Security Review Assignment
This assignment is adapted from Cryptography Engineering, 2nd edition, by Ferguson, Schneier and Kohno (2010).
This exercise deals with developing your security mindset in the context of real products or systems. Your goal with the security reviews is to evaluate the potential security and privacy issues of new technologies, evaluate the severity of those issues, and discuss how to address those security and privacy issues. This review should reflect deeply on the technology that you’re discussing.
Your security review should contain:
Summary of the technology that you’re evaluating. You may choose to evaluate a specific product (like a recently introduced wireless implantable drug pump) or a class of products with some common goal (like the set of all implantable medical devices). This summary should be at a high level. Around one or two paragraphs in length. State the aspects of the technology that are relevant to your observations in the following bullets.
For this exercise, it is acceptable to make some assumptions about how the products work. However, if you do make assumptions about a product, then you should make it clear that you are doing so, and you should explicitly state what those assumptions are.
Being able to clearly summarize a product (even with explicitly stated assumptions) is very important. If you don’t understand the technology well enough to provide a crisp and clear summary, then you probably don’t understand the technology well enough to evaluate its security and privacy.
State at least two assets and, for each asset, a corresponding security goal. Explain why the security goals are important. You should produce around one or two sentences per asset/goal.
State at least two possible threats, where a threat is defined as an action by an adversary aimed at compromising an asset. Give an example adversary for each threat. You should have around one or two sentences per threat/adversary.
State at least two potential weaknesses. Again, justify your answer using one or two sentences per weakness. For the purposes of this exercise, you don’t need to fully verify whether these potential weaknesses are also actual weaknesses.
State potential defenses. Describe potential defenses that the system could use or might already be using to address the potential weaknesses you’ve identified in the previous bullet.
Evaluate the risk associated with the assets, threats, and potential weaknesses that you’ve described. Informally, how serious do you think these combinations of assets, threats, and potential weaknesses are?
Conclusions. Provide some thoughtful reflections on your answers above. Also discuss relevant “bigger picture” issues. (Ethics, likelihood the technology will evolve, and so on).
Some examples of past security reviews are online at https://cubist.cs.washington.edu/Security/category/security-reviews/
Having a hard time thinking of a topic?
Browse the past security reviews linked above for an idea of things in-scope (but don’t copy them!).
Some examples to get you thinking:
- all things Internet of Things related (you could choose something from one of these sets):
- smart cameras
- smart home products (thermostats, lights)
- the smart home as a whole
- self-driving cars and/or trucks
- smart embeddable implants (health devices)
- bitcoin / cryptocurrencies
- online banking
And many more (come up with something interesting!).
- Your written security review (Submit to the D2L dropbox)
- A brief powerpoint slide presentation, following the general outline of the security review (also submit to D2L dropbox). Be prepared to present (probably ~5 minutes, up to 10 minutes allowed) – a few lucky submissions will be selected to be presented to the class.