Qualifier Exam in Information Security Spring 2009

advertisement
Qualifier Exam in Information Security
Spring 2009
To pass the written exam, you must (a) answer at least one question in each of the three sections to the
satisfaction of the examiners and (b) accumulate at least 60 total points.
1
Network Security
Problem 1, 10 points.
A collection of security protocols exist. For example, networks have IPSec, TLS, and various applicationlevel security protocols (e.g., SET). Why are there security protocols at different layers of the network stack?
Are they all necessary? These protocols focus on attack/intrusion prevention; do you think that we need to
monitor the network at more than one layer even for intrusion detection?
Problem 2, 10 points.
(3 points) Assume that you have a “default allow” stateless firewall placed on the edge of an enterprise
network. Define the smallest number of firewall rules that allow HTTP traffic (TCP port 80) to be sent from
the Internet into the network. No other traffic should be allowed. Assume that port and address ranges are
legal in rules, there are only “deny” actions, and the network is comprised only of hosts in 192.168/16. Write
your answer(s) in the following form:
from: IP ‘XXX’ to: port ‘YYY’ action: deny
(7 points) A large portion of the security community now argues that while helpful, firewalls alone are no
longer a sufficient means of dealing with malware. How has the threat landscape changed since the inception
of firewalls to make this true?
Problem 3, 10 points.
A new startup, ProtectU, offers to sell a product to universities that alerts students in the case of an emergency.
During such an event, their backend server is capable of sending 10,000 text messages per second into a
cellular network and that it takes four text messages to deliver an effective alert.
(a) Assume that a campus has a single cell sector and 8 SDCCHs. Assuming the existence of no other
traffic, how long would it take to deliver an alert to 5,000 students? (3 points)
(b) ProtectU’s competitor, SMSaver, offers a backend server that can send 20,000 text messages per second
into a cellular network. Will this system help deliver the alerts to the students faster? (2 points)
(c) Because text messages are spoofable from the Internet, many universities include a link to a public webpage containing further information. Aware of this, how could an Internet-based adversary provide a
valid URL for their false alert without arousing suspicion from the clients or the targeted university? (5 points)
2
System and Software Security
Problem 4, 10 points.
Security is about what we can assume and what we can guarantee given that the assumptions hold. Most research trusts the hardware and in the existence of a trusted computing base (TCB). A TCB must meet several
requirements, including isolation or tamper-resistance, complete mediation, and correctness or verifiability.
Both consumer and research operating systems strive to meet the TCB requirement using a variety of mechanisms. First, discuss how isolation and complete mediation are implemented in at least two operating systems.
In each case, discuss any assumptions that must hold to ensure tamper-resistance and complete mediation and
if the assumptions are realistic. Comment on how well the correctness requirement is met by the operating
system architectures that you choose to explore in this question. Finally, discuss the role that additional hardware support, such as a trust policy module (TMP), may play in building a trusted computing base.
Problem 5, 10 points.
Delegation is an important concept that has been explored in distributed systems security. By using examples,
show why delegation is useful in defining security policies in a decentralized environment. Also, provide a
distributed implementation of delegation. In particular, define the key entities in the environment where you
use delegation, assumptions that you make about each, and outline the protocols that define the interactions
among these entities to achieve delegation based access control decisions.
Problem 6, 10 points.
Explain how Dorothy Denning’s visionary intrusion detection model of 1986 influenced the systems developed by Javitz and Valdez, Forrest et al., and Wagner and Dean years later. Why have none of these systems
ever experienced widespread practical deployment?
3
Cryptography
Problem 7, 10 points.
Kerckhoffs’ principle states that a crypto scheme should be secure even if the scheme’s algorithms are publicly
known, as long as the secret key stays secret.
(a) Explain the reasoning behind this principle.
(b) Explain why this principle does not make sense fundamentally.
Problem 8, 10 points.
Public-key schemes require a public-key infrastructure (PKI), which makes the associations between identities
and public keys publicly available (this is usually done by a trusted third party, a certification authority by
means of public key certificates, certificate revocation lists, etc.). As was originally pointed out by Shamir,
it is desirable to remove the need for a PKI and have identity-based schemes, where each user’s identity, e.g.
an IP address or email address, can serve as a public key, so that a PKI is not necessary. Namely, a trusted
third party would issue a secret key for each user, but the role of the public key would be played by the user’s
identity. It is very challenging to design an identity-based encryption scheme.
Show that it is in fact straight-forward to build identity-based signature schemes from regular signature
schemes. Assume you have a regular signature scheme. Specify (1) the registration protocol between the
trusted third party (TTP) and a user, where the TTP has public and secret keys, the user has an identity, and
as a result the user gets his or her secret key; (2) the signing algorithm performed by a user with his or her
secret key and a message to yield a signature; and (3) the verification algorithm performed by a verifier using
a TTP’s public key, a signature, a message, and a user identity.
Problem 9, 10 points.
The provable-security methodology allows one to confirm that the security of a cryptographic scheme is
guaranteed as long as the underlying assumption is secure. Why isn’t this methodology used to confirm
the security of all practical security protocols, e.g. identity-management, intrusion-detection, anti-virus, antispam, etc., so that all security problems disappear?
Download