Dynamic Resource Security: Authorization and Availability
摘要
Security can be simple as long as nothing moves. As soon as you take into account time, things become dynamic. A system that becomes unsafe can never be safe again without a fix, even if there are no adversarial incentives. A system that was subject to unauthorized use can be viewed as unsafe whenever a subject of authority observes the unauthorized use. And then there is the whole conundrum around denial-of-service. This chapter introduces precise models of some of the most familiar security problems.