• Multiple users on Win9x
  • Physical security
    		•

    The threats to our products April 1, 1999 By Loren Kohnfelder and Praerit Garg




    Download 58.92 Kb.
    bet9/9
    Sana12.08.2023
    Hajmi58.92 Kb.
    #78423
    1   2   3   4   5   6   7   8   9
    Bog'liq
    The-Threats-To-Our-Products

    Rogue administrator is another variation of privilege misuse attack. With all our products, an administrator typically has godlike powers, and when the administrator turns rogue, there is very little we can do to protect the system from utter compromise and destruction. However, more often the attack is unintentional because the administrator is doing non-administrative operations like browsing the Web with administrative privileges.

  • Trust abuse is another attack in this category. Trust abuse is the kind of attack where a software product from a trusted source, such as Microsoft, intentionally or unintentionally violates the user's privacy requirements. An example of trust abuse is if a piece of code sends a user's profile information back to the vendor without the user's confirmation.

    Technologies like Restricted Tokens and RunAs in Windows 2000 attempt to address these issues at different levels, but a security-conscious customer must still play a part by setting proper policies and procedures to prevent non-administrative operations, such as browsing the Internet, when logged on using accounts with administrative privileges. Because of the potential impact of such issues, each of our products should clearly identify during proactive security reviews whether this is addressed or not.

    • Multiple users on Win9x is also a system where one user's data is not protected from another user. This is a fundamental limitation of the platform.

    • Intellectual property violation is another security threat that is becoming significant and will need to be addressed soon. Though it is not necessary for products to handle it, it is necessary for them not to violate it intentionally. The Security Task Force recommends that a proactive security review process for Microsoft products explicitly call this out as a customer consideration and provide a rationale.

    • Physical security is typically assumed in most software security systems. But because physical security requirements are becoming hard to meet in today's Internet-based, connected world, meeting physical security threats is becoming important even though it is not typically necessary, so product review should explicitly make recommendations even if the product doesn't handle it.


    "This paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.


    • Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.


    • © 2009 Microsoft Corporation. All rights reserved.


    Download 58.92 Kb.
    • 1   2   3   4   5   6   7   8   9




    Download 58.92 Kb.
    Bosh sahifa
    Aloqalar
        Bosh sahifa
    Dərs
    Mühazirə
    Qaydalar
    Referat
    Xülasə
    Yazı


    The threats to our products April 1, 1999 By Loren Kohnfelder and Praerit Garg

    Download 58.92 Kb.