Description
[100 points] Problem Set 1. [20 points] 15.1 Buffer-overflow attacks can be avoided by adopting a better programming methodology or by using special hardware support. Discuss these solutions. 2. [20 points] 15.2 A password may become known to other users in a variety of ways. Is there a simple method for detecting that such an event has occurred? Explain your answer. 3. [20 points] 15.4 The list of all passwords is kept within the operating system. Thus, if a user manages to read this list, password protection is no longer provided. Suggest a scheme that will avoid this problem. (Hint: Use different internal and external representations.) 4. [20 points] 15.11 What commonly used computer programs are prone to man-in-themiddle attacks? Discuss solutions for preventing this form of attack. 5. [20 points] 15.12 Compare symmetric and asymmetric encryption schemes, and discuss the circumstances under which a distributed system would use one or the other.
