Extra Credit 1

Due: October 14, 2024
Points: 30

  1. (15 points) As encryption conceals the contents of network messages, the ability of intrusion detection systems to read those packets decreases. Some have speculated that all intrusion detection will become host-based once all network packets have been encrypted. Do you agree? Justify your answer. In particular, if you agree, explain why no information of value can be gleaned from the network; if you disagree, describe the information of interest.

  2. (15 points) Peter Denning formulated the principle of attenuation of privilege as “a procedure cannot access an object passed as a parameter in ways that the caller cannot.”1 Contrast this formulation to that of the principle of attenuation of privilege in Section 2.4.3, which states “a subject may not increase its rights, nor grant rights it does not possess to another subject”. In particular, which is the “subject” and which is the “[an]other subject” in Denning’s formulation?
          1. P. Denning, “Fault Tolerant Operating Systems”, ACM Computing Surveys 8(4) pp. 359–389 (Dec 1976). DOI: 10.1145/356678.356680.
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of September 24, 2024 at 2:17PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh