计算机专业英语-3

 

第13讲

 

CH14.3 WIDE AREA NETWORK

 

A wide area network, or WAN, spans a large geographical area, often a country or continent. It contains a collection of machines intended for running user (i.e., application) programs. We will follow traditional usage and call these machines hosts. The term end system is sometimes also used in the literature. The hosts are connected by a communication subnet, or just subnet for short. The job of the subnet is to carry messages from host to host, just as the telephone system carries words from speaker to listener. By separating the pure communication aspects of the network (the subnet) from the application aspects (the hosts), the complete network design is greatly simplified. Relation between hosts and the subnet is shown in Fig. 14-4.

 

One of many methods that can be used to categorize wide area networks is with respect to the flow of information on a transmission facility. If we use this method to categorize wide area networks, we can group them into three basic types: circuit switched, leased line and packet switched.

1. CIRCUIT SWITCHED NETWORKS

The most popular type of network and the one almost all readers use on a daily basis is a circuit switched network. The public switched telephone network, however, is not limited to the telephone company. By purchasing appropriate switching equipment, any organization can construct their own internal circuit switched network and, if desired, provide one or more interfaces to the public switched network to allow voice and data transmission to flow between the public network and their private internal network.

2. LEASED LINE NETWORKS

This is a dedicated network connected by leased lines. Leased line is a communication line reserved for the exclusive use of a leasing customer without inter-exchange switching arrangements. Leased or private lines are dedicated to the user. Their advantage is that the terminal or computer is always physically connected to the line. Very short response times are met with this service.

3. PACKET SWITCHING NETWORKS

A packet network is constructed through the use of equipment that assembles and disassembles packets, equipment that routes packets, and transmission facilities used to route packers from the originator to the destination device. Some types of data terminal equipment (DTE) can create their own packets, while other types of DTE require the conversion of their protocol into packets through the use of a packet assembler/disassembler (PAD). Packets are routed through the network by packet switches. Packet switches examine the destination of packets as they flow through the network and transfer the packets onto trunks interconnecting switches based upon the packet destination and network activity.

Many older public networks follow a standard called X.25. It was developed during 1970s by CCITT to provide an interface between public packet-switched networks and their customers.

CCITT Recommendation X.25 controls the access from a packet mode DTE, such as a terminal device or computer system capable of forming packets, to the DCE at a packet node. CCITT Recommendation X.28 controls the interface between non-packet mode devices that cannot form packets and a PAD. CCITT Recommendation X.29 specifies the interface between the PAD and the host computer. CCITT Recommendation X.3 specifies the parameter settings on the PAD and X.75 specifies the interface between packet networks.

 

EXERCISES

1. Translate the following sentences into Chinese.(P242-243)

1) Bridge: A device used to link two homogeneous local area subnetworks; that is, two subnetworks utilizing the same physical and medium access control method.

2) gateway: A functional unit that interconnects two computers networks with different network architectures.

3) router: A node that can send and receive packets, and route packets from one node to another.

 

2. True/False.(P232)

1) __ A wide area network (WAN) spans a small geographical area.

2) __ We usually call the computers in a WAN hosts or end systems.

3) __ The job of the communication subnet is to carry messages from host to host.

4) __ Separating the subnet from the hosts simplifies the design of network.

5) __ Telephone network is a packet switching network.

6) __ The network complied with X.25 standard is a circuit-switched network.

7) __ We can use the public switched telephone network to transmit voice and data.

8) __ Structuring a packet network, we should use an equipment that assembles and disassembles packet.

 

 

 

 

 

 

第14讲

CH14.4  LOCAL AREA NETWORK

Local area data networks, normally referred to simply as local area networks or LANs, are used to interconnect distributed communities of computer-based DTEs located within a single building or localized group of buildings. For example, a LAN may be used to interconnect workstations distributed around offices within a single building or a group of buildings such as a university campus. Alternatively, it may be used to interconnect computer-based equipment distributed around a factory or hospital complex. Since all the equipment is located within a single establishment, however, LANs are normally installed and maintained by the organization. Hence they are also referred to as private data network.

The main difference between a communication path established using a LAN and a connection made through a public data network is that a LAN normally offers much higher data transmission rates because of the relatively short physical separations involved. In the context of the ISO Reference Model for OSI, however, this difference manifests itself only at the lower network dependent layers. In many instances the higher protocol layers in the reference model are the same for both types of network.

Before describing the structure and operation of the different types of LAN, it is perhaps helpful to first identify some of the selection issues that must be considered. A summary of some of the these issues is given in Fig. 14-5. It should be stressed that this is only a summary; there are also many possible links between the tips of the branches associated with the figure.

1. Topology

Most wide area networks, such as the PSTN, use a mesh (sometimes referred to as network) topology. With LANs, however, the limited physical separation of the subscriber DTEs allows simpler topologies to be used. The four topologies in common use are star, bus, ring and hub.

The most widespread topology for LANs designed to function as data communication subnetworks for the interconnection of local computer-based equipment is the hub topology, which is a variation of the bus and ring. This is shown in Fig. 14-6. Sometimes it is called hub/tree topology.

2. Transmission media

Twisted pair, coaxial cable and optical fiber are the three main types of transmission medium used for LANs.

3. Medium access control methods

Two techniques have been adopted for use of the medium access control in the LANs. They are carrier-sense-multiple-access with collision detection (CSMA/CD), for bus network topologies, and control token, for use with either bus or ring networks.

CSMA/CD is used to control multiple-access networks. Each on the network “listens” before attempting to send a message, waiting for the “traffic” to clear. If two stations try to send their messages at exactly the same time, a “collision” is detected, and both stations are required to “step back” and try later.

Control token is another way of controlling access to a shared transmission medium that is by the use of a control (permission) token. This token is passed from one DTE to another according to a defined set of rules understood and adhered to by all DTEs connected to the medium. A DTE may only transmit a frame when it is in possession of the token and, after it has transmitted the frame, it passes the token on to allow another DTE to access the transmission medium.

 

EXERCISES

Translate the following sentences into Chinese.(P243)

1) Broadband: A particular mode of operation of a coaxial cable. A single coaxial cable can be used to simultaneously transmit a number of separate data streams by assigning each stream a portion of the total available bandwidth. Data are transmitted by modulating a single frequency signal from the selected frequency band and the data is then received by demodulating the received signal.

2) Cyclic redundancy check (CRC): A method used for the detection of errors when data is being transmitted. A CRC is a numeric value computed from the bits in the message to be transmitted. It is appended to the tail of the message prior to transmission and the receiver then detects the presence of errors in the received message by recomputing a new CRC.

3) Asynchronous transfer mode (ATM): The proposed mode of operation of the emerging broadband integrated services digital network. All information to be transmitted – voice, data, image, video – is first fragmented into small, fixed-sized frames known as cells. These are then switched and routed using packet switching principles – also known as cell or post-packet switching.

      

第15讲

CH15-1 THE INTERNET

1. What is the Internet?

Internet is the largest global internetwork, connecting tens of thousand of networks worldwide and having a “culture” that focuses on research and standardization based on real-life use. Many leading-edge network technologies come from the Internet community. The Internet evolved in part from ARPAnet.

ARPAnet is abbreviated from “Advanced Research Projects Agency Network”. Landmark packet-switching network established in 1969. ARPAnet was developed in the 1970s by BBN and funded by ARPA. It eventually evolved into the Internet. The term ARPAnet was officially retired in 1990.

2. Internet services

From the user’s point of view, a TCP/IP internet appears to be a set of application programs that use the network to carry out useful communication tasks. We use the term interoperability to refer to the ability of diverse computing systems to cooperate in solving computational problems. Internet application programs exhibit a high degree of interoperability. Most users that access the Internet do so merely by running application programs without understanding the TCP/IP technology, the structure of the underlying internet, or even the path the data travels to its destination; they rely on the application programs and the underlying network software to handle such details. Only programmers who write network application programs need to view the internet as a network and need to understand some of the technology.

The most popular and widespread Internet application services include:

1) WWW (world wide web)

WWW is a large network of Internet servers providing hypertext and other services to terminals running client applications such as a browser.

WWW enables users to search, access, and download information from a worldwide series of networked servers where information is dynamically interlinked. A Web client passes a user’s request for information to a server, usually by way of a Web browser. The server and client communicate through a transfer protocol, usually the HyperText Transfer Protocol (HTTP). The server then accesses a Web page using a Uniform Resource Locator (URL). Search engines are available to simplify access by enabling users to enter search criteria on a topic and have several URLs returned for Web pages that pertain to the desired information.

Browser is a GUI-based hypertext client application, such as Internet explorer (IE), Mosaic, and Netscape Navigator, used to access hypertext documents and other services located on innumerable remote servers throughout the WWW and Internet.

2) Electronic mail

Electronic mail allows a user to compose memos and send then to individuals or groups. Another part of the mail application allows users to read memos that they have received. Electronic mail has been so successful that many Internet users depend on it for normal business correspondence. Although many electronic mail systems exist, using TCP/IP makes mail delivery more reliable because it does not rely on intermediate computers to relay mail messages. A TCP/IP mail delivery system operates by having the sender’s machine contact the receiver’s machine directly. Thus, the sender knows that once the message leaves the local machine, it has been successful received at the destination site.

There are two kinds of E-mail protocol used in the Internet. One is Simple Mail Transfer Protocol (STMP) which accepts incoming connections and copies messages from them into the appropriate mailboxes. Another is Post Office Protocol-3 (POP3) which fetches E-mail from the remote mailbox and stores it on the user’s local machine to be read later.

3) File Transfer Protocol (FTP)

FTP is an application protocol, part of the TCP/IP protocol stack, used for transferring files between network nodes. Although users sometimes transfer files using electronic mail, mail is designed primarily for short text messages. The TCP/IP protocols include a file transfer application program that allows users to send or receive arbitrarily large files of programs or data. For example, using the file transfer program, one can copy from one machine to another a large database containing satellite images, a program written in Pascal or C++, or even an English dictionary. The system provides a way to check for authorized users, or even to prevent all access. Like mail, file transfer across a TCP/IP internet is reliable because the two machines involved communicate directly, without relying on intermediate machines to make copies of the file along the way.

4) Telecommunication network (Telnet)

Telnet is a standard terminal emulation protocol in the TCP/IP protocol stack. Telnet is used for remote terminal connection, enabling users to log in to remote systems and use resources as if they were connected to a local system.

Remote login allows a user sitting at one computer to connect to a remote machine and establish an interactive login session. The remote login makes it appear that a window on the user’s screen connects directly to the remote machine by sending each keystroke from the user’s keyboard to the remote machine and displaying each character the remote computer prints in the user’s window. When the remote login session terminates, the application returns the user to the local system.

 

EXERCISES

1. Translate the following sentences into Chinese.(P254)

1) Simple Mail Transfer Protocol (SMTP): The application protocol in a TCP/IP suite that is used to transfer mail between an interconnected set of (native) electronic mail systems.

2) Simple network management protocol (SNMP): The application protocol in a TCP/IP suite used to send and retrieve management related information across a TCP/IP network.

3) Transmission Control Protocol/Internet Protocol (TCP/IP): A famous protocol used in the Internet, which contains UDP, TCP, IP, ARP, RARP and ICMP protocols.

4) navigation: The means through which users find their way through a document or APPLICATION. For example, word processing programs use the Page Up and Page Down keys to allow you to move through document.

 

2. Fill in the blanks with appropriate words or phrases.(P246-1)

1) ___ is a large network of Internet servers.

2) ___ is the largest global internetworks.

3) ___ is the landmark packet-switching network.

4) GUI is abbreviated from ___.

5) Many business correspondences are transferred via ___.

6) IE is produced by ___.

7) We access a Web page by using a ___.

8) We can use the ___ to send or receive arbitrarily large files.

9) Many leading-edge network technologies come from ___.

10) ___ is a standard terminal emulation protocol.

 

a) Electronic mail         b) Telnet

c) WWW                           d) Graphical User Interface

e) Internet community f) Internet

g) URL                               h) Microsoft corp.

i) FTP                                j) ARPAnet

 

 

第16讲

CH18-1 IS THERE A SECURITY PROBLEM IN COMPUTING?

This book is about security for computing systems, not banks. Consider the security difference between computing system and banks.

l         Size and portability. The physical devices in computing are so small that a thousand dollars of computing gear will fit comfortably in a briefcase, and ten thousand dollars’ worth can be carried comfortably in two arms.

l         Ability to avoid physical contact. Electronic funds transfers account for most transfers of money between banks. For example, private companies pay employees by direct computer transfer instead of check. Utilities, insurance companies, and mortgage companies automatically process deductions against their clients’ bank accounts. Customers can even bank at home, moving funds between accounts and arranging withdrawals by touch-tone phone access to a computer.

l         Value of assets. The value of the information stored in a computer is also high. Some computers contain confidential information about a person’s taxes, investments, medical history, or education. Other computers contain very sensitive information about new product lines, sales figures, marketing strategy, or military targets, troop movements, weapons capabilities and so forth.

In terms of security, computing is very close to the wild west days. At some installations, computers and their data have been recognized as a valuable and vulnerable resource, and appropriate protection has been applied. Other installations are dangerously deficient in their security measures. But, unlike the “wild west” bankers, some computing professionals and managers do not even recognize the value of the resources they use or control.

Worse yet, in the even of a crime, some companies will not investigate or prosecute, for fear that it will damage their public image. For example, would you feel safe depositing your money in a bank that had just suffered a five million dollar loss through computer embezzlement?

Criminal investigation and prosecution are hindered by statutes that do not recognized electromagnetic signals as property. The news media have recently pictured computer intrusion by teenagers as pranks no more serious than tipping over an outhouse.

Obviously, security in computing is a very important issue. It is an area that deserves study by computer professionals, managers, and even many computer users.

 

EXERCISES

1. Translate the following sentences into Chinese.(P294)

1) Access control: Covers those functions intended to control flows of information between, and use of resources by, users, processes, and objects. Access control ensures that information or resources are only available to, or may only be created by, those with the correct authorization.

2) Alternate routing: A technique used so that transmission can continue on an alternative path in the event of a node failure or congestion.

 

2. Fill in the blanks with appropriate words or phrases.(P280)

1) Electronic funds transfers are able to avoid ___ with money.

2) Private companies pay employees by ___.

3) At some installations, ___ have been recognized as a valuable and vulnerable resource.

4) Because electromagnetic signals are not recognized as properly, ___ are hindered.

5) ___ is an area that deserves study by computer professionals, managers, and even many computer users.

6) Size of notebook computer is very ___.

7) The value of the information stored in a computer is ___.

 

a) security in computing                            b) direct computer transfer

c) criminal investigation and prosecution          d) small

e) physical contact                                   f) computers and their data

g) high

 

 

 

 

 

 

第17讲

CH18.2 CHARACTERISTICS OF COMPUTER INTRUSION AND KINDS OF SECURITY BREACHES

1. CHARACTERISTICS OF COMPUTER INTRUSION

The target of a crime involving computers may be any piece of the computing system. A computing system is a collection of hardware, software, storage media, data, and persons that an organization uses to do computing tasks. Whereas the obvious target of a bank robbery is cash, a list of names and addresses of depositors might be valuable to a competing bank. The list might be on paper, recorded on a magnetic medium, stored in internal computer memory, or transmitted electronically across a medium such as a telephone line. This multiplicity of targets makes computer security difficult.

In any security system, the weakest point is the most serious vulnerability. A robber intent on stealing something from your house will not attempt to penetrate a two-inch thick metal door if a window gives easier access. A sophisticated perimeter physical security system does not compensate for unguarded access by means of a simple telephone line and a modem. The “weakest point” philosophy can be restated as the following principle.

Principle of Easiest Penetration. An intruder must be expected to use any available means of penetration. This will not necessarily be the most obvious means, nor will it necessarily be the one against which the most solid defense has been installed.

This principle says that computer security specialists must consider all possible means of penetration, because strengthening one may just make another means more appealing to intruders. We now consider what these means of penetration are.

2. KINDS OF SECURITY BREACHES

In security, an exposure is a form of possible loss or harm in a computing system; examples of exposures are unauthorized disclosure of data, modification of data, or denial of legitimate access to computing. A vulnerability is a weakness in the security system that might be exploited to cause loss or harm. A human who exploits a vulnerability perpetrates an attack on the system. Threats to computing systems are circumstances that have the potential to cause loss or harm; human attacks are examples of threats, as are natural disasters, inadvertent human errors, and internal hardware or software flaws. Finally, a control is a protective measure – an action, a device, a procedure, or a technique – that reduces a vulnerability.

The major assets of computing systems are hardware, software, and data. There are four kinds of threats to the security of a computing system: interruption, interception, modification, and fabrication. The four threats all exploit vulnerabilities of the assets in computing systems. These four threats are shown in Fig. 18-1.

(1)    In an interruption, an asset of the system becomes lost or unavailable or unusable. An example is malicious destruction of a hardware device, erasure of a program or data file, or failure of an operating system file manager so that it cannot find a particular disk file.

(2)    An interception means that some unauthorized party has gained access to an asset. The outside party can be a person, a program, or a computing system. Examples of this type of failure are illicit copying of program or data files, or wiretapping to obtain data in a network. While a loss may be discovered fairly quickly, a silent interceptor may leave no traces by which the interception can be readily detected.

(3)    If an unauthorized party not only accesses but tampers with an asset, the failure becomes a modification. For example, someone might modify the values in a database, alter a program so that it performs an additional computation, or modify data being transmitted electronically. It is even possible for hardware to be modified. Some cases of modification can be detected with simple measures, while other more subtle changes may be almost impossible to detect.

(4)    Finally, an unauthorized party might fabricate counterfeit objects for a computing system. The intruder may wish to add spurious transactions to a network communication system, or add records to an existing data base. Sometimes these additions can be detected as forgeries, but if skillfully done, they are virtually indistinguishable from the real thing.

These four classes of interference with computer activity – interruption, interception, modification, and fabrication – can describe the kinds of exposures possible. Examples of these kinds of interferences are shown in Fig. 18-2.

 

EXERCISES

Translate the following sentences into Chinese.(P294-295)+1

1) Authentication: (Or Identification) Provides the insurance that a participant does not provide a false identity, in other words it covers those functions which establish and verify the claimed identity of an individual. In order to control access to resources it must be possible to establish and verify user identities, add new users, remove former users, and amend the information required for the authentication of users.

2) Certification: The authoritative act of documenting compliance with agreed requirements.

3) Computer crime is certain to continue. The goal of computer security is to institute controls that preserve secrecy, integrity, and availability. Sometimes these controls are able to prevent attacks; other less powerful methods can only detect a breach as or after it occurs.

 

 

第18讲

CH18.4 COMPUTER VIRUS

It’s March 14, 11:55 PM. A group of business partners are putting the finishing touches on an important report. After celebrating the completion of their efforts they identify a previously unnoticed typo. At 12:05 AM they turn the computer back on only to be greeted with a message saying “Beware the Ides of March.”(Ides of March 指刺杀古罗马独裁者恺撒(Julius Caesar)的预示日（3月15日），即一个不吉利的日子) . The hard drive spins furiously and the report is deleted by a computer virus.

Computer viruses are just one example of what Is commonly referred to as malicious code or malicious programs. Malicious programs are created to perform a series of harmful actions on a computer system. Examples of some actions include file deletion, file corruption, data theft, and the less harmful but equally annoying practical joke. These programs often remain dormant and hidden until an activation event occurs. Examples of activation events are program execution and specific access dates such as March 15, system reboot, and file access. When the predetermined activation event occurs, the malicious program begins its task. In the example above, this task was the deletion of all files in the computer system.

Theory behind viruses

To better understand what a virus can do, It Is helpful to understand how a virus performs its task. Fig. 18-4 contains a flow chart describing the basic actions of a virus. Each action identified in the figure is numerically labeled for explanatory purpose only. The order in which these actions are performed Is Indicated both pictorially, in Fig. 18-4 and in the discussion which follows. While the order of these actions may vary with each virus, the general process remains unchanged – perform an undesirable task and infect other programs and operating systems.

For this discussion two terms are defined: virus activation and virus execution. Virus activation will refer to the Initiation of the virus. Virus execution, however, will refer to the Initiation of the portion of the virus that performs the possible harmful activity the code not directly concerned with infecting a system. Thus, virus execution must be preceded by activation, but activation may not necessarily lead to execution.

Once an infected program is executed or an infected operating system performs a task, the virus is activated. The virus will first determine whether it should be executed. In the event that it should not be executed, it will attempt to locate and identify other susceptible programs, disks, or systems. Any such item will then be infected. After determining that all susceptible items carry a copy of the virus, the virus will stop and allow normal operations to proceed. If the virus meets all of its internal conditions to execute, it will do so. Upon completion of execution, the virus may either reset its conditions or remove itself. The virus will complete and allow normal computation to continue. While this process may seem time consuming and obvious to the user, it is not. Computers operate so quickly nowadays that this process may go easily unnoticed, and often does.

 

 

EXERCISES

Translate the following sentences into Chinese.

Who would want to break into my computer at home?

Intruders (also referred to as hackers, attackers, or crackers) may not care about your identity. Often they want to gain control of your computer so they can use it to launch attacks on other computer systems. Having control of your computer gives them the ability to hide their true location as they launch attacks, often against high-profile computer systems such as government or financial systems. Even if you have a computer connected to the Internet only to play the latest games or to send email to friends and family, your computer may be a target. Intruders may be able to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data.

 

 

 

 

 

=== EOF ===