Welcome to free paper download website

Economic other

You are here: Home > Economics > Economic other > content

On the financial information technology and information security

Author: Anonymous From: www.yourpaper.net Posted: 2010-06-29 04:31:20 Read:
Paper Keywords: financial information system of financial information information security security model
Abstract: This paper describes the significance of financial information, information security and security of information systems, information security conventional techniques, analysis of China in the process of financial information and financial information system, the process of building the problems pointed out the future development of directions.
The emergence and development of China's financial information technology
China's financial electronic construction began in the 1970s, in the mid-1980s, led by the People's Bank of China set up a leading group of electronic financial system, after a lot of research, the development of financial electronic construction planning and long-term development goals; 'Plan' to prepare 'Plan' laying the foundation 'Eighth Five-Year Plan' scale '95' basic electronic. In the last two or three decades, China's financial electronic construction experience, the historic four stages of development: the first stage, around the late 1970s to the 1980s, savings banks, public and other services to computer processing instead of manual operation; second stage, from the 1980s to the 1990s, step-by-step through the banking network processing; third stage, from about the late 1990s, the early 1990s, the nationwide the bank computer processing networking, Internet exchange, payment and settlement and business management, office progressive realization of computer processing; fourth stage, from now on, centralized business processing, the use of Internet technology and the environment, speed up financial innovation, and gradually develop online financial services, including online banking, online payment and so on. Science and technology are primary productive forces. When mankind into the 21st century, entered the era of knowledge economy is characterized by a network, information technology. In the face of this development opportunities, China's financial industry is also faced with the broader market after the accession to the World Trade Organization and the more severe competitive pressure from developed countries to the same industry. Of financial information is the inevitable choice of China's financial industry. The financial sector is an important part of the national economy, the core of the modern market economy, the financial information is the national information technology is essential, indispensable part. Of financial information is the financial industry to improve its competitiveness, reduce operating costs, improve service quality to cope with the inherent requirements of the increasingly fierce market competition, but also Yue Service, customs, trade and e-commerce and other national economic basis of the information. The financial information is not only to achieve business process automation and office automation, business networking, and further provide strong support for the electronic supervision, management and scientific decision-making, but also the financial service innovation, system innovation solid technical foundation.
2 gold contacts information system security
Security is the life of the financial information system. Growing financial information system, information is increasingly concentrated up, the increasing scale of the financial industry to its dependence increasing at the same time, the importance of financial information system security is also increasing. It is related to the survival and the success or failure of the operation of financial institutions, therefore, should be deemed capital of financial information systems security security, as is the life of the financial institutions. Financial information system security is not only the problem of the financial industry itself, it is closely linked with China's economic security, social security and national security, protect the stability of the financial sector development, and enhance the competitiveness and viability of an important part of financial information systems security has become a key issue of strategic importance in China's financial information construction.
According to the British PA Consulting Group survey in five years in the late 20th century, computer fraud each year the Bank of England loss 40 - 5 billion each year in the United States bank losses due to computer crime $ 5.5 billion, Deutsche Bank an annual loss of about $ 5 billion. In China, since July 1986 the first financial computer crime, the incidence increased year by year, causing huge losses to the bank. In 1997 and two years alone, the four state-owned commercial banks were 141 cases of computer crime, involved 166 people, involving 16,129 million, resulting in economic losses of 5853 million. Case report Comrade Zhu Ming base in Yangzhou with the use of the remote control transmitter device immersed in the bank's computer system to steal large sums of money on the instructions: "This is a signal that our bankers, we should pay attention to computer technology, can not fall behind the criminals'
2.1 information system threats and attacks
Information security Technically, the meaning of the following aspects: confidentiality, integrity, availability, authenticity, non-repudiation, controllability. The financial information system is a computer system in a network environment, it is the object of processing information. Information resources has inherent vulnerability, the high density of the information stored in the system, the electromagnetic radiation is generated when the information accessibility, information polyethylene endogenous system, facing the remanence effect of the magnetic media so that the system security risks. In summary, the financial information system threat mainly in three forms: the communication process facing the threat, threats and processing the stored procedure in the face of threat. The main means of attack of the financial information system theft, inference the velvet analysis (passive attack), posing as the tomb of change, playback, and virus (belonging to active attacks).


2.2 Information Security Technology
2.2.1 cryptographic techniques. Password technology is the core of the information security technology. Information system to ensure the confidentiality of information, the use of password encryption is the most effective way; to ensure the integrity of the information you can use the same password for the technical implementation of digital signature, authentication, by information integrity check to achieve ; protection of information systems and information for authorized use, the use of a password system registry management, access authorization management and effective way; controllability can also use a password and key management to ensure that electronic information systems.
Shannon "confidential communication theory in 1949, causing a revolution in cryptography, enabling the password truly become a science. Cryptography (Crypto-graphy) communication technology, the interdisciplinary between computer technology and applied mathematics, mathematics and computer science is an important tool, related to the disciplinary branch of number theory, information theory, algorithmic complexity theory. System of confidentiality Shannon model shown in Figure l.

Mid-1970s, the study of security and confidentiality of the two dramatic events: First, d} the FFE and Hellman published the new direction of cryptography, breaking its longstanding single key system is proposed new cryptosystem, public cryptosystem. The system allows without prior exchange of keys can establish a secure communication between the sender and the recipient. Second, the U.S. National Bureau of Standards (NBS) in 1977 and officially announced the implementation of the Data Encryption Standard (DES). The emergence of public cryptosystem is a major breakthrough in the study of modern cryptography, its main advantage is the use of the environment can be adapted to network openness, digital signature and authentication key management is relatively simple, you can easily and safely. The symmetric cryptosystem known algorithms developed by IBM DES algorithm and its various modifications (such as Tri discuss e DES), the European IDEA algorithm, Loki, RCA, RCS, etc.; open password the system under the more well-known algorithm RSA algorithm, backpacks password Diffe Hellman} ElGamal algorithm and so on. Compared to the confidentiality of communications security, computer security, confidentiality has more extensive, involving the security and confidentiality of computer hardware, software and data processing, etc.. In addition to follow the security and confidentiality of communications theory, methods and techniques, computer security confidentiality has its own unique content, and form their own research system. Main (subject) and the object (object) are two important concepts in the study of computer security and confidentiality, to protect the safety of the object, constitute the theme of access control to limit the authority of the main body. Information systems security and confidentiality of confidential with respect to the confidentiality of communications security and computer security at a higher level, it covers the confidentiality of communications security and computer security and confidentiality of all, the whole system of security and confidentiality as its target. Financial information system for its own high confidentiality and high-risk characteristics, different from the general information system, similar to the military system, high security and confidentiality needs.
2.2.2 access control technology. Limit the principal's privileges to prevent unauthorized access of non-authorized subject to the object is access control. The contents of the access control relates to the access control model, the access control policy, the access control mechanism, access control is achieved. Access control is established on the basis of the user identification, the system by a unique identifier to verify the legitimacy of the user decide whether to allow the user to enter the system. Certification always require users to provide enough specific information to be able to prove his identity, the information is confidential, one-way encryption algorithm can be encrypted and stored in the system. Password mechanism is a simple and convenient means of authentication, but relatively fragile. Biotechnology is a more promising approach, such as the retina, fingerprints, etc., but is limited to the technical conditions, yet not widely adopted. Information systems, there are a lot of subject and object. How the relationship between subject and object, the access rights of the subject to the object how to obtain access control study two basic problems. Of the relationship between subject and object access control database system. Subject, object, access control database to constitute access control basic model the relationship between the access control strategies.
 1/3    1 2 3 Next Last
Please consciously abide by Internet-related policies and regulations.
Tips: Log in to comment, the user name to enter comments directly from your personal space, so that more friends to meet you.

Economic other latest papers

Sponsored Links

Economic other papers Ranking

Latest free papers

Sponsored Links

Top