Any user can run an instruction on a cpu without

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: he null mechanism • Let anyone do anything they want • Sounds terrible, but it’s actually the key to the success of computers and networks CS 236 Online Lecture 3 Page 35 Why Is Null Access Control Ever Good? • Any user can run an instruction on a CPU without necessarily checking access control • Any packet can be handled by a router without checking access control • The trick is to apply access control when it’s most important – And to apply it properly CS 236 Online Lecture 3 Page 36 Problems Arising From Null Access Control • Spam • Distributed denial of service – And most other denials of service • Buffer overflows • Worms CS 236 Online Lecture 3 Page 37 Proper Application of Access Control Where do problems actually arise? 1. Not applying access control when you should 2. Improper configuration of access control 3. Bugs in access control mechanisms CS 236 Online Lecture 3 Page 38 Conclusion • Much of security relates to allowing some people access to some resources • While preventing the same access to others • Without some method of determining who should access what . . . You can’t do that CS 236 Online Lecture 3 Page 39...
View Full Document

This document was uploaded on 11/01/2013.

Ask a homework question - tutors are online