|
Posted by Ari on August 30, 2007, 12:44 pm
If you were Registered and logged in, you could reply and use other advanced thread options
What do you care? It's their spec, let them deal with it.
On Tue, 28 Aug 2007 12:19:35 -0000, pantagruel wrote:
> Hi,
>
> I am reading over a governmental security specification that applies
> to a type of governmental knowledge management application that is
> invariably ran over https.
> According to the specification it supposes that login to the
> application will be done by using the users login to their operating
> system, invariably assumed to be Windows.
>
> Now from the few bits of security theory I can remember this seems
> like a really bad idea, because it means that an attack on the
> application can now be achieved by :
>
> 1. attacking the application and finding a flaw in how it gets the
> login information
> 2. Attacking windows, controlling a process and then attacking the
> application with the hidden process. That hidden process should then
> have the users login credentials. For example start a hidden IE and
> control its navigation.
> 3. Attacking the ACL system on Windows.
>
> Anyway I guess the main thing irritating me about this spec is it
> seems to assume that have authentication done automatically by using
> the OS authentication is inherently more secure than other methods.
>
> Anyone have any comments on this? Am I off base on my feeling that
> this is more insecure than other methods?
--
"You can't trust code that you did not totally create yourself"
Ken Thompson "Reflections on Trusting Trust"
http://www.acm.org/classics/sep95/
| 
XML site map