* 2 *

Fault trees

The purpose of the exercises this week is to give you practice in thinking analytically about systems. This work can be done as part of a group.

Self-test problems


Graded problems

  1. Study the example fault trees in the lecture this week. Here is a similar example.

    Password sniffing is about different ways that crackers can learn about users' passwords. Here is a simple fault tree/cause tree which shows the routes for password guessing.

    A company employee in the mail room, who is annoyed about not getting a pay rise, decides to try to crack into the company system.

    Criticize this analysis. Does the cracker see all telnet users' passwords? If the cracker can only has access to a small part of the network, will he be more likely to see more passwords, if there are twice as many users at his organization in total? What is his chance of getting caught, if he uses these two strategies?

  2. Tape backup is known to be a relatively unreliable medium for storing data. Consider the following fault tree for tape backup. Tape robots are expensive, but tapes are cheap per gigabyte. Discuss how the most secure backup strategy depends on the amount of data a company has. Compare tape storage to disk mirroring.

  3. Consider the following attack tree for stealing information from an organization. All of the shown methods have been used to steal information from companies. As you can see, there are many routes to information, not all of them take the direct approach.

    Complete this tree, with any other methods you can think of for theft of data from an organization. For each leaf of the tree, suggest a method or technology which might protect against this threat (e.g. ID cards, security personell, locks on doors etc.).

  4. This question asks you to make an educated guess. Approximately how many people/resources D are there who are likely to be able to defend our College's computer system from attack, by finding and fixing faults/exploitable pathways? Approximately how many people in the world A are there who are likely to try to attack our system somehow (both insiders and outsiders)? What is the approximately probability A/(A+D) that someone will try to attack our system? The number of users who successfully attack us is much lower than this. Why do you think that is?