1
Kingdom of Saudi Arabia ةيدوعسلا ةيبرعلا ةكلمملا Ministry of Education ميلعتلا ةرازو
Umm AlQura University ىرقلا مأ ةعماج
Adham University College مضأب ةيعماجلا ةيلكلا
Computer Science Department للآا بساحلا مسق
Second Semester of 2017/ 2018 Academic Year
Computer Security Systems Course, 6803532-3 -Exceptional HomeWork-
Last Delivery Date Tuesday, 08/08/1439 H – 24/04/2018
Question One: 3 Marks
Consider a hospital system for managing the hospital processes, a patient can register to the system through the national ID, can book an appointment and see analysis results, etc.
a. Give an example of a type of publication for which confidentiality of the stored data is the most important requirement.
b. Give an example of a type of publication in which data integrity is the most important requirement.
c. Give an example in which system availability is the most important requirement.
Question Two: 2 Marks
For each of the following assets, assign a low, moderate, or high impact level for the loss of confidentiality, availability, and integrity, respectively. Justify your answers.
a.A law-enforcement organization managing extremely sensitive investigative information.
b.A financial organization managing routine administrative information (not privacy-related information).
c. A Social media application, like twitter.
d. A University system for managing students’ registrations, schedules, results, etc.
Question Three: 1 Mark
Perhaps the simplest “serious” symmetric block encryption algorithm is the Tiny Encryption Algorithm (TEA). TEA operates on 64-bit blocks of plaintext using a 128-bit key. The plaintext is divided into two 32-bit blocks (L0, R0), and the key is divided into four 32-bit blocks (K0, K1, K2, K3).
Encryption involves repeated application of a pair of rounds, defined as follows for rounds i and i+1:
Li=Ri-1
Ri=Li-1 ⊞ F(Ri-1, K0, K1, i) Li+1=Ri
Ri+1=Li ⊞ F(Ri, K2, K3, i+1)
where F is defined as F(M, Kj, Kk, i) = ((M<<4) ⊞ Kj) ((M>>5) ⊞ Kk) (M⊞i)
and where the logical shift of x by y bits is denoted by x << y, the logical right shift of x by y bits is denoted by x >> y, and i is a sequence of predetermined constants.
(a) Comment on the significance and benefit of using the sequence of constants.
(b) Illustrate the operation of TEA using a block diagram or flow chart type of depiction.
2
Kingdom of Saudi Arabia ةيدوعسلا ةيبرعلا ةكلمملا Ministry of Education ميلعتلا ةرازو
Umm AlQura University ىرقلا مأ ةعماج
Adham University College مضأب ةيعماجلا ةيلكلا
Computer Science Department للآا بساحلا مسق
Question Four: 3 Marks
Consider a 32-bit hash function defined as the concatenation of two 16-bit functions:
XOR and RXOR, which are defined in Section 3.2 (See the book) as “two simple hash functions.”
a. Will this checksum detect all errors caused by an odd number of error bits? Explain.
b. Will this checksum detect all errors caused by an even number of error bits? If not, characterize the error patterns that will cause the checksum to fail.
c. Comment on the effectiveness of this function for use as a hash function for authentication.
Question Five: 1 Marks
Consider the following threats to Web security and describe how each is countered by a particular feature of SSL.
a. SYN Flooding: An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the “half-open connection” around for a few minutes. Repeated SYN messages can clog the TCP module.
Remember,“Success is 1% inspiration and 99% perspiration”
Do your Best 😉 T.Mariah Sami Ahmed Khayat Teacher Assistant @ Adam University College
