Technischer Report
1st Kassel Student Workshop on Security in Distributed Systems
(KaSWoSDS '08)
Abstract
With this document, we provide a compilation of in-depth discussions on some of the most current security issues in distributed systems. The six contributions have been collected and presented at the 1st Kassel Student Workshop on Security in Distributed Systems (KaSWoSDS’08). We are pleased to present a collection of papers not only shedding light on the theoretical aspects of their topics, but also being accompanied with elaborate practical examples. In Chapter 1, Stephan Opfer discusses Viruses, one of the oldest threats to system security. For years there has been an arms race between virus producers and anti-virus software providers, with no end in sight. Stefan Triller demonstrates how malicious code can be injected in a target process using a buffer overflow in Chapter 2. Websites usually store their data and user information in data bases. Like buffer overflows, the possibilities of performing SQL injection attacks targeting such data bases are left open by unwary programmers. Stephan Scheuermann gives us a deeper insight into the mechanisms behind such attacks in Chapter 3. Cross-site scripting (XSS) is a method to insert malicious code into websites viewed by other users. Michael Blumenstein explains this issue in Chapter 4. Code can be injected in other websites via XSS attacks in order to spy out data of internet users, spoofing subsumes all methods that directly involve taking on a false identity. In Chapter 5, Till Amma shows us different ways how this can be done and how it is prevented. Last but not least, cryptographic methods are used to encode confidential data in a way that even if it got in the wrong hands, the culprits cannot decode it. Over the centuries, many different ciphers have been developed, applied, and finally broken. Ilhan Glogic sketches this history in Chapter 6.
Citation
@techreport{urn:nbn:de:hebis:34-2008041421155,
author={Opfer, Stephan and Triller, Stefan and Scheuermann, Stephan and Amma, Till and Blumenstein, Michael and Glogic, Ilhan},
title={1st Kassel Student Workshop on Security in Distributed Systems},
year={2008}
}
0500 Oax 0501 Text $btxt$2rdacontent 0502 Computermedien $bc$2rdacarrier 1100 2008$n2008 1500 1/eng 2050 ##0##urn:nbn:de:hebis:34-2008041421155 3000 Opfer, Stephan 3010 Triller, Stefan 3010 Scheuermann, Stephan 3010 Amma, Till 3010 Blumenstein, Michael 3010 Glogic, Ilhan 4000 1st Kassel Student Workshop on Security in Distributed Systems :KaSWoSDS '08 / Opfer, Stephan 4030 4060 Online-Ressource 4085 ##0##=u http://nbn-resolving.de/urn:nbn:de:hebis:34-2008041421155=x R 4204 \$dTechnischer Report 4170 Kasseler Informatikschriften ;; 2008, 1 7136 ##0##urn:nbn:de:hebis:34-2008041421155
Weise, Thomas Baer, Philipp A. 2008-04-14T11:55:04Z 2008-04-14T11:55:04Z 2008-04-14T11:55:04Z urn:nbn:de:hebis:34-2008041421155 http://hdl.handle.net/123456789/2008041421155 2433280 bytes application/pdf eng Urheberrechtlich geschützt https://rightsstatements.org/page/InC/1.0/ KaSWoSDS'08 Security Distributed Systems Virus Buffer Overflow SQL Injection Spoofing XSS Cross Site Scripting Classical Crypto Systems Security in Distributed Systems 004 1st Kassel Student Workshop on Security in Distributed Systems Technischer Report With this document, we provide a compilation of in-depth discussions on some of the most current security issues in distributed systems. The six contributions have been collected and presented at the 1st Kassel Student Workshop on Security in Distributed Systems (KaSWoSDS’08). We are pleased to present a collection of papers not only shedding light on the theoretical aspects of their topics, but also being accompanied with elaborate practical examples. In Chapter 1, Stephan Opfer discusses Viruses, one of the oldest threats to system security. For years there has been an arms race between virus producers and anti-virus software providers, with no end in sight. Stefan Triller demonstrates how malicious code can be injected in a target process using a buffer overflow in Chapter 2. Websites usually store their data and user information in data bases. Like buffer overflows, the possibilities of performing SQL injection attacks targeting such data bases are left open by unwary programmers. Stephan Scheuermann gives us a deeper insight into the mechanisms behind such attacks in Chapter 3. Cross-site scripting (XSS) is a method to insert malicious code into websites viewed by other users. Michael Blumenstein explains this issue in Chapter 4. Code can be injected in other websites via XSS attacks in order to spy out data of internet users, spoofing subsumes all methods that directly involve taking on a false identity. In Chapter 5, Till Amma shows us different ways how this can be done and how it is prevented. Last but not least, cryptographic methods are used to encode confidential data in a way that even if it got in the wrong hands, the culprits cannot decode it. Over the centuries, many different ciphers have been developed, applied, and finally broken. Ilhan Glogic sketches this history in Chapter 6. open access KaSWoSDS '08 Opfer, Stephan Triller, Stefan Scheuermann, Stephan Amma, Till Blumenstein, Michael Glogic, Ilhan Kasseler Informatikschriften ;; 2008, 1 1st Kassel Student Workshop on Security in Distributed Systems (KaSWoSDS'08) D.4.6 K.6.5 E.3 C.2 C.2.2 C.2.4 K.4.2 B.8 K.5 Kasseler Informatikschriften 2008, 1
The following license files are associated with this item:
:Urheberrechtlich geschützt