Crossroads The ACM Magazine for Students

Sign In

Association for Computing Machinery

Articles Tagged: Access control

Articles & Features

The principle of least authority: how capabilities can improve internet-scale privacy

SECTION: Features

The principle of least authority: how capabilities can improve internet-scale privacy

The core protocols our computers use to communicate across the internet need to be improved in order to give users control over their privacy and protect metadata. Capabilities encode information about what can be done with data into the data itself, and may be a useful building block for the next generation of internet protocols.

By Jack Grigg, July 2018

PDF | HTML | In the Digital Library

Computer security and intrusion detection

Computer attacks are now commonplace. By connecting your computer to the Internet, you increase the risk of having someone break in, install malicious programs and tools on it, and possibly use it to attack other machines on the Internet by controlling it remotely.Several major banks have been subject to attacks, in which attackers gained access into customers' accounts and viewed detailed information about the activities on these accounts. In some instances the attackers stole credit card information to blackmail e-commerce companies by threatening to sell this information to unauthorized entities. Several online trading companies and e-commerce sites were shut down temporarily due to major packet flood attacks, also known as Denial-of-Service (DoS) attacks, causing these companies to lose revenue, customer satisfaction, and trust [10]. A major software development company discovered that attackers had broken into its network and stolen the source code for future releases of its popular products. Just recently, the source code of the future flagship product belonging to a major software development company was stolen and made publicly available on the Internet.In order to combat this growing trend of computer attacks, both academic and industry groups have been developing systems to monitor networks and systems and raise alarms of suspicious activities. These systems are called Intrusion Detection Systems (IDS).

By Khaled Labib, September 2004

PDF | HTML | In the Digital Library