In what situations may the bounds be particularly imprecise? What can be done to construct tighter bounds for the system throughput? (a) Windows implements static inheritance for the access-control lists of NTFS files and folders. (i) What does static inheritance mean here and how does it differ from dynamic inheritance? [4 marks] (ii) Five flag bits (ci,oi,np,io,i) in each NTFS access-control entry (ACE) manage how it is inherited. Briefly describe the purpose of each bit. [5 marks] (iii) User mike gives his folder project the following access-control list: project AllowAccess mike: full-access (oi,ci) AllowAccess alice: read-execute (ci,np) AllowAccess bob: read-only (oi) It contains one folder and two text files, none of which have any noninherited access-control entries: project\doc.txt project\src project\src\main.c For each of these three objects, list all inherited access-control entries, showing in parentheses the inheritance-control flag bits that are set (using the same notation as above). [5 marks] (b) Describe the purpose and four typical functions of a root kit. (a) What bugs exist in the code and how can they be rectified? [10 marks] (b) SystemVerilog synthesis tools use a Boolean optimiser to simplify the implementation logic. (i) Why are don't care terms useful for Boolean optimisation? [3 marks] (ii) How could the SystemVerilog be modified to introduce don't care terms for unreachable states above 9? [3 marks] (ii) F2 is the set A, B C E B D, E A [2 marks] (iii) F3 is the set A, B C D, E C A D [4 marks] (b) We are given a relational schema R(Z, W, Y). Suppose that in some (correct) instance of R the query (Z,W(R) Z, R is not empty. What can we conclude about the functional dependency Z W? Explain your answer. [4 marks] (c) In the process of using functional dependencies to normalise a schema, what is meant by a lossless join decomposition and how is such a decomposition guaranteed? [4 marks] (d) In schema normalisation, is Boyce-Codd Normal Form (BCNF) always to be preferred over 3rd Normal Form (3NF)? Explain your answer. [4 marks] 7 (TURN OVER) CST.2014.4.8 7 Economics, Law and Ethics (a) Describe the provisions of the Data Protection Act. [8 marks] (b) You are designing and are about to launch a mobile phone app which will seek to understand the emotional condition of the user, using multiple inputs such as motion sensing, facial expression recognition, voice stress measurement and the analysis of entered text. Its declared purpose is to enable services to interact more empathically with users. You propose to monetize it by serving ads at times when the user is more likely to buy. Your "backers" have raised a concern that this app will be able to diagnose depression, and that in consequence you may be storing substantial amounts of sensitive personal information. Discuss this problem from the viewpoints of both data protection law and ethics. [12 marks] 8 CST.2014.4.9 8 Security I (a) Windows implements static inheritance for the access-control lists of NTFS files and folders. (i) What does static inheritance mean here and how does it differ from dynamic inheritance? [4 marks] (ii) Five flag bits (ci,oi,np,io,i) in each NTFS access-control entry (ACE) manage how it is inherited. Briefly describe the purpose of each bit. [5 marks] (iii) User mike gives his folder project the following access-control list: project AllowAccess mike: full-access (oi,ci) AllowAccess alice: read-execute (ci,np) AllowAccess bob: read-only (oi) It contains one folder and two text files, none of which have any noninherited access-control entries: project\doc.txt project\src project\src\main.c For each of these three objects, list all inherited access-control entries, showing in parentheses the inheritance-control flag bits that are set (using the same notation as above). [5 marks] (b) Describe the purpose and four typical functions of a root kit. [6 marks] 9 (TURN OVER) CST.2014.4.10 9 Security I Block ciphers usually process 64 or 128-bit blocks at a time. To illustrate how their modes of operation work, we can use instead a pseudo-random permutation that operates on the 26 letters of the English alphabet: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 m A B C D E F G H I J K L M N O P Q R S T U V W X Y Z EK(m) P K X C Y W R S E J U D G O Z A T N M V F H L I B Q As the XOR operation is not defined on the set {A, . . . , Z}, we replace it here during encryption with modulo-26 addition (e.g., C D = F and Y C = A). (a) Encrypt the plaintext "TRIPOS" using: (i) electronic codebook mode; [2 marks] (ii) cipher-block chaining (using IV c0 = K); [4 marks] (iii) output feedback mode (using IV c0 = K). [4 marks] (b) Decrypt the ciphertext "BSASMILVO" using cipher-block chaining. What operation should replace XOR? [4 marks] (c) Your opponent is allowed to send you two plaintext messages M0 and M1, each n letters long. You now pick a new private key K, resulting in a new pseudo-random permutation EK : {A, . . . , Z} {A, . . . , Z}. You also pick uniformly at random a private bit b {0, 1} and return a ciphertext C = c0c1 . . . cn, namely the message Mb encrypted with cipher-block chaining using the fresh EK. Finally, your opponent has to guess your bit b. Approximately how large must n be at least for your opponent to have a greater than 75% chance of guessing b correctly? Outline a strategy that your opponent can use to achieve this. For decimal input 1, 2, 3, 5, 7, 11 and 13, the output S is to be at logic 1, and it is to be at logic 0 otherwise. (i) Write down the truth table for the required combinational logic function. (ii) Using a Karnaugh map, determine the simplified Boolean expression for the output S in terms of the inputs D3 to D0 in a minimum sum-of-products form. (iii) Describe what is meant by an essential term in a Karnaugh map. Write down the essential terms for the Karnaugh map in (ii). (iv) Using a Karnaugh map, this time determine the required simplified Boolean expression for the output S in a minimum product-of-sums form. [10 marks] The characteristics of the network described above, design a protocol for distributing this information across the network. You should specify the format of your messages and the size of any message fields Describe in detail both Prim's and Kruskal's algorithms for finding a minimum cost spanning tree of an undirected graph with edges labelled with positive costs, and explain why they are correct. [7 marks each] Compare the relative merits of the two algorithms. (c.b) In the process of using functional dependencies to normalise a schema, what is meant by a lossless join decomposition and how is such a decomposition guaranteed? [5 marks] (d.b) In schema normalisation, is Boyce-Codd Normal Form (BCNF) always to be preferred over 3rd Normal Form (3NF)? Explain your answer. [4 marks] 7 (TURN OVER) CST.2013.5.9 6 Economics, Law and Ethics (a.b) Describe the provisions of the Data Protection Act. [7 marks] (b.b) You are designing and are about to launch a mobile phone app which will seek to understand the emotional condition of the user, using multiple inputs such as motion sensing, facial expression recognition, voice stress measurement and the analysis of entered text. Its declared purpose is to enable services to interact more empathically with users. You propose to monetize it by serving ads at times when the user is more likely to buy.