Homework Assignment 10

Several campus dining facilities use a computerized food ordering system that works as follows. When a customer walks in the door, he/she enters his/her order at a computer with a touch screen. The customer is then given a printed receipt with an order number that he/she can later use to find his/her food. The order is sent over a (completely isolated) local area network to the appropriate cook in the kitchen and to all of the cash registers. The customer is able to identify his/her food (for pick-up) because it is in an unsealed bag that has the order number printed on it. The order number on the container (not the printed receipt) is used by the cashier to collect payment.
1. Identify two vulnerabilities in this system. (Note: You must assume that the hardware, operating system, and network are secure.)
2. Identify two corrseponding threats or attacks.
The Global Positioning System (GPS) satellites (which are owned and operated by the U.S. government) transmit the time and a GPS receiver uses this information to determine its location using triangulation. One could "interfere with" this system by broadcasting incorrect times on the same frequencies.
1. What kind of vulnerability is this? That is, we discussed three categories of vulnerabilities. Which category does this vulnerability best fit? Justify your answer.
2. Describe a way in which encryption could be used to eliminate this vulnerability. (Do not be concerned with the type of encryption.)
3. Discuss the advantages and disadvantages of symmetric key encryption and public key encryption in this regard.