Due Before Class: 06/18/08. No Late Submissions Please
Total Page:16
File Type:pdf, Size:1020Kb
ISA 662, Fall 2006, Assignment 1
Due before class: 06/18/08. No late submissions please.
Please submit electronic copy to: [email protected] with subject line “ISA562 HM1”
Prof. Edgar H. Sibley
This is an individual assignment. You are required to solve it on your own using whatever material you like. Please sign and submit the following honor code statement with your solution: I have not taken any help on this examination from anyone and not provided any help to anyone. The solution has been entirely worked out by me and represents my individual effort. Please submit a typed solution with the signed honor code statement.
For each of the following concepts, research the internet for information on the topic and provide a 1/2 page to one page brief essay explaining: (a) what the concept means, (b) how is it realized mathematically, and (c) what are its practical benefits. Identify the source(s) for your information.
i. Blind signatures ii. Identity-based encryption iii. Threshold cryptography iv. Key escrow
Guideline: Your answer should clearly explain the concept along the three aspects identified above to any of your classmates who did not undertake this exercise themselves
2. (Problem 9, Chapter 1 (pag.26) in M.Bishop’s, Computer Security) Policy restricts the use of electronic mail on a particular system to faculty and staff. Students cannot send or receive electronic mail on that host. Classify the following mechanisms as secure, precise, or broad.
o The electronic mail sending and receiving programs are disabled. o As each letter is sent or received, the system looks up the sender (or recipient) in a database. If that party is listed as faculty or staff, the mail is processed. Otherwise, it is rejected. (Assume the database entries are correct.) o The electronic mail sending programs ask the user if he or she is a student. If so, the mail is refused. The electronic mail receiving programs are disabled.
3. Alice can read and write the file x, can read the file y, and can execute the file z. Bob can read x, can read and write y, and cannot access z. o Write a set of access control lists for this situation. Which list is associated with which file? o Write a set of capability lists for this situation, and say what each list is associated with.