英文翻译的高手请进！~！！！！非常急！！！！

此翻译楼主可放心采用

1.1 What is the OSI security architecture?

1.1 什么是OSI安全体系结构？

The OSI Security Architecture is a framework that provides a systematic way of definingthe requirements for security and characterizing the approaches to satisfying thoserequirements. The document defines security attacks, mechanisms, and services, and therelationships among these categories.

OSI安全体系结构是一个架构，它为规定安全的要求和表征满足那些要求的途径提供了系统的方式。该文件定义了安全攻击、安全机理和安全服务，以及这些范畴之间的关系。

1.2 What is the difference between passive and active security threats?

1.2 被动安全威胁和主动安全威胁之间的差别是什么？

Passive attacks have to do with eavesdropping on, or monitoring, transmissions. Electronic mail, file transfers, and client/server exchanges are examples of transmissions that can be monitored. Active attacks include the modification of transmitted data and attempts to gain unauthorized access to computer systems.

被动威胁必须与窃听、或监控、传输发生关系。

电子邮件、文件的传送以及用户/服务器的交流都是可进行监控的传输的例子。主动攻击包括对被传输的数据加以修改，以及试图获得对计算机系统未经授权的访问。

1.3 List and briefly define categories of passive and active security attacks.

Passive attacks: release of message contents and traffic analysis. Active attacks: masquerade, replay, modification of messages, and denial of service.

1.3 列出和简要定义被动安全攻击和主动安全攻击的范畴。

被动攻击：信息内容和流量分析的泄露。

主动攻击：信息的伪装、重放、修改，以及拒绝接受服务。

1、 What is called secret key?

1 密钥是什么？

The secret key is also input to the algorithm. The exact substitutions and transformations performed by the algorithm depend on the key.

密钥也被输入算法。由算法进行的准确的取代和变换取决于密钥。

2、(page.56) What is the key distribution center?

2.（第56页）什么事密钥分发中心？

The key distribution center determines which systems are allowed to communicate with each other. When permission is granted for two systems to establish a connection, the key distribution center provides a one-time session key for that connection.

密钥分发中心决定允许哪些系统相互进行通信。当授予两个系统以建立连接的权限时，密钥分发中心就为该连接提供一枚一次性会话的钥匙。

3、What services are provided by IPSec?

3. IPSec提供些什么服务？

1.Access control

1 访问控制

2.Connectionless integrity

2无连接完整性

3.Data origin authentication

3 数据源认证

4.Rejection of replayed packets(a form of partial sequence integrity)

4 拒绝重放数据包（部分序列完整性的一种形式）

5.Confidentiality(encryption) 6.Limited traffic flow confidentiality

5 置信度（加密）

6 有限业务流的置信度

4、What is a replay attack?

4. 什么事重放攻击？

A replay attack is one in which an attacker obtains a copy of an authenticated packet and later transmits it to the intended destination.The receipt of duplicate, authenticated IP packets may disrupt service in some way or may have some other undesired consequence.The Sequence Number field is designed to thwart such attacks.First,we discus sequence numbergeneration by the sender,and then we look at how it is processed by the recipient.

重放攻击是攻击者获得一份未经认证的数据包拷贝，而且其后将它传输到一个故意的目的地的攻击。接收副本的、未经认证的IP数据包可能以某种方式使服务瓦解，或者可能发生某种别的不希望的后果。我们通过设计序号字段来阻扰这样的攻击。首先，我们讨论由发送者发生序列号，然后我们再考虑它如何被用户所处理。