请输入或粘贴题目内容
搜题
拍照、语音搜题,请扫码下载APP
题目内容
(请给出正确答案)
A.detect
B. detain
C. detach
D. destine
答案
更多“Scanners _____ discolored spots in sliced potatoes as they zoom by on conveyors.A、det”相关的问题
第1题
From the passage we know that ______.
A.virus scanners can identify a virus even if they don't have a signature for it
B.one of the weaknesses of the virus scanners is that they can't detect a known virus before it is executed
C.self mutating viruses which infect a file in a different way each time, can't be identified by a simple pattern search and therefore make the scanners ineffective
D.because virus scanners identify a virus by name, they can indicate only where on the hard driver infection has occurred
第2题
Which of the following is true about integrity checkers?
A.They detect a virus infection by recalculating the files' checksum and comparing it to the original.
B.Like scanners, they can only detect known viruses, but not unknown ones.
C.Compared to scanners, they are quite old.
D.Industry experts agree that integrity checking relies only on virus signature.
第3题
Computer Security
计算机安全
The techniques developed to protect single computers and network-linked computer systems from accidental or intentional harm are called computer security. Such harm includes destruction of computer hardware and software, physical loss of data, and the deliberate invasion of databases by unauthorized individuals.
Data may be protected by such basic methods as locking up terminals and replicating data in other storage facilities. More sophisticated methods include limiting data access by requiring the user to have an encoded card or to supply an identification number or passworD. Such procedures can apply to the computer data system as a whole or may be pinpointed for particular information banks or programs. Data are frequently ranked in computer files according to degree of confidentiality.
Operating systems and programs may also incorporate built in safeguards, and data may be encoded in various ways to prevent unauthorized persons from interpreting or even copying the material. The encoding system most widely used in the United States is the Data Encryption Standard (DES), designed by IBM and approved for use by the National Institute of Standards and Technology in 1976. DES involves a number of basic encrypting procedures that are then repeated several times. Very large scale computer systems, for example, the U. S. military Advanced Research Project Agency Network (ARPANET), may be broken up into smaller subsystems for security purposes, but smaller systems in government and industry are more prone to system-wide invasions. At the level of personal computers, security possibilities are fairly minimal.
Most invasions of computer systems are for international or corporate spying or sabotage, but computer hackers[1]may take the penetration of protected databanks as a challenge, often with no object in mind other than accomplishing a technological feat. Of growing concern is the deliberate implantation in computer programs of worms or viruses[2]that, if undetected, may progressively destroy databases and other software. Such infected programs have appeared in the electronic bulletin boards available to computer users. Other viruses have been incorporated into computer software sold commercially. No real protection is available against such bugs except the vigilance of manufacturer and user.
Anti-Virus Programs to the Rescue
There is a wide range of virus protection products available to combat the 11,000 known viruses that currently plague personal computers. These products range in technology from virus scanners to terminate and stay resident monitors, to integrity checkers to a combination of the three. Each of these techniques has its associated strengths and weaknesses.[3]
The most fundamental question that must be asked when considering and evaluating automated anti-virus tools is "how well does the product protect against the growing virus threat?" When developing a security program, companies must think long term. Not only must you choose a form of protection that can detect and safely eliminate today's varieties, but you must consider tomorrow's gully wash as well.[4]The real challenge lies in securing against the 38,000 new species that are expected to appear within the next two years. The 11,000 known viruses that have been documented to date represent what is only the tip of the iceberg in terms of what tomorrow will bring.
Virus Protection Methods
Today there exists three broad based categories of anti-virus techniques: scanners, memory resident monitors (TSRs), and integrity checkers.
Virus Scanners
Virus scanners are programs designed to examine a computer's boot block, system memory, partition table, and executable files,[5]looking for specific code patterns that are typical to known virus strains. Generally, a virus scanner is able to identify a virus by name and indicate where on the hard drive or floppy drive the infection has occurreD. Virus scanners are also able to detect a known virus before it is executeD. Virus scanners do a good job of detecting known viruses. They are generally able to find a virus signature if it is present and will identify the infected file and the virus. Some are faster than others, which is an advantage when checking a hard disk with thousands of files. But virus scanners have several major weaknesses.
First and foremost, scanners are completely ineffective against any virus whose code pattern is not recognizeD. In other words, scanners cannot identify a virus if they don't have a signature for it. Also, many of today's viruses are designed specifically to thwart scanners. These so-called stealth viruses know the correct file size and date for a program (i. e. , what they were before the virus infected them). They will intercept operations that ask for that information and return the pre-infection values, not the actual ones during a disk reaD. Some viruses can mutate slightly so that the original signature will be rendered ineffective against the new strain and can even result in file damage if recovery is based off virus signature assumptions. A new wave in virus authorship is the creation of self mutating viruses. These viruses infect a file in a different way each time, so it cannot be identified by a simple pattern search, rendering virus scanners ineffective.
Secondly, virus scanners are quickly rendered obsolete and require frequent, costly and time-consuming updates—which may be available only after serious damage has been done. The burden of constantly updating virus scanners, even if provided free of charge, can be a huge burden. In a corporate environment, where thousands of personal computers must be protected, simply distributing scanner updates in a timely and efficient manner and making sure they are installed is an enormous task.
I ntegrity Checkers
This is a relatively new approach, compared to scanners and monitors. Integrity checkers incorporate the principle modification detection. This technique safeguards against both known and unknown viruses by making use of complex file signatures and the known state of the computer environment rather than looking for specific virus signatures.
Each file has a unique signature (which is like a fingerprint-a unique identifier for that particular file) in the form of a CRC or a checksum. Changes in any character within the file will probably change the file's checksum. For a virus to spread, it must get into system memory and change some file or executable code.
An integrity checker will fingerprint and register all program files and various system parameters, such as the boot block, partition table, and system memory, storing this information in an on-line database. By recalculating the files checksum and comparing it to the original, integrity checkers can detect file changes that are indicative of a virus infection.
Industry experts agree that integrity checking is currently the only way to contend with tomorrow's growing virus threat. Since this methodology is non-reliant on virus signatures, it offers protection against all potential viruses, today's and tomorrow's.
Additionally, stealth viruses have historically been able to bypass integrity checkers. The only way users can be certain that their computer is 100 percent clean is to boot the system from a clean, DOS based disk and check the integrity of the information stored on this disk with the current state of the hard drive. Called the "Golden Rule" in virus protection, most integrity checkers fail to follow this security principle.
System Administrator
System Administrator, in computer science, is the person responsible for administering Use of a multiuser computer system, communications system, or both. A system administrator performs such duties as assigning user accounts and passwords, establishing security access levels, and allocating storage space, as well as being responsible for other tasks such as watching for unauthorized access and preventing virus or Trojan Horse[6]programs from entering the system. A related term, sysop (system operator), generally applies to a person in charge of a bulletin board system, although the distinction is only that a system administrator is associated with large systems owned by businesses and corporations, whereas a sysop usually administers a smaller, often home- based, system.
Hacker
Hacker, in computer science, originally, is a computerphile, a person totally engrossed in computer programming and computer technology. In the 1980s, with the advent of personal computers and dial up[7]computer networks, hackers acquired a pejorative connotation, often referring to someone who secretively invades others computers, inspecting or tampering with the programs or data stored on them. (More accurately, though, such a person would be called a cracker.) Hacker also means someone who, beyond mere programming, likes to take apart operating systems and programs to see what makes them tick.
Notes
[1]computer hackers:电脑黑客,指非法侵入他人计算机进行浏览或篡改程序或计算机上所存数据的人。
[2]Of growing concern is the deliberate implantation in computer programs of worms or viruses.越来越令人担心的是蓄意地把蠕虫程序或病毒植入计算机程序。
[3]These products range in technology from virus scanners to terminate and stay resident monitors,to integrity checkers to a combination of the three.Each of these techniques has its associated strengths and weaknesses.这些防病毒的产品从技术上有病毒扫描到内存驻留监督程序,从完整性检查到三者的结合程序,每一种有其相关的优点和缺点。
[4]gully wash:gully冲沟,檐槽。此处字面意义是“冲水槽”,可翻译成“但必须从长计议”或“考虑到未来的问题”。
[5]to examine a computer's boot block,system memory,partition table,and executable files:检查计算机的引导块、系统内存、分区表和可执行文件。
[6]Trojan Horse:特洛伊木马,一种欺骗程序。在计算机安全学中,一种计算机程序,表面上或实际上有某种有用功能,而含有附加的(隐藏的)可能利用了调用进程的合法特许来危害系统安全的功能。
[7]dial up:拨号呼叫,访问计算机的一种方法。计算机通过调制解调器连接到电话线路上,拨号上网。
Choose the best answer for each of the following:
第4题
Parallel Computer Models
并行模式
Parallel processing has emerged as a key enabling technology in modern computers, driven by the ever-increasing demand for higher performance, lower costs, and sustained productivity in real-life applications. Concurrent events are taking place in today's high- performance computers due to the common practice of multiprogramming, multiprocessing, or multicomputing.
Parallelism appears in various forms, such as lookahead, pipelining, vectorization, concurrency, simultaneity, data parallelism, partitioning, interleaving, overlapping, multiplicity, replication, time sharing, space sharing, multitasking, multiprogramming, multithreading, and distributed computing at different processing levels.
In this part, we model physical architectures of parallel computers, vector super- computers[1], multiprocessors, multicomputers, and massively parallel processors. Theoretical machine models are also presented, including the parallel random-access machines (PRAMs)[2]and the complexity model of VLSI (very large-scale integration) circuits. Architectural development tracks are identified with case studies in the article. Hardware and software subsystems are introduced to pave the way for detailed studies in the subsequent section.
The State of Computing
Modern computers are equipped with powerful hardware facilities driven by extensive software packages. To assess state-of-the-art[3]computing, we first review historical milestones in the development of computers. Then we take a grand tour of the crucial hardware and software elements built into modern computer systems. We then examine the evolutional relations in milestone architectural development. Basic hardware and software factors are identified in analyzing the performance of computers.
Computer Development Milestones
Computers have gone through two major stages of development: mechanical and electronic. Prior to 1945, computers were made with mechanical or electromechanical parts. The earliest mechanical computer can be traced back to 500 BC in the form of the abacus used in China. The abacus is manually operated to perform decimal arithmetic with carrying propagation digit by digit.
Blaise Pascal built a mechanical adder/subtractor in France in 1642. Charles Babbage designed a difference engine in England for polynomial evaluation in 1827. Konrad Zuse built the first binary mechanical computer in Germany in 1941. Howard Aiken[4]proposed the very first electromechanical decimal computer, which was built as the Harvard Mark I[5]by IBM in 1944. Both Zuse's and Aiken's machines were designed for general-purpose computations.
Obviously, the fact that computing and communication were carried out with moving mechanical parts greatly limited the computing speed and reliability of mechanical computers. Modern computers were marked by the introduction of electronic components. The moving parts in mechanical computers were replaced by high-mobility electrons in electronic computers. Information transmission by mechanical gears or levers was replaced by electric signals traveling almost at the speed of light.
Computer Generations
Over the past five decades, electronic computers have gone through five generations of development. Each of the first three generations lasted about 10 years. The fourth generation covered a time span of 15 years. We have just entered the fifth generation with the use of processors and memory devices with more than 1 million transistors on a single silicon chip.
The division of generations is marked primarily by sharp changes in hardware and software technologies. Most features introduced in earlier generations have been passed to later generations. In other words, the latest generation computers have inherited all the nice features and eliminated all the bad ones found in previous generations.
Elements of Modern Computers
Hardware, software, and programming elements of a modern computer system are briefly introduced below in the context of parallel processing.
Computing Problems
It has been long recognized that the concept of computer architecture is no longer restricted to the structure of the bare machine hardware. A modern computer is an integrated system consisting of machine hardware, an instruction set, system software, application programs, and user interfaces. These system elements are depicted in Fig. 1. The use of a computer is driven by real-life problems demanding fast and accurate solutions. Depending on the nature of the problems, the solutions may require different computing resources.
For numerical problems in science and technology, the solutions demand complex mathematical formulations and tedious integer or floating-point computations. For alphanumerical problems in business and government, the solutions demand accurate transactions, large database management, and information retrieval operations.
For artificial intelligence (AI) problems, the solutions demand logic inferences and symbolic manipulations. These computing problems have been labeled numerical computing, transaction processing, and logical reasoning. Some complex problems may demand a combination of these processing modes.
Algorithms and Data Structures
Special algorithms and data structures are needed to specify the computations and communications involved in computing problems. Most numerical algorithms are deterministic, using regularly structured data. Symbolic processing may use heuristics or nondeterministic searches over large knowledge bases.
Problem formulation and the development of parallel algorithms often require interdisciplinary interactions among theoreticians, experimentalists, and computer programmers. There are many books dealing with the design and mapping of algorithms or heuristics onto parallel computers. In this article, we are more concerned about the resources mapping problems than the design and analysis of parallel algorithms.
Hardware Resources
The system architecture of a computer is represented by three nested circles on the right in Fig. 1. A modern computer system demonstrates its power through coordinated efforts by hardware resources, an operating system, and application software. Processors, memory, and peripheral devices form the hardware core of a computer system. We will study instruction-set processors, memory organization, multiprocessors, supercomputers, multicomputers, and massively parallel computers.
Special hardware interfaces are often built into I/O devices, such as terminals, workstations, optical page scanners, magnetic ink character recognizers, modems, file servers, voice data entry, printers, and plotters. These peripherals are connected to mainframe computers directly or though local or wide-area networks.
In addition, software interface programs are needed. These software interfaces include file transfer systems, editors, word processors, device drivers, interrupt handlers, network communication programs, etc. These programs greatly facilitate the portability of user programs on different machine architectures.
Operating System
An effective operating system manages the allocation and deal-location of resources during the execution of user programs. We will study UNIXE[6]extensions for muhiprocessors and muhicomputers later. Mach/OS kernel and OSF/1[7]will be specially studied for muhithreaded kernel functions, virtual memory management, file subsystem, and network communication services. Beyond the OS, application software must be developed to benefit the users. Standard benchmark programs are needed for performance evaluation.
Notes
[1] vector super-computers: 向量巨型机体系机构。向量巨型计算机的体系机构,目前大多数仍为多流水线结构,也有的采用并行处理机构。
[2] parallel random-access machines(PRAMs):并行随机存取机器具有任意多个处理器,以及分别用于输入、输出和工作的存储器的机器模型。
[3] state-of-the-art:最新技术水平;当前正在发展的技术,或者在当前应用中保持领先地位的技术。
[4] Howard Aiken: Mark I计算机的设计者。
[5] Harvard Mark I:哈佛Mark I计算机。Mark I计算机是一种在30年代末40年代初由(美国)哈佛大学的Howard Aiken设计并由IBM公司制造的机电式计算器。
[6] UNIX:UNIX操作系统。
[7] Mach/OS kernel and OSF/1:Mach操作系统/OS操作系统,Kernel核心程序。在操作系统中,实现诸如分配硬件资源、进程调度等基本功能的程序,是与硬件机器直接打交道的部分,始终驻留内存。OSF/1开放软件基金会/1。
Choose the best answer for each of the following:
第5题
第6题
Computer Office System
计算机办公系统
Computer office systems are computers and their peripheral equipment is used to create, store, process, or communicate information in a business environment. This information can be electronically produced, duplicated, and transmitted.
The rapid growth of the service sector of the United States economy beginning in the mid 1970s has furnished a new market for sophisticated office automation. With the increasing incorporation of microchips and microcircuitry into office equipment[1], the line between the computer and other equipment has blurred.
At the same time, computers either stand alone or as part of a network and specialized software programs are taking over tasks such as facsimile transmission-or FAX, voice mail, and telecommunications that were once performed by separate pieces o.f equipment. In fact, the computer has virtually taken the place of typewriters, calculators, and manual accounting techniques and is rapidly taking over graphics design, production scheduling, and engineering design as well.
During the first half of the 20th century, financial and other numerical record keeping tasks were performed manually or by bookkeeping machines, billing machines, tabulating equipment, and other types of electromechanical accounting devices. In the 1950s, such machines were increasingly replaced by mainframe computers-large, very expensive, high speed machines that required trained operators as well as a special temperature regulated facility to prevent overheating. Use of these machines today is limited to large organizations with heavy volume data processing requirements. Time sharing, allowing more than one company to use the same mainframe for a fee, was instituted to divide the cost of the equipment among several users while ensuring that the equipment is utilized to the maximum extent.
Mainframes with remote terminals, each with its own monitor, became available in the mid 1970s and allowed for simultaneous input by many users. With the advent of the minicomputer, however, a far less expensive alternative became available. The transistor and microelectronics made manufacture of these smaller, less complex machines practicable. Minicomputers, the first of which entered general business use in the early 1960s, are now widespread in commerce and government. Terminals linked to the central processing unit (CPU) are under the direct control of the individual user rather than centralized staff. In recent years, however, it is the microcomputer, or personal computer (PC), that has come to play the principal role in most office workplaces.
Desktop PCs have become increasingly affordable as a result of industry wide adoption of the architecture of the PC introduced in 1981. Although it has become feasible to provide virtually every office worker with a PC, it is more cost effective for PC users to share files and common peripherals such as printers, facsimile boards, modems, and scanners. In the late 1980s and early 1990s, many companies began programs of linking or networking multiple PCs into a unified system.
The local area network (LAN) was created in response to the need for a standardized system of linking computers together in a company. The most common method used to connect computers to a network is by means of coaxial cables. Newer generation networks use fiber optical connections. When computers are not in close physical proximity, networks may use microwave radio or infrared radiation to link the computers. Microwave radio requires a dish antenna for transmission and reception; infrared radiation requires a lens for transmission and a mirror and lens for reception. Other methods used for wide area networking include telephone and communications satellite linkage.
The need for computer connectivity has established the usefulness of the peripheral device known as the modem. Modems permit two computers to communicate by telephone in order to access databases, transmit files, upload and download facsimile transmissions, and send and receive electronic mail. Early transmission speeds using this equipment were relatively slow—300 baud[2]. Some modems now operate at speeds of more than 50,000 baud and have error checking and data compression features.
Text materials in typed or printed form can be input directly into a computer by means of a scanner. To read text, optical character recognition (OCR) software must first be used to convert printed documents electronically into computer readable files. Scanners obviate the need to rekey printed text in order to input it; they can also be used to input graphic material.
Computer Printers
A considerable volume of office computer output is via the printer. Among the earliest printers used with PCs in business offices were daisy wheel and thimble printers, so called because of the shape of their printing elements[3]. Although their type quality was comparable to that of a typewriter, they were slow and could accommodate only text, not graphic materials. As a result, they have been supplanted in most offices by dot-matrix, ink jet, and laser printers.[4]The dot matrix printer may have a 9 or 24 pin print head. The pins impact the paper through a ribbon, creating patterns of dots in the shape of letters and numbers in multiple fonts and type sizes. The ink jet printer, an advance over the dot matrix, provides both high resolution (the higher the resolution, the better the print quality) and quiet operation. The laser printer represents an even greater advance. Similar in technology to a photocopier[5], it offers speed, high resolution of 300 dots or more per inch, ability to reproduce complex graphics, and silent operation—all of which make it virtually essential for desktop publishing.
Electronic Mail (E-mail)
E-mail has become a key part of the communication networks of most modern offices. Data and messages can be transmitted from one computer to another using telephone lines, microwave links, communications satellites, or other telecommunications equipment. The same message can be sent to a number of different addresses. E-mail is sent through a company's own LAN or beyond, through a nationwide or worldwide communications network. E-mail services use a central computer to store messages and data and to route them to their intended destination. With a subscription to a public E-mail network, an individual PC user needs only a modem and a telephone to send and receive written or vocal messages. Because of the huge amount of E-mail that can be generated, systems have been developed to screen mail[6]for individual users.
Voice Mail
A specialized type of E-mail system, voice mail, is a relatively simple, computer linked technology for recording, storing, retrieving, and forwarding phone messages. It is called voice mail, or voice messaging, because the messages are spoken and left in a voice mailbox. The telephone doubles as a computer terminal, but instead of presenting the information on a computer screen, the system reads it over the phone line, using prerecorded voice vocabulary. The systems are based on special purpose computer chips and software that convert human speech into bits of digital code. These digitized voices are stored on magnetic disks, from which they can be instantaneously retrieved. Callers are offered a menu of choices, and the messages they select are played; they can leave messages in voice mailboxes, or they can access huge computer databases.
Desktop Publishing
Desktop Publishing is the use of a computer and specialized software to combine text and graphics to create a document that can be printed on either a laser printer or a typesetting machine. Desktop publishing is a multiple step process involving various types of software and equipment. The original text and illustrations are generally produced with software such as word processors and drawing and painting programs and with photograph scanning equipment and digitizers. The finished product is then transferred to a page makeup program, which is the software most people think of as the actual desktoppublishing software. This type of program enables the user to lay out text and graphics on the screen and see what the results will be: for refining parts of the document, these programs often include word processing and graphics features in addition to layout capabilities. As a final step, the finished document is printed either on a laser printer or, for the best quality, by typesetting equipment.
Notes
[1] With the increasing incorporation of microchips and microcircuitry into office equipment: incorporation of sth. into sth. else = to incorporate sth. into sth. else, 意为“将……结合进……”。本句可译为:随着微型芯片和微型电路越来越多地进入办公设备,计算机与其他设备之间的界线已不那么分明了。
[2] baud:波特(通信中的符号传输速率单位,每秒传输一个符号称为1波特)。
[3] Among the earliest printers used with PCs in business offices were daisy wheel and thimble printers, so called because of the shape of their printing elements.本句为倒装句,原句应为:Daisy wheel and thimble printers were among the earliest printers used with PCs in business offices... "so called" 为形容词,引出状语,表示伴随情况,对主语进一步说明。
[4] dot-matrix, ink jet, and laser printers:点阵,喷墨,激光打印机。
[5] Similar in technology to a photocopier,...: similar to...: 与……类似或相似;类似于……。此处由形容词短语做状语,表示原因。
[6] to screen mail:筛选或过滤邮件。
Choose the best answer for each of the following:
第7题
Software Security
软件安全
We live in a world today where software is pervasive. Software touches nearly every aspect of our lives, from software-controlled subways, air traffic control systems, nuclear power plants, and medical equipment to more mundane everyday examples, such as software-controlled microwave ovens, gas burners, elevators, automated teller machines[1], the family car, and the local 911 service[2]. In the past, many of these items relied upon established safety and reliability principles from electrical, mechanical, and/or civil engineering, which developed over several decades, if not longer. Today items like these are controlled by software.
When it is examined, its totality, the magnitude of the software safety and reliability challenge facing us today makes the Y2K[3]problem look minuscule by comparison. Hence, it is time to acknowledge the discipline of software safety and reliability and its importance to everyday life. Some people and organizations are starting to understand and respond to this challenge. For example, the FBI[4]recently established a National Infrastructure Protection Center to protect safety-critical systems and software. Unfortunately, many still remain blissfully unaware of the situation or deny its existence. Contributing to the problem is the small number of universities that offer courses in software safety and reliability.
We hear a lot about the global economy today. Technology has less respect for state or national borders than do market forces. The software safety and reliability challenge is a global challenge. Products, such as cars and medical devices, are built in one jurisdiction and sold worldwide. Air traffic control systems must interoperate safely and reliably among multiple countries, for example along the long borders between the U. S. , Canada, and Mexico. Accordingly, the first part of this book introduces the concept of software safety and reliability, and techniques and approaches used to achieve and assess it.
Background
The inherent complexity of software—its design, development, assessment, and use—is and has been increasing rapidly during the last decade. The cycle time between new versions of system and application software has decreased from a number of years to a number of months. The evolution and discovery of new design techniques and development methodologies are proceeding at an equally rapid pace. Consequently, the debate about what constitutes the standard body of knowledge for Computer Science professionals continues.
Accompanying this is the ever broadening role that software plays in electronic products. A study performed in the U. K. in 1990 estimated that the market for the development of safety-related software was $. 85B per year and that it was growing at a rate of 20 percent per year. This is due to the fact that software is replacing discrete hardware logic in many devices. Some common examples include air traffic control systems, nuclear power plant control systems, and radiation therapy systems. In addition, advanced electronics with embedded software controllers are being incorporated into a variety of new products, such as laser surgical devices, automobiles, subways, and intelligent transportation systems.
As such the role of software has moved from simply generating financial or other mathematical data to monitoring and controlling equipment, which directly affects human life and safety. In fact, it was reported by Donald Mackenzie that "the total number of people killed by computer system failures, worldwide, up to the end of 1998 is between 1,000 and 3,000. "
As a result, a more thorough and widespread understanding of, and familiarity with the specialized techniques to achieve and assess the safety and reliability of software, are needed in academia, industry, and government. This is also true since many legal issues related to software liability are evolving.
Purpose
While the general concept of safety and reliability is understood by most parties, the specialty of software safety and reliability is not. The understanding of electronic component reliability and electrical safety has been evolving since the 1940s. In contrast, software safety and reliability is a relatively new discipline that only a few understand well or at all. Hence, the overall goal of writing this book is to improve the state of the art of software safety and reliability, both its understanding and practice. This goal is achieved through three objectives.
The first objective of this book is to serve as a "consciousness raising"[5]about the importance of software safety and reliability and the attention this subject warrants in mission critical systems[6]. As more and more functionality is shifted from hardware to software, two common scenarios occur. First, managers and technical personnel involved in mission critical projects are generally very knowledgeable about optics, radiation physics, mechanical engineering, and so forth. However, they are sometimes at a loss when it comes to knowing: 1) what to do about software safety and reliability; 2) the skill set that is needed to adequately address software safety and reliability; and 3) sometimes even that this subject warrants serious attention. Second, today there are many excellent Computer Science and Software Engineering programs at universities throughout the worlD. Unfortunately, very few of them offer any courses on software safety and reliability or on software engineering standards. A student may acquire a thorough background in software engineering without being exposed to the field of software safety and reliability. Given the shift in technology to software controlled products, this is unfortunate because today's students will be tomorrow's safety and reliability practitioners. This book has been written to serve as a "consciousness raising" for both scenarios. As such, it includes many illustrative everyday examples about the importance of software safety and reliability.
The second objective of this book is to provide practical information about the current methods used to achieve and assess software safety and reliability. This is accomplished by a comprehensive discussion of the current approaches promoted by key industrial sectors and standards organizations to software safety and reliability. Since most practitioners were not taught software safety and reliability in school, it is all the more imperative that they be made aware of current software safety and reliability standards[7]. As a rule, standards are written in a very terse style. A phrase or sentence may be very meaningful to the committee members who spent years writing the standard, but the same phrase leaves the average reader in the dark. Accordingly, Parts Ⅱ and Ⅲ of this book have been written in the style of an application guide—" how to" read, interpret, and implement a given standarD. While theory is not entirely neglected, the emphasis is on practical information.
The third and final objective of this book is to bring together, for the first time, in one volume the contemporary thinking on software safety and reliability so that it can be compared and analyzed; thereby leading to the improved understanding and practice of this field in the future.
Firewall
Nations without controlled borders cannot ensure the security and safety of their citizens, nor can they prevent piracy and theft. Networks without controlled access cannot ensure the security or privacy of stored data, nor can they keep network resources from being exploited by hackers.
The communication efficiency provided by the Internet has caused a rush to attach private networks directly to it. Direct Internet connections make it easy for hackers to exploit private network resources. Prior to the Internet, the only widely available way for a hacker to connect from home to a private network was direct dialing with modems and the public telephone network. Remote access security was a relatively small issue.
When you connect our private network to the Internet, you are actually connecting your network directly to everv other network attached to the Internet. There's no inherent central point of security control.
Firewalls are used to create security checkpoints at the boundaries of private networks. By providing the routing function between the private network and the Internet, firewalls inspect all communications passing between the two networks and either pass or drop the communications depending on how they match the programmed policy rules. If your firewall is properly configured and contains no serious exploitable bugs, your network will be as free from risk as possible.
Firewalls are among the newest developments in Internet technology. Developed from rudimentary security systems that major computer vendors like Compact and IBM developed to secure their own networks in the mid 1980s, these network sentinels have developed in lock-step with the burgeoning threat of information warfare. The most interesting and innovative developments, like Network Address Translation and multi-layer security filtering, are so new that books just two years old are already obsolete.
The security problems of the past could be solved with simple packet filters and dial- back modem banks. The security problems of the future will require rifling through and validating every byte of an Internet message, requiring encrypted certification of a web site's true identity before connecting, and then encrypting nearly everything that travels between. Fortunately, as technology and the technological society it mirrors progress, these measures will become simple and invisible. As vendors make operating systems more hardened against attack, the World Wide Web will secretly grow more secure for people who will freely surf the Web as they please, hampered only by the occasionally warning that a site is not accredited or that a message contains suspicious content. This is as it should be.
The security problems of today are most effectively solved with firewalls and virtual private tunnels. Peripheral security utilities[8]like intrusion detectors and security scanners do their part to alarm and alert, but firewalls will remain the foundation of Internet security until their functionality is built into the very protocols upon which the Internet operates and until every Internet-connected computer contains the equivalent of a firewall. Even then, centralized management of Internet policy may make firewalls a permanent addition to corporate networking.
Notes
[1]automated teller machines:自动取款机,简写成ATM。
[2]911 service:在美国等一些西方国家,紧急救护号码为9ll。
[3]Y2K(Year 2000):电脑千年虫。
[4]the FBI:(美国)联邦调查局(Federal Bureau of Investigation)的缩写。
[5]consciousness raising:提高意识。
[6]mission critical systems:任务是至关重要的系统。
[7]It is...从句中用should+do,should常可省,如:It is important that he start early tomorrow.
[8] Peripheral security utilities: 外围(部)安全设备。
Choose the best answer:
