Security Engineering Flashcards
Middleware Platform
connecting software that allows multiple processes running on one or more machines to interact. Helps smooth out connectivity issues
Embedded Systems Platform
Self Contained - mobile computing
Pervasive Computing Platform
Mobile Computing Devices
Web-Based Platform
XML Services - Security Assertion Markup Language (SAML): XML based standard for exchanging authentication and authorization data between security domains.
Common Web-Based Platform Vulnerabilities
Broken access control Broken Account Control Broken Account Management and Session Management Cross-site scripting (XSS) flaws Buffer Overflows Command injection flaws Error Handling problems insecure crypto remote admin flaws web and app server misconfig
Main Tasks of a CPU
Fetching, Decoding, Executing, Storing
Should be able to Multitask on a CPU.
Threads are a series of instructions to the CPU “for a limited time”
Whats a Covert Channel
when attacker can determine when a process is running
Time of check/time of use (TOC TOU), vulnerability
Example would be when a user opens web application and edits document, however right after opening the document the admin locks the page and prevents editing from occurring, since the file was already open, the user could still edit even though the file now is locked down
Parallel Systems
Multiple processors performing tasks on single data set Example Cloud Computing
Distributed System
Multiple processors performing tasks on shared data set. Example Peer to Peer Network