Banking on Security

Overview

This assignment is about assembly, reverse engineering, security, privacy and trust. An earlier version of the assignment by Randal Bryant & David O'Hallaron (CMU), accessible here, used the framing story that students were defusing a ‘bomb’.

In order to better support the themes of privacy, security, and trust, we re-themed the assignment to cast students as security researchers examining the vulnerabilities of a SecureVault. As they do so, they also discover that aggregating datasets of information about the bank’s customers can lead to surprising discoveries about the customers – and invasions of their privacy. In a new section of the assignment, students explore differential privacy and the bank’s trust model.

The starter code is the project provided to students, with the omission of an example vault executable for reverse engineering. Nick and Julie recommend instead that instructors interested in replicating this assignment use the instructor tools from the CMU assignment to create their own executable: http://csapp.cs.cmu.edu/public/labs.html.

Contributors

  • Ethics materials by Kathleen Creel, Nick Troccoli, and Brynne Hurst
  • CS Assignment by Michael Chang & Julie Zelenski, based on assignment by Randal Bryant & David O'Hallaron (CMU). Modifications by Nick Troccoli, Brynne Hurst, Kathleen Creel and Jonathan Kula.

Assignment goals

Ethics goals

Download Links

Additional Readings for Context (Instructors or Students):

Download all