Introduction to Information Assurance - F19

CSE 365

Assignment 1

Assignment 1 is due 9/9/19 on or before 11:59:59pm MST.

Part 1 (5 points)

Sign up for the course Piazza. We will know if you registered by your name and/or ASU ID. If we have any questions, we will contact you directly.

Part 2 — Secure this house (95 points)

Your goal is to write, in any language, a program which implements the given security policy. The security policy will be based on our in-class discussion of the security policy for a house.

The name of your house simulator will be called secure_house.

Policy

Only users with an authorized key can enter the house. To enter the house, the user must first put their key in the lock, then turn the lock, then enter the house, only if the key is valid. A house can be rekeyed with new keys only by the owner, and only if the owner is inside the house.

Firefighters can enter with the secret key (literal string) FIREFIGHTER_SECRET_KEY.

Interface

You must implement the following command-line interface for your server:

./secure_house <owner_name> <key_1> <key_2> ... <key_n>

where <owner_name> is the name of the owner, and <key_1> through <key_n> are all authorized keys for the house.

All inputs to the program (keys and names) will be [a-zA-Z0-9_\-] (alphanumeric, underscore, and dash). All matching is case-sensitive.

The input to your program (on standard input) will be a series of events separated by a newline. Your program must track these events and respond appropriately, while enforcing the security policy.

Every input will end in a newline, and every response must end in a newline.

INSERT KEY <user_name> <key>

<user_name> inserts key key into the door. Response should be: KEY <key> INSERTED BY <user_name>

TURN KEY <user_name>

<user_name> turns the key in the door. Possible responses are: SUCCESS <user_name> TURNS KEY <key> or FAILURE <user_name> UNABLE TO TURN KEY <key>

ENTER HOUSE <user_name>

<user_name> enters the house. Possible responses are: ACCESS DENIED or ACCESS ALLOWED.

WHO'S INSIDE?

Who is currently inside the house? Response should be a comma-separated list of user names, ordered by access time (earlier access first): <user_name_1>, <user_name_2>, <user_name_3>... or NOBODY HOME if there are no users in the house.

CHANGE LOCKS <user_name> <key_1> <key_2> ... <key_n>

<user_name> wishes to rekey the house with new given keys <key_1>, <key_2>, ..., <key_n>. Possible responses are: ACCESS DENIED or OK

LEAVE HOUSE <user_name>

<user_name> leaves the house. Possible responses are: OK or <user_name> NOT HERE

If any events are received that are not according to this specification, the response must be: ERROR.

Example

Running the program as follows:

./secure_house selina foobar

Given the input:

INSERT KEY adam key
TURN KEY adam
ENTER HOUSE adam
INSERT KEY pat foobar
TURN KEY pat
ENTER HOUSE pat
WHO'S INSIDE?

The program will produce the following output:

KEY key INSERTED BY adam
FAILURE adam UNABLE TO TURN KEY key
ACCESS DENIED
KEY foobar INSERTED BY pat
SUCCESS pat TURNS KEY foobar
ACCESS ALLOWED
pat

Implementation

Your program must work on Ubuntu 18.04 64-bit with the default packages installed. You’ll probably need to set up a virtual machine to do your development. VirtualBox is a free and open-source VM system.

If you wish to use packages that are not installed on Ubuntu 18.04 64-bit by default, please submit a file with your code entitled packages, with a list of packages that you would like installed before calling make. Each line of packages must be a valid package name, one package per line. The submission system will automatically install all the dependencies that the package lists.

For example, if you were going to write your assignment in Haskell, you could install the GHC compiler with the following packages file:

ghc
ghc-dynamic

We’ve created a test script called test.sh to help you test your program before submitting.

  1. Download test.sh to the directory where your code lives (including README and Makefile).
  2. Ensure that test.sh is executable: chmod +x test.sh
  3. Run: ./test.sh

There is also a test_debug.sh which you can use that gives you the output of your program. This can help you with debugging when the program appears to work from the command line, but not in the test.sh script (it’s happened before).

Submission Instructions

You will need to submit your source code, along with a Makefile and README. The Makefile must create your executable, called secure_house, when the command make is ran. Your README file must be plain text and should contain your name, ASU ID, and a description of how your program works.

A prior TA compiled some resources on how to write a Makefile which might be helpful:

Example Makefile

Please feel free to share your Makefile for different languages on the course piazza, and I’ll post some nice ones here.

Submission Site

Create an account to submit your assignment for all parts on the course submission site.