CSCI 343 - Homework 2
Due by the end of day, Monday 26 Sep 2016
Answer the following questions and submit them via BlackBoard.
(6 pts.) Consider the handin program used by CS. Give examples of
confidentiality, availability, and integrity requirements associated with
this system. For each, indicate the degree of importance of that
(5 pts.) Still considering the handin program used by CS, what can you
say about the other 3 goals of security (Authenticity, Anonymity, and
For each, indicate if they apply and why/why not.
(5 pts.) Reports of computer security failures frequently appear in the
daily news. Cite a recently reported failure that exemplifies one or
more of the "principles" presented in class (easiest penetration,
adequate protection, effectiveness, weakest link) and explain how it
applies. Include a discussion of what security principles were
(9 pts.) [G&T R-1.6,1.9,10] With respect to the CIA-AAA concepts, what
risks are posed by:
- email spam
- a packet sniffer monitoring all traffic at a wireless access point
- someone buying songs online, burning a CD of them, ripping that
to MP3s, and then giving all their friends copies of the songs
(5 pts.) [G&T C-2.2] For safety reasons, external locked doors on
commercial buildings have mechanism that allow people on the inside to
escape without needing a key or combination. One type uses an infrared
motion detector to open an electronic lock for people moving towards
the door from the inside (e.g., grocery store doors).
Explain how a gap under such an external door might be exploited to open
the door from the outside.
(5 pts.) [G&T C-2.3] A group of n pirates has a treasure
chest and one unique lock and key for each pirate. Using hardware that
is probably lying around their ship, they want to protect the chest so
that any single pirate can open the chest using his lock and key. How
do they set this up?
(15 pts.) Oberlin College has a wide range of computer and network
resources on campus in a variety of locations (e.g., computer labs,
servers, network closets, wireless access points). Pick one and
analyze it in terms of its physical security.
Address this in terms of
In your opinion, are the measures in place appropriate? What
recommendations would you make to the powers that be to reasonable
improve the physical security?
- Location protection
- Physical intrusion detection
- Hardware attacks
- Physical interface attacks
If you followed it, be sure to include the honor code on your assignment.
Last Modified: September 19, 2016 - Benjamin A. Kuperman