Interpretation: Thinking of Information Security Caused by Prism Door
It was exposed that the US National Security Agency (NSA) has implemented the top-secret electronic monitoring program, the Prism Project (PRISM), code-named "US-984XN". The Prism Project can provide in-depth monitoring of instant messaging and existing data. Data emails, video and voice chats, movies, photos, VoIP chat content, file transfers, log-in notifications, and social network details available in the PRISM program by the National Security Agency. When the acquisition and analysis of big data becomes the only way for the prism plan, it is inevitable that companies at the forefront of technology are involved in this plan. The document disclosed by Snowden stated that the prism project could allow intelligence personnel to access the servers of nine major technology companies through the "back door", including Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, You Tube, Apple . What about information security in China Someone once said that China's information security is virtually useless in the face of the "Eight Kings" (Cisco, IBM, Google, Qualcomm, Intel, Apple, Oracle, Microsoft) represented by Cisco. In terms of network infrastructure construction, taking Cisco as an example, some data show that in the past ten years, Cisco has participated in the construction of almost all large-scale network projects in China, involving government, customs, postal services, finance, railways, civil aviation, medical treatment, and military And other important industries. Cisco, China Telecom, China Unicom and other telecom operators, also participated in the network infrastructure. Among the two backbone networks of China Telecom 163 and China Unicom 169, which carry more than 80% of the Internet traffic in China, Cisco accounted for more than 70% of the share And occupy all super core nodes. And Microsoft, Google and Apple have the share of China's operating system. Microsoft is the absolute leader in the office software field, and it is also out of dominance in China. In addition, most of the hardware and software devices used by users in China come from the United States, and information can be easily monitored and filtered. All of this makes China's Internet vulnerable and even vulnerable, and it is easy for the United States to monitor China. In contrast, the encounter of Chinese companies in the United States Typically, Huawei and ZTE have never been able to open the US market mainly because of hidden concerns about network security issues. Last year, after an 11-month investigation of Huawei and ZTE, the US House of Representatives Intelligence Committee issued a report saying that US telecommunications operators should not cooperate with Huawei and ZTE, because these two companies "may Pose a threat to US national security. " How to consider security in the context of cloud computing and big data? Since 2009, cloud computing has entered a substantial development stage in China. Local governments represented by Shanghai, Beijing and Tianjin build government official clouds and public clouds for small and medium-sized enterprises; traditional telecommunications operators represented by China Mobile and China Telecom build private clouds for operation support systems. The recent rise of cloud services is another undercurrent. Through cooperation with domestic enterprises, Microsoft has realized the landing of Office 365 cloud computing office software and Windows Azure cloud computing platform in China. In December last year, the Chinese website of Amazon's AWS cloud computing product was quietly launched, and cloud computing services were also just around the corner in China. Apple and Google ’s app stores in China also have potential cybersecurity risks from grasping user data. The development and application of cloud computing are making profound changes in the field of IT, but while it improves the efficiency of the use of IT resources, it also brings shocks and challenges to information security at multiple levels. The most typical security issue is "personal data will be leaked". Users can use the cloud platform to carry out some security attacks, or use some calculations to crack passwords. The security problems that have been exposed in cloud computing are as follows: from 2007 to 2008, the Amazon cloud platform experienced a large-scale failure; in 2009, Google's personal information leakage occurred in Google; in 2009, Microsoft's cloud platform appeared Crashed, causing data loss; on April 22, 2011, Amazon's cloud data center servers experienced a large-scale downtime. This incident is the most serious cloud computing security incident in Amazon history. In the era of cloud computing, security is still a key issue of concern to industry and academia. What are the security issues facing cloud computing? Cloud computing services are provided based on broadband networks, especially the Internet, and face various traditional security threats, and security problems are magnified as the system scales. On the other hand, compared with traditional computing models, cloud computing has the characteristics of openness, distributed computing and storage, borderless, virtuality, multi-tenancy, separation of data ownership and management rights. At the same time, the cloud contains a lot of software and The service is based on various standards, the amount of data is huge, and the system is very complex, so it faces new security challenges in terms of technology, management, and law. In addition, the massive amount of important user data stored in the cloud computing system has greater temptation for attackers. If the attacker successfully attacks the cloud system in some way, it will bring cloud computing service providers and users Significant losses, therefore, the security of cloud computing is facing a more severe test than ever. Compared with traditional IT security, the unique security problems of cloud computing mainly include the following four aspects: (1) Security issues caused by cloud computing platforms. Cloud computing platforms gather a large number of users and data resources, which is more likely to attract hackers to attack. Once a failure occurs, its impact range is more and the consequences are more serious. In addition, its openness also puts forward higher requirements for the security of the interface. In addition, multiple tenants are integrated on the cloud computing platform, and how to securely isolate information resources among multiple tenants has also become a prominent issue in cloud computing security. (2) Technical and management issues in a virtualized environment. The traditional physical security-based protection mechanism is difficult to effectively protect user applications and information security in a shared virtualized environment. In addition, the cloud computing system is so large, and it is mainly calculated through virtual machines. Once a failure occurs, how to quickly locate the problem is also a major challenge. Traffic Facilities,Waterproof Traffic Facilities,Outdoor Traffic Facilities,Traffic Control Devices Yangzhou Heli Photoelectric Co., Ltd. , https://www.heli-eee.com