Flashcards in M362 - Unit 10 Deck (26):
What type of interference is taking place if Alice alters Bob’s file without permission?
What type of interference is taking place if a hacker deploys software to observe packets travelling on a network?
What type of interference is taking place if a website receives a flood of requests for a web page, preventing callers from viewing the site?
What type of interference is taking place if a user receives an email appearing to be from his supervisor, who did not send the email?
How many possible Caesar ciphers are there in English?
Assuming a 26-character alphabet (ignoring, for example, punctuation), there are 25
How would you decode an English message encoded in ROT13, assuming a 26-character alphabet?
You would apply the same function again! The cipher is its own inverse. Two shifts of 13 return you to your starting point in the English alphabet.
Why is public key cryptography called asymmetric and private key cryptography called symmetric?
In public key cryptography there are two different keys, the public key and private key, one used for encryption and the other for decryption. In private key cryptography there is one key, the secret key suitable for both encryption and decryption.
What classes of cipher might you be likely to use for storing passwords in a local file?
What classes of cipher might you be likely to use for proving you sent an email?
Public key and hash (for signing)
What classes of cipher might you be likely to use for using a wireless connection on your laptop?
What classes of cipher might you be likely to use for encrypting files on a file system?
What is a secure channel?
A secure channel is a communication channel between a pair of processes that can authenticate each other and provides confidentiality and integrity services, including time stamping.
Give an example of a handshake in SSL.
Cipher negotiation and certificate exchange.
Why would a class loader check for overriding of final methods, when this check is already performed by a compiler before producing a class file?
The class loader is examining bytecode, which could have been altered since compilation.
Why would a security policy require that the security manager could only be set once?
This means that another manager cannot be substituted, so the ways in which checks are performed cannot be altered.
State the two steps required to implement permissions-based security for an application.
1. A security manager must be installed for the application, either on the command line
or in the code. 2 A policy must be specified, either dynamically (by executing some code) or statically (using default policy files or a specified policy file).
Explain the purpose of the following entry in a policy file. Identify the target and the
grant codeBase "http://www.gggg.com"
permission java.io.FilePermission "C:\database.dat", "read";
This is a policy entry granting FilePermission to code from the code base http://www.gggg.com, allowing that code to carry out "read" actions on the file
In the following scenario, identify possible subject(s) and principal(s): "Jane Doe wishes to make an online purchase. Jane will first need to authenticate
herself to her computer by logging in. Once online, she logs in to her shopping website account and makes a purchase using her credit card. Later she visits the website of the department of motor vehicle licences and enters her driving licence number to check that her contact information is correct."
The user Jane is the subject. The principals are her user IDs for her computer and for the online shop. (The passwords in each case are credentials used to authenticate her.) Another principal is the driving licence number Jane used to login to the motor vehicle licensing website.
Why would you normally want to implement the equals method of an implementation of Principal?
You need to implement equals so that the system can compare one principal to another. If you do not do this, your principal will inherit equals from Object, and equality will be determined based on principal references rather than their contents.
Why do you think the PrivilegedAction interface is required?
An instance of a class implementing the PrivilegedAction interface encapsulates and demarcates the work to be done with a set of privileges. This means that there is less chance of accidentally invoking code with certain privileges, and also it is clear when that set of privileges stops applying and we go back to using the
Distinguish between a subject and a principal.
A subject is an entity that can be authenticated, that is, a source of a request to perform some action. A principal is an identity associated with an authenticated subject.
What is the purpose of a login module in JAAS?
A login module implements a method of authentication, such as biometric scanning or prompting a user for a login and password. A commit method is used to associate credentials with a subject.
When would you use the method doAsPrivileged?
You would use this method when you want to execute code with the permissions associated with a particular principal. You can grant a principal permissions in a policy file, and this principal can be associated with a subject on authentication.
What steps are taken when a protected web resource is accessed?
At this point (if lazy authentication is used) the caller must be authenticated. If successful, this results in the server storing credentials for the caller in a session context. The credentials are subsequently used to decide if the caller may access the protected resource, using a principal or role (see below for a discussion of roles).
What is a role and how does it relate to users of a system?
A role is a name for a kind of caller and can be used to authorise actions. Users can be mapped to groups or roles so that the permissions applied to the roles apply to those users. Thus, a programmer does not have to know the users of a system, just the different roles of users of a system.