hw3_so_Securityl

hw3_so_Securityl - CSC474/574 Information Systems Security...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CSC474/574 Information Systems Security Homework 3 Solutions Sketch 1. (20 points) Consider a computer system with three users: Alice, Bob, and Cyndy. Alice owns the file alicerc, and Bob and Cyndy can read it. Cyndy can read and write Bob's file Bobrc, but Alice can only read it. Only Cyndy can read and write her file cyndyrc. Assume the owner of each of these files can execute it. a. (5 points) Create the corresponding access control matrix. b. (5 points) Use ACL to represent the access control policy specified in (a). c. (5 points) Use Capabilities to represent the access control policy specified in (a). d. (5 points) Cyndy gives Alice permission to read cyndyrc, and Alice removes Bob's ability to read alice rc. Show the new access control matrix. A) a. alicerc bobrc cyndyrc Alice {O,X} {R} --- Bob {R} {O, X} --- Cyndy {R} {R, W} {R, W, X, O} b. Acl(alicerc) = {(Alice, O), (Alice, X), (Bob, R), (Cyndy, R)} Acl(bobrc) = {(Alice, R), (Bob, O), (Bob, X), (Cyndy, R), (Cyndy, W)} Acl(cyndyrc) = {(Cyndy, R), (Cyndy, W), (Cyndy, X), (Cyndy, O)} c. Capability(Alice) = {(alicerc, {O}), (alicerc, {X}), (bobrc, {R}) } Capability(Bob) = {(alicerc, {R}), (bobrc, {O}), (bobrc, {X})} Capability(Cyndy) = {(alicerc, {R}), (bobrc, {R}), (bobrc, {W}), (cyndyrc, R), (cyndyrc, W), (cyndyrc, O), (cyndyrc, X)} d. alicerc bobrc cyndyrc Alice {O,X} {R} {R} Bob --- {O, X} --- Cyndy {R} {R, W} {R, W, X, O}
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2. (30 points) Consider two categories A and B. It is well known that MAC with four compartments can be constructed from these two categories. a. (10 points) Customize the RBAC0 model to implement the security policy
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 5

hw3_so_Securityl - CSC474/574 Information Systems Security...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online