How should we establish a safe and credible scientific concept of network security?

Shen Changxiang: First, we should understand the nature of network security and take the initiative to resolve security risks. First of all, we must recognize the basic principle and essence of network security.

Network security risks are caused by man-made attack threats and their own vulnerabilities. The computing system itself has great vulnerability, and network security has become an eternal proposition. In order to defend against threats,

reduce vulnerability and reduce risk, scientific and technological innovation must be carried out from the aspects of logical correct verification theory, computing architecture and system engineering construction, etc.,

so as to form a defense system that actively responds to attacks, so as to make threats ineffective, and achieve the goal of ensuring that the logical combination for completing computing tasks is not tampered with or destroyed and correct calculation is achieved. This is the safe and reliable defense system of active immunity, which is equivalent to cultivating immunity for network information systems.

The second is to leave the "blocking and killing" and establish a new concept of active immune protection. The traditional network security system is mainly composed of firewall, intrusion monitoring and virus detection and patching.

This mode of "blocking and killing" is difficult to deal with the attacks using logic defects, but it increases its vulnerability. First of all, it is impossible to defend against new vulnerabilities and attack methods by comparing,

checking and killing according to the content of the existing signature database. Secondly, its functional components belong to the super user, which violates the security principle of the least privileged user,

and can also be controlled by attackers to become a platform for network attacks. Therefore, only the implementation of active immune security and credible defense system can effectively resist the known and unknown attacks.

You just said that the key to speeding up the construction of critical information infrastructure security system is independent innovation. May I ask what aspects should we build an active immune security and credible security system?

Shen Changxiang: I think we can start from five aspects. First, establish a new safe and reliable computing model for active immunization. It innovatively proposes a new computing model - active immune safe and trusted computing,

that is, using the code as the gene to generate antibodies, implement functions such as identity identification, status measurement, and confidential storage, and timely identify its own and non-own components,

so as to destroy and reject harmful substances entering the body. This is the same as human immunity, which can defend itself against harmful invasion. Ensure that body logic flaws are not exploited by malicious attackers.

This calculation mode can realize parallel operation of calculation and security protection, and the whole calculation can be measured and controllable without interference.

Second, the parallel dual architecture of "computing + protection" is constructed. A new computing architecture is adopted, which is a new computing architecture of operation and protection under the control of security trust policy.

This dual architecture as the core of the security architecture, can find anomalies in time to deal with, so that the computer equivalent to the human body has the same immune ability.

Third, the construction of "one center + three layers of protection" security system framework. New information environments such as networked infrastructure, cloud computing, big data, industrial control,

and the Internet of Things require security and trust as the foundation and prerequisite for development, and must be measured, identified, and controlled for trust. Adopting the secure and trusted architecture framework can ensure the reliability of the architecture, resource allocation, operation behavior, data storage and policy management, so as to achieve the purpose of system-level active defense.

Fourth, implement four-element trusted dynamic access control. Human-computer interaction trust is the source and prerequisite to play the role of new infrastructure momentum such as 5G and data center.

It is necessary to conduct dynamic trust measurement, identification and control of the four elements of human operation access strategy (subject, object, operation and environment),

and correct the security defects of traditional access control strategy model that is not trusted verification and difficult to tamper with. In addition, traditional access control does not consider whether the environment elements (code and parameters) are damaged,

and it is difficult to prevent malicious code attacks. Therefore, it is necessary to verify the credibility of the environment elements, and then carry out dynamic access control according to the policy rules to achieve the correct access effect.