| author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
| Fri, 10 Oct 2014 12:39:11 +0100 | |
| changeset 234 | 17e0efbec5d0 |
| parent 122 | f0e51ffd2965 |
| child 239 | 0db764174afb |
| permissions | -rw-r--r-- |
| 39 | 1 |
\documentclass{article}
|
2 |
\usepackage{charter}
|
|
3 |
\usepackage{hyperref}
|
|
| 50 | 4 |
\usepackage{amssymb}
|
| 39 | 5 |
|
6 |
\begin{document}
|
|
7 |
||
8 |
\section*{Homework 4}
|
|
9 |
||
10 |
\begin{enumerate}
|
|
|
117
59d3bf386a6d
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
11 |
\item Explain what is meant by \emph{Kerckhoffs' principle}.
|
| 39 | 12 |
|
|
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
13 |
\item How can a system that separates between \emph{users} and \emph{root} be of any
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
14 |
help with buffer overflow attacks? |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
15 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
16 |
\item Consider the following simple mutual authentication protocol: |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
17 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
18 |
\begin{center}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
19 |
\begin{tabular}{ll}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
20 |
$A \rightarrow B$: & $N_a$\\ |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
21 |
$B \rightarrow A$: & $\{N_a, N_b\}_{K_{ab}}$\\
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
22 |
$A \rightarrow B$: & $N_b$\\ |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
23 |
\end{tabular}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
24 |
\end{center}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
25 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
26 |
Explain how an attacker $B'$ can launch an impersonation attack by |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
27 |
intercepting all messages for $B$ and make $A$ decrypt her own challenges. |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
28 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
29 |
\item Explain what are the differences between dictionary and brute forcing attacks against passwords. |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
30 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
31 |
\item In the context of which information flow should be protected, explain briefly the |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
32 |
differences between the {\it read rule} of the Bell-LaPadula access
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
33 |
policy and the Biba access policy. Do the same for the {\it write rule}.
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
34 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
35 |
\item A Unix directory might look as follows: |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
36 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
37 |
\begin{center}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
38 |
\begin{verbatim}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
39 |
$ ls -ld . * */* |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
40 |
drwxr-xr-x 1 ping staff 32768 Apr 2 2010 . |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
41 |
-rw----r-- 1 ping students 31359 Jul 24 2011 manual.txt |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
42 |
-r--rw--w- 1 bob students 4359 Jul 24 2011 report.txt |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
43 |
-rwsr--r-x 1 bob students 141359 Jun 1 2013 microedit |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
44 |
dr--r-xr-x 1 bob staff 32768 Jul 23 2011 src |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
45 |
-rw-r--r-- 1 bob staff 81359 Feb 28 2012 src/code.c |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
46 |
-r--rw---- 1 emma students 959 Jan 23 2012 src/code.h |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
47 |
\end{verbatim}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
48 |
\end{center}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
49 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
50 |
with group memberships assigned as follows: |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
51 |
\begin{center}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
52 |
\begin{tabular}{ll}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
53 |
Members of group staff: & ping, bob, emma\\ |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
54 |
Members of group students: & emma\\ |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
55 |
\end{tabular}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
56 |
\end{center}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
57 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
58 |
The file microedit is a text editor, which allows its users to open, edit and |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
59 |
save files. Note carefully that microedit has set its setuid flag. |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
60 |
Fill in the access control matrix below that shows for each of the above five files, |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
61 |
whether ping, bob, or emma are able to obtain the right to read (R) or replace (W) its |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
62 |
contents using the editor microedit.\bigskip |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
63 |
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
64 |
\begin{center}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
65 |
\begin{tabular}{r|c|c|c|c|c}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
66 |
& manual.txt & report.txt & microedit & src/code.c & src/code.h \\\hline |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
67 |
ping & & & & &\\\hline |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
68 |
bob & & & & &\\\hline |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
69 |
emma & & & & &\\ |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
70 |
\end{tabular}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
71 |
\end{center}
|
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
72 |
|
| 39 | 73 |
|
74 |
\end{enumerate}
|
|
75 |
||
| 50 | 76 |
|
| 39 | 77 |
\end{document}
|
78 |
||
79 |
%%% Local Variables: |
|
80 |
%%% mode: latex |
|
81 |
%%% TeX-master: t |
|
82 |
%%% End: |