Security functions for a file repository

When personal machines are incorporated into distributed\ud systems a new mixture of threats is exposed.\ud The security effort in the MobyDick project\ud is aimed at understanding how privacy can be protected\ud in this new environment. Our claim is that\ud a two-step process for authentication and authorisation\ud is required, but also sufficient. The research\ud vehicle is a distributed file repository

Pesto flavoured security

We demonstrate that symmetric-key cryptography can be used for both read and write access control. One-time write access can be granted by handing over an encryption key, and our encryption framework allows the revocation of previously granted rights. The number of keys to be managed explicitly grows linearly with the number of access control policies a user defines, making security manageable. The framework is used in the Pesto distributed storage system. In Pesto, policies can be stored the same as other data and the same mechanism can be used to control access to them. Delegation of authority over policies concerning different tasks can then be performed. Separating the different tasks of the system, allows for different tasks to be assigned to different sets of nodes. Nodes need then only be trusted wrt. the specific task(s) they have been assigned with

Detecting Key-Dependencies

The confidentiality of encrypted data depends on how well the key under which it was encrypted is maintained. If a session key was exchanged encrypted under a long-term key, exposure of the long-term key may reveal the session key and hence the data encrypted with it. The problem of key-dependencies between keys can be mapped onto connectivity of a graph, and the resulting graph can be inspected. This article presents a structured method (an algorithm) with which key-dependencies can be detected and analysed. Several well-known protocols are examined, and it is shown that they are vulnerable to certain attacks exploiting key-dependencies. Protocols which are free from this defect do exist. That is, when a session is terminated it is properly closed

Mesterklassen : læringspotensial og funksjon i musikerutdanningen : en kvalitativ intervjuundersøkelse utført blant klaverstudenter ved Norges musikkhøgskole

Denne oppgaven omhandler studenters opplevelser og erfaringer med å delta på mesterklasser, og det læringspotensialet studentene opplever ligger i den. Mesterklasse er en form for instrumentalundervisning, der musikkstudenter/-elever blir undervist av en mester foran en gruppe tilhørere, som normalt består av andre studenter/elever og lærere. Undervisningsformen er mye brukt i musikeropplæringen på alle nivåer, både i og utenfor institusjoner. Masteroppgavens empiriske materiale er en intervjuundersøkelse utført blant klaverstudenter ved Norges musikkhøgskole. For å belyse feltet er det brukt teori om mesterlære (Nielsen og Kvale, 1999), situert læring (Lave & Wenger, 1991) og observasjonslæring (Bandura, 1977). Oppgaven viser at studentene mener det ligger et stort læringspotensiale også i å delta som tilhører på mesterklassen, ved at man lærer noe om verk, komponister, øvemetoder, interpretasjon og lignende. Studentene gir uttrykk for at mesterklassen fyller flere ulike funksjoner på veien mot å bli musiker. Den er både arena for læring i vid forstand og for nettverksbygging, ved at det å spille for anerkjente musikere på mesterklassen kan åpne andre dører inn til konkurranser, lærere eller andre arenaer

New aperture photometry of QSO 0957+561; application to time delay and microlensing

We present a re-reduction of archival CCD frames of the doubly imaged quasar 0957+561 using a new photometry code. Aperture photometry with corrections for both cross contamination between the quasar images and galaxy contamination is performed on about 2650 R-band images from a five year period (1992-1997). From the brightness data a time delay of 424.9 +/- 1.2 days is derived using two different statistical techniques. The amount of gravitational microlensing in the quasar light curves is briefly investigated, and we find unambiguous evidence of both long term and short term microlensing. We also note the unusual circumstance regarding time delay estimates for this gravitational lens. Estimates by different observers from different data sets or even with the same data sets give lag estimates differing by typically 8 days, and error bars of only a day or two. This probably indicates several complexities where the result of each estimate depends upon the details of the calculation.Comment: 14 pages, 16 figures (several in color

File repository transfer protocol. Version 1

This document presents and specifies the protocol that interfaces clients and servers in the File Repository (FR). The FR is a software system that supports sharing of files. The protocol is modelled after Smtp and Nntp and is encoded in Ascii. No details of server implementation is visible in the protocol description, but we state our intentions at several occasions

Peripheral Colour Vision: Effects of Rod Intrusion at Different Eccentricities

AbstractChromaticities of monochromatic lights from different parts of the spectrum were measured both during the cone-plateau period of the long-term dark-adaptation curve and in a completely dark-adapted state. The measurements were obtained at 3, 8, 30 and 65 deg in the temporal field of view and at 1, 2, 3 and 4 log units above the cone-plateau level. The results show that cone-mediated colours obtained during the cone-plateau period in general are desaturated when rod signals intrude during long-term dark adaptation. The desaturation effect of rods obtained at high mesopic illumination levels was found to increase when the test field was moved from 3 to 30 deg but to reduce markedly between 30 and 65 deg. Surprisingly, the desaturation was clearly observable even at a retinal illumination of 20,000 ph td. The desaturation effect of rods is explained by the suggestion that differences in ongoing activity rates of the different types of spectrally opponent cells become levelled out to some extent when light signals from rods intrude during dark adaptation. Copyright © 1996 Elsevier Science Ltd

Off-line Delegation

This article describes mechanisms for offline delegation of access rights to files maintained by a distributed 'File Repository. The mechanisms are designed for a target environment where personal machines are used at times when critical services, such as authentication and authorization services, are not accessible. We demonstrate how valid delegation credentials can be transferred verbally without the use of shared secrets. Our main result shows that delegation of access rights can be accomplished in a system that uses public-key encryption for secrecy and integrity, without forcing the user to rely on a trusted third party, and without requiring connection to the infrastructure. The implementation runs on a contemporary Personal Digital Assistant (PDA); the performance is satisfactory