Spelling suggestions: "subject:"password fault"" "subject:"password adult""
1 |
Securely Handling Inter-Application Connection CredentialsLieberman, Gary 01 January 2012 (has links)
The utilization of application-to-application (A2A) credentials within interpretive language scripts and application code has long been a security risk. The quandaries being how to protect and secure the credentials handled in the main body of code and avoid exploitation from rogue programmers, system administrators and other users with
authorized high levels of privilege.
Researchers report that A2A credentials cannot be protected and that there is no way to reduce the risk of the inevitable successful attack and subsequent exploit. Therefore, research efforts to date have primarily been focused on mitigating the impact of the attack rather than finding ways to reduce the attack surface.
The work contained herein successfully addresses this serious cross-cutting concern and proves that it is in fact possible to significantly reduce the risk of attack. This reduction of risk was accomplished through implementing a method of credential obfuscation which applied advice with concerns utilizing a composition filter. The filter modified messages containing the credentials as they were sent from the interpretive language script to the remote data store.
The modification extracted credentials from a secure password vault and inserted them into the message being sent to the remote data store. This modification moved the handling of the credentials from the main body of code to a secure library and out of the reach of attackers with authorized high levels of privilege. The relocation of the credential handling code lines significantly reduced the attack surface and the overall risk of attack.
|
2 |
Využití klíčenky Gnome v projektu FreeIPA / GNOME Keyring Storage in FreeIPAŽidek, Michal January 2016 (has links)
This master's thesis gives introduction to FreeIPA project and GNOME Keyring project. It discusses benefits of possible integration of GNOME Keyring into FreeIPA using FreeIPA's component called Password Vault. Designs of possible implementations are provided. Prototype of one of these designs is implemented.
|
Page generated in 0.062 seconds