CAJ | 학술논문

结合最新案例，梳理了“心脏流血”漏洞的工作原理，分析该安全漏洞的影响，并从政府、企业、用户三个层面提出应对措施建议，旨在维护广大用户切身利益，保障国家网络安全与社会和谐稳定。
결합최신안례，소리료“심장류혈”루동적공작원리，분석해안전루동적영향，병종정부、기업、용호삼개층면제출응대조시건의，지재유호엄대용호절신이익，보장국가망락안전여사회화해은정。
Heartbleed is the most serious security vul-nerability disclosed in April 2014 in the OpenSSL cryptography library. Heartbleed leads to the security risk of services, including online banking, online pay-ment, e-commerce sites, portals and emails, increasing dramatically, that is a serious threat to Internet users' property and privacy security. This paper introduces the working principle of heart blood, and analyzes the impact of the security vulnerability. In addition, this paper proposes the suggestions from three aspects in-cluding government, enterprise and the users, in order to aimed at protect the vital interests of users and safe to guard national network security and the social sta-bility.