CSE420W FINAL
Complete List of Terms and Definitions for CSE420W FINAL
| Terms | Definitions |
|---|---|
| Gigabyte | 1,000,000,000 bytes |
| URL | universal resource locator |
| Comprehensive approach | check slide 42 |
| TCP/IP | Transmission Control Protocol/ Internet protocol. A network standard specifically a protocol that defines how messages 9data) are routed from one end of a network to the other, ensuring the data arrives correctly. It describes rules for dividing messages into packets. |
| Lattices |
Is a mathematical structure (see slide 9 of lecture 9) |
| Pattern | template of abstract architectural elements that can be used to guide you in generating your design |
| EXPLICIT-REFS vs. IMPLICIT-REFS | •Like EXPLICIT-REFS, IMPLICIT-REFS uses a "memory" to store data •EXPLICIT-REFS allows references as expressed values as shown below •In IMPLICIT-REFS, references are only used as denoted values •No more pointers to pointers •All variables (denoted values) are references EXPLICIT-REFS ExpVal = Int + Bool + Proc + Ref(ExpVal) DenVal = ExpVal IMPLICIT-REFSExpVal = Int + Bool + Proc DenVal = Ref(ExpVal) |
| Active attacks |
delete, add, and replay traffic threat for confidentiality, integrity, authentication and non-repudiation |
| T/F: Software refers to instructions directing a computer. | true |
| Failure | departure from the system’s required behavior. |
| Validation | ensures that the system has implemented all of the requirements, so that each system functions can be traced back to a particular requirement in the specification |
| Risk | unwanted event that has negative consequences |
|
Interface Box<T> What is Box called |
raw type |
| Constructors | Build values of a given data type |
| What are secret-key technique to provide efficient? |
Authentication Integrity |
| Public Key Encryption |
confidentiality based on infeasibility of computing B's private key from B's public key key sizes are large ( 512 bits and above) to make this computation infeasible |
|
RSA (Rivest-Shamir-Adleman) |
public key is (n,e) Private key id d encrypt: C = Me mod n decrypt: M = Cd mod n |
| Impact analysis | evaluation of the many risks associated with change, including estimates on resources, effort and schedule |
| Configuration management team | maintains correspondence among the requirements of the design, the implementation, and the tests |
| Crystal | a collection of approaches based on the notion that every project needs a different set of policies, conventions, and methodologies |
| Problem | a risk that is certain to happen. |
| Subject | knows its observers and provides and interface for attaching and detaching observer objects |
| Application Software | programs that work with operating systems to perform specific task |
| Platter | The platter is made of aluminum, glass, or ceramic. It is coated with an alloy material that allows items to be recorded magnetically on its surface. |
| Implementation of Access matrix models |
Access Control Lists Capabilities Relations |
| Challenge Response | User and system share a secret function f (in practice, f is a known function with unkown parameters) |
|
Diffie-Hellman Key Agreement |
security depends on difficulty of computing x given y=ax mod pcalled the discrete logarithm problem |
| T/F: An example of a computer with integrated components is a laptop computer. | true |
| cleanroom | a process that reflects ideas used in chip production to keep faults at a minimum. it is an approach that certifies the software with respect to the specifications and its goal is to produce zero-fault software |
| User | the person or people who will actually use the system |
| Transformation model | applies a series of transformations to change a specification into a deliverable system |
| Private interface | a mechanism that restricts access to class members; other objects cannot see the attributes or (some) methods for that class |
| Widening | Casting from a type lower on the hierarchy to a type higher than. (Implicit but can be type casted) |
| Database | A collection of data organized in a manner that allows access, retrieval, and use of that data. |
| Lexical Scoping | • The scope of lexical variables can be determined statically• Lexical scoping allows variable names to be shadowed and reused• Lexical scopes are nested |
| KERBEROS PROTOCOL |
First service a client accesses is the ticketgranting service Additional services are accessed by getting tickets from the ticket-granting service Shared client-server secret key can be used for confidentiality of each IP packet or each RPC |
| test plan | describes the way in which we will show our customers that the software works correctly |
| Extreme programming | is a set of techniques for leveraging the creativity of developers and minimizing the amount of administrative overhead |
| Object model | defines classes of objects in terms of their functions |
| Requirements/Constraints of an interface |
1.) Must be declared public interface 2.) Methods have no bodies 3.) No constructors provided 4.) Can only have static variables |
| ARPANET | A Network set up by the pentagon to allow scientists at different locations to share information and work together on military and scientific project. This network could function if even part of it were disabled or destroyed. It was a precursor to the internet. |
| perspective on security |
A process Not a turn key product No silver bullet Absolute security does not exist security in most systems can be improved Absolute security is impossibel does not mean absolute insecurity is acceptable |
| MD4, MD5 background info |
proposed by Ron Rivest (of RSA) MD5 is na improved version of MD4 128 bit digest simple, compact and fast |
| Reverse engineer | to look back from the source code to the products that preceded it, recreating design and specification information from the code |
| Refresh rate | The number of times per second that a monitor redraws an image on the screen |
| What is Genome Steganography? | Encoding a hidden message in a strand of human DNA |
| T/F: Internet and Intranet are two terms for the same thing. | false (intranet = local network) |
| Hiding in audio files | Data can be hidden in the audio files. Slight alterations on sound, such as tiny shifts in phase angle, speech cadence, and frequency, can transport hidden information, but are indiscernible to human senses |
| the scope of the declaration | the potion of the program in which a declaration is valid |
| How CD's and DVD's work |
Step 1: A laser diode shines a light beam towards the disc. Step 2: If light strikes a pit, it scatters. If light strikes a land, it is reflected back towards the laser diode. Step 3: Reflected light is deflected to a light-sensing diode, which sends a digital signal of 1 to the computer. Absence of reflected light is read as a digital signal of 0. |
| Good Practice - When writing floats or longs in the program it is good to write ____ | L after longs and f after floats |
