Computer security

Más información sobre el libro

The content covers a range of topics in security architecture, access control, and applied cryptography. It begins with discussions on trustworthy services and biological analogies, followed by security architecture and secure components. Key areas include the security of multithreaded programs, efficient proving for distributed access-control systems, and maintaining high-performance communication while ensuring least privilege. Access control methods are explored, including pragmatic XML access control using RDBMS and privacy-aware role-based access control. The text delves into workflow systems, cryptographic techniques, and authentication tests, highlighting practical applications like SilentKnock for undetectable authentication and generalized key delegation for hierarchical encryption. Further discussions address privacy in data storage, formal methods in security, and the logic of state-modifying authorization policies. The text also investigates dynamic information flow control for web applications and reliable covert communications. Additional topics include password-based authenticated key exchange, anonymous timed-release encryption, and graphical password authentication. The exploration of obligations in programs and the synthesis of secure protocols is noted, along with security evaluation based on TCG’s TPM specification and insider attack implications. The annotation concludes with insights into modeling