{"id":2556,"date":"2023-02-17T12:11:05","date_gmt":"2023-02-17T04:11:05","guid":{"rendered":"https:\/\/choson.lifenet.com.tw\/?p=2556"},"modified":"2023-03-29T10:42:12","modified_gmt":"2023-03-29T02:42:12","slug":"%e5%ad%98%e5%8f%96%e6%8e%a7%e5%88%b6%e7%9a%84%e5%9f%ba%e6%9c%ac%e7%94%a8%e8%aa%9e","status":"publish","type":"post","link":"https:\/\/choson.lifenet.com.tw\/?p=2556","title":{"rendered":"\u5b58\u53d6\u63a7\u5236\u7684\u57fa\u672c\u7528\u8a9e"},"content":{"rendered":"
\n
\"\"
\u5b58\u53d6\u63a7\u5236\u985e\u578b<\/figcaption><\/figure>\n<\/div>\n\n\n
    \n
  1. \u5b58\u53d6(access)<\/strong>\u5373\u4f7f\u7528(use)<\/strong>\uff0c\u56e0\u6b64\u6709\u8ab0\u7528\u4ec0\u9ebc\u6771\u897f\u7684\u6982\u5ff5\u3002\u4e3b\u52d5\u65b9<\/strong>(\u4e3b\u8a5e)\u53eb\u4e3b\u9ad4(subject)<\/strong>\uff0c\u88ab\u7528\u7684\u8cc7\u6e90\u662f\u88ab\u52d5\u65b9<\/strong>(\u53d7\u8a5e)\uff0c\u7a31\u70ba\u5ba2\u9ad4(object)<\/strong>\u3002<\/li>\n\n\n\n
  2. \u4e3b\u9ad4\u5b58\u53d6\u5ba2\u9ad4\u7684\u6574\u500b\u904e\u7a31\u5fc5\u9808\u53d7\u5230\u7ba1\u5236(control)<\/strong>\uff0c\u4e0d\u80fd\u70ba\u6240\u6b32\u70ba\uff0c\u56e0\u6b64\u624d\u6709\u5b58\u53d6\u63a7\u5236\u7684\u8b70\u984c\u3002<\/li>\n\n\n\n
  3. \u4e0a\u5716<\/a>\u5c55\u793a\u4e86\u5b58\u53d6\u63a7\u5236\u7684\u4e0d\u540c\u60c5\u5883(contexts)\u6216\u985e\u578b<\/strong>\u3002\u4f8b\u5982\uff1a\u7db2\u8def\u7dda\u5982\u4f55\u4f7f\u7528\u3001\u7db2\u8def\u5982\u4f55\u9023\u63a5(\u5340\u57df\u53ca\u9060\u7aef)\u3001\u96fb\u8166\u4e0a\u7684\u7a0b\u5f0f\u5982\u4f55\u5b58\u53d6\u8cc7\u6e90\u3001\u9032\u51fa\u5efa\u7269\u7684\u9580\u7981\uff0c\u4ee5\u53ca\u5712\u5340\u5468\u908a\u7684\u7ba1\u5236\u7b49\u3002<\/li>\n\n\n\n
  4. WUSON\u7684CISSP\u8ab2\u7a0b<\/a>\u4ecb\u7d39Domain 5\u6642\uff0c\u4e3b\u8981\u9396\u5b9a\u5728\u96fb\u8166\u7cfb\u7d71<\/strong>\u4e0a\u7684\u5b58\u53d6\u63a7\u5236\uff0c\u4e5f\u5c31\u662f\u6240\u8b02\u7684\u6280\u8853\u985e<\/strong>\u6216\u908f\u8f2f\u985e<\/strong>\u7684\u5b58\u53d6\u63a7\u5236\u3002<\/li>\n<\/ol>\n\n\n\n

    \u5b9a\u7fa9<\/h1>\n\n\n\n

    \u96fb\u8166\u7cfb\u7d71\u4e0a\u7684\u5b58\u53d6\u63a7\u5236<\/strong>\u662f\u6307\uff1a<\/p>\n\n\n\n

    \n

    \u4e3b\u9ad4<\/strong>\u5c0d\u65bc\u5ba2\u9ad4<\/strong>\u7684\u5b58\u53d6\u884c\u70ba\uff0c\u5fc5\u9808\u53d7\u5230\u5b89\u5168\u6838\u5fc3(Security Kernel)<\/strong>\u76843A\u7ba1\u5236\u3002<\/p>\n<\/blockquote>\n\n\n\n

    3A\u662f\u6307\u9a57\u8b49\u8eab\u4efd(Authentication)<\/strong>\u3001\u6aa2\u67e5\u6388\u6b0a(Authorization)<\/strong>\u8207\u8a18\u9304\u884c\u70ba(Accounting)<\/strong>\u3002\u7136\u800c\u8981\u9032\u884c3A\u7ba1\u5236\u5fc5\u9808\u5148\u6709\u8eab\u4efd(idenity)<\/strong>\u624d\u884c\u3002\u56e0\u6b64\uff0c\u5b58\u53d6\u63a7\u5236\u7684\u53e3\u8a23\u70ba I+3A<\/strong>\u3002<\/p>\n\n\n\n

    \u5b89\u5168\u6838\u5fc3\u662f\u7f8e\u570b\u570b\u9632\u90e8\u6a58\u76ae\u66f8(TCSEC)<\/strong>\u7684\u7528\u8a9e\uff0c\u4e00\u822c\u4eba\u6bd4\u8f03\u4e0d\u6703\u7528\u9019\u500b\u540d\u8a5e\u3002\u7c21\u55ae\u7684\u8aaa\uff0c\u5b89\u5168\u6838\u5fc3\u662f\u4e00\u53f0\u96fb\u8166\u7cfb\u7d71\u4e2d\uff0c\u8ca0\u8cac\u5b58\u53d6\u63a7\u5236<\/strong>\u7684\u5143\u4ef6\u3002\u503c\u5f97\u6ce8\u610f\u7684\u662f\uff0c\u5b89\u5168\u6838\u5fc3\u662f\u4e00\u500b\u8edf\u9ad4\u3001\u97cc\u9ad4\u53ca\u786c\u9ad4\u7e3d\u6210\u7684\u6982\u5ff5<\/strong>\uff0c\u4e0d\u662f\u55ae\u6307\u8edf\u9ad4\u3001\u97cc\u9ad4\u6216\u786c\u9ad4\u3002\u4ee5\u4e0b\u662fNIST\u5c0d\u65bc\u5b89\u5168\u6838\u5fc3\u7684\u5b9a\u7fa9\uff1a<\/p>\n\n\n\n

    \n

    Hardware, firmware, and software elements of a trusted computing base implementing the reference monitor concept. Security kernel must mediate all accesses, be protected from modification, and be verifiable as correct.<\/p>\n<\/blockquote>\n\n\n\n

    \u57fa\u672c\u7528\u8a9e<\/h1>\n\n\n\n
      \n
    1. \u8eab\u4efd<\/strong>\u53ea\u662f\u7528\u4f86\u552f\u4e00\u8b58\u5225(uniquely identity)<\/strong>\u4e00\u500b\u5be6\u9ad4(entity)<\/strong>\u7684\u5c6c\u6027(attribute)<\/strong>\u3002<\/li>\n\n\n\n
    2. \u5be6\u9ad4<\/strong>\u662f\u6307\u5be6\u969b\u5b58\u5728\u4e14\u53ef\u4ee5\u552f\u4e00\u8b58\u5225\u7684\u500b\u9ad4<\/strong>\u3002\u4e00\u500b\u5be6\u9ad4\u901a\u5e38\u64c1\u6709\u591a\u500b\u5c6c\u6027\uff0c<\/strong>\u4e26\u4e14\u5177\u5099\u4e00\u6216\u591a\u500b\u8eab\u4efd\u3002<\/li>\n\n\n\n
    3. \u5c6c\u6027<\/strong>\u662f\u7528\u4f86\u63cf\u8ff0\u5be6\u9ad4\u7279\u8272<\/strong>\u6216\u6027\u8cea<\/strong>\u7684\u8cc7\u6599\u9805\u76ee\u3002<\/li>\n\n\n\n
    4. \u5e33\u865f(account)<\/strong>\u662f\u4ee3\u8868\u5be6\u9ad4\u7684\u6280\u8853\u624b\u6bb5\uff0c\u56e0\u6b64\u5e33\u865f\u8207\u5be6\u9ad4\u5bc6\u4e0d\u53ef\u5206\u3002<\/li>\n\n\n\n
    5. \u8eab\u4efd\u7528\u4f86\u552f\u4e00\u8b58\u5225\u5be6\u9ad4\uff0c\u56e0\u6b64\u7ba1\u7406\u8eab\u4efd\u5c31\u662f\u7ba1\u7406\u5be6\u9ad4\u3002\u7136\u800c\u4e0d\u8ad6\u8eab\u4efd\u7ba1\u7406\u6216\u5be6\u9ad4\u7ba1\u7406\uff0c\u5be6\u52d9\u4e0a\u90fd\u662f\u900f\u904e\u5e33\u865f\u7ba1\u7406\u4f86\u5be6\u73fe\u3002<\/li>\n<\/ol>\n\n\n\n

      \u8eab\u4efd\u7ba1\u7406 (Identity Management)<\/h1>\n\n\n\n
        \n
      1. \u5e33\u865f\u7ba1\u7406\u5f9e\u6280\u8853\u7684\u89d2\u5ea6\u4f86\u770b\uff0c\u5c31\u662f\u9032\u884c\u5e33\u865f\u7684\u65b0\u589e\u3001\u67e5\u8a62\u3001\u4fee\u6539\u53ca\u522a\u9664(CRUD)<\/strong>\u7b49\u52d5\u4f5c\u3002<\/li>\n\n\n\n
      2. \u5c08\u9580\u5b58\u653e\u5e33\u865f\u7684\u8cc7\u6599\u5eab\u7a31\u4f5c\u76ee\u9304(directory)<\/strong>\u3002<\/li>\n\n\n\n
      3. \u670d\u52d9(service)<\/strong>\u5373\u7a0b\u5f0f\uff0c\u8ca0\u8cac\u7ba1\u7406\u76ee\u9304\u7684\u7a0b\u5f0f\u5c31\u7a0b\u70ba\u76ee\u9304\u670d\u52d9<\/strong>\u3002<\/li>\n\n\n\n
      4. \u5132\u5b58\u5728\u76ee\u9304\u7684\u5e33\u865f\u53ef\u4ee5\u7528X.500<\/strong>\u7684\u8868\u793a\u6cd5\u4f86\u8868\u9054\u5b83\u5132\u5b58\u7684\u4f4d\u7f6e\u3002<\/li>\n\n\n\n
      5. \u7a0b\u5f0f\u53ef\u4ee5\u900f\u904eLDAP<\/strong>\u4f86\u8981\u5c0d\u76ee\u9304\u9032\u884cCRUD\u7b49\u52d5\u4f5c\u3002<\/li>\n\n\n\n
      6. \u63d0\u4f9b\u76ee\u9304\u670d\u52d9\u7684Server\u4e5f\u53ef\u7a31\u70ba\u8eab\u4efd\u63d0\u4f9b\u8005(IdP, Identity Provider)<\/strong>\u3002<\/li>\n<\/ol>\n\n\n\n

        \u96f6\u4fe1\u4efb<\/h1>\n\n\n\n

        WUSON CISSP\u7684\u8ab2\u7a0b\u5c07\u96f6\u4fe1\u4efb(Zero Trust)\u5b9a\u4f4d\u70baAccess Control 2.0, \u4e5f\u5c31\u662f\uff1a<\/p>\n\n\n\n

        \n

        \u4ee5\u8cc7\u6599\u70ba\u4e2d\u5fc3<\/strong>\u5283\u5b9a\u865b\u64ec\u908a\u754c<\/strong>\uff0c\u9032\u884c\u66f4\u7d30\u81a9\/\u7c92<\/strong>\u3001\u66f4\u52d5\u614b<\/strong>\u3001\u66f4\u900f\u660e<\/strong>\u7684\u5b58\u53d6\u63a7\u5236<\/strong>\u3002<\/p>\n<\/blockquote>\n\n\n\n

        \u8cc7\u6599\u4f86\u6e90\uff1ahttps:\/\/wentzwu.medium.com\/%E5%AD%98%E5%8F%96%E6%8E%A7%E5%88%B6%E7%9A%84-%E5%9F%BA%E6%9C%AC%E7%94%A8%E8%AA%9E-cf9f94d29f28<\/p>\n\n\n\n

        PS:\u6b64\u6587\u7ae0\u7d93\u904e\u4f5c\u8005\u540c\u610f\u520a\u767b \u4e26\u4e14\u6388\u6b0a\u53ef\u4ee5\u7ffb\u8b6f\u6210\u4e2d\u6587<\/p>\n","protected":false},"excerpt":{"rendered":"

        \u5b9a\u7fa9 \u96fb\u8166\u7cfb\u7d71\u4e0a\u7684\u5b58\u53d6\u63a7\u5236\u662f\u6307\uff1a \u4e3b\u9ad4\u5c0d\u65bc\u5ba2\u9ad4\u7684\u5b58\u53d6\u884c\u70ba\uff0c\u5fc5\u9808\u53d7\u5230\u5b89\u5168\u6838\u5fc3(Security Kernel)\u7684 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-2556","post","type-post","status-publish","format-standard","hentry","category-cisspcertified-information-systems-security-professional"],"_links":{"self":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2556","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2556"}],"version-history":[{"count":2,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2556\/revisions"}],"predecessor-version":[{"id":2727,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2556\/revisions\/2727"}],"wp:attachment":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2556"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2556"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2556"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}