Chapter1.Introduction分析.ppt

* * * * * * * * Security Features != Secure Features Sometimes programmers do think about security, but more often than not, they think in terms of security features such as cryptographic ciphers, passwords, and access control mechanisms. A program to be secure All features must be secure (cask?principle). Defective(缺陷) non-security features can lead to a security problem. In many cases, security failings are not related to security features at all. * Security Features != Secure Features A security feature can fail and jeopardize(危害) system security in plenty of ways, but there are usually many more ways in which defective non-security features can go wrong and lead to a security problem. Security features must function correctly to maintain system security. * Security Features != Secure Features Misguidance from WebLogic (2004) Most security for Web applications can be implemented by a Application developers to the details of securing application. WebLogic Server application developers can take advantage of BEA-supplied API for obtaining information about subjects and principals (identifying information for users) that are used by WebLogic Server. API are found in weblogic.security package. system administrator need not pay attention 注释：WebLogic是美国Oracle公司出品的一个application server，是一个基于JAVA EE架构的中间件，WebLogic是用于开发、集成、部署和管理大型分布式Web应用、网络应用和数据库应用的Java应用服务器。 * The Strength of Cryptography “128-bit keys mean strong security, while 40-bit keys are weak”. “triple-DES is much stronger than single DES” “2,048 RSA is better than 1,024 bit RSA” Is these enough? NO. Because most of us design, analyze and break Few try to do research on published algorithms, protocols and actual products. cryptographic system * From Bruce Schneier We don’t have to try every possible key or even find flaws in the algorithms. We exploit Errors in design, Errors in implementation, and Errors in installation. Sometimes we invent a new trick to break a sys