('Dawn Song', 'Midterm 1', '(solution)') Spring 2012

What security principle does this design violate

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: equires root privileges, ping is a setuid binary that elevates to root as soon as it starts, and then sends the ICMP packets, receives the response and shows the output. What security principle does this design violate? ◦ ◦ ◦ ◦ Confinement Principle Complete Mediation Principle of Least Privilege Low Coupling Design Answer: Principle of Least Privilege. Only sending the packet requires root privilege: the code that parses the response and shows the output doesn’t need to run as root. (d) (2 points) Which one of the following mechanisms is NOT an integral component required for Android application isolation?(circle one) ◦ ◦ ◦ ◦ Application code signing Android permission system Linux users Linux process isolation Answer: Android permission system Page 8 4. (8 points) Trusted Computing (a) (1 point) How is a TPM implemented? (circle one) ◦ ◦ ◦ ◦ ◦ Entirely in software. In the BIOS firmware. As a hardware component in the system. Using the SKINIT x86 instruction. As a cloud service. Answer: As a hardware component in the system. (b) (1 point) Suppose that BIOS code is updated by a firmware update. How would the system enable access to blobs previously sealed to the current BIOS version? (circle one) ◦ ◦ ◦ ◦ It is not possible to patch the BIOS in this architecture. The patch process must re-seal all blobs with new PCR values. All blobs must be decrypted and stored in cleartext. The TPM will decrypt old blobs even after the update. Answer: The patch process must re-seal all blobs with new PCR values. (c) (1 point) In BitLocker, what is the purpose of the boot-time PIN or USB key? (circle one) ◦ To annoy the user. ◦ So that if the machine is stolen, the attacker cannot decrypt the disk. ◦ So that malware cannot change the OS loader. ◦ To prevent moving the disk to another machine. Answer: So that if the machine is stolen, the attacker cannot decrypt the disk. (d) (1 point) A TPM can be used to speed up hard drive encryption (e.g., in BitLocker). ◦ True ◦ False Answer: False. It i...
View Full Document

This document was uploaded on 02/23/2014.

Ask a homework question - tutors are online