How Does Implementing Timed Logins Enhance Virtual Space Security?

  • Thread starter Thread starter basePARTICLE
  • Start date Start date
  • Tags Tags
    Space Virtual
AI Thread Summary
Securing virtual spaces can be enhanced through the implementation of timed logins, which involve a structured entry format based on user schedules. This system includes parameters like user identity, a defined schedule, and a window of opportunity that specifies recurrence, time of day, and duration. A key discussion point is whether it is more effective for hosts to wait for users as time passes or to validate the time period upon user arrival. The conversation also touches on the historical context of data security, referencing advancements in kernel security policies and memory management techniques that have evolved since the rise of multiuser systems. Trusted systems, such as Oracle and HPUX, utilize these security measures effectively without significant impact on performance. The discussion highlights that the primary security threat often stems from well-meaning but uninformed users, particularly in senior management roles, rather than technical vulnerabilities. The importance of compliance with regulations like the Sarbanes-Oxley Act is also noted, emphasizing the need for robust security protocols in publicly traded companies.
basePARTICLE
Messages
86
Reaction score
0
Securing your virtual space:

by

implementing timed logins. (a space-time formatted entry)

(A) User: {name,schedule}
(B) schedule: {window of opportunity* }
(C) window of opportunity: {recurrance, theHOUR, theMINITE, duration}

(4) recurrance: {any, yearly, quarterly, monthly, weekly, daily, hourly}
(3) theHOUR: {any, morning, afternoon, evening, 0..23, midnight, minuit}
(2) theMINITE: {any, 0..59, first fifteen, last thirty}
(1) duration: {inSECONDS, inMINUTES}

You can implement this and add it to your computer startup routines.

Question: if this was broadly implemented by a host, is it better, to be
waiting for the users as time passes or perform a validation of the time
period as users present themselves?

How would this general implementation affect commerce?
 
Technology news on Phys.org
I worked at Los Alamos a long time ago. The idea of stealing data from some other processes' memory generated a lot of buzz in the labs about 30 years ago when multiuser multiprocessing machines became easily availbable online.

Since then changes to the kernel - such as memory security policies have been implemented for trusted systems, including time of day controls for login or process creation. As you asked. There are also routines that do highwater marking on files and swapfiles (virutal memory storage), and when space is relinquished in either, the space is "erased" with special algorithms that make it extremely difficult to mine left over data.

The answer to your question is: if you look at trusted Oracle or trusted HPUX you will see those security policies are in use everywhere in the SOX-compliant* world with zero perciptible impact. Viruses and other kinds of malware are a much bigger problem than virtual memory access was perceived to be.

The biggest problem for security is well-intentioned but uninformed users, e.g., senior management.

IMO. Your opinion may vary.

*Sarbanes-Oxley Law requires extensive security, not just computer security, at any company that is publicly traded. Thanks for this go to WorldCom and Enron. :smile:
The security analysts of America salute you!
 
Thread 'Is this public key encryption?'

Thread 'Is this public key encryption?'

I've tried to intuit public key encryption but never quite managed. But this seems to wrap it up in a bow. This seems to be a very elegant way of transmitting a message publicly that only the sender and receiver can decipher. Is this how PKE works? No, it cant be. In the above case, the requester knows the target's "secret" key - because they have his ID, and therefore knows his birthdate.
View full post »

Thread 'Who is responsible for the software when AI takes over programming?'

I tried a web search "the loss of programming ", and found an article saying that all aspects of writing, developing, and testing software programs will one day all be handled through artificial intelligence. One must wonder then, who is responsible. WHO is responsible for any problems, bugs, deficiencies, or whatever malfunctions which the programs make their users endure? Things may work wrong however the "wrong" happens. AI needs to fix the problems for the users. Any way to...
View full post »

Hot Threads

Recent Insights

Back
Top