The system must control applets’ accesses to sensitive system resources, such as the file system, the processor, the network, and internal state variables. But the term “the file system” is very broad, and useful applets usually need some persistent storage. Suggest controls that could be placed on access to the file system. Your answer has to be more specific than “allow all reads” or “disallow all writes.” Your answer should essentially differentiate between what is “security critical” and not or “harmful” and not.

What will be an ideal response?


On the order of a host-­?based intrusion detection system, consider what privileges the applet requires: to which resources it should legitimately have access.Consider files to which no or few applets should have access, such as the password file, configuration files, and other security-­?critical databases. Consider giving an applet full access to a fenced-­?off storage space, but denying the applet direct access to other files: to what resources does the applet need access to be useful?Be sure to distinguish between “need” and “want”: sometimes recoding the applet can allow it to be access fewer resources without limiting its effectiveness.

Computer Science & Information Technology

You might also like to view...

You can reduce the size of electronic documents when transferring them over the Internet by using a process called _____.

A. zipping B. shrinking C. contracting D. diminishing

Computer Science & Information Technology

Which of the following classification levels for national security information refers to any information or material the unauthorized disclosure of which reasonably could be expected to cause serious damage to the national security?

A) Secret B) Confidential C) Protected D) Top secret

Computer Science & Information Technology

In addition to audio software, you also need a(n) ____ to play sound.?

A. ?skin B. ?audio capture C. ?sound card D. ?MIDI

Computer Science & Information Technology

Identify the category of information warfare that uses various techniques such as propaganda and terror, to demoralize one's adversary in an attempt to succeed in battle.

A. Hacker warfare B. Psychological warfare C. Electronic warfare D. Economic warfare

Computer Science & Information Technology