Home Random Page


CATEGORIES:

BiologyChemistryConstructionCultureEcologyEconomyElectronicsFinanceGeographyHistoryInformaticsLawMathematicsMechanicsMedicineOtherPedagogyPhilosophyPhysicsPolicyPsychologySociologySportTourism






After text activity

II. Reading Exercises:

Exercise 1.Read and memorize using a dictionary:

Technique, to modify, security violation, unauthorized, to take advantage of, intruder, to infer, proprietary program, to prevent, denial, contrary to, supposedly, to verify, to shield, to encipher, redundant, circuit, objective, authentication, threat, remote-access system

 

Exercise 2.Answer the questions:

1) What categories of potential security violations are there?

2) What does the term “security describe”?

3) What is “traffic analysis”?

4) What does the term “unauthorized” mean?

5) What examples of security techniques are listed in the text?

 

 

Exercise 4.Match the left part with the right:

1 An example of an authentication technique is a) labeling of computer-stored files with lists of authorized users.
2. The objective of a secure system is   b) those security techniques that verify the identity of a person (or other external agent) making a request of a computer system.
3. An example of a protection technique is   c) demanding a password.
4. Similarly, the term authentication is used for d) to prevent all unauthorized use of information, a negative kind of requirement.

 

THE SPEAKING MODULE

II. Speaking Exercises:

Exercise 1.Define the terms using the suggested words and expressionsas in example:

Information science Password Algorithm   Computer
discipline, deals with, processes, storing, transferring, information String, characters, allows, someone, access, computer system Series, mathematical, steps electronic device storing processing data

 

EXAMPLE: Information science is a discipline that deals with the processes of storing and transferring information.

 

Exercise 2.Ask questions to the given answers:

1)Question: ___________________________________________ ?

Answer: This paper concentrates on protection and authentication mechanisms, with only occasional reference to the other equally necessary security mechanisms.

 

2) Question: ___________________________________________ ?

Answer: One should recognize that concentration on protection and authentication mechanisms provides a narrow view of information security, and that a narrow view is dangerous.

 

3)Question: ___________________________________________ ?

Answer: Historically, the literature of computer systems has more narrowly defined the term protection to be just those security techniques that control the access of executing programs to stored information.

 

 

THE WRITING MODULE

 

Writing exercises:

Exercise 1.Fill in the gaps with the suggested words:

infer, analysis, unauthorized, stored, person

Unauthorized information release: an unauthorized______ is able to read and take advantage of information ________in the computer. This category of concern sometimes extends to "traffic_______," in which the intruder observes only the patterns of information use and from those patterns can________ some information content. It also includes________ use of a proprietary program.

Exercise 2. Compose a story on one of the topics (up to 100 words):

1) Potential security violations

2) Various security techniques

 

Lesson 3

The Reading Module

Read the text:

Functional Levels of Information Protection

Many different designs have been proposed and mechanisms implemented for protecting information in computer systems. One reason for differences among protection schemes is their different functional properties--the kinds of access control that can be expressed naturally and enforced. It is convenient to divide protection schemes according to their functional properties. A rough categorization is the following.

a) Unprotected systems: Some systems have no provision for preventing a determined user from having access to every piece of information stored in the system. Although these systems are not directly of interest here, they are worth mentioning since, as of 1975, many of the most widely used, commercially available batch data processing systems fall into this category--for example, the Disk Operating System for the IBM System 370 [9]. Our definition of protection, which excludes features usable only for mistake prevention, is important here since it is common for unprotected systems to contain a variety of mistake-prevention features. These may provide just enough control that any breach of control is likely to be the result of a deliberate act rather than an accident. Nevertheless, it would be a mistake to claim that such systems provide any security.5

b) All-or-nothing systems: These are systems that provide isolation of users, sometimes moderated by total sharing of some pieces of information. If only isolation is provided, the user of such a system might just as well be using his own private computer, as far as protection and sharing of information are concerned. More commonly, such systems also have public libraries to which every user may have access. In some cases the public library mechanism may be extended to accept user contributions, but still on the basis that all users have equal access. Most of the first generation of commercial timesharing systems provide a protection scheme with this level of function. Examples include the Dartmouth Time-Sharing System (DTSS) [10] and IBM's VM/370 system [11]. There are innumerable others.

c) Controlled sharing: Significantly more complex machinery is required to control explicitly who may access each data item stored in the system. For example, such a system might provide each file with a list of authorized users and allow an owner to distinguish several common patterns of use, such as reading, writing, or executing the contents of the file as a program. Although conceptually straightforward, actual implementation is surprisingly intricate, and only a few complete examples exist. These include M.l.T.'s Compatible Time-Sharing System (CTSS) [12], Digital Equipment Corporation's DECsystem/10 [13], System Development Corporation's Advanced Development Prototype (ADEPT) System [14], and Bolt, Beranek, and Newman's TENEX [15]6

d) User-programmed sharing controls: A user may want to restrict access to a file in a way not provided in the standard facilities for controlling sharing. For example, he may wish to permit access only on weekdays between 9:00 A.M. and 4:00 P.M. Possibly, he may wish to permit access to only the average value of the data in a file. Maybe he wishes to require that a file be modified only if two users agree. For such cases, and a myriad of others, a general escape is to provide for user-defined protected objects and subsystems. A protected subsystem is a collection of programs and data with the property that only the programs of the subsystem have direct access to the data (that is, the protected objects). Access to those programs is limited to calling specified entry points. Thus the programs of the subsystem completely control the operations performed on the data. By constructing a protected subsystem, a user can develop any programmable form of access control to the objects he creates.

Date: 2016-01-03; view: 888

<== previous page | next page ==>
THE SPEAKING MODULE | After text activity
doclecture.net - lectures - 2014-2024 year. Copyright infringement or personal data (0.008 sec.)