当前位置:网站首页>Analysis of environmental encryption technology
Analysis of environmental encryption technology
2022-07-04 22:39:00 【cnsinda_ sdc】
The development of data security products can be roughly divided into two categories : Document encryption products and Sandboxes ( Or environmental encryption ) product . The design concepts and functions of the two types of products are quite different . From the application in recent years , Data leakage prevention The project wants to be implemented successfully , In addition to choosing the right products , It needs more attention and cooperation from customers . Without knowing the product , Rush to select products and implement , The project failure rate is almost 100%. There are countless such negative cases . about Sandbox Kind of product , All data without any controlled strategy , Will be transmitted and applied in clear text . When offline, the administrator only needs to uninstall Encryption software , Quickly eliminate the impact of encryption system on the original information system , The offline risk is very low .
Sandbox safety products , I personally recommend shenxinda SDC Sandbox For large and medium-sized R & D and manufacturing enterprises , The concept of overall protection products is more applicable . in the final analysis , Overall protection products pay more attention to the matching and integration with the existing information system and management system , Document encryption This kind of product pays more attention to the influence and change of the operator's use habits , therefore , The former requires enterprises to make certain investment and concessions to ensure Leak proof system The successful launch , But once online , The operation will be smoother , Later management and maintenance are easier ; The latter is more in line with the current customers' requirements for Encryption products The general view of ” No data leakage , It doesn't affect the work “, But the potential risks are great ; The former is more like a system , The latter is more like software , The former is more suitable for the overall management needs of large and medium-sized enterprises , The latter is more suitable for the rapid application of small-scale enterprises .
The project risks are divided into the following categories :
1. Encrypt file Crack the risk
Document encryption is to control the application software , The generated document is written into the key when it is saved , But when the ciphertext is opened on a computer with an encryption product client , The encryption software will automatically decrypt the ciphertext first , Then it can be opened normally , in other words , The encrypted file , There is still plaintext in memory , Can pass “ Read memory ” Extract plaintext directly , Bypass encryption , Low security level ; Sandbox encryption Adopt overall protection , When the client computer is in use, it cannot take the file out of the sandbox environment , But it does not affect local use , Files can only flow in a sandbox environment , It's quite difficult to crack , High level of security .
2. Hardware debugging risk
Now more and more customer needs involve hardware debugging and development , Including development board burn ,app Development, etc. , The increasing number of hardware equipment also leads to the increasing risk of disclosure . Document encryption encrypts the contents of burning and debugging , If normal commissioning is required , Must have Decrypt files debugging , Thus causing problems such as counterfeiting hardware devices , Risks such as debugging documents . Sandbox products take over the file export of the whole computer , When connection debugging is needed , The whole process is still under protection , Debugging files and burning files will be recorded clearly , Reduce the risk of disclosure .
3. Risk of data corruption
Encryption requires decryption , This creates the risk of decryption failure , Will cause data corruption , Greatly affect the work of employees , The product cannot be launched . At this point , Sandbox products are much better than document encryption , Document encryption has direct and frequent encryption and decryption of files , High data corruption rate , The encryption of environmental encryption products is carried out at the data transmission boundary , Do not process the file itself , The file will not be damaged . From previous project experience , File destruction has almost become synonymous with document encryption products and an insurmountable bottleneck ( Especially in R & D and manufacturing enterprises with complex terminal environment ), This will not happen to environmental encryption products .
For sandbox products , All data without any controlled strategy , Will be transmitted and applied in clear text . When offline, the administrator only needs to uninstall the encryption software , Quickly eliminate the impact of encryption system on the original information system , The offline risk is very low .
Through the above comparison , You can almost draw a conclusion , For large and medium-sized R & D and manufacturing enterprises , The concept of overall protection products is more applicable . in the final analysis , Overall protection products pay more attention to the matching and integration with the existing information system and management system , Document encryption products pay more attention to the impact and change of operators' use habits , therefore , The former requires enterprises to make certain investment and concessions to ensure the smooth launch of the anti disclosure system , But once online , The operation will be smoother , Later management and maintenance are easier ; The latter is more in line with the current general view of customers on encryption products ” No data leakage , It doesn't affect the work “, But the potential risks are great ; The former is more like a system , The latter is more like software , The former is more suitable for the overall management needs of large and medium-sized enterprises , The latter is more suitable for the rapid application of small-scale enterprises .
边栏推荐
- About stack area, heap area, global area, text constant area and program code area
- 攻防世界 MISC 高手进阶区 001 normal_png
- 通过Go语言创建CA与签发证书
- Convolutional neural network model -- lenet network structure and code implementation
- 嵌入式开发:技巧和窍门——提高嵌入式软件代码质量的7个技巧
- Introducing QA into the software development lifecycle is the best practice that engineers should follow
- Deployment of JVM sandbox repeater
- [Yugong series] go teaching course 003-ide installation and basic use in July 2022
- Solana chain application crema was shut down due to hacker attacks
- SPSS installation and activation tutorial (including network disk link)
猜你喜欢
UML图记忆技巧
堆排序代码详解
攻防世界 MISC 进阶区 hit-the-core
Logo special training camp Section V font structure and common design techniques
集群的概述与定义,一看就会
LOGO special training camp section I identification logo and Logo Design Ideas
Scala download and configuration
Domestic database chaos
[the 2023 autumn recruitment of MIHA tour] open [the only exclusive internal push code of school recruitment eytuc]
Common open source codeless testing tools
随机推荐
都说软件测试很简单有手就行,但为何仍有这么多劝退的?
Short video system source code, click the blank space of the screen, the keyboard does not automatically stow
Microservices -- Opening
MYSQL架构——用户权限与管理
Domestic database chaos
UML diagram memory skills
Jvm-Sandbox-Repeater的部署
测试必会:BUG的分类及推进解决
虚拟人产业面临的挑战
Recommendation of mobile app for making barcode
2022-07-04:以下go语言代码输出什么?A:true;B:false;C:编译错误。 package main import “fmt“ func main() { fmt.Pri
攻防世界 MISC 进阶区 3-11
我在linux里面 通过调用odspcmd 查询数据库信息 怎么静默输出 就是只输出值 不要这个
Redis sentinel simply looks at the trade-offs between distributed high availability and consistency
leetcode 72. Edit Distance 编辑距离(中等)
Logo special training camp Section IV importance of font design
繁华落尽、物是人非:个人站长该何去何从
Summary of index operations in mongodb
Mysql root 账号如何重置密码
SPSS installation and activation tutorial (including network disk link)