CS 4235 - Summer 2007
Introduction to Information Security
Home | Syllabus | Schedule | Homework | Critiques | Project | Groups | Links
Homework 5
Dates
- Homework assigned: June 28, 2007
- Homework due: July 10, 2007
Assignment
Each question suggests a recommended answer length. This is just a guideline, but please keep your answers short, while still addressing the question fully. Be sure to fully read each question and answer each part of the question in order to get full credit for your answers.
All answers must be typed and printed. The hard copy with your answers must be turned in at the start of class on the due date.
Be sure to put your name and GTID on the top of every page of your assignment. Multiple pages should be stapled together.
This homework assignment must be done individually, it is not a group work assignment.
(1) Describe at least three characteristics of networks that make them vulnerable to attack. [1 paragraph]
(2) What is a 'man in the middle' attack? How can we prevent such attacks? [1 paragraph]
(3) The HTTP protocol is by definition stateless, meaning that is has no mechanism for "remembering" data from one interaction to the next. For example, you may send the user a page of books and prices matching a user's query, and you want to avoid having to look up the price of each book again once the user chooses one to purchase. Suggest a means by which you can preserve state between two HTTP calls. What are some security implications of your system? [2 paragraphs]
(4) What is Public Key Infrastructure (PKI)? Discuss some of the difficulties in implementing PKI? Why do you think PKI is not more widely deployed today? [3 paragraphs]