Midterm Topics (extracted from whole-course list) -------------- Fundamental notions - Explain how security goals can be categorized into Confidentiality, Integrity, and Availability; give examples of each category; analyze specific goals into the appropriate category. - Explain why security is defined relative to a set of assumptions. - Explain the concepts of Threat, Vulnerability, and Control; give examples. - Discuss the relationship between the concepts of security and correctness. Authentication - Describe common vulnerabilities related to passwords, and best practices for password guidelines. - Calculate the probability of breaking a password by brute force, given suitable assumptions. - Describe several biometric techniques for authentication. - Describe several token-based techniques for authentication. Software Security - Define, and give examples of, the Saltzer and Schroeder design principles for secure software: least privilege, economy of mechanism, open design, complete mediation, fail-safe defaults, separation of privilege, least common mechanism, ease of use. - Explain, and give examples of, the CERT Top 10 Secure Coding Practices: validate input, heed compiler warnings, architect and design for security policies, keep it simple, default to deny, adhere to the principle of least privilege, sanitize data sent to other systems, practice defense in depth, use effective QA techniques, adopt a secure coding standard. - Explain how choice of programming language can affect software security. - Explain in detail how simple buffer overflow attacks work. - Describe several techniques used to discover and exploit software vulnerabilities, including fuzzing and symbolic execution. - Describe several countermeasures that can mitigate the risk of overflow attacks. - Explain the idea of "penetrate-and-patch," and its limitations as a security technique. - Define the concepts of virus, trojan horse, and worm, with historically important examples. - Explain how virus detection works, and its limitations. Access Control - Define the basic access control concepts of subject, object, and access mode; give examples. - Define the concept of mediation, and describe different ways of achieving it. - Define the concept of reference monitor. - Explain hardware approaches to access control, including segments, paging, and tagging. - Explain the concept of an access control matrix (ACM), show how ACMs can be used to model security policies, and how to use an ACM to determine whether an access is secure relative to a policy. - Explain the idea of an access control list (ACL) and its relationship to an ACM. - Explain the concept of capabilities, and their relationship to an ACM. - Explain in detail what access control mechanisms are available in Unix. - Explain what Java stack inspection is used for, and how it works. Discuss its limitations. - Explain and apply the Bell-LaPadula confidentiality model in the context of a multilevel security policy. Cryptography - Define basic cryptographic terms: plaintext, ciphertext, encode, decode, substitution, transposition, symmetric key, public key, one-time pad, hash. - Describe the architecture and mathematical basis of the symmetric key systems DES and AES. - Describe the architecture and mathematical basis for the public key system RSA. - Compare and contrast the domain of applicability, security, computational cost, and real-world adoption of DES, AES, and RSA.