Friday, May 3, 2019
Database Systems Concepts Essay Example | Topics and Well Written Essays - 750 words - 3
Database Systems Concepts - test ExampleOne of the principles of cryptography is double-blind design Make it so as few pile as possible have access to both rouge and lock. In this case, the solution is to have the administrator encode the newss as well as improve security through mechanisms like further password-encrypting the password folder, fashioning the password folder a incomprehensible folder and providing no information as to find it, having drug user logs, etc. The outgo and simplest way is to encrypt the passwords in the first place. When a user enters a password, it is glum into dots or *****. This is to prevent onlookers from seeing it. But it is possible for that process to occur and for the password to still be saved in simple(a) text elsewhere. When one signs up for a forum, it is quite often that ones plain text password is sent to the person in an e-mail. This would mean that any trojan that could read e-mails could considerably acquire the persons passwor d for a site. Solving that problem is certainly slightly stickier, but when it comes to an OS, its very easy. When the password is signed in, it is encrypted locally. This encryption needs to be chosen by the administrator. Only administration has access to the encryption algorithm, so exclusively the administrator can log onto a computer and find passwords. That way, if a time out does occur and whateverone does find the password folder, they see gibberish. Ideally, user names should be encoded as well. What round password retrieval? Use password hint services. Upon signing up for the password, the user also creates some unique security questions. These should be unique enough so as to avoid potential kind engineering approaches The classic What is your mothers maiden name or Who was your first pet can be insecurityy. The best approach is to let the user type in their own question then answer it. However, this course will have to make sure that the password is not in the tex t at all, else people give themselves backdoors which can compromise security. If this fails, then administration can log people in and think passwords. Other basic security tricks can solve this problem, however. The password folder should always be hidden and password-protected itself by a password known only to the admin. This means that even if someone had a paint to the encryption for the passwords, they still couldnt access the password list. And they would find it difficult to locate the password folder in the first place. Similarly, user logs of who logs in and out at various times is a deterrent to this activity. If only legitimate users can log on, then it is easy to find who did it and pursue disciplinary action. The problem comes when a password is stolen from one person by another employee or someone else with access to the company, but at the least, it starts the investigation appropriately. However, it is important to bear in mind that in the modern era its rarely someone breaking into an office and stealing passwords, or even some intrepid employee doing so. Rather, the most likely risk are keyloggers, trojans and malware that seek out the information. Again, if the information is sufficiently encrypted, there is no problem however, this means that the key should only be stored locally on the administrator computer, if it is stored locally at all (I would suggest retention it in a CD-ROM). This means that proper anti-spyware programs and hygiene are key to avoid password stealing problems. Ideally, administrators would sharply control what can be run and what cant be run. When
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment