信息安全研究 ›› 2021, Vol. 7 ›› Issue (4): 328-334.

• 学术论文 • 上一篇    下一篇

信创体系下的浏览器安全可信架构研究

张晓兵 孟繁盛   

  1. (奇安信科技集团股份有限公司  北京 100012)
  • 出版日期:2021-04-05 发布日期:2021-04-14
  • 通讯作者: 张晓兵
  • 作者简介: 张晓兵 资深程序员,病毒分析师,信息安全技术专家,奇安信高级产品总监.研究方向为反病毒引擎、浏览器技术、云安全与大数据安全. zhangxiaobing@qianxin.com 孟繁盛 奇安信产品经理,主要负责奇安信可信浏览器产品. mengfansheng@qianxin.com

Research on Browser Security and Trusted Architecture Under Xinchuang System

  • Online:2021-04-05 Published:2021-04-14

摘要: 随着全球信息化的飞速发展,整个世界正在迅速地融为一体,大量建设的各种信息化系统已经成为国家和政府的关键基础设施.众多的企业、组织、政府部门与机构都在组建和发展自己的网络,并连接到上,以充分共享、利用网络的信息和资源.整个国家和社会对网络的依赖程度也越来越大,网络已经成为社会和经济发展的强大推动力,其地位越来越重要.但是,当资源共享广泛用于政治、军事、经济以及科学各个领域的同时,也产生了各种各样的问题,其中安全问题尤为突出[1],本文重点介绍了当前浏览器的发展情况,浏览器面临的安全威胁,以及信创体系下浏览器应当具备的安全能力.作为用户与网络信息世界的接口,本文仍探讨了信创体系下浏览器的安全解决方案.

关键词: 网络安全, 多进程架构, 网页挂马, 钓鱼欺诈, DNS防护, 网页防挂马

Abstract: With the rapid development of global informatization, the whole world is rapidly merging into one. A large number of information systems have become the key infrastructure of the country and the government. Many enterprises, organizations, government departments and institutions are building and developing their own networks and connecting them to fully share and utilize the information and resources of the network. The whole country and society are more and more dependent on the network. The network has become a powerful driving force for social and economic development, and its status is becoming more and more important. However, when resource sharing is widely used in political, military, economic and scientific fields, there are also various problems, especially security issues. Therefore, it is of great strategic significance in the process of informatization. This paper focuses on the current development of browsers, the security threats faced by browsers, and the security capabilities that browsers should have under the Xinchuang system. As the interface between users and the network information world, this paper still discusses the security solution of browser under the information innovation system.

Key words: network security, multi process architecture, Web page hanging horse, phishing fraud, DNS protection, webpage anti hanging horse