Wondershare EdrawMind
MindMap Gallery System Integration Project Management Engineer 3rd EditionSoft Test SuccessChapter 2 Information Technology Development
- 19
System Integration Project Management Engineer 3rd EditionSoft Test SuccessChapter 2 Information Technology Development
System Integration Project Management Engineer 3rd Edition/Soft Test Midterm/Chapter 2 Development of Information Technology. Information technology is the general term for the application technology of acquiring information, processing information, transmitting information and using information under the basic principles and methods of information science.
Edited at 2024-03-14 10:17:07
- bacteria
This is a mind map about bacteria, and its main contents include: overview, morphology, types, structure, reproduction, distribution, application, and expansion. The summary is comprehensive and meticulous, suitable as review materials.
- Plant asexual reproduction
This is a mind map about plant asexual reproduction, and its main contents include: concept, spore reproduction, vegetative reproduction, tissue culture, and buds. The summary is comprehensive and meticulous, suitable as review materials.
- Reproductive development of animals
This is a mind map about the reproductive development of animals, and its main contents include: insects, frogs, birds, sexual reproduction, and asexual reproduction. The summary is comprehensive and meticulous, suitable as review materials.
System Integration Project Management Engineer 3rd EditionSoft Test SuccessChapter 2 Information Technology Development
- bacteria
This is a mind map about bacteria, and its main contents include: overview, morphology, types, structure, reproduction, distribution, application, and expansion. The summary is comprehensive and meticulous, suitable as review materials.
- Plant asexual reproduction
This is a mind map about plant asexual reproduction, and its main contents include: concept, spore reproduction, vegetative reproduction, tissue culture, and buds. The summary is comprehensive and meticulous, suitable as review materials.
- Reproductive development of animals
This is a mind map about the reproductive development of animals, and its main contents include: insects, frogs, birds, sexual reproduction, and asexual reproduction. The summary is comprehensive and meticulous, suitable as review materials.
- Recommended to you
- Outline
System Integration Project Management Engineer 3rd EditionChapter 7 Software and Hardware System Integration
- 22
System Integration Project Management Engineer 3rd EditionSoft Test Midterm Chapter 13 Monitoring Process Group
- 21
System Integration Project Management Engineer 3rd EditionSoft Test MidtermChapter 14 Closing Process Group
- 15
Systems Integration Project Management Engineer 3rd EditionChapter 4 Information Systems Architecture
- 31
Information technology development
一、 summary
Information technology is a general term for applied technologies that acquire information, process information, transmit information and use information under the basic principles and methods of information science.
Information technology is a means to achieve informatization and the basis for the construction of information systems.
The new generation of information technology has become a strategic industry that countries around the world invest in and focus on development.
二、 Information technology and its development
i. summary
Information technology is formed by the combination of computer technology and telecommunications technology based on microelectronics. It acquires, processes, processes, stores, and stores sound, image, text, digital and various sensor signal information. Dissemination and use of technology.
According to different forms of expression, information technology can be divided into hard technology (materialized technology) and soft technology (non-materialized technology). The former refers to various information equipment and their functions, such as sensors, servers, smartphones, communication satellites, and laptops. The latter refers to various knowledge, methods and skills related to information acquisition and processing, such as language and writing technology, data statistical analysis technology, planning and decision-making technology, computer software technology, etc.
ii. Computer hardware and software
1. Computer Hardware
(1) It refers to the general term for various physical devices composed of electronic, mechanical and optoelectronic components in a computer system. These physical devices form an organic whole according to the requirements of the system structure and provide a material basis for the operation of computer software.
(2) Mainly divided into: formula: access equipment for air transport storage
1||| controller
Controller: issues control information according to pre-given commands, so that the entire computer instruction execution process proceeds step by step. It is the nerve center of the computer. Its function is to interpret the control information specified by the program and control it according to its requirements, and schedule the program. , data and addresses, coordinate the work of various parts of the computer and access to memory and peripherals, etc.
The main function: Retrieve an instruction from the memory and indicate the location of the next instruction in the memory, decode or test the instruction, and generate corresponding operation control signals to initiate specified actions; command and control the CPU, memory and input/output The direction of data flow between devices.
2||| operator
The function of the arithmetic unit is to perform various arithmetic operations and logical operations on data, that is, to process the data.
The basic operations of the arithmetic unit include the four arithmetic operations of addition, subtraction, multiplication, and division, logical operations such as AND, OR, NOT, and XOR, as well as operations such as shifts, comparisons, and transmissions. It is also called the Arithmetic Logic Unit (ALU). When the computer is running, the operation and type of operation of the arithmetic unit are determined by the controller. The arithmetic unit accepts the commands of the controller and performs actions. That is, all operations performed by the arithmetic unit are directed by the control signals sent by the controller.
3||| memory
The function of memory is to store programs, data, various signals, commands and other information, and to provide this information when needed. Memory is divided into memory inside the computer (referred to as memory) and memory outside the computer (referred to as external memory). Internal memory can be functionally divided into two categories: read-write memory RAM and read-only memory ROM.
Computer storage capacity is measured in bytes, which are: byte B (1Byte=8bit), kilobyte (1KB=1024B), megabyte (1MB=1024KB), gigabyte (1GB=1024MB), terabyte section (1TB = 1024GB).
Computer external memories generally include: floppy disks and floppy drives, hard disks, optical disks, etc., as well as USB interface-based mobile hard disks, rewritable electronic hard disks, USB flash drives, etc.
4||| input device
Input devices are an important part of the computer. Input devices and output devices are collectively called external devices, referred to as peripherals. The function of the input device is to input information such as programs, original data, text, characters, control commands or data collected on site into the computer. computer.
Commonly used input devices include keyboards, mice, microphones, cameras, scanners, code scanners, handwriting pads, touch screens, etc.
5||| output device
The output device is also an important part of the computer. It outputs the intermediate results or final results of the external computer, various data symbols and text in the computer, or various control signals and other information.
Commonly used output devices include: monitors, printers, laser printers, plotters, etc.
2. Computer Software
(1) It refers to the program and its documentation in the computer system. The program is the description of the processing object and processing rules of the computing task; the documentation is the illustrative material used to facilitate the understanding of the program.
(2) If a computer is compared to a person, then the hardware represents the human body, while the software represents the human mind and soul. A computer without any software installed is called "bare metal".
(3) divided into
1||| system software
System software refers to a system that controls and coordinates computers and external devices, and supports the development and operation of application software. It is a collection of various programs that do not require user intervention. Its main function is to schedule, monitor and maintain computer systems; it is responsible for managing various aspects of computer systems. Independent hardware allows them to work in harmony. System software allows computer users and other software to treat the computer as a whole without having to consider how the underlying hardware works.
2||| application
Application software is a collection of various programming languages that users can use and application programs compiled in various programming languages. It is divided into software packages and user programs.
An application software package is a collection of programs designed to use computers to solve certain types of problems, mostly for users to use. Application software is software provided to meet the application needs of users in different fields and problems.
3||| middleware
Middleware is software that sits between the operating system and applications. It uses the basic services (functions) provided by the system software to connect various parts of the application system or different applications on the network, and can achieve the purpose of resource sharing and function sharing. Middleware is a common service located between the platform (hardware and operating system) and the application. These services have standard program interfaces and protocols. For different operating systems and hardware platforms, no matter how the underlying computer hardware and system software are updated, as long as the middleware is upgraded and the external interface definition of the middleware remains unchanged, the application software hardly needs any modification, thus Ensure the continuous and stable operation of application software.
3. Hardware and software are interdependent. Hardware is the material basis on which software works, and the normal operation of software is an important way for hardware to function. With the development of computer technology, in many cases, certain functions of the computer can be implemented by either hardware or software. Therefore, in a certain sense, there is no absolutely strict boundary between hardware and software.
iii. computer network
1. In the computer field, a network uses physical links to connect isolated workstations or hosts to form a data link, thereby achieving the purpose of resource sharing and communication. Computers connect multiple computer systems with different geographical locations and independent functions through communication equipment and lines, and combine with network software (network protocols, information exchange methods, network operating systems, etc.) to realize the sharing of different computer resources.
2. communication basics
Communication refers to the exchange and transmission of information between people and between people and nature through certain behaviors or media. Electrical (optical) communication refers to the process of transmitting and exchanging information from one place to another. The purpose of communication is to deliver the information contained in the message. Continuous messages refer to messages whose status changes continuously over time, such as voice, etc. Discrete messages refer to messages whose status is discrete, such as symbols, data, etc.
Communication systems and models
A communication system consists of three parts: source system (sender or sender), transmission system (transmission network) and destination system (receiver or receiver).
Key Technologies for Modern Communications
(1) Generally speaking, communication technology is actually related technologies of communication systems and communication networks. A communication system refers to all the facilities required for point-to-point communication, while a communication network is all the facilities that can communicate with each other among multiple points composed of many communication systems.
(2) Include
1||| digital communication technology
It is a communication method that uses digital signals as a carrier to transmit information, or uses digital signals to digitally debug the carrier wave before transmitting it. It can transmit digital signals such as telegrams and digital data, as well as analog signals such as digitized voice and images.
2||| information transmission technology
It is a general term mainly used for various technologies used to manage and process information. It mainly applies computer science and communication technology to design, develop, install and implement information systems and application software; it is also often called information and communication technology.
3||| Communication network technology
Physically connect isolated devices to realize links for information exchange between people, people and computers, and computers to achieve the purpose of resource sharing and communication.
3. Network basics
(1) Classification by network scope
1||| Personal Area Network (PersonalAreaNetwork,PAN)
An ad hoc network that connects personal electronic devices (such as portable computers, etc.) using wireless technology at a person's work place, so it is often called a wireless personal area network WPAN (Wireless PAN). From a computer network perspective, PAN is a local area network, and its range is usually around 10m.
2||| Local Area Network (LAN)
Usually refers to using microcomputers or workstations connected through high-speed communication lines (the rate is usually above 10Mb/s), and its geographical range is usually about 1km. Usually covers a campus, a unit, a building, etc.
3||| Metropolitan Area Network (MAN)
The range of action can span several blocks or even the entire city, and its range is approximately 5-50km.
4||| Wide Area Network (WAN)
Node switches are used to connect each host, and the connection links between the node switches are generally high-speed links with large communication capacity. The scope of a wide area network is usually tens to thousands of kilometers, and it can transmit data over long distances across a country or a continent.
(2) Classification from the perspective of network users
1||| Public Network
Refers to a large-scale network funded and built by telecommunications companies to provide services to the public, also known as a public network.
2||| Private Network
Refers to the network built by a certain department to meet the special business work of the unit. This network does not provide services to people outside the unit. For example, electric power, military, railways, banks, etc. all have dedicated networks for this system.
4. Internet equipment
(1) The transmission of information in the network mainly includes Ethernet technology and network switching technology. Network switching refers to a form of switching that uses certain equipment (such as switches, etc.) to convert different signals or signal forms into signal types that can be recognized by the other party to achieve communication purposes. Common ones include data switching, line switching, and message switching. switching and packet switching.
(2) In computer networks, network switching can be divided into:
1||| Physical layer switching (such as telephone network)
2||| Link layer switching (Layer 2 switching--change the MAC address)
3||| Network layer switching (three-layer switching--changing the IP address)
4||| Transport layer switching (four-layer switching--changing ports, relatively rare)
5||| application layer switching
(3) During network interconnection, each node generally cannot be simply connected directly, but needs to be implemented through network interconnection equipment. According to the layering principle of the OSI reference model, the intermediate device must implement the protocol conversion function between different networks.
(4) They are classified according to the different protocol layers they work on:
1||| Repeater (implements physical layer protocol conversion and converts binary signals between cables);
2||| Network bridge (implementing physical layer and data link layer protocol conversion);
3||| Router (implementing protocol conversion between the network layer and the following layers);
4||| Gateway (providing protocol conversion from the lowest layer to the transport layer or above);
5||| switch
(5) In actual applications, the equipment provided by each manufacturer is multi-functional and backward compatible.
(6) With the increasingly widespread use of wireless technology, there are currently many wireless network-based products on the market, including wireless network cards, wireless APs, wireless bridges, and wireless routers.
5. network standard protocol
(1) A network protocol is a set of rules, standards, or conventions established for the exchange of data in a computer network. Network protocols consist of three elements, namely semantics, syntax and timing. Semantics is the explanation of the meaning of each part of the control information. It stipulates what kind of control information needs to be sent, the completed actions and what kind of response should be made; syntax is the structure and format of user data and control information, and the order in which the data appears: Chronology is a detailed description of the order in which events occur. People vividly describe these three elements as: semantics represents what to do, syntax represents how to do it, and timing represents the order of doing it.
(2) OSI
The Open System Interconnect reference model (Open System Interconnect, OSI) jointly developed by the International Organization for Standardization (ISO) and the International Telegraph and Telephone Consultative Committee (CCITT).
Its purpose is to provide a common foundation and standard framework for heterogeneous computer interconnection, and to provide a common reference for maintaining the consistency and compatibility of related standards.
OSI uses a layered structured technology, which is divided into seven layers from bottom to top: physical layer, data link layer, network layer, transport layer, session layer, presentation layer and application layer.
WAN protocols operate at the bottom three layers of the OSI reference model and define communications over different WAN media. WAN protocols mainly include: PPP point-to-point protocol, ISDN integrated services digital network, xDSL (general name for DSL digital subscriber lines: HDSL, SDSL, MVL, ADSL), DDN digital dedicated line, x.25, FR frame relay, ATM asynchronous transmission mode .
(3) IEEE802 protocol family
The IEEE802 specification defines how the network card accesses the transmission medium (such as optical cable, twisted pair, wireless, etc.) and the method of transmitting data on the transmission medium. It also defines the establishment, maintenance and teardown of connections between network devices that transmit information. . Products that comply with the IEEE802 standard include network cards, bridges, routers, and other components used to establish local area networks.
The IEEE802 specification includes a series of standard protocol families, among which the Ethernet specification IEEE 802.3 is an important LAN protocol, including:
(4) TCP/IP
The TCP/IP protocol is the core of the Internet protocol. In the application layer, the TCP/IP protocol defines many application-oriented protocols. Applications use the network to complete data interaction tasks through this layer of protocols. These agreements mainly include:
Based on TCP
1||| FTP (File Transfer Protocol, file transfer protocol)
It is a protocol for transferring files between two computers on the network. It is a way to copy files from the client to the server through the Internet. The transmission modes include Bin (binary) and ASCII (text file). Except for text files, binary mode should be used for transmission.
2||| HTTP (Hypertext Transfer Protocol, Hypertext Transfer Protocol)
Is a transport protocol used to transmit hypertext from a WWW server to a local browser. It can make the browser more efficient and reduce network transmission. It not only ensures that the computer transmits hypertext documents correctly and quickly, but also determines which part of the transmitted document and which part of the content is displayed first.
3||| SMTP (Simple Mail Transfer Protocol, simple mail transfer protocol)
Is a protocol that provides reliable and efficient transmission of email. SMTP is an email service built on the FTP file transfer service. It is mainly used to transfer email information between systems and provide email-related notifications.
4||| Telnet (remote login protocol)
It is a login and emulation program whose basic function is to allow users to log in and enter remote computer systems. Previously, Telnet was a simple terminal program that sent all user input to the remote computer for processing. Currently, some of its newer versions perform more processing locally, provide better response, and reduce the amount of information sent over the link to the remote computer.
Based on UDP
1||| TFTP (Trivial File Transfer Protocol, simple file transfer protocol)
It is a protocol used for simple file transfer between client and server, providing uncomplicated and low-cost file transfer services. Built on UDP, it provides unreliable data stream transmission services, does not provide storage authorization and authentication mechanisms, and uses timeout retransmission to ensure the arrival of data.
2||| DHCP (Dynamic Host Configuration Protocol, dynamic host configuration protocol)
It is designed based on client/server structure. All IP network setting data are centrally managed by the DHCP server and are responsible for processing the client's DHCP requests; the client will use the IP environment data assigned from the server. IP addresses allocated by DHCP can be divided into three methods: fixed allocation, dynamic allocation and automatic allocation.
3||| DNS (Domain Name System, domain name system)
There is a one-to-one correspondence between domain names and IP addresses on the Internet. Although domain names are easy for people to remember, machines can only recognize each other's IP addresses. The conversion between them is called domain name resolution. Domain name resolution requires a specialized Domain name resolution server to complete, DNS is the server that performs domain name resolution. DNS finds computers and services by user-friendly names.
4||| SNMP (Simple Network Management Protocol, simple network management protocol)
It was proposed to solve router management problems on the Internet. It can be used on IP, IPX, AppleTalk and other transmission protocols. SNMP refers to a collection of network management specifications, including the protocol itself, the definition of data structures and some related concepts. At present, SNMP has become the de facto industrial standard in the field of network management and is widely supported and applied. Most network management systems and platforms are based on SNMP.
(5) TCP and UDP
There are two important transmission protocols in the OSI transport layer, namely TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). These protocols are responsible for providing flow control, error checking and sorting. Serve.
TCP is one of the most important protocols in the entire TCP/IP protocol suite. Based on the unreliable data services provided by the IP protocol, it uses retransmission technology to provide applications with a reliable, connection-oriented, full-double data transfer service. The TCP protocol is generally used in situations where the amount of data transmitted is relatively small and reliability requirements are high.
UDP is an unreliable, connectionless protocol that ensures communication between application processes. Compared with TCP, UDP is a connectionless protocol, and its error detection function is much weaker. It can be said that TCP helps in providing reliability while UDP helps in increasing the transfer rate. The UDP protocol is generally used in situations where a large amount of data is transmitted and the reliability requirements are not very high, but fast speed is required.
6. Software Defined Networking SDN
Software Defined Network (SDN) is a new innovative network architecture and an implementation method of network virtualization. It can define and control the network through software programming. It combines the control plane of network equipment with data. The network is separated from each other, thereby achieving flexible control of network traffic, making the network more intelligent, and providing a good platform for the innovation of core networks and applications.
Using the idea of layering, SDN separates data and control. The control layer includes a logically centralized and programmable controller that can grasp global network information and facilitate operators and researchers to manage and configure the network and deploy new protocols. The data layer, including dumb switches (different from traditional Layer 2 switches, refers specifically to devices used to forward data), only provides simple data forwarding functions, which can quickly process matching data packets to adapt to the increasing flow rate. beg. The two layers use open unified interfaces (such as Openflow, etc.) to interact. The controller delivers unified standard rules to the switch through a standard interface, and the switch only needs to perform corresponding actions according to these rules. SDN breaks the closed nature of traditional network equipment.
The overall architecture of SDN is divided into data plane, control plane and application plane from bottom to top (from south to north). Among them, the data plane is composed of general network hardware such as switches, and various network devices are connected through SDN data paths formed by different rules; the control plane includes the logically centered SDN controller, which masters global network information and is responsible for all aspects of the network. Control of forwarding rules; the application plane includes various SDN-based network applications, and users can program and deploy new applications without caring about the underlying details.
The control plane and data plane communicate through the SDN Control-Data-Plane Interface (CDPI), which has a unified communication standard and is mainly responsible for delivering the forwarding rules in the controller to the forwarding device. The main application is the OpenFlow protocol. The control plane and the application plane communicate through the SDN North Bound Interface (NBI). NBI is not a unified standard. It allows users to customize and develop various network management applications according to their own needs.
The interfaces in SDN are open, with the controller as the logical center. The southbound interface is responsible for communicating with the data plane, the northbound interface is responsible for communicating with the application plane, and the east-west interface is responsible for communication between multiple controllers. The most mainstream southbound interface CDP! uses the OpenFlow protocol. The most basic feature of OpenFlow is to match forwarding rules based on the concept of flow. Each switch maintains a flow table (FlowTable) and forwards according to the forwarding rules in the flow table. The establishment, maintenance and distribution of the flow table It's all done by the controller. For the northbound interface, the application calls various required network resources through northbound interface programming to achieve rapid configuration and deployment of the network. The east-west gate makes the controller scalable and provides technical guarantee for load balancing and performance improvement.
7. fifth generation mobile communication technology
The fifth generation mobile communication technology (5G) is a new generation of mobile communication technology with the characteristics of high speed, low delay and large connection.
The International Telecommunications Union (JTU) defines eight major indicators of 5G:
5G international technical standards focus on meeting the needs of flexible and diverse Internet of Things. Based on the basic technologies of Orthogonal Frequency Division Multiple Access (OFDMA) and Multiple Input Multiple Output (MIMO), 5G adopts a new and flexible system design to support three major application scenarios. In terms of frequency bands, unlike 4G, which supports mid- and low-frequency bands, 5G supports both mid-low-frequency and high-frequency bands. In order to support high-speed transmission and better coverage, 5G adopts LDPC (a group error correction code with a sparse check matrix) and Polar (a linear block code based on channel polarization theory) new channel coding schemes with stronger performance Large-scale antenna technology, etc. In order to support low latency and high reliability, 5G uses technologies such as short frames, fast feedback, and multi-layer/multi-station data retransmission.
The International Telecommunications Union (ITU) has defined three major application scenarios for 5G, namely enhanced mobile broadband (eMBB), ultra-reliable low-latency communications (uRLLC) and massive machine type communications (mMTC). Enhanced mobile broadband is mainly aimed at the explosive growth of mobile Internet traffic and provides mobile Internet users with a more extreme application experience; ultra-high reliability and low-latency communication is mainly aimed at industrial control, telemedicine, autonomous driving, etc. It has extremely high latency and reliability Required vertical industry application needs: Massive machine-type communications are mainly oriented to application needs targeting sensing and data collection, such as smart cities, smart homes, and environmental monitoring.
iv. Storage and database
1. storage technology
(1) Storage classification is divided into closed system storage and open system storage according to server type. Closed systems mainly refer to servers such as mainframes. Open systems refer to servers based on operating systems including Kirin, Euler, UNIX, Linux and other operating systems. Open system storage is divided into: built-in storage and plug-in storage.
(2) Plug-in storage is divided into
1||| Direct-Attached Storage (DAS)
DAS, also known as SAS (Server-Attached Storage, server-attached storage). DAS is defined as a data storage device directly connected to various server or client expansion interfaces. It relies on the server and is a stack of hardware without any storage operating system. In this approach, the storage device is connected directly to the server via a cable (usually a SCSI interface cable), and I/O (input/output) requests are sent directly to the storage device.
2||| Networked storage (Fabric-Attached Storage, FAS) is divided into
a. Network-Attached Storage (NAS)
NAS is also called a network direct-attached storage device or a network disk array. It is a professional network file storage and file backup device. It is based on LAN (local area network) and communicates in accordance with the TCP/IP protocol. It uses file I/O O (input/output) mode for data transmission. A NAS includes a core processor, file service management tools, and one or more hard drives for data storage.
b. Storage Area Network (SAN)
SAN is a high-speed dedicated subnet that connects storage devices such as disk arrays and tapes to related servers through fiber optic hubs, fiber optic routers, fiber optic switches and other connecting devices. SAN is composed of three basic components: interfaces (such as SCSI, Fiber Channel, ESCON, etc.), connection devices (switching equipment, gateways, routers, hubs, etc.) and communication control protocols (such as IP and SCSI, etc.). These three components, plus additional storage devices and independent SAN servers, form a SAN system. SAN mainly includes FC SAN and IP SAN. The network medium of FC SAN is Fiber Channel, while IP SAN uses standard Ethernet. IP SAN can well combine the sharing features provided by SAN for servers and the ease of use of IP networks, and provide users with a high-performance experience similar to local storage on the server.
(3) Storage virtualization
Storage virtualization is one of the core technologies of "cloud storage". It integrates storage resources from one or more networks and provides users with an abstract logical view. Users can use the unified logic in this view to interface to access integrated storage resources.
Storage virtualization enables storage devices to be converted into logical data stores. A virtual machine is stored as a set of files in a directory on the datastore. Data storage is a logical container similar to a file system. It hides the characteristics of each storage device and forms a unified model to provide disks to virtual machines. Storage virtualization technology helps the system manage virtual infrastructure storage resources, reporting resource utilization and flexibility, and application uptime.
(4) green storage
Green storage technology refers to technology used from the perspective of energy conservation and environmental protection to design and produce storage products with better energy efficiency, reduce the power consumption of data storage devices, and improve the performance per watt of storage devices.
The core of green storage technology is to design processors and more efficient systems that run cooler, produce storage systems or components with lower energy consumption, and reduce the electronic carbon compounds produced by products. The ultimate goal is to improve the performance of all network storage devices. Energy efficiency, using the least storage capacity of water to meet business needs, thereby consuming the least energy. A storage system guided by green concepts is ultimately a balance between storage capacity, performance, and energy consumption.
Green storage technology involves all storage sharing technologies, including disk and tape systems, server connections, storage devices, network architecture and other storage network architecture, file services and storage application software, recovery data deletion, automatic thin provisioning and tape-based backup technology Storage technologies that can improve storage utilization and reduce construction and operating costs aim to improve the energy efficiency of all network storage technologies.
2. data structure model
(1) The data structure model is the core of the database system. Data structure transformation describes the method of structuring and manipulating data in the database. The structural part of the model specifies how the data is described (such as trees, tables, etc.). The manipulation part of the model specifies operations such as adding, deleting, displaying, maintaining, printing, searching, selecting, arranging, and updating data.
(2) There are three common data structure models: hierarchical model, network model and relational model. The hierarchical model and the network model are collectively called the formatted data model.
1||| hierarchical model
The hierarchical model is the earliest model used in database systems. It uses a "tree" structure to represent the association between entity sets, in which the entity sets (represented by rectangular boxes) are nodes, and the connections between the nodes in the tree represent the relationship between them. (Can only handle one-to-many entity relationships)
Any given record value in the hierarchical model can only be viewed according to its hierarchical path. No child record value can exist independently from the parent record value.
Key benefits include:
a. The data structure of the hierarchical model is relatively simple and clear
b. The query efficiency of the hierarchical database is high, and its performance is better than the relational model and no less than the network model.
c. 3: The hierarchical model provides good integrity support.
The main disadvantages include:
a. Many relationships in the real world are non-hierarchical, and it is not suitable to use hierarchical models to represent many-to-many relationships between nodes.
b. If a node has multiple parent nodes, etc., using a hierarchical model to represent such connections is clumsy and can only be solved by introducing redundant data or creating unnatural data structures.
c. There are many restrictions on insertion and deletion operations, so writing applications is more complicated.
d. Querying child nodes must go through the parent nodes.
e. Due to its tight structure, hierarchical commands tend to be procedural.
2||| mesh model
A data structure model that uses a directed graph structure to represent entity types and relationships between entities is called a network model.
In the network model, records are used as the storage unit of data. A record contains several data items. Data items in a network database can be multi-valued and composite data. Each record has an internal identifier that uniquely identifies it, called a code (DatabaseKey, DBK), which is automatically assigned by the database management system DBMS when a record is stored in the database. DBK can be regarded as the logical address of the record, can be used as a "stand-in" for the record, or can be used to find records. The network database is a navigation database. When operating the database, users not only explain what to do, but also how to do it. For example, in the search statement, not only the search object must be specified, but also the access path must be specified.
Key benefits include:
a. It can describe the real world more directly and express various complex relationships between entities.
b. It has good performance and high access efficiency.
The main disadvantages include:
a. The structure is relatively complex and not easy for users to use.
b. Data independence is poor. Since the relationship between entities is essentially represented by access paths, applications must specify access paths when accessing data.
3||| relational model
The relational model is a model that uses a two-dimensional table to represent entities and the connections between entities in a relational structured database. The relational model is developed based on the relational concept in set theory. In the relational model, both entities and the connections between entities are represented by a single structural type relationship.
Key benefits include:
a. Single data structure:
In the relational model, both entities and the connections between entities are represented by relationships, and relationships correspond to a two-dimensional data table, and the data structure is simple and clear.
b. Relationships are standardized and based on strict theoretical foundations:
The basic norms that constitute a relationship require that each attribute in the relationship cannot be subdivided, and that the relationship is based on strict mathematical concepts with a solid theoretical foundation.
c. Simple concept and easy to operate:
The biggest advantage of the relational model is that it is simple and easy for users to understand and master. A relationship is a two-dimensional table. Users only need to use simple query languages to operate the database.
The main disadvantages include:
a. The access path is transparent to users, and the query efficiency is often not as good as the formatted data model.
b. In order to improve performance, user query requests must be optimized, which increases the difficulty of developing a database management system.
3. Common database types
(1) Relational database (SQL)
Network databases and hierarchical databases have well solved the problems of data centralization and sharing, but there are still big deficiencies in data independence and abstraction levels. When users access these two databases, they still need to clarify the storage structure of the data and indicate the access path. To solve this problem, relational database came into being, which uses the relational model as the way to organize data.
A relational database is a collection of all entities and the relationships between entities in a given application domain. Relational databases support the ACID principles of transactions, that is, the four principles of atomicity, consistency, isolation, and durability ensure the correctness of data during the transaction process.
Key features include
1||| The order of rows and columns in the table is not important
2||| Row: Each row in the table, also called a record
3||| Column: Each column in the table, also known as attributes and fields
4||| Primary key PK (Primary key): the field foreign key FK field used to uniquely determine a record
5||| Domain: The value range of the attribute. For example, gender can only have two values: "male" and "female"
(2) Non-relational database (Not Only SQL, NoSQL)
Non-relational data mining database is a distributed, non-relational data storage system that does not guarantee compliance with ACID principles. NoSQL data storage does not require a fixed table structure, and there are usually no join operations. It has performance advantages that relational databases cannot match in terms of big data access.
Key features include
1||| unstructured storage
2||| Based on multidimensional relational model
3||| Have specific usage scenarios
Common non-relational databases are divided into:
1||| key-value database
Similar to hash tables used in traditional languages. You can add, query or delete the database by key, because using key primary key access will achieve high performance and scalability. For information systems, the advantages of the Key/Value type are simplicity, ease of deployment, and high concurrency.
2||| Column-oriented database
Store data in column families. A column family store is often queried together. For example, people often query a person's name and age instead of salary. In this case, the name and age will be placed in one column family, and the salary will be placed in another column family. This kind of database is usually used to deal with distributed storage of massive data.
3||| Document-Oriented database
The document database can be regarded as an upgraded version of the key-value database, allowing key values to be nested, and the query efficiency of the document database is higher than that of the key-value database. Document-oriented databases store data in the form of documents.
4||| graph database
Allows people to store data as graphs. Entities will act as vertices, and relationships between entities will act as edges.
4. database
Traditional database systems lack market historical data information required for decision-making analysis, because traditional databases generally only retain current or recent data information. In order to meet the prediction and decision-making analysis needs of middle and high-level managers, a data environment—a data warehouse—that can meet the prediction and decision-making analysis needs was created on the basis of traditional databases.
Basic concepts related to data warehouse include
1||| Extract/Transformation/Load, ETL
The user extracts all the data from the data source, and after data cleaning and conversion, the data is finally loaded into the data warehouse according to the predefined data warehouse model.
2||| metadata
Data about data refers to key data related to data source definitions, target definitions, conversion rules, etc. generated during the data warehouse construction process. Metadata also contains business information about the meaning of the data. Typical metadata includes: the structure of the data warehouse table, the attributes of the data warehouse table, the source data of the data warehouse (recording system), the mapping from the recording system to the data warehouse, the specification of the data model, the extraction of logs and the utility of accessing the data. Routines etc.
3||| granularity
The level of granularity or comprehensiveness of data stored in a data warehouse's data warehouse. The higher the degree of refinement, the smaller the granularity level; conversely, the lower the degree of refinement, the larger the granularity level.
4||| segmentation
Data with the same structure is divided into multiple physical units of data. Any given unit of data is subject to exactly one partition.
5||| data mart
Small, department- or workgroup-level data warehouse.
6||| Operation Data Store (ODS)
A data collection that can support an organization's daily global applications is a new data environment different from DB, and is a hybrid form obtained after DW expansion. It has four basic characteristics: topic-oriented, integrated, variable, and current or near-current.
7||| data model
Logical data structure, including the operations and constraints provided by a database management system for efficient database processing; a system used to represent data.
8||| Artificial relationship
A design technique that uses 1-1 to represent referential integrity in a decision support system environment.
A data warehouse is a subject-oriented, integrated, non-volatile, time-varying collection of data used to support management decisions.
Architecture
1||| data source
It is the foundation of the data warehouse system and the data source of the entire system. Usually includes information internal to the organization and information external to the organization. Internal information includes storing various business processing data and various document data in the relational database management system. External information includes various laws and regulations, market information, competitor information, etc.
2||| Data storage and management
It is the core of the entire data warehouse system. The organization and management method of the data warehouse determines that it is different from traditional databases, and also determines its representation of external data. Extract, digest and effectively integrate data from existing business systems, and organize it according to themes. Data warehouses can be divided into organizational-level data warehouses and department-level data warehouses (often called data marts) according to the scope of data coverage.
3||| Online analytical processing (On-LineAnalyticProcessing, OLAP) server
OLAP effectively integrates the data required for analysis and organizes it according to multi-dimensional models to conduct multi-angle and multi-level analysis and discover trends. Its specific implementation can be divided into: OLAP (Relational OLAP, ROLAP) based on relational database, OLAP (Multidimensional OLAP, MOLAP) based on multidimensional data organization, and OLAP (Hybrid OLAP, HOLAP) based on hybrid data organization. ROLAP basic data and aggregate data are stored in RDBMS; MOLAP basic data and aggregate data are stored in multi-dimensional databases; HOLAP basic data are stored in Relational Database Management System (RDBMS), and aggregate data are stored in in a multidimensional database.
4||| Front-end tools
Front-end tools mainly include various query tools, report tools, analysis tools, data mining tools, and various application development tools based on data warehouses or data marts. Among them, data analysis tools are mainly aimed at OLAP servers, while reporting tools and data mining tools are mainly aimed at data warehouses.
v. information security
i. Common information security problems mainly include: proliferation of computer viruses, malware intrusions, hacker attacks, use of computer crimes, proliferation of illegal information on the Internet, leaks of personal privacy, etc. With the widespread application of new generation information technologies such as the Internet of Things, cloud computing, artificial intelligence, and big data, information security is also facing new problems and challenges.
ii. Information security basics
Information security attributes
1. Confidentiality
meaning
The property that information is not disclosed to or used by unauthorized individuals, entities, and processes.
Ensures that transmitted data is only read by its intended recipient
Way to achieve
1||| encryption
2||| Access control
3||| information steganography
2. integrity
meaning
"Protecting the correct and complete character of the asset."
Ensure that the data received is the data sent and the data should not be changed.
Three aspects of checking integrity:
1||| Block modifications by unauthorized parties
2||| Prevent authorized subjects from making unauthorized modifications, such as misuse
3||| Make sure the data has not been changed, this requires some way to verify
3. Availability
meaning
Features that authorized entities can access and use when needed.
Make sure the data is available when needed.
Information Security Triad = Information Security Objectives
4. Other attributes and goals
(1) authenticity
(2) Verifiability
(3) non-repudiation
(4) reliability
Information system security can be divided into four levels:
(1) Device security
The security of information system equipment is the primary issue of information system security. The equipment security of information systems is the material basis for information system security. In addition to hardware devices, software systems are also devices, and the security of software devices must also be ensured.
mainly include
1||| Equipment stability
The probability that the equipment will not malfunction within a certain period of time.
2||| Equipment reliability
The probability that the equipment can perform its tasks normally within a certain period of time.
3||| Equipment availability
The probability that the device is ready for normal use at any time.
(2) Data Security
In many cases, even if the information system equipment is not damaged, its data security may have been compromised, such as data leakage, data tampering, etc. Since behaviors that endanger data security are highly concealed and data application users are often unaware of them, they are very harmful.
Its security properties include
1||| secrecy
2||| integrity
3||| Availability
(3) Content security
Content security is a requirement for information security at the political, legal, and moral levels.
Content security includes
1||| The information content is politically healthy.
2||| The information content complies with national laws and regulations.
3||| The information content conforms to the fine moral standards of the Chinese nation.
Broadly defined content security also includes
1||| Contents confidential
2||| Intellectual Property Protection
3||| Information hiding and privacy protection
If the data is filled with unhealthy, illegal, and unethical content, even if it is confidential and has not been tampered with, it cannot be said to be safe.
(4) behavioral safety
Data security is essentially a static security, while behavioral security is a dynamic security.
include
1||| Secrecy of behavior:
The process and results of the behavior must not jeopardize the confidentiality of the data. When necessary, the process and results of actions should also be kept secret.
2||| Behavioral integrity:
The process and results of the behavior cannot jeopardize the integrity of the data, and the process and results of the behavior are expected.
3||| Controllability of behavior:
Ability to detect, control, or correct when behavioral processes deviate from expectations.
Behavioral security emphasizes process safety, which is reflected in the fact that the coordinated work procedures (execution sequences) of the hardware devices, software devices and application systems that make up the information system meet the expectations of the system design. Only in this way can the overall security of the information system be ensured.
iii. Encryption and decryption
1. In order to ensure the security of information, information encryption technology needs to be used to disguise the information so that illegal thieves of information cannot understand the true meaning of the information. The legal owner of the information can use the signature to verify the integrity of the information. Encryption algorithms are used to authenticate, identify and confirm the identity of information users to control the use of information.
2. Encryption technology consists of two elements: algorithm and key. The cryptographic system of key encryption technology is divided into symmetric key system and asymmetric key system. Accordingly, data encryption technologies are divided into two categories, namely symmetric encryption (private key encryption) and asymmetric encryption (liter key encryption). Symmetric encryption is typically represented by the Data Encryption Standard (DES) algorithm, and asymmetric encryption is usually represented by the RSA (Rivest Shamir Adleman) algorithm. The encryption key and decryption key of symmetric encryption are the same, while the encryption and decryption keys of asymmetric encryption are different. The encryption key can be made public but the decryption key needs to be kept secret.
3. Symmetric encryption technology
Symmetric encryption uses symmetric cryptography encoding technology, which is characterized by using the same key for file encryption and decryption. Both parties receiving the information need to know the key and encryption and decryption algorithm in advance, and the keys are the same. Then the data is encrypted and decrypted. Symmetric encryption algorithms are used to encrypt sensitive data and other information. Symmetric encryption algorithms are simple and fast to use, have short keys, and are difficult to decipher.
4. Asymmetric encryption technology
The basic idea of public key cryptography is to divide the key K of the traditional cipher into two, into the encryption key Ke and the decryption key Kd. The encryption key Ke is used to control encryption, and the decryption key Kd is used to control decryption. In this way, even if Making Ke public will not expose Kd, nor will it compromise the security of the password. Since Ke is public and only Kd is secret, it fundamentally overcomes the difficulty of key distribution in traditional cryptography. Because the RSA cipher can be used for both encryption and digital signatures, it is safe and easy to understand, so the RSA cipher has become the most widely used public key cipher.
5. Hash function
The Hash function maps a message M of any length into a fixed-length Hash code, also called a message digest. It is a function of all message bits and has error checking capabilities: that is, changing any one or more bits of the message, All will lead to changes in the hash code. During the authentication process, the sender attaches the hash code to the message to be sent and sends it to the receiver. The receiver authenticates the message by recalculating the hash code, thus realizing the functions of confidentiality, message authentication and digital signature.
6. digital signature
A signature is a piece of information that proves the identity of the party and the authenticity of the data. In the information environment, in transaction processing based on the network as the basis for information transmission, all parties involved in transaction processing should use electronic signatures, that is, digital signatures (Digital Signature). Currently, digital signatures have legal support in some countries.
A complete digital signature system should meet the following three conditions:
1||| The signer cannot repudiate his signature afterwards.
2||| No one else can forge the signature.
3||| If the parties dispute the authenticity of a signature, they can confirm its authenticity by verifying the signature before an impartial arbiter.
Digital signatures and data encryption can be achieved simultaneously using RSA cryptography.
7. Certification
Authentication, also known as identification and confirmation, is a process of verifying whether something is worthy of its name or valid.
The difference between authentication and encryption is that encryption is used to ensure the confidentiality of data and prevent passive attacks by opponents, such as interception, eavesdropping, etc.; while authentication is used to ensure the authenticity of the sender and receiver of the message and the integrity of the message. Prevent opponents from active attacks, such as impersonation, tampering, replay, etc. Authentication is often the first line of security protection in many application systems, so it is extremely important.
Commonly used parameters in authentication systems include passwords, identifiers, keys, tokens, smart cards, fingerprints, visual patterns, etc.
Authentication and digital signature technologies are both measures to ensure data authenticity, but there are obvious differences between the two:
1||| Authentication is always based on some kind of confidential data shared by both sender and receiver to verify the authenticity of the object being authenticated, while the data used to verify the signature in a digital signature is public.
2||| Authentication allows the sending and receiving parties to verify each other's authenticity and does not allow third parties to verify, while digital signatures allow both the sending and receiving parties and a third party to verify.
3||| Digital signatures cannot be repudiated by the sender, cannot be forged by the receiver, and have the ability to resolve disputes before a notary public, while certification does not necessarily have the ability.
iv. Information system security
1. Information systems generally consist of computer systems, network systems, operating systems, database systems and application systems.
2. Correspondingly, information system security mainly includes
(1) Computer Equipment Security
Ensuring the safe operation of computer equipment is one of the most important aspects of information system security
In addition to integrity, confidentiality and availability, it also includes
1||| Denial Resistance
Anti-repudiation refers to the feature that ensures that users cannot deny the generation, issuance, and reception of information afterwards. Anti-repudiation services are generally provided through digital signatures.
2||| Auditability
Using the audit method, detailed audit trails can be carried out on the working process of the computer information system, and audit records and audit logs can be saved at the same time, from which problems can be discovered.
3||| reliability
The probability that a computer completes a predetermined function under specified conditions and within a given time.
(2) cyber security
As the main carrier of information collection, storage, distribution, transmission and application, the security of the network plays a vital or even decisive role in the security of the entire information. The network environment creates an ideal space for information sharing, information exchange, and information services. The inherent openness, interactivity and decentralization characteristics of the Internet, while allowing people to share information openly, flexibly and quickly, also bring about network security-related issues.
Network security related issues:
1||| Information leakage, information pollution, information is not easy to control
2||| Information leakage, information destruction, information infringement and information penetration
3||| The website suffered malicious attacks resulting in damage and paralysis
Common cyber threats include:
1||| network monitoring
2||| Password attack
3||| Denial of Service Attacks (DoS) and Distributed Denial of Service (DDos) Attacks
4||| vulnerability attack
5||| Botnet
6||| Phishing
7||| Internet spoofing
8||| Website security threats: SQL injection attacks, cross-site attacks, side note attacks, etc.
9||| Advanced Persistent Threat (APT)
(3) operating system security
According to the manifestations of security threats, they are as follows:
1||| computer virus
2||| logic bomb
3||| Trojan horse
4||| Backdoor: refers to a piece of illegal code embedded in the operating system
5||| Covert channel: a non-public information leakage path in the system that is not controlled by security policies, violates security policies, and is non-public.
(4) Database system security
A database system is a platform for storing, managing, using and maintaining data. Database security mainly refers to the security of database management systems, and its security issues can be considered as security issues for data used for storage rather than transmission.
(5) Application system security
Application system security is based on computer equipment security, network security and database security. At the same time, effective anti-virus, anti-tampering and version checking and auditing are adopted to ensure the legality and integrity of the system's own execution programs and configuration files, which are extremely important security assurance measures.
v. network security technology
1. firewall
A firewall is a filtering mechanism built on the boundary of internal and external networks. The internal network is considered safe and trustworthy, while the external network (usually the Internet) is considered unsafe and untrustworthy. Firewalls can monitor traffic in and out of the network, allowing only safe, approved information to enter while blocking security threats initiated within the enterprise. The main implementation technologies of firewalls include: packet filtering, application gateway and proxy services, etc.
2. Intrusion detection and prevention
There are two main types of intrusion detection and prevention technologies: Intrusion Detection System (IDS) and Intrusion Prevention System (IPS).
Intrusion Detection System (IDS) focuses on the supervision of network security status. By monitoring network or system resources, it looks for behaviors that violate security policies or traces of attacks and issues alarms. Therefore the vast majority of IDS systems are passive.
Intrusion prevention systems (IPS) tend to provide active protection and focus on controlling intrusion behavior. It is designed to intercept intrusion activities and offensive network traffic in advance to avoid losses. IPS achieves this function by directly embedding it into network traffic, that is, it receives traffic from external systems through one network port. After checking to confirm that it does not contain abnormal activities or suspicious content, it transmits it through another port to in the internal system. This way, the offending packet, as well as all subsequent packets from the same data flow, can be scrubbed in the IPS device.
3. virtual private network
VPN (Virtual Private Network) is a technology that relies on ISP (Internet Service Provider) and other NSP (Network Service Provider) to establish a dedicated and secure data communication channel in a public network. VPN can be considered as the application of encryption and authentication technology in network transmission.
VPN network connection consists of three parts: client, transmission medium and server. VPN connection does not use physical transmission media, but uses a technology called "tunnel" as the transmission medium. This tunnel is established on a public network or a private network based on. Common tunnel technologies include: Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP) and IP Security Protocol (IPSec).
4. security scan
Security scanning includes vulnerability scanning, port scanning, password scanning (discovering weak passwords), etc.
Security scanning can be completed by applying software called a scanner. The scanner is one of the most effective network security detection tools. It can automatically detect security weaknesses in remote or local hosts and network systems, as well as existing system vulnerabilities that may be exploited. .
5. Network honeypot technology
Honeypot technology is an active defense technology and an important development direction of intrusion detection technology. It is also a trap to "trap" attackers. A honeypot system is a decoy system that contains vulnerabilities and provides an attacker with an easy target by simulating one or more vulnerable hosts and services. Attackers often waste time on honeypots, delaying attacks on their real targets. Due to the characteristics and principles of honeypot technology, it can provide important information and useful clues for intrusion forensics, making it easier to study the intruder's attack behavior.
vi. Web Threat Protection Technology
1. Web access control technology
Access control is the main strategy for website security prevention and protection. Its main task is to ensure that network resources are not accessed by illegal visitors.
2. Single sign-on (SSO) technology
Provide centralized and unified identity authentication for application systems to achieve "one-point login, multiple points of access".
3. Web page anti-tampering technology
(1) time polling technology
Use the web page detection program to read out the web pages to be monitored in a polling manner, compare them with the real web pages to determine the integrity of the web page content, and alarm and restore tampered web pages.
(2) Core embedded technology
The so-called core embedded technology is password watermarking technology. This technology embeds the tampering detection module in the Web server software. It performs integrity checks when each network member leaves the network, blocks tampered web pages in real time, and provides alarms and recovery.
(3) event triggering technology
It is to use the file system or driver interface of the operating system to check the legality when the web page file is modified, and to alarm and recover illegal operations.
(4) File filter driver technology
It is a simple, efficient, safe and extremely high anti-tampering technology. Through the event triggering method, the file contents in all folders of the web server are compared with the underlying file attributes and the built-in hash fast algorithm is used for real-time monitoring; if the attribute changes are found, the contents of the backup path folder are copied to the monitoring file. The corresponding file location of the folder makes the tampered page invisible to the public.
4. Web content security
Content security management is divided into three technologies: email filtering, web filtering, and anti-spyware.
vii. next generation firewall
1. Next Generation Firewall (NGFW) is a high-performance firewall that can comprehensively respond to application layer threats. Through in-depth insights into users, applications, and content in network traffic, and with the help of a new high-performance single-path heterogeneous parallel processing engine, NGFW can provide users with effective application-layer integrated security protection, help users conduct business safely and simplify network security architecture.
2. With the widespread use of SOA and Web2.0 in information systems, more traffic is carried out only through a few ports and a limited number of protocols, which means that the correlation between port/protocol-based security policies and The efficiency is getting lower and lower, and traditional firewalls are basically unable to detect threats that use botnets as transmission methods.
3. On the basis of traditional firewall packet filtering, network address translation (NAT), protocol status inspection, and VPN functions, NGFW adds the following new functions:
(1) Intrusion Prevention System (IPS)
NGFW’s DPI function includes IPS
(2) Visualization based on application recognition
NGFW blocks or allows packets depending on where they are going. They do this by analyzing traffic at Layer 7 (the application layer). Traditional firewalls do not have this capability because they only analyze Layer 3 and Layer 4 traffic.
(3) Smart firewall:
Various types of information outside the firewall can be collected and used to improve blocking decisions or serve as the basis for optimizing blocking rules. For example, use directory integration to enforce blocking based on user identity or blacklist and whitelist based on address.
viii. Security Behavior Analysis Technology
Traditional security products, technologies, and solutions are basically based on rule matching of known features for analysis and detection. Based on characteristics, rules and human analysis, detection analysis with "characteristics" as the core has security visibility blind spots, hysteresis effects, easy to be bypassed, and difficulty in adapting to the network reality of offensive and defensive confrontation, the rapidly changing organizational environment, and external threats. And other issues. On the other hand, although most attacks may come from outside the organization, serious damage is often caused by insiders. Only by managing insider threats can information and network security be ensured.
User and Entity Behavior Analytics (UEBA) provides user profiling and anomaly detection based on various analysis methods, combining basic analysis methods (using signature rules, pattern matching, simple statistics, thresholds, etc.) and advanced Analysis methods (supervised and unsupervised machine learning, etc.), use packaged analysis to evaluate users and other entities (hosts, applications, networks, databases, etc.), and discover activities related to standard profiles or abnormal behaviors of users or entities potential events.
UEBA is a complete system, involving inspection parts such as law enforcement and engineering, as well as user exchange and anti-locking such as user and entity risk score sorting and adjustment. From an architectural point of view, UEBA systems usually include a data acquisition layer, an algorithm analysis layer and a field baking application layer.
ix. Network security situational awareness
1. Network Security Situation Awareness is the acquisition, understanding, and display of security factors that can cause changes in the network situation in a large-scale network environment, and based on this, prediction of future network security development trends. It is an environment-based, dynamic, and overall ability to gain insight into security risks. On the basis of security big data, data integration, feature extraction, etc. are performed, and then a series of situation assessment methods are applied to generate the overall situation of the network. Situation prediction algorithms are used to predict the development of the situation, and data visualization technology is used to combine the situation and situation. The predicted situation is displayed to security personnel, allowing security personnel to intuitively and conveniently understand the current status of the network and expected risks.
2. Key technologies for network security situational awareness mainly include:
(1) Convergence and fusion technology of massive diverse heterogeneous data
(2) Network security threat assessment technology for multiple types
(3) Network security situation assessment and decision support technology
(4) Network security situation visualization
vi. Development of information technology
As the foundation of information technology, computer software and hardware, networks, storage and databases, information security, etc. are constantly developing and innovating, leading the current trend of information technology development.
In terms of computer software and hardware, computer hardware technology will develop in the direction of ultra-high speed, ultra-small size, parallel processing, and intelligence. Computer hardware equipment will become smaller and smaller, faster and faster, with larger capacity and lower power consumption. It is getting lower and lower, and the reliability is getting higher and higher. Computer software is becoming more and more abundant and its functions are becoming more and more powerful. The concept of "software defines everything" has become the mainstream of current development.
In terms of network technology, the connection between computer network and communication technology is becoming increasingly close, and has even been integrated. As one of the country's most important infrastructures, 5G has become the current mainstream, targeting the Internet of Things and low-latency scenarios of Narrow Band Internet of Things (NB-IoT) and enhanced machine-type communications (enhanced Machine- Technologies such as Type Communication (eMTC), Industrial Internet of Things (lloT) and Ultra Reliable Low Latency Communication (URLC) will be further fully developed.
In terms of storage and databases, the explosive growth of data volume has promoted the continuous evolution of database technology in the direction of model expansion and architecture decoupling.
In terms of information security, the traditional computer security concept will transition to computer security with the concept of trusted computing as the core. The changes in technology and application models caused by the popularization and application of the network are further promoting the innovation of key technologies for information security networking; at the same time, information The research and formulation of security standards and the integration and integration of information security products and services are leading the current standardization and integration development of information security technology.
三、 New generation information technology and applications
I. The Internet of Things, cloud computing, big data, blockchain, artificial intelligence, virtual reality and other new generation information technologies and new business formats that fully utilize information resources are the main trends in the development of informatization and the main business scope of the information system integration industry in the future. .
II. Internet of things
i. The Internet of Things mainly solves the interconnection between things (Thing to Thing, T2T), people and things (Human to Thing, H2T), and people and people (Human to Human, H2H). In addition, many scholars often introduce the concept of M2M when discussing the Internet of Things: it can be interpreted as Man to Man, Man to Machine or Machine to Machine.
ii. technical foundation
1. The IoT architecture can be divided into three layers
(1) Perceptual layer
It is composed of various sensors, including temperature sensors, QR code tags, RFID tags, readers, cameras, GPS and other sensing terminals. The perception layer is the source of identifying objects and collecting information in the Internet of Things.
(2) Network layer
It is composed of various networks, including the Internet, radio and television networks, network management systems and cloud computing platforms. It is the hub of the entire Internet of Things and is responsible for transmitting and processing information obtained by the perception layer.
(3) Application layer
It is the interface between the Internet of Things and users. It is combined with industry needs to realize intelligent applications of the Internet of Things.
2. The industrial chain of the Internet of Things includes sensors and chips, equipment, network operations and services, software and application development, and system integration. Internet of Things technology has very critical and important applications in smart grids, smart logistics, smart homes, smart transportation, smart agriculture, environmental protection, medical health, urban management (smart cities), financial services and insurance, public safety, etc.
iii. Key technology
1. Sensor Technology
A sensor is a detection device that can "feel" the measured information and convert the detected information into electrical signals or other forms of information output according to certain rules to meet the needs of information transmission, processing, and storage. , display, recording and control requirements. It is the primary link to achieve automatic detection and automatic control, and is also the basic means for the Internet of Things to obtain information about the physical world.
Radio Frequency Identification (RFID) is a sensor technology used in the Internet of Things and has attracted much attention in the development of the Internet of Things. RIFD can identify specific targets and read and write related data through radio signals without establishing mechanical or optical contact between the identification system and the specific target. RFID is a simple wireless system consisting of an interrogator (or reader) and many transponders (or tags). The tag is composed of a coupling element and a chip. Each tag has a unique electronic code for the extended term and is attached to the object to identify the target object. It transmits radio frequency information to the reader through the antenna, and the reader is the device that reads the information. RFID technology allows objects to "speak". This gives the Internet of Things a characteristic that is traceability. That is to say, people can grasp the exact location of items and their surrounding environment at any time.
2. sensor network
Micro-Electro-Mechanical Systems (MEMS) are integrated micro-device systems composed of micro-sensors, micro-actuators, signal processing and control circuits, communication interfaces, power supplies and other components. Its goal is to integrate the acquisition, processing and execution of information to form a multi-functional micro system, which can be integrated into a large-scale system, thereby greatly improving the automation, intelligence and reliability of the system. MEMS gives ordinary objects new life. They have their own data transmission channels, storage functions, operating systems and specialized applications, thus forming a huge sensor network.
3. Application system framework
The Internet of Things application system framework is a networked application and service with machine terminal intelligent interaction as the core. It will enable intelligent control of objects, involving five important technical parts: machines, sensor hardware, communication networks, middleware and applications. This framework is based on a cloud computing platform and intelligent network, and can make decisions based on data obtained from sensor networks, changing the behavior control and feedback of objects.
iv. Application and development
Applications in infrastructure fields such as industry, clothing industry, environment, transportation, logistics, and security have effectively promoted the intelligent development of these areas, allowing limited resources to be used and distributed more rationally; in the fields of home furnishing, medical health, education, The application of Golden Touch in the service industry, tourism and other fields, through full integration with social science and social governance, has achieved great changes and progress in service scope, service methods and service quality.
III. cloud computing
i. Cloud Computing is a type of distributed computing. In the early days of cloud computing, it was simple distributed computing, distributing tasks and merging calculation results. The current cloud computing is not just a kind of distributed computing, but the result of the mixed evolution and leap of computer technologies such as distributed computing, utility computing, load balancing, parallel computing, network storage, hot backup redundancy and virtualization.
ii. technical foundation
1. Cloud computing is an Internet-based computing method in which shared software resources, computing resources, storage resources and information resources are configured on the network and provided to online terminal devices and end users on demand. Cloud computing can also be understood as a distributed processing architecture that shields users from underlying differences. In a cloud computing environment, users are separated from the computing resources provided by actual services, and the cloud collects computing devices and resources.
2. When using cloud computing services, users do not need to arrange special maintenance personnel. Cloud computing service providers will provide a relatively high level of protection for the security of data and servers. Since cloud computing stores data in the cloud (the part of a distributed cloud computing device that undertakes computing and storage functions), business logic and related calculations are completed in the cloud. Therefore, the terminal only needs an ordinary device that can meet basic applications. .
3. According to the resource level provided by cloud computing services, it can be divided into three types: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). Service type.
(1) IaaS provides users with infrastructure services such as computer power and storage space. This service model requires large infrastructure investment and long-term operation and management experience, and its profitability by simply renting resources is limited.
(2) PaaS provides users with platform services such as virtual operating systems, database management systems, and Web applications. The focus of PaaS services is not on direct economic benefits, but on building and forming a close industrial ecosystem.
(3) SaaS provides users with application software (such as CRM, office software, etc.), components, workflow and other virtualized software services. SaaS generally uses Web technology and SOA architecture to provide users with multi-tenant and customizable application capabilities through the Internet, reducing It reduces the complexity of software upgrades, customization, operation and maintenance, and enables software providers to transform from producers of software products to operators of application services.
iii. Key technology
1. The key technologies of cloud computing mainly involve
(1) virtualization technology
Virtualization is a broad term that generally refers to computing elements running on a virtual basis rather than a real basis. Virtualization technology can expand the capacity of hardware and simplify the reconfiguration process of software. CPU virtualization technology can simulate multiple CPUs in parallel with a single CPU, allowing one platform to run multiple operating systems at the same time, and applications can run in independent spaces without affecting each other, thereby significantly improving computer work efficiency.
Container technology is a new virtualization technology in a new sense, which belongs to the category of operating system virtualization, that is, the operating system provides virtualization support. The most popular container environment currently is Docker. Container technology divides the resources of a single operating system into isolated groups to better balance conflicting resource usage needs among isolated groups. Using container technology can isolate the application in an independent running environment, which can reduce the additional consumption caused by running the program and can run in the same way almost anywhere.
(2) Cloud storage technology
Cloud storage technology is a new information storage and management method developed based on traditional media systems. This method integrates the software and hardware advantages of computer systems and can process large batches of data online quickly and efficiently. Through a variety of cloud The application of technology platforms enables in-depth data mining and security management.
As an important part of cloud storage technology, distributed file systems improve system replication and fault tolerance functions while maintaining compatibility.
(3) Multi-tenancy and access control management
It is one of the core issues in cloud computing applications. Research on cloud computing access control mainly focuses on cloud computing access control models, cloud computing access control based on ABE cryptography, multi-tenant and virtualization access control in the cloud.
The cloud computing access control model is a method to describe the security system according to specific access policies and establish a security model. According to the different functions of the access control model, the research content and methods are also different. Common ones include task-based access control model, attribute model-based cloud computing access control, UCON model-based cloud computing access control, and BLP model-based cloud computing. access control etc.
Cloud computing access control based on the ABE password mechanism includes four parties: data providers, trusted third-party authorization centers, cloud storage servers, and users. First, the trusted authorization center generates the master key and public parameters, and passes the system public key to the data provider. After the data provider receives the system public key, it uses the policy tree and system public key to encrypt the file, and converts the ciphertext and policy The tree is uploaded to the cloud server; then, when a new user joins the system, he uploads his attribute set to the trusted authorization center and submits a private key application request. The trusted authorization center calculates and generates the attribute set and master key submitted by the user. The private key is passed to the user; finally, the user downloads the data of interest. If its attribute set satisfies the policy tree structure of the ciphertext data, the ciphertext can be decrypted; otherwise, access to the data fails.
(4) Cloud security technology
Cloud security research mainly includes two aspects. One is the security protection of cloud computing technology itself, involving corresponding data integrity and availability, privacy protection, service availability, etc.; the other is the use of cloud services. To ensure the security protection needs of client users, Internet security is achieved through cloud computing technology, involving cloud computing-based virus prevention and Trojan detection technology, etc.
In terms of research on cloud security technology, it mainly includes:
1||| Cloud computing security
It mainly analyzes the cloud itself and the application services involved, focusing on its corresponding security issues. It mainly involves how to effectively implement security isolation, ensure the security of Internet user data, and how to effectively protect against malicious network attacks. Improve the system security of the cloud computing platform, as well as user access authentication and corresponding information transmission auditing and security.
2||| Securing cloud infrastructure
The main thing is how to utilize the corresponding resources of corresponding Internet security infrastructure equipment to effectively optimize cloud services, so that P&I can meet the expected security protection requirements.
3||| Cloud security technology services
How to ensure the security service requirements of Internet end users and effectively implement computer virus prevention and other related services on the client side. Judging from the development of cloud security architecture, if the security level of cloud computing service tubes is not high, service users will need to have stronger security capabilities and assume more management responsibilities.
2. In order to improve the capabilities of the cloud security system and ensure its strong reliability, cloud security technology must be considered from the perspective of openness and security assurance architecture.
(1) The cloud security system has a certain degree of openness and must ensure trusted authentication in an open environment:
(2) In terms of cloud security systems, we must actively adopt advanced network technology and virus protection technology;
(3) During the construction process of the cloud security system, its stability must be ensured to meet the dynamic changes of massive data.
iv. Application and development
1. After more than ten years of development, cloud computing has gradually entered a mature stage and is playing an increasingly important role in many fields. "Going to the cloud" will become the first step for various organizations to accelerate digital transformation, encourage technological innovation, and promote business growth. A choice, even a necessary prerequisite.
2. Cloud computing will further become an important carrier and testing ground for innovative technologies and best engineering practices. From AI and machine learning, IoT and edge computing, blockchain to DevOps, cloud native and service mesh in engineering practice, cloud computing vendors are actively participating, investing and promoting. Taking artificial intelligence as an example, from the provision of GPU computing resources in TaaS mentioned above, to the opening of mature model capabilities in specific fields (such as APIs for various natural language processing, image recognition, and language synthesis), to helping to create customized AJ model's machine learning platform, cloud computing has actually become the basis of AI-related technologies.
3. Cloud computing will follow the trend of the industrial Internet, sink into industry scenarios, and develop in depth towards verticalization and industrialization.
4. Development brings new problems:
(1) Although the cloud can already provide very high availability, in order to avoid the risk of a single supplier failure, critical applications must still build necessary technical redundancy;
(2) When the business scale is large, from the perspective of business strategy, it is also necessary to avoid too close a manufacturer's agreement in order to seek some level of business checks and balances and initiative.
5. The four major trends of "innovation, verticality, hybridization, and ecology" are accompanied by the rapid development of cloud computing. Cloud computing standardizes, abstracts and scales IT hardware resources and software components. In a sense, it subverts and reconstructs the supply chain of the IT industry. It is a huge innovation and progress in the development of the current new generation of information technology.
IV. Big Data
i. Big Data refers to a collection of data that cannot be captured, managed and processed within a certain time period using conventional software tools. It is a massive, high-growth and high-volume data collection with stronger decision-making power, insight discovery and process optimization capabilities. Diverse information assets.
ii. technical foundation
1. Big data is data with the characteristics of large volume, diverse structure, and strong timeliness. Processing big data requires the use of new technologies such as new accounting and loan architectures and intelligent algorithms. From data source to final value realization, big data generally requires processes such as data preparation, data storage and management, data analysis and calculation, data governance and knowledge presentation, involving data models, processing models, computing theory and related distributed computing, Research on distributed storage platform technology, data cleaning and mining technology, streaming computing and incremental processing technology, data quality control, etc.
2. Generally speaking, the main characteristics of big data include:
(1) Massive data
Jump from TB level to PB level (IPB=l024TB), EB level (IEB=I024PB), and even reach ZB level (IZB=I024EB).
(2) Various data types
There are many types of data in big data, which are generally divided into structured data and unstructured data. Compared with the text-based structured data that has been stored in the past, there are more and more unstructured data, including web logs, audio, video, pictures, geographical location information, etc. These multiple types of data have greater data processing capabilities. Higher demands were made.
(3) Low data value density
The level of data value density is inversely proportional to the size of the total data abundance. Take video as an example. For a one-hour video, under continuous and uninterrupted monitoring, the useful data may only be one or two seconds. How to "purify" the value of data more quickly through powerful machine algorithms has become an urgent problem to be solved in the current context of big data.
(4) Fast data processing
In order to quickly mine data value from massive amounts of data, it is generally required to quickly process different types of data. This is the most significant feature of big data that distinguishes it from traditional data mining.
iii. Key technology
1. As an emerging technology in the information age, big data technology involves many aspects such as data processing, management, and application. Specifically, the technical architecture studies and analyzes the acquisition, management, distributed processing and application of big data from a technical perspective.
2. Big data technology architecture mainly includes
(1) Big data acquisition technology
Research on big data acquisition mainly focuses on three aspects: data collection, integration and cleaning. Data acquisition technology achieves the acquisition of data sources, and then ensures data quality through integration and cleaning technology.
Data collection technology mainly obtains data information from websites through distributed crawling, distributed high-speed and high-reliability data collection, and high-speed whole-network data imaging technology. In addition to the content contained in the network, the collection of network traffic charges can be processed using bandwidth management technologies such as DPI or DFI.
Data integration technology is based on data collection and entity recognition to achieve high-quality integration of data into information. Data integration technology includes multi-source and multi-modal information integration models, heterogeneous data intelligent conversion models, intelligent pattern extraction and pattern matching algorithms for heterogeneous data integration, automatic fault-tolerant mapping and conversion calibration and algorithms, and correctness verification methods for integrated information. , usability evaluation methods of integrated information, etc.
Data cleaning technology generally removes unreasonable and erroneous data based on correctness conditions and data constraint rules, repairs important information, and ensures data integrity. Including data correctness semantic model, association model and data constraint rules, data error model and error recognition learning framework, automatic detection and repair algorithms for different error types, evaluation models and evaluation methods of error detection and repair results, etc.
(2) Distributed data processing technology
Distributed computing emerged with the development of distributed systems. Its core is to decompose tasks into many small parts and assign them to multiple computers for processing. Through the mechanism of parallel work, it can save overall computing time and improve computing efficiency. the goal of. Currently, the mainstream distributed computing systems include Hadoop, Spark and Storm. Hadoop is often used for offline complex big data processing, Spark is often used for offline fast big data processing, and Storm is often used for online, real-time big data processing.
Big data analysis and mining technology mainly refers to improving existing data mining and machine learning technologies: new data mining technologies such as Shengfa data network mining, specific group mining, and graph mining; innovating big data such as object-based data connections and similarity connections. Fusion technology: breakthroughs in field-oriented big data mining technologies such as user interest analysis, network behavior analysis, and emotional semantic analysis.
(3) Big data management technology
Big data management technology mainly focuses on big data storage, big data collaboration, security and privacy.
Big data storage technology mainly has three aspects:
1||| A new database cluster using MPP architecture;
2||| Related big data technologies have been derived around Hadoop;
3||| Based on integrated servers, storage devices, operating systems, and database management systems, a big data all-in-one machine with good stability and scalability is realized.
Collaborative management technology of multiple data centers is another important direction of big data research. Through the distributed workflow engine, workflow scheduling and load balancing are realized, and storage and computing resources of multiple data centers are integrated to provide support for building a big data service platform.
Research on big data privacy technology mainly focuses on new data release technologies, trying to maximize user privacy while minimizing the loss of data information, thereby achieving the needs of data security and privacy protection.
(4) Big data application and service technology
1||| Big data application and service technologies mainly include analysis application technology and visualization technology.
2||| Big data analysis applications are mainly business-oriented analysis applications. Based on the analysis and mining of distributed sea level data, big data analysis application technology is driven by business needs, carries out special data analysis for different types of business needs, and provides users with highly available and easy-to-use data analysis services.
3||| Visualization helps people explore and understand complex data through interactive visual representations. Big data visualization technology mainly focuses on text visualization technology, network (graph) visualization technology, spatiotemporal data visualization technology, multi-dimensional data visualization and interactive visualization, etc.
iv. Application and development
1. In the Internet industry, mining user behavior from Dalan's data and back-transmitting it to the business field supports more accurate social marketing and advertising, which can increase business revenue and promote business development.
2. In the field of government public data, combined with the collection, management and integration of big data, the information collected by various departments is analyzed and shared, which can discover management loopholes, increase fiscal and tax revenue, increase market supervision, and greatly change the government management model. Improve the level of social governance.
3. In the financial field, big data credit reporting is an important application field. Provide effective support for financial services through big data analysis and profiling.
4. In the industrial field, combined with sea pressure data analysis, it can provide accurate guidance for the industrial production process.
5. In the field of social and people's livelihood, the analysis and application of big data can better serve people's livelihood.
V. Blockchain
i. The concept of "blockchain" was first proposed in 2008 in "Bitcoin: A Peer-to-Peer Electronic Cash System" and was successfully applied in the data encryption currency system of the Bitcoin system. It has become a focus of governments, organizations and scholars. and research hot spots. Blockchain technology has the characteristics of multi-centered storage, privacy protection, and tamper resistance. It provides an open, decentralized, and fault-tolerant transaction mechanism and has become the core of a new generation of anonymous online payments, remittances, and digital asset transactions. It is widely used in major The trading platform has brought profound changes to the fields of finance, regulatory agencies, technological innovation, agriculture, and politics.
ii. technical foundation
1. The concept of blockchain can be understood as a distributed storage database based on an asymmetric encryption algorithm, an improved Merkle Tree (MerkleTree) as a data structure, and a combination of consensus mechanism, peer-to-peer network, smart contract and other technologies. technology.
2. Blockchain is divided into four major categories:
(1) PublicBlockchain
(2) ConsortiumBlockchain
(3) Private Blockchain
(4) Hybrid Chain (HybridBlcokchain)
3. Generally speaking, typical characteristics of blockchain include:
(1) Polycentralization
The verification, accounting, storage, maintenance and transmission of data on the chain all rely on the distributed system structure. Pure mathematical methods are used to replace centralized organizations to build trust relationships between multiple distributed nodes, thereby establishing a trusted distributed system. system.
(2) Multi-party maintenance
The incentive mechanism ensures that all nodes in the distributed system can participate in the verification process of data blocks, and select specific nodes through the consensus mechanism to add newly generated blocks to the blockchain.
(3) Time series data
Blockchain uses a chain structure with timestamp information to store data information and adds time dimension attributes to the data information, thereby achieving traceability of data information.
(4) smart contract
Blockchain technology can provide users with flexible and variable script codes to support the creation of new smart contracts.
(5) cannot be tampered with
In the blockchain system, because the subsequent blocks between adjacent blocks can verify the previous blocks, if the data information of a certain block is tampered with, the block and all subsequent blocks will be recursively modified. However, the cost of each hash recalculation is huge and must be completed within a limited time, so the non-tamperability of the data on the chain can be guaranteed.
(6) open consensus
In the blockchain network, each physical device can serve as a node in the network, and any node can join freely and have a complete copy of the database.
(7) Safe and trustworthy
Data security can be achieved by encrypting data on the chain based on asymmetric encryption technology. Each node in the distributed system uses the computing power formed by the blockchain consensus algorithm to resist external attacks and ensure that the data on the chain is not tampered with or forged. As a result, it has higher confidentiality, credibility and security.
iii. Key technology
1. From the perspective of the blockchain technical system, the blockchain is based on the underlying data processing, management and storage technology, with block data management, chain-structured data, digital signatures, hash functions, Merkel trees, Asymmetric encryption, etc., organize nodes to participate in data dissemination and verification through a symmetric network based on P2P network. Each node will be responsible for network routing, verifying block data, disseminating block data, recording transaction data, discovering new nodes, etc. Function, including propagation mechanism and verification mechanism. In order to ensure the security of the blockchain application layer, through the issuance mechanism and distribution mechanism of the incentive layer, consensus is reached in the most efficient way among the nodes of the entire distributed network.
2. Distributed ledger
Distributed ledger is one of the cores of blockchain technology. The core idea of the distributed ledger is that transaction accounting is completed by multiple nodes distributed in different places, and each node saves a unique and true copy of the ledger. They can participate in supervising the legality of the transaction, and can also jointly provide support for the transaction. Testify; any changes in the ledger will be reflected in all copies.
Distributed ledger technology can ensure the security and accuracy of assets and has a wide range of application scenarios, especially in the field of public services. It can redefine the relationship between the government and citizens in terms of data sharing, transparency and trust. It has been widely used in finance. Transactions, government taxation, land ownership registration, passport management, social welfare and other fields.
3. Encryption Algorithm
Hash algorithm
Also called data digest or hash algorithm, its principle is to convert a piece of information into a fixed-length string with the following characteristics: If two pieces of information are the same, then the characters are also the same: even if the two pieces of information are very similar, But as long as they are different, the strings will be very messy, random, and have no relationship at all between the two strings. Typical hashing algorithms include MD5, SHA and SM3. Currently, blockchain mainly uses the SHA256 algorithm.
asymmetric encryption algorithm
An encryption method consisting of a corresponding pair of unique keys (ie, public key and private key). Anyone who knows the user's public key can use the user's public key to encrypt information and achieve secure information interaction with the user. Due to the dependency between the public key and the private key, only the user himself can decrypt the information, and no unauthorized user or even the sender of the information can decrypt the information. Commonly used asymmetric encryption algorithms include RSA, Elgamal, D-H, ECC (elliptic curve encryption algorithm), etc.
4. consensus mechanism
Blockchain consensus issues need to be solved through the blockchain consensus mechanism. The consensus algorithm can ensure that distributed computers or software programs work together and respond correctly to the input and output of the system.
The idea of the consensus mechanism of the blockchain is: in the absence of overall coordination from a central point, when a certain accounting node proposes an increase or decrease in block data and broadcasts the proposal to all participating nodes, all nodes must follow a certain rules and mechanisms to calculate and process whether this proposal can be agreed upon.
Currently, the commonly used consensus mechanisms mainly include PoW, PoS, DPoS, Paxos, PBFT, etc.
According to the characteristics of various consensus mechanisms in different application scenarios of blockchain, consensus mechanism analysis can be based on:
(1) Compliance supervision
Whether to support super authority nodes to supervise the nodes and data of the entire network.
(2) Performance efficiency
The efficiency with which transactions reach consensus and are confirmed.
(3) LF
The resources such as CPU, network input and output, and storage consumed during the consensus process.
(4) fault tolerance
The ability to prevent attacks and fraud.
iv. Application and development
1. Blockchain will become one of the basic protocols of the Internet.
As a protocol that can transmit ownership, blockchain will build a new basic protocol layer based on the existing Internet protocol architecture. Blockchain (protocol) will become the basic protocol of the future Internet like Transmission Control Protocol/Internet Protocol (TCP/IP), building an efficient, multi-centered value storage and transfer network.
2. Different layers of the blockchain architecture will carry different functions.
Similar to the layered structure of the TCP/IP protocol stack, we have developed a variety of application layer protocols on top of the unified transport layer protocol, and ultimately built today's colorful Internet. In the future, the blockchain structure will also develop various application layer protocols based on a unified, multi-centralized underlying protocol.
3. The application and development of blockchain are on a spiral upward trend.
As the core technology of the next stage of the digital wave, blockchain will have a longer development cycle than expected, and the scope and depth of its impact will far exceed people’s imagination. It will build a diversified ecological value Internet, thus Profoundly change the structure of future business society and everyone's life.
VI. AI
i. Artificial intelligence is a technical science that studies and develops theories, methods, technologies and application systems for simulating, extending and expanding human intelligence.
ii. technical foundation
From its inception to the present, the development process of artificial intelligence has gone through six main stages:
1. Initial development period (from 1956 to the early 1960s)
2. Reflective development period (1960s to early 1970s)
3. Application development period (early 1970s to mid-1980s)
4. Downturn development period (mid-1980s to mid-1990s)
5. Steady development period (mid-1990s to 2010)
6. Vigorous development period (2011 to present)
From the analysis of current artificial intelligence technology, it can be seen that its technical research mainly focuses on three aspects: hot technology, common technology and emerging technology.
iii. Key technology
1. machine learning
Machine learning is a technology that automatically matches a model to data and "learns" from the data by training the model. Research on machine learning mainly focuses on machine learning algorithms and applications, reinforcement learning algorithms, approximation and optimization algorithms, and planning problems. Common learning algorithms mainly include basic algorithms such as regression, clustering, classification, approximation, estimation, and optimization. Improvement research, reinforcement learning methods such as transfer learning, multi-core learning and multi-view learning are current research hotspots.
Neural networks are a form of machine learning that emerged in the 1960s and are used in classification applications. It analyzes problems in terms of inputs, outputs, and variable weights or "features" that relate inputs to outputs. It is similar to the way thousands of neurons process signals. Deep learning is a neural network model that predicts results through multi-level features and indexes. Thanks to the faster processing speed of current computer architecture, this type of model has the ability to handle thousands of features. Unlike earlier forms of statistical analysis, each feature in a deep learning model typically has little meaning to a human observer, making the model difficult to use and difficult to interpret. Deep learning models use a technique called backpropagation to make predictions or classify outputs through the model. Reinforcement learning is another form of machine learning, which means that the machine learning system sets a goal and receives some form of reward for each step toward the goal.
Machine learning models are based on statistics and should be compared to conventional analysis to determine their incremental value. They tend to be more accurate than traditional "hand-made" analytical models based on human assumptions and regression analysis, but are also more complex and difficult to interpret. Compared with traditional statistical analysis, automated machine learning models are easier to create and can reveal more data details.
2. natural language processing
Natural Language Processing (NLP) is an important direction in the fields of computer science and artificial intelligence. It studies various theories and methods that enable effective communication between humans and computers using natural language. Natural language processing is a science that integrates linguistics, computer science, and mathematics.
Natural language processing is mainly used in machine translation, public opinion monitoring, automatic summarization, opinion extraction, text classification, question answering, text semantic comparison, speech recognition, Chinese OCR, etc.
Natural language processing (that is, realizing natural language communication between humans and machines, or realizing natural language understanding and natural language generation) is very difficult. The fundamental reason for the difficulty is that there are various kinds of problems that exist widely at all levels of natural language text and dialogue. Ambiguity or polysemy. The core problems solved by natural language processing are information extraction, automatic summarization/word segmentation, recognition and transformation, etc., which are used to solve the effective definition of content, disambiguation and ambiguity, defective or non-standard input, language behavior understanding and interaction. Currently, deep learning technology is an important technical support for natural language processing. In natural language processing, deep learning models need to be applied, such as convolutional neural networks, recurrent neural networks, etc., to learn from the generated words to form natural words. The process of language classification and understanding.
3. expert system
An expert system is an intelligent computer program system, which usually consists of six parts: human-computer interaction interface, knowledge base, inference engine, interpreter, comprehensive database, and knowledge acquisition. It contains a large number of expert-level knowledge and knowledge in a certain field. Experience, it can apply artificial intelligence technology and computer technology to conduct reasoning and judgment based on the knowledge and experience in the system, and simulate the decision-making process of classified experts in order to solve complex problems that require human experts to deal with. In short, an expert system is a computer program system that simulates human experts to solve domain problems.
In the development process of artificial intelligence, the development of expert systems has gone through three stages and is transitioning and developing to the fourth generation. The first generation of expert systems were characterized by their high degree of specialization and their ability to solve specialized problems. However, there are deficiencies in the integrity of the architecture, portability, system transparency and flexibility. The second-generation expert system is a single-subject professional and application-based system. Its system structure is relatively complete and its portability has been improved. It also has many advantages in the system's human-machine interface, explanation mechanism, knowledge acquisition technology, uncertainty reasoning technology, and enhanced expert system. The system's knowledge representation and reasoning methods have been improved in terms of heuristics and versatility. The third generation expert system is a multidisciplinary comprehensive system that uses multiple artificial intelligence languages, comprehensively adopts various knowledge representation methods and multiple reasoning mechanisms and control strategies, and uses various knowledge engineering languages, skeleton systems and expert system development tools and environment to develop large-scale comprehensive expert systems.
The current research on expert systems in artificial intelligence has entered the fourth stage, mainly researching large-scale multi-expert collaboration systems, multiple knowledge representations, comprehensive knowledge bases, self-organizing problem-solving mechanisms, multi-disciplinary collaborative problem-solving and parallel reasoning, and expert system tools and environment, artificial neural network knowledge acquisition and learning mechanism, etc.
iv. Application and development
After more than 60 years of development, artificial intelligence has made important breakthroughs in terms of algorithms, calculation capabilities, and calculations (data). It is at a technical inflection point from "unusable" to "can be used". However, There are still many bottlenecks before it is "very useful". Achieving a leapfrog development from dedicated artificial intelligence to general artificial intelligence is an inevitable trend in the development of the next generation of artificial intelligence.
1. From artificial intelligence to human-machine hybrid intelligence.
Drawing on the research results of brain science and cognitive science is an important research direction of artificial intelligence. Human-machine hybrid intelligence aims to introduce human functions or cognitive models into artificial intelligence systems to improve the performance of artificial intelligence systems, making artificial intelligence a natural extension and expansion of human intelligence, and solving complex problems more efficiently through human-machine collaboration. .
2. From “artificial intelligence” to autonomous intelligent systems.
Current major research in the field of artificial intelligence focuses on deep learning, but the limitation of deep learning is that it requires a lot of manual intervention. Therefore, scientific researchers have begun to pay attention to autonomous intelligence methods that reduce manual intervention and improve the ability of machine intelligence to autonomously learn from the environment.
3. Artificial intelligence will accelerate cross-penetration with other subject areas.
Artificial intelligence is a comprehensive cutting-edge discipline and a highly interdisciplinary composite discipline that requires deep integration with disciplines such as computer science, mathematics, cognitive science, neuroscience, and social science. With the help of breakthroughs in biology, brain science, life science, psychology and other disciplines, and turning mechanisms into computable models, artificial intelligence will deeply interpenetrate with more disciplines.
4. The artificial intelligence industry will flourish.
The innovative model of "Artificial Intelligence
5. The sociology of artificial intelligence will be on the agenda.
In order to ensure the healthy and sustainable development of artificial intelligence and make its development results benefit the people, it is necessary to systematically and comprehensively study the impact of artificial intelligence on human society from a sociological perspective, and formulate and improve artificial intelligence laws and regulations.
VII. Virtual Reality
i. How to directly connect human perception ability with cognitive experience and computer information processing environment is the industry background for the emergence of virtual reality.
ii. technical foundation
1. Virtual Reality (VR) is a computer system that can create and experience a virtual world. The information space established through the virtual reality system is a multi-dimensional information space (Cyberspace) that contains a variety of information. Human perceptual and rational cognitive abilities can be fully exerted in this multi-dimensional information space. In terms of hardware, high-performance computer software and hardware and various advanced sensors are required; in terms of software, it is mainly necessary to provide a tool set that can generate a virtual environment.
2. The main features of virtual reality technology include
(1) immersion
(2) interactivity
(3) multi-sensory
(4) imaginative (imaginative)
(5) autonomy
3. With the rapid development of virtual reality technology, according to the degree of "immersion" and the degree of interaction, virtual reality technology has evolved from desktop virtual reality systems, immersive virtual reality systems, distributed virtual reality systems, etc., to augmented reality systems. The development of virtual reality systems (Augmented Reality, AR) and the Metaverse.
iii. Key technology
1. Human-computer interaction technology
Different from the traditional interaction mode of only keyboard and mouse, it is a new type of three-dimensional interaction technology that uses VR glasses, control handles and other sensor devices to allow users to truly feel the existence of things around them. It combines three-dimensional interaction technology with speech recognition. The combination of voice input technology and other devices used to monitor user behavior is currently the mainstream method of human-computer interaction.
2. Sensor Technology
The progress of VR technology is restricted by the development of sensor technology. The shortcomings of existing VR equipment are closely related to the sensitivity of the sensor.
3. Dynamic environment modeling technology
The design of virtual environment is an important part of VR technology, which uses three-dimensional data to build an expanded virtual environment model. The currently commonly used virtual environment modeling tool is Computer Aided Design (CAD). Operators can obtain the required data through CAD technology, and use the obtained data to build a virtual environment model that meets actual needs. In addition to obtaining three-dimensional data through CAD technology, visual modeling technology can also be used in most cases. The combination of the two can obtain data more effectively.
4. System integration technology
Including information synchronization, data conversion, model calibration, recognition and synthesis, etc. Since the VR system stores a lot of voice input information, perception information and data models, the integration technology in the VR system becomes more and more important.
iv. Application and development
1. Hardware performance optimization iterations are accelerated.
Thinness and ultra-high definition have accelerated the rapid expansion of the virtual reality terminal market. Performance indicators such as display resolution, frame rate, degree of freedom, delay, interactive performance, relocation, and dizziness of virtual reality equipment are increasingly optimized.
2. The development of network technology has effectively promoted its application.
Ubiquitous network communications and high-speed network speeds have effectively improved the experience of virtual reality technology on the application side. With the help of terminal lightweight and mobile 5G technology, high peak speed, millisecond-level transmission delay and hundreds of millions of connection capabilities have reduced the requirements for the virtual reality terminal side.
3. The integration of virtual reality industry elements is accelerating.
The virtual reality industry shows an industrial trend from innovative applications to normal applications, and is widely used in the fields of stage art, sports smart viewing, promotion of new culture, education, medical care and other fields. "Virtual reality business exhibitions" have become the future new normal in the post-epidemic era, "virtual reality industrial production" is the new driving force for organizational digital transformation, "virtual reality smart life" has greatly improved the future intelligent life experience, and "virtual reality entertainment and leisure" "Becoming a new carrier of new information consumption models, etc.
4. New technologies drive new businesses.
Emerging concepts such as the metaverse have brought new business concepts such as "immersion and superposition", "radical and progressive" and "open and closed" to virtual reality technology, greatly improving its application value and social value, and will gradually change the way people are used to it. The physical rules of the real world stimulate industrial technological innovation in new ways, and drive the transition and upgrading of related industries in new models and new business formats.
四、 Prospects for the development of new generation information technology
(1) Ubiquitous intelligent network connection facilities will be the focus of the development of network technology, enabling smooth evolution and upgrade of networks, applications, and terminals to the next generation Internet. The new sensing infrastructure of IoT and data communication will become an integral part of the national strategy. , The integrated construction and development of cloud and network will realize the organic integration of cloud computing resources and network facilities, and the construction of computing power and algorithm centers will provide low-latency, high reliability, and strong security edge computing capabilities.
(2) Big data technology will continue to become the mainstream of future development, focusing on the development and utilization of data resources, sharing and circulation, full life cycle governance and security assurance, establishing and improving the data element resource system, stimulating the value of data elements, and enhancing the enabling role of data elements. , data governance technology, data application and service technology, and data security technology will be further strengthened.
(3) The continuous innovation of the new generation of information technology will become a national strategy, insisting on the core position of innovation in the development of national informatization, taking self-reliance and self-reliance in key core technologies as the strategic support of Digital China, facing the world's technological frontiers, and facing the main economic battlefield. , facing the country's major needs and people's lives and health, thoroughly implement the innovation-driven development strategy, and build an innovative development system driven by two wheels of technological innovation and institutional innovation to fully release digital productivity.
(4) The shift from information technology to digital technology will be an important support for the digital transformation of the country, society, and industry in the future. Breakthroughs in key software and hardware technologies will continue to lead the forefront of technology development. Advanced special-purpose chip ecosystems, collaboratively optimized computer software and hardware ecosystems, and improved open source mobile ecosystems will become the foundation of the future information ecosystem.
(5) The new generation of information technology will continue to be deeply integrated with industries and lead the development of industrial digital transformation. The Internet, big data, artificial intelligence and other industries will be deeply integrated, promote the collaborative transformation of industrial digitalization and greening, develop modern supply chains, improve total factor productivity, promote energy conservation and emission reduction, and effectively enhance economic quality, efficiency and core competitiveness, which will become technology An important foothold and support point for development.
(6) The development of a new generation of information technology will effectively support the development of modern social governance, thereby effectively building a digital social governance system of co-construction, co-governance, and sharing. Deepening the application of big data, artificial intelligence and other information technologies in three-dimensional intelligent social security prevention and control systems, integrated intelligent public security systems, and emergency information security systems that combine peacetime and wartime will effectively promote the high quality of new smart cities. develop.
(7) The integrated development of new generation information technology will create a collaborative and efficient digital government service system, improve the level of informatization construction of party and government agencies, promote the sharing and circulation of government data, promote "one-stop service" to make things more convenient for the masses, and create a market Legalize and internationalize the business environment.
(8) The goal of information technology development will be more focused on "using information technology to improve the basic public service system, improve people's quality of life, and allow the people to share the results of information development." Digital education, inclusive digital medical care, digital social security, employment and human resources services, digital cultural tourism and sports services will become important manifestations of the value of information technology.
(9) Enhance the international competitiveness of information technology, actively participate in the reform of the global cyberspace governance system, promote the high-quality development of the "Digital Silk Road", research and formulate international rules in the digital field, build multi-level global digital partnerships, and high-quality Bringing in and going global at a high level will become an important manifestation of the competitiveness of information technology.
(10) The governance system for the orderly development of information technology is the foundation. The regulatory technology for network security, information security, and data security, the digital technology application review mechanism, the regulatory legal system, the network security guarantee system, and the construction of technical capabilities will become technological and An important direction for management integration.