CSE P 564 Assignment 1: Security Reviews
Goal: The goal of this assignment is to:
- Give you practice in thinking like an adversary (including identifying attack targets and methods)
- Give you practice in thinking about how to defend against attacks
- Give you practice in thinking about the tradeoffs in computer security (since computer security decisions are risk management decisions)
Overview of requirements: Two Security Review (details below)
How to submit. Submit a single PDF to Catalyst (link on the main page). Include your name and UWNetID on each page of that PDF. Your task is to do two security reviews, but please put both reviews in a single PDF.
Due. 6pm, Jan 20, 2015.
Collaboration. You may discuss your security reviews with others before you write your security reviews.
However, if you discuss your security reviews with others before you write your security reviews, then (1) leave a thirty-minute (or greater) gap between those discussions and when you start to write your reviews and (2) write your security reviews entirely by yourselves.
You may also discuss your security reviews with others after all parties involved in the discussions have completed and submitted their security reviews.
Summary: you may discuss your security reviews with others, but your writeups are to be on your own.
The Task: Two Security Reviews
Your assignment is to do two security reviews.
For each security review, the task is to conceptually evaluate the potential security and privacy issues with a technology, evaluate the severity of those issues, and discuss how the technology might address those security and privacy issues. You will do this at the conceptual level, hence the emphasis on the words “conceptually” and “potential” above.
For your two security reviews, you may pick any two technologies that you wish. The two technologies should, however, be different. We suspect that you will find this exercise more interesting / educational if you pick new technologies -- i.e., technologies with security risks that have not already been discussed in the media or amongst practitioners.
Your security review should contain:
- Summary. Summary of the technology that you're evaluating. You may choose to evaluate a specific product (like the Miracle Foo) or a class of products with some common goal (like the set of all Miracle Foo-like devices). This summary should be at a high level, roughly 4- to 8- bullets in length (we prefer bullet lists, though if it is better for some reason, you can give your answer in paragraph form). In your summary, state the aspects of the technology that are relevant to your observations below. If you need to make assumptions about a product, then it is important that you state what those assumptions are. To elaborate on the latter, if you end up making assumptions about a product like the Miracle Foo, then you are not studying the Miracle Foo but something like the Miracle Foo, and you should make that clear in your review. (There's nothing wrong with evaluating something like the Miracle Foo, rather than the Miracle Foo itself -- recall that this is a conceptual exercise.)
- Assets and Security Goals. State at least two assets and, for each asset, a corresponding security goal. Explain why the security goals are important. You should produce around one or two sentences/bullets per asset/goal. (For readability, we appreciate bullet lists.)
- Threats. State at least two possible threats, where a threat is defined as an action by an adversary aimed at compromising an asset. Give an example adversary for each threat. You should have around one or two sentences/bullets per threat/adversary. (For readability, we appreciate bullet lists.)
- Potential Weaknesses. State at least two potential weaknesses. Justify your answer using one or two sentences/bullets per weakness. For the purposes of these security reviews, you don't need to fully verify whether these potential weaknesses are also actual weaknesses. (For readability, we appreciate bullet lists.)
- Potential Defenses. State potential defenses. Describe potential defenses that the system could use or might already be using to address the potential weaknesses you identified in the previous bullet. (For readability, we appreciate bullet lists.)
- Risks. Evaluate the risks associated with the assets, threats, and potential weaknesses that you describe. Informally, how serious do you think these combinations of assets, threats, and potential weaknesses are? (For readability, we appreciate bullet lists.)
- Conclusions. Provide some thoughtful reflections on your answers above. Would you make any recommendations to the product designers? To consumers? To legislators? To others?
- References. Provide a list of references, if any, to support your security review.
There are some examples of past security reviews here. (The requirements for these past security reviews may, however, be different than the requirements for this version of the course.)
Please try to be clear and concise. We envision around one to three typed pages per review.