----------------------------------------------------------- New Message on cochindotnet
----------------------------------------------------------- From: spark Message 1 in Discussion I found this book under development about security and and parts of it dwelt on the new secure computing intiaitve also. it is a rather interetsing read: A .NET Developer's Guide to Windows Security, by Keith Brown http://www.develop.com/kbrown/book/html/book.html roshj <snip> contents so far Part 1: The Big Picture Item 1: What is a non privileged user? Item 2: How to develop code as a non-admin Item 3: What is the principal of defense in depth? Item 4: What is a luring attack? Part 2: Security Context Item 5: What is security context? Item 6: What is a token? Item 7: What is a logon session? Item 8: What is a window station? Item 9: What is a privilege? Item 10: What is Thread.CurrentPrincipal? Item 11: How to track client identity using Thread.CurrentPrincipal Item 12: How to use a privilege Item 13: What is a daemon? Item 14: How to choose an identity for a daemon Item 15: How to display a user interface from a daemon Item 16: What is a service principal name (SPN)? Item 17: How to use service principal names Part 3: Misc Item 18: What is Kerberos? </snip> <snip> Item 3: What is the principal of defense in depth? A .NET Developer's Guide to Windows Security, by Keith Brown During the Cold War, the United States wanted to learn more about Soviet submarine and missile technology. How fast were the Soviets progressing? What were the results from their ICBM tests? Even more important, were the Soviets working toward a first strike capability? So in October of 1971, the United States sent its most advanced nuclear spy submarine, the USS Halibut, deep into Soviet territory in the Sea of Okhotsk. Their mission? Find the undersea telephone cable that connected the Soviet submarine base at Petropavlovsk to the Soviet Pacific Fleet headquarters on the mainland at Vladivostok (figure .1). The mission was a success, and you can imagine the mood of the divers as they eavesdropped on the wire with an instrument that measured electromagnetic emanations. What they heard was easily understandable Russian conversations. No encryption. The following year, the Halibut installed a permanent tap on the line to record the conversations, with a plan to return in about a month to retrieve the records. Eventually more taps were installed on Soviet lines in other parts of the world. The more advanced instruments could store a year's worth of data. All in all, the intelligence gathered from these exercises helped end the Cold War, as it gave the United States a window directly into the Soviet mind[BMB]. Figure .1: The Sea of Okhotsk So what does this story have to do with computer security? It demonstrates what can happen when systems are designed without redundant security measures. The Soviets assumed that their conversations were secure simply because they were being carried on phone lines that were protected by perimeter defenses (the entrance to the Sea of Okhotsk is much more narrow than my map might first indicate, and could easily be defended by the Soviet navy). </snip> Yahoo! Groups Sponsor ADVERTISEMENT To unsubscribe from this group, send an email to: [EMAIL PROTECTED] Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. ----------------------------------------------------------- To stop getting this e-mail, or change how often it arrives, go to your E-mail Settings. http://groups.msn.com/cochindotnet/_emailsettings.msnw Need help? If you've forgotten your password, please go to Passport Member Services. http://groups.msn.com/_passportredir.msnw?ppmprop=help For other questions or feedback, go to our Contact Us page. http://groups.msn.com/contact If you do not want to receive future e-mail from this MSN group, or if you received this message by mistake, please click the "Remove" link below. On the pre-addressed e-mail message that opens, simply click "Send". Your e-mail address will be deleted from this group's mailing list. mailto:[EMAIL PROTECTED]
