ICS: Written Homework: Rational Paranoia

Go up to the ICS HW page (md) | view tabbed version

Overview

This assignment will focus on analyzing security in three different scenarios; two of which you choose from the list below, and one of which you create yourself. The deliverable is a typed PDF document. You will need to be familiar with the Security Mindset slide set.

You will want to see the homeworks policies page (md) for formatting and other details. The due dates are listed on the Canvas landing page.

Changelog

Any changes to this page will be put here for easy reference. Typo fixes and minor clarifications are not listed here. So far there aren’t any significant changes to report.

Assignment

For each of the three total scenarios (two from our list, one of your own, as explained below), imagine that you are in charge of security. Apply the security mindset, discussed in the security mindset slide set, to answer these questions:

Answer each of the above in the form of a bulleted list, with brief justifications or explanations as necessary. State any critical assumptions you decide to make. Your grade will be based on the thoroughness, realism, and thoughtfulness of your analysis. We are more interested in quality than quantity. But if you want a length estimate, then one or two sentences for each “brief_explanation”, below, is reasonable. That being said, as long as you are being concise and not adding in fluff (see here (md) for a definition of fluff), they can be longer.

Pick two of the following scenarios.

In addition, come up with another scenario from everyday life that we have not discussed in class. Your choice can be directly related to computer security, but it does not have to be.

Submission Template

Obviously reformat this in your word processor of choice. The file to be submitted MUST BE A PDF DOCUMENT. Please name it paranoia.pdf. The page must be exactly three pages long, and each case must be on a separate page. The case that you come up with must be on page three. This is all to facilitate grading – the document is going to be split by pages, and each page will be graded separately.

1. (name_of_example)

[Assumptions: explain_assumptions]

Assets:
- Asset X: brief_explanation
- Asset Y: brief_explanation
- ...

Threats:
- Threat X: brief_explanation
- Threat Y: brief_explanation
- ...

Countermeasures:
- Countermeasure X: brief_justification
- Countermeasure Y: brief_justification
- ...

----

2. (name_of_example)

...

----

3. Original Scenario

explain_your_scenario

Assets:
...
Threats:
...
Countermeasures:
...

File to submit

Submit the above as a PDF document, named paranoia.pdf. Make sure you follow the formatting guidelines mentioned above! In particular, each case should be on its own page, and the document should be exactly three pages long.

The submission is via Gradescope.