CS513 System Security

CS513 Homework 1: Thinking About Security

General Instructions. You are expected to work alone on this assignment.

Due Sept. 7, 2005 (Wed) at the start of class. Submit your solution on paper in class. No late assignments will be accepted.

To facilitate grading, format your solutions as follows.

Put your name and net id on each page of your solution.
Typeset your solution, using 10 point or larger font and use 8.5 x 11 inch paper.
Use at most one page (both sides, if necessary) for each problem (so what you submit comprises 3 sheets of paper).
Put each problem's solution on a separate sheet of paper,

Solutions that do not satisfy the formatting guidelines will be returned, ungraded.

Problem 1:

Post 9/11, the United States started searching airline passengers for bombs and other potentially dangerous material. More recently, in reaction to the Madrid and London subway bombings, other governments have started searching subway customers.

In all of these schemes, the cost of searching a suspect is significant and it is too costly to search every passenger. Some sort of sampling is then employed, which leads to a design choice about who gets selected for searches:

Select randomly among all passengers.

Select randomly among passengers satisfying certain predefined profiles.

Adopt (1) and you end up searching babies, grandmothers, and congressman; adopt (2) and you might only search males of a certain age and ethnicity.

Given a fixed budget for performing searches, which of (1) and (2) is likely to be more effective at decreasing the chances of successful future terrorist attacks on airplanes and/or subways.

Problem 2:

A host and guests are dining at a fancy restaurant, where they are served by a waiter. "In vino veritas" (Plato), so the host decides to purchase a bottle of wine to complement the meal. The protocol for purchasing that bottle in such circumstances typically involves the following steps:

Host tells the waiter the name of a bottle of wine.
Waiter brings to the table an unopened bottle of the named wine.
In the presence of the host, the waiter breaks the seal on the bottle, removes the cork, and pours a small amount into the host's glass.
Host samples the wine in that glass.
If the host finds the wine not spoiled then the host nods approval and the waiter pours the wine into the guests' glasses, then fills the host's glass, and leaves the bottle on the table.

This protocol has evolved because it ensures that certain properties are satisfied. For example, step (5) ensures that "only wine from the bottle is consumed by host and guest". What other properties is this protocol designed to enforce?

Problem 3:

[From Bishop, page 22] Classify each of the following as a violation of confidentiality, of integrity, of availability, or of some combination.
John copies Mary's homework.

John submits a copy of Mary's homework as his own.

Rhonda registers the domain name "AddisonWesley.com" and refuses to let the publisher by that name buy or use that domain name.