{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

14 - Chapter 14 Identity What is identity Multiple names...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
July 1, 2004 Computer Security: A rt and Science Slide #15-1 Chapter 14: Identity What is identity Multiple names for one thing Different contexts, environments Pseudonymity and anonymity
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
July 1, 2004 Computer Security: A rt and Science Slide #15-2 Overview Files and objects Users, groups, and roles Certificates and names Hosts and domains State and cookies Anonymity
Background image of page 2
July 1, 2004 Computer Security: A rt and Science Slide #15-3 Identity Principal : a unique entity Identity : specifies a principal Authentication : binding of a principal to a  representation of identity internal to the  system All access, resource allocation decisions  assume binding is correct
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
July 1, 2004 Computer Security: A rt and Science Slide #15-4 Files and Objects Identity depends on system containing  object Different names for one object Human use,  eg . file name Process use,  eg.  file descriptor or handle Kernel use,  eg . file allocation table entry, inode
Background image of page 4
July 1, 2004 Computer Security: A rt and Science Slide #15-5 More Names Different names for one context Human: aliases, relative  vs . absolute path  names Kernel: deleting a file identified by name can  mean two things: Delete the object that the name identifies Delete the name given, and do not delete actual  object until  all  names have been deleted Semantics of names may differ
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
July 1, 2004 Computer Security: A rt and Science Slide #15-6 Example: Names and Descriptors Interpretation of UNIX file name Kernel maps name into an inode using iterative  procedure Same name can refer to different objects at different  times without being deallocated Causes race conditions Interpretation of UNIX file descriptor Refers to a specific inode Refers to same inode from creation to deallocation
Background image of page 6
July 1, 2004 Computer Security: A rt and Science Slide #15-7 Example: Different Systems Object name must encode location or  pointer to location rsh ssh  style:  host : object URLs:  protocol :// host / object Need not name actual object rsh ssh  style may name pointer (link) to actual  object URL may forward to another host
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
July 1, 2004 Computer Security: A rt and Science Slide #15-8 Users Exact representation tied to system Example: UNIX systems Login name: used to log in to system Logging usually uses this name User identification number (UID): unique  integer assigned to user Kernel uses UID to identify users One UID per login name, but multiple login names  may have a common UID
Background image of page 8
July 1, 2004 Computer Security: A rt and Science Slide #15-9 Multiple Identities UNIX systems again
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}