To transmit information on the network, both parties need to establish a logical channel between the sender and receiver. This requires first determining the route from the sending end to the receiving end, and then selecting the communication protocol used on the route, such as TCP/IP.

In order to transmit information safely in an open network environment, it is necessary to provide security mechanisms and security services for information. The secure transmission of information includes two basic parts: first, secure conversion of the sent information, such as information encryption to achieve information confidentiality, and appending some feature codes for sender identity verification; second, certain secret information shared by both sending parties, such as encryption keys, which are confidential to other users except for trusted third parties.

In order for information to be transmitted securely, a trusted third party is usually required, whose role is to distribute confidential information to both communicating parties and arbitrate when disputes arise between the two parties.

A secure network communication must consider the following:

·Rules or algorithms to implement security-related information conversion

·Cryptographic information (such as keys) used for information conversion algorithms

·Distribution and sharing of secret information

·Protocols required to obtain secure services using information conversion algorithms and secret information

Network information security can be regarded as a collection of multiple security units. Among them, each unit is a whole and contains multiple characteristics. Generally, people understand network information security from three main characteristics - security features, security levels and system units.

1) Security features

Security features refer to what security threats the security unit can solve. Information security characteristics include confidentiality, integrity, availability, and authentication security.

Confidentiality security mainly refers to protecting information from being identified by unauthorized entities during storage and transmission. For example, credit card account numbers and passwords transmitted online cannot be read.

Integrity security means that information will not be inserted, deleted, tampered with, retransmitted, etc. by authorized entities during storage and transmission, and the content of the information will not be changed. For example, when a user sends an email to someone else, it is guaranteed that the content at the receiving end has not changed.

Availability security means that the system cannot be attacked so that the user cannot normally access the resources that he has the right to normally access. For example, protecting the security of the mail server will prevent it from being unable to work properly due to DDOS attacks, so that users can send and receive emails normally.

Authentication security is to prevent entities that do not have the right to access certain resources from entering the network through some special means through certain verification measures and technologies.

2) System unit

The system unit refers to the security issues of the system environment that the security unit solves. For modern networks, system units involve the following five different environments.

·Physical unit: The physical unit refers to hardware equipment, network equipment, etc. The security unit containing this feature solves the security problems of the physical environment.

·Network unit: Network unit refers to network transmission. The security unit containing this feature solves network transmission security problems caused by network protocols.

·System unit: The system unit refers to the operating system. The security unit containing this feature solves the security issues contained in the operating system of the end system or intermediate system. Generally refers to the security issues of data and resources during storage.

·Application unit: Application unit refers to the application program. The security unit containing this feature solves the security problems contained in the application program.

·Management unit: The management unit refers to the network security management environment, and the network management system safely manages network resources.

Network information security is often based on system and computer security deployment. It is easy to forget that talents are the vulnerability in network information security, and social engineering attacks are ways to defeat this vulnerability. Social engineering is a type of attack that exploits human vulnerabilities, greed, and other psychological manifestations. It is impossible to prevent. This kind of attack is being discussed at home and abroad, and the more famous ones are "Hacker Social Engineering Attack 2" and so on.