TSIT02
(a) Describe what two-factor authentication (2FA) is. (b) A hacker sets up an attack where he/she randomly sends carefully crafted emails containing malicious links to previously well-researched targets. By clicking on the link the target is taken to a fake website that mimics his/her online bank. Simultaneously the hacker tries to log in to the bank using the target's credentials. This asks for the target's 2FA confirmation in their phone, which they then type in the fake website. This 2FA information is then sent to the hacker, who then enters it in the real bank's site, which then allows the hacker to access the target's bank account. What general class of attacks is being used here to trick the target into trying to log to the bank and giving his 2FA information? (c) Can improvements in 2FA technology block this type of attack completely? (d) What is the best protection against such attacks?
(a) 2FA is an authentication method that relies on two distinct pieces of evidence, i.e. password and fingerprint. (b) Social Engineering (c) Not really, since the target is tricked into providing his extra authentication factor to the hackers. (d) Educating the users not to click on suspicious links.
Decide for each of the security breaches below if its immediate damage is best classified as C, as I or as A. Please note that it is the direct, first effect on the victim's data for the described event that is to be classified, not any possible further damage due to the event. If you are in doubt, do not just write C, I or A, but also motivate your choice clearly. (a) A DDoS attack hits your site. (b) A keylogger sends your key strokes to an outside address. (c) A worm sends spam from your site using your e-mail account. (d) A virus establishes itself in your program library. (e) A user logs in with correct user-ID and password on a phishing site instead of the e-bank site. (f) An activist defaces your official company webpage with unwanted text and links.
(a) A DDoS attack is typically causing damage to Availability, A. (b) Information surreptitiously sent to an outside address is C, Confidentiality. (c) The e-mail is sent in your name, which is the wrong name, thus I, data integrity. (d) A virus writes itself into your library without permission, which is a breach of I, Integrity. (e) The user has revealed the correct user-ID and password to somebody else, C, Confidentiality. (f) Unauthorised changes to a webpage are I, Integrity.
One protocol for authentication in computer networks is Kerberos. (a) Who are the participants in a Kerberos exchange? (b) Who is authenticated in a standard Kerberos session, and how is this done? (c) What does the whole Kerberos protocol end with, what is shared in the process? (d) Who share this data item?
(a) A client, a Kerberos (authentication) server, an access-granting (authorization) server, and a service server. (b) The client is authenticated. The client requests a session key (for the access-granting server) from the Kerberos server. The server responds with a key, encrypted with the client's password. The client can decrypt this only if he knows the password. (c) The process results in a shared key with a limited lifetime (a "ticket") (d) This is shared between the client and the service server.
(a) Why do you need asymmetric algorithms in order to create a digital signature? (b) What is the name of the most widely used asymmetric algorithm used for digital signing? (c) Why is the signature normally performed on a hash of the message and not on the full message? (d) What is the most stringent security requirement for these signature hashes called, and what does that condition really mean?
(a) A digital signature should only be possible to create for one person and should be checkable by everyone. Therefore, a symmetric-key system cannot be used, because in such a system, anyone who can check a MAC (not "signature" in symmetric systems) can also create the MAC. In an asymmetric-key systems you sign with your private key, and everyone can check the result with the corresponding public key. (b) RSA or DSA are often used for this. (c) Since RSA (and DSA) is slow when signing large messages, only the hash of the message is actually signed. (d) But then an attacker mustn't be able to exchange a signed message with another message with the same hash and thus the same signature. So these hashes must be "collision resistant", which means that it must be computationally hard to find pairs of messages having the same hash, even though these pairs exist.
RSA is a different type of algorithm, that for example can be used for digital signatures. (a) Why can it be used for digital signatures, and why cannot DES (or its successor) be used to create or verify digital signatures? (b) What key length is currently recommended for RSA encryption? (c) To create and verify signatures is computationally expensive if done on an entire message. For this reason, a message is shortened by using a hash function to shorten the message into a "hash". A hash function to be used in signing must fulfill a particular requirement, to be secure. What is this requirement, precisely?
(a) A digital signature should only be possible to created by only one subject. But DES is a symmetric algorithm where both sender and receiver(s) have identical keys. Therefore, if you use DES, if you can verify a tag for a message, you can also create it (=a MAC). (b) The recommended minimal key length for RSA is presently 3kbit. (c) A hash function needs to be "weakly collision resistant", that is, it must be difficult to find another message m_0 given the message m so that h(m_0) = h(m).
(a) Is a firewall a useful tool in defence against DoS attacks? Describe shortly how it can be used or motivate why it is irrelevant for that specific threat. (b) Is an IDS a useful tool in defence against DoS attacks?
(a) A firewall can block offending sender sites, once you have identified them,A firewall can block the port used by the DoS attack, disabling this service, but keeping the rest going, and allowing the internal network to operate without disturbance. (b) An IDS can detect probing and identify probing sites, so that they can be blocked. It can detect attempts at finding and using a known vulnerability for an attempt to crash the system. If you realise that a bot infected computer taking part in a massive DoS attack is blocked for its user and thus itself a DoS victim, you can argue that finding bot software on your computer or traces of its activity is also a DoS defence.
(a) Give a short description of an access control list (ACL) and what it is intended to do. (b) Why are ACLs necessary? (c) Explain one technique that can be used to keep ACLs short and efficient.
(a) An ACL normally lists users' permissions to Read, Write and Execute the object. (b) ACLs are necessary to ensure the correct distribution of permissions among different users in the same network/environment. (c) Users can be divided into groups with the same permissions, thus diminishing the length of the lists and often the necessity to change many ACLs when a user changes working duties (just edit the group list, not all relevant ACLs).
(a) Which formal security model covered in the course handles only confidentiality? (b) Describe the "simple" criterion. (c) Describe the "star" criterion.
(a) Bell-LaPadula (b) Simple security property: A subject may read object only if the security level of the subject is greater than or equal to the security level of the object (c) ∗-property ("star"-property): A subject may write to an object only if the security level of the subject is less than or equal to the security level of the object - The standard mnemonic for this is "No read up—No write down"
You own the store FooStore. The inventory can be updated by all employees through the cash registers. Deliveries are entered by Claire, Bob, and Elsie. Spoilt goods is deducted by these three and Dave. Price changes are made by Edward and Elsie. You handle new items and campaign prices. You now want to protect the data against unauthorized changes. (a) Can this be modelled with the Biba model? Why or why not? (b) Or is a Chinese Wall model description perhaps more appropriate? Why or why not?
(a) Biba concerns integrity, and has rules about writing, so Biba seems appropriate. The model is hierarchal, so the question really is if the access structure forms a hierarchy. Here, you have two kinds of data (number of items in store, and price) and a few user groups that can write to the two. The hierarchy is difficult to adapt, so both "yes" and "no" are accepted as long as the discussion contains the two mentioned items. (b)The Chinese wall cannot be used. It concerns confidentiality, and the relationbetween compartments of data. Here all data is available, since confidentialityis not the goal.
(a) For Code-based access control, name three sources of evidence for access control decisions. (b) What does the execution environment use to keep track of the current permission, as it changes across subroutine calls?
(a) Code origin, code signature, code identity, code proof (b) An extended stack that contains permission information
(a) Why is cryptography only considered a specific tool and not a more general solution? (b) Describe what is Kerckhoff's principle. (c) What is the main difference between asymmetric and symmetric cryptographic systems?
(a) Cryptography does not take into account social aspects, and as such does not yield protection against social engineering attacks for instance. It also only ensures protection against specific scenarios, and security fails if an attacker is able to circumvent these conditions. (b) A cryptosystem should be secure even if everything about the system, except the key, is public knowledge (c) The main difference is in respect to the keys employed. In symmetric systems, the legitimate parties encrypt and decrypt with the same key, while asymmetric systems have different keys for encrypting/decrypting, and they are not shared among the parties
DES (Data Encryption Standard) is outdated because of the short key length, and has been superseded by another more modern standard algorithm of the same type. (a) What is the new algorithm called? (name and abbreviation) (b) What type of algorithm is it? (c) What least key length is recommended for this algorithm type?
(a) DES was superseded by AES, the Advanced Encryption Standard. (b) DES and AES are symmetric (block)cryptos. (c) The recommended minimal key length for a symmetric key system is presently 128 bits.
(a) An attacker with access to the unsalted password hashes can perform an attack that uses a space-time tradeoff to break many hashes. What is this method called? (b) Describe the steps involved in performing this attack on unsalted, hashed passwords. Why is it called a time-space tradeoff? (c) What is a salt? How is a salt generated? Describe how a salt defeats the typeof attack asked for in question a). (d) Should the salt be kept secret?
(a) Dictionary attack. (b) First, take a dictionary of common words. Then, take the hash value for each word in the dictionary and store it. Next, compare the hashed password to the hashed dictionary words. If there is a match, you found the password. It's called a time-space tradeoff because it re-duces the time necessary for the attack at expense of needing more space. (c)A password salt is a randomly generated string that is unique for each user. It is appended to the password before hashing. In this way, even when using a common word for a password, the salt ensures that the resulting hash value can't be compared to a dictionary. (d) There is no need for the salt to be secret. It is usually stored in open, next to the salted hash. The point of the salt is not to be secret, but simply to defeat the dictionary attack by slowing it down. Remember that an attacker with access to hashed passwords probably also has access to the salts anyway!
Fingerprints, irises and handwritten signatures are properties used for biometric identification of users. What is meant with (a) enrollment, (b) false rejection rate and (c) false acceptance rate? Describe three important properties of biometric authentication methods which are different from other ways of authenticating users.
(a) Enrollment is when a user first is registered as a user and the biometric features are capture and stored in the user database for the first time. (b) False rejection rate is the probability that a legitimate user is declined access. (c) False acceptance rate is the probability that an unauthorized user is granted access. (d) A biometric feature is inseparable from the body of a person. It can not be removed or is at least very difficult to remove. Biometric properties are not constant and thus every capture of the property will be different. There will be scale to how close a capture feature is to the value captured during enrollment. In contrast with passwords which are either correct or incorrect. Some persons lack specific features e.g. not everyone hasa fingerprint (may not even have a finger). Everyone can get a password.
(a) Briefly describe the "inference problem" in database security. (b) (b) What is a direct attack? (c) What is an indirect attack? (d) Give an example of a direct attack. (e) What is a tracker attack? (Från föreläsning) (f) What is linear system vulnerability? ( Från föreläsning)
(a) The inference problem is that sensitive information can be derived from insensitive data (b) A direct attack is using a small sample so that information leaks directly (c) An indirect attack combining several aggregrates to infer information (d) An example is creating a database question that asks for the average grade (say) for a group, and selecting the group so narrowly that only one individual is in the group. Since there is only one person, the answer will be the grade of that person. (e) A tracker attack is a particular type of indirect attack which is present in most statistical databases (f) A linear system vulnerability is an algebraic relation between query responses
Decide for each of the security breaches below if its immediate damage is best classified as C, as I or as A. Please note that it is the direct, first effect on the victim's data for the described event that is to be classified, not any possible further damage due to the event. If you are in doubt, do not just write C, I or A, but also motivate your choice clearly. (a) Someone obtains your PIN by looking over your shoulder while you are making a purchase with your credit card. (b) Your computer is hit by ransomware, and with it, you receive an "offer" to remove it by paying up 150 USD worth of bitcoin. (c) All access to your website is routed to a copy of yours, owned by a malicious party, due to DNS cache poisoning. (d) A nurse intentionally falsifies patient data to harm the hospital. (e) An Internet service provider technical support line is overloaded due to widespread technical problems over the network. (
(a) Information is obtained from you, breach of confidentiality C (b) You cannot access your data unless you pay up, availability A (c) Your website cannot be externally accessed, availability A (d) Patient data is modified, integrity I (e) The technical support line is not accesible, availability A (f) Customer data is leaked out, breach of confidentiality C (g) Your password is discovered, breach of confidentiality C (h) The power plant can no longer produce output power, availability A (i) Information you type is transmitted to a third party, confidentiality C (j) You cannot access your data, availability A (k) Your data is modified, integrity I (l) Some of your personal data gets leaked, confidentiality C
(a) What is a botnet? (b) Why can a botnet be assembled relatively easily? (c) What can be done to minimize the risks new botnets are formed in the future? (d) What is the most common type of attack performed by a botnet?
(a) It is a network of hijacked devices, typically routers and webcams, that can be controlled to send traffic at a specified target. (b) Due to devices being mostly unpatched, default passwords, etc... (c) Build devices having better security features, implement automated patching, ship devices with extra features disabled by default etc... (d) A (distributed) denial-of-service attack.
(a) What is the consequence of using short key lengths for encryption algorithms? (b) How large is the key-space of a k-bit long key, but when only y (where y < k) bits per key are actually random? (c) How should the first key exchange between two users take place? (d) Why are third-party key servers important?
(a) It is more likely the key can be guessed and the encryption broken. (b) 2^y possible keys (c) Via a trusted courier (or a personal meeting) (d) Key servers can authenticate different users without them having to meet beforehand.
Hash functions. (a) What does "collision resistance" mean in the context of hash functions? (b)What does it mean that it is hard to find a preimage in the context of hash functions? (c)When storing password lists, it is recommended to use a hash function. In what way? What type of attack does this protect against? (d) In addition to using a hash function when storing passwords, it is recommended to also use a salt. What is a salt? What type of attack does it protect against?
(a) It should be difficult to find two inputs that produce the same hash value. (b)Given y it is difficult to find x so that h(x) =y for a hash function h. (c)It means hashing the password before storing it. If the password database leaks, the attacker won't immediately have the passwords of all users.Often, users use the same password in multiple sites, and the attacker will be prevented from easily using the same password on those sites. (d) A salt is a random but publicly known bit string that is added to the password before it is hashed. The password database will then contain the username, salt and salted+hashed password for each user. Salting prevents the attacker from computing rainbow tables for known hash functions, otherwise the same password will give the same hash value over many servers.
(a) What is the main difference between whaling and phishing? (b) Mitigation of social engineering attacks has to be done through three main fronts: Policy, Awareness and Technology. State one action to be done in each front by the security administrator.
(a) Phishing is targeted randomly at many different people hoping that at least one will fall for the attack. Whaling on the other hand, is a custom-made attack directed at a specific target, typically a high-ranking employee at an organization. (b) Policy: State the rules through a company-wide policy: i.e. "Never click on links sent by external emails". Awareness: Teach common social engineering attacks to all employees. Technology: Authentication, digital signatures, etc...
The Access Control Matrix (ACM) is a matrix which shows the full relation between all subjects and objects in the system. (a) Why does no real system use the ACM? (b)If we instead give a "per subject" list of which objects that that are permitted, what is that called? (c)In the course we have also talked about formal models for access control, two examples of which are Bell-LaPadula and Biba. These models have a drawback in that they are complex and expensive to implement. Why then, would one use such a formal model? Describe (don't just list) the advantage.
(a) The ACM has one row for each subject and a column for each object.In any real system, such a matrix will become extremely large and will be very inefficient. (b) Capability list. (c) A formal model gives a testable approach and a security theorem.Therefore, as soon as the requirements of the theorem are fulfilled we can be sure the system will remain secure.
Cookies are used to perform many things, including authentication in web pages. Often, an attacker wants to steal the contents of a cookie in order to steal sessions. (a) The attacker wants to steal the cookie by injecting code in the response from the server. What is this attack called? Give both the three-letter abbreviation and the full name. (b) Give two defenses against the attack described in a). One defense should be server-side, one defense should be client-side.
(a) The attack is called XSS, Cross-Site Scripting (b) Client-side defenses include disabling JavaScript or using NoScript. Server-side defenses include sanitizing inputs, improving authentication and improving access control, so that it becomes harder to steal user credentials through the same-origin policy
What are the two basic types of IDSs (give short descriptions) and why do you typically need both types in a large internal network?
- An HIDS looks at the activity at a host, trying to find signs of an attack and raising an alarm if there are such signs. - An NIDS looks at the activity of the network, both local network and connection points to the net, trying to find signs of an attack and raising an alarm if there are such signs. - You need to monitor activity both on hosts, and on the network
In the design of the operating software of an optical time domain reflectometer (OTDR), an equipment designed to perform fault measurements along optical fiber lines, there is considerable amount of development time to properly optimize the operational and calibration parameters to ensure the proper functioning of the OTDR. (a) In order to ensure that the end users do not accidentally alter these parameters while using the equipment, how should the permissions be set for the user with respect to the system? (b) What is this security model called? (c) Which of the different C, I or A is it concerned with?
(a) The permissions should be set such that the user can only read the configuration parameters, but not alter them. Also the system should be set such that it cannot read the user files, to avoid contamination. Basically: "No write up - No read down". (b) This security model is called Biba. (c) Biba is only concerned with integrity
One of the three properties of a threat is used in quantitative risk analysis to determine if it is worthwhile to protect an asset from the threat. (a) What property of the threat do we need to know to do quantitative risk analysis? (b) What is the formula for (simple) quantitative risk analysis. (c) What do the different variables mean, and where do they enter in the chain "threat-vulnerability-damage"?
(a) The probability or frequency of the threat (b) The formula is "install the countermeasure if k < f_b * s_b − f_a * s_a" (c)The parameters are the cost k of the countermeasure, which is determined from what the weakness is, f_b is the frequency or probability before the countermeasure, f_a is the frequency or probability after, s_b is the damage cost before countermeasure, and s_a is the damage cost after. The threat is still there after installing the countermeasure, but the frequency will change.
A company in the US sued their bank after having been targeted by a Trojan horse that enabled the creator of the Trojan to transfer several hundred thousand dollars of the company's funds to his own account. The company filed the lawsuit because they thought the bank security was too weak. The court, however, noted that the security was state-of-the-art and also that the bank used two-factor authentication, because customers need to log on to the service with one password, and then give a different password for large transactions. (a) From a technical standpoint, what is wrong in the argumentation of the court? (b) Passwords are an example of a more general authentication mechanism, which? (c) List at least two different serious weaknesses with this mechanism, in addition to eavesdropping from a Trojan horse. (d) List two different ways to reduce these weaknesses. (e) What are the two other general mechanisms fo
(a) This does not count as two-factor authentication, because it uses only one of the three main kinds of authentication (b) "What you know" (c) Passwords can be guessed if they are words or are related to the user, and can be found with exhaustive search if they are short. (d) Search in a word list, exhaustive search of short passwords (e) "What you are" and "What you have" (f) Fingerprint, iris, and physical key, pass card, credit card.
(a) Why should only password hashes be stored and not the plaintext password itself? (b) Should a slow or fast hash function be used? Why? (c) What is salting? (d) If x bits are used for the salt, how much larger should the dictionary table be? (e) Should the salt be random? (f) What is the single best way to ensure users are protected against any password attack or leak in the near future?
(a) To avoid direct access to the passwords if the password list is compromised. (b) A slow function in order to make it harder to pre-generate hash tables (c) It is the addition of an extra random string to the password before hashing. (d) 2^x times larger (e) Yes (f) Use a long and truly random password.
(a) In an online forum why should the text provided by the different users be sanitized? (b) What should a programmer be aware of when writing a program in low-level language (i.e. C) regarding user input? (c) Why is database security more complex than standard file security? (d) What is an inference attack? (e) Why is it critical that a patch is installed as soon as it is made available?
(a) To prevent malicious code from being run when other users view the forum. (b) To check for inputs to avoid buffer overruns. (c) Because the information is contained in the relations, and it is difficult to predict all possible relations in a complex database and how to control access to each of them. (d) An inference attack is when information is extracted combining many indirect queries. (e) Most attacks appear shortly after a patch is released (after the hackers have had the time to reverse engineer it).
(a) Name the three possible actions on a file in access control in Unix. (b) Which user by default has the highest possible access privileges in Unix and in Windows. (c) Why should users be categorized in groups? (d) Why is the possibility to quickly revoke privileges a necessity? (e) In these cases why can TOCTTOU be an issue?
(a) read, write and execute (b) Root in Unix and Admin in Windows (c) To simplify access control (d) If a user should no longer have access to the system, his privileges need to be quickly removed in order to physically blocking him from accessing the files and the system. (e) After his privileges have been revoked, he can still access the system until his access rights are checked again.
(a) What basic property is needed for a secure cryptographic hash function? (b)Even if the hash function has this property, checking the hash of some down-loaded document is not enough to guarantee that it is not manipulated intransit. How is authenticity guaranteed? There are two types of systems, and each gives one point.
(a)Collision resistance: it should be difficult to find another message that hash to the same value. (b) - A secret must be added, something known to only the sender or receipient. This woud give a MAC, which is a secret-key system. - Alternatively, a public key system can be used to sign the hash value.This is known as a digital signature.
Default configurations are often weak, which has been shown by the recent Mirai botnet. Attackers can exploit insecure default configurations by, for instance, scanning the net for passwords such as "admin" or "default". The first step of hardening a system is therefore to disable insecure accounts and passwords. Give two additional things that should be done when setting up a new system in order to harden the configuration.
- Configuring all security mechanisms - Turning off all unused services - Logging and alerts - Keeping software updated
There are three major categories of methods for user authentication. Which are the two categories (not specific examples of methods) most commonly used? Which is the third category for methods to authenticate users? Give an explicit example of a method that fits in each of the three categories. Examples from the third category have balance problems that do not exist for the other two categories. What two values must be adjusted to the requirements of the application, when you use this authentication category, and why does a change in one of these two values normally cause a change also in the other?
- Most used is "What you know", which can be passwords, PINs etc. Cards and tokens are examples of "What you hold/have/carry", the second category.Both are used in combination at ATMs. -The third category is "What you are" or biometrics. This can be fingerprints, iris patterns, handwritten signatures. -These suffer from the possibility of false acceptance or false rejection, since no two measurements are ever exactly the same. -If you have severe restrictions on the possible variation, you will reduce the risk for false acceptance, but raise the risk for false rejection, and vice versa if you allow for more variation between two measurements.
Why was the Clark-Wilson formal security model created? The lectures give two reasons, please mention both. Briefly describe a "Clark-Wilson triple".
- The relative importance of Confidentiality versus Integrity differs between military and commercial applications — in commercial applications, Integrity is more important, to prevent fraud and accidental losses - Even trusted (trustworthy?) users make mistakes - A Clark-Wilson triple consists of (subject,object,tool): authenticated principals, data items (constrained and unconstrained), and permitted operations
What three entities must exist for a risk to exist?
- Threat: the cause of damage to asset(s) - Vulnerability: the unwanted system property that enables the threat -Damage: the adverse effect of an unwanted event
What is whitelisting and blacklisting. Which one should you use as a system administrator?
- Whitelisting is having a list of people allowed to access the system. Blacklisting is the converse, that is, the list of people that cannot access the system. - It is safer in general to employ a whitelist strategy, as it is ensured that only authorized people can access the system, even if that causes some annoyances to the legitimate users.
Why should inputs entered at a web form be sanitized? Give one example of an attack possible if inputs are not sanitized.
1. If inputs are not verified, an attacker can get malicious code to run at the server by cleverly injecting commands at the input. 2. SQL injection
You have a mobile phone and want to connect to a base station. How does the base station agree on a shared secret key with your mobile device, in GSM? The base station never learns the basic device key, and thus cannot clone the device.But the base station can still be a threat in some scenarios. What is the weakness?What step/service is missing in GSM to form this weakness, but is added in UMTS?
1. Mobile phones share their secret customer key ki with the home network. 2. The phone sends its ID in clear to the home network. 3. The home network creates a random number RAND, retrieves the customer key ki, and creates with these two values a check value RES and a temporary key kc. 4. RES, RAND and kc are sent to the visited network, which keeps RES and kc and forwards RAND to the phone. 5.The phone uses RAND and ki to reconstruct RES and kc and sends RES to the visited network. If the two versions of RES match, the visited network accepts the phone and uses kc for encryption of the rest of the session. This opens up an opportunity for a "man-in-the-middle" attack, since thevisited network does not authenticate itself to the home network or phone.Thus a false base station can ask a phone to switch off encryption entirely,or make the phone use a key known to the attacker. In UMTS the key isauthenticated, so an eavesdropper on the radio part cannot make the phoneaccept a key not sent by the home network.
What is a TCP SYN flood?
A large number of TCP connection requests that intends to overwhelmthe recipient.
Would a firewall protect against DDoS attacks, or would it make it more vulnerable?
A packet filter firewall in itself matches the source address, recipient address and port number of the packet with its internal set of rules. No provisions are made on the rate of packets. Therefore, the packet filter firewall makes no difference in case of DDoS attack.If the administrator adds a new rule to the firewall, blocking the originating addreses, then a firewall can protect against DDoS. This answer, however, must say that this can only be done manually by the administrator (or automatically by an IDS) to give full credit.
What cryptographic method is used in DNSSec to protect DNS records? This typeof protection needs a trust chain, where does the chain start in DNSSec and how does it reach the client node? What confidentiality issue is seen as a problem inDNSSec?
DNSSec uses digital signatures to protect DNS records. The trust chain starts at the DNS root and travels down the name server hierarchy to the client node.Many feel their network structure is confidential, and are worried that this can be easily retrieved in DNSSec.
In Swedish law, why is an e-mail without a digital signature cannot be considered an "urkund"?
Among other requirements, an "urkund" must be reliably verifiable. A mere e-mail isn't verifiable by itself, however with an e-mail signature this becomes possible.
Would an IDS protect against DDoS attacks, or would it make it more vulnerable?
An IDS can detect an attack but not take measures against it. It is up fora human operator to stop the attack. An IDS does therefore not make a difference in case of a DDoS attack.
If Kerberos is used for single sign-on, the user password is never sent in any form, neither as plaintext nor encrypted, over the network at logon. How does a servicetest that a user knows the password of the stated identity (and thus indeed has that stated identity)?
Because the requesting user can present a ticket issued for the requesting client's identity, a ticket which contains the user ID and a session key encrypted and issued by the Kerberos system. In addition the requesting user can encrypt and decrypt messages sent with this session key, and the service knows that another Kerberos level has ensured that only the correct user knows this session key's value.
The course starts by defining that computer security is about ensuring the CIA criteria for data. Explain in one short sentence for each (one for C, one for I and one for A) what word the letter stands for and what requirement for data that the word refers to. (Hint: If you use the word "access" for more than one criterion, you probably have missed at least one point.)
C: Confidentiality. Only authorized users can read these specific data. I: Integrity. Only authorised users can enter or alter these specific data. A: Availability. Authorized users can always access these data when they need to.
Describe for each item what "CIA" stands for. Also give an example of threat that only applies to that specific category.
Confidentiality: Phishing is an attack that only reveals confidential data as primary damage(users' credentials like user ID and password). You send outa message, telling users to go to a webpage of your design and log in there. Collection of data does not influence data integrity or availability. Integrity: Web site defacements (altering contents of web pages) is a data integrity only offence. There are standard hacker tools using well-known and often not amended security holes to get editing access to the victim's web server. Just changing data on a web page will not reveal any secrets and the victim can still access data. Availability: Denial of Service attacks are directed only at availability. Can be achieved through flooding the victim with connection requests, then normally with the help of lots of infected computers. These events do not spread secrets and do not change the victim's stored data.
Would an IPSec deployment protect against DDoS attacks, or would it make it more vulnerable?
IPSec requires the recipient to perform calculations and store session data.Therefore, an IPSec deployment can make a DDoS attack worse. However, if the IPSec deployment includes a cookie mechanism this weakness can be mitigated and even protect against DDoS.
In both Windows and Unix systems, the system administrator account can modify a user's password. Can the administrator also read the user's password? Why/why not?
In both Unix and Windows, reading passwords has nothing to do with permissions. It is instead protected by being salted and hashed, and no administrator privileges can break a cryptographic one-way function. In other words, the protection is due to mathematics which not even the root/admin user can break.
How do you create a true digital signature with a fixed length? What is the difference, in creation and in what security it provides, between a true digital signature and a crypto-based checksum like a MAC?
In order to have a fixed size you must first pass the message through a (collision resistant) hash function. The result is then transformed with asymmetric encryption using the private key, like for RSA, or is transformed in a specific asymmetric signature algorithm like DSA. For crypto-based checksums you use symmetric methods and normally chaining like CBC with DES or AES.Such checksums protect against interference from third parties, but they do not prove which version is correct, if sender and receiver have different claims on what was sent. Authorities cannot even check if any version has a correct checksum, if the sender or receiver does not give away the key and thus at the same time the possibility to create checksums for new messages. True digital signatures can only be created by the sending party, but can be checked by everyone.
In a statistical database, a group of three is too small to conceal numerical values.This is true even if you only are allowed to query about MAX, MIN, and AVERAGE.Why?
One value is given by MAX, the other by MIN, and the third can be obtained from the formula 3×AVERAGE-MIN-MAX.
Draw a diagram of Kerberos and briefly describe each participant. What secrets are shared between the participants? What final data item does the client gain in the process?
Se figur tenta 170112 The client Cliff wants to connect to a server Serge. He first contacts the authentication server (or trusted authority) Trent and then the access-granting(authorizing) server Grant, and then he can get access to Serge. •There are shared secrets between Cliff and Trent, between Trent and Grant, and between Grant and Serge .•The end result is that Cliff holds a ticket that he can present to Serge to getaccess to the service provided.
Access control is often simplified by using groups. But groups can cause an ambiguity interpreting privileges, requiring new rules. The course mentions two different main principles for such interpretations. Describe them shortly and also explain how they relate to the use of the negative privilege "None"!
Since users can belong to several groups with different permissions, and can also have individual permissions, you must decide what then applies.One principle is "first relevant entry", which means that access is allowed or denied according to the first entry in an ACL, which applies to the user. The other main principle is "any permission", which means that if there is any record in the ACL, which allows access for the user, then access is allowed. If you use "first relevant entry", you can allow entry for an already existing group, but exclude one (or more) single user by adding a "none" entry for that user before the group entry in the ACL.
-r-xr-sr-x 1 charlie acct 70483 2008-01-04 22:53 accounting.so -r--rw---- 1 alice acct 139008 2008-05-13 14:53 accounts.db -rwxr-xr-x 1 system system 230482 1997-04-27 22:53 editor -rw-r--r-- 1 alice users 7072 2008-06-01 22:53 cv.txt -r--r----- 1 bob gurus 19341 2008-06-03 13:29 exam.pdf -r--r----- 1 alice gurus 6316 2008-06-03 16:25 solutions.tex Unix users alice and bob are both members of only the group users, while charlieis a member of only the group gurus. Application editor allows users to read and write files of arbitrary name and change their permissions, whereas application accounting.soonly allows users to append data records to the file accounts. Draw up an access control matrix with subjects{alice; bob; charlie} and objects{accounts.db; cv:txt; exam.pdf; solutions.tex}that shows for each combination of subject and object whether the subject will, in principle, be able to read (R), (over)write (W), or
The editor allows all users to write and read to the files with that permission. The accounting.so application has a setgid bit in addition to an execute bit set for all users. Therefore, all users executing accounting.so can append to files with the same permissions as a user in the acct group. Therefore, all users can append to accounts.db. Access control matrix. accounts.db cv.txt exam.pdf solutions.tex Alice RA RW - R Bob A R R - Charlie A R R R
List the three major categories of methods for user authentication, and give an example of each. Which two are most common?
What you know (PIN, password), what you have (key, credit card), and what you are (fingerprint, signature). What you know and what you have are the most common.
The most common method of defending against CSRF attacks is to use a token.Describe what properties we require of the token and the basic steps the server and client take to generate and validate the token.
When the server generates a page, it generates a token. This token is unique for the client's session and must be hard to predict. In addition, it must be short-lived. The server stores the token in the client's session and inserts the token as a parameter into the links in the page.When the client submits a request, the server verifies that the token ispresent, that it matches the client's session, and that is hasn't expired.Only then is the request granted and otherwise it is rejected.