CS 42600: Computer Security

Assignment 5: Network Security, Database Security, Assurance, Legal & Ethical

Due 11:59pmEDT, 25 April, 2019

Please turn in a PDF through Gradescope (this link works if you are logged in to Blackboard.) The answer to each question should begin on a new page. Gradescope is pretty self-explanatory, but if you'd like you can watch the ITaP video instructions. Make sure that you mark the start/end of each question in Gradescope. Assignments will be graded based on what you mark as the start/end of each question. Expect this to be enforced starting with this assignment. Please typeset your answers (You won't be doing handwritten responses during a Google phone interview, why would you do so for class?)

Questions 1 and 3 below are designed to give you experience in working with primary sources, rather than the refined/simplified/clarified view that is typically seen in textbooks (or lecture notes.) In the real world, you'll often be asked to address issues before such clarified explanations exist.

1. Common Criteria

You are developing a Learning Management System (LMS) (e.g., Blackboard or Piazza) that is to be evaluated using Common Criteria. One part of this is a course evaluation module; the hope is that making this part of the LMS will give higher response rates than the current evaluations. This evaluation should be completely anonymous: the instructor should not even be able to determine if an evaluation comment comes from the same student as a previous anonymous post. However, only students should be able to submit course evaluations, and each student should be able to submit only one.

1. Will this require authentication? Develop a Common Criteria functional requirement (selection of options) from Section 12.4 that captures what you think are appropriate authentication requirements for this system. Note that you should do this even if you say this does not require authentication - Section 12.4 includes options of stating explicitly that for some operations, no authentication is required.
2. Show how you can use Common Criteria functional requirements to capture the requirement that a course evaluation cannot be traced to any other action of the submitting user.
3. Can these requirements apply to everything in the LMS, or do they only apply to the course evaluation? Explain briefly, perhaps giving an example of how these do or don't apply to other parts of an LMS.

2. Formal Evaluation

The Harrison-Rizo-Ullman access control matrix model can be used for formal evaluation. In particular, Question 10 on the second midterm captures a portion of a formal evaluation of a system satisfying the Bell-LaPadula model. Explain briefly (1-2 paragraphs) what would need to be done to extend the solution to Question 10 to a formal evaluation.

3. Legal security requirements

We discussed what constitutes a breach under Indiana's Breach Disclosure Law. While this taks about what must be protected, it doesn't say how data must be protected. Identify two sections in the Indiana breach disclosure law that discuss security requirements on how data must be protected. For each, give the section number (e.g., IC 24-4.9-2-10(a)(2)), and a one sentence description of why you think this section discusses how data must be protected.