diff -r 56e7e76b37e9 -r 58c3536c5a08 handouts/ho04.tex --- a/handouts/ho04.tex Sun Oct 15 18:57:18 2017 +0100 +++ b/handouts/ho04.tex Sun Oct 15 21:23:16 2017 +0100 @@ -54,7 +54,7 @@ is the rather small footprint in terms of memory, booting times and so on (no big operating system is needed). This allows unikernels to run on low-coast hardware such as -Raspberry Pis or Cubieboards, where they can replace much more +Raspberry Pi's or Cubieboards, where they can replace much more expensive hardware for the same purpose. The low booting times of unikernels are also an advantage when your server needs to scale up to higher user-demands. Then it is often possible to @@ -80,7 +80,7 @@ \end{center} \noindent -you can get 10 Bitcoins. This is approximately +you can get 10 Bitcoins. This is approximately \pounds{}41,000. However, sometimes you cannot, or do not want to, get rid of the operating system. In such cases it is still a good idea @@ -120,8 +120,8 @@ this split is that if an attacker can take control of the \emph{un}privileged process, then he or she cannot do much damage. However, the split into such privileged and -unprivileged processes requires an operating system that -supports Unix-style access controls, which look at next. +unprivileged process requires an operating system that +supports Unix-style access controls, which we will look at next. \subsubsection*{Unix-Style Access Control} @@ -179,7 +179,7 @@ links. If the execute attribute of a directory is \emph{not} set, then one cannot change into the directory and one cannot access any file inside it. If the write attribute is -\emph{not} set, then one can change existing files (provide +\emph{not} set, then one can change existing files (provided they are changeable), but one cannot create new files. If the read attribute is \emph{not} set, one cannot search inside the directory (\pcode{ls -la} does not work) but one can access an @@ -205,7 +205,7 @@ an often occurring problem. For example looking at current active processes with \pcode{/bin/ps} requires access to internal data structures of the operating system, which only -root should be allowed to. In fact any of the following +root should have access to. In fact any of the following actions cannot be configured for single users, but need privileged root access @@ -452,11 +452,11 @@ halves of the key for the MDs and thirds for the Ds. The problem with this kind of sharing a key is that there might be many hundreds MDs and Ds in your organisations. Simple-minded -halving or devision by three of the key just does not work. +halving or division by three of the key just does not work. A much more clever solution was proposed by Blakley and Shamir in 1979. This solution is inspired by some simple geometric -laws. Suppose a three-dimentional axis system. We can, clearly, +laws. Suppose a three-dimensional axis system. We can, clearly, specify a point on the $z$-axis, say, by specifying its coordinates. But we could equally specify this point by a line that intersects the $z$-axis in this point. How can a line be @@ -515,7 +515,7 @@ \noindent About secrecy and integrity, and shared access control I recommend to read the chapters on ``Nuclear Command and Control'' and ``Multi-Level Security'' in Ross Anderson's -Security Engineering book (whose first edition is free). +Security Engineering book (whose second edition is free). \end{document}