Edit WYSIWYGattachfile Attach PDF Raw View►More Actions▼More Actions


Restore topic to revision: You will be able to review the topic before saving it to a new revision

Copy text and form data to a new topic (no attachments will be copied though).
Name of copy:
You will be able to review the copied topic before saving

Rename/move topic... scans links in all public webs (recommended)
Rename/move topic... scans links in CBI_ComputerSecurity web only
Delete topic... scans links in all public webs (recommended)
Delete topic... scans links in CBI_ComputerSecurity web only

Revision Date Username Comment
325 Feb 2014 - 10:02norqu036? 
218 Feb 2014 - 13:03norqu036? 
118 Feb 2014 - 09:52norqu036? 

Render style:     Context:


 History: r3 < r2 < r1
[X] Hide this message.
Notice: On June 30, 2016, UMWiki service will be decommissioned. If you have information in UMWIki that needs to be preserved, you should make plans to move it before that date. Google Sites is anticipated to be the most popular and appropriate alternative for users because it offers a more modern and user-friendly interface and unlimited capacity. To learn more about the features of Google Sites and other alternatives, and to identify which one best fits your needs, see the University’s Website Solution Selection Guide. If you have concerns or would like help regarding this change and your options, please contact Technology Help at help@umn.edu
You are here: UMWiki>CBI_ComputerSecurity Web>Mechanisms>MechanismsTrapdoor (25 Feb 2014, norqu036)

Current Activitieslock Who is Who?lock People Programs Publications CSHW_2014 Systems Events Mechanisms

Trapdoor

A trapdoor is a hidden piece of code within a larger program that that allows the user to perform normally unauthorized actions. The trapdoor code allows the user to bypass any security mechanisms that have been put in place to protect the program. Some trapdoors are planted for legitimate use in testing or maintenance of the program. These trapdoors allow programmers to more easily sort out bugs as the program is developed. Examples include pieces of code that allow the programmer to halt the program and force it to display its internal calculations for examination. Other trapdoors are purposefully hidden by malicious programmers in order to allow them unauthorized access. An example would be a coded trapdoor in the software for an Automated Teller Machine that allows the user to access the money in the machine when the right series of numbers or commands are entered by the user. Diagnostic trapdoors that programmers forget to remove are serious vulnerabilities for any system, and may be discovered and exploited by malicious users. Intentionally hidden trapdoors are purposefully designed to be exploited. Either kind can be found if the program is properly reviewed, but often modern programs are large enough for their development to be distributed amongst may different individuals, resulting in a greater risk of both kinds of trapdoor.(1)

Notes

1 : C. E. Landwehr et al. "A Taxonomy of Computer Program Security Flaws, with Examples" DTIC Document, Naval Research Laboratory, 1994.


Topic revision: r3 - 25 Feb 2014 - 10:02:10 - norqu036
 
Signed in as lewi0740 (NicLewis) | Sign out
UMWiki UMWiki
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding UMWiki? Send feedback