本文为科普文章,不适合从业多年的老鸟阅读,一段让普通人能够理解的基础文章,不去讨论高深的概念,也不去炫耀各种黑科技,用最原始的语言和最常识化的知识与大众讨论网络安全 。本文原创于2023年2月
刀耕火织之下,老祖先发明了结绳记事,然后有了符号和仓颉造字。作为一种文化的传播手段,从信息安全角度而言,更像是古人为了将自己知道的内容隐藏起来的一种手段,同时为了传承,他只需要将这些解释的方法告诉自己的后人或者信任者,也许这就是一种最古老的密码技术。
信息是需要传播的,为了统治本身,信息的传播本身也需要获得有效的保护。这种有限的传播是建立在野蛮的认知中。因为信息的传送在古代只能依赖于有限的生物,例如:飞鸽传书或者由人驱使的驿站;即使是烽火台也需要人根据一定的规则去燃放烟火以使观察手能够判断来敌的方向,人数,兵种等等;虽然凯撒密码能够更好的保护传递信息的保密性,但是最终人才是最脆弱的一环,任何时候,抓住传递信息或者持有信息解码能力的人用最野蛮的手段迫使其说出秘密,从而获取信息。最终使得信息的保密性最终需要源自人的可信,而这种可信传承至现在,甚至未来。
从传统信息安全角度来看,古人开始了信息的保密性(古老的编码)、完整性(火漆封装、笔迹)以及单薄的可用性(多个驿卒、多个传递者),这种保护由于受到技术、实现方法的影响,古人穷尽能力保护的是信息传递中的编码问题,因为精明的发送者清楚,不管是火漆还是笔迹都会被伪造而不管你有多少个传递者,你所要走的路径是有限的,只要能够封住你所有的路径(传输通道),信息就会被封死在发送端,一旦信息不可传递,信息的价值和意义也就失去了。
也许信息安全生来就是为统治阶级服务,信息保护从原始战争开始就成为作战中不可或缺的一个环节。“蛛丝马迹”两个风马牛不相及的事务在古人的智慧中,能够融合成一个活动所代表的正是初期的情报分析,而蛛丝和马迹两个无法用结构化语言描述的内容被完美的形成可分析的形态不正是大数据的雏形吗?古人用一组离散的符号通过预定义的组合来描述一种事物的形态,并通过这种形态来说明一类事件,构成了数据;当数据经过特定的分析,为一类事物进行说明和描述构成了信息。而情报就是在数据和信息之间不断的聚合和识别后形成固有的组合。
现代通信领域中,通信通道的识别和保护的争夺依旧是安全的争夺点,在很多的对抗中,真正被打破的是不为人知的开发信道,决定这种信道存在的焦点就是构成业务活动中杂乱无章的业务交互接口和数据接口,很多人会把这些问题归咎于软件API,然而,Interface范围远不止于此,业务支配数据,数据决定软件,软件依赖网络,网络依托物理设备于介质,因此,每个对应关系中都必然存在接口(Interface),这就使得Interface本身并不是一个个体,而是一个系统工程问题。
This article is a popular science article, not suitable for the old bird who has been in the industry for many years to read, a basic article that ordinary people can understand, do not discuss advanced concepts, do not show off various black technologies, use the most primitive language and the most common sense knowledge to discuss network security with the public. This article was originally published in February 2023
Under slash and fire weaving, the ancestors invented the knotted rope record, and then there were symbols and Cangjie characters. As a means of cultural dissemination, from the perspective of information security, it is more like a means for the ancients to hide what they know, and at the same time, in order to pass it on, he only needs to tell his descendants or trusters about these methods of interpretation, perhaps this is the oldest cryptographic technology.
Information needs to be disseminated, and in order to rule itself, the dissemination of information itself needs to be effectively protected. This limited spread is based on savage cognition. Because the transmission of information in ancient times could only rely on a limited number of creatures, such as: flying pigeons or man-driven post stations; even beacons need people to set off fireworks according to certain rules so that the observer can judge the direction of the enemy, the number of people, the class of troops, etc.; although the Caesar code can better protect the confidentiality of the transmitted information, but in the end the human being is the most vulnerable link, at any time, the person who catches the transmission of information or has the ability to decode the information uses the most brutal means to force him to tell the secret, so as to obtain the information. In the end, the confidentiality of information ultimately needs to be trusted by people, and this trustworthiness is passed on to the present and even the future.
From the perspective of traditional information security, the ancients began to protect information with confidentiality (ancient coding), integrity (fire paint encapsulation, handwriting) and thin usability (multiple postmen, multiple transmitters). The influence of the implementation method, the ancients exhausted their ability to protect the coding problem in the transmission of information, because the shrewd sender knew that whether it was fire paint or handwriting would be forged and no matter how many transmitters you had, the path you had to take was limited, as long as all your paths (transmission channels) could be sealed, the information would be sealed at the sending end, and once the information could not be transmitted, the value and meaning of the information would be lost.
Perhaps information security was born to serve the ruling class, and information protection has been an indispensable part of warfare since the beginning of primitive warfare. In the wisdom of the ancients, the two unrelated affairs of "clues" can be fused into one activity, which represents the initial intelligence analysis, and the two contents that cannot be described in structured language are perfectly formed into an analyzable form, isn't it the prototype of big data? The ancients used a set of discrete symbols to describe the form of a thing through a predefined combination, and through this form to illustrate a class of events, constituting data, when the data was analyzed in a specific way, the description and description of a class of things constituted information. Intelligence is an inherent combination of data and information that is constantly aggregated and identified.
In the field of modern communication, the battle for the identification and protection of communication channels is still the point of contention for security, in many confrontations, what is really broken is the unknown development channel, the focus of the existence of this channel is to constitute a chaotic business interaction interface and data interface in business activities, many people will blame these problems on software APIs, however,The scope of interface is far more than that, the business governs the data, the data determines the software, the software depends on the network, and the network relies on the physical device to the medium, therefore, there must be an interface in each correspondence, which makes the interface itself not an individual, but a system engineering problem.
原文始发于微信公众号(河南等级保护测评):漫谈网络安全(连载一)
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论