Sample solutions to Assignment Total = 130 pts
Transcription
Sample solutions to Assignment Total = 130 pts
Sample solutions to Assignment Total = 130 pts 1.[10] A respected software engineer has said that no computer can ever be made perfectly secure. Why might he/she have said this? 2.[10] Consider a very high-assurance system developed for the military. The system has a set of specifications, and both the design and implementation have been proven to satisfy the specifications. What questions should school administrators ask when deciding whether to purchase such a system for their school's use? 3.[15] Consider the set of rights {read, write, execute, append, list, modify, own}. a.[5] b.[5] c.[5] a. Write a command delete_all_rights(p,q,s). This command caused p to delete all rights the subject q has over the object s. Modify your command so that the deletion can occur only if p has modify rights over s. Modify your command so that the deletion can occur only if p has modify rights over s and q does not have own rights over s. delete_all_rights(p,q,s) enter own into a[p,q] delete read from a[q,s] delete write from a[q,s] delete execute from a[q,s] 1 delete append from a[q,s] delete list from a[q,s] delete modify from a[q,s] delete own from a[q,s] end b. delete_all_rights(p,q,s) if modify in a[p,q] enter own into a[p,q] delete read from a[q,s] delete write from a[q,s] delete execute from a[q,s] delete append from a[q,s] delete list from a[q,s] delete modify from a[q,s] delete own from a[q,s] end end c. delete_all_rights(p,q,s) if modify in a[p,q] AND own NOT in a[p,s] enter own into a[p,q] delete read from a[q,s] delete write from a[q,s] delete execute from a[q,s] delete append from a[q,s] delete list from a[q,s] delete modify from a[q,s] delete own from a[q,s] end end 4.[25] Given the security levels TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and the categories A, B and C, specify what type of access (read, write, both, or neither) is allowed in each of the following situations. Assume that discretionary access controls allow anyone access unless otherwise specified. a.[5] Paul, cleared for (TOP SECRET, {A, C}), wants to access a document classified (SECRET, {B, C}). b.[5] Anna, cleared for (CONFIDENTIAL, {C}), wants to access a document classified (CONFIDENTIAL, {B}). 2 c.[5] Jesse, cleared for (SECRET, {C}), wants to access a document classified (CONFIDENTIAL, {C}). d.[5] Sammi, cleared for (TOP SECRET, {A, C}), wants to access a document classified (CONFIDENTIAL, {A}). e.[5] Robin, who has no clearances (and so works at the UNCLASSIFIED level), wants to access a document classified (CONFIDENTIAL, {B}). 5.[10] Design a two-message authentication protocol, assuming that Alice and Bob know each other's public keys, which accomplishes both mutual authentication and establishment of a session key. Alice picks a session key K and sends along a timestamp. She encrypts K with Bob’s public key and sign the entire message. Bob responds with timestamp encrypted with K. Bob knows its Alice from the signature and timestamp. Alice knows its Bob because only he can decrypt K. 6.[15] Suppose a system implementation of the Strict Integrity Policy (Biba’s Model) used the same labels for integrity levels and categories as for security levels and categories. Under what condition could one subject read an object? Write to an object? 3 7.[15] Decipher the following ciphertext, which was enciphered using the Caesar cipher: TEBKFKQEBZLROPBLCERJXKBSBKQP The key is 3. The text is: WHEN IN THE COURSE OF HUMAN EVENTS 8.[15] Assume that Diffie-Hellman scheme is used, A and B have chosen p=53 and g=13, and private keys kA = 3 and kB = 5. Calculate public keys KA, KB and secret keys SA,B, SB,A . KA = 133 mod 53 = 24 KB = 135 mod 53 = 28 SBA = 245 mod 53 = 10 SAB = 283 mod 53 = 10 9.[15] Consider an RSA digital signature scheme. Alice tricks Bob into signing messages m1 and m2 such that m = m1 m2 mod nBob. Prove that Alice can forge Bob’s signature on m. 4