Confidencialidad

Bajo este rubro, la idea es mantener los mensajes e información secretos, confidenciales. Por ejemplo, utilizando los personajes de la comunicación, hacer que Ana o Juan se comuniquen sin que Eva o María descifren la información que comparten.

Para conseguir confidencialidad, la mayoría de los sistemas utilizan algún tipo de cifrado de tal manera que, si el texto es entremezclado, se aplica una función inversa que recupere el mensaje como originalmente fue creado.

Autorización

El video anterior se hablaba de los métodos para descubrir con quién se estaba comunicando, ahora bien, el objetivo primordial de la autorización es determinar que las actividades que cierta entidad reconocida son legítimas, en otras palabras, que las acciones a ejecutar en un sistema son validas para los permisos que se tengan como usuario del sistema.

Un ejemplo sencillo como el siguiente: se tiene a un usuario autentificado en el sistema (Ana), una vez se tiene una sesión válida, ella quiere ejecutar un archivo en una sección solo “autorizada” para administradores, entonces el Sistema Operativo lleva a cabo una verificación por medio de la “Lista de Control de Acceso”, en la cual se comparan los permisos de Ana para comprobar si forma parte del grupo “administradores” y así permitirle ejecutar dicho programa.

Autenticación

En futuras entradas, vamos a utilizar a los siguientes personajes para explicar como se establece comunicación entre partes:

Ana & Juan - Chicos buenos
Eva - Chismosa pasiva
María - Chismosa activa
Tomas - Ana & Juan confían en él

Autenticación

Nos permite verificar la identidad de una persona ante un sistema computacional. Para esto es necesario asegurar que la comunicación entre Ana & Juan es verificada sin que terceras partes (Eva o María) sustituyan la identidad de alguno. Básicamente podemos clasificar a las formas genéricas en tres:

- Algo que “Sabes” (por ejemplo, contraseñas).
- Algo que “Tienes” (por ejemplo, token).
- Algo que “Eres” (por ejemplo, biométricos).

Objetivos de Seguridad

La seguridad se debe tratar desde una perspectiva holística, en otras palabras, es necesario cumplir varios requisitos antes de considerar un entorno de Tecnologías de la Información “seguro”.

Muchísimos detalles pueden resultar en imprevistos inesperados que afecten la continuidad de un servicio, en su mayoría relacionados con tecnología. De forma genérica, es posible clasificar en tres: entorno físico, tecnología, políticas y procedimientos. Es típico contar con estos elementos si lo que se busca como prioridad seguridad de un sistema.

PuzzleGony

This is the first app I have developed in years as freelancer, a very simple game targeted for Apple Devices: Mac, iOS and Apple TV

Word capitalization with Haskell

We have this problem, given a string of words, capitalize just the first letter, but the main trouble here is the lack of a common pattern to distinguish between one and another, for example:

"helloanyonethere" -> "HelloAnyoneThere"
"himartin" -> "HiMartin"
"hellorange" -> "HelloRange"
"thereach" -> "TheReach"

Well, the trouble can be addressed using Haskell, list and the always opportune recursion. The input information would be a dictionary that contains all possible words and the string to analyze; the output should be an string with the capitalized letters.

Pentagonal Numbers in Haskell

As part of my refresh on algorithms, data structures and programming, I found this interesting mathematic problem:

Pentagonal numbers are generated by the formula, P_n=n(3n1)/2. The first ten pentagonal numbers are:

1, 5, 12, 22, 35, 51, 70, 92, 117, 145, ...

It can be seen that P₄ + P₇ = 22 + 70 = 92 = P₈. However, their difference, 70  22 = 48, is not pentagonal.

Find the pair of pentagonal numbers, P_j and P_k, for which their sum and difference are pentagonal and D = |P_k  P_j| is minimised; what is the value of D?

Then, I decided to elaborate a program in Haskell that would find the number D. Of course, you can find the code in Github.

Unbalanced Balances...

Once again, I found a challenge in a very common webpage that said the following:

You have a room-full of balances and weights. Each balance weighs ten pounds and is considered perfectly balanced when the sum of weights on its left and right sides are exactly the same. You have placed some weights on some of the balances, and you have placed some of the balances on other balances. Given a description of how the balances are arranged and how much additional weight is on each balance, determine how to add weight to the balances so that they are all perfectly balanced.

There may be more than one way to balance everything, but always choose the way that places additional weight on the lowest balances.

The input file will begin with a single integer, N, specifying how many balances there are.
Balance 0 is specified by lines 1 and 2, balance 1 is specified by lines 3 and 4, etc...
Each pair of lines is formatted as follows:

WL &lt balances &gt
WR &lt balances &gt

WL and WR indicate the weight added to the left and right sides, respectively. &lt balances &gt is a space-delimited list of the other balance that are on that side of this balance. &lt balances &gt may contain zero or more elements.

First Haskell Published Program: Arithmetic Progression

I find Haskell a challenging language, one that let you express yourself in different ways as procedural or object oriented programming allows you to do it. I knew about it quite a few months ago, but I have never had the time to concentrate to develop any example using it. As I found in the Facebook challenge example, I considered was a good opportunity to create a program with the current knowledge of Haskell (minimal) and still learn a lot using what I take for granted in other languages (C++ or Objective C).

At first, it is really a change of paradigm to start thinking about functions instead of variables that you declare at the beginning and use them as the program executes. Here those do not exist in the same way, as it does for loops (while or for) and the list are fundamental for data manipulation, you will notice my tries to force the language to behave as a procedural language, which I am aware it is not the best practice, but for the first steps I consider it is ok.

The statement of the test is the following:

Deferred Lighting: The backdoor, Part 2

In the first part of this article, we covered the a little theory of what this technique means as well as we set the foundations of code that started its execution on main. Now, the functional parts that are needed to create magic are going to be explained as follows.

When the Renderer class is allocated, also the constructor method is called, and here many preparations take place; in the following order: load each necessary CG shader, initialize the sphere lights (8) and place them across the heightmap, create the projection matrix and the root scene node to render objects, load the splash screen as a mesh, and set some configuration of the GCM. It is important to have considered the mesh "Sphere", this object will be the one in charge of draw into the scene the values of each light, in other words, the light will affect only on the area this sphere is colliding with, nothing else, process that differs from a ray tracing procedure. The code for what was explained before is here:

Deferred Lighting: The backdoor, Part 1

Today, I was asked about the theory behind the Deferred Lighting procedure, of which, to be honest, I was starting to forget (too much Functional programming lately); but what is well learned, is never forgotten.

The main idea behind this technique is to delay as much as possible the calculations of light over the objects on the scene, only those that deserve to be rendered will be performed, otherwise will be discarded. This also relies on "several" passes, which also means, the first time an scene is going to be rendered as normal: vertex positions, its normals and the material for each surface and instead of sending it to the screen it is transformed into a "texture" with information of the depth, normals and specular. This last texture becomes the input for the next step, where lighting takes place using the information from the variables from the previous phase. And then one "last" pass calculates all objects in the scene once again but this time it combines the color from the texture with the emissive and ambient light. The image below shows graphically how they are all added:

SSH and Sudoers

After I had set up the server to connect to my internet source, the next step to cover was a way to communicate to it without using the User Interface. As there are many solutions, one of the most common, safe and secure is the SSH protocol (Secure SHell).

In order to archive this in the Ubuntu Server, I followed this tutorial:

 # sudo apt-get install openssh-client openssh-server