Homework #4

Due Date: March 17, 1999
Points: 200

  1. (20 points) A computer security expert claims that cryptography is all that is necessary to provide network security. Explain why this is false; in particular, explain why encryption protocols do not provide adequate protection in the absence of trusted hosts.
  2. (30 points)Following the approach we used in class, give security conditions for the case statement:
     1  case a of
     2    v1: S1;
     3    v2: S2;
     4    .
     5    .
     6    .
     7  vn: Sn;
     8  end;
  3. (40 points)Assume objects are statically bound to security classes.
    1. For the following program, illustrate the compile-time certification checks:
        1  program p1(k, m, f, g, h)
        2    var k: file class K;
        3    m: file class M;
        4    f: file class F;
        5    g: file class G;
        6    h: file class H;
        7    a: integer class A;
        8    b: integer class B;
        9    begin
       10        input a from f;
       11        input b from g;
       12        while b <> 0 do
       13        begin
       14            if a > 0 then output b to h;
       15            if b > 0 then output a - b + 1 to k;
       16      output b to m;
       17      input a from f;
       18      input b from g;
       19    end
       20  end.
    2. The following partial orders define 2 lattices:
      L1: C <= S
      L2: D0 SUBSETEQ D1 SUBSETEQ D3, D0 SUBSETEQ D2 SUBSETEQ D3
      Assume a lattice of security classes constructed from the cross-product of L1 and L2 and determine the security of the program in part a if:
      A = (S, D3)B = (C, D1)F = (S, D2)
      G = (C, D1)H = K = (S, D3)M = (C, D3)
  4. (60 points) Consider the intrusion detection system model, which consists of sensor mechanisms, analysis engines, and notification engines. Please generalize this model to cover all system auditing mechanisms.
  5. (50 points) The program lsu is a version of su that uses an access control file and the user's password to give access to shared accounts. It runs setuid to root on UNIX systems. On the web page is a tarball of the program lsu.tar. Download it and find at least 2 potential security vulnerabilities. You do not need to exploit it, but you must say how you could exploit it.

You can get this document in ASCII text, Framemaker+SGML version 5.5, PDF (for Acrobat 3.0 or later), or Postscript.
Send email to cs253@csif.cs.ucdavis.edu.

Department of Computer Science
University of California at Davis
Davis, CA 95616-8562


Page last modified on 3/2/99