CIS/CSE 774   -   Fall 2013

Information about Exam 2

General Overview

  • When: Thursday, October 31 in class.
  • How: Closed book, closed notes
    I will provide you with copies of the following figures from the text:
  • Coverage:
  • Everything from Exam 1, plus...
  • Identity-based and group-based policies
  • Authentication
  • Keys, certificates, trust topologies
  • Delegation
  • Short version: everything through HW 6

  • Types of Questions You Should Expect

    Note: I don't promise to ask only the following sorts of questions. However, if you can answer these sorts of questions, you should be in good shape.

  • When given a proposed axiom or inference rule, you should be able to determine whether or not it is sound. You should also be able to justify your answer, either by proving it sound or by constructing a particular Kripke structure and instance of the rule that demonstrates its lack of soundness.
  • When given a set of certificates, you should be able to formally derive whether a key is associated with a particular principal.
  • When given a description of a trust topology, you should be able to create a formal description of the certificates and trust relationships for the certification authorities.
  • When given a ``real life'' scenario that incorporates principals, certificates, delegation, and access control, you should be able to formally describe the scenario in the access-control logic and show how access-control decisions are made using the inference rules of the access-control logic.

  • For Some Practice

    The 2011 exam, and some sample solutions

    The Aftermath:

    The exam itself, plus sample solutions

    Last modified: Thu Nov 7 10:42:01 EST 2013
    Susan Older /