Homework 1

Due Fri. May 12, 2006 before midnight. Email the answers to my Helios account.

Part 1 - Questions from the Books (20pts)

  1. Pfleeger 4.1 - Give an example of the use of physical seperation for security in a computing environment.
  2. Pfleeger 4.4 - Respond to the allegation "An operating system requires no protection for its executable code (in memory) because that code is a duplicate of code maintained on disk."
  3. Pfleeger 4.9 - What are some other levels of protection that users might want to apply to code or data, in addition to the common read, write, and execute permission?
  4. Pfleeger 4.16 - File access control relates largely to the secrecy dimension of security. What is the relationship between an access control matrix and the integrity of the objects to which access is being controlled?
  5. Pfleeger 4.21
    1. If passwords are three uppercase alphabetic characters long, how long (that is, how much time) would it take to determine a particular password, assuming that testing an individual password requires 5 seconds?
    2. Argue for a particular amount of time as the starting point for "secure". That is, suppose an attacker plans to use a brute force attack to determine a password. For what value of x (the total time to try as many passwords as necessary) would the attacker find this attack prohibitively long?
    3. If the cutoff between "secure" and "insecure" were x amount of time, how long would a secure password have to be? State and justify your assumptions regarding the character set from which the password is selected and the amount of time to test a single password.
  6. Bishop 11.5 - The strings used as examples of good passwords are constructed to make them difficult to guess. Yet the particular good passwords in this chapter should not be used as passwords. Why not?
  7. Bishop 11.8 - Does using passwords with salts make attacking a specific account more difficult than using passwords without salts? Explain why or why not.
  8. Bishop 14.1 - In general, ACLs and C-list entries use "owners" (users) rather than individual processes. Why?
  9. Bishop 14.3 - Revoking an individual's access to a particular file is easy when an access control list is used. How hard is it to revoke a user's access to a particular set of files, but not all files? Compare and contrast this with the problem of revokation using capabilities (capability lists, c-lists).
  10. Bishop 14.9 - Although most systems allow objects to have only one owner, it is possible for an object to have two (or more) owners. Consider ownership as a right that allows the changing of capabilities (c-lists or ACLs). How might you implement this right using capabilities (c-lists)? How might you implement it using ACLs? Contrast these implementations with PACLs.

Part 2 - Project Milestone (10pts)

Write a brief summary of three of your references. Also include how far along you are on writing the paper and any questions you might have at this point.