Preview Extract
SOLUTIONS MANUAL
C OMPUTER S ECURITY
F OURTH E DITION
C HAPTERS 1โ12
W ILLIAM S TALLINGS
L AWRIE B ROWN
Copyright 2017: William Stallings
TABLE OF CONTENTS
Chapter 1 Overview ……………………………………………………….. 5
Chapter 2 Cryptographic Tools…………………………………………… 9
Chapter 3 User Authentication ………………………………………….. 19
Chapter 4 Access Control ………………………………………………… 25
Chapter 5 Database and Cloud Security ………………………………. 31
Chapter 6 Malicious Software …………………………………………… 36
Chapter 7 Denial-of-Service Attacks …………………………………… 43
Chapter 8 Intrusion Detection ………………………………………….. 48
Chapter 9 Firewalls and Intrusion Prevention Systems …………….. 57
Chapter 10 Buffer Overflow ……………………………………………… 68
Chapter 11 Software Security …………………………………………… 75
Chapter 12 Operating System Security ……………………………….. 82
-4-
CHAPTER 1 OVERVIEW
ANSWERS TO QUESTIONS
1.1 Computer security refers to protection afforded to an automated
information system in order to attain the applicable objectives of
preserving the integrity, availability and confidentiality of information
system resources (includes hardware, software, firmware,
information/data, and telecommunications).
1.2 Passive threats have to do with eavesdropping on, or monitoring,
transmissions. Electronic mail, file transfers, and client/server
exchanges are examples of transmissions that can be monitored. Active
threats include the modification of transmitted data and attempts to
gain unauthorized access to computer systems.
1.3 Passive attacks: release of message contents and traffic analysis.
Active attacks: masquerade, replay, modification of messages, and
denial of service.
1.4 Authentication: The assurance that the communicating entity is the
one that it claims to be.
Access control: The prevention of unauthorized use of a resource (i.e.,
this service controls who can have access to a resource, under what
conditions access can occur, and what those accessing the resource are
allowed to do).
Data confidentiality: The protection of data from unauthorized
disclosure.
Data integrity: The assurance that data received are exactly as sent by
an authorized entity (i.e., contain no modification, insertion, deletion, or
replay).
Nonrepudiation: Provides protection against denial by one of the
entities involved in a communication of having participated in all or part
of the communication.
Availability service: The property of a system or a system resource
being accessible and usable upon demand by an authorized system
entity, according to performance specifications for the system (i.e., a
system is available if it provides services according to the system design
whenever users request them).
-5-
1.5 An attack surface consists of the reachable and exploitable
vulnerabilities in a system. An attack tree is a branching, hierarchical
data structure that represents a set of potential techniques for
exploiting security vulnerabilities.
ANSWERS TO PROBLEMS
1.1 The system must keep personal identification numbers confidential, both
in the host system and during transmission for a transaction. It must
protect the integrity of account records and of individual transactions.
Availability of the host system is important to the economic well being
of the bank, but not to its fiduciary responsibility. The availability of
individual teller machines is of less concern.
1.2 The system does not have high requirements for integrity on individual
transactions, as lasting damage will not be incurred by occasionally
losing a call or billing record. The integrity of control programs and
configuration records, however, is critical. Without these, the switching
function would be defeated and the most important attribute of all availability – would be compromised. A telephone switching system must
also preserve the confidentiality of individual calls, preventing one caller
from overhearing another.
1.3 a. The system will have to assure confidentiality if it is being used to
publish corporate proprietary material.
b. The system will have to assure integrity if it is being used to laws or
regulations.
c. The system will have to assure availability if it is being used to
publish a daily paper.
1.4 a. An organization managing public information on its web server
determines that there is no potential impact from a loss of
confidentiality (i.e., confidentiality requirements are not applicable),
a moderate potential impact from a loss of integrity, and a moderate
potential impact from a loss of availability.
b. A law enforcement organization managing extremely sensitive
investigative information determines that the potential impact from a
loss of confidentiality is high, the potential impact from a loss of
integrity is moderate, and the potential impact from a loss of
availability is moderate.
c. A financial organization managing routine administrative information
(not privacy-related information) determines that the potential
impact from a loss of confidentiality is low, the potential impact from
a loss of integrity is low, and the potential impact from a loss of
availability is low.
-6-
d. The management within the contracting organization determines
that: (i) for the sensitive contract information, the potential impact
from a loss of confidentiality is moderate, the potential impact from a
loss of integrity is moderate, and the potential impact from a loss of
availability is low; and (ii) for the routine administrative information
(non-privacy-related information), the potential impact from a loss of
confidentiality is low, the potential impact from a loss of integrity is
low, and the potential impact from a loss of availability is low.
e. The management at the power plant determines that: (i) for the
sensor data being acquired by the SCADA system, there is no
potential impact from a loss of confidentiality, a high potential impact
from a loss of integrity, and a high potential impact from a loss of
availability; and (ii) for the administrative information being
processed by the system, there is a low potential impact from a loss
of confidentiality, a low potential impact from a loss of integrity, and
a low potential impact from a loss of availability. Examples from FIPS
199.
1.5 a. At first glance, this code looks fine, but what happens if
IsAccessAllowed fails? For example, what happens if the system runs
out of memory, or object handles, when this function is called? The
user can execute the privileged task because the function might
return an error such as ERROR NOT ENOUGH MEMORY.
b.
DWORD dwRet = IsAccessAllowed(…);
if (dwRet == NO_ERROR) {
// Secure check OK.
// Perform task.
} else {
// Security check failed.
// Inform user that access is denied.
}
In this case, if the call to IsAccessAllowed fails for any reason, the
user is denied access to the privileged operation.
-7-
1.6
Open Safe
Pick Lock
Learn
Combination
Find Written Combo
Threaten
Cut Open
Safe
Install
Improperly
Get Combo
from Target
Blackmail
Eavesdrop
Listen to
Conversation
Bribe
Get Target to
State Combo
1.7 We present the tree in text form; call the company X:
Survivability Compromise: Disclosure of X proprietary secrets
OR 1. Physically scavenge discarded items from X
OR 1. Inspect dumpster content on-site
2. Inspect refuse after removal from site
2. Monitor emanations from X machines
AND 1. Survey physical perimeter to determine optimal monitoring position
2. Acquire necessary monitoring equipment
3. Setup monitoring site
4. Monitor emanations from site
3. Recruit help of trusted X insider
OR 1. Plant spy as trusted insider
2. Use existing trusted insider
4. Physically access X networks or machines
OR 1. Get physical, on-site access to Intranet
2. Get physical access to external machines
5. Attack X intranet using its connections with Internet
OR 1. Monitor communications over Internet for leakage
2. Get trusted process to send sensitive information to attacker over Internet
3. Gain privileged access to Web server
6. Attack X intranet using its connections with public telephone network (PTN)
OR 1. Monitor communications over PTN for leakage of sensitive information
2. Gain privileged access to machines on intranet connected via Internet
-8-
CHAPTER 2 CRYPTOGRAPHIC TOOLS
ANSWERS TO QUESTIONS
2.1 Plaintext, encryption algorithm, secret key, ciphertext, decryption
algorithm.
2.2 One secret key.
2.3 (1) a strong encryption algorithm; (2) Sender and receiver must have
obtained copies of the secret key in a secure fashion and must keep the
key secure.
2.4 Message encryption, message authentication code, hash function.
2.5 An authenticator that is a cryptographic function of both the data to be
authenticated and a secret key.
2.6 (a) A hash code is computed from the source message, encrypted using
symmetric encryption and a secret key, and appended to the message.
At the receiver, the same hash code is computed. The incoming code is
decrypted using the same key and compared with the computed hash
code. (b) This is the same procedure as in (a) except that public-key
encryption is used; the sender encrypts the hash code with the sender’s
private key, and the receiver decrypts the hash code with the sender’s
public key. (c) A secret value is appended to a message and then a
hash code is calculated using the message plus secret value as input.
Then the message (without the secret value) and the hash code are
transmitted. The receiver appends the same secret value to the
message and computes the hash value over the message plus secret
value. This is then compared to the received hash code.
2.7
1. H can be applied to a block of data of any size.
2. H produces a fixed-length output.
3. H(x) is relatively easy to compute for any given x, making both
hardware and software implementations practical.
4. For any given value h, it is computationally infeasible to find x such
that H(x) = h.
5. For any given block x, it is computationally infeasible to find y โ x
with H(y) = H(x).
-9-
6. It is computationally infeasible to find any pair (x, y) such that H(x)
= H(y).
2.8 Plaintext: This is the readable message or data that is fed into the
algorithm as input. Encryption algorithm: The encryption algorithm
performs various transformations on the plaintext. Public and private
keys: This is a pair of keys that have been selected so that if one is
used for encryption, the other is used for decryption. The exact
transformations performed by the encryption algorithm depend on the
public or private key that is provided as input. Ciphertext: This is the
scrambled message produced as output. It depends on the plaintext and
the key. For a given message, two different keys will produce two
different ciphertexts. Decryption algorithm: This algorithm accepts
the ciphertext and the matching key and produces the original plaintext.
2.9 Encryption/decryption: The sender encrypts a message with the
recipient’s public key. Digital signature: The sender “signs” a message
with its private key. Signing is achieved by a cryptographic algorithm
applied to the message or to a small block of data that is a function of
the message. Key exchange: Two sides cooperate to exchange a
session key. Several different approaches are possible, involving the
private key(s) of one or both parties.
2.10 The key used in conventional encryption is typically referred to as a
secret key. The two keys used for public-key encryption are referred
to as the public key and the private key.
2.11 A digital signature is an authentication mechanism that enables the
creator of a message to attach a code that acts as a signature. The
signature is formed by taking the hash of the message and encrypting
the message with the creator’s private key. The signature guarantees
the source and integrity of the message.
2.12 A pubic-key certificate consists of a public key plus a User ID of the
key owner, with the whole block signed by a trusted third party.
Typically, the third party is a certificate authority (CA) that is trusted
by the user community, such as a government agency or a financial
institution.
2.13 Several different approaches are possible, involving the private key(s)
of one or both parties. One approach is Diffie-Hellman key exchange.
Another approach is for the sender to encrypt a secret key with the
recipient’s public key.
ANSWERS TO PROBLEMS
-10-
2.1 Yes. The eavesdropper is left with two strings, one sent in each
direction, and their XOR is the secret key.
2.2 a.
2
C
B
R
O
U
Y
R
T
U
S
T
8
R
E
D
M
T
C
E
S
A
T
W
10
Y
A
P
T
S
E
T
E
R
F
O
7
P
T
I
H
I
U
O
V
E
U
F
9
T
T
L
E
D
M
N
E
D
L
R
6
O
H
L
L
E
T
I
N
I
B
I
3
G
E
A
E
T
H
G
I
S
R
E
1
A
T
R
F
H
E
H
F
T
I
N
4
H
H
F
T
E
A
T
Y
R
N
D
5
I
I
R
O
L
T
A
O
U
G
S
4
N
T
B
E
H
I
H
T
E
T
A
2
E
R
R
A
F
R
L
I
D
L
P
8
T
F
O
E
T
O
L
H
M
E
T
10
W
H
U
T
E
L
E
I
T
D
S
5
O
E
Y
H
A
T
T
U
C
M
E
6
R
H
R
G
T
A
I
O
E
N
T
3
K
F
T
I
Y
O
N
V
S
E
E
7
S
T
U
S
R
U
I
E
A
D
R
1
C
I
S
R
N
G
B
U
T
L
F
9
U
N
T
E
D
S
I
F
W
R
O
BUTLF
TUCME
IFWRO
RRAFR
HRGTA
HUTEL
LIDLP
IOENT
EITDS
FTIYO
TUSRU
NVSEE
IEADR
TBEHI
FOETO
HTETA
LHMET
ISRNG
EYHAT
NTEDS
b. The two matrices are used in reverse order. First, the ciphertext is
laid out in columns in the second matrix, taking into account the
order dictated by the second memory word. Then, the contents of
the second matrix are read left to right, top to bottom and laid out in
columns in the first matrix, taking into account the order dictated by
the first memory word. The plaintext is then read left to right, top to
bottom.
c. Although this is a weak method, it may have use with time-sensitive
information and an adversary without immediate access to good
cryptanalysis t(e.g., tactical use). Plus it doesn’t require anything
more than paper and pencil, and can be easily remembered.
-11-
2.3 a. Let -X be the additive inverse of X. That is -X
P = (C + โK1) โ K0
b. First, calculate โC’. Then โC’ = (P’ โ K0)
+ X = 0. Then:
+ (โ K1). We then have:
+ โC’ = (P โ K0) + (P’ โ K0)
However, the operations + and โ are not associative or distributive
C
with one another, so it is not possible to solve this equation for K0.
2.4 a. The constants ensure that encryption/decryption in each round is
different.
-12-
b. First two rounds:
L0
R0
K0
<>5
L1
R1
K2
<>5
L2
R2
-13-
c. First, let’s define the encryption process:
L2 = L0 + [(R0 << 4) + K0] โ [R0 +
R2 = R 0
+ [(L2 <> 5) + K3]
ฮด1] โ [(R0 >> 5)
Now the decryption process. The input is the ciphertext (L2, R2), and
the output is the plaintext (L0, R0). Decryption is essentially the same
as encryption, with the subkeys and delta values applied in reverse
order. Also note that it is not necessary to use subtraction because
there is an even number of additions in each equation.
R0 = R 2
+ [(L2 <> 5) + K3]
L0 = L2
+ [(R0 <> 5) + K1]
-14-
d.
L0
R0
K0
<>5
L1
R1
K2
<>5
L2
R2
2.5 a. Will be detected with both (i) DS and (ii) MAC.
b. Wonโt be detected by either (Remark: use timestamps).
c. (i) DS: Bob simply has to verify the message with the public key
from both. Obviously, only Aliceโs public key results in a successful
verification.
-15-
Document Preview (14 of 162 Pages)
User generated content is uploaded by users for the purposes of learning and should be used following SchloarOn's honor code & terms of service.
You are viewing preview pages of the document. Purchase to get full access instantly.
-37%
Solution Manual for Computer Security: Principles and Practice, 4th Edition
$18.99 $29.99Save:$11.00(37%)
24/7 Live Chat
Instant Download
100% Confidential
Store
Harper Davis
0 (0 Reviews)
Best Selling
The World Of Customer Service, 3rd Edition Test Bank
$18.99 $29.99Save:$11.00(37%)
Data Structures and Other Objects Using C++ 4th Edition Solution Manual
$18.99 $29.99Save:$11.00(37%)
Chemistry: Principles And Reactions, 7th Edition Test Bank
$18.99 $29.99Save:$11.00(37%)
Solution Manual for Designing the User Interface: Strategies for Effective Human-Computer Interaction, 6th Edition
$18.99 $29.99Save:$11.00(37%)
Test Bank for Hospitality Facilities Management and Design, 4th Edition
$18.99 $29.99Save:$11.00(37%)
2023-2024 ATI Pediatrics Proctored Exam with Answers (139 Solved Questions)
$18.99 $29.99Save:$11.00(37%)