Въведение
Thesystemlevelreferstothelevelatwhichfilesorprogramsaremanaged.Itisgenerallythehighestlevelinthesystemandhasspecialpermissions.Forexample,insystemsecurity,themaintaskofsystem-levelsecuritymanagementistonotallowuncheckeduserstoenterthesystem,therebypreventingothersfromillegallyusingvariousresources(includingfiles)inthesystem.Themainmeasuresofsystem-levelmanagementare:registrationandlogin,andthetechnologyincludesaccesscontroltechnology.
SystemSecurity
Съдържание на SystemSecurity
Systemsecurityincludesthreeaspects,namelyphysicalsecurity,logicalsecurityandsecuritymanagement.Physicalsecuritymeansthatsystemequipmentandrelatedfacilitiesarephysicallyprotectedtopreventdamageorloss.Securitymanagementincludesvarioussecuritymanagementpoliciesandmechanisms.Logicalsecurityreferstothesecurityofinformationresourcesinthesystem,whichincludesthefollowingthreeaspects.
(1)DataSecrecy:referstokeepingconfidentialdatainaconfidentialstate,allowingonlyauthorizeduserstoaccessinformationinthecomputersystem(accessincludesdisplayingandprintinginformationinfiles)).
(2)DataIntegrity:Itmeansthatunauthorizeduserscannotmodifytheinformationstoredinthesystemwithoutauthorization,andcanmaintaintheconsistencyofthedatainthesystem.Modificationshereincludecreatinganddeletingfiles,addingnewcontenttothefile,andchangingtheoriginalcontent.
(3)SystemAvailability(SystemAvailability):Referstothenormalrequestofauthorizeduserstobeservicedorrespondedtoinatimely,correctandsafemanner.Inotherwords,theresourcesinthecomputercanbeaccessedbyauthorizedusersatanytime,andthesystemwillnotdenyservice.However,thesituationofsystemdenialofserviceiseasytooccurintheInternet,becausecontinuouslysendingrequeststoaservermayparalyzetheserver,sothatthesystemcannotprovideservice,whichismanifestedasadenialofservice.
Естеството на сигурността на системата
Systemsecurityissuesinvolveawiderangeofaspects.Itisnotonlyrelatedtothesecurityperformanceofthehardwareandsoftwareequipmentusedinthesystem,butalsorelatedtothesystemusedwhenconstructingthesystem.Themethodisrelated,whichleadstoamorecomplexnatureofsystemsecurityissues,whicharemainlymanifestedinthefollowingpoints:
(1) Многостранен. В широкомащабна система обикновено има множество рискови точки. Тези сериозни рискови точки включват физическа сигурност, логическа сигурност и управление на сигурността.
(2)Dynamic.Duetothecontinuousdevelopmentofinformationtechnologyandtheendlessemergenceofattackers,thesecurityissuesofthesystemhavebecomedynamic.Forexample,informationthatisstillveryimportanttodaymaybeuselesstomorrow,andnewcriticalinformationmaybegeneratedatthesametime.Anotherexampleisthattodayisstilltheattackmethodusedbymostattackers,butitisrarelyusedtomorrow.,Andanothernewattackmethodhasappeared.Thedynamicnatureofthissystemsecuritymakesitimpossibleforpeopletofindasolutionthatcansolvethesecurityproblemonceandforall.
(3)Hierarchical.Systemsecurityisaverycomplexprobleminvolvingmanyaspects,soitneedstobesolvedbythemethodofsystemengineering.Likelarge-scalesoftwareengineering,systemsecurityproblemsareusuallysolvedinahierarchicalmanner,andthefunctionsofsystemsecurityareorganizedinahierarchicalmanner,thatis,thesystemsecurityproblemsarefirstdividedintoanumberofsecuritytopics(functions)asthehighestlevel;thenOneofthesecuritytopicsisdividedintoseveralsub-functionsasthesecondhigh-level;afterthat,asub-functionisfurtherdividedintoseveralgrandchildren;thelowestlevelisasetofminimumselectablesecurityfunctions,whichcannotbedecomposed.Inthisway,multiplelevelsofsecurityfunctionsareusedtocoverallaspectsofsystemsecurity.
(4)Moderation.Atpresent,almostallenterprisesandpublicinstitutionsfollowtheprincipleofmoderatesafetywhenimplementingsystemsafetyprojects,thatis,accordingtoactualneeds,providemoderatesafetygoalstoachievethem.Thisisbecause:ontheonehand,duetothemulti-facetedanddynamicnatureofsystemsecurity,itisdifficulttoachievecomprehensivecoverageofsecurityissues;ontheotherhand,evenifsuchapossibilityexists,theresourcesandcostsrequiredarehigh.Unacceptable.Thisisthemoderationofsystemsecurity.
Интеграция на системно ниво
Theprocessofcomprehensivelyandsystematicallyanalyzingandtestingaproject,aproduct,orsoftware,afteritsformation,itsfunctionorresponsibilitychain.Intheproductionprocessofaproduct,thegeneralmethodistodividetheproductfunctionsatthemodulelevel,andthecorrespondingmodulelevelsynthesis,thatis,aftereachmoduleiscompleted,itsactualcompletedfunctionsaretestedinordertomeettheexpectedrequirements.Whenallthemodulesarecompleted,proceedtoassembly.Correspondingtoitissystemintegration.Itisatestingmethodthatallowstheinitiallyformedproducttoruninavarietyofpredictableman-madeenvironmentsinordertoobtainpossibleproblemssothattheproductcanbeimproved.
Tocompletethesystem-levelsynthesisisaverycomplicatedprocess,youfirstneedtohaveadeepknowledgeofthevariouspossiblesituationsandenvironmentsthattheproductwillface.Andyoumusthaveadeepunderstandingofthefunctionsyourproductneedstocomplete.
Whentheproductisinitiallyformed,weshouldknowthecouplingrelationshipbetweenthemodules,aswellasthe"intimacy"betweenthemodules,inordertopredicttheimpactonotherfunctionalmodulesafteramoduleisdamaged.Thesecondistotestthefunctionsthattheproductcancompleteonebyonetofindoutthefunctionalvulnerabilitiesanderrorsthattheproductdoesnotachieveorimplement.Finally,itisnecessarytotesttheperformanceoftheproductinthepossiblelimitstate,commonlyknownasthelimitconditiontest.Itmakesusknowtheresistanceandresistanceofthisproducttoharshconditions.
Система-върху-чип
Systemonachip(systemonachip),alsocalledsystem-on-a-chip,meansthatitisaproduct,anintegratedcircuitwithadedicatedtarget,whichcontainsThecompletesystemhasallthecontentsoftheembeddedsoftware.Atthesametime,itisakindoftechnologytorealizethewholeprocessfromdeterminingthesystemfunctiontodividingthesoftware/hardwareandcompletingthedesign.
Inanarrowsense,itisthechipintegrationofthecoreoftheinformationsystem,whichistheintegrationofkeycomponentsofthesystemonachip;inabroadsense,SoCisamicro-smallsystem,ifthecentralprocessingunit(CPU)isthebrain,soSoCisthesystemincludingthebrain,heart,eyesandhands.TheacademiccirclesathomeandabroadgenerallytendtodefineSoCastheintegrationofmicroprocessor,analogIPcore,digitalIPcoreandmemory(oroff-chipmemorycontrolinterface)onasinglechip.Itisusuallycustomizedbycustomersorforspecificpurposes.Standardproduct.
ThebasiccontentofSoCdefinitionismainlymanifestedintwoaspects:oneisitscomposition,andtheotherisitsformationprocess.Thecompositionofthesystem-on-chipcanbeasystem-on-chipcontrollogicmodule,amicroprocessor/microcontrollerCPUcoremodule,adigitalsignalprocessorDSPmodule,anembeddedmemorymodule,aninterfacemoduleforcommunicatingwiththeoutside,andaninterfacemodulecontainingADC/DACAnalogfront-endmodule,powersupplyandpowermanagementmodule.ForawirelessSoC,therearealsoradiofrequencyfront-endmodule,user-definedlogic(whichcanbeimplementedbyFPGAorASIC)andmicro-electromechanicalmodule.Moreimportantly,aSoCchipisembeddedwithBasicsoftware(RDOSorCOSandotherapplicationsoftware)modulesorloadableusersoftware,etc.Thesystem-levelchipformationorproductionprocessincludesthefollowingthreeaspects:
Softwareandhardwareco-designandverificationbasedonamonolithicintegratedsystem;
ReuseoflogicareatechnologyusageandproductioncapacityratioEffectivelyimprovethedevelopmentandresearchofIPcoregenerationandreusetechnology,especiallytherepeatedapplicationoflarge-capacitymemorymoduleembedding;
Теория и технология за проектиране на ултра-дълбоки субмикрони (UDSM), нано-интегрирани схеми.