tutorial sheet 04_an..

advertisement
CSE 2500PE Computer Security and Privacy
Problem Sheet 04- Answers
Q1)
What are the four general threats to a computing system? Use one or two concrete
examples
to
explain
each
of
the
four
threats.
Answer: Four possible threats based on the properties that may be compromised are:
availability, confidentially, integrity and authenticity. Refer to the first lecture to see some
examples.
Q2)
List the security services and explain each one them.
Answer: That counters and enhances security threats – in essence methods that can
provide a defence to the above types of threats. For example, authenticity can be
achieved by authentication when a user wants to access a computer system, a digital
signature attached to a file (or data) which is encrypted so that only the receiver can
decode the data.
Q3)
What you mean by passive and active attacks? Is replay a passive or active or
combination of both types of attacks?
Answer: Passive attacks – an example of interception – eavesdropping, monitoring of
transmission – confidentiality property may be compromised, but the availability of data
is not threatened. The primary aim is to obtain the information (which you are not
suppose to know).
Active attacks –modification and denial of services.
Replay is considered to be active attack, for example, one form of replay is sending
copy of a message to multiple recipients (or broadcasting).
Q4)
In the model of security that was presented in the class (lecture 1, slide# 26), a
gatekeeper function is provided at the end of the communication channel before the
entry to organisation’s information systems. Why we can (not) put such kind of
gatekeeper functions in the communication channels (such as data link and network
layers
of
the
channel)?
Answer: We are concerned with the delivery of data or message to the recipient and not
the sender, hence the gate keeper has to be at the other end of the information channel
(this model is applicable for access of data within a system – for example reading a file –
the sender is O/S and the receiver is the user to sending an email message through the
internet).
1 of 3
Q5)
Is
there
any
difference
between
computer
and
network
security?
Answer: Yes, system and system resources security while other also includes the security
of
Q6)
transmission
and
access
of
the
system
resources
thorough
the
net.
Comment on the following design decisions with respect to security.

In a given application, should the protection mechanism in a computer system
focus
on
data,
operations
or
users?
Answer: Should focus on the data that the application manipulates. Here we
assume that the user has the privilege of running the application.

In which layer of the computer system should a security mechanism be placed?
Answer:
Preferably between the application programs (and users) and the
operating system. No point in putting between operating system and the
hardware.

Do you prefer simplicity and higher assurance – to a feature-rich security
environment?
Answer: Simplicity and higher assurance is better from the point of security
maintenance – remember any security mechanism will fail and always you need a
second line of defense.

Should the tasks of defining and enforcing security be given to a central entity or
should
they
be
left
to
individual
components
in
a
system?
Answer: Preferable to a central entity – thereby one can validate the consistency
of security enforcement rules.

How can you prevent an attacker from getting access to a layer below the
protection
Answer:
Q7)
mechanism?
Not
allowing
to
access
objects
in
non-privilege
mode!!
In most multi-user computer systems, users first authenticate themselves to a host
computer and the host computer then performs verification before the user is logged
on.
Q8)
An automatic password checker restricts the password choices to a user in order to
minimize (reduce) the chances of an outside guessing that user’s password.
Q9)
A software company started by a student from this class has entered into the antimalicious code business. His (her) newest product secure-forever, works as follows:

Keeps a database that contains a checksum for every file on the network.

Keeps a database containing signatures for common worms, Trojan horses, and
viruses.

Everyday at noon secure-forever recalculates the checksums for each file and
compares them to the corresponding one stored in the database.
2 of 3

If the checksum differ, secure-forever will use the worm/trojan/virus database
to see if the file contains malicious code, and will print a warning message if a
match is found.
Comment on the advantages and disadvantages of the product (assume that the number
files in the system is large).
Answer: Checksum will be useful only when few bits of a file is changed. For larger
changes and when the algorithm used to generate the checksum is known, checksum
based detection mechanism is not good enough.
Q10)
It was stated that the inclusion of the salt in the Unix password scheme increases the
difficulty of guessing by a factor of 4096? But salt is stored in plaintext in the same entry
as the corresponding cipher text password. Therefore these two characters are known to
the attacker and need not be guessed. Why is it asserted that the salt increases security?
Answer: Since the dictionary attack is carried out offline, first you need to generate the
encrypted version of the possible passwords using all the possible salt – namely all
possible combination of 4096 combinations for each password.
3 of 3
Download