摘要
在网站信息安全的现有防护策略中,大多通过不断增加软硬件来实现。这种安全策略一方面会带来业务处理性能的下降,另一方面会由于缺乏系统化、一体化的整体解决思路而导致职责不清、安全隐患定位不准等问题。利用区块链的去中心化、无须信任、不可篡改等特性,从网站实际需求和自身特点出发,通过将区块链技术与网站信息安全防护相融合,提出了一个保障网站信息安全的高效的防护方法。该方法通过对节点组网的设计来解决区块链中的双花攻击,并通过提升节点攻击成本来解决网站常常遭遇到的拒绝服务攻击,确保了网站信息在性能上和安全性上的兼顾。
For existing information security protection solutions on website,most of them utilize hardware or software components.On one hand,these solutions introduce performance degradation of regular business on website.On the other hand,due to the fact that the features of systematization and unify are ignored,it brings the issues of responsibility confusion or inaccurate location of security hazards.As blockchain is decentralized,trust-free and immutable,which motivates us to integrate blockchain technique with information security protection of website.In addition,from the viewpoint of practical requirements of website,a blockchain based solution to protect information security of website is proposed.In detail,this solution solves the double-spending issue by designing and constructing blockchain.Furthermore,the cost of attack is increased,so as to solve the denial of service issue.The analysis demonstrates that both performance and security for the proposed solution can be achieved.
作者
章洪波
冯惠新
ZHANG Hong-bo;FENG Hui-xin(Tianjin Tobacco Monopoly Bureau,Tianjin 300000,China)
出处
《电脑与信息技术》
2020年第4期57-60,共4页
Computer and Information Technology
关键词
区块链
公有链
信息安全
双花攻击
拒绝服务攻击
blockchain
public blockchain
information security
double-spending
denial of service
