Final Study Guide

This is simply a guide of topics that I consider important for the final. I don’t promise to ask you about them all, or about any of these in particular; but I may very well ask you about any of these, as well as anything we discussed in class, in the discussion section, or that is in the readings (including the papers).

  1. Anything from before the midterm

  2. Elections and Electronic Voting

  3. Identity
    1. Users, groups, roles
    2. Host naming, DNS
    3. Certificates
    4. Anonymity

  4. Authentication
    1. Passwords (selection, storage, attacks, aging)
    2. One-way hash functions (cryptographic hash functions)
    3. UNIX password scheme, what the salt is and its role
    4. Password selection, aging
    5. Challenge-response schemes
    6. EKE protocol
    7. Biometrics and other validation techniques

  5. Access Control
    1. ACLs, C-Lists, lock-and-key
    2. UNIX protection scheme
    3. Multiple levels of privilege
    4. Lock and key
    5. MULTICS ring protection scheme

  6. Malware
    1. Types of malware
    2. Countermeasures

  7. Information flow
    1. Entropy and its relevance to information flow
    2. Static analysis
    3. Dynamic analysis
    4. Firewalls

  8. Confinement problem
    1. Principle of transitive confinement
    2. Sandboxes
    3. Virtual machines

You can also obtain a PDF version of this. Version of November 28, 2016 at 12:53PM