Seminar Presentations Questions
Chapter 3: User Authentication Page 107, Review Questions
3.1, 3.3, 3.4, 3.5, 3.6, 3.9
Chapter 4: Access Control
- State which access system requirment is violated in each of the
- Zeus is running a Find operation when his process is hijacked and
files Zeus owns begin being deleted.
- RoleA was banned from accessing FileX; RoleB has access to FileX.
Odin possesses both RoleA and RoleB. When Odin attempts to access FileX,
his user session crashes.
- Dr. Shende hates being the system administrator because he has to
change each user to explicitly not be
able to access new files he makes. If this is the case, what type of
policy must the access system be using?
- What is the main advantage of storing the access control matrix as a
table instead of a matrix?
- Assuming you are constructing an access system for a computer which
will have 5 users, which scheme we discussed (DAC or BRAC) would be
best and why?
Chapter 5: Database Security
- Pages 172 - 175: #5.6, 5.7(b), 5.11, 5.19
- What is the difference between query restriction and perturbation?
- Why do you need to be careful with perturbation techniques?
- What are the two disadvantages of using data encryption?
- Describe the pros and cons of working with encrypted data
separately and as blocks.
Chapter 6: Intrusion Detection
Jared's Presentation in PDF format
Link to Reading
- Question for Section 2:
What difficulties in detecting threats have become easier or non-issues since this report in 1980?
- Question for Section 4:
Which pieces of the proposed surveillance system are still relevant
with today's computer systems? Which parts, if any, have become irrelevant?