A. For each of the three papers:

1. Write a one-paragraph summary of the paper. 

2. Comment on one thing you think is particularly worth noting and/or discussing about the paper.

B. For two of the three papers:

1. Articulate three most interesting observations that you and/or the authors make about the paper.

2. Discuss the limitations of the models and analysis in the paper and their implication to the validity to the above observations.

B. Select two out of the following four questions to answer:

1. One recommended security practice is to use a separate VM for security critical applications such as online bank transactions. Do you take this practice? If not, why not? Why is this practice not broadly adopted?

2. One proposed security technology is PKI. What problems can PKI potentially help address? Why do you think PKI has not been more widely adopted?  

3. Whitelist has been recently proposed as a more effective approach than blacklist to address problems such as malware. Discuss why this may be the case. Do you think this approach will be broadly adopted in practice? Why?

4. Give one example of a security technology that you like but is not being adopted. Discuss why.

C. If you are a CISO at Google, given 10 million dollars budget, what would you do for its security? If you are a CISO at a small to medium sized company, given less than $500K budget, what would you do for its security?