August 2000
SC223 : COMPUTER SECURITY

QUESTION 3

Total Marks: 15 Marks

• Question 1
• Question 2
• Question 4
• Question 5
• Cover Page

Click to access
SUGGESTED SOLUTIONS
for Question 3

(a) Physical, temporal, cryptographic and logical separation are four methods for separating one process from others. Give an example (not a description) of each method. [4]

(b) The recent ILOVEYOU virus distributed itself by reading a user’s address book and sending copies of itself as email attachments to addresses found there; it was activated by clicking on the attachment received.
(i) Why is this method of distribution very effective? [1]
(ii) What steps could be taken in the design of the operating system to
prevent such a distribution method? [2]
(iii) Why is this method of activation so successful? [1]
(iv) What steps could be taken to make activation of such viruses less likely? [2]

(c) When do we say a system is secure? What are the two basic methods by which the computer system security provides protection? Provide at least one example in each case. [5]