This preview shows page 1. Sign up to view the full content.
Unformatted text preview: CIS 4360 Introduction to Computer Security – with answers Home Assignment 7, Fall 2011 Due: Tue 9:30pm, 11/1/2010 This concerns Security models . Examples taken from: Dieter Gollmann, Computer Security, 2nd Edition, John Wiley. 1. What does “ tranquility ” mean in the BLP model. Answer. The tranquility principle limits the applicability of BLP to systems where security levels do not change dy- namically. It allows controlled copying from high security levels to low security levels via trusted subjects. More specifically, the tranquility principle of the BLP model states that the classification of a subject or ob- ject does not change while it is being referenced. There are two forms to the tranquility principle: “strong tranquility” for which the security levels do not change during the normal operation of the system; “weak tranquility” for which the security levels may never change in such a way as to violate a defined security policy (of BLP). Weak tranquility is desirable as it allows systems to observe the principle of least privilege. That is,(of BLP)....
View Full Document
This document was uploaded on 12/04/2011.
- Fall '09
- Computer Security