David Clark Reading correct answers DARPA (TCP/IP) internet protocols, history of reasoning behind protocols.
J.H. Saltzer, D.P. Reed and D.D. Clark Reading correct answers End-to-end arguments
How should specific functionality (e.g., email or web browsing) be built into a general- purpose sy...
CPSC 310 Midterm || with 100% Accurate Solutions.
David Clark Reading correct answers DARPA (TCP/IP) internet protocols, history of reasoning
behind protocols.
J.H. Saltzer, D.P. Reed and D.D. Clark Reading correct answers End-to-end arguments
How should specific functionality (e.g., email or web browsing) be built into a general- purpose
system (e.g., a communication network)?
The function in question can completely and correctly be implemented only with the knowledge
and help of the application standing at the endpoints of the communications system. Therefore,
providing that questioned function as a feature of the communications systems itself is not
possible.
Marjory S. Blumenthal and David D. Clark Reading correct answers There is a risk that the
range of new requirements now emerging could have the consequence of compromising the
Internet's original design principles (end-to-end arguments).
Matt Bishop Reading correct answers CIA trifecta for cybersecurity
Confidentiality: Only authorized parties can access a resource.
Integrity: Modification of resources can be detected.
Availability: All authorized parties can access resources when and where they are needed.
Ray Ozzie Proposal for LEA correct answers 1. Phone manufacturers generate crypto key pair
and would install public key on every device and keep private key in ultra-secure storage vault
2. Public key on phone would be used to encrypt the PIN users set to unlock their devices. This
encrypted PIN would be stored on the device.
3. "Exceptional access" justified: LE officials would obtain a warrant, and then place the device
into recovery mode which 1) displays encrypted PIN 2) bricks phone which prevents it from
being used or for data to be erased
4. LE officials send the encrypted pin to manufacturer, and once confirming valid warrant they
use private key to decrypt the PIN and provide it to LE officials.
Keeps manufacturers responsible to cooperate with LE officials. Cannot be used for ongoing
surveillance because the phone becomes bricked.
Matthew Green Reading on "Clear" correct answers Discusses Ray Ozzie's escrow proposal
called "Clear." Key vault is tough because it can become targeted by criminals. Ozzie's proposal
relies fundamentally on the ability of manufacturers to secure extremely valuable key material
for a massive number of devices against the strongest and most resourceful attackers on the
planet.
Argues that key escrow model is not foolproof.
, Matthew Green Reading on CSAM / End-To-End Encryption correct answers Bill Barr
requesting routine, automated scanning systems for CSAM, and claiming there can be
preservation of end-to-end encryption while still allowing for automated scanning
Explores automated CSAM detection techniques like PhotoDNA, Google's approach, etc. Talks
about option for pushing image scanning software onto each device.
Discusses secure multi-party computation, where two parties have a secret and detection
algorithm reports True/False.
PhotoDNA correct answers Made by Microsoft and Dr. Hany Farid
Specialized "hashing" algorithm
Can only detect CSAI images that are already in NCMEC database
James Q. Whitman Reading correct answers Two Different Cultures of Privacy
The gap: nudity, salary, names for babies, wiretapping, credit scoring.
Dignity vs. Liberty:
- Dignity - rights to one's image, name, reputation, and the right to informational self-
determination (media, and today's big-tech). Control of public image.
- Liberty - the right to freedom from intrusions by the state, especially in one's own home (the
government).
"American protections become progressively weaker the further the affected person is from
home."
Harold Abelson Reading correct answers Argues against law enforcement exceptional access
requirements
- Would force Internet system developers to reverse "forward secrecy" design practices that seek
to minimize the impact on user privacy when systems are breached
- New law enforcement requirements are likely to introduce unanticipated, hard to detect security
flaws
- Prospect of globally deployed exceptional access systems raises difficult problems about how
such an environment would be governed and how to ensure that such systems would respect
human rights and the rule of law
Joan Feigenbaum Reading on LEA correct answers Discusses LEA debate and arguments for
and against it
Says that LEA is unpersuasive at this time
Stefan Savage Reading correct answers Access to system-encrypted data via court-ordered
device unlocking
Does not include:
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller FullyFocus. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.79. You're not tied to anything after your purchase.