Confused deputy problem (original) (raw)

Property	Value
dbo:abstract	Problém zmateného zástupce (confused deputy problem) je v informatice označení situace, kdy dojde u počítačového programu k podvržení autority třetí stranou. Jedná se zde o specifický způsob elevace oprávnění. V počítačové bezpečnosti je problém zmateného zástupce udáván jako jedna z výhod systémů používajících tzv. , které jsou proti tomuto problému chráněné na rozdíl od systémů využívajících ACL. (cs) In information security, a confused deputy is a computer program that is tricked by another program (with fewer privileges or less rights) into misusing its authority on the system. It is a specific type of privilege escalation. The confused deputy problem is often cited as an example of why capability-based security is important. Capability systems protect against the confused deputy problem, whereas access control list-based systems do not. (en) Confused Deputy Problem （混乱した使節の問題）は、Capability-based securityの重要性を示す例として情報セキュリティ分野で取り上げられる問題である。ユーザ及びクライアントプログラムが、より権限の高い代理プログラムを使用する事により、想定外のセキュリティホールを生む可能性がある。 (ja)
dbo:thumbnail	wiki-commons:Special:FilePath/Don_Knotts_Barney_and...llet_Andy_Griffith_Show.jpg?width=300
dbo:wikiPageExternalLink	http://cap-lore.com/CapTheory/ConfusedDeputy.html http://portal.acm.org/citation.cfm%3Fid=871709 https://everything2.com/title/confused+deputy http://cap-lore.com/CapTheory/ https://web.archive.org/web/20031205034929/http:/www.cis.upenn.edu/~KeyKOS/ConfusedDeputy.html http://citeseer.ist.psu.edu/hardy94confused.html
dbo:wikiPageID	207076 (xsd:integer)
dbo:wikiPageLength	8978 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID	1102474902 (xsd:integer)
dbo:wikiPageWikiLink	dbr:Personal_firewall dbr:Information_security dbr:Compiler dbr:Cross-site_request_forgery dbr:Cross-site_scripting dbr:Computer_program dbr:Clickjacking dbr:Setuid dbr:Web_browser dbr:Access_control_list dbr:Ambient_authority dbr:FTP dbr:Privilege_escalation dbr:Samy_(computer_worm) dbc:Computer_security dbr:File_descriptor dbr:Object-capability_model dbr:Operating_system dbr:Capability-based_security dbr:FTP_bounce_attack dbr:File:Don_Knotts_Barney_and_the_bullet_Andy_Griffith_Show.jpg
dbp:wikiPageUsesTemplate	dbt:Reflist dbt:Short_description dbt:Object-capability_security
dct:subject	dbc:Computer_security
gold:hypernym	dbr:Program
rdf:type	dbo:Work
rdfs:comment	Problém zmateného zástupce (confused deputy problem) je v informatice označení situace, kdy dojde u počítačového programu k podvržení autority třetí stranou. Jedná se zde o specifický způsob elevace oprávnění. V počítačové bezpečnosti je problém zmateného zástupce udáván jako jedna z výhod systémů používajících tzv. , které jsou proti tomuto problému chráněné na rozdíl od systémů využívajících ACL. (cs) In information security, a confused deputy is a computer program that is tricked by another program (with fewer privileges or less rights) into misusing its authority on the system. It is a specific type of privilege escalation. The confused deputy problem is often cited as an example of why capability-based security is important. Capability systems protect against the confused deputy problem, whereas access control list-based systems do not. (en) Confused Deputy Problem （混乱した使節の問題）は、Capability-based securityの重要性を示す例として情報セキュリティ分野で取り上げられる問題である。ユーザ及びクライアントプログラムが、より権限の高い代理プログラムを使用する事により、想定外のセキュリティホールを生む可能性がある。 (ja)
rdfs:label	Problém zmateného zástupce (cs) Confused deputy problem (en) Confused deputy problem (ja)
owl:sameAs	freebase:Confused deputy problem wikidata:Confused deputy problem dbpedia-cs:Confused deputy problem dbpedia-ja:Confused deputy problem dbpedia-lmo:Confused deputy problem https://global.dbpedia.org/id/4hxAe
prov:wasDerivedFrom	wikipedia-en:Confused_deputy_problem?oldid=1102474902&ns=0
foaf:depiction	wiki-commons:Special:FilePath/Don_Knotts_Barney_and_the_bullet_Andy_Griffith_Show.jpg
foaf:isPrimaryTopicOf	wikipedia-en:Confused_deputy_problem
is dbo:wikiPageRedirects of	dbr:Confused_Deputy_Problem dbr:Confused_Deputy
is dbo:wikiPageWikiLink of	dbr:Principle_of_least_privilege dbr:Privilege_separation dbr:Confused_Deputy_Problem dbr:Vulnerability_(computing) dbr:Genode dbr:Criticism_of_Java dbr:Cross-site_request_forgery dbr:Clickjacking dbr:Setuid dbr:Baidu dbr:Ambient_authority dbr:Handle_(computing) dbr:Access-control_list dbr:Clark–Wilson_model dbr:Browser_security dbr:Capability-based_security dbr:Security-focused_operating_system dbr:FTP_bounce_attack dbr:Confused_Deputy
is foaf:primaryTopic of	wikipedia-en:Confused_deputy_problem