Introduction, authentication and access control

CIA Paradigm The CIA paradigm for information security states three desiderata: Confidentiality : information should be accessed only by authorized entities. Integrity : information should be…

Identification is when an entity declares its identity ("I am Stefano", "I am Michele", ...) while authentication is whene the entity provides proof that verifies its identity. The threee factors of…

Reference monitor The reference motior enforces access control policies ("who does what on which resource"). All modern kernels have a reference monitor implementation. The requirements of the…

Question 0 Consider the phenomenon of identity stealing in social networks (e.g., Facebook, Twitter), which happens when a cyber criminal steals the username and password of a user and uses them to…

2021-2022 Demo exam exercise 1 (4 points) In a company, each employee works in an open space. We need to design proper policies to minimize the risk that passwords get compromised. Such policies will…