From the course: Threat Modeling: Tampering in Depth
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Something more privileged
From the course: Threat Modeling: Tampering in Depth
Something more privileged
- [Instructor] If cryptography doesn't meet your needs, you'll rely on something more privileged than your code to provide integrity. That might be an operating system which has a permissions framework. It might be a router, controlling what packets can go where. It might be a cloud provider with its permissions system. It might be a cloud operating system that allows you to construct and run immutable systems. It might even be hardware that provides support for right protection. If you need to create a new permission system, you want to involve experts, because it's tricky to get it right. It's tricky because of issues like canonical names in the face of symlinks, or how to create policies with a good mix of expressiveness and usability. Any component which imposes limitations on how you work, can impose limitations on how an attacker can work. Leverage that.