Shulou(Shulou.com)06/01 Report--

As we all know, the P2DR model is a very popular security model, which consists of four main parts: policy, protection, detection and response.

Policy: policy is the core of the model, and all protection, detection, and response are implemented according to security policy. Network security policy usually consists of overall security policy and specific security policy.

Protection: protection is the preventive measures taken according to the possible security problems in the system, which are realized by traditional static security technology. Protection technologies usually include data encryption, identity authentication, access control, authorization and virtual private network technology, firewall, security scanning and data backup.

Detection: when the person penetrates the protection system, the detection function will play a role and complement the protection system, and detection is the basis of dynamic response.

Response: once the system detects *, the response system starts to work and handles events. The response includes emergency response and recovery processing, and the reply processing includes system recovery and information reply.

P2DR model is under the control and guidance of the overall security policy, in the comprehensive use of protection tools, at the same time, the use of detection tools to understand the security status of the system, through the appropriate response to adjust the system to the safest and lowest risk state. Protection, detection and response constitute a complete and dynamic security cycle to ensure the security of the information system under the guidance of security policies.

According to the P2DR model, all activities related to information security, including * behavior, protection behavior, detection behavior and response behavior, take time. Therefore, time can be used to measure the security and security capability of a system.

As a protection system, each step takes time when a person wants to initiate it, so the P2DR model can use the following typical mathematical formula to express safety requirements.

Pt > Dt + Rt

For the security target that needs to be protected, if the above mathematical formula satisfies that the protection time is greater than the detection time plus the response time, then it can be detected and dealt with in time before the security target is endangered.

The P2DR model also has an obvious disadvantage, that is, it ignores the inherent changing factors, such as the instability of the quality of floating personnel and the implementation of strategies. In fact, security issues involve a wide range of issues, in addition to the design of protection, detection and response, the enhancement of the security and immunity of the system itself, the optimization of the system and the whole network, and the most important quality improvement of personnel in this system, are all issues that the security model does not take into account.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.