| 术语 | principles of secure systems |
| 释义 | principles of secure systems 安全系统的原则 In computer security, Saltzer and Schroeder enunciated the following principles of secure systems: (a) Simplicity—the accuracy of security measures, incorporated in hardware and software, can be more readily checked if those measures are simple and small.(b) Fail safe—accesses should require explicit authorization (i.e. the default situation is no access).(c) Complete mediation—checking of access against access control information must be performed under all circumstances including normal operation, maintenance, recovery, etc. (d) Separation of privilege—a twokey philosophy, with each key located in a separate compartment, ensures that a single failure does not result in a security break.(e) Least privilege—every process should operate with the minimum level of privilege necessary to perform the requisite task.(f) Least common mechanism—the use of shared mechanisms among users should be minimized for their mutual security. (g) User acceptability—security measures should not unduly interfere with the work of users while, of course, fulfilling all necessary security constraints. (h) Public scrutiny—security measures should be available for review by experts (e.g., encryption arithmetic can be widely publicized, with their security depending only on the secrecy of the cryptographic key). 在计算机安全学中,Saltzer和Schroeder阐明了安全系统的以下原则: (1) 简单性—简单的安全措施在硬件、软件的共同参与下其正确性很容易检查。(2) 故 障保险——存取操作都要求有明确的特许(即缺省情况下没有存取权限)。(3) 安全仲裁—— 在任何情况下,包括正常操作、维护、修复等都必须检查操作控制信息。(4) 权限分离—— 一种双保险策略,每个保险分别位于一个独立的部分,保证一个损失不会造成整个安全性受 损。(5) 最少权限——每一进程都在任务所需的最低权限下工作。(6) 最少共同机构——用 户间共享的机构应限制到最小程度。(7) 用户可接受性——安全措施应当既不过于干涉用 户的工作,又满足所有应有的安全性限制。(8) 公开审查——安全措施必须可以由专家进行 评审(例如,加密算法可以公之于众,其安全性仅依赖于密钥的保密程度)。 |
| 随便看 |
|
计算机英汉双解词典包含21137条计算机术语英汉翻译词条,基本涵盖了全部常用计算机术语的翻译及用法,是计算机学习及翻译工作的有利工具。