CS5430 Homework 1: Basic Concepts
General Instructions.
You may (but do no have to) collaborate with one other student on this assignment.
If you do collaborate then
both students should form a CMS group and submit their paper to that group.
Both students are responsible for all of the answers.
Due: Sept 15, 2020 at 10:00am.
No late assignments will be accepted.
Submit your solution using CMS.
Prepare your solution as .pdf, as follows:
-
Use 10 point or larger font.
-
Put each problem into a separate file and submit it to the correct CMS
submission box for that problem.
-
Use at most 1 page per problem.
-
Give a definition/explanation for each of the following terms, as we will be using them in this class.
Use one or (at most) two sentences for each term.
- threat
- vulnerability
- trustworthy
- confidentiality
- integrity
- availability
- authorization
- authentication
- privacy
- trusted computing base
-
One way that contact tracing for controlling the spread of a disease
might be implemented is
to have a set of protocols whereby each person is informed after
they have come into contact with a contagious person, assuming
a contagious person will eventually register the earliest time he/she might have been contagious.
Many contact tracing protocols in this class employ a third party CDC
that maintains a database but might not be trusted.
- List the security properties that we should expect
will be satisfied by such a set of contact tracing protocols
in order to be accepted and effective.
For each property, identify whether it is confidentiality, integrity, or availability.
- Here is a proposed contact tracing protocol.
It uses an app installed on the cell phones that individuals carry.
Bluetooth communication in one cell phone is employed to
detect when that cell phone is within 6 feet of another
and is also used by the pair of cell phones to exchange messages.
The Internet is used by a cell phone to send an anonymous message
for posting on a database DB that a third party operates
and that any cell phone can read.
- Each cell phone generates a random identifier, on demand.
The chances that two cell phones will generate the same random identifier is negligible.
- Whenever cell phone A remains within Bluetooth range of another cell phone B for long enough then each
generates a new random identifier, they exchange these values, and they each locally store
a pair containing the contact time and the random identifier received from the other.
Cell phone A also maintains a separate list of random identifiers it has sent,
and adds to that list the random identifier it sent to B.
- If the owner of a cell phone A discovers that he/she is ill, then that owner enters into the app
running on A the likely time that the owner started to be contagious.
That app then sends to DB for posting those pairs
where the contact time is larger than the time
that was just entered into the app.
- The app running on every cell phone reads DB each day in order to see if any random identifier
generated by this cell phone is now posted.
If it is posted then the cell phone's owner is notified to quarantine.
Suppose Cornell's President (and CS faculty member!) Pollack
asked your advice about whether Cornell should mandate
students, staff, and faculty to run this app on their cell phones.
Tompkins County Health Services would provide DB.
For your analysis,
assume that all individuals who are participating
in this protocol are trustworthy and, therefore,
will report to the app if and when they became contagious.
What do you recommend to President Pollack and why?
-
What kinds of damage can be caused by an individual who is dishonest
(and therefore not trustworthy) but is participating in this protocol?