vault backup: 2022-08-05 15:29:10

2025-12-25 05:44:06 -06:00 · 2022-08-05 15:29:10 +12:00 · 2022-08-05 15:29:10 +12:00 · 179580e721
commit 179580e721
parent 4c2547eabe
10 changed files with 154 additions and 8 deletions
--- a/content/notes/04-authentication-authorisation-passwords.md
+++ b/content/notes/04-authentication-authorisation-passwords.md
@ -9,6 +9,16 @@ sr-interval: 3
 sr-ease: 250
 ---

+- [authorisation](notes/authorisation.md)
+- [authentication](notes/authentication.md)
+- [passwords](notes/passwords.md)
+
+
+
+
+
+
+
 # Authentication
 - proof of identity
 - need to be sure a user is who they say they are before you can trust them
--- a/content/notes/04-computer-architecture.md
+++ b/content/notes/04-computer-architecture.md
@ -4,8 +4,8 @@ aliases:
 tags: 
 - cosc204
 - lecture
-sr-due: 2022-08-04
-sr-interval: 8
+sr-due: 2022-08-24
+sr-interval: 19
 sr-ease: 250
 ---

--- a/content/notes/05-6809-assembly.md
+++ b/content/notes/05-6809-assembly.md
@ -4,12 +4,15 @@ aliases:
 tags: 
 - lecture
 - cosc204
-sr-due: 2022-08-05
-sr-interval: 7
+sr-due: 2022-08-23
+sr-interval: 18
 sr-ease: 250
 ---


+- [6809](notes/6809.md)
+
+
 # Warnings
 - different CPU architectures have their own machine codes and their own assembly languages
 - assembly language programs are **not** portable across CPU architectures (e.g., 6809 to x86 ARM) but are often backwards compatible (e.g., x86_64 family)
--- a/content/notes/07-6809-advanced.md
+++ b/content/notes/07-6809-advanced.md
@ -4,8 +4,8 @@ aliases:
 tags: 
 - lecture
 - cosc204
-sr-due: 2022-08-04
-sr-interval: 3
+sr-due: 2022-08-15
+sr-interval: 10
 sr-ease: 250
 ---

--- a/content/notes/authentication.md
+++ b/content/notes/authentication.md
@ -0,0 +1,26 @@
+---
+title: "authentication"
+aliases: 
+tags: 
+- comp210
+---
+
+# Authentication
+- proof of identity
+- need to be sure a user is who they say they are before you can trust them
+- usually done via a unique identifier
+	- unique username
+- and a secret that is only known by the authorised user
+	- password
+	- biometrics
+	- 2fa code
+
+## MFA
+- many secrets
+- protects user/system in the case that a password is disclosed
+- additional secrets generated at the time of use.
+	- short lived
+	- if found - attackers have a small windoe to exploit
+- e.g.,
+	- sms message
+	- authenticator app
--- a/content/notes/authorisation.md
+++ b/content/notes/authorisation.md
@ -0,0 +1,18 @@
+---
+title: "authorisation"
+aliases: 
+tags: 
+- comp210
+---
+
+
+# Authorisation
+- verifying that a user is allowed to access the operation that they are attempting to access
+- requires explicit check in the system for restricted operatons
+	- some code that check if the roles assigned to the authenticaed user intersect the roles required for the current operation
+- use is assigned a **role** that defines the operations they are allowed to perform
+- e.g.
+	- custoemer - can view products, and see retail prices
+	- sales rep - can view products and see retail and cost prices
+	- manager - can add/delete/modify products
+	- admin - can change system configuration. can assign roles to users
--- a/content/notes/cmoc.md
+++ b/content/notes/cmoc.md
@ -0,0 +1,62 @@
+---
+title: "cmoc"
+aliases: 
+tags: 
+- cosc204
+---
+
+CMOC is a 6809 c compiler.
+
+it compiles c code into 6809 assembly
+
+callling conventions
+- A routine must preserve Y, U, S and DP 
+- A routine may change A, B, X and CC 
+
+- Parameters are pushed on the stack in the reverse order 
+- The caller pops them off the stack after the call 
+
+- char parameters are promoted to int 
+- unsigned char are promoted to unsigned int 
+
+- Return 8-but values in B 
+- Return 16-bit values in D 
+
+# examples
+parameters
+``` c
+uint16_t two_params(uint8_t first, uint16_t second) { 
+	return first + second; 
+} 
+
+uint16_t call_one(void) { 
+	return two_params(204, 431); 
+}
+```
+
+```
+```
+
+local variables
+
+``` c
+uint16_t one_param(uint16_t xyzzy) { 
+	uint16_t val = xyzzy; 
+	return val; 
+}
+```
+
+```
+_one_param 
+	PSHS U 
+	LEAU ,S 
+	LEAS -2,S 
+	* Formal parameter(s): 
+	* 4,U: 2 bytes: xyzzy 
+	* Local non-static variable(s): 
+	* -2,U: 2 bytes: val 
+	LDD 4,U 
+	STD -2,U 
+	LEAS ,U 
+	PULS U,PC
+```
--- a/content/notes/comp-210.md
+++ b/content/notes/comp-210.md
@ -20,6 +20,9 @@ No final exam
 - [cia-triad](notes/cia-triad.md)
 - [cryptography](notes/cryptography.md)
 - [randomness](notes/randomness.md)
+- [authorisation](notes/authorisation.md)
+- [authentication](notes/authentication.md)
+- [passwords](notes/passwords.md)

 # Lectures
 - [01-information-assurance](notes/01-information-assurance.md)
@ -27,5 +30,3 @@ No final exam
 - [03-threats-social-engineering-and-failures](notes/03-threats-social-engineering-and-failures.md)
 - [04-authentication-authorisation-passwords](notes/04-authentication-authorisation-passwords.md)
 - [05-cryptography](notes/05-cryptography.md)
-
-# Archive
--- a/content/notes/cosc-204.md
+++ b/content/notes/cosc-204.md
@ -27,6 +27,7 @@ tags:
 - [ALU](notes/ALU.md)
 - [computer-architecture](notes/computer-architecture.md)
 - [6809-addressing-modes](notes/6809-addressing-modes.md)
+- [6809](notes/6809.md)

 # Lectures
 - [01-bits-and-bytes](notes/01-bits-and-bytes.md)
--- a/content/notes/passwords.md
+++ b/content/notes/passwords.md
@ -0,0 +1,25 @@
+---
+title: "passwords"
+aliases: 
+tags: 
+- comp210
+---
+
+# Passwords
+- not good
+- lots of bad advice
+- we are lazy
+- "safe" passwords are difficult to enter on touch screen devices
+- to many accouts
+
+## entropy
+- amount of randomness
+- measure of the number of guesse an attacker would need to brute foarce
+- $E = log_2(A^L)$ 
+- A = size of alphabet
+- L = length of password
+- E = entropy in bits
+- 80 bits is "safe"
+	- would take decades
+- 6 digits passoword - 29 bits (took 4 seconds to brute force)
+- + uppercase and numbers - 36 bits