Home Random Page


CATEGORIES:

BiologyChemistryConstructionCultureEcologyEconomyElectronicsFinanceGeographyHistoryInformaticsLawMathematicsMechanicsMedicineOtherPedagogyPhilosophyPhysicsPolicyPsychologySociologySportTourism






After text activity

IV. Reading Exercises:

Exercise 1.Read and memorize using a dictionary:

Unforgeable, technique, to derive, random sequence, to memorize, digraph, wiretrapper, to intercept, forgery, tampering, approach, vice virsa

 

Exercise 2.Answer the questions:

1) What defects do passwords have as a general technique?

2) Why do some systems have programs that generate random sequences of letters for use as passwords?

3) What alternative approach to secrecy it there?

4) What common problem do password and the unforgeable object approaches have?

5) What easy way for an intruder to penetrate a password system is there?

 

Exercise 4.Match the left part with the right:

1 The primary weakness of such schemes is that the hard-to-fabricate object is reduced to   a) sequences a secret after all.
2. It is relatively easy for an intruder to   b) a stream of bits to be transmitted to the computer.
3. It may be necessary to make the acceptable bit   c) modify the terminal to transmit any sequence of bits he chooses.
4. A second significant defect is that d) the password must be exposed to be used.

 

THE SPEAKING MODULE

II. Speaking Exercises:

Exercise 1.Define the terms using the suggested words and expressionsas in example:

Information science Forgery Bit   Sequence
discipline, deals with, processes, storing, transferring, information producing, copy, document, signature, banknote, work of art smallest, unit, information, computer's, memory Particular, order, which, things, happen, are arranged

 

EXAMPLE: Information science is a discipline that deals with the processes of storing and transferring information.

 

Exercise 2.Ask questions to the given answers:

1)Question: ___________________________________________ ?

Answer: In one recent study of some 300 self-chosen passwords on a typical time-sharing system, more than 50 percent were found to be short enough to guess by exhaustion, derived from the owner's name, or something closely associated with the owner, such as his telephone number or birth date.

 

2) Question: ___________________________________________ ?

Answer: After receiving the password, the masquerader gracefully terminates the communication with some unsurprising error message, and the caller may be unaware that his password has been stolen.

 

3)Question: ___________________________________________ ?

Answer: This computer can be programmed to "masquerade," that is, to act just like the system the caller intended to use, up to the point of requesting him to type his password.

 

 

THE WRITING MODULE

 

Writing exercises:

Exercise 1.Fill in the gaps with the suggested words:

plastic ,approach, transmits, given, input, code

An alternative______ to secrecy is unforgeability. The user is _______a key, or magnetically striped _______card, or some other unique and relatively difficult-to-fabricate object. The terminal has an ______device that examines the object and ________its unique identifying code to the computer system, which treats the_______ as a password that need not be kept secret.

Exercise 2. Compose a story on one of the topics (up to 100 words):

 

1) Password as a general technique of secrecy

2) Different approaches to secrecy and their defects

Lesson 5

The Reading Module

Read the text:

B. Technical Underpinnings

1) The Development Plan: At this point we begin a development of the technical basis of information protection in modern computer systems. There are two ways to approach the subject: from the top down, emphasizing the abstract concepts involved, or from the bottom up, identifying insights by, studying example systems. We shall follow the bottom-up approach, introducing a series of models of systems as they are, (or could be) built in real life.

Our first model is of a multiuser system that completely isolates its users from one another. We shall then see how the logically perfect walls of that system can be lowered in a controlled way to allow limited sharing of information between users. Section II of this paper generalizes the mechanics of sharing using two different models: the capability system and the access control list system. It then extends these two models to handle the dynamic situation in which authorizations can change under control of the programs running inside the system. Further extensions to the models control the dynamics. The final model (only superficially explored) is of protected objects and protected subsystems, which allow arbitrary modes of sharing that are unanticipated by the system designer. These models are not intended so much to explain the particular systems as they are to explain the underlying concepts of information protection.

Our emphasis throughout the development is on direct access to information (for example, using LOAD and STORE instructions) rather than acquiring information indirectly (as when calling a data base management system to request the average value of a set of numbers supposedly not directly accessible). Control of such access is the function of the protected subsystems developed near the end of the paper. Herein lies perhaps the chief defect of the bottom-up approach, since conceptually there seems to be no reason to distinguish direct and indirect access, yet the detailed mechanics are typically quite different. The beginnings of a top-down approach based on a message model that avoids distinguishing between direct and indirect information access may be found in a paper by Lampson [30].

2) The Essentials of Information Protection: For purposes of discussing protection, the information stored in a computer system is not a single object. When one is considering direct access, the information is divided into mutually exclusive partitions, as specified by its various creators. Each partition contains a collection of information, all of which is intended to be protected uniformly. The uniformity of protection is the same kind of uniformity that applies to all of the diamonds stored in the same vault: any person who has a copy of the combination can obtain any of the diamonds. Thus the collections of information in the partitions are the fundamental objects to be protected.

Conceptually, then, it is necessary to build an impenetrable wall around each distinct object that warrants separate protection, construct a door in the wall through which access can be obtained, and post a guard at the door to control its use. Control of use, however, requires that the guard have some way of knowing which users are authorized to have access, and that each user have some reliable way of identifying himself to the guard. This authority check is usually implemented by having the guard demand a match between something he knows and something the prospective user possesses. Both protection and authentication mechanisms can be viewed in terms of this general model.

 

Date: 2016-01-03; view: 1154

<== previous page | next page ==>
After text activity | After text activity
doclecture.net - lectures - 2014-2024 year. Copyright infringement or personal data (0.008 sec.)