![]() |
The distinction between security and protection, at least in this note
|
![]() |
Policy and mechanism issues: Security policy should be established first and mechanism to enforce the policy |
![]() |
Categories of threats
|
||||||||||||
![]() |
Unauthorized disclosure and updates are the threats we are concerned here |
||||||||||||
![]() |
Threats are generally introduced by breaking-in by such as Trojan horse |
![]() |
Public Design rather than secret design. Reason:
|
||||||
![]() |
Default = No access |
||||||
![]() |
Minimum privilige: give just enough power to get the job done |
||||||
![]() |
Timely check
|
||||||
![]() |
Simple, uniform mechanism
|
||||||
![]() |
Appropriate level of security
|
![]() |
Attacks on password and protections
|
![]() |
The protection state of a machine is conceptually defined by an access matrix
|
||||||
![]() |
Because the matrix tends to be very sparse, access information is represented by access control lists or capability lists |
![]() |
A list of rights associated with an object |
||||||||||||||||||||||||||||||||||
![]() |
Ex: AFS
|
||||||||||||||||||||||||||||||||||
![]() |
Ex: Unix
|
![]() |
Capability is a "protected pointer" to an object: pointer + access permission |
||||||
![]() |
Each process has capabilities to work on as a Unix process has file descriptors of open files |
||||||
![]() |
Process passes capability to system call instead of passing fd |
||||||
![]() |
Ensuring the integrity of capability is important. Mechanisms:
|
||||||
![]() |
Capability in Unix?
|
||||||
![]() |
HYDRA - a capability based protection |
![]() |
Encryption & decryption algorithm are known to public: remember design principles |
![]() |
Only keys make things secret |
![]() |
Key should not be too long -> inefficient |
![]() |
Goal: minimize out-of-band transmission while keeping the key secret as much as possible |
||||||||||||||||||||||
![]() |
Procedure
|
||||||||||||||||||||||
![]() |
Kerberos - private key (DES) based authentication |
![]() |
General
|
||||||||||||||
![]() |
Digital signature using PK
|
||||||||||||||
![]() |
Public key distribution
|
||||||||||||||
![]() |
Netscape
|
![]() |
Encryption and Secure Computer Network - about encryption and key distribution |