>> The CIA, Central Intelligence Agency, is the United States Service that gathers, processes,and analyzes national security information from around the world.
中央情报局是收集、处理和分析来自世界各地的国家安全信息的美国机构。
How fitting that we can use the letters differently to represent the CIA model,which describes three important goals for cybersecurity.
我们可以用不同的字母来代表CIA的模型,这是多么合适啊。CIA的模型描述了网络安全的三个重要目标。
The C stands for confidentiality.
C代表机密。
Cybersecurity requires privacy in data and information.
网络安全要求数据和信息的隐私。
Certain people, devices, or processes should be permitted or restricted from seeing data, files,and items, like username, password combinations.
应该允许或限制某些人员、设备或流程查看数据、文件和项,如用户名、密码组合。
Confidentiality is concerned with simply viewing data or information.
保密性只涉及查看数据或信息。
If the wrong people see data or information,and they're not authorized, many problems could arise.
如果错误的人看到了数据或信息,而且他们没有得到授权,那么可能会出现许多问题。
Company secrets, source code,personal identifiable information and more, should be safeguarded.
公司机密、源代码、个人身份信息等,应予以保护。
The main way confidentiality is accomplished is through encryption,which we'll cover in a future module.
机密性的主要实现方式是通过加密,我们将在以后的模块中介绍加密。
The I in this CIA model stands for integrity.
CIA模型中的I代表正直。
Cybersecurity requires us to feel safe that data transmitted, processed,and stored has not been changed from its original form,either accidentally or maliciously.
网络安全要求我们感到安全的是,传输、处理和存储的数据没有发生意外或恶意的改变。
If one bit of a message is changed, the whole message could change!
如果消息的某个位被更改,则整个消息可能会更改!
The difference between the words, hired and fired, that's one character!
“雇佣”和“解雇”这两个词的区别,就是一个字!
But those words mean very different things.
但是这两个词的意思完全不同。
Furthermore, the whole message itself could be corrupted and unreadable.
此外,整个消息本身可能被损坏,无法读取。
The main way integrity is accomplished is through hashing,which we'll also cover in a future module.
实现完整性的主要方法是哈希,我们将在以后的模块中介绍。
The last letter of CIA, the A, stands for availability.
CIA的最后一个字母A代表可用性。
With all your cyber security measures in place, dealing with hardware, software, people,processes, and more, users who are authorized to do their jobs should be able to do so.
有了所有的网络安全措施,处理硬件、软件、人员、流程以及更多,有权执行其工作的用户应该能够这样做。
You want to make sure that you don't fall victim to adistributed denial of service, DDos, attack and that you have full tolerance and load balancingin the event of a cybersecurity incident or disaster.
您希望确保自己不会成为分布式拒绝服务、DDos和攻击的受害者,并确保在发生网络安全事件或灾难时具有完全的容忍度和负载平衡。
转载于:https://www.cnblogs.com/sec875/articles/10299657.html
相关资源:Cloud.Computing.Security.Foundations.and.Challenges