Suppose that the operations of the BLOB object are separated into two categories – public operations that are available to all users and protected operations that are available only to certain named users. State all of the problems involved in ensuring that only the named users can use a protected operation. Supposing that access to a protected operation provides information that should not be revealed to all users, what further problems arise?
What will be an ideal response?
Each request to access a protected operation must include the identity of the user making the request. The
problems are:
• defining the identities of the users. Using these identities in the list of users who are allowed to access
the protected operations at the implementation of the BLOB object. And in the request messages.
• ensuring that the identity supplied comes from the user it purports to be and not some other user
pretending to be that user.
• preventing other users from replaying or tampering with the request messages of legitimate users.
Further problems.
• the information returned as the result of a protected operation must be hidden from unauthorised users.
This means that the messages containing the information must be encrypted in case they are intercepted
by unauthorised users.
You might also like to view...
Case-Based Critical Thinking QuestionsCase 14-1Max wants to save a worksheet as a Web page. What should he do? Part of Max's worksheet contains formatting that cannot be duplicated in a Web page. He is notified of the problem areas and is given the option of _____.
A. canceling B. continuing with the save C. both canceling and continuing with the save D. either canceling or continuing with the save
Together, the appearance and the way in which the user interacts with the application are known as that application’s ________.
a. abstract window toolkit. b. look-and-feel. c. swing factor. d. All of the above.
What does the Custom tab of the Properties dialog box of the Document Properties feature allow you to do?
A) It allows you to delete fields from the document properties B) It allows you to add custom property categories and assign values to them C) It provides useful information about the document D) It allows you to print the document properties
You can ____ file names in the Site View panel to select the files.
A. F1+CLICK B. TAB+CLICK C. ALT+CLICK D. CTRL+CLICK