Software Security CSG 379/ Karl Lieberherr ============================================ Due date: September 20, 2004 The home directory of the course is: http://www.ccs.neu.edu/home/lieber/courses/csg379/f04/ All paths in this hw are with respect to this directory. f04.html is the course home page. Reading assignment: Read on the average 3 chapters per week from the text book. In 6 weeks you should be done. Disclaimer: If one of the homeworks takes too much time, only complete what you can do in a reasnoable amount of time. The rest of the work you can do in the following week. Part 1: Trusting Source Code -------------------- Write a self-reproducing Java program. Read the paper: Reflections on Trusting Trust by Ken Thompson. www.acm.org/classics/sep95 Turing Award lecture. See also page 309 of the text book. Explain why it is possible to construct a compiler with a Trojan horse that persists although it is not visible in the source code. Turn in your Java program and its output and your explanation. Part 2: Modularize the Logging Concern ------------------------------ Instrument the Java program from Part 1 so that it prints the names and arguments of all method calls that happen during the execution of your program, including the calls in the Java libraries that you use. Your instrumentation code must be separate from the program from Part 1. Writing good logging code is an important consideration in secure software. For example, don't put unencoded passwords into the log file and make sure that the log file cannot be erased by an intruder. Clean separation of the logging behavior is a first step in the right direction. See in textbook: page 19: Traceability and Auditing page 20: monitoring Hint: Can you do it with AspectJ (Eclipse project). See: CCS_AspectJ_Usage.html Turn in your logging code and the output it produces for Part 1. Part 3: Role-based Access Control ------------------------- Read the paper: Secure UML: A UML-Based Modeling Language for Model-Driven Security by Lodderstedt, Basin and Doser. /hw/1/secuml_uml2002.pdf @string{lncs = "Springer Verlag, Lecture Notes in Computer Science"} @inproceedings{secure-uml:basin, author="Torsten Lodderstedt and David Basin and Juergen Doser", title="SecureUML: A UML-Based Modelling Language for Model-Driven Security", BOOKTITLE = "UML 2002", year=2002, series=lncs, pages="426--441", number=2460} Design a grammar (preferrably in BNF or EBNF) for the extended role-based access control mechanism they use in the paper. It is not important that your grammar cover the detailed concrete syntax but the relevant abstract syntax. If you want to you can design an XML schema or DTD. Use the EBNF grammar formalism. ==================== Where to turn in: csg379-grader AT ccs.neu.edu Questions to the same address: it reaches both Robbie and me.