20 |
20 |
21 Explain how an attacker $B'$ can launch an impersonation attack by |
21 Explain how an attacker $B'$ can launch an impersonation attack by |
22 intercepting all messages for $B$ and make $A$ decrypt her own challenges. |
22 intercepting all messages for $B$ and make $A$ decrypt her own challenges. |
23 |
23 |
24 |
24 |
25 \item Access control is about deciding whether a principal that |
25 \item Before starting a TCP connection, client and servers |
26 issues a request should be trusted on this request. Explain |
26 perform a three-way handshake: |
27 how such decision problems can be solved by using logic. |
|
28 |
27 |
29 \item The informal meaning of the formula $P\;\textit{controls}\;F$ is |
|
30 `$P$ is entitled to do $F$'. Give a definition for this formula in terms |
|
31 of $\textit{says}$. |
|
32 |
|
33 \item Explain what is meant by a {\it derived} inference rule. |
|
34 |
|
35 |
|
36 \item Give a justification for the derived rule |
|
37 \begin{center} |
28 \begin{center} |
38 \begin{tabular}{c} |
29 \begin{tabular}{rl} |
39 $\Gamma \vdash P\;\textit{controls}\;F$ \hspace{4mm} $\Gamma \vdash P\;\textit{says}\;F$\\\hline |
30 $A \rightarrow S$: & SYN\\ |
40 $\Gamma \vdash F$ |
31 $S \rightarrow A$: & SYN-ACK\\ |
|
32 $A \rightarrow S$: & ACK\\ |
41 \end{tabular} |
33 \end{tabular} |
42 \end{center} |
34 \end{center} |
43 |
35 |
44 %\item Give a justification for the derived rule |
36 How can this protocol be abused causing trouble on the server? |
45 %\begin{center} |
|
46 %\begin{tabular}{c} |
|
47 %$\Gamma \vdash P\;\mapsto\;Q$ \hspace{4mm} $\Gamma \vdash P\;\textit{says}\;F$\\\hline |
|
48 %$\Gamma \vdash Q\;\textit{says}\;F$ |
|
49 %\end{tabular} |
|
50 %\end{center} |
|
51 |
|
52 %\item Model formally the situation that a customer has bought a ticket and requests to see a |
|
53 %movie. For this suppose three principals, {\it Ticket}, {\it Customer} and {\it Cinema}, |
|
54 %and suppose an authorization |
|
55 %\begin{center} |
|
56 %$\textit{Permitted}(\textit{Customer}, \textit{sees\_movie})$. |
|
57 %\end{center} |
|
58 %Using access-control logic, give formulas for a {\it Customer}'s access |
|
59 %request, an access-control policy of the {\it Cinema}, a trust assumption |
|
60 %and a ticket rule. |
|
61 |
|
62 \item Assume $\Gamma$ is a set consisting of the three formulas: |
|
63 \begin{center} |
|
64 \begin{tabular}{l} |
|
65 \\ |
|
66 $(\textit{Admin}\;\textit{says}\;\textit{del\_file})\;\Rightarrow\;\textit{del\_file}$\\ |
|
67 $\textit{Admin}\;\textit{says}\;((\textit{Alice}\;\textit{says}\;\textit{del\_file}) |
|
68 \Rightarrow \textit{del\_file})$\\ |
|
69 $\textit{Alice}\;\textit{says}\;\textit{del\_file}$\\ |
|
70 \\ |
|
71 \end{tabular} |
|
72 \end{center} |
|
73 |
|
74 Give a proof of the judgement |
|
75 \begin{center} |
|
76 $\Gamma \vdash \textit{del\_file}$ |
|
77 \end{center} |
|
78 |
|
79 |
37 |
80 \end{enumerate} |
38 \end{enumerate} |
81 \end{document} |
39 \end{document} |
82 |
40 |
83 %%% Local Variables: |
41 %%% Local Variables: |