Assignment 2

1. We are exploring the possibility of an on-line final exam for CSC4291.  Please describe
some of the security issues that this raises.  Your task is not to come up with a security design
for such an exam, but to enumerate issues that would need to be explored in order to come
up with the requirements and design.  Think in terms of the terminology and concepts we
introduced in the first two lectures.
Your write up should be approximately one page typeset. Not more than one page.

Answer: Confidentiality of examination questions, answers; Access Control Policies,

Authentication and Identity Verification; Authenticity verification of questions, answers, and
the server; System protection from malware attacks; Availability issues; Cost-benefit analysis.

2. Consider the following access control system

Subject = {KP, UP1, UP2}

Objects = {file1}
rights = {own, create, delete, read, update, execute}

Instantiation of rights: Adding a given right more than once for a given (subject, object) pair is
idempotent.
A process (subject) can create an object if and only if there is a "create" right in a[process,
process].
The initial ACM (access control matrix) A is:
Show how ACLs and C-Lists are derived from an access control matrix given below

SOLUTION:
file1 KP UP1 UP2
(Kernel Process) (User Process 1) (User Process 2)

KP create, own, delete, create, own, delete, create, delete,

execute, read, execute, read, execute, read,
update update update
UP1 create, own, create, own, delete,
delete, execute, read,
read, update update

UP2 delete,
execute, read,
update
Command Create_Object(process, file)
    create object file;
    enter own into a[process, file];
    enter delete into a[process, file];
    enter read into a[process, file];
    enter update into a[process, file];
end

(b) Write ACM program using HRU syntax with mono-condition that allows  a user process to
delete a file that is owned by the same process.

Solution sketch:

Command Destroy_file(file)
if file in Objects
then
    destroy object file;
end
 
3. Explain the vulnerabilities and suggested mitigations associated with wireless
networking.       ( you are required to select a recent paper (within the last five years) related
with this topic

Security vulnerabilities and risks of smart cities

There are two key security risks with respect to the emergence of smart cities. The first is the
security of newly installed ‘intelligent’ technologies and ‘smart’ upgrades to existing
infrastructures and systems and the extent to which these are vulnerable to being hacked. The
second is the security of the data generated, stored and shared across such technologies and
infrastructures. The latter is directly related to the former as improper access to data is often
achieved via security weaknesses in a system’s components, architecture and operation. The
first of these is weak software security and data encryption. In typical large systems being
deployed in cities there are millions of lines of code that produces thousands of potential zero-
day exploits (as yet unknown security vulnerabilities) for network viruses, malware and directed
hacks.
 The second area of vulnerability is due to the use of insecure legacy systems and poor
maintenance. Many smart city technologies are layered onto much older infrastructure
that relies on software and technology created 20 or 30 years ago, which has not been
upgraded.
 The third vulnerability is that smart city systems are typically large, complex and diverse,
with many interdependencies and large and complex attack surfaces. Such complexity
means it can be difficult to know what and how all the components are exposed, to
measure and mitigate risks, and to ensure end-to-end security. The interdependencies
between smart city technologies and systems have the potential to create cascade
 effects, wherein ‘highly interconnected entities rapidly transmit adverse consequences
to each other’.
 Finally, there are multiple vulnerabilities arising from human error and deliberate
malfeasance of disgruntled employees. Technical exploits can be significantly aided by
human error, for example, employees opening phishing emails and installing viruses or 7
malwares, or naively inserting infected data sticks into computers. In other cases,
appropriate security software is not installed or is configured incorrectly, or
manufacturer installed codes are not changed or system security is not kept up to-date.
There are weaknesses in software system designs such that they can be easily and
surreptitiously sabotaged by disgruntled present and ex-employees.
These vulnerabilities are exacerbated by a number of factors in relation to urban
management. Cities and local council are under increasing pressure for year-on-year
‘efficiency’ savings. This affects security in three ways.
 First, there is long-term underinvestment in infrastructure maintenance and an over-
reliance on legacy systems.
 Second, depression of salaries in most public sector organizations make it more
difficult to recruit and retain skilled and motivated IT staff to properly implement
and maintain smart city technologies. Crucial IT maintenance increasingly uses self-
employed contractors and outsourced services, on the one hand deskilling core
capacities and eroding institutional memory in the public sector, and on the other
creating distributed accountability with a fractured set of bodies (with contracted
services, service-level agreements, multi-agencies teams, remote helpdesks)
overseeing security, which often leads to a lack of continuity, coordination and
responsibility.
 Third, there is a lack of investment in dedicated cybersecurity personnel and
leadership (in the form of Chief Information Officer or Chief Technology Officer) and
Computer Emergency Response Teams (CERTs) in city governments Cybersecurity
expertise is usually limited to a handful of personnel and training across the wider
workforce is limited or non-existent (increasing the likelihood of human error).

Conventional mitigation solutions

It is clear that smart city technologies currently being deployed have multiple vulnerabilities
and that these will be exploited for various ends. Smart city technologies typically present large
attack surfaces that expose a number of potential vulnerabilities, especially in control systems
that contain legacy components using old software which has not been regularly patched.
 The typical approach to securing smart city systems has been to utilize a suite of well-
known technical solutions and software security approaches to try and prevent access
and to enable restoration if a compromise occurs. For example, the use of access
controls (username/password, two-stage authentication, biometric identifiers), properly
maintained firewalls, virus and malware checkers, end-to-end strong encryption, , and
procedures to ensure routine software patching and ability to respond with urgent
updates to close exploits as they occur, audit trails of usage and change logs, and
effective offsite backups and emergency recovery plans. Using these techniques, the aim
is to reduce the attack surface as much as possible and to make the surface that is
 visible as robust and resilient as possible; and quickly recoverable in case of failure.
However, the extent to which this suite of protections is available varies across
technologies and vendors; and the application across different institutions and
companies is also inconsistent. Moreover, in complex, distributed systems with many 14
components these solutions need to work equally across the complete system since the
whole infrastructure/enterprise is only as strong as the weakest link. Further, it is often
the case that these kinds of solutions are layered on after a system has been developed
rather than being ‘baked-into’ the design. These technical solutions are often bolstered
by vigilant IT staff whose job it is to oversee the day-to-day maintenance of these
systems, including monitoring security issues and reacting swiftly to new cyberattacks
and breaches. In addition, non-IT-staff across an organization can be trained to maintain
good practices with respect to security, such as changing default and adopting stronger
passwords, routinely updating software, encrypting files, and avoiding phishing attacks.
However, training is often conducted only once and ongoing staff compliance with best
practice is not monitored.
http://mural.maynoothuniversity.ie/9232/1/RK-Insecurity-2017.pdf
 
 
4. Data Breaches: the New Normal
Once rare, the phenomena of major data breaches and data theft in government and private
sector organizations now happens on an almost weekly, if not daily basis. The Identify Theft
Resource Center identified 783 unique cases of data theft in 2014: compared to the statistics
from 2013 these figures indicate a 25% increase in the amount of breaches from one year to
the next. The data exfiltrated from these breaches includes intellectual property, financial
and personal information. While the theft of this data can damage the finances and
reputation of an organization, it also has a collateral impact among the individuals who have
their data stolen.
 
This assignment will ask you to identify, investigate and research a data breach and write a
brief report about it. To do so you need to answer a number of questions:

What organization was affected?

 Canva (Australian graphic design tool website)

What kind of data/information was stolen?

 Email addresses, usernames, names, cities of residence, and salted and hashed with
passwords

Is there an explanation, or any theories about how this information was stolen?
  Malicious individuals gained access to the encrypted password data and made that
information available on the internet. In that time, it appears that they have been using
their resources to try and crack those passwords.

Is there information and/or theories about who stole this data, or what their motivations
may have been?

 No such details

What kind of privacy impact does the stolen data have for individuals who trusted this
organization with information?

How did the organization respond to the data breach?

 The organization contacted ZDNet to boast about the incident, saying that Canva had
detected their attack and closed their data breach server. 

How has this organization responded to the data breach?

 The company confirmed the incident and subsequently notified users, prompted
them to change passwords, and reset OAuth tokens.

Are there examples of individuals who have experienced negative effects (consequences)
from having their data stolen?

 The first response was to lock down Canva, then notify authorities and users that the
breach had occurred. Because the intruder was interrupted mid-attack, they also took a
different tactic to most security incidents and tweeted about the attack, which required
a rapid communication response.

What are some prevailing opinions presented in the media regarding the organization
affected, the data stolen and the individual?
 
 Affected users will be required to set a new password to continue using Canva. Please
note that if your password has been reset, it does not mean that your account has been
accessed by attackers. We are taking this precaution to protect your Canva account.

Follow our password guidelines here. Once again, we suggest you:

 Create hard to guess passwords with a combination of letters (upper and lower case,
numbers and special characters).
 Use a password manager to manage all your Internet passwords.

 Make sure you use a safe and secure password that has not been used on other sites
or accounts before.