Register now to access 7 million high quality study materials (What's Course Hero?) Course Hero is the premier provider of high quality online educational resources. With millions of study documents, online tutors, digital flashcards and free courseware, Course Hero is helping students learn more efficiently and effectively. Whether you're interested in exploring new subjects or mastering key topics for your next exam, Course Hero has the tools you need to achieve your goals.
8 Pages
jikzi
Course: CS 591, Fall 2009School: UCCS
Rating:
Word Count: 5133
Document Preview
A Jikzi New Framework for Security Policy, Trusted Publishing and Electronic Commerce Ross J. Anderson Cambridge University Computer Laboratory Pembroke Street Cambridge CB2 3QG England rja14@cl.cam.ac.uk Abstract In this paper, we describe a thread of research which we have followed off and on at Cambridge for about three years. Our topic is the security of electronic documents, in the broad sense: how can we be...
Unformatted Document Excerpt
Coursehero >> Colorado >> UCCS >> CS 591Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
A Jikzi New Framework for Security Policy, Trusted Publishing and Electronic Commerce
Ross J. Anderson Cambridge University Computer Laboratory Pembroke Street Cambridge CB2 3QG England rja14@cl.cam.ac.uk Abstract
In this paper, we describe a thread of research which we have followed off and on at Cambridge for about three years. Our topic is the security of electronic documents, in the broad sense: how can we be sure of the authenticity of things that are published electronically? This started off as a relatively small project, which we thought would take only a few weeks. The goal was to help our medical informatics department publish information such as drug formularies and treatment protocols on the hospital LAN or PC diskettes in an appropriately dependable way. It rapidly became clear that the problem was much larger and more complex; a general solution would not only cope with `content' text, audio, video, software, whatever but also with objects such as public key certificates. If done properly, it would give us a systematic way to deal with security policy on the web. Our goal now is to let people build integrated publishing and e-commerce services using simple, uniform and appropriate mechanisms. Our proposed solution is a single transparent markup language that allows us to support multiple security policies, plus supporting material ranging from a test implementation to an authentication logic.
Jong-Hyeon Lee Filonet Korea Inc. CBS Building, 917-1 Mok-dong Yangchun-gu, Seoul 158-701 Korea jhlee@filonet.com
Health Service, and a first prototype built. The designers now felt that they needed to secure the preproduction and later versions, mainly against errors but also against attacks, and asked us for advice. We thought initially that this would be a simple project, lasting only a few weeks, in which we would show them how to implement a digital signature system based on X.509. How wrong we were! The system, which is called Wax, challenged our thinking about document security in a number of ways. The naive solution, namely to have the publisher sign each book in the system, turned out to be too expensive; it is not efficient to verify the signature on a whole book when the typical reader simply wishes to consult a paragraph relating to a particular drug or disease. There was also a problem with key management: the X.509 system was originally designed for electronic phone books and has since been adapted for financial transactions, so its model is a key lifetime of 23 years and a signature lifetime of 23 days. However, an electronic book will typically contain long-lived data, and to protect it using relatively short-lived objects such as public keys is problematic. How, for example, would one handle revocation? One can always use a hash-based timestamping service to certify that a signature was received in advance of a revocation certificate cancelling the key which certified it, but in that case why not protect the book using the hashing mechanism rather than the digital signature? Considerations like these led us to design Wax so that each publisher has associated with it a tree of hashes: the leaves are hashes of the individual sections, and the nodes progress up through chapters and books until the root, which protects a publisher's whole catalogue, is authenticated by other means at system startup. (In the initial version of 1
1
Introduction
In 1996, we were approached by a team developing a medical hypertext system at our local hospital. UK doctors increasingly have a PC in front of them as they consult their patients and use it to store the patient's medical record; so it was felt that the time was ripe to transfer into electronic form all the reference books used routinely during consultations. Funding had been secured from the National
Wax, this was a standard RSA signature, but the costs of licensing the product for export to the USA led us to use a one-time signature instead for later versions.) Thus when a user opens a book at the entry corresponding to a particular drug, the entry can be verified quickly without having to check a signature on the entire book. Wax therefore taught us to use hash trees and minimise the amount of signature preferably to a single signature on each new version of a publisher's catalogue. Wax is described in detail in [1], and has had some success among UK and US medics. But it uses a proprietary hypertext format, so when we were next asked to look at an online medical application (the British National Formulary, which is the list of all drugs approved for prescription in the UK [2]) the obvious step was to generalise our ideas to work with html. The result was the ERL, or eternal resource locator, which is described in [3]. An ERL is essentially a URL plus a hash of what one should expect to find there. Thus a medical publisher can modify his online catalogue to replace the URLs of his online books with ERLs, and now users whose browers have a plugin which can parse and verify the hashes, get the same protection as in Wax; meanwhile, users with a standard browser enjoy backwards compatibility in that the ERLs function perfectly well as ordinary URLs. In order to cope with web pages that change frequently, we added the facility for an ERL to contain the hash of a public key with which a digital signature of the indicated content could be verified. Such keys do not incur the overhead of a traditional public key infrastructure but are rather seen as `flexible links' which can be inserted in an otherwise static trust structure wherever they are needed. In this way, a book of largely static information such as drug data can also incorporate some dynamic content such as links to the latest safety bulletins. Having developed this, we realised that we now had a surprisingly powerful and general protection system. The writer of a web page or other document can vouch for any digital object by simply including its ERL, and this enables the construction of webs of trust of the kind familiar from PGP but applying to quite general objects rather than just to the names of principals. In applications where trust structures are relatively static, many of the problems associated with public key infrastructures simply go away; one ends up managing a few root keys and doing a lot of version control. By late 1998, it had become clear that rather than adding proprietary extensions to html, we ought to 2
support XML as the emerging framework for commercial markup languages [4]. XML is well positioned between SGML and HTML; it is easier to use than SGML, yet provides more degrees of freedom in extension than HTML. Major software vendors are committed to supporting it: both major players in the browser market already support XML processing partially and are expected to support it fully in the near future. By this time, too, a number of governments and other organisations had got hold of the idea that signing electronic documents could be a good thing, and further problems had started to emerge as people scrutinised various draft bills on digital signatures. For example, creating a rebuttable presumption of validity for electronic signatures could have the effect of shifting the burden of proof in disputes from the individual to a bank or credit card company, and thus undermine decades of progress in consumer protection legislation [5, 6]. Another consideration was that by then there were several other groups doing work on security markup languages, including IBM's Secure Document Markup Language (SDML) which is designed to support electronic cheques [7], and the World Wide Web Consortium's DSig initiative which enables content rating data to be digitally signed [8]. None of these was general enough to support the kind of functionality needed in our application, so we wanted our next iteration to support a wide range of security policies. With this in mind, we decided to take a step back and try to place electronic document security in the broader context of computer security research.
2
Context
The first, obvious, point about securing publicly available documents against tampering is the imbalance between research and practice on confidentiality, integrity and availability. Thanks in part to the influence of military funding and the interests of the crypto community, some 90% of research papers deal with confidentiality, 9% with authentication and 1% with availability. But while the military mostly wants to keep data secret, business mostly wants to publish it most e-commerce is publishing of one form or another (adverts, catalogues, timetables, books, audio, video, software and even public-key certificates). So investment by business is the other way round, with the big money going on backup sites and network redundancy, some money on audit, but only a small amount on encryption1 .
1 The figures are from the authors' experience of editing `Computer and Communications Security Reviews'. In the
This bias is particularly noticeable when we look at the security policy models which researchers use to provide a concise and abstract description of the kind of protection which a system requires. The traditional military policy, which we might explain to a layman as "a clerk with a security clearance to `secret' can read a file at `secret' or `confidential' but not a file at `top secret' " was formalised by Bell and LaPadula in two rules: that a process may not read up to a higher level, or write down to a lower one [9]. A very substantial research literature has grown up on top of this, and a number of compliant products have appeared; however, the costs of a rigorous implementation are leading more and more governments to restrict this functionality to specific systems such as firewalls and mail guards. By the late 1980's, it had already been realised that the requirements of business are different. Clark and Wilson proposed a quite different security policy model, based on the traditional practices of double-entry bookkeeping that had developed in the banking industry since the 12th century; this might be explained to the layman as "all transactions must preserve an invariant of the system, namely that the books must balance (so a negative entry made on one ledger must be balanced by an equal positive entry on another one); some transactions require two officers to initiate them; and records of payments cannot be destroyed once made." A further model, the Chinese Wall model, attempts to describe good practice in businesses such as merchant banking or advertising where a firm may have clients who are competitors. It can be described as "an executive who has worked recently for one company in a business sector may not have access to the papers of any other company in that sector". Yet another, the BMA model, codifies accepted good practice in handling medical records: its executive summary is that "no-one may see a medical record without the patient's consent, and people with read access may also append information; but no deletions are permitted". Details of Clark-Wilson and Chinese Wall may be found in [9], while the BMA model is presented in [10]. This brings us to our second problem, which is that until now there has been little progress at findfirst author's experience of banking systems, some 2040% of the IT budget is spent on availability, 2% on audit and an insignificant amount on crypto. The second author's experience of telecommunications is that although mobile communications carriers recognise the advantages of channel encryption for communication that can easily be intercepted, the availability of the service has priority over crypto because the cost of secure communication still exceeds the loss from attacks and fraud.
ing ways to implement multiple policies in the same system. A moment's consideration will convince us that these policies are structurally different in ways that cannot be magicked away. For example, BellLaPadula is stateless while the others are stateful; the BMA policy pushes access control decisions to the periphery while the others centralise them; and Clark-Wilson localises security state in a different way from Chinese wall. This is inconvenient in real life. One might expect, for example, that a military hospital would want to implement something like the BMA policy for its patient records, Clark-Wilson for its accounts and Bell-LaPadula for its relationship with the outside world. But although there has been extensive discussion of the problems [11], no-one really knows how to do this. A third problem is that many important applications do not yet have an agreed security policy model comparable to those mentioned above. The obvious example is the certification of public keys. Here we can quickly state a layman's explanation of the requirements that `accurate copies of the public key corresponding to a given role or entity should be made available, together with up-to-date information about keys that have been revoked' but so far we are not aware of anyone having formalised this in the manner of the above models. In general, we expect that applications will continue to lead theory, and this led us to believe that rather than proposing an abstract system that could implement the existing set of models, we needed a tool that could be used for rapid prototyping of protection strategies, while hopefully also facilitating analysis and otherwise promoting good design. Our fourth problem follows from the dual-control requirement in Clark-Wilson. We will often need to support a variety of mechanisms whereby an action is taken only if a number of other actions have been taken previously by other principals; in fact we need a general syntax to support this. Cryptologic mechanisms such as threshold signatures can cause an action to be taken if k out of n principals agree, but real life is more complicated. Threshold mechanisms can only do so much2 . To make a real contribution to resilience and survivability in real applications, separation of duty usually needs a functional element that is bound in with the application. Thus the syntax needs to be accessible to the application developer, who must be able to make
2 A useful parallel is that a disk mirroring system cannot protect users against accidentally typing 'rm *' when in a different directory from the one they thought they were in and, to a first approximation, all the recoveries from backup done at our site are to recover from user errors like this.
3
subtle decisions based on content from a number of independent sources; the cryptographic `quick fix' of a threshold signature will usually not be enough. Our fifth problem follows on from this point: that the computer security and cryptology communities diverged about fifteen years ago, and unfortunately many of the cryptologic mechanisms that have become standards, whether formally or otherwise, are hard to integrate with the computer security mechanisms required in real applications. These five problems the erroneous emphasis on confidentiality, the multipolicy problem, the need for rapid prototyping and testing of protection strategies in advance of a formal model, the need to support a variety of resilience mechanisms and the general difficulty of integrating crypto with computer security form the backdrop for our fresh look at secure publishing.
and then to a bank cheque. The language can be extended to support other security services such as timestamping, and registering a document to ensure its uniqueness. Examples are given in [12]. To give the reader some flavour of what JML looks like, here is an example of an electronic cheque:
<!-- corpCheque.xml --> <?xml version="1.0"?> <!DOCTYPE eCheque SYSTEM "eCheque.dtd"> <eCheque> <dtd> <dtdInfo name="stdDef.dtd" version="1.0"/> <dtdInfo name="signList.dtd" version="1.0"/> <dtdInfo name="eCheque.dtd" version="1.0"/> </dtd> <chequeBody> <chequeId>00883627</chequeId> <account>23-45-67 1234567</account> <payer>University of Cambridge</payer> <payee foreName="William" surName="Hopkinson"/> <payment amount="19.95" currency="UKP"/> <issueDate year="1999" month="01" day="15"/> <notLater year="1999" month="06" day="30"/> <timestamp>872043082393</timestamp> <signInfo> <signer foreName="John" surName="Smith"/> algoName="PGP-RSA" <signAlgo version="5.5"/> </signInfo> <signInfo> <signer foreName="Edward" surName="Thompson"/> <signAlgo algoName="PGP-DSS" version="5.5"/> </signInfo> </chequeBody> <signList> <sign> <signInfo> <signer foreName="John" surName="Smith"/> <signAlgo algoName="PGP-RSA" version="5.5"/> </signInfo> <pKeyInfo> <pKeyVersion>1.0</pKeyVersion> <cert certIssuer="Cambridge Certificate Agency" certSerial="1234567890" certUrl="http://www.cca.com/certs/12345" revokeUrl="http://www.cca.com/revoke?sn=12345"> <pKey> lQMFEDWhboWuyrPDhRvRXQEBkp4D/ivwpsci5MJQXUA bcPOUQquOgzMpp7W5KXP1Cit9EyqaPtet+1nkaoRXYv FQIB/eBjkcvNaA02w/mvHQRQYiAzz6kdPSn/rt9THkX LAOsOekv =1zy8 <pKey> </pKeyInfo> <signature> CZ/SDEjG6wt7V3uXWbZGV0pVg5LJg8j7bONjtdDuAHy asD8dsMrWe82J23Kwe7sd2jh2348fsKS92R82kw/Tus
3
The Jikzi model
The prototyping tool which we have built to investigate document security is named Jikzi, after the world's oldest publication produced using a moveable type printing press. This was printed in Korea in 1377, some 63 years before Gutenberg, and is a Buddhist religious text. A paper which we presented at the 1999 Security Protocols workshop gives much fuller details of our Jikzi system [12]. There is also an alpha implementation, which although still under development is available online for testing and experimentation; testers are welcome [13]. Briefly, Jikzi enables a user to play with security policies by specifying style sheets which define a document type in terms not just of the data elements that must or may be present, but also of security primitives such as hashing and signature. The mechanism, Jikzi Markup Language or JML, is based on XML and allows one to define objects such as digital certificates and electronic cheques. There is also a sketch of an authentication logic, inspired by BAN, which may be used to verify a particular design constructed using these primitives. The Jikzi model not only supports simple primitives such as the ERL model of accompanying a URL with a hash of the object one expects to find there; it also enables users to implement document types that inherit properties from other types in the manner of cascading style sheets. Thus, for example, both a cheque and a bill of lading are special cases of a bill of exchange, and a bank cheque is a special case of a cheque; so having agreed a definition of a bill of exchange, we can refine it to a cheque 4
IyeYFI87qHE= =OTeM </signature> </sign> <sign> <signInfo> <signer foreName="Edward" surName="Thompson"/> <signAlgo algoName="PGP-DSS" version="5.5"/> </signInfo> <pKeyInfo> <pKeyVersion>1.0</pKeyVersion> <cert certIssuer="Cambridge Certificate Agency" certSerial="2345678901" certUrl="http://www.cca.com/certs/23456" revokeUrl="http://www.cca.com/revoke?sn=23456"> <pKey> SHllb24gTGVlICgxMDI0KSA8Sm9uZy1IeWVvbi5MZWV trSrLDLzXysRlsCHis29Q74wmeTysqY3j2z+RtzAgXb ErsHSe7p3Jk23Ks23RksE89wEn32Zy7gwl29rt3l9/S L12s7ejk IEz1y </pKey> </pKeyInfo> <signature> E0a57bT2+xWWds0Jh3wpIqV25B6+ExJA6xnAB3Az5hd XZC36FgshDjRks72EosTNmsd7Us4ePgsQ/ZeX82HHiQ xAEALBQYiHd n/rt9 </signature> </sign> </signList> </eCheque> <!-- end of corpCheque.xml -->
Append-only file stores all suffer from the theoretical vulnerability that an attacker with unrestricted write access could fill them up and thus deny the service they are designed to provide. We consider that this is not a problem in real life; a bank's mainframe operators use applications which generate a predictable quantity of customer account data, journals, audit records and so on per day, while a medical practitioner can see only so many patients and type only so many kilobytes of notes. Services made available to the public, such as backup services or conceivably Eternity servers, are charged for, and if the demand rises then more storage can be bought. So we will disregard flooding attacks. The simplification bought by the assumption of append-only file stores means, for example, that one can sign a document simply by including it (or a hash of it) in a file designated for the purpose and to which no-one else has write access. At the theoretical level, it enables us to separate out the mechanisms designed to provide availability from those which support integrity.
3.2
Restricting consideration of confidentiality
For document type definitions and details of other objects such as certificates, see [12]. In the rest of this paper, we will concentrate on the critical abstractions, and the lessons learned. The two critical abstractions in making the Jikzi model tractable are that persistent file stores exist, and that confidentiality concerns are limited to labeling.
3.1
Append-only file stores
Another great simplification is achieved by deciding to limit our consideration of confidentiality to one of maintaining the integrity of labels. Thus a designer may write a style sheet to ensure that any document initially labelled `Top Secret' remains so, and that any newly created document incorporating it is labelled appropriately. The mechanisms whereby certain users are prohibited from viewing certain documents are considered to be a separate problem that must be solved at a higher level in the system. At the theoretical level, assuming that confidentiality concerns are limited to the integrity of labelling means that we can separate out the mechanisms designed to provide confidentiality from those which support integrity.
In practice, many business and professional data storage systems can be modelled as append-only file stores. This holds over a large range of organisations, from banks which are required by law to retain six years' transaction history, down to a physician in private practice who uses a CD-ROM as a backup mechanism for the medical records on his PC. As for the academic literature, one of us proposed the Eternity Service a design for a file store distributed across the net in an anonymous and almost holographic way, such that the persistence of the data could be assured even in the face of exceptionally determined attacks [14]. 5
3.3
A publishing security policy
The two assumptions together give us a world in which integrity is essentially our only concern. It may be compared with the world of Bell-LaPadula which focusses on confidentiality, and the discussion of availability in [15]. As an example of the value of this, we present in [12] a simple security policy model for publishing: a file store in which each user has append access to exactly one file, and all files are world readable. We show there how some simple applications fit this model, and indicate its more general usefulness. In
particular, it appears to have the power of ClarkWilson but much greater clarity and simplicity. We will now turn to the more general lessons that we have learned from experimenting with Jikzi.
where there are intermediate processing steps such as message processing systems. Human computer interfaces may start to pose further problems. In other applications, content produced in colour rather than monochrome may preclude the use of text colour as a means of indicating the source of information. Part of the answer may be colouring the browser frame, an approach taken by Trusted X [16]. How well this can be squared with the paragraph-level labelling favoured by some government agencies, and implicit in the complex structure of documents such as drug formularies, remains to be seen. The second lesson learned is that designing security in XML is not necessarily easier than in any other environment. Application security often has an inherent complexity, which can be shifted to one place or another but still has to be tackled in the end. We note the opinion expressed by the perennial IT optimists that the huge costs of making business systems communicate with each other will somehow magically vanish when the acronym `EDI' is replaced by the acronyms `XML' and `extranet'. We beg to differ. Getting a variety of different systems to recognise that a given field represents a drug dosage, and that the unit is milligrams rather than micrograms, has inherent complexity and criticality. The third lesson is that tools can still help. Inheritance is important, and style sheets can help (so long, of course, that we do not end up with a proliferation of incompatible ones). It will also be important to be able to draw on existing work; it would be pointless, for example, to discard all the work that has been done on healthcare messaging standards such as HL7 and reinvent the wheel all over again. So although much standards work may need to be re-done, one might hope that it will be done more quickly and thoroughly the next time around (even though a pessimist will fear that backward compatibility will turn out to be a millstone). The standards task will involve the markup languages themselves; it would be ideal if we could merge the existing security markup systems into a single language that is powerful enough for all requirements, and we have tried to move in this direction with Jikzi and JML. Even if the eventual market outcome falls short of this ideal, we hope that our insights may be useful. Finally, we have learned a lot from considering a real world problem, namely the publication of medical data, and much of what we learned was not at all obvious when we set out. The experience of the WaxERLJikzi thread of research supports the view that in order to understand what new kinds of 6
4
Lessons learned
The lessons learned so far are largely pragmatic rather than theoretical but given ...
Find millions of documents on Course Hero - Study Guides, Lecture Notes, Reference Materials, Practice Exams and more.
Course Hero has millions of course specific materials providing students with the best way to expand
their education.
Below is a small sample set of documents:
Below is a small sample set of documents:
UCCS - CS - 591
IEEE Journal of Selected Areas in Communications, 16(4):474-481, May 1998. Special Issue on Copyright & Privacy Protection. ISSN 0733-8716.474On The Limits of SteganographyRoss J. Anderson, Fabien A.P. PetitcolasAbstract- In this paper, we clar
UCCS - CS - 591
!tkFVtu!I! g 1#IvBU4vI ( !I!dI DU)U8zdIvsqIB!Ikk8zV n14)uVuknfVU0 0 tk4!UvAVUdU t!Isr!IU!y!dfUU 9 7Iq w!9!t!U1Vf!t e
UCCS - CS - 591
x gykvi "w AfrAk A'kkrxfgCrxfgA6Abg u v&kk' gtqgAAgvFAvgwkzAfgAgAkgUX kk~ggg 6'vfcXgUzgfAgfAAfrAk k
UCCS - CS - 591
Soft Tempest An Opportunity for NATORoss J. Anderson and Markus G. Kuhn University of Cambridge, Computer Laboratory, New Museums Site, Pembroke Street, Cambridge CB2 3QG, United Kingdom {rja14,mgk25}@cl.cam.ac.ukAbstractNATO countries spend bil
UCCS - CS - 591
NetCard - A Practical Electronic Cash SystemRoss Anderson, Charalampos Manifavas and Chris SutherlandComputer Laboratory, Pembroke Street, Cambridge CB2 3QG1IntroductionOver the last ten years or so, there have been a number of proposals for
UCCS - CS - 591
Letter to GPs 16th October 2006Dear Colleague Re: GP Patient Survey - Your Doctor, Your Experience, Your Say. 1. Introduction You may have already signed up to the "Directed Enhanced Service" entitled the "Improved Access Scheme". If so, you may al
UCCS - CS - 591
Dear Patient Thank you for writing to me with your concerns about accessing your records through the NHS Care Records Service. At the moment there are no local plans in our area for your clinical records to be loaded into the NHS Care Records Service
UCCS - CS - 591
The NSA Security Manual[NOTE: This file was retyped from an anonymous photocopied submission. The authenticity of it was not verified.]Security GuidelinesThis handbook is designed to introduce you to some of the basic security principles and proc
UCCS - CS - 591
q t y ips{igyjiuUyUCtCig`WripVvsgbaekdVeCigkdUYVifhyxeucjvpiigji t c c p ac t t U R vr U t y{ y y a shgehUdyg1Il'Iq R g a vcg v eljyvfbedabYVddhainxhUy bUsxgVSwviys~U VuvbYhUvbe`heinUVTrsbUVddhahvfIcUnXsTVdrVsg xeskhUwvVhSe Y v U
UCCS - CS - 591
!$rr rFHT !dd 3! i3 8 !j@r 3bj 3r " @T i!HT dj @r d rjbm r dj d idj d " " Fjr j d jbd! rd h!d! j3 j4j! d8 u B b rdkm! i d "4j!jfFr! !r4B!" ui Td b 3 d 3 dr i j d r h d
UCCS - CS - 591
3Hi A iqeYI8Q liy { 6 6 9 T 3H'yy dyrcYoi&n&i 6 C 6 ` VV V H{yyqii nb0iCaYyiqin3XS WIS iiiU llyqD&i3IiqiI9 9 T 0ng&Y{0i3 D{ 'Y3ix H9 IriDr3iioiir0RYn 3 i Iyi8G Dy33I
UCCS - CS - 591
Minding your p's and q'sRoss Anderson1 , Serge Vaudenay21 2Computer Laboratory, Pembroke Street, Cambridge, CB2 3QG, England Ecole Normal Suprieure - DMI, 45 rue d'Ulm, 75230 Paris, France eAbstract. Over the last year or two, a large number of
UCCS - CS - 591
Programming Satan's ComputerRoss Anderson and Roger NeedhamCambridge University Computer Laboratory Pembroke Street, Cambridge, England CB2 3QGAbstract. Cryptographic protocols are used in distributed systems to identify users and authenticate tr
UC Davis - PJ - 127
EAE 127 Project 7AUAV Wing Design Part A: Selig 1223 Polar DataFall 2004 Due Thursday, 12/09 (in Class) ! NO Projects will be accepted late !In this project, we will design a wing for a small UAV. The wing will be equipped with the Selig 1223,
Salisbury - EDUC - 17950
By: Kaitlyn KingFauquier County, Virginia Class size varies Emotionally disturbed Part of a team and coteachesTCart and educational games Essay writing Nontraditional Videos EmailsUnseen Repetition Interest More of a need Parental contact
N. Georgia - CCHAND - 2711
Mrs. Mays Special Education Class Digital Media Research Project Rubric Student Name: _ Research Process: Gathered information from journals, books, CD-ROMS, and the Internet Resources are current and reliable Extracted, synthesized, and applied appr
N. Georgia - CCHAND - 2711
How to Tie a ShoePresented by Casey Mays Each student will have a cardboard shoe with laces to practice while we go through the stepsWhat We Will Do Take the shoe laces and place one in each handStep 1 Cross one lace ov
N. Georgia - CCHAND - 2711
Casey Mays Software Evaluation Go to the website for the text, www.scsite/tdc4/ and then go to each chapter( chapters 1-8). Click on Software Corner There will be 5 or 6 descriptions of different software and a link to the company that produces the s
N. Georgia - CCHAND - 2711
Group Members Laurie Alvord, Krista Bess, Amy Hudgins, Katie Knight, and Casey Mays _Group Project Lesson PlanLesson Plan Title: Developed by: Subject Area: Grade Level: Purpose of the Activity: Learning Objectives (include at least one Georgia QC
N. Georgia - CCHAND - 2711
Sense DetectiveName:_ Detective EyesUse your eyes to explore the items at the Sight Station. Write or draw four (4) clues that your eyes see. (Remember, you can only use your eyes to gather clues!)1.2.3.4.Now, take three (3) ste
N. Georgia - CCHAND - 2711
<?xml version="1.0" encoding="UTF-8"?> <Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>0f51429fc01d026c2fd6b961aeda710fb270c269.doc</Key><RequestId>E F3C2119D7A379FB</RequestId><HostId>Q7zGYXChuqzV7LbsefaAn2TAt/d
N. Georgia - CCHAND - 2711
Hearing Centers What Makes This Sound? Listen to each sound on the PowerPoint as many times as needed Cut out the pictures on the worksheet Paste the pictures to the correct number on the worksheet that goes with the number that made that sound on
N. Georgia - CCHAND - 2711
Name:_ Draw a line to match the picture with the word description of the way it tastes.BitterSweetSourSalty
N. Georgia - CCHAND - 2711
Five Senses Book RubricName_ Date _ Students will be evaluated on their participation, behavior, and completion of the Five Senses Book. They will get a stamp for completing each section or an x for not completing each section. The Five Senses Book
Texas A&M - P - 324
Maryland - ENEE - 623
UC Davis - MATH - 133
Math 133: Homework 6Prepared by Gregory Shinault gshinault@math.ucdavis.edu1. Two stocks are available. The corresponding expected rates of return are r1 , r2 ; the 2 2 corresponding variances and covariances are 1 , 2 , 12 . What percentages of
San Diego State - GB - 0910
EducationIn the College of Education General InformationThe College of Education offers graduate study leading to the Master of Arts degree in education with concentrations in the following: counseling, educational technology, elementary curriculum
Princeton - CS - 423
Shortest Path With Negative Weights2 s9 18 6 -16 6 103630 15 -8 20511461916744tContentsContents.sDirected shortest path with negative weights. Negative cycle detection. application: currency exchange arbitrage Tramp ste
San Diego State - MATH - 541
Fall 2008Math 541Homework 1Burden-Faires: 1.1.16, 1.2.4, 1.2.9, 1.3.2, 1.3.7 1. The Greek mathematician Archimedes estimated the number by approximating the circumference of a circle of diameter 1 by the perimeter of both inscribed and circumsc
Penn State - IST - 100
IST 220-001: Networking and TelecommunicationsClass Time Class Room Instructor Office Office Hours Phone / Fax E-mail Teaching Assistant Office Office Hours Phone / Fax E-mail MWF 9:45 AM - 11:00 AM Room 111 Boucke BuildingShaoyi He, Ph.D. 002-S T
San Diego State - MATH - 241
Fall 2004Maple Application HomeworkMath 241(10 pts) Go to the Maple website (http:/www.mapleapps.com/) and find an application that interests you. Work through the application (execute the Maple worksheet), then write a brief description of wha
Texas A&M - P - 620
Final ExamforPetroleum Engineering 620 Fluid Flow in ReservoirsDepartment of Petroleum Engineering Texas A&M University - Summer 2001 Instructor: Tom Blasingame This package includes: - Exam Guidelines - Exam Problem 1 - Exam Problem 2 - Exam Pro
Penn State - IST - 100
IST220, Spring 2002 Lab 5 - Image Map & Animated GraphicsInstruction for creating image maps by using MapEdit1. Download an image file onto c:\temp or U Drive (ex: psu.gif) 2. Create an html file that includes this image, saved as "imap.htm" onto
UCSB - WEB - 221
137 P Central Stores, Receiving,CSAMail Services23456Transportation and Parking Services32 PCSAPublic SafetyUNIVERSITY OF CALIFORNIA, SANTA BARBARAMAP & DIRECTORYAAParking Regulations UCSB Parking Permits required at all ti
Berkeley - ASTRO - 00230115
-1.1899999 -0.54999995 1365.6502 418.64402 -0.54999995 -0.42999995 3638.1102 1031.6327 -0.42999995 -0.30999994 4603.8987 1041.5698 -0.30999994 -0.11000001 3196.1411
Berkeley - ASTRO - 00230115
chi^2/nu= 47.557397 / 33The fit is rejectable at 95.155251 % Confidence -0.550000 -0.430000 4024.4428 -0.430000 -0.310000 4090.0386 -0.310000 -0.110000 4164.5686 -0.110000 -0.030000
Berkeley - ASTRO - 00230115
# t1 t2 dt rad_min rad_max cts err scl bg bg_rat wt 0.096239 0.126326 0.030088 0. 16. 9.00 3.00 0.888134 0.000000 0.069646 0 0.126326 0.194024 0.067697 0. 16. 9.58
Berkeley - ASTRO - 00230115
# t1 t2 dt rad_min rad_max cts err scl bg bg_rat wt 0.096239 0.126326 0.030088 0. 16. 9.00 3.00 0.888134 0.000000 0.069646 0 0.126326 0.194024 0.067697 0. 16. 9.58
Berkeley - ASTRO - 00230115
SIMPLE = T / file does conform to FITS standardBITPIX = 8 / number of bits per data pixelNAXIS = 0 / number of data axesEXTEND = T / FITS dataset may contain extensio
Berkeley - ASTRO - 00230115
# Ep dEp lprob lEiso dlEiso67.040 0.054 -3.53e-05 -11.576 0.12867.097 0.061 -3.03e-04 -11.576 0.12367.163 0.070 -6.27e-04 -11.576 0.12267.238 0.081 -1.02e-03 -11.576 0.12167.325 0.092 -1.51e-03 -11.576 0.12167.423 0.106 -2.10e-03 -11.576 0.120
Berkeley - ASTRO - 00230115
Posterior Peaks at Ep=63.76 (42.10 173.11) keVPosterior Peaks at Eiso=1.13e-05 (9.05e-06 1.93e-05) erg
University of Texas - ZHANGM - 04116
Copyright by May Hongmei Zhang 2005The Dissertation Committee for May Hongmei Zhang Certifies that this is the approved version of the following dissertation:The Differential Effects of Proprietary Cost on the Quality versus Quantity of Voluntary
Penn State - IST - 100
Business Network with De-Militarized Zone (DMZ) Discuss Network Security Issues of a "typical" business Business is connected to the WWW Business provides on-line services to WWW customers Suggest methods to ensure network is securedCopyright L
Penn State - IST - 100
IST 220: Networking and Telecommunications Spring 2002, HEHands-On Exercise #1* Basic Web Page DesignThis hands-on exercise aims at (1) enhancing your understanding of web page design, and (2) developing your basic skills of web page development.
Penn State - IST - 100
IST 220: Networking and Telecommunications Spring 2002, HEHands-On Exercise #2 Interactive Web Programming (I)Problem Statement Dave is currently working as a senior computer consultant in Center for Academic Computing (CAC) at Penn State. He woul
Penn State - IST - 100
IST 220: Networking and Telecommunications Spring 2002, HEHands-On Exercise #4 Short Report On Current TechnologyPURPOSE OF THE EXERCISE: This exercise has a two-fold purpose: 1. To keep you update of the current development of technologies in net
Penn State - IST - 100
Name: _SSN: _ Pop Quiz 1I. MULTIPLE CHOICES 1. A _ network is an interconnection of computers and computing equipment using either wires or radio waves over small or large geographic areas. (a) voice (b) data (c) computer (d) local area Correct A
Penn State - IST - 100
Name: _SSN: _ Pop Quiz 2I. MULTIPLE CHOICES 1. Digital data and digital signals are _ waveforms. 1 (a) continuous 2 (b) data 3 (c) discrete 4 (d) signal Correct Answer: c Page:322. The absolute value of the difference between the lowest and h
Penn State - IST - 100
Name: _SSN: _Pop Quiz 3I. MULTIPLE CHOICES 1. All of the following are true for twisted pair wire, EXCEPT (a) it is the oldest type of conducted media. (b) it is the simplest. (c) it is the most difficult to install. (d) it is the most common. C
Penn State - IST - 100
Name: _ i.SSN: _ Pop Quiz 4 Multiple Choice1. Which of the following is not a network topology? A. star B. hierarchical C. bus D. ring E. wireless Answer: B 2. The media access control protocol A. describes the way in which a node gains access to
Penn State - IST - 100
Name: _SSN: _Pop Quiz 5 A. Multiple Choices1. Which of the following is a device that allows stations to access the physical network and is a transfer point for passing information through the network? (a) PC (b) Station (c) Node (d) Router Cor
Penn State - IST - 100
Name: _SSN: _Pop Quiz 6 A.1.Multiple ChoicesWhich of the following is not a general classification for terminals? A. dumb B. intelligent C. smart D. clever Answer: D A dumb terminal A. is generally not used in block mode. B. generally has no
Penn State - IST - 100
Name: _SSN: _ Pop Quiz 7A. 1.Multiple Choices Which of the following is NOT a service currently offered by the Internet? (a) FTP (b) Gopher (c) TELNET (d) e-mail Correct Answer: b2. The Internet uses which protocol to transfer Web pages? (a)
Penn State - IST - 100
<?xml version="1.0" encoding="UTF-8"?> <Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>1eb7daf9d8267d08046be4a04a236ad2cfad66bf.doc</Key><RequestId>4 DF5EF8EB995CDE4</RequestId><HostId>7JgfYeCDXfVcR7wy0QE7hcVRIwH
Penn State - IST - 100
<?xml version="1.0" encoding="UTF-8"?> <Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>213ee27c79f4cd0f2ab05640642d4c0b1cb2711b.doc</Key><RequestId>8 C4AA91E731F5C49</RequestId><HostId>b6r916uKdahQws0tUjfwKwVoYny
Penn State - IST - 100
IST 220 Section 001J: Journals B: Bonus points Q: Quizzes E: Exercises MT: MidtermIDJ1 J2 B Q1 Q2 Q3 Q4 Q5 Q6 Q7 Q8 Q9 Q10 E1 E2 E3 E4 MT643611 100 100 5 0.9 1.0 0.9 0.8 1.0 1.0 1.0 1.0 1.0 1.0 100 95100100 89 661336 100 100 2 0.9 0.9 1.0 0.9
Penn State - IST - 100
IST 220 Section 004J: Journals B: Bonus points Q: Quizzes E: Exercises MT: MidtermIDJ1 J2 B Q1 Q2 Q3 Q4 Q5 Q6 Q7 Q8 Q9 Q10 E1 E2 E3 E4 MT684013 100 100 3 1.0 1.0 1.0 0.9 1.0 1.0 0.0 1.0 1.0 1.0 100 100 100100 87 723435 100 100 3 1.0 1.0 1.0 0.
Penn State - IST - 100
IST 220: Networking and Telecommunications Spring 2002, HETERM PROJECT*The main purposes of this project are two-fold: (1) to develop/enhance students' overall understanding on networking and web-based technology and (2) to help local organization
Penn State - IST - 100
IST 220 Section 001 Term Project Groups Group No. 1 1 1 1 1 2 2 2 2 2 3 3 3 3 3 4 4 4 4 4 5 5 5 5 6 6 6 6 7 7 7 7 8 8 8 8 8 9 9 9 9 9 10 10 10 10 Name Chen Wesley Cross Michelle A. Nwatu Charles O. Song Eugene J. Stutz Arthur R. Clausen Joel H. Guido