The next two chapters are on access control and cryptography. Even once a client (be it a phone, a PC, or whatever) has authenticated itself satisfactorily to a server—whether with a password or a more elaborate protocol—we still need mechanisms to control which data it can read or write on the server, and which transactions it can execute. It is simplest to examine these issues first in the context of a single centralized system (access control) before we consider how they can be implemented in a more distributed manner using multiple servers, perhaps in different domains, for which the key enabling technology is cryptography. Cryptography is the art (and science) of codes and ciphers. It is much more than a technical means for keeping messages secret from an eavesdropper. Nowadays it is largely concerned with authenticity and management issues: “taking trust from where it exists to where it’s needed” [535].

The final chapter in this part is on distributed systems. Researchers in this field are interested in topics such as concurrency control, fault tolerance, and naming. These take on subtle new meanings when systems must be made resilient against malice as well as against accidental failure. Using old data—replaying old transactions or reusing the credentials of a user who has left some time ago—is a serious problem, as is the multitude of names by which people are known to different systems (email addresses, credit card numbers, subscriber numbers, etc.). Many system failures are due to a lack of appreciation of these issues.

Read this full article at Ross Anderson

Write Comment
Please keep the topic of messages relevant to the subject of the article. Personal verbal attacks will be deleted. Please don't use comments to plug your web site.. Such material will be removed.
Name:
Title:
Comment:
Code:*

Powered by AkoComment!