Security Concepts

What are the fundamental security concepts?

Examples of resources include storage space, communications channels, computation cycles, video framebuffers, et cetera ad nauseum.

Capabilities secure access to resources. Since capabilities are resources, capabilities also secure access to other capabilities.

Examples of capabilities include references and passwords.

Cryptography secures the contents of resources. They secure storage and channels by encrypting objects before they are put in the resource and decrypting them after they are taken out.

Note that cryptography only secures a resource between the point of encryption and the point of decryption. First rule of security: encrypt as soon as possible, decrypt as late as possible. This is known as End To End Security.

Spoofing

One of the most important security problems is the securing of video framebuffers. (This is a problem because no one f-ing does it!) The lack of security in this context enables an application to misrepresent itself as another application to the user. Attacks of this kind are called "spoofing".

Cryptography could straight-forwardly secure video framebuffers if human beings were capable of performing the appropriate decryption operation in their heads. In fact, many security problems stem from this inability of human beings to handle basic arithmetic. For the sake of security, let us hope cryptographic-capable computers are approved for cerebral implantation soon! Until then, certain protocols can secure video framebuffers up to the local window manager.

How to secure a video framebuffer

TBC

There is another topic that lists security techniques, but I cannot find it right now. Get back to ya....

See also pages linked to CategorySecurityModel

CategorySecurity

EditText of this page (last edited February 16, 2005) or FindPage with title or text search