举个例子,说明如何在设计安全性时应用强链接 - 弱链接原则一个软件的组件。软件安全中是否存在“弱”模块的概念,在发生攻击时,这些模块将首先故意失败,并确定攻击者无法访问和破坏任何其他更敏感的数据?
Give me an example on how I could apply the Strong Link - Weak Link principle in designing a security component for a piece of software. Is there such a concept of "weak" modules in software security, where in case of an attack these will deliberately fail first, and determine the impossibility of the attacker to access and compromise any other, more sensitive data?
发布评论
评论(1)
可能意外发生的一件事是在字典攻击下失败(如 DoS)。一般来说,你会想要限制,我猜这是弱模块的较弱版本。
One thing that can happen accidentally is to fail (as DoS) under a dictionary attack. Generally you would want to throttle, which I guess is a weaker version of weak module.