application access to directories
play

Application access to directories opening Pandoras box Victoriano - PowerPoint PPT Presentation

Jan 09, 2024 •317 likes •1.11k views

The problem The cure The solution Application access to directories opening Pandoras box Victoriano Giralt Central Computing Facility University of Mlaga A November 5th, 2008 Victoriano Giralt Application access to

  1. The problem The cure The solution Application access to directories opening Pandora’s box Victoriano Giralt Central Computing Facility University of Málaga A θηνα November 5th, 2008 Victoriano Giralt Application access to directories

  2. The problem The cure The solution Uses of the directory what is this good for Victoriano Giralt Application access to directories

  3. The problem The cure The solution Uses of the directory what is this good for Most common uses of enterprise directories Victoriano Giralt Application access to directories

  4. The problem The cure The solution Uses of the directory what is this good for Most common uses of enterprise directories White pages 1 Victoriano Giralt Application access to directories

  5. The problem The cure The solution Uses of the directory what is this good for Most common uses of enterprise directories White pages 1 Credential repository for AuthN 2 Victoriano Giralt Application access to directories

  6. The problem The cure The solution Uses of the directory what is this good for Most common uses of enterprise directories White pages 1 Credential repository for AuthN 2 Object classification for AuthR 3 Victoriano Giralt Application access to directories

  7. The problem The cure The solution Uses of the directory what is this good for Most common uses of enterprise directories White pages 1 Credential repository for AuthN 2 Object classification for AuthR 3 Object information repository 4 Victoriano Giralt Application access to directories

  8. The problem The cure The solution AuthN can the user prove his identity? Victoriano Giralt Application access to directories

  9. The problem The cure The solution AuthN can the user prove his identity? There are three main ways for checking credentials Victoriano Giralt Application access to directories

  10. The problem The cure The solution AuthN can the user prove his identity? There are three main ways for checking credentials Binding as the object with the credentials Victoriano Giralt Application access to directories

  11. The problem The cure The solution AuthN can the user prove his identity? There are three main ways for checking credentials Binding as the object with the credentials Retrieving the object and comparing the values Victoriano Giralt Application access to directories

  12. The problem The cure The solution AuthN can the user prove his identity? There are three main ways for checking credentials Binding as the object with the credentials Retrieving the object and comparing the values Searching for an object with the proper values Victoriano Giralt Application access to directories

  13. The problem The cure The solution AuthR is the user allowed to use the application? Victoriano Giralt Application access to directories

  14. The problem The cure The solution AuthR is the user allowed to use the application? The object must either Victoriano Giralt Application access to directories

  15. The problem The cure The solution AuthR is the user allowed to use the application? The object must either possess a certain attribute with a given value belong to a certain category of objects Victoriano Giralt Application access to directories

  16. The problem The cure The solution AuthR is the user allowed to use the application? The object must either possess a certain attribute with a given value belong to a certain category of objects This can be verified either by Victoriano Giralt Application access to directories

  17. The problem The cure The solution AuthR is the user allowed to use the application? The object must either possess a certain attribute with a given value belong to a certain category of objects This can be verified either by retrieving the object and checking the attribute for the value searching for an object that has the appropriate values Victoriano Giralt Application access to directories

  18. The problem The cure The solution Attribute source what does the app need to know about the user? Victoriano Giralt Application access to directories

  19. The problem The cure The solution Attribute source what does the app need to know about the user? The directory can store lots of information Victoriano Giralt Application access to directories

  20. The problem The cure The solution Attribute source what does the app need to know about the user? The directory can store lots of information Unstructured Victoriano Giralt Application access to directories

  21. The problem The cure The solution Attribute source what does the app need to know about the user? The directory can store lots of information Unstructured but syntactically and semantically sound Victoriano Giralt Application access to directories

  22. The problem The cure The solution Attribute source what does the app need to know about the user? The directory can store lots of information Unstructured but syntactically and semantically sound bundled together on the object Victoriano Giralt Application access to directories

  23. The problem The cure The solution Attribute source what does the app need to know about the user? The directory can store lots of information Unstructured but syntactically and semantically sound bundled together on the object and all of it can be provided to the applications Victoriano Giralt Application access to directories

  24. The problem The cure The solution Least privilege principle or the parable of the significant other Victoriano Giralt Application access to directories

  25. The problem The cure The solution Least privilege principle or the parable of the significant other Main characters Victoriano Giralt Application access to directories

  26. The problem The cure The solution Least privilege principle or the parable of the significant other Main characters The user Victoriano Giralt Application access to directories

  27. The problem The cure The solution Least privilege principle or the parable of the significant other Main characters The directory Victoriano Giralt Application access to directories

  28. The problem The cure The solution Least privilege principle or the parable of the significant other Main characters The application Victoriano Giralt Application access to directories

  29. The problem The cure The solution Least privilege principle or the parable of the significant other Victoriano Giralt Application access to directories

  30. The problem The cure The solution Least privilege principle or the parable of the significant other The plot Victoriano Giralt Application access to directories

  31. The problem The cure The solution Least privilege principle or the parable of the significant other The plot Victoriano Giralt Application access to directories

  32. The problem The cure The solution Least privilege principle or the parable of the significant other The plot ⇒ The user gives his credentials to the application Victoriano Giralt Application access to directories

  33. The problem The cure The solution Least privilege principle or the parable of the significant other The plot ⇒ ⇒ The application gives the user’s credentials to the directory Victoriano Giralt Application access to directories

  34. The problem The cure The solution Least privilege principle or the parable of the significant other The plot ⇒ ⇒ ⇐ The application gets user’s access to the directory Victoriano Giralt Application access to directories

  35. The problem The cure The solution Least privilege principle or the parable of the significant other The plot ⇒ ⇒ ⇐ ⇐ The user gets access to the application Victoriano Giralt Application access to directories

  36. The problem The cure The solution Least privilege principle or the parable of the significant other The plot ⇒ ⇒ ⇐ ⇐ Everyone is happy Victoriano Giralt Application access to directories

  37. The problem The cure The solution Least privilege principle or the parable of the significant other The plot ⇒ ⇒ ⇐ ⇐ Everyone is happy, right? Victoriano Giralt Application access to directories

  38. The problem The cure The solution Least privilege principle or the parable of the significant other Victoriano Giralt Application access to directories

  39. The problem The cure The solution Least privilege principle or the parable of the significant other A better plot Victoriano Giralt Application access to directories

  40. The problem The cure The solution Least privilege principle or the parable of the significant other A better plot Victoriano Giralt Application access to directories

  41. The problem The cure The solution Least privilege principle or the parable of the significant other A better plot ⇒ The user gives his credentials to the application Victoriano Giralt Application access to directories

  42. The problem The cure The solution Least privilege principle or the parable of the significant other A better plot ⇒ ⇒ The application gives its credentials to the directory Victoriano Giralt Application access to directories

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Directories & Continuation This Week: How to program with directories more Reading:

Directories & Continuation This Week: How to program with directories more Reading:

Overview Last Week: Efficiency read/write The File File pointer Unix System Programming File control/access Permissions, Meta Data, Ownership, umask, holes Directories & Continuation This Week: How to program with

518 views • 9 slides
Files and Streams File Directories File Directory A set of files and other (sub)directories

Files and Streams File Directories File Directory A set of files and other (sub)directories

Files and Streams File Directories File Directory A set of files and other (sub)directories Principle function: help people find their way around data on a system Implementation Directories are stored as additional files OS maintains a file

486 views • 9 slides
Maternal and Child Health Access Background Changes - Personalized Provider Directories

Maternal and Child Health Access Background Changes - Personalized Provider Directories

Lynn Kersey Maternal and Child Health Access Background Changes - Personalized Provider Directories Improve enrollment materials Plan choice at time of enrollment- consumer preparation/protection Online enrollment Website

376 views • 21 slides
Files and Directories Dalhousie University Winter 2019 Files and Directories Much of the

Files and Directories Dalhousie University Winter 2019 Files and Directories Much of the

CSCI 2132: Software Development Norbert Zeh Faculty of Computer Science Files and Directories Dalhousie University Winter 2019 Files and Directories Much of the operation of Unix and programs running on Unix can be described as processes

701 views • 44 slides
How are file systems implemented? How do we represent CSCI [4|6]730 Directories

How are file systems implemented? How do we represent CSCI [4|6]730 Directories

How are file systems implemented? How do we represent CSCI [4|6]730 Directories (link file names to file structure) Operating Systems The list of blocks containing the data Other information such as access

225 views • 4 slides
PATHS & DIRECTORIES MCS 260 Fall 2020 Week 1 Discussion / FILES AND DIRECTORIES A file is a

PATHS & DIRECTORIES MCS 260 Fall 2020 Week 1 Discussion / FILES AND DIRECTORIES A file is a

PATHS & DIRECTORIES MCS 260 Fall 2020 Week 1 Discussion / FILES AND DIRECTORIES A file is a named object that stores data (e.g. a document). Files cannot contain other files. A directory or folder is a container that stores files &

517 views • 9 slides
File Systems 1. Organizing data into files and directories and supporting primitives to

File Systems 1. Organizing data into files and directories and supporting primitives to

CSE 421/521 - Operating Systems File Systems Fall 2011 Provides organized and efficient access to data on secondary storage: Lecture - XVIII File Systems 1. Organizing data into files and directories and supporting primitives to

345 views • 6 slides
How are file systems implemented? ! How do we represent CSCI [4|6]730 Directories (link file

How are file systems implemented? ! How do we represent CSCI [4|6]730 Directories (link file

How are file systems implemented? ! How do we represent CSCI [4|6]730 Directories (link file names to file structure) Operating Systems The list of blocks containing the data Other information such as access control list or

327 views • 4 slides
School of Law 1 Access to the programme is subject to application. An application form can be

School of Law 1 Access to the programme is subject to application. An application form can be

School of Law 1 Access to the programme is subject to application. An application form can be downloaded on the Website of the University of Cergy-Pontoise : http://droitucp.enbeta.fr/droit-llm GENERAL PRESENTATION Presentation of the

467 views • 14 slides
Build a Geant4 application Geant4 tutorial Application build process 1) Properly organize your

Build a Geant4 application Geant4 tutorial Application build process 1) Properly organize your

JUNO GEANT4 SCHOOL Beijing ( ) 15-19 May 2017 Build a Geant4 application Geant4 tutorial Application build process 1) Properly organize your code into directories 2) Prepare a CMakeLists.txt file 3) Create a build directory and run

384 views • 10 slides
Access to the programme is subject to application. An application form can be downloaded on the

Access to the programme is subject to application. An application form can be downloaded on the

School of Law Access to the programme is subject to application. An application form can be downloaded on the Website of the University of Cergy-Pontoise. www.u-cergy.fr Sections: Etablissement, UFR Droit, International, Studying Law at UCP. 1

297 views • 14 slides
CSCI [4|6]730 Directories (link file names to file structure) The list of blocks

CSCI [4|6]730 Directories (link file names to file structure) The list of blocks

How are file systems implemented? How do we represent CSCI [4|6]730 Directories (link file names to file structure) The list of blocks containing the data Opera2ng Systems Other informa2on such as access control list or

380 views • 6 slides
UC UC SF SF Introduction: Retrograde Access Wide spread application of endovascular

UC UC SF SF Introduction: Retrograde Access Wide spread application of endovascular

UC UC SF SF Introduction: Retrograde Access Wide spread application of endovascular techniques to infrageniculate arterial occlusive disease Pedal Access: Technical failure rate of crossing complex tibio-peroneal lesions of ~10%

498 views • 7 slides
19/01227/OUT Outline application for up to 42 dwellings including access and associated works

19/01227/OUT Outline application for up to 42 dwellings including access and associated works

19/01227/OUT Outline application for up to 42 dwellings including access and associated works (all matters reserved for future consideration) Land off Rectory Close Ashleworth Gloucester GL19 4JJ Location plan Aerial view Application site

360 views • 9 slides
Files & Directories - II implementing pwd set-UID-bit Tevfik Ko ar

Files & Directories - II implementing pwd set-UID-bit Tevfik Ko ar

CSC 4304 - Systems Programming In Todays Class Fall 2008 Directory Structure in UNIX inode manipulation Lecture - VII Files & Directories - II implementing pwd set-UID-bit Tevfik Ko ar Louisiana State

524 views • 4 slides
Application Registration Contact for Application Access Gus Metz, Chief Underwriter/AHAP

Application Registration Contact for Application Access Gus Metz, Chief Underwriter/AHAP

Application Registration Contact for Application Access Gus Metz, Chief Underwriter/AHAP Administrator gmetz@mhdc.com 816.759.6878 Denise Greenbaum, Information Services Administrator dgreenbaum@mhdc.com 816.759.6674 New in FY2018

650 views • 8 slides
Design and Architectural Principles Internet Security [1] VU Engin Kirda

Design and Architectural Principles Internet Security [1] VU Engin Kirda

Design and Architectural Principles Internet Security [1] VU Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at News from the Lab Challenge 4 will be announced today (16:00) after the lecture E-Mail

384 views • 34 slides
Authorization We will use the terms authorization and access control interchangeably

Authorization We will use the terms authorization and access control interchangeably

Authorization We will use the terms authorization and access control interchangeably Authorization answers the question who is allowed to do what ? A first step in the development of an access control system is the

651 views • 53 slides
New York Metro Joint Computer Security Conference William Hugh Murray whmurray@sprynet.com 705

New York Metro Joint Computer Security Conference William Hugh Murray whmurray@sprynet.com 705

New York Metro Joint Computer Security Conference William Hugh Murray whmurray@sprynet.com 705 Weed StreetNew Canaan, CT 06840 1-203-966-4769 1-203-326-1266 Mobile/SMS http://whmurray.blogspot.com/ CVEs Breaches IOCs

204 views • 5 slides
Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System

Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System

Role-Based Access Control Corban Rivera CS 6204, Spring 2005 1 Trusted Computer System Evaluation Criteria (TCSEC) Background MAC Mandatory Access Control Firm security levels DAC Discretionary Access Control Access

240 views • 6 slides
SECURITY CHALLENGES FOR INTERNET TECHNOLOGIES ON MOBILE DEVICES Key Questions 1. How are Web

SECURITY CHALLENGES FOR INTERNET TECHNOLOGIES ON MOBILE DEVICES Key Questions 1. How are Web

Anil Dhawan, Program Manager Rich Internet Applications Windows Mobile [anild@microsoft.com] Geir Olsen, Program Manager Security for Windows Mobile [geiro@microsoft.com] Microsoft Corp SECURITY CHALLENGES FOR INTERNET TECHNOLOGIES ON

454 views • 6 slides
Advanced Security Automation Made Simple Mark Nunnikhoven Vice President, Cloud Research at

Advanced Security Automation Made Simple Mark Nunnikhoven Vice President, Cloud Research at

Advanced Security Automation Made Simple Mark Nunnikhoven Vice President, Cloud Research at Trend Micro @marknca The goal of cybersecurity Make sure that systems work as intended The goal of cybersecurity Make sure that systems work as

824 views • 45 slides
Landlock LSM: toward unprivileged sandboxing Micka el Sala un ANSSI September 14, 2017 1 /

Landlock LSM: toward unprivileged sandboxing Micka el Sala un ANSSI September 14, 2017 1 /

Landlock LSM: toward unprivileged sandboxing Micka el Sala un ANSSI September 14, 2017 1 / 21 Secure user-space software How to harden an application? secure development follow the least privilege principle compartmentalize

789 views • 61 slides
Risk Management Who I Am B.S. Business Administration MIS Master of Business

Risk Management Who I Am B.S. Business Administration MIS Master of Business

Risk Management Who I Am B.S. Business Administration MIS Master of Business Administration (MBA) Information Assurance Consulting SFS Scholar School of Nursing Graduate Assistant Security Development

446 views • 27 slides

More recommend