Midterm Exam. Problem 1: Short Answer Access Control –Subject, object, rights Common Criteria –Government Assurance Standard Originator Controlled Access.

Slides:

Advertisements

Similar presentations

Operating Systems Components of OS

Advertisements

Operating System Security

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

4/25/2015 6:17 PM Lecture 2: Voting Machine Study Access Control James Hook CS 591: Introduction to Computer Security.

Electronic Voting: Danger and Opportunity J. Alex Halderman Department of Computer Science Center for Information Technology Policy Princeton University.

Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.

By Varun Jain. Introduction  Florida 2000 election fiasco, drew conclusion that paper ballots couldn’t be counted  Computerized voting system, DRE (Direct.

1 J. Alex Halderman Security Failures in Electronic Voting Machines Ariel Feldman Alex Halderman Edward Felten Center for Information Technology Policy.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

1 An Overview of Computer Security computer security.

Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.

6/26/2015 6:12 PM Lecture 5: Integrity Models James Hook (Some materials from Bishop, copyright 2004) CS 591: Introduction to Computer Security.

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

Voting Naked: A Feasible Election System or Just a Recurring Nightmare Presented by: Danita McRae Daniel Bramell.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

SEC835 Database and Web application security Information Security Architecture.

1 September 14, 2006 Lecture 3 IS 2150 / TEL 2810 Introduction to Security.

Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,

October 22, 2008 CSC 682 Security Analysis of the Diebold AccuVote – TS Voting Machine Feldman, Halderman and Felten Presented by: Ryan Lehan.

Chapter 13 Processing Controls. Operating System Integrity Operating system -- the set of programs implemented in software/hardware that permits sharing.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

Computer Science and Engineering 1 Service-Oriented Architecture Security 2.

Issues Relevant To Distributed Security CSC 8320 Nidhi Gahlot.

Security Architecture and Design Chapter 4 Part 3 Pages 357 to 377.

Identity-Based Secure Distributed Data Storage Schemes.

Welcome to Introduction to Computer Security. Why Computer Security The past decade has seen an explosion in the concern for the security of information.

Module 15 Managing Windows Server® 2008 Backup and Restore.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Chapter 6: Integrity Policies  Overview  Requirements  Biba’s models  Clark-Wilson model Introduction to Computer Security ©2004 Matt Bishop.

Security Chapter 9 Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.

SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

TGDC Meeting, July 2010 Security Considerations for Remote Electronic UOCAVA Voting Andrew Regenscheid National Institute of Standards and Technology

11/26/2015 9:14 AM Midterm Grading Comments James Hook CS 591: Introduction to Computer Security.

November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:

Chap1: Is there a Security Problem in Computing?.

AUTHORS – X. NIE, D. FENG, J. CHE, X. WANG PRESENTED BY- PREOYATI KHAN KENT STATE UNIVERSITY Design and Implementation of Security Operating System based.

Csci5233 computer security & integrity 1 An Overview of Computer Security.

Creating and Managing Digital Certificates Chapter Eleven.

BY: CHRIS GROVES Privacy in the Voting Booth. Reason for Privacy Voters worry that their vote may be held against them in the future  People shouldn’t.

Electronic Voting: Danger and Opportunity

Network Security Introduction

INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.

CS426Fall 2010/Lecture 211 Computer Security CS 426 Lecture 21 The Bell LaPadula Model.

Basic Security Concepts University of Sunderland CSEM02 Harry R Erwin, PhD.

Network Security Celia Li Computer Science and Engineering York University.

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

CS 395: Topics in Computer Security

Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.

Security Shmuel Wimer prepared and instructed by

Improving Reliability of Direct Recording Electronic Voting Systems

Mumtaz Ali Rajput +92 – INFORMATION SECURITY – WEEK 5 Mumtaz Ali Rajput +92 – 301-

LINUX SECURITY Dongmei Wu ID: /25/00.

ONLINE SECURE DATA SERVICE

Operating System Concepts

Security in SDR & cognitive radio

Chapter 4: Security Policies

Presentation transcript:

Midterm Exam

Problem 1: Short Answer Access Control –Subject, object, rights Common Criteria –Government Assurance Standard Originator Controlled Access Control –Not RBAC Capability based access control –Associates a list of objects and rights with each subject (dual to Access Control List) Storage Channel –Unintended communication channel; for example locking mechanism in kernel

2: Information Flow 6 programs computing –H := l –L := h –L := not h (or running forever) A) Desired/undesired: –Desired H := l[2, 4] –Undesired L := h [1, 3] L := not h [5, 6]

2 cont B) Direct/Indirect –Direct: 1,2 –Indirect: 3,4,5,6 C) Typable/untypable –Typable: 2, 4, 6 –Untypable: 1, 3, 5

2 cont D) Simple Security and Containment –Answers varied depending on assumed context [h] |- l := hviolates containment [l] |- l := h violates simple security –I was looking for discussion of the termination channel in 5 and 6 –By my analysis 6 does not violate either property To prevent 6 another property would be needed

2 cont E) Termination channel –Both 5 and 6 leak information via a termination channel –Type system does not detect this F) Termination requirement –This does fix problem

3) Voting Policy Confidentiality –Secret Ballot Integrity –Accurate count Availability –Eligible voters can vote in a timely manner

3 cont B) Vote stealing compromised task manager to launch an additional process that altered votes C) Violates integrity D) DOS could wait for election day and then crash machine E) DOS violates availability

4 Integrity Models A)Answers vary; typical: Boot LoaderT Op SysA Task ManagerA Voting S/WA Vote TallyO

4 cont B) Limit integrity level of files on removable media to level authenticated on smart card C) Show each operation feasible by informal argument

4 cont D) Prevent Felten: Felten attack required replacing boot loader and systems software at levels A and T in new model. Propagation required overwriting software at levels A and T by an election official. Integrity policy together with authentication mechanism prevent initial attack by untrusted personnel and inadvertent viral propagation by election official

4 cont E) Critique: internal? External? –Answers varied considerably –Expected answer External threat reduced (but not eliminated) Internal threat not addressed –Malicious code introduced by trusted entity still is a concern –Devious behavior by a T or A can arbitrarily corrupt results

4 cont F, G & H) Answers varied considerably –Clark-Wilson would require vote be logged and the log must include the identity of the voter –This violates expectations of a secret ballot –Voter verified paper trail is an example of a transparent mechanism that balances integrity and confidentiality

Distribution Curve by: F(x) = (x/2) + 50