Bertrand du Castel
 
 
 Timothy M. Jurgensen
                    
MIDORI
PRESS
Cover
Prelude
a b c d e f g
Contents
i ii iii iv
Dieu et mon droit
1 2 3 4 5 6
1 Tat Tvam Asi
7 8 9 10 1 2 3 4 5 6 7 8 9 20 1 2 3 4 5 6 7 8 9 30 1 2 3 4 5 6 7 8
2 Mechanics of Evolution
9 40 1 2 3 4 5 6 7 8 9 50 1 2 3 4 5 6 7 8 9 60 1 2 3 4 5 6 7 8 9 70 1 2
3 Environment
3 4 5 6 7 8 9 80 1 2 3 4 5 6 7 8 9 90 1 2 3 4 5 6 7 8 9 100 1 2
4 Physiology of the Individual
3 4 5 6 7 8 9 110 1 2 3 4 5 6 7 8 9 120 1 2 3 4 5 6 7 8 9 130 1 2 3 4 5 6 7 8 9 140
5 Fabric of Society
1 2 3 4 5 6 7 8 9 150 1 2 3 4 5 6 7 8 9 160 1 2 3 4 5 6 7 8 9 170 1 2 3 4 5 6 7 8 9 180 1 2 3 4 5 6
6 The Shrine of Content
7 8 9 190 1 2 3 4 5 6 7 8 9 200 1 2 3 4 5 6 7 8 9 210 1 2 3 4 5 6
7 In His Own Image
7 8 9 220 1 2 3 4 5 6 7 8 9 230 1 2 3 4 5 6 7 8 9 240 1 2 3 4 5 6 7 8
8 In Search of Enlightenment
9 250 1 2 3 4 5 6 7 8 9 260 1 2 3 4 5 6 7 8 9 270 1 2 3 4 5 6 7 8 9 280 1 2 3 4 5 6 7 8 9 290 1 2
9 Mutation
3 4 5 6 7 8 9 300 1 2 3 4 5 6 7 8 9 310 1 2 3 4 5 6 7 8 9 320 1 2 3 4 5 6 7 8 9 330 1 2 3 4 5 6 7 8 9 340
10 Power of Prayer
1 2 3 4 5 6 7 8 9 350 1 2 3 4 5 6 7 8 9 360 1 2 3 4 5 6 7 8 9 370 1 2 3 4 5 6 7 8 9 380
11 Revelation
1 2 3 4 5 6 7 8 9 390 1 2 3 4 5 6 7 8 9 400 1 2 3 4
Bibliograpy
5 6 7 8 9 410 1 2 3 4 5 6 7 8 9 420
Index
1 2 3 4 5 6 7 8 9 430 1 2 3 4 5 6 7 8 9 440 1 2 3 4 5 6 7 8 9 450 1 2 3 4 5 6

COMPUTER THEOLOGY

systems, they may or may not be in secure enclosures. Again, the security here is similar to that of any physical good, and we have to consider not only the goods themselves (the computers, in one form or another) but also their environment: network links, power supply, temperature control, and the like.

The most interesting case, as far as this book is concerned, is the personal electronic device. Being a small item that accompanies us, it is subject to loss, and therefore its physical security cannot be assumed. As we saw, there are two kinds of personal electronic devices, those with a rich environment surrounding a personal core, like, say, a cellular phone, and those reduced to the personal core, for example chip card for banking. A full-featured personal electronic device is a consumer item, and its cost must be controlled accordingly. For that reason, there are few secured personal electronic devices outside of the military. Typically, the personal electronic device relegates security matters to its trusted core. So, in effect, all personal electronic devices, whether full-featured or bare, end up using similar secure cores. And a secure code must indeed be protected, because it contains the data that are most close to us, whether they are related to our identity, our beliefs, our health or our money. The physical security features of trusted cores are numerous, and we’ll expand on them in the next chapter. Simply, we need it to be clearly established that trusted cores are physically protected, and that we can count on that protection when devising applications related to the use of personal data on the network.

Finally, we must acknowledge a limitation of trusted cores in terms of physical attributes. Trusted cores need to be as simple as possible, because with complexity come security gaps, and they need to be inexpensive, so that they can be used everywhere. This necessarily means that they will have limitations in size, in speed, and accordingly in their response time. That’s why personal data may actually not be all in the trusted core. In some cases, they will be outside of the trusted core, either on a full-featured personal electronic device, or say, on the network somewhere. As those locations are not necessarily secured, the data themselves need to be protected by cryptographic means, which themselves are enabled by the trusted core. For example, a complete encrypted text can be freely available on the network, but if a trusted core is needed to decode it, it’s of no use to steal it; it’s protected. In reality, the situation can get very rapidly complex, because in some cases we want to secure in the trusted core only particular pieces of data residing on the network, or some time we just want to use the trusted core as repository for the decoding keys of the data. In the former case, the trusted core may have to be very sophisticated, since we may want it to process the secure part of the data while the full stream of data itself is processed by a general computer. In the latter, we may have a simpler trusted device: that’s the case of the Trusted Platform Module, the trusted core found on the circuit board of laptops.

Access

Wherever they are, if they cannot be accessed physically, data may be accessed logically, i.e., via the network. For that reason, much of the work on computer security is focused on access methods, which are encompassing three domains, named authentication, authorization and accounting. Whereas, as we’ve said earlier in our discussion of content, there is no full-fledge theory of content that we know of and ours is but a beginning, there is, in comparison, a strong body of work and formalism around access methods and practices. We will then draw on a particular specification of authentication, called SAML (Security Assertion Mockup Language), and on a particular specification of authorization, called XACML (eXtensible Access Control Markup Language), for presenting access concepts and their implementation. Wherever SAML or XACML are lacking, we’ll supplement the discussion with input from other, possibly competing

 

6 The Shrine of Content

203

© Midori Press, LLC, 2008. All rights reserved for all countries. (Inquiries)

The contents of ComputerTheology: Intelligent Design of the World Wide Web are presented for the sole purpose of on-line reading to allow the reader to determine whether to purchase the book. Reproduction and other derivative works are expressly forbidden without the written consent of Midori Press. Legal deposit with the US Library of Congress 1-33735636, 2007.

 

ComputerTheology
Intelligent Design of the World Wide Web
Bertrand du Castel and Timothy M. Jurgensen
Midori Press, Austin Texas
1st Edition 2008 (468 pp)
ISBN 0-9801821-1-5

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)