CISSP- Security Architecture and Design.pdfVIP免费

SecurityArchitectureandDesignXuHui,CISSPEmail:china.xuhui@gmail.com2013/3/12CISSPExpectationsUnderstandthefundamentalconceptsofsecuritymodels,e.g.,confidentiality,integrity,andmultilevelmodels理解信息安全模型的基本概念UnderstandthecomponentsofinformationsystemsecurityevaluationmodelsProductevaluationmodels,e.g,commoncriteriaIndustryandinternationalsecurityimplementationguidelines,e.g.,PCI-DSS,ISO理解信息安全评价模型的基本概念：产品模型（如CC），实施指南（如PCI-DSS）Understandsecuritycapabilitiesofinformationsystems,e.g.,memoryprotection,virtualization,trustedplatformmoduleTPM理解信息系统的安全功能，如虚拟化、可信计算模块2CISSPExpectation->CISSPExpectationsUnderstandthevulnerabilitiesofsecurityarchitecturesSystem,e.g.,covertchannels,stateattacks,emanationsTechnologyandprocessintegration,e.g.,singlepointoffailure,service-orientedarchitecture(SOA)理解信息安全架构的脆弱性UnderstandapplicationandsystemvulnerabilitiesandthreatsWeb-based,e.g.,XML,SAMLClient-based,e.g.,appletsServer-based,e.g.,dataflowcontrolDatabasesecurity,e.g.,inference,aggregation,datamining理解应用和系统的脆弱性和威胁Understandcountermeasureprinciples,e.g.,defenseindepth理解信息安全措施的一些理论3CISSPExpectation->Topics※1.ComputingArchitecture计算架构※2.SecurityModels安全模型※3.Evaluation,Certification,andAccreditation安全评估、认证1.COMPUTINGARCHITECTURE计算架构OpenandClosedSystems•Anopensystem（开放式系统）usesopenhardwareandstandards,employingoff-the-shelfcomponentsfromavarietyofvendors.AnIBM-compatiblePCisanopensystem,usingastandardmotherboard,memory,BIOS,CPU,andsoforth.YoumaybuildanIBM-compatiblePCbypurchasingcomponentsfromamultitudeofvendors.•Aclosedsystem（封闭式系统）usesproprietaryhardwareorsoftware.ComputingArchitecture->ComputerArchitecture•ALU(ArithmeticLogicUnit):performsmathematicalcalculations;thatis,it“computes.”ItisfedinstructionsbytheCU(controlunit)ComputingArchitecture->CISCandRISK•CISC(ComplexInstructionSetComputer)复杂指令集(较早)–usesalarg...