Outline for January 22, 2002
Greetings and Felicitations!
Puzzle of the day
RISOS
Incomplete parameter validation
Inconsistent parameter validation
Implicit sharing of privileged/confidential data
Asynchronous validation/Inadequate serialization
Inadequate identification/authentication/authorization
Violable prohibition/limit
Exploitable logic error
Comparison and Problems
Levels of abstraction
Point of view
Penetration Studies
Why? Why not direct analysis?
Effectiveness
Interpretation
Flaw Hypothesis Methodology
System analysis
Hypothesis generation
Hypothesis testing
Generalization
System Analysis
Learn everything you can about the system
Learn everything you can about operational procedures
Compare to models like PA, RISOS
Hypothesis Generation
Study the system, look for inconsistencies in interfaces
Compare to previous systems
Compare to models like PA, RISOS
Hypothesis testing
Look at system code, see if it would work (live experiment may be unneeded)
If live experiment needed, observe usual protocols
Generalization
See if other programs, interfaces, or subjects/objects suffer from the same problem
See if this suggests a more generic type of flaw
Peeling the Onion
You know very little (not even phone numbers or IP addresses)
You know the phone number/IP address of system, but nothing else
You have an unprivileged (guest) account on the system.
You have an account with limited privileges.
ECS 153, Introduction to Computer Security
Winter Quarter 2002
Email:
[email protected]