Guideline for Preparing for Final Exam

About Final Exam

Time: 12/15/06, 1:00pm -- 4:00pm, in the same class room as we meet for lectures.

The final exam includes everything covered in class. The exam will take three hours, and include the following types of questions 

The exam is closed book and notes. You can bring one piece of "cheat" sheet to the exam, following the rules below:

You should also pay attention to homework questions and in-class exercises.

The following lists important issues covered in this class. Those highlighted items will contribute to at least 80% of the final exam questions.

List of Topics

General Security Concepts

  1. Be able to explain the following concepts: Vulnerability, threat, risk, control, three goals of information security, examples of attacks against the goals of information security, security policy, security mechanism, security assurance, typical security services (confidentiality, authentication, integrity, non-repudiation, access control, monitor & response, security management).

Basic Cryptography

  1. Be able to explain the following concepts: plaintext, ciphertext, encryption, decryption, key, cryptanalysis (cipher text only, known plaintext, chosen plaintext, chosen cipher text), one-time pad, block cipher, stream cipher, secret key cryptography, public key cryptography, digital signature, hash function. Be able to give examples of the above concepts.
  2. Applications of secret key cryptography, public key cryptography, and hash function. Give examples.
  3. Explain the following concepts: substitution, permutation (transposition), product cipher, diffusion, confusion. Explain how diffusion and confusion are usually achieved in secret key cryptography? Explain Shannon's principles of good ciphers.
  4. What is security by obscurity? What isn't it good?
  5. Be able to describe DES (AES) algorithm. The facts about DES (AES), including block size, key size, encryption process, decryption process, key generation. Explain what is avalanche effect.
  6. What is the major limitation of DES? What are the two methods for cryptanalyzing DES?
  7. Explain what is message authentication and the goals of message authentication.
  8. Explain how to encrypt and authenticate a long message using symmetric cryptography.
  9. Explain how to encrypt and sign a long message using both public key and symmetric cryptography.
  10. Explain how encryption, message authentication code, and hash function used for message authentication.
  11. Explain the following concepts related to hash function: one-way property, weak collision free, strong collision free, birthday attack. Understand the implication of birthday attack. Explain how block chaining techniques can be used to build hash function and why it is insufficient.
  12. What is public key cryptography? What are the typical applications of public key cryptography?
  13. What are the requirements for public key cryptography? What is the essential requirement? What is a trapdoor one-way function? What's difference between one-way function and one-way hash function? What's difference between one-way function and trapdoor one-way function?
  14. Explain the attacks against public key cryptography. How to protect against these attacks?
  15. Be able to use the following theorems or algorithms: Fermat's theorem, Euler's theorem, notion of modular inverse.
  16. Be able to explain and perform the following procedures: RSA key generation, RSA encryption/decryption, RSA digital signature generation/verification.

Program Security

  1. Explain and give examples for common non-malicious program errors, including buffer overflows, incomplete mediation, and time-of-check to time-of-user errors.
  2. Explain and give examples for viruse, transient virus, resident virus, polymorphic virus, metamorphic virus, document virus, Trojan horse, logic bomb, trapdoor, worm, rabbit. Be able to explain the difference between these malicious software.
  3. Explain how virus works and how virus gain controls. Explain how virus scanners work.
  4. Explain what is salami attack, covert channel. What are the necessary conditions for covert channel? What are storage channels, time channels? How does shared resource matrix method work? How does the information flow method work?
  5. Explain the development controls for program security, including peer reviews, review of logs, harzard analysis, testing, unit testing, integration testing, function test, performance test, acceptance test, installation test, regression test.
  6. Explain what is separation of duties.
  7. Exlain the following techniques deveoped to prevent buffere overflow attacks: non-executable stack, static analysis, StackGuard, Libsafe, StackShield, address space layout randomization, instruction set randomization, TaintCheck. Explain what is random canary and terminator canary in StackGuard.

Security in Conventional Operating Systems

  1. Be able to explain the following OS protections: memory and address protection, possible separation provided by the OS (physical separation, temporal separation, logic separation, cryptographic separation), CPU modes, including user mode and privileged mode (master mode, system mode, kernel mode), transition from user mode to system mode (system calls), fence, relocation, base/bound register, segmentation, paging, combined segmentation and paging, tagged architecture.
  2. Explain what is least privilege principle.
  3. Explain the following concepts: access control, access control matrix, discretionary access control, mandatory access control, ACL, Capabilities, procedure-oriented access control, content-based access control, context-based access control.
  4. UNIX access control: Be able to explain and set Unix permission bits (r/w/x/suid/sguid/sticky bit). Be able to explain the three process user ids, including real user id, effective user id, saved user id, real group id, effective group id, and saved group id.
  5. Explain the basis of user authentication: what the user knows, what the user possesses, what the user is.
  6. Explain and perform password storage, explain the problem of directly storing passwords.
  7. Explain what is dictionary attacks and the three scenarios of dictionary attacks. Explain what is password salt, how to use it, and whether and why it helps in the three scenarios of dictionary attacks.
  8. Explain what is one-time password. Be able to explain and use the following one-time password schemes: S/Key, time-synchronized one-time password, challenge-response authentication protocol.
  9. Explain and give examples for biometric authentication. Explain what are false acceptance, false rejection, and false match.

Trusted Operating Systems

  1. Be able to explain the military security policy and the related concepts: security class, clearance, need-to-know.
  2. Be able to explain the Clark-Wilson commercial security policy and the related concepts: Well-formed transactions, separation of duty.
  3. Be able to explain the Chinese Wall security policy.
  4. Be able to explain the BLP multi-level security model, particularly the simple security property and the star security property.
  5. Be able to explain how and why the BLP model can prevent Trojan horse from directly disclosing sensitive information, and how and why covert channel can bypass the BLP model's control.
  6. Be able to construct and interpret security labels for multi-level security model.
  7. Be able to explain the BiBa integrity model and its five policy interpretation.
  8. Be able to explain Graham-Denning model, HRU model and take-grant model.
  9. Be able to explain the following concepts about the implementation of trusted OS: trusted computing bases (TCB), kernelized design, trusted path, reference monitor, separation of privilege, least common mechanism, object reuse protection, complete mediation.
  10. Be able to explain what are physical separation, temporal separation, cryptographic separation, and logical separation.
  11. Explain what is layered design.
  12. Explain what is TCSEC. Be able to list the TCSEC evaluation classes (D, C1, C2, B1, B2, B3, A1).
  13. Be able to explain what is CC. Be able to explain the following about CC: CC functional requirements and assurance requirements, organization of functional requirments and assurance requirements, protection profile, security target, the 7 Evaluation Assurance Levels (EALs).

Database Security

  1. Be able to interpret SQL GRANT and REVOKE statements. Be able to draw authorization graph based on such statements. Be able to interpret and modify authorization graphs. Be able to explain cascading and non-cascading revocation, negative authorization. (Go through slides 22 - end on topic 6.1.)
  2. Be able to explain the following mechanisms for database access control: view mechanism, stored procedures, query modification.
  3. Be able to explain what is poly-instantiation. Be able to explain the output of a query in a multi-level DBMS. Be able to update a multi-level DBMS based on an update statement.
  4. Be able to explain the following approaches for implementing multi-level DBMS: partitioning, encryption, integrity lock, and distributed databases.
  5. Be able to explain the database inference problem. Be able to determine whether there is an inference problem based on a database and a sequence of queries. Be able to perform inference attacks via linear systems.