SST Introduction

21 jan. 2013
Tags: Python

This 2 hour lecture we got an introduction on why software secutiry is important (for the n-th time) and we assigned topics.

The most important part I got from the "motivation" lecture is how software security can be defined. Examples mentioned was the latest Java vulnerability affecting everyone using the browser plugin. Attackers break applications, not cryptoalgorithms (OWASP top 10), an article from "Dagbladet" of the Oslo water system having a password of "0-0-0-0", the airline Alitalia having a coupon to get 25% discount with a Japanese code giving a fixed amount instead of a percentage, attacking mobile smart phones to get into the 2nd factor authentication in online banking, hacking slaughter in Warcraft and the WhatsApp trouble.

During the assignment of topics, we performed several draws when more than one person wanted the same topic. I created this python program to assign topics automatically using a predefined priority list.

draw
size 3.1 KiB
sha256: 09a15b385a...fb166a3ca7

# -*- coding: utf-8 -*-

"""
Usage:

"topic" is assumed to be a (positive) integer
There must be equal to or more topics than wishes
Topics with lower numbers are prioritized when randomly selecting

List of student wishes ("students") in the format:
{"name": "<student-name>", "priority": [<int>, <int>, ... <int>]},

run: "python draw.py"

"""

import random

num_topics = 12
wishes = [
{"name": "Per", "priority": [2, 5, 8]},
{"name": "Ole", "priority": [3, 5, 2]},
{"name": "Hanna", "priority": [2, 8, 6, 7]},
{"name": "Ida", "priority": [2, 1, 7]},
{"name": "Odin", "priority": [3, 5, 2]},
{"name": "Trude", "priority": [5, 2, 1, 6, 8]},
{"name": "Kine", "priority": [5, 8, 6, 7]},
{"name": "Petter", "priority": [5, 1, 3]},
]

assignments = []
topics = []
topics.extend(range(1, num_topics + 1))

def random_int(first, last):
# return an integer including first and last
return random.randint(first, last)

def select_student(students):
number_students = len(students)
selected_student = random_int(1, number_students) - 1
return (students[selected_student])["name"]

def clean_up(student_name, topic):
# remove student from priority list
for s in wishes:
if s["name"] == student_name:
wishes.remove(s)

# remove priorities no longer available
# a new loop is necessary because order is changed when removing an item
for s in wishes:
priorities = s["priority"]
stripped_priorities = [x for x in priorities if x != topic]
s["priority"] = stripped_priorities

for s in wishes:
print("%s: %s") % (s["name"], s["priority"])

# remove available topics
topics.remove(topic)

def assign_topic(student_name, topic):
assignments.append({"student": student_name, "topic": topic})
print ("**** %s got %s") % (student_name, topic)

def priorities_left(students):
# find the frequency of wishes, using the highest priority
# return list of students and what topic they compete on
tmp = {}
for s in students:
try:
priority = s["priority"][0]
except:
priority = 0
if priority:
try:
tmp[priority] += 1
except:
tmp[priority] = 1
if tmp:
topic = (sorted(tmp.items(), key=lambda x: x[1])[0])[0]
tmp = []
for s in students:
try:
priority = s["priority"][0]
if priority == topic:
tmp.append(s)
except:
continue

return [tmp, topic]

else:
return 0

# loop trough all priorities by students
print "\nOriginal wishes:"
for s in wishes:
print("%s: %s") % (s["name"], s["priority"])
print "\n"

selection = priorities_left(wishes)
while selection:
student_name = select_student(selection[0])
topic = selection[1]

# add student to the assigned list
assign_topic(student_name, topic)

# -- clean up --
clean_up(student_name, topic)

# done, select next priority group
selection = priorities_left(wishes)

# randomly assign the remaining
print("\nNo more priorities, randomly assigning the rest")
print("Topics left: %s\n") % topics

while wishes:
student = select_student(wishes)
topic = topics[0]
assign_topic(student, topic)
clean_up(student, topic)

print("\n\n####### Results #######")
for a in assignments:
print ("%s got subject %s") % (a["student"], a["topic"])
print("\n")