What Is Message Switching?
Information exchange refers to the process of data interaction between different information entities. The goal is to achieve data sharing in a heterogeneous environment, thereby effectively using resources, improving the performance of the entire information system, and speeding up data between information systems. Circulation to achieve data integration and sharing.
- Information exchange refers to the process of data interaction between different information entities. The goal is to achieve data sharing in a heterogeneous environment, thereby effectively using resources, improving the performance of the entire information system, and speeding up data between information systems. Circulation to achieve data integration and
- The current mainstream information exchange system is mainly composed of the information exchange center and the information exchange components of the service side, and its functions are roughly as follows:
- Information exchange center: The information exchange center receives the message sent from the client and forwards it through its information exchange center server or extracts the data to be sent from the business application database and saves it to the shared database. Among them, the shared database is the core of the information platform of the information sharing and exchange system. It stores the information released by each unit and the data exchanged from other units. The establishment of the shared database also has the function of protecting the independence and security of each client application system.
- Business-side information exchange components: If a customer needs to connect its own business application system to a unified information sharing exchange system, it only needs to install the components of the unified information exchange system application business side, without modifying its business application system. In this case, information can be exchanged with the Unified Information Sharing Exchange Center. The
- In view of the importance of information exchange and the unified coding standard of text symbols, computers of different brands can use the same standardized information.
- As the information exchange system is mainly a large network system platform for information integration, information exchange and sharing between enterprises in various industries, it may also be a large collection of various insecure factors [1] , especially the current various network security threats. getting more serious. In the current network security environment, and because the information exchanged in the information exchange system is mainly internal information between the industry or between enterprises and departments, this information may be sensitive, important, or even It may be a trade secret of vital interest, so you do nt want the outside or its competitors to know, but you must ensure that the normal and legal users in the industry, in various enterprise alliances, and within the enterprise can timely understand the shared exchanges, send and receive information, etc. Besides, in addition to ensuring normal business functions, the information exchange system must also do the following for security:
- (1) Identity authentication: Only those authorized legal users have access to use system resources, and the uniqueness of user identity can prevent non-repudiation during the information exchange process. At the same time, users outside the system must be denied and illegal users can be disguised by illegal means. Legitimate users come to trick the system for some purpose. Therefore, information can only be exchanged if the legitimacy of the user's identity is confirmed. It can be said that identity authentication is the security foundation of the information exchange system.
- (2) Privilege control: When users use the system, they need to determine and control their permissions. Depending on the role of users with different levels of privileges, access and use of system resources and services vary, preventing users from unintentionally or deliberately occupying and using system resources. Protect user rights and information security. The main functions are divided into sending information permissions, receiving information permissions, and information source and sink permissions:
- Send message permissions. It has the functions of obtaining local data and sending information. Different levels of users also have different functions of data encryption, data signature or digital signature when sending information. For example, the number, type, number of targets, and encryption granularity are limited. Wait;
- Receiver permissions. It has the function of receiving information. Similarly, when receiving data, the authority is different, and the number and type of information that the receiving user can receive are also different.
- Information source and sink permissions. The destination (receiver) of the message and whether it can accept the information from the source (sender), that is, to resolve the "who" and "who" to receive, control the flow of information, and prevent the broadcast and leak of information.
- Therefore, protecting the security of rights can also be said to protect the rights and interests of users.
- (3) Information security: Information is sent to the information exchange center and the information exchange center is forwarded to the receiving end. Both processes are carried out in the network to ensure that the information in these two processes is not stolen, tampered, counterfeited, and Information security issues such as repudiation when sending and receiving are mainly achieved through encryption and signatures.
- (4) Secure information exchange center: Since information is mainly forwarded and accessed through this center, and a large amount of data is stored in the shared database, the security of the information exchange center is the security of the information exchange system center.
- (5) Security management of keys: The security of keys is directly related to the security of information in the exchange.
- (6) Safe information transmission channel: Although information transmission is carried out in an open network, network security technology can still be used to strengthen protocols such as SSL.
- (7) Security management: Standardized security management can improve the awareness of network security, which can reduce the occurrence of some security incidents. According to the 2008 National Information Network Security Situation and Computer Virus Epidemic Survey Report of the Ministry of Public Security, among the more than 12,000 information network users and computer users, the proportion of information network security incidents was 62.7%; the proportion of multiple network security incidents at the same time was 50%, repeated infection rate of 66.8%; computer virus infection rate of 85.5%, indicating that the Internet security awareness of Internet users in China is still relatively weak, did not pay enough attention to the occurrence of network security incidents. Among them, the proportion of attack or virus transmission sources from internal personnel increased by 21% year-on-year, indicating that the network security management work within the unit is not yet in place. [1]