1 Safety management system
Information system security requires not only to take several measures from a technical perspective, but also to formulate clear security management rules and regulations from the perspective of organization and management to ensure the effectiveness of security technology implementation. Only relying on the strong support and guarantee of security management regulations can information security technical solutions be able to achieve the expected results.
In fact, the lack of management is a very important reason for the failure of information security. Statistics show that more than 70% of the factors that endanger the security of information systems come from within the organization. Security vulnerabilities caused by system administrators’ random configuration or untimely software upgrades, using fragile user passwords, downloading and using software from the network at will, setting up a dial-up server inside the firewall but not restricting account authentication, etc., and users are not aware of security Strong, lending or sharing your account with others at will. These management problems, no matter how superb security technology can not be solved, will put the information system in danger.
If there is no sound security regulations or security regulations cannot be implemented, even if the best security equipment and systems are designed and implemented, information system security is nothing but empty talk. Therefore, it is very necessary to establish a series of security regulations such as regular security inspection, password management, personnel management, policy management, backup management, log management, etc., to maintain the security of the information system.
In order to better implement security regulations, it is first necessary to establish and improve information system security committees, security teams, and security officers based on actual conditions. The members of the security organization shall be composed of staff in charge of leadership, security, information center, personnel, auditing and other departments, and experts from related departments may be hired when necessary. If necessary, the security organization can also set up a dedicated independent agency. The establishment of an information security department and security personnel can not only effectively formulate and implement security rules and regulations, but also improve the ability and speed of response to security incidents.
With the information security department and personnel, a security management system must be formulated. Only by establishing a sound security management system and consistently implementing it during the operation of the information system can it fundamentally provide a good and solid foundation for the normal operation of the information system and the implementation of information system security technology. The safety management system should include the following main aspects:
(1) Computer room safety management system.
(2) System operation management system, including system startup, shutdown, system status monitoring, system maintenance, etc.
(3) Personnel management system, including management personnel, designers, operators, personnel changes, etc.
(4) Software management system.
(5) Data management system.
(6) Password and password management system.
(7) Virus prevention and control management system.
(8) User registration and information management system.
(9) Work record system.
(10) Data backup system.
(11) Audit system.
(12) Safety training system, etc.
In addition, if there is a system but not implemented seriously, it is equal to no system. Therefore, only in the operation of the system, the mutual cooperation and cooperation among management personnel, operators, and users, and jointly abide by the established safety regulations, can ensure information The security measures of the system are useful and effective.
In short, there are many aspects involved in information security. Only when all aspects are comprehensively managed can on this basis, together with the adopted security technology and equipment, effectively guarantee the security of the information system.
2 Computer crime and related laws and regulations
With the continuous development of computer technology, various intrusions and attacks on information systems are increasing day by day, and the resulting impacts and losses are also increasing. Some incidents have even seriously endangered national security, economic development and social stability. Therefore, improving information security is no longer limited to adopting appropriate security technical measures and improving security rules and regulations. It is also necessary to correctly use legal means to deal with increasingly serious computer crimes and avoid major losses.
2.1 Computer crime
The so-called computer crime refers to the act of harming the integrity or normal operation of the computer system through illegal operations or other means through the use of computer systems. The object of computer crime is the computer system or its data, including computer equipment, system programs, text data, calculation data, graphic tables, etc.
The so-called illegal operation refers to all operations performed on the computer system that are not in accordance with the operating procedures or beyond the scope of authorization. Illegal operation is the direct cause of damage to the computer system. Computer crimes appear and develop with the development of computer technology, and have different characteristics in different historical periods.
In general, computer crime can be divided into two stages.
The first stage is the computer stand-alone era, that is, the early stage of computer crime, roughly from the 1950s to the 1980s. The main form of this period was computer fraud, aimed at stealing and destroying computer internal information.
The second stage is the age of computer networks, roughly from the 1980s to the present. During this period, due to the rapid development of computer networks and their wider application range, and the increasing complexity and popularization of computer software, computer crimes showed some new characteristics:
(1) Presenting the trend of internationalization
The development of the Internet transcends national boundaries, and what follows is the development of computer crimes from regional crimes to trans-regional and transnational international crimes.
(2) From the perspective of the targets of the crime, it spreads to all units and individuals in society
Computer crimes spread from the early attacks on financial systems and government agencies to the information systems of all other industries and departments; from attacks on the information systems of units and groups to attacks on personal information systems. The emergence of these two trends is because the computer has been popularized from the early special departments to many organizations and individuals in society.
(3) From the perspective of organizational form, the development of individual crimes to group crimes and organized crimes; from single-purpose crimes to comprehensive crimes
(4) From the perspective of criminal subjects, the range of persons involved is becoming wider and wider, and showing a trend of younger age
From the perspective of age structure, younger age and generalization are the main characteristics. From the perspective of the quality of criminals, they have developed from the early highly educated and highly skilled type to the general population. These are also due to the popularization of computer technology, which has enabled more and more people to learn more computer technology easily. Through long-term study and practice, young people and low-educated persons can gradually master these technologies and become computers. And the subject of cybercrime.
(5) In terms of the degree of harm, the consequences are getting more and more serious
Due to the development of the knowledge economy, the daily operations of various enterprises and institutions are increasingly dependent on information systems. A large number of important political, military and economic documents and data, as well as a large number of social wealth are concentrated in the information system, such as online banking, Stocks, etc. are often represented as data on accounts in computer systems. Once criminals intrude into such an information system, they will have a huge impact on national security, economic development, and social progress, and even cause irreparable losses.
(6) Stealing confidential information through the Internet will become one of the main forms of espionage
As more and more enterprises, institutions and individuals connect to the Internet, many of the confidential information and data are threatened by cyber theft. For systems without strict security measures, stealing confidential information through the network is more concealed and faster than other methods. For example, stealing user accounts and passwords through backdoor programs, gaining system privileges through system loopholes, and illegally stealing trade secrets. These computer crimes are obviously harmful. They affect social stability, endanger national security, disrupt economic order, affect public order, hinder the healthy growth of young people, and hinder the healthy development of high-tech industries. Therefore, legal means must be used to combat and punish all forms of computer crimes. Increasing the crackdown on cybercrime is an important task to ensure social stability and sustained economic development in our country.
2.2 my country's relevant laws and regulations
Computer crime has become a new form of criminal crime. my country's "Criminal Law" has added computer crime related content and divided computer crime into five types. One type is crimes that directly target computer information systems, and the other type uses computers as criminal tools to commit other crimes.
Specifically, the "Criminal Law" provides for computer crimes as follows:
- Article 285 (Crimes of Illegal Intrusion into Computer Information Systems) Whoever violates state regulations and intrudes into computer information systems in the fields of state affairs, national defense construction, or cutting-edge science and technology shall be sentenced to fixed-term imprisonment of not more than three years or criminal detention.
- Article 286 (Crimes of damaging computer information systems) Violation of national regulations by deleting, modifying, adding, or interfering with computer information system functions, causing the computer information system to fail to operate normally, with serious consequences, shall be sentenced to fixed-term imprisonment of not more than 5 years Or criminal detention; if the consequences are particularly serious, they shall be sentenced to more than 5 years in prison. In violation of national regulations, operations that delete, modify, or add data and applications stored, processed, or transmitted in the computer information system with serious consequences shall be punished in accordance with the provisions of the preceding paragraph. Those who deliberately make and spread computer viruses and other destructive programs that affect the normal operation of the computer system and have serious consequences shall be punished in accordance with the provisions of the first paragraph.
- Article 287 (Various Crimes Committed by Using Computers) Whoever uses computers to commit financial fraud, theft, embezzlement, embezzlement of public funds, stealing state secrets, or other crimes shall be convicted and punished in accordance with the relevant provisions of this Law. These regulations are extremely important for the large-scale promotion and application of various information systems in my country, for protecting the legitimate rights and interests of producers and users of information systems, and for the safe operation of information systems.
In addition to the "Criminal Law", in terms of information system security in my country, since 1994, the State Council and its relevant ministries have successively revised and promulgated a number of relevant laws and regulations and management regulations. There are express provisions. Therefore, in order to do a good job in information system security, it is necessary to understand these laws and regulations in detail, including the Constitution of the People’s Republic of China, the Criminal Law of the People’s Republic of China, the National Security Law of the People’s Republic of China, and the Law of the People’s Republic of China on Keeping State Secrets "Regulations of the People's Republic of China on the Security Protection of Computer Information Systems", "Interim Regulations of the People's Republic of China on the Management of International Networking of Computer Information Networks", "Public Security Regulations of the People's Republic of China", "Implementation of the Interim Regulations of the People's Republic of China on the Management of International Networking of Computer Information Network Measures, “Patent Law of the People’s Republic of China”, “Anti-Unfair Competition Law of the People’s Republic of China”, “Trademark Law of the People’s Republic of China”, “Customs Law of the People’s Republic of China”, “Standardization Law of the People’s Republic of China”, “About Reply to the "Hazardous Data" Issues Involved in the Regulations of the People’s Republic of China on the Protection of Computer Information System Security", "Regulations on Confidentiality of Science and Technology", "Administrative Measures for the Testing and Sales License of Computer Information System Security Special Products", and the Ministry of Public Security on "Notice on Filing with International Networking Computer Information Systems", "Administrative Measures for the Security Protection of Computer Information Networks and International Networks", "Administrative Regulations on Electronic Publications", "Interim Administrative Measures for the Registration of Domain Names of China Internet Networks", "Being in Open Operations" Interim Measures for the Administration of Approval and Administration of Telecommunications Services, “Administrative Measures for the Entry and Exit Channels of Computer Information Network International Networking”, “Administrative Measures for China’s Public Computer Internet International Networking”, “Chinese Public Multimedia Communication Management Measures”, “Computer Software Protection Regulations”, “Commercial Passwords” Management Regulations, “Computer Information System International Networking Confidential Management Regulations”, “Computer Virus Prevention Management Measures”, “Information Security Level Protection Management Measures”, etc.
