Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

Securing your virtual space.

  1. Mar 4, 2008 #1
    Securing your virtual space:


    implementing timed logins. (a space-time formatted entry)

    (A) User: {name,schedule}
    (B) schedule: {window of opportunity* }
    (C) window of opportunity: {recurrance, theHOUR, theMINITE, duration}

    (4) recurrance: {any, yearly, quarterly, monthly, weekly, daily, hourly}
    (3) theHOUR: {any, morning, afternoon, evening, 0..23, midnight, minuit}
    (2) theMINITE: {any, 0..59, first fifteen, last thirty}
    (1) duration: {inSECONDS, inMINUTES}

    You can implement this and add it to your computer startup routines.

    Question: if this was broadly implemented by a host, is it better, to be
    waiting for the users as time passes or perform a validation of the time
    period as users present themselves?

    How would this general implementation affect commerce?
  2. jcsd
  3. Mar 4, 2008 #2

    jim mcnamara

    User Avatar

    Staff: Mentor

    I worked at Los Alamos a long time ago. The idea of stealing data from some other processes' memory generated a lot of buzz in the labs about 30 years ago when multiuser multiprocessing machines became easily availbable online.

    Since then changes to the kernel - such as memory security policies have been implemented for trusted systems, including time of day controls for login or process creation. As you asked. There are also routines that do highwater marking on files and swapfiles (virutal memory storage), and when space is relinquished in either, the space is "erased" with special algorithms that make it extremely difficult to mine left over data.

    The answer to your question is: if you look at trusted Oracle or trusted HPUX you will see those security policies are in use everywhere in the SOX-compliant* world with zero perciptible impact. Viruses and other kinds of malware are a much bigger problem than virtual memory access was perceived to be.

    The biggest problem for security is well-intentioned but uninformed users, e.g., senior management.

    IMO. Your opinion may vary.

    *Sarbanes-Oxley Law requires extensive security, not just computer security, at any company that is publicly traded. Thanks for this go to WorldCom and Enron. :smile:
    The security analysts of America salute you!!
Share this great discussion with others via Reddit, Google+, Twitter, or Facebook