* 7 *

Security models

Self-test questions

  1. Explain the difference between a security model and a security policy?
  2. What are the four basic areas that a complete model of security must cover. Explain why it would be difficult to provide a description of total security.
  3. Explain why host configuration is an important issue in security.
  4. What is meant by a finite state machine? Give some examples of systems which can be thought of as finite state machines.
  5. Describe briefly the Bell-LaPadula model. What are its limitations? What other models have attempted to generalize this model.

Graded problems

  1. Airport security is a protocol, based on secured areas, and access controls. It goes approximately like this:
    1. Passengers obtain a passport.
    2. Passengers buy a ticket.
    3. Passengers check in to the airport.
      • Check baggage (label baggage and receive baggage receipt)
      • Receive boarding card with seat number.
    4. Show passport and boarding card to enter restricted flight area.
    5. Metal detection of passengers and clothing.
    6. X-ray of hand luggage (carry on).
    7. Show boarding card and passport at gate.
    8. Passengers with tourist class tickets cannot enter the business class area.
    Analyze this protocol in terms of the four tenets of security: trust,access control, integrity and authentication. What is the purpose of the different steps and controls? What are the valuables which these measures are trying to protect? Hint - see the lecture on risk assessment. Draw fault trees for the different parts of the protocol to help you.

    Many secure installations such as computer centres have similar security measures to these.

  2. This problem is about the security of the examination process. It is in preparation for next week's problems.

    1. Describe the protocol (formal procedure) which is used for written exams.
    2. How is access restricted to the exam in advance?
    3. How is access restricted to information during the exam?
    4. How is access restricted to exam materials after the exam?
    5. What possible covert channels might examinees try to use to circumvent the above access controls? e.g. mobile phones, toilet walls.
    6. How do you know the questions on the exam are authentic?
    7. How can you trust the integrity of the exam paper? How do you know that the paper has been reproduced correctly, without copying error?
    8. Does the examiner know your identity? Could this be used to attack you?
    9. Do you know the examiners' identities? Could you use this to attack them, or bribe them?
    10. Do these attacks apply to project exams?

Part 1 of your project is due by friday 10:00 a.m.

Please follow these instructions carefully!
Late work cannot be accepted. The file you submit *must* be in one of the following file formats (.PDF .DOC) so that it can be read from the web, even by Windows users(!!) Your work should be anonymous. Remove all names and identifying references to your group before submitting -- you will understand why later! Your submission should include all the work including this week's questions!
Enter the login names and passwords of everyone in your group.

Note - you must have at least 3 in your group.

Login name 1: Password:
Login name 2: Password:
Login name 3: Password:
Login name 4: Password:
Filename of your DOC or PDF file: