wieerwill/Informatik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
255531413d
Informatik/Systemsicherheit - Questions.tex
Robert Jeutter 17612cda85 collect questions
2021-07-27 14:33:27 +02:00

206 lines
8.1 KiB
TeX
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

\documentclass[10pt]{exam} % Doc : https://mirrors.ircam.fr/pub/CTAN/macros/latex/contrib/exam/examdoc.pdf
%\printanswers % Comment this line to hide the answers
\usepackage[utf8]{inputenc}
\usepackage[T1]{fontenc}
\usepackage[german]{babel}
\usepackage{amsmath,amssymb}
\usepackage[dvipsnames]{xcolor}
\usepackage{tikz}
\usetikzlibrary{fadings}
\usetikzlibrary{calc}
\usepackage{tkz-tab}
\usepackage{pgfplots}
%Format Header and footer
\pagestyle{headandfoot}
\header{}{\Large\textbf{Systemsicherheit}}{}
\headrule
\footrule
\setlength{\columnsep}{0.25cm}
\footer{}{Page \thepage}{}
\begin{document}
\begin{questions}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{Risks in Electronic Payment:}\hfill
From your personal experience: Which risks are involved in electronic payment systems?
Start with thinking about the vulnerabilities of todays methods, procedures, and mechanisms you are familiar with. Here are two possible scenarios:
\begin{parts}
\part Paying with a debit card (e.g. EC Maestro): starting with its use in a shop and ending with the money withdrawal from your bank account.
\part Home banking using a static (e.g. snail-mailed) or dynamically generated transaction authentication number (TAN), e.g. sent from your bank via SMS (mTAN) or using a smartphone app (pushTAN).
\end{parts}
What are the advantages of smart cards (such as your thoska), carrying a microprocessor for cryptographic computations?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{Buffer Overflow Attacks:}\hfill
Which vulnerabilities are exploited by a buffer overflow attack? How can you counter buffer overflow attacks? How could you at least mitigate the effects of successful buffer overflow attacks?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{Data vs. Information:}\hfill
\begin{parts}
\part What is the difference between data and information?
\part What are the consequences for systems security?
\end{parts}
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{Root Kits:}\hfill
Which special properties of root kits make them so extremely dangerous?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{NI: Dynamic Properties:}\hfill
Similar to HRU, an NI model is basically formalized through a deterministic automaton. Can we also use it to analyze HRU Safety (no matter if by proof or by simulation)?
If yes: How would HRU Safety for NI be defined (in prose)? If no: What extension of the NI model in the lecture would be required to enable Safety analysis?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{NI: Motivation:}\hfill
Which security problem do NI models address? Name two modern application scenarios where this problem is highly relevant!
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{BLP and Biba:}\hfill
What's the difference in terms of goals and formalism between the BLP and the Biba model?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{BLP: Lattice vs. ACM:}\hfill
\begin{parts}
\part Why does the BLP model contain both: (1) a lattice, which is mapped to subjects and objects via cl, and (2) an ACM?
\part What problem might occur from using both (1) and (2)?
\end{parts}
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{DAC vs. MAC:}\hfill
\begin{parts}
\part What is the difference between discretionary (DAC) and mandatory access control (MAC)?
\part What are the weaknesses of discretionary access control systems?
\end{parts}
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{TAM: Type System:}\hfill
How is the type system in TAM formally represented within the HRU-based automaton? Which parts of the type system may change during runtime?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{TAM: Motivation:}\hfill
What is the goal of the TAM security model?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{RBAC ACF:}\hfill
As with any AC model, the formal components of RBAC are designed to enable access control decisions. However, in the ACF definition of RBAC0 (which is the basis for ACFs of the other RBAC96 models), the component UA is not included. Why?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{RBAC Safety:}\hfill
How can we analyze RBAC safety? Which information is needed for this, and is it provided by RBAC96 models?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{IBAC vs. RBAC vs. ABAC:}\hfill
What is the key difference between IBAC and RBAC models? How about ABAC models then?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{HRU Safety Undecidability:}\hfill
Given HRU Safety is undecidable, what is the actual merit of this model? What can we do to handle the undecidability problem in practice?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{HRU: Unix Read:}\hfill
How do we model a read operation, such as for a Unix-OS file system, in HRU? Remember that this operation neither modifies the subject set, nor the object set, nor the ACM.
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{ACM vs. HRU:}\hfill
What is the idea that distinguishes an ACM from an HRU model? How is it formally represented?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{HRU: Output Function:}\hfill
Why does an HRU automaton not have an output function?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{Core-based Model Engineering:}\hfill
Assume you have to design the security policy for a very simple hospital information system, including
\begin{itemize}
\item users in roles such as physician, nurse, etc.
\item legal information flows between these roles
\item one operation to change a user's roles.
\end{itemize}
Re-use the model abstractions you know from chapter 3 to express this policy as a core-based model by answering the following questions:
\begin{parts}
\part Which formal components do you need beyond the actual model core? (2 sets and 2 relations should suffice!)
\part What is the core specialization?
\part What is the core extension?
\part What are possible pre- and post-conditions of the only operation?
\end{parts}
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{Common Model Core:}\hfill
What is the common model core shared by models such as HRU, DRBAC, BLP, Brewer-Nash, and NI?
\begin{solution}
\end{solution}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\question \textbf{Hybrid Models:}\hfill
Name the semantical concepts from AC, IF and/or NI models that can be found in
\begin{itemize}
\item the Brewer-Nash model
\item the LR-CW model
\item the the MLS-CW model.
\end{itemize}
Compare how these three models express allowed information flows according to the CW policy.
\begin{solution}
\end{solution}
\end{questions}
\end{document}
Reference in New Issue View Git Blame Copy Permalink