative security of information system with Simmons authentication theory. We introduce new information security framework of Parker through analyzing and studying basic elements. Systematically analyzed basic principle and method of security models, extend the definition of the security model which toward object, give a assumption of security model base on the proof of zero-knowledge. After read CC and CEM roundly, synthetically introduced the Common Criteria for IT security evaluation from the Common Evaluation Methodology, evaluation principle, evaluation assurance, evaluation process and evaluate conclusion. In Part 2 (Chapter5)I give a design of security information system, which synthetically considered files encryption and digital signature on application layer, terminal protection and web secret transformation, the scheme contains the Net files Encryption and Digital signature system (NP_E&D), Personal Computer Protect and Counter system (PC P&C) and the Web Web Secure Proxy to Proxy system (Web SPP), each of them can used as independence security application system, It also can compose an security secrecy engineering system with more security functions and more security mechanism when use them synthetically. And there give a design of high speed encrypt card for the Advanced Encryption Standard?AES and a key management system proposal of public public-key system.
|
PDF Full Text Request