Question 1: 400 words
How should cache handling be accomplished in order to minimize the ability of the attacker to deliver a payload through the cache?
Question 2: 600 words
As you consider the reputation service and the needs of customers or individual consumers, as well as, perhaps, large organizations that are security conscious like our fictitious enterprise, Digital Diskus, what will be the expectations and requirements of the customers? Will consumers’ needs be different from those of enterprises? Who owns the data that is being served from the reputation service? In addition, what kinds of protections might a customer expect from other customers when accessing reputations?