Computer Security. Draft Exam with Answers. 2009.



Similar documents
Thick Client Application Security

FINAL DoIT v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

Criteria for web application security check. Version

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

EAC Decision on Request for Interpretation (Operating System Configuration)

Client Server Registration Protocol

VoteID 2011 Internet Voting System with Cast as Intended Verification

Passing PCI Compliance How to Address the Application Security Mandates

What is Web Security? Motivation

OWASP and OWASP Top 10 (2007 Update) OWASP. The OWASP Foundation. Dave Wichers. The OWASP Foundation. OWASP Conferences Chair

External Supplier Control Requirements

How to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering

Authentication Types. Password-based Authentication. Off-Line Password Guessing

05.0 Application Development

DRAFT Standard Statement Encryption

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

elearning for Secure Application Development

Web Application Security

Bypassing Local Windows Authentication to Defeat Full Disk Encryption. Ian Haken

Where every interaction matters.

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

8070.S000 Application Security

RemotelyAnywhere Getting Started Guide

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security

Name: 1. CSE331: Introduction to Networks and Security Fall 2003 Dec. 12, /14 2 /16 3 /16 4 /10 5 /14 6 /5 7 /5 8 /20 9 /35.

Visa U.S.A Cardholder Information Security Program (CISP) Payment Application Best Practices

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Wireless Encryption Protection

90% of data breaches are caused by software vulnerabilities.

CMSC 421, Operating Systems. Fall Security. URL: Dr. Kalpakis

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Application Design and Development

Using Foundstone CookieDigger to Analyze Web Session Management

Two Factor Zero Knowledge Proof Authentication System

Secure Code Development

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication

Summary of Results from California Testing of the ES&S Unity /AutoMARK Voting System

Security vulnerabilities in new web applications. Ing. Pavol Lupták, CISSP, CEH Lead Security Consultant

Overview of the Penetration Test Implementation and Service. Peter Kanters

Web Application Penetration Testing

How To Manage Web Content Management System (Wcm)

JVA-122. Secure Java Web Development

ISM/ISC Middleware Module

3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management

1. a. Define the properties of a one-way hash function. (6 marks)

CS5008: Internet Computing

Web Application Security. Vulnerabilities, Weakness and Countermeasures. Massimo Cotelli CISSP. Secure

Check list for web developers

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

SENSE Security overview 2014

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Strategic Information Security. Attacking and Defending Web Services

NEFSIS DEDICATED SERVER

Web Engineering Web Application Security Issues

WEB SITE SECURITY. Jeff Aliber Verizon Digital Media Services

Web Application Attacks and Countermeasures: Case Studies from Financial Systems

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from

Protecting Data with Short- Lived Encryption Keys and Hardware Root of Trust. Dan Griffin DefCon 2013

Application Security Testing

Enterprise Application Security Workshop Series

ensuring security the way how we do it

Detecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008

Don t Get Burned! Are you Leaving your Critical Applications Defenseless?

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

Security Evaluation CLX.Sentinel

CompTIA Mobile App Security+ Certification Exam (Android Edition) Live exam ADR-001 Beta Exam AD1-001

Quick Reference Guide. Online Courier: FTP. Signing On. Using FTP Pickup. To Access Online Courier.

Keep Yourself Safe from the Prying Eyes of Hackers and Snoopers!

MatriXay WEB Application Vulnerability Scanner V Overview. (DAS- WEBScan ) The best WEB application assessment tool

Members of the UK cyber security forum. Soteria Health Check. A Cyber Security Health Check for SAP systems

Chapter 1: Introduction

Dashlane Security Whitepaper

SQL Injection Protection by Variable Normalization of SQL Statement

CS Final Exam

Content Teaching Academy at James Madison University

Sync Security and Privacy Brief

Network Test Labs (NTL) Software Testing Services for igaming

Security Testing & Load Testing for Online Document Management system

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

Sitefinity Security and Best Practices

SSL/TLS: The Ugly Truth

Chapter 7 Transport-Level Security

Acunetix Web Vulnerability Scanner. Getting Started. By Acunetix Ltd.

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24

OWASP Top Ten Tools and Tactics

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Sample Report. Security Test Plan. Prepared by Security Innovation

Chapter 8. Network Security

Application Intrusion Detection

Transcription:

Computer Security Draft Exam with Answers. 2009. Please note that the questions written here are a draft of the final exam. There may be typos in the questions that were corrected in the final version (available on the web page). Question 1. Access control (a) In access control systems, what is a capability? [10%] A capability is a piece of data possession of which proves authorisation to access a resource. (b) (i) Explain an advantage of access control lists over capability lists. [5%] Access control lists make it easy for an administrator to see who has access to a given resource. (This is harder with capabilities.) (ii) Explain an advantage of capability lists over access control lists. [5%] Capabilities may be transferred offline between users. This is generally not possible with access control lists. (c) A hospital patient record system provides login accounts for nurses. It is desired to implement the following policy: (i) When a nurse registers a new patient, the nurse is granted access to the patient's records for a period of 90 days. (ii) A nurse possessing the right to access a patient record can give that right to another user (this facilitates staff shift changes). This may be done offline. To implement this policy, the system works as follows. When a nurse registers a new patient, a capability to access the patient record for the following 90 days is generated. The nurse stores it on a USB stick, and may copy it onto other USB sticks to give to other users. When a user attempts to access patient records, she is prompted to upload the relevant capability. The capability has the following format: patient-id, issue-date, hmac(k, (patient-id, issue-date)) where hmac(k,...) denotes a suitable keyed hash function with key K. The key K is a secret key known only to the patient record system. Any user in possession of this capability is able to access the records of the patient with patient-id, provided the date is within 90 days after issue-date. (i) Suppose nurse A registers a patient and receives such a capability. A passes it to B, B passes it to C, and C passes it to D. Is D able to use the capability? [4%] Yes, provided the capability is still within its validity period.

(ii) In order to stop long-lived capabilities being distributed widely, the hospital decides to adopt the policy that the nurse that initially registers the patient will have access to the records for 90 days, as before, but if she passes the capability to any other user, the validity should be 10 days from the issue date. Explain a new format for capabilities which would support this new policy. [10%] If we include the user name in the capability, then the system can be programmed to grant 90 days to the named user, and 10 days to any other user. Thus, the new format is: patient-id, issue-date, user-id, hmac(k, (patient-id, issue-date, user-id)) Question 2. Trusted computing (a) What is the purpose of a platform configuration register (PCR) in the TPM? [10%] The purpose of a PCR is to allow the TPM to record the platform state and configuration in a secure way. (b) Explain how a PCR p is updated with new data d. [10%] PCRs may not be written directly; the process of incorporating data d into a PCR p is known as extending p, and corresponds to the assignment p := SHA1(p d). (c) The command TPM_Seal is used to encrypt data and bind it to some PCR values. Suppose TPM_Seal is called with arguments including the usual arguments concerning keys and authorisation data, and also the PCR p and associated value v. The command runs successfully and returns a blob. (i) Explain the conditions under which the blob can later be decrypted. [7%] The blob can be decrypted only if the PCR p has value v, and the relevant authorisation data is given as part of the command. (ii) Explain a scenario in which TPM_Seal might be useful. [7%] For example, in Microsoft BitLocker, the volume encryption key is sealed by the TPM, and can be decrypted only if the relevant PCRs have the correct values, thus ensuring that the system is in the correct configuration state. Question 3. Electronic voting (a) Explain the meaning of the following properties as used in the context of electronic voting systems. (i) individual voter verifiability [5%] (ii) vote-privacy [5%] Individual voter verifiability asserts that, after the election, a voter may verify that her vote has been included in the declared result. Vote privacy means that a voter cannot be linked

with the vote that she cast. (b) For each of the following voting systems, does it satisfy individual voter verifiability? Does it satisfy vote privacy? Explain your answers. (i) Ballot papers such as the ones shown below are distributed, and voters mark with an X their chosen candidate. (A ballot marked in any other way will be considered invalid.) Then an upturned hat is handed around the room. Each voter puts her ballot paper into the hat. At the end of this procedure, someone pins all the ballot papers on a publicly viewable noticeboard, and counts the votes. Candidate C. Baldwin B. Barr J. McCain C. McKinney R. Nader B. Obama Individual verifiability: no. There is no way for a voter to distinguish her ballot paper from that of another voter that voted in the same way. So she cannot be sure her ballot paper is included among those posted on the noticeboard. Vote privacy: yes. A ballot paper on the noticeboard cannot be linked with any voter. (ii) PGP and email are used. An administrator creates a PGP key for the purpose of running the election. We may assume that each voter has an authentic copy of this key (it has been given to each voter in person). To vote, a voter sends an email to the administrator containing her name and her chosen candidate. The email is encrypted with the administrator's key. At the end of this procedure, the administrator publishes the list of voters and their selected candidates on a web page, like this: Voter Mary Jones Bob Smith Anne Wood Peter Green Candidate Obama McCain Obama McKinney Individual verifiability: yes. It is easy for a voter to verify that her vote is included in the published list.

Vote privacy: no. The published list links the voters and their votes. (iii) The protocol by Fujioka, Okamoto and Ohta (studied in lectures) is used. To help you remember the details, a figure illustrating the protocol is given below. [Figure goes here] Individual verifiability: yes. A voter checks that the commitment to her vote is present on the bulletin board, and that the corresponding opened vote is also present. Vote privacy: yes. Because the vote is blind-signed by the administrator, no-one (not even the administrator) can link a voter and her vote. Question 4. Short notes. Write short notes (maximum 100 words) on each of the following topics. (a) Web application penetration testing [10%] A web application penetration test is a method of evaluating the security of a web application by simulating an attack from a malicious source. It analyses the system for potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. Web application penetration testing typically checks for vulnerability to URL manipulation, SQL injection, cross site scripting, back-end authentication, password in memory, session hijacking, buffer overflow, web server configuration, credential management, clickjacking, etc. (b) ISO 27001 Information Security Management System [10%] ISO/IEC 27001 is an ISO standard for evaluating security in information systems. ISO/IEC 27001 certification involves a review of the existence and completeness of key documentation such as the organization's security policy, Statement of Applicability (SoA) and Risk Treatment Plan (RTP). It also includes a detailed, in-depth audit involving testing the existence and effectiveness of the information security controls stated in the SoA and RTP, as well as their supporting documentation. Certification maintenance involves periodic reviews and re-assessments to confirm that the information system continues to operate as specified and intended. (c) How could Alice surf the web without her activity being logged by her ISP? [7%] Alice can use an anonymising proxy, such as anonymizer.com. The traffic between her and the proxy will be SSL encrypted, so that her ISP will see that she is communicating with the proxy but will not see the content of the communication (in either direction). In

particular, it will not see the URLs or contents of the web pages she is actually browsing. This method is insecure if the ISP is able to collude with the proxy. For added security, Alice can use The Onion Router (TOR), which hides her traffic in layers of encryption, each layer controlled by a different node. Compromise of all the nodes simultaneously would be required by the ISP to break Alice's privacy. (d) In what way is the encryption scheme known as DES considered weak? [7%] DES is considered insecure chiefly because its 56-bit key size is too small by the standards of today's computation power. In January 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes. There are also some analytical results which demonstrate theoretical weaknesses in the cipher, although they are unfeasible to mount in practice. The algorithm is believed to be practically secure in the form of Triple DES, although there are theoretical attacks. In recent years, the cipher has been superseded by the Advanced Encryption Standard (AES).

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information