CS651 Computer Systems Security Foundations Assignment- University of Puerto Rico, Río Piedras
Part 1: Security Engineering
1 - Describe "Security Architecture" to a nontechnical person 3-4 sentences.
2 - How does an operating system architecture affect security?Provide a brief explanation and give 2 examples.
3 - What is "Data Execution Prevention?
4 - What is a microkernel and how does it differ from a monolithic kernel? Include an example of each type.
5 - What is a Common Criteria Protection Profile? Pick two that might be of use to YAP and explain why.
6 - Explain Kerckhoff's Principle and its importance.
7 - What is a keyspace and why is it important?
8 - Explain how "locks" can defeat a TOC/TOU attack
9 -Explain how Eve would create a Chosen-Plaintext Attack on Alice's messages to Bob and provide an example.
10 - Summarize the PKI with an example and explain how certificates help make it secure in ½ page.
11 - Compare the Clarke-Wilson and the Biba model in 5-6 sentences and give an example of how each works.
12 - Explain how a digital envelope works in 4-6 sentences.
14-Review the article "IaaS, PaaS, SaaS (Explained and Compared) and other sources, then define IaaS, SaaS, and PaaS in 2-3 sentences each (in your own words, of course).
15 - Decide which of these models (in the previous question) would work best for YAP and explain your logic in 4-5 sentences. (Remember, there is no "right" answer. There is, however, sensible logic)
16 - Address space layout randomization (ASLR) has been used for several years in Windows operating systems, but has not stopped attacks from succeeding. Explain why in ¼ page.
17 - In IEEE Xplore, read "Study on service-oriented security architecture" by Cheng et al. Explain the proposed architecture and why you agree (or disagree with the authors' premise their approach is scalable in 2-3 paragraphs in ½ page.
Part 2: Cryptography
1 - Explain Kerckhoff's Principle and its importance.
2 - What is a keyspace and why is it important?
3 - Explain the differences between End-to-End encryption and Link encryption in 4-6 sentences.
4 -Explain how Eve would create a Chosen-Plaintext Attack on Alice's messages to Bob and provide an example.
5 - Summarize the PKI with an exampleand explain how certificates help make it secure in ½ page.
6 - Invent a running key cipher of your own. Include the source of the key.
7- Explain how a digital envelope works in 4-6 sentences.
8 - Find an open source steganography tool and use it to encode a message, then decode it, preferably on a different machine. Identify the tool, where you found it, any problems you had with it, and your results.Include the picture in your answer.
9 - Read "Quantum Cryptography: A New Generation of InformationTechnology Security System" by Sharbaf(IEEExplore). Explain quantum cryptography in ½ page.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.