Solution Manual for Computer Security: Principles and Practice, 4th Edition

Page 1 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 1 preview image

SOLUTIONSMANUALCOMPUTERSECURITYFOURTHEDITIONCHAPTERS1–12WILLIAMSTALLINGSLAWRIEBROWN

Page 2 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 2 preview image

Page 3 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 3 preview image

-4-Chapter 1Overview ................................................................. 5Chapter 2Cryptographic Tools................................................... 9Chapter 3User Authentication ..................................................19Chapter 4Access Control .........................................................25Chapter 5Database and Cloud Security .....................................31Chapter 6Malicious Software ...................................................36Chapter 7Denial-of-Service Attacks ..........................................43Chapter 8Intrusion Detection ..................................................48Chapter 9Firewalls and Intrusion Prevention Systems .................57Chapter 10Buffer Overflow......................................................68Chapter 11Software Security...................................................75Chapter 12Operating System Security ......................................82TABLE OF CONTENTS

Page 4 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 4 preview image

-5-CHAPTER1OVERVIEWANSWERS TOQUESTIONS1.1Computer security refers to protection afforded to an automatedinformation system in order to attain the applicable objectives ofpreserving the integrity, availability and confidentiality of informationsystem resources (includes hardware, software, firmware,information/data, and telecommunications).1.2Passive threatshave to do with eavesdropping on, or monitoring,transmissions. Electronic mail, file transfers, and client/serverexchanges are examples of transmissions that can be monitored. Activethreatsinclude the modification of transmitted data and attempts togain unauthorized access to computer systems.1.3Passive attacks: release of message contents and traffic analysis.Active attacks: masquerade, replay, modification of messages, anddenial of service.1.4Authentication:The assurance that the communicating entity is theone that it claims to be.Access control:The prevention of unauthorized use of a resource (i.e.,this service controls who can have access to a resource, under whatconditions access can occur, and what those accessing the resource areallowed to do).Data confidentiality:The protection of data from unauthorizeddisclosure.Data integrity:The assurance that data received are exactly as sent byan authorized entity (i.e., contain no modification, insertion, deletion, orreplay).Nonrepudiation:Provides protection against denial by one of theentities involved in a communication of having participated in all or partof the communication.Availability service:The property of a system or a system resourcebeing accessible and usable upon demand by an authorized systementity, according to performance specifications for the system (i.e., asystem is available if it provides services according to the system designwhenever users request them).

Page 5 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 5 preview image

-6-1.5An attack surface consists of the reachable and exploitablevulnerabilities in a system. An attack tree is a branching, hierarchicaldata structure that represents a set of potential techniques forexploiting security vulnerabilities.ANSWERS TOPROBLEMS1.1The system must keep personal identification numbers confidential, bothin the host system and during transmission for a transaction. It mustprotect the integrity of account records and of individual transactions.Availability of the host system is important to the economic well beingof the bank, but not to its fiduciary responsibility. The availability ofindividual teller machines is of less concern.1.2The system does not have high requirements for integrity on individualtransactions, as lasting damage will not be incurred by occasionallylosing a call or billing record. The integrity of control programs andconfiguration records, however, is critical. Without these, the switchingfunction would be defeated and the most important attribute of all -availability - would be compromised. A telephone switching system mustalso preserve the confidentiality of individual calls, preventing one callerfrom overhearing another.1.3 a.The system will have to assure confidentiality if it is being used topublish corporate proprietary material.b.The system will have to assure integrity if it is being used to laws orregulations.c.The system will have to assure availability if it is being used topublish a daily paper.1.4 a.An organization managing public information on its web serverdetermines that there is no potential impact from a loss ofconfidentiality (i.e., confidentiality requirements are not applicable),a moderate potential impact from a loss of integrity, and a moderatepotential impact from a loss of availability.b.A law enforcement organization managing extremely sensitiveinvestigative information determines that the potential impact from aloss of confidentiality is high, the potential impact from a loss ofintegrity is moderate, and the potential impact from a loss ofavailability is moderate.c.A financial organization managing routine administrative information(not privacy-related information) determines that the potentialimpact from a loss of confidentiality is low, the potential impact froma loss of integrity is low, and the potential impact from a loss ofavailability is low.

Page 6 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 6 preview image

-7-d.The management within the contracting organization determinesthat: (i) for the sensitive contract information, the potential impactfrom a loss of confidentiality is moderate, the potential impact from aloss of integrity is moderate, and the potential impact from a loss ofavailability is low; and (ii) for the routine administrative information(non-privacy-related information), the potential impact from a loss ofconfidentiality is low, the potential impact from a loss of integrity islow, and the potential impact from a loss of availability is low.e.The management at the power plant determines that: (i) for thesensor data being acquired by the SCADA system, there is nopotential impact from a loss of confidentiality, a high potential impactfrom a loss of integrity, and a high potential impact from a loss ofavailability; and (ii) for the administrative information beingprocessed by the system, there is a low potential impact from a lossof confidentiality, a low potential impact from a loss of integrity, anda low potential impact from a loss of availability. Examples from FIPS199.1.5 a.At first glance, this code looks fine, but what happens ifIsAccessAllowed fails? For example, what happens if the system runsout of memory, or object handles, when this function is called? Theuser can execute the privileged task because the function mightreturn an error such as ERROR NOT ENOUGH MEMORY.b.DWORDdwRet=IsAccessAllowed(...);if(dwRet==NO_ERROR){//SecurecheckOK.//Performtask.}else{//Securitycheckfailed.//Informuserthataccessisdenied.}In this case, if the call to IsAccessAllowed fails for any reason, theuser is denied access to the privileged operation.

Page 7 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 7 preview image

-8-1.6Open SafePick LockThreatenBlackmailEavesdropBribeLearnCombinationFind Writ-ten ComboGet Combofrom TargetListen toConversationGet Target toState ComboCut OpenSafeInstallImproperly1.7We present the tree in text form; call the company X:Survivability Compromise: Disclosure of X proprietary secretsOR 1. Physically scavenge discarded items from XOR1. Inspect dumpster content on-site2. Inspect refuse after removal from site2. Monitor emanations from X machinesAND 1. Survey physical perimeter to determine optimal monitoring position2. Acquire necessary monitoring equipment3. Setup monitoring site4. Monitor emanations from site3. Recruit help of trusted X insiderOR1. Plant spy as trusted insider2. Use existing trusted insider4. Physically access X networks or machinesOR1. Get physical, on-site access to Intranet2. Get physical access to external machines5. Attack X intranet using its connections with InternetOR1. Monitor communications over Internet for leakage2. Get trusted process to send sensitive information to attacker over Internet3. Gain privileged access to Web server6. Attack X intranet using its connections with public telephone network (PTN)OR1. Monitor communications over PTN for leakage of sensitive information2. Gain privileged access to machines on intranet connected via Internet

Page 8 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 8 preview image

-9-CHAPTER2CRYPTOGRAPHICTOOLSANSWERS TOQUESTIONS2.1Plaintext, encryption algorithm, secret key, ciphertext, decryptionalgorithm.2.2One secret key.2.3(1) a strong encryption algorithm; (2) Sender and receiver must haveobtained copies of the secret key in a secure fashion and must keep thekey secure.2.4Message encryption, message authentication code, hash function.2.5An authenticator that is a cryptographic function of both the data to beauthenticated and a secret key.2.6 (a)A hash code is computed from the source message, encrypted usingsymmetric encryption and a secret key, and appended to the message.At the receiver, the same hash code is computed. The incoming code isdecrypted using the same key and compared with the computed hashcode.(b)This is the same procedure as in (a) except that public-keyencryption is used; the sender encrypts the hash code with the sender'sprivate key, and the receiver decrypts the hash code with the sender'spublic key.(c)A secret value is appended to a message and then ahash code is calculated using the message plus secret value as input.Then the message (without the secret value) and the hash code aretransmitted. The receiver appends the same secret value to themessage and computes the hash value over the message plus secretvalue. This is then compared to the received hash code.2.71.H can be applied to a block of data of any size.2.H produces a fixed-length output.3.H(x) is relatively easy to compute for any givenx, making bothhardware and software implementations practical.4.For any given valueh, it is computationally infeasible to findxsuchthat H(x) =h.5.For any given blockx, it is computationally infeasible to findy≠xwith H(y) = H(x).

Page 9 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 9 preview image

-10-6.It is computationally infeasible to find any pair (x,y) such that H(x)= H(y).2.8 Plaintext:This is the readable message or data that is fed into thealgorithm as input.Encryption algorithm:The encryption algorithmperforms various transformations on the plaintext.Public and privatekeys:This is a pair of keys that have been selected so that if one isused for encryption, the other is used for decryption. The exacttransformations performed by the encryption algorithm depend on thepublic or private key that is provided as input.Ciphertext:This is thescrambled message produced as output. It depends on the plaintext andthe key. For a given message, two different keys will produce twodifferent ciphertexts.Decryption algorithm:This algorithm acceptsthe ciphertext and the matching key and produces the original plaintext.2.9 Encryption/decryption:The sender encrypts a message with therecipient's public key.Digital signature:The sender "signs" a messagewith its private key. Signing is achieved by a cryptographic algorithmapplied to the message or to a small block of data that is a function ofthe message.Key exchange:Two sides cooperate to exchange asession key. Several different approaches are possible, involving theprivate key(s) of one or both parties.2.10The key used in conventional encryption is typically referred to as asecret key. The two keys used for public-key encryption are referredto as thepublic keyand theprivate key.2.11Adigital signatureis an authentication mechanism that enables thecreator of a message to attach a code that acts as a signature. Thesignature is formed by taking the hash of the message and encryptingthe message with the creator's private key. The signature guaranteesthe source and integrity of the message.2.12Apubic-key certificateconsists of a public key plus a User ID of thekey owner, with the whole block signed by a trusted third party.Typically, the third party is a certificate authority (CA) that is trustedby the user community, such as a government agency or a financialinstitution.2.13Several different approaches are possible, involving the private key(s)of one or both parties. One approach is Diffie-Hellman key exchange.Another approach is for the sender to encrypt a secret key with therecipient's public key.ANSWERS TOPROBLEMS

Page 10 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 10 preview image

-11-2.1Yes. The eavesdropper is left with two strings, one sent in eachdirection, and their XOR is the secret key.2.2 a.28107963145CRYPTOGAHIBEATTHETHIRDPILLARFROMTHELEFTOUTSIDETHELYCEUMTHEATRETONIGHTATSEVENIFYOUAREDISTRUSTFULBRINGTWOFRIENDS42810563719NETWORKSCUTRFHEHFTINBROUYRTUSTEAETHGISREHFTEATYRNDIROLTAOUGSHLLETINIBITIHIUOVEUFEDMTCESATWTLEDMNEDLRAPTSETERFOISRNGBUTLFRRAFRLIDLPFTIYONVSEETBEHIHTETAEYHATTUCMEHRGTAIOENTTUSRUIEADRFOETOLHMETNTEDSIFWROHUTELEITDSb.The two matrices are used in reverse order. First, the ciphertext islaid out in columns in the second matrix, taking into account theorder dictated by the second memory word. Then, the contents ofthe second matrix are read left to right, top to bottom and laid out incolumns in the first matrix, taking into account the order dictated bythe first memory word. The plaintext is then read left to right, top tobottom.c.Although this is a weak method, it may have use with time-sensitiveinformation and an adversary without immediate access to goodcryptanalysis t(e.g., tactical use). Plus it doesn't require anythingmore than paper and pencil, and can be easily remembered.

Page 11 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 11 preview image

-12-2.3 a.Let -X be the additive inverse of X. That is -X+X = 0. Then:P = (C+–K1)⊕K0b.First, calculate –C'. Then –C' = (P'⊕K0)+(– K1). We then have:C+–C' = (P⊕K0)+(P'⊕K0)However, the operations+and⊕are not associative or distributivewith one another, so it is not possible to solve this equation for K0.2.4 a.The constants ensure that encryption/decryption in each round isdifferent.

Page 12 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 12 preview image

-13-b.First two rounds:Delta1K0L0L1L2R2R0R1K1< < 4> > 5Delta2K2K3< < 4> > 5

Page 13 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 13 preview image

-14-c.First, let's define the encryption process:L2= L0+[(R0<< 4)+K0]⊕[R0+δ1]⊕[(R0>> 5)+K1]R2= R0+[(L2<< 4)+K2]⊕[L2+δ2]⊕[(L2>> 5)+K3]Now the decryption process. The input is the ciphertext (L2, R2), andthe output is the plaintext (L0, R0). Decryption is essentially the sameas encryption, with the subkeys and delta values applied in reverseorder. Also note that it is not necessary to use subtraction becausethere is an even number of additions in each equation.R0= R2+[(L2<< 4)+K2]⊕[L2+δ2]⊕[(L2>> 5)+K3]L0= L2+[(R0<< 4)+K0]⊕[R0+δ1]⊕[(R0>> 5)+K1]

Page 14 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 14 preview image

-15-d.Delta1K0L0L1L2R2R0R1K1< < 4> > 5Delta2K2K3< < 4> > 52.5 a.Will be detected with both (i) DS and (ii) MAC.b.Won’t be detected by either (Remark: use timestamps).c.(i) DS: Bob simply has to verify the message with the public keyfrom both. Obviously, only Alice’s public key results in a successfulverification.

Page 15 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 15 preview image

-16-(ii) MAC: Bob has to challenge both, Oscar and Bob, to reveal theirsecret key to him (which he knows anyway). Only Bob can do that.d.(i) DS: Alice has to force Bob to prove his claim by sending her acopy of the message in question with the signature. Then Alice canshow that message and signature can be verified with Bob’s publickey ) Bob must have generated the message.(ii) MAC: No, Bob can claim that Alice generated this message.2.6The statement is false. Such a function cannot be one-to-one becausethe number of inputs to the function is of arbitrary, but the number ofunique outputs is 2n. Thus, there are multiple inputs that map into thesame output.

Page 16 of 16

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 16 preview image

-17-2.7 a.Overall structure:N×16lettersM1M2MNFIV =0000H1F• • •• • •MessageH216HN =hashcode16F1616 letters16 letters16 lettersPadding4Compression function F:Hi–1MiColumn-wise mod 26 additionColumn-wise mod 26 additionrow-wiserotationsHib.BFQGc.Simple algebra is all you need to generate a result:AYHGDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Preview Mode

This document has 160 pages. Sign in to access the full document!

Report

Learning Tools

Writing Tools

Browse Resources

Solution Manual for Computer Security: Principles and Practice, 4th Edition - Page 1

Study Now!

Document Details

Related Documents

DevOps and Its Importance Study Notes

Veeam Certified Engineer VMCE-V12

Modules 1 - 3 Basic Network Connectivity and Commu

Notes CCNA

CCNA 200-301 Portable Command Guide 5th Edition 20

CCNA 200-301 Portable Command Guide 5th Edition 22

CCNA 200-301 Portable Command Guide 5th Edition 36

Foundations of Novell Networking Section 26

Modulo 7 DHCPv4

Build and troubleshooting Integration Challenge

Company

Explore

Study Tools