Question { 2864 }

How are privacy and non-repudiation addressed by CORBASEC?

Answer

David Chizmadia
(September, 1998)14 : CORBASEC currently includes an
optional Non-Repudiation Security service. The SecSIG
currently expects to issue an RFP (Request for Proposal) for
a Data Protection service that would allow for applications
to request that a block of data be "wrapped" to protect both
its integrity and confidentiality. In both cases, the
services are easily implemented using (IDUP15 )-GSS as their
foundation. This is in addition to the message-level privacy
and integrity services already provided as part of the
current CORBASEC.

Question { 2973 }

How does CORBA security affect application writers?

Answer

Linda Gricius (March, 1998):

In a secure CORBA system, the same client calls the same
target object that it would call in an unsecured system. The
invocation request is intercepted by the ORB Security
service at both client and target, and the level of
protection required by the current policy settings is
applied. Security may be enforced at the client side, the
target side, or both. This includes support for any or all
of the following:

* Establishing secure associations between the client
and target;
* Integrity and/or confidentiality protection for
individual requests and replies sent between the client and
target;
* Access control checks to determine if the principal is
allowed to perform this operation on the target object;
* Auditing of security-relevant events.

Since the invocation is intercepted in the ORB, it is
transparent to the application. However, applications that
want to enforce their own security controls can call on the
Security services directly.

It's important to note that object implementations do not
need to be changed to fit into and be protected by a secure
ORB. A distributed application may be made up of many small
objects, and it is unusual for all the application
developers to be sufficiently security knowledgeable to make
the right calls on the security facilities.

Question { 2993 }

Does CORBA security guarantee that the request and reply
are not tampered and not intercepted on their way between
the client and the target?

Answer

Roland Turner
(July, 1998): Both of these levels of protection are
catered for by CORBA's Security service. What a vendor
provides is its own choice, often subject to relevant
legislation. (Note that the entire CORBA Security service is
a service and thus not a mandatory part of a CORBA [ed:
Core] implementation.)

Question { 3052 }

What is available in CORBASEC for strong (writer-to-reader)
authentication?

Answer

David Chizmadia
(September, 1998)18 : The CORBA Security Specification
(CORBAsec) currently give apps the ability to indicate that
they want the ORB to establish a mutually authenticated
connection between a client object and a target object. The
strength of the mutual authentication is determined by a
policy set by the ORB security administrator and optionally
overriden by the application.

Question { 3500 }

What are the semantic connotations for rights in CORBA
rights family?

Answer

Extended Question
Gerald Brose: ``The Security Service Specification (Rev
1.2) specifies an default access control policy. This policy
uses "rights" for authorizations. Also, a default rights
family "corba" for use with the domain access policy is
defined (p.15-124) that has rights (s,g,m,u) for set, get,
manage and use. The option of defining new rights families,
is severely limited by the definition of rights families as
structs, and is explicitly discouraged in the spec. to keep
things simple.

Actually, I think this is absolutely inappropriate, but
I might be missing the essential points that justify this
design. My question therefore is:

Given that the corba rights family is intended to serve
most cases, what exactly are the semantic connotations for
these four rights? Are they simply chosen in an ad hoc way,
or is there some deeper reasoning behind this choice, such
as why it would make administration easier in some cases? If
so, how and in which cases?''

Bob Blakley (April, 1998):

This is a good question, and one which we discussed
extensively during the initial definition of the
specification. The basic motivation for defining a small,
standard set of rights and strongly encouraging everyone to
live with that set is that there are a potentially unlimited
number of methods in any given CORBA system (each new class
can introduce large numbers of them), and the set of methods
is semantically very complicated from the viewpoint of the
administrator - methods with the same name may do different
things, methods with different names may do the same thing,
methods may have names which do not at all suggest their
function or sensitivity, and methods belonging to the same
class may have very different consequences if invoked on
different instances with different internal states. This
makes it almost impossible for administrators to manage
policy using methods. Rights are thus introduced as a way to
"group" methods. We could have stopped after introducing the
notion of rights, and allowed implementors or even
administrators to define arbitrary collections of rights,
but we felt that this would lead to a chaotic situation in
which the population of rights would be widely variable
across different vendors' implementations and different
customers' or even departments' deployments, making training
and interoperability a nightmare.

We chose instead to conceive of rights as a kind of
language, to be used definers of new object classes to
communicate the sensitivity of their classes' methods to the
security administrator. We defined a small language of
rights which corresponded generally to the KINDS of
operations which an object-oriented system's methods
perform, namely:

method reads and returns one of the object's data members
method writes one of the object's data members method
executes one of the object's member functions

We defined a right corresponding to each of these basic
KINDS of operations, and added one more right to deal with
the real-world fact that some operations of the same KIND
are more sensitive than others of the same KIND.

Hence the intended semantic connotations of the rights in
the "corba" family are:

s ("set"):
required to access methods which modify an object's
internal state (e.g. setter methods for data members)
g ("get"):
required to access methods which return, but do not
change, an object's internal state (e.g. accessing readonly
attributes or other data members; getter methods)
u ("use"):
required to access methods which perform computations or
call other objects (e.g. member functions)
m ("manage"):
required, usually in addition to one of the other three
rights, to access methods which perform management
activities, are unusually sensitive, or are otherwise
intended for use only by specially privileged callers.

Note that these semantics are NOT "exact" in the sense that
they have neither formal nor normative definitions.
Nevertheless, I think it's quite clear to both class
definers and system administrators what they are supposed to
mean, and how they can be used.

Clearly they aren't an exact match for all possible security
policies in a CORBA environment, but I don't think a system
which supports an exact match for all possible policies
would be one which could be administered by normal humans.

Question { 5649 }

set-user-id is related to (in unix)

Answer

setuid short for set user ID upon execution is Unix access
rights flag that allow users to run an executable with the
permissions of the executable's owner. This is often used to
allow users on a computer system to run programs with
temporarily elevated privileges in order to perform a
specific task. While the assumed user id privileges provided
are not always elevated, at a minimum that is specific.
setuid and setgid are needed for tasks that require higher
privileges than those which a common user has, such as
changing his or her login password. Some of the tasks that
require elevated privileges may not immediately be obvious,
though — such as the ping command, which must send and
listen for control packets on a network interface.

Question { Accenture, 6617 }

What is your current salary p.a.?

Answer

2 lakhs per anum

Question { Infosys, 5150 }

post me some questions from pythom script

Answer

* What is Python?
* What is the Python Software Foundation?
* Are there copyright restrictions on the use of Python?
* Why was Python created in the first place?
* What is Python good for?
* How does the Python version numbering scheme work?
* How do I obtain a copy of the Python source?
* How do I get documentation on Python?
* I’ve never programmed before. Is there a Python tutorial?
* Is there a newsgroup or mailing list devoted to Python?
* How do I get a beta test version of Python?
* How do I submit bug reports and patches for Python?
* Are there any published articles about Python that I
can reference?
* Are there any books on Python?
* Where in the world is www.python.org located?
* Why is it called Python?
* Do I have to like “Monty Python’s Flying Circus”?

# Python in the real world

* How stable is Python?
* How many people are using Python?
* Have any significant projects been done in Python?
* What new developments are expected for Python in the
future?
* Is it reasonable to propose incompatible changes to
Python?
* Is Python Y2K (Year 2000) Compliant?
* Is Python a good language for beginning programmers?

# Upgrading Python

* What is this bsddb185 module my application keeps
complaining about?

Question { Infosys, 5405 }

wednesday i have a interview in u.s empassyy
this is my 2nd interview,
plerase tell how to i explain come back my country
please e-mail me
saisayan@gmail.com

Answer

hi sai...
you can always convince the VO that your only intention is
to complete your higher studies successfully and to return
back to your home country to serve your home country and the
people.

Question { 23039 }

How did you learn about the University?

Answer

through the internet and from the advice and help from my
colleagues and other educational consultants.

Question { 23039 }

How did you learn about the University?

Answer

through the internet and from the advice and help from my
colleagues and other educational consultants.

Question { 23039 }

How did you learn about the University?

Answer

through the internet and from the advice and help from my
colleagues and other educational consultants.

Question { 23039 }

How did you learn about the University?

Answer

through the internet and from the advice and help from my
colleagues and other educational consultants.

Question { Allied Group, 6193 }

Where do you work now?

Answer

i am working at the PAS Engineering pvt Ltd as an Engineer

Question { Allied Group, 6193 }

Where do you work now?

Answer

i am working at the PAS Engineering pvt Ltd as an Engineer