Mercurial Mercurial > hg > sen-material / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | gz | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated
authorcu
Sun, 15 Oct 2017 21:23:16 +0100
changeset 550 58c3536c5a08
parent 549 56e7e76b37e9
child 551 321877915a05
updated
handouts/ho04.pdf file | annotate | diff | comparison | revisions
handouts/ho04.tex file | annotate | diff | comparison | revisions 
Binary file handouts/ho04.pdf has changed
--- a/handouts/ho04.tex	Sun Oct 15 18:57:18 2017 +0100
+++ b/handouts/ho04.tex	Sun Oct 15 21:23:16 2017 +0100
@@ -54,7 +54,7 @@
 is the rather small footprint in terms of memory, booting
 times and so on (no big operating system is needed). This
 allows unikernels to run on low-coast hardware such as
-Raspberry Pis or Cubieboards, where they can replace much more
+Raspberry Pi's or Cubieboards, where they can replace much more
 expensive hardware for the same purpose. The low booting times
 of unikernels are also an advantage when your server needs to
 scale up to higher user-demands. Then it is often possible to
@@ -80,7 +80,7 @@
 \end{center}
 
 \noindent 
-you can get 10 Bitcoins. This is approximately 
+you can get 10 Bitcoins. This is approximately \pounds{}41,000. 
 
 However, sometimes you cannot, or do not want to, get rid of
 the operating system. In such cases it is still a good idea
@@ -120,8 +120,8 @@
 this split is that if an attacker can take control of the
 \emph{un}privileged process, then he or she cannot do much
 damage. However, the split into such privileged and
-unprivileged processes requires an operating system that
-supports Unix-style access controls, which look at next.
+unprivileged process requires an operating system that
+supports Unix-style access controls, which we will look at next.
 
 \subsubsection*{Unix-Style Access Control}
 
@@ -179,7 +179,7 @@
 links. If the execute attribute of a directory is \emph{not}
 set, then one cannot change into the directory and one cannot
 access any file inside it. If the write attribute is
-\emph{not} set, then one can change existing files (provide
+\emph{not} set, then one can change existing files (provided
 they are changeable), but one cannot create new files. If the
 read attribute is \emph{not} set, one cannot search inside the
 directory (\pcode{ls -la} does not work) but one can access an
@@ -205,7 +205,7 @@
 an often occurring problem. For example looking at current
 active processes with \pcode{/bin/ps} requires access to
 internal data structures of the operating system, which only
-root should be allowed to. In fact any of the following
+root should have access to. In fact any of the following
 actions cannot be configured for single users, but need
 privileged root access
 
@@ -452,11 +452,11 @@
 halves of the key for the MDs and thirds for the Ds. The
 problem with this kind of sharing a key is that there might be
 many hundreds MDs and Ds in your organisations. Simple-minded
-halving or devision by three of the key just does not work.
+halving or division by three of the key just does not work.
 
 A much more clever solution was proposed by Blakley and Shamir
 in 1979. This solution is inspired by some simple geometric
-laws. Suppose a three-dimentional axis system. We can, clearly,
+laws. Suppose a three-dimensional axis system. We can, clearly,
 specify a point on the $z$-axis, say, by specifying its
 coordinates. But we could equally specify this point by a line
 that intersects the $z$-axis in this point. How can a line be
@@ -515,7 +515,7 @@
 \noindent About secrecy and integrity, and shared access
 control I recommend to read the chapters on ``Nuclear Command
 and Control'' and ``Multi-Level Security'' in Ross Anderson's
-Security Engineering book (whose first edition is free).
+Security Engineering book (whose second edition is free).
 
 \end{document}
sen-material