Information security: network security system and network security model.

Network security assurance is a complex system engineering, which is a combination of security strategies, multiple technologies, management methods and personnel security quality. Generally speaking, the network security system is the highest-level conceptual abstraction of the network security guarantee system. It is composed of various network security units according to certain rules to jointly achieve the goal of network security. The network security system includes laws and regulations policy documents, security strategies, organizational management, technical measures, standards and specifications, security construction and operation, personnel team, education and training, industrial ecology, security investment and other elements. The construction of network security system has become an effective method to solve network security problems and an advanced solution to improve the overall network security capability.

Network security system:

(1) Network security system characteristics:

◆ Integrity: The network security system achieves security from an overall and long-term perspective . Network security units rely on, constrain and interact with each other in accordance with certain rules to form a network security protection method that integrates humans, machines and materials .

◆ Collaboration: The network security system relies on a variety of security mechanisms . Through the mutual cooperation of various security mechanisms , a systematic network security protection solution is built.

◆Procedural: For the protected objects, the network security system provides a procedural network security protection mechanism, covering the entire life cycle of the protected objects .

◆ Comprehensiveness: The network security system manages and controls security threats from multiple dimensions and levels , and builds network security functions such as protection, detection, response, and recovery.

◆ Adaptability: The network security system has a dynamic evolution mechanism and can adapt to changes and needs of network security threats .

(2) Purpose of network security system:

◆ Helps to systematically resolve network security risks , ensure business continuity and minimize losses;

◆ Conducive to strengthening the network security awareness of staff and standardizing the network security behavior of organizations and individuals;

◆ Conducive to comprehensive and systematic protection of the organization’s network assets and maintaining competitive advantage;

◆ Conducive to the organization’s business cooperation ;

◆ It is beneficial to the organization's cybersecurity management system certification, proving the organization's ability to protect important information , and improving the organization's visibility and trust;

Security models related to network security systems:

(1) BLP confidentiality model:

◆The Bell-LaPadula model is a computer security model that complies with military security policies , referred to as the BLP model. This model is used to prevent the spread of unauthorized information , thereby ensuring the security of the system.

◆ The BLP model has two characteristics : simple security characteristics and * characteristics :

▶ Simple security feature: The necessary condition for the subject to read access to the object is that the security level of the subject is not less than the security level of the object. The subject's category set contains all categories of the object, that is, the subject can only read downward, not upward .

▶ *Characteristics: The necessary condition for a subject to write access to an object is that the security level of the object dominates the security level of the subject, that is, the confidentiality level of the object is not less than the confidentiality level of the subject, and the category set of the object includes all categories of the subject, that is, the subject only You can write upwards, but not downwards .

(2) BiBa integrity model:

◆ The BiBa model is mainly used to prevent unauthorized modification of system information to protect the information integrity of the system. This model is similar to the BLP model, using subjects, objects, and integrity levels to describe security policy requirements.

◆ BiBa has three security features: simple security feature, * feature, calling feature:

▶ Simple security feature: The necessary condition for the subject to modify the access to the object is that the integrity level of the subject is not less than the integrity level of the object . The subject's category set contains all categories of the object, that is, the subject cannot read down .

▶ * Features: The integrity level of the subject is smaller than the integrity level of the object , and the object cannot be modified, that is, the subject cannot write upwards.

▶ Calling characteristics: The integrity level of the subject is lower than the integrity level of another subject, and another subject cannot be called.

(3) Information flow model:

◆The information flow model is a variant of the access control model , referred to as FM. This model does not check the subject's access to the object, but controls the transmission of information from one object to another based on the security attributes of the two objects .

◆ The information flow model can be used to analyze the covert channels of the system to prevent sensitive information from being leaked through covert channels . Covert channels usually manifest themselves as indirect reading of information generated by high-security subjects by low-security subjects . Covert channels are discovered through information flow analysis to prevent information leakage.

(4) Information assurance model:

◆ PDRR model: PDRR improves the traditional single security defense idea of only protection and emphasizes the four important links of information security assurance.

▶ Protection mainly includes: encryption mechanism, data signature mechanism, access control mechanism, authentication mechanism, information hiding, firewall technology, etc.

▶ Detection mainly includes: intrusion detection, system vulnerability detection, data integrity detection, attack detection , etc.

▶ Recovery content mainly includes: data backup, data repair, system recovery, etc.

▶ The contents of response mainly include: emergency strategy, emergency mechanism, emergency means, intrusion process analysis and security status assessment , etc.

◆P2DR model:

▶ The elements of the P2DR model consist of Policy, Protection, Detection, and Response . Among them, the security policy describes the security requirements of the system and how to organize various security mechanisms to achieve the security requirements of the system .

◆ WPDRRC model:

▶ The elements of WPDRRC consist of early warning, protection, detection, response, recovery and counterattack . The network security capabilities contained in the model are mainly early warning capabilities, protection capabilities, detection capabilities, response capabilities, recovery capabilities and counterattack capabilities .

(5) Capability maturity model:

◆ Capability Maturity Model (CMM for short) is a model for evaluating the maturity of an organization's capabilities . Maturity levels are generally divided into five levels:

♦ Level 1 - Informal execution: a random, disorderly, and passive process;

♦ Level 2 - Plan tracking: a proactive, non-systematic process;

♦ Level 3 – Well defined: Has formal, standardized processes;

♦ Level 4 - Halo control: a quantifiable process;

♦ Level 5 - Continuous Optimization: There is a process for continued optimization;

At present, the maturity models in network security mainly include SSE-CMM, data security capability maturity model, software security capability maturity model, etc.

▶ SSE-CMM ：

SSE-CMM is the System Security Engineering Capability Maturity Model . SSE-CMM includes engineering process categories, organizational process categories, and project process categories.

▶ Data security capability maturity model:

Data security capabilities are evaluated from four dimensions: organizational construction, system processes, technical tools and personnel capabilities :

Organizational construction: establishment of data security organizational structure, assignment of responsibilities, communication and collaboration;

Institutional process: Implementation of institutional norms and procedures in the field of key data security of the organization;

Technical tools: Solidify safety requirements or automate safety work through technical means and product tools;

Personnel capabilities: the awareness and professional abilities of personnel performing data security work;

▶ Software security capability maturity model:

The software security capability maturity model is divided into five levels . The main processes at each level are as follows:

CMM level 1 - patch repair;

CMM2 level - penetration testing, security code review;

CMM3 level - vulnerability assessment, code analysis, secure coding standards;

CMM Level 4 - Software security risk identification, SDLC implementation of different security checkpoints;

CMM Level 5 - Improve software security risk coverage to assess security gaps;

(6) Defense in depth type:

◆ The basic idea of the defense-in-depth model is to organically combine information network security protection measures . Deploy appropriate security measures for the protection objects to form multiple protection lines . Each security protection measure can support and remedy each other to block attackers' threats as much as possible.

◆ The security industry believes that the network needs to establish four lines of defense :

▶ Security protection is the first line of defense for the network, which can prevent intrusions and harm to the network;

▶ Security monitoring is the second line of defense for the network, which can detect intrusions and damage in time;

▶ Real-time response is the third line of defense of the network, keeping the network "unbreakable" when an attack occurs;

▶ Recovery is the fourth line of defense for the network, allowing the network to "come back to life" as quickly as possible after being attacked, minimizing the losses caused by security incidents;

(7) Layered protection model:

◆ The hierarchical protection model targets individual protection nodes and uses the OSI layer model as a reference to protect protected objects hierarchically. Typical protection levels are divided into physical layer, network layer, system layer, application layer, user layer and management layer , and then target For security threats at each layer, appropriate security measures should be deployed for layered protection;

(8) Level protection type:

◆ The hierarchical protection model is based on the importance of network information systems in national security, economic security, social stability and protection of public interests, etc., combined with the risks faced by the system, system-specific security protection requirements and cost expenses, etc., to divide it into Different security protection levels require corresponding security protection measures to ensure the security of information and information systems .

(9) Network survival model:

◆ Network survivability: refers to the ability of the network information system to continue to provide necessary services when the network information system is invaded . At present, the international network information survival model follows the " 3R " establishment method. First divide the system into an unbreakable secure core and a recoverable part . Then for a certain attack mode, the corresponding 3R strategy is given, namely resistance (Resistance), recognition (Recognition) and recovery (Recovery) . Finally, define the normal service mode that the network information system should have and the intrusion mode that may be exploited by hackers, and give the basic functional services and key information that the system needs to focus on protecting.

Network security system construction principles and security strategies:

(1) Network security principles:

◆ Systematic and dynamic principles: When establishing a network security prevention system, special emphasis should be placed on the overall security of the system, which is often referred to as the " barrel principle ", that is, the maximum volume of the barrel depends on the shortest piece of wood.

◆ Principle of in-depth protection and collaboration: Various network security technologies should complement and cooperate with each other, and give full play to their respective advantages under unified security strategies and configurations.

◆ Network security risks and hierarchical protection principles: The hierarchical protection principle refers to adopting appropriate network precautions to protect network assets based on the security level of network assets to achieve appropriate protection .

◆ Principle of standardization and consistency: The network system is a huge system project, and the design of its security system must follow a series of standards . Only in this way can the consistency of each subsystem be ensured and the entire system be safely interconnected, interoperable, and interoperable.

◆ Principle of combining technology and management: Integrate various safety technologies with the construction of operation management mechanisms, personnel ideological education and technical training, and safety rules and regulations .

◆ Safety first, prevention first principle: Network security should focus on prevention, otherwise it will be too late to remedy the situation. Especially in large networks, once attackers enter the system, it will be difficult to control the network security situation. Therefore, we should follow " Safety first, prevention first” principle.

◆ Security and development are synchronized, and business and security are equal: The construction of network security must realize unified planning, unified deployment, unified promotion, and unified implementation of information technology to ensure synchronized planning, synchronized construction, and synchronized operation to achieve security and development We should coordinate and advance hand in hand, ensure development with safety, and promote safety with development. Safety and development should be synchronized, and business and safety should be equal.

◆ Principles of human-machine-physical integration and industrial development: The construction of the network security system must rely on the development of the network information industry to achieve independence and controllability, safety and credibility, establish a network security ecosystem with sustainable and stable development, and control the key elements supporting the network security system .

(2) Network security strategy:

◆Cybersecurity policies are network security rules and requirements related to protected objects, which are mainly based on network security laws and regulations and network security risks.

◆ According to the network security needs of specific protection objects, network security policies contain different contents, but generally, a network security policy file should have the following contents:

▶ Scope of coverage: The topics, organizational areas, and technical systems covered by the document;

▶ Validity period: the validity period of the policy document;

▶ Owner: Specifies the owner of this policy document, who is responsible for maintaining the policy document and ensuring the integrity of the document. The policy document is signed by the owner and becomes official;

▶ Responsibility: Within the scope covered by this policy document, determine the person responsible for each security unit;

▶ Reference documents: cited reference documents, such as safety plans;

▶ Strategy main content: This is the most important part of the strategy document, which stipulates the specific strategy content;

▶ Review: stipulates the review of this policy document, including whether to conduct review, specific review time, review method, etc.;

▶ Violation handling: handling methods for non-compliance with the terms of this policy document;

The main components and construction contents of the network security system framework are:

(1) Network security system composition framework:

(2) Contents of network security strategy construction:

◆ The main work related to network security strategy is as follows:

▶ Investigate network security policy needs and clarify its scope;

▶ Impact analysis of network security policy implementation;

▶ Approved by superior leaders to support network security strategy work;

▶ Develop a draft network security strategy;

▶ Solicit opinions on network security strategies;

▶ Cyber security strategy risk stakeholder assessment;

▶ Superior leaders review and approve network security strategies;

▶ Release of network security policies;

▶ Evaluation and revision of network security policy effectiveness;

◆ In network information systems of general enterprises and institutions, network security strategies mainly include network asset classification strategy, password management strategy, Internet usage security strategy, network communication security strategy, remote access strategy, desktop security strategy, server security strategy, and application security. Strategies and other eight categories. Network security strategies are usually expressed through rules and regulations, operating procedures and technical specifications .

(3) Contents of network security organization system construction:

◆ The content of network security organization construction mainly includes the establishment of network security institutions, network security job establishment, network security talent team building, network security job training, and network security resource coordination .

◆ The network security organizational structure mainly includes: leadership, management, executive layer and external collaboration layer .

(4) Contents of network security management system construction:

◆ The network security management system involves five aspects : management objectives, management means, management subjects, management basis, and management resources .

(5) Network security infrastructure and network security service construction content:

◆ The network security infrastructure mainly includes: network security digital certification service center, network security operation center, and network security evaluation and certification center .

◆ Network security service types mainly include: network security monitoring and early warning, network security risk assessment, network security digital certification, network security protection, network security inspection, network security audit, network security emergency response, network security disaster recovery and backup, and network security evaluation and certification , network security electronic forensics , etc.

(6) Contents of network security technology system construction:

◆ Network security technology types can be divided into: protection technology, monitoring technology, recovery technology, and response technology .

(7) Contents of network information technology and industrial ecology construction:

◆ The main goal of network information technology and industrial ecology construction is to ensure that the network security system can be secure, independent and controllable , and that related technologies and products are safe and trustworthy .

(8) Cybersecurity education and training content:

◆Cybersecurity education and training are the basic work for building a network security system and the source of network security technological innovation.

(9) Contents of network security standards and specifications:

◆ Network information security standards and specifications are conducive to improving network security assurance capabilities and promoting scientific management of network information security.

(10) Network security operations and emergency response construction content:

◆ The goal of network security operations and emergency response is to monitor and maintain the network security status of network information systems.

(11) Network security investment and construction content:

◆ The main work contents of network security construction are as follows:

▶ Formulation and implementation of network security policies and standards;

▶ The establishment of network security organization and management agencies and staffing of positions;

▶ Network security project planning, design and implementation;

▶ Network security solution design and deployment;

▶ Acceptance, evaluation and delivery of network security engineering projects;

Reference cases for network security system construction:

(1) Network security level protection system application reference:

Article 21 of the "Cybersecurity Law of the People's Republic of China" stipulates that the state implements a network security hierarchical protection system. The hierarchical protection system is the characteristic and cornerstone of China's network security .

◆ The network security level protection work mainly includes five stages : rating, filing, construction and rectification, level evaluation, and supervision and inspection .

◆ The security protection levels of rated objects are divided into five levels: Level 1 (user independent protection level), Level 2 (system protection audit level), Level 3 (security mark protection level), and Level 4 (structured protection). Level), Level 5 (Access Verification Protection Level)

◆ The main changes in Cybersecurity Level Protection 2.0 include:

▶ First , the scope of objects has been expanded, and cloud computing, mobile Internet, Internet of Things, industrial control systems, etc. have been included in the standard scope, forming the requirements of "general network security requirements + network security expansion requirements for new applications".

▶ The second is to propose a triple protection architecture supported by "secure communication network", "security area boundary", "secure computing environment" and "security management center" .

▶ Third, the new standard of Level Protection 2.0 strengthens the requirements for the use of trusted computing technology and adds “trusted verification” control points at all levels . in:

♦ Level 1 requires the device’s system boot program, system program, etc. to be trusted and verified;

♦ At the second level , important configuration parameters and applications are added for trustworthy verification, and the verification results are formed into audit records and sent to the security management center;

♦ The third level increases the key execution links of the application for dynamic trust verification;

♦ Level 4 adds dynamic trust verification for all execution links of the application;

(2) Smart city security system application reference:

◆ The framework of the smart city security system takes security measures as the perspective, and is given from five aspects: smart city security strategy guarantee, smart city security technology guarantee, smart city security management guarantee, smart city security construction and operation guarantee, and smart city security foundation support The security elements of smart cities.

◆ Each element of the smart city security system is explained as follows:

▶ Smart city security strategy guarantee: clarify the overall policy of national smart city security construction , and constrain smart city security management, technology, construction and operation activities as required. The security strategic guarantee elements of smart cities include laws and regulations, policy documents and standards .

▶ Smart city safety management guarantee: Smart city safety management guarantee elements include decision-making and planning, organization and management, coordination and supervision, and evaluation and improvement .

▶ Smart city security technology guarantee: Aiming at establishing a city defense system in depth, various security defense methods are adopted from the five levels of the Internet of Things perception layer, network communication layer, computing and storage layer, data and service integration layer, and smart application layer , dynamically respond to smart city security technology risks. The functional elements of smart city security technology include protection, detection, response and recovery .

▶ Smart city security construction and operation assurance: The elements of smart city security construction and operation assurance include project implementation, monitoring and early warning, emergency response and disaster recovery .

▶ Smart city security infrastructure support: Smart city security infrastructure includes: key and certificate management infrastructure, identity management infrastructure, monitoring, early warning and notification infrastructure, disaster recovery backup infrastructure, and time synchronization infrastructure. Basic service support includes product and service qualification certification, safety assessment, safety testing, safety review, and consulting services .

(3) Intelligent transportation network security system application reference:

◆ The intelligent transportation network security system mainly includes the intelligent transportation network security management system, the intelligent transportation network security technology system, the intelligent transportation network security operation system, and the intelligent transportation network security evaluation system.

(4) ISO 27000 information security management system application reference:

◆ The information security management system (ISMS) is continuously improved in a cyclical manner in accordance with PDCA. The main steps are described below:

▶ Plan: Establish ISMS, identify information assets and their related security requirements; assess information security risks; select appropriate security control measures and manage unacceptable risks;

▶ Execution (Do): Implement and run ISMS, implement control and operation and maintenance management;

▶ Check: Monitor and evaluate ISMS;

▶ Act: Maintain and improve ISMS;

(5) NIST cybersecurity framework application reference:

◆ The framework begins by defining five core capabilities: identify, protect, detect, respond, and recover .

Study books: Information Security Engineer Tutorial