1. There are three (3) questions on this exam, each of equal value.
2. Answer all three (3) of these questions.
3. Each question must be answered in your own words. However, when you use the words of others in any answers, you must use quotation marks and attribute the source right there following APA style recommendations. Also be sure to cite references right there using APA style when you paraphrase the words of others.
4. This is an open-book individual examination. You may use any resources in addition to the textbook, such as other books, articles, and the Web. All questions require research beyond the text, lecture notes, and conferences. You must, however, do your own work and you may not collaborate with your classmates.
5. Do not post questions about this exam in any of the class forums. If you have a question about the exam e-mail your instructor directly and he will decide whether the entire class needs to be advised the issue or question.
6. Adequate answers for the entire examination should run approximately ten (10 -12) double-spaced pages (not much more) with one-inch margins and 12-point font.
7. You must provide a separate bibliography for each question following APA style recommendations. The bibliography for each question is outside the scope of the 10 -12 double-spaced pages and should be placed at the end of each question.
8. Answers will be evaluated on the following criteria: key content, logical flow, clarity, spelling, grammar, and proper citations/bibliography.
PLEASE SEE BELOW FOR THE EXAM QUESTIONS
EXAM QUESTIONS
Question 1
Pick a life cycle development model discussed in our Bishop textbook (2003, Chap. 18). Describe and analyze the pros and cons of how useful it is for development of secure and trusted products for use in the two (2) scenarios described below in a, and b, each of which briefly describe differing target environments. When answering the question assume use of the methodology is mandatory.
The two (2) scenarios are:
a. The system to be developed is intended to be operational in a large enterprise environment and the system itself when fully developed will be of a size typically found in large enterprise deployments such as DOD, large banks or similar sized operations where integration and deployment includes use in a networked environment.
b. The system to be developed is intended to be operational in a midmarket sized firm which has branches located countrywide. Familiar examples might include a fast food chain of outlets such as Burger King, a nationwide clothing store or similar set of replicated stores where integration and deployment includes use in a networked environment.
Question 2
This question is based on Exercise 1 in Chapter 21 of our Bishop textbook (2003, p. 609). Exercise 1 states:
"The issue of binding assurance requirements to functional requirements versus treating them as mutually exclusive sets has been debated over the years."
A. Explain the relevance of this issue to formal evaluation methods in general.
B. In the context of the Common Criteria (CC) methodology analyze the benefits and drawbacks of binding assurance requirements to functional requirements and vice-versa.
C. For the CC methodology which is preferable and why?
Question 3
This question is about Trusted Systems
This is a hyperlink to a paper in PDF entitled: "Enabling Trusted Scheduling in Embedded Systems" by Masti, Marforio, Ranganathan, Francillon, & Capkun (2012).
The paper was published in the proceedings of the 2012 Annual Computer Security Applications Conference (ACSAC), December 3 - 7, 2012, Orlando, Florida.
This next hyperlink is to a paper in PDF entitled: "Cloud Terminal: Secure Access to Sensitive Applications from Untrusted Systems" by Martignoni, Poosankam, Zaharia, Han, McCamant, etal. (2012)
This paper was published in the Proceedings of the 2012 USENIX Annual Technical Conference (USENIX ATC '12), June 13-15, 2012, Boston, Massachusetts
You will see by the dates of the above two conferences that these two papers are representative of very recent contemporary research taking place in the field of Information Communications Technology Security and Trusted Systems.
For this question:
a. You are to choose one of the above two papers (not both) and analyze: the problem being addressed; the approach taken to arrive at a solution(s), as well as the results to date along with a discussion of anticipated results as we move into the future.
b. Explain what the impact of this research will have on the future of Formal Verification of trusted operating systems and trusted software in general. Provide at least two examples of aspects or areas where we may see improvements in system trust in general.
Please frame your claims in logical argumentations and referenced research results using the text and credible outside sources.