Security Engineering

CIS221

Assignment 2

Yanqing Zhi 200114126

1. Imagine that Fred sees your RSA signature on m1 and m2, (i.e., he sees (m1d mod n) and (m2d mod n)). How does he compute the signature on each of m1j mod n (for positive integer j), m1-1 mod n, m1 x m2 mod n, and in general m1j m2k mod n (for arbitrary j and k)?
a) The signature on m1j mod n for any j positive integer can be computed by (m1d) j mod n = (m1j) d mod n which is what we wanted. b) The signature of m1-1 is (m1-1) d mod n = (m1-d) mod n = (m1d) n. c) The signature of m1*m2 is (m1*m2) d mod n = ((m1) d mod n) *(m2d mod n) mod n, which can be computed. d) We know that if j=0. So, we can compute the signature of m1j by computing the signature of m1-j First, use (a) and then compute the signature of m1j from m1j using (b). Similarly, we can computer the signature of m2k for any k. Since we can computer the signature of m1 j and m2k, we can apply (c) to compute the signature of the product.
-1

mod

2. Choose one of your favorite operating systems (e.g. Windows 98/2000/XP or UNIX) and compare its security policy with the Clark-Wilson model. Does its security mechanism satisfy Clark-Wilson axioms?
Windows security policy: Local security policy (researched from Google)

The local security policy of a system is a set of information about the security of a local computer. The local security policy information includes the following: The domains trusted to authenticate logon attempts. Which user accounts may access the system and how. For example, interactively, through a network, or as a service. The rights and privileges assigned to accounts. The security auditing policy.

Clark-Wilson Model Rules (researched from Wikipedia) The model consists of two sets of rules: Certification Rules (C) and Enforcement Rules (E). The nine rules ensure the external and internal integrity of the data items. To paraphrase these: C1When an IVP is executed; it must ensure the CDIs are valid. C2For some associated set of CDIs, a TP must transform those CDIs from one valid state to another. Since we must make sure that these TPs are certified to operate on a particular CDI, we must have E1 and E2. E1System must maintain a list of certified relations and ensure only TPs certified to run on a CDI change that CDI. E2System must associate a user with each TP and set of CDIs. The TP may access the CDI on behalf of the user if it is legal. This requires keeping track of triples (user, TP, {CDIs}) called allowed relations. C3Allowed relations must meet the requirements of separation of duty. We need authentication to keep track of this. E3System must authenticate every user attempting a TP. Note that this is per TP request, not per login. For security purposes, a log should be kept. C4All TPs must append to a log enough information to reconstruct the operation. When information enters the system it need not be trusted or constrained (i.e. can be a UDI). We must deal with this appropriately. C5Any TP that takes a UDI as input may only perform valid transactions for all possible values of the UDI. The TP will either accept (convert to CDI) or reject the UDI.

Finally, to prevent people from gaining access by changing qualifications of a TP: E4Only the certifier of a TP may change the list of entities associated with that TP. So the local security policy satisfies Clark-Wilson axioms.