Skip to main content
Department of Information Technology

Assignment 4

Please read the general instructions for hand-in assignments.
Don't forget to include the assurance and group list at the top of your handin.
If you still cannot make electronic signatures, hand in on paper.

The deadline for this assignment is Monday, October 17, 2005, 10:15 (am).

If you find a question unclear, please ask Björn for clarification, and check this space for such clarifications!

  • 051013: question 1 clarified from "user permissions/privileges" to "user rights/permissions/privileges".

ACL vs capabilities revisited [3p]

  1. Motivate well why both file ACLs and user rights/permissions/privileges (not to be confused with rights in ACLs) are used in Windows access control (why not just use one of these)?
  2. In Windows, give an example of a user right/permission/privilege used in access control, and explain what its effect is.
  3. In Unix, give a different example of a user right/permission/privilege used in access control, and explain what its effect is.

Revocation [3p]

Explain and compare how user rights/permissions are revoked in Kerberos and DSSA/SPX, respectively. Motivate the differences, if any.

Kernels and Models [3p]

Explain the relation between security kernels and security models, and how the concepts can help eachother. If we e.g. ignore one of them, how would it affect the other?

Cookie jar [3p]

The IT web server performs authentication based on usernames and passwords, using an HTTPS/SSL connection for the transfer of the username+password. If the authentication succeeds, the server stores a cookie on the client. This cookie can subsequently be used by the client for authentication over standard HTTP connections (non-SSL) (instead of the username and password over SSL).

  1. What information may the cookie not contain in order for this authentication to be secure?
  2. What information must the cookie contain in order for this authentication to be secure (e.g. protect against impersonation) and useful for (separate) access control? Describe and motivate the contents and how it can/should be used on the server.

Trackers [3p]

(Based on exercise 14.3 from Gollman.)
All statistical queries on the Students relation (Figure 14.4 [p257]) must have at least three tuples in their query set. Only AVG-queries are allowed on the attribute Grade Ave.

  1. Explain the difference between a general tracker and an individual tracker.
  2. Find a new general tracker and
  3. construct a tracker attack on Homer's grade average.

Secure email [3p]

Consider a high-security organization where all email uses S/MIME (encrypted and signed), and this is the only network service used.

Why would it still make sense for this organization to use IPsec - and how should IPsec be used? (If standard IP v4 is used without IPsec, which attacks on the email exchange could be performed?) Motivate and explain your answer carefully!

Nightmares [3p]

Suppose your worst nightmare has come true: your computer has been attacked from the network, and all your personal files have been deleted. You quickly disconnect the network, but instead of tearing your hair off, you keep cool and start thinking.

What should you do now? Explain and motivate each major step (don't go into deep details).

Updated  2005-10-13 16:57:04 by Björn Victor.