Lecture_12_Web_Security2

Lecture_12_Web_Security2 - From Branon Martindale The...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
COMP 6370 Web Security II – Lecture 12 1 From Branon Martindale The presidents of the National Academies said yesterday that the Bush administration was going too far in limiting publication of some scientific research out of concern that it could aid terrorists. Specifically, they said, the administration's policy of restricting the publication of federally financed research it deemed "sensitive but unclassified" threatened to "stifle scientific creativity and to weaken national security." The category of "sensitive but unclassified" was poorly defined, the presidents said in a "Statement on Science and Security in an Age of Terrorism." "Experience shows that vague criteria of this kind generate deep uncertainties among both scientists and officials responsible for enforcing regulations," the statement said. Indeed, the policy, experts said, had already resulted in the administration's withdrawing of thousands of reports and papers from the public domain.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
COMP 6370 Web Security II – Lecture 12 2 Sensitive But Unclassified 9/11 Combat Operations Afghanistan Philippines Balkans Future Operations in Southwest Asia Continued Computer Security Issues SBU Unclassified No criminal sanctions for disclosure exception: information covered by Privacy Act, other legislation or court order
Background image of page 2
COMP 6370 Web Security II – Lecture 12 3 Cookies Where web servers store information about their customers searching large customer databases on server costly HTTP requests do NOT automatically identify individual users Thus easier to use a cooperating browsers’ customer side Server requests browser to store a cookie that contains information the server will use the next time the client calls .netscape/cookies Cookies give browsers the chance to create stateful HTTP sessions Privacy cookies stored by the browser create client profiles
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
COMP 6370 Web Security II – Lecture 12 4 Language Design Decisions (Java) The language itself should make it more difficult for programs to create damage. The execution environment provides mechanisms for access control The security policies enforced by the execution environment have to be set correctly
Background image of page 4
COMP 6370 Web Security II – Lecture 12 5 Java Review: Applets vs. Applications From: Java in a Nutshell – Flanagan “A program in Java consists of one or more class definitions, each of which has been compiled into its own .class file of Java Virtual Machine object code .” One of these classes must define a method main(), which is where the program starts running. To invoke a Java program you run the Java interpreter, java , and specify the name of the class that contains the main() method. A Java applet is NOT an application – it is a Java class that
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 24

Lecture_12_Web_Security2 - From Branon Martindale The...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online